return an error if the supplied precomputed values lead to an invalid signature

crypto/ecdsa/ecdsa.h

@@ -248,6 +248,7 @@ void ERR_load_ECDSA_strings(void);
 #define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 101
 #define ECDSA_R_ERR_EC_LIB				 102
 #define ECDSA_R_MISSING_PARAMETERS			 103
+#define ECDSA_R_NEED_NEW_SETUP_VALUES			 106
 #define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED		 104
 #define ECDSA_R_SIGNATURE_MALLOC_FAILED			 105
 

crypto/ecdsa/ecs_err.c

@@ -70,7 +70,7 @@
 
 static ERR_STRING_DATA ECDSA_str_functs[]=
 	{
-{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD),	"ECDSA_DATA_new_method"},
+{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD),	"ECDSA_DATA_NEW_METHOD"},
 {ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN),	"ECDSA_do_sign"},
 {ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY),	"ECDSA_do_verify"},
 {ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP),	"ECDSA_sign_setup"},
@@ -83,6 +83,7 @@ static ERR_STRING_DATA ECDSA_str_reasons[]=
 {ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
 {ERR_REASON(ECDSA_R_ERR_EC_LIB)          ,"err ec lib"},
 {ERR_REASON(ECDSA_R_MISSING_PARAMETERS)  ,"missing parameters"},
+{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES),"need new setup values"},
 {ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),"random number generation failed"},
 {ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED),"signature malloc failed"},
 {0,NULL}

crypto/ecdsa/ecs_ossl.c

@@ -299,8 +299,21 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
 		}
+		if (BN_is_zero(s))
+		{
+			/* if kinv and r have been supplied by the caller
+			 * don't to generate new kinv and r values */
+			if (in_kinv != NULL && in_r != NULL)
+			{
+				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
+				goto err;
 			}
-	while (BN_is_zero(s));
+		}
+		else
+			/* s != 0 => we have a valid signature */
+			break;
+	}
+	while (1);
 
 	ok = 1;
 err: