diff --git a/crypto/ecdsa/ecdsa.c b/crypto/ecdsa/ecdsa.c
index 5df494e3..99b11775 100644
--- a/crypto/ecdsa/ecdsa.c
+++ b/crypto/ecdsa/ecdsa.c
@@ -175,7 +175,6 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len,
       BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) ||
       BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) {
     OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE);
-    ret = 0; /* signature is invalid */
     goto err;
   }
   /* calculate tmp1 = inv(S) mod order */
@@ -216,7 +215,12 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len,
     goto err;
   }
   /* if the signature is correct u1 is equal to sig->r */
-  ret = (BN_ucmp(u1, sig->r) == 0);
+  if (BN_ucmp(u1, sig->r) != 0) {
+    OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE);
+    goto err;
+  }
+
+  ret = 1;
 
 err:
   BN_CTX_end(ctx);
diff --git a/crypto/evp/evp_tests.txt b/crypto/evp/evp_tests.txt
index 9f696642..d6b3beb7 100644
--- a/crypto/evp/evp_tests.txt
+++ b/crypto/evp/evp_tests.txt
@@ -463,39 +463,34 @@ Verify = P-256
 Digest = SHA1
 Input = "0123456789ABCDEF12345"
 Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
-Error = public key routines
+Error = BAD_SIGNATURE
 
 # Digest too short
 Verify = P-256
 Digest = SHA1
 Input = "0123456789ABCDEF123"
 Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
-Error = public key routines
+Error = BAD_SIGNATURE
 
 # Digest invalid
 Verify = P-256
 Digest = SHA1
 Input = "0123456789ABCDEF1235"
 Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
-Error = public key routines
+Error = BAD_SIGNATURE
 
 # Invalid signature
 Verify = P-256
 Digest = SHA1
 Input = "0123456789ABCDEF1234"
 Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec7
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
-Error = public key routines
+Error = BAD_SIGNATURE
 
 # Garbage after signature
 Verify = P-256
 Digest = SHA1
 Input = "0123456789ABCDEF1234"
 Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
 Error = BAD_SIGNATURE
 
 # BER signature