diff --git a/src/crypto/crypto_ec.cc b/src/crypto/crypto_ec.cc
index 836a5072174e5d..b97670b54a62fc 100644
--- a/src/crypto/crypto_ec.cc
+++ b/src/crypto/crypto_ec.cc
@@ -15,6 +15,8 @@
 #include <openssl/ec.h>
 #include <openssl/ecdh.h>
 
+#include <algorithm>
+
 namespace node {
 
 using v8::Array;
@@ -959,19 +961,22 @@ ByteSource ConvertToWebCryptoSignature(
         return ByteSource();
 
       DSA_SIG_get0(dsasig.get(), &pr, &ps);
-      len = BN_num_bytes(pr);
+      len = std::max(BN_num_bytes(pr), BN_num_bytes(ps));
     }
   }
 
   CHECK_GT(len, 0);
 
   char* outdata = MallocOpenSSL<char>(len * 2);
+  memset(outdata, 0, len * 2);
   ByteSource out = ByteSource::Allocated(outdata, len * 2);
   unsigned char* ptr = reinterpret_cast<unsigned char*>(outdata);
 
-  if (!BN_bn2binpad(pr, ptr, len) || !BN_bn2binpad(ps, ptr + len, len)) {
+  if (BN_bn2binpad(pr, ptr, len) <= 0 ||
+    BN_bn2binpad(ps, ptr + len, len) <= 0) {
     return ByteSource();
   }
+
   return out;
 }
 
diff --git a/test/parallel/test-crypto-async-sign-verify.js b/test/parallel/test-crypto-async-sign-verify.js
index d5a90adae6b06e..4980c87673bdb5 100644
--- a/test/parallel/test-crypto-async-sign-verify.js
+++ b/test/parallel/test-crypto-async-sign-verify.js
@@ -98,11 +98,11 @@ test('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', false,
      { dsaEncoding: 'ieee-p1363' });
 
 // DSA w/ der signature encoding
-test('dsa_public_1025.pem', 'dsa_private_1025.pem', 'sha256',
+test('dsa_public.pem', 'dsa_private.pem', 'sha256',
      false);
-test('dsa_public_1025.pem', 'dsa_private_1025.pem', 'sha256',
+test('dsa_public.pem', 'dsa_private.pem', 'sha256',
      false, { dsaEncoding: 'der' });
 
 // DSA w/ ieee-p1363 signature encoding
-test('dsa_public_1025.pem', 'dsa_private_1025.pem', 'sha256', false,
+test('dsa_public.pem', 'dsa_private.pem', 'sha256', false,
      { dsaEncoding: 'ieee-p1363' });