From: Igor Ustinov <igus@openssl.foundation>
Date: Tue, 14 Apr 2026 14:39:38 +0000 (+0200)
Subject: The EVP_PKEY_Q_keygen function now explicitly handles NULL curve name
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=18472994f065cfca14d53a9bb62ce0fe077bba20;p=thirdparty%2Fopenssl.git

The EVP_PKEY_Q_keygen function now explicitly handles NULL curve name

It errors out with ERR_R_PASSED_NULL_PARAMETER in such case.

Reviewed-by: Matt Caswell <matt@openssl.foundation>
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Wed May  6 16:47:55 2026
(Merged from https://github.com/openssl/openssl/pull/30597)
---

diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 35719410b91..dee8137ec4f 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -1029,6 +1029,10 @@ EVP_PKEY *EVP_PKEY_Q_keygen(OSSL_LIB_CTX *libctx, const char *propq,
         params[0] = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_RSA_BITS, &bits);
     } else if (OPENSSL_strcasecmp(type, "EC") == 0) {
         name = va_arg(args, char *);
+        if (name == NULL) {
+            ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
+            return NULL;
+        }
         params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
             name, 0);
     }