From: Igor Ustinov <igus@openssl.foundation>
Date: Tue, 14 Apr 2026 14:55:02 +0000 (+0200)
Subject: Moved the EVP_EC_gen macro to evp.h
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=53cf8b97ba00256c8438ed0bc194300508d31b3e;p=thirdparty%2Fopenssl.git

Moved the EVP_EC_gen macro to evp.h

Also fixed the potential NULL pointer dereference in this macro.

Reviewed-by: Matt Caswell <matt@openssl.foundation>
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Wed May  6 16:47:58 2026
(Merged from https://github.com/openssl/openssl/pull/30597)
---

diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 8a87704e527..2119a9b85f0 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -20,8 +20,6 @@
 #include <openssl/opensslconf.h>
 #include <openssl/types.h>
 
-#include <string.h>
-
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -1550,8 +1548,6 @@ OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth,
         EC_KEY *eckey));
 #endif /* OPENSSL_NO_DEPRECATED_3_0 */
 
-#define EVP_EC_gen(curve) \
-    EVP_PKEY_Q_keygen(NULL, NULL, "EC", (char *)(strstr(curve, "")))
 /* strstr is used to enable type checking for the variadic string arg */
 #define ECParameters_dup(x) ASN1_dup_of(EC_KEY, i2d_ECParameters, \
     d2i_ECParameters, x)
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 91cec28fe8f..e9019064186 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -17,6 +17,7 @@
 #endif
 
 #include <stdarg.h>
+#include <string.h>
 
 #ifndef OPENSSL_NO_STDIO
 #include <stdio.h>
@@ -1945,6 +1946,16 @@ const char *EVP_SKEY_get0_provider_name(const EVP_SKEY *skey);
 EVP_SKEY *EVP_SKEY_to_provider(EVP_SKEY *skey, OSSL_LIB_CTX *libctx,
     OSSL_PROVIDER *prov, const char *propquery);
 
+/*
+ * The seemingly redundant expression (char *)(strstr(curve, "")) serves to
+ * cast const char * to char *, while avoiding accidental casting of improper
+ * (non-string) types.
+ * The direct cast of the result of strstr() to char * is necessary in C++,
+ * where strstr can return const char *.
+ */
+#define EVP_EC_gen(curve)               \
+    EVP_PKEY_Q_keygen(NULL, NULL, "EC", \
+        (curve) ? (char *)(strstr(curve, "")) : NULL)
 int EVP_EC_affine2oct(const BIGNUM *x, const BIGNUM *y, size_t field_len,
     unsigned char **pbuf, size_t *pbsize);