Commit 53cf8b97ba for openssl.org
commit 53cf8b97ba00256c8438ed0bc194300508d31b3e
Author: Igor Ustinov <igus@openssl.foundation>
Date: Tue Apr 14 16:55:02 2026 +0200
Moved the EVP_EC_gen macro to evp.h
Also fixed the potential NULL pointer dereference in this macro.
Reviewed-by: Matt Caswell <matt@openssl.foundation>
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Wed May 6 16:47:58 2026
(Merged from https://github.com/openssl/openssl/pull/30597)
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 8a87704e52..2119a9b85f 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -20,8 +20,6 @@
#include <openssl/opensslconf.h>
#include <openssl/types.h>
-#include <string.h>
-
#ifdef __cplusplus
extern "C" {
#endif
@@ -1550,8 +1548,6 @@ OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth,
EC_KEY *eckey));
#endif /* OPENSSL_NO_DEPRECATED_3_0 */
-#define EVP_EC_gen(curve) \
- EVP_PKEY_Q_keygen(NULL, NULL, "EC", (char *)(strstr(curve, "")))
/* strstr is used to enable type checking for the variadic string arg */
#define ECParameters_dup(x) ASN1_dup_of(EC_KEY, i2d_ECParameters, \
d2i_ECParameters, x)
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 91cec28fe8..e901906418 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -17,6 +17,7 @@
#endif
#include <stdarg.h>
+#include <string.h>
#ifndef OPENSSL_NO_STDIO
#include <stdio.h>
@@ -1945,6 +1946,16 @@ const char *EVP_SKEY_get0_provider_name(const EVP_SKEY *skey);
EVP_SKEY *EVP_SKEY_to_provider(EVP_SKEY *skey, OSSL_LIB_CTX *libctx,
OSSL_PROVIDER *prov, const char *propquery);
+/*
+ * The seemingly redundant expression (char *)(strstr(curve, "")) serves to
+ * cast const char * to char *, while avoiding accidental casting of improper
+ * (non-string) types.
+ * The direct cast of the result of strstr() to char * is necessary in C++,
+ * where strstr can return const char *.
+ */
+#define EVP_EC_gen(curve) \
+ EVP_PKEY_Q_keygen(NULL, NULL, "EC", \
+ (curve) ? (char *)(strstr(curve, "")) : NULL)
int EVP_EC_affine2oct(const BIGNUM *x, const BIGNUM *y, size_t field_len,
unsigned char **pbuf, size_t *pbsize);