--- a/src/lib-dcrypt/dcrypt-openssl.c	Fri Oct 14 13:48:41 2016 +0300
+++ b/src/lib-dcrypt/dcrypt-openssl.c	Fri Oct 14 15:28:32 2016 +0300
@@ -729,6 +729,7 @@
 bool dcrypt_openssl_generate_keypair(struct dcrypt_keypair *pair_r, enum dcrypt_key_type kind, unsigned int bits, const char *curve, const char **error_r)
 {
 	EVP_PKEY *pkey = NULL;
+	memset(pair_r, 0, sizeof(struct dcrypt_keypair));
 	if (kind == DCRYPT_KEY_RSA) {
 		if (dcrypt_openssl_generate_rsa_key(bits, &pkey, error_r)) {
 			pair_r->priv = i_new(struct dcrypt_private_key, 1);

--- a/src/lib-dcrypt/test-crypto.c	Fri Oct 14 13:48:41 2016 +0300
+++ b/src/lib-dcrypt/test-crypto.c	Fri Oct 14 15:28:32 2016 +0300
@@ -636,6 +636,7 @@
 	test_begin("test_get_info_pw_encrypted");
 
 	struct dcrypt_keypair p1;
+	memset(&p1, 0, sizeof(p1));
 	const char *error;
 	bool ret = dcrypt_keypair_generate(&p1, DCRYPT_KEY_EC, 0, "sect571k1", &error);
 	test_assert(ret == TRUE);