diff --git a/crypto/key.go b/crypto/key.go
index f021a0e9e70492f1ac5a648642f0702b658660db..cad23dd47dae971f51ae6d4411f600043313b7c3 100644
--- a/crypto/key.go
+++ b/crypto/key.go
@@ -143,6 +143,8 @@ func GenerateEKeyPair(curveName string) ([]byte, GenSharedKey, error) {
 		curve = elliptic.P384()
 	case "P-521":
 		curve = elliptic.P521()
+	default:
+		return nil, nil, fmt.Errorf("unknown curve name")
 	}
 
 	priv, x, y, err := elliptic.GenerateKey(curve, rand.Reader)
diff --git a/crypto/key_test.go b/crypto/key_test.go
index 2a5e89a8c2a6ba83ea629e7ea39f2a8d055a6abb..0b25432d7c3c042e50ce960a7a43201b30fc8a35 100644
--- a/crypto/key_test.go
+++ b/crypto/key_test.go
@@ -145,3 +145,15 @@ func (pk testkey) Raw() ([]byte, error) {
 func (pk testkey) Equals(k Key) bool {
 	return KeyEqual(pk, k)
 }
+
+func TestUnknownCurveErrors(t *testing.T) {
+	_, _, err := GenerateEKeyPair("P-256")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, _, err = GenerateEKeyPair("error-please")
+	if err == nil {
+		t.Fatal("expected invalid key type to error")
+	}
+}