diff --git a/lib/setup.c b/lib/setup.c
index 70452940..ec9d2669 100644
--- a/lib/setup.c
+++ b/lib/setup.c
@@ -4634,7 +4634,8 @@ const char *crypt_keyslot_get_encryption(struct crypt_device *cd, int keyslot, s
 	cipher =  LUKS2_get_cipher(&cd->u.luks2.hdr, CRYPT_DEFAULT_SEGMENT);
 	if (!LUKS2_keyslot_cipher_incompatible(cd, cipher)) {
 		*key_size = crypt_get_volume_key_size(cd);
-		return cipher;
+		if (*key_size)
+			return cipher;
 	}
 
 	/* Fallback to default LUKS2 keyslot encryption */
diff --git a/tests/api-test-2.c b/tests/api-test-2.c
index c5d03204..e0bb2487 100644
--- a/tests/api-test-2.c
+++ b/tests/api-test-2.c
@@ -916,6 +916,25 @@ static void AddDeviceLuks2(void)
 	FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key3, key_size, 0), "VK doesn't match any digest assigned to segment 0");
 	crypt_free(cd);
 
+	/*
+	 * Check regression in getting keyslot encryption parameters when
+	 * volume key size is unknown (no active keyslots).
+	 */
+	if (!_fips_mode) {
+		OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
+		crypt_set_iteration_time(cd, 1);
+		OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
+		EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
+		/* drop context copy of volume key */
+		crypt_free(cd);
+		OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
+		OK_(crypt_load(cd, CRYPT_LUKS, NULL));
+		EQ_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
+		OK_(crypt_keyslot_destroy(cd, 0));
+		EQ_(crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
+		crypt_free(cd);
+	}
+
 	_cleanup_dmdevices();
 }