From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Fri, 17 Nov 2017 18:57:56 +0000 (+0200)
Subject: OpenSSL: Debug message if requested AES key length is not supported
X-Git-Tag: hostap_2_7~836
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=edd72f55f8e1f0326e6b8784a62924cdadd793e9;p=thirdparty%2Fhostap.git

OpenSSL: Debug message if requested AES key length is not supported

This makes it clearer why some AES operations fail especially with
BoringSSL where the 192-bit case is not supported.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 661f749b1..91201ca34 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -291,8 +291,11 @@ void * aes_encrypt_init(const u8 *key, size_t len)
 		return NULL;
 
 	type = aes_get_evp_cipher(len);
-	if (type == NULL)
+	if (!type) {
+		wpa_printf(MSG_INFO, "%s: Unsupported len=%u",
+			   __func__, (unsigned int) len);
 		return NULL;
+	}
 
 	ctx = EVP_CIPHER_CTX_new();
 	if (ctx == NULL)
@@ -345,8 +348,11 @@ void * aes_decrypt_init(const u8 *key, size_t len)
 		return NULL;
 
 	type = aes_get_evp_cipher(len);
-	if (type == NULL)
+	if (!type) {
+		wpa_printf(MSG_INFO, "%s: Unsupported len=%u",
+			   __func__, (unsigned int) len);
 		return NULL;
+	}
 
 	ctx = EVP_CIPHER_CTX_new();
 	if (ctx == NULL)