From edd72f55f8e1f0326e6b8784a62924cdadd793e9 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Fri, 17 Nov 2017 20:57:56 +0200
Subject: [PATCH] OpenSSL: Debug message if requested AES key length is not
 supported

This makes it clearer why some AES operations fail especially with
BoringSSL where the 192-bit case is not supported.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---
 src/crypto/crypto_openssl.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 661f749b1..91201ca34 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -291,8 +291,11 @@ void * aes_encrypt_init(const u8 *key, size_t len)
 		return NULL;
 
 	type = aes_get_evp_cipher(len);
-	if (type == NULL)
+	if (!type) {
+		wpa_printf(MSG_INFO, "%s: Unsupported len=%u",
+			   __func__, (unsigned int) len);
 		return NULL;
+	}
 
 	ctx = EVP_CIPHER_CTX_new();
 	if (ctx == NULL)
@@ -345,8 +348,11 @@ void * aes_decrypt_init(const u8 *key, size_t len)
 		return NULL;
 
 	type = aes_get_evp_cipher(len);
-	if (type == NULL)
+	if (!type) {
+		wpa_printf(MSG_INFO, "%s: Unsupported len=%u",
+			   __func__, (unsigned int) len);
 		return NULL;
+	}
 
 	ctx = EVP_CIPHER_CTX_new();
 	if (ctx == NULL)