Fix undefined behaviour of AES cipher

[mahairod]

Fix undefined behaviour of AES cipher

[monich]

Are you sure that AES_set_encrypt_key can possibly fail here? AFAICT the only reason for the failure is the wrong key size but it can't be wrong because the size is checked when the key gets created.

[mahairod]

Are you sure that AES_set_encrypt_key can possibly fail here? AFAICT the only reason for the failure is the wrong key size but it can't be wrong because the size is checked when the key gets created.

As I said earlier in foil repo, this can happen (to be exact: should happen) if your libcrypto implementation behaves very strangely. For example if it does not behave at all, because it was not loaded.

[monich]

OK, if you're sure that this can happen, then the next question - how this can happen. Ideally, I'd prefer a test case added to test_cipher_aes demonstrating the failure and the recovery. foil_openssl_cipher_aes_decrypt.c has 100% test coverage and I'd like to keep it that way.

I actually tried to write a test case myself but couldn't find a way to reproduce this failure.

[mahairod]

OK, if you're sure that this can happen, then the next question - how this can happen. Ideally, I'd prefer a test case added to test_cipher_aes demonstrating the failure and the recovery. foil_openssl_cipher_aes_decrypt.c has 100% test coverage and I'd like to keep it that way.

I actually tried to write a test case myself but couldn't find a way to reproduce this failure.

Very simple case: remove libcypto: mv /usr/lib64/libcrypto.so.10 /usr/lib64/libcrypto.so.10_; mv /usr/lib64/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1_

To be clear: the reason we should check error here is your unwillingness to fail fast during loading libcrypto. If libcrypto is not loaded AND you terminate app as a consequence this check is not neseccary. But you prefer to treat fatal loading errors as warnings.