Better error handling in encrypt_ctx_init() and encrypt_ctx_setup_iv()
Some calls to encrypt_ctx_init() and encrypt_ctx_setup_iv() asserts
their return code that it cannot be EINVAL. But the OpenSSL functions
there (namely EVP_CIPHER_CTX_set_key_length() and EVP_CIPHER_CTX_ctrl)
can fail because of other reasons. Handle this properly.
Side effect of this change is that while setting wrong IVLEN for CCM
it's impossible to distinguish error codes, as OpenSSL does not set
them in most cases. Handle this internally.
Change-Id: Ib82871c8f4bf348c9ff4b90467886edcc19f6f9e