Unspecified behavior for RawAESKeyring for invalid input EC

[lavaleri]

It is possible for the RawAESKeyring to recieve an encryption context as input that is unable to be serialized. Because the RawAESKeyring needs to serialize the EC to use as AAD to the AES Encrypt/Decrypt operation, it is unclear what the correct behavior SHOULD/MUST be in this case.

This gets more complicated in in the OnDecrypt operation, as the EC only needs to be serialized if the keyring attempts decryption of a key.

In our current implementations we have the following behaviors:

• JS: If EC serialization fails while attempting to decrypt a key, continue and do not error
• C: Check if EC can be serialized prior to attempting any decryption (even if input edk list is empty). If it cannot be serialized then immediately return error code.

These implementations do not explicitly violate the spec as written (one can argue that the C one does by returning an error before checking the keys), however are still inconsistent. Update the spec to make it clear what the behavior should be in this case.