From 91f66fb9c0487e77601a73ca843448ebaa67b03e Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Fri, 24 Apr 2026 12:22:14 -0500 Subject: [PATCH] tests/api/test_pkcs7.c: in test_wc_PKCS7_BER(), in expected-failure wc_PKCS7_DecodeEnvelopedData() in WOLFSSL_SP_MATH build, allow failure with either WC_KEY_SIZE_E or BUFFER_E, to accommodate blinding added by #10128 / 589feabc0c. --- tests/api/test_pkcs7.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tests/api/test_pkcs7.c b/tests/api/test_pkcs7.c index 69b4631605..6d033b15d0 100644 --- a/tests/api/test_pkcs7.c +++ b/tests/api/test_pkcs7.c @@ -4577,8 +4577,12 @@ int test_wc_PKCS7_BER(void) } #ifndef NO_RSA #ifdef WOLFSSL_SP_MATH - ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent, - sizeof(berContent), decoded, sizeof(decoded)), WC_NO_ERR_TRACE(WC_KEY_SIZE_E)); + if (EXPECT_SUCCESS()) { + ret = wc_PKCS7_DecodeEnvelopedData( + pkcs7, berContent, sizeof(berContent), decoded, sizeof(decoded)); + ExpectTrue((ret == WC_NO_ERR_TRACE(WC_KEY_SIZE_E)) || + (ret == WC_NO_ERR_TRACE(BUFFER_E))); + } #else ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent, sizeof(berContent), decoded, sizeof(decoded)), 0);