mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 21:10:49 +02:00
a79c7044da
test_wc_RsaDecisionCoverage decrypted an OAEP-SHA256 cipher text as PKCS#1 v1.5 and asserted it must return < 0. That is flaky: v1.5 decrypt-unpadding of the random OAEP plaintext spuriously "succeeds" whenever byte[1] lands on 0x02 with a valid 0x00 separator after >=8 nonzero bytes -- a few-percent-per-run coin flip, and a fresh random key is generated each run. It surfaced as intermittent make-check failures (e.g. "result: 36 >= 0", "140 >= 0") on PR CI. Replace it with a deterministic padding-mismatch: decrypt the (no-label) OAEP cipher text as OAEP with a non-empty label. OAEP authenticates the label via lHash, so a label mismatch fails the integrity check every time, still exercising the padding-mismatch decision branch in rsa.c. Verified locally by looping test_wc_RsaDecisionCoverage 150x in an OAEP+SHA256 build: old assertion failed 2/150, new assertion 0/150.
Before creating any new configure files (.conf) read the CONF_FILES_README.md