Add unit test for VerifyMac

[yosuke-wolfssl]

This PR adds the unit test that injects a packet with a corrupted MAC (e.g., flip one byte in the MAC region of a captured packet buffer) and verify that DoReceive returns WS_FATAL_ERROR with ssh->error == WS_VERIFY_MAC_E.
We can't call VerifyMac() directly because it's static function in src/internal.c.
That's why I introduced wolfSSH_TestDoReceive() under the WOLFSSH_TEST_INTERNAL guard so that this would be compiled for tests only.

[Copilot]

Pull request overview

This PR adds coverage for the MAC verification failure path by injecting a packet with a deliberately corrupted MAC and asserting DoReceive() fails with WS_FATAL_ERROR and ssh->error == WS_VERIFY_MAC_E. To make DoReceive() callable from tests without exposing internal static helpers, it introduces a test-only wrapper function guarded by WOLFSSH_TEST_INTERNAL.

Changes:

• Add wolfSSH_TestDoReceive() (guarded by WOLFSSH_TEST_INTERNAL) as a test-only entrypoint to DoReceive().
• Add a unit test that builds a minimal SSH packet, computes its MAC, flips a MAC byte, and validates the expected failure.
• Update the unit test build to compile/link against the libwolfssh_test.la convenience library with -DWOLFSSH_TEST_INTERNAL.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
wolfssh/internal.h	Declares the new test-only wolfSSH_TestDoReceive() API under WOLFSSH_TEST_INTERNAL.
src/internal.c	Implements wolfSSH_TestDoReceive() as a thin wrapper around DoReceive().
tests/unit.c	Adds the corrupted-MAC unit test and wires it into the unit test runner.
tests/include.am	Builds unit tests with WOLFSSH_TEST_INTERNAL and links them against src/libwolfssh_test.la.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.