fix: update aes128 decrypt test for PKCS#7 padding validation

[AztecBot]

Summary

• The aes_encrypt_then_decrypt_with_bad_sym_key_is_caught test was failing because PR fix(aes128): validate PKCS#7 padding in decryptBufferCBC #22179 added PKCS#7 padding validation to the AES128 decrypt oracle.
• Previously, decrypting with the wrong key returned Some(garbage) — the test relied on MAC comparison to detect bad decryption.
• Now the oracle returns None when padding is invalid (which happens with wrong-key decryption), so the .unwrap() call panicked before reaching the MAC check.
• Updated the test to assert that try_aes128_decrypt returns None with a bad key, and updated the doc comment to reflect the new behavior.

Test plan

• nargo check compiles cleanly with no errors
• CI should pass the previously-failing oracle::aes128_decrypt::test::aes_encrypt_then_decrypt_with_bad_sym_key_is_caught test

ClaudeBox log: https://claudebox.work/s/4d7f4a8137228683?run=1

[spypsy]

closing in favour of #22179