Fixes for SP

More places to mask shifted n.
Fix conditional check on NO_3072 in sp_int.h
Disable prime checking when using SP maths.
Add support for mp_tohex to SP maths.
Fix wolfmath.c to support including SP maths.

wolfcrypt/src/dh.c

@@ -1974,6 +1974,7 @@ static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
             keyP = &key->p;
     }
 
+#ifndef WOLFSSL_SP_MATH
     if (ret == 0 && !trusted) {
         int isPrime = 0;
         if (rng != NULL)
@@ -1984,6 +1985,10 @@ static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
         if (ret == 0 && isPrime == 0)
             ret = DH_CHECK_PUB_E;
     }
+#else
+    (void)trusted;
+    (void)rng;
+#endif
 
     if (ret == 0 && mp_init(&key->g) != MP_OKAY)
         ret = MP_INIT_E;

wolfcrypt/src/sp_c32.c

@@ -5363,7 +5363,7 @@ static int sp_3072_mod_exp_68(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
             n |= e[i--] << (9 - c);
             c += 23;
         }
-        y = n >> 27;
+        y = (n >> 27) & 0x1f;
         n <<= 5;
         c -= 5;
         XMEMCPY(rt, t[y], sizeof(rt));
@@ -6387,7 +6387,7 @@ static int sp_3072_mod_exp_136(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
             n |= e[i--] << (9 - c);
             c += 23;
         }
-        y = n >> 27;
+        y = (n >> 27) & 0x1f;
         n <<= 5;
         c -= 5;
         XMEMCPY(rt, t[y], sizeof(rt));

wolfcrypt/src/sp_c64.c

@@ -4999,7 +4999,7 @@ static int sp_3072_mod_exp_27(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
             n |= e[i--] << (7 - c);
             c += 57;
         }
-        y = n >> 59;
+        y = (n >> 59) & 0x1f;
         n <<= 5;
         c -= 5;
         XMEMCPY(rt, t[y], sizeof(rt));
@@ -5824,7 +5824,7 @@ static int sp_3072_mod_exp_54(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
             n |= e[i--] << (7 - c);
             c += 57;
         }
-        y = n >> 59;
+        y = (n >> 59) & 0x1f;
         n <<= 5;
         c -= 5;
         XMEMCPY(rt, t[y], sizeof(rt));

wolfcrypt/src/sp_int.c

@@ -649,6 +649,47 @@ int sp_set_int(sp_int* a, unsigned long b)
 }
 #endif
 
+#ifdef WC_MP_TO_RADIX
+/* Hex string characters. */
+static const char sp_hex_char[16] = {
+    '0', '1', '2', '3', '4', '5', '6', '7',
+    '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'
+};
+
+/* Put the hex string version, big-endian, of a in str.
+ *
+ * a    SP integer.
+ * str  Hex string is stored here.
+ * returns MP_OKAY always.
+ */
+int sp_tohex(sp_int* a, char* str)
+{
+    int i, j;
+
+    /* quick out if its zero */
+    if (sp_iszero(a) == MP_YES) {
+        *str++ = '0';
+        *str = '\0';
+        return MP_OKAY;
+    }
+
+    i = a->used - 1;
+    for (j = SP_WORD_SIZE - 4; j >= 0; j -= 4) {
+        if (((a->dp[i] >> j) & 0xf) != 0)
+            break;
+    }
+    for (; j >= 0; j -= 4)
+        *(str++) = sp_hex_char[(a->dp[i] >> j) & 0xf];
+    for (--i; i >= 0; i--) {
+        for (j = SP_WORD_SIZE - 4; j >= 0; j -= 4)
+            *(str++) = sp_hex_char[(a->dp[i] >> j) & 0xf];
+    }
+    *str = '\0';
+
+    return MP_OKAY;
+}
+#endif
+
 #if !defined(USE_FAST_MATH)
 /* Returns the run time settings.
  *

wolfcrypt/src/wolfmath.c

@@ -29,11 +29,7 @@
 /* in case user set USE_FAST_MATH there */
 #include <wolfssl/wolfcrypt/settings.h>
 
-#ifdef USE_FAST_MATH
-    #include <wolfssl/wolfcrypt/tfm.h>
-#else
-    #include <wolfssl/wolfcrypt/integer.h>
-#endif
+#include <wolfssl/wolfcrypt/integer.h>
 
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>

wolfssl/wolfcrypt/sp_int.h

@@ -94,7 +94,7 @@
     #else
         #define SP_INT_DIGITS        ((256 + SP_WORD_SIZE) / SP_WORD_SIZE)
     #endif
-#elif !defined(WOLFSSL_SP_NO_3072)
+#elif defined(WOLFSSL_SP_NO_3072)
     #define SP_INT_DIGITS        ((2048 + SP_WORD_SIZE) / SP_WORD_SIZE)
 #else
     #define SP_INT_DIGITS        ((3072 + SP_WORD_SIZE) / SP_WORD_SIZE)
@@ -134,6 +134,7 @@ MP_API int sp_add_d(sp_int* a, sp_int_digit d, sp_int* r);
 MP_API int sp_lshd(sp_int* a, int s);
 MP_API int sp_add(sp_int* a, sp_int* b, sp_int* r);
 MP_API int sp_set_int(sp_int* a, unsigned long b);
+MP_API int sp_tohex(sp_int* a, char* str);
 
 typedef sp_int mp_int;
 typedef sp_digit mp_digit;
@@ -182,6 +183,7 @@ typedef sp_digit mp_digit;
 #define mp_add                  sp_add
 #define mp_isodd                sp_isodd
 #define mp_set_int              sp_set_int
+#define mp_tohex                sp_tohex
 
 #define MP_INT_DEFINED