* fix overallocation in WC_DECLARE_ARRAY() macro in the !WOLFSSL_SMALL_STACK path.
* rename WC_INIT_ARRAY() to WC_ALLOC_ARRAY() for clarity (it doesn't initialize any memory).
* rename WC_DECLARE_ARRAY_DYNAMIC_DEC(), WC_DECLARE_ARRAY_DYNAMIC_EXE(), and WC_FREE_ARRAY_DYNAMIC() to WC_DECLARE_HEAP_ARRAY(), WC_ALLOC_HEAP_ARRAY(), and WC_FREE_HEAP_ARRAY(), respectively, also for clarity, and refactor out the duplicate definitions.
* add WC_ALLOC_VAR(), and move the XMALLOC() in smallstack WC_DECLARE_VAR() into it. smallstack WC_DECLARE_VAR() now initializes the pointer to NULL, like smallstack WC_DECLARE_ARRAY(), assuring all pointers are valid upon shortcircuit to cleanup for a failed allocation (see WC_ALLOC_DO_ON_FAILURE below).
* add a new hook "WC_ALLOC_DO_ON_FAILURE" in WC_ALLOC_VAR(), WC_ALLOC_ARRAY(), and WC_DECLARE_ARRAY_DYNAMIC_EXE(), which is invoked when an allocation fails. by default the hook is defined to WC_DO_NOTHING.
* add basic safety to WC_*_HEAP_ARRAY() by recording/detecting allocation state via idx##VAR_NAME.
* add macros WC_ARRAY_OK() and WC_HEAP_ARRAY_OK() to test if allocation succeeded.
* add macros WC_CALLOC_ARRAY() and WC_CALLOC_HEAP_ARRAY() which zero the objects.
* add macro WC_CALLOC_VAR() which zeros the object.
ED448: smallstack refactor of ge448_scalarmult_base().
src/tls.c tests/api.c wolfcrypt/test/test.c: update WC_DECLARE_VAR()s with now-required matching WC_ALLOC_VAR()s.
wolfcrypt/benchmark/benchmark.c:
* no functional changes in default error-free behavior.
* add definition of WC_ALLOC_DO_ON_FAILURE() that prints error message, sets ret, and does goto exit.
* add BENCH_NTIMES and BENCH_AGREETIMES overrideeable macros, to allow fast sanitizer runs and slow high-precision runs.
* smallstack refactor of all declarations of stack arrays of the form foo[BENCH_MAX_PENDING], using WC_DECLARE_ARRAY() (35 in all).
* additional smallstack refactors, using WC_DECLARE_VAR(), for bench_aesxts(), bench_ed448KeyGen(), bench_eccsi*(), and bench_sakke*().
* fixes for various unhandled error conditions around malloc failures.
wolfcrypt/test/test.c: opportunistically constify several (42) static constants, moving them to the readonly data segment.
linuxkm/Makefile: if ENABLED_LINUXKM_BENCHMARKS, add wolfcrypt/benchmark/benchmark.o to WOLFSSL_OBJ_FILES.
linuxkm/Kbuild: enable FPU for benchmark.o, and remove enablement for module_hooks.o.
linuxkm/module_hooks.c: remove inline include of benchmark.c.
* tls: negotiate until hs is complete in wolfSSL_read/wolfSSL_write
Don't rely on ssl->options.handShakeSate == HANDSHAKE_DONE to check if
negotiation is needed. wolfSSL_Connect() or wolfSSL_Accept() job may not yet be
completed and/or some messages may be waiting in the buffer because of
non-blocking I/O.
* tests: test case for handshake with wolfSSL_read()/wolfSSL_write()
* doc: clarify wolfSSL_write()
* internal.c: rename: need_negotiate -> ssl_in_handshake
In non-debug compilation, RsaFunctionCheckIn may be inlined.
The function operates on the input - value to exponentiate.
Constant time testing excludes all operations in this function.
1. The ASN.1 parser wasn't handling the OCSP response correctly when
there was a revocation reason included in the response. The encoded
reason value is constructed, and was getting marked as not
constructed in the parser. Changed the flag to mark it as
constructed.
configure.ac: move enable_aesgcm_stream=yes clauses in enable-all and enable-all-crypto to the main section, from the !ENABLED_LINUXKM_DEFAULTS section, and in ENABLED_LINUXKM_LKCAPI_REGISTER setup, remove the !ENABLED_AESNI from the condition for forcing on ENABLED_AESGCM_STREAM.
linuxkm/lkcapi_glue.c:
* remove all special-casing for AES-GCM with AESNI.
* add support for a LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING macro.
wolfssl/wolfcrypt/memory.h: add missing definition of SAVE_VECTOR_REGISTERS2() when DEBUG_VECTOR_REGISTER_ACCESS_FUZZING && !DEBUG_VECTOR_REGISTER_ACCESS.
wolfcrypt/src/memory.c:
* define SAVE_VECTOR_REGISTERS2_fuzzer() if DEBUG_VECTOR_REGISTER_ACCESS_FUZZING, regardless of DEBUG_VECTOR_REGISTER_ACCESS.
* add a DEBUG_VECTOR_REGISTER_ACCESS clause to the !HAVE_THREAD_LS version of SAVE_VECTOR_REGISTERS2_fuzzer().
wolfcrypt/test/test.c: remove several errant wc_AesFree()s in aes256_test().
* add support for DEBUG_LINUXKM_FORTIFY_OVERLAY to allow KASAN analysis of the overlay without actually enabling CONFIG_FORTIFY_SOURCE (which is buggy in combination with KASAN).
* make SAVE_VECTOR_REGISTERS2 definition conditional on !defined(SAVE_VECTOR_REGISTERS2).
wolfssl/wolfcrypt/memory.h: fix the DEBUG_VECTOR_REGISTER_ACCESS definition for SAVE_VECTOR_REGISTERS to properly omit the on-success bookkeeping code even if the supplied fail_clause doesn't return.
wolfcrypt/src/rsa.c: in wc_MakeRsaKey() primality loop, invoke RESTORE_VECTOR_REGISTERS() SAVE_VECTOR_REGISTERS() to prevent lengthy kernel lockups.
wolfcrypt/src/dh.c: in wc_DhGenerateParams() primality loop, invoke RESTORE_VECTOR_REGISTERS() SAVE_VECTOR_REGISTERS() to prevent lengthy kernel lockups.
wolfcrypt/src/{curve25519.c,dh.c,dsa.c,ecc.c,eccsi.c,rsa.c,sakke.c,sp_int.c}: when WOLFSSL_LINUXKM, force {SAVE,RESTORE}_VECTOR_REGISTERS() to WC_DO_NOTHING if settings gate out applicable asm.
* add srtp to enable-all
* add srtp-kdf to enable-all-crypto
* fix typo in enable-all[-crypto] where ENABLED_FIPS was used when FIPS_VERSION was needed.
* in enable-all[-crypto], conditionalize aesxts on !FIPS || FIPS_VERSION == dev.
* move AES-XTS CFLAG setup after FIPS settings, to allow non-dev FIPS to force it off, and add clause to FIPS v5 setup to do that.
* in FIPS v5 setup, add AES-XTS to the list of modes that forces -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB.
wolfcrypt/src/kdf.c: fix several benign -Wconversions.
wolfcrypt/test/test.c: add aes_cfb_test() and aes_xts_test() as top-level tests with separate "pass" messages, for transparency that those modes have indeed been tested in builds that activate them.
