wolfcrypt/src/logging.c:WOLFSSL_MSG_CERT_EX(), add missing gating on
defined(XVSNPRINTF);
in src/crl.c:CRL_Entry_new(), fix true-positive nullPointerRedundantCheck;
in src/pk.c:_DH_compute_key(), add bounds checking to ForceZero(priv).
the new implementation of wc_ForceZero from wolfcrypt/src/memory.c to inline in
wolfcrypt/src/misc.c replacing old ForceZero() implementation, and add a wrapper
wc_ForceZero() to wolfcrypt/src/memory.c.
* Store in extensions the full octet string
Store in WOLFSSL_X509_EXTENSION.value always the full contents of the
OCTET STRING of the extension, instead of different type of data
depending on the type of extension. Previously this was only done for
unknown extensions.
* Avoid local variables in 'DecodeExtKeyUsageInternal'
There is a great performance loss on configs using 'WOLFSSL_NO_MALLOC',
'WOLFSSL_STATIC_MEMORY' and 'USE_FAST_MATH' if function
'DecodeExtKeyUsageInternal' uses intermediate variables. This can be
observed running the Zephyr test 'wolfssl_test/prj-no-malloc.conf'.
Avoid using intermediate variables, and use raw pointers to the final
destination instead.
* Add missing calls to 'FreeDecodedCert'
* Return error code from 'wolfSSL_ASN1_STRING_into_old_ext_fmt'
* Fix lines larger than 80
* Allow NULL parameters for 'DecodeAuthKeyId'
* Add comment explaining build option '--enable-old-extdata-fmt'
* Test full OCTET STRING in tests/api.c
* wolfSSL_X509V3_EXT_d2i: Honor 'WOLFSSL_SMALL_STACK'
* zephyr/wolfssl_test_no_malloc: Increase test timeout
* wolfSSL_X509V3_EXT_d2i: Extract repeated code into common part
* wolfcrypt: Remove 'WOLFSSL_LOCAL' from .c files
* wolfcrypt: Change location of functions to make diff easier
Optimize code knowing it is for Intel x64.
Change signing to calculate one polynomial at a time so that if it isn't
valid then we fail early.
Other minor improvements.
Move the SHA-3 4 blocks at a time assembly into SHA-3 asm file.
Make constants in assembly the same length (front pad with zeros).
Original ASN.1 code wasn't checking that data in a sequence didn't
exceed the length of the sequence.
In particular, the contents of the parameters and the PKCS#5 parameters.
Instead of loading 64-bits with alignment protection, use xorbuf which
has built in protection.
Only XOR in as much data as cached and XOR padding and rate bit directly
rather than XORing maximum amount after clearing out rest of array and
adding in padding and rate bit.
