* tweaks to xmss_test() for compatibility with WOLFSSL_NO_MALLOC && NO_WOLFSSL_MEMORY;
* fixes for return codes in dilithium_test().
wolfssl/wolfcrypt/dilithium.h: add !WC_NO_CONSTRUCTORS gate around wc_dilithium_new() and wc_dilithium_delete() prototypes, to match gating in implementation.
* add WC_RNG_BANK_STATIC to WC_RNG_BANK_SUPPORT, supporting WOLFSSL_NO_MALLOC;
* in random_bank_test(), fix gate around _NO_VECTOR_OPS sha256.sha_method test (WOLFSSL_SMALL_STACK_CACHE, and USE_INTEL_SPEEDUP not WC_HAVE_VECTOR_SPEEDUPS);
* in definition of struct wc_rng_bank_inst, accommodate WOLFSSL_NO_ATOMICS builds;
wolfssl/wolfcrypt/random.h: in definition of struct WC_RNG, add gate to avoid empty union in !HAVE_HASHDRBG configs.
wolfcrypt/src/rng_bank.c:
* add wc_local_rng_bank_checkout_for_bankref, wc_BankRef_Release(), wc_rng_bank_new(), and wc_rng_bank_free();
* in wc_rng_bank_checkin(), take a struct wc_rng_bank_inst **rng_inst and NULL it before return;
* in wc_rng_bank_init(), add a devId arg, and handle devId in wc_rng_bank_inst_reinit();
* add WC_RNG_BANK_INST_LOCK_* and use them in wc_rng_bank_checkout() and wc_rng_bank_checkin();
* fix order of operations in wc_rng_bank_checkout() re DISABLE_VECTOR_REGISTERS();
wolfcrypt/src/random.c:
* refactor per-instance salting for wc_rng_bank_inst: remove changes in Hash_df(), Hash_DRBG_Instantiate(), and _InitRng(), and in wc_rng_bank_init() and wc_rng_bank_inst_reinit(), use wc_InitRngNonce_ex() and pass the wc_rng_bank_inst pointer as the nonce;
* simplify the WC_RNG_BANK_SUPPORT variant of wc_RNG_GenerateBlock() -- delegate to wc_local_rng_bank_checkout_for_bankref() and remove supplementary error checking;
* in wc_FreeRng(), call wc_BankRef_Release() when WC_DRBG_BANKREF, and in wc_BankRef_Release(), fix refcount flub (not wolfSSL_RefFree, rather wolfSSL_RefDec);
* streamline the WOLFSSL_LINUXKM wc_GenerateSeed();
wolfcrypt/test/test.c: add random_bank_test();
linuxkm/lkcapi_sha_glue.c: use WC_RNG_BANK_INST_TO_RNG() opportunistically;
configure.ac: add --enable-amdrdseed as a synonym for --enable-amdrand;
linuxkm/linuxkm_wc_port.h: when LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, don't include get_random_bytes() in struct wolfssl_linuxkm_pie_redirect_table;
add various comments for clarity.
tests/api.c:
* remove inapt SSL_library_init() in test_wolfSSL_EVP_Cipher_extra();
* move TEST_X509_DECLS to follow TEST_DECL(test_wolfSSL_Init);
tests/api/test_random.c: enlarge seed buffer in test_wc_RNG_TestSeed() to accommodate amdrand block size;
tests/quic.c: wrap exercises in wolfSSL_Init()...wolfSSL_Cleanup();
tests/unit.c: in unit_test(), add several more fflush(stdout)s, report error from wolfSSL_Cleanup(), and fix line length;
wolfcrypt/test/test.c: omit reseed test in _rng_test() if HAVE_INTEL_RDRAND or old FIPS, and use simplified random_test() if HAVE_INTEL_RDRAND;
wolfssl/wolfcrypt/mem_track.h: add memList pointer in struct memoryStats, and set it in InitMemoryTracker();
wolfssl/wolfcrypt/settings.h: undefine WOLFSSL_SMALL_STACK_CACHE if WOLFSSL_SMALL_STACK is undefined;
.github/workflows/trackmemory.yml: add --enable-intelrdseed scenario.
* in wolfcrypt_test_main(), when WOLFSSL_TRACK_MEMORY, check and error if wc_MemStats_Ptr->currentBytes > 0;
* don't call the hash initialization APIs for hash structs that are later copied over with the hash copy API (sha224_test(), sha256_test(), sha512_test(), etc)
* in hash_test(), either wc_HashNew() or wc_HashInit(), not both (fixes leaks);
* in hmac_*_test(), add test coverage for wc_HmacCopy();
* in _rng_test(), when WOLFSSL_TRACK_MEMORY && WOLFSSL_SMALL_STACK_CACHE, check that wc_MemStats_Ptr->totalAllocs doesn't increase when wc_RNG_GenerateBlock() is called, and if HAVE_HASHDRBG) && !CUSTOM_RAND_GENERATE_BLOCK, check that forcing a reseed doesn't result in an increase.
* add missing context cleanups in openSSL_evpMD_test().
wolfssl/internal.h and src/ssl.c: add volatile attribute to WOLFSSL_CTX.privateKeyPKey pointer, for pedantic accuracy;
wolfcrypt/test/test.c: in memory_test(), use compatible pointers for all operands in the wolfSSL_Atomic_Ptr_CompareExchange() test, to avoid undefined behavior.
wolfcrypt/src/port/af_alg/afalg_aes.c: check for null key arg;
configure.ac: rename BUILD_FIPS_CURRENT to BUILD_FIPS_V2_PLUS (no functional change), and remove unused ARMASM_DIST_SOURCES set up code added in #9332;
src/include.am:
* set up $(ARMASM_SHA256_C), and use it to properly include wolfcrypt/src/sha256.c alongside armasm when appropriate;
* fix gating on Curved25519 armasm (BUILD_FIPS_V6_PLUS, not BUILD_FIPS_V6);
tests/api/test_aes.c and wolfcrypt/test/test.c: gate out incompatible coverage for WOLFSSL_AFALG and WOLFSSL_KCAPI (test_wc_AesCbcEncryptDecrypt_MultiBlocks(), test_wc_AesCtrSetKey*(), test_wc_AesCtrEncrypt*(), test_wc_AesGcmEncryptDecrypt_Sizes()).
