20250514-linuxkm-and-sp-tweaks

[douzzer]

linuxkm/lkcapi_dh_glue.c: never install DH/FFDHE on kernel <5.18 -- DH secrets have a different format before that version, and FFDHE (CONFIG_CRYPTO_DH_RFC7919_GROUPS) was introduced in 5.18 and is the only FIPS-allowed DH variant.

wolfssl/wolfcrypt/sp_int.h and wolfcrypt/src/sp_int.c: add WOLFSSL_SP_DYN_STACK macro to orthogonalize gnarly setup logic, and refactor to use it throughout; refactor several more sp_int stack-allocated data buffers as sp_int_digit[]s rather than char[]s; add XALIGNED(SP_WORD_SIZEOF) to sp_int.dp.

Fixes

[cross-m68k-all-asm] [311 of 381] [cd79be4928]
    using m68k-unknown-linux-gnu-gcc 15.1.0
    configure...   real 0m6.794s  user 0m3.878s  sys 0m3.870s
In file included from ./wolfssl/wolfcrypt/aes.h:37,
                 from ./wolfssl/openssl/aes.h:35,
                 from conftest.c:72:
760178c7dc (<david@wolfssl.com> 2025-05-06 12:08:35 -0700 1888)         #define wc_static_assert static_assert
./wolfssl/wolfcrypt/types.h:1888:34: error: static assertion failed
 1888 |         #define wc_static_assert static_assert
      |                                  ^~~~~~~~~~~~~
5a911f6af0 (<douzzer@wolfssl.com> 2025-05-10 02:16:48 -0500 933) wc_static_assert(sizeof(struct sp_int_minimal) % sizeof(sp_int_digit) == 0);
./wolfssl/wolfcrypt/sp_int.h:933:1: note: in expansion of macro 'wc_static_assert'
  933 | wc_static_assert(sizeof(struct sp_int_minimal) % sizeof(sp_int_digit) == 0);
      | ^~~~~~~~~~~~~~~~
configure:44473: $? = 1
configure: failed program was:
configure:44483: error: Header file inconsistency detected -- error including wolfssl/openssl/aes.h.
configure: error: Header file inconsistency detected -- error including wolfssl/openssl/aes.h.
    scenario started 2025-05-14T13:51:15.016787Z, real elapsed 0m6.897856s
    cross-m68k-all-asm fail_config
    failed config: '--srcdir' '.' '--disable-jobserver' '--enable-option-checking=fatal' 'FILECMD=file' 'MANIFEST_TOOL=/bin/false' 'DLLTOOL=/bin/false' '--host=m68k-unknown-linux-gnu' '--enable-all' '--enable-testcert' '--enable-acert' '--enable-dtls13' '--enable-dtls-mtu' '--enable-dtls-frag-ch' '--enable-dtlscid' '--enable-quic' '--with-sys-crypto-policy' '--enable-asn=template' '--enable-asm' '--disable-optflags' 'CFLAGS=-DTEST_ALWAYS_RUN_TO_END -O1' 'CPPFLAGS=-DNO_WOLFSSL_CIPHER_SUITE_TEST -DWOLFSSL_OLD_PRIME_CHECK -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE'
    EXE_LAUNCHER: 'qemu-m68k' '-L' '/usr/m68k-unknown-linux-gnu' '-E' 'LD_LIBRARY_PATH=./src/.libs'

tested with

wolfssl-multi-test.sh ... 
check-source-text
cppcheck-force-source
allcryptonly-gcc-c89
linuxkm-intelasm-sp-asm-ksanitize-insmod
cross-m68k-all-asm
check-configure
all-gcc-c99
quantum-safe-wolfssl-all-g\\+\\+-latest-debug
quantum-safe-wolfssl-all-clang-tidy
quantum-safe-wolfssl-all-intelasm-sp-asm-sanitizer
quantum-safe-wolfssl-all-intelasm-sp-asm-valgrind

[douzzer]

retest this please (java.io.StreamCorruptedException: invalid stream header: 636F7272)

[douzzer]

retest this please

java.io.StreamCorruptedException: invalid stream header: 636F7272