wolfCrypt input validation and side-channel hardening

[JeremiahM37]

Fixes F-3066, F-3548, F-3549, F-3550, F-3551, F-3552, F-3553, F-3554, F-3558, F-3559

• Validate NULL args at public API boundary in wc_BankRef_Release and wc_CMAC_Grow.
• Reject export of private key when privKeySet/privSet is unset for ed25519, ed448, curve25519, curve448 (was returning success with zero bytes).
• Fix wc_hash2sz returning 24 for SHA-224 instead of 28; affected RSA-PSS salt validation in Pkcs11RsaEncrypt.
• Replace data-dependent branch in mp_cond_swap_ct/_ex (heap-math) with masked XOR; the branch leaked the secret scalar bit through ECC's cache-resistant ladder.
• Acquire entropy_mutex in wc_Entropy_GetRawEntropy to match wc_Entropy_Get; prior code raced on entropyHash, entropy_state, and the timer-thread globals.
• Parse the optional prf AlgorithmIdentifier in PKCS7 PWRI PBKDF2-params; previously hardcoded SHA-1 and would mis-parse messages carrying explicit HMAC-SHA-256/384/512.
• Tests: cover the export-private rejections for the four ed/curve types.

[wolfSSL-Fenrir-bot]

Fenrir Automated Review — PR #10392

Scan targets checked: wolfcrypt-bugs, wolfcrypt-src

No new issues found in the changed files. ✅

[github-actions]

MemBrowse Memory Report

No memory changes detected for:

• gcc-arm-cortex-m4
• gcc-arm-cortex-m4-baremetal
• gcc-arm-cortex-m4-min-ecc
• gcc-arm-cortex-m4-tls12

[JeremiahM37]

Jenkins retest this please