zeroize sensitive memory and validate public API inputs

[JeremiahM37]

Fixes F-1553, F-1554, F-1555, F-1917, F-2213, F-3095, F-3096, F-3351, F-3353, F-3555, F-3593, F-3594, F-3595, F-3596, F-3597, F-3598, F-3599, F-3600.

• srp: mp_forcezero on password verifier, private exponent, and verifier-derived intermediate; free hash on error path
• pkcs7: ForceZero plaintext payload before free in EncodeEnvelopedData / EncodeEncryptedData / EncodeAuthEnvelopedData
• eddsa: ForceZero orig_k after sign-time integrity check (ed25519, ed448)
• curve25519: ForceZero blinding state (a, n_a, rz) on every exit
• slhdsa: ForceZero addRnd after wc_SlhDsaKey_Sign / SignHash
• random: ForceZero DRBG newV on Hash_df failure (SHA-256 + SHA-512 reseed)
• rsa: ForceZero OAEP seed on padding error paths
• evp: ForceZero HKDF IKM in PKEY_CTX_set1_hkdf_key rotation and PKEY_free
• camellia: add wc_CamelliaFree to wipe key schedule
• evp: correct SM4-CTR debug message (was "AES CTR")
• compress: bound wc_DeCompressDynamic input/growth against INT_MAX
• asn: reject negative/zero size in wc_PemToDer
• tests: cover wc_PemToDer and wc_DeCompressDynamic input validation

[wolfSSL-Fenrir-bot]

Fenrir Automated Review — PR #10413

Scan targets checked: wolfcrypt-bugs, wolfcrypt-src

No new issues found in the changed files. ✅

[github-actions]

MemBrowse Memory Report

gcc-arm-cortex-m4-baremetal

• FLASH: .text +64 B (+0.1%, 64,569 B / 262,144 B, total: 25% used)
  No memory changes detected for:
• gcc-arm-cortex-m4
• gcc-arm-cortex-m4-min-ecc
• gcc-arm-cortex-m4-tls12

[JeremiahM37]

Jenkins retest this please