Merged PR 11163422: Wipe temporary values used by integrity test

## Description:

FIPS 140-3 TE05.08.02 requires that "any temporary values generated during the integrity test are zeroised upon completion of the integrity test." We were not previously doing this, because the temporary values are not secrets, but it is required for certification. This PR adds the required zeroisation.

## Admin Checklist:
- [X] You have updated CHANGELOG.md to reflect any changes in behavior
(Others N/A)

Related work items: #52849999

Author: mlindgren

CHANGELOG.md

@@ -3,6 +3,8 @@
 New changes will be listed here as they are developed. The version number is determined
 prior to the creation of a new release, based on the changes contained in that release.
 
+- Internal self-test changes to support FIPS 140-3 certification
+
 # Version 103.4.3
 
 - Added preliminary support for macOS (static libraries and unit tests only, no ASM optimizations)

modules/linux/common/integrity.c

@@ -479,6 +479,7 @@ size_t SymCryptModuleProcessSegmentWithRelocations(
     SymCryptHmacSha256Append( hmacState, segmentCopy, hashableSectionSize );
 #endif
 
+    SymCryptWipe( segmentCopy, hashableSectionSize );
     SymCryptCallbackFree( segmentCopy );
 
     return hashableSectionSize;
@@ -492,7 +493,7 @@ VOID SymCryptModuleDoHmac(
     SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
     SYMCRYPT_HMAC_SHA256_EXPANDED_KEY hmacKey;
     SYMCRYPT_HMAC_SHA256_STATE hmacState;
-    BYTE actualDigest[SYMCRYPT_HMAC_SHA256_RESULT_SIZE] = {0xFF};
+    BYTE actualDigest[SYMCRYPT_HMAC_SHA256_RESULT_SIZE];
 
     scError = SymCryptHmacSha256ExpandKey( &hmacKey, SymCryptVolatileFipsHmacKey,
         sizeof(SymCryptVolatileFipsHmacKey) );
@@ -526,6 +527,12 @@ VOID SymCryptModuleDoHmac(
     // Verify that the HMAC result matches our expected digest
     SYMCRYPT_FIPS_ASSERT(
         memcmp( actualDigest, SymCryptVolatileFipsHmacDigest, SYMCRYPT_HMAC_SHA256_RESULT_SIZE ) == 0 );
+
+    // FIPS 140-3 TE05.08.02 requires that "any temporary values generated during the integrity
+    // test are zeroised upon completion of the integrity test"
+    SymCryptWipeKnownSize( actualDigest, SYMCRYPT_HMAC_SHA256_RESULT_SIZE );
+    SymCryptWipeKnownSize( &hmacState, sizeof(hmacState) );
+    SymCryptWipeKnownSize( &hmacKey, sizeof(hmacKey) );
 }
 
 VOID SymCryptModuleVerifyIntegrity(void)

scripts/process_fips_module.py

@@ -155,7 +155,7 @@ def value(self, value):
         # buffer, so we need to find the appropriate section within the stream using sh_offset and
         # write to that.
         # Note self.section.stream == self.elf_file.stream.
-        logging.debug("Changing {} writing {} to offset {}".format(self.name, value.hex(), hex(self.offset)))
+        logging.debug("Writing {} to offset {}".format(value.hex(), hex(self.offset)))
         self.section.stream.seek(self.offset)
         self.section.stream.write(value)
 
@@ -164,7 +164,9 @@ def set_value(self, format, *args):
         assert(len(new_value) == self.length)
 
         if self.name is not None:
-            logging.debug("Changing {} value to {}".format(self.name, *args))
+            logging.debug("Changing {} value to {}".format(
+                self.name if self.name is not None else "(unnamed)",
+                *args))
 
         self.value = new_value