From 27c516437439c47c2479201191642bf7aaf5885b Mon Sep 17 00:00:00 2001
From: Filippo Valsorda <filippo@golang.org>
Date: Mon, 16 Dec 2024 17:20:46 +0100
Subject: [PATCH] crypto/internal/fips140: zeroise integrity test temporary
 values

There is no point to zeroise anything here because there are no secrets,
but there is a strict FIPS 140-3 test requirement for it.

> TE05.08.02 (Levels 1, 2, 3, and 4): verify that any temporary values
> generated during the integrity test are zeroised upon completion of
> the integrity test

Change-Id: I7b0db075dae9910f8e825a22ca2caa2b4c918980
Reviewed-on: https://go-review.googlesource.com/c/go/+/636556
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Michael Pratt <mpratt@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
---
 src/crypto/internal/fips140/check/check.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/crypto/internal/fips140/check/check.go b/src/crypto/internal/fips140/check/check.go
index 9d2e5d5cf6..f8a5d7a41e 100644
--- a/src/crypto/internal/fips140/check/check.go
+++ b/src/crypto/internal/fips140/check/check.go
@@ -93,6 +93,13 @@ func init() {
 		panic("fips140: verification mismatch")
 	}
 
+	// "The temporary value(s) generated during the integrity test of the
+	// module’s software or firmware shall [05.10] be zeroised from the module
+	// upon completion of the integrity test"
+	clear(sum)
+	clear(nbuf[:])
+	h.Reset()
+
 	if godebug.Value("#fips140") == "debug" {
 		println("fips140: verified code+data")
 	}
-- 
2.48.1