memset used instead of OQS_MEM_CLEANSE

[SWilson4]

In several places throughout the codebase, memset is being used instead of OQS_MEM_CLEANSE. When the data being reset is secret, this is undesirable, as a compiler may optimize out the memset call.

Here are a few examples:

liboqs/src/sig_stfl/xmss/external/xmss_core_fast.c

Lines 952 to 956 in 4cc8884

	if (idx >= ((1ULL << params->full_height) - 1)) {
	// Delete secret key here. We only do this in memory, production code
	// has to make sure that this happens on disk.
	memset(sk, 0xFF, params->index_bytes);
	memset(sk + params->index_bytes, 0, (size_t)(params->sk_bytes - params->index_bytes));

liboqs/src/sig_stfl/xmss/external/xmss_core_fast.c

Lines 679 to 683 in 4cc8884

	if (idx >= ((1ULL << params->full_height) - 1)) {
	// Delete secret key here. We only do this in memory, production code
	// has to make sure that this happens on disk.
	memset(sk, 0xFF, params->index_bytes);
	memset(sk + params->index_bytes, 0, (size_t)(params->sk_bytes - params->index_bytes));

liboqs/src/sig_stfl/lms/external/hss_sign.c

Lines 715 to 717 in 4cc8884

	/* On failure, make sure that we don't return anything that might be */
	/* misconstrued as a real signature */
	memset( signature, 0, signature_buf_len );

All of these examples are from the LMS / XMSS code, but this issue is not limited to that portion of the library.

Reported by @trailofbits in Week 1 of their audit of liboqs.