ask-password-api: many fixes to ask_password_tty()

A couple of fixes:

1. always bzero_explicit() away what we remove from the passphrase
   buffer. The UTF-8 code assumes the string remains NUL-terminated, and
   we hence should enforce that. memzero() would do too here, but let's
   be paranoid after all this is key material.

2. when clearing '*' characters from string, do so counting UTF-8
   codepoints properly. We already have code in place to count UTF-8
   codepoints when generating '*' characters, hence we should take the
   same care when clearing them again.

3. Treat NUL on input as an alternative terminator to newline or EOF.

4. When removing characters from the password always also reset the
   "codepoint" index properly.

0 files changed, 0 insertions, 0 deletions