Move to a better memory locking library

[josephlr]

Fscrypt uses the Key struct to keep sensitive cryptographic data locked in memory and zeroed after use. However, this would be better spun out into a separate library (as it doesn't really deal much with fscrypt).

Luckily, @awnumar has written memguard a library for handling secrets in go. It does everything we want and more, but at the cost of requiring some changes to fscrypt (memguard.CatchInterrupt and memguard.SafeExit).

I'll need to do a more through read though of the code, but it looks good so far. In fact, the development of memguard incorporated things we learned with fscrypt. It really looks like this would be a strict improvement.