Add ReadPasswordBytes for crypto use cases

Returns []byte so callers can zeroize the buffer after use. Refactors internals to share readRaw between both variants. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 11:32:36 -07:00
parent b886f9d222
commit 818c0c2e14
2 changed files with 24 additions and 3 deletions
--- a/terminal/terminal_test.go
+++ b/terminal/terminal_test.go
@@ -12,3 +12,10 @@ func TestReadPasswordNotATTY(t *testing.T) {
 		t.Fatal("expected error when stdin is not a terminal")
 	}
 }
+
+func TestReadPasswordBytesNotATTY(t *testing.T) {
+	_, err := ReadPasswordBytes("Password: ")
+	if err == nil {
+		t.Fatal("expected error when stdin is not a terminal")
+	}
+}