Manually implement `Debug` for types that hold secrets

[marsella]

When we log debug and error information, we sometimes want to give context about types that contain secrets. However, we don't want to log the secrets themselves. Specifically, we want to avoid logging data that could be used to reconstruct key shares if it was collected after the fact.

It's okay to be a bit aggressive about identifying sensitive fields, we'd rather be too cautious.

• [x] Identify all the types that contain potentially-sensitive fields
• [x] Manually implement Debug on them with the secrets redacted
• [x] Derive ZeroizeOnDrop on them, too

---

Tentative list of structs that need more careful debug. This includes types that don't derive debug right now, but I included them because it seems better to preemptively add a safer debug, than to leave open the possibility of deriving it insecurely later.

• [x] paillier.rs: Nonce, MaskedNonce, DecryptionKey
• [x] ring_pedersen.rs: CommitmentRandomness, MaskedRandomness
• [x] info.rs: AuxInfoWitnesses (redact both fields)
• [x] data.rs: BroadcastData (redact data?)
• [ ] keygen_commit.rs: KeygenDecommit -- actually, I don't think this is secret. It's sent to every party.
• [x] keyshare.rs: KeySharePrivate
• [x] round_one.rs: Private
• [x] round_two.rs: Private
• [x] round_three.rs: Private
• [x] piaffg.rs: PiAffgSecret
• [x] pienc.rs: PiEncSecret
• [x] pifac.rs: PiFacSecret
• [x] pilog.rs: ProverSecret
• [x] pimod.rs: PiModSecret
• [x] piprm.rs: PiPrmSecret
• [x] pisch.rs: PiSchSecret

[marsella]

An example of the redacting is done in #196 -- see e.g. AuxInfoDecommit.