add session save and session load functionality

New [key-bindings]:
- session-save: captures cwd and foreground process argv to ~/.local/share/foot/state/{name}.json
- session-save-secure: prompts for a password, encrypts the scrollback with argon2id + XChaCha20-Poly1305 (libsodium) and writes it to {name}.scrollback.enc(stores up to 1Mb scrollback buffer).
- session-load: a minimal fuzzy picker that displays saved sessions (both secure and vanilla), UI piggybacks on search bar subsurface. use arrows to navigate and delete to delete a previously saved session.

session-crypto.h

@@ -0,0 +1,39 @@
+#pragma once
+
+#include <stdbool.h>
+#include <stddef.h>
+
+/*
+ * Encrypt and decrypt session scrollback with a password.
+ *
+ * File format (binary):
+ *   [magic       : 10 bytes "FOOT-ENC1\0"]
+ *   [salt        : crypto_pwhash_SALTBYTES (16)]
+ *   [nonce       : crypto_aead_xchacha20poly1305_ietf_NPUBBYTES (24)]
+ *   [ciphertext  : plaintext_len + crypto_aead_xchacha20poly1305_ietf_ABYTES (16)]
+ *
+ * KDF: argon2id at INTERACTIVE ops/mem limits (≈100ms on modern hardware).
+ * AEAD: XChaCha20-Poly1305 (authenticates the magic+salt+nonce as AAD).
+ */
+
+bool session_crypto_init(void);
+
+/*
+ * Encrypts plaintext with the given password. Allocates and returns a buffer
+ * in *out (caller frees); *out_len receives its size. Returns true on success.
+ */
+bool session_crypto_encrypt(
+    const char *password,
+    const unsigned char *plaintext, size_t plaintext_len,
+    unsigned char **out, size_t *out_len);
+
+/*
+ * Decrypts an encrypted blob (as produced by session_crypto_encrypt) with
+ * the given password. Allocates *out (caller frees) on success. Returns
+ * false on bad magic, truncated file, or authentication failure (wrong
+ * password / corrupted file).
+ */
+bool session_crypto_decrypt(
+    const char *password,
+    const unsigned char *blob, size_t blob_len,
+    unsigned char **out, size_t *out_len);