musig: Securely clear secnonce in partial_sign

Replace memset which can be optimized out.
Update test to redefine wiped bytes so that the
valgrind check on conditioned jumps does not fail.

Author: john-moffett

src/modules/musig/session_impl.h

@@ -679,7 +679,8 @@ int secp256k1_musig_partial_sign(const secp256k1_context* ctx, secp256k1_musig_p
     ret = secp256k1_musig_secnonce_load(ctx, k, &pk, secnonce);
     /* Set nonce to zero to avoid nonce reuse. This will cause subsequent calls
      * of this function to fail */
-    memset(secnonce, 0, sizeof(*secnonce));
+    secp256k1_memclear(secnonce, sizeof(*secnonce));
+
     if (!ret) {
         secp256k1_musig_partial_sign_clear(&sk, k);
         return 0;

src/modules/musig/tests_impl.h

@@ -400,7 +400,9 @@ static void musig_api_tests(void) {
 
     memcpy(&secnonce_tmp, &secnonce[0], sizeof(secnonce_tmp));
     CHECK(secp256k1_musig_partial_sign(CTX, &partial_sig[0], &secnonce_tmp, &keypair[0], &keyagg_cache, &session) == 1);
-    /* The secnonce is set to 0 and subsequent signing attempts fail */
+    /* The secnonce is set to 0 and subsequent signing attempts fail.
+     * Redefine memory first as secp256k1_musig_partial_sign securely clears and undefines the bytes.*/
+    SECP256K1_CHECKMEM_DEFINE(&secnonce_tmp, sizeof(secnonce_tmp));
     CHECK(secp256k1_memcmp_var(&secnonce_tmp, zeros132, sizeof(secnonce_tmp)) == 0);
     CHECK_ILLEGAL(CTX, secp256k1_musig_partial_sign(CTX, &partial_sig[0], &secnonce_tmp, &keypair[0], &keyagg_cache, &session));
     memcpy(&secnonce_tmp, &secnonce[0], sizeof(secnonce_tmp));