musig: Securely clear secnonce in partial_sign

Replace memset which can be optimized out.

Author: john-moffett

src/modules/musig/session_impl.h

@@ -678,8 +678,12 @@ int secp256k1_musig_partial_sign(const secp256k1_context* ctx, secp256k1_musig_p
     /* Fails if the magic doesn't match */
     ret = secp256k1_musig_secnonce_load(ctx, k, &pk, secnonce);
     /* Set nonce to zero to avoid nonce reuse. This will cause subsequent calls
-     * of this function to fail */
-    memset(secnonce, 0, sizeof(*secnonce));
+     * of this function to fail. Declassify as memclear marks the bytes
+     * as undefined. */
+    secp256k1_memclear(secnonce, sizeof(*secnonce));
+    secp256k1_declassify(ctx, secnonce->data, sizeof(secp256k1_musig_secnonce_magic));
+    secp256k1_declassify(ctx, &secnonce->data[68], 64);
+
     if (!ret) {
         secp256k1_musig_partial_sign_clear(&sk, k);
         return 0;