Previously, MuSig2SecNonce pre-allocated secure memory in its constructor, so IsValid() was true before secp256k1_musig_nonce_gen ran. secp256k1_musig_partial_sign could be reached with an uninitialized secp256k1_musig_secnonce causing libsecp to crash.
This patch defers secure allocation until CreateMuSig2Nonce succeeds, guards CreateMuSig2PartialSig when no secnonce was generated, and adds a unit test for the lifecycle.
Test plan
/build/bin/test_bitcoin --run_test=bip328_tests/secnonce_lifecycle