Make ec_ arithmetic more consistent and add documentation
Summary:
- Add scalar_set_b32_seckey which does the same as scalar_set_b32 and also returns whether it's a valid secret key
- Use scalar_set_b32_seckey in ecdsa_sign, pubkey_create and seckey_verify
- Add test for boundary conditions of scalar_set_b32 with respect to overflows
- Return 0 if the given seckey is invalid in privkey_negate, privkey_tweak_add and privkey_tweak_mul
- Define valid ECDSA keys in the documentation of seckey_verify
- Mention that value is unspecified for In/Out parameters if the function returns 0
- Rename private key to secret key in public API (with the exception of function names)
- Make ec_privkey functions aliases for ec_seckey_negate, ec_seckey_tweak_add and ec_seckey_mul
- Make tweak function documentation more consistent.
Do this by adding a newline after the first sentence and aligning the rest.
- Clarify documentation of tweak functions.
In particular, mention that the functions return 0 if seckey or tweak are
invalid (as opposed to saying "should" or "must" be valid).
This is a backport of libsecp256k1 PR701
Test Plan:
ninja check-secp256k1
Reviewers: #bitcoin_abc, majcosta
Reviewed By: #bitcoin_abc, majcosta
Differential Revision: https://reviews.bitcoinabc.org/D7587