Merge bitcoin/bitcoin#23383: Update libsecp256k1 subtree to current master

314195c8be3bd7db0d5817c4fb3aa85c84363ce9 Remove unnecessary cast in CKey::SignSchnorr (Pieter Wuille)
a1f76cdb22e3278a48d63dd23c1fe3308daedd8c Remove --disable-openssl-tests for libsecp256k1 configure (Pieter Wuille)
86dbc4d075decb82fbba837aaa283cf0561897ad Squashed 'src/secp256k1/' changes from be8d9c262f..0559fc6e41 (Pieter Wuille)

Pull request description:

  The motivation for this bump is getting rid of a cast in `CKey::SignSchnorr`; the `aux_rand` argument isn't modified by the `secp256k1_schnorrsig_sign` function, but was marked as non-`const` anyway. This is fixed now (bitcoin-core/secp256k1#966), and the cast is removed in this PR.

  There are a few other relevant changes:
  * (bitcoin-core/secp256k1#956): replaces a runtime-computed table with a precomputed one; this adds arouns 1 MiB to the binary size, but is a step towards significantly simplifying the API. If 1 MiB is too much, it can be reduced by 2 or 4 (or more) for a slight verification performance reduction.
  * (bitcoin-core/secp256k1#983): removes (test/bench only) OpenSSL support entirely, removing the need to pass `--disable-openssl-tests` (see #23314).
  * (bitcoin-core/secp256k1#810): mild performance increase for 64-bit non-x86 platforms.
  * (bitcoin-core/secp256k1#1002): Make aux_rnd32==NULL behave identical to 0x0000..00 (which impacts BIP341/BIP342 signing in Bitcoin Core, making it more strictly BIP340 compliant, though not in a manner that affects security).

ACKs for top commit:
  fanquake:
    ACK 314195c8be3bd7db0d5817c4fb3aa85c84363ce9 - this includes a nice simplification to the lilbsecp build system (and thus our build system), and fixes issues like #22854. Did a Guix build on x86 (above), as well as a build on arm64 (except for the arm64 host):

Tree-SHA512: 0e048390fc148fbbdf5b98d9cce8c71067564e7d69d97b68347808a9bc45a04f4fc653c392c880d79d5d8b9cf282195520955581ac4f1595f6a948080cf5949d

1 files changed, 14 insertions, 19 deletions

diff --git a/src/secp256k1/ci/cirrus.sh b/src/secp256k1/ci/cirrus.sh
index 27db1e6779..e27b34782e 100755
--- a/src/secp256k1/ci/cirrus.sh
+++ b/src/secp256k1/ci/cirrus.sh
@@ -26,16 +26,12 @@ make
 
 # Print information about binaries so that we can see that the architecture is correct
 file *tests* || true
-file bench_* || true
+file bench* || true
 file .libs/* || true
 
 # This tells `make check` to wrap test invocations.
 export LOG_COMPILER="$WRAPPER_CMD"
 
-# This limits the iterations in the tests and benchmarks.
-export SECP256K1_TEST_ITERS="$TEST_ITERS"
-export SECP256K1_BENCH_ITERS="$BENCH_ITERS"
-
 make "$BUILD"
 
 if [ "$BENCH" = "yes" ]
@@ -49,23 +45,22 @@ then
     {
         $EXEC ./bench_ecmult
         $EXEC ./bench_internal
-        $EXEC ./bench_sign
-        $EXEC ./bench_verify
+        $EXEC ./bench
     } >> bench.log 2>&1
-    if [ "$RECOVERY" = "yes" ]
-    then
-        $EXEC ./bench_recover >> bench.log 2>&1
-    fi
-    if [ "$ECDH" = "yes" ]
-    then
-        $EXEC ./bench_ecdh >> bench.log 2>&1
-    fi
-    if [ "$SCHNORRSIG" = "yes" ]
-    then
-        $EXEC ./bench_schnorrsig >> bench.log 2>&1
-    fi
 fi
+
 if [ "$CTIMETEST" = "yes" ]
 then
     ./libtool --mode=execute valgrind --error-exitcode=42 ./valgrind_ctime_test > valgrind_ctime_test.log 2>&1
 fi
+
+# Rebuild precomputed files (if not cross-compiling).
+if [ -z "$HOST" ]
+then
+    make clean-precomp
+    make precomp
+fi
+
+# Check that no repo files have been modified by the build.
+# (This fails for example if the precomp files need to be updated in the repo.)
+git diff --exit-code