perf: optimize some short Weierstrass arithmetic

[yelhousni]

Description

• Small optimizations for scalar_mul_le():
  • In fixed_scalar_mul_le(), keep multiple_of_power_of_two in affine coordinates and use [Renes, Costello, Batina 2015] mixed addition for the tail (projective) bits and the conditional subtraction.
  • Isolate the last bit of the double-and-add loop to avoid the last unnecessary doubling of multiple_of_power_of_two.
• Implement ([Joye07], Alg.1) scalar multiplication: useful whenever a select cost less than a group operation, which is the case in non-native arithmetic.
• Implement joint_scalar_mul using Strauss-Shamir's trick, i.e. [a]P+[b]Q.

---

Before we can merge this PR, please make sure that all the following items have been
checked off. If any of the checklist items are not applicable, please leave them but
write a little note why.

• Targeted PR against correct branch (master)
• Linked to Github issue with discussion and accepted design OR have an explanation in the PR that describes this work.
• Wrote unit tests
• Updated relevant documentation in the code
• Added a relevant changelog entry to the Pending section in CHANGELOG.md
• Re-reviewed Files changed in the Github PR explorer