Merge bitcoin-core/secp256k1#1357: tests: refactor: take use of secp256k1_ge_x_on_curve_var

7d8d5c86df8b27b45e80ed50341dd0ce64546c0f tests: refactor: take use of `secp256k1_ge_x_on_curve_var` (Sebastian Falbesoner)

Pull request description:

  The recently merged ellswift PR (#1129) introduced a helper `secp256k1_ge_x_on_curve_var` to check if a given X coordinate is on the curve (i.e. the expression x^3 + 7 is square, see commit 79e5b2a8b80f507e2c9936ff1c4e2fb39bc66a4e). This can be used for code deduplication in the `ecmult_const_mult_xonly` test.

  (Found this instance via `$ git grep add_int.*SECP256K1_B`, I think it's the only one where the helper can be used.)

ACKs for top commit:
  sipa:
    utACK 7d8d5c86df8b27b45e80ed50341dd0ce64546c0f
  real-or-random:
    utACK 7d8d5c86df8b27b45e80ed50341dd0ce64546c0f

Tree-SHA512: aebff9b5ef2f6f6664ce89e4e1272cb55b6aac81cfb379652c4b7ab30dd1d7fd82a2c3b47c7b7429755ba28f011a3a9e2e6d3aa5c77d3b105d159104c24b89f3

src/tests.c

@@ -4611,17 +4611,14 @@ static void ecmult_const_mult_xonly(void) {
 
     /* Test that secp256k1_ecmult_const_xonly correctly rejects X coordinates not on curve. */
     for (i = 0; i < 2*COUNT; ++i) {
-        secp256k1_fe x, n, d, c, r;
+        secp256k1_fe x, n, d, r;
         int res;
         secp256k1_scalar q;
         random_scalar_order_test(&q);
         /* Generate random X coordinate not on the curve. */
         do {
             random_field_element_test(&x);
-            secp256k1_fe_sqr(&c, &x);
+        } while (secp256k1_ge_x_on_curve_var(&x));
-            secp256k1_fe_mul(&c, &c, &x);
-            secp256k1_fe_add_int(&c, SECP256K1_B);
-        } while (secp256k1_fe_is_square_var(&c));
         /* If i is odd, n=d*x for random non-zero d. */
         if (i & 1) {
             do {