Also add public APIs for this, now that the specification is no longer
expected to change, and because a project external to the library wishes
to use it.
For now, I've kept the P-256 version using the generic felem_exp, but we
should update that to use the specialized field arithmetic.
Trust Tokens will presumably move to this later and, in the meantime,
another team wants this.
Bug: chromium:1414562
Change-Id: Ie38203b4439ff55659c4fb2070f45d524c55aa2a
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/57147
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
3950d6ce25