destroying the scratch space when its alloc_size > 0 leads to an error

secp256k1_context obj is used for its error_callback function

In future, batch_context_create and batch_context_destroy will be
moved to src/ directory. Only batch_context_add_*, batch_context_verify
will be present in the schnorrsig module

batch_context_create and batch_context_destroy function are compiled
by default.

src/batch_impl: contains create and destroy function definition.

This implementation is very similar to src/scratch_impl.h

added initial example where the batch context is created and destroyed.

added batch_context_verify to the schnorrsig module

batch_ctx->rounds keeps track of number of times the scratch space was
erased by batch_add_* function. This occurs when user's inputs exceed
batch object capacity (specified during creation).

This func will be update to include the following:
[ ] randomizer generation (currently assume to be 1)
[ ] run transparent verification if batch object is full

…orrsig

batch_context_verify:
- moved this API from module/schnorrsig/main_impl.h to secp256k1.c
- hence this API will be available even if the user doesn't enable schnorrsig module

batch_context_add_schnorrsig:
- moved this API from module/schnorrsig/main_impl.h to module/schnorrsig/batch_add_impl.h
- required since this api needs the `schnorrsig_challenge` func defined in schnorrsig/main_impl.h
- hence batch_impl.h will be included after schnorrsig/main_impl.h in the secp256k1.c file

for each term added by the user, twice the number of points (and scalars)
will be added to the scratch space. One term (schnorrsig or tweak) contains:
- R, P for schnorrsig
- Q, P for tweak check

…ignment

currently the code uses `scalar_cmov` to set a scalar to the scratch space.
This can be done using `batch_ctx->scalars[i] = ai` instead since we are
not required to use constant function during verification

…on scratch

let's use the following notation:
    - len(user_terms) = number of terms added by the user to the batch object
    - len(scratch_terms) = number of points (or scalars) present on batch objects's scratch space

Previously `batch_ctx->len` was used to represent `len(user_terms)` since I assumed that
`len(scratch_terms) = 2 * len(user_terms)` is always true.
    - if user adds schnorrsig, R and P will be added to scratch
    - if user adds tweak checks, Q and P will be added to scratch

This approach will fail if the batch objects is required to verify `e*P ?= s*G`. In this case,
`len(scratch_term) = len(user_term)` since only P will be added to batch objects scratch space

`rounds` was used to track the number of times the scratch space was
cleared by batch_context_add_* for transparent verification. It will
also tell the number of terms the user entered (rounds*capacity + len).

Keeping track of this data was not worth it since the user could always
have a counter to for total number of terms entered. It also made the
`batch_verify` function look messy. Hence, decided to remove `rounds` memeber.

The side effect of removing this data memeber is setting `batch_ctx->result = 1`
during creation since we alwasy need to `&&` with `batch_ctx->result` during
verification.

If the user calls `batch_add_schnorrsig` while the batch context's scratch
space is full (i.e, batch_ctx->len = batch_ctx->capacity). The previously
allocated points and scalars will be erased to allow adding new points
and scalars (to scratch space).

this part of batch_create does performs the same operation as
`secp256k1_batch_scratch_alloc`, so calling that func instead

Adds xonly pubkey tweak check data to the batch context.
This function's algorithm is based on `secp256k1_xonly_pubkey_tweak_add_check`.

(cherry picked from commit c171f0d)

(cherry picked from commit 9acd9c4)

This prevents memory leak in the test:
```
secp256k1_batch *batch = batch_create(batch, 0, NULL);
CHECK(batch == NULL)
```

we can't hit ARG_CHECK(max_terms <= SIZE_MAX/2) during testing since
we replace `max_terms` with `STRAUSS_MAX_TERMS_PER_BATCH` before it

previously, we just called it once, which is not enough for tests generating
random inputs.