Very experimental Ed480-Ridinghood support is now in.  It's not fully optimized,
but in general the current build is 8-15% slower than Goldilocks.  It only works on
arch_x86_64, though arch_ref64 support ought to be easy.  Support on other arches
will be trickier, which is of course why I chose Goldilocks over Ridinghood in the
first place.

Next up, E-521.  Hopefully.

The code is starting to get spread out over a lot of files.  Some are per field*arch,
some per field, some per curve, some global.  It's hard to do much about this, though,
with a rather ugly .c.inc system.

There's currently no way to make a Ridinghood eBAT.  In fact, I haven't tested eBAT
support in this commit.  I also haven't tested NEON, but at least ARCH_32 works on
Intel.

Undo the INTRINSIC changes from David Leon Gil.

Turn precomputed keys back on by default.  Change #ifdef to #if for checking sigs.

src/include/barrett_field.h:

- Requires review: corrected failure to cast to (mask_t) prior to negation. (Or, if this is wrong; should cast to needed bitwidth explicitly.)
- Changed type of nwords_out to uint32_t to agree with header.

src/include/intrinsics.h:

- Fixed up various preprocessor statements to check for definition rather than value of built-ins.
- Added macro to use Clang’s __builtin_readcyclecounter on platforms on which it’s available. (Which is most platforms these days.)

src/include/magic.h: Preprocessor “if” versus “if defined”.

src/include/word.h: Fixed ifdefs; enabled support for memset_s on Darwin. Added explicit cast to mask_t.

Added void to function definitions and declarations in the following files (not including void is okay in modern C++, but not modern C, IIRC):

include/goldilocks.h, src/crandom.c, src/goldilocks.c, src/include/api.h, src/include/intrinsics.h, test/bench.c, test/test.c, test/test.h, test/test_arithmetic.c, test/test_goldilocks.c, test/test_pointops.c, test/test_scalarmul.c, test/test_sha512.c