Co-authored-by: Pratyush Mishra <pratyush795@gmail.com>

Co-authored-by: mmagician <marcin.gorny.94@protonmail.com>
Co-authored-by: Pratyush Mishra <pratyushmishra@berkeley.edu>

Co-authored-by: Pratyush Mishra <pratyushmishra@berkeley.edu>

Co-authored-by: Sun <huachuang20@gmail.com>
Co-authored-by: Pratyush Mishra <pratyushmishra@berkeley.edu>

* Rename AllocatedBit to AllocatedBool

* Update Changelog

* Fix independent fmt issues

Co-authored-by: Nicholas Ward <npward@berkeley.edu>

* `to_bits` -> `to_bits_le`
* `BitIterator` -> `BitIteratorLE` + `BitIteratorBE`
* `found_one`/`seen_one` -> `BitIteratorBE::without_leading_zeros`

Co-authored-by: Pratyush Mishra <pratyushmishra@berkeley.edu>

* Implement `ToBitsGadget` for `UInt8` and `Vec<UInt8>`
* Add `kary_or` function to `Boolean`.

* adds alloc constant to AllocGadget

* fmt

* fmt

* more alloc constant impls

* fmt

* even more impls

* fixes type

* fixes alloc_constant in gm17

* uses alloc_constant from field gadget in group gadgets

* fmt

* handle most comments

* refactor(r1cs-std/boolean): expose enforcing value less than functionality

* fix(r1cs-std/boolean): ensure num_bits is calculated correctly from the arg

* feat(primitives/blake2s): allow creating Blake2s with custom params

- contributes to #50,
- depends on #53 and builds on it,
- due to coherence & requirements of `num_traits::{Zero, One}` to implement `std::ops::Add<Self, ..>` and (resp.) `std::ops::Mul<Self, ..>`, I've had to replace the afferent `impl<'a, P: ..> (Add|Mul)<&'a Self> for Group(Affine|Projective)<P>` by direct implementations on `Self`,
- I did not have to fight the borrow checker for this conversion => I think this hints arithmetic operations are called in contexts where the operand is owned,
- hence should this end up on a merge track, we may want to open an issue to convert the `impl<'a, P:..> (Neg|Sub|..)<&'a Self> for ..<P>` trait usage to direct `impl<P:..> (Neg|Sub|..)<Self> for ..<P>`
- the `impl AddAssign for GroupAffine<P>` in curves/models/short_weierstrass_jacobian.rs is provided to fit trait bounds, and without any guarantee of suitability for any particular purpose
- and that, even though I don't think it's used.

avoid return when it cant be early (in a simple if-else)

See https://rust-lang.github.io/rust-clippy/master/#explicit_into_iter_loop