mpi: Fix mpi_set_secure.
* mpi/mpiutil.c (mpi_set_secure): Allocate by ->alloced.
The code was simply wrong. The question is if (1) it allocates
(possibly) more or (2) modifi ->alloced. The choice is (1).
Because we have routines of mpi_set_cond and mpi_swap_cond which
assume no change for the allocated length of limbs, no surprise is
better. See _gcry_mpi_ec_mul_point for concrete example for those
routines. That's for constant-time computation.
- Debian-bug-id: #866964
- Suggested-by: Mark Wooding <mdw@distorted.org.uk>
- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>