mpi/ec-nist: fix for -Og build failure on i386

* mpi/ec-nist.c (_gcry_mpi_ec_nist256_mod)
(_gcry_mpi_ec_nist384_mod): Load p_mult constant with carry offset
to stack.

Patch fixes compilation error on i386 with -Og optimization level.

In file included from ../../mpi/ec-nist.c:34:
../../mpi/ec-nist.c: In function '_gcry_mpi_ec_nist256_mod':
../../mpi/ec-inline.h:701:3: error: 'asm' operand has impossible constraints

701 |   __asm__ ("subl %11, %3\n" \
    |   ^~~~~~~

../../mpi/ec-inline.h:894:9: note: in expansion of macro 'SUB4_LIMB32'

894 |         SUB4_LIMB32(A1.hi, A1.lo, A0.hi, A0.lo, \
    |         ^~~~~~~~~~~

../../mpi/ec-inline.h:1009:5: note: in expansion of macro 'SUB2_LIMB64'
1009 | SUB2_LIMB64(A4, A3, B4, B3, C4, C3); \

|     ^~~~~~~~~~~

../../mpi/ec-nist.c:474:3: note: in expansion of macro 'SUB5_LIMB64'

474 |   SUB5_LIMB64 (s[4], s[3], s[2], s[1], s[0],
    |   ^~~~~~~~~~~

Appears that in problematic function, too many registers end up being
allocated for addressing and there is not enough register left for
asm input/output (4 registers needed for this block). Problem can be
workaround by reducing needed addressing registers by pushing
p_mult[carry + ...] values to stack. On other compiler flag levels
and architectures, compiler should be able to optimize away this
extra copying and have not effect on performance.

• GnuPG-bug-id: T6892
• Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>