ecc: Add mitigation against timing attack.
* cipher/ecc-ecdsa.c (_gcry_ecc_ecdsa_sign): Add the order N to K. * mpi/ec.c (_gcry_mpi_ec_mul_point): Compute with NBITS of P or larger.
CVE-id: CVE-2019-13627
- GnuPG-bug-id: T4626
- Co-authored-by: Ján Jančár <johny@neuromancer.sk>
- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>