When extra entropy is not specified by the caller, CKey::Sign will
now always create a signature that has a low R value and is at most
70 bytes. The resulting signature on the stack will be 71 bytes when
the sighash byte is included.
Using low R signatures means that the resulting DER encoded signature
will never need to have additional padding to account for high R
This is a partial backport of Core PR13666 : https://github.com/bitcoin/bitcoin/pull/13666/commits/18dfea0dd082af18dfb02981b7ee1cd44d514388