Some comments

src/impl/ecdsa.h

@@ -96,7 +96,7 @@ int static secp256k1_ecdsa_sig_recompute(secp256k1_num_t *r2, const secp256k1_ec
         secp256k1_fe_normalize(&xr);
         unsigned char xrb[32]; secp256k1_fe_get_b32(xrb, &xr);
         secp256k1_num_set_bin(r2, xrb, 32);
-        secp256k1_num_mod(r2, r2, &c->order);
+        secp256k1_num_mod(r2, &c->order);
         ret = 1;
     }
     secp256k1_num_free(&sn);
@@ -125,12 +125,12 @@ int static secp256k1_ecdsa_sig_sign(secp256k1_ecdsa_sig_t *sig, const secp256k1_
     secp256k1_fe_normalize(&rx);
     secp256k1_fe_get_b32(b, &rx);
     secp256k1_num_set_bin(&sig->r, b, 32);
-    secp256k1_num_mod(&sig->r, &sig->r, &c->order);
+    secp256k1_num_mod(&sig->r, &c->order);
     secp256k1_num_t n;
     secp256k1_num_init(&n);
     secp256k1_num_mod_mul(&n, &sig->r, seckey, &c->order);
     secp256k1_num_add(&n, &n, message);
-    secp256k1_num_mod(&n, &n, &c->order);
+    secp256k1_num_mod(&n, &c->order);
     secp256k1_num_mod_inverse(&sig->s, nonce, &c->order);
     secp256k1_num_mod_mul(&sig->s, &sig->s, &n, &c->order);
     secp256k1_num_free(&n);

src/impl/group.h

@@ -298,10 +298,10 @@ void static secp256k1_gej_split_exp(secp256k1_num_t *r1, secp256k1_num_t *r2, co
     secp256k1_num_init(&check);
     secp256k1_num_mul(&check, r2, &c->lambda);
     secp256k1_num_add(&check, &check, r1);
-    secp256k1_num_mod(&check, &check, &c->order);
+    secp256k1_num_mod(&check, &c->order);
     secp256k1_num_add(&check, &check, &c->order);
-    secp256k1_num_mod(&check, &check, &c->order);
-    secp256k1_num_mod(&a2, &a2, &c->order);
+    secp256k1_num_mod(&check, &c->order);
+    secp256k1_num_mod(&a2, &c->order);
     assert(secp256k1_num_cmp(&check, &a2) == 0);
     secp256k1_num_free(&check);
     secp256k1_num_free(&a2);

src/impl/num_gmp.h

@@ -70,20 +70,16 @@ void static secp256k1_num_set_int(secp256k1_num_t *r, int a) {
     r->data[0] = (a < 0) ? -a : a;
 }
 
-void static secp256k1_num_mod(secp256k1_num_t *r, const secp256k1_num_t *a, const secp256k1_num_t *b) {
-    secp256k1_num_sanity(a);
-    secp256k1_num_sanity(b);
+void static secp256k1_num_mod(secp256k1_num_t *r, const secp256k1_num_t *m) {
+    secp256k1_num_sanity(r);
+    secp256k1_num_sanity(m);
 
-    r->neg = a->neg;
-    if (a->limbs >= b->limbs) {
-        mp_limb_t q[2*NUM_LIMBS+1];
-        mp_limb_t t[2*NUM_LIMBS+1];
-        mpn_tdiv_qr(t, q, 0, a->data, a->limbs, b->data, b->limbs);
-        r->limbs = b->limbs;
-        while (r->limbs > 1 && q[r->limbs-1]==0) r->limbs--;
-        mpn_copyi(r->data, q, r->limbs);
-    } else {
-        *r = *a;
+    if (r->limbs >= m->limbs) {
+        mp_limb_t t[2*NUM_LIMBS];
+        mpn_tdiv_qr(t, r->data, 0, r->data, r->limbs, m->data, m->limbs);
+        r->limbs = m->limbs;
+        while (r->limbs > 1 && r->data[r->limbs-1]==0) r->limbs--;
+        r->neg ^= m->neg;
     }
 }
 
@@ -281,9 +277,8 @@ void static secp256k1_num_div(secp256k1_num_t *r, const secp256k1_num_t *a, cons
 }
 
 void static secp256k1_num_mod_mul(secp256k1_num_t *r, const secp256k1_num_t *a, const secp256k1_num_t *b, const secp256k1_num_t *m) {
-    secp256k1_num_t tmp;
-    secp256k1_num_mul(&tmp, a, b);
-    secp256k1_num_mod(r, &tmp, m);
+    secp256k1_num_mul(r, a, b);
+    secp256k1_num_mod(r, m);
 }
 
 
@@ -394,7 +389,7 @@ void static secp256k1_num_set_rand(secp256k1_num_t *r, const secp256k1_num_t *a)
     mpn_random(r->data, a->limbs);
     r->limbs = a->limbs;
     r->neg = 0;
-    secp256k1_num_mod(r, r, a);
+    secp256k1_num_mod(r, a);
 }
 
 #endif

src/impl/num_openssl.h

@@ -80,9 +80,9 @@ void static secp256k1_num_div(secp256k1_num_t *r, const secp256k1_num_t *a, cons
     BN_CTX_free(ctx);
 }
 
-void static secp256k1_num_mod(secp256k1_num_t *r, const secp256k1_num_t *a, const secp256k1_num_t *b) {
+void static secp256k1_num_mod(secp256k1_num_t *r, const secp256k1_num_t *m) {
     BN_CTX *ctx = BN_CTX_new();
-    BN_nnmod(&r->bn, &a->bn, &b->bn, ctx);
+    BN_nnmod(&r->bn, &r->bn, &m->bn, ctx);
     BN_CTX_free(ctx);
 }