This refactors the wNAF multiplication further and introduces a small API that manages the wNAF digits for bn and the multiples of digit * point in a single struct that is initialized and freed in two API calls in the main function, ec_wNAF_mul(). This way the main algorithm is no longer cluttered with logic to keep various arrays in sync, helper functions calculating the wNAF splitting of bn and multiples of the point do not need to deal with memory management, and a pair of accessors obviates previously missing bounds checking. At this point we have reached a relatively clean and straightforward wNAF implementation that fits precisely the purpose needed in libcrypto, i.e., ECDSA verification instead of being generalized and optimized to the max for no good reason apart from endowing the author with an academic degree. Popper's famous maxim "if you can't say it clearly, keep quiet, and keep working until you can" very much applies to code as well. In other words, shut up and hack (and don't pour too much energy into commit messages, tb). ok jsing