diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index 00642650cc..7d029de1fc 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -5222,12 +5222,6 @@ int mbedtls_ecp_mod_p521_raw(mbedtls_mpi_uint *N_p, size_t N_n)
         return 0;
     }
 
-    /* Save and clear the A1 content of the shared limb to prevent it
-       from overwrite. */
-    mbedtls_mpi_uint remainder[P521_WIDTH] = { 0 };
-    remainder[0] = N_p[P521_WIDTH - 1] >> 9;
-    N_p[P521_WIDTH - 1] &= P521_MASK;
-
     if (N_n > P521_WIDTH) {
         /* Helper references for top part of N */
         mbedtls_mpi_uint *NT_p = N_p + P521_WIDTH;
@@ -5236,14 +5230,17 @@ int mbedtls_ecp_mod_p521_raw(mbedtls_mpi_uint *N_p, size_t N_n)
         /* Split N as A0 + 2^(512 + biL) A1 and compute A0 + 2^(biL - 9) * A1.
          * This can be done in place. */
         mbedtls_mpi_uint shift = ((mbedtls_mpi_uint) 1u) << (biL - 9);
-        carry = mbedtls_mpi_core_mla(N_p, P521_WIDTH - 1, NT_p, NT_n, shift);
+        carry = mbedtls_mpi_core_mla(N_p, P521_WIDTH, NT_p, NT_n, shift);
 
         /* Clear top part */
         memset(NT_p, 0, sizeof(mbedtls_mpi_uint) * NT_n);
     }
 
+    mbedtls_mpi_uint remainder[P521_WIDTH] = { 0 };
+    remainder[0] = carry << (biL - 9);
+    remainder[0] += (N_p[P521_WIDTH - 1] >> 9);
+    N_p[P521_WIDTH - 1] &= P521_MASK;
     (void) mbedtls_mpi_core_add(N_p, N_p, remainder, P521_WIDTH);
-    N_p[P521_WIDTH - 1] += carry;
 
     return 0;
 }