diff --git a/include/polarssl/ecp.h b/include/polarssl/ecp.h
index 373de8d5a..ec9067dfe 100644
--- a/include/polarssl/ecp.h
+++ b/include/polarssl/ecp.h
@@ -296,14 +296,14 @@ int ecp_use_known_dp( ecp_group *grp, ecp_group_id id );
  * \brief           Set a group from a TLS ECParameters record
  *
  * \param grp       Destination group
- * \param buf       Start of input buffer
+ * \param buf       &(Start of input buffer)
  * \param len       Buffer length
  *
  * \return          O if successful,
  *                  POLARSSL_ERR_MPI_XXX if initialization failed
  *                  POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid
  */
-int ecp_tls_read_group( ecp_group *grp, const unsigned char *buf, size_t len );
+int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len );
 
 /**
  * \brief           Write the TLS ECParameters record for a group
diff --git a/library/ecp.c b/library/ecp.c
index cc79b7733..68f20f7c7 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -589,7 +589,7 @@ int ecp_use_known_dp( ecp_group *grp, ecp_group_id id )
 /*
  * Set a group from an ECParameters record (RFC 4492)
  */
-int ecp_tls_read_group( ecp_group *grp, const unsigned char *buf, size_t len )
+int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len )
 {
     ecp_group_id id;
 
@@ -602,13 +602,15 @@ int ecp_tls_read_group( ecp_group *grp, const unsigned char *buf, size_t len )
     /*
      * First byte is curve_type; only named_curve is handled
      */
-    if( *buf++ != POLARSSL_ECP_TLS_NAMED_CURVE )
+    if( *(*buf)++ != POLARSSL_ECP_TLS_NAMED_CURVE )
         return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
 
     /*
      * Next two bytes are the namedcurve value
      */
-    id = 256 * buf[0] + buf[1];
+    id = *(*buf)++;
+    id <<= 8;
+    id |= *(*buf)++;
     return ecp_use_known_dp( grp, id );
 }
 
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
index ca71ff338..57b3113b5 100644
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -212,7 +212,7 @@ ECP tls read group #4 (OK, buffer just fits)
 ecp_tls_read_group:"030017":0:256
 
 ECP tls read group #5 (OK, buffer continues)
-ecp_tls_read_group:"030018DEAD":0:384
+ecp_tls_read_group:"0300180000":0:384
 
 ECP tls write-read group #1
 ecp_tls_write_read_group:SECP192R1
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 50de46a86..64e014755 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -377,6 +377,7 @@ ecp_tls_read_group:record:ret:bits
 {
     ecp_group grp;
     unsigned char buf[10];
+    const unsigned char *vbuf = buf;
     int len, ret;
 
     ecp_group_init( &grp );
@@ -384,11 +385,14 @@ ecp_tls_read_group:record:ret:bits
 
     len = unhexify( buf, {record} );
 
-    ret = ecp_tls_read_group( &grp, buf, len );
+    ret = ecp_tls_read_group( &grp, &vbuf, len );
 
     TEST_ASSERT( ret == {ret} );
     if( ret == 0)
+    {
         TEST_ASSERT( mpi_msb( &grp.P ) == {bits} );
+        TEST_ASSERT( *vbuf == 0x00 );
+    }
 
     ecp_group_free( &grp );
 }
@@ -399,6 +403,7 @@ ecp_tls_write_read_group:id
 {
     ecp_group grp1, grp2;
     unsigned char buf[10];
+    const unsigned char *vbuf = buf;
     size_t len;
     int ret;
 
@@ -409,7 +414,7 @@ ecp_tls_write_read_group:id
     TEST_ASSERT( ecp_use_known_dp( &grp1, POLARSSL_ECP_DP_{id} ) == 0 );
 
     TEST_ASSERT( ecp_tls_write_group( &grp1, &len, buf, 10 ) == 0 );
-    TEST_ASSERT( ( ret = ecp_tls_read_group( &grp2, buf, len ) ) == 0 );
+    TEST_ASSERT( ( ret = ecp_tls_read_group( &grp2, &vbuf, len ) ) == 0 );
 
     if( ret == 0 )
     {