diff --git a/tlslite/keyexchange.py b/tlslite/keyexchange.py
index d31b9df96..42ccc91f0 100644
--- a/tlslite/keyexchange.py
+++ b/tlslite/keyexchange.py
@@ -23,6 +23,7 @@
 from .utils.x25519 import x25519, x448, X25519_G, X448_G, X25519_ORDER_SIZE, \
         X448_ORDER_SIZE
 from .utils.compat import int_types
+from .utils.codec import DecodeError
 
 
 class KeyExchange(object):
@@ -907,7 +908,7 @@ def calc_shared_key(self, private, peer_share):
             try:
                 ecdhYc = decodeX962Point(peer_share,
                                          curve)
-            except AssertionError:
+            except (AssertionError, DecodeError):
                 raise TLSIllegalParameterException("Invalid ECC point")
 
             S = ecdhYc * private
diff --git a/tlslite/utils/ecc.py b/tlslite/utils/ecc.py
index 87d875a4b..522a64e97 100644
--- a/tlslite/utils/ecc.py
+++ b/tlslite/utils/ecc.py
@@ -16,7 +16,9 @@ def decodeX962Point(data, curve=ecdsa.NIST256p):
     bytelength = getPointByteSize(curve)
     xCoord = bytesToNumber(parser.getFixBytes(bytelength))
     yCoord = bytesToNumber(parser.getFixBytes(bytelength))
-    return ecdsa.ellipticcurve.Point(curve.curve, xCoord, yCoord)
+    assert xCoord and yCoord
+    assert curve.curve.contains_point(xCoord, yCoord)
+    return ecdsa.ellipticcurve.PointJacobi(curve.curve, xCoord, yCoord, 1)
 
 def encodeX962Point(point):
     """Encode a point in X9.62 format"""