From 97b375fd57504e13296ffa1e8e7284cfdf5fc06b Mon Sep 17 00:00:00 2001
From: s-hadinger <49731213+s-hadinger@users.noreply.github.com>
Date: Mon, 16 Dec 2024 22:31:01 +0100
Subject: [PATCH] TLS fix ecdsa fingerprint

---
 lib/lib_ssl/tls_mini/src/WiFiClientSecureLightBearSSL.cpp | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/lib/lib_ssl/tls_mini/src/WiFiClientSecureLightBearSSL.cpp b/lib/lib_ssl/tls_mini/src/WiFiClientSecureLightBearSSL.cpp
index b4bbe6e6a..ce7a28270 100755
--- a/lib/lib_ssl/tls_mini/src/WiFiClientSecureLightBearSSL.cpp
+++ b/lib/lib_ssl/tls_mini/src/WiFiClientSecureLightBearSSL.cpp
@@ -815,10 +815,9 @@ extern "C" {
       // The tag string doesn't really matter, but it should differ depending on
       // key type. For ECDSA it's a fixed string.
       sha1_update_len(&shactx, "ecdsa", 5); // tag
-      int32_t curve = eckey.curve;
-      sha1_update_len(&shactx, &curve, 4);   // curve id as int32
-      sha1_update_len(&shactx, "curve", 5); // tag2
-      sha1_update_len(&shactx, eckey.q, eckey.qlen);       // exponent
+      int32_t curve = htonl(eckey.curve);
+      sha1_update_len(&shactx, &curve, 4);   // curve id as int32be
+      sha1_update_len(&shactx, eckey.q, eckey.qlen);       // public point
     }
   #endif
     else {