diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 0b1f453e8..6f1613f3d 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -574,6 +574,7 @@ struct mbedtls_ssl_handshake_params
 #if defined(MBEDTLS_USE_TINYCRYPT)
     uint8_t ecdh_privkey[NUM_ECC_BYTES];
 #if defined(MBEDTLS_EARLY_KEY_COMPUTATION)
+    uint8_t ecdhe_computed;
     uint8_t ecdh_publickey[2*NUM_ECC_BYTES];
 #endif /* MBEDTLS_EARLY_KEY_COMPUTATION */
     uint8_t ecdh_peerkey[2*NUM_ECC_BYTES];
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 07d5825c4..5ed06d30f 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -4259,9 +4259,6 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl )
     {
         case MBEDTLS_SSL_HELLO_REQUEST:
             ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
-#if defined(MBEDTLS_EARLY_KEY_COMPUTATION)
-            int ecdhe_computed = 0;
-#endif /* MBEDTLS_EARLY_KEY_COMPUTATION */
             break;
 
        /*
@@ -4281,14 +4278,14 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl )
        case MBEDTLS_SSL_SERVER_HELLO:
 #if defined(MBEDTLS_EARLY_KEY_COMPUTATION) && defined(MBEDTLS_USE_TINYCRYPT)
            /* Make sure that the ECDHE pre-computation is only done once */
-           if( ecdhe_computed == 0 )
+           if( ssl->handshake->ecdhe_computed == 0 )
            {
                ret = uECC_make_key( ssl->handshake->ecdh_publickey, ssl->handshake->ecdh_privkey );
                if( ret == UECC_FAULT_DETECTED )
                    return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
                if( ret != UECC_SUCCESS )
                    return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-               ecdhe_computed = 1;
+               ssl->handshake->ecdhe_computed = 1;
            }
 #endif /* MBEDTLS_EARLY_KEY_COMPUTATION && MBEDTLS_USE_TINYCRYPT */