From da8402dde63999817d7f9c8a7c19828a933d706c Mon Sep 17 00:00:00 2001
From: Xiaokang Qian <xiaokang.qian@arm.com>
Date: Thu, 15 Dec 2022 14:55:35 +0000
Subject: [PATCH] Switch outbound back to handshake key after end_of_early_data

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
---
 library/ssl_tls13_client.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 418c84d069..4c07a64bbc 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -2185,6 +2185,10 @@ static int ssl_tls13_write_end_of_early_data(mbedtls_ssl_context *ssl)
 
         MBEDTLS_SSL_PROC_CHK(
             mbedtls_ssl_finish_handshake_msg(ssl, buf_len, 0));
+
+        /* Switch outbound back to handshake key after end_of_early_data */
+        mbedtls_ssl_set_outbound_transform(
+            ssl, ssl->handshake->transform_handshake);
     }
 
     MBEDTLS_SSL_PROC_CHK(