From 235eae9e0381c889b0d011971fe2c8123652a073 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 28 Feb 2025 22:02:52 +0100
Subject: [PATCH] mbedtls_ssl_prepare_handshake_record(): log offsets after
 decryption

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 library/ssl_msg.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index a8c79172fc..cba6096eb4 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -2982,6 +2982,14 @@ int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl)
                               MBEDTLS_PRINTF_SIZET,
                               ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen));
 
+    if (ssl->transform_in != NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(4, ("decrypted handshake message:"
+                                  " iv-buf=%d hdr-buf=%d hdr-buf=%d",
+                                  (int) (ssl->in_iv - ssl->in_buf),
+                                  (int) (ssl->in_hdr - ssl->in_buf),
+                                  (int) (ssl->in_msg - ssl->in_buf)));
+    }
+
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
     if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
         int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;