From 20016654c36f73554a8b584fdcf4288f2a553e8e Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Wed, 10 Jul 2019 11:44:13 +0100
Subject: [PATCH] Remove unnecessary backup of explicit IV in AEAD record
 decryption

There is no need to hold back the explicit IV for AEAD ciphers.
---
 library/ssl_tls.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 0bfca92b5..9431212de 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2686,12 +2686,9 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
         /* Because of the check above, we know that there are
          * explicit_iv_len Bytes preceeding data, and taglen
          * bytes following data + data_len. This justifies
-         * the memcpy, debug message and invocation of
+         * the debug message and the invocation of
          * mbedtls_cipher_auth_decrypt() below. */
 
-        memcpy( transform->iv_dec + transform->fixed_ivlen,
-                data - explicit_iv_len, explicit_iv_len );
-
         MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", iv, transform->ivlen );
         MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", data + rec->data_len,
                                transform->taglen );