private static ICryptoTransform CreateAEADDecryptor(CipherSuite cipherSuite, Record record,
byte[] key, byte[] fixedIV, UInt64 seqNum)
{
// Get the explicit nonce from the beginning of fragment
int recordIVLength = cipherSuite.BulkCipherAlgorithm.RecordIVLength;
byte[] nonceExplicit = new byte[recordIVLength];
Buffer.BlockCopy(record.Fragment, 0, nonceExplicit, 0, nonceExplicit.Length);
// Construct the nonce for AEAD cipher
byte[] nonce = GenerateAEADNonce(fixedIV, nonceExplicit);
// Construct the additional bytes for AEAD cipher
int compressedLength = record.Fragment.Length - recordIVLength - cipherSuite.BulkCipherAlgorithm.AuthenticationTagSize;
byte[] additional = GetAdditionalBytes(seqNum, record.Type, record.Version, compressedLength);
return cipherSuite.BulkCipherAlgorithm.CreateDecryptor(key, nonce, additional);
}