From 0b5e7ab7bb589c63a8b2778e35008f6f3cf0dd30 Mon Sep 17 00:00:00 2001
From: Andrew Zaborowski <andrew.zaborowski@intel.com>
Date: Wed, 10 Feb 2021 15:24:23 +0100
Subject: [PATCH] crypto: Check for l_cipher_decrypt error

---
 src/crypto.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/crypto.c b/src/crypto.c
index 563f17ce..6c70eb9a 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -167,12 +167,18 @@ bool aes_unwrap(const uint8_t *kek, size_t kek_len, const uint8_t *in, size_t le
 		for (i = n; i >= 1; i--, t--) {
 			b[0] ^= L_CPU_TO_BE64(t);
 			b[1] = L_GET_UNALIGNED(r);
-			l_cipher_decrypt(cipher, b, b, 16);
+
+			if (!l_cipher_decrypt(cipher, b, b, 16)) {
+				b[0] = 0;
+				goto done;
+			}
+
 			L_PUT_UNALIGNED(b[1], r);
 			r -= 1;
 		}
 	}
 
+done:
 	l_cipher_free(cipher);
 	explicit_bzero(&b[1], 8);