diff --git a/VERSION b/VERSION
index f8e233b2..abb16582 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.9.0
+1.9.0
\ No newline at end of file
diff --git a/secure_enclave/AESUtils.c b/secure_enclave/AESUtils.c
index c2a2c983..bf34369c 100644
--- a/secure_enclave/AESUtils.c
+++ b/secure_enclave/AESUtils.c
@@ -107,6 +107,10 @@ int AES_decrypt(uint8_t *encrMessage, uint64_t length, char *message, uint64_t m
         return -4;
     }
 
+    if (length < SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE) {
+        LOG_ERROR("length < SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE");
+        return -5;
+    }
 
     if (length < SGX_AESGCM_MAC_SIZE + SGX_AESGCM_IV_SIZE) {
         LOG_ERROR("length < SGX_AESGCM_MAC_SIZE - SGX_AESGCM_IV_SIZE");
diff --git a/secure_enclave/secure_enclave.c b/secure_enclave/secure_enclave.c
index 2516b57f..02878482 100644
--- a/secure_enclave/secure_enclave.c
+++ b/secure_enclave/secure_enclave.c
@@ -600,7 +600,6 @@ void trustedEcdsaSign(int *errStatus, char *errString, uint8_t *encryptedPrivate
 
 void trustedDecryptKey(int *errStatus, char *errString, uint8_t *encryptedPrivateKey,
                           uint64_t enc_len, char *key) {
-
     LOG_DEBUG(__FUNCTION__);
     INIT_ERROR_STATE