Assertion hit with incorrect BlowFish key

I came across this issue this morning, in an iOS app which I believe was restored as part of a device backup via iTunes (after an OS update).

BlowFish::decrypt is hitting the assertion where it’s internal decrypt method returns -1.

I’m not sure how to check for this to avoid the assertion, and e.g. wipe the data if the key is now invalid.

Would it be preferable for it to return a bool to indicate failure instead?