Add comments/assert for PSO: DECIPHER

openpgp-card-sequoia/src/decryptor.rs

@@ -103,6 +103,12 @@ impl<'a> crypto::Decryptor for CardDecryptor<'a> {
                 mpi::PublicKey::ECDH { ref curve, .. },
             ) => {
                 let dm = if curve == &Curve::Cv25519 {
+                    assert_eq!(
+                        e.value()[0],
+                        0x40,
+                        "Unexpected shape of decrypted Cv25519 data"
+                    );
+
                     // Ephemeral key without header byte 0x40
                     Cryptogram::ECDH(&e.value()[1..])
                 } else {
@@ -119,7 +125,7 @@ impl<'a> crypto::Decryptor for CardDecryptor<'a> {
                 if curve == &Curve::NistP256 && dec.len() == 65 {
                     assert_eq!(
                         dec[0], 0x04,
-                        "unexpected shape of decrypted data"
+                        "Unexpected shape of decrypted NistP256 data"
                     );
 
                     // see Gnuk src/call-ec.c:82

openpgp-card/src/card_app.rs

@@ -424,6 +424,7 @@ impl CardApp {
     pub fn decipher(&mut self, dm: Cryptogram) -> Result<Vec<u8>, Error> {
         match dm {
             Cryptogram::RSA(message) => {
+                // "Padding indicator byte (00) for RSA" (pg. 69)
                 let mut data = vec![0x0];
 
                 // FIXME: The spec says we should "format according to PKCS#1"
@@ -434,6 +435,12 @@ impl CardApp {
                 self.pso_decipher(data)
             }
             Cryptogram::ECDH(eph) => {
+                // "In case of ECDH the card supports a partial decrypt
+                // only. The input is a cipher DO with the following data:"
+                // A6 xx Cipher DO
+                //  -> 7F49 xx Public Key DO
+                //    -> 86 xx External Public Key
+
                 // External Public Key
                 let epk = Tlv::new([0x86], Value::S(eph.to_vec()));