From b560d4eb5a726a1297bda1c148d1851c5a75b85c Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Thu, 2 Sep 2021 17:58:10 +0200
Subject: [PATCH] Add assert to hacky decryption case

---
 openpgp-card-sequoia/src/decryptor.rs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/openpgp-card-sequoia/src/decryptor.rs b/openpgp-card-sequoia/src/decryptor.rs
index ccc5693..61cd65e 100644
--- a/openpgp-card-sequoia/src/decryptor.rs
+++ b/openpgp-card-sequoia/src/decryptor.rs
@@ -113,10 +113,15 @@ impl<'a> crypto::Decryptor for CardDecryptor<'a> {
                 // Decryption operation on the card
                 let mut dec = self.ca.decrypt(dm)?;
 
-                // Specifically handle return value from Gnuk
+                // Specifically handle return value format like Gnuk's
                 // (Gnuk returns a leading '0x04' byte and
                 // an additional 32 trailing bytes)
                 if curve == &Curve::NistP256 && dec.len() == 65 {
+                    assert_eq!(
+                        dec[0], 0x04,
+                        "unexpected shape of decrypted data"
+                    );
+
                     // see Gnuk src/call-ec.c:82
                     dec = dec[1..33].to_vec();
                 }