* parse-packet.c (parse_symkeyenc): Give a warning if a session key

decryption key is seen without salt.  Show in --list-packets if a session
key decryption key is present.

2 files changed, 21 insertions, 3 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index ff4fc0bb1..23a860663 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,9 @@
+2003-09-30  David Shaw  <[email protected]>
+
+	* parse-packet.c (parse_symkeyenc): Give a warning if a session
+	key decryption key is seen without salt.  Show in --list-packets
+	if a session key decryption key is present.
+
 2003-09-22  David Shaw  <[email protected]>
 
 	* g10.c (main): Deprecate --no-comment in favor of
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index aafe3356c..a16209d76 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -678,8 +678,17 @@ parse_symkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 	k->s2k.count = iobuf_get(inp); pktlen--;
     }
     k->seskeylen = seskeylen;
-    for(i=0; i < seskeylen && pktlen; i++, pktlen-- )
-	k->seskey[i] = iobuf_get_noeof(inp);
+    if(k->seskeylen)
+      {
+	for(i=0; i < seskeylen && pktlen; i++, pktlen-- )
+	  k->seskey[i] = iobuf_get_noeof(inp);
+
+	/* What we're watching out for here is a session key decryptor
+	   with no salt.  The RFC says that using salt for this is a
+	   MUST. */
+	if(s2kmode!=1 && s2kmode!=3)
+	  log_info(_("WARNING: potentially insecure session key decryption key\n"));
+      }
     assert( !pktlen );
 
     if( list_mode ) {
@@ -690,9 +699,12 @@ parse_symkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 	    for(i=0; i < 8; i++ )
 		printf("%02x", k->s2k.salt[i]);
 	    if( s2kmode == 3 )
-		printf(", count %lu\n", (ulong)k->s2k.count );
+		printf(", count %lu", (ulong)k->s2k.count );
 	    printf("\n");
 	}
+	if(seskeylen)
+	  printf("\tsession key decryption key present (%d bytes)\n",
+		 seskeylen-1);
     }
 
   leave: