1 files changed, 18 insertions, 5 deletions

diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index e84609e47..6bffdda52 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -678,19 +678,32 @@ parse_symkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 	k->s2k.count = iobuf_get(inp); pktlen--;
     }
     k->seskeylen = seskeylen;
-    for(i=0; i < seskeylen && pktlen; i++, pktlen-- )
-	k->seskey[i] = iobuf_get_noeof(inp);
+    if(k->seskeylen)
+      {
+	for(i=0; i < seskeylen && pktlen; i++, pktlen-- )
+	  k->seskey[i] = iobuf_get_noeof(inp);
+
+	/* What we're watching out for here is a session key decryptor
+	   with no salt.  The RFC says that using salt for this is a
+	   MUST. */
+	if(s2kmode!=1 && s2kmode!=3)
+	  log_info(_("WARNING: potentially insecure symmetrically"
+		     " encrypted session key\n"));
+      }
     assert( !pktlen );
 
     if( list_mode ) {
-	printf(":symkey enc packet: version %d, cipher %d, s2k %d, hash %d\n",
-			    version, cipher_algo, s2kmode, hash_algo);
+	printf(":symkey enc packet: version %d, cipher %d, s2k %d, hash %d",
+	       version, cipher_algo, s2kmode, hash_algo);
+	if(seskeylen)
+	  printf(", seskey %d bits",(seskeylen-1)*8);
+	printf("\n");
 	if( s2kmode == 1 || s2kmode == 3 ) {
 	    printf("\tsalt ");
 	    for(i=0; i < 8; i++ )
 		printf("%02x", k->s2k.salt[i]);
 	    if( s2kmode == 3 )
-		printf(", count %lu\n", (ulong)k->s2k.count );
+		printf(", count %lu", (ulong)k->s2k.count );
 	    printf("\n");
 	}
     }