diff --git a/Codec/Encryption/OpenPGP/Types/Internal/Base.hs b/Codec/Encryption/OpenPGP/Types/Internal/Base.hs
--- a/Codec/Encryption/OpenPGP/Types/Internal/Base.hs
+++ b/Codec/Encryption/OpenPGP/Types/Internal/Base.hs
@@ -876,7 +876,7 @@
     unpack (IV o) = o
 
 instance Pretty IV where
-    pretty = pretty . unpack
+    pretty = pretty . ("iv:"++) . bsToHexUpper . BL.fromStrict . unpack
 
 instance A.ToJSON IV where
     toJSON = A.toJSON . show . unpack
@@ -922,7 +922,7 @@
     unpack (Salt o) = o
 
 instance Pretty Salt where
-    pretty = pretty . unpack
+    pretty = pretty . ("salt:"++) . bsToHexUpper . BL.fromStrict . unpack
 
 instance A.ToJSON Salt where
     toJSON = A.toJSON . show . unpack
@@ -949,9 +949,9 @@
 
 instance Pretty S2K where
     pretty (Simple ha) = text "simple S2K," <+> pretty ha
-    pretty (Salted ha salt) = text "simple S2K," <+> pretty ha <+> pretty salt
-    pretty (IteratedSalted ha salt icount) = text "simple S2K," <+> pretty ha <+> pretty salt <+> pretty icount
-    pretty (OtherS2K t bs) = text "unknown S2K type" <+> pretty t <+> pretty bs
+    pretty (Salted ha salt) = text "salted S2K," <+> pretty ha <+> pretty salt
+    pretty (IteratedSalted ha salt icount) = text "iterated-salted S2K," <+> pretty ha <+> pretty salt <+> pretty icount
+    pretty (OtherS2K t bs) = text "unknown S2K type" <+> pretty t <+> pretty (bsToHexUpper bs)
 
 instance A.ToJSON S2K where
     toJSON (Simple ha) = A.toJSON ha
diff --git a/Codec/Encryption/OpenPGP/Types/Internal/PKITypes.hs b/Codec/Encryption/OpenPGP/Types/Internal/PKITypes.hs
--- a/Codec/Encryption/OpenPGP/Types/Internal/PKITypes.hs
+++ b/Codec/Encryption/OpenPGP/Types/Internal/PKITypes.hs
@@ -110,9 +110,9 @@
 instance Hashable SKAddendum
 
 instance Pretty SKAddendum where
-    pretty (SUS16bit sa s2k iv bs) = text "SUS16bit" <+> pretty sa <+> pretty s2k <+> pretty iv <+> pretty bs
-    pretty (SUSSHA1 sa s2k iv bs) = text "SUSSHA1" <+> pretty sa <+> pretty s2k <+> pretty iv <+> pretty bs
-    pretty (SUSym sa iv bs) = text "SUSym" <+> pretty sa <+> pretty iv <+> pretty bs
+    pretty (SUS16bit sa s2k iv bs) = text "SUS16bit" <+> pretty sa <+> pretty s2k <+> pretty iv <+> pretty (bsToHexUpper bs)
+    pretty (SUSSHA1 sa s2k iv bs) = text "SUSSHA1" <+> pretty sa <+> pretty s2k <+> pretty iv <+> pretty (bsToHexUpper bs)
+    pretty (SUSym sa iv bs) = text "SUSym" <+> pretty sa <+> pretty iv <+> pretty (bsToHexUpper bs)
     pretty (SUUnencrypted s ck) = text "SUUnencrypted" <+> pretty s <+> pretty ck
 
 instance A.ToJSON SKAddendum where
diff --git a/Codec/Encryption/OpenPGP/Types/Internal/Pkt.hs b/Codec/Encryption/OpenPGP/Types/Internal/Pkt.hs
--- a/Codec/Encryption/OpenPGP/Types/Internal/Pkt.hs
+++ b/Codec/Encryption/OpenPGP/Types/Internal/Pkt.hs
@@ -69,23 +69,23 @@
 instance Pretty Pkt where
     pretty (PKESKPkt pv eoki pka mpis) = text "PKESK v" <> pretty pv <> char ':' <+> pretty eoki <+> pretty pka <+> (pretty . NE.toList) mpis
     pretty (SignaturePkt sp) = pretty sp
-    pretty (SKESKPkt pv sa s2k mbs) = text "SKESK v" <> pretty pv <> char ':' <+> pretty sa <+> pretty s2k <+> pretty mbs
+    pretty (SKESKPkt pv sa s2k mbs) = text "SKESK v" <> pretty pv <> char ':' <+> pretty sa <+> pretty s2k <+> pretty (fmap bsToHexUpper mbs)
     pretty (OnePassSignaturePkt pv st ha pka eoki nestedflag) = text "one-pass signature v" <> pretty pv <> char ':' <+> pretty st <+> pretty ha <+> pretty pka <+> pretty eoki <+> pretty nestedflag
     pretty (SecretKeyPkt pkp ska) = text "secret key:" <+> pretty pkp <+> pretty ska
     pretty (PublicKeyPkt pkp) = text "public key:" <+> pretty pkp
     pretty (SecretSubkeyPkt pkp ska) = text "secret subkey:" <+> pretty pkp <+> pretty ska
     pretty (CompressedDataPkt ca cdp) = text "compressed-data:" <+> pretty ca <+> pretty cdp
-    pretty (SymEncDataPkt bs) = text "symmetrically-encrypted-data:" <+> pretty bs
-    pretty (MarkerPkt bs) = text "marker:" <+> pretty bs
-    pretty (LiteralDataPkt dt fn ts bs) = text "literal-data" <+> pretty dt <+> pretty fn <+> pretty ts <+> pretty bs
+    pretty (SymEncDataPkt bs) = text "symmetrically-encrypted-data:" <+> pretty (bsToHexUpper bs)
+    pretty (MarkerPkt bs) = text "marker:" <+> pretty (bsToHexUpper bs)
+    pretty (LiteralDataPkt dt fn ts bs) = text "literal-data" <+> pretty dt <+> pretty fn <+> pretty ts <+> pretty (bsToHexUpper bs)
     pretty (TrustPkt bs) = text "trust:" <+> pretty (BL.unpack bs)
     pretty (UserIdPkt u) = text "user-ID:" <+> pretty u
     pretty (PublicSubkeyPkt pkp) = text "public subkey:" <+> pretty pkp
     pretty (UserAttributePkt us) = text "user-attribute:" <+> pretty us
-    pretty (SymEncIntegrityProtectedDataPkt pv bs) = text "symmetrically-encrypted-integrity-protected-data v" <> pretty pv <> char ':' <+> pretty bs
-    pretty (ModificationDetectionCodePkt bs) = text "MDC:" <+> pretty bs
-    pretty (OtherPacketPkt t bs) = text "unknown packet type" <+> pretty t <> char ':' <+> pretty bs
-    pretty (BrokenPacketPkt s t bs) = text "BROKEN packet (" <> pretty s <> char ')' <+> pretty t <> char ':' <+> pretty bs
+    pretty (SymEncIntegrityProtectedDataPkt pv bs) = text "symmetrically-encrypted-integrity-protected-data v" <> pretty pv <> char ':' <+> pretty (bsToHexUpper bs)
+    pretty (ModificationDetectionCodePkt bs) = text "MDC:" <+> pretty (bsToHexUpper bs)
+    pretty (OtherPacketPkt t bs) = text "unknown packet type" <+> pretty t <> char ':' <+> pretty (bsToHexUpper bs)
+    pretty (BrokenPacketPkt s t bs) = text "BROKEN packet (" <> pretty s <> char ')' <+> pretty t <> char ':' <+> pretty (bsToHexUpper bs)
 
 instance A.ToJSON Pkt where
     toJSON (PKESKPkt pv eoki pka mpis) = object [T.pack "pkesk" .= object [T.pack "version" .= pv, T.pack "keyid" .= eoki, T.pack "pkalgo" .= pka, T.pack "mpis" .= NE.toList mpis]]
diff --git a/hOpenPGP.cabal b/hOpenPGP.cabal
--- a/hOpenPGP.cabal
+++ b/hOpenPGP.cabal
@@ -1,5 +1,5 @@
 Name:                hOpenPGP
-Version:             2.5.4
+Version:             2.5.5
 Synopsis:            native Haskell implementation of OpenPGP (RFC4880)
 Description:         native Haskell implementation of OpenPGP (RFC4880), plus Camellia (RFC5581)
 Homepage:            http://floss.scru.org/hOpenPGP/
@@ -339,4 +339,4 @@
 source-repository this
   type:     git
   location: git://git.debian.org/users/clint/hOpenPGP.git
-  tag:      v2.5.4
+  tag:      v2.5.5
diff --git a/tests/suite.hs b/tests/suite.hs
--- a/tests/suite.hs
+++ b/tests/suite.hs
@@ -25,7 +25,7 @@
 import Codec.Encryption.OpenPGP.Types
 import Control.Error.Util (isRight)
 import Control.Monad.Trans.Resource (ResourceT, runResourceT)
-import Crypto.PubKey.RSA (PrivateKey(private_pub))
+import qualified Crypto.PubKey.RSA as RSA
 import Data.Conduit.Serialization.Binary (conduitGet)
 import Data.Conduit.OpenPGP.Compression (conduitCompress, conduitDecompress)
 import Data.Conduit.OpenPGP.Decrypt (conduitDecrypt)
@@ -150,9 +150,8 @@
   passphrase <- BL.readFile $ "tests/data/" ++ passfile
   kr <- runResourceT $ CB.sourceFile ("tests/data/" ++ keyfile) DC.$= conduitGet get DC.$$ CL.consume
   let SecretKey pkp ska = fromPkt . head $ kr
-      SUUnencrypted (RSAPrivateKey (RSA_PrivateKey dpk)) _ = decryptPrivateKey (pkp, ska) passphrase  -- FIXME: better API for multiple keytypes
-      RSAPubKey (RSA_PublicKey pk) = _pubkey pkp
-  assertEqual "private key matches public key" pk (private_pub dpk)
+      SUUnencrypted skey _ = decryptPrivateKey (pkp, ska) passphrase
+  doPkeyAndSkeyMatch (_pubkey pkp) skey
 
 -- FIXME: this should be reworked either with tasty-golden or some other form of sanity
 testSecretKeyEncryption :: FilePath -> FilePath -> Assertion
@@ -389,6 +388,10 @@
 
 fp :: Text -> TwentyOctetFingerprint
 fp = either error id . parseFingerprint
+
+doPkeyAndSkeyMatch :: PKey -> SKey -> Assertion
+doPkeyAndSkeyMatch (RSAPubKey (RSA_PublicKey rpub)) (RSAPrivateKey (RSA_PrivateKey rpriv)) = assertEqual "RSA private key matches RSA public key" rpub (RSA.private_pub rpriv)
+doPkeyAndSkeyMatch _ _ = assertFailure "matching unimplemented"
 
 main :: IO ()
 main = defaultMain tests
