diff --git a/src/openpgp.js b/src/openpgp.js
index 968c01ecc..5eecb5510 100644
--- a/src/openpgp.js
+++ b/src/openpgp.js
@@ -240,7 +240,7 @@ export async function encryptKey({ privateKey, passphrase, config, ...rest }) {
 
 
 /**
- * Encrypts a message using public keys, passwords or both at once. At least one of `encryptionKeys` or `passwords`
+ * Encrypts a message using public keys, passwords or both at once. At least one of `encryptionKeys`, `passwords` or `sessionKeys`
  *   must be specified. If signing keys are specified, those will be used to sign the message.
  * @param {Object} options
  * @param {Message} options.message - Message to be encrypted as created by {@link createMessage}
@@ -555,6 +555,10 @@ export async function encryptSessionKey({ data, algorithm, aeadAlgorithm, encryp
   if (rest.publicKeys) throw new Error('The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead');
   const unknownOptions = Object.keys(rest); if (unknownOptions.length > 0) throw new Error(`Unknown option: ${unknownOptions.join(', ')}`);
 
+  if ((!encryptionKeys || !encryptionKeys.length === 0) && (!passwords || passwords.length === 0)) {
+    throw new Error('No encryption keys or passwords provided.');
+  }
+
   try {
     const message = await Message.encryptSessionKey(data, algorithm, aeadAlgorithm, encryptionKeys, passwords, wildcard, encryptionKeyIDs, date, encryptionUserIDs, config);
     return formatObject(message, format, config);
diff --git a/test/general/openpgp.js b/test/general/openpgp.js
index d2fd51df5..f2f56e182 100644
--- a/test/general/openpgp.js
+++ b/test/general/openpgp.js
@@ -2015,6 +2015,13 @@ aOU=
       const [decryptedSessionKey] = await openpgp.decryptSessionKeys({ message: objectMessage, passwords });
       expect(decryptedSessionKey).to.deep.equal(sessionKey);
     });
+
+    it('passing no encryption keys or passwords leads to exception', async function() {
+      await expect(openpgp.encryptSessionKey({
+        algorithm: 'aes256',
+        data: util.hexToUint8Array('3e99c1bb485e70a1fcef09a7ad8d38d171015243bbdd853e1a2b0e334d122ff3')
+      })).to.be.rejectedWith(/No encryption keys or passwords provided/);
+    });
   });
 
   describe('encrypt, decrypt, sign, verify - integration tests', function() {