From 00e147f5c158681ee1e9302580f8d1ef0051b173 Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Fri, 5 Jul 2024 13:50:11 +0200
Subject: [PATCH] Use preferred AEAD mode for secret key encryption (#1776)

When config.aeadProtect is enabled, use config.preferredAEADAlgorithm
to decide the AEAD mode when encrypting secret keys.
---
 src/packet/secret_key.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/packet/secret_key.js b/src/packet/secret_key.js
index b93e9391..737b2a82 100644
--- a/src/packet/secret_key.js
+++ b/src/packet/secret_key.js
@@ -392,7 +392,7 @@ class SecretKeyPacket extends PublicKeyPacket {
 
     if (config.aeadProtect) {
       this.s2kUsage = 253;
-      this.aead = enums.aead.eax;
+      this.aead = config.preferredAEADAlgorithm;
       const mode = crypto.getAEADMode(this.aead);
       this.isLegacyAEAD = this.version === 5; // v4 is always re-encrypted with standard format instead.
       this.usedModernAEAD = !this.isLegacyAEAD; // legacy AEAD does not guarantee integrity of public key material