From 1d0628228f450a89cf0c0b7539efd8ad873c0967 Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Thu, 4 Jul 2024 21:23:21 +0200
Subject: [PATCH] Use preferred AEAD mode for secret key encryption

When config.aeadProtect is enabled, use config.preferredAEADAlgorithm
to decide the AEAD mode when encrypting secret keys.
---
 src/packet/secret_key.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/packet/secret_key.js b/src/packet/secret_key.js
index 2257a78b..f3016bf1 100644
--- a/src/packet/secret_key.js
+++ b/src/packet/secret_key.js
@@ -392,7 +392,7 @@ class SecretKeyPacket extends PublicKeyPacket {
 
     if (config.aeadProtect) {
       this.s2kUsage = 253;
-      this.aead = enums.aead.eax;
+      this.aead = config.preferredAEADAlgorithm;
       const mode = crypto.getAEADMode(this.aead);
       this.isLegacyAEAD = this.version === 5; // v4 is always re-encrypted with standard format instead.
       this.usedModernAEAD = !this.isLegacyAEAD; // legacy AEAD does not guarantee integrity of public key material