From 997ec1c8dbd9c3e503764592977e0b18b23ac342 Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Mon, 9 Apr 2018 18:51:38 +0200
Subject: [PATCH] Add AEAD feature flags

---
 src/enums.js        | 15 +++++++++++++++
 src/key.js          |  9 +++++++--
 test/general/key.js |  2 +-
 3 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/src/enums.js b/src/enums.js
index 62297ca1..12df0646 100644
--- a/src/enums.js
+++ b/src/enums.js
@@ -419,6 +419,21 @@ export default {
     signature: 6
   },
 
+  /** {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-5.2.3.25|RFC4880bis-04, section 5.2.3.25}
+   * @enum {Integer}
+   * @readonly
+   */
+  features: {
+    /** 0x01 - Modification Detection (packets 18 and 19) */
+    modification_detection: 1,
+    /** 0x02 - AEAD Encrypted Data Packet (packet 20) and version 5
+     *         Symmetric-Key Encrypted Session Key Packets (packet 3) */
+    aead: 2,
+    /** 0x04 - Version 5 Public-Key Packet format and corresponding new
+      *        fingerprint format */
+    v5_keys: 4
+  },
+
   /** Asserts validity and converts from string/integer to integer. */
   write: function(type, e) {
     if (typeof e === 'number') {
diff --git a/src/key.js b/src/key.js
index c6784f0e..7e4dfe42 100644
--- a/src/key.js
+++ b/src/key.js
@@ -1278,8 +1278,13 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
       signaturePacket.isPrimaryUserID = true;
     }
     if (config.integrity_protect) {
-      signaturePacket.features = [];
-      signaturePacket.features.push(1); // Modification Detection
+      signaturePacket.features = [0];
+      signaturePacket.features[0] |= enums.features.modification_detection;
+    }
+    if (config.aead_protect === 'draft04') {
+      signaturePacket.features || (signaturePacket.features = [0]);
+      signaturePacket.features[0] |= enums.features.aead;
+      signaturePacket.features[0] |= enums.features.v5_keys;
     }
     if (options.keyExpirationTime > 0) {
       signaturePacket.keyExpirationTime = options.keyExpirationTime;
diff --git a/test/general/key.js b/test/general/key.js
index eb396e38..ec7a6e9b 100644
--- a/test/general/key.js
+++ b/test/general/key.js
@@ -1228,7 +1228,7 @@ p92yZgB3r2+f6/GIe2+7
       expect(key.users[0].selfCertifications[0].preferredHashAlgorithms).to.eql([hash.sha256, hash.sha512, hash.sha1]);
       const compr = openpgp.enums.compression;
       expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.zlib, compr.zip]);
-      expect(key.users[0].selfCertifications[0].features).to.eql(openpgp.config.integrity_protect ? [1] : null); // modification detection
+      expect(key.users[0].selfCertifications[0].features).to.eql(openpgp.config.aead_protect === 'draft04' ? [7] : [1]);
     };
     const opt = {numBits: 512, userIds: 'test <a@b.com>', passphrase: 'hello'};
     if (openpgp.util.getWebCryptoAll()) { opt.numBits = 2048; } // webkit webcrypto accepts minimum 2048 bit keys