Fix AEAD packet construction

Resolves: rhbz#2128058

gnupg-2.3.3-aead-packet.patch

@@ -0,0 +1,30 @@
+commit eadf12a52c2e230174e076a0dcae68132094cefe
+Author: Jakub Jelen <jjelen@redhat.com>
+Date:   Thu Feb 24 09:02:53 2022 +0100
+
+    sign: Construct valid AEAD packets.
+    
+    * g10/sign.c (sign_symencrypt_file): Insert correct version and AEAD
+      information into symkey packet.
+    
+    --
+    
+    GnuPG-bug-id: 5856
+    Signed-off-by: Jakub Jelen <jjelen@redhat.com>
+
+diff --git a/g10/sign.c b/g10/sign.c
+index bbcfabdb7..2ab76c99b 100644
+--- a/g10/sign.c
++++ b/g10/sign.c
+@@ -1660,8 +1660,9 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
+   {
+     PKT_symkey_enc *enc = xmalloc_clear( sizeof *enc );
+ 
+-    enc->version = 4;
++    enc->version = cfx.dek->use_aead ? 5 : 4;
+     enc->cipher_algo = cfx.dek->algo;
++    enc->aead_algo = cfx.dek->use_aead;
+     enc->s2k = *s2k;
+     pkt.pkttype = PKT_SYMKEY_ENC;
+     pkt.pkt.symkey_enc = enc;
+

gnupg2.spec

@@ -33,6 +33,9 @@ Patch31: gnupg-2.3.1-revert-default-eddsa.patch
 Patch32: gnupg-2.3.3-CVE-2022-34903.patch
 # Mark SHA-1 weak algorithm to prevent its usage for verification
 Patch33: gnupg-2.3.3-disable-sha1.patch
+# Fix AEAD packet construction
+# https://dev.gnupg.org/T5856
+Patch34: gnupg-2.3.3-aead-packet.patch
 
 
 URL:     https://www.gnupg.org/
@@ -119,6 +122,7 @@ to the base GnuPG package
 %patch31 -p1 -R -b .eddsa
 %patch32 -p1 -b .CVE-2022-34903
 %patch33 -p1 -b .sha1
+%patch34 -p1 -b .aead
 
 # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
 # Note: this is just the name of the default shared lib to load in scdaemon,