From b69b44bc6701dc9c6d38c59515c2fd85bdfc323f Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Thu, 18 Jul 2024 15:56:06 +0200
Subject: [PATCH] Allow Salted S2K for high-entropy passphrases

---
 openpgp/packet/private_key.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/openpgp/packet/private_key.go b/openpgp/packet/private_key.go
index e9cf573c..f04e6c6b 100644
--- a/openpgp/packet/private_key.go
+++ b/openpgp/packet/private_key.go
@@ -668,7 +668,8 @@ func (pk *PrivateKey) encrypt(key []byte, params *s2k.Params, s2kType S2KType, c
 	if params.Mode() == s2k.Argon2S2K && s2kType != S2KAEAD {
 		return errors.InvalidArgumentError("using Argon2 S2K without AEAD is not allowed")
 	}
-	if params.Mode() != s2k.Argon2S2K && params.Mode() != s2k.IteratedSaltedS2K {
+	if params.Mode() != s2k.Argon2S2K && params.Mode() != s2k.IteratedSaltedS2K &&
+		params.Mode() != s2k.SaltedS2K { // only allowed for high-entropy passphrases
 		return errors.InvalidArgumentError("insecure S2K mode")
 	}