Key separation between encryption modes

We may want to add key separation, in particular between CFB and GCM mode (see #60 (closed) and https://mailarchive.ietf.org/arch/msg/openpgp-dt/nNUe-1MH_rNODiUALe-TvOsjb1s/), but perhaps also more generally between all encryption modes.

One way to do so would be to modify the V5 SKESK, and add a V5 PKESK, to contain the AEAD mode inside the encrypted session key, for example as follows:

V4 SKESK: Enc(symmetric algorithm || session key)
V5 SKESK: Enc(symmetric algorithm || AEAD mode || session key) -- currently Enc(session key)
V3 PKESK: Enc(symmetric algorithm || session key)
V5 PKESK: Enc(symmetric algorithm || AEAD mode || session key) -- currently doesn't exist

For the V5 PKESK, we may additionally need to increase the security of the integrity check from the current two octets.

For the V5 SKESK, we may also need to adjust the input to the S2K algorithm (e.g. pass the "outer" symmetric algorithm and AEAD mode), to properly separate the keys, since we don't have a reliable way to know whether the passphrase-derived key was meant to be used with CFB or AEAD.