Removing encrypted file header

[OctaGear]

I noticed that an encrypted file gets a header like

AES� �CREATED_BY pyAesCrypt 0.4.3

and I found that it gets added in crypto.py line 165f
and I would like a way to make this optional.

I don't know if removing it would cause issues with decrypting later on but I don't
want anyone to be able to just see what tool was used for the encryption and then
google/search its weaknesses. If that is reasonable.

[marcobellaccini]

Hi,
pyAesCrypt has been written to be compatible with the AES Crypt file format (version 2).
That format includes a header with a mandatory part and some optional extensions.
Hence, I cannot omit that header (at least its mandatory part).
This said, in any case, it's best practice for a file format to contain some versioning information (it's useful for troubleshooting and when newer versions are released).
Moreover, "security by obscurity" is not considered a valid strategy.

Cheers

Marco