From 4b6032dbfb20e041043cfa0b6b84145f49a98a11 Mon Sep 17 00:00:00 2001 From: Jonathan McDowell Date: Mon, 8 Jul 2019 12:06:31 +0100 Subject: [PATCH] Remove Version: header from armored output There is no benefit to this header and it leaks information about the implementation of OpenPGP in use, which may open up other attacks. Drop it. --- armor.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/armor.c b/armor.c index 44be939..ab10f41 100644 --- a/armor.c +++ b/armor.c @@ -332,9 +332,7 @@ int armor_openpgp_stream(int (*putchar_func)(void *ctx, size_t count, */ putchar_func(ctx, sizeof("-----BEGIN PGP PUBLIC KEY BLOCK-----\n") - 1, (unsigned char *) "-----BEGIN PGP PUBLIC KEY BLOCK-----\n"); - putchar_func(ctx, sizeof("Version: onak " ONAK_VERSION "\n\n") - 1, - (unsigned char *) "Version: onak " ONAK_VERSION "\n\n"); - + armor_init(&armor_ctx); armor_ctx.putchar_func = putchar_func; armor_ctx.ctx = ctx; -- 2.39.5