emcenctool instead of non-PQ age

diff --git a/README b/README
index 356fd49975ab023ad851eaaef9b7f16823d7bd09..a65bf078e832511e7bee9cadc0dae503a18ec375 100644 (file)
--- a/README
+++ b/README
@@ -1,8 +1,11 @@
 passman -- simple password manager
-It stores passwords in single recfile
-(https://www.gnu.org/software/recutils/), that is by default encrypted
-by age (https://github.com/FiloSottile/age) with the passphrase and
-compressed by zstd.
+It stores passwords in single recfile, that is encrypted either by age
+or cmenctool with the passphrase, and compressed by Zstandard.
+
+=> https://www.gnu.org/software/recutils/ recfile/recutils\r
+=> https://github.com/FiloSottile/age age\r
+=> http://www.keks.cypherpunks.su/cm/index.html cmenctool\r
+=> https://facebook.github.io/zstd/ Zstandard\r
 
 * passman add NAME [PASSWORD]
   Appends NAME credential with optional password to the database. If

diff --git a/passman b/passman
index 425f76421f0a572b15ddee1d46d12778d174a622..6d0f75ee5e5602b443872c09ca803149b4e81182 100755 (executable)
--- a/passman
+++ b/passman
@@ -18,7 +18,8 @@ DB=${PASSMANDB:-$HOME/.passmandb}
 
 dec() {
     if [ -s $DB ] ; then
-        age -d $DB | zstd -d
+        # age -d $DB | zstd -d
+        cmenctool -p -d <$DB | zstd -d
     else
         cat <<EOF
 %rec: Credential
@@ -30,7 +31,8 @@ EOF
 }
 
 enc() {
-    zstd | age -p
+    # zstd | age -p
+    zstd | cmenctool -p -embed
 }
 
 generator() {
@@ -71,7 +73,7 @@ add)
     [ -n "$dst" ]
     [ -n "$passwd" ] || passwd=$(generator)
     echo ${dst}...
-    dec | recins -t Credential -f Name -v "$dst" -f Passwd -v "$passwd" >$tmp
+    dec | recins --verbose -t Credential -f Name -v "$dst" -f Passwd -v "$passwd" >$tmp
     commit
     ;;
 mod)