Page MenuHome GnuPG
Create Task
Maniphest T4583

pinentry-tty should accept backspace, delete, and ctrl-U
Closed, ResolvedPublic
Actions

Description

pinentry-tty does not accept backspace, delete, or control-U (delete all input) when typing a passphrase. If I type any of these keystrokes when entering a passphrase (say, to correct a mistyped character), authentication fails. Looks like this issue has been addressed in 2015, but it doesn't work on my system.

Every other tty-based passphrase-reading program in the universe accepts at least backspace (and many accept ctrl-U) so the user can make corrections. Is this a bug in pinentry-tty? Or is there some way to configure pinentry-tty to permit corrections?

Thank you.

$ cat /etc/issue
Ubuntu 18.04.2 LTS \n \l

$ pinentry --version
pinentry-qt (pinentry) 1.1.0
Copyright (C) 2016 g10 Code GmbH
License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

$ gpg --version
gpg (GnuPG) 2.2.4
libgcrypt 1.8.1
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/dbarrett/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Details

Version
2.2.4

Related Objects
Search...

Event Timeline

maiden_taiwan created this task.Jun 25 2019, 5:31 PM
maiden_taiwan updated the task description. (Show Details)
maiden_taiwan set Version to 2.2.4.
gniibe claimed this task.Jun 26 2019, 4:04 AM
gniibe triaged this task as Normal priority.
gniibe added a subscriber: gniibe.

(What you see as the link addressed in 2015 is for pinentry-curses, which is irrelevant.)

I check the history of pinentry-tty. When it is created in 2014-08-12, it never supports any editing but only entering passphrase directly with no echoing the input. I mean, no editing feature supported at all, originally.

Then, in 2015-05-13, Backspace (actually DELETE) is supported by adding processing of input in pinentry-tty. In my opinion, this would be questionable approach.

I think that what you expect is line-edit mode with no echo. I think that it is reasonable.

Please note that line-edit is supported by system (tty driver), not by an application like pinentry-tty.c. In the current implementation of pinentry-tty, it disable echoing and line-editing and the application handles each character.

I think that keeping line-edit makes sense for pinentry-tty.
Let me ask existing pinentry-tty users.

maiden_taiwan added a comment.EditedJun 26 2019, 4:34 AM

Thank you. I just downloaded the source for pinentry-1.1.0 and changed this line:

n_term.c_lflag = n_term.c_lflag & ~(ECHO|ICANON);

to:

n_term.c_lflag = n_term.c_lflag & ~(ECHO);

and I can confirm that backspace and ctrl-U now work as expected.

patch.txt631 BDownload

gniibe changed the task status from Open to Testing.Jun 28 2019, 2:49 AM
gniibe mentioned this in T4585: pinentry-tty mishandles ctrl-C.
gniibe added a comment.Jun 28 2019, 3:03 AM

Let me explain some technical detail for the record.

I enabled line editing by ICANON flag, but it also means, TTY may send signal when a user presses Ctrl-C (or others).
For confirmation dialog, I don't enable ICANON but ISIG, so that signal can be sent.

Note that the signal from TTY will be sent to the foreground process, not to pinentry process.

The foreground process may be gpg, ssh, or some parent process invoking those.

For me it works well (with the change of gpg-agent watching aliveness of client (gpg/ssh), which will send SIGINT to pinentry).

But this is not perfect. Job control (by Ctrl-Z) is not supported well. The terminal state change by pinentry-tty remains in this case. I don't know how to fix this, because pinentry-tty runs in background (not receiving SIGSUSP).

clonedrad awarded a token.Sep 4 2019, 3:21 PM
clonedrad added a subscriber: clonedrad.
clonedrad added a comment.Sep 4 2019, 3:26 PM

Would be great to see this fix rolled out! Absence of support for these keys disoriented me for months after switching to pinentry-tty. I use my longest passwords for GnuPG, so being able to fix typos (instead of abandoning password entry altogether) would be greatly appreciated.

gniibe added a parent task: T4771: pinentry-tty/pinentry-curses interact a user as background process.Dec 5 2019, 6:59 AM
gniibe added a subtask: T4659: Release Pinentry-1.1.1.Dec 5 2019, 7:22 AM
gniibe added projects: Restricted Project, pinentry.Mar 12 2020, 6:39 AM
dharris added a subscriber: dharris.Nov 29 2020, 6:10 PM
gouttegd closed this task as Resolved.Jan 19 2021, 7:48 PM
gouttegd added a subscriber: gouttegd.

@gniibe I assume this issue has been fixed by the same fix as for T4585 and can be closed as well. Feel free to re-open if I am wrong.

gouttegd closed subtask T4659: Release Pinentry-1.1.1 as Resolved.Jan 23 2021, 11:22 PM