pinentry-tty should accept backspace, delete, and ctrl-U
Testing, NormalPublic

Description

pinentry-tty does not accept backspace, delete, or control-U (delete all input) when typing a passphrase. If I type any of these keystrokes when entering a passphrase (say, to correct a mistyped character), authentication fails. Looks like this issue has been addressed in 2015, but it doesn't work on my system.

Every other tty-based passphrase-reading program in the universe accepts at least backspace (and many accept ctrl-U) so the user can make corrections. Is this a bug in pinentry-tty? Or is there some way to configure pinentry-tty to permit corrections?

Thank you.

$ cat /etc/issue
Ubuntu 18.04.2 LTS \n \l

$ pinentry --version
pinentry-qt (pinentry) 1.1.0
Copyright (C) 2016 g10 Code GmbH
License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

$ gpg --version
gpg (GnuPG) 2.2.4
libgcrypt 1.8.1
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/dbarrett/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Details

Version
2.2.4
maiden_taiwan updated the task description. (Show Details)
maiden_taiwan set Version to 2.2.4.
gniibe claimed this task.Jun 26 2019, 4:04 AM
gniibe triaged this task as Normal priority.
gniibe added a subscriber: gniibe.

(What you see as the link addressed in 2015 is for pinentry-curses, which is irrelevant.)

I check the history of pinentry-tty. When it is created in 2014-08-12, it never supports any editing but only entering passphrase directly with no echoing the input. I mean, no editing feature supported at all, originally.

Then, in 2015-05-13, Backspace (actually DELETE) is supported by adding processing of input in pinentry-tty. In my opinion, this would be questionable approach.

I think that what you expect is line-edit mode with no echo. I think that it is reasonable.

Please note that line-edit is supported by system (tty driver), not by an application like pinentry-tty.c. In the current implementation of pinentry-tty, it disable echoing and line-editing and the application handles each character.

I think that keeping line-edit makes sense for pinentry-tty.
Let me ask existing pinentry-tty users.

maiden_taiwan added a comment.EditedJun 26 2019, 4:34 AM

Thank you. I just downloaded the source for pinentry-1.1.0 and changed this line:

n_term.c_lflag = n_term.c_lflag & ~(ECHO|ICANON);

to:

n_term.c_lflag = n_term.c_lflag & ~(ECHO);

and I can confirm that backspace and ctrl-U now work as expected.

gniibe changed the task status from Open to Testing.

Let me explain some technical detail for the record.

I enabled line editing by ICANON flag, but it also means, TTY may send signal when a user presses Ctrl-C (or others).
For confirmation dialog, I don't enable ICANON but ISIG, so that signal can be sent.

Note that the signal from TTY will be sent to the foreground process, not to pinentry process.

The foreground process may be gpg, ssh, or some parent process invoking those.

For me it works well (with the change of gpg-agent watching aliveness of client (gpg/ssh), which will send SIGINT to pinentry).

But this is not perfect. Job control (by Ctrl-Z) is not supported well. The terminal state change by pinentry-tty remains in this case. I don't know how to fix this, because pinentry-tty runs in background (not receiving SIGSUSP).

clonedrad added a subscriber: clonedrad.

Would be great to see this fix rolled out! Absence of support for these keys disoriented me for months after switching to pinentry-tty. I use my longest passwords for GnuPG, so being able to fix typos (instead of abandoning password entry altogether) would be greatly appreciated.