pinentry does not work properly

Question

pinentry does not work properly

zhangyoufu opened this issue 4 years ago · 2 comments

printf "$PE_PROMPT" | $PE does not work for me on macOS.

$ PE_PROMPT='SETPROMPT Admin PIN\nGETPIN\nBYE\n'
$ PE=/usr/local/bin/pinentry
$ printf "$PE_PROMPT" | $PE
OK Pleased to meet you
OK
S ERROR curses.? 83918950
ERR 83918950 Inappropriate ioctl for device <Pinentry>
OK closing connection

$ /usr/local/bin/pinentry -h
pinentry-curses (pinentry) 1.0.0
Copyright (C) 2016 g10 Code GmbH
License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Usage: pinentry-curses [options] (-h for help)
Ask securely for a secret and print it to stdout.
Options:
 -d, --debug                Turn on debugging output
 -D, --display DISPLAY      Set the X display
 -T, --ttyname FILE         Set the tty terminal node name
 -N, --ttytype NAME         Set the tty terminal type
 -C, --lc-ctype STRING      Set the tty LC_CTYPE value
 -M, --lc-messages STRING   Set the tty LC_MESSAGES value
 -o, --timeout SECS         Timeout waiting for input after this many seconds
 -g, --no-global-grab       Grab keyboard only while window is focused
 -W, --parent-wid           Parent window ID (for positioning)
 -c, --colors STRING        Set custom colors for ncurses

Please report bugs to <https://bugs.gnupg.org>.

Answer 1 · 2020-05-19T12:56:25.000Z

Interesting, this seems to be an issue with pinentry-curses not being able to understand which tty to use.

After a quick test I got the following to work:

TTY=$(tty)
printf "SETPROMPT Admin PIN\nGETPIN\nBYE\n" | /usr/bin/pinentry-curses --ttyname $TTY

Keep in mind that you may have to change the path to your actual pinentry program (you seem to use /usr/local/bin)

Ideally you should have GPG_TTY already set to the output of tty, so the following should also work

printf "SETPROMPT Admin PIN\nGETPIN\nBYE\n" | /usr/bin/pinentry-curses --ttyname $GPG_TTY

Surprisingly, this solution did not work:

printf "SETPROMPT Admin PIN\nGETPIN\nBYE\n" | /usr/bin/pinentry-curses --ttyname $(tty)

And finally, as a last resort, you can try using a different pinentry program like pinentry-tty or pinentry-x11.

Let me know if the first solution works for you and I'll try to generalize and incorporate it.

Answer 2 · 2020-05-19T13:11:19.000Z

Let me know if the first solution works for you and I'll try to generalize and incorporate it.

The first solution worked for me.

Surprisingly, this solution did not work:

printf "SETPROMPT Admin PIN\nGETPIN\nBYE\n" | /usr/bin/pinentry-curses --ttyname $(tty)

It seems that for some shell, $(tty) is evaluated with stdin redirected, so not a tty.