gnupg: dynamic pinentry

1 files changed, 38 insertions, 0 deletions

diff --git a/gnupg/.local/bin/pinentry-auto b/gnupg/.local/bin/pinentry-auto
new file mode 100755
index 0000000..b788361
--- /dev/null
+++ b/gnupg/.local/bin/pinentry-auto
@@ -0,0 +1,38 @@
+#!/bin/sh
+# Choose between pinentry-tty and pinentry-x11 based on whether
+# $PINENTRY_USER_DATA contains USE_TTY=1
+#
+# Based on:
+# https://kevinlocke.name/bits/2019/07/31/prefer-terminal-for-gpg-pinentry
+#
+# Note: Environment detection is difficult.
+# - stdin is Assuan pipe, preventing tty checking
+# - configuration info (e.g. ttyname) is passed via Assuan pipe, preventing
+#   parsing or fallback without implementing Assuan protocol.
+# - environment is sanitized by atfork_cb in call-pinentry.c (removing $GPG_TTY)
+#
+# $PINENTRY_USER_DATA is preserved since 2.08 https://dev.gnupg.org/T799
+#
+# Format of $PINENTRY_USER_DATA not specified (that I can find), pinentry-mac
+# assumes comma-separated sequence of NAME=VALUE with no escaping mechanism
+# https://github.com/GPGTools/pinentry-mac/blob/v0.9.4/Source/AppDelegate.m#L78
+# and recognizes USE_CURSES=1 for curses fallback
+# https://github.com/GPGTools/pinentry-mac/pull/2
+#
+# To the extent possible under law, Kevin Locke <kevin@kevinlocke.name> has
+# waived all copyright and related or neighboring rights to this work
+# under the terms of CC0: https://creativecommons.org/publicdomain/zero/1.0/
+
+set -Ceu
+
+# Use pinentry-tty if $PINENTRY_USER_DATA contains USE_TTY=1
+case "${PINENTRY_USER_DATA-}" in
+*USE_TTY=1*)
+	# Note: Change to pinentry-curses if a Curses UI is preferred.
+	exec pinentry-curses "$@"
+	;;
+esac
+
+# Otherwise, use any X11 UI (configured by Debian Alternatives System)
+# Note: Will fall back to curses if $DISPLAY is not available.
+exec pinentry-gtk-2 "$@"