Add a "retry" mode for Pinentry prompts

[woodruffw]

An incorrect password currently causes the entire kbs2 command to fail, rather than giving the user an opportunity to retry. This should be configurable.

Something like:

pinentry-retry = true

...maybe. Or maybe it should be supported unconditionally, including for the rpassword fallback.

[woodruffw]

Thinking about this more, this should definitely be supported unconditionally. If a user wants to exit the prompt entirely, they should ^C.