Our GnuPG package is version 2.2.30, which includes this bug:

https://dev.gnupg.org/T5577

The effect of this bug is that symmetric encryption / decryption does
not work. The bug was fixed in 2.2.31 and 2.3.3.

Changing GnuPG will cause 2406 rebuilds. I think that's suboptimal but
it's the situation.

There is a gnupg-2.2.32 package, but it's hidden because it would break
emacs-pinentry:

https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/gnupg.scm?id=861ee6d908fefc47d765f81e33cdf6f84b6d50eb#n350

Here is a patch that unhides gnupg-2.2.32, updates it to 2.2.33, and
makes emacs-pinentry use that package variant.

If emacs-pinentry cannot use a current GnuPG, what should we do? And
maybe we don't need emacs-pinentry anymore?:

https://emacs.stackexchange.com/a/64721