failure to decrypt on gpg 2.1.x

[redshiftzero]

Versions

• Python 2.7.12
• gpg (GnuPG) 2.1.11
• libgcrypt 1.6.5
• gpg.__version__ 3.1.1 (latest version of this library at the time this issue was filed)

This is a followup from the comments on the closed issue https://github.com/isislovecruft/python-gnupg/issues/137#issuecomment-271038482 which describes a failure to decrypt files using recent (gpg>=2.1.x) versions of gpg2

Reproducer

import pretty_bad_protocol as gnupg

gpg_key_dir = '/tmp/.gnupg/'

gpg = gnupg.GPG(binary='gpg2', homedir=gpg_key_dir)

# Key created for testing
fingerprints = ['07683535D17BFBF548C6A1AE12655CED33D73316']

encrypted = gpg.encrypt('test data', *fingerprints, armor=False, always_trust=True)

print('decrypt')

decrypted = gpg.decrypt(encrypted.data, passphrase='test')

print(decrypted.ok)

print(decrypted.stderr)

Output

decrypt
False
[GNUPG:] ENC_TO 969425E675C7D534 1 0
[GNUPG:] PINENTRY_LAUNCHED 1142
gpg: encrypted with 2048-bit RSA key, ID 75C7D534, created 2019-01-29
      " (test) <test@test.com>"
gpg: public key decryption failed: Inappropriate ioctl for device
[GNUPG:] ERROR pkdecrypt_failed 83918950
[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] DECRYPTION_FAILED
gpg: decryption failed: No secret key
[GNUPG:] END_DECRYPTION

Comments

I've tried adding allow-loopback-pinentry to gpg-agent.conf and restarted gpg-agent as suggested in https://github.com/isislovecruft/python-gnupg/issues/137#issue-127100634 on the latest version of this library but it didn't resolve the issue. Anyone have any ideas on this one?

(note: these test steps work fine for me on earlier versions of gpg)

[redshiftzero]

ah, passing in options=['--pinentry-mode loopback'] worked, closing!