1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-27 13:28:00 +01:00

Remove deprecated encryption API

This commit is contained in:
Paul Schaub 2021-06-29 16:43:37 +02:00
parent ab347dab43
commit b6eed91f47
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
7 changed files with 39 additions and 456 deletions

View file

@ -23,84 +23,26 @@ import java.util.Set;
import javax.annotation.Nonnull;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.CompressionAlgorithm;
import org.pgpainless.algorithm.DocumentSignatureType;
import org.pgpainless.algorithm.EncryptionPurpose;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.algorithm.negotiation.SymmetricKeyAlgorithmNegotiator;
import org.pgpainless.decryption_verification.OpenPgpMetadata;
import org.pgpainless.exception.KeyValidationException;
import org.pgpainless.key.SubkeyIdentifier;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.util.Passphrase;
public class EncryptionBuilder implements EncryptionBuilderInterface {
private OutputStream outputStream;
private EncryptionOptions encryptionOptions;
private SigningOptions signingOptions = new SigningOptions();
private ProducerOptions options;
private OpenPgpMetadata.FileInfo fileInfo;
public EncryptionBuilder() {
this.encryptionOptions = new EncryptionOptions(EncryptionPurpose.COMMUNICATIONS);
}
public EncryptionBuilder(@Nonnull EncryptionPurpose purpose) {
this.encryptionOptions = new EncryptionOptions(purpose);
}
@Override
public ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream, OpenPgpMetadata.FileInfo fileInfo) {
public WithOptions onOutputStream(@Nonnull OutputStream outputStream, OpenPgpMetadata.FileInfo fileInfo) {
this.outputStream = outputStream;
this.fileInfo = fileInfo;
return new ToRecipientsOrNoEncryptionImpl();
return new WithOptionsImpl();
}
class ToRecipientsImpl implements ToRecipients {
@Override
public AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRing key) {
encryptionOptions.addRecipient(key);
return new AdditionalRecipientsImpl();
}
@Override
public AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRing key, @Nonnull String userId) {
encryptionOptions.addRecipient(key, userId);
return new AdditionalRecipientsImpl();
}
@Override
public AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRingCollection keys, @Nonnull String userId) {
for (PGPPublicKeyRing ring : keys) {
encryptionOptions.addRecipient(ring, userId);
}
return new AdditionalRecipientsImpl();
}
@Override
public AdditionalRecipients toRecipients(@Nonnull PGPPublicKeyRingCollection keys) {
for (PGPPublicKeyRing ring : keys) {
encryptionOptions.addRecipient(ring);
}
return new AdditionalRecipientsImpl();
}
@Override
public AdditionalRecipients forPassphrase(Passphrase passphrase) {
encryptionOptions.addPassphrase(passphrase);
return new AdditionalRecipientsImpl();
}
}
class ToRecipientsOrNoEncryptionImpl extends ToRecipientsImpl implements ToRecipientsOrNoEncryption {
class WithOptionsImpl implements WithOptions {
@Override
public EncryptionStream withOptions(ProducerOptions options) throws PGPException, IOException {
if (options == null) {
@ -108,152 +50,6 @@ public class EncryptionBuilder implements EncryptionBuilderInterface {
}
return new EncryptionStream(outputStream, options, fileInfo);
}
@Override
public SignWithOrDontSign doNotEncrypt() {
EncryptionBuilder.this.encryptionOptions = null;
return new SignWithOrDontSignImpl();
}
}
class AdditionalRecipientsImpl implements AdditionalRecipients {
@Override
public ToRecipientsOrSign and() {
return new ToRecipientsOrSignImpl();
}
}
class ToRecipientsOrSignImpl extends ToRecipientsImpl implements ToRecipientsOrSign {
@Override
public Armor doNotSign() {
EncryptionBuilder.this.signingOptions = null;
return new ArmorImpl();
}
@Override
public AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRing... keyRings) throws KeyValidationException, PGPException {
return new SignWithImpl().signWith(decryptor, keyRings);
}
@Override
public AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRingCollection keyRings) throws PGPException {
return new SignWithImpl().signWith(decryptor, keyRings);
}
@Override
public AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId, DocumentSignatureType signatureType) throws PGPException {
return new SignWithImpl().signInlineWith(secretKeyDecryptor, signingKey, userId, signatureType);
}
@Override
public AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId, DocumentSignatureType signatureType) throws PGPException {
return new SignWithImpl().signDetachedWith(secretKeyDecryptor, signingKey, userId, signatureType);
}
}
class SignWithOrDontSignImpl extends SignWithImpl implements SignWithOrDontSign {
@Override
public Armor doNotSign() {
return new ArmorImpl();
}
}
class SignWithImpl implements SignWith {
@Override
public AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor,
@Nonnull PGPSecretKeyRing... keyRings)
throws KeyValidationException, PGPException {
for (PGPSecretKeyRing secretKeyRing : keyRings) {
signingOptions.addInlineSignature(decryptor, secretKeyRing, DocumentSignatureType.BINARY_DOCUMENT);
}
return new AdditionalSignWithImpl();
}
@Override
public AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRingCollection keyRings)
throws KeyValidationException, PGPException {
for (PGPSecretKeyRing key : keyRings) {
signingOptions.addInlineSignature(decryptor, key, DocumentSignatureType.BINARY_DOCUMENT);
}
return new AdditionalSignWithImpl();
}
@Override
public AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor,
@Nonnull PGPSecretKeyRing signingKey,
String userId,
DocumentSignatureType signatureType)
throws KeyValidationException, PGPException {
signingOptions.addInlineSignature(secretKeyDecryptor, signingKey, userId, signatureType);
return new AdditionalSignWithImpl();
}
@Override
public AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor,
@Nonnull PGPSecretKeyRing signingKey,
String userId,
DocumentSignatureType signatureType)
throws PGPException, KeyValidationException {
signingOptions.addDetachedSignature(secretKeyDecryptor, signingKey, userId, signatureType);
return new AdditionalSignWithImpl();
}
}
class AdditionalSignWithImpl implements AdditionalSignWith {
@Override
public SignWith and() {
return new SignWithImpl();
}
@Override
public EncryptionStream asciiArmor() throws IOException, PGPException {
return new ArmorImpl().asciiArmor();
}
@Override
public EncryptionStream noArmor() throws IOException, PGPException {
return new ArmorImpl().noArmor();
}
}
class ArmorImpl implements Armor {
@Override
public EncryptionStream asciiArmor() throws IOException, PGPException {
assignProducerOptions();
options.setAsciiArmor(true);
return build();
}
@Override
public EncryptionStream noArmor() throws IOException, PGPException {
assignProducerOptions();
options.setAsciiArmor(false);
return build();
}
private EncryptionStream build() throws IOException, PGPException {
return new EncryptionStream(
EncryptionBuilder.this.outputStream,
EncryptionBuilder.this.options,
fileInfo);
}
private void assignProducerOptions() {
if (encryptionOptions != null && signingOptions != null) {
options = ProducerOptions.signAndEncrypt(encryptionOptions, signingOptions);
} else if (encryptionOptions != null) {
options = ProducerOptions.encrypt(encryptionOptions);
} else if (signingOptions != null) {
options = ProducerOptions.sign(signingOptions);
} else {
options = ProducerOptions.noEncryptionNoSigning();
}
}
}
/**

View file

@ -21,16 +21,8 @@ import java.util.Date;
import javax.annotation.Nonnull;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.pgpainless.algorithm.DocumentSignatureType;
import org.pgpainless.algorithm.StreamEncoding;
import org.pgpainless.decryption_verification.OpenPgpMetadata;
import org.pgpainless.exception.KeyValidationException;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.util.Passphrase;
public interface EncryptionBuilderInterface {
@ -41,7 +33,7 @@ public interface EncryptionBuilderInterface {
* @param outputStream output stream of the plain data.
* @return api handle
*/
default ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream) {
default WithOptions onOutputStream(@Nonnull OutputStream outputStream) {
return onOutputStream(outputStream, OpenPgpMetadata.FileInfo.binaryStream());
}
/**
@ -54,7 +46,7 @@ public interface EncryptionBuilderInterface {
*
* @deprecated use {@link #onOutputStream(OutputStream, OpenPgpMetadata.FileInfo)} instead.
*/
default ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream, boolean forYourEyesOnly) {
default WithOptions onOutputStream(@Nonnull OutputStream outputStream, boolean forYourEyesOnly) {
return onOutputStream(outputStream, forYourEyesOnly ? OpenPgpMetadata.FileInfo.forYourEyesOnly() : OpenPgpMetadata.FileInfo.binaryStream());
}
@ -69,7 +61,7 @@ public interface EncryptionBuilderInterface {
*
* @deprecated use {@link #onOutputStream(OutputStream, OpenPgpMetadata.FileInfo)} instead.
*/
default ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream, String fileName, boolean forYourEyesOnly) {
default WithOptions onOutputStream(@Nonnull OutputStream outputStream, String fileName, boolean forYourEyesOnly) {
return onOutputStream(outputStream, new OpenPgpMetadata.FileInfo(forYourEyesOnly ? "_CONSOLE" : fileName, new Date(), StreamEncoding.BINARY));
}
@ -81,9 +73,9 @@ public interface EncryptionBuilderInterface {
* @param fileInfo file information
* @return api handle
*/
ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream, OpenPgpMetadata.FileInfo fileInfo);
WithOptions onOutputStream(@Nonnull OutputStream outputStream, OpenPgpMetadata.FileInfo fileInfo);
interface ToRecipientsOrNoEncryption extends ToRecipients {
interface WithOptions {
/**
* Create an {@link EncryptionStream} with the given options (recipients, signers, algorithms...).
@ -93,217 +85,5 @@ public interface EncryptionBuilderInterface {
*/
EncryptionStream withOptions(ProducerOptions options) throws PGPException, IOException;
/**
* Instruct the {@link EncryptionStream} to not encrypt any data.
*
* @return api handle
*/
SignWithOrDontSign doNotEncrypt();
}
interface ToRecipients {
/**
* Encrypt for the given valid public key.
* With this method, the recipient key is being addressed by key-id,
* so this method prioritizes algorithm preferences from the keys direct-key signature.
*
* @param key recipient key for which the message will be encrypted.
* @return api handle
*/
AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRing key);
/**
* Encrypt for the given valid key using the provided user-id signature to determine preferences.
*
* @param key public key
* @param userId user-id which is used to select the correct encryption parameters based on preferences.
* @return api handle
*/
AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRing key, @Nonnull String userId);
/**
* Encrypt for the first valid key in the provided keys collection which has a valid user-id that matches
* the provided userId.
* The user-id is also used to determine encryption preferences.
*
* @param keys collection of keys
* @param userId user-id used to select the correct key
* @return api handle
*/
AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRingCollection keys, @Nonnull String userId);
/**
* Encrypt for all valid public keys in the provided collection.
* If any key is not eligible for encryption (e.g. expired, revoked...),
* an {@link IllegalArgumentException} will be thrown.
*
* @param keys collection of public keys
* @return api handle
*/
AdditionalRecipients toRecipients(@Nonnull PGPPublicKeyRingCollection keys);
/**
* Symmetrically encrypt the message using a passphrase.
* Note that the passphrase MUST NOT be empty.
*
* @param passphrase passphrase
* @return api handle
*/
AdditionalRecipients forPassphrase(Passphrase passphrase);
}
interface AdditionalRecipients {
/**
* Add an additional recipient key/passphrase or configure signing.
*
* @return api handle
*/
ToRecipientsOrSign and();
}
// Allow additional recipient or signing configuration
interface ToRecipientsOrSign extends ToRecipients, SignWithOrDontSign {
}
// Allow signing configuration or no signing at all
interface SignWithOrDontSign extends SignWith {
/**
* Do not sign the plain data at all.
*
* @return api handle
*/
Armor doNotSign();
}
interface SignWith {
/**
* Pass in a list of secret keys used for signing, along with a {@link SecretKeyRingProtector} used to unlock
* the secret keys.
*
* @deprecated use {@link #signInlineWith(SecretKeyRingProtector, PGPSecretKeyRing)} instead.
* @param decryptor {@link SecretKeyRingProtector} used to unlock the secret keys
* @param keyRings secret keys used for signing
* @return api handle
*/
@Deprecated
AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRing... keyRings) throws KeyValidationException, PGPException;
/**
* Sign inline using the passed in secret keys.
*
* @deprecated use {@link #signInlineWith(SecretKeyRingProtector, PGPSecretKeyRing)} instead.
* @param decryptor for unlocking the secret keys
* @param keyRings secret keys
* @return api handle
*/
@Deprecated
AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRingCollection keyRings) throws KeyValidationException, PGPException;
/**
* Create an inline signature using the provided secret key.
* The signature will be of type {@link DocumentSignatureType#BINARY_DOCUMENT}.
*
* @param secretKeyDecryptor for unlocking the secret key
* @param signingKey signing key
* @return api handle
*/
default AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey) throws PGPException, KeyValidationException {
return signInlineWith(secretKeyDecryptor, signingKey, null);
}
/**
* Create an inline signature using the provided secret key.
* If userId is not null, the preferences of the matching user-id on the key will be used for signing.
* The signature will be of type {@link DocumentSignatureType#BINARY_DOCUMENT}.
*
* @param secretKeyDecryptor for unlocking the secret key
* @param signingKey signing key
* @param userId userId whose preferences shall be used for signing
* @return api handle
*/
default AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId) throws PGPException, KeyValidationException {
return signInlineWith(secretKeyDecryptor, signingKey, userId, DocumentSignatureType.BINARY_DOCUMENT);
}
/**
* Create an inline signature using the provided secret key with the algorithm preferences of the provided user-id.
*
* @param secretKeyDecryptor for unlocking the secret key
* @param signingKey signing key
* @param userId user-id whose preferences shall be used for signing
* @param signatureType signature type
* @return api handle
*/
AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId, DocumentSignatureType signatureType) throws KeyValidationException, PGPException;
/**
* Create a detached signature using the provided secret key.
*
* @param secretKeyDecryptor for unlocking the secret key
* @param signingKey signing key
* @return api handle
*/
default AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey) throws PGPException, KeyValidationException {
return signDetachedWith(secretKeyDecryptor, signingKey, null);
}
/**
* Create a detached signature using the provided secret key with the algorithm preferences of the provided user-id.
*
* @param secretKeyDecryptor for unlocking the secret key
* @param signingKey signing key
* @param userId user-id whose preferences shall be used for signing
* @return api handle
*/
default AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId) throws PGPException, KeyValidationException {
return signDetachedWith(secretKeyDecryptor, signingKey, userId, DocumentSignatureType.BINARY_DOCUMENT);
}
/**
* Create a detached signature using the provided secret key with the algorithm preferences of the provided user-id.
*
* @param secretKeyDecryptor for unlocking the secret key
* @param signingKey signing key
* @param userId user-id whose preferences shall be used for signing
* @param signatureType type of the signature
* @return api handle
*/
AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId, DocumentSignatureType signatureType) throws PGPException, KeyValidationException;
}
interface AdditionalSignWith extends Armor {
/**
* Add an additional signing key/method.
*
* @return api handle
*/
SignWith and();
}
interface Armor {
/**
* Wrap the encrypted/signed output in an ASCII armor.
* This can come in handy for sending the encrypted message via eg. email.
*
* @return encryption stream
* @throws IOException in case some I/O error occurs
* @throws PGPException in case of some malformed pgp data
*/
EncryptionStream asciiArmor() throws IOException, PGPException;
/**
* Do not wrap the output in an ASCII armor.
*
* @return encryption stream
* @throws IOException in case some I/O error occurs
* @throws PGPException in case of some malformed pgp data
*/
EncryptionStream noArmor() throws IOException, PGPException;
}
}

View file

@ -89,6 +89,10 @@ public final class SigningOptions {
private final Map<SubkeyIdentifier, SigningMethod> signingMethods = new HashMap<>();
private HashAlgorithm hashAlgorithmOverride;
public static SigningOptions get() {
return new SigningOptions();
}
/**
* Add inline signatures with all secret key rings in the provided secret key ring collection.
*

View file

@ -153,10 +153,10 @@ public class EncryptDecryptTest {
EncryptionStream encryptor = PGPainless.encryptAndOrSign()
.onOutputStream(envelope)
.toRecipient(recipientPub)
.and()
.signInlineWith(keyDecryptor, senderSec, null, DocumentSignatureType.BINARY_DOCUMENT)
.noArmor();
.withOptions(ProducerOptions.signAndEncrypt(
EncryptionOptions.encryptCommunications().addRecipient(recipientPub),
new SigningOptions().addInlineSignature(keyDecryptor, senderSec, DocumentSignatureType.BINARY_DOCUMENT)
));
Streams.pipeAll(new ByteArrayInputStream(secretMessage), encryptor);
encryptor.close();
@ -205,9 +205,9 @@ public class EncryptDecryptTest {
ByteArrayInputStream inputStream = new ByteArrayInputStream(data);
ByteArrayOutputStream dummyOut = new ByteArrayOutputStream();
EncryptionStream signer = PGPainless.encryptAndOrSign().onOutputStream(dummyOut)
.doNotEncrypt()
.signDetachedWith(keyRingProtector, signingKeys)
.noArmor();
.withOptions(ProducerOptions.sign(
new SigningOptions().addDetachedSignature(keyRingProtector, signingKeys, DocumentSignatureType.BINARY_DOCUMENT)
));
Streams.pipeAll(inputStream, signer);
signer.close();
@ -250,9 +250,10 @@ public class EncryptDecryptTest {
ByteArrayInputStream inputStream = new ByteArrayInputStream(data);
ByteArrayOutputStream signOut = new ByteArrayOutputStream();
EncryptionStream signer = PGPainless.encryptAndOrSign().onOutputStream(signOut)
.doNotEncrypt()
.signInlineWith(keyRingProtector, signingKeys)
.asciiArmor();
.withOptions(ProducerOptions.sign(
SigningOptions.get()
.addInlineSignature(keyRingProtector, signingKeys, DocumentSignatureType.BINARY_DOCUMENT)
).setAsciiArmor(true));
Streams.pipeAll(inputStream, signer);
signer.close();
@ -328,9 +329,9 @@ public class EncryptDecryptTest {
"-----END PGP PUBLIC KEY BLOCK-----\n";
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
assertThrows(IllegalArgumentException.class, () ->
PGPainless.encryptAndOrSign().onOutputStream(outputStream)
.toRecipient(publicKeys));
EncryptionOptions.encryptCommunications()
.addRecipient(publicKeys));
}
}

View file

@ -37,10 +37,8 @@ public class EncryptionStreamClosedTest {
OutputStream out = new ByteArrayOutputStream();
EncryptionStream stream = PGPainless.encryptAndOrSign()
.onOutputStream(out)
.forPassphrase(Passphrase.fromPassword("dummy"))
.and()
.doNotSign()
.asciiArmor();
.withOptions(ProducerOptions.encrypt(EncryptionOptions.encryptCommunications()
.addPassphrase(Passphrase.fromPassword("dummy"))));
// No close() called => getResult throws
assertThrows(IllegalStateException.class, stream::getResult);

View file

@ -67,10 +67,11 @@ public class FileInfoTest {
ByteArrayOutputStream dataOut = new ByteArrayOutputStream();
EncryptionStream encryptionStream = PGPainless.encryptAndOrSign()
.onOutputStream(dataOut, fileInfo)
.toRecipient(publicKeys)
.and()
.doNotSign()
.noArmor();
.withOptions(ProducerOptions.encrypt(
EncryptionOptions
.encryptCommunications()
.addRecipient(publicKeys))
);
Streams.pipeAll(dataIn, encryptionStream);
encryptionStream.close();

View file

@ -37,8 +37,11 @@ import org.bouncycastle.util.io.Streams;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.DocumentSignatureType;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.encryption_signing.EncryptionStream;
import org.pgpainless.encryption_signing.ProducerOptions;
import org.pgpainless.encryption_signing.SigningOptions;
import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.key.protection.KeyRingProtectionSettings;
import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector;
@ -192,9 +195,9 @@ public class ChangeSecretKeyRingPassphraseTest {
String dummyMessage = "dummy";
ByteArrayOutputStream dummy = new ByteArrayOutputStream();
EncryptionStream stream = PGPainless.encryptAndOrSign().onOutputStream(dummy)
.doNotEncrypt()
.signInlineWith(PasswordBasedSecretKeyRingProtector.forKey(keyRing, passphrase), keyRing)
.noArmor();
.withOptions(ProducerOptions.sign(SigningOptions.get()
.addInlineSignature(PasswordBasedSecretKeyRingProtector.forKey(keyRing, passphrase),
keyRing, DocumentSignatureType.BINARY_DOCUMENT)));
Streams.pipeAll(new ByteArrayInputStream(dummyMessage.getBytes()), stream);
stream.close();