diff --git a/app/build.gradle.kts b/app/build.gradle.kts
index 0ca522f7dc..b2e89cd997 100644
--- a/app/build.gradle.kts
+++ b/app/build.gradle.kts
@@ -64,7 +64,7 @@ dependencies {
   implementation(libs.androidx.annotation)
   coreLibraryDesugaring(libs.android.desugarJdkLibs)
   implementation(projects.autofillParser)
-  implementation(projects.cryptoPgp)
+  implementation(projects.cryptoPgpainless)
   implementation(projects.formatCommon)
   implementation(projects.openpgpKtx)
   implementation(libs.androidx.activity.ktx)
diff --git a/app/src/main/java/dev/msfjarvis/aps/injection/crypto/CryptoHandlerModule.kt b/app/src/main/java/dev/msfjarvis/aps/injection/crypto/CryptoHandlerModule.kt
index fdd37bf391..433229755b 100644
--- a/app/src/main/java/dev/msfjarvis/aps/injection/crypto/CryptoHandlerModule.kt
+++ b/app/src/main/java/dev/msfjarvis/aps/injection/crypto/CryptoHandlerModule.kt
@@ -10,8 +10,8 @@ import dagger.Provides
 import dagger.hilt.InstallIn
 import dagger.hilt.components.SingletonComponent
 import dagger.multibindings.IntoSet
+import dev.msfjarvis.aps.crypto.PGPainlessCryptoHandler
 import dev.msfjarvis.aps.data.crypto.CryptoHandler
-import dev.msfjarvis.aps.data.crypto.GopenpgpCryptoHandler
 
 /**
  * This module adds all [CryptoHandler] implementations into a Set which makes it easier to build
@@ -23,7 +23,7 @@ object CryptoHandlerModule {
   @Provides
   @IntoSet
   fun providePgpCryptoHandler(): CryptoHandler {
-    return GopenpgpCryptoHandler()
+    return PGPainlessCryptoHandler()
   }
 }
 
diff --git a/app/src/main/java/dev/msfjarvis/aps/ui/autofill/AutofillDecryptActivityV2.kt b/app/src/main/java/dev/msfjarvis/aps/ui/autofill/AutofillDecryptActivityV2.kt
index 27a1286752..3380a4f1a3 100644
--- a/app/src/main/java/dev/msfjarvis/aps/ui/autofill/AutofillDecryptActivityV2.kt
+++ b/app/src/main/java/dev/msfjarvis/aps/ui/autofill/AutofillDecryptActivityV2.kt
@@ -29,6 +29,7 @@ import dev.msfjarvis.aps.ui.crypto.DecryptActivityV2
 import dev.msfjarvis.aps.util.autofill.AutofillPreferences
 import dev.msfjarvis.aps.util.autofill.AutofillResponseBuilder
 import dev.msfjarvis.aps.util.autofill.DirectoryStructure
+import java.io.ByteArrayOutputStream
 import java.io.File
 import javax.inject.Inject
 import kotlinx.coroutines.Dispatchers
@@ -128,11 +129,14 @@ class AutofillDecryptActivityV2 : AppCompatActivity() {
         runCatching {
           val crypto = cryptos.first { it.canHandle(file.absolutePath) }
           withContext(Dispatchers.IO) {
+            val outputStream = ByteArrayOutputStream()
             crypto.decrypt(
               DecryptActivityV2.PRIV_KEY,
-              DecryptActivityV2.PASS.toByteArray(charset = Charsets.UTF_8),
-              encryptedInput.readBytes()
+              DecryptActivityV2.PASS,
+              encryptedInput,
+              outputStream,
             )
+            outputStream
           }
         }
           .onFailure { e ->
@@ -141,7 +145,7 @@ class AutofillDecryptActivityV2 : AppCompatActivity() {
           }
           .onSuccess { result ->
             return runCatching {
-              val entry = passwordEntryFactory.create(lifecycleScope, result)
+              val entry = passwordEntryFactory.create(lifecycleScope, result.toByteArray())
               AutofillPreferences.credentialsFromStoreEntry(this, file, entry, directoryStructure)
             }
               .getOrElse { e ->
diff --git a/app/src/main/java/dev/msfjarvis/aps/ui/crypto/DecryptActivityV2.kt b/app/src/main/java/dev/msfjarvis/aps/ui/crypto/DecryptActivityV2.kt
index b000d21d45..403b819106 100644
--- a/app/src/main/java/dev/msfjarvis/aps/ui/crypto/DecryptActivityV2.kt
+++ b/app/src/main/java/dev/msfjarvis/aps/ui/crypto/DecryptActivityV2.kt
@@ -20,6 +20,7 @@ import dev.msfjarvis.aps.injection.password.PasswordEntryFactory
 import dev.msfjarvis.aps.ui.adapters.FieldItemAdapter
 import dev.msfjarvis.aps.util.extensions.unsafeLazy
 import dev.msfjarvis.aps.util.extensions.viewBinding
+import java.io.ByteArrayOutputStream
 import java.io.File
 import javax.inject.Inject
 import kotlin.time.Duration
@@ -126,19 +127,22 @@ class DecryptActivityV2 : BasePgpActivity() {
   private fun decrypt() {
     lifecycleScope.launch {
       // TODO(msfjarvis): native methods are fallible, add error handling once out of testing
-      val message = withContext(Dispatchers.IO) { File(fullPath).readBytes() }
+      val message = withContext(Dispatchers.IO) { File(fullPath).inputStream() }
       val result =
         withContext(Dispatchers.IO) {
           val crypto = cryptos.first { it.canHandle(fullPath) }
+          val outputStream = ByteArrayOutputStream()
           crypto.decrypt(
             PRIV_KEY,
-            PASS.toByteArray(charset = Charsets.UTF_8),
+            PASS,
             message,
+            outputStream,
           )
+          outputStream
         }
       startAutoDismissTimer()
 
-      val entry = passwordEntryFactory.create(lifecycleScope, result)
+      val entry = passwordEntryFactory.create(lifecycleScope, result.toByteArray())
       passwordEntry = entry
       invalidateOptionsMenu()
 
diff --git a/app/src/main/java/dev/msfjarvis/aps/ui/crypto/PasswordCreationActivityV2.kt b/app/src/main/java/dev/msfjarvis/aps/ui/crypto/PasswordCreationActivityV2.kt
index 645d6c47a8..d190a1fe3b 100644
--- a/app/src/main/java/dev/msfjarvis/aps/ui/crypto/PasswordCreationActivityV2.kt
+++ b/app/src/main/java/dev/msfjarvis/aps/ui/crypto/PasswordCreationActivityV2.kt
@@ -43,6 +43,7 @@ import dev.msfjarvis.aps.util.extensions.snackbar
 import dev.msfjarvis.aps.util.extensions.unsafeLazy
 import dev.msfjarvis.aps.util.extensions.viewBinding
 import dev.msfjarvis.aps.util.settings.PreferenceKeys
+import java.io.ByteArrayOutputStream
 import java.io.File
 import java.io.IOException
 import javax.inject.Inject
@@ -316,7 +317,15 @@ class PasswordCreationActivityV2 : BasePgpActivity() {
         runCatching {
           val crypto = cryptos.first { it.canHandle(path) }
           val result =
-            withContext(Dispatchers.IO) { crypto.encrypt(PUB_KEY, content.encodeToByteArray()) }
+            withContext(Dispatchers.IO) {
+              val outputStream = ByteArrayOutputStream()
+              crypto.encrypt(
+                listOf(PUB_KEY),
+                content.byteInputStream(),
+                outputStream,
+              )
+              outputStream
+            }
           val file = File(path)
           // If we're not editing, this file should not already exist!
           // Additionally, if we were editing and the incoming and outgoing
@@ -333,7 +342,7 @@ class PasswordCreationActivityV2 : BasePgpActivity() {
             return@runCatching
           }
 
-          withContext(Dispatchers.IO) { file.outputStream().use { it.write(result) } }
+          withContext(Dispatchers.IO) { file.writeBytes(result.toByteArray()) }
 
           // associate the new password name with the last name's timestamp in
           // history
diff --git a/settings.gradle.kts b/settings.gradle.kts
index f8dd86cde7..a04f21e452 100644
--- a/settings.gradle.kts
+++ b/settings.gradle.kts
@@ -10,8 +10,6 @@ include(":autofill-parser")
 
 include(":crypto-common")
 
-include(":crypto-pgp")
-
 include(":crypto-pgpainless")
 
 include(":format-common")