--- a/src/lib-dcrypt/istream-decrypt.c	Tue Jun 07 03:47:44 2016 +0300
+++ b/src/lib-dcrypt/istream-decrypt.c	Mon Jun 13 12:49:19 2016 +0300
@@ -120,8 +120,7 @@
 	if (stream->priv_key == NULL) {
 		/* see if we can get one */
 		if (stream->key_callback != NULL) {
-			unsigned char *key_id = t_malloc(digest_len);
-			memcpy(key_id, digest_pos, digest_len);
+			const char *key_id = binary_to_hex(digest_pos, digest_len);
 			int ret = stream->key_callback(key_id, &(stream->priv_key), &error, stream->key_context);
 			if (ret < 0) {
 				io_stream_set_error(&stream->istream.iostream, "Private key not available: %s", error);
@@ -297,9 +296,9 @@
 		ktype = *data++;
 
 		if (stream->key_callback != NULL) {
-			memcpy(dgst, data, sizeof(dgst));
+			const char *hexdgst = binary_to_hex(data, sizeof(dgst)); /* digest length */
 			/* hope you going to give us right key.. */
-			int ret = stream->key_callback(dgst, &(stream->priv_key), &error, stream->key_context);
+			int ret = stream->key_callback(hexdgst, &(stream->priv_key), &error, stream->key_context);
 			if (ret < 0) {
 				io_stream_set_error(&stream->istream.iostream, "Private key not available: %s", error);
 				return -1;

--- a/src/lib-dcrypt/istream-decrypt.h	Tue Jun 07 03:47:44 2016 +0300
+++ b/src/lib-dcrypt/istream-decrypt.h	Mon Jun 13 12:49:19 2016 +0300
@@ -7,7 +7,7 @@
 /* Look for a private key for a specified public key digest and set it to
    priv_key_r. Returns 1 if ok, 0 if key doesn't exist, -1 on internal error. */
 typedef int
-i_stream_decrypt_get_key_callback_t(const unsigned char *pubkey_digest,
+i_stream_decrypt_get_key_callback_t(const char *pubkey_digest,
 				    struct dcrypt_private_key **priv_key_r,
 				    const char **error_r, void *context);