diff --git a/src/decrypt.rs b/src/decrypt.rs
index 8adee03fd..a4aeffaab 100644
--- a/src/decrypt.rs
+++ b/src/decrypt.rs
@@ -51,7 +51,7 @@ pub async fn try_decrypt(
 
     Ok(decrypt_part(
         encrypted_data_part,
-        private_keyring,
+        &private_keyring,
         public_keyring_for_validate,
     )?
     .map(|(raw, fprints)| (raw, fprints, true)))
@@ -207,7 +207,7 @@ fn get_autocrypt_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail
 /// Returns Ok(None) if nothing encrypted was found.
 fn decrypt_part(
     mail: &ParsedMail<'_>,
-    private_keyring: Keyring<SignedSecretKey>,
+    private_keyring: &Keyring<SignedSecretKey>,
     public_keyring_for_validate: Keyring<SignedPublicKey>,
 ) -> Result<Option<(Vec<u8>, HashSet<Fingerprint>)>> {
     let data = mail.get_body_raw()?;
diff --git a/src/pgp.rs b/src/pgp.rs
index 486d510d2..93762e68a 100644
--- a/src/pgp.rs
+++ b/src/pgp.rs
@@ -267,7 +267,7 @@ pub async fn pk_encrypt(
 #[allow(clippy::implicit_hasher)]
 pub fn pk_decrypt(
     ctext: Vec<u8>,
-    private_keys_for_decryption: Keyring<SignedSecretKey>,
+    private_keys_for_decryption: &Keyring<SignedSecretKey>,
     public_keys_for_validation: &Keyring<SignedPublicKey>,
 ) -> Result<(Vec<u8>, HashSet<Fingerprint>)> {
     let mut ret_signature_fingerprints: HashSet<Fingerprint> = Default::default();
@@ -511,7 +511,7 @@ mod tests {
         sig_check_keyring.add(KEYS.alice_public.clone());
         let (plain, valid_signatures) = pk_decrypt(
             ctext_signed().await.as_bytes().to_vec(),
-            decrypt_keyring,
+            &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();
@@ -525,7 +525,7 @@ mod tests {
         sig_check_keyring.add(KEYS.alice_public.clone());
         let (plain, valid_signatures) = pk_decrypt(
             ctext_signed().await.as_bytes().to_vec(),
-            decrypt_keyring,
+            &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();
@@ -540,7 +540,7 @@ mod tests {
         let empty_keyring = Keyring::new();
         let (plain, valid_signatures) = pk_decrypt(
             ctext_signed().await.as_bytes().to_vec(),
-            keyring,
+            &keyring,
             &empty_keyring,
         )
         .unwrap();
@@ -557,7 +557,7 @@ mod tests {
         sig_check_keyring.add(KEYS.bob_public.clone());
         let (plain, valid_signatures) = pk_decrypt(
             ctext_signed().await.as_bytes().to_vec(),
-            decrypt_keyring,
+            &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();
@@ -572,7 +572,7 @@ mod tests {
         let sig_check_keyring = Keyring::new();
         let (plain, valid_signatures) = pk_decrypt(
             ctext_unsigned().await.as_bytes().to_vec(),
-            decrypt_keyring,
+            &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();