diff --git a/libs/netpgp/include/netpgp/create.h b/libs/netpgp/include/netpgp/create.h
index 3db88c23..013d0883 100644
--- a/libs/netpgp/include/netpgp/create.h
+++ b/libs/netpgp/include/netpgp/create.h
@@ -115,7 +115,7 @@ unsigned encode_m_buf(const uint8_t *, size_t, const pgp_pubkey_t *,
 				uint8_t *);
 unsigned pgp_fileread_litdata(const char *, const pgp_litdata_enum,
 				pgp_output_t *);
-unsigned pgp_write_symm_enc_data(const uint8_t *, const int,
+unsigned pgp_write_symm_enc_data(const uint8_t *, const int, pgp_symm_alg_t, const uint8_t* key,
 				pgp_output_t *);
 
 #endif /* CREATE_H_ */
diff --git a/libs/netpgp/src/create.c b/libs/netpgp/src/create.c
index a15a0e58..41ce703b 100644
--- a/libs/netpgp/src/create.c
+++ b/libs/netpgp/src/create.c
@@ -1317,6 +1317,8 @@ pgp_filewrite(const char *filename, const char *buf,
 unsigned
 pgp_write_symm_enc_data(const uint8_t *data,
 				       const int len,
+				       pgp_symm_alg_t alg, // EDIT BY MR, eg. PGP_SA_AES_128 or PGP_SA_AES_256
+				       const uint8_t* key, // EDIT BY MR - the key was simply missing
 				       pgp_output_t * output)
 {
 	pgp_crypt_t	crypt_info;
@@ -1324,8 +1326,10 @@ pgp_write_symm_enc_data(const uint8_t *data,
 	size_t		encrypted_sz;
 	int             done = 0;
 
-	/* \todo assume AES256 for now */
-	pgp_crypt_any(&crypt_info, PGP_SA_AES_256);
+	pgp_crypt_any(&crypt_info, alg);
+
+	crypt_info.set_crypt_key(&crypt_info, key);
+
 	pgp_encrypt_init(&crypt_info);
 
 	encrypted_sz = (size_t)(len + crypt_info.blocksize + 2);
diff --git a/src/mrmailbox_imex.c b/src/mrmailbox_imex.c
index afaef120..5dda9526 100644
--- a/src/mrmailbox_imex.c
+++ b/src/mrmailbox_imex.c
@@ -29,6 +29,7 @@
 #include <dirent.h>
 #include <openssl/rand.h>
 #include <libetpan/mmapstring.h>
+#include <netpgp-extra.h>
 #include "mrmailbox.h"
 #include "mrmimeparser.h"
 #include "mrosnative.h"
@@ -348,6 +349,9 @@ int mrmailbox_render_keys_to_html(mrmailbox_t* mailbox, const char* setup_code,
 	struct mailmime*       payload_mime_anchor = NULL;
 	MMAPString*            payload_string = mmap_string_new("");
 
+	#define                AES_128_KEY_BYTES 16 // = 128 bit
+	uint8_t                key[AES_128_KEY_BYTES];
+
 	if( mailbox==NULL || setup_code==NULL || ret_msg==NULL
 	 || *ret_msg!=NULL || private_key==NULL || payload_string==NULL ) {
 		goto cleanup;
@@ -395,7 +399,20 @@ int mrmailbox_render_keys_to_html(mrmailbox_t* mailbox, const char* setup_code,
 	mailmime_write_mem(payload_string, &col, payload_mime_msg);
 	//char* t2=mr_null_terminate(payload_string->str,payload_string->len);printf("\n~~~~~~~~~~~~~~~~~~~~SETUP-PAYLOAD~~~~~~~~~~~~~~~~~~~~\n%s~~~~~~~~~~~~~~~~~~~~/SETUP-PAYLOAD~~~~~~~~~~~~~~~~~~~~\n",t2);free(t2); // DEBUG OUTPUT
 
-	/* encrypt the payload using the setup code */
+	/* create key from setup-code using OpenPGP's salted+iterated S2K (String-to-key) */
+
+	// TODO
+
+	/* encrypt the payload using the key */
+
+	{
+		pgp_output_t* encr_output = NULL;
+		pgp_memory_t* encr_mem = NULL;
+
+		pgp_setup_memory_write(&encr_output, &encr_mem, 128);
+
+		pgp_write_symm_enc_data((const uint8_t*)payload_string->str, payload_string->len, PGP_SA_AES_128, key, encr_output);
+	}
 
 	//AES_encrypt();
 	// TODO