328 files changed, 5258 insertions, 2062 deletions

diff --git a/AUTHORS b/AUTHORS
index bbf1576..6d2ce67 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -1,14 +1,37 @@
 Package: gpgme
 Homepage: https://gnupg.org/related_software/gpgme/
-Download: ftp://ftp.gnupg.org/gcrypt/gpgme/
+Download: https://gnupg.org/ftp/gcrypt/gpgme/
 Repository: git://git.gnupg.org/gpgme.git
 Maintainer: Werner Koch <wk@gnupg.org>
-Bug reports: https://bugs.gnupg.org (use category "gpgme")
+Bug reports: https://bugs.gnupg.org
 Security related bug reports: security@gnupg.org
 License (software): LGPLv2.1+
 License (manual+tools): GPLv3+
 
 
+GPGME is free software.  See the files COPYING for copying conditions.
+License copyright years may be listed using range notation, e.g.,
+2000-2013, indicating that every year in the range, inclusive, is a
+copyrightable year that would otherwise be listed individually.
+
+List of Copyright holders
+=========================
+
+  Copyright (C) 1991-2013 Free Software Foundation, Inc.
+  Copyright (C) 2000-2001 Werner Koch
+  Copyright (C) 2001-2017 g10 Code GmbH
+  Copyright (C) 2002 Klarälvdalens Datakonsult AB
+  Copyright (C) 2004-2008 Igor Belyi
+  Copyright (C) 2002 John Goerzen
+  Copyright (C) 2014, 2015 Martin Albrecht
+  Copyright (C) 2015 Ben McGinnes
+  Copyright (C) 2015-2016 Bundesamt für Sicherheit in der Informationstechnik
+  Copyright (C) 2016 Intevation GmbH
+
+
+Authors info
+============
+
 FSF <gnu@gnu.org>
  - Code taken from GnuPG 1.0: src/w32-util.c.
  - Other from FSF projects: src/setenv.c, src/vasprintf.c,
@@ -30,7 +53,11 @@ Authors with a DCO
 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 2014-09-24:878ul9w4j8.fsf@alice.fifthhorseman.net:
 
+Colin Watson <cjwatson@debian.org>
+2017-09-16:20170916031428.uypfrdojquvjteor@riva.ucam.org:
 
+Tobias Mueller <muelli@cryptobitch.de>
+2016-11-23:1479937342.11180.3.camel@cryptobitch.de:
 
 
  Copyright 2001, 2002, 2012, 2013 g10 Code GmbH
diff --git a/ChangeLog b/ChangeLog
index 40c0b4d..3691aee 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,827 @@
+2017-12-12  Werner Koch  <wk@gnupg.org>
+
+	Release 1.10.0.
+	+ commit 6a42eb5f3809d5eb3767667c190b395d028886e7
+
+
+	Require libgpg-error 1.24 and libassuan 2.4.2.
+	+ commit d4d04d6c0432b032f6ea23c8517fd6a5f623bb67
+	* src/util.h (GPG_ERR_FALSE): Remove due to newer libgpg-error.
+
+2017-12-11  Andre Heinecke  <aheinecke@intevation.de>
+
+	qt: Don't use QDateTime::toSecsSinceEpoch.
+	+ commit b61d0fbb74f04408dfe8637c719b97217e061a3c
+	* lang/qt/src/qgpgmequickjob.cpp (addSubkeyWorker)
+	(createWorker): Use toMSecsSinceEpoch instead toSecsSinceEpoch.
+
+2017-12-11  Werner Koch  <wk@gnupg.org>
+
+	core,w32: Fix popping up of console windows due to gpgconf.
+	+ commit 0a567a94d94cd93c5d88f5db802925c95f0974d0
+	* src/gpgme-w32spawn.c (my_spawn): Create w/o DETACHED_PROCESS.
+
+2017-12-07  Andre Heinecke  <aheinecke@intevation.de>
+
+	cpp: Fix handling of lsig promotion.
+	+ commit 1458adaea4acdcf7ebbead6668476fce92db5af8
+	* src/gpgsignkeyeditinteractor.cpp (SignKeyState): Add second
+	CONFIRM state.
+	(makeTable): Properly handle local_promote_okay.
+	(action): Handle CONFIRM2.
+
+	tests: Print userid signatures in run-keylist.
+	+ commit 5ba1cbdf39efd90c7987bfc2bc030b6504e70076
+	* tests/run-keylist.c (main): Print UID signatures if there
+	are any.
+
+2017-12-04  Werner Koch  <wk@gnupg.org>
+
+	core: Also check for a failed selftest in gpgm_data_new.
+	+ commit 0c1244a2b7e30ab0610ae70166e1b5d0219782c3
+	* src/data.c (_gpgme_data_new): Check for failed selftest.
+	* tests/run-support.h (make_filename): Print a message on mallooc
+	failure.
+	(init_gpgme_basic): New.
+	* tests/run-identify.c (main): Call init_gpgme_basic becuase we do not
+	need to setup a protocol.
+	* tests/t-data.c: Define PGM and include run-support.h.
+	(make_filename): Remove.
+	(main): Call init_gpgme_basic.
+
+2017-12-04  Tobias Mueller  <muelli@cryptobitch.de>
+
+	python: Default whence argument for Data() to SEEK_SET.
+	+ commit 3cf9aedc92b6c65d2cb34037e52b9a299637d03b
+	* lang/python/gpgme.i: copied signature from gpgme.h and defaulted the
+	value to SEEK_SET.
+	* lang/python/tests/t-data.py: Added a test for no second argument
+
+2017-12-01  Andre Heinecke  <aheinecke@intevation.de>
+
+	qt: Add job for quick commands.
+	+ commit 7d1ac5d61de3c55bf7ff14997b4b111a0f90c177
+	* lang/qt/src/qgpgmequickjob.cpp,
+	lang/qt/src/qgpgmequickjob.h,
+	lang/qt/src/quickjob.h: New.
+	* lang/qt/src/Makefile.am,
+	lang/qt/src/protocol.h,
+	lang/qt/src/protocol_p.h,
+	lang/qt/src/job.cpp: Update accordingly.
+
+	cpp: Wrap create_key and create_subkey.
+	+ commit 8e2d6c28a5e923f829b5a26d19d9d897949aa1fe
+	* lang/cpp/src/context.cpp,
+	lang/cpp/src/context.h (Context::startCreateKey)
+	(Context::createKey, Context::createSubkey)
+	(Context::startCreateSubkey): New.
+
+	Fix uid parsing for ldap keyserver.
+	+ commit 651b3d8207cc7d85699f89fc4c21cb1243453aa8
+	* src/engine-gpg.c (gpg_keylist_preprocess): Check field count
+	for uid and add fallback.
+
+2017-11-30  Werner Koch  <wk@gnupg.org>
+
+	tests: Add missing variable to gpgsm tests Makefile.
+	+ commit f43016500774ab82f222249202bda6c463aaf63f
+	* tests/gpgsm/Makefile.am (GPG_AGENT): Set var.  It is used later.
+
+2017-11-21  NIIBE Yutaka  <gniibe@fsij.org>
+
+	tests: Make portability fix.
+	+ commit c441fb73130f4c117094d7da4de9fe56f886e65d
+	* lang/python/tests/Makefile.am: Distinguish target and path.
+	* tests/gpg/Makefile.am: Ditto.
+	* tests/gpgsm/Makefile.am: Ditto.
+
+2017-11-14  Andre Heinecke  <aheinecke@intevation.de>
+
+	qt: Fix IODeviceDataProvider with Process.
+	+ commit 56b27b21d5f8dd95b9d6415c5e98b821774f3093
+	* lang/qt/src/dataprovider.cpp (blocking_read): Keep
+	reading if process is not atEnd.
+
+2017-10-12  Daniel Kahn Gillmor  <dkg@fifthhorseman.net>
+
+	core: use getdents64 syscall on linux instead of getdents.
+	+ commit 00daac15530eabed5e61d841b2df939c2242667c
+	* src/posix-io.c (get_max_fds): use getdents64 instead of getdents.
+
+2017-10-04  Werner Koch  <wk@gnupg.org>
+
+	core: Allow disabling the use of SYS_getdents for Linux.
+	+ commit 4632adf403611b50be2b4e852a4607070935d0e5
+	* configure.ac (USE_LINUX_GETDENTS): New ac_define.  Add option
+	--disable-linux-getdents.
+	* src/posix-io.c: Make use of USE_LINUX_GETDENTS.
+
+2017-10-04  Colin Watson  <cjwatson@debian.org>
+
+	core: Restore get_max_fds optimization on Linux.
+	+ commit b5b996b1a142abb90296f5feadf0b5b19c59f738
+	* src/posix-io.c (get_max_fds): Restore Linux optimization, this time
+	using open/getdents/close rather than opendir/readdir/closedir.
+
+2017-09-04  Andre Heinecke  <aheinecke@intevation.de>
+
+	qt: Add test for version info.
+	+ commit bd5d470cef513b2f459316869b81267cde7a9f13
+	* lang/qt/tests/t-various.cpp (TestVarious::testVersion): New.
+
+	cpp: Fix version info comparison.
+	+ commit 58d7bcead3394fa80c2a05d0d1e0fb4d9a1048b0
+	* lang/cpp/src/engineinfo.h (EngineInfo::Version::operator<):
+	Fix logic.
+	* lang/cpp/src/engineinfo.h (EngineInfo::Version::operator>):
+	New.
+	* NEWS: Mention added API
+
+2017-08-24  Werner Koch  <wk@gnupg.org>
+
+	core: New context flag "auto-key-retrieve"
+	+ commit 47f61df0704485b8165c9cf2a27ad57bcd864239
+	* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag
+	"auto-key-retrieve".
+	* src/context.h (gpgme_context): New field auto_key_retrieve.
+	* src/engine-backend.h (struct engine_ops): Add arg auto_key_retrieve
+	to field 'decrypt'.
+	* src/engine-gpg.c (gpg_decrypt): Add arg auto_key_retrieve and pass
+	option --auto-key-retrieve to gpg.  Adjust all callers.
+	(gpg_verify): Ditto.
+	* src/engine-gpgsm.c (gpgsm_decrypt): Add dummy arg auto_key_retrieve.
+	* src/engine-uiserver.c (uiserver_decrypt): Ditto.
+	* tests/run-verify.c (main): Add option --auto-key-retrieve.
+
+	core: New public enum gpgme_keyorg_t.
+	+ commit 9bde9144f0c2d0087799511e9b041dc945a4cfa8
+	* src/gpgme.h.in (gpgme_keyorg_t): New.
+	* src/keylist.c (parse_keyorg): New.
+	(keylist_colon_handler): Set key->ORIGIN.
+
+2017-08-24  Marcus Brinkmann  <marcus.brinkmann@ruhr-uni-bochum.de>
+
+	gpgconf: Add more comments.
+	+ commit 91e47d71652bd0f83b51089c343c3c4836bdfa8a
+	* src/engine-gpgconf.c (gpgconf_config_dir_cb, gpgconf_conf_dir):
+	Add comments.
+
+2017-08-23  Marcus Brinkmann  <marcus.brinkmann@ruhr-uni-bochum.de>
+
+	Fix a couple of bugs pointed out by clang compiler warnings.
+	+ commit bfb3a01a0c55aa327dcab061fa808672362cb09d
+	* src/engine-gpgconf.c (gpgconf_config_dir_cb): Fix cast.
+	* src/key.c (_gpgme_key_add_sig): Fix pointer reference.
+
+2017-08-21  Alon Bar-Lev  <alon.barlev@gmail.com>
+
+	python: Support parallel build in tests.
+	+ commit 57c12593082e4ad302041269f1c35f2fe7d2fb1a
+	* lang/python/tests/Makefile.am: Depend xcheck with all which was lost
+	due to the check hack.
+
+2017-08-21  Justus Winter  <justus@g10code.com>
+
+	python: Improve keylist test.
+	+ commit 70c8be9efe8de40bec0f0673589f3c9be7136674
+	* lang/python/tests/t-keylist.py: Check a keylist matching no keys.
+
+2017-08-16  Marcus Brinkmann  <marcus.brinkmann@ruhr-uni-bochum.de>
+
+	doc: Add version information.
+	+ commit b9b08e46934eea9083afb2eaf4bffa23d6c27801
+	* doc/gpgme.texi (since): New macro.  Use it to add version
+	information to those APIs that are mentioned in the NEWS file.
+
+	doc: Clarify import keys operation further.
+	+ commit 0ee7f4f178284dae153a59be710bc994820369e5
+	* doc/gpgme.texi (gpgme_op_import_keys): Further clarifications.
+
+	gpgconf: Fix some warnings.
+	+ commit 3244d4daff892d5d3c39e78f4eb0934379beda2c
+	* tests/gpg/t-gpgconf.c (main): Fix warnings.
+	* src/engine-gpgconf.c (struct gpgconf_config_dir_s): New struct.
+	(gpgconf_config_dir_cb, gpgconf_conf_dir) Use it to fix warning.
+
+	gpgconf: Fix symbol export.
+	+ commit 97a1abe72e73f85bbf922fa588d002a226db5459
+	* gpgme.def: Fix last change.
+	(gpgme_op_conf_save): Replace duplicate from c&p ...
+	(gpgme_op_conf_dir): ... with this.
+
+2017-08-15  Marcus Brinkmann  <marcus.brinkmann@ruhr-uni-bochum.de>
+
+	NEWS: Add missing entry.
+	+ commit fa3918598de35fef0bf626035d59ea36c53832b9
+
+
+	gpgconf: Add access to --list-dirs for non-default engine.
+	+ commit 9f24e6c9010e171fd11c5cdac797cb8ce2e501dd
+	* src/engine-assuan.c (_gpgme_engine_ops_assuan): Add conf_dir.
+	* src/engine-g13.c (_gpgme_engine_ops_g13): Likewise.
+	* src/engine-gpg.c (_gpgme_engine_ops_gpg): Likewise.
+	* src/engine-gpgsm.c (_gpgme_engine_ops_gpgsm): Likewise.
+	* src/engine-spawn.c (_gpgme_engine_ops_spawn): Likewise.
+	* src/engine-uiserver.c (_gpgme_engine_ops_uiserver): Likewise.
+	* src/engine-backend.h (struct engine_ops): Likewise.
+	* src/engine-gpgconf.c (gpgconf_config_dir_cb, gpgconf_conf_dir):
+	New functions.
+	(struct engine_ops): Add gpgconf_conf_dir.
+	* src/engine.c (_gpgme_engine_op_conf_dir): New function.
+	* src/engine.h (_gpgme_engine_op_conf_dir): New prototype.
+	* src/gpgconf.c (gpgme_op_conf_dir): New function.
+	* src/gpgme.def (gpgme_op_conf_save): New symbol.
+	* src/gpgme.h.in (gpgme_op_conf_dir): New prototype.
+	* src/libgpgme.vers (gpgme_op_conf_dir): New symbol.
+	* tests/gpg/t-gpgconf.c (main): Test gpgme_op_conf_dir.
+
+2017-08-11  Marcus Brinkmann  <marcus.brinkmann@ruhr-uni-bochum.de>
+
+	g10: Add new delete operations that allow more flags.
+	+ commit a0cc6e01a8900b34cf231d8b5335ef3f85d01fdf
+	* NEWS: Document new interfaces.
+	* doc/gpgme.texi: Document new interfaces.
+	* src/gpgme.h.in (GPGME_DELETE_ALLOW_SECRET, GPGME_DELETE_FORCE,
+	gpgme_op_delete_ext_start, gpgme_op_delete_ext): New.
+	* src/delete.c (delete_start): Change allow_secret argument to flags.
+	(gpgme_op_delete_ext, gpgme_op_delete_ext_start): New functions.
+	* src/engine-backend.h (delete): Change allow_secret argument to flags.
+	* src/engine.c (_gpgme_engine_op_delete): Likewise.
+	* src/engine.h (_gpgme_engine_op_delete): Likewise (for prototype).
+	* src/engine-gpgsm.c (gpgsm_delete): Likewise.
+	* src/engine-gpg.c (gpg_delete): Likewise.  Implement GPGME_DELETE_FORCE.
+	* src/gpgme.def (gpgme_op_delete_ext, gpgme_op_delete_ext_start): New.
+	* src/libgpgme.vers (gpgme_op_delete_ext, gpgme_op_delete_ext_start): New.
+
+2017-08-10  Marcus Brinkmann  <marcus.brinkmann@ruhr-uni-bochum.de>
+
+	doc: Clarify import keys operation.
+	+ commit dfb3ca85680534b3885ab04d3fba4752c5a6f998
+	* doc/gpgme.texi (gpgme_op_import_start): Fix grammar.
+	(gpgme_op_import_keys): Clarify some wording and fix result.
+	* src/import.c (gpgme_op_import_keys): Clarify comment.
+
+	doc: Add more tofu documentation.
+	+ commit 274609baceda3378b21f84c3ae6a44806dad2dba
+	* doc/gpgme.texi (gpgme_tofu_info_t): Document structure.
+	(gpgme_sigsum_t): Document GPGME_SIGSUM_TOFU_CONFLICT.
+
+2017-07-27  Andre Heinecke  <aheinecke@intevation.de>
+
+	core: Fix status parsing for decrypt + verify.
+	+ commit d3796e4504a2b4f422de17d78f3acfe8dd199c9c
+	* src/decrypt.c (parse_status_error): Don't modify args.
+
+2017-07-26  Andre Heinecke  <aheinecke@intevation.de>
+
+	cpp: Fix Key::isDeVs for subkeys.
+	+ commit c7be41a5f850addceb2a95444bad2a31cdcd1ce5
+	* lang/cpp/src/key.cpp (Key::isDeVs): Check all subkeys.
+
+2017-07-13  Justus Winter  <justus@g10code.com>
+
+	tests: Fix distcheck.
+	+ commit 7fde780cc1773c6d3902d4f49a8d4aadbf3223d4
+	* tests/start-stop-agent: Remove backup file.
+
+	tests: Make agent spawning more robust.
+	+ commit 9cd2b58dfb2c21cce64520cf4c726859b583d14e
+	* tests/gpgsm/Makefile.am (gpgsm.conf): Add agent-program directive.
+	* tests/start-stop-agent: Update agent-program directive.
+
+2017-07-12  Werner Koch  <wk@gnupg.org>
+
+	tests: Fix printf compiler warning for an error case.
+	+ commit 46d2e48105e0929ec38dd4106004dd60d941df9a
+	* tests/gpg/t-keylist.c (main): Cast DIM to int.
+
+	core: Return NO_SECKEY error code on decryption.
+	+ commit ad0c5ab4cd8d3a1b11b37dc137b75a67aa26da37
+	* src/decrypt.c (op_data_t): Add flag any_no_seckey.
+	(_gpgme_decrypt_status_handler): Consult that flag.
+	(_gpgme_decrypt_status_handler): Set that flag.
+
+	core: Return CANCELED and BAD_PASSPHRASE error code on decryption.
+	+ commit d37bc7e025cdc6228da45b2b527e9f3bfef71c71
+	* src/decrypt.c (op_data_t): Add field pkdecrypt_failed.
+	(_gpgme_decrypt_status_handler): Consult new field.
+	(parse_status_error): Handle some error codes.
+
+	core: Simplify parsing of STATUS_ERROR in decrypt.c.
+	+ commit 87703dbb86ac8fd8abd23170f8038ea6e3dbde28
+	* src/decrypt.c (_gpgme_decrypt_status_handler): Factor some code out
+	to ...
+	(parse_status_error): new.  Modernize parsing.
+
+2017-07-11  Justus Winter  <justus@g10code.com>
+
+	python: Improve error handling.
+	+ commit 1e68f93dc547ae75b921e43db35e3599de92e2cb
+	* NEWS: Update.
+	* lang/python/src/core.py (Context.__read__): New helper function.
+	(Context.encrypt): Attach partial results to exceptions.
+	(Context.decrypt): Likewise.
+	(Context.sign): Likewise.
+	(Context.verify): Likewise.
+	* lang/python/src/errors.py (GpgError): Move the core of GPGMEError to
+	this class, add a nicer interface for it.  This makes the errors
+	thrown by this library more uniform, and allows us to track the
+	underlying error in synthesized high-level errors.
+	(GPGMEError): Simplify.
+	(...): Make sure to call the parent classes' constructor in all other
+	classes.
+
+2017-07-10  Andre Heinecke  <aheinecke@intevation.de>
+
+	Add isDeVs to ostream operator.
+	+ commit fe79eb8de3dc780eafb38a0a0a016748e764ff04
+	* lang/cpp/src/decryptionresult.cpp,
+	lang/cpp/src/verificationresult.cpp: Extend ostream operator
+	to include isDeVs.
+
+2017-06-12  Andre Heinecke  <aheinecke@intevation.de>
+
+	cpp: Fix CMake config library name for GPGME.
+	+ commit 5c53c702605b8d4458a14e6303cdc13f3b106efa
+	* lang/cpp/src/GpgmeppConfig.cmake.in.in: The link library
+	is of course also dynamic.
+
+2017-06-01  Justus Winter  <justus@g10code.com>
+
+	Add flag 'is_de_vs' to decryption results and signatures.
+	+ commit 05fa2a9c7764b28fdac35eb72631439df948ca0e
+	* NEWS: Update.
+	* lang/cpp/src/decryptionresult.cpp (DecryptionResult::isDeVs): New
+	function.
+	* lang/cpp/src/decryptionresult.h (DecryptionResult::isDeVs): New
+	prototype.
+	* lang/cpp/src/verificationresult.cpp (Signature::isDeVs): New
+	function.
+	* lang/cpp/src/verificationresult.h (Signature::isDeVs): New
+	prototype.
+	* lang/python/src/results.py (DecryptResult): Turn field 'is_de_vs'
+	into a boolean.
+	(Signature): Likewise.
+	* src/decrypt.c (_gpgme_decrypt_status_handler): Handle the new
+	compliance status line.
+	* src/verify.c (_gpgme_verify_status_handler): Likewise.
+	* src/gpgme.h.in (gpgme_status_code_t): Add new status codes for the
+	new status lines.
+	* src/keylist.c (parse_pub_field18): Move function to 'util.h'.
+	(keylist_colon_handler): Adapt callsites.
+	* src/status-table.c (status_table): Add new status lines.
+	* src/util.h (PARSE_COMPLIANCE_FLAGS): New macro.  This used to be
+	'parse_pub_field18', but turned into a macro to make it polymorphic.
+
+2017-05-18  Justus Winter  <justus@g10code.com>
+
+	python: Fix build in certain cases.
+	+ commit 84a203e60b9935bd8536cd2832fbc55d7f011341
+	* lang/python/setup.py.in: Prepend the Python build dir to the list of
+	include directories so that it takes precedence over any other include
+	directory.
+
+2017-05-10  Justus Winter  <justus@g10code.com>
+
+	tests: Remove remnants of 'check-local'.
+	+ commit a9b4c0ad0d1085ff76742e44cf0cf926e89d1f4c
+	* tests/gpgsm/Makefile.am (check-local): Drop rule and the dependency
+	on it.
+
+	python: Fix test environment creation.
+	+ commit 6b4dd3b929ac23271bfa96edb9dbb142eca0a30f
+	* lang/python/tests/Makefile.am (pubring-stamp): Do not depend on the
+	configuration files, this can trigger superfluous rebuilds.
+
+	tests: Make sure to kill all previously running daemons.
+	+ commit a226eca84670ef4e171c3a54e7caefb3a89254a4
+	* lang/python/tests/Makefile.am: Kill all previously running daemons
+	before creating the private key store.
+	* lang/qt/tests/Makefile.am: Likewise.
+	* tests/gpg/Makefile.am: Likewise.
+	* tests/gpgsm/Makefile.am: Likewise.
+
+	tests: Harmonize test suites.
+	+ commit 15adff073bb89dc032d8342cfbbdad2850943f52
+	* lang/python/tests/Makefile.am: Create test environment as part of
+	'make all'.
+	* tests/gpg/Makefile.am: Make sure the private keystore is created
+	first.
+	* tests/gpgsm/Makefile.am: Create test environment as part of
+	'make all'.  Make sure the private keystore is created
+	first.
+
+	qt: Stop agent on clean.
+	+ commit 093b5497b7231590ce91ccf73ba64ebc0757f9e9
+	* lang/qt/tests/Makefile.am (clean-local): Stop agent.
+
+2017-05-10  Andre Heinecke  <aheinecke@intevation.de>
+
+	qt: Add a missing include <functional>
+	+ commit 5e27bf98b4c48cf6a239bcc94b7b67515ff339e7
+	* lang/qt/src/qgpgmenewcryptoconfig.cpp: Include functional.
+
+	qt: Undeprecate API that I find useful.
+	+ commit cc2ef3d07c0d261bb9e8e8c0f2706e1a08e4ec53
+	* lang/qt/src/decryptjob.h,
+	lang/qt/src/decryptverifyjob.h,
+	lang/qt/src/signencryptjob.h,
+	lang/qt/src/verifydetachedjob.h,
+	lang/qt/src/verifyopaquejob.h: Undeprecate ByteArray based API.
+
+	qt, tests: Don't use internal API.
+	+ commit b56f398eff4e3e70dea714c3174a5512dd9bcf33
+	* lang/qt/tests/t-encrypt.cpp, lang/qt/tests/t-tofuinfo.cpp:
+	Only use exported API.
+
+2017-05-03  Andre Heinecke  <aheinecke@intevation.de>
+
+	core: Don't split gpgconf strings on comma.
+	+ commit df4eb611e33dcab7bebf07b13734c7db7ccf40da
+	* src/engine-gpgconf.c (gpgconf_parse_option): Don't split
+	strings on comma.
+
+2017-04-25  Andre Heinecke  <aheinecke@intevation.de>
+
+	qt, cpp: Add additional copyright BSI notes.
+	+ commit 28734240e2a2ce67b64df55364f35e1648376311
+	* lang/cpp/Makefile.am,
+	lang/cpp/src/Makefile.am,
+	lang/cpp/src/callbacks.cpp,
+	lang/cpp/src/callbacks.h,
+	lang/cpp/src/configuration.cpp,
+	lang/cpp/src/configuration.h,
+	lang/cpp/src/context_glib.cpp,
+	lang/cpp/src/context_p.h,
+	lang/cpp/src/context_qt.cpp,
+	lang/cpp/src/context_vanilla.cpp,
+	lang/cpp/src/data_p.h,
+	lang/cpp/src/decryptionresult.cpp,
+	lang/cpp/src/decryptionresult.h,
+	lang/cpp/src/defaultassuantransaction.cpp,
+	lang/cpp/src/defaultassuantransaction.h,
+	lang/cpp/src/editinteractor.cpp,
+	lang/cpp/src/editinteractor.h,
+	lang/cpp/src/encryptionresult.cpp,
+	lang/cpp/src/encryptionresult.h,
+	lang/cpp/src/engineinfo.cpp,
+	lang/cpp/src/engineinfo.h,
+	lang/cpp/src/error.h,
+	lang/cpp/src/eventloopinteractor.cpp,
+	lang/cpp/src/eventloopinteractor.h,
+	lang/cpp/src/exception.cpp,
+	lang/cpp/src/exception.h,
+	lang/cpp/src/global.h,
+	lang/cpp/src/gpgadduserideditinteractor.cpp,
+	lang/cpp/src/gpgadduserideditinteractor.h,
+	lang/cpp/src/gpgagentgetinfoassuantransaction.cpp,
+	lang/cpp/src/gpgagentgetinfoassuantransaction.h,
+	lang/cpp/src/gpgmefw.h,
+	lang/cpp/src/gpgsetexpirytimeeditinteractor.cpp,
+	lang/cpp/src/gpgsetexpirytimeeditinteractor.h,
+	lang/cpp/src/gpgsetownertrusteditinteractor.cpp,
+	lang/cpp/src/gpgsetownertrusteditinteractor.h,
+	lang/cpp/src/gpgsignkeyeditinteractor.cpp,
+	lang/cpp/src/gpgsignkeyeditinteractor.h,
+	lang/cpp/src/importresult.cpp,
+	lang/cpp/src/importresult.h,
+	lang/cpp/src/interfaces/assuantransaction.h,
+	lang/cpp/src/interfaces/dataprovider.h,
+	lang/cpp/src/interfaces/passphraseprovider.h,
+	lang/cpp/src/interfaces/progressprovider.h,
+	lang/cpp/src/keygenerationresult.cpp,
+	lang/cpp/src/keygenerationresult.h,
+	lang/cpp/src/keylistresult.cpp,
+	lang/cpp/src/keylistresult.h,
+	lang/cpp/src/notation.h,
+	lang/cpp/src/result.h,
+	lang/cpp/src/result_p.h,
+	lang/cpp/src/scdgetinfoassuantransaction.cpp,
+	lang/cpp/src/scdgetinfoassuantransaction.h,
+	lang/cpp/src/signingresult.cpp,
+	lang/cpp/src/signingresult.h,
+	lang/cpp/src/trustitem.cpp,
+	lang/cpp/src/trustitem.h,
+	lang/cpp/src/util.h,
+	lang/cpp/src/verificationresult.cpp,
+	lang/cpp/src/verificationresult.h,
+	lang/cpp/src/vfsmountresult.cpp,
+	lang/qt/Makefile.am,
+	lang/qt/doc/Makefile.am,
+	lang/qt/src/Makefile.am,
+	lang/qt/src/defaultkeygenerationjob.h,
+	lang/qt/tests/Makefile.am: Add missing copyright.
+
+	Change copyright from Intevation to BSI.
+	+ commit 70035834326d0d04a5904ae01bc3757e577facf4
+	* lang/cpp/src/gpggencardkeyinteractor.cpp,
+	lang/cpp/src/gpggencardkeyinteractor.h,
+	lang/cpp/src/gpgmepp_export.h,
+	lang/cpp/src/swdbresult.cpp,
+	lang/cpp/src/swdbresult.h,
+	lang/cpp/src/tofuinfo.cpp,
+	lang/cpp/src/tofuinfo.h,
+	lang/qt/src/abstractimportjob.h,
+	lang/qt/src/adduseridjob.h,
+	lang/qt/src/changeexpiryjob.h,
+	lang/qt/src/changeownertrustjob.h,
+	lang/qt/src/changepasswdjob.h,
+	lang/qt/src/cryptoconfig.cpp,
+	lang/qt/src/cryptoconfig.h,
+	lang/qt/src/dataprovider.cpp,
+	lang/qt/src/dataprovider.h,
+	lang/qt/src/decryptjob.h,
+	lang/qt/src/decryptverifyjob.h,
+	lang/qt/src/deletejob.h,
+	lang/qt/src/dn.cpp,
+	lang/qt/src/dn.h,
+	lang/qt/src/downloadjob.h,
+	lang/qt/src/encryptjob.h,
+	lang/qt/src/exportjob.h,
+	lang/qt/src/hierarchicalkeylistjob.h,
+	lang/qt/src/importfromkeyserverjob.h,
+	lang/qt/src/importjob.h,
+	lang/qt/src/job.cpp,
+	lang/qt/src/job.h,
+	lang/qt/src/keyformailboxjob.h,
+	lang/qt/src/keygenerationjob.h,
+	lang/qt/src/keylistjob.h,
+	lang/qt/src/listallkeysjob.h,
+	lang/qt/src/multideletejob.h,
+	lang/qt/src/protocol.h,
+	lang/qt/src/protocol_p.h,
+	lang/qt/src/qgpgme_export.h,
+	lang/qt/src/qgpgmeadduseridjob.cpp,
+	lang/qt/src/qgpgmeadduseridjob.h,
+	lang/qt/src/qgpgmebackend.cpp,
+	lang/qt/src/qgpgmebackend.h,
+	lang/qt/src/qgpgmechangeexpiryjob.cpp,
+	lang/qt/src/qgpgmechangeexpiryjob.h,
+	lang/qt/src/qgpgmechangeownertrustjob.cpp,
+	lang/qt/src/qgpgmechangeownertrustjob.h,
+	lang/qt/src/qgpgmechangepasswdjob.cpp,
+	lang/qt/src/qgpgmechangepasswdjob.h,
+	lang/qt/src/qgpgmedecryptjob.cpp,
+	lang/qt/src/qgpgmedecryptjob.h,
+	lang/qt/src/qgpgmedecryptverifyjob.cpp,
+	lang/qt/src/qgpgmedecryptverifyjob.h,
+	lang/qt/src/qgpgmedeletejob.cpp,
+	lang/qt/src/qgpgmedeletejob.h,
+	lang/qt/src/qgpgmedownloadjob.cpp,
+	lang/qt/src/qgpgmedownloadjob.h,
+	lang/qt/src/qgpgmeencryptjob.cpp,
+	lang/qt/src/qgpgmeencryptjob.h,
+	lang/qt/src/qgpgmeexportjob.cpp,
+	lang/qt/src/qgpgmeexportjob.h,
+	lang/qt/src/qgpgmeimportfromkeyserverjob.cpp,
+	lang/qt/src/qgpgmeimportfromkeyserverjob.h,
+	lang/qt/src/qgpgmeimportjob.cpp,
+	lang/qt/src/qgpgmeimportjob.h,
+	lang/qt/src/qgpgmekeyformailboxjob.cpp,
+	lang/qt/src/qgpgmekeyformailboxjob.h,
+	lang/qt/src/qgpgmekeygenerationjob.cpp,
+	lang/qt/src/qgpgmekeygenerationjob.h,
+	lang/qt/src/qgpgmekeylistjob.cpp,
+	lang/qt/src/qgpgmekeylistjob.h,
+	lang/qt/src/qgpgmelistallkeysjob.cpp,
+	lang/qt/src/qgpgmelistallkeysjob.h,
+	lang/qt/src/qgpgmenewcryptoconfig.cpp,
+	lang/qt/src/qgpgmenewcryptoconfig.h,
+	lang/qt/src/qgpgmerefreshkeysjob.cpp,
+	lang/qt/src/qgpgmerefreshkeysjob.h,
+	lang/qt/src/qgpgmesecretkeyexportjob.cpp,
+	lang/qt/src/qgpgmesecretkeyexportjob.h,
+	lang/qt/src/qgpgmesignencryptjob.cpp,
+	lang/qt/src/qgpgmesignencryptjob.h,
+	lang/qt/src/qgpgmesignjob.cpp,
+	lang/qt/src/qgpgmesignjob.h,
+	lang/qt/src/qgpgmesignkeyjob.cpp,
+	lang/qt/src/qgpgmesignkeyjob.h,
+	lang/qt/src/qgpgmetofupolicyjob.cpp,
+	lang/qt/src/qgpgmetofupolicyjob.h,
+	lang/qt/src/qgpgmeverifydetachedjob.cpp,
+	lang/qt/src/qgpgmeverifydetachedjob.h,
+	lang/qt/src/qgpgmeverifyopaquejob.cpp,
+	lang/qt/src/qgpgmeverifyopaquejob.h,
+	lang/qt/src/qgpgmewkspublishjob.cpp,
+	lang/qt/src/qgpgmewkspublishjob.h,
+	lang/qt/src/refreshkeysjob.h,
+	lang/qt/src/signencryptjob.h,
+	lang/qt/src/signjob.h,
+	lang/qt/src/signkeyjob.h,
+	lang/qt/src/specialjob.h,
+	lang/qt/src/threadedjobmixin.cpp,
+	lang/qt/src/threadedjobmixin.h,
+	lang/qt/src/tofupolicyjob.h,
+	lang/qt/src/verifydetachedjob.h,
+	lang/qt/src/verifyopaquejob.h,
+	lang/qt/src/wkspublishjob.h,
+	lang/qt/tests/run-keyformailboxjob.cpp,
+	lang/qt/tests/t-config.cpp,
+	lang/qt/tests/t-encrypt.cpp,
+	lang/qt/tests/t-keylist.cpp,
+	lang/qt/tests/t-keylocate.cpp,
+	lang/qt/tests/t-ownertrust.cpp,
+	lang/qt/tests/t-support.cpp,
+	lang/qt/tests/t-support.h,
+	lang/qt/tests/t-tofuinfo.cpp,
+	lang/qt/tests/t-various.cpp,
+	lang/qt/tests/t-verify.cpp,
+	lang/qt/tests/t-wkspublish.cpp,
+	tests/gpg/t-encrypt-mixed.c,
+	tests/gpg/t-thread-keylist-verify.c,
+	tests/gpg/t-thread-keylist.c,
+	tests/run-decrypt.c: Change Intevation GmbH copyright to BSI.
+
+2017-04-24  Andre Heinecke  <aheinecke@intevation.de>
+
+	doc: Improve doc on passphrase_cb / pinentry mode.
+	+ commit 8d61aba1fe0379ba14494f8ae2011ba531554ef4
+	* doc/gpgme.texi (Passphrase Callback): Mention pinentry_mode and
+	restrictions.
+	(Pinentry Mode): Fix wording and clarify versions that need
+	loopback mode for passphrase_cb to work.
+
+2017-04-24  Justus Winter  <justus@g10code.com>
+
+	tests: Update encrypted sample files.
+	+ commit ac28e66f46132ae4a854d04b2f17acd4d55e4296
+	* tests/gpg/cipher-1.asc: Update file.
+	* tests/gpg/cipher-2.asc: Likewise.
+
+2017-04-11  Justus Winter  <justus@g10code.com>
+
+	python: Skip TOFU test if not supported by GnuPG.
+	+ commit 979d48e823357af9999a2adb34d75adaade8dec2
+	* lang/python/tests/support.py (have_tofu_support): New function.
+	* lang/python/tests/t-quick-key-manipulation.py: Skip TOFU test if not
+	supported by GnuPG.
+
+2017-04-11  Alon Bar-Lev  <alon.barlev@gmail.com>
+
+	python: use autoconf pre-processor when building via autoconf.
+	+ commit a827382cafe7f1425455dcc8bf5ef049172eb493
+	* configure.ac: Add AC_PROG_CPP.
+	* lang/python/Makefile.am: Set CPP environment for setup.py to use.
+
+	python: fix run-tests missing python_libdir.
+	+ commit d785c053a982bddefd7014dc6856d1af345fe9fb
+	* lang/python/tests/run-tests.py: Set python_libdir if --python-libdir
+	is set.
+
+2017-04-10  Justus Winter  <justus@g10code.com>
+
+	python: Fix distcheck.
+	+ commit db476e923415f8e458720aaafde7234b802a33ab
+	* lang/python/Makefile.am (uninstall-local): Explicitly request the
+	scheme 'posix_prefix'.  On Python2.7 the default scheme is
+	'posix_local', breaking distcheck.
+
+2017-04-10  Alon Bar-Lev  <alon.barlev@gmail.com>
+
+	python: Support alternatate libdir for tests.
+	+ commit 3cc90b67fa970e716c8672ec5c5f591fa11ab216
+	* lang/python/tests/run-tests.py: Add --python-libdir optional
+	parameter.
+
+	python: Read gpg-error.h using the pre-processor.
+	+ commit 7309ce6f5f7c86570953a141965d4f54cd9ad9a0
+	* lang/python/setup.py.in: Read gpg-error.h using the pre-processor.
+
+	python: Remove unneeded stats copy.
+	+ commit df8433bffa9e669897243f08edf7845762250e4a
+	* lang/python/setup.py.in: errors.i, gpgme.h are generated and always
+	newer than the original.
+
+	python: Remove usage of PYTHON_VERSIONS.
+	+ commit 25e6444b3f4601c7821beab06bc4520deacb007b
+	* configure.ac: Remove PYTHON_VERSIONS subst.
+	* lang/python/Makefile.am: Use basename of python as builddir prefix.
+	* lang/python/tests/run-tests.py: Likewise.
+
+	tests: Do not use check-local magic as dependency.
+	+ commit ebefc6cbf937d14ced65f7ded79c4ba901507d23
+	* tests/gpg/Makefile.am: Use BUILT_SOURCES instead of check-local
+	and initial.test.
+	* lang/qt/tests/Makefile.am: Ditto.
+
+	python: support .pydistutils.cfg mode.
+	+ commit 365c649ad073f2697438dc014160943ae31a1447
+	* lang/python/setup.py.in: Do not parse arguments.
+
+2017-04-07  Alon Bar-Lev  <alon.barlev@gmail.com>
+
+	python: simplify build, some fixups.
+	+ commit 49195c487e6c923f7137f092b982e7d833d98de6
+	* lang/python/gpg/version.py.in: Rename to lang/python/version.py.in.
+	configure.ac: Generate version.py.in in lang/python.
+	* lang/python/MANIFEST.in: Include version.py explicitly.
+	* lang/python/gpg: Rename to 'src'.
+	* lang/python/Makefile.am: Do not copy source files, do not use absolute
+	directories, support lib64 in uninstall, clean also dist directory, use
+	symlink for gpg src.
+	* lang/python/setup.py.in: Use builddir, copy sources into builddir,
+	copy version.py into module.
+
+2017-04-05  Justus Winter  <justus@g10code.com>
+
+	python: Fix vpath builds, fix distcheck.
+	+ commit e7d9c0c3d773f826dbd2ed417d04e25c410f3374
+	* lang/python/gpgme-h-clean.py: Delete file.
+	* lang/python/MANIFEST.in: Adapt accordingly.
+	* lang/python/Makefile.am (EXTRA_DIST): Likewise.
+	(COPY_FILES_GPG): Bring variable back.
+	(copystamp): Copy files.
+	(clean-local): Delete copied files.
+	(install-exec-local): Do not create and install list of installed
+	files.
+	(uninstall-local): Instead, create some explicit rules to uninstall
+	the extension.
+	* lang/python/setup.py.in: Parse arguments.  Locate files either in
+	the source directory, or in the build base directory.  Inline the code
+	from 'gpgme-h-clean.py'.  Copy 'helpers.c', add source directory as
+	include directory.
+
+2017-04-05  Alon Bar-Lev  <alon.barlev@gmail.com>
+
+	python: Generate files into build directory.
+	+ commit 801d7d8c5dd530d26ad6c4bcc94d986e6e022da4
+	* lang/python/setup.py.in: Generate files within BuildExtFirstHack
+	adjust build flags at this point instead of global.
+	* lang/python/Makefile.am: Remove logic of separate source directory per
+	python version in favor of build directory.
+	* lang/python/tests/run-tests.py: Adjust build directory location.
+
+2017-04-03  Pietro Cerutti  <gahr@gahr.ch>
+
+	FreeBSD's closefrom(2) does not return errors.
+	+ commit 50565982cdd502c3852fcc6f598932bd32b5cdc3
+
+
+2017-04-03  Igor Gnatenko  <ignatenkobrain@fedoraproject.org>
+
+	qt: pass fmt to gpgrt_asprintf()
+	+ commit 5d4f977dac542340c877fdd4b1304fa8f6e058e6
+	* lang/qt/src/dn.cpp (parse_dn_part): Add fmt argument instead of
+	using name directly.
+
+	GnuPG-Bug-Id: 3023
+
+2017-03-30  Andre Heinecke  <aheinecke@intevation.de>
+
+	python: Don't treat skipped tests as error.
+	+ commit f8a9ecc6290ebd73fa36647cdfca285fe4d94a62
+	* lang/python/tests/run-tests.py (failed): Don't count skipped tests
+	for the return code.
+
+2017-03-30  Justus Winter  <justus@g10code.com>
+
+	python: Fix skipping tests if running with GnuPG < 2.1.12.
+	+ commit 159505a28864399cc5405d9f85f35ab011a3259e
+	* final.py: Import 'support.py' for the side-effect of checking the
+	GnuPG version.
+	* t-data.py: Likewise.
+	* t-protocol-assuan.py: Likewise.
+	* t-wrapper.py: Likewise.
+	* t-callbacks.py: Avoid warning about 'support' being unused.
+	* t-edit.py: Likewise.
+	* t-encrypt-sym.py: Likewise.
+	* t-file-name.py: Likewise.
+	* t-idiomatic.py: Likewise.
+	* t-sig-notation.py: Likewise.
+	* t-trustlist.py: Likewise.
+	* t-verify.py: Likewise.
+	* t-wait.py: Likewise.
+	* t-keylist-from-data.py: Trim unused imports.
+
+2017-03-30  Andre Heinecke  <aheinecke@intevation.de>
+
+	qt: Handle if gpg does not support tofu in test.
+	+ commit 2c063a8d60418ee59ae80da221420c6f3fa19abb
+	* lang/qt/src/t-tofuinfo.cpp (TestTofuInfo::testSupported): Treat
+	it as unsupported if secret keylisting already fails.
+
+2017-03-29  Alon Bar-Lev  <alon.barlev@gmail.com>
+
+	python,build: Reinstate prepare target.
+	+ commit 9786e3a96e6772166f3523e74a748b9db20fae7c
+	* lang/python/Makefile.am: Fix 'prepare' target.
+	* lang/python/setup.py.in: Use 'abs_top_builddir' instead of guessing
+	the path.
+
+2017-03-28  Justus Winter  <justus@g10code.com>
+
+	tests: Run the threading tests only on UNIX.
+	+ commit 7e9f7752c992f957ccfde3b274865c633096e3bb
+	* tests/gpg/Makefile.am (tests_unix): Add 't-thread-keylist' and
+	't-thread-keylist-verify'.
+	(c_tests): Drop them here.
+
+	tests: Make error message more helpful.
+	+ commit a13e4abe9463579ef23d1acea39a093abfc6528d
+	* tests/gpg/t-keylist.c (main): Print number of returned and expected
+	keys.
+
 2017-03-28  Werner Koch  <wk@gnupg.org>
 
 	Release 1.9.0.
@@ -6,6 +830,14 @@
 	<cpp>: Bump LT version to C10/A4/R0.
 	<qt>: Bump LT version to C9/A2/R0.
 
+2017-03-28  Andre Heinecke  <aheinecke@intevation.de>
+
+	Revert "qt: Disable testEncryptDecryptNowrap"
+	+ commit a2ccb3172896a90bc27c95964ef94bd7c0924802
+	This reverts commit 57d60b20f16dd5f1bccbbcaa0a6ed75a554a6414.
+
+2017-03-28  Werner Koch  <wk@gnupg.org>
+
 	core: Prepare for new key listing data send by gpg.
 	+ commit 813ae5fa2d712aa9679b791c67c9c1c43d36ffe4
 	* src/gpgme.h.in (gpgme_user_id_t): New fields 'origin' and
diff --git a/Makefile.in b/Makefile.in
index ec5f752..15dfd86 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -101,8 +101,7 @@ DIST_COMMON = INSTALL NEWS README AUTHORS ChangeLog \
 	$(srcdir)/Makefile.in $(srcdir)/Makefile.am \
 	$(top_srcdir)/configure $(am__configure_deps) \
 	$(srcdir)/config.h.in $(top_srcdir)/build-aux/mkinstalldirs \
-	$(top_srcdir)/lang/python/gpg/version.py.in COPYING \
-	COPYING.LESSER THANKS TODO build-aux/compile \
+	COPYING COPYING.LESSER THANKS TODO build-aux/compile \
 	build-aux/config.guess build-aux/config.sub build-aux/depcomp \
 	build-aux/install-sh build-aux/mdate-sh missing \
 	build-aux/missing build-aux/mkinstalldirs \
@@ -131,7 +130,7 @@ am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
  configure.lineno config.status.lineno
 mkinstalldirs = $(SHELL) $(top_srcdir)/build-aux/mkinstalldirs
 CONFIG_HEADER = config.h
-CONFIG_CLEAN_FILES = lang/python/gpg/version.py
+CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
 AM_V_P = $(am__v_P_@AM_V@)
 am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
@@ -351,7 +350,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
@@ -489,8 +487,6 @@ $(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
 
 distclean-hdr:
 	-rm -f config.h stamp-h1
-lang/python/gpg/version.py: $(top_builddir)/config.status $(top_srcdir)/lang/python/gpg/version.py.in
-	cd $(top_builddir) && $(SHELL) ./config.status $@
 
 mostlyclean-libtool:
 	-rm -f *.lo
diff --git a/NEWS b/NEWS
index f1c3290..879d1af 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,54 @@
+Noteworthy changes in version 1.10.0 (2017-12-12)
+-------------------------------------------------
+
+ * Now returns more specific error codes for decryption to distinguish
+   between bad passphrase, user canceled, and no secret key.
+
+ * Now returns key origin information if available.
+
+ * Added context flag "auto-key-retrieve" to selectively enable the
+   corresponding gpg option.
+
+ * Added flag is_de_vs to decryption and verify results.
+
+ * py: Use SEEK_SET as default for data.seek.
+
+ * cpp: Various new APIs.
+
+ * Reduced spawn overhead on Linux again.  Added new configure option
+   --disable-linux-getdents to disable this feature for very old
+   Linux versions.
+
+ * Improved the Python bindings build system.
+
+ * Made the test suite less fragile.
+
+ * Interface changes relative to the 1.9.0 release:
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ gpgme_decrypt_result_t      EXTENDED: New field 'is_de_vs'.
+ gpgme_signature_t           EXTENDED: New field 'is_de_vs'.
+ gpgme_keyorg_t              NEW.
+ gpgme_op_delete_ext         NEW.
+ gpgme_op_delete_ext_start   NEW.
+ GPGME_DELETE_ALLOW_SECRET   NEW.
+ GPGME_DELETE_FORCE          NEW.
+ gpgme_op_conf_dir           NEW.
+ gpgme_set_ctx_flag          EXTENDED: New flag 'auto-key-retrieve'.
+ cpp: DecryptionResult::isDeVs         NEW.
+ cpp: Signature::isDeVs                NEW.
+ cpp: EngineInfo::Version::operator>   NEW.
+ cpp: Context::createKey               NEW.
+ cpp: Context::startCreateKey          NEW.
+ cpp: Context::createSubkey            NEW.
+ cpp: Context::startCreateSubkey       NEW.
+ qt: QuickJob                          NEW.
+ py: DecryptResult           EXTENDED: New boolean field 'is_de_vs'.
+ py: Signature               EXTENDED: New boolean field 'is_de_vs'.
+ py: GpgError                EXTENDED: Partial results in 'results'.
+
+ [c=C30/A19/R0 cpp=C11/A5/R0 qt=C10/A3/R0]
+
+
 Noteworthy changes in version 1.9.0 (2017-03-28)
 ------------------------------------------------
 
@@ -25,7 +76,6 @@ Noteworthy changes in version 1.9.0 (2017-03-28)
 
  * Many smaller bug fixes.
 
-
  * Interface changes relative to the 1.8.0 release:
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  gpgme_op_createkey          CHANGED: Meaning of 'expire' parameter.
diff --git a/README b/README
index 214ea87..f7b006f 100644
--- a/README
+++ b/README
@@ -22,10 +22,10 @@ to public key crypto engines like GnuPG or GpgSM easier for
 applications.  GPGME provides a high-level crypto API for encryption,
 decryption, signing, signature verification and key management.
 
-GPGME comes with language bindings for Common Lisp, C++, QT, Python2
+GPGME comes with language bindings for Common Lisp, C++, QT, Python2,
 and Python 3.
 
-GPGME uses GnuPG and GpgSM as its backends to support OpenPGP and the
+GPGME uses GnuPG as its backend to support OpenPGP and the
 Cryptographic Message Syntax (CMS).
 
 See the files COPYING, COPYING.LESSER, and each file for copyright and
@@ -41,16 +41,14 @@ See the file INSTALL for generic installation instructions.
 Check that you have unmodified sources.  See below on how to do this.
 Don't skip it - this is an important step!
 
-To build GPGME, you need to install libgpg-error (>= 1.11) and
-Libassuan (>= 2.0.2).
+To build GPGME, you need to install libgpg-error (>= 1.24) and
+Libassuan (>= 2.4.2).
 
-For support of the OpenPGP protocol (default), you should use the
-latest version of GnuPG (>= 1.4) , available at:
-ftp://ftp.gnupg.org/gcrypt/gnupg/.  For support of the CMS
-(Cryptographic Message Syntax) protocol and lot of other features, you
-need a GnuPG version >= 2.0.
+For support of the OpenPGP and the CMS protocols, you should use the
+latest version of GnuPG (>= 2.1.18) , available at:
+https://gnupg.org/ftp/gcrypt/gnupg/.
 
-For building the GIT version of GPGME please see the file README.GIT
+For building the Git version of GPGME please see the file README.GIT
 for more information.
 
 
@@ -68,34 +66,25 @@ a) If you have a trusted Version of GnuPG installed, you can simply check
 
    This checks that the detached signature gpgme-x.y.z.tar.gz.sig is
    indeed a a signature of gpgme-x.y.z.tar.gz.  The key used to create
-   this signature is either of:
+   this signature is at least one of:
 
-     rsa2048/4F25E3B6 2011-01-12 [expires: 2019-12-31]
+     rsa2048 2011-01-12 [expires: 2019-12-31]
      Key fingerprint = D869 2123 C406 5DEA 5E0F  3AB5 249B 39D2 4F25 E3B6
      Werner Koch (dist sig)
 
-     rsa2048/E0856959 2014-10-29 [expires: 2019-12-31]
+     rsa2048 2014-10-29 [expires: 2019-12-31]
      Key fingerprint = 46CC 7308 65BB 5C78 EBAB  ADCF 0437 6F3E E085 6959
      David Shaw (GnuPG Release Signing Key) <dshaw 'at' jabberwocky.com>
 
-     rsa2048/33BD3F06 2014-10-29 [expires: 2016-10-28]
+     rsa2048 2014-10-29 [expires: 2020-10-30]
      Key fingerprint = 031E C253 6E58 0D8E A286  A9F2 2071 B08A 33BD 3F06
      NIIBE Yutaka (GnuPG Release Key) <gniibe 'at' fsij.org>
 
-     rsa2048/7EFD60D9 2014-10-19 [expires: 2020-12-31]
-     Key fingerprint = D238 EA65 D64C 67ED 4C30  73F2 8A86 1B1C 7EFD 60D9
-     Werner Koch (Release Signing Key)
-
-     rsa3072/4B092E28 2017-03-17 [expires: 2027-03-15]
+     rsa3072 2017-03-17 [expires: 2027-03-15]
      Key fingerprint = 5B80 C575 4298 F0CB 55D8  ED6A BCEF 7E29 4B09 2E28
      Andre Heinecke (Release Signing Key)
 
-   You may retrieve these files from the keyservers using this command
-
-     gpg --recv-keys 249B39D24F25E3B6 04376F3EE0856959 \
-                     2071B08A33BD3F06 8A861B1C7EFD60D9 BCEF7E294B092E28
-
-   The keys are also available at https://gnupg.org/signature_key.html
+   The keys are available at <https://gnupg.org/signature_key.html>
    and in released GnuPG tarballs in the file g10/distsigkey.gpg .
    You have to make sure that these are really the desired keys and
    not faked one.  You should do this by comparing the fingerprints
diff --git a/VERSION b/VERSION
index f8e233b..81c871d 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.9.0
+1.10.0
diff --git a/acinclude.m4 b/acinclude.m4
index 575e526..cd2c83a 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -60,7 +60,7 @@ AC_DEFUN([GNUPG_CHECK_VA_COPY],
 ])
 
 dnl LIST_MEMBER()
-dnl Check wether an element ist contained in a list.  Set `found' to
+dnl Check whether an element ist contained in a list.  Set `found' to
 dnl `1' if the element is found in the list, to `0' otherwise.
 AC_DEFUN([LIST_MEMBER],
 [
diff --git a/autogen.sh b/autogen.sh
index 91f35a6..e5ba5bf 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -1,6 +1,6 @@
 #! /bin/sh
 # autogen.sh
-# Copyright (C) 2003, 2014 g10 Code GmbH
+# Copyright (C) 2003, 2014, 2017 g10 Code GmbH
 #
 # This file is free software; as a special exception the author gives
 # unlimited permission to copy and/or distribute it, with or without
@@ -15,7 +15,7 @@
 # configure it for the respective package.  It is maintained as part of
 # GnuPG and source copied by other packages.
 #
-# Version: 2014-01-10
+# Version: 2017-01-17
 
 configure_ac="configure.ac"
 
@@ -41,7 +41,7 @@ fatal () {
 
 info () {
     if [ -z "${SILENT}" ]; then
-      echo "autogen.sh:" "$*"
+      echo "autogen.sh:" "$*" >&2
     fi
 }
 
@@ -70,14 +70,27 @@ MSGMERGE=${GETTEXT_PREFIX}${MSGMERGE:-msgmerge}${GETTEXT_SUFFIX}
 DIE=no
 FORCE=
 SILENT=
+PRINT_HOST=no
+PRINT_BUILD=no
 tmp=$(dirname "$0")
 tsdir=$(cd "${tmp}"; pwd)
+version_parts=3
 
 if [ -n "${AUTOGEN_SH_SILENT}" ]; then
   SILENT=" --silent"
 fi
 if test x"$1" = x"--help"; then
-  echo "usage: ./autogen.sh [--silent] [--force] [--build-TYPE] [ARGS]"
+  echo "usage: ./autogen.sh [OPTIONS] [ARGS]"
+  echo "  Options:"
+  echo "    --silent       Silent operation"
+  echo "    --force        Pass --force to autoconf"
+  echo "    --find-version Helper for configure.ac"
+  echo "    --build-TYPE   Configure to cross build for TYPE"
+  echo "    --print-host   Print only the host triplet"
+  echo "    --print-build  Print only the build platform triplet"
+  echo ""
+  echo "  ARGS are passed to configure in --build-TYPE mode."
+  echo "  Configuration for this script is expected in autogen.rc"
   exit 0
 fi
 if test x"$1" = x"--silent"; then
@@ -88,6 +101,14 @@ if test x"$1" = x"--force"; then
   FORCE=" --force"
   shift
 fi
+if test x"$1" = x"--print-host"; then
+  PRINT_HOST=yes
+  shift
+fi
+if test x"$1" = x"--print-build"; then
+  PRINT_BUILD=yes
+  shift
+fi
 
 
 # Reject unsafe characters in $HOME, $tsdir and cwd.  We consider spaces
@@ -133,6 +154,11 @@ amd64_toolprefixes=
 myhost=""
 myhostsub=""
 case "$1" in
+    --find-version)
+        myhost="find-version"
+        SILENT=" --silent"
+        shift
+        ;;
     --build-w32)
         myhost="w32"
         shift
@@ -172,16 +198,81 @@ if [ -f "$HOME/.gnupg-autogen.rc" ]; then
     . "$HOME/.gnupg-autogen.rc"
 fi
 
+
+# **** FIND VERSION ****
+# This is a helper for the configure.ac M4 magic
+# Called
+#   ./autogen.sh --find-version PACKAGE MAJOR MINOR [MICRO]
+# returns a complete version string with automatic beta numbering.
+if [ "$myhost" = "find-version" ]; then
+    package="$1"
+    major="$2"
+    minor="$3"
+    micro="$4"
+
+    if [ -z "$package" -o -z "$major" -o -z "$minor" ]; then
+      echo "usage: ./autogen.sh --find-version PACKAGE MAJOR MINOR [MICRO]" >&2
+      exit 1
+    fi
+
+    case "$version_parts" in
+      2)
+        matchstr1="$package-$major.[0-9]*"
+        matchstr2="$package-$major-base"
+        vers="$major.$minor"
+        ;;
+      *)
+        matchstr1="$package-$major.$minor.[0-9]*"
+        matchstr2="$package-$major.$minor-base"
+        vers="$major.$minor.$micro"
+        ;;
+    esac
+
+    beta=no
+    if [ -e .git ]; then
+      ingit=yes
+      tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null)
+      tmp=$(echo "$tmp" | sed s/^"$package"//)
+      if [ -n "$tmp" ]; then
+          tmp=$(echo "$tmp" | sed s/^"$package"//  \
+                | awk -F- '$3!=0 && $3 !~ /^beta/ {print"-beta"$3}')
+      else
+          tmp=$(git describe --match "${matchstr2}" --long 2>/dev/null \
+                | awk -F- '$4!=0{print"-beta"$4}')
+      fi
+      [ -n "$tmp" ] && beta=yes
+      rev=$(git rev-parse --short HEAD | tr -d '\n\r')
+      rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null)))
+    else
+      ingit=no
+      beta=yes
+      tmp="-unknown"
+      rev="0000000"
+      rvd="0"
+    fi
+
+    echo "$package-$vers$tmp:$beta:$ingit:$vers$tmp:$vers:$tmp:$rev:$rvd:"
+    exit 0
+fi
+# **** end FIND VERSION ****
+
+
+if [ ! -f "$tsdir/build-aux/config.guess" ]; then
+    fatal "$tsdir/build-aux/config.guess not found"
+    exit 1
+fi
+build=`$tsdir/build-aux/config.guess`
+if [ $PRINT_BUILD = yes ]; then
+    echo "$build"
+    exit 0
+fi
+
+
+
 # ******************
 #  W32 build script
 # ******************
 if [ "$myhost" = "w32" ]; then
-    if [ ! -f "$tsdir/build-aux/config.guess" ]; then
-        fatal "$tsdir/build-aux/config.guess not found"
-        exit 1
-    fi
-    build=`$tsdir/build-aux/config.guess`
-
     case $myhostsub in
         ce)
           w32root="$w32ce_root"
@@ -222,6 +313,10 @@ if [ "$myhost" = "w32" ]; then
         fi
         die_p
     fi
+    if [ $PRINT_HOST = yes ]; then
+        echo "$host"
+        exit 0
+    fi
 
     if [ -f "$tsdir/config.log" ]; then
         if ! head $tsdir/config.log | grep "$host" >/dev/null; then
@@ -232,7 +327,8 @@ if [ "$myhost" = "w32" ]; then
 
     $tsdir/configure --enable-maintainer-mode ${SILENT} \
              --prefix=${w32root}  \
-             --host=${host} --build=${build} \
+             --host=${host} --build=${build} SYSROOT=${w32root} \
+             PKG_CONFIG_LIBDIR=${w32root}/lib/pkgconfig \
              ${configure_opts} ${extraoptions} "$@"
     rc=$?
     exit $rc
@@ -242,13 +338,6 @@ fi
 # ***** AMD64 cross build script *******
 # Used to cross-compile for AMD64 (for testing)
 if [ "$myhost" = "amd64" ]; then
-    shift
-    if [ ! -f $tsdir/build-aux/config.guess ]; then
-        echo "$tsdir/build-aux/config.guess not found" >&2
-        exit 1
-    fi
-    build=`$tsdir/build-aux/config.guess`
-
     [ -z "$amd64root" ] && amd64root="$HOME/amd64root"
     info "Using $amd64root as standard install directory"
     replace_sysroot
@@ -269,6 +358,10 @@ if [ "$myhost" = "amd64" ]; then
         echo "Stop." >&2
         exit 1
     fi
+    if [ $PRINT_HOST = yes ]; then
+        echo "$host"
+        exit 0
+    fi
 
     if [ -f "$tsdir/config.log" ]; then
         if ! head $tsdir/config.log | grep "$host" >/dev/null; then
@@ -341,8 +434,11 @@ fi
 
 # Check the git setup.
 if [ -d .git ]; then
-  CP="cp -a"
-  [ -z "${SILENT}" ] && CP="$CP -v"
+  CP="cp -p"
+  # If we have a GNU cp we can add -v
+  if cp --version >/dev/null 2>/dev/null; then
+    [ -z "${SILENT}" ] && CP="$CP -v"
+  fi
   if [ -f .git/hooks/pre-commit.sample -a ! -f .git/hooks/pre-commit ] ; then
     [ -z "${SILENT}" ] && cat <<EOF
 *** Activating trailing whitespace git pre-commit hook. ***
diff --git a/config.h.in b/config.h.in
index 385c17d..276dbef 100644
--- a/config.h.in
+++ b/config.h.in
@@ -187,6 +187,9 @@
 /* Defined if descriptor passing is enabled and supported */
 #undef USE_DESCRIPTOR_PASSING
 
+/* Defined if SYS_getdents can be used on Linux */
+#undef USE_LINUX_GETDENTS
+
 /* Enable extensions on AIX 3, Interix.  */
 #ifndef _ALL_SOURCE
 # undef _ALL_SOURCE
diff --git a/configure b/configure
index bbf7a1a..3584980 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for gpgme 1.9.0.
+# Generated by GNU Autoconf 2.69 for gpgme 1.10.0.
 #
 # Report bugs to <http://bugs.gnupg.org>.
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='gpgme'
 PACKAGE_TARNAME='gpgme'
-PACKAGE_VERSION='1.9.0'
-PACKAGE_STRING='gpgme 1.9.0'
+PACKAGE_VERSION='1.10.0'
+PACKAGE_STRING='gpgme 1.10.0'
 PACKAGE_BUGREPORT='http://bugs.gnupg.org'
 PACKAGE_URL=''
 
@@ -674,7 +674,6 @@ BUILD_TIMESTAMP
 BUILD_FILEVERSION
 BUILD_REVISION
 ENABLED_LANGUAGES
-PYTHON_VERSIONS
 PYTHONS
 PYTHON_EXTRA_LDFLAGS
 PYTHON_EXTRA_LIBS
@@ -894,6 +893,7 @@ with_libgpg_error_prefix
 with_gpg_error_prefix
 with_libassuan_prefix
 enable_fd_passing
+enable_linux_getdents
 '
       ac_precious_vars='build_alias
 host_alias
@@ -1457,7 +1457,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures gpgme 1.9.0 to adapt to many kinds of systems.
+\`configure' configures gpgme 1.10.0 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1527,7 +1527,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of gpgme 1.9.0:";;
+     short | recursive ) echo "Configuration of gpgme 1.10.0:";;
    esac
   cat <<\_ACEOF
 
@@ -1564,6 +1564,8 @@ Optional Features:
   --disable-g13-test      disable G13 regression test
   --disable-largefile     omit support for large files
   --disable-fd-passing    do not use FD passing
+  --disable-linux-getdents
+                          do not use SYS_getdents on Linux
 
 Optional Packages:
   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
@@ -1675,7 +1677,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-gpgme configure 1.9.0
+gpgme configure 1.10.0
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2505,7 +2507,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by gpgme $as_me 1.9.0, which was
+It was created by gpgme $as_me 1.10.0, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2868,35 +2870,35 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
 #   (Interfaces added:			AGE++)
 #   (Interfaces removed/changed:	AGE=0)
 #
-LIBGPGME_LT_CURRENT=29
-LIBGPGME_LT_AGE=18
+LIBGPGME_LT_CURRENT=30
+LIBGPGME_LT_AGE=19
 LIBGPGME_LT_REVISION=0
 
 # If there is an ABI break in gpgmepp or qgpgme also bump the
 # version in IMPORTED_LOCATION in the GpgmeppConfig-w32.cmake.in.in
 
-LIBGPGMEPP_LT_CURRENT=10
-LIBGPGMEPP_LT_AGE=4
+LIBGPGMEPP_LT_CURRENT=11
+LIBGPGMEPP_LT_AGE=5
 LIBGPGMEPP_LT_REVISION=0
 
-LIBQGPGME_LT_CURRENT=9
-LIBQGPGME_LT_AGE=2
+LIBQGPGME_LT_CURRENT=10
+LIBQGPGME_LT_AGE=3
 LIBQGPGME_LT_REVISION=0
 
 # If the API is changed in an incompatible way: increment the next counter.
 GPGME_CONFIG_API_VERSION=1
 ##############################################
 
-NEED_GPG_ERROR_VERSION=1.17
+NEED_GPG_ERROR_VERSION=1.24
 NEED_LIBASSUAN_API=2
-NEED_LIBASSUAN_VERSION=2.0.2
+NEED_LIBASSUAN_VERSION=2.4.2
 
 
 PACKAGE=$PACKAGE_NAME
 VERSION=$PACKAGE_VERSION
 
 VERSION_MAJOR=1
-VERSION_MINOR=9
+VERSION_MINOR=10
 VERSION_MICRO=0
 
 ac_aux_dir=
@@ -3418,7 +3420,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='gpgme'
- VERSION='1.9.0'
+ VERSION='1.10.0'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -5875,6 +5877,143 @@ else
 fi
 
 
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5
+$as_echo_n "checking how to run the C preprocessor... " >&6; }
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+  CPP=
+fi
+if test -z "$CPP"; then
+  if ${ac_cv_prog_CPP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+      # Double quotes because CPP needs to be expanded
+    for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
+    do
+      ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+  # <limits.h> exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+		     Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+  break
+fi
+
+    done
+    ac_cv_prog_CPP=$CPP
+
+fi
+  CPP=$ac_cv_prog_CPP
+else
+  ac_cv_prog_CPP=$CPP
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5
+$as_echo "$CPP" >&6; }
+ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+  # <limits.h> exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+		     Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+
+else
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
 ac_ext=cpp
 ac_cpp='$CXXCPP $CPPFLAGS'
 ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
@@ -6331,7 +6470,7 @@ cat >>confdefs.h <<_ACEOF
 #define VERSION "$VERSION"
 _ACEOF
 
-VERSION_NUMBER=0x010900
+VERSION_NUMBER=0x010a00
 
 
 # We need to compile and run a program on the build machine.  A
@@ -17637,7 +17776,7 @@ _ACEOF
 fi
 
 
-# Note: You need to declare all possible langauges also in
+# Note: You need to declare all possible languages also in
 #       lang/Makefile.am's DIST_SUBDIRS.
 # Check whether --enable-languages was given.
 if test "${enable_languages+set}" = set; then :
@@ -18385,7 +18524,7 @@ for n in $list; do
 done
 
 if test "$found" = "1"; then
-    # We need to ensure that in the langauge order qt comes after cpp
+    # We need to ensure that in the language order qt comes after cpp
     # so we remove qt first and explicitly add it as last list member.
     enabled_languages=$(echo $enabled_languages | sed 's/qt//')
 
@@ -20606,8 +20745,6 @@ $as_echo "$as_me: WARNING:
 
 	PYTHONS=$PYTHONS
 
-	PYTHON_VERSIONS=$PYTHON_VERSIONS
-
     fi
 fi
 
@@ -20617,7 +20754,7 @@ ENABLED_LANGUAGES=$enabled_languages
 #
 # Provide information about the build.
 #
-BUILD_REVISION="aa0390e"
+BUILD_REVISION="6a42eb5"
 
 
 cat >>confdefs.h <<_ACEOF
@@ -20626,7 +20763,7 @@ _ACEOF
 
 
 BUILD_FILEVERSION=`echo "$PACKAGE_VERSION"|sed 's/\([0-9.]*\).*/\1./;s/\./,/g'`
-BUILD_FILEVERSION="${BUILD_FILEVERSION}43523"
+BUILD_FILEVERSION="${BUILD_FILEVERSION}27202"
 
 
 # Check whether --enable-build-timestamp was given.
@@ -22108,7 +22245,30 @@ fi
 
 
 
+# Option --disable-linux-getdents
+#
+# By default we use SYS_getdents on Linux to optimize fd closing
+# before an exec.  This option allows to switch this optimization off.
+use_linux_getdents=yes
+# Check whether --enable-linux-getdents was given.
+if test "${enable_linux_getdents+set}" = set; then :
+  enableval=$enable_linux_getdents; use_linux_getdents=$enableval
+fi
+
+if test "$use_linux_getdents" = "yes"; then
+    case "${host}" in
+        *-*-linux*)
+
+$as_echo "#define USE_LINUX_GETDENTS 1" >>confdefs.h
+
+           ;;
+    esac
+fi
+
+
+#
 # Add a few constants to help porting to W32
+#
 
 
 
@@ -22240,7 +22400,7 @@ if test -z "$HAVE_DOXYGEN_TRUE"; then :
 fi
 ac_config_files="$ac_config_files lang/qt/doc/Makefile"
 
-ac_config_files="$ac_config_files lang/python/Makefile lang/python/gpg/version.py lang/python/tests/Makefile"
+ac_config_files="$ac_config_files lang/python/Makefile lang/python/version.py lang/python/tests/Makefile"
 
 ac_config_files="$ac_config_files lang/python/setup.py"
 
@@ -22846,7 +23006,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by gpgme $as_me 1.9.0, which was
+This file was extended by gpgme $as_me 1.10.0, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -22912,7 +23072,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-gpgme config.status 1.9.0
+gpgme config.status 1.10.0
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
@@ -23536,7 +23696,7 @@ do
     "lang/qt/doc/Doxyfile") CONFIG_FILES="$CONFIG_FILES lang/qt/doc/Doxyfile" ;;
     "lang/qt/doc/Makefile") CONFIG_FILES="$CONFIG_FILES lang/qt/doc/Makefile" ;;
     "lang/python/Makefile") CONFIG_FILES="$CONFIG_FILES lang/python/Makefile" ;;
-    "lang/python/gpg/version.py") CONFIG_FILES="$CONFIG_FILES lang/python/gpg/version.py" ;;
+    "lang/python/version.py") CONFIG_FILES="$CONFIG_FILES lang/python/version.py" ;;
     "lang/python/tests/Makefile") CONFIG_FILES="$CONFIG_FILES lang/python/tests/Makefile" ;;
     "lang/python/setup.py") CONFIG_FILES="$CONFIG_FILES lang/python/setup.py" ;;
 
@@ -25224,7 +25384,7 @@ fi
 echo "
         GPGME v${VERSION} has been configured as follows:
 
-        Revision:          aa0390e  (43523)
+        Revision:          6a42eb5  (27202)
         Platform:          $host
 
         UI Server:         $uiserver
diff --git a/configure.ac b/configure.ac
index 0dac6ce..6ea4bcd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -28,7 +28,7 @@ min_automake_version="1.14"
 # commit and push so that the git magic is able to work.  See below
 # for the LT versions.
 m4_define(mym4_version_major, [1])
-m4_define(mym4_version_minor, [9])
+m4_define(mym4_version_minor, [10])
 m4_define(mym4_version_micro, [0])
 
 # Below is m4 magic to extract and compute the revision number, the
@@ -55,28 +55,28 @@ AC_INIT([gpgme],[mym4_full_version],[http://bugs.gnupg.org])
 #   (Interfaces added:			AGE++)
 #   (Interfaces removed/changed:	AGE=0)
 #
-LIBGPGME_LT_CURRENT=29
-LIBGPGME_LT_AGE=18
+LIBGPGME_LT_CURRENT=30
+LIBGPGME_LT_AGE=19
 LIBGPGME_LT_REVISION=0
 
 # If there is an ABI break in gpgmepp or qgpgme also bump the
 # version in IMPORTED_LOCATION in the GpgmeppConfig-w32.cmake.in.in
 
-LIBGPGMEPP_LT_CURRENT=10
-LIBGPGMEPP_LT_AGE=4
+LIBGPGMEPP_LT_CURRENT=11
+LIBGPGMEPP_LT_AGE=5
 LIBGPGMEPP_LT_REVISION=0
 
-LIBQGPGME_LT_CURRENT=9
-LIBQGPGME_LT_AGE=2
+LIBQGPGME_LT_CURRENT=10
+LIBQGPGME_LT_AGE=3
 LIBQGPGME_LT_REVISION=0
 
 # If the API is changed in an incompatible way: increment the next counter.
 GPGME_CONFIG_API_VERSION=1
 ##############################################
 
-NEED_GPG_ERROR_VERSION=1.17
+NEED_GPG_ERROR_VERSION=1.24
 NEED_LIBASSUAN_API=2
-NEED_LIBASSUAN_VERSION=2.0.2
+NEED_LIBASSUAN_VERSION=2.4.2
 
 
 PACKAGE=$PACKAGE_NAME
@@ -109,6 +109,7 @@ AH_VERBATIM([_REENTRANT],
 #endif])
 
 AC_PROG_CC
+AC_PROG_CPP
 AC_PROG_CXX
 
 # Note: A suitable gitlog-to-changelog script can be found in GnuPG master.
@@ -279,7 +280,7 @@ if test x$fixed_search_path != x ; then
 fi
 
 
-# Note: You need to declare all possible langauges also in
+# Note: You need to declare all possible languages also in
 #       lang/Makefile.am's DIST_SUBDIRS.
 AC_ARG_ENABLE([languages],
               AC_HELP_STRING([--enable-languages=languages],
@@ -335,7 +336,7 @@ fi
 # Check that if qt is enabled cpp also is enabled
 LIST_MEMBER("qt", $enabled_languages)
 if test "$found" = "1"; then
-    # We need to ensure that in the langauge order qt comes after cpp
+    # We need to ensure that in the language order qt comes after cpp
     # so we remove qt first and explicitly add it as last list member.
     enabled_languages=$(echo $enabled_languages | sed 's/qt//')
     LIST_MEMBER("cpp", $enabled_languages)
@@ -474,7 +475,6 @@ if test "$found_py" = "1" -o "$found_py2" = "1" -o "$found_py3" = "1"; then
 	fi
 
 	AC_SUBST(PYTHONS, $PYTHONS)
-	AC_SUBST(PYTHON_VERSIONS, $PYTHON_VERSIONS)
     fi
 fi
 
@@ -762,7 +762,28 @@ fi
 AM_CONDITIONAL(HAVE_UISERVER, test "$uiserver" != "no")
 
 
+# Option --disable-linux-getdents
+#
+# By default we use SYS_getdents on Linux to optimize fd closing
+# before an exec.  This option allows to switch this optimization off.
+use_linux_getdents=yes
+AC_ARG_ENABLE(linux-getdents,
+              AC_HELP_STRING([--disable-linux-getdents],
+                             [do not use SYS_getdents on Linux]),
+              use_linux_getdents=$enableval)
+if test "$use_linux_getdents" = "yes"; then
+    case "${host}" in
+        *-*-linux*)
+           AC_DEFINE(USE_LINUX_GETDENTS,1,
+                     [Defined if SYS_getdents can be used on Linux])
+           ;;
+    esac
+fi
+
+
+#
 # Add a few constants to help porting to W32
+#
 AH_VERBATIM([SEPCONSTANTS],
 [
 /* Separators as used in $PATH and file name.  */
@@ -881,7 +902,7 @@ AC_CONFIG_FILES([lang/Makefile lang/cl/Makefile lang/cl/gpgme.asd])
 AM_COND_IF([HAVE_DOXYGEN], [AC_CONFIG_FILES([lang/qt/doc/Doxyfile])])
 AC_CONFIG_FILES(lang/qt/doc/Makefile)
 AC_CONFIG_FILES([lang/python/Makefile
-		 lang/python/gpg/version.py
+		 lang/python/version.py
 		 lang/python/tests/Makefile])
 AC_CONFIG_FILES([lang/python/setup.py], [chmod a+x lang/python/setup.py])
 AC_OUTPUT
diff --git a/doc/Makefile.in b/doc/Makefile.in
index 2f628fc..3c1a9d1 100644
--- a/doc/Makefile.in
+++ b/doc/Makefile.in
@@ -327,7 +327,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/doc/defsincdate b/doc/defsincdate
index 33f93d6..6a1f09f 100644
--- a/doc/defsincdate
+++ b/doc/defsincdate
@@ -1 +1 @@
-1479299220
+1512709151
diff --git a/doc/gpgme.info b/doc/gpgme.info
index b6b6e44..82aeb5b 100644
--- a/doc/gpgme.info
+++ b/doc/gpgme.info
@@ -19,8 +19,8 @@ END-INFO-DIR-ENTRY
 
    This file documents the GPGME library.
 
-   This is Edition 1.9.0, last updated 16 November 2016, of ‘The ‘GnuPG
-Made Easy’ Reference Manual’, for Version 1.9.0.
+   This is Edition 1.10.0, last updated 8 December 2017, of ‘The ‘GnuPG
+Made Easy’ Reference Manual’, for Version 1.10.0.
 
    Copyright © 2002–2008, 2010, 2012–2017 g10 Code GmbH.
 
@@ -37,130 +37,130 @@ Public License for more details.
 
 
 Indirect:
-gpgme.info-1: 1672
-gpgme.info-2: 321787
+gpgme.info-1: 1673
+gpgme.info-2: 302282
 
 Tag Table:
 (Indirect)
-Node: Top1672
-Node: Introduction9265
-Node: Getting Started10055
-Node: Features11516
-Node: Overview12828
-Node: Preparation13937
-Node: Header14934
-Node: Building the Source15681
-Node: Largefile Support (LFS)17825
-Node: Using Automake23239
-Node: Using Libtool25792
-Node: Library Version Check26154
-Node: Signal Handling32166
-Node: Multi-Threading33436
-Ref: Multi-Threading-Footnote-134852
-Node: Protocols and Engines35275
-Node: Engine Version Check37920
-Node: Engine Information40424
-Node: Engine Configuration44284
-Node: OpenPGP45568
-Node: Cryptographic Message Syntax45908
-Node: Assuan46221
-Node: Algorithms46595
-Ref: Algorithms-Footnote-147074
-Node: Public Key Algorithms47202
-Node: Hash Algorithms49689
-Node: Error Handling50879
-Node: Error Values52753
-Node: Error Sources57956
-Node: Error Codes60396
-Node: Error Strings65187
-Node: Exchanging Data66994
-Node: Creating Data Buffers68860
-Node: Memory Based Data Buffers69376
-Node: File Based Data Buffers72809
-Node: Callback Based Data Buffers75011
-Node: Destroying Data Buffers79202
-Node: Manipulating Data Buffers80690
-Node: Data Buffer I/O Operations81182
-Node: Data Buffer Meta-Data83555
-Node: Data Buffer Convenience87921
-Node: Contexts89898
-Node: Creating Contexts91084
-Node: Destroying Contexts91931
-Node: Result Management92270
-Node: Context Attributes93813
-Node: Protocol Selection94850
-Node: Crypto Engine95882
-Node: Setting the Sender97732
-Node: ASCII Armor99207
-Node: Text Mode99836
-Node: Offline Mode100770
-Node: Pinentry Mode101842
-Node: Included Certificates103527
-Node: Key Listing Mode104949
-Node: Passphrase Callback109041
-Node: Progress Meter Callback112428
-Node: Status Message Callback114413
-Node: Locale119123
-Node: Key Management120682
-Node: Key objects121910
-Node: Listing Keys133583
-Node: Information About Keys142211
-Node: Manipulating Keys143519
-Node: Generating Keys144089
-Node: Signing Keys162005
-Node: Exporting Keys165552
-Node: Importing Keys172245
-Ref: Importing Keys-Footnote-1179150
-Node: Deleting Keys179278
-Node: Changing Passphrases180723
-Node: Changing TOFU Data182012
-Node: Advanced Key Editing184063
-Node: Trust Item Management186712
-Node: Listing Trust Items187748
-Node: Manipulating Trust Items190109
-Node: Crypto Operations190752
-Node: Decrypt192016
-Node: Verify198345
-Node: Decrypt and Verify210614
-Node: Sign213450
-Node: Selecting Signers214014
-Node: Creating a Signature215401
-Node: Signature Notation Data220171
-Node: Encrypt222399
-Node: Encrypting a Plaintext222755
-Node: Miscellaneous230358
-Node: Running other Programs230770
-Node: Using the Assuan protocol232846
-Node: Checking for updates235568
-Node: Run Control240326
-Node: Waiting For Completion241070
-Node: Using External Event Loops243188
-Node: I/O Callback Interface245160
-Node: Registering I/O Callbacks250398
-Node: I/O Callback Example252436
-Node: I/O Callback Example GTK+259061
-Node: I/O Callback Example GDK260850
-Node: I/O Callback Example Qt262492
-Node: Cancellation264780
-Node: UI Server Protocol267050
-Ref: UI Server Protocol-Footnote-1268485
-Node: UI Server Encrypt268604
-Node: UI Server Sign273962
-Node: UI Server Decrypt276315
-Node: UI Server Verify277970
-Node: UI Server Set Input Files281542
-Node: UI Server Sign/Encrypt Files282612
-Node: UI Server Verify/Decrypt Files284420
-Node: UI Server Import/Export Keys286296
-Node: UI Server Checksum Files287358
-Node: Miscellaneous UI Server Commands289574
-Ref: command SENDER291505
-Node: Debugging293207
-Node: Deprecated Functions294956
-Node: Library Copying321787
-Node: Copying350007
-Node: Concept Index387757
-Node: Function and Data Index402536
+Node: Top1673
+Node: Introduction9267
+Node: Getting Started10057
+Node: Features11518
+Node: Overview12830
+Node: Preparation13939
+Node: Header14936
+Node: Building the Source15683
+Node: Largefile Support (LFS)17827
+Node: Using Automake23243
+Node: Using Libtool25796
+Node: Library Version Check26158
+Node: Signal Handling32218
+Node: Multi-Threading33488
+Ref: Multi-Threading-Footnote-134904
+Node: Protocols and Engines35327
+Node: Engine Version Check38078
+Node: Engine Information40601
+Node: Engine Configuration44461
+Node: OpenPGP45765
+Node: Cryptographic Message Syntax46105
+Node: Assuan46418
+Node: Algorithms46792
+Ref: Algorithms-Footnote-147271
+Node: Public Key Algorithms47399
+Node: Hash Algorithms50001
+Node: Error Handling51215
+Node: Error Values53089
+Node: Error Sources58292
+Node: Error Codes60732
+Node: Error Strings65525
+Node: Exchanging Data67332
+Node: Creating Data Buffers69217
+Node: Memory Based Data Buffers69733
+Node: File Based Data Buffers73166
+Node: Callback Based Data Buffers75368
+Node: Destroying Data Buffers79559
+Node: Manipulating Data Buffers81066
+Node: Data Buffer I/O Operations81558
+Node: Data Buffer Meta-Data83931
+Node: Data Buffer Convenience88450
+Node: Contexts90670
+Node: Creating Contexts91856
+Node: Destroying Contexts92703
+Node: Result Management93042
+Node: Context Attributes94623
+Node: Protocol Selection95660
+Node: Crypto Engine96692
+Node: Setting the Sender98581
+Node: ASCII Armor100094
+Node: Text Mode100723
+Node: Offline Mode101657
+Node: Pinentry Mode102767
+Node: Included Certificates104661
+Node: Key Listing Mode106107
+Node: Passphrase Callback110319
+Node: Progress Meter Callback113881
+Node: Status Message Callback115866
+Node: Locale121218
+Node: Key Management122796
+Node: Key objects124024
+Node: Listing Keys138248
+Node: Information About Keys146901
+Node: Manipulating Keys148209
+Node: Generating Keys148779
+Node: Signing Keys167101
+Node: Exporting Keys170734
+Node: Importing Keys177541
+Ref: Importing Keys-Footnote-1184685
+Node: Deleting Keys184813
+Node: Changing Passphrases187093
+Node: Changing TOFU Data188420
+Node: Advanced Key Editing190528
+Node: Trust Item Management193261
+Node: Listing Trust Items194297
+Node: Manipulating Trust Items196658
+Node: Crypto Operations197301
+Node: Decrypt198565
+Node: Verify205072
+Node: Decrypt and Verify217536
+Node: Sign220391
+Node: Selecting Signers220955
+Node: Creating a Signature222361
+Node: Signature Notation Data227131
+Node: Encrypt229416
+Node: Encrypting a Plaintext229772
+Node: Miscellaneous237495
+Node: Running other Programs237907
+Node: Using the Assuan protocol240070
+Node: Checking for updates242868
+Node: Run Control247685
+Node: Waiting For Completion248429
+Node: Using External Event Loops250547
+Node: I/O Callback Interface252519
+Node: Registering I/O Callbacks257759
+Node: I/O Callback Example259798
+Node: I/O Callback Example GTK+266423
+Node: I/O Callback Example GDK268212
+Node: I/O Callback Example Qt269854
+Node: Cancellation272142
+Node: UI Server Protocol274450
+Ref: UI Server Protocol-Footnote-1275885
+Node: UI Server Encrypt276004
+Node: UI Server Sign281362
+Node: UI Server Decrypt283715
+Node: UI Server Verify285370
+Node: UI Server Set Input Files288942
+Node: UI Server Sign/Encrypt Files290012
+Node: UI Server Verify/Decrypt Files291820
+Node: UI Server Import/Export Keys293696
+Node: UI Server Checksum Files294758
+Node: Miscellaneous UI Server Commands296976
+Ref: command SENDER298907
+Node: Debugging302282
+Node: Deprecated Functions304031
+Node: Library Copying329248
+Node: Copying357468
+Node: Concept Index395218
+Node: Function and Data Index409997
 
 End Tag Table
 
diff --git a/doc/gpgme.info-1 b/doc/gpgme.info-1
index 4b9ec87..4dc3349 100644
--- a/doc/gpgme.info-1
+++ b/doc/gpgme.info-1
@@ -19,8 +19,8 @@ END-INFO-DIR-ENTRY
 
    This file documents the GPGME library.
 
-   This is Edition 1.9.0, last updated 16 November 2016, of ‘The ‘GnuPG
-Made Easy’ Reference Manual’, for Version 1.9.0.
+   This is Edition 1.10.0, last updated 8 December 2017, of ‘The ‘GnuPG
+Made Easy’ Reference Manual’, for Version 1.10.0.
 
    Copyright © 2002–2008, 2010, 2012–2017 g10 Code GmbH.
 
@@ -41,8 +41,8 @@ File: gpgme.info,  Node: Top,  Next: Introduction,  Up: (dir)
 Main Menu
 *********
 
-This is Edition 1.9.0, last updated 16 November 2016, of ‘The ‘GnuPG
-Made Easy’ Reference Manual’, for Version 1.9.0 of the GPGME library.
+This is Edition 1.10.0, last updated 8 December 2017, of ‘The ‘GnuPG
+Made Easy’ Reference Manual’, for Version 1.10.0 of the GPGME library.
 
 * Menu:
 
@@ -443,14 +443,14 @@ smallfile counterparts, but with a suffix of 64.
 systems.  To address offsets in large files, you can either enable
 largefile support add-on.  Then a new data type ‘off64_t’ is provided,
 which is 64 bit wide.  Or you can replace the existing ‘off_t’ data type
-with its 64 bit wide counterpart.  All occurences of ‘off_t’ are then
+with its 64 bit wide counterpart.  All occurrences of ‘off_t’ are then
 automagically replaced.
 
    As if matters were not complex enough, there are also two different
 types of file descriptors in such systems.  This is important because if
 file descriptors are exchanged between programs that use a different
 maximum file size, certain errors must be produced on some file
-descriptors to prevent subtle overflow bugs from occuring.
+descriptors to prevent subtle overflow bugs from occurring.
 
    As you can see, supporting two different maximum file sizes at the
 same time is not at all an easy task.  However, the maximum file size
@@ -616,13 +616,16 @@ File: gpgme.info,  Node: Library Version Check,  Next: Signal Handling,  Prev: U
      library.
 
      If a selftest fails, the function may still succeed.  Selftest
-     errors are returned later when invoking ‘gpgme_new’, so that a
-     detailed error code can be returned (historically,
-     ‘gpgme_check_version’ does not return a detailed error code).
+     errors are returned later when invoking ‘gpgme_new’ or
+     ‘gpgme-data_new’, so that a detailed error code can be returned
+     (historically, ‘gpgme_check_version’ does not return a detailed
+     error code).
 
  -- Function: int gpgme_set_global_flag (const char *NAME,
           const char *VALUE)
 
+     SINCE: 1.4.0
+
      On some systems it is not easy to set environment variables and
      thus hard to use GPGME’s internal trace facility for debugging.
      This function has been introduced as an alternative way to enable
@@ -660,7 +663,7 @@ File: gpgme.info,  Node: Library Version Check,  Next: Signal Handling,  Prev: U
      ‘require-gnupg’
           Set the mimimum version of the required GnuPG engine.  If that
           version is not met, GPGME fails early instead of trying to use
-          the existant version.  The given version must be a string with
+          the existent version.  The given version must be a string with
           major, minor, and micro number.  Example: "2.1.0".
 
      ‘w32-inst-dir’
@@ -792,6 +795,7 @@ further interfaces.
      supported:
 
      ‘GPGME_PROTOCOL_OpenPGP’
+     ‘GPGME_PROTOCOL_OPENPGP’
           This specifies the OpenPGP protocol.
 
      ‘GPGME_PROTOCOL_CMS’
@@ -802,9 +806,13 @@ further interfaces.
           help.
 
      ‘GPGME_PROTOCOL_ASSUAN’
+          SINCE: 1.2.0
+
           This specifies the raw Assuan protocol.
 
      ‘GPGME_PROTOCOL_G13’
+          SINCE: 1.3.0
+
           Under development.  Please ask on <gnupg-devel@gnupg.org> for
           help.
 
@@ -813,6 +821,8 @@ further interfaces.
           help.
 
      ‘GPGME_PROTOCOL_SPAWN’
+          SINCE: 1.5.0
+
           Special protocol for use with ‘gpgme_op_spawn’.
 
      ‘GPGME_PROTOCOL_UNKNOWN’
@@ -843,6 +853,8 @@ File: gpgme.info,  Node: Engine Version Check,  Next: Engine Information,  Up: P
 ========================
 
  -- Function: const char * gpgme_get_dirinfo (cons char *WHAT)
+     SINCE: 1.5.0
+
      The function ‘gpgme_get_dirinfo’ returns a statically allocated
      string with the value associated to WHAT.  The returned values are
      the defaults and won’t change even after ‘gpgme_set_engine_info’
@@ -1016,6 +1028,8 @@ individually.
  -- Function: gpgme_error_t gpgme_set_engine_info
           (gpgme_protocol_t PROTO, const char *FILE_NAME,
           const char *HOME_DIR)
+     SINCE: 1.1.0
+
      The function ‘gpgme_set_engine_info’ changes the default
      configuration of the crypto engine implementing the protocol PROTO.
 
@@ -1027,7 +1041,7 @@ individually.
      The new defaults are not applied to already created GPGME contexts.
 
      This function returns the error code ‘GPG_ERR_NO_ERROR’ if
-     successful, or an eror code on failure.
+     successful, or an error code on failure.
 
    The functions ‘gpgme_ctx_get_engine_info’ and
 ‘gpgme_ctx_set_engine_info’ can be used to change the engine
@@ -1122,18 +1136,26 @@ verification of signatures.
           GnuPG.
 
      ‘GPGME_PK_ECC’
+          SINCE: 1.5.0
+
           This value is a generic indicator for ellipic curve
           algorithms.
 
      ‘GPGME_PK_ECDSA’
+          SINCE: 1.3.0
+
           This value indicates ECDSA, the Elliptic Curve Digital
           Signature Algorithm as defined by FIPS 186-2 and RFC-6637.
 
      ‘GPGME_PK_ECDH’
+          SINCE: 1.3.0
+
           This value indicates ECDH, the Eliptic Curve Diffie-Hellmann
           encryption algorithm as defined by RFC-6637.
 
      ‘GPGME_PK_EDDSA’
+          SINCE: 1.7.0
+
           This value indicates the EdDSA algorithm.
 
  -- Function: const char * gpgme_pubkey_algo_name
@@ -1146,6 +1168,8 @@ verification of signatures.
      If ALGO is not a valid public key algorithm, ‘NULL’ is returned.
 
  -- Function: char * gpgme_pubkey_algo_string (gpgme_subkey_t KEY)
+     SINCE: 1.7.0
+
      The function ‘gpgme_pubkey_algo_string’ is a convenience function
      to build and return an algorithm string in the same way GnuPG does
      (e.g.  “rsa2048” or “ed25519”).  The caller must free the result
@@ -1175,6 +1199,8 @@ make it suitable for public key cryptography.
      ‘GPGME_MD_SHA384’
      ‘GPGME_MD_SHA512’
      ‘GPGME_MD_SHA224’
+          SINCE: 1.5.0
+
      ‘GPGME_MD_MD4’
      ‘GPGME_MD_CRC32’
      ‘GPGME_MD_CRC32_RFC1510’
@@ -1421,8 +1447,8 @@ common that you should know about them.
      Also, it is guaranteed that an error value made from the error code
      ‘0’ will be ‘0’ itself (as a whole).  This means that the error
      source information is lost for this error code, however, as this
-     error code indicates that no error occured, this is generally not a
-     problem.
+     error code indicates that no error occurred, this is generally not
+     a problem.
 
 ‘GPG_ERR_GENERAL’
      This value means that something went wrong, but either there is not
@@ -1497,7 +1523,7 @@ common that you should know about them.
      for the certificate.
 
 ‘GPG_ERR_NO_POLICY_MATCH’
-     This value indicates that a policy issue occured.
+     This value indicates that a policy issue occurred.
 
 ‘GPG_ERR_NO_SECKEY’
      This value indicates that no secret key for the user ID is
@@ -1601,6 +1627,8 @@ memory buffers or files rather than pipes or sockets.  This might be
 relevant, for example, if the external event loop mechanism is used.
 
  -- Data type: gpgme_off_t
+     SINCE: 1.4.1
+
      On POSIX platforms the ‘gpgme_off_t’ type is an alias for ‘off_t’;
      it may be used interchangeable.  On Windows platforms ‘gpgme_off_t’
      is defined as a long (i.e.  32 bit) for 32 bit Windows and as a 64
@@ -1868,6 +1896,8 @@ File: gpgme.info,  Node: Destroying Data Buffers,  Next: Manipulating Data Buffe
      any case, the data object DH is destroyed.
 
  -- Function: void gpgme_free (void *BUFFER)
+     SINCE: 1.1.1
+
      The function ‘gpgme_free’ releases the memory returned by
      ‘gpgme_data_release_and_get_mem’ and ‘gpgme_pubkey_algo_string’.
      It should be used instead of the system libraries ‘free’ function
@@ -1953,6 +1983,8 @@ File: gpgme.info,  Node: Data Buffer Meta-Data,  Next: Data Buffer Convenience,
 ---------------------------
 
  -- Function: char * gpgme_data_get_file_name (gpgme_data_t DH)
+     SINCE: 1.1.0
+
      The function ‘gpgme_data_get_file_name’ returns a pointer to a
      string containing the file name associated with the data object.
      The file name will be stored in the output when encrypting or
@@ -1964,6 +1996,8 @@ File: gpgme.info,  Node: Data Buffer Meta-Data,  Next: Data Buffer Convenience,
 
  -- Function: gpgme_error_t gpgme_data_set_file_name (gpgme_data_t DH,
           const char *FILE_NAME)
+     SINCE: 1.1.0
+
      The function ‘gpgme_data_set_file_name’ sets the file name
      associated with the data object.  The file name will be stored in
      the output when encrypting or signing the data and will be returned
@@ -2000,17 +2034,25 @@ File: gpgme.info,  Node: Data Buffer Meta-Data,  Next: Data Buffer Convenience,
           used by OpenPGP and PEM.
 
      ‘GPGME_DATA_ENCODING_MIME’
+          SINCE: 1.7.0
+
           This specifies that the data is encoded as a MIME part.
 
      ‘GPGME_DATA_ENCODING_URL’
+          SINCE: 1.2.0
+
           The data is a list of linefeed delimited URLs.  This is only
           useful with ‘gpgme_op_import’.
 
      ‘GPGME_DATA_ENCODING_URL0’
+          SINCE: 1.2.0
+
           The data is a list of binary zero delimited URLs.  This is
           only useful with ‘gpgme_op_import’.
 
      ‘GPGME_DATA_ENCODING_URLESC’
+          SINCE: 1.2.0
+
           The data is a list of linefeed delimited URLs with all control
           and space characters percent escaped.  This mode is is not yet
           implemented.
@@ -2029,6 +2071,8 @@ File: gpgme.info,  Node: Data Buffer Meta-Data,  Next: Data Buffer Convenience,
  -- Function: gpgme_error_t gpgme_data_set_flag (gpgme_data_t DH,
           const char *NAME, const char *VALUE)
 
+     SINCE: 1.7.0
+
      Some minor properties of the data object can be controlled with
      flags set by this function.  The properties are identified by the
      following values for NAME:
@@ -2051,6 +2095,8 @@ File: gpgme.info,  Node: Data Buffer Convenience,  Prev: Data Buffer Meta-Data,
 ---------------------------------------
 
  -- Data type: enum gpgme_data_type_t
+     SINCE: 1.4.3
+
      The ‘gpgme_data_type_t’ type is used to return the detected type of
      the content of a data buffer.
 
@@ -2063,6 +2109,14 @@ File: gpgme.info,  Node: Data Buffer Convenience,  Prev: Data Buffer Meta-Data,
 ‘GPGME_DATA_TYPE_PGP_SIGNED’
      The data is an OpenPGP signed message.  This may be a binary
      signature, a detached one or a cleartext signature.
+‘GPGME_DATA_TYPE_PGP_ENCRYPTED’
+     SINCE: 1.7.0
+
+     The data is an OpenPGP encrypted message.
+‘GPGME_DATA_TYPE_PGP_SIGNATURE’
+     SINCE: 1.7.0
+
+     The data is an OpenPGP detached signature.
 ‘GPGME_DATA_TYPE_PGP_OTHER’
      This is a generic OpenPGP message.  In most cases this will be
      encrypted data.
@@ -2081,6 +2135,8 @@ File: gpgme.info,  Node: Data Buffer Convenience,  Prev: Data Buffer Meta-Data,
      private keys for X.509.
 
  -- Function: gpgme_data_type_t gpgme_data_identify (gpgme_data_t DH)
+     SINCE: 1.4.3
+
      The function ‘gpgme_data_identify’ returns the type of the data
      with the handle DH.  If it is not possible to perform the
      identification, the function returns zero
@@ -2162,12 +2218,16 @@ detach a result structure from its associated context and give it a
 lifetime beyond that of the current operation or context.
 
  -- Function: void gpgme_result_ref (void *RESULT)
+     SINCE: 1.2.0
+
      The function ‘gpgme_result_ref’ acquires an additional reference
      for the result RESULT, which may be of any type ‘gpgme_*_result_t’.
      As long as the user holds a reference, the result structure is
      guaranteed to be valid and unmodified.
 
  -- Function: void gpgme_result_unref (void *RESULT)
+     SINCE: 1.2.0
+
      The function ‘gpgme_result_unref’ releases a reference for the
      result RESULT.  If this was the last reference, the result
      structure will be destroyed and all resources associated to it will
@@ -2239,6 +2299,8 @@ Configuration::.
 
  -- Function: gpgme_engine_info_t gpgme_ctx_get_engine_info
           (gpgme_ctx_t CTX)
+     SINCE: 1.1.0
+
      The function ‘gpgme_ctx_get_engine_info’ returns a linked list of
      engine info structures.  Each info structure describes the
      configuration of one configured backend, as used by the context
@@ -2252,6 +2314,8 @@ Configuration::.
  -- Function: gpgme_error_t gpgme_ctx_set_engine_info (gpgme_ctx_t CTX,
           gpgme_protocol_t PROTO, const char *FILE_NAME,
           const char *HOME_DIR)
+     SINCE: 1.1.0
+
      The function ‘gpgme_ctx_set_engine_info’ changes the configuration
      of the crypto engine implementing the protocol PROTO for the
      context CTX.
@@ -2267,7 +2331,7 @@ Configuration::.
      operation on the context CTX.
 
      This function returns the error code ‘GPG_ERR_NO_ERROR’ if
-     successful, or an eror code on failure.
+     successful, or an error code on failure.
 
 
 File: gpgme.info,  Node: Setting the Sender,  Next: ASCII Armor,  Prev: Crypto Engine,  Up: Context Attributes
@@ -2285,6 +2349,8 @@ supported.
  -- Function: gpgme_error_t gpgme_set_sender (gpgme_ctx_t CTX,
           int ADDRESS)
 
+     SINCE: 1.8.0
+
      The function ‘gpgme_set_sender’ specifies the sender address for
      use in sign and verify operations.  ADDRESS is expected to be the
      “addr-spec” part of an address but my also be a complete mailbox
@@ -2297,6 +2363,8 @@ supported.
 
  -- Function: const char * gpgme_get_sender (gpgme_ctx_t CTX)
 
+     SINCE: 1.8.0
+
      The function ‘gpgme_get_sender’ returns the current sender address
      from the context, or NULL if none was set.  The returned value is
      valid as long as the CTX is valid and ‘gpgme_set_sender’ has not
@@ -2350,6 +2418,8 @@ File: gpgme.info,  Node: Offline Mode,  Next: Pinentry Mode,  Prev: Text Mode,
 ------------------
 
  -- Function: void gpgme_set_offline (gpgme_ctx_t CTX, int YES)
+     SINCE: 1.6.0
+
      The function ‘gpgme_set_offline’ specifies if offline mode should
      be used.  By default, offline mode is not used.
 
@@ -2367,6 +2437,8 @@ File: gpgme.info,  Node: Offline Mode,  Next: Pinentry Mode,  Prev: Text Mode,
      Offline mode is disabled if YES is zero, and enabled otherwise.
 
  -- Function: int gpgme_get_offline (gpgme_ctx_t CTX)
+     SINCE: 1.6.0
+
      The function ‘gpgme_get_offline’ returns 1 if offline mode is
      enabled, and ‘0’ if it is not, or if CTX is not a valid pointer.
 
@@ -2377,8 +2449,12 @@ File: gpgme.info,  Node: Pinentry Mode,  Next: Included Certificates,  Prev: Off
 -------------------
 
  -- Function: gpgme_error_t gpgme_set_pinentry_mode (gpgme_ctx_t CTX,
-     gpgme_pinentry_mode_t MODE) The function ‘gpgme_set_pinentry_mode’
-     specifies the pinentry mode to be used.
+     gpgme_pinentry_mode_t MODE)
+
+     SINCE: 1.4.0
+
+     The function ‘gpgme_set_pinentry_mode’ specifies the pinentry mode
+     to be used.
 
      For GnuPG >= 2.1 this option is required to be set to
      ‘GPGME_PINENTRY_MODE_LOOPBACK’ to enable the passphrase callback
@@ -2386,34 +2462,48 @@ File: gpgme.info,  Node: Pinentry Mode,  Next: Included Certificates,  Prev: Off
 
  -- Function: gpgme_pinentry_mode_t gpgme_get_pinentry_mode
           (gpgme_ctx_t CTX)
+     SINCE: 1.4.0
+
      The function ‘gpgme_get_pinenty_mode’ returns the mode set for the
      context.
 
  -- Data type: enum gpgme_pinentry_mode_t
+     SINCE: 1.4.0
+
      The ‘gpgme_minentry_mode_t’ type specifies the set of possible
      pinentry modes that are supported by GPGME if GnuPG >= 2.1 is used.
      The following modes are supported:
 
      ‘GPGME_PINENTRY_MODE_DEFAULT’
+          SINCE: 1.4.0
+
           Use the default of the agent, which is ask.
 
      ‘GPGME_PINENTRY_MODE_ASK’
+          SINCE: 1.4.0
+
           Force the use of the Pinentry.
 
      ‘GPGME_PINENTRY_MODE_CANCEL’
+          SINCE: 1.4.0
+
           Emulate use of Pinentry’s cancel button.
 
      ‘GPGME_PINENTRY_MODE_ERROR’
+          SINCE: 1.4.0
+
           Return a Pinentry error ‘No Pinentry’.
 
      ‘GPGME_PINENTRY_MODE_LOOPBACK’
+          SINCE: 1.4.0
+
           Redirect Pinentry queries to the caller.  This enables the use
-          of ‘gpgme_set_passphrase_cb’ whis pinentry queries redirected
-          to gpgme.
+          of ‘gpgme_set_passphrase_cb’ because pinentry queries are
+          redirected to gpgme.
 
-          Note: This mode requires ‘allow-loopback-pinentry’ to be
-          enabled in the ‘gpg-agent.conf’ or an agent started with that
-          option.
+          Note: For 2.1.0 - 2.1.12 this mode requires
+          ‘allow-loopback-pinentry’ to be enabled in the
+          ‘gpg-agent.conf’ or an agent started with that option.
 
 
 File: gpgme.info,  Node: Included Certificates,  Next: Key Listing Mode,  Prev: Pinentry Mode,  Up: Context Attributes
@@ -2429,6 +2519,8 @@ File: gpgme.info,  Node: Included Certificates,  Next: Key Listing Mode,  Prev:
      values of NR_OF_CERTS are:
 
      ‘GPGME_INCLUDE_CERTS_DEFAULT’
+          SINCE: 1.0.3
+
           Fall back to the default of the crypto backend.  This is the
           default for GPGME.
      ‘-2’
@@ -2473,7 +2565,7 @@ File: gpgme.info,  Node: Key Listing Mode,  Next: Passphrase Callback,  Prev: In
      ‘GPGME_KEYLIST_MODE_EXTERN’
           The ‘GPGME_KEYLIST_MODE_EXTERN’ symbol specifies that an
           external source should be searched for keys in the keylisting
-          operation.  The type of external source is dependant on the
+          operation.  The type of external source is dependent on the
           crypto engine used and whether it is combined with
           ‘GPGME_KEYLIST_MODE_LOCAL’.  For example, it can be a remote
           keyserver or LDAP certificate server.
@@ -2483,17 +2575,23 @@ File: gpgme.info,  Node: Key Listing Mode,  Next: Passphrase Callback,  Prev: In
           signatures should be included in the listed keys.
 
      ‘GPGME_KEYLIST_MODE_SIG_NOTATIONS’
+          SINCE: 1.1.1
+
           The ‘GPGME_KEYLIST_MODE_SIG_NOTATIONS’ symbol specifies that
           the signature notations on key signatures should be included
           in the listed keys.  This only works if
           ‘GPGME_KEYLIST_MODE_SIGS’ is also enabled.
 
      ‘GPGME_KEYLIST_MODE_WITH_TOFU’
+          SINCE: 1.7.0
+
           The ‘GPGME_KEYLIST_MODE_WITH_TOFU’ symbol specifies that
           information pertaining to the TOFU trust model should be
           included in the listed keys.
 
      ‘GPGME_KEYLIST_MODE_WITH_SECRET’
+          SINCE: 1.5.1
+
           The ‘GPGME_KEYLIST_MODE_WITH_SECRET’ returns information about
           the presence of a corresponding secret key in a public key
           listing.  A public key listing with this mode is slower than a
@@ -2502,10 +2600,14 @@ File: gpgme.info,  Node: Key Listing Mode,  Next: Passphrase Callback,  Prev: In
           versions >= 2.1.
 
      ‘GPGME_KEYLIST_MODE_EPHEMERAL’
+          SINCE: 1.2.0
+
           The ‘GPGME_KEYLIST_MODE_EPHEMERAL’ symbol specifies that keys
           flagged as ephemeral are included in the listing.
 
      ‘GPGME_KEYLIST_MODE_VALIDATE’
+          SINCE: 0.4.5
+
           The ‘GPGME_KEYLIST_MODE_VALIDATE’ symbol specifies that the
           backend should do key or certificate validation and not just
           get the validity information from an internal cache.  This
@@ -2571,6 +2673,10 @@ File: gpgme.info,  Node: Passphrase Callback,  Next: Progress Meter Callback,  P
      You can use the error code ‘GPG_ERR_CANCELED’ to abort the
      operation.  Otherwise, return ‘0’.
 
+     Note: The passphrase_cb only works with GnuPG 1.x and 2.1.x and not
+     with the 2.0.x series.  See ‘gpgme_set_pinentry_mode’ for more
+     details on 2.1.x usage.
+
  -- Function: void gpgme_set_passphrase_cb (gpgme_ctx_t CTX,
           gpgme_passphrase_cb_t PASSFUNC, void *HOOK_VALUE)
      The function ‘gpgme_set_passphrase_cb’ sets the function that is
@@ -2666,6 +2772,8 @@ File: gpgme.info,  Node: Status Message Callback,  Next: Locale,  Prev: Progress
 
  -- Function: void gpgme_set_status_cb (gpgme_ctx_t CTX,
           gpgme_status_cb_t STATUSFUNC, void *HOOK_VALUE)
+     SINCE: 1.6.0
+
      The function ‘gpgme_set_status_cb’ sets the function that is used
      when a status message is received from gpg to STATUSFUNC.  The
      function STATUSFUNC needs to be implemented by the user, and
@@ -2678,6 +2786,8 @@ File: gpgme.info,  Node: Status Message Callback,  Next: Locale,  Prev: Progress
 
  -- Function: void gpgme_get_status_cb (gpgme_ctx_t CTX,
           gpgme_status_cb_t *STATUSFUNC, void **HOOK_VALUE)
+     SINCE: 1.6.0
+
      The function ‘gpgme_get_status_cb’ returns the function that is
      used to process status messages from gpg in *STATUSFUNC, and the
      first argument for this function in *HOOK_VALUE.  If no status
@@ -2687,6 +2797,8 @@ File: gpgme.info,  Node: Status Message Callback,  Next: Locale,  Prev: Progress
  -- Function: gpgme_error_t gpgme_set_ctx_flag (gpgme_ctx_t CTX,
           const char *NAME, const char *VALUE)
 
+     SINCE: 1.7.0
+
      Some minor properties of the context can be controlled with flags
      set by this function.  The properties are identified by the
      following values for NAME:
@@ -2738,11 +2850,23 @@ File: gpgme.info,  Node: Status Message Callback,  Next: Locale,  Prev: Progress
           GnuPG < 2.1.16 will leak the session key on many platforms via
           ps(1).
 
+     ‘"auto-key-retrieve"’
+          Setting the VALUE to "1" asks the backend to automatically
+          retrieve a key for signature verification if possible.  Note
+          that this option makes a "web bug" like behavior possible.
+          Keyserver or Web Key Directory operators can see which keys
+          you request, so by sending you a message signed by a brand new
+          key (which you naturally will not have on your local keyring),
+          the operator can tell both your IP address and the time when
+          you verified the signature.
+
      This function returns ‘0’ on success.
 
  -- Function: const char * gpgme_get_ctx_flag (gpgme_ctx_t CTX,
           const char *NAME)
 
+     SINCE: 1.8.0
+
      The value of flags settable by ‘gpgme_set_ctx_flag’ can be
      retrieved by this function.  If NAME is unknown the function
      returns ‘NULL’.  For boolean flags an empty string is returned for
@@ -2765,6 +2889,8 @@ contexts created afterwards.
 
  -- Function: gpgme_error_t gpgme_set_locale (gpgme_ctx_t CTX,
           int CATEGORY, const char *VALUE)
+     SINCE: 0.4.3
+
      The function ‘gpgme_set_locale’ sets the locale of the context CTX,
      or the default locale if CTX is a null pointer.
 
@@ -2828,6 +2954,8 @@ long as the key object itself is valid.
      following members:
 
      ‘gpgme_keylist_mode_t keylist_mode’
+          SINCE: 0.9.0
+
           The keylist mode that was active when the key was retrieved.
 
      ‘unsigned int revoked : 1’
@@ -2858,10 +2986,14 @@ long as the key object itself is valid.
           create key certificates.
 
      ‘unsigned int can_authenticate : 1’
+          SINCE: 0.4.5
+
           This is true if the key (ie one of its subkeys) can be used
           for authentication.
 
      ‘unsigned int is_qualified : 1’
+          SINCE: 1.1.0
+
           This is true if the key can be used for qualified signatures
           according to local government regulations.
 
@@ -2873,6 +3005,8 @@ long as the key object itself is valid.
           ‘GPGME_KEYLIST_MODE_WITH_SECRET’ is active.
 
      ‘unsigned int origin : 5’
+          SINCE: 1.8.0
+
           Reserved for the origin of this key.
 
      ‘gpgme_protocol_t protocol’
@@ -2903,6 +3037,8 @@ long as the key object itself is valid.
           user ID in the list is the main (or primary) user ID.
 
      ‘char *fpr’
+          SINCE: 1.7.0
+
           This field gives the fingerprint of the primary key.  Note
           that this is a copy of the fingerprint of the first subkey.
           For an incomplete key (for example from a verification result)
@@ -2910,9 +3046,12 @@ long as the key object itself is valid.
           nevertheless.
 
      ‘unsigned long last_update’
+          SINCE: 1.8.0
+
           Reserved for the time of the last update of this key.
 
  -- Data type: gpgme_subkey_t
+     SINCE: 1.5.0
 
      The ‘gpgme_subkey_t’ type is a pointer to a subkey structure.
      Subkeys are one component of a ‘gpgme_key_t’ object.  In fact,
@@ -2951,13 +3090,19 @@ long as the key object itself is valid.
           certificates.
 
      ‘unsigned int can_authenticate : 1’
+          SINCE: 0.4.5
+
           This is true if the subkey can be used for authentication.
 
      ‘unsigned int is_qualified : 1’
+          SINCE: 1.1.0
+
           This is true if the subkey can be used for qualified
           signatures according to local government regulations.
 
      ‘unsigned int is_de_vs : 1’
+          SINCE: 1.8.0
+
           This is true if the subkey complies with the rules for
           classified information in Germany at the restricted level
           (VS-NfD). This are currently RSA keys of at least 2048 bits or
@@ -2984,6 +3129,8 @@ long as the key object itself is valid.
           if available.
 
      ‘char *keygrip’
+          SINCE: 1.7.0
+
           The keygrip of the subkey in hex digit form or ‘NULL’ if not
           availabale.
 
@@ -2996,9 +3143,13 @@ long as the key object itself is valid.
           subkey does not expire.
 
      ‘unsigned int is_cardkey : 1’
+          SINCE: 1.2.0
+
           True if the secret key is stored on a smart card.
 
      ‘char *card_number’
+          SINCE: 1.2.0
+
           The serial number of a smart card holding this key or ‘NULL’.
 
      ‘char *curve’
@@ -3044,6 +3195,8 @@ long as the key object itself is valid.
           is available ‘NULL’ is stored.
 
      ‘gpgme_tofu_info_t tofu’
+          SINCE: 1.7.0
+
           If not ‘NULL’ information from the TOFU database pertaining to
           this user id.
 
@@ -3051,11 +3204,79 @@ long as the key object itself is valid.
           This is a linked list with the signatures on this user ID.
 
      ‘unsigned int origin : 5’
+          SINCE: 1.8.0
+
           Reserved for the origin of this user ID.
 
      ‘unsigned long last_update’
+          SINCE: 1.8.0
+
           Reserved for the time of the last update of this user ID.
 
+ -- Data type: gpgme_tofu_info_t
+
+     SINCE: 1.7.0
+
+     The ‘gpgme_tofu_info_t’ type is a pointer to a tofu info structure.
+     Tofu info structures are one component of a ‘gpgme_user_id_t’
+     object, and provide information from the TOFU database pertaining
+     to the user ID.
+
+     The tofu info structure has the following members:
+
+     ‘gpgme_key_sig_t next’
+          This is a pointer to the next tofu info structure in the
+          linked list, or ‘NULL’ if this is the last element.
+
+     ‘unsigned int validity : 3’
+          This is the TOFU validity.  It can have the following values:
+
+          ‘0’
+               The value ‘0’ indicates a conflict.
+
+          ‘1’
+               The value ‘1’ indicates a key without history.
+
+          ‘2’
+               The value ‘2’ indicates a key with too little history.
+
+          ‘3’
+               The value ‘3’ indicates a key with enough history for
+               basic trust.
+
+          ‘4’
+               The value ‘4’ indicates a key with a lot of history.
+
+     ‘unsigned int policy : 4’
+          This is the TOFU policy, see ‘gpgme_tofu_policy_t’.
+
+     ‘unsigned short signcount’
+          This is the number of signatures seen for this binding (or
+          ‘USHRT_MAX’ if there are more than that).
+
+     ‘unsigned short encrcount’
+          This is the number of encryptions done with this binding (or
+          ‘USHRT_MAX’ if there are more than that).
+
+     ‘unsigned long signfirst’
+          Number of seconds since Epoch when the first signature was
+          seen with this binding.
+
+     ‘unsigned long signlast’
+          Number of seconds since Epoch when the last signature was seen
+          with this binding.
+
+     ‘unsigned long encrfirst’
+          Number of seconds since Epoch when the first encryption was
+          done with this binding.
+
+     ‘unsigned long encrlast’
+          Number of seconds since Epoch when the last encryption was
+          done with this binding.
+
+     ‘char *description’
+          A human-readable string summarizing the TOFU data (or NULL).
+
  -- Data type: gpgme_key_sig_t
 
      The ‘gpgme_key_sig_t’ type is a pointer to a key signature
@@ -3196,8 +3417,10 @@ File: gpgme.info,  Node: Listing Keys,  Next: Information About Keys,  Prev: Key
      not a valid pointer, and passes through any errors that are
      reported by the crypto engine support routines.
 
- -- Function: gpgme_error_t gpgme_op_keylist_from_data (gpgme_ctx_t CTX,
-          gpgme_data_t DATA, int RESERVED)
+ -- Function: gpgme_error_t gpgme_op_keylist_from_data_start
+          (gpgme_ctx_t CTX, gpgme_data_t DATA, int RESERVED)
+
+     SINCE: 1.8.0
 
      The function ‘gpgme_op_keylist_from_data_start’ initiates a key
      listing operation inside the context CTX.  In contrast to the other
@@ -3393,6 +3616,8 @@ provide a fallback to the old function if the error code
           unsigned long EXPIRES, gpgme_key_t EXTRAKEY,
           unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_createkey’ generates a new key for the
      procotol active in the context CTX.  As of now this function does
      only work for OpenPGP and requires at least version 2.1.13 of
@@ -3435,6 +3660,8 @@ provide a fallback to the old function if the error code
      ‘GPGME_CREATE_ENCR’
      ‘GPGME_CREATE_CERT’
      ‘GPGME_CREATE_AUTH’
+          SINCE: 1.7.0
+
           Do not create the key with the default capabilities (key
           usage) of the requested algorithm but use those explicitly
           given by these flags: “signing”, “encryption”,
@@ -3446,27 +3673,39 @@ provide a fallback to the old function if the error code
           protocol.
 
      ‘GPGME_CREATE_NOPASSWD’
+          SINCE: 1.7.0
+
           Request generation of the key without password protection.
 
      ‘GPGME_CREATE_SELFSIGNED’
+          SINCE: 1.7.0
+
           For an X.509 key do not create a CSR but a self-signed
           certificate.  This has not yet been implemented.
 
      ‘GPGME_CREATE_NOSTORE’
+          SINCE: 1.7.0
+
           Do not store the created key in the local key database.  This
           has not yet been implemented.
 
      ‘GPGME_CREATE_WANTPUB’
      ‘GPGME_CREATE_WANTSEC’
+          SINCE: 1.7.0
+
           Return the public or secret key as part of the result
           structure.  This has not yet been implemented.
 
      ‘GPGME_CREATE_FORCE’
+          SINCE: 1.7.0
+
           The engine does not allow the creation of a key with a user ID
           already existing in the local key database.  This flag can be
           used to override this check.
 
      ‘GPGME_CREATE_NOEXPIRE’
+          SINCE: 1.8.0
+
           Request generation of keys that do not expire.
 
      After the operation completed successfully, information about the
@@ -3481,6 +3720,8 @@ provide a fallback to the old function if the error code
           unsigned long EXPIRES, gpgme_key_t EXTRAKEY,
           unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_createkey_start’ initiates a
      ‘gpgme_op_createkey’ operation; see there for details.  It must be
      completed by calling ‘gpgme_wait’ on the context.  *Note Waiting
@@ -3490,6 +3731,8 @@ provide a fallback to the old function if the error code
           gpgme_key_t KEY, const char *ALGO, unsigned long RESERVED,
           unsigned long EXPIRES, unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_createsubkey’ creates and adds a new subkey
      to the primary OpenPGP key given by KEY.  The only allowed protocol
      in CTX is ‘GPGME_PROTOCOL_OPENPGP’.  Subkeys (aka secondary keys)
@@ -3533,6 +3776,8 @@ provide a fallback to the old function if the error code
           unsigned long RESERVED, unsigned long EXPIRES,
           unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_createsubkey_start’ initiates a
      ‘gpgme_op_createsubkey’ operation; see there for details.  It must
      be completed by calling ‘gpgme_wait’ on the context.  *Note Waiting
@@ -3541,6 +3786,8 @@ provide a fallback to the old function if the error code
  -- Function: gpgme_error_t gpgme_op_adduid (gpgme_ctx_t CTX,
           gpgme_key_t KEY, const char *USERID, unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_adduid’ adds a new user ID to the OpenPGP
      key given by KEY.  Adding additional user IDs after key creation is
      a feature of the OpenPGP protocol and thus the protocol for the
@@ -3565,6 +3812,8 @@ provide a fallback to the old function if the error code
  -- Function: gpgme_error_t gpgme_op_adduid_start (gpgme_ctx_t CTX,
           gpgme_key_t KEY, const char *USERID, unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_adduid_start’ initiates a ‘gpgme_op_adduid’
      operation; see there for details.  It must be completed by calling
      ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
@@ -3572,6 +3821,8 @@ provide a fallback to the old function if the error code
  -- Function: gpgme_error_t gpgme_op_revuid (gpgme_ctx_t CTX,
           gpgme_key_t KEY, const char *USERID, unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_revuid’ revokes a user ID from the OpenPGP
      key given by KEY.  Revoking user IDs after key creation is a
      feature of the OpenPGP protocol and thus the protocol for the
@@ -3598,6 +3849,8 @@ provide a fallback to the old function if the error code
  -- Function: gpgme_error_t gpgme_op_revuid_start (gpgme_ctx_t CTX,
           gpgme_key_t KEY, const char *USERID, unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_revuid_start’ initiates a ‘gpgme_op_revuid’
      operation; see there for details.  It must be completed by calling
      ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
@@ -3606,6 +3859,8 @@ provide a fallback to the old function if the error code
           gpgme_key_t KEY, const char *USERID, cons char * NAME,
           cons char * VALUE);
 
+     SINCE: 1.8.0
+
      The function ‘gpgme_op_set_uid_flag’ is used to set flags on a user
      ID from the OpenPGP key given by KEY.  Setting flags on user IDs
      after key creation is a feature of the OpenPGP protocol and thus
@@ -3636,6 +3891,8 @@ provide a fallback to the old function if the error code
           (gpgme_ctx_t CTX, gpgme_key_t KEY, const char *USERID,
           cons char * NAME, cons char * VALUE);
 
+     SINCE: 1.8.0
+
      The function ‘gpgme_op_set_uid_flag_start’ initiates a
      ‘gpgme_op_set_uid_flag’ operation; see there for details.  It must
      be completed by calling ‘gpgme_wait’ on the context.  *Note Waiting
@@ -3744,10 +4001,14 @@ provide a fallback to the old function if the error code
           provide the fingerprint, ‘fpr’ will be a null pointer.
 
      ‘gpgme_data_t pubkey’
+          SINCE: 1.7.0
+
           This will eventually be used to return the public key.  It is
           currently not used.
 
      ‘gpgme_data_t seckey’
+          SINCE: 1.7.0
+
           This will eventually be used to return the secret key.  It is
           currently not used.
 
@@ -3778,6 +4039,8 @@ to create key signatures when using modern GnuPG versions.
           gpgme_key_t KEY, const char *USERID, unsigned long EXPIRES,
           unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_keysign’ adds a new key signature to the
      public key KEY.  This function requires at least version 2.1.12 of
      GnuPG.
@@ -3812,10 +4075,14 @@ to create key signatures when using modern GnuPG versions.
      FLAGS can be set to the bit-wise OR of the following flags:
 
      ‘GPGME_KEYSIGN_LOCAL’
+          SINCE: 1.7.0
+
           Instead of creating an exportable key signature, create a key
           signature which is is marked as non-exportable.
 
      ‘GPGME_KEYSIGN_LFSEP’
+          SINCE: 1.7.0
+
           Although linefeeds are uncommon in user IDs this flag is
           required to explicitly declare that USERID may contain several
           linefeed separated user IDs.
@@ -3833,6 +4100,8 @@ to create key signatures when using modern GnuPG versions.
           gpgme_key_t KEY, const char *USERID, unsigned long EXPIRES,
           unsigned int FLAGS);
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_keysign_start’ initiates a
      ‘gpgme_op_keysign’ operation; see there for details.  It must be
      completed by calling ‘gpgme_wait’ on the context.  *Note Waiting
@@ -3857,21 +4126,29 @@ or-ed together.
      the export function is set to ‘NULL’.
 
 ‘GPGME_EXPORT_MODE_MINIMAL’
+     SINCE: 1.3.1
+
      If this bit is set, the smallest possible key is exported.  For
      OpenPGP keys it removes all signatures except for the latest
      self-signatures.  For X.509 keys it has no effect.
 
 ‘GPGME_EXPORT_MODE_SECRET’
+     SINCE: 1.6.0
+
      Instead of exporting the public key, the secret key is exported.
      This may not be combined with ‘GPGME_EXPORT_MODE_EXTERN’.  For
      X.509 the export format is PKCS#8.
 
 ‘GPGME_EXPORT_MODE_RAW’
+     SINCE: 1.6.0
+
      If this flag is used with ‘GPGME_EXPORT_MODE_SECRET’ for an X.509
      key the export format will be changed to PKCS#1.  This flag may not
      be used with OpenPGP.
 
 ‘GPGME_EXPORT_MODE_PKCS12’
+     SINCE: 1.6.0
+
      If this flag is used with ‘GPGME_EXPORT_MODE_SECRET’ for an X.509
      key the export format will be changed to PKCS#12 which also
      includes the certificate.  This flag may not be used with OpenPGP.
@@ -3942,6 +4219,8 @@ or-ed together.
  -- Function: gpgme_error_t gpgme_op_export_keys (gpgme_ctx_t CTX,
           gpgme_key_t keys[], gpgme_export_mode_t MODE,
           gpgme_data_t KEYDATA)
+     SINCE: 1.2.0
+
      The function ‘gpgme_op_export_keys’ extracts public keys and
      returns them in the data buffer KEYDATA.  The output format of the
      key data returned is determined by the ASCII armor attribute set
@@ -3965,6 +4244,8 @@ or-ed together.
  -- Function: gpgme_error_t gpgme_op_export_keys_start (gpgme_ctx_t CTX,
           gpgme_key_t KEYS[], gpgme_export_mode_t MODE,
           gpgme_data_t KEYDATA)
+     SINCE: 1.2.0
+
      The function ‘gpgme_op_export_keys_start’ initiates a
      ‘gpgme_op_export_ext’ operation.  It can be completed by calling
      ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
@@ -4006,36 +4287,44 @@ Importing keys means the same as running ‘gpg’ with the command
      context.  *Note Waiting For Completion::.
 
      The function returns the error code ‘GPG_ERR_NO_ERROR’ if the
-     import could be started successfully, ‘GPG_ERR_INV_VALUE’ if
-     KEYDATA if CTX or KEYDATA is not a valid pointer, and
-     ‘GPG_ERR_NO_DATA’ if KEYDATA is an empty data buffer.
+     import could be started successfully, ‘GPG_ERR_INV_VALUE’ if CTX or
+     KEYDATA is not a valid pointer, and ‘GPG_ERR_NO_DATA’ if KEYDATA is
+     an empty data buffer.
 
  -- Function: gpgme_error_t gpgme_op_import_keys (gpgme_ctx_t CTX,
           gpgme_key_t *KEYS)
+     SINCE: 1.2.0
+
      The function ‘gpgme_op_import_keys’ adds the keys described by the
      ‘NULL’ terminated array KEYS to the key ring of the crypto engine
-     used by CTX.  This function is the general interface to move a key
-     from one crypto engine to another as long as they are compatible.
-     In particular it is used to actually import and make keys permanent
+     used by CTX.  It is used to actually import and make keys permanent
      which have been retrieved from an external source (i.e.  using
-     ‘GPGME_KEYLIST_MODE_EXTERN’).  (1)
+     ‘GPGME_KEYLIST_MODE_EXTERN’) earlier.  The external keylisting must
+     have been made with the same context configuration (in particular
+     the same home directory).  (1) Note that for OpenPGP this may
+     require another access to the keyserver over the network.
 
      Only keys of the currently selected protocol of CTX are considered
      for import.  Other keys specified by the KEYS are ignored.  As of
      now all considered keys must have been retrieved using the same
-     method, that is the used key listing mode must be identical.
+     method, i.e.  the used key listing mode must be identical.
 
      After the operation completed successfully, the result can be
      retrieved with ‘gpgme_op_import_result’.
 
+     To move keys from one home directory to another, export and import
+     the keydata using ‘gpgme_op_export’ and ‘gpgme_op_import’.
+
      The function returns the error code ‘GPG_ERR_NO_ERROR’ if the
-     import was completed successfully, ‘GPG_ERR_INV_VALUE’ if KEYDATA
-     if CTX or KEYDATA is not a valid pointer, ‘GPG_ERR_CONFLICT’ if the
-     key listing mode does not match, and ‘GPG_ERR_NO_DATA’ if no keys
-     are considered for export.
+     import was completed successfully, ‘GPG_ERR_INV_VALUE’ if CTX is
+     not a valid pointer, ‘GPG_ERR_CONFLICT’ if the key listing mode
+     does not match, and ‘GPG_ERR_NO_DATA’ if no keys are considered for
+     export.
 
  -- Function: gpgme_error_t gpgme_op_import_keys_start (gpgme_ctx_t CTX,
           gpgme_key_t *KEYS)
+     SINCE: 1.2.0
+
      The function ‘gpgme_op_import_keys_start’ initiates a
      ‘gpgme_op_import_keys’ operation.  It can be completed by calling
      ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
@@ -4155,12 +4444,25 @@ File: gpgme.info,  Node: Deleting Keys,  Next: Changing Passphrases,  Prev: Impo
 7.5.9 Deleting Keys
 -------------------
 
- -- Function: gpgme_error_t gpgme_op_delete (gpgme_ctx_t CTX,
-          const gpgme_key_t KEY, int ALLOW_SECRET)
-     The function ‘gpgme_op_delete’ deletes the key KEY from the key
-     ring of the crypto engine used by CTX.  If ALLOW_SECRET is ‘0’,
-     only public keys are deleted, otherwise secret keys are deleted as
-     well, if that is supported.
+ -- Function: gpgme_error_t gpgme_op_delete_ext (gpgme_ctx_t CTX,
+          const gpgme_key_t KEY, unsigned int FLAGS)
+     SINCE: 1.9.1
+
+     The function ‘gpgme_op_delete_ext’ deletes the key KEY from the key
+     ring of the crypto engine used by CTX.
+
+     FLAGS can be set to the bit-wise OR of the following flags:
+
+     ‘GPGME_DELETE_ALLOW_SECRET’
+          SINCE: 1.9.1
+
+          If not set, only public keys are deleted.  If set, secret keys
+          are deleted as well, if that is supported.
+
+     ‘GPGME_DELETE_FORCE’
+          SINCE: 1.9.1
+
+          If set, the user is not asked to confirm the deletion.
 
      The function returns the error code ‘GPG_ERR_NO_ERROR’ if the key
      was deleted successfully, ‘GPG_ERR_INV_VALUE’ if CTX or KEY is not
@@ -4169,16 +4471,30 @@ File: gpgme.info,  Node: Deleting Keys,  Next: Changing Passphrases,  Prev: Impo
      unambiguously, and ‘GPG_ERR_CONFLICT’ if the secret key for KEY is
      available, but ALLOW_SECRET is zero.
 
- -- Function: gpgme_error_t gpgme_op_delete_start (gpgme_ctx_t CTX,
-          const gpgme_key_t KEY, int ALLOW_SECRET)
-     The function ‘gpgme_op_delete_start’ initiates a ‘gpgme_op_delete’
-     operation.  It can be completed by calling ‘gpgme_wait’ on the
-     context.  *Note Waiting For Completion::.
+ -- Function: gpgme_error_t gpgme_op_delete_ext_start (gpgme_ctx_t CTX,
+          const gpgme_key_t KEY, unsigned int FLAGS)
+     SINCE: 1.9.1
+
+     The function ‘gpgme_op_delete_ext_start’ initiates a
+     ‘gpgme_op_delete’ operation.  It can be completed by calling
+     ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
 
      The function returns the error code ‘GPG_ERR_NO_ERROR’ if the
      operation was started successfully, and ‘GPG_ERR_INV_VALUE’ if CTX
      or KEY is not a valid pointer.
 
+   The following functions allow only to use one particular flag.
+
+ -- Function: gpgme_error_t gpgme_op_delete (gpgme_ctx_t CTX,
+          const gpgme_key_t KEY, int ALLOW_SECRET)
+     Similar to ‘gpgme_op_delete_ext’, but only the flag
+     ‘GPGME_DELETE_ALLOW_SECRET’ can be provided.
+
+ -- Function: gpgme_error_t gpgme_op_delete_start (gpgme_ctx_t CTX,
+          const gpgme_key_t KEY, int ALLOW_SECRET)
+     Similar to ‘gpgme_op_delete_ext_start’, but only the flag
+     ‘GPGME_DELETE_ALLOW_SECRET’ can be provided.
+
 
 File: gpgme.info,  Node: Changing Passphrases,  Next: Changing TOFU Data,  Prev: Deleting Keys,  Up: Key Management
 
@@ -4188,6 +4504,8 @@ File: gpgme.info,  Node: Changing Passphrases,  Next: Changing TOFU Data,  Prev:
  -- Function: gpgme_error_t gpgme_op_passwd (gpgme_ctx_t CTX,
           const gpgme_key_t KEY, unsigned int FLAGS)
 
+     SINCE: 1.3.0
+
      The function ‘gpgme_op_passwd’ changes the passphrase of the
      private key associated with KEY.  The only allowed value for FLAGS
      is ‘0’.  The backend engine will usually popup a window to ask for
@@ -4201,6 +4519,8 @@ File: gpgme.info,  Node: Changing Passphrases,  Next: Changing TOFU Data,  Prev:
  -- Function: gpgme_error_t gpgme_op_passwd_start (gpgme_ctx_t CTX,
           const gpgme_key_t KEY, unsigned int FLAGS)
 
+     SINCE: 1.3.0
+
      The function ‘gpgme_op_passwd_start’ initiates a ‘gpgme_op_passwd’
      operation.  It can be completed by calling ‘gpgme_wait’ on the
      context.  *Note Waiting For Completion::.
@@ -4220,6 +4540,8 @@ model.  For resolving conflicts it is necessary to declare the policy
 for a key.  See the GnuPG manual for details on the TOFU implementation.
 
  -- Data type: enum gpgme_tofu_policy_t
+     SINCE: 1.7.0
+
      The ‘gpgme_tofu_policy_t’ type specifies the set of possible policy
      values that are supported by GPGME:
 
@@ -4239,6 +4561,8 @@ for a key.  See the GnuPG manual for details on the TOFU implementation.
  -- Function: gpgme_error_t gpgme_op_tofu_policy (gpgme_ctx_t CTX,
           const gpgme_key_t KEY, gpgme_tofu_policy_t POLICY)
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_tofu_policy’ changes the TOFU policy of KEY.
      The valid values for POLICY are listed above.  As of now this
      function does only work for OpenPGP and requires at least version
@@ -4251,6 +4575,8 @@ for a key.  See the GnuPG manual for details on the TOFU implementation.
  -- Function: gpgme_error_t gpgme_op_tofu_policy_start (gpgme_ctx_t CTX,
           const gpgme_key_t KEY, gpgme_tofu_policy_t POLICY)
 
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_tofu_policy_start’ initiates a
      ‘gpgme_op_tofu_policy’ operation.  It can be completed by calling
      ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
@@ -4267,6 +4593,9 @@ File: gpgme.info,  Node: Advanced Key Editing,  Prev: Changing TOFU Data,  Up: K
 
  -- Data type: gpgme_error_t (*gpgme_interact_cb_t) (void *HANDLE,
           const char *STATUS, const char *ARGS, int FD)
+
+     SINCE: 1.7.0
+
      The ‘gpgme_interact_cb_t’ type is the type of functions which GPGME
      calls if it a key interact operation is on-going.  The status
      keyword STATUS and the argument line ARGS are passed through by
@@ -4282,6 +4611,9 @@ File: gpgme.info,  Node: Advanced Key Editing,  Prev: Changing TOFU Data,  Up: K
  -- Function: gpgme_error_t gpgme_op_interact (gpgme_ctx_t CTX,
           gpgme_key_t KEY, unsigned int FLAGS, gpgme_interact_cb_t FNC,
           void *HANDLE, gpgme_data_t OUT)
+
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_interact’ processes the key KEY
      interactively, using the interact callback function FNC with the
      handle HANDLE.  The callback is invoked for every status and
@@ -4296,6 +4628,8 @@ File: gpgme.info,  Node: Advanced Key Editing,  Prev: Changing TOFU Data,  Up: K
      value is:
 
      ‘GPGME_INTERACT_CARD’
+          SINCE: 1.7.0
+
           This is used for smartcard based keys and uses gpg’s
           ‘--card-edit’ command.
 
@@ -4307,6 +4641,9 @@ File: gpgme.info,  Node: Advanced Key Editing,  Prev: Changing TOFU Data,  Up: K
  -- Function: gpgme_error_t gpgme_op_interact_start (gpgme_ctx_t CTX,
           gpgme_key_t KEY, unsigned int FLAGS, gpgme_interact_cb_t FNC,
           void *HANDLE, gpgme_data_t OUT)
+
+     SINCE: 1.7.0
+
      The function ‘gpgme_op_interact_start’ initiates a
      ‘gpgme_op_interact’ operation.  It can be completed by calling
      ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
@@ -4470,7 +4807,7 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
      CIPHER does not contain any data to decrypt,
      ‘GPG_ERR_DECRYPT_FAILED’ if CIPHER is not a valid cipher text,
      ‘GPG_ERR_BAD_PASSPHRASE’ if the passphrase for the secret key could
-     not be retrieved, and passes through any errors that are reported
+     not be retrieved, and passes through some errors that are reported
      by the crypto engine support routines.
 
  -- Function: gpgme_error_t gpgme_op_decrypt_start (gpgme_ctx_t CTX,
@@ -4487,6 +4824,8 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
           gpgme_decrypt_flags_t FLAGS, gpgme_data_t CIPHER,
           gpgme_data_t PLAIN)
 
+     SINCE: 1.8.0
+
      The function ‘gpgme_op_decrypt_ext’ is the same as
      ‘gpgme_op_decrypt_ext’ but has an additional argument FLAGS.  If
      FLAGS is 0 both function behave identically.
@@ -4495,10 +4834,14 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
      of the following bit values:
 
      ‘GPGME_DECRYPT_VERIFY’
+          SINCE: 1.8.0
+
           The ‘GPGME_DECRYPT_VERIFY’ symbol specifies that this function
           shall exacty act as ‘gpgme_op_decrypt_verify’.
 
      ‘GPGME_DECRYPT_UNWRAP’
+          SINCE: 1.8.0
+
           The ‘GPGME_DECRYPT_UNWRAP’ symbol specifies that the output
           shall be an OpenPGP message with only the encryption layer
           removed.  This requires GnuPG 2.1.12 and works only for
@@ -4511,6 +4854,8 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
           gpgme_ctx_t CTX, gpgme_decrypt_flags_t FLAGS,
           gpgme_data_t CIPHER, gpgme_data_t PLAIN)
 
+     SINCE: 1.8.0
+
      The function ‘gpgme_op_decrypt_ext_start’ initiates a
      ‘gpgme_op_decrypt_ext’ operation.  It can be completed by calling
      ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
@@ -4520,6 +4865,8 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
      CIPHER or PLAIN is not a valid pointer.
 
  -- Data type: gpgme_recipient_t
+     SINCE: 1.1.0
+
      This is a pointer to a structure used to store information about
      the recipient of an encrypted text which is decrypted in a
      ‘gpgme_op_decrypt’ operation.  This information (except for the
@@ -4557,9 +4904,13 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
           describes the algorithm that is not supported.
 
      ‘unsigned int wrong_key_usage : 1’
+          SINCE: 0.9.0
+
           This is true if the key was not used according to its policy.
 
      ‘gpgme_recipient_t recipients’
+          SINCE: 1.1.0
+
           This is a linked list of recipients to which this message was
           encrypted.
 
@@ -4568,6 +4919,8 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
           it is known, otherwise this is a null pointer.
 
      ‘char *session_key’
+          SINCE: 1.8.0
+
           A textual representation (nul-terminated string) of the
           session key used in symmetric encryption of the message, if
           the context has been set to export session keys (see
@@ -4661,10 +5014,14 @@ File: gpgme.info,  Node: Verify,  Next: Decrypt and Verify,  Prev: Decrypt,  Up:
           combination of one or multiple of the following bit values:
 
           ‘GPGME_SIG_NOTATION_HUMAN_READABLE’
+               SINCE: 1.1.0
+
                The ‘GPGME_SIG_NOTATION_HUMAN_READABLE’ symbol specifies
                that the notation data is in human readable form
 
           ‘GPGME_SIG_NOTATION_CRITICAL’
+               SINCE: 1.1.0
+
                The ‘GPGME_SIG_NOTATION_CRITICAL’ symbol specifies that
                the notation data is critical.
 
@@ -4744,6 +5101,9 @@ File: gpgme.info,  Node: Verify,  Next: Decrypt and Verify,  Prev: Decrypt,  Up:
           ‘GPGME_SIGSUM_SYS_ERROR’
                A system error occured.
 
+          ‘GPGME_SIGSUM_TOFU_CONFLICT’
+               A TOFU conflict was detected.
+
      ‘char *fpr’
           This is the fingerprint or key ID of the signature.
 
@@ -4817,6 +5177,8 @@ File: gpgme.info,  Node: Verify,  Next: Decrypt and Verify,  Prev: Decrypt,  Up:
           also be reflected by the validity of the signature.
 
      ‘unsigned int chain_model : 1’
+          SINCE: 1.1.6
+
           This is true if the validity of the signature has been checked
           using the chain model.  In the chain model the time the
           signature has been created must be within the validity period
@@ -4842,6 +5204,8 @@ File: gpgme.info,  Node: Verify,  Next: Decrypt and Verify,  Prev: Decrypt,  Up:
           The mailbox from the PKA information or ‘NULL’.
 
      ‘gpgme_key_t key’
+          SINCE: 1.7.0
+
           An object describing the key used to create the signature.
           This key object may be incomplete in that it only conveys
           information availabale directly with a signature.  It may also
@@ -4924,6 +5288,8 @@ in GPGME and GnuPG:
 
  -- Function: char * gpgme_addrspec_from_uid (const char *UID)
 
+     SINCE: 1.7.1
+
      Return the mail address (called “addr-spec” in RFC-5322) from the
      string UID which is assumed to be a user id (called “address” in
      RFC-5322).  All plain ASCII characters (i.e.  those with bit 7
@@ -4975,6 +5341,8 @@ signing.
      Calling this function acquires an additional reference for the key.
 
  -- Function: unsigned int gpgme_signers_count (const gpgme_ctx_t CTX)
+     SINCE: 1.4.3
+
      The function ‘gpgme_signers_count’ returns the number of signer
      keys in the context CTX.
 
@@ -5106,6 +5474,8 @@ a signature.  This information is then available to the user when the
 signature is verified.
 
  -- Function: void gpgme_sig_notation_clear (gpgme_ctx_t CTX)
+     SINCE: 1.1.0
+
      The function ‘gpgme_sig_notation_clear’ removes the notation data
      from the context CTX.  Subsequent signing operations from this
      context will not include any notation data.
@@ -5115,6 +5485,8 @@ signature is verified.
  -- Function: gpgme_error_t gpgme_sig_notation_add (gpgme_ctx_t CTX,
           const char *NAME, const char *VALUE,
           gpgme_sig_notation_flags_t FLAGS)
+     SINCE: 1.1.0
+
      The function ‘gpgme_sig_notation_add’ adds the notation data with
      the name NAME and the value VALUE to the context CTX.
 
@@ -5138,6 +5510,8 @@ signature is verified.
 
  -- Function: gpgme_sig_notation_t gpgme_sig_notation_get
           (const gpgme_ctx_t CTX)
+     SINCE: 1.1.0
+
      The function ‘gpgme_sig_notation_get’ returns the linked list of
      notation data structures that are contained in the context CTX.
 
@@ -5190,12 +5564,16 @@ File: gpgme.info,  Node: Encrypting a Plaintext,  Up: Encrypt
           untrusted keys.
 
      ‘GPGME_ENCRYPT_NO_ENCRYPT_TO’
+          SINCE: 1.2.0
+
           The ‘GPGME_ENCRYPT_NO_ENCRYPT_TO’ symbol specifies that no
           default or hidden default recipients as configured in the
           crypto backend should be included.  This can be useful for
           managing different user profiles.
 
      ‘GPGME_ENCRYPT_NO_COMPRESS’
+          SINCE: 1.5.0
+
           The ‘GPGME_ENCRYPT_NO_COMPRESS’ symbol specifies that the
           plaintext shall not be compressed before it is encrypted.
           This is in some cases useful if the length of the encrypted
@@ -5209,12 +5587,16 @@ File: gpgme.info,  Node: Encrypting a Plaintext,  Up: Encrypt
           symbol the UI Server is advised to also expect a sign command.
 
      ‘GPGME_ENCRYPT_SYMMETRIC’
+          SINCE: 1.7.0
+
           The ‘GPGME_ENCRYPT_SYMMETRIC’ symbol specifies that the output
           should be additionally encrypted symmetrically even if
           recipients are provided.  This feature is only supported for
           for the OpenPGP crypto engine.
 
      ‘GPGME_ENCRYPT_THROW_KEYIDS’
+          SINCE: 1.8.0
+
           The ‘GPGME_ENCRYPT_THROW_KEYIDS’ symbols requests that the
           identifiers for the decrption keys are not included in the
           ciphertext.  On the receiving side, the use of this flag may
@@ -5223,6 +5605,8 @@ File: gpgme.info,  Node: Encrypting a Plaintext,  Up: Encrypt
           encryption.
 
      ‘GPGME_ENCRYPT_WRAP’
+          SINCE: 1.8.0
+
           The ‘GPGME_ENCRYPT_WRAP’ symbol specifies that the input is an
           OpenPGP message and not a plain data.  This is the counterpart
           to ‘GPGME_DECRYPT_UNWRAP’.
@@ -5340,6 +5724,8 @@ GPGME API.
           gpgme_data_t DATAOUT, gpgme_data_t DATAERR,
           unsigned int FLAGS)
 
+     SINCE: 1.5.0
+
      The function ‘gpgme_op_spawn’ runs the program FILE with the
      arguments taken from the NULL terminated array ARGV.  If no
      arguments are required ARGV may be given as ‘NULL’.  In the latter
@@ -5353,10 +5739,15 @@ GPGME API.
      of the following bit values:
 
      ‘GPGME_SPAWN_DETACHED’
+          SINCE: 1.5.0
+
           Under Windows this flag inhibits the allocation of a new
           console for the program.  This is useful for a GUI application
           which needs to call a command line helper tool.
+
      ‘GPGME_SPAWN_ALLOW_SET_FG’
+          SINCE: 1.5.0
+
           Under Windows this flag allows the called program to put
           itself into the foreground.
 
@@ -5365,6 +5756,8 @@ GPGME API.
           gpgme_data_t DATAOUT, gpgme_data_t DATAERR,
           unsigned int FLAGS)
 
+     SINCE: 1.5.0
+
      This is the asynchronous variant of ‘gpgme_op_spawn’.
 
 
@@ -5385,6 +5778,8 @@ transfer data:
  -- Data type: gpgme_error_t (*gpgme_assuan_data_cb_t) (void *OPAQUE,
           const void *DATA, size_t DATALEN)
 
+     SINCE: 1.2.0
+
      This callback receives any data sent by the server.  OPAQUE is the
      pointer passed to ‘gpgme_op_assuan_transact_start’, DATA of length
      DATALEN refers to the data sent.
@@ -5392,6 +5787,8 @@ transfer data:
  -- Data type: gpgme_error_t (*gpgme_assuan_inquire_cb_t) (void *OPAQUE,
           const char *NAME, const char *ARGS, gpgme_data_t *R_DATA)
 
+     SINCE: 1.2.0
+
      This callback is used to provide additional data to the Assuan
      server.  OPAQUE is the pointer passed to
      ‘gpgme_op_assuan_transact_start’, NAME and ARGS specify what kind
@@ -5403,6 +5800,8 @@ transfer data:
  -- Data type: gpgme_error_t (*gpgme_assuan_status_cb_t) (void *OPAQUE,
           const char *STATUS, const char *ARGS)
 
+     SINCE: 1.2.0
+
      This callback receives any status lines sent by the server.  OPAQUE
      is the pointer passed to ‘gpgme_op_assuan_transact_start’, STATUS
      and ARGS denote the status update sent.
@@ -5413,6 +5812,8 @@ transfer data:
           gpgme_assuan_inquire_cb_t INQUIRE_CB, void * INQUIRE_CB_VALUE,
           gpgme_assuan_status_cb_t STATUS_CB, void * STATUS_CB_VALUE)
 
+     SINCE: 1.2.0
+
      Send the Assuan COMMAND and return results via the callbacks.  Any
      callback may be ‘NULL’.  The result of the operation may be
      retrieved using ‘gpgme_wait_ext’.
@@ -5443,6 +5844,8 @@ online database and check whether a new version of a software package is
 available.
 
  -- Data type: gpgme_query_swdb_result_t
+     SINCE: 1.8.0
+
      This is a pointer to a structure used to store the result of a
      ‘gpgme_op_query_swdb’ operation.  After success full call to that
      function, you can retrieve the pointer to the result with
@@ -5489,7 +5892,7 @@ available.
           enough.
 
      ‘error’
-          If this flag is set some other error has occured.
+          If this flag is set some other error has occurred.
 
      ‘version’
           The version string of the latest released version.
@@ -5500,6 +5903,8 @@ available.
  -- Function: gpgme_error_t gpgme_op_query_swdb (gpgme_ctx_t CTX,
           const char *NAME, const char *IVERSION, gpgme_data_t RESERVED)
 
+     SINCE: 1.8.0
+
      Query the software version database for software package NAME and
      check against the installed version given by IVERSION.  If IVERSION
      is given as ‘NULL’ a check is only done if GPGME can figure out the
@@ -5510,10 +5915,12 @@ available.
  -- Function: gpgme_query_swdb_result_t gpgme_op_query_swdb_result
           (gpgme_ctx_t CTX)
 
+     SINCE: 1.8.0
+
      The function ‘gpgme_op_query_swdb_result’ returns a
      ‘gpgme_query_swdb_result_t’ pointer to a structure holding the
      result of a ‘gpgme_op_query_swdb’ operation.  The pointer is only
-     valid if the last operation on the context was a sucessful call to
+     valid if the last operation on the context was a successful call to
      ‘gpgme_op_query_swdb’.  If that call failed, the result might be a
      ‘NULL’ pointer.  The returned pointer is only valid until the next
      operation is started on the context CTX.
@@ -5758,9 +6165,9 @@ File: gpgme.info,  Node: I/O Callback Interface,  Next: Registering I/O Callback
      ‘gpgme_event_io_cb_t’ function with GPGME and will always be passed
      as the first argument when registering a callback function.  For
      example, the user can use this to determine the context in which
-     this event has occured.
+     this event has occurred.
 
-     TYPE will specify the type of event that has occured.  TYPE_DATA
+     TYPE will specify the type of event that has occurred.  TYPE_DATA
      specifies the event further, as described in the above list of
      possible ‘gpgme_event_io_t’ types.
 
@@ -5799,7 +6206,7 @@ File: gpgme.info,  Node: Registering I/O Callbacks,  Next: I/O Callback Example,
      ‘void *event_priv’
           This is passed as the first argument to the ‘event’ function
           when it is called by GPGME.  For example, it can be used to
-          determine the context in which the event has occured.
+          determine the context in which the event has occurred.
 
  -- Function: void gpgme_set_io_cbs (gpgme_ctx_t CTX,
           struct gpgme_io_cbs *IO_CBS)
@@ -6246,6 +6653,8 @@ cancellation occurs at the next possible time (typically the next time
 I/O occurs in the target context).
 
  -- Function: gpgme_ctx_t gpgme_cancel (gpgme_ctx_t CTX)
+     SINCE: 0.4.5
+
      The function ‘gpgme_cancel’ attempts to cancel a pending operation
      in the context CTX.  This only works if you use the global event
      loop or your own event loop.
@@ -6266,6 +6675,8 @@ I/O occurs in the target context).
      this case the state of CTX is not modified).
 
  -- Function: gpgme_ctx_t gpgme_cancel_async (gpgme_ctx_t CTX)
+     SINCE: 1.1.7
+
      The function ‘gpgme_cancel_async’ attempts to cancel a pending
      operation in the context CTX.  This can be called by any thread at
      any time after starting an operation on the context, but will not
@@ -6731,7 +7142,7 @@ First, the input files need to be specified by one or more ‘FILE’
 commands.  Afterwards, the actual operation is requested:
 
  -- Command: CHECKSUM_CREATE_FILES --nohup
-     Request that checksums are created for the files specifed by
+     Request that checksums are created for the files specified by
      ‘FILE’.  The choice of checksum algorithm and the destination
      storage and format for the created checksums depend on the
      preferences of the user and the functionality provided by the UI
@@ -6744,13 +7155,13 @@ commands.  Afterwards, the actual operation is requested:
      the operation asynchronously.
 
  -- Command: CHECKSUM_VERIFY_FILES --nohup
-     Request that checksums are created for the files specifed by ‘FILE’
-     and verified against previously created and stored checksums.  The
-     choice of checksum algorithm and the source storage and format for
-     previously created checksums depend on the preferences of the user
-     and the functionality provided by the UI server.  For directories,
-     the server may offer multiple options to the user (for example
-     ignore or process recursively).
+     Request that checksums are created for the files specified by
+     ‘FILE’ and verified against previously created and stored
+     checksums.  The choice of checksum algorithm and the source storage
+     and format for previously created checksums depend on the
+     preferences of the user and the functionality provided by the UI
+     server.  For directories, the server may offer multiple options to
+     the user (for example ignore or process recursively).
 
      If the source storage of previously created checksums is available
      to the user through the Windows shell, this command may also accept
@@ -6846,684 +7257,3 @@ associate operations the server MAY support the command:
      This command may be used at any time and overrides the effect of
      the last command.  A ‘RESET’ undoes the effect of this command.
 
-
-File: gpgme.info,  Node: Debugging,  Next: Deprecated Functions,  Prev: UI Server Protocol,  Up: Top
-
-Appendix B How to solve problems
-********************************
-
-Everyone knows that software often does not do what it should do and
-thus there is a need to track down problems.  This is in particular true
-for applications using a complex library like GPGME and of course also
-for the library itself.  Here we give a few hints on how to solve such
-problems.
-
-   First of all you should make sure that the keys you want to use are
-installed in the GnuPG engine and are usable.  Thus the first test is to
-run the desired operation using ‘gpg’ or ‘gpgsm’ on the command line.
-If you can’t figure out why things don’t work, you may use GPGME’s built
-in trace feature.  This feature is either enabled using the environment
-variable ‘GPGME_DEBUG’ or, if this is not possible, by calling the
-function ‘gpgme_set_global_flag’.  The value is the trace level and an
-optional file name.  If no file name is given the trace output is
-printed to ‘stderr’.
-
-For example
-     GPGME_DEBUG=9:/home/user/mygpgme.log
-(Note that under Windows you use a semicolon in place of the colon to
-separate the fields.)
-
-   A trace level of 9 is pretty verbose and thus you may want to start
-off with a lower level.  The exact definition of the trace levels and
-the output format may change with any release; you need to check the
-source code for details.  In any case the trace log should be helpful to
-understand what is going going on.  Warning: The trace log may reveal
-sensitive details like passphrases or other data you use in your
-application.  If you are asked to send a log file, make sure that you
-run your tests only with play data.
-
-
-File: gpgme.info,  Node: Deprecated Functions,  Next: Library Copying,  Prev: Debugging,  Up: Top
-
-Appendix C Deprecated Functions
-*******************************
-
-For backward compatibility GPGME has a number of functions, data types
-and constants which are deprecated and should not be used anymore.  We
-document here those which are really old to help understanding old code
-and to allow migration to their modern counterparts.
-
-   *Warning:* These interfaces will be removed in a future version of
-GPGME.
-
- -- Function: void gpgme_key_release (gpgme_key_t KEY)
-     The function ‘gpgme_key_release’ is equivalent to
-     ‘gpgme_key_unref’.
-
- -- Function: void gpgme_trust_item_release (gpgme_trust_item_t ITEM)
-     The function ‘gpgme_trust_item_release’ is an alias for
-     ‘gpgme_trust_item_unref’.
-
- -- Function: gpgme_error_t gpgme_op_import_ext (gpgme_ctx_t CTX,
-          gpgme_data_t KEYDATA, int *NR)
-     The function ‘gpgme_op_import_ext’ is equivalent to:
-
-            gpgme_error_t err = gpgme_op_import (ctx, keydata);
-            if (!err)
-              {
-                gpgme_import_result_t result = gpgme_op_import_result (ctx);
-                *nr = result->considered;
-              }
-
- -- Data type: gpgme_error_t (*gpgme_edit_cb_t) (void *HANDLE,
-          gpgme_status_code_t STATUS, const char *ARGS, int FD)
-     The ‘gpgme_edit_cb_t’ type is the type of functions which GPGME
-     calls if it a key edit operation is on-going.  The status code
-     STATUS and the argument line ARGS are passed through by GPGME from
-     the crypto engine.  The file descriptor FD is -1 for normal status
-     messages.  If STATUS indicates a command rather than a status
-     message, the response to the command should be written to FD.  The
-     HANDLE is provided by the user at start of operation.
-
-     The function should return ‘GPG_ERR_FALSE’ if it did not handle the
-     status code, ‘0’ for success, or any other error value.
-
- -- Function: gpgme_error_t gpgme_op_edit (gpgme_ctx_t CTX,
-          gpgme_key_t KEY, gpgme_edit_cb_t FNC, void *HANDLE,
-          gpgme_data_t OUT)
-     Note: This function is deprecated, please use ‘gpgme_op_interact’
-     instead.
-
-     The function ‘gpgme_op_edit’ processes the key KEY interactively,
-     using the edit callback function FNC with the handle HANDLE.  The
-     callback is invoked for every status and command request from the
-     crypto engine.  The output of the crypto engine is written to the
-     data object OUT.
-
-     Note that the protocol between the callback function and the crypto
-     engine is specific to the crypto engine and no further support in
-     implementing this protocol correctly is provided by GPGME.
-
-     The function returns the error code ‘GPG_ERR_NO_ERROR’ if the edit
-     operation completes successfully, ‘GPG_ERR_INV_VALUE’ if CTX or KEY
-     is not a valid pointer, and any error returned by the crypto engine
-     or the edit callback handler.
-
- -- Function: gpgme_error_t gpgme_op_edit_start (gpgme_ctx_t CTX,
-          gpgme_key_t KEY, gpgme_edit_cb_t FNC, void *HANDLE,
-          gpgme_data_t OUT)
-     Note: This function is deprecated, please use
-     ‘gpgme_op_interact_start’ instead.
-
-     The function ‘gpgme_op_edit_start’ initiates a ‘gpgme_op_edit’
-     operation.  It can be completed by calling ‘gpgme_wait’ on the
-     context.  *Note Waiting For Completion::.
-
-     The function returns the error code ‘GPG_ERR_NO_ERROR’ if the
-     operation was started successfully, and ‘GPG_ERR_INV_VALUE’ if CTX
-     or KEY is not a valid pointer.
-
- -- Function: gpgme_error_t gpgme_op_card_edit (gpgme_ctx_t CTX,
-          gpgme_key_t KEY, gpgme_edit_cb_t FNC, void *HANDLE,
-          gpgme_data_t OUT)
-     Note: This function is deprecated, please use ‘gpgme_op_interact’
-     with the flag ‘GPGME_INTERACT_CARD’ instead.
-
-     The function ‘gpgme_op_card_edit’ is analogous to ‘gpgme_op_edit’,
-     but should be used to process the smart card corresponding to the
-     key KEY.
-
- -- Function: gpgme_error_t gpgme_op_card_edit_start (gpgme_ctx_t CTX,
-          gpgme_key_t KEY, gpgme_edit_cb_t FNC, void *HANDLE,
-          gpgme_data_t OUT)
-     Note: This function is deprecated, please use
-     ‘gpgme_op_interact_start’ with the flag ‘GPGME_INTERACT_CARD’
-     instead.
-
-     The function ‘gpgme_op_card_edit_start’ initiates a
-     ‘gpgme_op_card_edit’ operation.  It can be completed by calling
-     ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
-
-     The function returns the error code ‘GPG_ERR_NO_ERROR’ if the
-     operation was started successfully, and ‘GPG_ERR_INV_VALUE’ if CTX
-     or KEY is not a valid pointer.
-
- -- Function: gpgme_error_t gpgme_data_new_with_read_cb
-          (gpgme_data_t *DH, int (*READFUNC) (void *HOOK, char *BUFFER,
-          size_t COUNT, size_t *NREAD), void *HOOK_VALUE)
-     The function ‘gpgme_data_new_with_read_cb’ creates a new
-     ‘gpgme_data_t’ object and uses the callback function READFUNC to
-     retrieve the data on demand.  As the callback function can supply
-     the data in any way it wants, this is the most flexible data type
-     GPGME provides.  However, it can not be used to write data.
-
-     The callback function receives HOOK_VALUE as its first argument
-     whenever it is invoked.  It should return up to COUNT bytes in
-     BUFFER, and return the number of bytes actually read in NREAD.  It
-     may return ‘0’ in NREAD if no data is currently available.  To
-     indicate ‘EOF’ the function should return with an error code of
-     ‘-1’ and set NREAD to ‘0’.  The callback function may support to
-     reset its internal read pointer if it is invoked with BUFFER and
-     NREAD being ‘NULL’ and COUNT being ‘0’.
-
-     The function returns the error code ‘GPG_ERR_NO_ERROR’ if the data
-     object was successfully created, ‘GPG_ERR_INV_VALUE’ if DH or
-     READFUNC is not a valid pointer, and ‘GPG_ERR_ENOMEM’ if not enough
-     memory is available.
-
- -- Function: gpgme_error_t gpgme_data_rewind (gpgme_data_t DH)
-     The function ‘gpgme_data_rewind’ is equivalent to:
-
-            return (gpgme_data_seek (dh, 0, SEEK_SET) == -1)
-              ? gpgme_error_from_errno (errno) : 0;
-
- -- Data type: gpgme_attr_t
-     The ‘gpgme_attr_t’ type is used to specify a key or trust item
-     attribute.  The following attributes are defined:
-
-     ‘GPGME_ATTR_KEYID’
-          This is the key ID of a sub key.  It is representable as a
-          string.
-
-          For trust items, the trust item refers to the key with this
-          ID.
-
-     ‘GPGME_ATTR_FPR’
-          This is the fingerprint of a sub key.  It is representable as
-          a string.
-
-     ‘GPGME_ATTR_ALGO’
-          This is the crypto algorithm for which the sub key can be
-          used.  It is representable as a string and as a number.  The
-          numbers correspond to the ‘enum gcry_pk_algos’ values in the
-          gcrypt library.
-
-     ‘GPGME_ATTR_LEN’
-          This is the key length of a sub key.  It is representable as a
-          number.
-
-     ‘GPGME_ATTR_CREATED’
-          This is the timestamp at creation time of a sub key.  It is
-          representable as a number.
-
-     ‘GPGME_ATTR_EXPIRE’
-          This is the expiration time of a sub key.  It is representable
-          as a number.
-
-     ‘GPGME_ATTR_OTRUST’
-          XXX FIXME (also for trust items)
-
-     ‘GPGME_ATTR_USERID’
-          This is a user ID. There can be more than one user IDs in a
-          GPGME_KEY_T object.  The first one (with index 0) is the
-          primary user ID. The user ID is representable as a number.
-
-          For trust items, this is the user ID associated with this
-          trust item.
-
-     ‘GPGME_ATTR_NAME’
-          This is the name belonging to a user ID. It is representable
-          as a string.
-
-     ‘GPGME_ATTR_EMAIL’
-          This is the email address belonging to a user ID. It is
-          representable as a string.
-
-     ‘GPGME_ATTR_COMMENT’
-          This is the comment belonging to a user ID. It is
-          representable as a string.
-
-     ‘GPGME_ATTR_VALIDITY’
-          This is the validity belonging to a user ID. It is
-          representable as a string and as a number.  See below for a
-          list of available validities.
-
-          For trust items, this is the validity that is associated with
-          this trust item.
-
-     ‘GPGME_ATTR_UID_REVOKED’
-          This specifies if a user ID is revoked.  It is representable
-          as a number, and is ‘1’ if the user ID is revoked, and ‘0’
-          otherwise.
-
-     ‘GPGME_ATTR_UID_INVALID’
-          This specifies if a user ID is invalid.  It is representable
-          as a number, and is ‘1’ if the user ID is invalid, and ‘0’
-          otherwise.
-
-     ‘GPGME_ATTR_LEVEL’
-          This is the trust level of a trust item.
-
-     ‘GPGME_ATTR_TYPE’
-          This returns information about the type of key.  For the
-          string function this will eother be "PGP" or "X.509".  The
-          integer function returns 0 for PGP and 1 for X.509.  It is
-          also used for the type of a trust item.
-
-     ‘GPGME_ATTR_IS_SECRET’
-          This specifies if the key is a secret key.  It is
-          representable as a number, and is ‘1’ if the key is revoked,
-          and ‘0’ otherwise.
-
-     ‘GPGME_ATTR_KEY_REVOKED’
-          This specifies if a sub key is revoked.  It is representable
-          as a number, and is ‘1’ if the key is revoked, and ‘0’
-          otherwise.
-
-     ‘GPGME_ATTR_KEY_INVALID’
-          This specifies if a sub key is invalid.  It is representable
-          as a number, and is ‘1’ if the key is invalid, and ‘0’
-          otherwise.
-
-     ‘GPGME_ATTR_KEY_EXPIRED’
-          This specifies if a sub key is expired.  It is representable
-          as a number, and is ‘1’ if the key is expired, and ‘0’
-          otherwise.
-
-     ‘GPGME_ATTR_KEY_DISABLED’
-          This specifies if a sub key is disabled.  It is representable
-          as a number, and is ‘1’ if the key is disabled, and ‘0’
-          otherwise.
-
-     ‘GPGME_ATTR_KEY_CAPS’
-          This is a description of the capabilities of a sub key.  It is
-          representable as a string.  The string contains the letter “e”
-          if the key can be used for encryption, “s” if the key can be
-          used for signatures, and “c” if the key can be used for
-          certifications.
-
-     ‘GPGME_ATTR_CAN_ENCRYPT’
-          This specifies if a sub key can be used for encryption.  It is
-          representable as a number, and is ‘1’ if the sub key can be
-          used for encryption, and ‘0’ otherwise.
-
-     ‘GPGME_ATTR_CAN_SIGN’
-          This specifies if a sub key can be used to create data
-          signatures.  It is representable as a number, and is ‘1’ if
-          the sub key can be used for signatures, and ‘0’ otherwise.
-
-     ‘GPGME_ATTR_CAN_CERTIFY’
-          This specifies if a sub key can be used to create key
-          certificates.  It is representable as a number, and is ‘1’ if
-          the sub key can be used for certifications, and ‘0’ otherwise.
-
-     ‘GPGME_ATTR_SERIAL’
-          The X.509 issuer serial attribute of the key.  It is
-          representable as a string.
-
-     ‘GPGME_ATTR_ISSUE’
-          The X.509 issuer name attribute of the key.  It is
-          representable as a string.
-
-     ‘GPGME_ATTR_CHAINID’
-          The X.509 chain ID can be used to build the certification
-          chain.  It is representable as a string.
-
- -- Function: const char * gpgme_key_get_string_attr (gpgme_key_t KEY,
-          gpgme_attr_t WHAT, const void *RESERVED, int IDX)
-     The function ‘gpgme_key_get_string_attr’ returns the value of the
-     string-representable attribute WHAT of key KEY.  If the attribute
-     is an attribute of a sub key or an user ID, IDX specifies the sub
-     key or user ID of which the attribute value is returned.  The
-     argument RESERVED is reserved for later use and should be ‘NULL’.
-
-     The string returned is only valid as long as the key is valid.
-
-     The function returns ‘0’ if an attribute can’t be returned as a
-     string, KEY is not a valid pointer, IDX out of range, or RESERVED
-     not ‘NULL’.
-
- -- Function: unsigned long gpgme_key_get_ulong_attr (gpgme_key_t KEY,
-          gpgme_attr_t WHAT, const void *RESERVED, int IDX)
-     The function ‘gpgme_key_get_ulong_attr’ returns the value of the
-     number-representable attribute WHAT of key KEY.  If the attribute
-     is an attribute of a sub key or an user ID, IDX specifies the sub
-     key or user ID of which the attribute value is returned.  The
-     argument RESERVED is reserved for later use and should be ‘NULL’.
-
-     The function returns ‘0’ if the attribute can’t be returned as a
-     number, KEY is not a valid pointer, IDX out of range, or RESERVED
-     not ‘NULL’.
-
-   The signatures on a key are only available if the key was retrieved
-via a listing operation with the ‘GPGME_KEYLIST_MODE_SIGS’ mode enabled,
-because it is expensive to retrieve all signatures of a key.
-
-   So, before using the below interfaces to retrieve the signatures on a
-key, you have to make sure that the key was listed with signatures
-enabled.  One convenient, but blocking, way to do this is to use the
-function ‘gpgme_get_key’.
-
- -- Data type: gpgme_attr_t
-     The ‘gpgme_attr_t’ type is used to specify a key signature
-     attribute.  The following attributes are defined:
-
-     ‘GPGME_ATTR_KEYID’
-          This is the key ID of the key which was used for the
-          signature.  It is representable as a string.
-
-     ‘GPGME_ATTR_ALGO’
-          This is the crypto algorithm used to create the signature.  It
-          is representable as a string and as a number.  The numbers
-          correspond to the ‘enum gcry_pk_algos’ values in the gcrypt
-          library.
-
-     ‘GPGME_ATTR_CREATED’
-          This is the timestamp at creation time of the signature.  It
-          is representable as a number.
-
-     ‘GPGME_ATTR_EXPIRE’
-          This is the expiration time of the signature.  It is
-          representable as a number.
-
-     ‘GPGME_ATTR_USERID’
-          This is the user ID associated with the signing key.  The user
-          ID is representable as a number.
-
-     ‘GPGME_ATTR_NAME’
-          This is the name belonging to a user ID. It is representable
-          as a string.
-
-     ‘GPGME_ATTR_EMAIL’
-          This is the email address belonging to a user ID. It is
-          representable as a string.
-
-     ‘GPGME_ATTR_COMMENT’
-          This is the comment belonging to a user ID. It is
-          representable as a string.
-
-     ‘GPGME_ATTR_KEY_REVOKED’
-          This specifies if a key signature is a revocation signature.
-          It is representable as a number, and is ‘1’ if the key is
-          revoked, and ‘0’ otherwise.
-
-     ‘GPGME_ATTR_SIG_CLASS’
-          This specifies the signature class of a key signature.  It is
-          representable as a number.  The meaning is specific to the
-          crypto engine.
-
-     ‘GPGME_ATTR_SIG_CLASS’
-          This specifies the signature class of a key signature.  It is
-          representable as a number.  The meaning is specific to the
-          crypto engine.
-
-     ‘GPGME_ATTR_SIG_STATUS’
-          This is the same value as returned by ‘gpgme_get_sig_status’.
-
- -- Function: const char * gpgme_key_sig_get_string_attr
-          (gpgme_key_t KEY, int UID_IDX, gpgme_attr_t WHAT,
-          const void *RESERVED, int IDX)
-     The function ‘gpgme_key_sig_get_string_attr’ returns the value of
-     the string-representable attribute WHAT of the signature IDX on the
-     user ID UID_IDX in the key KEY.  The argument RESERVED is reserved
-     for later use and should be ‘NULL’.
-
-     The string returned is only valid as long as the key is valid.
-
-     The function returns ‘0’ if an attribute can’t be returned as a
-     string, KEY is not a valid pointer, UID_IDX or IDX out of range, or
-     RESERVED not ‘NULL’.
-
- -- Function: unsigned long gpgme_key_sig_get_ulong_attr
-          (gpgme_key_t KEY, int UID_IDX, gpgme_attr_t WHAT,
-          const void *RESERVED, int IDX)
-     The function ‘gpgme_key_sig_get_ulong_attr’ returns the value of
-     the number-representable attribute WHAT of the signature IDX on the
-     user ID UID_IDX in the key KEY.  The argument RESERVED is reserved
-     for later use and should be ‘NULL’.
-
-     The function returns ‘0’ if an attribute can’t be returned as a
-     string, KEY is not a valid pointer, UID_IDX or IDX out of range, or
-     RESERVED not ‘NULL’.
-
-   Trust items have attributes which can be queried using the interfaces
-below.  The attribute identifiers are shared with those for key
-attributes.  *Note Information About Keys::.
-
- -- Function: const char * gpgme_trust_item_get_string_attr
-          (gpgme_trust_item_t ITEM, gpgme_attr_t WHAT,
-          const void *RESERVED, int IDX)
-     The function ‘gpgme_trust_item_get_string_attr’ returns the value
-     of the string-representable attribute WHAT of trust item ITEM.  The
-     arguments IDX and RESERVED are reserved for later use and should be
-     ‘0’ and ‘NULL’ respectively.
-
-     The string returned is only valid as long as the key is valid.
-
-     The function returns ‘0’ if an attribute can’t be returned as a
-     string, KEY is not a valid pointer, IDX out of range, or RESERVED
-     not ‘NULL’.
-
- -- Function: int gpgme_trust_item_get_int_attr
-          (gpgme_trust_item_t ITEM, gpgme_attr_t WHAT,
-          const void *RESERVED, int IDX)
-     The function ‘gpgme_trust_item_get_int_attr’ returns the value of
-     the number-representable attribute WHAT of trust item ITEM.  If the
-     attribute occurs more than once in the trust item, the index is
-     specified by IDX.  However, currently no such attribute exists, so
-     IDX should be ‘0’.  The argument RESERVED is reserved for later use
-     and should be ‘NULL’.
-
-     The function returns ‘0’ if the attribute can’t be returned as a
-     number, KEY is not a valid pointer, IDX out of range, or RESERVED
-     not ‘NULL’.
-
- -- Data type: enum gpgme_sig_stat_t
-     The ‘gpgme_sig_stat_t’ type holds the result of a signature check,
-     or the combined result of all signatures.  The following results
-     are possible:
-
-     ‘GPGME_SIG_STAT_NONE’
-          This status should not occur in normal operation.
-
-     ‘GPGME_SIG_STAT_GOOD’
-          This status indicates that the signature is valid.  For the
-          combined result this status means that all signatures are
-          valid.
-
-     ‘GPGME_SIG_STAT_GOOD_EXP’
-          This status indicates that the signature is valid but expired.
-          For the combined result this status means that all signatures
-          are valid and expired.
-
-     ‘GPGME_SIG_STAT_GOOD_EXPKEY’
-          This status indicates that the signature is valid but the key
-          used to verify the signature has expired.  For the combined
-          result this status means that all signatures are valid and all
-          keys are expired.
-
-     ‘GPGME_SIG_STAT_BAD’
-          This status indicates that the signature is invalid.  For the
-          combined result this status means that all signatures are
-          invalid.
-
-     ‘GPGME_SIG_STAT_NOKEY’
-          This status indicates that the signature could not be verified
-          due to a missing key.  For the combined result this status
-          means that all signatures could not be checked due to missing
-          keys.
-
-     ‘GPGME_SIG_STAT_NOSIG’
-          This status indicates that the signature data provided was not
-          a real signature.
-
-     ‘GPGME_SIG_STAT_ERROR’
-          This status indicates that there was some other error which
-          prevented the signature verification.
-
-     ‘GPGME_SIG_STAT_DIFF’
-          For the combined result this status means that at least two
-          signatures have a different status.  You can get each key’s
-          status with ‘gpgme_get_sig_status’.
-
- -- Function: const char * gpgme_get_sig_status (gpgme_ctx_t CTX,
-          int IDX, gpgme_sig_stat_t *R_STAT, time_t *R_CREATED)
-     The function ‘gpgme_get_sig_status’ is equivalent to:
-
-            gpgme_verify_result_t result;
-            gpgme_signature_t sig;
-
-            result = gpgme_op_verify_result (ctx);
-            sig = result->signatures;
-
-            while (sig && idx)
-              {
-                sig = sig->next;
-                idx--;
-              }
-            if (!sig || idx)
-              return NULL;
-
-            if (r_stat)
-              {
-                switch (gpg_err_code (sig->status))
-	          {
-          	case GPG_ERR_NO_ERROR:
-          	  *r_stat = GPGME_SIG_STAT_GOOD;
-          	  break;
-
-          	case GPG_ERR_BAD_SIGNATURE:
-          	  *r_stat = GPGME_SIG_STAT_BAD;
-          	  break;
-
-          	case GPG_ERR_NO_PUBKEY:
-          	  *r_stat = GPGME_SIG_STAT_NOKEY;
-          	  break;
-
-          	case GPG_ERR_NO_DATA:
-          	  *r_stat = GPGME_SIG_STAT_NOSIG;
-          	  break;
-
-          	case GPG_ERR_SIG_EXPIRED:
-          	  *r_stat = GPGME_SIG_STAT_GOOD_EXP;
-          	  break;
-
-          	case GPG_ERR_KEY_EXPIRED:
-          	  *r_stat = GPGME_SIG_STAT_GOOD_EXPKEY;
-          	  break;
-
-          	default:
-          	  *r_stat = GPGME_SIG_STAT_ERROR;
-          	  break;
-	          }
-              }
-            if (r_created)
-              *r_created = sig->timestamp;
-            return sig->fpr;
-
- -- Function: const char * gpgme_get_sig_string_attr (gpgme_ctx_t CTX,
-          int IDX, gpgme_attr_t WHAT, int WHATIDX)
-     The function ‘gpgme_get_sig_string_attr’ is equivalent to:
-
-            gpgme_verify_result_t result;
-            gpgme_signature_t sig;
-
-            result = gpgme_op_verify_result (ctx);
-            sig = result->signatures;
-
-            while (sig && idx)
-              {
-                sig = sig->next;
-                idx--;
-              }
-            if (!sig || idx)
-              return NULL;
-
-            switch (what)
-              {
-              case GPGME_ATTR_FPR:
-                return sig->fpr;
-
-              case GPGME_ATTR_ERRTOK:
-                if (whatidx == 1)
-                  return sig->wrong_key_usage ? "Wrong_Key_Usage" : "";
-                else
-          	return "";
-              default:
-                break;
-              }
-
-            return NULL;
-
- -- Function: const char * gpgme_get_sig_ulong_attr (gpgme_ctx_t CTX,
-          int IDX, gpgme_attr_t WAHT, int WHATIDX)
-     The function ‘gpgme_get_sig_ulong_attr’ is equivalent to:
-
-            gpgme_verify_result_t result;
-            gpgme_signature_t sig;
-
-            result = gpgme_op_verify_result (ctx);
-            sig = result->signatures;
-
-            while (sig && idx)
-              {
-                sig = sig->next;
-                idx--;
-              }
-            if (!sig || idx)
-              return 0;
-
-            switch (what)
-              {
-              case GPGME_ATTR_CREATED:
-                return sig->timestamp;
-
-              case GPGME_ATTR_EXPIRE:
-                return sig->exp_timestamp;
-
-              case GPGME_ATTR_VALIDITY:
-                return (unsigned long) sig->validity;
-
-              case GPGME_ATTR_SIG_STATUS:
-                switch (sig->status)
-	          {
-          	case GPG_ERR_NO_ERROR:
-          	  return GPGME_SIG_STAT_GOOD;
-
-          	case GPG_ERR_BAD_SIGNATURE:
-          	  return GPGME_SIG_STAT_BAD;
-
-          	case GPG_ERR_NO_PUBKEY:
-          	  return GPGME_SIG_STAT_NOKEY;
-
-          	case GPG_ERR_NO_DATA:
-          	  return GPGME_SIG_STAT_NOSIG;
-
-          	case GPG_ERR_SIG_EXPIRED:
-          	  return GPGME_SIG_STAT_GOOD_EXP;
-
-          	case GPG_ERR_KEY_EXPIRED:
-          	  return GPGME_SIG_STAT_GOOD_EXPKEY;
-
-          	default:
-          	  return GPGME_SIG_STAT_ERROR;
-	          }
-
-              case GPGME_ATTR_SIG_SUMMARY:
-                return sig->summary;
-
-              default:
-                break;
-              }
-            return 0;
-
- -- Function: const char * gpgme_get_sig_key (gpgme_ctx_t CTX, int IDX,
-          gpgme_key_t *R_KEY)
-     The function ‘gpgme_get_sig_key’ is equivalent to:
-
-            gpgme_verify_result_t result;
-            gpgme_signature_t sig;
-
-            result = gpgme_op_verify_result (ctx);
-            sig = result->signatures;
-
-            while (sig && idx)
-              {
-                sig = sig->next;
-                idx--;
-              }
-            if (!sig || idx)
-              return gpg_error (GPG_ERR_EOF);
-
-            return gpgme_get_key (ctx, sig->fpr, r_key, 0);
-
diff --git a/doc/gpgme.info-2 b/doc/gpgme.info-2
index 3285b3b..2a805d3 100644
--- a/doc/gpgme.info-2
+++ b/doc/gpgme.info-2
@@ -19,8 +19,8 @@ END-INFO-DIR-ENTRY
 
    This file documents the GPGME library.
 
-   This is Edition 1.9.0, last updated 16 November 2016, of ‘The ‘GnuPG
-Made Easy’ Reference Manual’, for Version 1.9.0.
+   This is Edition 1.10.0, last updated 8 December 2017, of ‘The ‘GnuPG
+Made Easy’ Reference Manual’, for Version 1.10.0.
 
    Copyright © 2002–2008, 2010, 2012–2017 g10 Code GmbH.
 
@@ -36,6 +36,694 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
 Public License for more details.
 
 
+File: gpgme.info,  Node: Debugging,  Next: Deprecated Functions,  Prev: UI Server Protocol,  Up: Top
+
+Appendix B How to solve problems
+********************************
+
+Everyone knows that software often does not do what it should do and
+thus there is a need to track down problems.  This is in particular true
+for applications using a complex library like GPGME and of course also
+for the library itself.  Here we give a few hints on how to solve such
+problems.
+
+   First of all you should make sure that the keys you want to use are
+installed in the GnuPG engine and are usable.  Thus the first test is to
+run the desired operation using ‘gpg’ or ‘gpgsm’ on the command line.
+If you can’t figure out why things don’t work, you may use GPGME’s built
+in trace feature.  This feature is either enabled using the environment
+variable ‘GPGME_DEBUG’ or, if this is not possible, by calling the
+function ‘gpgme_set_global_flag’.  The value is the trace level and an
+optional file name.  If no file name is given the trace output is
+printed to ‘stderr’.
+
+For example
+     GPGME_DEBUG=9:/home/user/mygpgme.log
+(Note that under Windows you use a semicolon in place of the colon to
+separate the fields.)
+
+   A trace level of 9 is pretty verbose and thus you may want to start
+off with a lower level.  The exact definition of the trace levels and
+the output format may change with any release; you need to check the
+source code for details.  In any case the trace log should be helpful to
+understand what is going going on.  Warning: The trace log may reveal
+sensitive details like passphrases or other data you use in your
+application.  If you are asked to send a log file, make sure that you
+run your tests only with play data.
+
+
+File: gpgme.info,  Node: Deprecated Functions,  Next: Library Copying,  Prev: Debugging,  Up: Top
+
+Appendix C Deprecated Functions
+*******************************
+
+For backward compatibility GPGME has a number of functions, data types
+and constants which are deprecated and should not be used anymore.  We
+document here those which are really old to help understanding old code
+and to allow migration to their modern counterparts.
+
+   *Warning:* These interfaces will be removed in a future version of
+GPGME.
+
+ -- Function: void gpgme_key_release (gpgme_key_t KEY)
+     The function ‘gpgme_key_release’ is equivalent to
+     ‘gpgme_key_unref’.
+
+ -- Function: void gpgme_trust_item_release (gpgme_trust_item_t ITEM)
+     The function ‘gpgme_trust_item_release’ is an alias for
+     ‘gpgme_trust_item_unref’.
+
+ -- Function: gpgme_error_t gpgme_op_import_ext (gpgme_ctx_t CTX,
+          gpgme_data_t KEYDATA, int *NR)
+     SINCE: 0.3.9
+
+     The function ‘gpgme_op_import_ext’ is equivalent to:
+
+            gpgme_error_t err = gpgme_op_import (ctx, keydata);
+            if (!err)
+              {
+                gpgme_import_result_t result = gpgme_op_import_result (ctx);
+                *nr = result->considered;
+              }
+
+ -- Data type: gpgme_error_t (*gpgme_edit_cb_t) (void *HANDLE,
+          gpgme_status_code_t STATUS, const char *ARGS, int FD)
+     The ‘gpgme_edit_cb_t’ type is the type of functions which GPGME
+     calls if it a key edit operation is on-going.  The status code
+     STATUS and the argument line ARGS are passed through by GPGME from
+     the crypto engine.  The file descriptor FD is -1 for normal status
+     messages.  If STATUS indicates a command rather than a status
+     message, the response to the command should be written to FD.  The
+     HANDLE is provided by the user at start of operation.
+
+     The function should return ‘GPG_ERR_FALSE’ if it did not handle the
+     status code, ‘0’ for success, or any other error value.
+
+ -- Function: gpgme_error_t gpgme_op_edit (gpgme_ctx_t CTX,
+          gpgme_key_t KEY, gpgme_edit_cb_t FNC, void *HANDLE,
+          gpgme_data_t OUT)
+     SINCE: 0.3.9
+
+     Note: This function is deprecated, please use ‘gpgme_op_interact’
+     instead.
+
+     The function ‘gpgme_op_edit’ processes the key KEY interactively,
+     using the edit callback function FNC with the handle HANDLE.  The
+     callback is invoked for every status and command request from the
+     crypto engine.  The output of the crypto engine is written to the
+     data object OUT.
+
+     Note that the protocol between the callback function and the crypto
+     engine is specific to the crypto engine and no further support in
+     implementing this protocol correctly is provided by GPGME.
+
+     The function returns the error code ‘GPG_ERR_NO_ERROR’ if the edit
+     operation completes successfully, ‘GPG_ERR_INV_VALUE’ if CTX or KEY
+     is not a valid pointer, and any error returned by the crypto engine
+     or the edit callback handler.
+
+ -- Function: gpgme_error_t gpgme_op_edit_start (gpgme_ctx_t CTX,
+          gpgme_key_t KEY, gpgme_edit_cb_t FNC, void *HANDLE,
+          gpgme_data_t OUT)
+
+     SINCE: 0.3.9
+
+     Note: This function is deprecated, please use
+     ‘gpgme_op_interact_start’ instead.
+
+     The function ‘gpgme_op_edit_start’ initiates a ‘gpgme_op_edit’
+     operation.  It can be completed by calling ‘gpgme_wait’ on the
+     context.  *Note Waiting For Completion::.
+
+     The function returns the error code ‘GPG_ERR_NO_ERROR’ if the
+     operation was started successfully, and ‘GPG_ERR_INV_VALUE’ if CTX
+     or KEY is not a valid pointer.
+
+ -- Function: gpgme_error_t gpgme_op_card_edit (gpgme_ctx_t CTX,
+          gpgme_key_t KEY, gpgme_edit_cb_t FNC, void *HANDLE,
+          gpgme_data_t OUT)
+     Note: This function is deprecated, please use ‘gpgme_op_interact’
+     with the flag ‘GPGME_INTERACT_CARD’ instead.
+
+     The function ‘gpgme_op_card_edit’ is analogous to ‘gpgme_op_edit’,
+     but should be used to process the smart card corresponding to the
+     key KEY.
+
+ -- Function: gpgme_error_t gpgme_op_card_edit_start (gpgme_ctx_t CTX,
+          gpgme_key_t KEY, gpgme_edit_cb_t FNC, void *HANDLE,
+          gpgme_data_t OUT)
+     Note: This function is deprecated, please use
+     ‘gpgme_op_interact_start’ with the flag ‘GPGME_INTERACT_CARD’
+     instead.
+
+     The function ‘gpgme_op_card_edit_start’ initiates a
+     ‘gpgme_op_card_edit’ operation.  It can be completed by calling
+     ‘gpgme_wait’ on the context.  *Note Waiting For Completion::.
+
+     The function returns the error code ‘GPG_ERR_NO_ERROR’ if the
+     operation was started successfully, and ‘GPG_ERR_INV_VALUE’ if CTX
+     or KEY is not a valid pointer.
+
+ -- Function: gpgme_error_t gpgme_data_new_with_read_cb
+          (gpgme_data_t *DH, int (*READFUNC) (void *HOOK, char *BUFFER,
+          size_t COUNT, size_t *NREAD), void *HOOK_VALUE)
+     The function ‘gpgme_data_new_with_read_cb’ creates a new
+     ‘gpgme_data_t’ object and uses the callback function READFUNC to
+     retrieve the data on demand.  As the callback function can supply
+     the data in any way it wants, this is the most flexible data type
+     GPGME provides.  However, it can not be used to write data.
+
+     The callback function receives HOOK_VALUE as its first argument
+     whenever it is invoked.  It should return up to COUNT bytes in
+     BUFFER, and return the number of bytes actually read in NREAD.  It
+     may return ‘0’ in NREAD if no data is currently available.  To
+     indicate ‘EOF’ the function should return with an error code of
+     ‘-1’ and set NREAD to ‘0’.  The callback function may support to
+     reset its internal read pointer if it is invoked with BUFFER and
+     NREAD being ‘NULL’ and COUNT being ‘0’.
+
+     The function returns the error code ‘GPG_ERR_NO_ERROR’ if the data
+     object was successfully created, ‘GPG_ERR_INV_VALUE’ if DH or
+     READFUNC is not a valid pointer, and ‘GPG_ERR_ENOMEM’ if not enough
+     memory is available.
+
+ -- Function: gpgme_error_t gpgme_data_rewind (gpgme_data_t DH)
+     The function ‘gpgme_data_rewind’ is equivalent to:
+
+            return (gpgme_data_seek (dh, 0, SEEK_SET) == -1)
+              ? gpgme_error_from_errno (errno) : 0;
+
+ -- Data type: gpgme_attr_t
+     The ‘gpgme_attr_t’ type is used to specify a key or trust item
+     attribute.  The following attributes are defined:
+
+     ‘GPGME_ATTR_KEYID’
+          This is the key ID of a sub key.  It is representable as a
+          string.
+
+          For trust items, the trust item refers to the key with this
+          ID.
+
+     ‘GPGME_ATTR_FPR’
+          This is the fingerprint of a sub key.  It is representable as
+          a string.
+
+     ‘GPGME_ATTR_ALGO’
+          This is the crypto algorithm for which the sub key can be
+          used.  It is representable as a string and as a number.  The
+          numbers correspond to the ‘enum gcry_pk_algos’ values in the
+          gcrypt library.
+
+     ‘GPGME_ATTR_LEN’
+          This is the key length of a sub key.  It is representable as a
+          number.
+
+     ‘GPGME_ATTR_CREATED’
+          This is the timestamp at creation time of a sub key.  It is
+          representable as a number.
+
+     ‘GPGME_ATTR_EXPIRE’
+          This is the expiration time of a sub key.  It is representable
+          as a number.
+
+     ‘GPGME_ATTR_OTRUST’
+          XXX FIXME (also for trust items)
+
+     ‘GPGME_ATTR_USERID’
+          This is a user ID. There can be more than one user IDs in a
+          GPGME_KEY_T object.  The first one (with index 0) is the
+          primary user ID. The user ID is representable as a number.
+
+          For trust items, this is the user ID associated with this
+          trust item.
+
+     ‘GPGME_ATTR_NAME’
+          This is the name belonging to a user ID. It is representable
+          as a string.
+
+     ‘GPGME_ATTR_EMAIL’
+          This is the email address belonging to a user ID. It is
+          representable as a string.
+
+     ‘GPGME_ATTR_COMMENT’
+          This is the comment belonging to a user ID. It is
+          representable as a string.
+
+     ‘GPGME_ATTR_VALIDITY’
+          This is the validity belonging to a user ID. It is
+          representable as a string and as a number.  See below for a
+          list of available validities.
+
+          For trust items, this is the validity that is associated with
+          this trust item.
+
+     ‘GPGME_ATTR_UID_REVOKED’
+          This specifies if a user ID is revoked.  It is representable
+          as a number, and is ‘1’ if the user ID is revoked, and ‘0’
+          otherwise.
+
+     ‘GPGME_ATTR_UID_INVALID’
+          This specifies if a user ID is invalid.  It is representable
+          as a number, and is ‘1’ if the user ID is invalid, and ‘0’
+          otherwise.
+
+     ‘GPGME_ATTR_LEVEL’
+          This is the trust level of a trust item.
+
+     ‘GPGME_ATTR_TYPE’
+          This returns information about the type of key.  For the
+          string function this will eother be "PGP" or "X.509".  The
+          integer function returns 0 for PGP and 1 for X.509.  It is
+          also used for the type of a trust item.
+
+     ‘GPGME_ATTR_IS_SECRET’
+          This specifies if the key is a secret key.  It is
+          representable as a number, and is ‘1’ if the key is revoked,
+          and ‘0’ otherwise.
+
+     ‘GPGME_ATTR_KEY_REVOKED’
+          This specifies if a sub key is revoked.  It is representable
+          as a number, and is ‘1’ if the key is revoked, and ‘0’
+          otherwise.
+
+     ‘GPGME_ATTR_KEY_INVALID’
+          This specifies if a sub key is invalid.  It is representable
+          as a number, and is ‘1’ if the key is invalid, and ‘0’
+          otherwise.
+
+     ‘GPGME_ATTR_KEY_EXPIRED’
+          This specifies if a sub key is expired.  It is representable
+          as a number, and is ‘1’ if the key is expired, and ‘0’
+          otherwise.
+
+     ‘GPGME_ATTR_KEY_DISABLED’
+          This specifies if a sub key is disabled.  It is representable
+          as a number, and is ‘1’ if the key is disabled, and ‘0’
+          otherwise.
+
+     ‘GPGME_ATTR_KEY_CAPS’
+          This is a description of the capabilities of a sub key.  It is
+          representable as a string.  The string contains the letter “e”
+          if the key can be used for encryption, “s” if the key can be
+          used for signatures, and “c” if the key can be used for
+          certifications.
+
+     ‘GPGME_ATTR_CAN_ENCRYPT’
+          This specifies if a sub key can be used for encryption.  It is
+          representable as a number, and is ‘1’ if the sub key can be
+          used for encryption, and ‘0’ otherwise.
+
+     ‘GPGME_ATTR_CAN_SIGN’
+          This specifies if a sub key can be used to create data
+          signatures.  It is representable as a number, and is ‘1’ if
+          the sub key can be used for signatures, and ‘0’ otherwise.
+
+     ‘GPGME_ATTR_CAN_CERTIFY’
+          This specifies if a sub key can be used to create key
+          certificates.  It is representable as a number, and is ‘1’ if
+          the sub key can be used for certifications, and ‘0’ otherwise.
+
+     ‘GPGME_ATTR_SERIAL’
+          The X.509 issuer serial attribute of the key.  It is
+          representable as a string.
+
+     ‘GPGME_ATTR_ISSUE’
+          The X.509 issuer name attribute of the key.  It is
+          representable as a string.
+
+     ‘GPGME_ATTR_CHAINID’
+          The X.509 chain ID can be used to build the certification
+          chain.  It is representable as a string.
+
+ -- Function: const char * gpgme_key_get_string_attr (gpgme_key_t KEY,
+          gpgme_attr_t WHAT, const void *RESERVED, int IDX)
+     The function ‘gpgme_key_get_string_attr’ returns the value of the
+     string-representable attribute WHAT of key KEY.  If the attribute
+     is an attribute of a sub key or an user ID, IDX specifies the sub
+     key or user ID of which the attribute value is returned.  The
+     argument RESERVED is reserved for later use and should be ‘NULL’.
+
+     The string returned is only valid as long as the key is valid.
+
+     The function returns ‘0’ if an attribute can’t be returned as a
+     string, KEY is not a valid pointer, IDX out of range, or RESERVED
+     not ‘NULL’.
+
+ -- Function: unsigned long gpgme_key_get_ulong_attr (gpgme_key_t KEY,
+          gpgme_attr_t WHAT, const void *RESERVED, int IDX)
+     The function ‘gpgme_key_get_ulong_attr’ returns the value of the
+     number-representable attribute WHAT of key KEY.  If the attribute
+     is an attribute of a sub key or an user ID, IDX specifies the sub
+     key or user ID of which the attribute value is returned.  The
+     argument RESERVED is reserved for later use and should be ‘NULL’.
+
+     The function returns ‘0’ if the attribute can’t be returned as a
+     number, KEY is not a valid pointer, IDX out of range, or RESERVED
+     not ‘NULL’.
+
+   The signatures on a key are only available if the key was retrieved
+via a listing operation with the ‘GPGME_KEYLIST_MODE_SIGS’ mode enabled,
+because it is expensive to retrieve all signatures of a key.
+
+   So, before using the below interfaces to retrieve the signatures on a
+key, you have to make sure that the key was listed with signatures
+enabled.  One convenient, but blocking, way to do this is to use the
+function ‘gpgme_get_key’.
+
+ -- Data type: gpgme_attr_t
+     The ‘gpgme_attr_t’ type is used to specify a key signature
+     attribute.  The following attributes are defined:
+
+     ‘GPGME_ATTR_KEYID’
+          This is the key ID of the key which was used for the
+          signature.  It is representable as a string.
+
+     ‘GPGME_ATTR_ALGO’
+          This is the crypto algorithm used to create the signature.  It
+          is representable as a string and as a number.  The numbers
+          correspond to the ‘enum gcry_pk_algos’ values in the gcrypt
+          library.
+
+     ‘GPGME_ATTR_CREATED’
+          This is the timestamp at creation time of the signature.  It
+          is representable as a number.
+
+     ‘GPGME_ATTR_EXPIRE’
+          This is the expiration time of the signature.  It is
+          representable as a number.
+
+     ‘GPGME_ATTR_USERID’
+          This is the user ID associated with the signing key.  The user
+          ID is representable as a number.
+
+     ‘GPGME_ATTR_NAME’
+          This is the name belonging to a user ID. It is representable
+          as a string.
+
+     ‘GPGME_ATTR_EMAIL’
+          This is the email address belonging to a user ID. It is
+          representable as a string.
+
+     ‘GPGME_ATTR_COMMENT’
+          This is the comment belonging to a user ID. It is
+          representable as a string.
+
+     ‘GPGME_ATTR_KEY_REVOKED’
+          This specifies if a key signature is a revocation signature.
+          It is representable as a number, and is ‘1’ if the key is
+          revoked, and ‘0’ otherwise.
+
+     ‘GPGME_ATTR_SIG_CLASS’
+          This specifies the signature class of a key signature.  It is
+          representable as a number.  The meaning is specific to the
+          crypto engine.
+
+     ‘GPGME_ATTR_SIG_CLASS’
+          This specifies the signature class of a key signature.  It is
+          representable as a number.  The meaning is specific to the
+          crypto engine.
+
+     ‘GPGME_ATTR_SIG_STATUS’
+          This is the same value as returned by ‘gpgme_get_sig_status’.
+
+ -- Function: const char * gpgme_key_sig_get_string_attr
+          (gpgme_key_t KEY, int UID_IDX, gpgme_attr_t WHAT,
+          const void *RESERVED, int IDX)
+     The function ‘gpgme_key_sig_get_string_attr’ returns the value of
+     the string-representable attribute WHAT of the signature IDX on the
+     user ID UID_IDX in the key KEY.  The argument RESERVED is reserved
+     for later use and should be ‘NULL’.
+
+     The string returned is only valid as long as the key is valid.
+
+     The function returns ‘0’ if an attribute can’t be returned as a
+     string, KEY is not a valid pointer, UID_IDX or IDX out of range, or
+     RESERVED not ‘NULL’.
+
+ -- Function: unsigned long gpgme_key_sig_get_ulong_attr
+          (gpgme_key_t KEY, int UID_IDX, gpgme_attr_t WHAT,
+          const void *RESERVED, int IDX)
+     The function ‘gpgme_key_sig_get_ulong_attr’ returns the value of
+     the number-representable attribute WHAT of the signature IDX on the
+     user ID UID_IDX in the key KEY.  The argument RESERVED is reserved
+     for later use and should be ‘NULL’.
+
+     The function returns ‘0’ if an attribute can’t be returned as a
+     string, KEY is not a valid pointer, UID_IDX or IDX out of range, or
+     RESERVED not ‘NULL’.
+
+   Trust items have attributes which can be queried using the interfaces
+below.  The attribute identifiers are shared with those for key
+attributes.  *Note Information About Keys::.
+
+ -- Function: const char * gpgme_trust_item_get_string_attr
+          (gpgme_trust_item_t ITEM, gpgme_attr_t WHAT,
+          const void *RESERVED, int IDX)
+     The function ‘gpgme_trust_item_get_string_attr’ returns the value
+     of the string-representable attribute WHAT of trust item ITEM.  The
+     arguments IDX and RESERVED are reserved for later use and should be
+     ‘0’ and ‘NULL’ respectively.
+
+     The string returned is only valid as long as the key is valid.
+
+     The function returns ‘0’ if an attribute can’t be returned as a
+     string, KEY is not a valid pointer, IDX out of range, or RESERVED
+     not ‘NULL’.
+
+ -- Function: int gpgme_trust_item_get_int_attr
+          (gpgme_trust_item_t ITEM, gpgme_attr_t WHAT,
+          const void *RESERVED, int IDX)
+     The function ‘gpgme_trust_item_get_int_attr’ returns the value of
+     the number-representable attribute WHAT of trust item ITEM.  If the
+     attribute occurs more than once in the trust item, the index is
+     specified by IDX.  However, currently no such attribute exists, so
+     IDX should be ‘0’.  The argument RESERVED is reserved for later use
+     and should be ‘NULL’.
+
+     The function returns ‘0’ if the attribute can’t be returned as a
+     number, KEY is not a valid pointer, IDX out of range, or RESERVED
+     not ‘NULL’.
+
+ -- Data type: enum gpgme_sig_stat_t
+     The ‘gpgme_sig_stat_t’ type holds the result of a signature check,
+     or the combined result of all signatures.  The following results
+     are possible:
+
+     ‘GPGME_SIG_STAT_NONE’
+          This status should not occur in normal operation.
+
+     ‘GPGME_SIG_STAT_GOOD’
+          This status indicates that the signature is valid.  For the
+          combined result this status means that all signatures are
+          valid.
+
+     ‘GPGME_SIG_STAT_GOOD_EXP’
+          This status indicates that the signature is valid but expired.
+          For the combined result this status means that all signatures
+          are valid and expired.
+
+     ‘GPGME_SIG_STAT_GOOD_EXPKEY’
+          This status indicates that the signature is valid but the key
+          used to verify the signature has expired.  For the combined
+          result this status means that all signatures are valid and all
+          keys are expired.
+
+     ‘GPGME_SIG_STAT_BAD’
+          This status indicates that the signature is invalid.  For the
+          combined result this status means that all signatures are
+          invalid.
+
+     ‘GPGME_SIG_STAT_NOKEY’
+          This status indicates that the signature could not be verified
+          due to a missing key.  For the combined result this status
+          means that all signatures could not be checked due to missing
+          keys.
+
+     ‘GPGME_SIG_STAT_NOSIG’
+          This status indicates that the signature data provided was not
+          a real signature.
+
+     ‘GPGME_SIG_STAT_ERROR’
+          This status indicates that there was some other error which
+          prevented the signature verification.
+
+     ‘GPGME_SIG_STAT_DIFF’
+          For the combined result this status means that at least two
+          signatures have a different status.  You can get each key’s
+          status with ‘gpgme_get_sig_status’.
+
+ -- Function: const char * gpgme_get_sig_status (gpgme_ctx_t CTX,
+          int IDX, gpgme_sig_stat_t *R_STAT, time_t *R_CREATED)
+     The function ‘gpgme_get_sig_status’ is equivalent to:
+
+            gpgme_verify_result_t result;
+            gpgme_signature_t sig;
+
+            result = gpgme_op_verify_result (ctx);
+            sig = result->signatures;
+
+            while (sig && idx)
+              {
+                sig = sig->next;
+                idx--;
+              }
+            if (!sig || idx)
+              return NULL;
+
+            if (r_stat)
+              {
+                switch (gpg_err_code (sig->status))
+	          {
+          	case GPG_ERR_NO_ERROR:
+          	  *r_stat = GPGME_SIG_STAT_GOOD;
+          	  break;
+
+          	case GPG_ERR_BAD_SIGNATURE:
+          	  *r_stat = GPGME_SIG_STAT_BAD;
+          	  break;
+
+          	case GPG_ERR_NO_PUBKEY:
+          	  *r_stat = GPGME_SIG_STAT_NOKEY;
+          	  break;
+
+          	case GPG_ERR_NO_DATA:
+          	  *r_stat = GPGME_SIG_STAT_NOSIG;
+          	  break;
+
+          	case GPG_ERR_SIG_EXPIRED:
+          	  *r_stat = GPGME_SIG_STAT_GOOD_EXP;
+          	  break;
+
+          	case GPG_ERR_KEY_EXPIRED:
+          	  *r_stat = GPGME_SIG_STAT_GOOD_EXPKEY;
+          	  break;
+
+          	default:
+          	  *r_stat = GPGME_SIG_STAT_ERROR;
+          	  break;
+	          }
+              }
+            if (r_created)
+              *r_created = sig->timestamp;
+            return sig->fpr;
+
+ -- Function: const char * gpgme_get_sig_string_attr (gpgme_ctx_t CTX,
+          int IDX, gpgme_attr_t WHAT, int WHATIDX)
+     The function ‘gpgme_get_sig_string_attr’ is equivalent to:
+
+            gpgme_verify_result_t result;
+            gpgme_signature_t sig;
+
+            result = gpgme_op_verify_result (ctx);
+            sig = result->signatures;
+
+            while (sig && idx)
+              {
+                sig = sig->next;
+                idx--;
+              }
+            if (!sig || idx)
+              return NULL;
+
+            switch (what)
+              {
+              case GPGME_ATTR_FPR:
+                return sig->fpr;
+
+              case GPGME_ATTR_ERRTOK:
+                if (whatidx == 1)
+                  return sig->wrong_key_usage ? "Wrong_Key_Usage" : "";
+                else
+          	return "";
+              default:
+                break;
+              }
+
+            return NULL;
+
+ -- Function: const char * gpgme_get_sig_ulong_attr (gpgme_ctx_t CTX,
+          int IDX, gpgme_attr_t WAHT, int WHATIDX)
+     The function ‘gpgme_get_sig_ulong_attr’ is equivalent to:
+
+            gpgme_verify_result_t result;
+            gpgme_signature_t sig;
+
+            result = gpgme_op_verify_result (ctx);
+            sig = result->signatures;
+
+            while (sig && idx)
+              {
+                sig = sig->next;
+                idx--;
+              }
+            if (!sig || idx)
+              return 0;
+
+            switch (what)
+              {
+              case GPGME_ATTR_CREATED:
+                return sig->timestamp;
+
+              case GPGME_ATTR_EXPIRE:
+                return sig->exp_timestamp;
+
+              case GPGME_ATTR_VALIDITY:
+                return (unsigned long) sig->validity;
+
+              case GPGME_ATTR_SIG_STATUS:
+                switch (sig->status)
+	          {
+          	case GPG_ERR_NO_ERROR:
+          	  return GPGME_SIG_STAT_GOOD;
+
+          	case GPG_ERR_BAD_SIGNATURE:
+          	  return GPGME_SIG_STAT_BAD;
+
+          	case GPG_ERR_NO_PUBKEY:
+          	  return GPGME_SIG_STAT_NOKEY;
+
+          	case GPG_ERR_NO_DATA:
+          	  return GPGME_SIG_STAT_NOSIG;
+
+          	case GPG_ERR_SIG_EXPIRED:
+          	  return GPGME_SIG_STAT_GOOD_EXP;
+
+          	case GPG_ERR_KEY_EXPIRED:
+          	  return GPGME_SIG_STAT_GOOD_EXPKEY;
+
+          	default:
+          	  return GPGME_SIG_STAT_ERROR;
+	          }
+
+              case GPGME_ATTR_SIG_SUMMARY:
+                return sig->summary;
+
+              default:
+                break;
+              }
+            return 0;
+
+ -- Function: const char * gpgme_get_sig_key (gpgme_ctx_t CTX, int IDX,
+          gpgme_key_t *R_KEY)
+     The function ‘gpgme_get_sig_key’ is equivalent to:
+
+            gpgme_verify_result_t result;
+            gpgme_signature_t sig;
+
+            result = gpgme_op_verify_result (ctx);
+            sig = result->signatures;
+
+            while (sig && idx)
+              {
+                sig = sig->next;
+                idx--;
+              }
+            if (!sig || idx)
+              return gpg_error (GPG_ERR_EOF);
+
+            return gpgme_get_key (ctx, sig->fpr, r_key, 0);
+
+
 File: gpgme.info,  Node: Library Copying,  Next: Copying,  Prev: Deprecated Functions,  Up: Top
 
 GNU Lesser General Public License
@@ -1513,13 +2201,13 @@ Function and Data Index
 * ENCRYPT_SIGN_FILES:                    UI Server Sign/Encrypt Files.
                                                               (line  11)
 * enum gpgme_data_encoding_t:            Data Buffer Meta-Data.
-                                                              (line  27)
+                                                              (line  31)
 * enum gpgme_data_type_t:                Data Buffer Convenience.
                                                               (line   6)
 * enum gpgme_event_io_t:                 I/O Callback Interface.
                                                               (line  58)
 * enum gpgme_hash_algo_t:                Hash Algorithms.     (line   9)
-* enum gpgme_pinentry_mode_t:            Pinentry Mode.       (line  19)
+* enum gpgme_pinentry_mode_t:            Pinentry Mode.       (line  25)
 * enum gpgme_protocol_t:                 Protocols and Engines.
                                                               (line  16)
 * enum gpgme_pubkey_algo_t:              Public Key Algorithms.
@@ -1527,7 +2215,7 @@ Function and Data Index
 * enum gpgme_sig_mode_t:                 Creating a Signature.
                                                               (line   6)
 * enum gpgme_sig_stat_t:                 Deprecated Functions.
-                                                              (line 434)
+                                                              (line 441)
 * enum gpgme_tofu_policy_t:              Changing TOFU Data.  (line  10)
 * FILE:                                  UI Server Set Input Files.
                                                               (line   9)
@@ -1535,24 +2223,24 @@ Function and Data Index
                                                               (line   9)
 * gpgme_addrspec_from_uid:               Decrypt and Verify.  (line  48)
 * gpgme_attr_t:                          Deprecated Functions.
-                                                              (line 137)
+                                                              (line 144)
 * gpgme_attr_t <1>:                      Deprecated Functions.
-                                                              (line 314)
+                                                              (line 321)
 * gpgme_cancel:                          Cancellation.        (line  16)
-* gpgme_cancel_async:                    Cancellation.        (line  36)
+* gpgme_cancel_async:                    Cancellation.        (line  38)
 * gpgme_check_version:                   Library Version Check.
                                                               (line   6)
 * gpgme_ctx_get_engine_info:             Crypto Engine.       (line  12)
-* gpgme_ctx_set_engine_info:             Crypto Engine.       (line  24)
+* gpgme_ctx_set_engine_info:             Crypto Engine.       (line  26)
 * gpgme_ctx_t:                           Contexts.            (line  11)
 * gpgme_data_encoding_t:                 Data Buffer Meta-Data.
-                                                              (line  28)
+                                                              (line  32)
 * gpgme_data_get_encoding:               Data Buffer Meta-Data.
-                                                              (line  69)
+                                                              (line  81)
 * gpgme_data_get_file_name:              Data Buffer Meta-Data.
                                                               (line   6)
 * gpgme_data_identify:                   Data Buffer Convenience.
-                                                              (line  36)
+                                                              (line  46)
 * gpgme_data_new:                        Memory Based Data Buffers.
                                                               (line  12)
 * gpgme_data_new_from_cbs:               Callback Based Data Buffers.
@@ -1568,7 +2256,7 @@ Function and Data Index
 * gpgme_data_new_from_stream:            File Based Data Buffers.
                                                               (line  29)
 * gpgme_data_new_with_read_cb:           Deprecated Functions.
-                                                              (line 107)
+                                                              (line 114)
 * gpgme_data_read:                       Data Buffer I/O Operations.
                                                               (line   6)
 * gpgme_data_read_cb_t:                  Callback Based Data Buffers.
@@ -1580,17 +2268,17 @@ Function and Data Index
 * gpgme_data_release_cb_t:               Callback Based Data Buffers.
                                                               (line  55)
 * gpgme_data_rewind:                     Deprecated Functions.
-                                                              (line 131)
+                                                              (line 138)
 * gpgme_data_seek:                       Data Buffer I/O Operations.
                                                               (line  26)
 * gpgme_data_seek_cb_t:                  Callback Based Data Buffers.
                                                               (line  46)
 * gpgme_data_set_encoding:               Data Buffer Meta-Data.
-                                                              (line  75)
+                                                              (line  87)
 * gpgme_data_set_file_name:              Data Buffer Meta-Data.
-                                                              (line  16)
+                                                              (line  18)
 * gpgme_data_set_flag:                   Data Buffer Meta-Data.
-                                                              (line  80)
+                                                              (line  92)
 * gpgme_data_t:                          Exchanging Data.     (line  13)
 * gpgme_data_type_t:                     Data Buffer Convenience.
                                                               (line   7)
@@ -1598,13 +2286,13 @@ Function and Data Index
                                                               (line  16)
 * gpgme_data_write_cb_t:                 Callback Based Data Buffers.
                                                               (line  29)
-* gpgme_decrypt_result_t:                Decrypt.             (line  91)
+* gpgme_decrypt_result_t:                Decrypt.             (line 101)
 * gpgme_edit_cb_t:                       Deprecated Functions.
-                                                              (line  35)
+                                                              (line  37)
 * gpgme_encrypt_result_t:                Encrypting a Plaintext.
-                                                              (line 108)
+                                                              (line 118)
 * gpgme_engine_check_version:            Engine Version Check.
-                                                              (line  65)
+                                                              (line  67)
 * gpgme_engine_info_t:                   Engine Information.  (line   6)
 * gpgme_error:                           Error Values.        (line  65)
 * gpgme_error_from_errno:                Error Values.        (line  89)
@@ -1612,11 +2300,11 @@ Function and Data Index
 * gpgme_error_t (*gpgme_assuan_data_cb_t) (void *OPAQUE, const void *DATA, size_t DATALEN): Using the Assuan protocol.
                                                               (line  15)
 * gpgme_error_t (*gpgme_assuan_inquire_cb_t) (void *OPAQUE, const char *NAME, const char *ARGS, gpgme_data_t *R_DATA): Using the Assuan protocol.
-                                                              (line  22)
+                                                              (line  24)
 * gpgme_error_t (*gpgme_assuan_status_cb_t) (void *OPAQUE, const char *STATUS, const char *ARGS): Using the Assuan protocol.
-                                                              (line  34)
+                                                              (line  38)
 * gpgme_error_t (*gpgme_edit_cb_t) (void *HANDLE, gpgme_status_code_t STATUS, const char *ARGS, int FD): Deprecated Functions.
-                                                              (line  33)
+                                                              (line  35)
 * gpgme_error_t (*gpgme_interact_cb_t) (void *HANDLE, const char *STATUS, const char *ARGS, int FD): Advanced Key Editing.
                                                               (line   6)
 * gpgme_error_t (*gpgme_io_cb_t) (void *DATA, int FD): I/O Callback Interface.
@@ -1641,144 +2329,146 @@ Function and Data Index
                                                               (line   7)
 * gpgme_free:                            Destroying Data Buffers.
                                                               (line  25)
-* gpgme_genkey_result_t:                 Generating Keys.     (line 347)
+* gpgme_genkey_result_t:                 Generating Keys.     (line 381)
 * gpgme_get_armor:                       ASCII Armor.         (line  13)
 * gpgme_get_ctx_flag:                    Status Message Callback.
-                                                              (line  93)
+                                                              (line 109)
 * gpgme_get_dirinfo:                     Engine Version Check.
                                                               (line   6)
 * gpgme_get_engine_info:                 Engine Information.  (line  46)
 * gpgme_get_include_certs:               Included Certificates.
-                                                              (line  35)
+                                                              (line  37)
 * gpgme_get_io_cbs:                      Registering I/O Callbacks.
                                                               (line  44)
-* gpgme_get_key:                         Listing Keys.        (line 177)
-* gpgme_get_keylist_mode:                Key Listing Mode.    (line  73)
-* gpgme_get_offline:                     Offline Mode.        (line  23)
-* gpgme_get_passphrase_cb:               Passphrase Callback. (line  59)
-* gpgme_get_pinentry_mode:               Pinentry Mode.       (line  14)
+* gpgme_get_key:                         Listing Keys.        (line 178)
+* gpgme_get_keylist_mode:                Key Listing Mode.    (line  83)
+* gpgme_get_offline:                     Offline Mode.        (line  25)
+* gpgme_get_passphrase_cb:               Passphrase Callback. (line  63)
+* gpgme_get_pinentry_mode:               Pinentry Mode.       (line  18)
 * gpgme_get_progress_cb:                 Progress Meter Callback.
                                                               (line  31)
 * gpgme_get_protocol:                    Protocol Selection.  (line  21)
 * gpgme_get_protocol_name:               Protocols and Engines.
-                                                              (line  51)
-* gpgme_get_sender:                      Setting the Sender.  (line  27)
+                                                              (line  58)
+* gpgme_get_sender:                      Setting the Sender.  (line  29)
 * gpgme_get_sig_key:                     Deprecated Functions.
-                                                              (line 634)
+                                                              (line 641)
 * gpgme_get_sig_status:                  Deprecated Functions.
-                                                              (line 482)
+                                                              (line 489)
 * gpgme_get_sig_string_attr:             Deprecated Functions.
-                                                              (line 538)
+                                                              (line 545)
 * gpgme_get_sig_ulong_attr:              Deprecated Functions.
-                                                              (line 572)
+                                                              (line 579)
 * gpgme_get_status_cb:                   Status Message Callback.
-                                                              (line  29)
+                                                              (line  31)
 * gpgme_get_textmode:                    Text Mode.           (line  20)
-* gpgme_hash_algo_name:                  Hash Algorithms.     (line  28)
+* gpgme_hash_algo_name:                  Hash Algorithms.     (line  30)
 * gpgme_hash_algo_t:                     Hash Algorithms.     (line  10)
-* gpgme_import_result_t:                 Importing Keys.      (line 110)
-* gpgme_import_status_t:                 Importing Keys.      (line  72)
+* gpgme_import_result_t:                 Importing Keys.      (line 118)
+* gpgme_import_status_t:                 Importing Keys.      (line  80)
 * gpgme_interact_cb_t:                   Advanced Key Editing.
-                                                              (line   8)
+                                                              (line  11)
 * gpgme_invalid_key_t:                   Crypto Operations.   (line  10)
 * gpgme_io_cb_t:                         I/O Callback Interface.
                                                               (line   7)
-* gpgme_keylist_result_t:                Listing Keys.        (line 154)
+* gpgme_keylist_result_t:                Listing Keys.        (line 155)
 * gpgme_key_get_string_attr:             Deprecated Functions.
-                                                              (line 279)
+                                                              (line 286)
 * gpgme_key_get_ulong_attr:              Deprecated Functions.
-                                                              (line 293)
+                                                              (line 300)
 * gpgme_key_ref:                         Manipulating Keys.   (line   6)
 * gpgme_key_release:                     Deprecated Functions.
                                                               (line  14)
 * gpgme_key_sig_get_string_attr:         Deprecated Functions.
-                                                              (line 370)
+                                                              (line 377)
 * gpgme_key_sig_get_ulong_attr:          Deprecated Functions.
-                                                              (line 386)
-* gpgme_key_sig_t:                       Key objects.         (line 244)
+                                                              (line 393)
+* gpgme_key_sig_t:                       Key objects.         (line 339)
 * gpgme_key_t:                           Key objects.         (line  10)
 * gpgme_key_unref:                       Manipulating Keys.   (line  10)
 * gpgme_new:                             Creating Contexts.   (line   6)
 * gpgme_new_signature_t:                 Creating a Signature.
                                                               (line  57)
 * gpgme_off_t:                           Exchanging Data.     (line  24)
-* gpgme_op_adduid:                       Generating Keys.     (line 167)
-* gpgme_op_adduid_start:                 Generating Keys.     (line 191)
+* gpgme_op_adduid:                       Generating Keys.     (line 189)
+* gpgme_op_adduid_start:                 Generating Keys.     (line 215)
 * gpgme_op_assuan_transact_ext:          Using the Assuan protocol.
-                                                              (line  56)
+                                                              (line  64)
 * gpgme_op_assuan_transact_start:        Using the Assuan protocol.
-                                                              (line  41)
+                                                              (line  47)
 * gpgme_op_card_edit:                    Deprecated Functions.
-                                                              (line  82)
+                                                              (line  89)
 * gpgme_op_card_edit_start:              Deprecated Functions.
-                                                              (line  92)
+                                                              (line  99)
 * gpgme_op_createkey:                    Generating Keys.     (line  14)
-* gpgme_op_createkey_start:              Generating Keys.     (line 103)
-* gpgme_op_createsubkey:                 Generating Keys.     (line 114)
-* gpgme_op_createsubkey_start:           Generating Keys.     (line 156)
+* gpgme_op_createkey_start:              Generating Keys.     (line 119)
+* gpgme_op_createsubkey:                 Generating Keys.     (line 132)
+* gpgme_op_createsubkey_start:           Generating Keys.     (line 176)
 * gpgme_op_decrypt:                      Decrypt.             (line   6)
 * gpgme_op_decrypt_ext:                  Decrypt.             (line  30)
-* gpgme_op_decrypt_ext_start:            Decrypt.             (line  54)
-* gpgme_op_decrypt_result:               Decrypt.             (line 128)
+* gpgme_op_decrypt_ext_start:            Decrypt.             (line  60)
+* gpgme_op_decrypt_result:               Decrypt.             (line 144)
 * gpgme_op_decrypt_start:                Decrypt.             (line  20)
 * gpgme_op_decrypt_verify:               Decrypt and Verify.  (line   6)
 * gpgme_op_decrypt_verify_start:         Decrypt and Verify.  (line  30)
-* gpgme_op_delete:                       Deleting Keys.       (line   6)
-* gpgme_op_delete_start:                 Deleting Keys.       (line  20)
+* gpgme_op_delete:                       Deleting Keys.       (line  47)
+* gpgme_op_delete_ext:                   Deleting Keys.       (line   6)
+* gpgme_op_delete_ext_start:             Deleting Keys.       (line  33)
+* gpgme_op_delete_start:                 Deleting Keys.       (line  52)
 * gpgme_op_edit:                         Deprecated Functions.
-                                                              (line  46)
+                                                              (line  48)
 * gpgme_op_edit_start:                   Deprecated Functions.
-                                                              (line  68)
+                                                              (line  72)
 * gpgme_op_encrypt:                      Encrypting a Plaintext.
                                                               (line   6)
 * gpgme_op_encrypt_result:               Encrypting a Plaintext.
-                                                              (line 119)
+                                                              (line 129)
 * gpgme_op_encrypt_sign:                 Encrypting a Plaintext.
-                                                              (line 130)
+                                                              (line 140)
 * gpgme_op_encrypt_sign_start:           Encrypting a Plaintext.
-                                                              (line 141)
+                                                              (line 151)
 * gpgme_op_encrypt_start:                Encrypting a Plaintext.
-                                                              (line  90)
-* gpgme_op_export:                       Exporting Keys.      (line  38)
-* gpgme_op_export_ext:                   Exporting Keys.      (line  71)
-* gpgme_op_export_ext_start:             Exporting Keys.      (line  93)
-* gpgme_op_export_keys:                  Exporting Keys.      (line 105)
-* gpgme_op_export_keys_start:            Exporting Keys.      (line 130)
-* gpgme_op_export_start:                 Exporting Keys.      (line  59)
-* gpgme_op_genkey:                       Generating Keys.     (line 270)
-* gpgme_op_genkey_result:                Generating Keys.     (line 380)
-* gpgme_op_genkey_start:                 Generating Keys.     (line 335)
+                                                              (line 100)
+* gpgme_op_export:                       Exporting Keys.      (line  46)
+* gpgme_op_export_ext:                   Exporting Keys.      (line  79)
+* gpgme_op_export_ext_start:             Exporting Keys.      (line 101)
+* gpgme_op_export_keys:                  Exporting Keys.      (line 113)
+* gpgme_op_export_keys_start:            Exporting Keys.      (line 140)
+* gpgme_op_export_start:                 Exporting Keys.      (line  67)
+* gpgme_op_genkey:                       Generating Keys.     (line 304)
+* gpgme_op_genkey_result:                Generating Keys.     (line 418)
+* gpgme_op_genkey_start:                 Generating Keys.     (line 369)
 * gpgme_op_import:                       Importing Keys.      (line   9)
 * gpgme_op_import_ext:                   Deprecated Functions.
                                                               (line  22)
 * gpgme_op_import_keys:                  Importing Keys.      (line  35)
-* gpgme_op_import_keys_start:            Importing Keys.      (line  59)
-* gpgme_op_import_result:                Importing Keys.      (line 160)
+* gpgme_op_import_keys_start:            Importing Keys.      (line  65)
+* gpgme_op_import_result:                Importing Keys.      (line 168)
 * gpgme_op_import_start:                 Importing Keys.      (line  24)
 * gpgme_op_interact:                     Advanced Key Editing.
-                                                              (line  20)
+                                                              (line  23)
 * gpgme_op_interact_start:               Advanced Key Editing.
-                                                              (line  45)
-* gpgme_op_keylist_end:                  Listing Keys.        (line 110)
+                                                              (line  53)
+* gpgme_op_keylist_end:                  Listing Keys.        (line 111)
 * gpgme_op_keylist_ext_start:            Listing Keys.        (line  34)
-* gpgme_op_keylist_from_data:            Listing Keys.        (line  67)
-* gpgme_op_keylist_next:                 Listing Keys.        (line  93)
-* gpgme_op_keylist_result:               Listing Keys.        (line 165)
+* gpgme_op_keylist_from_data_start:      Listing Keys.        (line  67)
+* gpgme_op_keylist_next:                 Listing Keys.        (line  94)
+* gpgme_op_keylist_result:               Listing Keys.        (line 166)
 * gpgme_op_keylist_start:                Listing Keys.        (line   6)
 * gpgme_op_keysign:                      Signing Keys.        (line  12)
-* gpgme_op_keysign_start:                Signing Keys.        (line  67)
+* gpgme_op_keysign_start:                Signing Keys.        (line  73)
 * gpgme_op_passwd:                       Changing Passphrases.
                                                               (line   6)
 * gpgme_op_passwd_start:                 Changing Passphrases.
-                                                              (line  19)
+                                                              (line  21)
 * gpgme_op_query_swdb:                   Checking for updates.
-                                                              (line  66)
+                                                              (line  68)
 * gpgme_op_query_swdb_result:            Checking for updates.
-                                                              (line  76)
-* gpgme_op_revuid:                       Generating Keys.     (line 198)
-* gpgme_op_revuid_start:                 Generating Keys.     (line 224)
-* gpgme_op_set_uid_flag_start:           Generating Keys.     (line 261)
-* gpgme_op_set_ui_flag:                  Generating Keys.     (line 231)
+                                                              (line  80)
+* gpgme_op_revuid:                       Generating Keys.     (line 224)
+* gpgme_op_revuid_start:                 Generating Keys.     (line 252)
+* gpgme_op_set_uid_flag_start:           Generating Keys.     (line 293)
+* gpgme_op_set_ui_flag:                  Generating Keys.     (line 261)
 * gpgme_op_sign:                         Creating a Signature.
                                                               (line  21)
 * gpgme_op_sign_result:                  Creating a Signature.
@@ -1788,43 +2478,43 @@ Function and Data Index
 * gpgme_op_spawn:                        Running other Programs.
                                                               (line  13)
 * gpgme_op_spawn_start:                  Running other Programs.
-                                                              (line  38)
-* gpgme_op_tofu_policy:                  Changing TOFU Data.  (line  27)
-* gpgme_op_tofu_policy_start:            Changing TOFU Data.  (line  39)
+                                                              (line  45)
+* gpgme_op_tofu_policy:                  Changing TOFU Data.  (line  29)
+* gpgme_op_tofu_policy_start:            Changing TOFU Data.  (line  43)
 * gpgme_op_trustlist_end:                Listing Trust Items. (line  44)
 * gpgme_op_trustlist_next:               Listing Trust Items. (line  27)
 * gpgme_op_trustlist_start:              Listing Trust Items. (line   6)
 * gpgme_op_verify:                       Verify.              (line   6)
-* gpgme_op_verify_result:                Verify.              (line 272)
+* gpgme_op_verify_result:                Verify.              (line 283)
 * gpgme_op_verify_start:                 Verify.              (line  26)
 * gpgme_passphrase_cb_t:                 Passphrase Callback. (line  10)
-* gpgme_pinentry_mode_t:                 Pinentry Mode.       (line  20)
+* gpgme_pinentry_mode_t:                 Pinentry Mode.       (line  26)
 * gpgme_progress_cb_t:                   Progress Meter Callback.
                                                               (line   8)
 * gpgme_protocol_t:                      Protocols and Engines.
                                                               (line  17)
 * gpgme_protocol_t <1>:                  Engine Information.  (line   7)
 * gpgme_pubkey_algo_name:                Public Key Algorithms.
-                                                              (line  50)
+                                                              (line  58)
 * gpgme_pubkey_algo_string:              Public Key Algorithms.
-                                                              (line  60)
+                                                              (line  68)
 * gpgme_pubkey_algo_t:                   Public Key Algorithms.
                                                               (line  10)
 * gpgme_query_swdb_result_t:             Checking for updates.
                                                               (line  11)
-* gpgme_recipient_t:                     Decrypt.             (line  67)
+* gpgme_recipient_t:                     Decrypt.             (line  75)
 * gpgme_register_io_cb_t:                I/O Callback Interface.
                                                               (line  23)
 * gpgme_release:                         Destroying Contexts. (line   6)
 * gpgme_result_ref:                      Result Management.   (line  15)
-* gpgme_result_unref:                    Result Management.   (line  21)
+* gpgme_result_unref:                    Result Management.   (line  23)
 * gpgme_set_armor:                       ASCII Armor.         (line   6)
 * gpgme_set_ctx_flag:                    Status Message Callback.
-                                                              (line  37)
+                                                              (line  41)
 * gpgme_set_engine_info:                 Engine Configuration.
                                                               (line  11)
 * gpgme_set_global_flag:                 Library Version Check.
-                                                              (line  43)
+                                                              (line  44)
 * gpgme_set_include_certs:               Included Certificates.
                                                               (line   6)
 * gpgme_set_io_cbs:                      Registering I/O Callbacks.
@@ -1832,7 +2522,7 @@ Function and Data Index
 * gpgme_set_keylist_mode:                Key Listing Mode.    (line   6)
 * gpgme_set_locale:                      Locale.              (line  14)
 * gpgme_set_offline:                     Offline Mode.        (line   6)
-* gpgme_set_passphrase_cb:               Passphrase Callback. (line  36)
+* gpgme_set_passphrase_cb:               Passphrase Callback. (line  40)
 * gpgme_set_pinentry_mode:               Pinentry Mode.       (line   6)
 * gpgme_set_progress_cb:                 Progress Meter Callback.
                                                               (line  16)
@@ -1841,36 +2531,37 @@ Function and Data Index
 * gpgme_set_status_cb:                   Status Message Callback.
                                                               (line  17)
 * gpgme_set_textmode:                    Text Mode.           (line   6)
-* gpgme_signature_t:                     Verify.              (line  88)
+* gpgme_signature_t:                     Verify.              (line  92)
 * gpgme_signers_add:                     Selecting Signers.   (line  18)
 * gpgme_signers_clear:                   Selecting Signers.   (line  11)
 * gpgme_signers_count:                   Selecting Signers.   (line  25)
-* gpgme_signers_enum:                    Selecting Signers.   (line  29)
+* gpgme_signers_enum:                    Selecting Signers.   (line  31)
 * gpgme_sign_result_t:                   Creating a Signature.
                                                               (line  85)
 * gpgme_sig_mode_t:                      Creating a Signature.
                                                               (line   7)
 * gpgme_sig_notation_add:                Signature Notation Data.
-                                                              (line  17)
+                                                              (line  19)
 * gpgme_sig_notation_clear:              Signature Notation Data.
                                                               (line  10)
 * gpgme_sig_notation_get:                Signature Notation Data.
-                                                              (line  41)
+                                                              (line  45)
 * gpgme_sig_notation_t:                  Verify.              (line  38)
 * gpgme_sig_stat_t:                      Deprecated Functions.
-                                                              (line 435)
-* gpgme_ssize_t:                         Exchanging Data.     (line  30)
+                                                              (line 442)
+* gpgme_ssize_t:                         Exchanging Data.     (line  32)
 * gpgme_status_cb_t:                     Status Message Callback.
                                                               (line   8)
 * gpgme_strerror:                        Error Strings.       (line   6)
 * gpgme_strerror_r:                      Error Strings.       (line  15)
 * gpgme_strsource:                       Error Strings.       (line  26)
-* gpgme_subkey_t:                        Key objects.         (line 100)
-* gpgme_tofu_policy_t:                   Changing TOFU Data.  (line  11)
+* gpgme_subkey_t:                        Key objects.         (line 112)
+* gpgme_tofu_info_t:                     Key objects.         (line 275)
+* gpgme_tofu_policy_t:                   Changing TOFU Data.  (line  13)
 * gpgme_trust_item_get_int_attr:         Deprecated Functions.
-                                                              (line 419)
+                                                              (line 426)
 * gpgme_trust_item_get_string_attr:      Deprecated Functions.
-                                                              (line 404)
+                                                              (line 411)
 * gpgme_trust_item_ref:                  Manipulating Trust Items.
                                                               (line   6)
 * gpgme_trust_item_release:              Deprecated Functions.
@@ -1879,10 +2570,10 @@ Function and Data Index
                                                               (line   8)
 * gpgme_trust_item_unref:                Manipulating Trust Items.
                                                               (line  10)
-* gpgme_user_id_t:                       Key objects.         (line 192)
+* gpgme_user_id_t:                       Key objects.         (line 217)
 * gpgme_validity_t:                      Information About Keys.
                                                               (line   9)
-* gpgme_verify_result_t:                 Verify.              (line 257)
+* gpgme_verify_result_t:                 Verify.              (line 268)
 * gpgme_wait:                            Waiting For Completion.
                                                               (line   6)
 * IMPORT_FILES:                          UI Server Import/Export Keys.
diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index 40423cf..cd7bb4b 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -38,6 +38,11 @@ General Public License for more details.
   @sc{s:} \string\
 @end macro
 
+@c API version.
+@macro since{string}
+  @sc{Since:} \string\
+@end macro
+
 
 @c
 @c  T I T L E  P A G E
@@ -497,13 +502,13 @@ systems.  To address offsets in large files, you can either enable
 largefile support add-on.  Then a new data type @code{off64_t} is
 provided, which is 64 bit wide.  Or you can replace the existing
 @code{off_t} data type with its 64 bit wide counterpart.  All
-occurences of @code{off_t} are then automagically replaced.
+occurrences of @code{off_t} are then automagically replaced.
 
 As if matters were not complex enough, there are also two different
 types of file descriptors in such systems.  This is important because
 if file descriptors are exchanged between programs that use a
 different maximum file size, certain errors must be produced on some
-file descriptors to prevent subtle overflow bugs from occuring.
+file descriptors to prevent subtle overflow bugs from occurring.
 
 As you can see, supporting two different maximum file sizes at the
 same time is not at all an easy task.  However, the maximum file size
@@ -678,9 +683,10 @@ uses, this function provides a run-time check if the necessary
 features are provided by the installed version of the library.
 
 If a selftest fails, the function may still succeed.  Selftest errors
-are returned later when invoking @code{gpgme_new}, so that a detailed
-error code can be returned (historically, @code{gpgme_check_version}
-does not return a detailed error code).
+are returned later when invoking @code{gpgme_new} or
+@code{gpgme-data_new}, so that a detailed error code can be returned
+(historically, @code{gpgme_check_version} does not return a detailed
+error code).
 @end deftypefun
 
 
@@ -688,6 +694,8 @@ does not return a detailed error code).
             (@w{const char *@var{name}}, @
             @w{const char *@var{value}})
 
+@since{1.4.0}
+
 On some systems it is not easy to set environment variables and thus
 hard to use @acronym{GPGME}'s internal trace facility for debugging.
 This function has been introduced as an alternative way to enable
@@ -725,7 +733,7 @@ Windows.
 
 @item require-gnupg
 Set the mimimum version of the required GnuPG engine.  If that version
-is not met, GPGME fails early instead of trying to use the existant
+is not met, GPGME fails early instead of trying to use the existent
 version.  The given version must be a string with major, minor, and
 micro number.  Example: "2.1.0".
 
@@ -875,6 +883,7 @@ are supported:
 
 @table @code
 @item GPGME_PROTOCOL_OpenPGP
+@itemx GPGME_PROTOCOL_OPENPGP
 This specifies the OpenPGP protocol.
 
 @item GPGME_PROTOCOL_CMS
@@ -884,15 +893,21 @@ This specifies the Cryptographic Message Syntax.
 Under development.  Please ask on @email{gnupg-devel@@gnupg.org} for help.
 
 @item GPGME_PROTOCOL_ASSUAN
+@since{1.2.0}
+
 This specifies the raw Assuan protocol.
 
 @item GPGME_PROTOCOL_G13
+@since{1.3.0}
+
 Under development.  Please ask on @email{gnupg-devel@@gnupg.org} for help.
 
 @item GPGME_PROTOCOL_UISERVER
 Under development.  Please ask on @email{gnupg-devel@@gnupg.org} for help.
 
 @item GPGME_PROTOCOL_SPAWN
+@since{1.5.0}
+
 Special protocol for use with @code{gpgme_op_spawn}.
 
 @item GPGME_PROTOCOL_UNKNOWN
@@ -925,6 +940,8 @@ allocated string describing the protocol @var{protocol}, or
 @cindex version check, of the engines
 
 @deftypefun @w{const char *} gpgme_get_dirinfo (@w{cons char *@var{what}})
+@since{1.5.0}
+
 The function @code{gpgme_get_dirinfo} returns a statically allocated
 string with the value associated to @var{what}.  The returned values
 are the defaults and won't change even after
@@ -1100,6 +1117,8 @@ can make these changes the default or set them for some contexts
 individually.
 
 @deftypefun gpgme_error_t gpgme_set_engine_info (@w{gpgme_protocol_t @var{proto}}, @w{const char *@var{file_name}}, @w{const char *@var{home_dir}})
+@since{1.1.0}
+
 The function @code{gpgme_set_engine_info} changes the default
 configuration of the crypto engine implementing the protocol
 @var{proto}.
@@ -1112,7 +1131,7 @@ of the configuration directory for this crypto engine.  If
 The new defaults are not applied to already created GPGME contexts.
 
 This function returns the error code @code{GPG_ERR_NO_ERROR} if
-successful, or an eror code on failure.
+successful, or an error code on failure.
 @end deftypefun
 
 The functions @code{gpgme_ctx_get_engine_info} and
@@ -1215,17 +1234,25 @@ This value indicates ElGamal.
 This value also indicates ElGamal and is used specifically in GnuPG.
 
 @item GPGME_PK_ECC
+@since{1.5.0}
+
 This value is a generic indicator for ellipic curve algorithms.
 
 @item GPGME_PK_ECDSA
+@since{1.3.0}
+
 This value indicates ECDSA, the Elliptic Curve Digital Signature
 Algorithm as defined by FIPS 186-2 and RFC-6637.
 
 @item GPGME_PK_ECDH
+@since{1.3.0}
+
 This value indicates ECDH, the Eliptic Curve Diffie-Hellmann
 encryption algorithm as defined by RFC-6637.
 
 @item GPGME_PK_EDDSA
+@since{1.7.0}
+
 This value indicates the EdDSA algorithm.
 
 @end table
@@ -1242,6 +1269,8 @@ returned.
 @end deftypefun
 
 @deftypefun {char *} gpgme_pubkey_algo_string (@w{gpgme_subkey_t @var{key}})
+@since{1.7.0}
+
 The function @code{gpgme_pubkey_algo_string} is a convenience function
 to build and return an algorithm string in the same way GnuPG does
 (e.g. ``rsa2048'' or ``ed25519'').  The caller must free the result
@@ -1276,6 +1305,8 @@ that are supported by @acronym{GPGME}.  Possible values are:
 @item GPGME_MD_SHA384
 @item GPGME_MD_SHA512
 @item GPGME_MD_SHA224
+@since{1.5.0}
+
 @item GPGME_MD_MD4
 @item GPGME_MD_CRC32
 @item GPGME_MD_CRC32_RFC1510
@@ -1537,7 +1568,7 @@ This value indicates success.  The value of this error code is
 @code{0}.  Also, it is guaranteed that an error value made from the
 error code @code{0} will be @code{0} itself (as a whole).  This means
 that the error source information is lost for this error code,
-however, as this error code indicates that no error occured, this is
+however, as this error code indicates that no error occurred, this is
 generally not a problem.
 
 @item GPG_ERR_GENERAL
@@ -1611,7 +1642,7 @@ This value indicates that no certificate revocation list is known for
 the certificate.
 
 @item GPG_ERR_NO_POLICY_MATCH
-This value indicates that a policy issue occured.
+This value indicates that a policy issue occurred.
 
 @item GPG_ERR_NO_SECKEY
 This value indicates that no secret key for the user ID is available.
@@ -1724,6 +1755,8 @@ might be relevant, for example, if the external event loop mechanism
 is used.
 
 @deftp {Data type} {gpgme_off_t}
+@since{1.4.1}
+
 On POSIX platforms the @code{gpgme_off_t} type is an alias for
 @code{off_t}; it may be used interchangeable.  On Windows platforms
 @code{gpgme_off_t} is defined as a long (i.e. 32 bit) for 32 bit
@@ -2001,6 +2034,8 @@ case, the data object @var{dh} is destroyed.
 
 
 @deftypefun void gpgme_free (@w{void *@var{buffer}})
+@since{1.1.1}
+
 The function @code{gpgme_free} releases the memory returned by
 @code{gpgme_data_release_and_get_mem} and
 @code{gpgme_pubkey_algo_string}.  It should be used instead of the
@@ -2093,6 +2128,8 @@ If the function fails, -1 is returned and @var{errno} is set.
 @cindex data buffer, encoding
 
 @deftypefun {char *} gpgme_data_get_file_name (@w{gpgme_data_t @var{dh}})
+@since{1.1.0}
+
 The function @code{gpgme_data_get_file_name} returns a pointer to a
 string containing the file name associated with the data object.  The
 file name will be stored in the output when encrypting or signing the
@@ -2105,6 +2142,8 @@ Otherwise, @code{NULL} will be returned.
 
 
 @deftypefun gpgme_error_t gpgme_data_set_file_name (@w{gpgme_data_t @var{dh}}, @w{const char *@var{file_name}})
+@since{1.1.0}
+
 The function @code{gpgme_data_set_file_name} sets the file name
 associated with the data object.  The file name will be stored in the
 output when encrypting or signing the data and will be returned to the
@@ -2144,17 +2183,25 @@ This specifies that the data is encoded in an armored form as used by
 OpenPGP and PEM.
 
 @item GPGME_DATA_ENCODING_MIME
+@since{1.7.0}
+
 This specifies that the data is encoded as a MIME part.
 
 @item GPGME_DATA_ENCODING_URL
+@since{1.2.0}
+
 The data is a list of linefeed delimited URLs.  This is only useful with
 @code{gpgme_op_import}.
 
 @item GPGME_DATA_ENCODING_URL0
+@since{1.2.0}
+
 The data is a list of binary zero delimited URLs.  This is only useful
 with @code{gpgme_op_import}.
 
 @item GPGME_DATA_ENCODING_URLESC
+@since{1.2.0}
+
 The data is a list of linefeed delimited URLs with all control and space
 characters percent escaped.  This mode is is not yet implemented.
 
@@ -2178,6 +2225,8 @@ the data object with the handle @var{dh} to @var{enc}.
             @w{const char *@var{name}}, @
             @w{const char *@var{value}})
 
+@since{1.7.0}
+
 Some minor properties of the data object can be controlled with flags
 set by this function.  The properties are identified by the following
 values for @var{name}:
@@ -2205,6 +2254,8 @@ This function returns @code{0} on success.
 
 @deftp {Data type} {enum gpgme_data_type_t}
 @tindex gpgme_data_type_t
+@since{1.4.3}
+
 The @code{gpgme_data_type_t} type is used to return the detected type
 of the content of a data buffer.
 @end deftp
@@ -2219,6 +2270,14 @@ The type of the data is not known.
 @item GPGME_DATA_TYPE_PGP_SIGNED
 The data is an OpenPGP signed message.  This may be a binary
 signature, a detached one or a cleartext signature.
+@item GPGME_DATA_TYPE_PGP_ENCRYPTED
+@since{1.7.0}
+
+The data is an OpenPGP encrypted message.
+@item GPGME_DATA_TYPE_PGP_SIGNATURE
+@since{1.7.0}
+
+The data is an OpenPGP detached signature.
 @item GPGME_DATA_TYPE_PGP_OTHER
 This is a generic OpenPGP message.  In most cases this will be
 encrypted data.
@@ -2238,6 +2297,8 @@ private keys for X.509.
 @end table
 
 @deftypefun gpgme_data_type_t gpgme_data_identify (@w{gpgme_data_t @var{dh}})
+@since{1.4.3}
+
 The function @code{gpgme_data_identify} returns the type of the data
 with the handle @var{dh}.  If it is not possible to perform the
 identification, the function returns zero
@@ -2324,6 +2385,8 @@ and give it a lifetime beyond that of the current operation or
 context.
 
 @deftypefun void gpgme_result_ref (@w{void *@var{result}})
+@since{1.2.0}
+
 The function @code{gpgme_result_ref} acquires an additional reference
 for the result @var{result}, which may be of any type
 @code{gpgme_*_result_t}.  As long as the user holds a reference, the
@@ -2331,6 +2394,8 @@ result structure is guaranteed to be valid and unmodified.
 @end deftypefun
 
 @deftypefun void gpgme_result_unref (@w{void *@var{result}})
+@since{1.2.0}
+
 The function @code{gpgme_result_unref} releases a reference for the
 result @var{result}.  If this was the last reference, the result
 structure will be destroyed and all resources associated to it will be
@@ -2402,6 +2467,8 @@ default can also be retrieved without any particular context.
 @xref{Engine Configuration}.
 
 @deftypefun gpgme_engine_info_t gpgme_ctx_get_engine_info (@w{gpgme_ctx_t @var{ctx}})
+@since{1.1.0}
+
 The function @code{gpgme_ctx_get_engine_info} returns a linked list of
 engine info structures.  Each info structure describes the
 configuration of one configured backend, as used by the context
@@ -2414,6 +2481,8 @@ This function can not fail.
 @end deftypefun
 
 @deftypefun gpgme_error_t gpgme_ctx_set_engine_info (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_protocol_t @var{proto}}, @w{const char *@var{file_name}}, @w{const char *@var{home_dir}})
+@since{1.1.0}
+
 The function @code{gpgme_ctx_set_engine_info} changes the
 configuration of the crypto engine implementing the protocol
 @var{proto} for the context @var{ctx}.
@@ -2429,7 +2498,7 @@ if the function is called after starting the first operation on the
 context @var{ctx}.
 
 This function returns the error code @code{GPG_ERR_NO_ERROR} if
-successful, or an eror code on failure.
+successful, or an error code on failure.
 @end deftypefun
 
 
@@ -2450,6 +2519,8 @@ addresses is not supported.
       (@w{gpgme_ctx_t @var{ctx}}, @
        @w{int @var{address}})
 
+@since{1.8.0}
+
 The function @code{gpgme_set_sender} specifies the sender address for
 use in sign and verify operations.  @var{address} is expected to be
 the ``addr-spec'' part of an address but my also be a complete mailbox
@@ -2465,6 +2536,8 @@ most likely failure is that no valid ``addr-spec'' was found in
 @deftypefun @w{const char *} gpgme_get_sender @
       (@w{gpgme_ctx_t @var{ctx}})
 
+@since{1.8.0}
+
 The function @code{gpgme_get_sender} returns the current sender
 address from the context, or NULL if none was set.  The returned
 value is valid as long as the @var{ctx} is valid and
@@ -2531,6 +2604,8 @@ valid pointer.
 @cindex offline mode
 
 @deftypefun void gpgme_set_offline (@w{gpgme_ctx_t @var{ctx}}, @w{int @var{yes}})
+@since{1.6.0}
+
 The function @code{gpgme_set_offline} specifies if offline mode
 should be used.  By default, offline mode is not used.
 
@@ -2550,6 +2625,8 @@ otherwise.
 @end deftypefun
 
 @deftypefun int gpgme_get_offline (@w{gpgme_ctx_t @var{ctx}})
+@since{1.6.0}
+
 The function @code{gpgme_get_offline} returns 1 if offline
 mode is enabled, and @code{0} if it is not, or if @var{ctx} is not a
 valid pointer.
@@ -2563,6 +2640,9 @@ valid pointer.
 
 @deftypefun gpgme_error_t gpgme_set_pinentry_mode (@w{gpgme_ctx_t @var{ctx}},
 @w{gpgme_pinentry_mode_t @var{mode}})
+
+@since{1.4.0}
+
 The function @code{gpgme_set_pinentry_mode} specifies the pinentry mode
 to be used.
 
@@ -2572,36 +2652,50 @@ mechanism in GPGME through @code{gpgme_set_passphrase_cb}.
 @end deftypefun
 
 @deftypefun gpgme_pinentry_mode_t gpgme_get_pinentry_mode (@w{gpgme_ctx_t @var{ctx}})
+@since{1.4.0}
+
 The function @code{gpgme_get_pinenty_mode} returns the
 mode set for the context.
 @end deftypefun
 
 @deftp {Data type} {enum gpgme_pinentry_mode_t}
 @tindex gpgme_pinentry_mode_t
+@since{1.4.0}
+
 The @code{gpgme_minentry_mode_t} type specifies the set of possible pinentry
 modes that are supported by @acronym{GPGME} if GnuPG >= 2.1 is used.
 The following modes are supported:
 
 @table @code
 @item GPGME_PINENTRY_MODE_DEFAULT
+@since{1.4.0}
+
 Use the default of the agent, which is ask.
 
 @item GPGME_PINENTRY_MODE_ASK
+@since{1.4.0}
+
 Force the use of the Pinentry.
 
 @item GPGME_PINENTRY_MODE_CANCEL
+@since{1.4.0}
+
 Emulate use of Pinentry's cancel button.
 
 @item GPGME_PINENTRY_MODE_ERROR
+@since{1.4.0}
+
 Return a Pinentry error @code{No Pinentry}.
 
 @item GPGME_PINENTRY_MODE_LOOPBACK
+@since{1.4.0}
+
 Redirect Pinentry queries to the caller.
-This enables the use of @code{gpgme_set_passphrase_cb} whis pinentry
-queries redirected to gpgme.
+This enables the use of @code{gpgme_set_passphrase_cb} because pinentry
+queries are redirected to gpgme.
 
-Note: This mode requires @code{allow-loopback-pinentry} to be enabled
-in the @file{gpg-agent.conf} or an agent started with that option.
+Note: For 2.1.0 - 2.1.12 this mode requires @code{allow-loopback-pinentry}
+to be enabled in the @file{gpg-agent.conf} or an agent started with that option.
 
 @end table
 @end deftp
@@ -2619,6 +2713,8 @@ values of @var{nr_of_certs} are:
 
 @table @code
 @item GPGME_INCLUDE_CERTS_DEFAULT
+@since{1.0.3}
+
 Fall back to the default of the crypto backend.  This is the default
 for GPGME.
 @item -2
@@ -2665,7 +2761,7 @@ is the default.
 @item GPGME_KEYLIST_MODE_EXTERN
 The @code{GPGME_KEYLIST_MODE_EXTERN} symbol specifies that an external
 source should be searched for keys in the keylisting operation.  The
-type of external source is dependant on the crypto engine used and
+type of external source is dependent on the crypto engine used and
 whether it is combined with @code{GPGME_KEYLIST_MODE_LOCAL}.  For
 example, it can be a remote keyserver or LDAP certificate server.
 
@@ -2674,17 +2770,23 @@ The @code{GPGME_KEYLIST_MODE_SIGS} symbol specifies that the key
 signatures should be included in the listed keys.
 
 @item GPGME_KEYLIST_MODE_SIG_NOTATIONS
+@since{1.1.1}
+
 The @code{GPGME_KEYLIST_MODE_SIG_NOTATIONS} symbol specifies that the
 signature notations on key signatures should be included in the listed
 keys.  This only works if @code{GPGME_KEYLIST_MODE_SIGS} is also
 enabled.
 
 @item GPGME_KEYLIST_MODE_WITH_TOFU
+@since{1.7.0}
+
 The @code{GPGME_KEYLIST_MODE_WITH_TOFU} symbol specifies that
 information pertaining to the TOFU trust model should be included in
 the listed keys.
 
 @item GPGME_KEYLIST_MODE_WITH_SECRET
+@since{1.5.1}
+
 The @code{GPGME_KEYLIST_MODE_WITH_SECRET} returns information about
 the presence of a corresponding secret key in a public key listing.  A
 public key listing with this mode is slower than a standard listing
@@ -2692,10 +2794,14 @@ but can be used instead of a second run to list the secret keys.  This
 is only supported for GnuPG versions >= 2.1.
 
 @item GPGME_KEYLIST_MODE_EPHEMERAL
+@since{1.2.0}
+
 The @code{GPGME_KEYLIST_MODE_EPHEMERAL} symbol specifies that keys
 flagged as ephemeral are included in the listing.
 
 @item GPGME_KEYLIST_MODE_VALIDATE
+@since{0.4.5}
+
 The @code{GPGME_KEYLIST_MODE_VALIDATE} symbol specifies that the
 backend should do key or certificate validation and not just get the
 validity information from an internal cache.  This might be an
@@ -2763,6 +2869,10 @@ character before returning from the callback.
 If an error occurs, return the corresponding @code{gpgme_error_t}
 value.  You can use the error code @code{GPG_ERR_CANCELED} to abort
 the operation.  Otherwise, return @code{0}.
+
+Note: The passphrase_cb only works with GnuPG 1.x and 2.1.x and not
+with the 2.0.x series. See @code{gpgme_set_pinentry_mode} for more
+details on 2.1.x usage.
 @end deftp
 
 @deftypefun void gpgme_set_passphrase_cb (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_passphrase_cb_t @var{passfunc}}, @w{void *@var{hook_value}})
@@ -2863,6 +2973,8 @@ value. Otherwise, return @code{0}.
 @end deftp
 
 @deftypefun void gpgme_set_status_cb (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_status_cb_t @var{statusfunc}}, @w{void *@var{hook_value}})
+@since{1.6.0}
+
 The function @code{gpgme_set_status_cb} sets the function that is used when a
 status message is received from gpg to @var{statusfunc}. The function
 @var{statusfunc} needs to be implemented by the user, and whenever it is
@@ -2874,6 +2986,8 @@ The user can disable the use of a status message callback function by calling
 @end deftypefun
 
 @deftypefun void gpgme_get_status_cb (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_status_cb_t *@var{statusfunc}}, @w{void **@var{hook_value}})
+@since{1.6.0}
+
 The function @code{gpgme_get_status_cb} returns the function that is used to
 process status messages from gpg in @var{*statusfunc}, and the first argument
 for this function in @var{*hook_value}.  If no status message callback is set,
@@ -2886,6 +3000,8 @@ variables.
             @w{const char *@var{name}}, @
             @w{const char *@var{value}})
 
+@since{1.7.0}
+
 Some minor properties of the context can be controlled with flags set
 by this function.  The properties are identified by the following
 values for @var{name}:
@@ -2940,6 +3056,16 @@ the context flag "export-session-key" is enabled.  Please be aware that
 using this feature with GnuPG < 2.1.16 will leak the session key on
 many platforms via ps(1).
 
+@item "auto-key-retrieve"
+Setting the @var{value} to "1" asks the backend to automatically
+retrieve a key for signature verification if possible.  Note that this
+option makes a "web bug" like behavior possible.  Keyserver or Web Key
+Directory operators can see which keys you request, so by sending you
+a message signed by a brand new key (which you naturally will not have
+on your local keyring), the operator can tell both your IP address and
+the time when you verified the signature.
+
+
 @end table
 
 This function returns @code{0} on success.
@@ -2950,6 +3076,8 @@ This function returns @code{0} on success.
             (@w{gpgme_ctx_t @var{ctx}}, @
             @w{const char *@var{name}})
 
+@since{1.8.0}
+
 The value of flags settable by @code{gpgme_set_ctx_flag} can be
 retrieved by this function.  If @var{name} is unknown the function
 returns @code{NULL}.  For boolean flags an empty string is returned
@@ -2973,6 +3101,8 @@ The default locale is used to initialize the locale setting of all
 contexts created afterwards.
 
 @deftypefun gpgme_error_t gpgme_set_locale (@w{gpgme_ctx_t @var{ctx}}, @w{int @var{category}}, @w{const char *@var{value}})
+@since{0.4.3}
+
 The function @code{gpgme_set_locale} sets the locale of the context
 @var{ctx}, or the default locale if @var{ctx} is a null pointer.
 
@@ -3035,6 +3165,8 @@ following members:
 
 @table @code
 @item gpgme_keylist_mode_t keylist_mode
+@since{0.9.0}
+
 The keylist mode that was active when the key was retrieved.
 
 @item unsigned int revoked : 1
@@ -3065,10 +3197,14 @@ This is true if the key (ie one of its subkeys) can be used to create
 key certificates.
 
 @item unsigned int can_authenticate : 1
+@since{0.4.5}
+
 This is true if the key (ie one of its subkeys) can be used for
 authentication.
 
 @item unsigned int is_qualified : 1
+@since{1.1.0}
+
 This is true if the key can be used for qualified signatures according
 to local government regulations.
 
@@ -3079,6 +3215,8 @@ be true even if the corresponding subkey flag may be false
 been requested or if @code{GPGME_KEYLIST_MODE_WITH_SECRET} is active.
 
 @item unsigned int origin : 5
+@since{1.8.0}
+
 Reserved for the origin of this key.
 
 @item gpgme_protocol_t protocol
@@ -3109,12 +3247,16 @@ This is a linked list with the user IDs of the key.  The first user ID
 in the list is the main (or primary) user ID.
 
 @item char *fpr
+@since{1.7.0}
+
 This field gives the fingerprint of the primary key.  Note that
 this is a copy of the fingerprint of the first subkey.  For an
 incomplete key (for example from a verification result) a subkey may
 be missing but this field may be set nevertheless.
 
 @item unsigned long last_update
+@since{1.8.0}
+
 Reserved for the time of the last update of this key.
 
 @end table
@@ -3122,6 +3264,7 @@ Reserved for the time of the last update of this key.
 
 
 @deftp {Data type} gpgme_subkey_t
+@since{1.5.0}
 
 The @code{gpgme_subkey_t} type is a pointer to a subkey structure.
 Subkeys are one component of a @code{gpgme_key_t} object.  In fact,
@@ -3159,13 +3302,19 @@ This is true if the subkey can be used to create data signatures.
 This is true if the subkey can be used to create key certificates.
 
 @item unsigned int can_authenticate : 1
+@since{0.4.5}
+
 This is true if the subkey can be used for authentication.
 
 @item unsigned int is_qualified : 1
+@since{1.1.0}
+
 This is true if the subkey can be used for qualified signatures
 according to local government regulations.
 
 @item unsigned int is_de_vs : 1
+@since{1.8.0}
+
 This is true if the subkey complies with the rules for classified
 information in Germany at the restricted level (VS-NfD).  This are
 currently RSA keys of at least 2048 bits or ECDH/ECDSA keys using a
@@ -3192,6 +3341,8 @@ This is the fingerprint of the subkey in hexadecimal digits, if
 available.
 
 @item char *keygrip
+@since{1.7.0}
+
 The keygrip of the subkey in hex digit form or @code{NULL} if not
 availabale.
 
@@ -3204,9 +3355,13 @@ This is the expiration timestamp of the subkey, or 0 if the subkey
 does not expire.
 
 @item unsigned int is_cardkey : 1
+@since{1.2.0}
+
 True if the secret key is stored on a smart card.
 
 @item char *card_number
+@since{1.2.0}
+
 The serial number of a smart card holding this key or @code{NULL}.
 
 @item char *curve
@@ -3256,6 +3411,8 @@ but might be slightly different.  If no mail address is available
 @code{NULL} is stored.
 
 @item gpgme_tofu_info_t tofu
+@since{1.7.0}
+
 If not @code{NULL} information from the TOFU database pertaining to
 this user id.
 
@@ -3263,15 +3420,90 @@ this user id.
 This is a linked list with the signatures on this user ID.
 
 @item unsigned int origin : 5
+@since{1.8.0}
+
 Reserved for the origin of this user ID.
 
 @item unsigned long last_update
+@since{1.8.0}
+
 Reserved for the time of the last update of this user ID.
 
 @end table
 @end deftp
 
 
+@deftp {Data type} gpgme_tofu_info_t
+
+@since{1.7.0}
+
+The @code{gpgme_tofu_info_t} type is a pointer to a tofu info
+structure.  Tofu info structures are one component of a
+@code{gpgme_user_id_t} object, and provide information from the TOFU
+database pertaining to the user ID.
+
+The tofu info structure has the following members:
+
+@table @code
+@item gpgme_key_sig_t next
+This is a pointer to the next tofu info structure in the linked
+list, or @code{NULL} if this is the last element.
+
+@item unsigned int validity : 3
+This is the TOFU validity.  It can have the following values:
+
+@table @code
+@item 0
+The value @code{0} indicates a conflict.
+
+@item 1
+The value @code{1} indicates a key without history.
+
+@item 2
+The value @code{2} indicates a key with too little history.
+
+@item 3
+The value @code{3} indicates a key with enough history for basic trust.
+
+@item 4
+The value @code{4} indicates a key with a lot of history.
+
+@end table
+
+@item unsigned int policy : 4
+This is the TOFU policy, see @code{gpgme_tofu_policy_t}.
+
+@item unsigned short signcount
+This is the number of signatures seen for this binding (or
+@code{USHRT_MAX} if there are more than that).
+
+@item unsigned short encrcount
+This is the number of encryptions done with this binding (or
+@code{USHRT_MAX} if there are more than that).
+
+@item unsigned long signfirst
+Number of seconds since Epoch when the first signature was seen with
+this binding.
+
+@item unsigned long signlast
+Number of seconds since Epoch when the last signature was seen with
+this binding.
+
+@item unsigned long encrfirst
+Number of seconds since Epoch when the first encryption was done with
+this binding.
+
+@item unsigned long encrlast
+Number of seconds since Epoch when the last encryption was done with
+this binding.
+
+@item char *description
+A human-readable string summarizing the TOFU data (or NULL).
+
+@end table
+@end deftp
+
+
 @deftp {Data type} gpgme_key_sig_t
 
 The @code{gpgme_key_sig_t} type is a pointer to a key signature structure.
@@ -3417,11 +3649,13 @@ The function returns the error code @code{GPG_ERR_INV_VALUE} if
 are reported by the crypto engine support routines.
 @end deftypefun
 
-@deftypefun gpgme_error_t gpgme_op_keylist_from_data @
+@deftypefun gpgme_error_t gpgme_op_keylist_from_data_start @
             (@w{gpgme_ctx_t @var{ctx}}, @
              @w{gpgme_data_t @var{data}}, @
              @w{int @var{reserved}})
 
+@since{1.8.0}
+
 The function @code{gpgme_op_keylist_from_data_start} initiates a key
 listing operation inside the context @var{ctx}.  In contrast to the
 other key listing operation the keys are read from the supplied
@@ -3641,6 +3875,8 @@ first and provide a fallback to the old function if the error code
        @w{gpgme_key_t @var{extrakey}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_createkey} generates a new key for the
 procotol active in the context @var{ctx}.  As of now this function
 does only work for OpenPGP and requires at least version 2.1.13 of
@@ -3685,6 +3921,8 @@ A future version of GPGME may use this parameter to create X.509 keys.
 @itemx GPGME_CREATE_ENCR
 @itemx GPGME_CREATE_CERT
 @itemx GPGME_CREATE_AUTH
+@since{1.7.0}
+
 Do not create the key with the default capabilities (key usage) of the
 requested algorithm but use those explicitly given by these flags:
 ``signing'', ``encryption'', ``certification'', or ``authentication''.
@@ -3695,27 +3933,39 @@ selected only one key is created in the case of the OpenPGP
 protocol.
 
 @item GPGME_CREATE_NOPASSWD
+@since{1.7.0}
+
 Request generation of the key without password protection.
 
 @item GPGME_CREATE_SELFSIGNED
+@since{1.7.0}
+
 For an X.509 key do not create a CSR but a self-signed certificate.
 This has not yet been implemented.
 
 @item GPGME_CREATE_NOSTORE
+@since{1.7.0}
+
 Do not store the created key in the local key database.
 This has not yet been implemented.
 
 @item GPGME_CREATE_WANTPUB
 @itemx GPGME_CREATE_WANTSEC
+@since{1.7.0}
+
 Return the public or secret key as part of the result structure.
 This has not yet been implemented.
 
 @item GPGME_CREATE_FORCE
+@since{1.7.0}
+
 The engine does not allow the creation of a key with a user ID
 already existing in the local key database.  This flag can be used to
 override this check.
 
 @item GPGME_CREATE_NOEXPIRE
+@since{1.8.0}
+
 Request generation of keys that do not expire.
 
 @end table
@@ -3739,6 +3989,8 @@ codes.
        @w{gpgme_key_t @var{extrakey}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_createkey_start} initiates a
 @code{gpgme_op_createkey} operation; see there for details.  It must
 be completed by calling @code{gpgme_wait} on the context.
@@ -3757,6 +4009,8 @@ be completed by calling @code{gpgme_wait} on the context.
        @w{unsigned long @var{expires}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_createsubkey} creates and adds a new
 subkey to the primary OpenPGP key given by @var{KEY}.  The only
 allowed protocol in @var{ctx} is @code{GPGME_PROTOCOL_OPENPGP}.
@@ -3807,6 +4061,8 @@ codes.
        @w{unsigned long @var{expires}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_createsubkey_start} initiates a
 @code{gpgme_op_createsubkey} operation; see there for details.  It must
 be completed by calling @code{gpgme_wait} on the context.
@@ -3824,6 +4080,8 @@ be completed by calling @code{gpgme_wait} on the context.
        @w{const char *@var{userid}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_adduid} adds a new user ID to the OpenPGP
 key given by @var{KEY}.  Adding additional user IDs after key creation
 is a feature of the OpenPGP protocol and thus the protocol for the
@@ -3853,6 +4111,8 @@ codes.
        @w{const char *@var{userid}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_adduid_start} initiates a
 @code{gpgme_op_adduid} operation; see there for details.  It must
 be completed by calling @code{gpgme_wait} on the context.
@@ -3870,6 +4130,8 @@ be completed by calling @code{gpgme_wait} on the context.
        @w{const char *@var{userid}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_revuid} revokes a user ID from the OpenPGP
 key given by @var{KEY}.  Revoking user IDs after key creation is a
 feature of the OpenPGP protocol and thus the protocol for the context
@@ -3901,6 +4163,8 @@ codes.
        @w{const char *@var{userid}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_revuid_start} initiates a
 @code{gpgme_op_revuid} operation; see there for details.  It must
 be completed by calling @code{gpgme_wait} on the context.
@@ -3919,6 +4183,8 @@ be completed by calling @code{gpgme_wait} on the context.
        @w{cons char * @var{name}}, @
        @w{cons char * @var{value}});
 
+@since{1.8.0}
+
 The function @code{gpgme_op_set_uid_flag} is used to set flags on a
 user ID from the OpenPGP key given by @var{KEY}.  Setting flags on
 user IDs after key creation is a feature of the OpenPGP protocol and
@@ -3957,6 +4223,8 @@ codes.
        @w{cons char * @var{name}}, @
        @w{cons char * @var{value}});
 
+@since{1.8.0}
+
 The function @code{gpgme_op_set_uid_flag_start} initiates a
 @code{gpgme_op_set_uid_flag} operation; see there for details.  It must
 be completed by calling @code{gpgme_wait} on the context.
@@ -4084,10 +4352,14 @@ key will be returned.  If the crypto engine does not provide the
 fingerprint, @code{fpr} will be a null pointer.
 
 @item gpgme_data_t pubkey
+@since{1.7.0}
+
 This will eventually be used to return the public key.  It is
 currently not used.
 
 @item gpgme_data_t seckey
+@since{1.7.0}
+
 This will eventually be used to return the secret key.  It is
 currently not used.
 
@@ -4132,6 +4404,8 @@ versions.
        @w{unsigned long @var{expires}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_keysign} adds a new key signature to the
 public key @var{KEY}.   This function requires at least version 2.1.12 of
 GnuPG.
@@ -4167,10 +4441,14 @@ only encode dates up to the year 2106.
 
 @table @code
 @item GPGME_KEYSIGN_LOCAL
+@since{1.7.0}
+
 Instead of creating an exportable key signature, create a key
 signature which is is marked as non-exportable.
 
 @item GPGME_KEYSIGN_LFSEP
+@since{1.7.0}
+
 Although linefeeds are uncommon in user IDs this flag is required to
 explicitly declare that @var{userid} may contain several linefeed
 separated user IDs.
@@ -4195,6 +4473,8 @@ codes.
        @w{unsigned long @var{expires}}, @
        @w{unsigned int @var{flags}});
 
+@since{1.7.0}
+
 The function @code{gpgme_op_keysign_start} initiates a
 @code{gpgme_op_keysign} operation; see there for details.  It must
 be completed by calling @code{gpgme_wait} on the context.
@@ -4226,22 +4506,30 @@ time.  Using this flag requires that the @var{keydata} argument of the
 export function is set to @code{NULL}.
 
 @item GPGME_EXPORT_MODE_MINIMAL
+@since{1.3.1}
+
 If this bit is set, the smallest possible key is exported.  For OpenPGP
 keys it removes all signatures except for the latest self-signatures.
 For X.509 keys it has no effect.
 
 
 @item GPGME_EXPORT_MODE_SECRET
+@since{1.6.0}
+
 Instead of exporting the public key, the secret key is exported.  This
 may not be combined with @code{GPGME_EXPORT_MODE_EXTERN}.  For X.509
 the export format is PKCS#8.
 
 @item GPGME_EXPORT_MODE_RAW
+@since{1.6.0}
+
 If this flag is used with @code{GPGME_EXPORT_MODE_SECRET} for an X.509
 key the export format will be changed to PKCS#1.  This flag may not be
 used with OpenPGP.
 
 @item GPGME_EXPORT_MODE_PKCS12
+@since{1.6.0}
+
 If this flag is used with @code{GPGME_EXPORT_MODE_SECRET} for an X.509
 key the export format will be changed to PKCS#12 which also includes
 the certificate.  This flag may not be used with OpenPGP.
@@ -4311,6 +4599,8 @@ if @var{keydata} is not a valid empty data buffer.
 
 
 @deftypefun gpgme_error_t gpgme_op_export_keys (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t keys[]}, @w{gpgme_export_mode_t @var{mode}}, @w{gpgme_data_t @var{keydata}})
+@since{1.2.0}
+
 The function @code{gpgme_op_export_keys} extracts public keys and returns
 them in the data buffer @var{keydata}.  The output format of the key
 data returned is determined by the @acronym{ASCII} armor attribute set
@@ -4333,6 +4623,8 @@ are reported by the crypto engine support routines.
 @end deftypefun
 
 @deftypefun gpgme_error_t gpgme_op_export_keys_start (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t @var{keys}[]}, @w{gpgme_export_mode_t @var{mode}}, @w{gpgme_data_t @var{keydata}})
+@since{1.2.0}
+
 The function @code{gpgme_op_export_keys_start} initiates a
 @code{gpgme_op_export_ext} operation.  It can be completed by calling
 @code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
@@ -4376,37 +4668,45 @@ The function @code{gpgme_op_import_start} initiates a
 
 The function returns the error code @code{GPG_ERR_NO_ERROR} if the
 import could be started successfully, @code{GPG_ERR_INV_VALUE} if
-@var{keydata} if @var{ctx} or @var{keydata} is not a valid pointer,
-and @code{GPG_ERR_NO_DATA} if @var{keydata} is an empty data buffer.
+@var{ctx} or @var{keydata} is not a valid pointer, and
+@code{GPG_ERR_NO_DATA} if @var{keydata} is an empty data buffer.
 @end deftypefun
 
 @deftypefun gpgme_error_t gpgme_op_import_keys (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t *@var{keys}})
-The function @code{gpgme_op_import_keys} adds the keys described by the
-@code{NULL} terminated array @var{keys} to the key ring of the crypto
-engine used by @var{ctx}.  This function is the general interface to
-move a key from one crypto engine to another as long as they are
-compatible.  In particular it is used to actually import and make keys
-permanent which have been retrieved from an external source (i.e. using
-@code{GPGME_KEYLIST_MODE_EXTERN}).  @footnote{Thus it is a replacement
-for the usual workaround of exporting and then importing a key to make
-an X.509 key permanent.}
+@since{1.2.0}
+
+The function @code{gpgme_op_import_keys} adds the keys described by
+the @code{NULL} terminated array @var{keys} to the key ring of the
+crypto engine used by @var{ctx}.  It is used to actually import and
+make keys permanent which have been retrieved from an external source
+(i.e. using @code{GPGME_KEYLIST_MODE_EXTERN}) earlier.  The external
+keylisting must have been made with the same context configuration (in
+particular the same home directory).  @footnote{Thus it is a
+replacement for the usual workaround of exporting and then importing a
+key to make an X.509 key permanent.}  Note that for OpenPGP this may
+require another access to the keyserver over the network.
 
 Only keys of the currently selected protocol of @var{ctx} are
 considered for import.  Other keys specified by the @var{keys} are
 ignored.  As of now all considered keys must have been retrieved using
-the same method, that is the used key listing mode must be identical.
+the same method, i.e. the used key listing mode must be identical.
 
 After the operation completed successfully, the result can be
 retrieved with @code{gpgme_op_import_result}.
 
+To move keys from one home directory to another, export and import the
+keydata using @code{gpgme_op_export} and @code{gpgme_op_import}.
+
 The function returns the error code @code{GPG_ERR_NO_ERROR} if the
 import was completed successfully, @code{GPG_ERR_INV_VALUE} if
-@var{keydata} if @var{ctx} or @var{keydata} is not a valid pointer,
-@code{GPG_ERR_CONFLICT} if the key listing mode does not match, and
-@code{GPG_ERR_NO_DATA} if no keys are considered for export.
+@var{ctx} is not a valid pointer, @code{GPG_ERR_CONFLICT} if the key
+listing mode does not match, and @code{GPG_ERR_NO_DATA} if no keys are
+considered for export.
 @end deftypefun
 
 @deftypefun gpgme_error_t gpgme_op_import_keys_start (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t *@var{keys}})
+@since{1.2.0}
+
 The function @code{gpgme_op_import_keys_start} initiates a
 @code{gpgme_op_import_keys} operation.  It can be completed by calling
 @code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
@@ -4529,11 +4829,26 @@ operation is started on the context.
 @cindex key, delete
 @cindex key ring, delete from
 
-@deftypefun gpgme_error_t gpgme_op_delete (@w{gpgme_ctx_t @var{ctx}}, @w{const gpgme_key_t @var{key}}, @w{int @var{allow_secret}})
-The function @code{gpgme_op_delete} deletes the key @var{key} from the
-key ring of the crypto engine used by @var{ctx}.  If
-@var{allow_secret} is @code{0}, only public keys are deleted,
-otherwise secret keys are deleted as well, if that is supported.
+@deftypefun gpgme_error_t gpgme_op_delete_ext (@w{gpgme_ctx_t @var{ctx}}, @w{const gpgme_key_t @var{key}}, @w{unsigned int @var{flags}})
+@since{1.9.1}
+
+The function @code{gpgme_op_delete_ext} deletes the key @var{key} from
+the key ring of the crypto engine used by @var{ctx}.
+
+@var{flags} can be set to the bit-wise OR of the following flags:
+
+@table @code
+@item GPGME_DELETE_ALLOW_SECRET
+@since{1.9.1}
+
+If not set, only public keys are deleted. If set, secret keys are
+deleted as well, if that is supported.
+
+@item GPGME_DELETE_FORCE
+@since{1.9.1}
+
+If set, the user is not asked to confirm the deletion.
+@end table
 
 The function returns the error code @code{GPG_ERR_NO_ERROR} if the key
 was deleted successfully, @code{GPG_ERR_INV_VALUE} if @var{ctx} or
@@ -4544,8 +4859,10 @@ unambiguously, and @code{GPG_ERR_CONFLICT} if the secret key for
 @var{key} is available, but @var{allow_secret} is zero.
 @end deftypefun
 
-@deftypefun gpgme_error_t gpgme_op_delete_start (@w{gpgme_ctx_t @var{ctx}}, @w{const gpgme_key_t @var{key}}, @w{int @var{allow_secret}})
-The function @code{gpgme_op_delete_start} initiates a
+@deftypefun gpgme_error_t gpgme_op_delete_ext_start (@w{gpgme_ctx_t @var{ctx}}, @w{const gpgme_key_t @var{key}}, @w{unsigned int @var{flags}})
+@since{1.9.1}
+
+The function @code{gpgme_op_delete_ext_start} initiates a
 @code{gpgme_op_delete} operation.  It can be completed by calling
 @code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
 
@@ -4554,6 +4871,18 @@ operation was started successfully, and @code{GPG_ERR_INV_VALUE} if
 @var{ctx} or @var{key} is not a valid pointer.
 @end deftypefun
 
+The following functions allow only to use one particular flag.
+
+@deftypefun gpgme_error_t gpgme_op_delete (@w{gpgme_ctx_t @var{ctx}}, @w{const gpgme_key_t @var{key}}, @w{int @var{allow_secret}})
+Similar to @code{gpgme_op_delete_ext}, but only the flag
+@code{GPGME_DELETE_ALLOW_SECRET} can be provided.
+@end deftypefun
+
+@deftypefun gpgme_error_t gpgme_op_delete_start (@w{gpgme_ctx_t @var{ctx}}, @w{const gpgme_key_t @var{key}}, @w{int @var{allow_secret}})
+Similar to @code{gpgme_op_delete_ext_start}, but only the flag
+@code{GPGME_DELETE_ALLOW_SECRET} can be provided.
+@end deftypefun
+
 
 @node Changing Passphrases
 @subsection Changing Passphrases
@@ -4564,6 +4893,8 @@ operation was started successfully, and @code{GPG_ERR_INV_VALUE} if
               @w{const gpgme_key_t @var{key}}, @
               @w{unsigned int @var{flags}})
 
+@since{1.3.0}
+
 The function @code{gpgme_op_passwd} changes the passphrase of the
 private key associated with @var{key}.  The only allowed value for
 @var{flags} is @code{0}.  The backend engine will usually popup a window
@@ -4580,6 +4911,8 @@ this command and will silently ignore it.
               @w{const gpgme_key_t @var{key}}, @
               @w{unsigned int @var{flags}})
 
+@since{1.3.0}
+
 The function @code{gpgme_op_passwd_start} initiates a
 @code{gpgme_op_passwd} operation.    It can be completed by calling
 @code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
@@ -4603,6 +4936,8 @@ for a key.  See the GnuPG manual for details on the TOFU
 implementation.
 
 @deftp {Data type} {enum gpgme_tofu_policy_t}
+@since{1.7.0}
+
 @tindex gpgme_tofu_policy_t
 The @code{gpgme_tofu_policy_t} type specifies the set of possible
 policy values that are supported by @acronym{GPGME}:
@@ -4629,6 +4964,8 @@ To change the policy for a key the following functions can be used:
               @w{const gpgme_key_t @var{key}}, @
               @w{gpgme_tofu_policy_t @var{policy}})
 
+@since{1.7.0}
+
 The function @code{gpgme_op_tofu_policy} changes the TOFU policy of
 @var{key}.  The valid values for @var{policy} are listed above.  As of
 now this function does only work for OpenPGP and requires at least
@@ -4645,6 +4982,8 @@ codes.
               @w{const gpgme_key_t @var{key}}, @
               @w{gpgme_tofu_policy_t @var{policy}})
 
+@since{1.7.0}
+
 The function @code{gpgme_op_tofu_policy_start} initiates a
 @code{gpgme_op_tofu_policy} operation.    It can be completed by calling
 @code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
@@ -4665,6 +5004,9 @@ could not be started.
     @w{const char *@var{status}}, @
     @w{const char *@var{args}}, @
     @w{int @var{fd}})}
+
+@since{1.7.0}
+
 @tindex gpgme_interact_cb_t
 The @code{gpgme_interact_cb_t} type is the type of functions which
 @acronym{GPGME} calls if it a key interact operation is on-going.  The
@@ -4686,6 +5028,9 @@ the status code, @code{0} for success, or any other error value.
    @w{gpgme_interact_cb_t @var{fnc}}, @
    @w{void *@var{handle}}, @
    @w{gpgme_data_t @var{out}})
+
+@since{1.7.0}
+
 The function @code{gpgme_op_interact} processes the key @var{KEY}
 interactively, using the interact callback function @var{FNC} with the
 handle @var{HANDLE}.  The callback is invoked for every status and
@@ -4701,6 +5046,8 @@ bit value is:
 
 @table @code
 @item GPGME_INTERACT_CARD
+@since{1.7.0}
+
 This is used for smartcard based keys and uses gpg’s
 @code{--card-edit} command.
 
@@ -4719,6 +5066,9 @@ the edit callback handler.
    @w{gpgme_interact_cb_t @var{fnc}}, @
    @w{void *@var{handle}}, @
    @w{gpgme_data_t @var{out}})
+
+@since{1.7.0}
+
 The function @code{gpgme_op_interact_start} initiates a
 @code{gpgme_op_interact} operation.  It can be completed by calling
 @code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
@@ -4889,7 +5239,7 @@ if @var{ctx}, @var{cipher} or @var{plain} is not a valid pointer,
 @code{GPG_ERR_NO_DATA} if @var{cipher} does not contain any data to
 decrypt, @code{GPG_ERR_DECRYPT_FAILED} if @var{cipher} is not a valid
 cipher text, @code{GPG_ERR_BAD_PASSPHRASE} if the passphrase for the
-secret key could not be retrieved, and passes through any errors that
+secret key could not be retrieved, and passes through some errors that
 are reported by the crypto engine support routines.
 @end deftypefun
 
@@ -4910,6 +5260,8 @@ if @var{cipher} or @var{plain} is not a valid pointer.
             @w{gpgme_data_t @var{cipher}}, @
             @w{gpgme_data_t @var{plain}})
 
+@since{1.8.0}
+
 The function @code{gpgme_op_decrypt_ext} is the same as
 @code{gpgme_op_decrypt_ext} but has an additional argument
 @var{flags}.  If @var{flags} is 0 both function behave identically.
@@ -4919,10 +5271,14 @@ multiple of the following bit values:
 
 @table @code
 @item GPGME_DECRYPT_VERIFY
+@since{1.8.0}
+
 The @code{GPGME_DECRYPT_VERIFY} symbol specifies that this function
 shall exacty act as @code{gpgme_op_decrypt_verify}.
 
 @item GPGME_DECRYPT_UNWRAP
+@since{1.8.0}
+
 The @code{GPGME_DECRYPT_UNWRAP} symbol specifies that the output shall
 be an OpenPGP message with only the encryption layer removed.  This
 requires GnuPG 2.1.12 and works only for OpenPGP.  This is the
@@ -4940,6 +5296,8 @@ The function returns the error codes as descriped for
             @w{gpgme_data_t @var{cipher}}, @
             @w{gpgme_data_t @var{plain}})
 
+@since{1.8.0}
+
 The function @code{gpgme_op_decrypt_ext_start} initiates a
 @code{gpgme_op_decrypt_ext} operation.  It can be completed by calling
 @code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
@@ -4951,6 +5309,8 @@ if @var{cipher} or @var{plain} is not a valid pointer.
 
 
 @deftp {Data type} {gpgme_recipient_t}
+@since{1.1.0}
+
 This is a pointer to a structure used to store information about the
 recipient of an encrypted text which is decrypted in a
 @code{gpgme_op_decrypt} operation.  This information (except for the
@@ -4991,9 +5351,13 @@ If an unsupported algorithm was encountered, this string describes the
 algorithm that is not supported.
 
 @item unsigned int wrong_key_usage : 1
+@since{0.9.0}
+
 This is true if the key was not used according to its policy.
 
 @item gpgme_recipient_t recipients
+@since{1.1.0}
+
 This is a linked list of recipients to which this message was encrypted.
 
 @item char *file_name
@@ -5001,6 +5365,8 @@ This is the filename of the original plaintext message file if it is
 known, otherwise this is a null pointer.
 
 @item char *session_key
+@since{1.8.0}
+
 A textual representation (nul-terminated string) of the session key
 used in symmetric encryption of the message, if the context has been
 set to export session keys (see @code{gpgme_set_ctx_flag,
@@ -5104,10 +5470,14 @@ following bit values:
 
 @table @code
 @item GPGME_SIG_NOTATION_HUMAN_READABLE
+@since{1.1.0}
+
 The @code{GPGME_SIG_NOTATION_HUMAN_READABLE} symbol specifies that the
 notation data is in human readable form
 
 @item GPGME_SIG_NOTATION_CRITICAL
+@since{1.1.0}
+
 The @code{GPGME_SIG_NOTATION_CRITICAL} symbol specifies that the
 notation data is critical.
 
@@ -5192,6 +5562,9 @@ The defined bits are:
 
   @item GPGME_SIGSUM_SYS_ERROR
   A system error occured.
+
+  @item GPGME_SIGSUM_TOFU_CONFLICT
+  A TOFU conflict was detected.
   @end table
 
 @item char *fpr
@@ -5266,6 +5639,8 @@ Depending on the configuration of the engine, this metric may also be
 reflected by the validity of the signature.
 
 @item unsigned int chain_model : 1
+@since{1.1.6}
+
 This is true if the validity of the signature has been checked using the
 chain model.  In the chain model the time the signature has been created
 must be within the validity period of the certificate and the time the
@@ -5291,6 +5666,8 @@ The hash algorithm used to create this signature.
 The mailbox from the PKA information or @code{NULL}.
 
 @item gpgme_key_t key
+@since{1.7.0}
+
 An object describing the key used to create the signature.  This key
 object may be incomplete in that it only conveys information
 availabale directly with a signature.  It may also be @code{NULL} if
@@ -5384,6 +5761,8 @@ functions in GPGME and GnuPG:
 
 @deftypefun @w{char *} gpgme_addrspec_from_uid (@w{const char *@var{uid}})
 
+@since{1.7.1}
+
 Return the mail address (called ``addr-spec'' in RFC-5322) from the
 string @var{uid} which is assumed to be a user id (called ``address''
 in RFC-5322).  All plain ASCII characters (i.e. those with bit 7
@@ -5439,6 +5818,8 @@ Calling this function acquires an additional reference for the key.
 @end deftypefun
 
 @deftypefun @w{unsigned int} gpgme_signers_count (@w{const gpgme_ctx_t @var{ctx}})
+@since{1.4.3}
+
 The function @code{gpgme_signers_count} returns the number of signer keys in
 the context @var{ctx}.
 @end deftypefun
@@ -5580,6 +5961,8 @@ to a signature.  This information is then available to the user when
 the signature is verified.
 
 @deftypefun void gpgme_sig_notation_clear (@w{gpgme_ctx_t @var{ctx}})
+@since{1.1.0}
+
 The function @code{gpgme_sig_notation_clear} removes the notation data
 from the context @var{ctx}.  Subsequent signing operations from this
 context will not include any notation data.
@@ -5588,6 +5971,8 @@ Every context starts with an empty notation data list.
 @end deftypefun
 
 @deftypefun gpgme_error_t gpgme_sig_notation_add (@w{gpgme_ctx_t @var{ctx}}, @w{const char *@var{name}}, @w{const char *@var{value}}, @w{gpgme_sig_notation_flags_t @var{flags}})
+@since{1.1.0}
+
 The function @code{gpgme_sig_notation_add} adds the notation data with
 the name @var{name} and the value @var{value} to the context
 @var{ctx}.
@@ -5613,6 +5998,8 @@ reported by the crypto engine support routines.
 @end deftypefun
 
 @deftypefun gpgme_sig_notation_t gpgme_sig_notation_get (@w{const gpgme_ctx_t @var{ctx}})
+@since{1.1.0}
+
 The function @code{gpgme_sig_notation_get} returns the linked list of
 notation data structures that are contained in the context @var{ctx}.
 
@@ -5662,12 +6049,16 @@ have a high enough validity in the keyring.  This flag should be used
 with care; in general it is not a good idea to use any untrusted keys.
 
 @item GPGME_ENCRYPT_NO_ENCRYPT_TO
+@since{1.2.0}
+
 The @code{GPGME_ENCRYPT_NO_ENCRYPT_TO} symbol specifies that no
 default or hidden default recipients as configured in the crypto
 backend should be included.  This can be useful for managing different
 user profiles.
 
 @item GPGME_ENCRYPT_NO_COMPRESS
+@since{1.5.0}
+
 The @code{GPGME_ENCRYPT_NO_COMPRESS} symbol specifies that the
 plaintext shall not be compressed before it is encrypted.  This is
 in some cases useful if the length of the encrypted message
@@ -5682,12 +6073,16 @@ protocol to prepare an encryption (i.e. sending the
 also expect a sign command.
 
 @item GPGME_ENCRYPT_SYMMETRIC
+@since{1.7.0}
+
 The @code{GPGME_ENCRYPT_SYMMETRIC} symbol specifies that the
 output should be additionally encrypted symmetrically even
 if recipients are provided. This feature is only supported for
 for the OpenPGP crypto engine.
 
 @item GPGME_ENCRYPT_THROW_KEYIDS
+@since{1.8.0}
+
 The @code{GPGME_ENCRYPT_THROW_KEYIDS} symbols requests that the
 identifiers for the decrption keys are not included in the ciphertext.
 On the receiving side, the use of this flag may slow down the
@@ -5695,6 +6090,8 @@ decryption process because all available secret keys must be tried.
 This flag is only honored for OpenPGP encryption.
 
 @item GPGME_ENCRYPT_WRAP
+@since{1.8.0}
+
 The @code{GPGME_ENCRYPT_WRAP} symbol specifies that the input is an
 OpenPGP message and not a plain data.  This is the counterpart to
 @code{GPGME_DECRYPT_UNWRAP}.
@@ -5819,6 +6216,8 @@ with the GPGME API.
              @w{gpgme_data_t @var{dataout}}, @w{gpgme_data_t @var{dataerr}}, @
              @w{unsigned int @var{flags}})
 
+@since{1.5.0}
+
 The function @code{gpgme_op_spawn} runs the program @var{file} with
 the arguments taken from the NULL terminated array @var{argv}.  If no
 arguments are required @var{argv} may be given as @code{NULL}.  In the
@@ -5834,10 +6233,15 @@ multiple of the following bit values:
 
 @table @code
 @item GPGME_SPAWN_DETACHED
+@since{1.5.0}
+
 Under Windows this flag inhibits the allocation of a new console for
 the program.  This is useful for a GUI application which needs to call
 a command line helper tool.
+
 @item GPGME_SPAWN_ALLOW_SET_FG
+@since{1.5.0}
+
 Under Windows this flag allows the called program to put itself into
 the foreground.
 @end table
@@ -5849,6 +6253,8 @@ the foreground.
              @w{gpgme_data_t @var{dataout}}, @w{gpgme_data_t @var{dataerr}}, @
              @w{unsigned int @var{flags}})
 
+@since{1.5.0}
+
 This is the asynchronous variant of @code{gpgme_op_spawn}.
 @end deftypefun
 
@@ -5869,6 +6275,8 @@ data:
        (@w{void *@var{opaque}}, @w{const void *@var{data}}, @
         @w{size_t @var{datalen}})}
 
+@since{1.2.0}
+
 This callback receives any data sent by the server.  @var{opaque} is
 the pointer passed to @code{gpgme_op_assuan_transact_start},
 @var{data} of length @var{datalen} refers to the data sent.
@@ -5878,6 +6286,8 @@ the pointer passed to @code{gpgme_op_assuan_transact_start},
        (@w{void *@var{opaque}}, @w{const char *@var{name}}, @
         @w{const char *@var{args}}, @w{gpgme_data_t *@var{r_data}})}
 
+@since{1.2.0}
+
 This callback is used to provide additional data to the Assuan server.
 @var{opaque} is the pointer passed to
 @code{gpgme_op_assuan_transact_start}, @var{name} and @var{args}
@@ -5891,6 +6301,8 @@ Note: Returning data is currently not implemented in @acronym{GPGME}.
        (@w{void *@var{opaque}}, @w{const char *@var{status}}, @
         @w{const char *@var{args}})}
 
+@since{1.2.0}
+
 This callback receives any status lines sent by the server.
 @var{opaque} is the pointer passed to
 @code{gpgme_op_assuan_transact_start}, @var{status} and @var{args}
@@ -5906,6 +6318,8 @@ denote the status update sent.
              @w{gpgme_assuan_status_cb_t @var{status_cb}}, @
              @w{void * @var{status_cb_value}})
 
+@since{1.2.0}
+
 Send the Assuan @var{command} and return results via the callbacks.
 Any callback may be @code{NULL}.  The result of the operation may be
 retrieved using @code{gpgme_wait_ext}.
@@ -5939,6 +6353,8 @@ access this online database and check whether a new version of a
 software package is available.
 
 @deftp {Data type} {gpgme_query_swdb_result_t}
+@since{1.8.0}
+
 This is a pointer to a structure used to store the result of a
 @code{gpgme_op_query_swdb} operation.  After success full call to that
 function, you can retrieve the pointer to the result with
@@ -5983,7 +6399,7 @@ If this flag is set the given @code{name} is not known.
 If this flag is set the available information is not fresh enough.
 
 @item error
-If this flag is set some other error has occured.
+If this flag is set some other error has occurred.
 
 @item version
 The version string of the latest released version.
@@ -6000,6 +6416,8 @@ The release date of the latest released version.
              @w{const char *@var{iversion}},  @
              @w{gpgme_data_t @var{reserved}})
 
+@since{1.8.0}
+
 Query the software version database for software package @var{name}
 and check against the installed version given by @var{iversion}.  If
 @var{iversion} is given as @code{NULL} a check is only done if GPGME
@@ -6012,10 +6430,12 @@ current gpgme version is checked.  @var{reserved} must be set to 0.
 @deftypefun gpgme_query_swdb_result_t gpgme_op_query_swdb_result @
             (@w{gpgme_ctx_t @var{ctx}})
 
+@since{1.8.0}
+
 The function @code{gpgme_op_query_swdb_result} returns a
 @code{gpgme_query_swdb_result_t} pointer to a structure holding the
 result of a @code{gpgme_op_query_swdb} operation.  The pointer is only
-valid if the last operation on the context was a sucessful call to
+valid if the last operation on the context was a successful call to
 @code{gpgme_op_query_swdb}.  If that call failed, the result might
 be a @code{NULL} pointer.  The returned pointer is only valid until
 the next operation is started on the context @var{ctx}.
@@ -6273,9 +6693,9 @@ in a context which has I/O callback functions registered by the user.
 @code{gpgme_event_io_cb_t} function with @acronym{GPGME} and will always be
 passed as the first argument when registering a callback function.
 For example, the user can use this to determine the context in which
-this event has occured.
+this event has occurred.
 
-@var{type} will specify the type of event that has occured.
+@var{type} will specify the type of event that has occurred.
 @var{type_data} specifies the event further, as described in the above
 list of possible @code{gpgme_event_io_t} types.
 
@@ -6313,7 +6733,7 @@ must be processed.
 @item void *event_priv
 This is passed as the first argument to the @code{event} function when
 it is called by @acronym{GPGME}.  For example, it can be used to
-determine the context in which the event has occured.
+determine the context in which the event has occurred.
 @end table
 @end deftp
 
@@ -6774,6 +7194,8 @@ immediately.  Instead, cancellation occurs at the next possible time
 (typically the next time I/O occurs in the target context).
 
 @deftypefun gpgme_ctx_t gpgme_cancel (@w{gpgme_ctx_t @var{ctx}})
+@since{0.4.5}
+
 The function @code{gpgme_cancel} attempts to cancel a pending
 operation in the context @var{ctx}.  This only works if you use the
 global event loop or your own event loop.
@@ -6796,6 +7218,8 @@ case the state of @var{ctx} is not modified).
 
 
 @deftypefun gpgme_ctx_t gpgme_cancel_async (@w{gpgme_ctx_t @var{ctx}})
+@since{1.1.7}
+
 The function @code{gpgme_cancel_async} attempts to cancel a pending
 operation in the context @var{ctx}.  This can be called by any thread
 at any time after starting an operation on the context, but will not
@@ -6878,6 +7302,8 @@ The function @code{gpgme_trust_item_release} is an alias for
 
 
 @deftypefun gpgme_error_t gpgme_op_import_ext (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_data_t @var{keydata}}, @w{int *@var{nr}})
+@since{0.3.9}
+
 The function @code{gpgme_op_import_ext} is equivalent to:
 
 @example
@@ -6911,6 +7337,8 @@ the status code, @code{0} for success, or any other error value.
 @end deftp
 
 @deftypefun gpgme_error_t gpgme_op_edit (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t @var{key}}, @w{gpgme_edit_cb_t @var{fnc}}, @w{void *@var{handle}}, @w{gpgme_data_t @var{out}})
+@since{0.3.9}
+
 Note: This function is deprecated, please use
 @code{gpgme_op_interact} instead.
 
@@ -6931,6 +7359,9 @@ by the crypto engine or the edit callback handler.
 @end deftypefun
 
 @deftypefun gpgme_error_t gpgme_op_edit_start (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t @var{key}}, @w{gpgme_edit_cb_t @var{fnc}}, @w{void *@var{handle}}, @w{gpgme_data_t @var{out}})
+
+@since{0.3.9}
+
 Note: This function is deprecated, please use
 @code{gpgme_op_interact_start} instead.
 
diff --git a/doc/texinfo.tex b/doc/texinfo.tex
index 2c274a2..a5c849c 100644
--- a/doc/texinfo.tex
+++ b/doc/texinfo.tex
@@ -460,7 +460,7 @@
 \def\argremovecomment#1\comment#2\ArgTerm{\argremovec #1\c\ArgTerm}
 \def\argremovec#1\c#2\ArgTerm{\argcheckspaces#1\^^M\ArgTerm}
 
-% Each occurence of `\^^M' or `<space>\^^M' is replaced by a single space.
+% Each occurrence of `\^^M' or `<space>\^^M' is replaced by a single space.
 %
 % \argremovec might leave us with trailing space, e.g.,
 %    @end itemize  @c foo
@@ -485,7 +485,7 @@
 % to get _exactly_ the rest of the line, we had to prevent such situation.
 % We prepended an \empty token at the very beginning and we expand it now,
 % just before passing the control to \argtorun.
-% (Similarily, we have to think about #3 of \argcheckspacesY above: it is
+% (Similarly, we have to think about #3 of \argcheckspacesY above: it is
 % either the null string, or it ends with \^^M---thus there is no danger
 % that a pair of braces would be stripped.
 %
@@ -542,7 +542,7 @@
 % used to check whether the current environment is the one expected.
 %
 % Non-false conditionals (@iftex, @ifset) don't fit into this, so they
-% are not treated as enviroments; they don't open a group.  (The
+% are not treated as environments; they don't open a group.  (The
 % implementation of @end takes care not to call \endgroup in this
 % special case.)
 
@@ -565,7 +565,7 @@
   \fi
 }
 
-% Evironment mismatch, #1 expected:
+% Environment mismatch, #1 expected:
 \def\badenverr{%
   \errhelp = \EMsimple
   \errmessage{This command can appear only \inenvironment\temp,
@@ -7317,7 +7317,7 @@ end
 % In case a @footnote appears in a vbox, save the footnote text and create
 % the real \insert just after the vbox finished.  Otherwise, the insertion
 % would be lost.
-% Similarily, if a @footnote appears inside an alignment, save the footnote
+% Similarly, if a @footnote appears inside an alignment, save the footnote
 % text to a box and make the \insert when a row of the table is finished.
 % And the same can be done for other insert classes.  --kasal, 16nov03.
 
diff --git a/doc/uiserver.texi b/doc/uiserver.texi
index f10db01..6938aee 100644
--- a/doc/uiserver.texi
+++ b/doc/uiserver.texi
@@ -484,7 +484,7 @@ First, the input files need to be specified by one or more
 @code{FILE} commands.  Afterwards, the actual operation is requested:
 
 @deffn Command CHECKSUM_CREATE_FILES --nohup
-Request that checksums are created for the files specifed by
+Request that checksums are created for the files specified by
 @code{FILE}.  The choice of checksum algorithm and the destination
 storage and format for the created checksums depend on the preferences
 of the user and the functionality provided by the UI server.  For
@@ -499,7 +499,7 @@ promptly, and completes the operation asynchronously.
 
 
 @deffn Command CHECKSUM_VERIFY_FILES --nohup
-Request that checksums are created for the files specifed by
+Request that checksums are created for the files specified by
 @code{FILE} and verified against previously created and stored
 checksums.  The choice of checksum algorithm and the source storage
 and format for previously created checksums depend on the preferences
diff --git a/gpgme.spec b/gpgme.spec
index 4077c19..1a79ae6 100644
--- a/gpgme.spec
+++ b/gpgme.spec
@@ -1,7 +1,7 @@
 # This is a template.  The dist target uses it to create the real file.
 Summary: GPGME - GnuPG Made Easy
 Name: gpgme
-Version: 1.9.0
+Version: 1.10.0
 Release: 1
 URL: https://gnupg.org/gpgme.html
 Source: ftp://ftp.gnupg.org/gcrypt/alpha/gpgme/%{name}-%{version}.tar.gz
diff --git a/lang/Makefile.in b/lang/Makefile.in
index 5ebbf14..9ca2ef6 100644
--- a/lang/Makefile.in
+++ b/lang/Makefile.in
@@ -316,7 +316,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/lang/cl/Makefile.in b/lang/cl/Makefile.in
index 4737b80..8cb02bd 100644
--- a/lang/cl/Makefile.in
+++ b/lang/cl/Makefile.in
@@ -289,7 +289,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/lang/cl/gpgme.asd b/lang/cl/gpgme.asd
index 50046a6..4db4d63 100644
--- a/lang/cl/gpgme.asd
+++ b/lang/cl/gpgme.asd
@@ -27,7 +27,7 @@
 (defsystem gpgme
     :description "GnuPG Made Easy."
     :author "g10 Code GmbH"
-    :version "1.9.0"
+    :version "1.10.0"
     :licence "GPL"
     :depends-on ("cffi" "gpg-error")
     :components ((:file "gpgme-package")
diff --git a/lang/cpp/Makefile.am b/lang/cpp/Makefile.am
index 7fbaca8..026ca00 100644
--- a/lang/cpp/Makefile.am
+++ b/lang/cpp/Makefile.am
@@ -1,5 +1,6 @@
 # Makefile.am for GPGMEPP.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGMEPP.
 #
diff --git a/lang/cpp/Makefile.in b/lang/cpp/Makefile.in
index f49d1d0..0527499 100644
--- a/lang/cpp/Makefile.in
+++ b/lang/cpp/Makefile.in
@@ -15,7 +15,8 @@
 @SET_MAKE@
 
 # Makefile.am for GPGMEPP.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGMEPP.
 #
@@ -318,7 +319,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/lang/cpp/README b/lang/cpp/README
index b9a48da..e142e37 100644
--- a/lang/cpp/README
+++ b/lang/cpp/README
@@ -62,7 +62,7 @@ Example to set the ownertrust of a key:
     Data data;
     /* Start the edit on some key previously obtained. */
     Error e = ctx->edit(key, std::unique_ptr<EditInteractor>(ei), data);
-    /* Errors provide boolean comparision */
+    /* Errors provide boolean comparison */
     if (!e)
         ...
     /* Delete the context */
diff --git a/lang/cpp/src/GpgmeppConfig.cmake.in.in b/lang/cpp/src/GpgmeppConfig.cmake.in.in
index 7f42f31..73f5eaa 100644
--- a/lang/cpp/src/GpgmeppConfig.cmake.in.in
+++ b/lang/cpp/src/GpgmeppConfig.cmake.in.in
@@ -63,7 +63,7 @@ add_library(Gpgmepp SHARED IMPORTED)
 
 set_target_properties(Gpgmepp PROPERTIES
   INTERFACE_INCLUDE_DIRECTORIES "@resolved_includedir@/gpgme++;@resolved_includedir@"
-  INTERFACE_LINK_LIBRARIES "pthread;@resolved_libdir@/libgpgme.so;@LIBASSUAN_LIBS@"
+  INTERFACE_LINK_LIBRARIES "pthread;@resolved_libdir@/libgpgme@libsuffix@;@LIBASSUAN_LIBS@"
   IMPORTED_LOCATION "@resolved_libdir@/libgpgmepp@libsuffix@"
 )
 
diff --git a/lang/cpp/src/Makefile.am b/lang/cpp/src/Makefile.am
index 4028b3d..1e6bdc2 100644
--- a/lang/cpp/src/Makefile.am
+++ b/lang/cpp/src/Makefile.am
@@ -1,5 +1,6 @@
 # Makefile.am for GPGMEPP.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGMEPP.
 #
diff --git a/lang/cpp/src/Makefile.in b/lang/cpp/src/Makefile.in
index 27bf982..21b259d 100644
--- a/lang/cpp/src/Makefile.in
+++ b/lang/cpp/src/Makefile.in
@@ -15,7 +15,8 @@
 @SET_MAKE@
 
 # Makefile.am for GPGMEPP.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGMEPP.
 #
@@ -382,7 +383,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/lang/cpp/src/callbacks.cpp b/lang/cpp/src/callbacks.cpp
index 3631c53..f7692a0 100644
--- a/lang/cpp/src/callbacks.cpp
+++ b/lang/cpp/src/callbacks.cpp
@@ -1,6 +1,8 @@
 /*
   callbacks.cpp - callback targets for internal use:
   Copyright (C) 2003,2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/callbacks.h b/lang/cpp/src/callbacks.h
index 4206637..a2c6e1b 100644
--- a/lang/cpp/src/callbacks.h
+++ b/lang/cpp/src/callbacks.h
@@ -1,6 +1,8 @@
 /*
   callbacks.h - callback targets for internal use:
   Copyright (C) 2003 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/configuration.cpp b/lang/cpp/src/configuration.cpp
index 293746a..8ccc05e 100644
--- a/lang/cpp/src/configuration.cpp
+++ b/lang/cpp/src/configuration.cpp
@@ -1,6 +1,8 @@
 /*
   configuration.cpp - wraps gpgme configuration components
   Copyright (C) 2010 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/configuration.h b/lang/cpp/src/configuration.h
index 288a410..6993b6d 100644
--- a/lang/cpp/src/configuration.h
+++ b/lang/cpp/src/configuration.h
@@ -1,6 +1,8 @@
 /*
   configuration.h - wraps gpgme configuration components
   Copyright (C) 2010 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
@@ -93,8 +95,8 @@ class GPGMEPP_EXPORT Component
 {
 public:
     Component() : comp() {}
-    explicit Component(const shared_gpgme_conf_comp_t &comp)
-        : comp(comp) {}
+    explicit Component(const shared_gpgme_conf_comp_t &gpgme_comp)
+        : comp(gpgme_comp) {}
 
     // copy ctor is ok
 
@@ -144,8 +146,8 @@ class GPGMEPP_EXPORT Option
 {
 public:
     Option() : comp(), opt(0) {}
-    Option(const shared_gpgme_conf_comp_t &comp, gpgme_conf_opt_t opt)
-        : comp(comp), opt(opt) {}
+    Option(const shared_gpgme_conf_comp_t &gpgme_comp, gpgme_conf_opt_t gpgme_opt)
+        : comp(gpgme_comp), opt(gpgme_opt) {}
 
     const Option &operator=(const Option &other)
     {
diff --git a/lang/cpp/src/context.cpp b/lang/cpp/src/context.cpp
index 77962d8..135e4d5 100644
--- a/lang/cpp/src/context.cpp
+++ b/lang/cpp/src/context.cpp
@@ -1404,6 +1404,38 @@ Error Context::setTofuPolicyStart(const Key &k, unsigned int policy)
                  k.impl(), to_tofu_policy_t(policy)));
 }
 
+Error Context::startCreateKey (const char *userid,
+                               const char *algo,
+                               unsigned long reserved,
+                               unsigned long expires,
+                               const Key &certkey,
+                               unsigned int flags)
+{
+    return Error(d->lasterr = gpgme_op_createkey_start(d->ctx,
+                 userid,
+                 algo,
+                 reserved,
+                 expires,
+                 certkey.impl(),
+                 flags));
+}
+
+Error Context::createKey (const char *userid,
+                          const char *algo,
+                          unsigned long reserved,
+                          unsigned long expires,
+                          const Key &certkey,
+                          unsigned int flags)
+{
+    return Error(d->lasterr = gpgme_op_createkey(d->ctx,
+                 userid,
+                 algo,
+                 reserved,
+                 expires,
+                 certkey.impl(),
+                 flags));
+}
+
 Error Context::addUid(const Key &k, const char *userid)
 {
     return Error(d->lasterr = gpgme_op_adduid(d->ctx,
@@ -1428,6 +1460,24 @@ Error Context::startRevUid(const Key &k, const char *userid)
                  k.impl(), userid, 0));
 }
 
+Error Context::createSubkey(const Key &k, const char *algo,
+                            unsigned long reserved,
+                            unsigned long expires,
+                            unsigned int flags)
+{
+    return Error(d->lasterr = gpgme_op_createsubkey(d->ctx,
+                 k.impl(), algo, reserved, expires, flags));
+}
+
+Error Context::startCreateSubkey(const Key &k, const char *algo,
+                                 unsigned long reserved,
+                                 unsigned long expires,
+                                 unsigned int flags)
+{
+    return Error(d->lasterr = gpgme_op_createsubkey_start(d->ctx,
+                 k.impl(), algo, reserved, expires, flags));
+}
+
 // Engine Spawn stuff
 Error Context::spawn(const char *file, const char *argv[],
                      Data &input, Data &output, Data &err,
diff --git a/lang/cpp/src/context.h b/lang/cpp/src/context.h
index bec4e39..4cd5b30 100644
--- a/lang/cpp/src/context.h
+++ b/lang/cpp/src/context.h
@@ -214,12 +214,38 @@ public:
     GpgME::Error edit(const Key &key, std::unique_ptr<EditInteractor> function, Data &out);
     GpgME::Error startEditing(const Key &key, std::unique_ptr<EditInteractor> function, Data &out);
 
+
+    //
+    // Modern Interface actions. Require 2.1.x
+    //
+    Error startCreateKey (const char *userid,
+                          const char *algo,
+                          unsigned long reserved,
+                          unsigned long expires,
+                          const Key &certkey,
+                          unsigned int flags);
+    Error createKey (const char *userid,
+                     const char *algo,
+                     unsigned long reserved,
+                     unsigned long expires,
+                     const Key &certkey,
+                     unsigned int flags);
+
     Error addUid(const Key &key, const char *userid);
     Error startAddUid(const Key &key, const char *userid);
 
     Error revUid(const Key &key, const char *userid);
     Error startRevUid(const Key &key, const char *userid);
 
+    Error createSubkey(const Key &key, const char *algo,
+                       unsigned long reserved = 0,
+                       unsigned long expires = 0,
+                       unsigned int flags = 0);
+    Error startCreateSubkey(const Key &key, const char *algo,
+                            unsigned long reserved = 0,
+                            unsigned long expires = 0,
+                            unsigned int flags = 0);
+
     // using TofuInfo::Policy
     Error setTofuPolicy(const Key &k, unsigned int policy);
     Error setTofuPolicyStart(const Key &k, unsigned int policy);
diff --git a/lang/cpp/src/context_p.h b/lang/cpp/src/context_p.h
index d53da0a..6b0a080 100644
--- a/lang/cpp/src/context_p.h
+++ b/lang/cpp/src/context_p.h
@@ -1,6 +1,8 @@
 /*
   context_p.h - wraps a gpgme context (private part)
   Copyright (C) 2003, 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/context_vanilla.cpp b/lang/cpp/src/context_vanilla.cpp
index 77a488a..60ddea2 100644
--- a/lang/cpp/src/context_vanilla.cpp
+++ b/lang/cpp/src/context_vanilla.cpp
@@ -1,6 +1,8 @@
 /*
   context_vanilla.cpp - wraps a gpgme key context, gpgme (vanilla)-specific functions
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/data_p.h b/lang/cpp/src/data_p.h
index 38ba55a..493b754 100644
--- a/lang/cpp/src/data_p.h
+++ b/lang/cpp/src/data_p.h
@@ -1,6 +1,8 @@
 /*
   data_p.h - wraps a gpgme data object, private part -*- c++ -*-
   Copyright (C) 2003,2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/decryptionresult.cpp b/lang/cpp/src/decryptionresult.cpp
index f59d24c..1e815cb 100644
--- a/lang/cpp/src/decryptionresult.cpp
+++ b/lang/cpp/src/decryptionresult.cpp
@@ -1,6 +1,8 @@
 /*
   decryptionresult.cpp - wraps a gpgme keygen result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
@@ -108,6 +110,11 @@ bool GpgME::DecryptionResult::isWrongKeyUsage() const
     return d && d->res.wrong_key_usage;
 }
 
+bool GpgME::DecryptionResult::isDeVs() const
+{
+    return d && d->res.is_de_vs;
+}
+
 const char *GpgME::DecryptionResult::fileName() const
 {
     return d ? d->res.file_name : 0 ;
@@ -223,6 +230,7 @@ std::ostream &GpgME::operator<<(std::ostream &os, const DecryptionResult &result
            << "\n fileName:             " << protect(result.fileName())
            << "\n unsupportedAlgorithm: " << protect(result.unsupportedAlgorithm())
            << "\n isWrongKeyUsage:      " << result.isWrongKeyUsage()
+           << "\n isDeVs                " << result.isDeVs()
            << "\n recipients:\n";
         const std::vector<DecryptionResult::Recipient> recipients = result.recipients();
         std::copy(recipients.begin(), recipients.end(),
diff --git a/lang/cpp/src/decryptionresult.h b/lang/cpp/src/decryptionresult.h
index 60b78d9..57705b4 100644
--- a/lang/cpp/src/decryptionresult.h
+++ b/lang/cpp/src/decryptionresult.h
@@ -1,6 +1,8 @@
 /*
   decryptionresult.h - wraps a gpgme keygen result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
@@ -71,6 +73,7 @@ public:
         return isWrongKeyUsage();
     }
     bool isWrongKeyUsage() const;
+    bool isDeVs() const;
 
     const char *fileName() const;
 
diff --git a/lang/cpp/src/defaultassuantransaction.cpp b/lang/cpp/src/defaultassuantransaction.cpp
index 549092d..2184f04 100644
--- a/lang/cpp/src/defaultassuantransaction.cpp
+++ b/lang/cpp/src/defaultassuantransaction.cpp
@@ -1,6 +1,8 @@
 /*
   defaultassuantransaction.cpp - default Assuan Transaction that just stores data and status lines
   Copyright (C) 2009 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/defaultassuantransaction.h b/lang/cpp/src/defaultassuantransaction.h
index bf4b839..f294ffe 100644
--- a/lang/cpp/src/defaultassuantransaction.h
+++ b/lang/cpp/src/defaultassuantransaction.h
@@ -1,6 +1,8 @@
 /*
   defaultassuantransaction.h - default Assuan Transaction that just stores data and status lines
   Copyright (C) 2009 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/editinteractor.cpp b/lang/cpp/src/editinteractor.cpp
index b652bda..3e29488 100644
--- a/lang/cpp/src/editinteractor.cpp
+++ b/lang/cpp/src/editinteractor.cpp
@@ -1,6 +1,8 @@
 /*
   editinteractor.cpp - Interface for edit interactors
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/editinteractor.h b/lang/cpp/src/editinteractor.h
index 2122052..247bf8c 100644
--- a/lang/cpp/src/editinteractor.h
+++ b/lang/cpp/src/editinteractor.h
@@ -1,6 +1,8 @@
 /*
   editinteractor.h - Interface for edit interactors
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/encryptionresult.cpp b/lang/cpp/src/encryptionresult.cpp
index b4298d7..33365cd 100644
--- a/lang/cpp/src/encryptionresult.cpp
+++ b/lang/cpp/src/encryptionresult.cpp
@@ -1,6 +1,8 @@
 /*
   encryptionresult.cpp - wraps a gpgme verify result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/encryptionresult.h b/lang/cpp/src/encryptionresult.h
index edc400f..312dfec 100644
--- a/lang/cpp/src/encryptionresult.h
+++ b/lang/cpp/src/encryptionresult.h
@@ -1,6 +1,8 @@
 /*
   encryptionresult.h - wraps a gpgme sign result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/engineinfo.cpp b/lang/cpp/src/engineinfo.cpp
index 763aab9..1a66ced 100644
--- a/lang/cpp/src/engineinfo.cpp
+++ b/lang/cpp/src/engineinfo.cpp
@@ -1,6 +1,8 @@
 /*
   engineinfo.h
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/engineinfo.h b/lang/cpp/src/engineinfo.h
index aa6fcca..cd1b7a7 100644
--- a/lang/cpp/src/engineinfo.h
+++ b/lang/cpp/src/engineinfo.h
@@ -1,6 +1,8 @@
 /*
   engineinfo.h
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
@@ -69,13 +71,13 @@ public:
 
         bool operator < (const Version& other)
         {
-            if (major < other.major)
-                return true;
-            if (minor < other.minor)
-                return true;
-            if (patch < other.patch)
-                return true;
-            return false;
+            if (major > other.major ||
+                (major == other.major && minor > other.minor) ||
+                (major == other.major && minor == other.minor && patch > other.patch) ||
+                (major >= other.major && minor >= other.minor && patch >= other.patch)) {
+                return false;
+            }
+            return true;
         }
 
         bool operator < (const char* other)
@@ -83,6 +85,15 @@ public:
             return operator<(Version(other));
         }
 
+        bool operator > (const char* other)
+        {
+            return !operator<(Version(other));
+        }
+
+        bool operator > (const Version & other)
+        {
+            return !operator<(other);
+        }
         bool operator == (const Version& other)
         {
             return major == other.major
diff --git a/lang/cpp/src/error.h b/lang/cpp/src/error.h
index 009fe20..d136704 100644
--- a/lang/cpp/src/error.h
+++ b/lang/cpp/src/error.h
@@ -1,6 +1,8 @@
 /*
   error.h - wraps a gpgme error
   Copyright (C) 2003, 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/eventloopinteractor.cpp b/lang/cpp/src/eventloopinteractor.cpp
index 7faa50c..a30b793 100644
--- a/lang/cpp/src/eventloopinteractor.cpp
+++ b/lang/cpp/src/eventloopinteractor.cpp
@@ -1,6 +1,8 @@
 /*
   eventloopinteractor.cpp
   Copyright (C) 2003,2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/eventloopinteractor.h b/lang/cpp/src/eventloopinteractor.h
index 94821d6..79f6b63 100644
--- a/lang/cpp/src/eventloopinteractor.h
+++ b/lang/cpp/src/eventloopinteractor.h
@@ -1,6 +1,8 @@
 /*
   eventloopinteractor.h
   Copyright (C) 2003,2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/exception.cpp b/lang/cpp/src/exception.cpp
index cf42f91..7751c3e 100644
--- a/lang/cpp/src/exception.cpp
+++ b/lang/cpp/src/exception.cpp
@@ -1,6 +1,8 @@
 /*
   exception.cpp - exception wrapping a gpgme error
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/exception.h b/lang/cpp/src/exception.h
index 8f40b0e..85169d8 100644
--- a/lang/cpp/src/exception.h
+++ b/lang/cpp/src/exception.h
@@ -1,6 +1,8 @@
 /*
   exception.h - exception wrapping a gpgme error
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/global.h b/lang/cpp/src/global.h
index 15cc027..38cfd4c 100644
--- a/lang/cpp/src/global.h
+++ b/lang/cpp/src/global.h
@@ -1,6 +1,8 @@
 /*
   global.h - global gpgme functions and enums
   Copyright (C) 2003, 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgadduserideditinteractor.cpp b/lang/cpp/src/gpgadduserideditinteractor.cpp
index f7851a5..593ac58 100644
--- a/lang/cpp/src/gpgadduserideditinteractor.cpp
+++ b/lang/cpp/src/gpgadduserideditinteractor.cpp
@@ -1,6 +1,8 @@
 /*
   gpgadduserideditinteractor.cpp - Edit Interactor to add a new UID to an OpenPGP key
   Copyright (C) 2008 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgadduserideditinteractor.h b/lang/cpp/src/gpgadduserideditinteractor.h
index 12b6e46..10cac08 100644
--- a/lang/cpp/src/gpgadduserideditinteractor.h
+++ b/lang/cpp/src/gpgadduserideditinteractor.h
@@ -1,6 +1,8 @@
 /*
   gpgadduserideditinteractor.h - Edit Interactor to add a new UID to an OpenPGP key
   Copyright (C) 2008 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgagentgetinfoassuantransaction.cpp b/lang/cpp/src/gpgagentgetinfoassuantransaction.cpp
index 4b30b31..a05ff96 100644
--- a/lang/cpp/src/gpgagentgetinfoassuantransaction.cpp
+++ b/lang/cpp/src/gpgagentgetinfoassuantransaction.cpp
@@ -1,6 +1,8 @@
 /*
   gpgagentgetinfoassuantransaction.cpp - Assuan Transaction to get information from gpg-agent
   Copyright (C) 2009 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgagentgetinfoassuantransaction.h b/lang/cpp/src/gpgagentgetinfoassuantransaction.h
index 9e3e958..1bc5016 100644
--- a/lang/cpp/src/gpgagentgetinfoassuantransaction.h
+++ b/lang/cpp/src/gpgagentgetinfoassuantransaction.h
@@ -1,6 +1,8 @@
 /*
   gpgagentgetinfoassuantransaction.h - Assuan Transaction to get information from gpg-agent
   Copyright (C) 2009 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpggencardkeyinteractor.cpp b/lang/cpp/src/gpggencardkeyinteractor.cpp
index 90329e2..6f42e47 100644
--- a/lang/cpp/src/gpggencardkeyinteractor.cpp
+++ b/lang/cpp/src/gpggencardkeyinteractor.cpp
@@ -1,6 +1,7 @@
 /*
   gpggencardkeyinteractor.cpp - Edit Interactor to generate a key on a card
-  Copyright (C) 2017 Intevation GmbH
+  Copyright (C) 2017 by Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpggencardkeyinteractor.h b/lang/cpp/src/gpggencardkeyinteractor.h
index c6b17d1..7cc2216 100644
--- a/lang/cpp/src/gpggencardkeyinteractor.h
+++ b/lang/cpp/src/gpggencardkeyinteractor.h
@@ -1,6 +1,7 @@
 /*
   gpggencardkeyinteractor.h - Edit Interactor to generate a key on a card
-  Copyright (C) 2017 Intevation GmbH
+  Copyright (C) 2017 by Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgmefw.h b/lang/cpp/src/gpgmefw.h
index e3c9b18..fdad7bf 100644
--- a/lang/cpp/src/gpgmefw.h
+++ b/lang/cpp/src/gpgmefw.h
@@ -1,6 +1,8 @@
 /*
   gpgmefw.h - Forwards declarations for gpgme (0.3 and 0.4)
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgmepp_export.h b/lang/cpp/src/gpgmepp_export.h
index d660310..0e5302f 100644
--- a/lang/cpp/src/gpgmepp_export.h
+++ b/lang/cpp/src/gpgmepp_export.h
@@ -1,5 +1,6 @@
 /*gpgmepp_export.h - Export macros for gpgmepp
-  Copyright (C) 2016, Intevation GmbH
+  Copyright (C) 2016, by Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgsetexpirytimeeditinteractor.cpp b/lang/cpp/src/gpgsetexpirytimeeditinteractor.cpp
index 5e8ba80..7aebe73 100644
--- a/lang/cpp/src/gpgsetexpirytimeeditinteractor.cpp
+++ b/lang/cpp/src/gpgsetexpirytimeeditinteractor.cpp
@@ -1,6 +1,8 @@
 /*
   gpgsetexpirytimeeditinteractor.cpp - Edit Interactor to change the expiry time of an OpenPGP key
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgsetexpirytimeeditinteractor.h b/lang/cpp/src/gpgsetexpirytimeeditinteractor.h
index 670b445..6a4c737 100644
--- a/lang/cpp/src/gpgsetexpirytimeeditinteractor.h
+++ b/lang/cpp/src/gpgsetexpirytimeeditinteractor.h
@@ -1,6 +1,8 @@
 /*
   gpgsetexpirytimeeditinteractor.h - Edit Interactor to change the expiry time of an OpenPGP key
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgsetownertrusteditinteractor.cpp b/lang/cpp/src/gpgsetownertrusteditinteractor.cpp
index 581605f..7525fd8 100644
--- a/lang/cpp/src/gpgsetownertrusteditinteractor.cpp
+++ b/lang/cpp/src/gpgsetownertrusteditinteractor.cpp
@@ -1,6 +1,8 @@
 /*
   gpgsetownertrusteditinteractor.cpp - Edit Interactor to change the expiry time of an OpenPGP key
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgsetownertrusteditinteractor.h b/lang/cpp/src/gpgsetownertrusteditinteractor.h
index caf29ee..9cec77e 100644
--- a/lang/cpp/src/gpgsetownertrusteditinteractor.h
+++ b/lang/cpp/src/gpgsetownertrusteditinteractor.h
@@ -1,6 +1,8 @@
 /*
   gpgsetownertrusteditinteractor.h - Edit Interactor to change the owner trust of an OpenPGP key
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/gpgsignkeyeditinteractor.cpp b/lang/cpp/src/gpgsignkeyeditinteractor.cpp
index 7effc64..79691bc 100644
--- a/lang/cpp/src/gpgsignkeyeditinteractor.cpp
+++ b/lang/cpp/src/gpgsignkeyeditinteractor.cpp
@@ -1,6 +1,8 @@
 /*
   gpgsignkeyeditinteractor.cpp - Edit Interactor to change the expiry time of an OpenPGP key
   Copyright (C) 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
@@ -156,6 +158,7 @@ enum SignKeyState {
     SET_TRUST_DEPTH,
     SET_TRUST_REGEXP,
     CONFIRM,
+    CONFIRM2,
     QUIT,
     SAVE,
     ERROR = EditInteractor::ErrorState
@@ -180,6 +183,7 @@ static GpgSignKeyEditInteractor_Private::TransitionMap makeTable()
     addEntry(START, GET_LINE, "keyedit.prompt", COMMAND);
     addEntry(COMMAND, GET_BOOL, "keyedit.sign_all.okay", UIDS_ANSWER_SIGN_ALL);
     addEntry(COMMAND, GET_BOOL, "sign_uid.okay", CONFIRM);
+    addEntry(COMMAND, GET_BOOL, "sign_uid.local_promote_okay", CONFIRM2);
     addEntry(UIDS_ANSWER_SIGN_ALL, GET_BOOL, "sign_uid.okay", CONFIRM);
     addEntry(UIDS_ANSWER_SIGN_ALL, GET_LINE, "sign_uid.expire", SET_EXPIRE);
     addEntry(UIDS_ANSWER_SIGN_ALL, GET_LINE, "sign_uid.class", SET_CHECK_LEVEL);
@@ -190,6 +194,7 @@ static GpgSignKeyEditInteractor_Private::TransitionMap makeTable()
     addEntry(SET_EXPIRE, GET_BOOL, "sign_uid.class", SET_CHECK_LEVEL);
     addEntry(CONFIRM, GET_BOOL, "sign_uid.local_promote_okay", CONFIRM);
     addEntry(CONFIRM, GET_BOOL, "sign_uid.okay", CONFIRM);
+    addEntry(CONFIRM2, GET_BOOL, "sign_uid.okay", CONFIRM);
     addEntry(CONFIRM, GET_LINE, "keyedit.prompt", COMMAND);
     addEntry(CONFIRM, GET_LINE, "trustsign_prompt.trust_value", SET_TRUST_VALUE);
     addEntry(CONFIRM, GET_LINE, "sign_uid.expire", SET_EXPIRE);
@@ -231,6 +236,7 @@ const char *GpgSignKeyEditInteractor::action(Error &err) const
         return 0;
     case SET_CHECK_LEVEL:
         return check_level_strings[d->checkLevel];
+    case CONFIRM2:
     case CONFIRM:
         return answer(true);
     case QUIT:
diff --git a/lang/cpp/src/gpgsignkeyeditinteractor.h b/lang/cpp/src/gpgsignkeyeditinteractor.h
index 47ff8e5..f6cb473 100644
--- a/lang/cpp/src/gpgsignkeyeditinteractor.h
+++ b/lang/cpp/src/gpgsignkeyeditinteractor.h
@@ -1,6 +1,8 @@
 /*
   gpgsignkeyeditinteractor.h - Edit Interactor to change the owner trust of an OpenPGP key
   Copyright (C) 2008 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/importresult.cpp b/lang/cpp/src/importresult.cpp
index 4329fc0..8c35f9c 100644
--- a/lang/cpp/src/importresult.cpp
+++ b/lang/cpp/src/importresult.cpp
@@ -1,6 +1,8 @@
 /*
   importresult.cpp - wraps a gpgme import result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/importresult.h b/lang/cpp/src/importresult.h
index adda80a..2f0e7f2 100644
--- a/lang/cpp/src/importresult.h
+++ b/lang/cpp/src/importresult.h
@@ -1,6 +1,8 @@
 /*
   importresult.h - wraps a gpgme import result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/interfaces/assuantransaction.h b/lang/cpp/src/interfaces/assuantransaction.h
index a382b05..0d0dccc 100644
--- a/lang/cpp/src/interfaces/assuantransaction.h
+++ b/lang/cpp/src/interfaces/assuantransaction.h
@@ -1,6 +1,8 @@
 /*
   assuantransaction.h - Interface for ASSUAN transactions
-  Copyright (C) 2009 Klarälvdalens Datakonsult AB <info@kdab.com>
+  Copyright (C) 2009 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH <info@kdab.com>
   Author: Marc Mutz <marc@kdab.com>
 
   This file is part of GPGME++.
diff --git a/lang/cpp/src/interfaces/dataprovider.h b/lang/cpp/src/interfaces/dataprovider.h
index 166bb4e..c8f387d 100644
--- a/lang/cpp/src/interfaces/dataprovider.h
+++ b/lang/cpp/src/interfaces/dataprovider.h
@@ -1,6 +1,8 @@
 /*
   interface/dataprovider.h - Interface for data sources
   Copyright (C) 2003 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/interfaces/passphraseprovider.h b/lang/cpp/src/interfaces/passphraseprovider.h
index 5275e44..c97aa54 100644
--- a/lang/cpp/src/interfaces/passphraseprovider.h
+++ b/lang/cpp/src/interfaces/passphraseprovider.h
@@ -1,6 +1,8 @@
 /*
   interface/passphraseprovider.h - Interface for passphrase callbacks
   Copyright (C) 2003,2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/interfaces/progressprovider.h b/lang/cpp/src/interfaces/progressprovider.h
index 78bbdd7..ef4ca3c 100644
--- a/lang/cpp/src/interfaces/progressprovider.h
+++ b/lang/cpp/src/interfaces/progressprovider.h
@@ -1,6 +1,8 @@
 /*
   interface/progressprovider.h - Interface for progress reports
   Copyright (C) 2003 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/key.cpp b/lang/cpp/src/key.cpp
index 31e59e1..66fdea9 100644
--- a/lang/cpp/src/key.cpp
+++ b/lang/cpp/src/key.cpp
@@ -236,7 +236,18 @@ bool Key::isQualified() const
 
 bool Key::isDeVs() const
 {
-    return key && key->subkeys && key->subkeys->is_de_vs;
+    if (!key) {
+        return false;
+    }
+    if (!key->subkeys || !key->subkeys->is_de_vs) {
+        return false;
+    }
+    for (gpgme_sub_key_t subkey = key->subkeys ; subkey ; subkey = subkey->next) {
+        if (!subkey->is_de_vs) {
+            return false;
+        }
+    }
+    return true;
 }
 
 const char *Key::issuerSerial() const
diff --git a/lang/cpp/src/keygenerationresult.cpp b/lang/cpp/src/keygenerationresult.cpp
index 52d5222..ebbb3b9 100644
--- a/lang/cpp/src/keygenerationresult.cpp
+++ b/lang/cpp/src/keygenerationresult.cpp
@@ -1,6 +1,8 @@
 /*
   keygenerationresult.cpp - wraps a gpgme keygen result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/keygenerationresult.h b/lang/cpp/src/keygenerationresult.h
index c35c504..a92151b 100644
--- a/lang/cpp/src/keygenerationresult.h
+++ b/lang/cpp/src/keygenerationresult.h
@@ -1,6 +1,8 @@
 /*
   keygenerationresult.h - wraps a gpgme keygen result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/keylistresult.cpp b/lang/cpp/src/keylistresult.cpp
index e6fb77f..6e6b001 100644
--- a/lang/cpp/src/keylistresult.cpp
+++ b/lang/cpp/src/keylistresult.cpp
@@ -1,6 +1,8 @@
 /*
   keylistresult.cpp - wraps a gpgme keylist result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/keylistresult.h b/lang/cpp/src/keylistresult.h
index 7dfe2d7..d0a8690 100644
--- a/lang/cpp/src/keylistresult.h
+++ b/lang/cpp/src/keylistresult.h
@@ -1,6 +1,8 @@
 /*
   keylistresult.h - wraps a gpgme keylist result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/notation.h b/lang/cpp/src/notation.h
index 807bdaa..5b89214 100644
--- a/lang/cpp/src/notation.h
+++ b/lang/cpp/src/notation.h
@@ -1,6 +1,8 @@
 /*
   notation.h - wraps a gpgme verify result
   Copyright (C) 2004, 2007 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/result.h b/lang/cpp/src/result.h
index a86d81f..5ed52a8 100644
--- a/lang/cpp/src/result.h
+++ b/lang/cpp/src/result.h
@@ -1,6 +1,8 @@
 /*
   result.h - base class for results
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/result_p.h b/lang/cpp/src/result_p.h
index 0cf73e4..70c45c4 100644
--- a/lang/cpp/src/result_p.h
+++ b/lang/cpp/src/result_p.h
@@ -1,6 +1,8 @@
 /*
   result.h - base class for results
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/scdgetinfoassuantransaction.cpp b/lang/cpp/src/scdgetinfoassuantransaction.cpp
index fb59bcc..c2fbeed 100644
--- a/lang/cpp/src/scdgetinfoassuantransaction.cpp
+++ b/lang/cpp/src/scdgetinfoassuantransaction.cpp
@@ -1,6 +1,8 @@
 /*
   scdgetinfoassuantransaction.cpp - Assuan Transaction to get information from scdaemon
   Copyright (C) 2009 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/scdgetinfoassuantransaction.h b/lang/cpp/src/scdgetinfoassuantransaction.h
index a22a0ff..ef80530 100644
--- a/lang/cpp/src/scdgetinfoassuantransaction.h
+++ b/lang/cpp/src/scdgetinfoassuantransaction.h
@@ -1,6 +1,8 @@
 /*
   scdgetinfoassuantransaction.h - Assuan Transaction to get information from scdaemon
   Copyright (C) 2009 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/signingresult.cpp b/lang/cpp/src/signingresult.cpp
index 3252c03..6a5231f 100644
--- a/lang/cpp/src/signingresult.cpp
+++ b/lang/cpp/src/signingresult.cpp
@@ -1,6 +1,8 @@
 /*
   signingresult.cpp - wraps a gpgme verify result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/signingresult.h b/lang/cpp/src/signingresult.h
index 2c27454..c6654fc 100644
--- a/lang/cpp/src/signingresult.h
+++ b/lang/cpp/src/signingresult.h
@@ -1,6 +1,8 @@
 /*
   signingresult.h - wraps a gpgme sign result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/swdbresult.cpp b/lang/cpp/src/swdbresult.cpp
index 3afa8b5..202a107 100644
--- a/lang/cpp/src/swdbresult.cpp
+++ b/lang/cpp/src/swdbresult.cpp
@@ -1,5 +1,6 @@
 /* swdbresult.cpp - wraps gpgme swdb result / query
-  Copyright (C) 2016 Intevation GmbH
+  Copyright (C) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/swdbresult.h b/lang/cpp/src/swdbresult.h
index e15954d..d13b57c 100644
--- a/lang/cpp/src/swdbresult.h
+++ b/lang/cpp/src/swdbresult.h
@@ -1,6 +1,7 @@
 /*
   swdbresult.h - wraps a gpgme swdb query / rsult
-  Copyright (C) 2016 Intevation GmbH
+  Copyright (C) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
@@ -86,7 +87,7 @@ public:
     /* The time the online info was retrieved.  */
     unsigned long retrieved() const;
 
-    /* This bit is set if an error occured or some of the information
+    /* This bit is set if an error occurred or some of the information
      * in this structure may not be set.  */
     bool warning() const;
 
diff --git a/lang/cpp/src/tofuinfo.cpp b/lang/cpp/src/tofuinfo.cpp
index a10a3cb..f0132f7 100644
--- a/lang/cpp/src/tofuinfo.cpp
+++ b/lang/cpp/src/tofuinfo.cpp
@@ -1,5 +1,6 @@
 /* tofuinfo.cpp - wraps gpgme tofu info
-  Copyright (C) 2016 Intevation GmbH
+  Copyright (C) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/tofuinfo.h b/lang/cpp/src/tofuinfo.h
index 7165d05..5bb024f 100644
--- a/lang/cpp/src/tofuinfo.h
+++ b/lang/cpp/src/tofuinfo.h
@@ -1,6 +1,7 @@
 /*
   tofuinfo.h - wraps gpgme tofu info
-  Copyright (C) 2016 Intevation GmbH
+  Copyright (C) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/trustitem.cpp b/lang/cpp/src/trustitem.cpp
index 0565030..c29c0f4 100644
--- a/lang/cpp/src/trustitem.cpp
+++ b/lang/cpp/src/trustitem.cpp
@@ -1,6 +1,8 @@
 /*
   trustitem.cpp - wraps a gpgme trust item
   Copyright (C) 2003 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME.
 
diff --git a/lang/cpp/src/trustitem.h b/lang/cpp/src/trustitem.h
index 65f109c..ad2a4a6 100644
--- a/lang/cpp/src/trustitem.h
+++ b/lang/cpp/src/trustitem.h
@@ -1,6 +1,8 @@
 /*
   trustitem.h - wraps a gpgme trust item
   Copyright (C) 2003 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME.
 
diff --git a/lang/cpp/src/util.h b/lang/cpp/src/util.h
index b0d47e3..4495cc0 100644
--- a/lang/cpp/src/util.h
+++ b/lang/cpp/src/util.h
@@ -1,6 +1,8 @@
 /*
   util.h - some inline helper functions
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
diff --git a/lang/cpp/src/verificationresult.cpp b/lang/cpp/src/verificationresult.cpp
index 42e483c..2c42d07 100644
--- a/lang/cpp/src/verificationresult.cpp
+++ b/lang/cpp/src/verificationresult.cpp
@@ -1,6 +1,8 @@
 /*
   verificationresult.cpp - wraps a gpgme verify result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
@@ -276,6 +278,11 @@ bool GpgME::Signature::isVerifiedUsingChainModel() const
     return !isNull() && d->sigs[idx]->chain_model;
 }
 
+bool GpgME::Signature::isDeVs() const
+{
+    return !isNull() && d->sigs[idx]->is_de_vs;
+}
+
 GpgME::Signature::PKAStatus GpgME::Signature::pkaStatus() const
 {
     if (!isNull()) {
@@ -583,6 +590,7 @@ std::ostream &GpgME::operator<<(std::ostream &os, const Signature &sig)
            << "\n publicKeyAlgorithm:        " << protect(sig.publicKeyAlgorithmAsString())
            << "\n hashAlgorithm:             " << protect(sig.hashAlgorithmAsString())
            << "\n policyURL:                 " << protect(sig.policyURL())
+           << "\n isDeVs                     " << sig.isDeVs()
            << "\n notations:\n";
         const std::vector<Notation> nota = sig.notations();
         std::copy(nota.begin(), nota.end(),
diff --git a/lang/cpp/src/verificationresult.h b/lang/cpp/src/verificationresult.h
index b6d1d8c..3f6299c 100644
--- a/lang/cpp/src/verificationresult.h
+++ b/lang/cpp/src/verificationresult.h
@@ -1,6 +1,8 @@
 /*
   verificationresult.h - wraps a gpgme verify result
   Copyright (C) 2004 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH
 
   This file is part of GPGME++.
 
@@ -134,6 +136,7 @@ public:
     }
     bool isWrongKeyUsage() const;
     bool isVerifiedUsingChainModel() const;
+    bool isDeVs() const;
 
     enum PKAStatus {
         UnknownPKAStatus, PKAVerificationFailed, PKAVerificationSucceeded
diff --git a/lang/cpp/src/vfsmountresult.cpp b/lang/cpp/src/vfsmountresult.cpp
index d3607d1..60faa38 100644
--- a/lang/cpp/src/vfsmountresult.cpp
+++ b/lang/cpp/src/vfsmountresult.cpp
@@ -1,6 +1,8 @@
 /*
   vfsmountresult.cpp - wraps a gpgme vfs mount result
-  Copyright (C) 2009 Klarälvdalens Datakonsult AB <info@kdab.com>
+  Copyright (C) 2009 Klarälvdalens Datakonsult AB
+  2016 Bundesamt für Sicherheit in der Informationstechnik
+  Software engineering by Intevation GmbH <info@kdab.com>
   Author: Marc Mutz <marc@kdab.com>, Volker Krause <volker@kdab.com>
 
   This file is part of GPGME++.
diff --git a/lang/python/MANIFEST.in b/lang/python/MANIFEST.in
index 8f63640..c34e84a 100644
--- a/lang/python/MANIFEST.in
+++ b/lang/python/MANIFEST.in
@@ -1,4 +1,5 @@
 recursive-include examples *.py
-include gpgme-h-clean.py gpgme.i
+include gpgme.i
 include helpers.c helpers.h private.h
+include version.py
 recursive-include gpg *.py
diff --git a/lang/python/Makefile.am b/lang/python/Makefile.am
index d91ead9..8d74cbd 100644
--- a/lang/python/Makefile.am
+++ b/lang/python/Makefile.am
@@ -21,72 +21,53 @@ EXTRA_DIST = \
 	MANIFEST.in \
 	gpgme.i \
 	helpers.c helpers.h private.h \
-	gpgme-h-clean.py \
 	examples \
-	gpg
+	src
 
 SUBDIRS = . tests
 
-COPY_FILES = \
-	$(srcdir)/gpgme.i \
-	$(srcdir)/README \
-	$(srcdir)/MANIFEST.in \
-	$(srcdir)/gpgme-h-clean.py \
-	$(srcdir)/examples \
-	$(srcdir)/helpers.c $(srcdir)/helpers.h $(srcdir)/private.h
-
-COPY_FILES_GPG = \
-	$(srcdir)/gpg/callbacks.py \
-	$(srcdir)/gpg/constants \
-	$(srcdir)/gpg/core.py \
-	$(srcdir)/gpg/errors.py \
-	$(srcdir)/gpg/__init__.py \
-	$(srcdir)/gpg/results.py \
-	$(srcdir)/gpg/util.py
+.PHONY: prepare
+prepare: copystamp
 
 # For VPATH builds we need to copy some files because Python's
 # distutils are not VPATH-aware.
-copystamp: $(COPY_FILES) $(COPY_FILES_GPG)
-	set -e ; for VERSION in $(PYTHON_VERSIONS); do \
-	  $(MKDIR_P)              python$${VERSION}-gpg/gpg ; \
-	  cp -R $(COPY_FILES)     python$${VERSION}-gpg ; \
-	  cp setup.py             python$${VERSION}-gpg ; \
-	  cp gpg/version.py       python$${VERSION}-gpg/gpg ; \
-	  ln -sf "$(abs_top_srcdir)/src/data.h" python$${VERSION}-gpg ; \
-	  ln -sf "$(abs_top_builddir)/config.h" python$${VERSION}-gpg ; \
-	  cp -R $(COPY_FILES_GPG) python$${VERSION}-gpg/gpg ; \
-	done
+copystamp:
+	ln -sf "$(top_srcdir)/src/data.h" .
+	ln -sf "$(top_builddir)/config.h" .
+	ln -sf "$(srcdir)/src" gpg
 	touch $@
 
 all-local: copystamp
-	set -e ; set $(PYTHONS); for VERSION in $(PYTHON_VERSIONS); do \
-	  PYTHON="$$1" ; shift ; \
-	  cd python$${VERSION}-gpg && \
+	set -e ; for PYTHON in $(PYTHONS); do \
+	  CPP="$(CPP)" \
 	  CFLAGS="$(CFLAGS)" \
-	    $$PYTHON setup.py build --verbose ; \
-	  cd .. ; \
+	  srcdir="$(srcdir)" \
+	  top_builddir="$(top_builddir)" \
+	    $$PYTHON setup.py build --verbose --build-base="$$(basename "$${PYTHON}")-gpg" ; \
 	done
 
-python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \
 python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc: copystamp
-	cd python$(PYTHON_VERSION)-gpg && \
+	$(MKDIR_P) python$(PYTHON_VERSION)-gpg-dist
+	CPP="$(CPP)" \
 	CFLAGS="$(CFLAGS)" \
-	  $(PYTHON) setup.py sdist --verbose
-	gpg2 --detach-sign --armor python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz
-
-.PHONY: prepare
-prepare: copystamp
+	srcdir="$(srcdir)" \
+	top_builddir="$(top_builddir)" \
+	  $(PYTHON) setup.py sdist --verbose --dist-dir=python$(PYTHON_VERSION)-gpg-dist \
+		--manifest=python$(PYTHON_VERSION)-gpg-dist/MANIFEST
+	gpg2 --detach-sign --armor python$(PYTHON_VERSION)-gpg-dist/gpg-$(VERSION).tar.gz
 
 .PHONY: sdist
-sdist: python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \
-       python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc
+sdist:	python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc
 
 .PHONY: upload
-upload: python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \
-        python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc
+upload: python$(PYTHON_VERSION)-gpg-dist/gpg-$(VERSION).tar.gz \
+        python$(PYTHON_VERSION)-gpg-dist/gpg-$(VERSION).tar.gz.asc
 	twine upload $^
 
-CLEANFILES = copystamp
+CLEANFILES = copystamp \
+	config.h \
+	data.h \
+	gpg
 
 # Remove the rest.
 #
@@ -94,27 +75,28 @@ CLEANFILES = copystamp
 # permissions.
 clean-local:
 	rm -rf -- build
-	for VERSION in $(PYTHON_VERSIONS); do \
-	  find python$${VERSION}-gpg -type d ! -perm -200 -exec chmod u+w {} ';' ; \
-	  rm -rf -- python$${VERSION}-gpg ; \
+	for PYTHON in $(PYTHONS); do \
+	  find "$$(basename "$${PYTHON}")-gpg" -type d ! -perm -200 -exec chmod u+w {} ';' ; \
+	  rm -rf -- "$$(basename "$${PYTHON}")-gpg" ; \
 	done
 
 install-exec-local:
-	rm -f install_files.txt
-	set -e ; set $(PYTHONS); for VERSION in $(PYTHON_VERSIONS); do \
-	  PYTHON="$$1" ; shift ; \
-	  cd python$${VERSION}-gpg ; \
-	  $$PYTHON setup.py install \
-	  --prefix $(DESTDIR)$(prefix) \
-	  --record files.txt \
+	set -e ; for PYTHON in $(PYTHONS); do \
+	  CPP="$(CPP)" \
+	  CFLAGS="$(CFLAGS)" \
+	  srcdir="$(srcdir)" \
+	  top_builddir="$(top_builddir)" \
+	  $$PYTHON setup.py \
+	  build \
+	  --build-base="$$(basename "$${PYTHON}")-gpg" \
+	  install \
+	  --prefix "$(DESTDIR)$(prefix)" \
 	  --verbose ; \
-	  cat files.txt >> ../install_files.txt ; \
-	  rm files.txt ; \
-	  cd .. ; \
 	done
-	$(MKDIR_P) $(DESTDIR)$(pythondir)/gpg
-	mv install_files.txt $(DESTDIR)$(pythondir)/gpg
 
 uninstall-local:
-	xargs <$(DESTDIR)$(pythondir)/gpg/install_files.txt -- rm -rf --
-	rm -rf -- $(DESTDIR)$(pythondir)/gpg
+	set -x; GV=$$(echo $(VERSION) | tr - _); for PYTHON in $(PYTHONS); do \
+	  PLATLIB="$(prefix)/$$("$${PYTHON}" -c 'import sysconfig, os; print(os.path.relpath(sysconfig.get_path("platlib", scheme="posix_prefix"), sysconfig.get_config_var("prefix")))')" ; \
+	  rm -rf -- "$(DESTDIR)$${PLATLIB}/gpg" \
+		"$(DESTDIR)$${PLATLIB}"/gpg-$$GV-py*.egg-info ; \
+	done
diff --git a/lang/python/Makefile.in b/lang/python/Makefile.in
index 6c96f84..ae0334f 100644
--- a/lang/python/Makefile.in
+++ b/lang/python/Makefile.in
@@ -97,8 +97,8 @@ build_triplet = @build@
 host_triplet = @host@
 subdir = lang/python
 DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
-	$(top_srcdir)/build-aux/mkinstalldirs $(srcdir)/setup.py.in \
-	README
+	$(top_srcdir)/build-aux/mkinstalldirs $(srcdir)/version.py.in \
+	$(srcdir)/setup.py.in README
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_cxx_compile_stdcxx.m4 \
 	$(top_srcdir)/m4/ax_pkg_swig.m4 \
@@ -115,7 +115,7 @@ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
 mkinstalldirs = $(SHELL) $(top_srcdir)/build-aux/mkinstalldirs
 CONFIG_HEADER = $(top_builddir)/config.h
-CONFIG_CLEAN_FILES = setup.py
+CONFIG_CLEAN_FILES = version.py setup.py
 CONFIG_CLEAN_VPATH_FILES =
 AM_V_P = $(am__v_P_@AM_V@)
 am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
@@ -317,7 +317,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
@@ -398,29 +397,15 @@ EXTRA_DIST = \
 	MANIFEST.in \
 	gpgme.i \
 	helpers.c helpers.h private.h \
-	gpgme-h-clean.py \
 	examples \
-	gpg
+	src
 
 SUBDIRS = . tests
-COPY_FILES = \
-	$(srcdir)/gpgme.i \
-	$(srcdir)/README \
-	$(srcdir)/MANIFEST.in \
-	$(srcdir)/gpgme-h-clean.py \
-	$(srcdir)/examples \
-	$(srcdir)/helpers.c $(srcdir)/helpers.h $(srcdir)/private.h
-
-COPY_FILES_GPG = \
-	$(srcdir)/gpg/callbacks.py \
-	$(srcdir)/gpg/constants \
-	$(srcdir)/gpg/core.py \
-	$(srcdir)/gpg/errors.py \
-	$(srcdir)/gpg/__init__.py \
-	$(srcdir)/gpg/results.py \
-	$(srcdir)/gpg/util.py
-
-CLEANFILES = copystamp
+CLEANFILES = copystamp \
+	config.h \
+	data.h \
+	gpg
+
 all: all-recursive
 
 .SUFFIXES:
@@ -454,6 +439,8 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
 $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
 	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
 $(am__aclocal_m4_deps):
+version.py: $(top_builddir)/config.status $(srcdir)/version.py.in
+	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
 setup.py: $(top_builddir)/config.status $(srcdir)/setup.py.in
 	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
 
@@ -736,46 +723,42 @@ uninstall-am: uninstall-local
 	ps ps-am tags tags-am uninstall uninstall-am uninstall-local
 
 
+.PHONY: prepare
+prepare: copystamp
+
 # For VPATH builds we need to copy some files because Python's
 # distutils are not VPATH-aware.
-copystamp: $(COPY_FILES) $(COPY_FILES_GPG)
-	set -e ; for VERSION in $(PYTHON_VERSIONS); do \
-	  $(MKDIR_P)              python$${VERSION}-gpg/gpg ; \
-	  cp -R $(COPY_FILES)     python$${VERSION}-gpg ; \
-	  cp setup.py             python$${VERSION}-gpg ; \
-	  cp gpg/version.py       python$${VERSION}-gpg/gpg ; \
-	  ln -sf "$(abs_top_srcdir)/src/data.h" python$${VERSION}-gpg ; \
-	  ln -sf "$(abs_top_builddir)/config.h" python$${VERSION}-gpg ; \
-	  cp -R $(COPY_FILES_GPG) python$${VERSION}-gpg/gpg ; \
-	done
+copystamp:
+	ln -sf "$(top_srcdir)/src/data.h" .
+	ln -sf "$(top_builddir)/config.h" .
+	ln -sf "$(srcdir)/src" gpg
 	touch $@
 
 all-local: copystamp
-	set -e ; set $(PYTHONS); for VERSION in $(PYTHON_VERSIONS); do \
-	  PYTHON="$$1" ; shift ; \
-	  cd python$${VERSION}-gpg && \
+	set -e ; for PYTHON in $(PYTHONS); do \
+	  CPP="$(CPP)" \
 	  CFLAGS="$(CFLAGS)" \
-	    $$PYTHON setup.py build --verbose ; \
-	  cd .. ; \
+	  srcdir="$(srcdir)" \
+	  top_builddir="$(top_builddir)" \
+	    $$PYTHON setup.py build --verbose --build-base="$$(basename "$${PYTHON}")-gpg" ; \
 	done
 
-python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \
 python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc: copystamp
-	cd python$(PYTHON_VERSION)-gpg && \
+	$(MKDIR_P) python$(PYTHON_VERSION)-gpg-dist
+	CPP="$(CPP)" \
 	CFLAGS="$(CFLAGS)" \
-	  $(PYTHON) setup.py sdist --verbose
-	gpg2 --detach-sign --armor python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz
-
-.PHONY: prepare
-prepare: copystamp
+	srcdir="$(srcdir)" \
+	top_builddir="$(top_builddir)" \
+	  $(PYTHON) setup.py sdist --verbose --dist-dir=python$(PYTHON_VERSION)-gpg-dist \
+		--manifest=python$(PYTHON_VERSION)-gpg-dist/MANIFEST
+	gpg2 --detach-sign --armor python$(PYTHON_VERSION)-gpg-dist/gpg-$(VERSION).tar.gz
 
 .PHONY: sdist
-sdist: python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \
-       python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc
+sdist:	python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc
 
 .PHONY: upload
-upload: python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \
-        python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc
+upload: python$(PYTHON_VERSION)-gpg-dist/gpg-$(VERSION).tar.gz \
+        python$(PYTHON_VERSION)-gpg-dist/gpg-$(VERSION).tar.gz.asc
 	twine upload $^
 
 # Remove the rest.
@@ -784,30 +767,31 @@ upload: python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \
 # permissions.
 clean-local:
 	rm -rf -- build
-	for VERSION in $(PYTHON_VERSIONS); do \
-	  find python$${VERSION}-gpg -type d ! -perm -200 -exec chmod u+w {} ';' ; \
-	  rm -rf -- python$${VERSION}-gpg ; \
+	for PYTHON in $(PYTHONS); do \
+	  find "$$(basename "$${PYTHON}")-gpg" -type d ! -perm -200 -exec chmod u+w {} ';' ; \
+	  rm -rf -- "$$(basename "$${PYTHON}")-gpg" ; \
 	done
 
 install-exec-local:
-	rm -f install_files.txt
-	set -e ; set $(PYTHONS); for VERSION in $(PYTHON_VERSIONS); do \
-	  PYTHON="$$1" ; shift ; \
-	  cd python$${VERSION}-gpg ; \
-	  $$PYTHON setup.py install \
-	  --prefix $(DESTDIR)$(prefix) \
-	  --record files.txt \
+	set -e ; for PYTHON in $(PYTHONS); do \
+	  CPP="$(CPP)" \
+	  CFLAGS="$(CFLAGS)" \
+	  srcdir="$(srcdir)" \
+	  top_builddir="$(top_builddir)" \
+	  $$PYTHON setup.py \
+	  build \
+	  --build-base="$$(basename "$${PYTHON}")-gpg" \
+	  install \
+	  --prefix "$(DESTDIR)$(prefix)" \
 	  --verbose ; \
-	  cat files.txt >> ../install_files.txt ; \
-	  rm files.txt ; \
-	  cd .. ; \
 	done
-	$(MKDIR_P) $(DESTDIR)$(pythondir)/gpg
-	mv install_files.txt $(DESTDIR)$(pythondir)/gpg
 
 uninstall-local:
-	xargs <$(DESTDIR)$(pythondir)/gpg/install_files.txt -- rm -rf --
-	rm -rf -- $(DESTDIR)$(pythondir)/gpg
+	set -x; GV=$$(echo $(VERSION) | tr - _); for PYTHON in $(PYTHONS); do \
+	  PLATLIB="$(prefix)/$$("$${PYTHON}" -c 'import sysconfig, os; print(os.path.relpath(sysconfig.get_path("platlib", scheme="posix_prefix"), sysconfig.get_config_var("prefix")))')" ; \
+	  rm -rf -- "$(DESTDIR)$${PLATLIB}/gpg" \
+		"$(DESTDIR)$${PLATLIB}"/gpg-$$GV-py*.egg-info ; \
+	done
 
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/lang/python/examples/exportimport.py b/lang/python/examples/exportimport.py
index 8ae87a8..d84a01c 100755
--- a/lang/python/examples/exportimport.py
+++ b/lang/python/examples/exportimport.py
@@ -45,7 +45,7 @@ with gpg.Context(armor=True) as c, gpg.Data() as expkey:
 # of them.
 with gpg.Context() as c:
     # Note: We must not modify the key store during iteration,
-    # therfore, we explicitly make a list.
+    # therefore, we explicitly make a list.
     keys = list(c.keylist(user))
 
     for k in keys:
diff --git a/lang/python/gpg/version.py b/lang/python/gpg/version.py
deleted file mode 100644
index ff4cd71..0000000
--- a/lang/python/gpg/version.py
+++ /dev/null
@@ -1,68 +0,0 @@
-# Copyright (C) 2016 g10 Code GmbH
-# Copyright (C) 2015 Ben McGinnes <ben@adversary.org>
-# Copyright (C) 2004 Igor Belyi <belyi@users.sourceforge.net>
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
-
-from __future__ import absolute_import, print_function
-del absolute_import, print_function
-
-from . import gpgme
-
-productname = 'gpg'
-versionstr = "1.9.0"
-gpgme_versionstr = gpgme.GPGME_VERSION
-in_tree_build = bool(gpgme.cvar.gpg_in_tree_build)
-
-versionlist = versionstr.split(".")
-major = versionlist[0]
-minor = versionlist[1]
-patch = versionlist[2]
-
-copyright = """\
-Copyright (C) 2016 g10 Code GmbH
-Copyright (C) 2015 Ben McGinnes
-Copyright (C) 2014-2015 Martin Albrecht
-Copyright (C) 2004-2008 Igor Belyi
-Copyright (C) 2002 John Goerzen"""
-
-author = "The GnuPG hackers"
-author_email = "gnupg-devel@gnupg.org"
-
-description = "Python support for GPGME GnuPG cryptography library"
-homepage = "https://gnupg.org"
-
-license = """Copyright (C) 2016 g10 Code GmbH
-Copyright (C) 2015 Ben McGinnes <ben@adversary.org>
-Copyright (C) 2014, 2015 Martin Albrecht <martinralbrecht@googlemail.com>
-Copyright (C) 2004, 2008 Igor Belyi <belyi@users.sourceforge.net>
-Copyright (C) 2002 John Goerzen <jgoerzen@complete.org>
-
-This library is free software; you can redistribute it and/or
-modify it under the terms of the GNU Lesser General Public
-License as published by the Free Software Foundation; either
-version 2.1 of the License, or (at your option) any later version.
-
-This library is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-Lesser General Public License for more details.
-
-You should have received a copy of the GNU Lesser General Public
-License along with this library; if not, write to the Free Software
-Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA"""
-
-# Interface hygiene.  Keep this at the end.
-del gpgme
diff --git a/lang/python/gpgme-h-clean.py b/lang/python/gpgme-h-clean.py
deleted file mode 100755
index 52f8676..0000000
--- a/lang/python/gpgme-h-clean.py
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/usr/bin/env python
-
-# Copyright (C) 2016 g10 Code GmbH
-# Copyright (C) 2004,2008 Igor Belyi <belyi@users.sourceforge.net>
-#
-#    This library is free software; you can redistribute it and/or
-#    modify it under the terms of the GNU Lesser General Public
-#    License as published by the Free Software Foundation; either
-#    version 2.1 of the License, or (at your option) any later version.
-#
-#    This library is distributed in the hope that it will be useful,
-#    but WITHOUT ANY WARRANTY; without even the implied warranty of
-#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-#    Lesser General Public License for more details.
-#
-#    You should have received a copy of the GNU Lesser General Public
-#    License along with this library; if not, write to the Free Software
-#    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
-
-from __future__ import absolute_import, print_function, unicode_literals
-del absolute_import, print_function, unicode_literals
-
-import sys, re
-
-if len(sys.argv) != 2:
-    sys.stderr.write("Usage: %s path/to/[gpgme|gpg-error].h\n" % sys.argv[0])
-    sys.exit(1)
-
-deprec_func = re.compile(r'^(.*typedef.*|.*\(.*\)|[^#]+\s+.+)'
-                         + r'\s*_GPGME_DEPRECATED(_OUTSIDE_GPGME)?\(.*\);\s*',
-                         re.S)
-line_break = re.compile(';|\\$|\\x0c|^\s*#|{');
-
-if 'gpgme.h' in sys.argv[1]:
-    gpgme = open(sys.argv[1])
-    tmp = gpgme.readline()
-    text = ''
-    while tmp:
-        text += re.sub(' class ', ' _py_obsolete_class ', tmp)
-        if line_break.search(tmp):
-            if not deprec_func.search(text):
-                sys.stdout.write(text)
-            text = ''
-        tmp = gpgme.readline()
-    sys.stdout.write(text)
-    gpgme.close()
-else:
-    filter_re = re.compile(r'GPG_ERR_[^ ]* =')
-    rewrite_re = re.compile(r' *(.*) = .*')
-    for line in open(sys.argv[1]):
-        if not filter_re.search(line):
-            continue
-        print(rewrite_re.sub(r'%constant long \1 = \1;', line.strip()))
diff --git a/lang/python/gpgme.i b/lang/python/gpgme.i
index 610b3d9..492326b 100644
--- a/lang/python/gpgme.i
+++ b/lang/python/gpgme.i
@@ -557,6 +557,11 @@ gpgme_error_t gpgme_op_keylist_start (gpgme_ctx_t ctx,
                       const char *pattern="",
                       int secret_only=0);
 
+/* The whence argument is surprising in Python-land,
+   because BytesIO or StringIO objects do not require it.
+   It defaults to SEEK_SET. Let's do that for Data objects, too */
+off_t gpgme_data_seek (gpgme_data_t dh, off_t offset, int whence=SEEK_SET);
+
 /* Include the unmodified <gpgme.h> for cc, and the cleaned-up local
    version for SWIG.  We do, however, want to hide certain fields on
    some structs, which we provide prior to including the version for
diff --git a/lang/python/setup.py.in b/lang/python/setup.py.in
index bf4efa3..f9dda20 100755
--- a/lang/python/setup.py.in
+++ b/lang/python/setup.py.in
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 
-# Copyright (C) 2016 g10 Code GmbH
-# Copyright (C) 2004 Igor Belyi <belyi@users.sourceforge.net>
+# Copyright (C) 2016-2017 g10 Code GmbH
+# Copyright (C) 2004,2008 Igor Belyi <belyi@users.sourceforge.net>
 # Copyright (C) 2002 John Goerzen <jgoerzen@complete.org>
 #
 #    This library is free software; you can redistribute it and/or
@@ -21,6 +21,8 @@
 from distutils.core import setup, Extension
 import os, os.path, sys
 import glob
+import re
+import shutil
 import subprocess
 
 # Out-of-tree build of the gpg bindings.
@@ -34,12 +36,13 @@ in_tree = False
 extra_swig_opts = []
 extra_macros = dict()
 
-if os.path.exists("../../../src/gpgme-config"):
+top_builddir = os.environ.get("top_builddir")
+if top_builddir:
     # In-tree build.
     in_tree = True
-    gpgme_config = ["../../../src/gpgme-config"] + gpgme_config_flags
-    gpgme_h = "../../../src/gpgme.h"
-    library_dirs = ["../../../src/.libs"] # XXX uses libtool internals
+    gpgme_config = [os.path.join(top_builddir, "src/gpgme-config")] + gpgme_config_flags
+    gpgme_h = os.path.join(top_builddir, "src/gpgme.h")
+    library_dirs = [os.path.join(top_builddir, "src/.libs")] # XXX uses libtool internals
     extra_macros.update(
         HAVE_CONFIG_H=1,
         HAVE_DATA_H=1,
@@ -52,13 +55,6 @@ else:
     devnull = open(os.devnull, "w")
 
 try:
-    subprocess.check_call(gpg_error_config + ['--version'],
-                          stdout=devnull)
-except:
-    sys.exit("Could not find gpg-error-config.  " +
-             "Please install the libgpg-error development package.")
-
-try:
     subprocess.check_call(gpgme_config + ['--version'],
                           stdout=devnull)
 except:
@@ -81,21 +77,6 @@ if not (major > 1 or (major == 1 and minor >= 7)):
 if not gpgme_h:
     gpgme_h = os.path.join(getconfig("prefix")[0], "include", "gpgme.h")
 
-gpg_error_prefix = getconfig("prefix", config=gpg_error_config)[0]
-gpg_error_h = os.path.join(gpg_error_prefix, "include", "gpg-error.h")
-if not os.path.exists(gpg_error_h):
-    gpg_error_h = \
-        glob.glob(os.path.join(gpg_error_prefix, "include",
-                               "*", "gpg-error.h"))[0]
-
-print("Building python gpg module using {} and {}.".format(gpgme_h, gpg_error_h))
-
-# Cleanup gpgme.h from deprecated functions and typedefs.
-subprocess.check_call([sys.executable, "gpgme-h-clean.py", gpgme_h],
-                      stdout=open("gpgme.h", "w"))
-subprocess.check_call([sys.executable, "gpgme-h-clean.py", gpg_error_h],
-                      stdout=open("errors.i", "w"))
-
 define_macros = []
 libs = getconfig('libs')
 
@@ -139,6 +120,12 @@ if uname_s.startswith("MINGW32"):
                library_dirs.append(os.path.join(tgt, item))
                break
 
+def in_srcdir(name):
+    return os.path.join(os.environ.get("srcdir", ""), name)
+def up_to_date(source, target):
+    return (os.path.exists(target)
+            and os.path.getmtime(source) <= os.path.getmtime(target))
+
 # We build an Extension using SWIG, which generates a Python module.
 # By default, the 'build_py' step is run before 'build_ext', and
 # therefore the generated Python module is not copied into the build
@@ -148,14 +135,105 @@ if uname_s.startswith("MINGW32"):
 # http://stackoverflow.com/questions/12491328/python-distutils-not-include-the-swig-generated-module
 from distutils.command.build import build
 class BuildExtFirstHack(build):
+
+    def _read_header(self, header, cflags):
+        tmp_include = self._in_build_base("include1.h")
+        with open(tmp_include, 'w') as f:
+            f.write("#include <%s>" % header)
+        return subprocess.check_output(os.environ.get('CPP', 'cc -E').split() + cflags + [tmp_include]).decode('utf-8')
+
+    def _write_if_unchanged(self, target, content):
+        if os.path.exists(target):
+            with open(target) as f:
+                if f.read() == content:
+                    return
+
+        with open(target, "w") as sink:
+            sink.write(content)
+
+    def _generate_gpgme_h(self, source_name, sink_name):
+        if up_to_date(source_name, sink_name):
+            return
+
+        print("Using gpgme.h from {}".format(source_name))
+
+        deprec_func = re.compile(r'^(.*typedef.*|.*\(.*\)|[^#]+\s+.+)'
+                                 + r'\s*_GPGME_DEPRECATED(_OUTSIDE_GPGME)?\(.*\);\s*',
+                                 re.S)
+        line_break = re.compile(';|\\$|\\x0c|^\s*#|{')
+
+        with open(sink_name, "w") as sink, open(source_name) as source:
+            text = ''
+            for line in source:
+                text += re.sub(' class ', ' _py_obsolete_class ', line)
+                if line_break.search(line):
+                    if not deprec_func.search(text):
+                        sink.write(text)
+                    text = ''
+            sink.write(text)
+
+    def _generate_errors_i(self):
+
+        try:
+            subprocess.check_call(gpg_error_config + ['--version'],
+                                  stdout=devnull)
+        except:
+            sys.exit("Could not find gpg-error-config.  " +
+                     "Please install the libgpg-error development package.")
+
+        gpg_error_content = self._read_header("gpg-error.h", getconfig("cflags", config=gpg_error_config))
+
+        filter_re = re.compile(r'GPG_ERR_[^ ]* =')
+        rewrite_re = re.compile(r' *(.*) = .*')
+
+        errors_i_content = ''
+        for line in gpg_error_content.splitlines():
+            if not filter_re.search(line):
+                continue
+            errors_i_content += rewrite_re.sub(r'%constant long \1 = \1;'+'\n', line.strip())
+
+        self._write_if_unchanged(self._in_build_base("errors.i"), errors_i_content)
+
+    def _in_build_base(self, name):
+        return os.path.join(self.build_base, name)
+
+    def _generate(self):
+        # Cleanup gpgme.h from deprecated functions and typedefs.
+        if not os.path.exists(self.build_base):
+            os.makedirs(self.build_base)
+
+        self._generate_gpgme_h(gpgme_h, self._in_build_base("gpgme.h"))
+        self._generate_errors_i()
+
+        # Copy due to http://bugs.python.org/issue2624
+        # Avoid creating in srcdir
+        for source, target in ((in_srcdir(n), self._in_build_base(n))
+                               for n in ('gpgme.i', 'helpers.c', 'private.h', 'helpers.h')):
+            if not up_to_date(source, target):
+                shutil.copy2(source, target)
+
+        # Append generated files via build_base
+        if not os.path.exists(os.path.join(self.build_lib, "gpg")):
+            os.makedirs(os.path.join(self.build_lib, "gpg"))
+        shutil.copy2("version.py", os.path.join(self.build_lib, "gpg"))
+
     def run(self):
+        self._generate()
+
+        swig_sources.extend((self._in_build_base('gpgme.i'), self._in_build_base('helpers.c')))
+        swig_opts.extend(['-I' + self.build_base,
+                          '-outdir', os.path.join(self.build_lib, 'gpg')])
+        include_dirs.insert(0, self.build_base)
+
         self.run_command('build_ext')
         build.run(self)
 
 py3 = [] if sys.version_info.major < 3 else ['-py3']
-swige = Extension("gpg._gpgme", ["gpgme.i", "helpers.c"],
-                  swig_opts = ['-threads',
-                               '-outdir', 'gpg'] + py3 + extra_swig_opts,
+swig_sources = []
+swig_opts = ['-threads'] + py3 + extra_swig_opts
+swige = Extension("gpg._gpgme",
+                  sources = swig_sources,
+                  swig_opts = swig_opts,
                   include_dirs = include_dirs,
                   define_macros = define_macros,
                   library_dirs = library_dirs,
diff --git a/lang/python/gpg/__init__.py b/lang/python/src/__init__.py
index 385b17e..385b17e 100644
--- a/lang/python/gpg/__init__.py
+++ b/lang/python/src/__init__.py
diff --git a/lang/python/gpg/callbacks.py b/lang/python/src/callbacks.py
index b25a9a7..b25a9a7 100644
--- a/lang/python/gpg/callbacks.py
+++ b/lang/python/src/callbacks.py
diff --git a/lang/python/gpg/constants/__init__.py b/lang/python/src/constants/__init__.py
index 484ffd2..484ffd2 100644
--- a/lang/python/gpg/constants/__init__.py
+++ b/lang/python/src/constants/__init__.py
diff --git a/lang/python/gpg/constants/create.py b/lang/python/src/constants/create.py
index 132e96d..132e96d 100644
--- a/lang/python/gpg/constants/create.py
+++ b/lang/python/src/constants/create.py
diff --git a/lang/python/gpg/constants/data/__init__.py b/lang/python/src/constants/data/__init__.py
index 8274ab9..8274ab9 100644
--- a/lang/python/gpg/constants/data/__init__.py
+++ b/lang/python/src/constants/data/__init__.py
diff --git a/lang/python/gpg/constants/data/encoding.py b/lang/python/src/constants/data/encoding.py
index e76a22e..e76a22e 100644
--- a/lang/python/gpg/constants/data/encoding.py
+++ b/lang/python/src/constants/data/encoding.py
diff --git a/lang/python/gpg/constants/event.py b/lang/python/src/constants/event.py
index 1b14d1d..1b14d1d 100644
--- a/lang/python/gpg/constants/event.py
+++ b/lang/python/src/constants/event.py
diff --git a/lang/python/gpg/constants/import.py b/lang/python/src/constants/import.py
index 47c296c..47c296c 100644
--- a/lang/python/gpg/constants/import.py
+++ b/lang/python/src/constants/import.py
diff --git a/lang/python/gpg/constants/keylist/__init__.py b/lang/python/src/constants/keylist/__init__.py
index 2ce0edf..2ce0edf 100644
--- a/lang/python/gpg/constants/keylist/__init__.py
+++ b/lang/python/src/constants/keylist/__init__.py
diff --git a/lang/python/gpg/constants/keylist/mode.py b/lang/python/src/constants/keylist/mode.py
index 39e1819..39e1819 100644
--- a/lang/python/gpg/constants/keylist/mode.py
+++ b/lang/python/src/constants/keylist/mode.py
diff --git a/lang/python/gpg/constants/keysign.py b/lang/python/src/constants/keysign.py
index fccdbc4..fccdbc4 100644
--- a/lang/python/gpg/constants/keysign.py
+++ b/lang/python/src/constants/keysign.py
diff --git a/lang/python/gpg/constants/md.py b/lang/python/src/constants/md.py
index f3e8bbd..f3e8bbd 100644
--- a/lang/python/gpg/constants/md.py
+++ b/lang/python/src/constants/md.py
diff --git a/lang/python/gpg/constants/pk.py b/lang/python/src/constants/pk.py
index 6bf2a21..6bf2a21 100644
--- a/lang/python/gpg/constants/pk.py
+++ b/lang/python/src/constants/pk.py
diff --git a/lang/python/gpg/constants/protocol.py b/lang/python/src/constants/protocol.py
index d086bbd..d086bbd 100644
--- a/lang/python/gpg/constants/protocol.py
+++ b/lang/python/src/constants/protocol.py
diff --git a/lang/python/gpg/constants/sig/__init__.py b/lang/python/src/constants/sig/__init__.py
index 39d4e6e..39d4e6e 100644
--- a/lang/python/gpg/constants/sig/__init__.py
+++ b/lang/python/src/constants/sig/__init__.py
diff --git a/lang/python/gpg/constants/sig/mode.py b/lang/python/src/constants/sig/mode.py
index 0f4f0ef..0f4f0ef 100644
--- a/lang/python/gpg/constants/sig/mode.py
+++ b/lang/python/src/constants/sig/mode.py
diff --git a/lang/python/gpg/constants/sig/notation.py b/lang/python/src/constants/sig/notation.py
index 9a79e01..9a79e01 100644
--- a/lang/python/gpg/constants/sig/notation.py
+++ b/lang/python/src/constants/sig/notation.py
diff --git a/lang/python/gpg/constants/sigsum.py b/lang/python/src/constants/sigsum.py
index 09ef9d7..09ef9d7 100644
--- a/lang/python/gpg/constants/sigsum.py
+++ b/lang/python/src/constants/sigsum.py
diff --git a/lang/python/gpg/constants/status.py b/lang/python/src/constants/status.py
index a0ad073..a0ad073 100644
--- a/lang/python/gpg/constants/status.py
+++ b/lang/python/src/constants/status.py
diff --git a/lang/python/gpg/constants/tofu/__init__.py b/lang/python/src/constants/tofu/__init__.py
index 819a58b..819a58b 100644
--- a/lang/python/gpg/constants/tofu/__init__.py
+++ b/lang/python/src/constants/tofu/__init__.py
diff --git a/lang/python/gpg/constants/tofu/policy.py b/lang/python/src/constants/tofu/policy.py
index 5a61f06..5a61f06 100644
--- a/lang/python/gpg/constants/tofu/policy.py
+++ b/lang/python/src/constants/tofu/policy.py
diff --git a/lang/python/gpg/constants/validity.py b/lang/python/src/constants/validity.py
index d3c5345..d3c5345 100644
--- a/lang/python/gpg/constants/validity.py
+++ b/lang/python/src/constants/validity.py
diff --git a/lang/python/gpg/core.py b/lang/python/src/core.py
index 632f4ca..bd95d23 100644
--- a/lang/python/gpg/core.py
+++ b/lang/python/src/core.py
@@ -132,7 +132,7 @@ class GpgmeWrapper(object):
                 result = func(slf.wrapped, *args)
                 if slf._callback_excinfo:
                     gpgme.gpg_raise_callback_exception(slf)
-                return errorcheck(result, "Invocation of " + name)
+                return errorcheck(result, name)
         else:
             def _funcwrap(slf, *args):
                 result = func(slf.wrapped, *args)
@@ -206,6 +206,17 @@ class Context(GpgmeWrapper):
         self.protocol = protocol
         self.home_dir = home_dir
 
+    def __read__(self, sink, data):
+        """Read helper
+
+        Helper function to retrieve the results of an operation, or
+        None if SINK is given.
+        """
+        if sink or data == None:
+            return None
+        data.seek(0, os.SEEK_SET)
+        return data.read()
+
     def __repr__(self):
         return (
             "Context(armor={0.armor}, "
@@ -270,15 +281,25 @@ class Context(GpgmeWrapper):
             else:
                 self.op_encrypt(recipients, flags, plaintext, ciphertext)
         except errors.GPGMEError as e:
+            result = self.op_encrypt_result()
+            sig_result = self.op_sign_result() if sign else None
+            results = (self.__read__(sink, ciphertext),
+                       result, sig_result)
             if e.getcode() == errors.UNUSABLE_PUBKEY:
-                result = self.op_encrypt_result()
                 if result.invalid_recipients:
-                    raise errors.InvalidRecipients(result.invalid_recipients)
+                    raise errors.InvalidRecipients(result.invalid_recipients,
+                                                   error=e.error,
+                                                   results=results)
             if e.getcode() == errors.UNUSABLE_SECKEY:
                 sig_result = self.op_sign_result()
                 if sig_result.invalid_signers:
-                    raise errors.InvalidSigners(sig_result.invalid_signers)
-            raise
+                    raise errors.InvalidSigners(sig_result.invalid_signers,
+                                                error=e.error,
+                                                results=results)
+            # Otherwise, just raise the error, but attach the results
+            # first.
+            e.results = results
+            raise e
         finally:
             if passphrase != None:
                 self.pinentry_mode = old_pinentry_mode
@@ -290,11 +311,7 @@ class Context(GpgmeWrapper):
         sig_result = self.op_sign_result() if sign else None
         assert not sig_result or not sig_result.invalid_signers
 
-        cipherbytes = None
-        if not sink:
-            ciphertext.seek(0, os.SEEK_SET)
-            cipherbytes = ciphertext.read()
-        return cipherbytes, result, sig_result
+        return self.__read__(sink, ciphertext), result, sig_result
 
     def decrypt(self, ciphertext, sink=None, passphrase=None, verify=True):
         """Decrypt data
@@ -340,6 +357,13 @@ class Context(GpgmeWrapper):
                 self.op_decrypt_verify(ciphertext, plaintext)
             else:
                 self.op_decrypt(ciphertext, plaintext)
+        except errors.GPGMEError as e:
+            result = self.op_decrypt_result()
+            verify_result = self.op_verify_result() if verify else None
+            # Just raise the error, but attach the results first.
+            e.results = (self.__read__(sink, plaintext),
+                         result, verify_result)
+            raise e
         finally:
             if passphrase != None:
                 self.pinentry_mode = old_pinentry_mode
@@ -348,13 +372,15 @@ class Context(GpgmeWrapper):
 
         result = self.op_decrypt_result()
         verify_result = self.op_verify_result() if verify else None
+        results = (self.__read__(sink, plaintext), result, verify_result)
         if result.unsupported_algorithm:
-            raise errors.UnsupportedAlgorithm(result.unsupported_algorithm)
+            raise errors.UnsupportedAlgorithm(result.unsupported_algorithm,
+                                              results=results)
 
         if verify:
             if any(s.status != errors.NO_ERROR
                    for s in verify_result.signatures):
-                raise errors.BadSignatures(verify_result)
+                raise errors.BadSignatures(verify_result, results=results)
 
         if verify and verify != True:
             missing = list()
@@ -372,13 +398,10 @@ class Context(GpgmeWrapper):
                 if not ok:
                     missing.append(key)
             if missing:
-                raise errors.MissingSignatures(verify_result, missing)
+                raise errors.MissingSignatures(verify_result, missing,
+                                               results=results)
 
-        plainbytes = None
-        if not sink:
-            plaintext.seek(0, os.SEEK_SET)
-            plainbytes = plaintext.read()
-        return plainbytes, result, verify_result
+        return results
 
     def sign(self, data, sink=None, mode=constants.SIG_MODE_NORMAL):
         """Sign data
@@ -408,20 +431,20 @@ class Context(GpgmeWrapper):
         try:
             self.op_sign(data, signeddata, mode)
         except errors.GPGMEError as e:
+            results = (self.__read__(sink, signeddata),
+                       self.op_sign_result())
             if e.getcode() == errors.UNUSABLE_SECKEY:
-                result = self.op_sign_result()
-                if result.invalid_signers:
-                    raise errors.InvalidSigners(result.invalid_signers)
-            raise
+                if results[1].invalid_signers:
+                    raise errors.InvalidSigners(results[1].invalid_signers,
+                                                error=e.error,
+                                                results=results)
+            e.results = results
+            raise e
 
         result = self.op_sign_result()
         assert not result.invalid_signers
 
-        signedbytes = None
-        if not sink:
-            signeddata.seek(0, os.SEEK_SET)
-            signedbytes = signeddata.read()
-        return signedbytes, result
+        return self.__read__(sink, signeddata), result
 
     def verify(self, signed_data, signature=None, sink=None, verify=[]):
         """Verify signatures
@@ -451,20 +474,26 @@ class Context(GpgmeWrapper):
         else:
             data = sink if sink else Data()
 
-        if signature:
-            self.op_verify(signature, signed_data, None)
-        else:
-            self.op_verify(signed_data, None, data)
+        try:
+            if signature:
+                self.op_verify(signature, signed_data, None)
+            else:
+                self.op_verify(signed_data, None, data)
+        except errors.GPGMEError as e:
+            # Just raise the error, but attach the results first.
+            e.results = (self.__read__(sink, data),
+                         self.op_verify_result())
+            raise e
 
-        result = self.op_verify_result()
-        if any(s.status != errors.NO_ERROR for s in result.signatures):
-            raise errors.BadSignatures(result)
+        results = (self.__read__(sink, data), self.op_verify_result())
+        if any(s.status != errors.NO_ERROR for s in results[1].signatures):
+            raise errors.BadSignatures(results[1], results=results)
 
         missing = list()
         for key in verify:
             ok = False
             for subkey in key.subkeys:
-                for sig in result.signatures:
+                for sig in results[1].signatures:
                     if sig.summary & constants.SIGSUM_VALID == 0:
                         continue
                     if subkey.can_sign and subkey.fpr == sig.fpr:
@@ -475,13 +504,10 @@ class Context(GpgmeWrapper):
             if not ok:
                 missing.append(key)
         if missing:
-            raise errors.MissingSignatures(result, missing)
+            raise errors.MissingSignatures(results[1], missing,
+                                           results=results)
 
-        plainbytes = None
-        if data and not sink:
-            data.seek(0, os.SEEK_SET)
-            plainbytes = data.read()
-        return plainbytes, result
+        return results
 
     def keylist(self, pattern=None, secret=False,
                 mode=constants.keylist.mode.LOCAL,
diff --git a/lang/python/gpg/errors.py b/lang/python/src/errors.py
index 1ce139e..c41ac69 100644
--- a/lang/python/gpg/errors.py
+++ b/lang/python/src/errors.py
@@ -1,3 +1,4 @@
+# Copyright (C) 2016-2017 g10 Code GmbH
 # Copyright (C) 2004 Igor Belyi <belyi@users.sourceforge.net>
 # Copyright (C) 2002 John Goerzen <jgoerzen@complete.org>
 #
@@ -30,32 +31,89 @@ util.process_constants('GPG_ERR_', globals())
 del util
 
 class GpgError(Exception):
-    pass
+    """A GPG Error
 
-class GPGMEError(GpgError):
-    def __init__(self, error = None, message = None):
+    This is the base of all errors thrown by this library.
+
+    If the error originated from GPGME, then additional information
+    can be found by looking at 'code' for the error code, and 'source'
+    for the errors origin.  Suitable constants for comparison are
+    defined in this module.  'code_str' and 'source_str' are
+    human-readable versions of the former two properties.
+
+    If 'context' is not None, then it contains a human-readable hint
+    as to where the error originated from.
+
+    If 'results' is not None, it is a tuple containing results of the
+    operation that failed.  The tuples elements are the results of the
+    function that raised the error.  Some operations return results
+    even though they signal an error.  Of course this information must
+    be taken with a grain of salt.  But often, this information is
+    useful for diagnostic uses or to give the user feedback.  Since
+    the normal control flow is disrupted by the exception, the callee
+    can no longer return results, hence we attach them to the
+    exception objects.
+
+    """
+    def __init__(self, error=None, context=None, results=None):
         self.error = error
-        self.message = message
+        self.context = context
+        self.results = results
+
+    @property
+    def code(self):
+        if self.error == None:
+            return None
+        return gpgme.gpgme_err_code(self.error)
+
+    @property
+    def code_str(self):
+        if self.error == None:
+            return None
+        return gpgme.gpgme_strerror(self.error)
+
+    @property
+    def source(self):
+        if self.error == None:
+            return None
+        return gpgme.gpgme_err_source(self.error)
+
+    @property
+    def source_str(self):
+        if self.error == None:
+            return None
+        return gpgme.gpgme_strsource(self.error)
+
+    def __str__(self):
+        msgs = []
+        if self.context != None:
+            msgs.append(self.context)
+        if self.error != None:
+            msgs.append(self.source_str)
+            msgs.append(self.code_str)
+        return ': '.join(msgs)
+
+class GPGMEError(GpgError):
+    '''Generic error
+
+    This is a generic error that wraps the underlying libraries native
+    error type.  It is thrown when the low-level API is invoked and
+    returns an error.  This is the error that was used in PyME.
 
+    '''
     @classmethod
     def fromSyserror(cls):
         return cls(gpgme.gpgme_err_code_from_syserror())
-
+    @property
+    def message(self):
+        return self.context
     def getstring(self):
-        message = "%s: %s" % (gpgme.gpgme_strsource(self.error),
-                              gpgme.gpgme_strerror(self.error))
-        if self.message != None:
-            message = "%s: %s" % (self.message, message)
-        return message
-
+        return str(self)
     def getcode(self):
-        return gpgme.gpgme_err_code(self.error)
-
+        return self.code
     def getsource(self):
-        return gpgme.gpgme_err_source(self.error)
+        return self.source
 
-    def __str__(self):
-        return self.getstring()
 
 def errorcheck(retval, extradata = None):
     if retval:
@@ -81,7 +139,8 @@ class EncryptionError(GpgError):
     pass
 
 class InvalidRecipients(EncryptionError):
-    def __init__(self, recipients):
+    def __init__(self, recipients, **kwargs):
+        EncryptionError.__init__(self, **kwargs)
         self.recipients = recipients
     def __str__(self):
         return ", ".join("{}: {}".format(r.fpr,
@@ -92,7 +151,8 @@ class DeryptionError(GpgError):
     pass
 
 class UnsupportedAlgorithm(DeryptionError):
-    def __init__(self, algorithm):
+    def __init__(self, algorithm, **kwargs):
+        DeryptionError.__init__(self, **kwargs)
         self.algorithm = algorithm
     def __str__(self):
         return self.algorithm
@@ -101,7 +161,8 @@ class SigningError(GpgError):
     pass
 
 class InvalidSigners(SigningError):
-    def __init__(self, signers):
+    def __init__(self, signers, **kwargs):
+        SigningError.__init__(self, **kwargs)
         self.signers = signers
     def __str__(self):
         return ", ".join("{}: {}".format(s.fpr,
@@ -109,11 +170,11 @@ class InvalidSigners(SigningError):
                          for s in self.signers)
 
 class VerificationError(GpgError):
-    pass
+    def __init__(self, result, **kwargs):
+        GpgError.__init__(self, **kwargs)
+        self.result = result
 
 class BadSignatures(VerificationError):
-    def __init__(self, result):
-        self.result = result
     def __str__(self):
         return ", ".join("{}: {}".format(s.fpr,
                                          gpgme.gpgme_strerror(s.status))
@@ -121,8 +182,8 @@ class BadSignatures(VerificationError):
                          if s.status != NO_ERROR)
 
 class MissingSignatures(VerificationError):
-    def __init__(self, result, missing):
-        self.result = result
+    def __init__(self, result, missing, **kwargs):
+        VerificationError.__init__(self, result, **kwargs)
         self.missing = missing
     def __str__(self):
         return ", ".join(k.subkeys[0].fpr for k in self.missing)
diff --git a/lang/python/gpg/results.py b/lang/python/src/results.py
index 46ebeec..bfd0f68 100644
--- a/lang/python/gpg/results.py
+++ b/lang/python/src/results.py
@@ -80,7 +80,7 @@ class Recipient(Result):
     pass
 
 class DecryptResult(Result):
-    _type = dict(wrong_key_usage=bool)
+    _type = dict(wrong_key_usage=bool, is_de_vs=bool)
     _map = dict(recipients=Recipient)
 
 class NewSignature(Result):
@@ -93,7 +93,7 @@ class Notation(Result):
     pass
 
 class Signature(Result):
-    _type = dict(wrong_key_usage=bool, chain_model=bool)
+    _type = dict(wrong_key_usage=bool, chain_model=bool, is_de_vs=bool)
     _map = dict(notations=Notation)
 
 class VerifyResult(Result):
diff --git a/lang/python/gpg/util.py b/lang/python/src/util.py
index e4fca4c..e4fca4c 100644
--- a/lang/python/gpg/util.py
+++ b/lang/python/src/util.py
diff --git a/lang/python/tests/Makefile.am b/lang/python/tests/Makefile.am
index 9c19a13..25b15f2 100644
--- a/lang/python/tests/Makefile.am
+++ b/lang/python/tests/Makefile.am
@@ -71,7 +71,7 @@ check: xcheck
 
 .PHONY: xcheck
 
-xcheck: ./pubring-stamp
+xcheck:	all
 	$(TESTS_ENVIRONMENT) $(PYTHON) $(srcdir)/run-tests.py \
 	  --interpreters="$(PYTHONS)" --srcdir=$(srcdir) $(TESTFLAGS) \
 	  $(XTESTS)
@@ -93,15 +93,18 @@ clean-local:
 	-rm -fR -- private-keys-v1.d openpgp-revocs.d S.gpg-agent sshcontrol
 
 
-./private-keys-v1.d/gpg-sample.stamp: $(private_keys)
+BUILT_SOURCES = gpg.conf gpg-agent.conf pubring-stamp \
+           private-keys-v1.d/gpg-sample.stamp
+
+private-keys-v1.d/gpg-sample.stamp: $(private_keys)
+	-gpgconf --kill all
 	$(MKDIR_P) ./private-keys-v1.d
 	for k in $(private_keys); do \
           cp $$k private-keys-v1.d/$${k#$(test_srcdir)/}.key; \
         done
 	echo x > ./private-keys-v1.d/gpg-sample.stamp
 
-./pubring-stamp: $(test_srcdir)/pubdemo.asc           \
-                 ./gpg.conf ./gpg-agent.conf          \
+pubring-stamp: $(test_srcdir)/pubdemo.asc           \
                  ./private-keys-v1.d/gpg-sample.stamp
 	$(GPG) --batch --no-permission-warning \
                --import $(test_srcdir)/pubdemo.asc
@@ -109,12 +112,12 @@ clean-local:
 		--import $(test_srcdir)/secdemo.asc
 	echo x > ./pubring-stamp
 
-./gpg.conf:
+gpg.conf:
 # This is required for t-sig-notations.
 	echo no-force-v3-sigs > ./gpg.conf
 	echo ignore-invalid-option agent-program >> ./gpg.conf
 	echo "agent-program `which $(GPG_AGENT)`|--debug-quick-random" >> ./gpg.conf
 
-./gpg-agent.conf:
+gpg-agent.conf:
 # This is required for gpg2, which does not support command fd.
 	echo pinentry-program $(abs_top_srcdir)/tests/gpg/pinentry >$@
diff --git a/lang/python/tests/Makefile.in b/lang/python/tests/Makefile.in
index 4940a8e..89fcee2 100644
--- a/lang/python/tests/Makefile.in
+++ b/lang/python/tests/Makefile.in
@@ -256,7 +256,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
@@ -385,7 +384,11 @@ private_keys = \
         $(test_srcdir)/13CBE3758AFE42B5E5E2AE4CED27AFA455E3F87F \
         $(test_srcdir)/7A030357C0F253A5BBCD282FFC4E521B37558F5C
 
-all: all-am
+BUILT_SOURCES = gpg.conf gpg-agent.conf pubring-stamp \
+           private-keys-v1.d/gpg-sample.stamp
+
+all: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) all-am
 
 .SUFFIXES:
 $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
@@ -462,10 +465,12 @@ distdir: $(DISTFILES)
 	  fi; \
 	done
 check-am: all-am
-check: check-am
+check: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) check-am
 all-am: Makefile
 installdirs:
-install: install-am
+install: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-am
 install-exec: install-exec-am
 install-data: install-data-am
 uninstall: uninstall-am
@@ -496,6 +501,7 @@ distclean-generic:
 maintainer-clean-generic:
 	@echo "This command is intended for maintainers to use"
 	@echo "it deletes files that may require special tools to rebuild."
+	-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
 clean: clean-am
 
 clean-am: clean-generic clean-libtool clean-local mostlyclean-am
@@ -562,7 +568,7 @@ ps-am:
 
 uninstall-am:
 
-.MAKE: install-am install-strip
+.MAKE: all check install install-am install-strip
 
 .PHONY: all all-am check check-am clean clean-generic clean-libtool \
 	clean-local cscopelist-am ctags-am distclean distclean-generic \
@@ -589,7 +595,7 @@ check: xcheck
 
 .PHONY: xcheck
 
-xcheck: ./pubring-stamp
+xcheck:	all
 	$(TESTS_ENVIRONMENT) $(PYTHON) $(srcdir)/run-tests.py \
 	  --interpreters="$(PYTHONS)" --srcdir=$(srcdir) $(TESTFLAGS) \
 	  $(XTESTS)
@@ -598,15 +604,15 @@ clean-local:
 	-$(top_srcdir)/tests/start-stop-agent --stop
 	-rm -fR -- private-keys-v1.d openpgp-revocs.d S.gpg-agent sshcontrol
 
-./private-keys-v1.d/gpg-sample.stamp: $(private_keys)
+private-keys-v1.d/gpg-sample.stamp: $(private_keys)
+	-gpgconf --kill all
 	$(MKDIR_P) ./private-keys-v1.d
 	for k in $(private_keys); do \
           cp $$k private-keys-v1.d/$${k#$(test_srcdir)/}.key; \
         done
 	echo x > ./private-keys-v1.d/gpg-sample.stamp
 
-./pubring-stamp: $(test_srcdir)/pubdemo.asc           \
-                 ./gpg.conf ./gpg-agent.conf          \
+pubring-stamp: $(test_srcdir)/pubdemo.asc           \
                  ./private-keys-v1.d/gpg-sample.stamp
 	$(GPG) --batch --no-permission-warning \
                --import $(test_srcdir)/pubdemo.asc
@@ -614,13 +620,13 @@ clean-local:
 		--import $(test_srcdir)/secdemo.asc
 	echo x > ./pubring-stamp
 
-./gpg.conf:
+gpg.conf:
 # This is required for t-sig-notations.
 	echo no-force-v3-sigs > ./gpg.conf
 	echo ignore-invalid-option agent-program >> ./gpg.conf
 	echo "agent-program `which $(GPG_AGENT)`|--debug-quick-random" >> ./gpg.conf
 
-./gpg-agent.conf:
+gpg-agent.conf:
 # This is required for gpg2, which does not support command fd.
 	echo pinentry-program $(abs_top_srcdir)/tests/gpg/pinentry >$@
 
diff --git a/lang/python/tests/final.py b/lang/python/tests/final.py
index 8e7ab33..65375cb 100755
--- a/lang/python/tests/final.py
+++ b/lang/python/tests/final.py
@@ -22,6 +22,8 @@ del absolute_import, print_function, unicode_literals
 
 import os
 import subprocess
+import support
+_ = support # to appease pyflakes.
 
 subprocess.check_call([os.path.join(os.getenv('top_srcdir'),
                                     "tests", "start-stop-agent"), "--stop"])
diff --git a/lang/python/tests/run-tests.py b/lang/python/tests/run-tests.py
index c4af526..95df197 100644
--- a/lang/python/tests/run-tests.py
+++ b/lang/python/tests/run-tests.py
@@ -51,6 +51,9 @@ parser.add_argument('--srcdir', type=str,
 parser.add_argument('--builddir', type=str,
                     default=os.environ.get("abs_builddir", ""),
                     help='Location of the tests.')
+parser.add_argument('--python-libdir', type=str,
+                    default=None,
+                    help='Optional location of the in-tree module lib directory.')
 parser.add_argument('--parallel', action="store_true", default=False,
                     help='Ignored.  For compatibility with run-tests.scm.')
 
@@ -69,19 +72,22 @@ for interpreter in args.interpreters:
     version = subprocess.check_output(
         [interpreter, "-c", "import sys; print('{0}.{1}'.format(sys.version_info[0], sys.version_info[1]))"]).strip().decode()
 
-    pattern = os.path.join(args.builddir, "..",
-                           "python{0}-gpg".format(version),
-                           "build",
-                           "lib*"+version)
-    builddirs = glob.glob(pattern)
-    if len(builddirs) == 0:
-        sys.exit("Build directory matching {0!r} not found.".format(pattern))
-    elif len(builddirs) > 1:
-        sys.exit("Multiple build directories matching {0!r} found: {1}".format(
-            pattern, builddirs))
+    if args.python_libdir:
+        python_libdir = args.python_libdir
+    else:
+        pattern = os.path.join(args.builddir, "..",
+                               "{0}-gpg".format(os.path.basename(interpreter)),
+                               "lib*")
+        libdirs = glob.glob(pattern)
+        if len(libdirs) == 0:
+            sys.exit("Build directory matching {0!r} not found.".format(pattern))
+        elif len(libdirs) > 1:
+            sys.exit("Multiple build directories matching {0!r} found: {1}".format(
+                pattern, libdirs))
+        python_libdir = libdirs[0]
 
     env = dict(os.environ)
-    env["PYTHONPATH"] = builddirs[0]
+    env["PYTHONPATH"] = python_libdir
 
     if not args.quiet:
         print("Running tests using {0} ({1})...".format(interpreter, version))
@@ -102,5 +108,5 @@ def failed():
 if not args.quiet:
     print("{0} tests run, {1} succeeded, {2} failed, {3} skipped.".format(
         len(results), count(0), failed(), count(77)))
-    sys.exit(len(results) - count(0))
+    sys.exit(len(results) - count(0) - count(77))
 sys.exit(results[0])
diff --git a/lang/python/tests/support.py b/lang/python/tests/support.py
index fabd818..efccf31 100644
--- a/lang/python/tests/support.py
+++ b/lang/python/tests/support.py
@@ -35,6 +35,12 @@ def assert_gpg_version(version=(2, 1, 0)):
                 c.engine_info.version, '.'.join(map(str, version))))
             sys.exit(77)
 
+def have_tofu_support(ctx, some_uid):
+    keys = list(ctx.keylist(some_uid,
+                            mode=(gpg.constants.keylist.mode.LOCAL
+                                  |gpg.constants.keylist.mode.WITH_TOFU)))
+    return len(keys) > 0
+
 # Skip the Python tests for GnuPG < 2.1.12.  Prior versions do not
 # understand the command line flags that we assume exist.  C.f. issue
 # 3008.
diff --git a/lang/python/tests/t-callbacks.py b/lang/python/tests/t-callbacks.py
index 94cf11e..9a70cda 100755
--- a/lang/python/tests/t-callbacks.py
+++ b/lang/python/tests/t-callbacks.py
@@ -23,8 +23,7 @@ del absolute_import, print_function, unicode_literals
 import os
 import gpg
 import support
-
-support.assert_gpg_version()
+_ = support # to appease pyflakes.
 
 c = gpg.Context()
 c.set_pinentry_mode(gpg.constants.PINENTRY_MODE_LOOPBACK)
diff --git a/lang/python/tests/t-data.py b/lang/python/tests/t-data.py
index d1facd4..5cf074c 100755
--- a/lang/python/tests/t-data.py
+++ b/lang/python/tests/t-data.py
@@ -24,6 +24,8 @@ import io
 import os
 import tempfile
 import gpg
+import support
+_ = support # to appease pyflakes.
 
 data = gpg.Data('Hello world!')
 assert data.read() == b'Hello world!'
@@ -49,6 +51,12 @@ data.write(b'Hello world!')
 data.seek(0, os.SEEK_SET)
 assert data.read() == b'Hello world!'
 
+data = gpg.Data()
+data.write(b'Hello world!')
+# We expect the second argument to default to SEEK_SET
+data.seek(0)
+assert data.read() == b'Hello world!'
+
 binjunk = bytes(range(256))
 data = gpg.Data()
 data.write(binjunk)
diff --git a/lang/python/tests/t-edit.py b/lang/python/tests/t-edit.py
index ffc3296..b1075a9 100755
--- a/lang/python/tests/t-edit.py
+++ b/lang/python/tests/t-edit.py
@@ -25,8 +25,7 @@ import sys
 import os
 import gpg
 import support
-
-support.assert_gpg_version()
+_ = support # to appease pyflakes.
 
 class KeyEditor(object):
     def __init__(self):
diff --git a/lang/python/tests/t-encrypt-sym.py b/lang/python/tests/t-encrypt-sym.py
index 8ee9cd6..8299293 100755
--- a/lang/python/tests/t-encrypt-sym.py
+++ b/lang/python/tests/t-encrypt-sym.py
@@ -23,8 +23,7 @@ del absolute_import, print_function, unicode_literals
 import os
 import gpg
 import support
-
-support.assert_gpg_version()
+_ = support # to appease pyflakes.
 
 for passphrase in ("abc", b"abc"):
     c = gpg.Context()
diff --git a/lang/python/tests/t-file-name.py b/lang/python/tests/t-file-name.py
index aab5680..32fe84a 100755
--- a/lang/python/tests/t-file-name.py
+++ b/lang/python/tests/t-file-name.py
@@ -23,6 +23,7 @@ del absolute_import, print_function, unicode_literals
 import os
 import gpg
 import support
+_ = support # to appease pyflakes.
 
 testname = "abcde12345"
 
diff --git a/lang/python/tests/t-idiomatic.py b/lang/python/tests/t-idiomatic.py
index 826bc23..b7ae4eb 100755
--- a/lang/python/tests/t-idiomatic.py
+++ b/lang/python/tests/t-idiomatic.py
@@ -26,6 +26,7 @@ import os
 import tempfile
 import gpg
 import support
+_ = support # to appease pyflakes.
 
 # Both Context and Data can be used as context manager:
 with gpg.Context() as c, gpg.Data() as d:
diff --git a/lang/python/tests/t-keylist-from-data.py b/lang/python/tests/t-keylist-from-data.py
index 6a26267..6503eb7 100755
--- a/lang/python/tests/t-keylist-from-data.py
+++ b/lang/python/tests/t-keylist-from-data.py
@@ -20,8 +20,6 @@
 from __future__ import absolute_import, print_function, unicode_literals
 del absolute_import, print_function, unicode_literals
 
-import os
-import sys
 import gpg
 import support
 
diff --git a/lang/python/tests/t-keylist.py b/lang/python/tests/t-keylist.py
index 76c793e..4505d3c 100755
--- a/lang/python/tests/t-keylist.py
+++ b/lang/python/tests/t-keylist.py
@@ -229,6 +229,9 @@ alpha_keys = list(c.op_keylist_all(b"Alpha"))
 assert len(alpha_keys) == 1, "Expected only one key for 'Alpha', got %r" % len(alpha_keys)
 
 
+# Check negative result.
+assert len(list(c.keylist("no such key in sight"))) == 0
+
 
 for i, key in enumerate(c.keylist()):
     try:
diff --git a/lang/python/tests/t-protocol-assuan.py b/lang/python/tests/t-protocol-assuan.py
index 27b28c7..8da5035 100755
--- a/lang/python/tests/t-protocol-assuan.py
+++ b/lang/python/tests/t-protocol-assuan.py
@@ -21,6 +21,8 @@ from __future__ import absolute_import, print_function, unicode_literals
 del absolute_import, print_function, unicode_literals
 
 import gpg
+import support
+_ = support # to appease pyflakes.
 
 with gpg.Context(protocol=gpg.constants.protocol.ASSUAN) as c:
     # Do nothing.
diff --git a/lang/python/tests/t-quick-key-manipulation.py b/lang/python/tests/t-quick-key-manipulation.py
index 0f47006..37e05b3 100755
--- a/lang/python/tests/t-quick-key-manipulation.py
+++ b/lang/python/tests/t-quick-key-manipulation.py
@@ -22,6 +22,7 @@ del absolute_import, print_function, unicode_literals
 
 import os
 import gpg
+import sys
 
 import support
 support.assert_gpg_version((2, 1, 14))
@@ -97,6 +98,10 @@ with support.EphemeralContext() as ctx:
     with open(os.path.join(ctx.home_dir, "gpg.conf"), "a") as handle:
         handle.write("trust-model tofu+pgp\n")
 
+    if not support.have_tofu_support(ctx, bravo):
+        print("GnuPG does not support TOFU, skipping TOFU tests.")
+        sys.exit()
+
     for name, policy in [(name, getattr(gpg.constants.tofu.policy, name))
                          for name in filter(lambda x: not x.startswith('__'),
                                             dir(gpg.constants.tofu.policy))]:
diff --git a/lang/python/tests/t-sig-notation.py b/lang/python/tests/t-sig-notation.py
index 2277497..bc8da2e 100755
--- a/lang/python/tests/t-sig-notation.py
+++ b/lang/python/tests/t-sig-notation.py
@@ -23,6 +23,7 @@ del absolute_import, print_function, unicode_literals
 import os
 import gpg
 import support
+_ = support # to appease pyflakes.
 
 expected_notations = {
     "laughing@me": ("Just Squeeze Me", gpg.constants.sig.notation.HUMAN_READABLE),
diff --git a/lang/python/tests/t-trustlist.py b/lang/python/tests/t-trustlist.py
index 8586596..89524bb 100755
--- a/lang/python/tests/t-trustlist.py
+++ b/lang/python/tests/t-trustlist.py
@@ -22,6 +22,7 @@ del absolute_import, print_function, unicode_literals
 
 import gpg
 import support
+_ = support # to appease pyflakes.
 
 c = gpg.Context()
 
diff --git a/lang/python/tests/t-verify.py b/lang/python/tests/t-verify.py
index 0347638..320dae6 100755
--- a/lang/python/tests/t-verify.py
+++ b/lang/python/tests/t-verify.py
@@ -24,6 +24,7 @@ import sys
 import os
 import gpg
 import support
+_ = support # to appease pyflakes.
 
 test_text1 = b"Just GNU it!\n"
 test_text1f= b"Just GNU it?\n"
diff --git a/lang/python/tests/t-wait.py b/lang/python/tests/t-wait.py
index 0c403fa..3101301 100755
--- a/lang/python/tests/t-wait.py
+++ b/lang/python/tests/t-wait.py
@@ -23,6 +23,7 @@ del absolute_import, print_function, unicode_literals
 import time
 import gpg
 import support
+_ = support # to appease pyflakes.
 
 c = gpg.Context()
 c.set_armor(True)
diff --git a/lang/python/tests/t-wrapper.py b/lang/python/tests/t-wrapper.py
index 79f047f..08a320d 100755
--- a/lang/python/tests/t-wrapper.py
+++ b/lang/python/tests/t-wrapper.py
@@ -18,6 +18,8 @@
 # License along with this program; if not, see <http://www.gnu.org/licenses/>.
 
 import gpg
+import support
+_ = support # to appease pyflakes.
 
 d0 = gpg.Data()
 d0.seek # trigger on-demand-wrapping
diff --git a/lang/python/gpg/version.py.in b/lang/python/version.py.in
index 1a1baf0..1a1baf0 100644
--- a/lang/python/gpg/version.py.in
+++ b/lang/python/version.py.in
diff --git a/lang/qt/Makefile.am b/lang/qt/Makefile.am
index 39eb55e..ab85960 100644
--- a/lang/qt/Makefile.am
+++ b/lang/qt/Makefile.am
@@ -1,5 +1,6 @@
 # Makefile.am for GPGMEPP.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGMEPP.
 #
diff --git a/lang/qt/Makefile.in b/lang/qt/Makefile.in
index e054e25..c17e359 100644
--- a/lang/qt/Makefile.in
+++ b/lang/qt/Makefile.in
@@ -15,7 +15,8 @@
 @SET_MAKE@
 
 # Makefile.am for GPGMEPP.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGMEPP.
 #
@@ -318,7 +319,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/lang/qt/README b/lang/qt/README
index 6360a5b..4621d28 100644
--- a/lang/qt/README
+++ b/lang/qt/README
@@ -38,7 +38,7 @@ with QObject::deleteLater so they can be started without
 result handlers.
 
 The result signal provides a tuple of objects with the
-appropiate result information for this job. For historic
+appropriate result information for this job. For historic
 reasons each result signal also includes an AuditLog
 and an AuditLog Error. These are only useful for
 S/MIME signature validation but are part of other jobs
@@ -72,7 +72,7 @@ Async usage:
     job->start(keys, inptr, outptr, Context::AlwaysTrust);
     /* Do not delete the job as it is autodeleted. */
 
-Syncronus usage:
+Synchronous usage:
 
     /* Create a job */
     KeyListJob *listjob = openpgp()->keyListJob(false, false, false);
diff --git a/lang/qt/doc/Makefile.am b/lang/qt/doc/Makefile.am
index ddf4935..fd57cc8 100644
--- a/lang/qt/doc/Makefile.am
+++ b/lang/qt/doc/Makefile.am
@@ -1,5 +1,6 @@
 # Makefile.am - Makefile for GPGME Qt docs.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGME.
 #
diff --git a/lang/qt/doc/Makefile.in b/lang/qt/doc/Makefile.in
index 7e86941..3b2b494 100644
--- a/lang/qt/doc/Makefile.in
+++ b/lang/qt/doc/Makefile.in
@@ -15,7 +15,8 @@
 @SET_MAKE@
 
 # Makefile.am - Makefile for GPGME Qt docs.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGME.
 #
@@ -256,7 +257,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/lang/qt/src/Makefile.am b/lang/qt/src/Makefile.am
index c81461e..3225142 100644
--- a/lang/qt/src/Makefile.am
+++ b/lang/qt/src/Makefile.am
@@ -1,5 +1,6 @@
 # Makefile.am for GPGMEPP.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGMEPP.
 #
@@ -35,7 +36,7 @@ qgpgme_sources = \
     qgpgmesignjob.cpp qgpgmesignkeyjob.cpp qgpgmeverifydetachedjob.cpp \
     qgpgmeverifyopaquejob.cpp threadedjobmixin.cpp \
     qgpgmekeyformailboxjob.cpp gpgme_backend_debug.cpp \
-    qgpgmetofupolicyjob.cpp \
+    qgpgmetofupolicyjob.cpp qgpgmequickjob.cpp \
     defaultkeygenerationjob.cpp qgpgmewkspublishjob.cpp \
     dn.cpp cryptoconfig.cpp
 
@@ -59,6 +60,7 @@ qgpgme_headers= \
     protocol.h \
     qgpgme_export.h \
     qgpgmenewcryptoconfig.h \
+    quickjob.h \
     specialjob.h \
     signjob.h \
     signkeyjob.h \
@@ -96,6 +98,7 @@ camelcase_headers= \
     MultiDeleteJob \
     Protocol \
     QGpgMENewCryptoConfig \
+    QuickJob \
     SpecialJob \
     SignJob \
     SignKeyJob \
@@ -144,6 +147,7 @@ private_qgpgme_headers = \
     qgpgmekeyformailboxjob.h \
     qgpgmewkspublishjob.h \
     qgpgmetofupolicyjob.h \
+    qgpgmequickjob.h \
     threadedjobmixin.h
 
 qgpgme_moc_sources = \
@@ -201,7 +205,9 @@ qgpgme_moc_sources = \
     keyformailboxjob.moc \
     wkspublishjob.moc \
     qgpgmekeyformailboxjob.moc \
-    defaultkeygenerationjob.moc
+    defaultkeygenerationjob.moc \
+    quickjob.moc \
+    qgpgmequickjob.moc
 
 qgpgmeincludedir = $(includedir)/qgpgme
 qgpgmeinclude_HEADERS = $(qgpgme_headers)
diff --git a/lang/qt/src/Makefile.in b/lang/qt/src/Makefile.in
index 635aaaa..c35e288 100644
--- a/lang/qt/src/Makefile.in
+++ b/lang/qt/src/Makefile.in
@@ -154,8 +154,8 @@ am__objects_1 = dataprovider.lo job.lo multideletejob.lo \
 	qgpgmeverifydetachedjob.lo qgpgmeverifyopaquejob.lo \
 	threadedjobmixin.lo qgpgmekeyformailboxjob.lo \
 	gpgme_backend_debug.lo qgpgmetofupolicyjob.lo \
-	defaultkeygenerationjob.lo qgpgmewkspublishjob.lo dn.lo \
-	cryptoconfig.lo
+	qgpgmequickjob.lo defaultkeygenerationjob.lo \
+	qgpgmewkspublishjob.lo dn.lo cryptoconfig.lo
 am__objects_2 =
 am_libqgpgme_la_OBJECTS = $(am__objects_1) $(am__objects_2) \
 	$(am__objects_2)
@@ -369,7 +369,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
@@ -447,7 +446,8 @@ top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 
 # Makefile.am for GPGMEPP.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGMEPP.
 #
@@ -483,7 +483,7 @@ qgpgme_sources = \
     qgpgmesignjob.cpp qgpgmesignkeyjob.cpp qgpgmeverifydetachedjob.cpp \
     qgpgmeverifyopaquejob.cpp threadedjobmixin.cpp \
     qgpgmekeyformailboxjob.cpp gpgme_backend_debug.cpp \
-    qgpgmetofupolicyjob.cpp \
+    qgpgmetofupolicyjob.cpp qgpgmequickjob.cpp \
     defaultkeygenerationjob.cpp qgpgmewkspublishjob.cpp \
     dn.cpp cryptoconfig.cpp
 
@@ -508,6 +508,7 @@ qgpgme_headers = \
     protocol.h \
     qgpgme_export.h \
     qgpgmenewcryptoconfig.h \
+    quickjob.h \
     specialjob.h \
     signjob.h \
     signkeyjob.h \
@@ -545,6 +546,7 @@ camelcase_headers = \
     MultiDeleteJob \
     Protocol \
     QGpgMENewCryptoConfig \
+    QuickJob \
     SpecialJob \
     SignJob \
     SignKeyJob \
@@ -593,6 +595,7 @@ private_qgpgme_headers = \
     qgpgmekeyformailboxjob.h \
     qgpgmewkspublishjob.h \
     qgpgmetofupolicyjob.h \
+    qgpgmequickjob.h \
     threadedjobmixin.h
 
 qgpgme_moc_sources = \
@@ -650,7 +653,9 @@ qgpgme_moc_sources = \
     keyformailboxjob.moc \
     wkspublishjob.moc \
     qgpgmekeyformailboxjob.moc \
-    defaultkeygenerationjob.moc
+    defaultkeygenerationjob.moc \
+    quickjob.moc \
+    qgpgmequickjob.moc
 
 qgpgmeincludedir = $(includedir)/qgpgme
 qgpgmeinclude_HEADERS = $(qgpgme_headers)
@@ -789,6 +794,7 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/qgpgmekeylistjob.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/qgpgmelistallkeysjob.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/qgpgmenewcryptoconfig.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/qgpgmequickjob.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/qgpgmerefreshkeysjob.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/qgpgmesecretkeyexportjob.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/qgpgmesignencryptjob.Plo@am__quote@
diff --git a/lang/qt/src/QuickJob b/lang/qt/src/QuickJob
new file mode 100644
index 0000000..43b89d2
--- /dev/null
+++ b/lang/qt/src/QuickJob
@@ -0,0 +1 @@
+#include "qgpgme/quickjob.h"
diff --git a/lang/qt/src/abstractimportjob.h b/lang/qt/src/abstractimportjob.h
index 572f203..ab6b530 100644
--- a/lang/qt/src/abstractimportjob.h
+++ b/lang/qt/src/abstractimportjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2009 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/adduseridjob.h b/lang/qt/src/adduseridjob.h
index 1b5676f..cc3963c 100644
--- a/lang/qt/src/adduseridjob.h
+++ b/lang/qt/src/adduseridjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/changeexpiryjob.h b/lang/qt/src/changeexpiryjob.h
index 7902cb8..9083479 100644
--- a/lang/qt/src/changeexpiryjob.h
+++ b/lang/qt/src/changeexpiryjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/changeownertrustjob.h b/lang/qt/src/changeownertrustjob.h
index 75c1163..42a806a 100644
--- a/lang/qt/src/changeownertrustjob.h
+++ b/lang/qt/src/changeownertrustjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/changepasswdjob.h b/lang/qt/src/changepasswdjob.h
index 7290898..44de77c 100644
--- a/lang/qt/src/changepasswdjob.h
+++ b/lang/qt/src/changepasswdjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2010 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/cryptoconfig.cpp b/lang/qt/src/cryptoconfig.cpp
index be265d8..7121220 100644
--- a/lang/qt/src/cryptoconfig.cpp
+++ b/lang/qt/src/cryptoconfig.cpp
@@ -2,7 +2,8 @@
     cryptoconfig.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2017 Intevation GmbH
+    Copyright (c) 2017 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/cryptoconfig.h b/lang/qt/src/cryptoconfig.h
index c4de22d..d545e59 100644
--- a/lang/qt/src/cryptoconfig.h
+++ b/lang/qt/src/cryptoconfig.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/dataprovider.cpp b/lang/qt/src/dataprovider.cpp
index 8385686..a025a03 100644
--- a/lang/qt/src/dataprovider.cpp
+++ b/lang/qt/src/dataprovider.cpp
@@ -1,6 +1,7 @@
 /* dataprovider.cpp
    Copyright (C) 2004 Klarävdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
    This file is part of QGPGME.
 
@@ -184,7 +185,11 @@ static qint64 blocking_read(const std::shared_ptr<QIODevice> &io, char *buffer,
                 if (p->error() == QProcess::UnknownError &&
                         p->exitStatus() == QProcess::NormalExit &&
                         p->exitCode() == 0) {
-                    return 0;
+                    if (io->atEnd()) {
+                        // EOF
+                        return 0;
+                    } // continue reading even if process ended to ensure
+                      // everything is read.
                 } else {
                     Error::setSystemError(GPG_ERR_EIO);
                     return -1;
diff --git a/lang/qt/src/dataprovider.h b/lang/qt/src/dataprovider.h
index 337f264..980a6a9 100644
--- a/lang/qt/src/dataprovider.h
+++ b/lang/qt/src/dataprovider.h
@@ -1,6 +1,7 @@
 /* dataprovider.h
    Copyright (C) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
    This file is part of QGPGME.
 
diff --git a/lang/qt/src/decryptjob.h b/lang/qt/src/decryptjob.h
index c4fc86f..7753e18 100644
--- a/lang/qt/src/decryptjob.h
+++ b/lang/qt/src/decryptjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004, 2007 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -75,7 +76,7 @@ public:
        Starts the decryption operation. \a cipherText is the data to
        decrypt.
     */
-    virtual QGPGME_DEPRECATED_EXPORT GpgME::Error start(const QByteArray &cipherText) = 0;
+    virtual GpgME::Error start(const QByteArray &cipherText) = 0;
 
     /*!
       \overload
diff --git a/lang/qt/src/decryptverifyjob.h b/lang/qt/src/decryptverifyjob.h
index 97af008..e5c4346 100644
--- a/lang/qt/src/decryptverifyjob.h
+++ b/lang/qt/src/decryptverifyjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004, 2007 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -76,7 +77,7 @@ public:
        Starts the combined decryption and verification operation.
        \a cipherText is the data to decrypt and later verify.
     */
-    virtual QGPGME_DEPRECATED_EXPORT GpgME::Error start(const QByteArray &cipherText) = 0;
+    virtual GpgME::Error start(const QByteArray &cipherText) = 0;
 
     /*!
       \overload
diff --git a/lang/qt/src/defaultkeygenerationjob.h b/lang/qt/src/defaultkeygenerationjob.h
index 5b7334c..fcefc4b 100644
--- a/lang/qt/src/defaultkeygenerationjob.h
+++ b/lang/qt/src/defaultkeygenerationjob.h
@@ -1,6 +1,8 @@
 /* defaultkeygenerationjob.h
 
     Copyright (c) 2016 Klarälvdalens Datakonsult AB
+    2016 Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/deletejob.h b/lang/qt/src/deletejob.h
index f8479b1..7ab0dd0 100644
--- a/lang/qt/src/deletejob.h
+++ b/lang/qt/src/deletejob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/dn.cpp b/lang/qt/src/dn.cpp
index f9fb2f6..d122333 100644
--- a/lang/qt/src/dn.cpp
+++ b/lang/qt/src/dn.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -167,7 +168,7 @@ parse_dn_part(DnPair *array, const unsigned char *string)
     for (unsigned int i = 0; i < numOidMaps; ++i)
         if (!strcasecmp((char *)p, oidmap[i].oid)) {
             free(p);
-            gpgrt_asprintf(&p, oidmap[i].name);
+            gpgrt_asprintf(&p, "%s", oidmap[i].name);
             break;
         }
     array->key = p;
diff --git a/lang/qt/src/dn.h b/lang/qt/src/dn.h
index 17b1c30..ef6fea0 100644
--- a/lang/qt/src/dn.h
+++ b/lang/qt/src/dn.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/downloadjob.h b/lang/qt/src/downloadjob.h
index 09eecf6..7c8bb72 100644
--- a/lang/qt/src/downloadjob.h
+++ b/lang/qt/src/downloadjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/encryptjob.h b/lang/qt/src/encryptjob.h
index 4ff9c82..161a769 100644
--- a/lang/qt/src/encryptjob.h
+++ b/lang/qt/src/encryptjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004, 2007 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/exportjob.h b/lang/qt/src/exportjob.h
index 583d4c0..fc1f7ae 100644
--- a/lang/qt/src/exportjob.h
+++ b/lang/qt/src/exportjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/hierarchicalkeylistjob.h b/lang/qt/src/hierarchicalkeylistjob.h
index 2ec187d..0ebed3c 100644
--- a/lang/qt/src/hierarchicalkeylistjob.h
+++ b/lang/qt/src/hierarchicalkeylistjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/importfromkeyserverjob.h b/lang/qt/src/importfromkeyserverjob.h
index f548ea7..cc4a22d 100644
--- a/lang/qt/src/importfromkeyserverjob.h
+++ b/lang/qt/src/importfromkeyserverjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/importjob.h b/lang/qt/src/importjob.h
index 5c7b24d..7437fbd 100644
--- a/lang/qt/src/importjob.h
+++ b/lang/qt/src/importjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/job.cpp b/lang/qt/src/job.cpp
index 9ae3f31..c427020 100644
--- a/lang/qt/src/job.cpp
+++ b/lang/qt/src/job.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2005 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -63,6 +64,7 @@
 #include "wkspublishjob.h"
 #include "tofupolicyjob.h"
 #include "threadedjobmixin.h"
+#include "quickjob.h"
 
 #include <QCoreApplication>
 #include <QDebug>
@@ -138,6 +140,7 @@ make_job_subclass(SpecialJob)
 make_job_subclass(KeyForMailboxJob)
 make_job_subclass(WKSPublishJob)
 make_job_subclass(TofuPolicyJob)
+make_job_subclass(QuickJob)
 
 #undef make_job_subclass
 
@@ -169,3 +172,4 @@ make_job_subclass(TofuPolicyJob)
 #include "keyformailboxjob.moc"
 #include "wkspublishjob.moc"
 #include "tofupolicyjob.moc"
+#include "quickjob.moc"
diff --git a/lang/qt/src/job.h b/lang/qt/src/job.h
index a0c0285..dc38360 100644
--- a/lang/qt/src/job.h
+++ b/lang/qt/src/job.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/keyformailboxjob.h b/lang/qt/src/keyformailboxjob.h
index d8b6c6b..42d1729 100644
--- a/lang/qt/src/keyformailboxjob.h
+++ b/lang/qt/src/keyformailboxjob.h
@@ -2,7 +2,8 @@
     keyformailboxjob.h
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/keygenerationjob.h b/lang/qt/src/keygenerationjob.h
index a0beeac..04b97d9 100644
--- a/lang/qt/src/keygenerationjob.h
+++ b/lang/qt/src/keygenerationjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/keylistjob.h b/lang/qt/src/keylistjob.h
index 8dc736e..88eac87 100644
--- a/lang/qt/src/keylistjob.h
+++ b/lang/qt/src/keylistjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/listallkeysjob.h b/lang/qt/src/listallkeysjob.h
index 4fbb469..ebbdc16 100644
--- a/lang/qt/src/listallkeysjob.h
+++ b/lang/qt/src/listallkeysjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/multideletejob.h b/lang/qt/src/multideletejob.h
index 8e9eb14..a6eec1f 100644
--- a/lang/qt/src/multideletejob.h
+++ b/lang/qt/src/multideletejob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/protocol.h b/lang/qt/src/protocol.h
index 15d83e0..1a52097 100644
--- a/lang/qt/src/protocol.h
+++ b/lang/qt/src/protocol.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2005 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -65,6 +66,7 @@ class SpecialJob;
 class KeyForMailboxJob;
 class WKSPublishJob;
 class TofuPolicyJob;
+class QuickJob;
 
 /** The main entry point for QGpgME Comes in OpenPGP and SMIME(CMS) flavors.
  *
@@ -156,6 +158,9 @@ public:
 
     /** A Job to set tofu policy */
     virtual TofuPolicyJob *tofuPolicyJob() const = 0;
+
+    /** A Job for the quick commands */
+    virtual QuickJob *quickJob() const = 0;
 };
 
 /** Obtain a reference to the OpenPGP Protocol.
diff --git a/lang/qt/src/protocol_p.h b/lang/qt/src/protocol_p.h
index 7f66fa4..b6d1abf 100644
--- a/lang/qt/src/protocol_p.h
+++ b/lang/qt/src/protocol_p.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2005 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -59,6 +60,7 @@
 #include "qgpgmekeyformailboxjob.h"
 #include "qgpgmewkspublishjob.h"
 #include "qgpgmetofupolicyjob.h"
+#include "qgpgmequickjob.h"
 
 namespace
 {
@@ -413,6 +415,18 @@ public:
         }
         return new QGpgME::QGpgMETofuPolicyJob(context);
     }
+
+    QGpgME::QuickJob *quickJob() const Q_DECL_OVERRIDE
+    {
+        if (mProtocol != GpgME::OpenPGP) {
+            return Q_NULLPTR;
+        }
+        GpgME::Context *context = GpgME::Context::createForProtocol(mProtocol);
+        if (!context) {
+            return Q_NULLPTR;
+        }
+        return new QGpgME::QGpgMEQuickJob(context);
+    }
 };
 
 }
diff --git a/lang/qt/src/qgpgme_export.h b/lang/qt/src/qgpgme_export.h
index 48296f7..72927fe 100644
--- a/lang/qt/src/qgpgme_export.h
+++ b/lang/qt/src/qgpgme_export.h
@@ -1,7 +1,8 @@
 /*  qgpgme_export.h - Export macros for qgpgme
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeadduseridjob.cpp b/lang/qt/src/qgpgmeadduseridjob.cpp
index 4fc80d1..94894fc 100644
--- a/lang/qt/src/qgpgmeadduseridjob.cpp
+++ b/lang/qt/src/qgpgmeadduseridjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeadduseridjob.h b/lang/qt/src/qgpgmeadduseridjob.h
index 294eb6c..71fa473 100644
--- a/lang/qt/src/qgpgmeadduseridjob.h
+++ b/lang/qt/src/qgpgmeadduseridjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmebackend.cpp b/lang/qt/src/qgpgmebackend.cpp
index f06244b..89f7b55 100644
--- a/lang/qt/src/qgpgmebackend.cpp
+++ b/lang/qt/src/qgpgmebackend.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2005 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmebackend.h b/lang/qt/src/qgpgmebackend.h
index cca8b71..a69b09a 100644
--- a/lang/qt/src/qgpgmebackend.h
+++ b/lang/qt/src/qgpgmebackend.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2005 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmechangeexpiryjob.cpp b/lang/qt/src/qgpgmechangeexpiryjob.cpp
index cf417ab..faa4e79 100644
--- a/lang/qt/src/qgpgmechangeexpiryjob.cpp
+++ b/lang/qt/src/qgpgmechangeexpiryjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmechangeexpiryjob.h b/lang/qt/src/qgpgmechangeexpiryjob.h
index 4abdf78..8356568 100644
--- a/lang/qt/src/qgpgmechangeexpiryjob.h
+++ b/lang/qt/src/qgpgmechangeexpiryjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmechangeownertrustjob.cpp b/lang/qt/src/qgpgmechangeownertrustjob.cpp
index d9a613f..0c67e98 100644
--- a/lang/qt/src/qgpgmechangeownertrustjob.cpp
+++ b/lang/qt/src/qgpgmechangeownertrustjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmechangeownertrustjob.h b/lang/qt/src/qgpgmechangeownertrustjob.h
index 7740616..80dc0e4 100644
--- a/lang/qt/src/qgpgmechangeownertrustjob.h
+++ b/lang/qt/src/qgpgmechangeownertrustjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmechangepasswdjob.cpp b/lang/qt/src/qgpgmechangepasswdjob.cpp
index b04273c..3465c6f 100644
--- a/lang/qt/src/qgpgmechangepasswdjob.cpp
+++ b/lang/qt/src/qgpgmechangepasswdjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2010 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmechangepasswdjob.h b/lang/qt/src/qgpgmechangepasswdjob.h
index e37789e..8910a46 100644
--- a/lang/qt/src/qgpgmechangepasswdjob.h
+++ b/lang/qt/src/qgpgmechangepasswdjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2010 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmedecryptjob.cpp b/lang/qt/src/qgpgmedecryptjob.cpp
index 449e9aa..598e22f 100644
--- a/lang/qt/src/qgpgmedecryptjob.cpp
+++ b/lang/qt/src/qgpgmedecryptjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmedecryptjob.h b/lang/qt/src/qgpgmedecryptjob.h
index 5335e84..2924378 100644
--- a/lang/qt/src/qgpgmedecryptjob.h
+++ b/lang/qt/src/qgpgmedecryptjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmedecryptverifyjob.cpp b/lang/qt/src/qgpgmedecryptverifyjob.cpp
index e6d3ff2..01cf247 100644
--- a/lang/qt/src/qgpgmedecryptverifyjob.cpp
+++ b/lang/qt/src/qgpgmedecryptverifyjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmedecryptverifyjob.h b/lang/qt/src/qgpgmedecryptverifyjob.h
index de2bce7..eaeec09 100644
--- a/lang/qt/src/qgpgmedecryptverifyjob.h
+++ b/lang/qt/src/qgpgmedecryptverifyjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmedeletejob.cpp b/lang/qt/src/qgpgmedeletejob.cpp
index 9145298..dffcb0c 100644
--- a/lang/qt/src/qgpgmedeletejob.cpp
+++ b/lang/qt/src/qgpgmedeletejob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmedeletejob.h b/lang/qt/src/qgpgmedeletejob.h
index 992442f..f5d586b 100644
--- a/lang/qt/src/qgpgmedeletejob.h
+++ b/lang/qt/src/qgpgmedeletejob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmedownloadjob.cpp b/lang/qt/src/qgpgmedownloadjob.cpp
index b0dca56..b5786a1 100644
--- a/lang/qt/src/qgpgmedownloadjob.cpp
+++ b/lang/qt/src/qgpgmedownloadjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmedownloadjob.h b/lang/qt/src/qgpgmedownloadjob.h
index 4091190..248c28f 100644
--- a/lang/qt/src/qgpgmedownloadjob.h
+++ b/lang/qt/src/qgpgmedownloadjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeencryptjob.cpp b/lang/qt/src/qgpgmeencryptjob.cpp
index d13acab..aacec29 100644
--- a/lang/qt/src/qgpgmeencryptjob.cpp
+++ b/lang/qt/src/qgpgmeencryptjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2007,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeencryptjob.h b/lang/qt/src/qgpgmeencryptjob.h
index 42c1c78..cba5ec9 100644
--- a/lang/qt/src/qgpgmeencryptjob.h
+++ b/lang/qt/src/qgpgmeencryptjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2007,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeexportjob.cpp b/lang/qt/src/qgpgmeexportjob.cpp
index e6073f0..e2ce1f9 100644
--- a/lang/qt/src/qgpgmeexportjob.cpp
+++ b/lang/qt/src/qgpgmeexportjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeexportjob.h b/lang/qt/src/qgpgmeexportjob.h
index 7561054..d529fee 100644
--- a/lang/qt/src/qgpgmeexportjob.h
+++ b/lang/qt/src/qgpgmeexportjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeimportfromkeyserverjob.cpp b/lang/qt/src/qgpgmeimportfromkeyserverjob.cpp
index acefbb2..8f3b326 100644
--- a/lang/qt/src/qgpgmeimportfromkeyserverjob.cpp
+++ b/lang/qt/src/qgpgmeimportfromkeyserverjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeimportfromkeyserverjob.h b/lang/qt/src/qgpgmeimportfromkeyserverjob.h
index 8c9f944..6ecce81 100644
--- a/lang/qt/src/qgpgmeimportfromkeyserverjob.h
+++ b/lang/qt/src/qgpgmeimportfromkeyserverjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeimportjob.cpp b/lang/qt/src/qgpgmeimportjob.cpp
index dcabad3..a62d05f 100644
--- a/lang/qt/src/qgpgmeimportjob.cpp
+++ b/lang/qt/src/qgpgmeimportjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeimportjob.h b/lang/qt/src/qgpgmeimportjob.h
index 424cb50..860db22 100644
--- a/lang/qt/src/qgpgmeimportjob.h
+++ b/lang/qt/src/qgpgmeimportjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmekeyformailboxjob.cpp b/lang/qt/src/qgpgmekeyformailboxjob.cpp
index 7054c78..534e9a3 100644
--- a/lang/qt/src/qgpgmekeyformailboxjob.cpp
+++ b/lang/qt/src/qgpgmekeyformailboxjob.cpp
@@ -2,7 +2,8 @@
     qgpgmekeyformailboxjob.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmekeyformailboxjob.h b/lang/qt/src/qgpgmekeyformailboxjob.h
index 8ac2c1f..a14e470 100644
--- a/lang/qt/src/qgpgmekeyformailboxjob.h
+++ b/lang/qt/src/qgpgmekeyformailboxjob.h
@@ -4,7 +4,8 @@
     This file is part of libkleopatra, the KDE keymanagement library
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmekeygenerationjob.cpp b/lang/qt/src/qgpgmekeygenerationjob.cpp
index 31f3342..7cf4c8c 100644
--- a/lang/qt/src/qgpgmekeygenerationjob.cpp
+++ b/lang/qt/src/qgpgmekeygenerationjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmekeygenerationjob.h b/lang/qt/src/qgpgmekeygenerationjob.h
index 808b714..1fa28d5 100644
--- a/lang/qt/src/qgpgmekeygenerationjob.h
+++ b/lang/qt/src/qgpgmekeygenerationjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmekeylistjob.cpp b/lang/qt/src/qgpgmekeylistjob.cpp
index 887a902..891b0bd 100644
--- a/lang/qt/src/qgpgmekeylistjob.cpp
+++ b/lang/qt/src/qgpgmekeylistjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmekeylistjob.h b/lang/qt/src/qgpgmekeylistjob.h
index 2d5406a..9e505a1 100644
--- a/lang/qt/src/qgpgmekeylistjob.h
+++ b/lang/qt/src/qgpgmekeylistjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmelistallkeysjob.cpp b/lang/qt/src/qgpgmelistallkeysjob.cpp
index 7ba8bc9..0ed32ce 100644
--- a/lang/qt/src/qgpgmelistallkeysjob.cpp
+++ b/lang/qt/src/qgpgmelistallkeysjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmelistallkeysjob.h b/lang/qt/src/qgpgmelistallkeysjob.h
index 1fc69d4..091f9f1 100644
--- a/lang/qt/src/qgpgmelistallkeysjob.h
+++ b/lang/qt/src/qgpgmelistallkeysjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmenewcryptoconfig.cpp b/lang/qt/src/qgpgmenewcryptoconfig.cpp
index 6901eef..ba028a9 100644
--- a/lang/qt/src/qgpgmenewcryptoconfig.cpp
+++ b/lang/qt/src/qgpgmenewcryptoconfig.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2010 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -48,6 +49,7 @@
 
 #include <sstream>
 #include <string>
+#include <functional>
 #include <cassert>
 #include <functional>
 
diff --git a/lang/qt/src/qgpgmenewcryptoconfig.h b/lang/qt/src/qgpgmenewcryptoconfig.h
index 7100e70..eade8eb 100644
--- a/lang/qt/src/qgpgmenewcryptoconfig.h
+++ b/lang/qt/src/qgpgmenewcryptoconfig.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2010 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmequickjob.cpp b/lang/qt/src/qgpgmequickjob.cpp
new file mode 100644
index 0000000..93027d9
--- /dev/null
+++ b/lang/qt/src/qgpgmequickjob.cpp
@@ -0,0 +1,123 @@
+/* qgpgmequickjob.cpp
+
+    Copyright (c) 2017 Intevation GmbH
+
+    QGpgME is free software; you can redistribute it and/or
+    modify it under the terms of the GNU General Public License as
+    published by the Free Software Foundation; either version 2 of the
+    License, or (at your option) any later version.
+
+    QGpgME is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+    General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+
+    In addition, as a special exception, the copyright holders give
+    permission to link the code of this program with any edition of
+    the Qt library by Trolltech AS, Norway (or with modified versions
+    of Qt that use the same license as Qt), and distribute linked
+    combinations including the two.  You must obey the GNU General
+    Public License in all respects for all of the code used other than
+    Qt.  If you modify this file, you may extend this exception to
+    your version of the file, but you are not obligated to do so.  If
+    you do not wish to do so, delete this exception statement from
+    your version.
+*/
+
+#ifdef HAVE_CONFIG_H
+ #include "config.h"
+#endif
+
+#include "qgpgmequickjob.h"
+
+#include "context.h"
+#include "key.h"
+#include "util.h"
+
+using namespace QGpgME;
+using namespace GpgME;
+
+QGpgMEQuickJob::QGpgMEQuickJob(Context *context)
+    : mixin_type(context)
+{
+    lateInitialization();
+}
+
+QGpgMEQuickJob::~QGpgMEQuickJob() {}
+
+static QGpgMEQuickJob::result_type createWorker(GpgME::Context *ctx,
+                                                const QString &uid,
+                                                const char *algo,
+                                                const QDateTime &expires,
+                                                const GpgME::Key &key,
+                                                unsigned int flags)
+{
+    auto err = ctx->createKey(uid.toUtf8().constData(),
+                              algo,
+                              0,
+                              expires.isValid() ? (unsigned long) (expires.toMSecsSinceEpoch() / 1000) : 0,
+                              key,
+                              flags);
+    return std::make_tuple(err, QString(), Error());
+}
+
+static QGpgMEQuickJob::result_type addSubkeyWorker(GpgME::Context *ctx,
+                                                    const GpgME::Key &key,
+                                                    const char *algo,
+                                                    const QDateTime &expires,
+                                                    unsigned int flags)
+{
+    auto err = ctx->createSubkey(key, algo,  0,
+                                 expires.isValid() ? (unsigned long) (expires.toMSecsSinceEpoch() / 1000): 0,
+                                 flags);
+    return std::make_tuple(err, QString(), Error());
+}
+
+static QGpgMEQuickJob::result_type addUidWorker(GpgME::Context *ctx,
+                                                const GpgME::Key &key,
+                                                const QString &uid)
+{
+    auto err = ctx->addUid(key, uid.toUtf8().constData());
+    return std::make_tuple(err, QString(), Error());
+}
+
+static QGpgMEQuickJob::result_type revUidWorker(GpgME::Context *ctx,
+                                                const GpgME::Key &key,
+                                                const QString &uid)
+{
+    auto err = ctx->revUid(key, uid.toUtf8().constData());
+    return std::make_tuple(err, QString(), Error());
+}
+
+void QGpgMEQuickJob::startCreate(const QString &uid,
+                 const char *algo,
+                 const QDateTime &expires,
+                 const GpgME::Key &key,
+                 unsigned int flags)
+{
+    run(std::bind(&createWorker, std::placeholders::_1, uid, algo,
+                  expires, key, flags));
+}
+
+void QGpgMEQuickJob::startAddUid(const GpgME::Key &key, const QString &uid)
+{
+    run(std::bind(&addUidWorker, std::placeholders::_1, key, uid));
+}
+
+void QGpgMEQuickJob::startRevUid(const GpgME::Key &key, const QString &uid)
+{
+    run(std::bind(&revUidWorker, std::placeholders::_1, key, uid));
+}
+
+void QGpgMEQuickJob::startAddSubkey(const GpgME::Key &key, const char *algo,
+                                    const QDateTime &expires,
+                                    unsigned int flags)
+{
+    run(std::bind(&addSubkeyWorker, std::placeholders::_1, key, algo,
+                  expires, flags));
+}
+#include "qgpgmequickjob.moc"
diff --git a/lang/qt/src/qgpgmequickjob.h b/lang/qt/src/qgpgmequickjob.h
new file mode 100644
index 0000000..82c7332
--- /dev/null
+++ b/lang/qt/src/qgpgmequickjob.h
@@ -0,0 +1,82 @@
+/*  qgpgmequickjob.h
+
+    Copyright (c) 2017 Intevation GmbH
+
+    QGpgME is free software; you can redistribute it and/or
+    modify it under the terms of the GNU General Public License as
+    published by the Free Software Foundation; either version 2 of the
+    License, or (at your option) any later version.
+
+    QGpgME is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+    General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+
+    In addition, as a special exception, the copyright holders give
+    permission to link the code of this program with any edition of
+    the Qt library by Trolltech AS, Norway (or with modified versions
+    of Qt that use the same license as Qt), and distribute linked
+    combinations including the two.  You must obey the GNU General
+    Public License in all respects for all of the code used other than
+    Qt.  If you modify this file, you may extend this exception to
+    your version of the file, but you are not obligated to do so.  If
+    you do not wish to do so, delete this exception statement from
+    your version.
+*/
+#ifndef QGPGME_QGPGMEQUICKJOB_H
+#define QGPGME_QGPGMEQUICKJOB_H
+
+#include "quickjob.h"
+
+#include "threadedjobmixin.h"
+
+namespace GpgME {
+class Key;
+}
+
+class QDateTime;
+class QString;
+
+namespace QGpgME{
+
+/**
+ * Interface to the modern key manipulation functions.
+ */
+class QGpgMEQuickJob
+#ifdef Q_MOC_RUN
+    : public QuickJob
+#else
+    : public _detail::ThreadedJobMixin<QuickJob, std::tuple<GpgME::Error, QString, GpgME::Error> >
+#endif
+{
+    Q_OBJECT
+#ifdef Q_MOC_RUN
+public Q_SLOTS:
+    void slotFinished();
+#endif
+public:
+    explicit QGpgMEQuickJob(GpgME::Context *context);
+    ~QGpgMEQuickJob();
+
+    void startCreate(const QString &uid,
+                     const char *algo,
+                     const QDateTime &expires = QDateTime(),
+                     const GpgME::Key &key = GpgME::Key(),
+                     unsigned int flags = 0) Q_DECL_OVERRIDE;
+    void startAddUid(const GpgME::Key &key, const QString &uid) Q_DECL_OVERRIDE;
+    void startRevUid(const GpgME::Key &key, const QString &uid) Q_DECL_OVERRIDE;
+    void startAddSubkey(const GpgME::Key &key, const char *algo,
+                        const QDateTime &expires = QDateTime(),
+                        unsigned int flags = 0) Q_DECL_OVERRIDE;
+
+Q_SIGNALS:
+    void result(const GpgME::Error &error,
+                const QString &auditLogAsHtml, const GpgME::Error &auditLogError);
+};
+
+}
+#endif
diff --git a/lang/qt/src/qgpgmerefreshkeysjob.cpp b/lang/qt/src/qgpgmerefreshkeysjob.cpp
index 493a010..1ff26ec 100644
--- a/lang/qt/src/qgpgmerefreshkeysjob.cpp
+++ b/lang/qt/src/qgpgmerefreshkeysjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarävdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmerefreshkeysjob.h b/lang/qt/src/qgpgmerefreshkeysjob.h
index 2a54e38..4dfd942 100644
--- a/lang/qt/src/qgpgmerefreshkeysjob.h
+++ b/lang/qt/src/qgpgmerefreshkeysjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmesecretkeyexportjob.cpp b/lang/qt/src/qgpgmesecretkeyexportjob.cpp
index 75cd83a..0a41017 100644
--- a/lang/qt/src/qgpgmesecretkeyexportjob.cpp
+++ b/lang/qt/src/qgpgmesecretkeyexportjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarävdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmesecretkeyexportjob.h b/lang/qt/src/qgpgmesecretkeyexportjob.h
index ad53f99..78e4d77 100644
--- a/lang/qt/src/qgpgmesecretkeyexportjob.h
+++ b/lang/qt/src/qgpgmesecretkeyexportjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmesignencryptjob.cpp b/lang/qt/src/qgpgmesignencryptjob.cpp
index 9dcc619..bfaf58c 100644
--- a/lang/qt/src/qgpgmesignencryptjob.cpp
+++ b/lang/qt/src/qgpgmesignencryptjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004, 2007 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmesignencryptjob.h b/lang/qt/src/qgpgmesignencryptjob.h
index e76c245..789e69c 100644
--- a/lang/qt/src/qgpgmesignencryptjob.h
+++ b/lang/qt/src/qgpgmesignencryptjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2007,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmesignjob.cpp b/lang/qt/src/qgpgmesignjob.cpp
index e165f52..7e710f3 100644
--- a/lang/qt/src/qgpgmesignjob.cpp
+++ b/lang/qt/src/qgpgmesignjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2007,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmesignjob.h b/lang/qt/src/qgpgmesignjob.h
index 1d4a174..c6203a1 100644
--- a/lang/qt/src/qgpgmesignjob.h
+++ b/lang/qt/src/qgpgmesignjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2007,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmesignkeyjob.cpp b/lang/qt/src/qgpgmesignkeyjob.cpp
index 27aff5e..2befe53 100644
--- a/lang/qt/src/qgpgmesignkeyjob.cpp
+++ b/lang/qt/src/qgpgmesignkeyjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmesignkeyjob.h b/lang/qt/src/qgpgmesignkeyjob.h
index 6cdb7db..3b31191 100644
--- a/lang/qt/src/qgpgmesignkeyjob.h
+++ b/lang/qt/src/qgpgmesignkeyjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmetofupolicyjob.cpp b/lang/qt/src/qgpgmetofupolicyjob.cpp
index 34630a1..91283a8 100644
--- a/lang/qt/src/qgpgmetofupolicyjob.cpp
+++ b/lang/qt/src/qgpgmetofupolicyjob.cpp
@@ -1,6 +1,7 @@
 /* qgpgmetofupolicyjob.cpp
 
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmetofupolicyjob.h b/lang/qt/src/qgpgmetofupolicyjob.h
index e7272e7..482a8fd 100644
--- a/lang/qt/src/qgpgmetofupolicyjob.h
+++ b/lang/qt/src/qgpgmetofupolicyjob.h
@@ -1,6 +1,7 @@
 /* qgpgmetofupolicyjob.h
 
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeverifydetachedjob.cpp b/lang/qt/src/qgpgmeverifydetachedjob.cpp
index ee74861..067366a 100644
--- a/lang/qt/src/qgpgmeverifydetachedjob.cpp
+++ b/lang/qt/src/qgpgmeverifydetachedjob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2007,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeverifydetachedjob.h b/lang/qt/src/qgpgmeverifydetachedjob.h
index 051caf0..81c49f3 100644
--- a/lang/qt/src/qgpgmeverifydetachedjob.h
+++ b/lang/qt/src/qgpgmeverifydetachedjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2007,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeverifyopaquejob.cpp b/lang/qt/src/qgpgmeverifyopaquejob.cpp
index aea406a..bd7636d 100644
--- a/lang/qt/src/qgpgmeverifyopaquejob.cpp
+++ b/lang/qt/src/qgpgmeverifyopaquejob.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2007,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmeverifyopaquejob.h b/lang/qt/src/qgpgmeverifyopaquejob.h
index 87c94a3..3ba0509 100644
--- a/lang/qt/src/qgpgmeverifyopaquejob.h
+++ b/lang/qt/src/qgpgmeverifyopaquejob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004,2007,2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmewkspublishjob.cpp b/lang/qt/src/qgpgmewkspublishjob.cpp
index 9773893..3d00631 100644
--- a/lang/qt/src/qgpgmewkspublishjob.cpp
+++ b/lang/qt/src/qgpgmewkspublishjob.cpp
@@ -1,6 +1,7 @@
 /* wkspublishjob.cpp
 
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/qgpgmewkspublishjob.h b/lang/qt/src/qgpgmewkspublishjob.h
index 5fd3c03..211cefb 100644
--- a/lang/qt/src/qgpgmewkspublishjob.h
+++ b/lang/qt/src/qgpgmewkspublishjob.h
@@ -1,6 +1,7 @@
 /* qgpgmewkspublishjob.h
 
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/quickjob.h b/lang/qt/src/quickjob.h
new file mode 100644
index 0000000..c0a655b
--- /dev/null
+++ b/lang/qt/src/quickjob.h
@@ -0,0 +1,83 @@
+/*  quickjob.h
+
+    Copyright (c) 2017 Intevation GmbH
+
+    QGpgME is free software; you can redistribute it and/or
+    modify it under the terms of the GNU General Public License as
+    published by the Free Software Foundation; either version 2 of the
+    License, or (at your option) any later version.
+
+    QGpgME is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+    General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+
+    In addition, as a special exception, the copyright holders give
+    permission to link the code of this program with any edition of
+    the Qt library by Trolltech AS, Norway (or with modified versions
+    of Qt that use the same license as Qt), and distribute linked
+    combinations including the two.  You must obey the GNU General
+    Public License in all respects for all of the code used other than
+    Qt.  If you modify this file, you may extend this exception to
+    your version of the file, but you are not obligated to do so.  If
+    you do not wish to do so, delete this exception statement from
+    your version.
+*/
+#ifndef QGPGME_QUICKJOB_H
+#define QGPGME_QUICKJOB_H
+
+#include "job.h"
+
+#include "qgpgme_export.h"
+
+#include <QDateTime>
+
+#ifdef BUILDING_QGPGME
+# include "key.h"
+#else
+# include <gpgme++/key.h>
+#endif
+
+class QString;
+
+namespace QGpgME{
+
+/**
+ * Interface to the modern key manipulation functions.
+ */
+class QGPGME_EXPORT QuickJob : public Job
+{
+    Q_OBJECT
+public:
+    explicit QuickJob(QObject *parent = Q_NULLPTR);
+    ~QuickJob();
+
+    /** Start --quick-gen-key */
+    virtual void startCreate(const QString &uid,
+                             const char *algo,
+                             const QDateTime &expires = QDateTime(),
+                             const GpgME::Key &key = GpgME::Key(),
+                             unsigned int flags = 0) = 0;
+
+    /** Start --quick-adduid */
+    virtual void startAddUid(const GpgME::Key &key, const QString &uid) = 0;
+
+    /** Start --quick-revuid */
+    virtual void startRevUid(const GpgME::Key &key, const QString &uid) = 0;
+
+    /** Start --quick-add-key */
+    virtual void startAddSubkey(const GpgME::Key &key, const char *algo,
+                                const QDateTime &expires = QDateTime(),
+                                unsigned int flags = 0) = 0;
+
+Q_SIGNALS:
+    void result(const GpgME::Error &error,
+                const QString &auditLogAsHtml, const GpgME::Error &auditLogError);
+};
+
+}
+#endif
diff --git a/lang/qt/src/refreshkeysjob.h b/lang/qt/src/refreshkeysjob.h
index a97de80..c4ba74a 100644
--- a/lang/qt/src/refreshkeysjob.h
+++ b/lang/qt/src/refreshkeysjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/signencryptjob.h b/lang/qt/src/signencryptjob.h
index 4e07744..61ab5c6 100644
--- a/lang/qt/src/signencryptjob.h
+++ b/lang/qt/src/signencryptjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004, 2007 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -94,7 +95,7 @@ public:
        \em recipient keys will not be performed, but full validity
        assumed for all \em recipient keys without further checks.
     */
-    virtual QGPGME_DEPRECATED_EXPORT GpgME::Error start(const std::vector<GpgME::Key> &signers,
+    virtual GpgME::Error start(const std::vector<GpgME::Key> &signers,
             const std::vector<GpgME::Key> &recipients,
             const QByteArray &plainText,
             bool alwaysTrust = false) = 0;
diff --git a/lang/qt/src/signjob.h b/lang/qt/src/signjob.h
index cf5c628..b5b5af6 100644
--- a/lang/qt/src/signjob.h
+++ b/lang/qt/src/signjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004, 2007 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/signkeyjob.h b/lang/qt/src/signkeyjob.h
index b5efc01..7a7800d 100644
--- a/lang/qt/src/signkeyjob.h
+++ b/lang/qt/src/signkeyjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/specialjob.h b/lang/qt/src/specialjob.h
index 2c80f20..5690d2e 100644
--- a/lang/qt/src/specialjob.h
+++ b/lang/qt/src/specialjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/threadedjobmixin.cpp b/lang/qt/src/threadedjobmixin.cpp
index 66d21fb..74755c5 100644
--- a/lang/qt/src/threadedjobmixin.cpp
+++ b/lang/qt/src/threadedjobmixin.cpp
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/threadedjobmixin.h b/lang/qt/src/threadedjobmixin.h
index 5ad2737..32cdb8e 100644
--- a/lang/qt/src/threadedjobmixin.h
+++ b/lang/qt/src/threadedjobmixin.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2008 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/tofupolicyjob.h b/lang/qt/src/tofupolicyjob.h
index 3079f91..b3a79c5 100644
--- a/lang/qt/src/tofupolicyjob.h
+++ b/lang/qt/src/tofupolicyjob.h
@@ -1,6 +1,7 @@
 /* tofupolicyjob.h
 
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/src/verifydetachedjob.h b/lang/qt/src/verifydetachedjob.h
index b339a8c..2293f3a 100644
--- a/lang/qt/src/verifydetachedjob.h
+++ b/lang/qt/src/verifydetachedjob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004, 2007 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -77,7 +78,7 @@ public:
        signature data, while \a signedData contains the data over
        which the signature was made.
     */
-    virtual QGPGME_DEPRECATED_EXPORT GpgME::Error start(const QByteArray &signature,
+    virtual GpgME::Error start(const QByteArray &signature,
             const QByteArray &signedData) = 0;
 
     /*!
diff --git a/lang/qt/src/verifyopaquejob.h b/lang/qt/src/verifyopaquejob.h
index f064049..bfa34e9 100644
--- a/lang/qt/src/verifyopaquejob.h
+++ b/lang/qt/src/verifyopaquejob.h
@@ -3,7 +3,8 @@
 
     This file is part of qgpgme, the Qt API binding for gpgme
     Copyright (c) 2004, 2007 Klarälvdalens Datakonsult AB
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -76,7 +77,7 @@ public:
        signature data, while \a signedData contains the data over
        which the signature was made.
     */
-    virtual QGPGME_DEPRECATED_EXPORT GpgME::Error start(const QByteArray &signedData) = 0;
+    virtual GpgME::Error start(const QByteArray &signedData) = 0;
 
     /*!
       \overload
diff --git a/lang/qt/src/wkspublishjob.h b/lang/qt/src/wkspublishjob.h
index b17cba4..8d17e52 100644
--- a/lang/qt/src/wkspublishjob.h
+++ b/lang/qt/src/wkspublishjob.h
@@ -1,6 +1,7 @@
 /* wkspublishjob.h
 
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/tests/Makefile.am b/lang/qt/tests/Makefile.am
index 93dce07..a662b4c 100644
--- a/lang/qt/tests/Makefile.am
+++ b/lang/qt/tests/Makefile.am
@@ -1,5 +1,6 @@
 # Makefile.am - Makefile for GPGME Qt tests.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGME.
 #
@@ -43,12 +44,6 @@ AM_CPPFLAGS = -I$(top_srcdir)/lang/cpp/src -I$(top_builddir)/src \
               -I$(top_srcdir)/lang/qt/src \
               -DTOP_SRCDIR="$(top_srcdir)"
 
-check-local: ./pubring-stamp
-
-# To guarantee that check-local is run before any tests we
-# add this dependency:
-initial.test : check-local
-
 support_src = t-support.h t-support.cpp
 
 t_keylist_SOURCES = t-keylist.cpp $(support_src)
@@ -64,7 +59,7 @@ run_keyformailboxjob_SOURCES = run-keyformailboxjob.cpp
 
 nodist_t_keylist_SOURCES = $(moc_files)
 
-BUILT_SOURCES = $(moc_files)
+BUILT_SOURCES = $(moc_files) pubring-stamp
 
 noinst_PROGRAMS = t-keylist t-keylocate t-ownertrust t-tofuinfo t-encrypt \
     run-keyformailboxjob t-wkspublish t-verify t-various t-config
@@ -75,12 +70,14 @@ CLEANFILES = secring.gpg pubring.gpg pubring.kbx trustdb.gpg dirmngr.conf \
 	gpg.conf tofu.db
 
 clean-local:
+	-$(top_srcdir)/tests/start-stop-agent --stop
 	-rm -fR  private-keys-v1.d crls.d
 
 export GNUPGHOME := $(abs_builddir)
 
-./pubring-stamp: $(top_srcdir)/tests/gpg/pubdemo.asc \
+pubring-stamp: $(top_srcdir)/tests/gpg/pubdemo.asc \
 	             $(top_srcdir)/tests/gpg/secdemo.asc
+	-gpgconf --kill all
 	echo "ignore-invalid-option allow-loopback-pinentry" > $(abs_builddir)/gpg-agent.conf
 	echo "allow-loopback-pinentry" >> gpg-agent.conf
 	echo "ignore-invalid-option pinentry-mode" > gpg.conf
@@ -90,7 +87,7 @@ export GNUPGHOME := $(abs_builddir)
 	$(GPG) --no-permission-warning \
 		   --passphrase "abc" \
            --import $(top_srcdir)/tests/gpg/secdemo.asc
-	touch ./pubring-stamp
+	touch pubring-stamp
 
 .cpp.moc:
 	$(MOC) `test -f '$<' || echo '$(srcdir)/'`$< -o $@
diff --git a/lang/qt/tests/Makefile.in b/lang/qt/tests/Makefile.in
index f370058..adf9bb1 100644
--- a/lang/qt/tests/Makefile.in
+++ b/lang/qt/tests/Makefile.in
@@ -15,7 +15,8 @@
 @SET_MAKE@
 
 # Makefile.am - Makefile for GPGME Qt tests.
-# Copyright (C) 2016 Intevation GmbH
+# Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
+# Software engineering by Intevation GmbH
 #
 # This file is part of GPGME.
 #
@@ -413,7 +414,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
@@ -519,7 +519,7 @@ t_various_SOURCES = t-various.cpp $(support_src)
 t_config_SOURCES = t-config.cpp $(support_src)
 run_keyformailboxjob_SOURCES = run-keyformailboxjob.cpp
 nodist_t_keylist_SOURCES = $(moc_files)
-BUILT_SOURCES = $(moc_files)
+BUILT_SOURCES = $(moc_files) pubring-stamp
 CLEANFILES = secring.gpg pubring.gpg pubring.kbx trustdb.gpg dirmngr.conf \
 	gpg-agent.conf pubring.kbx~ S.gpg-agent gpg.conf pubring.gpg~ \
 	random_seed S.gpg-agent .gpg-v21-migrated pubring-stamp $(moc_files) \
@@ -831,7 +831,7 @@ distdir: $(DISTFILES)
 	  fi; \
 	done
 check-am: all-am
-	$(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local
+	$(MAKE) $(AM_MAKEFLAGS) check-TESTS
 check: $(BUILT_SOURCES)
 	$(MAKE) $(AM_MAKEFLAGS) check-am
 all-am: Makefile $(PROGRAMS)
@@ -942,34 +942,30 @@ uninstall-am:
 
 .MAKE: all check check-am install install-am install-strip
 
-.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am \
-	check-local clean clean-generic clean-libtool clean-local \
-	clean-noinstPROGRAMS cscopelist-am ctags ctags-am distclean \
-	distclean-compile distclean-generic distclean-libtool \
-	distclean-tags distdir dvi dvi-am html html-am info info-am \
-	install install-am install-data install-data-am install-dvi \
-	install-dvi-am install-exec install-exec-am install-html \
-	install-html-am install-info install-info-am install-man \
-	install-pdf install-pdf-am install-ps install-ps-am \
-	install-strip installcheck installcheck-am installdirs \
-	maintainer-clean maintainer-clean-generic mostlyclean \
-	mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
-	pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am
+.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \
+	clean-generic clean-libtool clean-local clean-noinstPROGRAMS \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
 
 
-check-local: ./pubring-stamp
-
-# To guarantee that check-local is run before any tests we
-# add this dependency:
-initial.test : check-local
-
 clean-local:
+	-$(top_srcdir)/tests/start-stop-agent --stop
 	-rm -fR  private-keys-v1.d crls.d
 
 export GNUPGHOME := $(abs_builddir)
 
-./pubring-stamp: $(top_srcdir)/tests/gpg/pubdemo.asc \
+pubring-stamp: $(top_srcdir)/tests/gpg/pubdemo.asc \
 	             $(top_srcdir)/tests/gpg/secdemo.asc
+	-gpgconf --kill all
 	echo "ignore-invalid-option allow-loopback-pinentry" > $(abs_builddir)/gpg-agent.conf
 	echo "allow-loopback-pinentry" >> gpg-agent.conf
 	echo "ignore-invalid-option pinentry-mode" > gpg.conf
@@ -979,7 +975,7 @@ export GNUPGHOME := $(abs_builddir)
 	$(GPG) --no-permission-warning \
 		   --passphrase "abc" \
            --import $(top_srcdir)/tests/gpg/secdemo.asc
-	touch ./pubring-stamp
+	touch pubring-stamp
 
 .cpp.moc:
 	$(MOC) `test -f '$<' || echo '$(srcdir)/'`$< -o $@
diff --git a/lang/qt/tests/run-keyformailboxjob.cpp b/lang/qt/tests/run-keyformailboxjob.cpp
index 73bedbd..dc3f967 100644
--- a/lang/qt/tests/run-keyformailboxjob.cpp
+++ b/lang/qt/tests/run-keyformailboxjob.cpp
@@ -2,7 +2,8 @@
     run-keyformailbox.cpp
 
     This file is part of QGpgME's test suite.
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License,
diff --git a/lang/qt/tests/t-config.cpp b/lang/qt/tests/t-config.cpp
index 0a7df22..e04a6bb 100644
--- a/lang/qt/tests/t-config.cpp
+++ b/lang/qt/tests/t-config.cpp
@@ -1,7 +1,8 @@
 /* t-config.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/tests/t-encrypt.cpp b/lang/qt/tests/t-encrypt.cpp
index a2d8dc4..5bd472a 100644
--- a/lang/qt/tests/t-encrypt.cpp
+++ b/lang/qt/tests/t-encrypt.cpp
@@ -1,7 +1,8 @@
 /* t-encrypt.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -41,10 +42,10 @@
 #include "encryptjob.h"
 #include "signencryptjob.h"
 #include "signingresult.h"
-#include "qgpgmeencryptjob.h"
+#include "encryptjob.h"
 #include "encryptionresult.h"
 #include "decryptionresult.h"
-#include "qgpgmedecryptjob.h"
+#include "decryptjob.h"
 #include "qgpgmebackend.h"
 #include "keylistresult.h"
 #include "engineinfo.h"
@@ -105,11 +106,11 @@ private Q_SLOTS:
         if (!decryptSupported()) {
             return;
         }
-        auto ctx = Context::createForProtocol(OpenPGP);
+        auto decJob = openpgp()->decryptJob();
+        auto ctx = Job::context(decJob);
         TestPassphraseProvider provider;
         ctx->setPassphraseProvider(&provider);
         ctx->setPinentryMode(Context::PinentryLoopback);
-        auto decJob = new QGpgMEDecryptJob(ctx);
         QByteArray plainText;
         auto decResult = decJob->exec(cipherText, plainText);
         QVERIFY(!decResult.error());
@@ -176,13 +177,13 @@ private Q_SLOTS:
         if (!decryptSupported()) {
             return;
         }
-        auto ctx = Context::createForProtocol(OpenPGP);
+        auto job = openpgp()->encryptJob();
+        auto ctx = Job::context(job);
         TestPassphraseProvider provider;
         ctx->setPassphraseProvider(&provider);
         ctx->setPinentryMode(Context::PinentryLoopback);
         ctx->setArmor(true);
         ctx->setTextMode(true);
-        auto job = new QGpgMEEncryptJob(ctx);
         QByteArray cipherText;
         auto result = job->exec(std::vector<Key>(), QStringLiteral("Hello symmetric World").toUtf8(), Context::AlwaysTrust, cipherText);
         delete job;
@@ -192,10 +193,10 @@ private Q_SLOTS:
 
         killAgent(mDir.path());
 
-        auto ctx2 = Context::createForProtocol(OpenPGP);
+        auto decJob = openpgp()->decryptJob();
+        auto ctx2 = Job::context(decJob);
         ctx2->setPassphraseProvider(&provider);
         ctx2->setPinentryMode(Context::PinentryLoopback);
-        auto decJob = new QGpgMEDecryptJob(ctx2);
         QByteArray plainText;
         auto decResult = decJob->exec(cipherText, plainText);
         QVERIFY(!result.error());
@@ -203,8 +204,6 @@ private Q_SLOTS:
         delete decJob;
     }
 
-private:
-    /* This apparently does not work under ASAN currently. TODO fix and reeanble */
     void testEncryptDecryptNowrap()
     {
         /* Now decrypt */
@@ -239,13 +238,14 @@ private:
         if (!decryptSupported()) {
             return;
         }
-        auto ctx = Context::createForProtocol(OpenPGP);
+
+        auto decJob = openpgp()->decryptJob();
+        auto ctx = Job::context(decJob);
         TestPassphraseProvider provider;
         ctx->setPassphraseProvider(&provider);
         ctx->setPinentryMode(Context::PinentryLoopback);
         ctx->setDecryptionFlags(Context::DecryptUnwrap);
 
-        auto decJob = new QGpgMEDecryptJob(ctx);
         QByteArray plainText;
         auto decResult = decJob->exec(cipherText, plainText);
 
@@ -283,12 +283,12 @@ private:
         QVERIFY(keys.size() == 1);
         delete listjob;
 
-        auto ctx = Context::createForProtocol(OpenPGP);
+        auto job = openpgp()->encryptJob();
+        auto ctx = Job::context(job);
         ctx->setPassphraseProvider(new TestPassphraseProvider);
         ctx->setPinentryMode(Context::PinentryLoopback);
         ctx->setArmor(true);
         ctx->setTextMode(true);
-        auto job = new QGpgMEEncryptJob(ctx);
         QByteArray cipherText;
         printf("Before exec, flags: %x\n", Context::Symmetric | Context::AlwaysTrust);
         auto result = job->exec(keys, QStringLiteral("Hello symmetric World").toUtf8(),
@@ -311,11 +311,11 @@ private:
         agentConf.write("allow-loopback-pinentry");
         agentConf.close();
 
-        auto ctx2 = Context::createForProtocol(OpenPGP);
+        auto decJob = openpgp()->decryptJob();
+        auto ctx2 = Job::context(decJob);
         ctx2->setPassphraseProvider(new TestPassphraseProvider);
         ctx2->setPinentryMode(Context::PinentryLoopback);
         ctx2->setTextMode(true);
-        auto decJob = new QGpgMEDecryptJob(ctx2);
         QByteArray plainText;
         auto decResult = decJob->exec(cipherText, plainText);
         QVERIFY(!decResult.error());
diff --git a/lang/qt/tests/t-keylist.cpp b/lang/qt/tests/t-keylist.cpp
index a140236..bf57ba7 100644
--- a/lang/qt/tests/t-keylist.cpp
+++ b/lang/qt/tests/t-keylist.cpp
@@ -1,7 +1,8 @@
 /* t-keylist.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/tests/t-keylocate.cpp b/lang/qt/tests/t-keylocate.cpp
index 8c99c8b..6d00da3 100644
--- a/lang/qt/tests/t-keylocate.cpp
+++ b/lang/qt/tests/t-keylocate.cpp
@@ -1,7 +1,8 @@
 /* t-keylocate.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/tests/t-ownertrust.cpp b/lang/qt/tests/t-ownertrust.cpp
index e9a4378..093c21e 100644
--- a/lang/qt/tests/t-ownertrust.cpp
+++ b/lang/qt/tests/t-ownertrust.cpp
@@ -1,7 +1,8 @@
 /* t-ownertrust.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/tests/t-support.cpp b/lang/qt/tests/t-support.cpp
index b3a7a70..2444c70 100644
--- a/lang/qt/tests/t-support.cpp
+++ b/lang/qt/tests/t-support.cpp
@@ -1,7 +1,8 @@
 /* t-support.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/tests/t-support.h b/lang/qt/tests/t-support.h
index b03b05d..81775ca 100644
--- a/lang/qt/tests/t-support.h
+++ b/lang/qt/tests/t-support.h
@@ -1,7 +1,8 @@
 /* t-support.h
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/tests/t-tofuinfo.cpp b/lang/qt/tests/t-tofuinfo.cpp
index e16b1fd..b716102 100644
--- a/lang/qt/tests/t-tofuinfo.cpp
+++ b/lang/qt/tests/t-tofuinfo.cpp
@@ -1,7 +1,8 @@
 /* t-tofuinfo.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -47,10 +48,11 @@
 #include "importresult.h"
 #include "keylistjob.h"
 #include "keylistresult.h"
-#include "qgpgmesignjob.h"
+#include "signjob.h"
 #include "key.h"
 #include "t-support.h"
 #include "engineinfo.h"
+#include "context.h"
 #include <iostream>
 
 using namespace QGpgME;
@@ -118,7 +120,24 @@ Q_SIGNALS:
 private:
     bool testSupported()
     {
-        return !(GpgME::engineInfo(GpgME::GpgEngine).engineVersion() < "2.1.16");
+        static bool initialized, supported;
+        if (initialized) {
+            return supported;
+        }
+        initialized = true;
+        if (GpgME::engineInfo(GpgME::GpgEngine).engineVersion() < "2.1.16") {
+            return false;
+        }
+        // If the keylist fails here this means that gnupg does not
+        // support tofu at all. It can be disabled at compile time. So no
+        // tests.
+        auto *job = openpgp()->keyListJob(false, false, false);
+        job->addMode(GpgME::WithTofu);
+        std::vector<GpgME::Key> keys;
+        job->exec(QStringList() << QStringLiteral("zulu@example.net"), true, keys);
+        delete job;
+        supported = !keys.empty();
+        return supported;
     }
 
     void testTofuCopy(TofuInfo other, const TofuInfo &orig)
@@ -133,11 +152,11 @@ private:
 
     void signAndVerify(const QString &what, const GpgME::Key &key, int expected)
     {
-        Context *ctx = Context::createForProtocol(OpenPGP);
+        auto job = openpgp()->signJob();
+        auto ctx = Job::context(job);
         TestPassphraseProvider provider;
         ctx->setPassphraseProvider(&provider);
         ctx->setPinentryMode(Context::PinentryLoopback);
-        auto *job = new QGpgMESignJob(ctx);
 
         std::vector<Key> keys;
         keys.push_back(key);
@@ -402,6 +421,10 @@ private Q_SLOTS:
 
     void testTofuConflict()
     {
+        if (!testSupported()) {
+            return;
+        }
+
         if (GpgME::engineInfo(GpgME::GpgEngine).engineVersion() < "2.1.19") {
             return;
         }
diff --git a/lang/qt/tests/t-various.cpp b/lang/qt/tests/t-various.cpp
index 35d8da9..7545628 100644
--- a/lang/qt/tests/t-various.cpp
+++ b/lang/qt/tests/t-various.cpp
@@ -1,7 +1,8 @@
 /* t-various.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2017 Intevation GmbH
+    Copyright (c) 2017 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
@@ -150,6 +151,19 @@ private Q_SLOTS:
         QVERIFY(id_revoked);
     }
 
+    void testVersion()
+    {
+        QVERIFY(EngineInfo::Version("2.1.0") < EngineInfo::Version("2.1.1"));
+        QVERIFY(EngineInfo::Version("2.1.10") < EngineInfo::Version("2.1.11"));
+        QVERIFY(EngineInfo::Version("2.2.0") > EngineInfo::Version("2.1.19"));
+        QVERIFY(EngineInfo::Version("1.0.0") < EngineInfo::Version("2.0.0"));
+        QVERIFY(EngineInfo::Version("0.1.0") < EngineInfo::Version("1.0.0"));
+        QVERIFY(!(EngineInfo::Version("2.0.0") < EngineInfo::Version("2.0.0")));
+        QVERIFY(EngineInfo::Version("3.0.0") > EngineInfo::Version("2.3.20"));
+        QVERIFY(EngineInfo::Version("3.0.1") > EngineInfo::Version("3.0.0"));
+        QVERIFY(EngineInfo::Version("3.1.0") > EngineInfo::Version("3.0.20"));
+    }
+
     void initTestCase()
     {
         QGpgMETest::initTestCase();
diff --git a/lang/qt/tests/t-verify.cpp b/lang/qt/tests/t-verify.cpp
index 7caed28..e6b0c8a 100644
--- a/lang/qt/tests/t-verify.cpp
+++ b/lang/qt/tests/t-verify.cpp
@@ -1,7 +1,8 @@
 /* t-verifiy.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/lang/qt/tests/t-wkspublish.cpp b/lang/qt/tests/t-wkspublish.cpp
index c51e8f9..b389194 100644
--- a/lang/qt/tests/t-wkspublish.cpp
+++ b/lang/qt/tests/t-wkspublish.cpp
@@ -1,7 +1,8 @@
 /* t-wkspublish.cpp
 
     This file is part of qgpgme, the Qt API binding for gpgme
-    Copyright (c) 2016 Intevation GmbH
+    Copyright (c) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+    Software engineering by Intevation GmbH
 
     QGpgME is free software; you can redistribute it and/or
     modify it under the terms of the GNU General Public License as
diff --git a/src/Makefile.in b/src/Makefile.in
index 5f153a8..dfdf550 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -107,7 +107,7 @@ subdir = src
 DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
 	$(top_srcdir)/build-aux/mkinstalldirs \
 	$(srcdir)/versioninfo.rc.in $(srcdir)/gpgme.h.in \
-	$(srcdir)/gpgme-config.in stpcpy.c ttyname_r.c setenv.c \
+	$(srcdir)/gpgme-config.in ttyname_r.c setenv.c stpcpy.c \
 	$(top_srcdir)/build-aux/depcomp
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_cxx_compile_stdcxx.m4 \
@@ -423,7 +423,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/src/context.h b/src/context.h
index d0542d9..1e763d2 100644
--- a/src/context.h
+++ b/src/context.h
@@ -118,6 +118,9 @@ struct gpgme_context
    * flag is cleared with each operation.  */
   unsigned int redraw_suggested : 1;
 
+  /* True if the option --auto-key-retrieve shall be passed to gpg.  */
+  unsigned int auto_key_retrieve : 1;
+
   /* Flags for keylist mode.  */
   gpgme_keylist_mode_t keylist_mode;
 
diff --git a/src/conversion.c b/src/conversion.c
index 92dd214..5b84f67 100644
--- a/src/conversion.c
+++ b/src/conversion.c
@@ -374,7 +374,7 @@ _gpgme_encode_percent_string (const char *src, char **destp, size_t len)
 
 
 /* Split a string into space delimited fields and remove leading and
- * trailing spaces from each field.  A pointer to the each field is
+ * trailing spaces from each field.  A pointer to each field is
  * stored in ARRAY.  Stop splitting at ARRAYSIZE fields.  The function
  * modifies STRING.  The number of parsed fields is returned.
  */
diff --git a/src/data.c b/src/data.c
index e4e9ee3..7ae5b32 100644
--- a/src/data.c
+++ b/src/data.c
@@ -46,6 +46,10 @@ _gpgme_data_new (gpgme_data_t *r_dh, struct _gpgme_data_cbs *cbs)
     return gpg_error (GPG_ERR_INV_VALUE);
 
   *r_dh = NULL;
+
+  if (_gpgme_selftest)
+    return _gpgme_selftest;
+
   dh = calloc (1, sizeof (*dh));
   if (!dh)
     return gpg_error_from_syserror ();
diff --git a/src/debug.c b/src/debug.c
index e9bfc40..d7604a7 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -222,7 +222,7 @@ debug_init (void)
 
 
 
-/* This should be called as soon as the locks are intialized.  It is
+/* This should be called as soon as the locks are initialized.  It is
    required so that the assuan logging gets conncted to the gpgme log
    stream as early as possible.  */
 void
diff --git a/src/decrypt-verify.c b/src/decrypt-verify.c
index 66cfe94..17f79ac 100644
--- a/src/decrypt-verify.c
+++ b/src/decrypt-verify.c
@@ -86,7 +86,8 @@ decrypt_verify_start (gpgme_ctx_t ctx, int synchronous,
                                    flags,
                                    cipher, plain,
                                    ctx->export_session_keys,
-                                   ctx->override_session_key);
+                                   ctx->override_session_key,
+                                   ctx->auto_key_retrieve);
 }
 
 
diff --git a/src/decrypt.c b/src/decrypt.c
index f30f80f..8c2cd4d 100644
--- a/src/decrypt.c
+++ b/src/decrypt.c
@@ -1,6 +1,6 @@
 /* decrypt.c - Decrypt function.
    Copyright (C) 2000 Werner Koch (dd9jn)
-   Copyright (C) 2001, 2002, 2003, 2004 g10 Code GmbH
+   Copyright (C) 2001, 2002, 2003, 2004, 2017 g10 Code GmbH
 
    This file is part of GPGME.
 
@@ -43,7 +43,18 @@ typedef struct
   gpg_error_t failure_code;
 
   int okay;
+
+  /* A flag telling that the a decryption failed and an optional error
+   * code to further specify the failure.  */
   int failed;
+  gpg_error_t pkdecrypt_failed;
+
+  /* At least one secret key is not available.  gpg issues NO_SECKEY
+   * status lines for each key the message has been encrypted to but
+   * that secret key is not available.  This can't be done for hidden
+   * recipients, though.  We track it here to allow for a better error
+   * message that the general DECRYPTION_FAILED. */
+  int any_no_seckey;
 
   /* A pointer to the next pointer of the last recipient in the list.
      This makes appending new invalid signers painless while
@@ -124,7 +135,80 @@ gpgme_op_decrypt_result (gpgme_ctx_t ctx)
   return &opd->result;
 }
 
+
 
+/* Parse the ARGS of an error status line and record some error
+ * conditions at OPD.  Returns 0 on success.  */
+static gpgme_error_t
+parse_status_error (char *args, op_data_t opd)
+{
+  gpgme_error_t err;
+  char *field[3];
+  int nfields;
+  char *args2;
+
+  if (!args)
+    return trace_gpg_error (GPG_ERR_INV_ENGINE);
+
+  args2 = strdup (args); /* Split modifies the input string. */
+  nfields = _gpgme_split_fields (args2, field, DIM (field));
+  if (nfields < 1)
+    {
+      free (args2);
+      return trace_gpg_error (GPG_ERR_INV_ENGINE); /* Required arg missing.  */
+    }
+  err = nfields < 2 ? 0 : atoi (field[1]);
+
+  if (!strcmp (field[0], "decrypt.algorithm"))
+    {
+      if (gpg_err_code (err) == GPG_ERR_UNSUPPORTED_ALGORITHM
+          && nfields > 2
+          && strcmp (field[2], "?"))
+        {
+          opd->result.unsupported_algorithm = strdup (field[2]);
+          if (!opd->result.unsupported_algorithm)
+            {
+              free (args2);
+              return gpg_error_from_syserror ();
+            }
+        }
+    }
+  else if (!strcmp (field[0], "decrypt.keyusage"))
+    {
+      if (gpg_err_code (err) == GPG_ERR_WRONG_KEY_USAGE)
+        opd->result.wrong_key_usage = 1;
+    }
+  else if (!strcmp (field[0], "pkdecrypt_failed"))
+    {
+      switch (gpg_err_code (err))
+        {
+        case GPG_ERR_CANCELED:
+        case GPG_ERR_FULLY_CANCELED:
+          /* It is better to return with a cancel error code than the
+           * general decryption failed error code.  */
+          opd->pkdecrypt_failed = gpg_err_make (gpg_err_source (err),
+                                                GPG_ERR_CANCELED);
+          break;
+
+        case GPG_ERR_BAD_PASSPHRASE:
+          /* A bad passphrase is severe enough that we return this
+           * error code.  */
+          opd->pkdecrypt_failed = err;
+          break;
+
+        default:
+          /* For now all other error codes are ignored and the
+           * standard DECRYPT_FAILED is returned.  */
+          break;
+        }
+    }
+
+
+  free (args2);
+  return 0;
+}
+
+
 static gpgme_error_t
 parse_enc_to (char *args, gpgme_recipient_t *recp, gpgme_protocol_t protocol)
 {
@@ -206,7 +290,11 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
     case GPGME_STATUS_EOF:
       /* FIXME: These error values should probably be attributed to
 	 the underlying crypto engine (as error source).  */
-      if (opd->failed)
+      if (opd->failed && opd->pkdecrypt_failed)
+        return opd->pkdecrypt_failed;
+      else if (opd->failed && opd->any_no_seckey)
+	return gpg_error (GPG_ERR_NO_SECKEY);
+      else if (opd->failed)
 	return gpg_error (GPG_ERR_DECRYPT_FAILED);
       else if (!opd->okay)
 	return gpg_error (GPG_ERR_NO_DATA);
@@ -230,47 +318,9 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
       /* Note that this is an informational status code which should
          not lead to an error return unless it is something not
          related to the backend.  */
-      {
-	const char d_alg[] = "decrypt.algorithm";
-	const char k_alg[] = "decrypt.keyusage";
-
-	if (!strncmp (args, d_alg, sizeof (d_alg) - 1))
-	  {
-	    args += sizeof (d_alg) - 1;
-	    while (*args == ' ')
-	      args++;
-
-	    if (gpg_err_code (atoi (args)) == GPG_ERR_UNSUPPORTED_ALGORITHM)
-	      {
-		char *end;
-
-		while (*args && *args != ' ')
-		  args++;
-		while (*args == ' ')
-		  args++;
-
-		end = strchr (args, ' ');
-		if (end)
-		  *end = '\0';
-
-		if (!(*args == '?' && *(args + 1) == '\0'))
-		  {
-		    opd->result.unsupported_algorithm = strdup (args);
-		    if (!opd->result.unsupported_algorithm)
-		      return gpg_error_from_syserror ();
-		  }
-	      }
-	  }
-	else if (!strncmp (args, k_alg, sizeof (k_alg) - 1))
-	  {
-	    args += sizeof (k_alg) - 1;
-	    while (*args == ' ')
-	      args++;
-
-	    if (gpg_err_code (atoi (args)) == GPG_ERR_WRONG_KEY_USAGE)
-	      opd->result.wrong_key_usage = 1;
-	  }
-      }
+      err = parse_status_error (args, opd);
+      if (err)
+        return err;
       break;
 
     case GPGME_STATUS_ENC_TO:
@@ -290,7 +340,6 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
     case GPGME_STATUS_NO_SECKEY:
       {
 	gpgme_recipient_t rec = opd->result.recipients;
-
 	while (rec)
 	  {
 	    if (!strcmp (rec->keyid, args))
@@ -303,6 +352,7 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
 	/* FIXME: Is this ok?  */
 	if (!rec)
 	  return trace_gpg_error (GPG_ERR_INV_ENGINE);
+        opd->any_no_seckey = 1;
       }
       break;
 
@@ -321,6 +371,10 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
         }
       break;
 
+    case GPGME_STATUS_DECRYPTION_COMPLIANCE_MODE:
+      PARSE_COMPLIANCE_FLAGS (args, &opd->result);
+      break;
+
     default:
       break;
     }
@@ -398,7 +452,8 @@ _gpgme_decrypt_start (gpgme_ctx_t ctx, int synchronous,
                                    flags,
                                    cipher, plain,
                                    ctx->export_session_keys,
-                                   ctx->override_session_key);
+                                   ctx->override_session_key,
+                                   ctx->auto_key_retrieve);
 }
 
 
diff --git a/src/delete.c b/src/delete.c
index fc99aac..1bf1cb4 100644
--- a/src/delete.c
+++ b/src/delete.c
@@ -108,7 +108,7 @@ delete_status_handler (void *priv, gpgme_status_code_t code, char *args)
 
 static gpgme_error_t
 delete_start (gpgme_ctx_t ctx, int synchronous, const gpgme_key_t key,
-	      int allow_secret)
+	      unsigned int flags)
 {
   gpgme_error_t err;
 
@@ -118,7 +118,7 @@ delete_start (gpgme_ctx_t ctx, int synchronous, const gpgme_key_t key,
 
   _gpgme_engine_set_status_handler (ctx->engine, delete_status_handler, ctx);
 
-  return _gpgme_engine_op_delete (ctx->engine, key, allow_secret);
+  return _gpgme_engine_op_delete (ctx->engine, key, flags);
 }
 
 
@@ -130,7 +130,7 @@ gpgme_op_delete_start (gpgme_ctx_t ctx, const gpgme_key_t key,
 {
   gpgme_error_t err;
 
-  TRACE_BEG3 (DEBUG_CTX, "gpgme_op_delete", ctx,
+  TRACE_BEG3 (DEBUG_CTX, "gpgme_op_delete_start", ctx,
 	      "key=%p (%s), allow_secret=%i", key,
 	      (key->subkeys && key->subkeys->fpr) ?
 	      key->subkeys->fpr : "invalid", allow_secret);
@@ -138,7 +138,8 @@ gpgme_op_delete_start (gpgme_ctx_t ctx, const gpgme_key_t key,
   if (!ctx)
     return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
 
-  err = delete_start (ctx, 0, key, allow_secret);
+  err = delete_start (ctx, 0, key,
+		      allow_secret ? GPGME_DELETE_ALLOW_SECRET : 0);
   return TRACE_ERR (err);
 }
 
@@ -158,7 +159,50 @@ gpgme_op_delete (gpgme_ctx_t ctx, const gpgme_key_t key, int allow_secret)
   if (!ctx)
     return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
 
-  err = delete_start (ctx, 1, key, allow_secret);
+  err = delete_start (ctx, 1, key,
+		      allow_secret ? GPGME_DELETE_ALLOW_SECRET : 0);
+  if (!err)
+    err = _gpgme_wait_one (ctx);
+  return err;
+}
+
+
+/* Delete KEY from the keyring.  */
+gpgme_error_t
+gpgme_op_delete_ext_start (gpgme_ctx_t ctx, const gpgme_key_t key,
+			   unsigned int flags)
+{
+  gpgme_error_t err;
+
+  TRACE_BEG3 (DEBUG_CTX, "gpgme_op_delete_ext_start", ctx,
+	      "key=%p (%s), flags=0x%x", key,
+	      (key->subkeys && key->subkeys->fpr) ?
+	      key->subkeys->fpr : "invalid", flags);
+
+  if (!ctx)
+    return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
+
+  err = delete_start (ctx, 0, key, flags);
+  return TRACE_ERR (err);
+}
+
+
+/* Delete KEY from the keyring.  */
+gpgme_error_t
+gpgme_op_delete_ext (gpgme_ctx_t ctx, const gpgme_key_t key,
+		     unsigned int flags)
+{
+  gpgme_error_t err;
+
+  TRACE_BEG3 (DEBUG_CTX, "gpgme_op_delete_ext", ctx,
+	      "key=%p (%s), flags=0x%x", key,
+	      (key->subkeys && key->subkeys->fpr) ?
+	      key->subkeys->fpr : "invalid", flags);
+
+  if (!ctx)
+    return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
+
+  err = delete_start (ctx, 1, key, flags);
   if (!err)
     err = _gpgme_wait_one (ctx);
   return err;
diff --git a/src/edit.c b/src/edit.c
index 887af73..ca4d595 100644
--- a/src/edit.c
+++ b/src/edit.c
@@ -194,7 +194,7 @@ gpgme_op_interact (gpgme_ctx_t ctx, gpgme_key_t key, unsigned int flags,
 
 
 
-/* The deprectated interface.  */
+/* The deprecated interface.  */
 static gpgme_error_t
 edit_start (gpgme_ctx_t ctx, int synchronous, int type, gpgme_key_t key,
 	    gpgme_edit_cb_t fnc, void *fnc_value, gpgme_data_t out)
diff --git a/src/engine-assuan.c b/src/engine-assuan.c
index 68bdaa6..bb2290a 100644
--- a/src/engine-assuan.c
+++ b/src/engine-assuan.c
@@ -796,6 +796,7 @@ struct engine_ops _gpgme_engine_ops_assuan =
     llass_transact,     /* opassuan_transact */
     NULL,		/* conf_load */
     NULL,		/* conf_save */
+    NULL,		/* conf_dir */
     NULL,               /* query_swdb */
     llass_set_io_cbs,
     llass_io_event,
diff --git a/src/engine-backend.h b/src/engine-backend.h
index 53af662..421eb16 100644
--- a/src/engine-backend.h
+++ b/src/engine-backend.h
@@ -65,8 +65,9 @@ struct engine_ops
                             gpgme_decrypt_flags_t flags,
                             gpgme_data_t ciph,
 			    gpgme_data_t plain, int export_session_key,
-                            const char *override_session_key);
-  gpgme_error_t (*delete) (void *engine, gpgme_key_t key, int allow_secret);
+                            const char *override_session_key,
+                            int auto_key_retrieve);
+  gpgme_error_t (*delete) (void *engine, gpgme_key_t key, unsigned int flags);
   gpgme_error_t (*edit) (void *engine, int type, gpgme_key_t key,
 			 gpgme_data_t out, gpgme_ctx_t ctx /* FIXME */);
   gpgme_error_t (*encrypt) (void *engine, gpgme_key_t recp[],
@@ -128,6 +129,7 @@ struct engine_ops
 
   gpgme_error_t  (*conf_load) (void *engine, gpgme_conf_comp_t *conf_p);
   gpgme_error_t  (*conf_save) (void *engine, gpgme_conf_comp_t conf);
+  gpgme_error_t  (*conf_dir) (void *engine, const char *what, char **result);
 
   gpgme_error_t  (*query_swdb) (void *engine,
                                 const char *name, const char *iversion,
diff --git a/src/engine-g13.c b/src/engine-g13.c
index 02951e8..f8f3178 100644
--- a/src/engine-g13.c
+++ b/src/engine-g13.c
@@ -811,6 +811,7 @@ struct engine_ops _gpgme_engine_ops_g13 =
     g13_transact,
     NULL,		/* conf_load */
     NULL,		/* conf_save */
+    NULL,		/* conf_dir */
     NULL,               /* query_swdb */
     g13_set_io_cbs,
     g13_io_event,
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 0c3a63e..bfe7d13 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -1562,7 +1562,8 @@ static gpgme_error_t
 gpg_decrypt (void *engine,
              gpgme_decrypt_flags_t flags,
              gpgme_data_t ciph, gpgme_data_t plain,
-             int export_session_key, const char *override_session_key)
+             int export_session_key, const char *override_session_key,
+             int auto_key_retrieve)
 {
   engine_gpg_t gpg = engine;
   gpgme_error_t err;
@@ -1580,6 +1581,9 @@ gpg_decrypt (void *engine,
   if (!err && export_session_key)
     err = add_arg (gpg, "--show-session-key");
 
+  if (!err && auto_key_retrieve)
+    err = add_arg (gpg, "--auto-key-retrieve");
+
   if (!err && override_session_key && *override_session_key)
     {
       if (have_gpg_version (gpg, "2.1.16"))
@@ -1628,13 +1632,18 @@ gpg_decrypt (void *engine,
 }
 
 static gpgme_error_t
-gpg_delete (void *engine, gpgme_key_t key, int allow_secret)
+gpg_delete (void *engine, gpgme_key_t key, unsigned int flags)
 {
   engine_gpg_t gpg = engine;
-  gpgme_error_t err;
+  gpgme_error_t err = 0;
+  int allow_secret = flags & GPGME_DELETE_ALLOW_SECRET;
+  int force = flags & GPGME_DELETE_FORCE;
 
-  err = add_arg (gpg, allow_secret ? "--delete-secret-and-public-key"
-		 : "--delete-key");
+  if (force)
+    err = add_arg (gpg, "--yes");
+  if (!err)
+    err = add_arg (gpg, allow_secret ? "--delete-secret-and-public-key"
+		   : "--delete-key");
   if (!err)
     err = add_arg (gpg, "--");
   if (!err)
@@ -1869,7 +1878,7 @@ gpg_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags,
 
   if (!err && (flags & GPGME_ENCRYPT_WRAP))
     {
-      /* gpg is current not abale to detect already compressed
+      /* gpg is current not able to detect already compressed
        * packets.  Thus when using
        *   gpg --unwrap -d | gpg --no-literal -e
        * the encryption would add an additional compression layer.
@@ -2585,6 +2594,9 @@ gpg_keylist_preprocess (char *line, char **r_line)
 	 as defined in 5.2. Machine Readable Indexes of the OpenPGP
 	 HTTP Keyserver Protocol (draft).
 
+         For an ldap keyserver the format is:
+         uid:<escaped uid string>
+
 	 We want:
 	 uid:o<flags>::::<creatdate>:<expdate>:::<c-coded uid>:
       */
@@ -2626,9 +2638,17 @@ gpg_keylist_preprocess (char *line, char **r_line)
 	  }
 	*dst = '\0';
 
-	if (gpgrt_asprintf (r_line, "uid:o%s::::%s:%s:::%s:",
-		      field[4], field[2], field[3], uid) < 0)
-	  return gpg_error_from_syserror ();
+        if (fields < 4)
+          {
+            if (gpgrt_asprintf (r_line, "uid:o::::::::%s:", uid) < 0)
+              return gpg_error_from_syserror ();
+          }
+        else
+          {
+            if (gpgrt_asprintf (r_line, "uid:o%s::::%s:%s:::%s:",
+                                field[4], field[2], field[3], uid) < 0)
+              return gpg_error_from_syserror ();
+          }
       }
       return 0;
 
@@ -2992,6 +3012,9 @@ gpg_verify (void *engine, gpgme_data_t sig, gpgme_data_t signed_text,
   gpgme_error_t err;
 
   err = append_args_from_sender (gpg, ctx);
+  if (!err && ctx->auto_key_retrieve)
+    err = add_arg (gpg, "--auto-key-retrieve");
+
   if (err)
     ;
   else if (plaintext)
@@ -3088,6 +3111,7 @@ struct engine_ops _gpgme_engine_ops_gpg =
     NULL,               /* opassuan_transact */
     NULL,		/* conf_load */
     NULL,		/* conf_save */
+    NULL,		/* conf_dir */
     NULL,               /* query_swdb */
     gpg_set_io_cbs,
     gpg_io_event,
diff --git a/src/engine-gpgconf.c b/src/engine-gpgconf.c
index 6f7c8ac..94ae67f 100644
--- a/src/engine-gpgconf.c
+++ b/src/engine-gpgconf.c
@@ -399,7 +399,7 @@ gpgconf_parse_option (gpgme_conf_opt_t opt,
 		      gpgme_conf_arg_t *arg_p, char *line)
 {
   gpgme_error_t err;
-  char *mark;
+  char *mark = NULL;
 
   if (!line[0])
     return 0;
@@ -408,7 +408,8 @@ gpgconf_parse_option (gpgme_conf_opt_t opt,
     {
       gpgme_conf_arg_t arg;
 
-      mark = strchr (line, ',');
+      if (opt->type != GPGME_CONF_STRING)
+        mark = strchr (line, ',');
       if (mark)
 	*mark = '\0';
 
@@ -985,6 +986,60 @@ gpgconf_conf_save (void *engine, gpgme_conf_comp_t comp)
 }
 
 
+struct gpgconf_config_dir_s
+{
+  const char *what;
+  char *result;
+};
+
+/* Called for each line in the gpgconf --list-dirs output.  Searches
+   for the desired line and returns the result, indicating success by
+   a special error value GPG_ERR_USER_1 (which terminates the
+   operation immediately).  */
+static gpgme_error_t
+gpgconf_config_dir_cb (void *hook, char *line)
+{
+  /* This is an input- and output-parameter.  */
+  struct gpgconf_config_dir_s *data = (struct gpgconf_config_dir_s *) hook;
+  int len = strlen(data->what);
+
+  if (!strncmp(line, data->what, len) && line[len] == ':')
+    {
+      char *result = strdup(&line[len + 1]);
+      if (!result)
+	return gpg_error_from_syserror ();
+      data->result = result;
+      return gpg_error(GPG_ERR_USER_1);
+    }
+  return 0;
+}
+
+
+/* Like gpgme_get_dirinfo, but uses the home directory of ENGINE and
+   does not cache the result.  */
+static gpgme_error_t
+gpgconf_conf_dir (void *engine, const char *what, char **result)
+{
+  gpgme_error_t err;
+  struct gpgconf_config_dir_s data;
+
+  data.what = what;
+  data.result = NULL;
+  err = gpgconf_read (engine, "--list-dirs", NULL,
+		      gpgconf_config_dir_cb, &data);
+  if (gpg_err_code (err) == GPG_ERR_USER_1)
+    {
+      /* This signals to us that a result was found.  */
+      *result = data.result;
+      return 0;
+    }
+
+  if (!err)
+    err = gpg_error(GPG_ERR_NOT_FOUND);
+  return 0;
+}
+
+
 /* Parse a line received from gpgconf --query-swdb.  This function may
  * modify LINE.  The result is stored at RESUL.  */
 static gpg_error_t
@@ -1253,6 +1308,7 @@ struct engine_ops _gpgme_engine_ops_gpgconf =
     NULL,               /* opassuan_transact */
     gpgconf_conf_load,
     gpgconf_conf_save,
+    gpgconf_conf_dir,
     gpgconf_query_swdb,
     gpgconf_set_io_cbs,
     NULL,		/* io_event */
diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c
index c3d5427..e337fed 100644
--- a/src/engine-gpgsm.c
+++ b/src/engine-gpgsm.c
@@ -1130,7 +1130,8 @@ static gpgme_error_t
 gpgsm_decrypt (void *engine,
                gpgme_decrypt_flags_t flags,
                gpgme_data_t ciph, gpgme_data_t plain,
-               int export_session_key, const char *override_session_key)
+               int export_session_key, const char *override_session_key,
+               int auto_key_retrieve)
 {
   engine_gpgsm_t gpgsm = engine;
   gpgme_error_t err;
@@ -1142,6 +1143,9 @@ gpgsm_decrypt (void *engine,
   (void)export_session_key;
   (void)override_session_key;
 
+  /* --auto-key-retrieve is also not supported.  */
+  (void)auto_key_retrieve;
+
   if (!gpgsm)
     return gpg_error (GPG_ERR_INV_VALUE);
 
@@ -1162,7 +1166,7 @@ gpgsm_decrypt (void *engine,
 
 
 static gpgme_error_t
-gpgsm_delete (void *engine, gpgme_key_t key, int allow_secret)
+gpgsm_delete (void *engine, gpgme_key_t key, unsigned int flags)
 {
   engine_gpgsm_t gpgsm = engine;
   gpgme_error_t err;
@@ -1171,7 +1175,7 @@ gpgsm_delete (void *engine, gpgme_key_t key, int allow_secret)
   char *line;
   int length = 8;	/* "DELKEYS " */
 
-  (void)allow_secret;
+  (void)flags;
 
   if (!fpr)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -2119,6 +2123,7 @@ struct engine_ops _gpgme_engine_ops_gpgsm =
     NULL,               /* opassuan_transact */
     NULL,		/* conf_load */
     NULL,		/* conf_save */
+    NULL,		/* conf_dir */
     NULL,               /* query_swdb */
     gpgsm_set_io_cbs,
     gpgsm_io_event,
diff --git a/src/engine-spawn.c b/src/engine-spawn.c
index 9d587cc..7044781 100644
--- a/src/engine-spawn.c
+++ b/src/engine-spawn.c
@@ -469,6 +469,7 @@ struct engine_ops _gpgme_engine_ops_spawn =
     NULL,               /* opassuan_transact */
     NULL,		/* conf_load */
     NULL,		/* conf_save */
+    NULL,		/* conf_dir */
     NULL,               /* query_swdb */
     engspawn_set_io_cbs,
     engspawn_io_event,	/* io_event */
diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c
index 20a8abf..bc3f3fb 100644
--- a/src/engine-uiserver.c
+++ b/src/engine-uiserver.c
@@ -962,7 +962,8 @@ static gpgme_error_t
 uiserver_decrypt (void *engine,
                   gpgme_decrypt_flags_t flags,
                   gpgme_data_t ciph, gpgme_data_t plain,
-                  int export_session_key, const char *override_session_key)
+                  int export_session_key, const char *override_session_key,
+                  int auto_key_retrieve)
 {
   engine_uiserver_t uiserver = engine;
   gpgme_error_t err;
@@ -972,6 +973,8 @@ uiserver_decrypt (void *engine,
 
   (void)override_session_key; /* Fixme: We need to see now to add this
                                * to the UI server protocol  */
+  (void)auto_key_retrieve;    /* Not yet supported.  */
+
 
   if (!uiserver)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -1386,6 +1389,7 @@ struct engine_ops _gpgme_engine_ops_uiserver =
     NULL,               /* opassuan_transact */
     NULL,		/* conf_load */
     NULL,		/* conf_save */
+    NULL,		/* conf_dir */
     NULL,               /* query_swdb */
     uiserver_set_io_cbs,
     uiserver_io_event,
diff --git a/src/engine.c b/src/engine.c
index 278916d..28ba9fd 100644
--- a/src/engine.c
+++ b/src/engine.c
@@ -656,7 +656,8 @@ _gpgme_engine_op_decrypt (engine_t engine,
                           gpgme_decrypt_flags_t flags,
                           gpgme_data_t ciph,
 			  gpgme_data_t plain, int export_session_key,
-                          const char *override_session_key)
+                          const char *override_session_key,
+                          int auto_key_retrieve)
 {
   if (!engine)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -665,13 +666,14 @@ _gpgme_engine_op_decrypt (engine_t engine,
     return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
 
   return (*engine->ops->decrypt) (engine->engine, flags, ciph, plain,
-                                  export_session_key, override_session_key);
+                                  export_session_key, override_session_key,
+                                  auto_key_retrieve);
 }
 
 
 gpgme_error_t
 _gpgme_engine_op_delete (engine_t engine, gpgme_key_t key,
-			 int allow_secret)
+			 unsigned int flags)
 {
   if (!engine)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -679,7 +681,7 @@ _gpgme_engine_op_delete (engine_t engine, gpgme_key_t key,
   if (!engine->ops->delete)
     return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
 
-  return (*engine->ops->delete) (engine->engine, key, allow_secret);
+  return (*engine->ops->delete) (engine->engine, key, flags);
 }
 
 
@@ -984,6 +986,19 @@ _gpgme_engine_op_conf_save (engine_t engine, gpgme_conf_comp_t conf)
 
 
 gpgme_error_t
+_gpgme_engine_op_conf_dir (engine_t engine, const char *what, char **result)
+{
+  if (!engine)
+    return gpg_error (GPG_ERR_INV_VALUE);
+
+  if (!engine->ops->conf_dir)
+    return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+
+  return (*engine->ops->conf_dir) (engine->engine, what, result);
+}
+
+
+gpgme_error_t
 _gpgme_engine_op_query_swdb (engine_t engine,
                              const char *name, const char *iversion,
                              gpgme_query_swdb_result_t result)
diff --git a/src/engine.h b/src/engine.h
index dd0ef9c..0bf1bb2 100644
--- a/src/engine.h
+++ b/src/engine.h
@@ -88,9 +88,10 @@ gpgme_error_t _gpgme_engine_op_decrypt (engine_t engine,
                                         gpgme_data_t ciph,
 					gpgme_data_t plain,
                                         int export_session_key,
-                                        const char *override_session_key);
+                                        const char *override_session_key,
+                                        int auto_key_retrieve);
 gpgme_error_t _gpgme_engine_op_delete (engine_t engine, gpgme_key_t key,
-				       int allow_secret);
+				       unsigned int flags);
 gpgme_error_t _gpgme_engine_op_edit (engine_t engine, int type,
 				     gpgme_key_t key, gpgme_data_t out,
 				     gpgme_ctx_t ctx /* FIXME */);
@@ -176,6 +177,9 @@ gpgme_error_t _gpgme_engine_op_conf_load (engine_t engine,
 					  gpgme_conf_comp_t *conf_p);
 gpgme_error_t _gpgme_engine_op_conf_save (engine_t engine,
 					  gpgme_conf_comp_t conf);
+gpgme_error_t _gpgme_engine_op_conf_dir (engine_t engine,
+					 const char *what,
+					 char **result);
 
 gpgme_error_t _gpgme_engine_op_query_swdb (engine_t engine,
                                            const char *name,
diff --git a/src/genkey.c b/src/genkey.c
index 710b58f..16484ec 100644
--- a/src/genkey.c
+++ b/src/genkey.c
@@ -650,7 +650,7 @@ gpgme_op_set_uid_flag_start (gpgme_ctx_t ctx,
 }
 
 
-/* See set_uid_flag.  Thsi is the synchronous variant.  */
+/* See set_uid_flag.  This is the synchronous variant.  */
 gpgme_error_t
 gpgme_op_set_uid_flag (gpgme_ctx_t ctx,
                        gpgme_key_t key, const char *userid,
diff --git a/src/gpgconf.c b/src/gpgconf.c
index b1b84a6..ce6ace4 100644
--- a/src/gpgconf.c
+++ b/src/gpgconf.c
@@ -108,3 +108,24 @@ gpgme_op_conf_save (gpgme_ctx_t ctx, gpgme_conf_comp_t comp)
   ctx->protocol = proto;
   return err;
 }
+
+
+gpgme_error_t
+gpgme_op_conf_dir (gpgme_ctx_t ctx, const char *what, char **result)
+{
+  gpgme_error_t err;
+  gpgme_protocol_t proto;
+
+  if (!ctx)
+    return gpg_error (GPG_ERR_INV_VALUE);
+
+  proto = ctx->protocol;
+  ctx->protocol = GPGME_PROTOCOL_GPGCONF;
+  err = _gpgme_op_reset (ctx, 1);
+  if (err)
+    return err;
+
+  err = _gpgme_engine_op_conf_dir (ctx->engine, what, result);
+  ctx->protocol = proto;
+  return err;
+}
diff --git a/src/gpgme-w32spawn.c b/src/gpgme-w32spawn.c
index 003b9b0..d86c850 100644
--- a/src/gpgme-w32spawn.c
+++ b/src/gpgme-w32spawn.c
@@ -205,7 +205,6 @@ my_spawn (char **argv, struct spawn_fd_item_s *fd_list, unsigned int flags)
     }
 
   cr_flags |= CREATE_SUSPENDED;
-  cr_flags |= DETACHED_PROCESS;
   if (!CreateProcessA (argv[0],
 		       arg_string,
 		       &sec_attr,     /* process security attributes */
diff --git a/src/gpgme.c b/src/gpgme.c
index 2b196a2..d0a5afe 100644
--- a/src/gpgme.c
+++ b/src/gpgme.c
@@ -531,6 +531,10 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value)
       if (!ctx->override_session_key)
         err = gpg_error_from_syserror ();
     }
+  else if (!strcmp (name, "auto-key-retrieve"))
+    {
+      ctx->auto_key_retrieve = abool;
+    }
   else
     err = gpg_error (GPG_ERR_UNKNOWN_NAME);
 
@@ -568,6 +572,10 @@ gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name)
     {
       return ctx->override_session_key? ctx->override_session_key : "";
     }
+  else if (!strcmp (name, "auto-key-retrieve"))
+    {
+      return ctx->auto_key_retrieve? "1":"";
+    }
   else
     return NULL;
 }
diff --git a/src/gpgme.def b/src/gpgme.def
index 51053cd..cad30f6 100644
--- a/src/gpgme.def
+++ b/src/gpgme.def
@@ -262,5 +262,10 @@ EXPORTS
     gpgme_op_decrypt_ext                  @195
     gpgme_op_decrypt_ext_start            @196
 
+    gpgme_op_delete_ext                   @197
+    gpgme_op_delete_ext_start             @198
+
+    gpgme_op_conf_dir			  @199
+
 ; END
 
diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index 24b21e7..31a9060 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -330,6 +330,21 @@ typedef enum
 gpgme_tofu_policy_t;
 
 
+/* The key origin values. */
+typedef enum
+  {
+    GPGME_KEYORG_UNKNOWN      = 0,
+    GPGME_KEYORG_KS           = 1,
+    GPGME_KEYORG_DANE         = 3,
+    GPGME_KEYORG_WKD          = 4,
+    GPGME_KEYORG_URL          = 5,
+    GPGME_KEYORG_FILE         = 6,
+    GPGME_KEYORG_SELF         = 7,
+    GPGME_KEYORG_OTHER        = 31
+  }
+gpgme_keyorg_t;
+
+
 /* The available protocols.  */
 typedef enum
   {
@@ -697,7 +712,7 @@ struct _gpgme_user_id
   /* The malloced TOFU information or NULL.  */
   gpgme_tofu_info_t tofu;
 
-  /* Time of the last refresh of thsi user id.  0 if unknown.  */
+  /* Time of the last refresh of this user id.  0 if unknown.  */
   unsigned long last_update;
 };
 typedef struct _gpgme_user_id *gpgme_user_id_t;
@@ -1312,8 +1327,12 @@ struct _gpgme_op_decrypt_result
   /* Key should not have been used for encryption.  */
   unsigned int wrong_key_usage : 1;
 
+  /* True if the message was encrypted in compliance to the de-vs
+   * mode.  */
+  unsigned int is_de_vs : 1;
+
   /* Internal to GPGME, do not use.  */
-  int _unused : 31;
+  int _unused : 30;
 
   gpgme_recipient_t recipients;
 
@@ -1490,8 +1509,11 @@ struct _gpgme_signature
   /* Validity has been verified using the chain model. */
   unsigned int chain_model : 1;
 
+  /* True if the signature is in compliance to the de-vs mode.  */
+  unsigned int is_de_vs : 1;
+
   /* Internal to GPGME, do not use.  */
-  int _unused : 28;
+  int _unused : 27;
 
   gpgme_validity_t validity;
   gpgme_error_t validity_reason;
@@ -1781,6 +1803,15 @@ gpgme_error_t gpgme_op_delete_start (gpgme_ctx_t ctx, const gpgme_key_t key,
 gpgme_error_t gpgme_op_delete (gpgme_ctx_t ctx, const gpgme_key_t key,
 			       int allow_secret);
 
+/* Flags for the key delete functions.  */
+#define GPGME_DELETE_ALLOW_SECRET (1 << 0)  /* Also delete secret key.     */
+#define GPGME_DELETE_FORCE        (1 << 1)  /* Do not ask user to confirm.  */
+
+gpgme_error_t gpgme_op_delete_ext_start (gpgme_ctx_t ctx, const gpgme_key_t key,
+					 unsigned int flags);
+gpgme_error_t gpgme_op_delete_ext (gpgme_ctx_t ctx, const gpgme_key_t key,
+				   unsigned int flags);
+
 
 /*
  * Key signing interface
@@ -2224,6 +2255,10 @@ gpgme_error_t gpgme_op_conf_load (gpgme_ctx_t ctx, gpgme_conf_comp_t *conf_p);
    follow chained components!  */
 gpgme_error_t gpgme_op_conf_save (gpgme_ctx_t ctx, gpgme_conf_comp_t comp);
 
+/* Retrieve the configured directory.  */
+gpgme_error_t gpgme_op_conf_dir(gpgme_ctx_t ctx, const char *what,
+				char **result);
+
 
 /* Information about software versions.
  * This structure shall be considered read-only and an application
@@ -2468,7 +2503,9 @@ typedef enum
     GPGME_STATUS_TOFU_USER = 95,
     GPGME_STATUS_TOFU_STATS = 96,
     GPGME_STATUS_TOFU_STATS_LONG = 97,
-    GPGME_STATUS_NOTATION_FLAGS = 98
+    GPGME_STATUS_NOTATION_FLAGS = 98,
+    GPGME_STATUS_DECRYPTION_COMPLIANCE_MODE = 99,
+    GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE = 100
   }
 gpgme_status_code_t;
 
diff --git a/src/import.c b/src/import.c
index 4173fe9..386ca72 100644
--- a/src/import.c
+++ b/src/import.c
@@ -392,13 +392,12 @@ gpgme_op_import_keys_start (gpgme_ctx_t ctx, gpgme_key_t *keys)
 }
 
 
-/* Import the keys from the array KEYS into the keyring.  This
-   function allows to move a key from one engine to another as long as
-   they are compatible.  In particular it is used to actually import
-   keys retrieved from an external source (i.e. using
-   GPGME_KEYLIST_MODE_EXTERN).  It replaces the old workaround of
-   exporting and then importing a key as used to make an X.509 key
-   permanent.  This function automagically does the right thing.
+/* Import the keys from the array KEYS into the keyring.  In
+   particular it is used to actually import keys retrieved from an
+   external source (i.e. using GPGME_KEYLIST_MODE_EXTERN).  It
+   replaces the old workaround of exporting and then importing a key
+   as used to make an X.509 key permanent.  This function
+   automagically does the right thing.
 
    KEYS is a NULL terminated array of gpgme key objects.  The result
    is the usual import result structure.  Only keys matching the
diff --git a/src/key.c b/src/key.c
index e2e30db..bb4d5fd 100644
--- a/src/key.c
+++ b/src/key.c
@@ -292,7 +292,7 @@ _gpgme_key_add_sig (gpgme_key_t key, char *src)
 		       &sig->comment, dst);
     }
   else
-    sig->uid = '\0';
+    sig->uid[0] = '\0';
 
   if (!uid->signatures)
     uid->signatures = sig;
diff --git a/src/keylist.c b/src/keylist.c
index e16ba4d..24a9b0b 100644
--- a/src/keylist.c
+++ b/src/keylist.c
@@ -376,6 +376,25 @@ set_ownertrust (gpgme_key_t key, const char *src)
 }
 
 
+static gpgme_keyorg_t
+parse_keyorg (const char *string)
+{
+  switch (atoi (string))
+    {
+    case 0: return GPGME_KEYORG_UNKNOWN;
+    case 1:
+    case 2:
+      return GPGME_KEYORG_KS;
+    case 3: return GPGME_KEYORG_DANE;
+    case 4: return GPGME_KEYORG_WKD;
+    case 5: return GPGME_KEYORG_URL;
+    case 6: return GPGME_KEYORG_FILE;
+    case 7: return GPGME_KEYORG_SELF;
+    default: return GPGME_KEYORG_OTHER;
+    }
+}
+
+
 /* Parse field 15 of a secret key or subkey.  This fields holds a
    reference to smartcards.  FIELD is the content of the field and we
    are allowed to modify it.  */
@@ -416,23 +435,6 @@ parse_sec_field15 (gpgme_key_t key, gpgme_subkey_t subkey, char *field)
 }
 
 
-/* Parse the compliance field.  */
-static void
-parse_pub_field18 (gpgme_subkey_t subkey, char *field)
-{
-  char *p, *endp;
-  unsigned long ul;
-
-  for (p = field; p && (ul = strtoul (p, &endp, 10)) && p != endp; p = endp)
-    {
-      switch (ul)
-        {
-        case 23: subkey->is_de_vs = 1; break;
-        }
-    }
-}
-
-
 /* Parse a tfs record.  */
 static gpg_error_t
 parse_tfs_record (gpgme_user_id_t uid, char **field, int nfield)
@@ -731,12 +733,12 @@ keylist_colon_handler (void *priv, char *line)
 
       /* Field 18 has the compliance flags.  */
       if (fields >= 17 && *field[17])
-        parse_pub_field18 (subkey, field[17]);
+        PARSE_COMPLIANCE_FLAGS (field[17], subkey);
 
       if (fields >= 20)
         {
           key->last_update = _gpgme_parse_timestamp_ul (field[18]);
-          key->origin = 0; /* Fixme: Not yet defined in gpg.  */
+          key->origin = parse_keyorg (field[19]);
         }
 
       break;
@@ -814,7 +816,7 @@ keylist_colon_handler (void *priv, char *line)
 
       /* Field 18 has the compliance flags.  */
       if (fields >= 17 && *field[17])
-        parse_pub_field18 (subkey, field[17]);
+        PARSE_COMPLIANCE_FLAGS (field[17], subkey);
 
       break;
 
@@ -831,7 +833,7 @@ keylist_colon_handler (void *priv, char *line)
           if (fields >= 20)
             {
               opd->tmp_uid->last_update = _gpgme_parse_timestamp_ul (field[18]);
-              opd->tmp_uid->origin = 0; /* Fixme: Not yet defined in gpg.  */
+              opd->tmp_uid->origin = parse_keyorg (field[19]);
             }
 	}
       break;
diff --git a/src/libgpgme.vers b/src/libgpgme.vers
index adc8d7d..a95befb 100644
--- a/src/libgpgme.vers
+++ b/src/libgpgme.vers
@@ -46,6 +46,7 @@ GPGME_1.1 {
     gpgme_conf_opt_change;
     gpgme_op_conf_load;
     gpgme_op_conf_save;
+    gpgme_op_conf_dir;
 
     gpgme_cancel_async;
 
@@ -209,6 +210,8 @@ GPGME_1.0 {
     gpgme_op_decrypt_verify_start;
     gpgme_op_delete;
     gpgme_op_delete_start;
+    gpgme_op_delete_ext;
+    gpgme_op_delete_ext_start;
     gpgme_op_edit;
     gpgme_op_edit_start;
     gpgme_op_encrypt;
diff --git a/src/parsetlv.h b/src/parsetlv.h
index bea03d4..2c04190 100644
--- a/src/parsetlv.h
+++ b/src/parsetlv.h
@@ -1,4 +1,4 @@
-/* parsetlv.h -  TLV functions defintions
+/* parsetlv.h -  TLV functions definitions
  * Copyright (C) 2012 g10 Code GmbH
  *
  * This file is free software; you can redistribute it and/or modify
diff --git a/src/posix-io.c b/src/posix-io.c
index a351806..0448d29 100644
--- a/src/posix-io.c
+++ b/src/posix-io.c
@@ -47,10 +47,11 @@
 #include <ctype.h>
 #include <sys/resource.h>
 
-#if __linux__
+#ifdef USE_LINUX_GETDENTS
+# include <sys/syscall.h>
 # include <sys/types.h>
 # include <dirent.h>
-#endif /*__linux__ */
+#endif /*USE_LINUX_GETDENTS*/
 
 
 #include "util.h"
@@ -59,6 +60,7 @@
 #include "ath.h"
 #include "debug.h"
 
+
 
 void
 _gpgme_io_subsystem_init (void)
@@ -279,6 +281,22 @@ _gpgme_io_set_nonblocking (int fd)
 }
 
 
+#ifdef USE_LINUX_GETDENTS
+/* This is not declared in public headers; getdents64(2) says that we must
+ * define it ourselves.  */
+struct linux_dirent64
+{
+  ino64_t d_ino;
+  off64_t d_off;
+  unsigned short d_reclen;
+  unsigned char d_type;
+  char d_name[];
+};
+
+# define DIR_BUF_SIZE 1024
+#endif /*USE_LINUX_GETDENTS*/
+
+
 static long int
 get_max_fds (void)
 {
@@ -291,39 +309,57 @@ get_max_fds (void)
    * than for example doing 4096 close calls where almost all of them
    * will fail.
    *
-   * Unfortunately we can't call opendir between fork and exec in a
-   * multi-threaded process because opendir uses malloc and thus a
-   * mutex which may deadlock with a malloc in another thread.  Thus
-   * the code is not used until we can have a opendir variant which
-   * does not use malloc.  */
-/* #ifdef __linux__ */
-/*   { */
-/*     DIR *dir = NULL; */
-/*     struct dirent *dir_entry; */
-/*     const char *s; */
-/*     int x; */
-
-/*     dir = opendir ("/proc/self/fd"); */
-/*     if (dir) */
-/*       { */
-/*         while ((dir_entry = readdir (dir))) */
-/*           { */
-/*             s = dir_entry->d_name; */
-/*             if ( *s < '0' || *s > '9') */
-/*               continue; */
-/*             x = atoi (s); */
-/*             if (x > fds) */
-/*               fds = x; */
-/*           } */
-/*         closedir (dir); */
-/*       } */
-/*     if (fds != -1) */
-/*       { */
-/*         fds++; */
-/*         source = "/proc"; */
-/*       } */
-/*     } */
-/* #endif /\* __linux__ *\/ */
+   * We can't use the normal opendir/readdir/closedir interface between
+   * fork and exec in a multi-threaded process because opendir uses
+   * malloc and thus a mutex which may deadlock with a malloc in another
+   * thread.  However, the underlying getdents system call is safe.  */
+#ifdef USE_LINUX_GETDENTS
+  {
+    int dir_fd;
+    char dir_buf[DIR_BUF_SIZE];
+    struct linux_dirent64 *dir_entry;
+    int r, pos;
+    const char *s;
+    int x;
+
+    dir_fd = open ("/proc/self/fd", O_RDONLY | O_DIRECTORY);
+    if (dir_fd != -1)
+      {
+        for (;;)
+          {
+            r = syscall(SYS_getdents64, dir_fd, dir_buf, DIR_BUF_SIZE);
+            if (r == -1)
+              {
+                /* Fall back to other methods.  */
+                fds = -1;
+                break;
+              }
+            if (r == 0)
+              break;
+
+            for (pos = 0; pos < r; pos += dir_entry->d_reclen)
+              {
+                dir_entry = (struct linux_dirent64 *) (dir_buf + pos);
+                s = dir_entry->d_name;
+                if (*s < '0' || *s > '9')
+                  continue;
+                /* atoi is not guaranteed to be async-signal-safe.  */
+                for (x = 0; *s >= '0' && *s <= '9'; s++)
+                  x = x * 10 + (*s - '0');
+                if (!*s && x > fds && x != dir_fd)
+                  fds = x;
+              }
+          }
+
+        close (dir_fd);
+      }
+    if (fds != -1)
+      {
+        fds++;
+        source = "/proc";
+      }
+    }
+#endif /*USE_LINUX_GETDENTS*/
 
 #ifdef RLIMIT_NOFILE
   if (fds == -1)
@@ -473,7 +509,7 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags,
            * have closefrom(2) we first figure out the highest fd we
            * do not want to close, then call closefrom, and on success
            * use the regular code to close all fds up to the start
-           * point of closefrom.  Note that Solaris' closefrom does
+           * point of closefrom.  Note that Solaris' and FreeBSD's closefrom do
            * not return errors.  */
 #ifdef HAVE_CLOSEFROM
           {
@@ -482,7 +518,7 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags,
               if (fd_list[i].fd > fd)
                 fd = fd_list[i].fd;
             fd++;
-#ifdef __sun
+#if defined(__sun) || defined(__FreeBSD__)
             closefrom (fd);
             max_fds = fd;
 #else /*!__sun */
diff --git a/src/status-table.c b/src/status-table.c
index c9bf357..afc7eab 100644
--- a/src/status-table.c
+++ b/src/status-table.c
@@ -43,10 +43,10 @@ static struct status_table_s status_table[] =
   { "ALREADY_SIGNED", GPGME_STATUS_ALREADY_SIGNED },
   { "ATTRIBUTE",         GPGME_STATUS_ATTRIBUTE        },
   { "BACKUP_KEY_CREATED", GPGME_STATUS_BACKUP_KEY_CREATED },
-  { "BAD_PASSPHRASE", GPGME_STATUS_BAD_PASSPHRASE },
   { "BADARMOR", GPGME_STATUS_BADARMOR },
   { "BADMDC", GPGME_STATUS_BADMDC },
   { "BADSIG", GPGME_STATUS_BADSIG },
+  { "BAD_PASSPHRASE", GPGME_STATUS_BAD_PASSPHRASE },
   { "BEGIN_DECRYPTION", GPGME_STATUS_BEGIN_DECRYPTION },
   { "BEGIN_ENCRYPTION", GPGME_STATUS_BEGIN_ENCRYPTION },
   { "BEGIN_SIGNING",     GPGME_STATUS_BEGIN_SIGNING    },
@@ -56,6 +56,7 @@ static struct status_table_s status_table[] =
   { "DECRYPTION_INFO",   GPGME_STATUS_DECRYPTION_INFO  },
   { "DECRYPTION_OKAY", GPGME_STATUS_DECRYPTION_OKAY },
   { "DELETE_PROBLEM", GPGME_STATUS_DELETE_PROBLEM },
+  { "DECRYPTION_COMPLIANCE_MODE", GPGME_STATUS_DECRYPTION_COMPLIANCE_MODE },
   { "ENC_TO", GPGME_STATUS_ENC_TO },
   { "END_DECRYPTION", GPGME_STATUS_END_DECRYPTION },
   { "END_ENCRYPTION", GPGME_STATUS_END_ENCRYPTION },
@@ -73,22 +74,22 @@ static struct status_table_s status_table[] =
   { "GET_BOOL", GPGME_STATUS_GET_BOOL },
   { "GET_HIDDEN", GPGME_STATUS_GET_HIDDEN },
   { "GET_LINE", GPGME_STATUS_GET_LINE },
-  { "GOOD_PASSPHRASE", GPGME_STATUS_GOOD_PASSPHRASE },
   { "GOODMDC", GPGME_STATUS_GOODMDC },
   { "GOODSIG", GPGME_STATUS_GOODSIG },
+  { "GOOD_PASSPHRASE", GPGME_STATUS_GOOD_PASSPHRASE },
   { "GOT_IT", GPGME_STATUS_GOT_IT },
+  { "IMPORTED", GPGME_STATUS_IMPORTED },
   { "IMPORT_OK", GPGME_STATUS_IMPORT_OK },
   { "IMPORT_PROBLEM", GPGME_STATUS_IMPORT_PROBLEM },
   { "IMPORT_RES", GPGME_STATUS_IMPORT_RES },
-  { "IMPORTED", GPGME_STATUS_IMPORTED },
   { "INQUIRE_MAXLEN", GPGME_STATUS_INQUIRE_MAXLEN },
   { "INV_RECP", GPGME_STATUS_INV_RECP },
   { "INV_SGNR", GPGME_STATUS_INV_SGNR },
+  { "KEYEXPIRED", GPGME_STATUS_KEYEXPIRED },
+  { "KEYREVOKED", GPGME_STATUS_KEYREVOKED },
   { "KEY_CONSIDERED", GPGME_STATUS_KEY_CONSIDERED },
   { "KEY_CREATED", GPGME_STATUS_KEY_CREATED },
   { "KEY_NOT_CREATED",   GPGME_STATUS_KEY_NOT_CREATED  },
-  { "KEYEXPIRED", GPGME_STATUS_KEYEXPIRED },
-  { "KEYREVOKED", GPGME_STATUS_KEYREVOKED },
   { "LEAVE", GPGME_STATUS_LEAVE },
   { "MISSING_PASSPHRASE", GPGME_STATUS_MISSING_PASSPHRASE },
   { "MOUNTPOINT",        GPGME_STATUS_MOUNTPOINT       },
@@ -96,14 +97,14 @@ static struct status_table_s status_table[] =
   { "NEED_PASSPHRASE_PIN", GPGME_STATUS_NEED_PASSPHRASE_PIN },
   { "NEED_PASSPHRASE_SYM", GPGME_STATUS_NEED_PASSPHRASE_SYM },
   { "NEWSIG", GPGME_STATUS_NEWSIG },
-  { "NO_PUBKEY", GPGME_STATUS_NO_PUBKEY },
-  { "NO_RECP", GPGME_STATUS_NO_RECP },
-  { "NO_SECKEY", GPGME_STATUS_NO_SECKEY },
-  { "NO_SGNR", GPGME_STATUS_NO_SGNR },
   { "NODATA", GPGME_STATUS_NODATA },
   { "NOTATION_DATA", GPGME_STATUS_NOTATION_DATA },
   { "NOTATION_FLAGS", GPGME_STATUS_NOTATION_FLAGS },
   { "NOTATION_NAME", GPGME_STATUS_NOTATION_NAME },
+  { "NO_PUBKEY", GPGME_STATUS_NO_PUBKEY },
+  { "NO_RECP", GPGME_STATUS_NO_RECP },
+  { "NO_SECKEY", GPGME_STATUS_NO_SECKEY },
+  { "NO_SGNR", GPGME_STATUS_NO_SGNR },
   { "PINENTRY_LAUNCHED", GPGME_STATUS_PINENTRY_LAUNCHED},
   { "PKA_TRUST_BAD", GPGME_STATUS_PKA_TRUST_BAD },
   { "PKA_TRUST_GOOD", GPGME_STATUS_PKA_TRUST_GOOD },
@@ -120,10 +121,10 @@ static struct status_table_s status_table[] =
   { "SHM_GET_BOOL", GPGME_STATUS_SHM_GET_BOOL },
   { "SHM_GET_HIDDEN", GPGME_STATUS_SHM_GET_HIDDEN },
   { "SHM_INFO", GPGME_STATUS_SHM_INFO },
+  { "SIGEXPIRED", GPGME_STATUS_SIGEXPIRED },
   { "SIG_CREATED", GPGME_STATUS_SIG_CREATED },
   { "SIG_ID", GPGME_STATUS_SIG_ID },
   { "SIG_SUBPACKET", GPGME_STATUS_SIG_SUBPACKET },
-  { "SIGEXPIRED", GPGME_STATUS_SIGEXPIRED },
   { "SUCCESS", GPGME_STATUS_SUCCESS },
   { "TOFU_STATS", GPGME_STATUS_TOFU_STATS },
   { "TOFU_STATS_LONG", GPGME_STATUS_TOFU_STATS_LONG },
@@ -137,6 +138,7 @@ static struct status_table_s status_table[] =
   { "UNEXPECTED", GPGME_STATUS_UNEXPECTED },
   { "USERID_HINT", GPGME_STATUS_USERID_HINT },
   { "VALIDSIG", GPGME_STATUS_VALIDSIG },
+  { "VERIFICATION_COMPLIANCE_MODE", GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE },
   {NULL, 0}
 };
 
diff --git a/src/trustlist.c b/src/trustlist.c
index c85ef87..d7eb4c6 100644
--- a/src/trustlist.c
+++ b/src/trustlist.c
@@ -66,7 +66,7 @@ trustlist_status_handler (void *priv, gpgme_status_code_t code, char *args)
                K for a key
    The RECNO is either the one of the dir record or the one of the uid
    record.  OT is the the usual trust letter and only availabel on K
-   lines.  VAL is the calcualted validity MC is the marginal trust
+   lines.  VAL is the calculated validity MC is the marginal trust
    counter and only available on U lines CC is the same for the
    complete count NAME ist the username and only printed on U
    lines.  */
diff --git a/src/util.h b/src/util.h
index 7b7924c..b4043ed 100644
--- a/src/util.h
+++ b/src/util.h
@@ -45,10 +45,6 @@
 
 #define DIM(v) (sizeof(v)/sizeof((v)[0]))
 
-#if GPG_ERROR_VERSION_NUMBER < 0x011500 /* 1.21 */
-# define GPG_ERR_FALSE 256
-#endif
-
 #if GPG_ERROR_VERSION_NUMBER < 0x011900 /* 1.25 */
 # define GPG_ERR_ENGINE_TOO_OLD 300
 # define GPG_ERR_TOO_OLD        308
@@ -224,4 +220,26 @@ extern struct assuan_malloc_hooks _gpgme_assuan_malloc_hooks;
 int _gpgme_assuan_log_cb (assuan_context_t ctx, void *hook,
 			  unsigned int cat, const char *msg);
 
+
+
+/* Parse the compliance field.  */
+#define PARSE_COMPLIANCE_FLAGS(flags, result)				\
+  do {									\
+    char *comp_p, *comp_endp;						\
+    unsigned long comp_ul;						\
+									\
+    for (comp_p = (flags);						\
+	 comp_p								\
+	   && (comp_ul = strtoul (comp_p, &comp_endp, 10))		\
+	   && comp_p != comp_endp;					\
+	 comp_p = comp_endp)						\
+      {									\
+	switch (comp_ul)						\
+	  {								\
+	  case 23: (result)->is_de_vs = 1; break;			\
+	  }								\
+      }									\
+  } while (0)
+
+
 #endif /* UTIL_H */
diff --git a/src/verify.c b/src/verify.c
index 900f925..ee730a3 100644
--- a/src/verify.c
+++ b/src/verify.c
@@ -1078,6 +1078,10 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args)
       if (err)
 	return err;
 
+    case GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE:
+      PARSE_COMPLIANCE_FLAGS (args, opd->current_sig);
+      break;
+
     default:
       break;
     }
diff --git a/tests/ChangeLog-2011 b/tests/ChangeLog-2011
index 3ec0fb7..02c6dab 100644
--- a/tests/ChangeLog-2011
+++ b/tests/ChangeLog-2011
@@ -237,7 +237,7 @@
 	* gpg/t-keylist.c: Reordered list to match new demo keyring.  Add
 	arg for number of subkeys and for extra checking function.
 	(main): Enhanced a few error outputs.  Changed subkey
-	counting. Call extra checking fucntion.
+	counting. Call extra checking function.
 	(check_whisky): New.
 
 2005-10-07  Marcus Brinkmann  <marcus@g10code.de>
diff --git a/tests/Makefile.in b/tests/Makefile.in
index 7ccf806..7f6727c 100644
--- a/tests/Makefile.in
+++ b/tests/Makefile.in
@@ -444,7 +444,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/tests/gpg/Makefile.am b/tests/gpg/Makefile.am
index 8e26a92..642e0a0 100644
--- a/tests/gpg/Makefile.am
+++ b/tests/gpg/Makefile.am
@@ -31,15 +31,15 @@ noinst_HEADERS = t-support.h
 if HAVE_W32_SYSTEM
 tests_unix =
 else
-tests_unix = t-eventloop t-thread1
+tests_unix = t-eventloop t-thread1 t-thread-keylist t-thread-keylist-verify
 endif
 
 c_tests = \
         t-encrypt t-encrypt-sym t-encrypt-sign t-sign t-signers		\
 	t-decrypt t-verify t-decrypt-verify t-sig-notation t-export	\
 	t-import t-trustlist t-edit t-keylist t-keylist-sig t-wait	\
-	t-encrypt-large t-file-name t-gpgconf t-encrypt-mixed $(tests_unix) \
-	t-thread-keylist t-thread-keylist-verify
+	t-encrypt-large t-file-name t-gpgconf t-encrypt-mixed \
+	$(tests_unix)
 
 TESTS = initial.test $(c_tests) final.test
 
@@ -60,6 +60,8 @@ EXTRA_DIST = initial.test final.test \
         pubdemo.asc secdemo.asc cipher-1.asc cipher-2.asc \
 	geheim.txt pubkey-1.asc seckey-1.asc pinentry $(private_keys)
 
+BUILT_SOURCES = gpg.conf gpg-agent.conf pubring-stamp \
+           private-keys-v1.d/gpg-sample.stamp
 AM_CPPFLAGS = -I$(top_builddir)/src @GPG_ERROR_CFLAGS@
 AM_LDFLAGS = -no-install
 LDADD = ../../src/libgpgme.la
@@ -82,35 +84,29 @@ clean-local:
 	-$(top_srcdir)/tests/start-stop-agent --stop
 	-rm -fR private-keys-v1.d
 
-check-local: ./gpg.conf ./gpg-agent.conf ./pubring-stamp \
-           ./private-keys-v1.d/gpg-sample.stamp
-
-# To guarantee that check-local is run before any tests we
-# add this dependency:
-initial.test : check-local
-
 export GNUPGHOME := $(abs_builddir)
 
 export GPG_AGENT_INFO :=
 
-./private-keys-v1.d/gpg-sample.stamp: $(srcdir)/$(private_keys)
+private-keys-v1.d/gpg-sample.stamp: $(srcdir)/$(private_keys)
+	-gpgconf --kill all
 	$(MKDIR_P) ./private-keys-v1.d
 	for k in $(private_keys); do \
           cp $(srcdir)/$$k private-keys-v1.d/$$k.key; \
         done
 	echo x > ./private-keys-v1.d/gpg-sample.stamp
 
-./pubring-stamp: $(srcdir)/pubdemo.asc
+pubring-stamp: $(srcdir)/pubdemo.asc ./private-keys-v1.d/gpg-sample.stamp
 	$(GPG) --batch --no-permission-warning \
                --import $(srcdir)/pubdemo.asc
 	-$(GPG) --batch --no-permission-warning \
 		--import $(srcdir)/secdemo.asc
 	echo x > ./pubring-stamp
 
-./gpg.conf:
+gpg.conf:
 # This is required for t-sig-notations.
 	echo no-force-v3-sigs > ./gpg.conf
 
-./gpg-agent.conf:
+gpg-agent.conf:
 # This is required for gpg2, which does not support command fd.
 	echo pinentry-program $(abs_srcdir)/pinentry > ./gpg-agent.conf
diff --git a/tests/gpg/Makefile.in b/tests/gpg/Makefile.in
index d8cd64b..d5ab6a7 100644
--- a/tests/gpg/Makefile.in
+++ b/tests/gpg/Makefile.in
@@ -124,7 +124,9 @@ CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
 @HAVE_W32_SYSTEM_FALSE@am__EXEEXT_1 = t-eventloop$(EXEEXT) \
-@HAVE_W32_SYSTEM_FALSE@	t-thread1$(EXEEXT)
+@HAVE_W32_SYSTEM_FALSE@	t-thread1$(EXEEXT) \
+@HAVE_W32_SYSTEM_FALSE@	t-thread-keylist$(EXEEXT) \
+@HAVE_W32_SYSTEM_FALSE@	t-thread-keylist-verify$(EXEEXT)
 am__EXEEXT_2 = t-encrypt$(EXEEXT) t-encrypt-sym$(EXEEXT) \
 	t-encrypt-sign$(EXEEXT) t-sign$(EXEEXT) t-signers$(EXEEXT) \
 	t-decrypt$(EXEEXT) t-verify$(EXEEXT) t-decrypt-verify$(EXEEXT) \
@@ -132,8 +134,7 @@ am__EXEEXT_2 = t-encrypt$(EXEEXT) t-encrypt-sym$(EXEEXT) \
 	t-trustlist$(EXEEXT) t-edit$(EXEEXT) t-keylist$(EXEEXT) \
 	t-keylist-sig$(EXEEXT) t-wait$(EXEEXT) \
 	t-encrypt-large$(EXEEXT) t-file-name$(EXEEXT) \
-	t-gpgconf$(EXEEXT) t-encrypt-mixed$(EXEEXT) $(am__EXEEXT_1) \
-	t-thread-keylist$(EXEEXT) t-thread-keylist-verify$(EXEEXT)
+	t-gpgconf$(EXEEXT) t-encrypt-mixed$(EXEEXT) $(am__EXEEXT_1)
 @HAVE_W32_SYSTEM_FALSE@am__EXEEXT_3 = t-cancel$(EXEEXT)
 am__EXEEXT_4 = t-genkey$(EXEEXT) $(am__EXEEXT_3)
 PROGRAMS = $(noinst_PROGRAMS)
@@ -456,7 +457,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
@@ -540,14 +540,14 @@ TESTS_ENVIRONMENT = GNUPGHOME=$(abs_builddir) LC_ALL=C GPG_AGENT_INFO= \
 
 # The keylist tests must come after the import and the edit test.
 noinst_HEADERS = t-support.h
-@HAVE_W32_SYSTEM_FALSE@tests_unix = t-eventloop t-thread1
+@HAVE_W32_SYSTEM_FALSE@tests_unix = t-eventloop t-thread1 t-thread-keylist t-thread-keylist-verify
 @HAVE_W32_SYSTEM_TRUE@tests_unix = 
 c_tests = \
         t-encrypt t-encrypt-sym t-encrypt-sign t-sign t-signers		\
 	t-decrypt t-verify t-decrypt-verify t-sig-notation t-export	\
 	t-import t-trustlist t-edit t-keylist t-keylist-sig t-wait	\
-	t-encrypt-large t-file-name t-gpgconf t-encrypt-mixed $(tests_unix) \
-	t-thread-keylist t-thread-keylist-verify
+	t-encrypt-large t-file-name t-gpgconf t-encrypt-mixed \
+	$(tests_unix)
 
 CLEANFILES = secring.gpg pubring.gpg pubring.kbx trustdb.gpg dirmngr.conf \
 	gpg-agent.conf pubring.kbx~ S.gpg-agent gpg.conf pubring.gpg~ \
@@ -565,6 +565,9 @@ EXTRA_DIST = initial.test final.test \
         pubdemo.asc secdemo.asc cipher-1.asc cipher-2.asc \
 	geheim.txt pubkey-1.asc seckey-1.asc pinentry $(private_keys)
 
+BUILT_SOURCES = gpg.conf gpg-agent.conf pubring-stamp \
+           private-keys-v1.d/gpg-sample.stamp
+
 AM_CPPFLAGS = -I$(top_builddir)/src @GPG_ERROR_CFLAGS@
 AM_LDFLAGS = -no-install
 LDADD = ../../src/libgpgme.la
@@ -576,7 +579,8 @@ t_cancel_LDADD = ../../src/libgpgme.la -lpthread
 # We don't run t-genkey and t-cancel in the test suite, because it
 # takes too long
 tests_skipped = t-genkey $(am__append_1)
-all: all-am
+all: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) all-am
 
 .SUFFIXES:
 .SUFFIXES: .c .lo .o .obj
@@ -960,11 +964,13 @@ distdir: $(DISTFILES)
 	  fi; \
 	done
 check-am: all-am
-	$(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local
-check: check-am
+	$(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) check-am
 all-am: Makefile $(PROGRAMS) $(HEADERS)
 installdirs:
-install: install-am
+install: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-am
 install-exec: install-exec-am
 install-data: install-data-am
 uninstall: uninstall-am
@@ -995,6 +1001,7 @@ distclean-generic:
 maintainer-clean-generic:
 	@echo "This command is intended for maintainers to use"
 	@echo "it deletes files that may require special tools to rebuild."
+	-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
 clean: clean-am
 
 clean-am: clean-generic clean-libtool clean-local clean-noinstPROGRAMS \
@@ -1066,57 +1073,51 @@ ps-am:
 
 uninstall-am:
 
-.MAKE: check-am install-am install-strip
+.MAKE: all check check-am install install-am install-strip
 
-.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am \
-	check-local clean clean-generic clean-libtool clean-local \
-	clean-noinstPROGRAMS cscopelist-am ctags ctags-am distclean \
-	distclean-compile distclean-generic distclean-libtool \
-	distclean-tags distdir dvi dvi-am html html-am info info-am \
-	install install-am install-data install-data-am install-dvi \
-	install-dvi-am install-exec install-exec-am install-html \
-	install-html-am install-info install-info-am install-man \
-	install-pdf install-pdf-am install-ps install-ps-am \
-	install-strip installcheck installcheck-am installdirs \
-	maintainer-clean maintainer-clean-generic mostlyclean \
-	mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
-	pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am
+.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \
+	clean-generic clean-libtool clean-local clean-noinstPROGRAMS \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
 
 
 clean-local:
 	-$(top_srcdir)/tests/start-stop-agent --stop
 	-rm -fR private-keys-v1.d
 
-check-local: ./gpg.conf ./gpg-agent.conf ./pubring-stamp \
-           ./private-keys-v1.d/gpg-sample.stamp
-
-# To guarantee that check-local is run before any tests we
-# add this dependency:
-initial.test : check-local
-
 export GNUPGHOME := $(abs_builddir)
 
 export GPG_AGENT_INFO :=
 
-./private-keys-v1.d/gpg-sample.stamp: $(srcdir)/$(private_keys)
+private-keys-v1.d/gpg-sample.stamp: $(srcdir)/$(private_keys)
+	-gpgconf --kill all
 	$(MKDIR_P) ./private-keys-v1.d
 	for k in $(private_keys); do \
           cp $(srcdir)/$$k private-keys-v1.d/$$k.key; \
         done
 	echo x > ./private-keys-v1.d/gpg-sample.stamp
 
-./pubring-stamp: $(srcdir)/pubdemo.asc
+pubring-stamp: $(srcdir)/pubdemo.asc ./private-keys-v1.d/gpg-sample.stamp
 	$(GPG) --batch --no-permission-warning \
                --import $(srcdir)/pubdemo.asc
 	-$(GPG) --batch --no-permission-warning \
 		--import $(srcdir)/secdemo.asc
 	echo x > ./pubring-stamp
 
-./gpg.conf:
+gpg.conf:
 # This is required for t-sig-notations.
 	echo no-force-v3-sigs > ./gpg.conf
 
-./gpg-agent.conf:
+gpg-agent.conf:
 # This is required for gpg2, which does not support command fd.
 	echo pinentry-program $(abs_srcdir)/pinentry > ./gpg-agent.conf
 
diff --git a/tests/gpg/cipher-1.asc b/tests/gpg/cipher-1.asc
index f0a8ca4..fbb6d58 100644
--- a/tests/gpg/cipher-1.asc
+++ b/tests/gpg/cipher-1.asc
@@ -1,15 +1,13 @@
 -----BEGIN PGP MESSAGE-----
-Version: GnuPG v1.0.4-2 (GNU/Linux)
-Comment: For info see http://www.gnupg.org
 
-hQEOA2rm1+5GqHH4EAP/Tcqiuhvrjj+RFBKnWn2A7f1ztV17U2EngYFy8TbZYGNp
-JoMNdpA7GNZs7iqc/x1epaZDKfaQwWEtARZmK/4nlhB48N+oZeKTm7PXIkRPqrCZ
-3fxJjCJaU0yrNGuO345DOr0QwDImVhubVEkfgs8yXK2Szx2G8X3LmiaILHAqA2oD
-/1ZqjY8k+ovrLL/qe8un/NTwzSjKIPVGR6mhLFXmj8fnp2kSsbo+Bhh4MczTRR6l
-SA32z25vcakKu2qn5Wa4yDcx9NcMt8RHXzmfMDLj6UFq99QqKeLK2ywcIpY9p/GL
-fQyaf7r3HTVugBSaoOzegLJ+L7MfWohrStkMeLnJQnro0nYBjADVcUQuSS4N3lst
-Df3XrxxA/iJvxt4F9K27u4tp5U1HDg1CIxVrkMs92LBri3S6ZtfjdoqQ7QghFwGP
-Kw1lKiWayM6NH9rcCKSgk4kl4P/2l3f78XeFgiywN7UGeSoH3BLMSv9gSxl5KrAz
-d2imhTMrfEvZ
-=y4ng
+hQEOA2rm1+5GqHH4EAP/XKz8pdonnZg2dqJhjdas4vQHPxspxLhgf7OuYigodBpI
+l7srTvqtuRsDFNorgURW6DjPqfGqpZsn2uf8enUskunHVMQFBILX38d+G5SkisqF
+uOZUlmh0ZfVocCBGYt8ZPfa9ObmitPmZvhCReCHFlTj588ZjofKuNjmfw+QfmNcD
+/j4z4ijv6dKHQCm7EAjnOsCw9SbrAVpRXjibN7KT+w6QT6m+5w9k4RfhkTOlqrHq
+5d3ZyxLctdTkXlk0hXz1Mey4AEKTtlZGvrQVIhaX4hcB4NFJB0fZJ/pnKypi1H6q
+0bSBq2p6kCzJuNvrEr4wk4B1NsOTBacUSffXLrfsEH2F0ngBzN7d/KHBImu81F8w
+x96f6dELyYetV0UwhyFrPrA3lBQf9q5cNDqPiCHooUFOudQ5t0h7VtSU3fyaYoit
+cJGPFkIxhv+VAbEW/h5muEg3KO1iEqLP4RK3y0Jjy4pyEauAgviM68Vjf4OVvgta
+/IblIrp1FHxoCpA=
+=sEuD
 -----END PGP MESSAGE-----
diff --git a/tests/gpg/cipher-2.asc b/tests/gpg/cipher-2.asc
index 210f3e9..f7c85f3 100644
--- a/tests/gpg/cipher-2.asc
+++ b/tests/gpg/cipher-2.asc
@@ -1,16 +1,15 @@
 -----BEGIN PGP MESSAGE-----
-Version: GnuPG v1.0.6 (GNU/Linux)
-Comment: Weitere Infos: siehe http://www.gnupg.org
 
-hQEOA++dwnahcsiBEAP9HgkC1ElQwZRX1X/MBF54Q28dpXKr84IviO4QcbnnhmYk
-2IlaNe6mr8R7kNM1aqJFK3fnobqnSWwM/VBObMqqYnzZSfclCNsy66sojQJxwXcz
-DKQKi69BLaC6aTMnX048tOl8pJpR72fkffUOUa5ywDHVVVUClDG3XkIrfM1du3YD
-/A6vFSrRylupKhQBxdtSUx5IDmpDYwG2vqqbYKoMaQ4pPSKLYV2zskU+pQWRlk6y
-nwPGY5h9eGz0xYHMPxhe9VnwljeTEDwz5U4CHF3wQ8h5WBxOVx5QN/H/UyjpmoJT
-ddrIu+8GgajhBVKVYAOqr577exkiSDA60/JrYbKZBvzL0sAJAUu+HoeMPJ+5/RYF
-pLSdz/3MbVDRJJqzV2TJnEBvFtPa6urzx99P0u4xr+RJMFmR9/99YXhYz7+Y6d/B
-44F6B3YouYxiK39IoOUcYPZTwb5kaudD5a3mU3XxEhSDUpnyvowPiKQO1T8CPd2u
-2HsD3KeaOc2VFE0gnvqECvUTQfSCZCk/kil8XVAMHZrEA0bWAYiaHfHEOB8SRCy8
-rW0wsON4uDXmZpUkfOjFoYZdpJI7fDKkb5uYUzFZDasharEaXb1X/5xSAclx
-=+eYk
+hQEOA++dwnahcsiBEAQAqaF1yuTJ26FmJHndyaHUjazx7j8/Z/Ht3O+jSAOaoJFR
+84rK4Tte0JQYTCl3XxwSEwr48OAtyeTstLjabGAvBoHrXVP3xC0U7kBalZm2lwcq
+A8dDDoa3uMkWi1OJ3e2o79/z6SdTHEgRIRomAku1JaXFGTd8OsFhW782RpKUBOID
+/jMs9o2sa/gDhWVaeC3SaQovl2xb45ev0nMibED916BQvv3NkH5/EzeM6v788h63
+4yUkWWNr0/bnJ21chlxIbvICjHfuGAEDw+i4HhK/nLBL3Ep4ADtLP7OPZJHlcQgI
+g8mAztasBxTGGUuFYvRT0X7sbaSPxLR26vbTCYAo/P/80sA4AYGhBuYPsRN4JzX9
+QaSrToKjPbaZqq+nHQYCvi6m5xAjMT0HVdXejMtZMKwv4TRm7IVCimtIZqrlvw7c
+Kj+ZcDGq9qb7urnzC5mdAZkXyNtZxmMKYFI0ci7zMnflvIM87JrVEjZbjjiXlcVy
+mSxhufOOweLJARkJ4mKVq1tr8REu8/ots4fDzUIAITM3z8pKA7doWAH2VTo0Idmc
+wYOoTLkiq1Z8fxeryB6U66C831PDiWe7W0usRSVo5rZ7laLZeOGl33fAAZCNLTgv
+tOPWWg5rCpRTVXgQ6Edl7DtzKI1z4EJbuEUs6shW+OT3bNISiDz2am8remU=
+=9AEU
 -----END PGP MESSAGE-----
diff --git a/tests/gpg/t-encrypt-mixed.c b/tests/gpg/t-encrypt-mixed.c
index afe5ba2..cc9ce89 100644
--- a/tests/gpg/t-encrypt-mixed.c
+++ b/tests/gpg/t-encrypt-mixed.c
@@ -1,5 +1,6 @@
 /* t-encrypt-mixed.c - Regression test.
-   Copyright (C) 2016 Intevation GmbH
+   Copyright (C) 2016 by Bundesamt für Sicherheit in der Informationstechnik
+   Software engineering by Intevation GmbH
 
    This file is part of GPGME.
 
diff --git a/tests/gpg/t-gpgconf.c b/tests/gpg/t-gpgconf.c
index 67bb886..5eccede 100644
--- a/tests/gpg/t-gpgconf.c
+++ b/tests/gpg/t-gpgconf.c
@@ -263,6 +263,26 @@ main (void)
   err = gpgme_new (&ctx);
   fail_if_err (err);
 
+  {
+    /* Let's check getting the agent-socket directory for different homedirs.  */
+    char *result1 = NULL;
+    char *result2 = NULL;
+    err = gpgme_ctx_set_engine_info (ctx, GPGME_PROTOCOL_GPGCONF, NULL, "/tmp/foo");
+    fail_if_err (err);
+    err = gpgme_op_conf_dir (ctx, "agent-socket", &result1);
+    fail_if_err (err);
+
+    err = gpgme_ctx_set_engine_info (ctx, GPGME_PROTOCOL_GPGCONF, NULL, NULL);
+    fail_if_err (err);
+    err = gpgme_op_conf_dir (ctx, "agent-socket", &result2);
+    fail_if_err (err);
+
+    /* They have to be different.  */
+    test (strcmp(result1, result2));
+    gpgme_free (result1);
+    gpgme_free (result2);
+  }
+
   err = gpgme_op_conf_load (ctx, &conf);
   fail_if_err (err);
 
diff --git a/tests/gpg/t-keylist.c b/tests/gpg/t-keylist.c
index 6ee023c..0417011 100644
--- a/tests/gpg/t-keylist.c
+++ b/tests/gpg/t-keylist.c
@@ -568,7 +568,8 @@ main (int argc, char **argv)
 
   if (keys[i].fpr)
     {
-      fprintf (stderr, "Less keys returned than expected\n");
+      fprintf (stderr, "Less keys (%d) returned than expected (%d)\n",
+	       i, (int)(DIM (keys) - 1));
       exit (1);
     }
 
diff --git a/tests/gpg/t-thread-keylist-verify.c b/tests/gpg/t-thread-keylist-verify.c
index b327a1f..c011fbc 100644
--- a/tests/gpg/t-thread-keylist-verify.c
+++ b/tests/gpg/t-thread-keylist-verify.c
@@ -1,5 +1,6 @@
 /* t-thread-verify.c - Regression test.
-   Copyright (C) 2015 Intevation GmbH
+   Copyright (C) 2015 by Bundesamt für Sicherheit in der Informationstechnik
+   Software engineering by Intevation GmbH
 
    This file is part of GPGME.
 
diff --git a/tests/gpg/t-thread-keylist.c b/tests/gpg/t-thread-keylist.c
index b9feeda..d64a6d0 100644
--- a/tests/gpg/t-thread-keylist.c
+++ b/tests/gpg/t-thread-keylist.c
@@ -1,5 +1,6 @@
 /* t-thread-verify.c - Regression test.
-   Copyright (C) 2015 Intevation GmbH
+   Copyright (C) 2015 by Bundesamt für Sicherheit in der Informationstechnik
+   Software engineering by Intevation GmbH
 
    This file is part of GPGME.
 
diff --git a/tests/gpgsm/Makefile.am b/tests/gpgsm/Makefile.am
index 46d6a9b..4ab2283 100644
--- a/tests/gpgsm/Makefile.am
+++ b/tests/gpgsm/Makefile.am
@@ -20,6 +20,7 @@
 ## Process this file with automake to produce Makefile.in
 
 GPGSM = gpgsm
+GPG_AGENT = gpg-agent
 
 TESTS_ENVIRONMENT = GNUPGHOME=$(abs_builddir) LC_ALL=C GPG_AGENT_INFO= \
                     top_srcdir=$(top_srcdir)
@@ -44,36 +45,36 @@ noinst_PROGRAMS = $(c_tests) t-genkey cms-keylist cms-decrypt
 
 key_id = 32100C27173EF6E9C4E9A25D3D69F86D37A4F939
 
-CLEANFILES = pubring.kbx pubring.kbx~ gpgsm.conf trustlist.txt \
+CLEANFILES = pubring-stamp pubring.kbx pubring.kbx~ gpgsm.conf trustlist.txt \
 	random_seed S.gpg-agent
 
 clean-local:
 	-$(top_srcdir)/tests/start-stop-agent --stop
 	-rm -fR private-keys-v1.d
 
-check-local: ./pubring.kbx ./gpgsm.conf \
-             ./private-keys-v1.d/$(key_id).key ./trustlist.txt
-
-# To guarantee that check-local is run before any tests we add this
-# dependency:
-initial.test : check-local
-
 export GNUPGHOME := $(abs_builddir)
 
 export GPG_AGENT_INFO :=
 
-./pubring.kbx: $(srcdir)/cert_g10code_test1.der
+BUILT_SOURCES = gpgsm.conf trustlist.txt pubring-stamp \
+           private-keys-v1.d/gpg-sample.stamp
+
+pubring-stamp: $(srcdir)/cert_g10code_test1.der ./private-keys-v1.d/gpg-sample.stamp
 	$(GPGSM) --import $(srcdir)/cert_g10code_test1.der
+	touch pubring-stamp
 
-./gpgsm.conf:
+gpgsm.conf:
 	echo disable-crl-checks > ./gpgsm.conf
 	echo faked-system-time 1008241200 >> ./gpgsm.conf
+	echo "agent-program `which $(GPG_AGENT)`|--debug-quick-random" >> ./gpgsm.conf
 
-./private-keys-v1.d/$(key_id).key: $(srcdir)/$(key_id)
+private-keys-v1.d/gpg-sample.stamp: $(srcdir)/$(key_id)
+	-gpgconf --kill all
 	$(MKDIR_P) ./private-keys-v1.d
 	cp $(srcdir)/$(key_id) private-keys-v1.d/$(key_id).key
+	echo x > ./private-keys-v1.d/gpg-sample.stamp
 
-./trustlist.txt:
+trustlist.txt:
 	echo $(key_id) > ./trustlist.txt
 	echo >> ./trustlist.txt
 	echo "# CN=test cert 1,OU=Aegypten Project,O=g10 Code GmbH,L=Düsseldorf,C=DE" >> ./trustlist.txt
diff --git a/tests/gpgsm/Makefile.in b/tests/gpgsm/Makefile.in
index 1be6794..42ffb7a 100644
--- a/tests/gpgsm/Makefile.in
+++ b/tests/gpgsm/Makefile.in
@@ -378,7 +378,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
@@ -455,6 +454,7 @@ top_build_prefix = @top_build_prefix@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 GPGSM = gpgsm
+GPG_AGENT = gpg-agent
 TESTS_ENVIRONMENT = GNUPGHOME=$(abs_builddir) LC_ALL=C GPG_AGENT_INFO= \
                     top_srcdir=$(top_srcdir)
 
@@ -467,10 +467,14 @@ AM_CPPFLAGS = -I$(top_builddir)/src @GPG_ERROR_CFLAGS@
 AM_LDFLAGS = -no-install
 LDADD = ../../src/libgpgme.la
 key_id = 32100C27173EF6E9C4E9A25D3D69F86D37A4F939
-CLEANFILES = pubring.kbx pubring.kbx~ gpgsm.conf trustlist.txt \
+CLEANFILES = pubring-stamp pubring.kbx pubring.kbx~ gpgsm.conf trustlist.txt \
 	random_seed S.gpg-agent
 
-all: all-am
+BUILT_SOURCES = gpgsm.conf trustlist.txt pubring-stamp \
+           private-keys-v1.d/gpg-sample.stamp
+
+all: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) all-am
 
 .SUFFIXES:
 .SUFFIXES: .c .lo .o .obj
@@ -774,11 +778,13 @@ distdir: $(DISTFILES)
 	  fi; \
 	done
 check-am: all-am
-	$(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local
-check: check-am
+	$(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) check-am
 all-am: Makefile $(PROGRAMS) $(HEADERS)
 installdirs:
-install: install-am
+install: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-am
 install-exec: install-exec-am
 install-data: install-data-am
 uninstall: uninstall-am
@@ -809,6 +815,7 @@ distclean-generic:
 maintainer-clean-generic:
 	@echo "This command is intended for maintainers to use"
 	@echo "it deletes files that may require special tools to rebuild."
+	-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
 clean: clean-am
 
 clean-am: clean-generic clean-libtool clean-local clean-noinstPROGRAMS \
@@ -880,50 +887,47 @@ ps-am:
 
 uninstall-am:
 
-.MAKE: check-am install-am install-strip
+.MAKE: all check check-am install install-am install-strip
 
-.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am \
-	check-local clean clean-generic clean-libtool clean-local \
-	clean-noinstPROGRAMS cscopelist-am ctags ctags-am distclean \
-	distclean-compile distclean-generic distclean-libtool \
-	distclean-tags distdir dvi dvi-am html html-am info info-am \
-	install install-am install-data install-data-am install-dvi \
-	install-dvi-am install-exec install-exec-am install-html \
-	install-html-am install-info install-info-am install-man \
-	install-pdf install-pdf-am install-ps install-ps-am \
-	install-strip installcheck installcheck-am installdirs \
-	maintainer-clean maintainer-clean-generic mostlyclean \
-	mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
-	pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am
+.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \
+	clean-generic clean-libtool clean-local clean-noinstPROGRAMS \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
 
 
 clean-local:
 	-$(top_srcdir)/tests/start-stop-agent --stop
 	-rm -fR private-keys-v1.d
 
-check-local: ./pubring.kbx ./gpgsm.conf \
-             ./private-keys-v1.d/$(key_id).key ./trustlist.txt
-
-# To guarantee that check-local is run before any tests we add this
-# dependency:
-initial.test : check-local
-
 export GNUPGHOME := $(abs_builddir)
 
 export GPG_AGENT_INFO :=
 
-./pubring.kbx: $(srcdir)/cert_g10code_test1.der
+pubring-stamp: $(srcdir)/cert_g10code_test1.der ./private-keys-v1.d/gpg-sample.stamp
 	$(GPGSM) --import $(srcdir)/cert_g10code_test1.der
+	touch pubring-stamp
 
-./gpgsm.conf:
+gpgsm.conf:
 	echo disable-crl-checks > ./gpgsm.conf
 	echo faked-system-time 1008241200 >> ./gpgsm.conf
+	echo "agent-program `which $(GPG_AGENT)`|--debug-quick-random" >> ./gpgsm.conf
 
-./private-keys-v1.d/$(key_id).key: $(srcdir)/$(key_id)
+private-keys-v1.d/gpg-sample.stamp: $(srcdir)/$(key_id)
+	-gpgconf --kill all
 	$(MKDIR_P) ./private-keys-v1.d
 	cp $(srcdir)/$(key_id) private-keys-v1.d/$(key_id).key
+	echo x > ./private-keys-v1.d/gpg-sample.stamp
 
-./trustlist.txt:
+trustlist.txt:
 	echo $(key_id) > ./trustlist.txt
 	echo >> ./trustlist.txt
 	echo "# CN=test cert 1,OU=Aegypten Project,O=g10 Code GmbH,L=Düsseldorf,C=DE" >> ./trustlist.txt
diff --git a/tests/opassuan/Makefile.in b/tests/opassuan/Makefile.in
index 3287799..5afbeca 100644
--- a/tests/opassuan/Makefile.in
+++ b/tests/opassuan/Makefile.in
@@ -333,7 +333,6 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_SITE_PKG = @PYTHON_SITE_PKG@
 PYTHON_VERSION = @PYTHON_VERSION@
-PYTHON_VERSIONS = @PYTHON_VERSIONS@
 QTCHOOSER = @QTCHOOSER@
 RANLIB = @RANLIB@
 RC = @RC@
diff --git a/tests/run-decrypt.c b/tests/run-decrypt.c
index 0fcacf8..e961293 100644
--- a/tests/run-decrypt.c
+++ b/tests/run-decrypt.c
@@ -1,6 +1,7 @@
 /* run-decrypt.c  - Helper to perform a verify operation
    Copyright (C) 2009 g10 Code GmbH
-                 2016 Intevation GmbH
+                 2016 by Bundesamt für Sicherheit in der Informationstechnik
+                 Software engineering by Intevation GmbH
 
    This file is part of GPGME.
 
diff --git a/tests/run-identify.c b/tests/run-identify.c
index 01e9671..9361fa2 100644
--- a/tests/run-identify.c
+++ b/tests/run-identify.c
@@ -102,7 +102,7 @@ main (int argc, char **argv)
 
     }
 
-  init_gpgme (GPGME_PROTOCOL_OpenPGP);
+  init_gpgme_basic ();
 
   for (; argc; argc--, argv++)
     {
diff --git a/tests/run-keylist.c b/tests/run-keylist.c
index dd310e5..295251a 100644
--- a/tests/run-keylist.c
+++ b/tests/run-keylist.c
@@ -228,8 +228,10 @@ main (int argc, char **argv)
     {
       gpgme_user_id_t uid;
       gpgme_tofu_info_t ti;
+      gpgme_key_sig_t ks;
       int nuids;
       int nsub;
+      int nsigs;
 
       printf ("keyid   : %s\n", key->subkeys?nonnull (key->subkeys->keyid):"?");
       printf ("fpr     : %s\n", key->subkeys?nonnull (key->subkeys->fpr):"?");
@@ -320,6 +322,14 @@ main (int argc, char **argv)
               printf ("   first: %s\n", isotimestr (ti->encrfirst));
               printf ("    last: %s\n", isotimestr (ti->encrlast));
             }
+          for (nsigs=0, ks=uid->signatures; ks; ks = ks->next, nsigs++)
+            {
+              printf ("signature %d: %s\n", nsigs, nonnull (ks->uid));
+              printf ("       keyid: %s\n", nonnull (ks->keyid));
+              printf ("     created: %s\n", isotimestr(ks->timestamp));
+              printf ("     expires: %s\n", isotimestr(ks->expires));
+              printf ("       class: %x\n", ks->sig_class);
+            }
         }
 
       putchar ('\n');
diff --git a/tests/run-support.h b/tests/run-support.h
index 841b223..6a2170b 100644
--- a/tests/run-support.h
+++ b/tests/run-support.h
@@ -107,7 +107,11 @@ make_filename (const char *fname)
     srcdir = ".";
   buf = malloc (strlen(srcdir) + strlen(fname) + 2);
   if (!buf)
-    exit (8);
+    {
+      fprintf (stderr, "%s:%d: could not allocate string: %s\n",
+	       __FILE__, __LINE__, strerror (errno));
+      exit (8);
+    }
   strcpy (buf, srcdir);
   strcat (buf, "/");
   strcat (buf, fname);
@@ -116,17 +120,23 @@ make_filename (const char *fname)
 
 
 void
-init_gpgme (gpgme_protocol_t proto)
+init_gpgme_basic (void)
 {
-  gpgme_error_t err;
-
   gpgme_check_version (NULL);
   setlocale (LC_ALL, "");
   gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL));
 #ifndef HAVE_W32_SYSTEM
   gpgme_set_locale (NULL, LC_MESSAGES, setlocale (LC_MESSAGES, NULL));
 #endif
+}
+
+
+void
+init_gpgme (gpgme_protocol_t proto)
+{
+  gpg_error_t err;
 
+  init_gpgme_basic ();
   err = gpgme_engine_check_version (proto);
   fail_if_err (err);
 }
diff --git a/tests/run-verify.c b/tests/run-verify.c
index 3abc572..b22e644 100644
--- a/tests/run-verify.c
+++ b/tests/run-verify.c
@@ -222,6 +222,7 @@ show_usage (int ex)
          "  --openpgp        use the OpenPGP protocol (default)\n"
          "  --cms            use the CMS protocol\n"
          "  --sender MBOX    use MBOX as sender address\n"
+         "  --auto-key-retrieve\n"
          , stderr);
   exit (ex);
 }
@@ -231,6 +232,7 @@ int
 main (int argc, char **argv)
 {
   int last_argc = -1;
+  const char *s;
   gpgme_error_t err;
   gpgme_ctx_t ctx;
   gpgme_protocol_t protocol = GPGME_PROTOCOL_OpenPGP;
@@ -241,6 +243,7 @@ main (int argc, char **argv)
   gpgme_verify_result_t result;
   int print_status = 0;
   const char *sender = NULL;
+  int auto_key_retrieve = 0;
 
   if (argc)
     { argc--; argv++; }
@@ -283,6 +286,12 @@ main (int argc, char **argv)
           sender = *argv;
           argc--; argv++;
         }
+      else if (!strcmp (*argv, "--auto-key-retrieve"))
+        {
+          auto_key_retrieve = 1;
+          argc--; argv++;
+        }
+
       else if (!strncmp (*argv, "--", 2))
         show_usage (1);
 
@@ -323,6 +332,18 @@ main (int argc, char **argv)
     }
   /* gpgme_set_ctx_flag (ctx, "raw-description", "1"); */
 
+  if (auto_key_retrieve)
+    {
+      gpgme_set_ctx_flag (ctx, "auto-key-retrieve", "1");
+      s = gpgme_get_ctx_flag (ctx, "auto-key-retrieve");
+      if (!s || strcmp (s, "1"))
+        {
+          fprintf (stderr, PGM ": gpgme_get_ctx_flag failed for '%s'\n",
+                   "auto-key-retrieve");
+          exit (1);
+        }
+    }
+
   if (sender)
     {
       err = gpgme_set_sender (ctx, sender);
diff --git a/tests/start-stop-agent b/tests/start-stop-agent
index 3ce6f22..7901374 100755
--- a/tests/start-stop-agent
+++ b/tests/start-stop-agent
@@ -30,6 +30,19 @@ if [ "$1" = "--stop" ]; then
   exit 0
 fi
 
+# Update 'agent-program' in the configuration files to make sure we
+# will always start exactly this agent again if we ever need to.
+for F in gpg.conf gpgsm.conf
+do
+  if test -f "$GNUPGHOME/$F"
+  then
+      mv "$GNUPGHOME/$F" "$GNUPGHOME/$F~"
+      sed -e "s#^agent-program.*#agent-program ${GPG_AGENT}|--debug-quick-random#" \
+          >"$GNUPGHOME/$F" <"$GNUPGHOME/$F~"
+      rm "$GNUPGHOME/$F~"
+  fi
+done
+
 if [ "$(gpg-connect-agent --no-autostart getval\ $token /bye 2>/dev/null | head -1)" \
       = "D set" ]; then
   echo "gpg-agent already running" >&2
diff --git a/tests/t-data.c b/tests/t-data.c
index fe2d59e..c214de7 100644
--- a/tests/t-data.c
+++ b/tests/t-data.c
@@ -30,8 +30,10 @@
 #include <string.h>
 #include <errno.h>
 
-#include <gpgme.h>
+#define PGM "t-data"
+#include "run-support.h"
 
+#undef fail_if_err
 #define fail_if_err(a) do { if(a) {                                          \
                                fprintf (stderr, "%s:%d: (%i) gpgme_error_t " \
                                 "%s\n", __FILE__, __LINE__, round,           \
@@ -39,27 +41,6 @@
                                 exit (1); }                                  \
                              } while(0)
 
-static char *
-make_filename (const char *fname)
-{
-  const char *srcdir = getenv ("srcdir");
-  char *buf;
-
-  if (!srcdir)
-    srcdir = ".";
-  buf = malloc (strlen(srcdir) + strlen(fname) + 2 );
-  if (!buf)
-    {
-      fprintf (stderr, "%s:%d: could not allocate string: %s\n",
-	       __FILE__, __LINE__, strerror (errno));
-      exit (1);
-    }
-  strcpy (buf, srcdir);
-  strcat (buf, "/");
-  strcat (buf, fname);
-  return buf;
-}
-
 typedef enum
   {
     TEST_INITIALIZER,
@@ -203,6 +184,8 @@ main (void)
   gpgme_error_t err = 0;
   gpgme_data_t data;
 
+  init_gpgme_basic ();
+
   while (++round)
     {
       switch (round)