doc/

2003-05-29 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Exporting Keys): Change and document prototypes. Add new gpgme_op_export_ext and gpgme_op_export_ext_start variants. (Selecting Recipients): Section removed. (Encrypting a Plaintext): Change prototypes and document the changes. gpgme/ 2003-05-29 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (gpgme_op_export_start): Change second arg to const char *. (gpgme_op_export): Likewise. (gpgme_op_export_ext_start): New prototype. (gpgme_op_export_ext): Likewise. * engine.h: Likewise for _gpgme_engine_op_export and _gpgme_engine_op_export_ext. * engine-backend.h (struct engine_ops): Change second argument of prototype of export to const char *, and add reserverd int as third argument. Add prototype for export_ext. * engine.c (_gpgme_engine_op_export_ext): New function. (_gpgme_engine_op_export): Change second argument of prototype of export to const char *, and add reserverd int as third argument. * rungpg.c (gpg_export): Change second argument of prototype of export to const char *, and add reserverd int as third argument. (gpg_export_ext): New function. (gpg_keylist_ext): Break loop at error. (_gpgme_engine_ops_gpg): Add gpg_export_ext. * engine-gpgsm.c (gpgsm_export): Change second argument of prototype of export to const char *, and add reserverd int as third argument. (gpgsm_export_ext): New function. (_gpgme_engine_ops_gpgsm): Add gpgsm_export_ext. * export.c (export_start): Change second argument of prototype of export to const char *, and add reserverd int as third argument. (gpgme_op_export_start): Likewise. (export_ext_start): New function. (gpgme_op_export_ext_start): Likewise. (gpgme_op_export_ext): Likewise. * gpgme.h (gpgme_keylist_mode_t): New type for anonymous enum. (gpgme_sigsum_t): New type for anonymous enum. * encrypt-sign.c (encrypt_sign_start): Check for errors earlier, and return an error if RECP is not set. * Makefile.am (libgpgme_la_SOURCES): Remove user-id.c. * user-id.c: Remove file. * ops.h: Remove prototype for _gpgme_user_ids_all_valid. * gpgme.h (gpgme_encrypt_flags_t): New type. (gpgme_op_encrypt_start): Change second parameter to type gpgme_key_t[], and add third parameter. (gpgme_op_encrypt): Likewise. (gpgme_op_encrypt_sign_start): Likewise. (gpgme_op_encrypt_sign): Likewise. * encrypt.c (encrypt_start): Likewise. (gpgme_op_encrypt_start): Likewise. (gpgme_op_encrypt): Likewise. Pass flags to engine. * encrypt-sign.c (encrypt_sign_start): Likewise. (gpgme_op_encrypt_sign_start): Likewise. (gpgme_op_encrypt_sign): Likewise. * engine-backend.h (struct engine_ops): Likewise for prototypes of encrypt and encrypt_sign. * engine.h: Likewise for prototypes of _gpgme_engine_op_encrypt and _gpgme_engine_op_encrypt_sign. * engine.c (_gpgme_engine_op_encrypt): Likewise. (_gpgme_engine_op_encrypt_sign): Likewise. * rungpg.c (gpg_encrypt): Likewise. (gpg_encrypt_sign): Likewise. * rungpg.c (gpg_encrypt): Check flags for always trust option. * engine-gpgsm.c (gpgsm_encrypt): Likewise. (set_recipients): Rewritten to use keys instead user IDs. * rungpg.c (append_args_from_recipients): Rewritten to use keys instead user IDs. * encrypt.c (_gpgme_encrypt_status_handler): Change errors returned to GPGME_Invalid_Key and GPGME_General_Error. tests/ 2003-05-29 Marcus Brinkmann <marcus@g10code.de> * gpg/t-encrypt-sym.c (main): Adapt to new syntax. * gpg/t-encrypt.c (main): Likewise. * gpg/t-eventloop.c (main): Likewise. * gpg/t-encrypt-sign.c (main): Likewise. * gpgsm/t-export.c (main): Likewise. * gpgsm/t-encrypt.c (main): Likewise.
2003-05-29 03:21:02 +00:00 · 2003-05-29 03:21:02 +00:00 · 8f8c78d534
commit 8f8c78d534
parent 8585e1cc53
26 changed files with 752 additions and 736 deletions
--- a/77
+++ b/77
@ -95,36 +95,21 @@ Noteworthy changes in version 0.4.1 (unreleased)
   The user is expected to write the response to the file descriptor,
   followed by a newline.
- * The recipients interface has been removed and replaced by a more
+ * The recipients interface has been removed.  Instead, you use
-   generic and light gpgme_user_ids_* interface, which only provides
+   NULL-terminated lists of keys for specifying the recipients of an
-   two functions: gpgme_user_ids_append adds a new user ID at the end
+   encryption operation.  Use the new encryption flag
-   of the linked list, and gpgme_user_ids_release releases all user
+   GPGME_ENCRYPT_ALWAYS_TRUST if you want to override the validity of
-   IDs in the linked list.  The resulting user ID object is free for
+   the keys (but note that in general this is not a good idea).
   the user to change (note however that gpgme_user_ids_release only
   releases resources allocated by GPGME).
-   This change propagates to the prototypes of gpgme_op_encrypt,
+   This change has been made to the prototypes of gpgme_op_encrypt,
   gpgme_op_encrypt_start, gpgme_op_encrypt_sign and
-   gpgme_op_encrypt_sign_start.  Also the prototypes of
+   gpgme_op_encrypt_sign_start.
   gpgme_op_export_start and gpgme_op_export finally make sense.
-   Here is an example how to use the new interface:
+   The export interface has been changed to use pattern strings like
-
+   the keylist interface.  Thus, new functions gpgme_op_export_ext and
-   gpgme_user_id_t rset = NULL;
+   gpgme_op_export_ext_start have been added as well.  Now the
-   gpgme_user_id_t *rset_lastp = &rset;
+   prototypes of gpgme_op_export_start and gpgme_op_export finally
-
+   make sense.
   err = gpgme_user_ids_append (rset_lastp, "Alpha");
   fail_if_err (err);
   (*rset_lastp)->validity = GPGME_VALIDITY_FULL;
   rset_lastp = &(*rset_lastp)->next;
   err = gpgme_user_ids_append (rset_lastp, "Bob");
   fail_if_err (err);
   (*rset_lastp)->validity = GPGME_VALIDITY_FULL;
   [...]
   gpgme_user_ids_release (rset);
 * gpgme_op_verify and gpgme_op_decrypt_verify don't return a status
   summary anymore.  Use gpgme_get_sig_status to retrieve the individual
@ -308,23 +293,27 @@ gpgme_op_decrypt_verify		CHANGED: Drop R_STAT argument.
 gpgme_wait			CHANGED: Can return NULL even if hang is true.
 GpgmeIdleFunc                   REMOVED
 gpgme_register_idle             REMOVED
-GpgmeRecipients			REMOVED: Use gpgme_user_id_t.
+GpgmeRecipients			REMOVED
-gpgme_recipients_new		REMOVED: Initialize gpgme_user_id_t with NULL.
+gpgme_recipients_new		REMOVED
-gpgme_recipients_release	REMOVED: Use gpgme_user_ids_release.
+gpgme_recipients_release	REMOVED
-gpgme_recipients_add_name	REMOVED: Use gpgme_user_ids_append
+gpgme_recipients_add_name	REMOVED
-gpgme_recipients_add_name_with_validity	REMOVED: Set validity directly.
+gpgme_recipients_add_name_with_validity	REMOVED
-gpgme_recipients_count		REMOVED: You can count them yourself.
+gpgme_recipients_count		REMOVED
-gpgme_recipients_enum_open	REMOVED: gpgme_user_id_t is a linked list.
+gpgme_recipients_enum_open	REMOVED
-gpgme_recipients_enum_read	REMOVED: See gpgme_recipients_enum_open.
+gpgme_recipients_enum_read	REMOVED
-gpgme_recipients_enum_close	REMOVED: See gpgme_recipients_enum_read.
+gpgme_recipients_enum_close	REMOVED
-gpgme_user_ids_append		NEW
+gpgme_encrypt_flags_t		NEW
-gpgme_user_ids_release		NEW
+GPGME_ENCRYPT_ALWAYS_TRUST	NEW
-gpgme_op_encrypt		CHANGED: Recipients passed as gpgme_user_id_t.
+gpgme_op_encrypt		CHANGED: Recipients passed as gpgme_key_t[].
-gpgme_op_encrypt_start		CHANGED: Recipients passed as gpgme_user_id_t.
+gpgme_op_encrypt_start		CHANGED: Recipients passed as gpgme_key_t[].
-gpgme_op_encrypt_sign		CHANGED: Recipients passed as gpgme_user_id_t.
+gpgme_op_encrypt_sign		CHANGED: Recipients passed as gpgme_key_t[].
-gpgme_op_encrypt_sign_start	CHANGED: Recipients passed as gpgme_user_id_t.
+gpgme_op_encrypt_sign_start	CHANGED: Recipients passed as gpgme_key_t[].
-gpgme_op_export_start		CHANGED: User IDs passed as gpgme_user_id_t.
+gpgme_op_export_start		CHANGED: User IDs passed as patterns.
-gpgme_op_export			CHANGED: User IDs passed as gpgme_user_id_t.
+gpgme_op_export			CHANGED: User IDs passed as patterns.
 gpgme_op_export_ext_start	NEW
 gpgme_op_export_ext		NEW
 gpgme_keylist_mode_t		NEW
 gpgme_sigsum_t			NEW
 gpgme_engine_info_t		NEW
 gpgme_get_engine_info		CHANGED: Return info structure instead XML.
 gpgme_get_protocol_name		NEW
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@ -1,3 +1,12 @@
 2003-05-29  Marcus Brinkmann  <marcus@g10code.de>
 	* gpgme.texi (Exporting Keys): Change and document prototypes.
 	Add new gpgme_op_export_ext and gpgme_op_export_ext_start
 	variants.
 	(Selecting Recipients): Section removed.
 	(Encrypting a Plaintext): Change prototypes and document the
 	changes.
 2003-05-28  Marcus Brinkmann  <marcus@g10code.de>
 	* gpgme.texi (Exporting Keys): Change argument type from
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@ -189,7 +189,6 @@ Sign
 Encrypt
 * Selecting Recipients::          How to choose the recipients.
 * Encrypting a Plaintext::        How to encrypt a plaintext.
 Run Control
@ -1630,7 +1629,7 @@ certificates to include into an S/MIME signed message.
@cindex key listing mode
@cindex key listing, mode of
-@deftypefun void gpgme_set_keylist_mode (@w{gpgme_ctx_t @var{ctx}}, @w{int @var{mode}})
+@deftypefun void gpgme_set_keylist_mode (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_keylist_mode_t @var{mode}})
 The function @code{gpgme_set_keylist_mode} changes the default
 behaviour of the key listing functions.  The value in @var{mode} is a
 bitwise-or combination of one or multiple of the following bit values:
@ -1668,7 +1667,7 @@ pointer or @var{mode} is not a valid mode.
@end deftypefun
-@deftypefun int gpgme_get_keylist_mode (@w{gpgme_ctx_t @var{ctx}})
+@deftypefun gpgme_keylist_mode_t gpgme_get_keylist_mode (@w{gpgme_ctx_t @var{ctx}})
 The function @code{gpgme_get_keylist_mode} returns the current key
 listing mode of the context @var{ctx}.  This value can then be
 modified and used in a subsequent @code{gpgme_set_keylist_mode}
@ -2649,28 +2648,61 @@ operation is started on the context.
@cindex key, export
@cindex key ring, export from
-@deftypefun gpgme_error_t gpgme_op_export (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_user_id_t @var{uids}}, @w{gpgme_data_t @var{keydata}})
+@deftypefun gpgme_error_t gpgme_op_export (@w{gpgme_ctx_t @var{ctx}}, @w{const char *@var{pattern}}, @w{unsigned int @var{reserved}}, @w{gpgme_data_t @var{keydata}})
-The function @code{gpgme_op_export} extracts the public keys of the
+The function @code{gpgme_op_export} extracts public keys and returns
-user IDs in @var{uids} and returns them in the data buffer
+them in the data buffer @var{keydata}.  The output format of the key
-@var{keydata}.  The type of the public keys returned is determined by
+data returned is determined by the @acronym{ASCII} armor attribute set
-the @acronym{ASCII} armor attribute set for the context @var{ctx}.
+for the context @var{ctx}.
 If @var{pattern} is @code{NULL}, all available keys are returned.
 Otherwise, @var{pattern} contains an engine specific expression that
 is used to limit the list to all keys matching the pattern.
@var{reserved} is reserved for future use and must be @code{0}.
 The function returns @code{GPGME_No_Error} if the operation completed
-successfully, @code{GPGME_Invalid_Value} if @var{uids} is
+successfully, @code{GPGME_Invalid_Value} if @var{keydata} is not a
-@code{NULL} or @var{keydata} is not a valid empty data buffer, and
+valid empty data buffer, and passes through any errors that are
-passes through any errors that are reported by the crypto engine
+reported by the crypto engine support routines.
 support routines.
@end deftypefun
-@deftypefun gpgme_error_t gpgme_op_export_start (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_user_id_t @var{uids}}, @w{gpgme_data_t @var{keydata}})
+@deftypefun gpgme_error_t gpgme_op_export_start (@w{gpgme_ctx_t @var{ctx}}, @w{const char *@var{pattern}}, @w{unsigned int @var{reserved}}, @w{gpgme_data_t @var{keydata}})
 The function @code{gpgme_op_export_start} initiates a
@code{gpgme_op_export} operation.  It can be completed by calling
@code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
 The function returns @code{GPGME_No_Error} if the operation could be
-started successfully, and @code{GPGME_Invalid_Value} if
+started successfully, and @code{GPGME_Invalid_Value} if @var{keydata}
-@var{uids} is @code{NULL} or @var{keydata} is not a valid empty
+is not a valid empty data buffer.
-data buffer.
+@end deftypefun
@deftypefun gpgme_error_t gpgme_op_export_ext (@w{gpgme_ctx_t @var{ctx}}, @w{const char *@var{pattern}[]}, @w{unsigned int @var{reserved}}, @w{gpgme_data_t @var{keydata}})
 The function @code{gpgme_op_export} extracts public keys and returns
 them in the data buffer @var{keydata}.  The output format of the key
 data returned is determined by the @acronym{ASCII} armor attribute set
 for the context @var{ctx}.
 If @var{pattern} or @var{*pattern} is @code{NULL}, all available keys
 are returned.  Otherwise, @var{pattern} is a @code{NULL} terminated
 array of strings that are used to limit the list to all keys matching
 at least one of the patterns verbatim.
@var{reserved} is reserved for future use and must be @code{0}.
 The function returns @code{GPGME_No_Error} if the operation completed
 successfully, @code{GPGME_Invalid_Value} if @var{keydata} is not a
 valid empty data buffer, and passes through any errors that are
 reported by the crypto engine support routines.
@end deftypefun
@deftypefun gpgme_error_t gpgme_op_export_ext_start (@w{gpgme_ctx_t @var{ctx}}, @w{const char *@var{pattern}[]}, @w{unsigned int @var{reserved}}, @w{gpgme_data_t @var{keydata}})
 The function @code{gpgme_op_export_ext_start} initiates a
@code{gpgme_op_export_ext} operation.  It can be completed by calling
@code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
 The function returns @code{GPGME_No_Error} if the operation could be
 started successfully, and @code{GPGME_Invalid_Value} if @var{keydata}
 is not a valid empty data buffer.
@end deftypefun
@ -3178,7 +3210,7 @@ following members:
 This is a pointer to the next new signature structure in the linked
 list, or @code{NULL} if this is the last element.
-@item unsigned int summary;
+@item gpgme_sigsum_t summary;
 This is a bit vector giving a summary of the signature status.  It
 provides an easy interface to a defined semantic of the signature
 status.  Checking just one bit is sufficient to see whether a
@ -3746,79 +3778,41 @@ time.  The list of recipients is created independently of any context,
 and then passed to the encryption operation.
@menu
 * Selecting Recipients::          How to choose the recipients.
 * Encrypting a Plaintext::        How to encrypt a plaintext.
@end menu
@node Selecting Recipients
@subsubsection Selecting Recipients
@cindex encryption, selecting recipients
@cindex recipients
@deftypefun gpgme_error_t gpgme_user_ids_append (@w{gpgme_user_id_t *@var{rset_p}}, @w{const char *@var{name}})
 The function @code{gpgme_user_ids_append} creates a new
@code{gpgme_user_id_t} object, initializes its @code{uid} member with
 a copy of the string pointed to by @var{name}, initializes its
@code{name}, @code{email}, @code{comment} members to the empty string,
 its @code{validity} member to @code{GPGME_VALIDITY_UNKNOWN} and leaves
 all other fields to 0.
 It then appends the user ID at the end of the linked list of user IDs
 that starts at *@var{rset_p}, or it returns it in *@var{rset_p} if
 that is @code{NULL}.  You can then update for example the validity
 information in the user ID directly.
 We recommend that you keep a pointer to the last element in your
 linked list.  This is faster and allows you to easily update the
 fields of the last user ID.  Here is an example how to create a linked
 list of user IDs in @var{rset} with full validity from a
@code{NULL}-terminated array of names:
@example
  const char *names[] = @{ "Alpha", "Bob", NULL @};
  gpgme_error_t err;
  gpgme_user_id_t rset = NULL;
  gpgme_user_id_t *rset_lastp = &rset;
  do
    @{
      err = gpgme_user_ids_append (rset_lastp, *(names++));
      if (!err)
        @{
          (*rset_lastp)->validity = GPGME_VALIDITY_FULL;
          rset_lastp = &(*rset_lastp)->next;
        @}
    @}
  while (!err && *names);
@end example
 The function returns @code{GPGME_No_Error} if the recipient set could
 be created successfully, and @code{GPGME_Out_Of_Core} if not enough
 memory was available.
@end deftypefun
@deftypefun void gpgme_user_ids_release (@w{gpgme_user_id_t @var{uids}})
 The function @code{gpgme_user_ids_release} destroys the linked list of
 user IDs @var{uids} and releases all associated resources allocated by
@acronym{GPGME}..
@end deftypefun
@node Encrypting a Plaintext
@subsubsection Encrypting a Plaintext
-@deftypefun gpgme_error_t gpgme_op_encrypt (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_user_id_t @var{rset}}, @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}})
+@deftypefun gpgme_error_t gpgme_op_encrypt (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t @var{recp}[]}, @w{gpgme_encrypt_flags_t @var{flags}}, @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}})
 The function @code{gpgme_op_encrypt} encrypts the plaintext in the data
-object @var{plain} for the recipients @var{rset} and stores the
+object @var{plain} for the recipients @var{recp} and stores the
 ciphertext in the data object @var{cipher}.  The type of the
 ciphertext created is determined by the @acronym{ASCII} armor and text
 mode attributes set for the context @var{ctx}.
-If @code{GPGME_Invalid_UserID} is returned, some recipients in
+@var{key} must be a @code{NULL}-terminated array of keys.  The user
-@var{rset} are invalid, but not all.  In this case the plaintext is
+must keep references for all keys during the whole duration of the
-encrypted for all valid recipients and returned in @var{cipher}.  More
+call (but see @code{gpgme_op_encrypt_start} for the requirements with
-information about the invalid recipients is available with
+the asynchronous variant).
 The value in @var{flags} is a bitwise-or combination of one or
 multiple of the following bit values:
@table @code
@item GPGME_ENCRYPT_ALWAYS_TRUST
 The @code{GPGME_ENCRYPT_ALWAYS_TRUST} symbol specifies that all the
 recipients in @var{recp} should be trusted, even if the keys do not
 have a high enough validity in the keyring.  This flag should be used
 with care; in general it is not a good idea to use any untrusted keys.
@end table
 If @code{GPGME_Invalid_Key} is returned, some recipients in @var{recp}
 are invalid, but not all.  In this case the plaintext might be
 encrypted for all valid recipients and returned in @var{cipher} (if
 this happens depends on the crypto engine).  More information about
 the invalid recipients is available with
@code{gpgme_op_encrypt_result}.
 If @var{recp} is @code{NULL}, symmetric rather than public key
@ -3830,19 +3824,22 @@ crypto backend.
 The function returns @code{GPGME_No_Error} if the ciphertext could be
 created successfully, @code{GPGME_Invalid_Value} if @var{ctx},
-@var{rset}, @var{plain} or @var{cipher} is not a valid pointer,
+@var{recp}, @var{plain} or @var{cipher} is not a valid pointer,
-@code{GPGME_No_UserID} if @var{rset} does not contain any valid
+@code{GPGME_Invalid_Key} if @var{recp} contains some invalid
-recipients, @code{GPGME_Invalid_UserID} if @var{rset} contains some
+recipients, @code{GPGME_Bad_Passphrase} if the passphrase for the
-invalid recipients, @code{GPGME_Bad_Passphrase} if the passphrase for
+secret key could not be retrieved, and passes through any errors that
-the secret key could not be retrieved, and passes through any errors
+are reported by the crypto engine support routines.
 that are reported by the crypto engine support routines.
@end deftypefun
-@deftypefun gpgme_error_t gpgme_op_encrypt_start (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_user_id_t @var{rset}}, @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}})
+@deftypefun gpgme_error_t gpgme_op_encrypt_start (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t @var{recp}[]}, @w{gpgme_encrypt_flags_t @var{flags}}, @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}})
 The function @code{gpgme_op_encrypt_start} initiates a
@code{gpgme_op_encrypt} operation.  It can be completed by calling
@code{gpgme_wait} on the context.  @xref{Waiting For Completion}.
 References to the keys only need to be held for the duration of this
 call.  The user can release its references to the keys after this
 function returns, even if the operation is not yet finished.
 The function returns @code{GPGME_No_Error} if the operation could be
 started successfully, @code{GPGME_Invalid_Value} if @var{ctx},
@var{rset}, @var{plain} or @var{cipher} is not a valid pointer, and
@ -3875,7 +3872,7 @@ next operation is started on the context.
@end deftypefun
-@deftypefun gpgme_error_t gpgme_op_encrypt_sign (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_user_id_t @var{rset}}, @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}})
+@deftypefun gpgme_error_t gpgme_op_encrypt_sign (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t @var{recp}[]}, @w{gpgme_encrypt_flags_t @var{flags}}, @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}})
 The function @code{gpgme_op_encrypt_sign} does a combined encrypt and
 sign operation.  It is used like @code{gpgme_op_encrypt}, but the
 ciphertext also contains signatures for the signers listed in
@ -3885,17 +3882,15 @@ The combined encrypt and sign operation is currently only available
 for the OpenPGP crypto engine.
@end deftypefun
-@deftypefun gpgme_error_t gpgme_op_encrypt_sign_start (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_user_id_t @var{rset}}, @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}})
+@deftypefun gpgme_error_t gpgme_op_encrypt_sign_start (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_key_t @var{recp}}, @w{gpgme_encrypt_flags_t @var{flags}}, @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}})
 The function @code{gpgme_op_encrypt_sign_start} initiates a
@code{gpgme_op_encrypt_sign} operation.  It can be completed by
 calling @code{gpgme_wait} on the context.  @xref{Waiting For
 Completion}.
 The function returns @code{GPGME_No_Error} if the operation could be
-started successfully, @code{GPGME_Invalid_Value} if @var{ctx},
+started successfully, and @code{GPGME_Invalid_Value} if @var{ctx},
-@var{rset}, @var{plain} or @var{cipher} is not a valid pointer, and
+@var{rset}, @var{plain} or @var{cipher} is not a valid pointer.
@code{GPGME_No_UserID} if @var{rset} does not contain any valid
 recipients.
@end deftypefun
--- a/gpgme/ChangeLog
+++ b/gpgme/ChangeLog
@ -1,3 +1,71 @@
 2003-05-29  Marcus Brinkmann  <marcus@g10code.de>
 	* gpgme.h (gpgme_op_export_start): Change second arg to const char *.
 	(gpgme_op_export): Likewise.
 	(gpgme_op_export_ext_start): New prototype.
 	(gpgme_op_export_ext): Likewise.
 	* engine.h: Likewise for _gpgme_engine_op_export and
 	_gpgme_engine_op_export_ext.
 	* engine-backend.h (struct engine_ops): Change second argument of
 	prototype of export to const char *, and add reserverd int as
 	third argument.  Add prototype for export_ext.
 	* engine.c (_gpgme_engine_op_export_ext): New function.
 	(_gpgme_engine_op_export): Change second argument of prototype of
 	export to const char *, and add reserverd int as third argument.
 	* rungpg.c (gpg_export): Change second argument of prototype of
 	export to const char *, and add reserverd int as third argument.
 	(gpg_export_ext): New function.
 	(gpg_keylist_ext): Break loop at error.
 	(_gpgme_engine_ops_gpg): Add gpg_export_ext.
 	* engine-gpgsm.c (gpgsm_export): Change second argument of
 	prototype of export to const char *, and add reserverd int as
 	third argument.
 	(gpgsm_export_ext): New function.
 	(_gpgme_engine_ops_gpgsm): Add gpgsm_export_ext.
 	* export.c (export_start): Change second argument of prototype of
 	export to const char *, and add reserverd int as third argument.
 	(gpgme_op_export_start): Likewise.
 	(export_ext_start): New function.
 	(gpgme_op_export_ext_start): Likewise.
 	(gpgme_op_export_ext): Likewise.
 	* gpgme.h (gpgme_keylist_mode_t): New type for anonymous enum.
 	(gpgme_sigsum_t): New type for anonymous enum.
 	* encrypt-sign.c (encrypt_sign_start): Check for errors earlier,
 	and return an error if RECP is not set.
 	* Makefile.am (libgpgme_la_SOURCES): Remove user-id.c.
 	* user-id.c: Remove file.
 	* ops.h: Remove prototype for _gpgme_user_ids_all_valid.
 	* gpgme.h (gpgme_encrypt_flags_t): New type.
 	(gpgme_op_encrypt_start): Change second parameter to type
 	gpgme_key_t[], and add third parameter.
 	(gpgme_op_encrypt): Likewise.
 	(gpgme_op_encrypt_sign_start): Likewise.
 	(gpgme_op_encrypt_sign): Likewise.
 	* encrypt.c (encrypt_start): Likewise.
 	(gpgme_op_encrypt_start): Likewise.
 	(gpgme_op_encrypt): Likewise.  Pass flags to engine.
 	* encrypt-sign.c (encrypt_sign_start): Likewise.
 	(gpgme_op_encrypt_sign_start): Likewise.
 	(gpgme_op_encrypt_sign): Likewise.
 	* engine-backend.h (struct engine_ops): Likewise for prototypes of
 	encrypt and encrypt_sign.
 	* engine.h: Likewise for prototypes of _gpgme_engine_op_encrypt
 	and _gpgme_engine_op_encrypt_sign.
 	* engine.c (_gpgme_engine_op_encrypt): Likewise.
 	(_gpgme_engine_op_encrypt_sign): Likewise.
 	* rungpg.c (gpg_encrypt): Likewise.
 	(gpg_encrypt_sign): Likewise.
 	* rungpg.c (gpg_encrypt): Check flags for always trust option.
 	* engine-gpgsm.c (gpgsm_encrypt): Likewise.
 	(set_recipients): Rewritten to use keys instead user IDs.
 	* rungpg.c (append_args_from_recipients): Rewritten to use keys
 	instead user IDs.
 	* encrypt.c (_gpgme_encrypt_status_handler): Change errors
 	returned to GPGME_Invalid_Key and GPGME_General_Error.
 2003-05-28  Marcus Brinkmann  <marcus@g10code.de>
 	* engine-gpgsm.c: Rename GpgsmObject to engine_gpgsm_t.
--- a/gpgme/Makefile.am
+++ b/gpgme/Makefile.am
@ -72,7 +72,7 @@ libgpgme_la_SOURCES =							\
 	gpgme.h util.h conversion.c context.h ops.h			\
 	data.h data.c data-fd.c data-stream.c data-mem.c data-user.c	\
 	data-compat.c							\
-	user-id.c signers.c						\
+	signers.c							\
 	wait.c wait-global.c wait-private.c wait-user.c wait.h		\
 	op-support.c							\
 	encrypt.c encrypt-sign.c decrypt.c decrypt-verify.c verify.c	\
--- a/gpgme/context.h
+++ b/gpgme/context.h
@ -75,7 +75,7 @@ struct gpgme_context
  unsigned int use_textmode : 1;
  /* Flags for keylist mode.  */
-  unsigned int keylist_mode;
+  gpgme_keylist_mode_t keylist_mode;
  /* Number of certs to be included.  */
  unsigned int include_certs;
--- a/gpgme/encrypt-sign.c
+++ b/gpgme/encrypt-sign.c
@ -37,7 +37,8 @@ encrypt_sign_status_handler (void *priv, gpgme_status_code_t code, char *args)
 static gpgme_error_t
-encrypt_sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_user_id_t recp,
+encrypt_sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t recp[],
 		    gpgme_encrypt_flags_t flags,
 		    gpgme_data_t plain, gpgme_data_t cipher)
 {
  gpgme_error_t err;
@ -46,6 +47,11 @@ encrypt_sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_user_id_t recp,
  if (err)
    return err;
  if (!plain)
    return GPGME_No_Data;
  if (!cipher || !recp)
    return GPGME_Invalid_Value;
  err = _gpgme_op_encrypt_init_result (ctx);
  if (err)
    return err;
@ -54,16 +60,10 @@ encrypt_sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_user_id_t recp,
  if (err)
    return err;
  if (!plain)
    return GPGME_No_Data;
  if (!cipher)
    return GPGME_Invalid_Value;
  if (ctx->passphrase_cb)
    {
-      err = _gpgme_engine_set_command_handler (ctx->engine,
+      err = _gpgme_engine_set_command_handler
-					       _gpgme_passphrase_command_handler,
+	(ctx->engine, _gpgme_passphrase_command_handler, ctx, NULL);
 					       ctx, NULL);
      if (err)
 	return err;
    }
@ -71,8 +71,9 @@ encrypt_sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_user_id_t recp,
  _gpgme_engine_set_status_handler (ctx->engine,
 				    encrypt_sign_status_handler, ctx);
-  return _gpgme_engine_op_encrypt_sign (ctx->engine, recp, plain, cipher,
+  return _gpgme_engine_op_encrypt_sign (ctx->engine, recp, flags, plain,
-					ctx->use_armor, ctx /* FIXME */);
+					cipher, ctx->use_armor,
 					ctx /* FIXME */);
 }
@ -80,10 +81,11 @@ encrypt_sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_user_id_t recp,
   store the resulting ciphertext in CIPHER.  Also sign the ciphertext
   with the signers in CTX.  */
 gpgme_error_t
-gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx, gpgme_user_id_t recp,
+gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx, gpgme_key_t recp[],
-			      gpgme_data_t plain, gpgme_data_t cipher)
+			     gpgme_encrypt_flags_t flags,
 			     gpgme_data_t plain, gpgme_data_t cipher)
 {
-  return encrypt_sign_start (ctx, 0, recp, plain, cipher);
+  return encrypt_sign_start (ctx, 0, recp, flags, plain, cipher);
 }
@ -91,10 +93,11 @@ gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx, gpgme_user_id_t recp,
   store the resulting ciphertext in CIPHER.  Also sign the ciphertext
   with the signers in CTX.  */
 gpgme_error_t
-gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_user_id_t recp,
+gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[],
 		       gpgme_encrypt_flags_t flags,
 		       gpgme_data_t plain, gpgme_data_t cipher)
 {
-  gpgme_error_t err = encrypt_sign_start (ctx, 1, recp, plain, cipher);
+  gpgme_error_t err = encrypt_sign_start (ctx, 1, recp, flags, plain, cipher);
  if (!err)
    err = _gpgme_wait_one (ctx);
  return err;
--- a/gpgme/encrypt.c
+++ b/gpgme/encrypt.c
@ -91,7 +91,7 @@ _gpgme_encrypt_status_handler (void *priv, gpgme_status_code_t code,
    {
    case GPGME_STATUS_EOF:
      if (opd->result.invalid_recipients)
-	return GPGME_Invalid_UserID;
+	return GPGME_Invalid_Key;
      break;
    case GPGME_STATUS_INV_RECP:
@ -104,7 +104,7 @@ _gpgme_encrypt_status_handler (void *priv, gpgme_status_code_t code,
    case GPGME_STATUS_NO_RECP:
      /* Should not happen, because we require at least one recipient.  */
-      return GPGME_No_UserID;
+      return GPGME_General_Error;
    default:
      break;
@ -148,7 +148,8 @@ _gpgme_op_encrypt_init_result (gpgme_ctx_t ctx)
 static gpgme_error_t
-encrypt_start (gpgme_ctx_t ctx, int synchronous, gpgme_user_id_t recp,
+encrypt_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t recp[],
 	       gpgme_encrypt_flags_t flags,
 	       gpgme_data_t plain, gpgme_data_t cipher)
 {
  gpgme_error_t err;
@ -169,6 +170,8 @@ encrypt_start (gpgme_ctx_t ctx, int synchronous, gpgme_user_id_t recp,
    return GPGME_No_Data;
  if (!cipher)
    return GPGME_Invalid_Value;
  if (recp && ! *recp)
    return GPGME_Invalid_Value;
  if (symmetric && ctx->passphrase_cb)
    {
@ -185,26 +188,28 @@ encrypt_start (gpgme_ctx_t ctx, int synchronous, gpgme_user_id_t recp,
 				    : encrypt_status_handler,
 				    ctx);
-  return _gpgme_engine_op_encrypt (ctx->engine, recp, plain, cipher,
+  return _gpgme_engine_op_encrypt (ctx->engine, recp, flags, plain, cipher,
 				   ctx->use_armor);
 }
 gpgme_error_t
-gpgme_op_encrypt_start (gpgme_ctx_t ctx, gpgme_user_id_t recp,
+gpgme_op_encrypt_start (gpgme_ctx_t ctx, gpgme_key_t recp[],
 			gpgme_encrypt_flags_t flags,
 			gpgme_data_t plain, gpgme_data_t cipher)
 {
-  return encrypt_start (ctx, 0, recp, plain, cipher);
+  return encrypt_start (ctx, 0, recp, flags, plain, cipher);
 }
 /* Encrypt plaintext PLAIN within CTX for the recipients RECP and
   store the resulting ciphertext in CIPHER.  */
 gpgme_error_t
-gpgme_op_encrypt (gpgme_ctx_t ctx, gpgme_user_id_t recp,
+gpgme_op_encrypt (gpgme_ctx_t ctx, gpgme_key_t recp[],
 		  gpgme_encrypt_flags_t flags,
 		  gpgme_data_t plain, gpgme_data_t cipher)
 {
-  gpgme_error_t err = encrypt_start (ctx, 1, recp, plain, cipher);
+  gpgme_error_t err = encrypt_start (ctx, 1, recp, flags, plain, cipher);
  if (!err)
    err = _gpgme_wait_one (ctx);
  return err;
--- a/gpgme/engine-backend.h
+++ b/gpgme/engine-backend.h
@ -50,22 +50,28 @@ struct engine_ops
  gpgme_error_t (*delete) (void *engine, gpgme_key_t key, int allow_secret);
  gpgme_error_t (*edit) (void *engine, gpgme_key_t key, gpgme_data_t out,
 			 gpgme_ctx_t ctx /* FIXME */);
-  gpgme_error_t (*encrypt) (void *engine, gpgme_user_id_t recp,
+  gpgme_error_t (*encrypt) (void *engine, gpgme_key_t recp[],
 			    gpgme_encrypt_flags_t flags,
 			    gpgme_data_t plain, gpgme_data_t ciph,
 			    int use_armor);
-  gpgme_error_t (*encrypt_sign) (void *engine, gpgme_user_id_t recp,
+  gpgme_error_t (*encrypt_sign) (void *engine, gpgme_key_t recp[],
 				 gpgme_encrypt_flags_t flags,
 				 gpgme_data_t plain, gpgme_data_t ciph,
 				 int use_armor, gpgme_ctx_t ctx /* FIXME */);
-  gpgme_error_t (*export) (void *engine, gpgme_user_id_t uids,
+  gpgme_error_t (*export) (void *engine, const char *pattern,
-			   gpgme_data_t keydata, int use_armor);
+			   unsigned int reserved, gpgme_data_t keydata,
 			   int use_armor);
  gpgme_error_t (*export_ext) (void *engine, const char *pattern[],
 			       unsigned int reserved, gpgme_data_t keydata,
 			       int use_armor);
  gpgme_error_t (*genkey) (void *engine, gpgme_data_t help_data, int use_armor,
 			   gpgme_data_t pubkey, gpgme_data_t seckey);
  gpgme_error_t (*import) (void *engine, gpgme_data_t keydata);
  gpgme_error_t (*keylist) (void *engine, const char *pattern,
-			    int secret_only, int keylist_mode);
+			    int secret_only, gpgme_keylist_mode_t mode);
  gpgme_error_t (*keylist_ext) (void *engine, const char *pattern[],
 				int secret_only, int reserved,
-				int keylist_mode);
+				gpgme_keylist_mode_t mode);
  gpgme_error_t (*sign) (void *engine, gpgme_data_t in, gpgme_data_t out,
 			 gpgme_sig_mode_t mode, int use_armor,
 			 int use_textmode,
--- a/gpgme/engine-gpgsm.c
+++ b/gpgme/engine-gpgsm.c
@ -936,22 +936,32 @@ gpgsm_delete (void *engine, gpgme_key_t key, int allow_secret)
 static gpgme_error_t
-set_recipients (engine_gpgsm_t gpgsm, gpgme_user_id_t uid)
+set_recipients (engine_gpgsm_t gpgsm, gpgme_key_t recp[])
 {
-  gpgme_error_t err;
+  gpgme_error_t err = 0;
  ASSUAN_CONTEXT ctx = gpgsm->assuan_ctx;
  char *line;
  int linelen;
  int invalid_recipients = 0;
  int i = 0;
  linelen = 10 + 40 + 1;	/* "RECIPIENT " + guess + '\0'.  */
  line = malloc (10 + 40 + 1);
  if (!line)
    return GPGME_Out_Of_Core;
  strcpy (line, "RECIPIENT ");
-  while (uid)
+  while (!err && recp[i])
    {
-      int newlen = 11 + strlen (uid->uid);
+      char *fpr;
      if (!recp[i]->subkeys || !recp[i]->subkeys->fpr)
 	{
 	  invalid_recipients++;
 	  continue;
 	}
      fpr = recp[i]->subkeys->fpr;
      int newlen = 11 + strlen (fpr);
      if (linelen < newlen)
 	{
 	  char *newline = realloc (line, newlen);
@ -963,27 +973,27 @@ set_recipients (engine_gpgsm_t gpgsm, gpgme_user_id_t uid)
 	  line = newline;
 	  linelen = newlen;
 	}
-      strcpy (&line[10], uid->uid);
+      strcpy (&line[10], fpr);
-      
+
      err = gpgsm_assuan_simple_command (ctx, line, gpgsm->status.fnc,
 					 gpgsm->status.fnc_value);
      if (err == GPGME_Invalid_Key)
-	invalid_recipients = 1;
+	invalid_recipients++;
      else if (err)
 	{
 	  free (line);
 	  return err;
 	}
-      uid = uid->next;
+      i++;
    }
  free (line);
-  return invalid_recipients ? GPGME_Invalid_UserID : 0;
+  return invalid_recipients ? GPGME_Invalid_Key : 0;
 }
 static gpgme_error_t
-gpgsm_encrypt (void *engine, gpgme_user_id_t recp, gpgme_data_t plain,
+gpgsm_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags,
-	       gpgme_data_t ciph, int use_armor)
+	       gpgme_data_t plain, gpgme_data_t ciph, int use_armor)
 {
  engine_gpgsm_t gpgsm = engine;
  gpgme_error_t err;
@ -1015,46 +1025,24 @@ gpgsm_encrypt (void *engine, gpgme_user_id_t recp, gpgme_data_t plain,
 static gpgme_error_t
-gpgsm_export (void *engine, gpgme_user_id_t uid, gpgme_data_t keydata,
+gpgsm_export (void *engine, const char *pattern, unsigned int reserved,
-	      int use_armor)
+	      gpgme_data_t keydata, int use_armor)
 {
  engine_gpgsm_t gpgsm = engine;
  gpgme_error_t err = 0;
-  char *cmd = NULL;
+  char *cmd;
  int cmdi;
  int cmdlen = 32;
-  if (!gpgsm)
+  if (!gpgsm || reserved)
    return GPGME_Invalid_Value;
-  cmd = malloc (cmdlen);
+  if (!pattern)
    pattern = "";
  cmd = malloc (7 + strlen (pattern) + 1);
  if (!cmd)
    return GPGME_Out_Of_Core;
-  strcpy (cmd, "EXPORT");
+  strcpy (cmd, "EXPORT ");
-  cmdi = 6;
+  strcpy (&cmd[7], pattern);
  while (!err && uid)
    {
      int uidlen = strlen (uid->uid);
      /* New string is old string + ' ' + s + '\0'.  */
      if (cmdlen < cmdi + 1 + uidlen + 1)
 	{
 	  char *newcmd = realloc (cmd, cmdlen * 2);
 	  if (!newcmd)
 	    {
 	      free (cmd);
 	      return GPGME_Out_Of_Core;
 	    }
 	  cmd = newcmd;
 	  cmdlen *= 2;
 	}
      cmd[cmdi++] = ' ';
      strcpy (cmd + cmdi, uid->uid);
      cmdi += uidlen;
      uid = uid->next;
    }
  if (err)
    return err;
  gpgsm->output_cb.data = keydata;
  err = gpgsm_set_fd (gpgsm->assuan_ctx, "OUTPUT", gpgsm->output_fd_server,
@ -1070,6 +1058,97 @@ gpgsm_export (void *engine, gpgme_user_id_t uid, gpgme_data_t keydata,
 }
 static gpgme_error_t
 gpgsm_export_ext (void *engine, const char *pattern[], unsigned int reserved,
 		  gpgme_data_t keydata, int use_armor)
 {
  engine_gpgsm_t gpgsm = engine;
  gpgme_error_t err = 0;
  char *line;
  /* Length is "EXPORT " + p + '\0'.  */
  int length = 7 + 1;
  char *linep;
  if (!gpgsm || reserved)
    return GPGME_Invalid_Value;
  if (pattern && *pattern)
    {
      const char **pat = pattern;
      while (*pat)
 	{
 	  const char *patlet = *pat;
 	  while (*patlet)
 	    {
 	      length++;
 	      if (*patlet == '%' || *patlet == ' ' || *patlet == '+')
 		length += 2;
 	      patlet++;
 	    }
 	  pat++;
 	  /* This will allocate one byte more than necessary.  */
 	  length++;
 	}
    }
  line = malloc (length);
  if (!line)
    return GPGME_Out_Of_Core;
  strcpy (line, "EXPORT ");
  linep = &line[7];
  if (pattern && *pattern)
    {
      while (*pattern)
 	{
 	  const char *patlet = *pattern;
 	  while (*patlet)
 	    {
 	      switch (*patlet)
 		{
 		case '%':
 		  *(linep++) = '%';
 		  *(linep++) = '2';
 		  *(linep++) = '5';
 		  break;
 		case ' ':
 		  *(linep++) = '%';
 		  *(linep++) = '2';
 		  *(linep++) = '0';
 		  break;
 		case '+':
 		  *(linep++) = '%';
 		  *(linep++) = '2';
 		  *(linep++) = 'B';
 		  break;
 		default:
 		  *(linep++) = *patlet;
 		  break;
 		}
 	      patlet++;
 	    }
 	  pattern++;
 	}
    }
  *linep = '\0';
  gpgsm->output_cb.data = keydata;
  err = gpgsm_set_fd (gpgsm->assuan_ctx, "OUTPUT", gpgsm->output_fd_server,
 		      use_armor ? "--armor" : 0);
  if (err)
    return err;
  _gpgme_io_close (gpgsm->input_cb.fd);
  _gpgme_io_close (gpgsm->message_cb.fd);
  err = start (gpgsm, line);
  free (line);
  return err;
 }
 static gpgme_error_t
 gpgsm_genkey (void *engine, gpgme_data_t help_data, int use_armor,
 	      gpgme_data_t pubkey, gpgme_data_t seckey)
@ -1121,16 +1200,22 @@ gpgsm_import (void *engine, gpgme_data_t keydata)
 static gpgme_error_t
 gpgsm_keylist (void *engine, const char *pattern, int secret_only,
-	       int keylist_mode)
+	       gpgme_keylist_mode_t mode)
 {
  engine_gpgsm_t gpgsm = engine;
  char *line;
  gpgme_error_t err;
  int list_mode = 0;
  if (mode & GPGME_KEYLIST_MODE_LOCAL)
    list_mode |= 1;
  if (mode & GPGME_KEYLIST_MODE_EXTERN)
    list_mode |= 2;
  if (!pattern)
    pattern = "";
-  if (asprintf (&line, "OPTION list-mode=%d", (keylist_mode & 3)) < 0)
+  if (asprintf (&line, "OPTION list-mode=%d", (list_mode & 3)) < 0)
    return GPGME_Out_Of_Core;
  err = gpgsm_assuan_simple_command (gpgsm->assuan_ctx, line, NULL, NULL);
  free (line);
@ -1164,7 +1249,7 @@ gpgsm_keylist (void *engine, const char *pattern, int secret_only,
 static gpgme_error_t
 gpgsm_keylist_ext (void *engine, const char *pattern[], int secret_only,
-		   int reserved, int keylist_mode)
+		   int reserved, gpgme_keylist_mode_t mode)
 {
  engine_gpgsm_t gpgsm = engine;
  char *line;
@ -1172,11 +1257,17 @@ gpgsm_keylist_ext (void *engine, const char *pattern[], int secret_only,
  /* Length is "LISTSECRETKEYS " + p + '\0'.  */
  int length = 15 + 1;
  char *linep;
-  
+  int list_mode = 0;
  if (reserved)
    return GPGME_Invalid_Value;
-  if (asprintf (&line, "OPTION list-mode=%d", (keylist_mode & 3)) < 0)
+  if (mode & GPGME_KEYLIST_MODE_LOCAL)
    list_mode |= 1;
  if (mode & GPGME_KEYLIST_MODE_EXTERN)
    list_mode |= 2;
  if (asprintf (&line, "OPTION list-mode=%d", (list_mode & 3)) < 0)
    return GPGME_Out_Of_Core;
  err = gpgsm_assuan_simple_command (gpgsm->assuan_ctx, line, NULL, NULL);
  free (line);
@ -1432,8 +1523,9 @@ struct engine_ops _gpgme_engine_ops_gpgsm =
    gpgsm_delete,
    NULL,		/* edit */
    gpgsm_encrypt,
-    NULL,
+    NULL,		/* encrypt_sign */
    gpgsm_export,
    gpgsm_export_ext,
    gpgsm_genkey,
    gpgsm_import,
    gpgsm_keylist,
--- a/gpgme/engine.c
+++ b/gpgme/engine.c
@ -291,7 +291,8 @@ _gpgme_engine_op_edit (engine_t engine, gpgme_key_t key, gpgme_data_t out,
 gpgme_error_t
-_gpgme_engine_op_encrypt (engine_t engine, gpgme_user_id_t recp,
+_gpgme_engine_op_encrypt (engine_t engine, gpgme_key_t recp[],
 			  gpgme_encrypt_flags_t flags,
 			  gpgme_data_t plain, gpgme_data_t ciph, int use_armor)
 {
  if (!engine)
@ -300,13 +301,14 @@ _gpgme_engine_op_encrypt (engine_t engine, gpgme_user_id_t recp,
  if (!engine->ops->encrypt)
    return GPGME_Not_Implemented;
-  return (*engine->ops->encrypt) (engine->engine, recp, plain, ciph,
+  return (*engine->ops->encrypt) (engine->engine, recp, flags, plain, ciph,
 				  use_armor);
 }
 gpgme_error_t
-_gpgme_engine_op_encrypt_sign (engine_t engine, gpgme_user_id_t recp,
+_gpgme_engine_op_encrypt_sign (engine_t engine, gpgme_key_t recp[],
 			       gpgme_encrypt_flags_t flags,
 			       gpgme_data_t plain, gpgme_data_t ciph,
 			       int use_armor, gpgme_ctx_t ctx /* FIXME */)
 {
@ -316,14 +318,15 @@ _gpgme_engine_op_encrypt_sign (engine_t engine, gpgme_user_id_t recp,
  if (!engine->ops->encrypt_sign)
    return GPGME_Not_Implemented;
-  return (*engine->ops->encrypt_sign) (engine->engine, recp, plain, ciph,
+  return (*engine->ops->encrypt_sign) (engine->engine, recp, flags,
-				       use_armor, ctx);
+				       plain, ciph, use_armor, ctx);
 }
 gpgme_error_t
-_gpgme_engine_op_export (engine_t engine, gpgme_user_id_t uids,
+_gpgme_engine_op_export (engine_t engine, const char *pattern,
-			 gpgme_data_t keydata, int use_armor)
+			 unsigned int reserved, gpgme_data_t keydata,
 			 int use_armor)
 {
  if (!engine)
    return GPGME_Invalid_Value;
@ -331,7 +334,24 @@ _gpgme_engine_op_export (engine_t engine, gpgme_user_id_t uids,
  if (!engine->ops->export)
    return GPGME_Not_Implemented;
-  return (*engine->ops->export) (engine->engine, uids, keydata, use_armor);
+  return (*engine->ops->export) (engine->engine, pattern, reserved,
 				 keydata, use_armor);
 }
 gpgme_error_t
 _gpgme_engine_op_export_ext (engine_t engine, const char *pattern[],
 			     unsigned int reserved, gpgme_data_t keydata,
 			     int use_armor)
 {
  if (!engine)
    return GPGME_Invalid_Value;
  if (!engine->ops->export_ext)
    return GPGME_Not_Implemented;
  return (*engine->ops->export_ext) (engine->engine, pattern, reserved,
 				     keydata, use_armor);
 }
@ -366,7 +386,7 @@ _gpgme_engine_op_import (engine_t engine, gpgme_data_t keydata)
 gpgme_error_t
 _gpgme_engine_op_keylist (engine_t engine, const char *pattern,
-			  int secret_only, int keylist_mode)
+			  int secret_only, gpgme_keylist_mode_t mode)
 {
  if (!engine)
    return GPGME_Invalid_Value;
@ -374,14 +394,14 @@ _gpgme_engine_op_keylist (engine_t engine, const char *pattern,
  if (!engine->ops->keylist)
    return GPGME_Not_Implemented;
-  return (*engine->ops->keylist) (engine->engine, pattern, secret_only,
+  return (*engine->ops->keylist) (engine->engine, pattern, secret_only, mode);
 				  keylist_mode);
 }
 gpgme_error_t
 _gpgme_engine_op_keylist_ext (engine_t engine, const char *pattern[],
-			      int secret_only, int reserved, int keylist_mode)
+			      int secret_only, int reserved,
 			      gpgme_keylist_mode_t mode)
 {
  if (!engine)
    return GPGME_Invalid_Value;
@ -390,7 +410,7 @@ _gpgme_engine_op_keylist_ext (engine_t engine, const char *pattern[],
    return GPGME_Not_Implemented;
  return (*engine->ops->keylist_ext) (engine->engine, pattern, secret_only,
-				      reserved, keylist_mode);
+				      reserved, mode);
 }
--- a/gpgme/engine.h
+++ b/gpgme/engine.h
@ -58,18 +58,25 @@ gpgme_error_t _gpgme_engine_op_edit (engine_t engine, gpgme_key_t key,
 				     gpgme_data_t out,
 				     gpgme_ctx_t ctx /* FIXME */);
 gpgme_error_t _gpgme_engine_op_encrypt (engine_t engine,
-					gpgme_user_id_t recp,
+					gpgme_key_t recp[],
 					gpgme_encrypt_flags_t flags,
 					gpgme_data_t plain, gpgme_data_t ciph,
 					int use_armor);
 gpgme_error_t _gpgme_engine_op_encrypt_sign (engine_t engine,
-					     gpgme_user_id_t recp,
+					     gpgme_key_t recp[],
 					     gpgme_encrypt_flags_t flags,
 					     gpgme_data_t plain,
 					     gpgme_data_t ciph,
 					     int use_armor,
 					     gpgme_ctx_t ctx /* FIXME */);
-gpgme_error_t _gpgme_engine_op_export (engine_t engine,
+gpgme_error_t _gpgme_engine_op_export (engine_t engine, const char *pattern,
-				       gpgme_user_id_t uids,
+				       unsigned int reserved,
 				       gpgme_data_t keydata, int use_armor);
 gpgme_error_t _gpgme_engine_op_export_ext (engine_t engine,
 					   const char *pattern[],
 					   unsigned int reserved,
 					   gpgme_data_t keydata,
 					   int use_armor);
 gpgme_error_t _gpgme_engine_op_genkey (engine_t engine,
 				       gpgme_data_t help_data,
 				       int use_armor, gpgme_data_t pubkey,
@ -79,12 +86,12 @@ gpgme_error_t _gpgme_engine_op_import (engine_t engine,
 gpgme_error_t _gpgme_engine_op_keylist (engine_t engine,
 					const char *pattern,
 					int secret_only,
-					int keylist_mode);
+					gpgme_keylist_mode_t mode);
 gpgme_error_t _gpgme_engine_op_keylist_ext (engine_t engine,
 					    const char *pattern[],
 					    int secret_only,
 					    int reserved,
-					    int keylist_mode);
+					    gpgme_keylist_mode_t mode);
 gpgme_error_t _gpgme_engine_op_sign (engine_t engine, gpgme_data_t in,
 				     gpgme_data_t out, gpgme_sig_mode_t mode,
 				     int use_armor, int use_textmode,
--- a/gpgme/export.c
+++ b/gpgme/export.c
@ -35,12 +35,12 @@ export_status_handler (void *priv, gpgme_status_code_t code, char *args)
 static gpgme_error_t
-export_start (gpgme_ctx_t ctx, int synchronous,
+export_start (gpgme_ctx_t ctx, int synchronous, const char *pattern,
-	      gpgme_user_id_t uids, gpgme_data_t keydata)
+	      unsigned int reserved, gpgme_data_t keydata)
 {
  gpgme_error_t err;
-  if (!keydata || !uids)
+  if (!keydata)
    return GPGME_Invalid_Value;
  err = _gpgme_op_reset (ctx, synchronous);
@ -49,24 +49,67 @@ export_start (gpgme_ctx_t ctx, int synchronous,
  _gpgme_engine_set_status_handler (ctx->engine, export_status_handler, ctx);
-  return _gpgme_engine_op_export (ctx->engine, uids, keydata, ctx->use_armor);
+  return _gpgme_engine_op_export (ctx->engine, pattern, reserved, keydata,
 				  ctx->use_armor);
 }
 /* Export the keys listed in RECP into KEYDATA.  */
 gpgme_error_t
-gpgme_op_export_start (gpgme_ctx_t ctx, gpgme_user_id_t uids,
+gpgme_op_export_start (gpgme_ctx_t ctx, const char *pattern,
-		       gpgme_data_t keydata)
+		       unsigned int reserved, gpgme_data_t keydata)
 {
-  return export_start (ctx, 0, uids, keydata);
+  return export_start (ctx, 0, pattern, reserved, keydata);
 }
 /* Export the keys listed in RECP into KEYDATA.  */
 gpgme_error_t
-gpgme_op_export (gpgme_ctx_t ctx, gpgme_user_id_t uids, gpgme_data_t keydata)
+gpgme_op_export (gpgme_ctx_t ctx, const char *pattern, unsigned int reserved,
 		 gpgme_data_t keydata)
 {
-  gpgme_error_t err = export_start (ctx, 1, uids, keydata);
+  gpgme_error_t err = export_start (ctx, 1, pattern, reserved, keydata);
  if (!err)
    err = _gpgme_wait_one (ctx);
  return err;
 }
 static gpgme_error_t
 export_ext_start (gpgme_ctx_t ctx, int synchronous, const char *pattern[],
 		  unsigned int reserved, gpgme_data_t keydata)
 {
  gpgme_error_t err;
  if (!keydata)
    return GPGME_Invalid_Value;
  err = _gpgme_op_reset (ctx, synchronous);
  if (err)
    return err;
  _gpgme_engine_set_status_handler (ctx->engine, export_status_handler, ctx);
  return _gpgme_engine_op_export_ext (ctx->engine, pattern, reserved, keydata,
 				      ctx->use_armor);
 }
 /* Export the keys listed in RECP into KEYDATA.  */
 gpgme_error_t
 gpgme_op_export_ext_start (gpgme_ctx_t ctx, const char *pattern[],
 			   unsigned int reserved, gpgme_data_t keydata)
 {
  return export_ext_start (ctx, 0, pattern, reserved, keydata);
 }
 /* Export the keys listed in RECP into KEYDATA.  */
 gpgme_error_t
 gpgme_op_export_ext (gpgme_ctx_t ctx, const char *pattern[],
 		     unsigned int reserved, gpgme_data_t keydata)
 {
  gpgme_error_t err = export_ext_start (ctx, 1, pattern, reserved, keydata);
  if (!err)
    err = _gpgme_wait_one (ctx);
  return err;
--- a/gpgme/gpgme.c
+++ b/gpgme/gpgme.c
@ -38,9 +38,6 @@ gpgme_new (gpgme_ctx_t *r_ctx)
 {
  gpgme_ctx_t ctx;
  if (!r_ctx)
    return GPGME_Invalid_Value;
  *r_ctx = 0;
  ctx = calloc (1, sizeof *ctx);
  if (!ctx)
    return GPGME_Out_Of_Core;
@ -53,17 +50,10 @@ gpgme_new (gpgme_ctx_t *r_ctx)
 }
-/**
+/* Release all resources associated with the given context.  */
 * gpgme_release:
 * @c: Context to be released.
 *
 * Release all resources associated with the given context.
 **/
 void
 gpgme_release (gpgme_ctx_t ctx)
 {
  if (!ctx)
    return;
  _gpgme_engine_release (ctx->engine);
  _gpgme_fd_table_deinit (&ctx->fdt);
  _gpgme_release_result (ctx);
@ -73,6 +63,7 @@ gpgme_release (gpgme_ctx_t ctx)
  free (ctx);
 }
 void
 _gpgme_release_result (gpgme_ctx_t ctx)
 {
@ -124,81 +115,43 @@ gpgme_get_protocol_name (gpgme_protocol_t protocol)
    }
 }
-/**
+/* Enable or disable the use of an ascii armor for all output.  */
 * gpgme_set_armor:
 * @ctx: the context
 * @yes: boolean value to set or clear that flag
 *
 * Enable or disable the use of an ascii armor for all output.
 **/
 void
 gpgme_set_armor (gpgme_ctx_t ctx, int yes)
 {
  if (!ctx)
    return;
  ctx->use_armor = yes;
 }
-/**
+/* Return the state of the armor flag.  */
 * gpgme_get_armor:
 * @ctx: the context
 *
 * Return the state of the armor flag which can be changed using
 * gpgme_set_armor().
 *
 * Return value: Boolean whether armor mode is to be used.
 **/
 int
 gpgme_get_armor (gpgme_ctx_t ctx)
 {
-  return ctx && ctx->use_armor;
+  return ctx->use_armor;
 }
-/**
+/* Enable or disable the use of the special textmode.  Textmode is for
- * gpgme_set_textmode:
+  example used for the RFC2015 signatures; note that the updated RFC
- * @ctx: the context
+  3156 mandates that the MUA does some preparations so that textmode
- * @yes: boolean flag whether textmode should be enabled
+  is not needed anymore.  */
 *
 * Enable or disable the use of the special textmode.  Textmode is for example
 * used for the RFC2015 signatures; note that the updated RFC 3156 mandates
 * that the MUA does some preparations so that textmode is not needed anymore.
 **/
 void
 gpgme_set_textmode (gpgme_ctx_t ctx, int yes)
 {
  if (!ctx)
    return;
  ctx->use_textmode = yes;
 }
-/**
+/* Return the state of the textmode flag.  */
 * gpgme_get_textmode:
 * @ctx: the context
 *
 * Return the state of the textmode flag which can be changed using
 * gpgme_set_textmode().
 *
 * Return value: Boolean whether textmode is to be used.
 **/
 int
 gpgme_get_textmode (gpgme_ctx_t ctx)
 {
-  return ctx && ctx->use_textmode;
+  return ctx->use_textmode;
 }
-/**
+/* Set the number of certifications to include in an S/MIME message.
- * gpgme_set_include_certs:
+   The default is 1 (only the cert of the sender).  -1 means all
- * @ctx: the context
+   certs, and -2 means all certs except the root cert.  */
 *
 * Set the number of certifications to include in an S/MIME message.
 * The default is 1 (only the cert of the sender).  -1 means all certs,
 * and -2 means all certs except the root cert.
 *
 * Return value: Boolean whether textmode is to be used.
 **/
 void
 gpgme_set_include_certs (gpgme_ctx_t ctx, int nr_of_certs)
 {
@ -209,14 +162,8 @@ gpgme_set_include_certs (gpgme_ctx_t ctx, int nr_of_certs)
 }
-/**
+/* Get the number of certifications to include in an S/MIME
- * gpgme_get_include_certs:
+   message.  */
 * @ctx: the context
 *
 * Get the number of certifications to include in an S/MIME message.
 *
 * Return value: Boolean whether textmode is to be used.
 **/
 int
 gpgme_get_include_certs (gpgme_ctx_t ctx)
 {
@ -224,24 +171,12 @@ gpgme_get_include_certs (gpgme_ctx_t ctx)
 }
-/**
+/* This function changes the default behaviour of the keylisting
- * gpgme_set_keylist_mode:
+   functions.  MODE is a bitwise-OR of the GPGME_KEYLIST_* flags.  The
- * @ctx: the context
+   default mode is GPGME_KEYLIST_MODE_LOCAL.  */
 * @mode: listing mode
 *
 * This function changes the default behaviour of the keylisting
 * functions.  mode is a bitwise-OR of the GPGME_KEYLIST_* flags.
 * The default mode is GPGME_KEYLIST_MODE_LOCAL.
 *
 * Return value: GPGME_Invalid_Value if ctx is not a context or mode
 * not a valid mode.
 **/
 gpgme_error_t
-gpgme_set_keylist_mode (gpgme_ctx_t ctx, int mode)
+gpgme_set_keylist_mode (gpgme_ctx_t ctx, gpgme_keylist_mode_t mode)
 {
  if (!ctx)
    return GPGME_Invalid_Value;
  if (!((mode & GPGME_KEYLIST_MODE_LOCAL)
 	|| (mode & GPGME_KEYLIST_MODE_EXTERN)
 	|| (mode & GPGME_KEYLIST_MODE_SIGS)))
@ -251,168 +186,66 @@ gpgme_set_keylist_mode (gpgme_ctx_t ctx, int mode)
  return 0;
 }
-
+/* This function returns the default behaviour of the keylisting
-/**
+   functions.  */
- * gpgme_get_keylist_mode:
+gpgme_keylist_mode_t
 * @ctx: the context
 *
 * This function ch the default behaviour of the keylisting functions.
 * Defines values for @mode are: %0 = normal, %1 = fast listing without
 * information about key validity.
 *
 * Return value: 0 if ctx is not a valid context, or the current mode.
 * Note that 0 is never a valid mode.
 **/
 int
 gpgme_get_keylist_mode (gpgme_ctx_t ctx)
 {
  if (!ctx)
    return 0;
  return ctx->keylist_mode;
 }
-/**
+/* This function sets a callback function to be used to pass a
- * gpgme_set_passphrase_cb:
+   passphrase to gpg.  */
 * @ctx: the context
 * @cb: A callback function
 * @cb_value: The value passed to the callback function
 *
 * This function sets a callback function to be used to pass a passphrase
 * to gpg. The preferred way to handle this is by using the gpg-agent, but
 * because that beast is not ready for real use, you can use this passphrase
 * thing.
 *
 * The callback function is defined as:
 * <literal>
 * typedef const char *(*gpgme_passphrase_cb_t)(void*cb_value,
 *                                          const char *desc,
 *                                          void **r_hd);
 * </literal>
 * and called whenever gpgme needs a passphrase. DESC will have a nice
 * text, to be used to prompt for the passphrase and R_HD is just a parameter
 * to be used by the callback it self.  Because the callback returns a const
 * string, the callback might want to know when it can release resources
 * assocated with that returned string; gpgme helps here by calling this
 * passphrase callback with an DESC of %NULL as soon as it does not need
 * the returned string anymore.  The callback function might then choose
 * to release resources depending on R_HD.
 *
 **/
 void
 gpgme_set_passphrase_cb (gpgme_ctx_t ctx, gpgme_passphrase_cb_t cb,
 			 void *cb_value)
 {
-  if (ctx)
+  ctx->passphrase_cb = cb;
-    {
+  ctx->passphrase_cb_value = cb_value;
      ctx->passphrase_cb = cb;
      ctx->passphrase_cb_value = cb_value;
    }
 }
-/**
+/* This function returns the callback function to be used to pass a
- * gpgme_get_passphrase_cb:
+   passphrase to the crypto engine.  */
 * @ctx: the context
 * @r_cb: The current callback function
 * @r_cb_value: The current value passed to the callback function
 *
 * This function returns the callback function to be used to pass a passphrase
 * to the crypto engine.
 **/
 void
 gpgme_get_passphrase_cb (gpgme_ctx_t ctx, gpgme_passphrase_cb_t *r_cb,
 			 void **r_cb_value)
 {
-  if (ctx)
+  if (r_cb)
-    {
+    *r_cb = ctx->passphrase_cb;
-      if (r_cb)
+  if (r_cb_value)
-	*r_cb = ctx->passphrase_cb;
+    *r_cb_value = ctx->passphrase_cb_value;
      if (r_cb_value)
 	*r_cb_value = ctx->passphrase_cb_value;
    }
  else
    {
      if (r_cb)
 	*r_cb = NULL;
      if (r_cb_value)
 	*r_cb_value = NULL;
    }
 }
-/**
+/* This function sets a callback function to be used as a progress
- * gpgme_set_progress_cb:
+   indicator.  */
 * @ctx: the context
 * @cb: A callback function
 * @cb_value: The value passed to the callback function
 *
 * This function sets a callback function to be used as a progress indicator.
 *
 * The callback function is defined as:
 * <literal>
 * typedef void (*gpgme_progress_cb_t) (void *cb_value,
 *                                  const char *what, int type,
 *                                  int curretn, int total);
 * </literal>
 * For details on the progress events, see the entry for the PROGRESS
 * status in the file doc/DETAILS of the GnuPG distribution.
 **/
 void
 gpgme_set_progress_cb (gpgme_ctx_t ctx, gpgme_progress_cb_t cb, void *cb_value)
 {
-  if (ctx)
+  ctx->progress_cb = cb;
-    {
+  ctx->progress_cb_value = cb_value;
      ctx->progress_cb = cb;
      ctx->progress_cb_value = cb_value;
    }
 }
-/**
+/* This function returns the callback function to be used as a
- * gpgme_get_progress_cb:
+   progress indicator.  */
 * @ctx: the context
 * @r_cb: The current callback function
 * @r_cb_value: The current value passed to the callback function
 *
 * This function returns the callback function to be used as a
 * progress indicator.
 **/
 void
 gpgme_get_progress_cb (gpgme_ctx_t ctx, gpgme_progress_cb_t *r_cb,
 		       void **r_cb_value)
 {
-  if (ctx)
+  if (r_cb)
-    {
+    *r_cb = ctx->progress_cb;
-      if (r_cb)
+  if (r_cb_value)
-	*r_cb = ctx->progress_cb;
+    *r_cb_value = ctx->progress_cb_value;
      if (r_cb_value)
 	*r_cb_value = ctx->progress_cb_value;
    }
  else
    {
      if (r_cb)
 	*r_cb = NULL;
      if (r_cb_value)
 	*r_cb_value = NULL;
    }
 }
-/**
+/* Set the I/O callback functions for CTX to IO_CBS.  */
 * gpgme_set_io_cbs:
 * @ctx: the context
 * @register_io_cb: A callback function
 * @register_hook_value: The value passed to the callback function
 * @remove_io_cb: Another callback function
 *
 **/
 void
 gpgme_set_io_cbs (gpgme_ctx_t ctx, gpgme_io_cbs_t io_cbs)
 {
  if (!ctx)
    return;
  if (io_cbs)
    ctx->io_cbs = *io_cbs;
  else
@ -426,22 +259,11 @@ gpgme_set_io_cbs (gpgme_ctx_t ctx, gpgme_io_cbs_t io_cbs)
 }
-/**
+/* This function returns the callback function for I/O.  */
 * gpgme_get_io_cbs:
 * @ctx: the context
 * @r_register_cb: The current register callback function
 * @r_register_cb_value: The current value passed to the
 * register callback function
 * @r_remove_cb: The current remove callback function
 *
 * This function returns the callback function to be used to pass a passphrase
 * to the crypto engine.
 **/
 void
 gpgme_get_io_cbs (gpgme_ctx_t ctx, gpgme_io_cbs_t io_cbs)
 {
-  if (ctx && io_cbs)
+  *io_cbs = ctx->io_cbs;
    *io_cbs = ctx->io_cbs;
 }
--- a/gpgme/gpgme.h
+++ b/gpgme/gpgme.h
@ -669,18 +669,20 @@ void gpgme_set_include_certs (gpgme_ctx_t ctx, int nr_of_certs);
 int gpgme_get_include_certs (gpgme_ctx_t ctx);
 /* The available keylist mode flags.  */
-enum
+typedef enum
  {
    GPGME_KEYLIST_MODE_LOCAL  = 1,
    GPGME_KEYLIST_MODE_EXTERN = 2,
    GPGME_KEYLIST_MODE_SIGS   = 4
-  };
+  }
 gpgme_keylist_mode_t;
 /* Set keylist mode in CTX to MODE.  */
-gpgme_error_t gpgme_set_keylist_mode (gpgme_ctx_t ctx, int mode);
+gpgme_error_t gpgme_set_keylist_mode (gpgme_ctx_t ctx,
 				      gpgme_keylist_mode_t mode);
 /* Get keylist mode in CTX.  */
-int gpgme_get_keylist_mode (gpgme_ctx_t ctx);
+gpgme_keylist_mode_t gpgme_get_keylist_mode (gpgme_ctx_t ctx);
 /* Set the passphrase callback function in CTX to CB.  HOOK_VALUE is
   passed as first argument to the passphrase callback function.  */
@ -767,10 +769,14 @@ typedef gpgme_error_t (*gpgme_register_io_cb_t) (void *data, int fd, int dir,
   function.  */
 typedef void (*gpgme_remove_io_cb_t) (void *tag);
-typedef enum { GPGME_EVENT_START,
+typedef enum
-	       GPGME_EVENT_DONE,
+  {
-	       GPGME_EVENT_NEXT_KEY,
+    GPGME_EVENT_START,
-	       GPGME_EVENT_NEXT_TRUSTITEM } gpgme_event_io_t;
+    GPGME_EVENT_DONE,
    GPGME_EVENT_NEXT_KEY,
    GPGME_EVENT_NEXT_TRUSTITEM
  }
 gpgme_event_io_t;
 /* The type of a function that is called when a context finished an
   operation.  */
@ -979,21 +985,32 @@ typedef struct _gpgme_op_encrypt_result *gpgme_encrypt_result_t;
 /* Retrieve a pointer to the result of the encrypt operation.  */
 gpgme_encrypt_result_t gpgme_op_encrypt_result (gpgme_ctx_t ctx);
 /* The valid encryption flags.  */
 typedef enum
  {
    GPGME_ENCRYPT_ALWAYS_TRUST = 1
  }
 gpgme_encrypt_flags_t;
 /* Encrypt plaintext PLAIN within CTX for the recipients RECP and
   store the resulting ciphertext in CIPHER.  */
-gpgme_error_t gpgme_op_encrypt_start (gpgme_ctx_t ctx, gpgme_user_id_t recp,
+gpgme_error_t gpgme_op_encrypt_start (gpgme_ctx_t ctx, gpgme_key_t recp[],
 				      gpgme_encrypt_flags_t flags,
 				      gpgme_data_t plain, gpgme_data_t cipher);
-gpgme_error_t gpgme_op_encrypt (gpgme_ctx_t ctx, gpgme_user_id_t recp,
+gpgme_error_t gpgme_op_encrypt (gpgme_ctx_t ctx, gpgme_key_t recp[],
 				gpgme_encrypt_flags_t flags,
 				gpgme_data_t plain, gpgme_data_t cipher);
 /* Encrypt plaintext PLAIN within CTX for the recipients RECP and
   store the resulting ciphertext in CIPHER.  Also sign the ciphertext
   with the signers in CTX.  */
 gpgme_error_t gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx,
-					   gpgme_user_id_t recp,
+					   gpgme_key_t recp[],
 					   gpgme_encrypt_flags_t flags,
 					   gpgme_data_t plain,
 					   gpgme_data_t cipher);
-gpgme_error_t gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_user_id_t recp,
+gpgme_error_t gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[],
 				     gpgme_encrypt_flags_t flags,
 				     gpgme_data_t plain, gpgme_data_t cipher);
@ -1069,7 +1086,7 @@ struct _gpgme_sig_notation
 typedef struct _gpgme_sig_notation *gpgme_sig_notation_t;
 /* Flags used for the SUMMARY field in a gpgme_signature_t.  */
-enum
+typedef enum
  {
    GPGME_SIGSUM_VALID       = 0x0001,  /* The signature is fully valid.  */
    GPGME_SIGSUM_GREEN       = 0x0002,  /* The signature is good.  */
@ -1082,14 +1099,15 @@ enum
    GPGME_SIGSUM_CRL_TOO_OLD = 0x0200,  /* Available CRL is too old.  */
    GPGME_SIGSUM_BAD_POLICY  = 0x0400,  /* A policy was not met.  */
    GPGME_SIGSUM_SYS_ERROR   = 0x0800   /* A system error occured.  */
-  };
+  }
 gpgme_sigsum_t;
 struct _gpgme_signature
 {
  struct _gpgme_signature *next;
  /* A summary of the signature status.  */
-  unsigned int summary;
+  gpgme_sigsum_t summary;
  /* The fingerprint or key ID of the signature.  */
  char *fpr;
@ -1231,11 +1249,20 @@ gpgme_error_t gpgme_op_import_ext (gpgme_ctx_t ctx, gpgme_data_t keydata,
 				   int *nr) _GPGME_DEPRECATED;
-/* Export the keys listed in UIDS into KEYDATA.  */
+/* Export the keys found by PATTERN into KEYDATA.  */
-gpgme_error_t gpgme_op_export_start (gpgme_ctx_t ctx, gpgme_user_id_t uids,
+gpgme_error_t gpgme_op_export_start (gpgme_ctx_t ctx, const char *pattern,
 				     unsigned int reserved,
 				     gpgme_data_t keydata);
-gpgme_error_t gpgme_op_export (gpgme_ctx_t ctx, gpgme_user_id_t uids,
+gpgme_error_t gpgme_op_export (gpgme_ctx_t ctx, const char *pattern,
-			       gpgme_data_t keydata);
+			       unsigned int reserved, gpgme_data_t keydata);
 gpgme_error_t gpgme_op_export_ext_start (gpgme_ctx_t ctx,
 					 const char *pattern[],
 					 unsigned int reserved,
 					 gpgme_data_t keydata);
 gpgme_error_t gpgme_op_export_ext (gpgme_ctx_t ctx, const char *pattern[],
 				   unsigned int reserved,
 				   gpgme_data_t keydata);
 /* Key generation.  */
@ -1285,7 +1312,7 @@ gpgme_error_t gpgme_op_edit (gpgme_ctx_t ctx, gpgme_key_t key,
 			     gpgme_data_t out);
-/* Key management functions */
+/* Key management functions.  */
 struct _gpgme_op_keylist_result
 {
  unsigned int truncated : 1;
--- a/gpgme/ops.h
+++ b/gpgme/ops.h
@ -33,10 +33,6 @@ void _gpgme_release_result (gpgme_ctx_t ctx);
 gpgme_error_t _gpgme_wait_one (gpgme_ctx_t ctx);
 gpgme_error_t _gpgme_wait_on_condition (gpgme_ctx_t ctx, volatile int *cond);
 /* From user-id.c.  */
 int _gpgme_user_ids_all_valid (gpgme_user_id_t uid);
 /* From data.c.  */
 gpgme_error_t _gpgme_data_inbound_handler (void *opaque, int fd);
--- a/gpgme/rungpg.c
+++ b/gpgme/rungpg.c
@ -1236,26 +1236,30 @@ gpg_edit (void *engine, gpgme_key_t key, gpgme_data_t out,
 static gpgme_error_t
-append_args_from_recipients (engine_gpg_t gpg, gpgme_user_id_t uid)
+append_args_from_recipients (engine_gpg_t gpg, gpgme_key_t recp[])
 {
  gpgme_error_t err = 0;
  int i = 0;
-  while (uid)
+  while (recp[i])
    {
-      err = add_arg (gpg, "-r");
+      if (!recp[i]->subkeys || !recp[i]->subkeys->fpr)
 	err = GPGME_Invalid_Key;
      if (!err)
-	err = add_arg (gpg, uid->uid);
+	err = add_arg (gpg, "-r");
      if (!err)
 	err = add_arg (gpg, recp[i]->subkeys->fpr);
      if (err)
 	break;
-      uid = uid->next;
+      i++;
    }    
  return err;
 }
 static gpgme_error_t
-gpg_encrypt (void *engine, gpgme_user_id_t recp, gpgme_data_t plain,
+gpg_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags,
-	     gpgme_data_t ciph, int use_armor)
+	     gpgme_data_t plain, gpgme_data_t ciph, int use_armor)
 {
  engine_gpg_t gpg = engine;
  gpgme_error_t err;
@ -1270,7 +1274,7 @@ gpg_encrypt (void *engine, gpgme_user_id_t recp, gpgme_data_t plain,
    {
      /* If we know that all recipients are valid (full or ultimate trust)
 	 we can suppress further checks.  */
-      if (!err && !symmetric && _gpgme_user_ids_all_valid (recp))
+      if (!err && !symmetric && (flags & GPGME_ENCRYPT_ALWAYS_TRUST))
 	err = add_arg (gpg, "--always-trust");
      if (!err)
@ -1297,7 +1301,8 @@ gpg_encrypt (void *engine, gpgme_user_id_t recp, gpgme_data_t plain,
 static gpgme_error_t
-gpg_encrypt_sign (void *engine, gpgme_user_id_t recp, gpgme_data_t plain,
+gpg_encrypt_sign (void *engine, gpgme_key_t recp[],
 		  gpgme_encrypt_flags_t flags, gpgme_data_t plain,
 		  gpgme_data_t ciph, int use_armor,
 		  gpgme_ctx_t ctx /* FIXME */)
 {
@ -1311,8 +1316,8 @@ gpg_encrypt_sign (void *engine, gpgme_user_id_t recp, gpgme_data_t plain,
    err = add_arg (gpg, "--armor");
  /* If we know that all recipients are valid (full or ultimate trust)
-   * we can suppress further checks */
+     we can suppress further checks.  */
-  if (!err && _gpgme_user_ids_all_valid (recp))
+  if (!err && (flags & GPGME_ENCRYPT_ALWAYS_TRUST))
    err = add_arg (gpg, "--always-trust");
  if (!err)
@ -1341,12 +1346,15 @@ gpg_encrypt_sign (void *engine, gpgme_user_id_t recp, gpgme_data_t plain,
 static gpgme_error_t
-gpg_export (void *engine, gpgme_user_id_t uids, gpgme_data_t keydata,
+gpg_export (void *engine, const char *pattern, unsigned int reserved,
-	    int use_armor)
+	    gpgme_data_t keydata, int use_armor)
 {
  engine_gpg_t gpg = engine;
  gpgme_error_t err;
  if (reserved)
    return GPGME_Invalid_Value;
  err = add_arg (gpg, "--export");
  if (!err && use_armor)
    err = add_arg (gpg, "--armor");
@ -1355,10 +1363,38 @@ gpg_export (void *engine, gpgme_user_id_t uids, gpgme_data_t keydata,
  if (!err)
    err = add_arg (gpg, "--");
-  while (!err && uids)
+  if (!err && pattern && *pattern)
    err = add_arg (gpg, pattern);
  if (!err)
    err = start (gpg);
  return err;
 }
 static gpgme_error_t
 gpg_export_ext (void *engine, const char *pattern[], unsigned int reserved,
 		gpgme_data_t keydata, int use_armor)
 {
  engine_gpg_t gpg = engine;
  gpgme_error_t err;
  if (reserved)
    return GPGME_Invalid_Value;
  err = add_arg (gpg, "--export");
  if (!err && use_armor)
    err = add_arg (gpg, "--armor");
  if (!err)
    err = add_data (gpg, keydata, 1, 1);
  if (!err)
    err = add_arg (gpg, "--");
  if (pattern)
    {
-      err = add_arg (gpg, uids->uid);
+      while (!err && *pattern && **pattern)
-      uids = uids->next;
+	err = add_arg (gpg, *(pattern++));
    }
  if (!err)
@ -1417,7 +1453,7 @@ gpg_import (void *engine, gpgme_data_t keydata)
 static gpgme_error_t
 gpg_keylist (void *engine, const char *pattern, int secret_only,
-	     int keylist_mode)
+	     gpgme_keylist_mode_t mode)
 {
  engine_gpg_t gpg = engine;
  gpgme_error_t err;
@ -1431,7 +1467,7 @@ gpg_keylist (void *engine, const char *pattern, int secret_only,
    err = add_arg (gpg, "--with-fingerprint");
  if (!err)
    err = add_arg (gpg, secret_only ? "--list-secret-keys"
-		   : ((keylist_mode & GPGME_KEYLIST_MODE_SIGS)
+		   : ((mode & GPGME_KEYLIST_MODE_SIGS)
 		      ? "--check-sigs" : "--list-keys"));
  /* Tell the gpg object about the data.  */
@ -1449,7 +1485,7 @@ gpg_keylist (void *engine, const char *pattern, int secret_only,
 static gpgme_error_t
 gpg_keylist_ext (void *engine, const char *pattern[], int secret_only,
-		 int reserved, int keylist_mode)
+		 int reserved, gpgme_keylist_mode_t mode)
 {
  engine_gpg_t gpg = engine;
  gpgme_error_t err;
@ -1466,15 +1502,14 @@ gpg_keylist_ext (void *engine, const char *pattern[], int secret_only,
    err = add_arg (gpg, "--with-fingerprint");
  if (!err)
    err = add_arg (gpg, secret_only ? "--list-secret-keys"
-		   : ((keylist_mode & GPGME_KEYLIST_MODE_SIGS)
+		   : ((mode & GPGME_KEYLIST_MODE_SIGS)
 		      ? "--check-sigs" : "--list-keys"));
  /* Tell the gpg object about the data.  */
  if (!err)
    err = add_arg (gpg, "--");
-  if (!err && pattern && *pattern)
+
  if (pattern)
    {
-      while (*pattern && **pattern)
+      while (!err && *pattern && **pattern)
 	err = add_arg (gpg, *(pattern++));
    }
@ -1616,6 +1651,7 @@ struct engine_ops _gpgme_engine_ops_gpg =
    gpg_encrypt,
    gpg_encrypt_sign,
    gpg_export,
    gpg_export_ext,
    gpg_genkey,
    gpg_import,
    gpg_keylist,
--- a/gpgme/user-id.c
+++ b/gpgme/user-id.c
@ -1,91 +0,0 @@
 /* user-id.c - Managing user IDs.
   Copyright (C) 2000 Werner Koch (dd9jn)
   Copyright (C) 2001, 2002, 2003 g10 Code GmbH
   This file is part of GPGME.
   GPGME is free software; you can redistribute it and/or modify it
   under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.
   GPGME is distributed in the hope that it will be useful, but
   WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with GPGME; if not, write to the Free Software Foundation,
   Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.  */
 #if HAVE_CONFIG_H
 #include <config.h>
 #endif
 #include <stdlib.h>
 #include <string.h>
 #include <gpgme.h>
 /* Release the user IDs in the list UID.  */
 void
 gpgme_user_ids_release (gpgme_user_id_t uid)
 {
  while (uid)
    {
      gpgme_user_id_t next_uid = uid->next;
      free (uid);
      uid = next_uid;
    }
 }
 /* Add the name NAME to the user ID list *UIDS_P (with unknown
   validity).  */
 gpgme_error_t
 gpgme_user_ids_append (gpgme_user_id_t *uids_p, const char *name)
 {
  gpgme_user_id_t uids;
  gpgme_user_id_t uid;
  if (!name || !uids_p)
    return GPGME_Invalid_Value;
  uid = calloc (1, sizeof (*uid) + strlen (name) + 1);
  if (!uid)
    return GPGME_Out_Of_Core;
  uid->uid = ((char *) uid) + sizeof (*uid);
  strcpy (uid->uid, name);
  uid->name = uid->uid + strlen (name);
  uid->email = uid->name;
  uid->comment = uid->name;
  uid->validity = GPGME_VALIDITY_UNKNOWN;
  uids = *uids_p;
  if (uids)
    {
      while (uids->next)
 	uids = uids->next;
      uids->next = uid;
    }
  else
    *uids_p = uid;
  return 0;
 }
 int
 _gpgme_user_ids_all_valid (gpgme_user_id_t uid)
 {
  while (uid)
    {
      if (uid->validity != GPGME_VALIDITY_FULL
 	  && uid->validity != GPGME_VALIDITY_ULTIMATE)
 	return 0;
      uid = uid->next;
    }
  return 1;
 }
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@ -1,3 +1,12 @@
 2003-05-29  Marcus Brinkmann  <marcus@g10code.de>
 	* gpg/t-encrypt-sym.c (main): Adapt to new syntax.
 	* gpg/t-encrypt.c (main): Likewise.
 	* gpg/t-eventloop.c (main): Likewise.
 	* gpg/t-encrypt-sign.c (main): Likewise.
 	* gpgsm/t-export.c (main): Likewise.
 	* gpgsm/t-encrypt.c (main): Likewise.
 2003-05-28  Marcus Brinkmann  <marcus@g10code.de>
 	* gpg/t-eventloop.c (main): Rewrite recipient management.
--- a/tests/gpg/t-encrypt-sign.c
+++ b/tests/gpg/t-encrypt-sign.c
@ -117,8 +117,7 @@ main (int argc, char **argv)
  gpgme_ctx_t ctx;
  gpgme_error_t err;
  gpgme_data_t in, out;
-  gpgme_user_id_t rset = NULL;
+  gpgme_key_t key[3] = { NULL, NULL, NULL };
  gpgme_user_id_t *rset_lastp = &rset;
  gpgme_encrypt_result_t result;
  gpgme_sign_result_t sign_result;
  char *agent_info;
@ -141,16 +140,14 @@ main (int argc, char **argv)
  err = gpgme_data_new (&out);
  fail_if_err (err);
-  err = gpgme_user_ids_append (rset_lastp, "Alpha");
+  err = gpgme_get_key (ctx, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
 		       &key[0], 0);
  fail_if_err (err);
-  (*rset_lastp)->validity = GPGME_VALIDITY_FULL;
+  err = gpgme_get_key (ctx, "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2",
-
+		       &key[1], 0);
  rset_lastp = &(*rset_lastp)->next;
  err = gpgme_user_ids_append (rset_lastp, "Bob");
  fail_if_err (err);
  (*rset_lastp)->validity = GPGME_VALIDITY_FULL;
-  err = gpgme_op_encrypt_sign (ctx, rset, in, out);
+  err = gpgme_op_encrypt_sign (ctx, key, GPGME_ENCRYPT_ALWAYS_TRUST, in, out);
  fail_if_err (err);
  result = gpgme_op_encrypt_result (ctx);
  if (result->invalid_recipients)
@ -163,7 +160,8 @@ main (int argc, char **argv)
  check_result (sign_result, GPGME_SIG_MODE_NORMAL);
  print_data (out);
-  gpgme_user_ids_release (rset);
+  gpgme_key_unref (key[0]);
  gpgme_key_unref (key[1]);
  gpgme_data_release (in);
  gpgme_data_release (out);
  gpgme_release (ctx);
--- a/tests/gpg/t-encrypt-sym.c
+++ b/tests/gpg/t-encrypt-sym.c
@ -1,23 +1,22 @@
 /* t-encrypt-sym.c  - regression test
- *	Copyright (C) 2000 Werner Koch (dd9jn)
+   Copyright (C) 2000 Werner Koch (dd9jn)
- *      Copyright (C) 2001, 2003 g10 Code GmbH
+   Copyright (C) 2001, 2003 g10 Code GmbH
- *
+
- * This file is part of GPGME.
+   This file is part of GPGME.
- *
+ 
- * GPGME is free software; you can redistribute it and/or modify
+   GPGME is free software; you can redistribute it and/or modify it
- * it under the terms of the GNU General Public License as published by
+   under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+   the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
+   (at your option) any later version.
- *
+ 
- * GPGME is distributed in the hope that it will be useful,
+   GPGME is distributed in the hope that it will be useful, but
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+   WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * GNU General Public License for more details.
+   General Public License for more details.
- *
+ 
- * You should have received a copy of the GNU General Public License
+   You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
+   along with GPGME; if not, write to the Free Software Foundation,
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+   Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.  */
 */
 #include <stdio.h>
 #include <stdlib.h>
@ -27,11 +26,18 @@
 #include <gpgme.h>
-#define fail_if_err(a) do { if(a) {                                       \
+#define fail_if_err(err)					\
-                               fprintf (stderr, "%s:%d: gpgme_error_t %s\n", \
+  do								\
-                                __FILE__, __LINE__, gpgme_strerror(a));   \
+    {								\
-                                exit (1); }                               \
+      if (err)							\
-                             } while(0)
+        {							\
          fprintf (stderr, "%s:%d: gpgme_error_t %s\n",		\
                   __FILE__, __LINE__, gpgme_strerror (err));   \
          exit (1);						\
        }							\
    }								\
  while (0)
 static void
 print_data (gpgme_data_t dh)
@ -72,54 +78,50 @@ main (int argc, char **argv)
  err = gpgme_engine_check_version (GPGME_PROTOCOL_OpenPGP);
  fail_if_err (err);
-  do
+  err = gpgme_new (&ctx);
  fail_if_err (err);
  gpgme_set_armor (ctx, 1);
  p = getenv("GPG_AGENT_INFO");
  if (!(p && strchr (p, ':')))
    gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
  err = gpgme_data_new_from_mem (&plain, text, strlen (text), 0);
  fail_if_err (err);
  err = gpgme_data_new (&cipher);
  fail_if_err (err);
  err = gpgme_op_encrypt (ctx, 0, 0, plain, cipher);
  fail_if_err (err);
  fflush (NULL);
  fputs ("Begin Result Encryption:\n", stdout);
  print_data (cipher);
  fputs ("End Result.\n", stdout);
  gpgme_data_seek (cipher, 0, SEEK_SET);
  gpgme_data_release (plain);
  err = gpgme_data_new (&plain);
  fail_if_err (err);
  err = gpgme_op_decrypt (ctx, cipher, plain);
  fail_if_err (err);
  fputs ("Begin Result Decryption:\n", stdout);
  print_data (plain);
  fputs ("End Result.\n", stdout);
  text2 = gpgme_data_release_and_get_mem (plain, &len);
  if (strncmp (text, text2, len))
    {
-      err = gpgme_new (&ctx);
+      fprintf (stderr, "%s:%d: Wrong plaintext\n", __FILE__, __LINE__);
-      fail_if_err (err);
+      exit (1);
      gpgme_set_armor (ctx, 1);
      p = getenv("GPG_AGENT_INFO");
      if (!(p && strchr (p, ':')))
        gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
      err = gpgme_data_new_from_mem (&plain, text, strlen (text), 0);
      fail_if_err (err);
      err = gpgme_data_new (&cipher);
      fail_if_err (err);
      err = gpgme_op_encrypt (ctx, 0, plain, cipher);
      fail_if_err (err);
      fflush (NULL);
      fputs ("Begin Result Encryption:\n", stdout);
      print_data (cipher);
      fputs ("End Result.\n", stdout);
      gpgme_data_seek (cipher, 0, SEEK_SET);
      gpgme_data_release (plain);
      err = gpgme_data_new (&plain);
      fail_if_err (err);
      err = gpgme_op_decrypt (ctx, cipher, plain);
      fail_if_err (err);
      fputs ("Begin Result Decryption:\n", stdout);
      print_data (plain);
      fputs ("End Result.\n", stdout);
      text2 = gpgme_data_release_and_get_mem (plain, &len);
      if (strncmp (text, text2, len))
 	{
 	  fprintf (stderr, "%s:%d: Wrong plaintext\n", __FILE__, __LINE__);
 	  exit (1);
 	}
      gpgme_data_release (cipher);
      gpgme_release (ctx);
    }
-  while (argc > 1 && !strcmp (argv[1], "--loop"));
+
  gpgme_data_release (cipher);
  gpgme_release (ctx);
  return 0;
 }
--- a/tests/gpg/t-encrypt.c
+++ b/tests/gpg/t-encrypt.c
@ -60,10 +60,11 @@ main (int argc, char **argv)
  gpgme_ctx_t ctx;
  gpgme_error_t err;
  gpgme_data_t in, out;
-  gpgme_user_id_t rset = NULL;
+  gpgme_key_t key[3] = { NULL, NULL, NULL };
  gpgme_user_id_t *rset_lastp = &rset;
  gpgme_encrypt_result_t result;
  gpgme_check_version (0);
  err = gpgme_engine_check_version (GPGME_PROTOCOL_OpenPGP);
  fail_if_err (err);
@ -76,17 +77,15 @@ main (int argc, char **argv)
  err = gpgme_data_new (&out);
  fail_if_err (err);
  err = gpgme_user_ids_append (rset_lastp, "Alpha");
  fail_if_err (err);
  (*rset_lastp)->validity = GPGME_VALIDITY_FULL;
-  rset_lastp = &(*rset_lastp)->next;
+  err = gpgme_get_key (ctx, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
-  err = gpgme_user_ids_append (rset_lastp, "Bob");
+		       &key[0], 0);
  fail_if_err (err);
  err = gpgme_get_key (ctx, "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2",
 		       &key[1], 0);
  fail_if_err (err);
  (*rset_lastp)->validity = GPGME_VALIDITY_FULL;
-  err = gpgme_op_encrypt (ctx, rset, in, out);
+  err = gpgme_op_encrypt (ctx, key, GPGME_ENCRYPT_ALWAYS_TRUST, in, out);
  fail_if_err (err);
  result = gpgme_op_encrypt_result (ctx);
  if (result->invalid_recipients)
@ -97,11 +96,10 @@ main (int argc, char **argv)
    }
  print_data (out);
-  gpgme_user_ids_release (rset);
+  gpgme_key_unref (key[0]);
  gpgme_key_unref (key[1]);
  gpgme_data_release (in);
  gpgme_data_release (out);
  gpgme_release (ctx);
  return 0;
 }
--- a/tests/gpg/t-eventloop.c
+++ b/tests/gpg/t-eventloop.c
@ -191,8 +191,7 @@ main (int argc, char *argv[])
  gpgme_ctx_t ctx;
  gpgme_error_t err;
  gpgme_data_t in, out;
-  gpgme_user_id_t rset = NULL;
+  gpgme_key_t key[3] = { NULL, NULL, NULL };
  gpgme_user_id_t *rset_lastp = &rset;
  int i;
  for (i = 0; i < FDLIST_MAX; i++)
@ -213,16 +212,14 @@ main (int argc, char *argv[])
  err = gpgme_data_new (&out);
  fail_if_err (err);
-  err = gpgme_user_ids_append (rset_lastp, "Alpha");
+  err = gpgme_get_key (ctx, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
 		       &key[0], 0);
  fail_if_err (err);
-  (*rset_lastp)->validity = GPGME_VALIDITY_FULL;
+  err = gpgme_get_key (ctx, "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2",
-
+		       &key[1], 0);
  rset_lastp = &(*rset_lastp)->next;
  err = gpgme_user_ids_append (rset_lastp, "Bob");
  fail_if_err (err);
  (*rset_lastp)->validity = GPGME_VALIDITY_FULL;
-  err = gpgme_op_encrypt_start (ctx, rset, in, out);
+  err = gpgme_op_encrypt_start (ctx, key, GPGME_ENCRYPT_ALWAYS_TRUST, in, out);
  fail_if_err (err);
  my_wait ();
@ -234,7 +231,8 @@ main (int argc, char *argv[])
  print_data (out);
  fputs ("End Result.\n", stdout);
-  gpgme_user_ids_release (rset);
+  gpgme_key_unref (key[0]);
  gpgme_key_unref (key[1]);
  gpgme_data_release (in);
  gpgme_data_release (out);
  gpgme_release (ctx);
--- a/tests/gpg/t-export.c
+++ b/tests/gpg/t-export.c
@ -60,8 +60,7 @@ main (int argc, char **argv)
  gpgme_ctx_t ctx;
  gpgme_error_t err;
  gpgme_data_t  out;
-  gpgme_user_id_t uids = NULL;
+  const char *pattern[] = { "Alpha", "Bob", NULL };
  gpgme_user_id_t *uids_lastp = &uids;
  err = gpgme_new (&ctx);
  fail_if_err (err);
@ -69,15 +68,8 @@ main (int argc, char **argv)
  err = gpgme_data_new (&out);
  fail_if_err (err);
  err = gpgme_user_ids_append (uids_lastp, "Alpha");
  fail_if_err (err);
  uids_lastp = &(*uids_lastp)->next;
  err = gpgme_user_ids_append (uids_lastp, "Bob");
  fail_if_err (err);
  gpgme_set_armor (ctx, 1);
-  err = gpgme_op_export (ctx, uids, out);
+  err = gpgme_op_export_ext (ctx, pattern, 0, out);
  fail_if_err (err);
  fflush (NULL);
@ -85,11 +77,8 @@ main (int argc, char **argv)
  print_data (out);
  fputs ("End Result.\n", stdout);
  gpgme_user_ids_release (uids);
  gpgme_data_release (out);
  gpgme_release (ctx);
  return 0;
 }
--- a/tests/gpgsm/t-encrypt.c
+++ b/tests/gpgsm/t-encrypt.c
@ -60,7 +60,7 @@ main (int argc, char **argv)
  gpgme_ctx_t ctx;
  gpgme_error_t err;
  gpgme_data_t in, out;
-  gpgme_user_id_t rset = NULL;
+  gpgme_key_t key[] = { NULL, NULL };
  gpgme_encrypt_result_t result;
  err = gpgme_engine_check_version (GPGME_PROTOCOL_CMS);
@ -77,11 +77,11 @@ main (int argc, char **argv)
  err = gpgme_data_new (&out);
  fail_if_err (err);
-  err = gpgme_user_ids_append (&rset, "test cert 1");
+  err = gpgme_get_key (ctx, "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E",
 		       &key[0], 0);
  fail_if_err (err);
  rset->validity = GPGME_VALIDITY_FULL;
-  err = gpgme_op_encrypt (ctx, rset, in, out);
+  err = gpgme_op_encrypt (ctx, key, 0, in, out);
  fail_if_err (err);
  result = gpgme_op_encrypt_result (ctx);
  if (result->invalid_recipients)
@ -92,7 +92,7 @@ main (int argc, char **argv)
    }
  print_data (out);
-  gpgme_user_ids_release (rset);
+  gpgme_key_unref (key[0]);
  gpgme_data_release (in);
  gpgme_data_release (out);
  gpgme_release (ctx);
--- a/tests/gpgsm/t-export.c
+++ b/tests/gpgsm/t-export.c
@ -59,9 +59,8 @@ main (int argc, char *argv[])
 {
  gpgme_ctx_t ctx;
  gpgme_error_t err;
-  gpgme_data_t  out;
+  gpgme_data_t out;
-  gpgme_user_id_t rset = NULL;
+  const char *pattern[] = { "DFN Top Level Certification Authority", NULL };
  err = gpgme_new (&ctx);
  fail_if_err (err);
  gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
@ -69,11 +68,8 @@ main (int argc, char *argv[])
  err = gpgme_data_new (&out);
  fail_if_err (err);
  err = gpgme_user_ids_append (&rset, "DFN Top Level Certification Authority");
  fail_if_err (err);
  gpgme_set_armor (ctx, 1);
-  err = gpgme_op_export (ctx, rset, out);
+  err = gpgme_op_export_ext (ctx, pattern, 0, out);
  fail_if_err (err);
  fflush (NULL);
@ -81,7 +77,6 @@ main (int argc, char *argv[])
  print_data (out);
  fputs ("End Result.\n", stdout);
  gpgme_user_ids_release (rset);
  gpgme_data_release (out);
  gpgme_release (ctx);