diff --git a/CMakeLists.txt b/CMakeLists.txt
index 086608e6d..67f19c7f8 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,235 +1,236 @@
 # SPDX-FileCopyrightText: none
 # SPDX-License-Identifier: BSD-3-Clause
 cmake_minimum_required(VERSION 3.16 FATAL_ERROR)
 
 set(RELEASE_SERVICE_VERSION_MAJOR "22")
 set(RELEASE_SERVICE_VERSION_MINOR "11")
 set(RELEASE_SERVICE_VERSION_MICRO "70")
 
 # The RELEASE_SERVICE_VERSION is used by Gpg4win to add the Gpg4win version
 if (NOT RELEASE_SERVICE_VERSION)
     set(RELEASE_SERVICE_VERSION "${RELEASE_SERVICE_VERSION_MAJOR}.${RELEASE_SERVICE_VERSION_MINOR}.${RELEASE_SERVICE_VERSION_MICRO}")
 endif()
 if(RELEASE_SERVICE_VERSION_MICRO LESS 10)
     set(KDE_APPLICATIONS_COMPACT_VERSION "${RELEASE_SERVICE_VERSION_MAJOR}${RELEASE_SERVICE_VERSION_MINOR}0${RELEASE_SERVICE_VERSION_MICRO}")
 else()
     set(KDE_APPLICATIONS_COMPACT_VERSION "${RELEASE_SERVICE_VERSION_MAJOR}${RELEASE_SERVICE_VERSION_MINOR}${RELEASE_SERVICE_VERSION_MICRO}")
 endif()
 
 set(KLEOPATRA_VERSION_MAJOR "3")
 set(KLEOPATRA_VERSION_MINOR "1")
 set(KLEOPATRA_VERSION_MICRO "22")
 
 set(kleopatra_version "${KLEOPATRA_VERSION_MAJOR}.${KLEOPATRA_VERSION_MINOR}.${KLEOPATRA_VERSION_MICRO}.${KDE_APPLICATIONS_COMPACT_VERSION}")
 # The following is for Windows
 set(kleopatra_version_win "${KLEOPATRA_VERSION_MAJOR}.${KLEOPATRA_VERSION_MINOR}.${KLEOPATRA_VERSION_MICRO}")
 set(kleopatra_fileversion_win "${KLEOPATRA_VERSION_MAJOR},${KLEOPATRA_VERSION_MINOR},${KLEOPATRA_VERSION_MICRO},0")
 
 project(kleopatra VERSION ${kleopatra_version})
 
 option(DISABLE_KWATCHGNUPG "Don't build the kwatchgnupg tool [default=OFF]" OFF)
 
 # Standalone build. Find / include everything necessary.
 set(KF5_MIN_VERSION "5.96.0")
 set(KIDENTITYMANAGEMENT_VERSION "5.21.40")
 set(KMAILTRANSPORT_VERSION "5.21.40")
 set(KMIME_VERSION "5.21.40")
 set(LIBKLEO_VERSION "5.21.45")
 set(QT_REQUIRED_VERSION "5.15.2")
 set(GPGME_REQUIRED_VERSION "1.16.0")
 
 if (WIN32)
   set(KF5_WANT_VERSION "5.70.0")
   set(KMIME_WANT_VERSION "5.12.0")
 else ()
   set(KF5_WANT_VERSION ${KF5_MIN_VERSION})
   set(KMIME_WANT_VERSION ${KMIME_VERSION})
 endif ()
 
 set(CMAKE_CXX_STANDARD 20)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 
 find_package(ECM ${KF5_WANT_VERSION} CONFIG REQUIRED)
 set(CMAKE_MODULE_PATH ${ECM_MODULE_PATH})
 set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules ${CMAKE_MODULE_PATH})
 
 include(ECMInstallIcons)
 include(ECMSetupVersion)
 include(ECMAddTests)
 include(GenerateExportHeader)
 include(ECMGenerateHeaders)
 include(FeatureSummary)
 include(CheckFunctionExists)
 include(KDEInstallDirs)
 include(KDECMakeSettings)
 include(KDECompilerSettings NO_POLICY_SCOPE)
 include(ECMAddAppIcon)
 include(ECMQtDeclareLoggingCategory)
 include(ECMDeprecationSettings)
 include(KDEClangFormat)
 
 # Find KF5 packages
 find_package(KF5WidgetsAddons ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5ConfigWidgets ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5CoreAddons ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5Codecs ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5Config ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5I18n ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5IconThemes ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5ItemModels ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5XmlGui ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5WindowSystem ${KF5_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5DocTools ${KF5_WANT_VERSION} CONFIG)
 find_package(KF5Crash ${KF5_WANT_VERSION} REQUIRED)
 
 set_package_properties(KF5DocTools PROPERTIES
     DESCRIPTION "Documentation tools"
     PURPOSE "Required to generate Kleopatra documentation."
     TYPE OPTIONAL)
 
 # Optional packages
 if (WIN32)
   # Only a replacement available for Windows so this
   # is required on other platforms.
   find_package(KF5DBusAddons ${KF5_WANT_VERSION} CONFIG)
   set_package_properties(KF5DBusAddons PROPERTIES DESCRIPTION "Support library to work with DBus"
                          PURPOSE "DBus session integration"
                          URL "https://inqlude.org/libraries/kdbusaddons.html"
                          TYPE OPTIONAL)
 else()
   find_package(KF5DBusAddons ${KF5_WANT_VERSION} CONFIG REQUIRED)
   set(_kleopatra_dbusaddons_libs KF5::DBusAddons)
 endif()
 
 set(HAVE_QDBUS ${Qt${QT_MAJOR_VERSION}DBus_FOUND})
 
 find_package(Gpgmepp ${GPGME_REQUIRED_VERSION} CONFIG REQUIRED)
 if (QT_MAJOR_VERSION STREQUAL "6")
     find_package(QGpgmeQt6 ${GPGME_REQUIRED_VERSION} CONFIG REQUIRED)
 else()
     find_package(QGpgme ${GPGME_REQUIRED_VERSION} CONFIG REQUIRED)
 endif()
 if (QGpgme_VERSION VERSION_GREATER_EQUAL "1.17.0")
     set(QGPGME_SUPPORTS_CHANGING_EXPIRATION_OF_COMPLETE_KEY 1)
     set(QGPGME_CRYPTOCONFIGENTRY_HAS_DEFAULT_VALUE 1)
     set(QGPGME_SUPPORTS_WKDLOOKUP 1)
     set(QGPGME_SUPPORTS_IMPORT_WITH_FILTER 1)
     set(QGPGME_SUPPORTS_IMPORT_WITH_KEY_ORIGIN 1)
     set(QGPGME_SUPPORTS_SECRET_KEY_EXPORT 1)
     set(QGPGME_SUPPORTS_SECRET_SUBKEY_EXPORT 1)
     set(QGPGME_SUPPORTS_RECEIVING_KEYS_BY_KEY_ID 1)
 endif()
 if (QGpgme_VERSION VERSION_GREATER_EQUAL "1.17.2")
     set(QGPGME_SUPPORTS_KEY_REVOCATION 1)
     set(QGPGME_SUPPORTS_KEY_REFRESH 1)
     set(QGPGME_SUPPORTS_SET_FILENAME 1)
+    set(QGPGME_SUPPORTS_SET_PRIMARY_UID 1)
 endif()
 
 # Kdepimlibs packages
 find_package(KF5Libkleo ${LIBKLEO_VERSION} CONFIG REQUIRED)
 find_package(KF5Mime ${KMIME_WANT_VERSION} CONFIG REQUIRED)
 find_package(KF5IdentityManagement ${KIDENTITYMANAGEMENT_VERSION} CONFIG)
 find_package(KF5MailTransport ${KMAILTRANSPORT_VERSION} CONFIG)
 find_package(KF5MailTransportAkonadi ${KMAILTRANSPORT_VERSION} CONFIG)
 
 find_package(Qt${QT_MAJOR_VERSION} ${QT_REQUIRED_VERSION} CONFIG REQUIRED Widgets Test Network PrintSupport)
 
 find_package(Assuan2 REQUIRED)
 
 
 set(kleopatra_release FALSE)
 
 if(NOT kleopatra_release)
     find_package(Git)
     if(GIT_FOUND)
         execute_process(COMMAND ${GIT_EXECUTABLE} rev-parse
                         WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
                         RESULT_VARIABLE rc
                         ERROR_QUIET)
         if(rc EQUAL 0)
             execute_process(COMMAND ${GIT_EXECUTABLE} log -1 --oneline --format=%h ${CMAKE_CURRENT_SOURCE_DIR}
                 WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
                 OUTPUT_VARIABLE Kleopatra_WC_REVISION)
             string(REGEX REPLACE "\n" "" Kleopatra_WC_REVISION "${Kleopatra_WC_REVISION}")
 
             execute_process(COMMAND ${GIT_EXECUTABLE} log -1 --oneline --format=%cI ${CMAKE_CURRENT_SOURCE_DIR}
                 WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
                 OUTPUT_VARIABLE Kleopatra_WC_LAST_CHANGED_DATE)
             string(REGEX REPLACE "^([0-9]+)-([0-9]+)-([0-9]+)T([0-9]+):([0-9]+):([0-9]+).*$" "\\1\\2\\3T\\4\\5\\6"
                    Kleopatra_WC_LAST_CHANGED_DATE "${Kleopatra_WC_LAST_CHANGED_DATE}")
 
             set(kleopatra_version "${kleopatra_version}+git${Kleopatra_WC_LAST_CHANGED_DATE}~${Kleopatra_WC_REVISION}")
         endif()
     endif()
 endif()
 
 configure_file(${CMAKE_CURRENT_SOURCE_DIR}/version-kleopatra.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/version-kleopatra.h)
 
 include (ConfigureChecks.cmake)
 
 configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config-kleopatra.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config-kleopatra.h)
 include_directories(
     ${CMAKE_CURRENT_BINARY_DIR}
     ${CMAKE_CURRENT_SOURCE_DIR}
     ${ASSUAN2_INCLUDES}
     )
 
 add_definitions(-D_ASSUAN_ONLY_GPG_ERRORS)
 if (WIN32)
 # On Windows, we need to use stuff deprecated since Qt 5.11, e.g. from QDesktopWidget
 ecm_set_disabled_deprecation_versions(QT 5.10.0 KF 5.97.0)
 else ()
 ecm_set_disabled_deprecation_versions(QT 5.14.0 KF 5.97.0)
 endif ()
 
 if(CMAKE_COMPILER_IS_GNUCXX)
     set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wno-missing-braces -Wno-parentheses -Wno-ignored-qualifiers")
 endif()
 add_definitions(-DQT_NO_EMIT)
 remove_definitions(-DQT_NO_FOREACH)
 
 # Disable the use of QStringBuilder for operator+ to prevent crashes when
 # returning the result of concatenating string temporaries in lambdas. We do
 # this for example in some std::transform expressions.
 # This is a known issue: https://bugreports.qt.io/browse/QTBUG-47066
 # Alternatively, one would always have to remember to force the lambdas to
 # return a QString instead of QStringBuilder, but that's just too easy to
 # forget and, unfortunately, the compiler doesn't issue a warning if one forgets
 # this. So, it's just too dangerous.
 # One can still use QStringBuilder explicitly with the operator% if necessary.
 remove_definitions(-DQT_USE_FAST_OPERATOR_PLUS)
 remove_definitions(-DQT_USE_QSTRINGBUILDER)
 
 kde_enable_exceptions()
 option(USE_UNITY_CMAKE_SUPPORT "Use UNITY cmake support (speedup compile time)" OFF)
 
 set(COMPILE_WITH_UNITY_CMAKE_SUPPORT OFF)
 if (USE_UNITY_CMAKE_SUPPORT)
     set(COMPILE_WITH_UNITY_CMAKE_SUPPORT ON)
 endif()
 
 
 add_subdirectory(pics)
 add_subdirectory(src)
 
 if(BUILD_TESTING)
     add_subdirectory(tests)
     add_subdirectory(autotests)
 endif()
 
 ecm_qt_install_logging_categories(
         EXPORT KLEOPATRA
         FILE kleopatra.categories
         DESTINATION ${KDE_INSTALL_LOGGINGCATEGORIESDIR}
         )
 
 ki18n_install(po)
 if(KF5DocTools_FOUND)
     kdoctools_install(po)
     add_subdirectory(doc)
 endif()
 feature_summary(WHAT ALL FATAL_ON_MISSING_REQUIRED_PACKAGES)
 
 # add clang-format target for all our real source files
 file(GLOB_RECURSE ALL_CLANG_FORMAT_SOURCE_FILES *.cpp *.h *.c)
 kde_clang_format(${ALL_CLANG_FORMAT_SOURCE_FILES})
diff --git a/config-kleopatra.h.cmake b/config-kleopatra.h.cmake
index e4feb87c5..7d37e2e94 100644
--- a/config-kleopatra.h.cmake
+++ b/config-kleopatra.h.cmake
@@ -1,58 +1,61 @@
 /* Define to 1 if you have a recent enough libassuan */
 #cmakedefine HAVE_USABLE_ASSUAN 1
 
 /* Define to 1 if you have libassuan v2 */
 #cmakedefine HAVE_ASSUAN2 1
 
 #ifndef HAVE_ASSUAN2
 /* Define to 1 if your libassuan has the assuan_fd_t type  */
 #cmakedefine HAVE_ASSUAN_FD_T 1
 
 /* Define to 1 if your libassuan has the assuan_inquire_ext function */
 #cmakedefine HAVE_ASSUAN_INQUIRE_EXT 1
 
 /* Define to 1 if your assuan_inquire_ext puts the buffer arguments into the callback signature */
 #cmakedefine HAVE_NEW_STYLE_ASSUAN_INQUIRE_EXT 1
 
 /* Define to 1 if your libassuan has the assuan_sock_get_nonce function */
 #cmakedefine HAVE_ASSUAN_SOCK_GET_NONCE 1
 
 #endif
 /* Define to 1 if you build libkleopatraclient */
 #cmakedefine HAVE_KLEOPATRACLIENT_LIBRARY 1
 
 /* DBus available */
 #cmakedefine01 HAVE_QDBUS
 
 /* Defined if QGpgME supports changing the expiration date of the primary key and the subkeys simultaneously */
 #cmakedefine QGPGME_SUPPORTS_CHANGING_EXPIRATION_OF_COMPLETE_KEY 1
 
 /* Defined if QGpgME supports retrieving the default value of a config entry */
 #cmakedefine QGPGME_CRYPTOCONFIGENTRY_HAS_DEFAULT_VALUE 1
 
 /* Defined if QGpgME supports WKD lookup */
 #cmakedefine QGPGME_SUPPORTS_WKDLOOKUP 1
 
 /* Defined if QGpgME supports specifying an import filter when importing keys */
 #cmakedefine QGPGME_SUPPORTS_IMPORT_WITH_FILTER 1
 
 /* Defined if QGpgME supports setting key origin when importing keys */
 #cmakedefine QGPGME_SUPPORTS_IMPORT_WITH_KEY_ORIGIN 1
 
 /* Defined if QGpgME supports the export of secret keys */
 #cmakedefine QGPGME_SUPPORTS_SECRET_KEY_EXPORT 1
 
 /* Defined if QGpgME supports the export of secret subkeys */
 #cmakedefine QGPGME_SUPPORTS_SECRET_SUBKEY_EXPORT 1
 
 /* Defined if QGpgME supports receiving keys by their key ids */
 #cmakedefine QGPGME_SUPPORTS_RECEIVING_KEYS_BY_KEY_ID 1
 
 /* Defined if QGpgME supports revoking own OpenPGP keys */
 #cmakedefine QGPGME_SUPPORTS_KEY_REVOCATION 1
 
 /* Defined if QGpgME supports refreshing keys */
 #cmakedefine QGPGME_SUPPORTS_KEY_REFRESH 1
 
 /* Defined if QGpgME supports setting the file name of encrypted data */
 #cmakedefine QGPGME_SUPPORTS_SET_FILENAME 1
+
+/* Defined if QGpgME supports setting the primary user id of a key */
+#cmakedefine QGPGME_SUPPORTS_SET_PRIMARY_UID 1
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 05869bfcb..ad64caf23 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -1,620 +1,622 @@
 # SPDX-FileCopyrightText: none
 # SPDX-License-Identifier: BSD-3-Clause
 add_subdirectory(icons)
 add_subdirectory(mimetypes)
 
 include_directories(${CMAKE_CURRENT_BINARY_DIR})
 include_directories(${CMAKE_CURRENT_SOURCE_DIR})
 
 if (NOT DISABLE_KWATCHGNUPG)
     add_subdirectory(kwatchgnupg)
 endif()
 add_subdirectory(libkleopatraclient)
 add_subdirectory(conf)
 add_subdirectory(kconf_update)
 
 if(WIN32)
   set(_kleopatra_extra_uiserver_SRCS uiserver/uiserver_win.cpp)
   set(_kleopatra_extra_SRCS
       selftest/registrycheck.cpp
       utils/gnupg-registry.c
       utils/userinfo_win.cpp
       utils/windowsprocessdevice.cpp
   )
 else()
   set(_kleopatra_extra_uiserver_SRCS uiserver/uiserver_unix.cpp)
   set(_kleopatra_extra_SRCS)
 endif()
 
 set(_kleopatra_uiserver_SRCS
     ${_kleopatra_extra_uiserver_SRCS}
 
     selftest/uiservercheck.cpp
     uiserver/assuanserverconnection.cpp
     uiserver/createchecksumscommand.cpp
     uiserver/decryptverifycommandemailbase.cpp
     uiserver/decryptverifycommandfilesbase.cpp
     uiserver/echocommand.cpp
     uiserver/encryptcommand.cpp
     uiserver/importfilescommand.cpp
     uiserver/prepencryptcommand.cpp
     uiserver/prepsigncommand.cpp
     uiserver/selectcertificatecommand.cpp
     uiserver/sessiondata.cpp
     uiserver/signcommand.cpp
     uiserver/signencryptfilescommand.cpp
     uiserver/uiserver.cpp
     uiserver/verifychecksumscommand.cpp
   )
 
 if(ASSUAN2_FOUND)
   include_directories(${ASSUAN2_INCLUDES})
   set(_kleopatra_uiserver_extra_libs ${ASSUAN2_LIBRARIES})
 else()
   include_directories(${ASSUAN_INCLUDES})
   if(WIN32)
     set(_kleopatra_uiserver_extra_libs ${ASSUAN_VANILLA_LIBRARIES})
   else()
     set(_kleopatra_uiserver_extra_libs ${ASSUAN_PTHREAD_LIBRARIES})
   endif()
 endif()
 
 if(HAVE_GPG_ERR_SOURCE_KLEO)
   add_definitions(-DGPG_ERR_SOURCE_DEFAULT=GPG_ERR_SOURCE_KLEO)
   add_definitions(-DGPGMEPP_ERR_SOURCE_DEFAULT=GPG_ERR_SOURCE_KLEO)
 else()
   add_definitions(-DGPG_ERR_SOURCE_DEFAULT=GPG_ERR_SOURCE_USER_1)
   add_definitions(-DGPGMEPP_ERR_SOURCE_DEFAULT=GPG_ERR_SOURCE_USER_1)
 endif()
 
 if(KF5IdentityManagement_FOUND AND KF5MailTransport_FOUND AND KF5MailTransportAkonadi_FOUND)
   set(_kleopatra_mail_libs
       KF5::IdentityManagement # Export OpenPGP keys using WKS
       KF5::MailTransport
       KF5::MailTransportAkonadi
   )
   add_definitions(-DMAILAKONADI_ENABLED)
 endif()
 
 ki18n_wrap_ui(_kleopatra_uiserver_SRCS crypto/gui/signingcertificateselectionwidget.ui)
 
 set(_kleopatra_SRCS
   ${_kleopatra_extra_SRCS}
 
   accessibility/accessiblelink.cpp
   accessibility/accessiblelink_p.h
   accessibility/accessiblerichtextlabel.cpp
   accessibility/accessiblerichtextlabel_p.h
   accessibility/accessiblewidgetfactory.cpp
   accessibility/accessiblewidgetfactory.h
   commands/adduseridcommand.cpp
   commands/adduseridcommand.h
   commands/authenticatepivcardapplicationcommand.cpp
   commands/authenticatepivcardapplicationcommand.h
   commands/cardcommand.cpp
   commands/cardcommand.h
   commands/certificatetopivcardcommand.cpp
   commands/certificatetopivcardcommand.h
   commands/certifycertificatecommand.cpp
   commands/certifycertificatecommand.h
   commands/changeexpirycommand.cpp
   commands/changeexpirycommand.h
   commands/changeownertrustcommand.cpp
   commands/changeownertrustcommand.h
   commands/changepassphrasecommand.cpp
   commands/changepassphrasecommand.h
   commands/changepincommand.cpp
   commands/changepincommand.h
   commands/changeroottrustcommand.cpp
   commands/changeroottrustcommand.h
   commands/checksumcreatefilescommand.cpp
   commands/checksumcreatefilescommand.h
   commands/checksumverifyfilescommand.cpp
   commands/checksumverifyfilescommand.h
   commands/clearcrlcachecommand.cpp
   commands/clearcrlcachecommand.h
   commands/command.cpp
   commands/command.h
   commands/createcsrforcardkeycommand.cpp
   commands/createcsrforcardkeycommand.h
   commands/createopenpgpkeyfromcardkeyscommand.cpp
   commands/createopenpgpkeyfromcardkeyscommand.h
   commands/decryptverifyclipboardcommand.cpp
   commands/decryptverifyclipboardcommand.h
   commands/decryptverifyfilescommand.cpp
   commands/decryptverifyfilescommand.h
   commands/deletecertificatescommand.cpp
   commands/deletecertificatescommand.h
   commands/detailscommand.cpp
   commands/detailscommand.h
   commands/dumpcertificatecommand.cpp
   commands/dumpcertificatecommand.h
   commands/dumpcrlcachecommand.cpp
   commands/dumpcrlcachecommand.h
   commands/encryptclipboardcommand.cpp
   commands/encryptclipboardcommand.h
   commands/exportcertificatecommand.cpp
   commands/exportcertificatecommand.h
   commands/exportgroupscommand.cpp
   commands/exportgroupscommand.h
   commands/exportopenpgpcertstoservercommand.cpp
   commands/exportopenpgpcertstoservercommand.h
   commands/exportopenpgpcerttoprovidercommand.cpp
   commands/exportopenpgpcerttoprovidercommand.h
   commands/exportpaperkeycommand.cpp
   commands/exportpaperkeycommand.h
   commands/exportsecretkeycommand.cpp
   commands/exportsecretkeycommand.h
   commands/exportsecretkeycommand_old.cpp
   commands/exportsecretkeycommand_old.h
   commands/exportsecretsubkeycommand.cpp
   commands/exportsecretsubkeycommand.h
   commands/genrevokecommand.cpp
   commands/genrevokecommand.h
   commands/gnupgprocesscommand.cpp
   commands/gnupgprocesscommand.h
   commands/importcertificatefromclipboardcommand.cpp
   commands/importcertificatefromclipboardcommand.h
   commands/importcertificatefromdatacommand.cpp
   commands/importcertificatefromdatacommand.h
   commands/importcertificatefromfilecommand.cpp
   commands/importcertificatefromfilecommand.h
   commands/importcertificatefromkeyservercommand.cpp
   commands/importcertificatefromkeyservercommand.h
   commands/importcertificatefrompivcardcommand.cpp
   commands/importcertificatefrompivcardcommand.h
   commands/importcertificatescommand.cpp
   commands/importcertificatescommand.h
   commands/importcrlcommand.cpp
   commands/importcrlcommand.h
   commands/importpaperkeycommand.cpp
   commands/importpaperkeycommand.h
   commands/keytocardcommand.cpp
   commands/keytocardcommand.h
   commands/learncardkeyscommand.cpp
   commands/learncardkeyscommand.h
   commands/lookupcertificatescommand.cpp
   commands/lookupcertificatescommand.h
   commands/newcertificatesigningrequestcommand.cpp
   commands/newcertificatesigningrequestcommand.h
   commands/newopenpgpcertificatecommand.cpp
   commands/newopenpgpcertificatecommand.h
   commands/pivgeneratecardkeycommand.cpp
   commands/pivgeneratecardkeycommand.h
   commands/refreshcertificatecommand.cpp
   commands/refreshcertificatecommand.h
   commands/refreshopenpgpcertscommand.cpp
   commands/refreshopenpgpcertscommand.h
   commands/refreshx509certscommand.cpp
   commands/refreshx509certscommand.h
   commands/reloadkeyscommand.cpp
   commands/reloadkeyscommand.h
   commands/revokecertificationcommand.cpp
   commands/revokecertificationcommand.h
   commands/revokekeycommand.cpp
   commands/revokekeycommand.h
   commands/revokeuseridcommand.cpp
   commands/revokeuseridcommand.h
   commands/selftestcommand.cpp
   commands/selftestcommand.h
   commands/setinitialpincommand.cpp
   commands/setinitialpincommand.h
   commands/setpivcardapplicationadministrationkeycommand.cpp
   commands/setpivcardapplicationadministrationkeycommand.h
+  commands/setprimaryuseridcommand.cpp
+  commands/setprimaryuseridcommand.h
   commands/signclipboardcommand.cpp
   commands/signclipboardcommand.h
   commands/signencryptfilescommand.cpp
   commands/signencryptfilescommand.h
   commands/signencryptfoldercommand.cpp
   commands/signencryptfoldercommand.h
   conf/configuredialog.cpp
   conf/configuredialog.h
   conf/groupsconfigdialog.cpp
   conf/groupsconfigdialog.h
   conf/groupsconfigpage.cpp
   conf/groupsconfigpage.h
   conf/groupsconfigwidget.cpp
   conf/groupsconfigwidget.h
   crypto/autodecryptverifyfilescontroller.cpp
   crypto/autodecryptverifyfilescontroller.h
   crypto/certificateresolver.cpp
   crypto/certificateresolver.h
   crypto/checksumsutils_p.cpp
   crypto/checksumsutils_p.h
   crypto/controller.cpp
   crypto/controller.h
   crypto/createchecksumscontroller.cpp
   crypto/createchecksumscontroller.h
   crypto/decryptverifyemailcontroller.cpp
   crypto/decryptverifyemailcontroller.h
   crypto/decryptverifyfilescontroller.cpp
   crypto/decryptverifyfilescontroller.h
   crypto/decryptverifytask.cpp
   crypto/decryptverifytask.h
   crypto/encryptemailcontroller.cpp
   crypto/encryptemailcontroller.h
   crypto/encryptemailtask.cpp
   crypto/encryptemailtask.h
   crypto/gui/certificatelineedit.cpp
   crypto/gui/certificatelineedit.h
   crypto/gui/certificateselectionline.cpp
   crypto/gui/certificateselectionline.h
   crypto/gui/decryptverifyfilesdialog.cpp
   crypto/gui/decryptverifyfilesdialog.h
   crypto/gui/decryptverifyfileswizard.cpp
   crypto/gui/decryptverifyfileswizard.h
   crypto/gui/decryptverifyoperationwidget.cpp
   crypto/gui/decryptverifyoperationwidget.h
   crypto/gui/encryptemailwizard.cpp
   crypto/gui/encryptemailwizard.h
   crypto/gui/newresultpage.cpp
   crypto/gui/newresultpage.h
   crypto/gui/objectspage.cpp
   crypto/gui/objectspage.h
   crypto/gui/resolverecipientspage.cpp
   crypto/gui/resolverecipientspage.h
   crypto/gui/resultitemwidget.cpp
   crypto/gui/resultitemwidget.h
   crypto/gui/resultlistwidget.cpp
   crypto/gui/resultlistwidget.h
   crypto/gui/resultpage.cpp
   crypto/gui/resultpage.h
   crypto/gui/signemailwizard.cpp
   crypto/gui/signemailwizard.h
   crypto/gui/signencryptemailconflictdialog.cpp
   crypto/gui/signencryptemailconflictdialog.h
   crypto/gui/signencryptfileswizard.cpp
   crypto/gui/signencryptfileswizard.h
   crypto/gui/signencryptwidget.cpp
   crypto/gui/signencryptwidget.h
   crypto/gui/signencryptwizard.cpp
   crypto/gui/signencryptwizard.h
   crypto/gui/signerresolvepage.cpp
   crypto/gui/signerresolvepage.h
   crypto/gui/signingcertificateselectiondialog.cpp
   crypto/gui/signingcertificateselectiondialog.h
   crypto/gui/signingcertificateselectionwidget.cpp
   crypto/gui/signingcertificateselectionwidget.h
   crypto/gui/unknownrecipientwidget.cpp
   crypto/gui/unknownrecipientwidget.h
   crypto/gui/verifychecksumsdialog.cpp
   crypto/gui/verifychecksumsdialog.h
   crypto/gui/wizard.cpp
   crypto/gui/wizard.h
   crypto/gui/wizardpage.cpp
   crypto/gui/wizardpage.h
   crypto/newsignencryptemailcontroller.cpp
   crypto/newsignencryptemailcontroller.h
   crypto/recipient.cpp
   crypto/recipient.h
   crypto/sender.cpp
   crypto/sender.h
   crypto/signemailcontroller.cpp
   crypto/signemailcontroller.h
   crypto/signemailtask.cpp
   crypto/signemailtask.h
   crypto/signencryptfilescontroller.cpp
   crypto/signencryptfilescontroller.h
   crypto/signencrypttask.cpp
   crypto/signencrypttask.h
   crypto/task.cpp
   crypto/task.h
   crypto/taskcollection.cpp
   crypto/taskcollection.h
   crypto/verifychecksumscontroller.cpp
   crypto/verifychecksumscontroller.h
   dialogs/adduseriddialog.cpp
   dialogs/adduseriddialog.h
   dialogs/certificatedetailsdialog.cpp
   dialogs/certificatedetailsdialog.h
   dialogs/certificatedetailsinputwidget.cpp
   dialogs/certificatedetailsinputwidget.h
   dialogs/certificatedetailswidget.cpp
   dialogs/certificatedetailswidget.h
   dialogs/certificateselectiondialog.cpp
   dialogs/certificateselectiondialog.h
   dialogs/certifycertificatedialog.cpp
   dialogs/certifycertificatedialog.h
   dialogs/certifywidget.cpp
   dialogs/certifywidget.h
   dialogs/createcsrforcardkeydialog.cpp
   dialogs/createcsrforcardkeydialog.h
   dialogs/deletecertificatesdialog.cpp
   dialogs/deletecertificatesdialog.h
   dialogs/editgroupdialog.cpp
   dialogs/editgroupdialog.h
   dialogs/expirydialog.cpp
   dialogs/expirydialog.h
   dialogs/exportdialog.cpp
   dialogs/exportdialog.h
   dialogs/gencardkeydialog.cpp
   dialogs/gencardkeydialog.h
   dialogs/groupdetailsdialog.cpp
   dialogs/groupdetailsdialog.h
   dialogs/lookupcertificatesdialog.cpp
   dialogs/lookupcertificatesdialog.h
   dialogs/nameandemailwidget.cpp
   dialogs/nameandemailwidget.h
   dialogs/newopenpgpcertificatedetailsdialog.cpp
   dialogs/newopenpgpcertificatedetailsdialog.h
   dialogs/ownertrustdialog.cpp
   dialogs/ownertrustdialog.h
   dialogs/pivcardapplicationadministrationkeyinputdialog.cpp
   dialogs/pivcardapplicationadministrationkeyinputdialog.h
   dialogs/revokecertificationdialog.cpp
   dialogs/revokecertificationdialog.h
   dialogs/revokecertificationwidget.cpp
   dialogs/revokecertificationwidget.h
   dialogs/revokekeydialog.cpp
   dialogs/revokekeydialog.h
   dialogs/selftestdialog.cpp
   dialogs/selftestdialog.h
   dialogs/setinitialpindialog.cpp
   dialogs/setinitialpindialog.h
   dialogs/subkeyswidget.cpp
   dialogs/subkeyswidget.h
   dialogs/trustchainwidget.cpp
   dialogs/trustchainwidget.h
   dialogs/updatenotification.cpp
   dialogs/updatenotification.h
   dialogs/weboftrustdialog.cpp
   dialogs/weboftrustdialog.h
   dialogs/weboftrustwidget.cpp
   dialogs/weboftrustwidget.h
   interfaces/anchorprovider.h
   interfaces/focusfirstchild.h
   newcertificatewizard/advancedsettingsdialog.cpp
   newcertificatewizard/advancedsettingsdialog_p.h
   newcertificatewizard/enterdetailspage.cpp
   newcertificatewizard/enterdetailspage_p.h
   newcertificatewizard/keyalgo.cpp
   newcertificatewizard/keyalgo_p.h
   newcertificatewizard/keycreationpage.cpp
   newcertificatewizard/keycreationpage_p.h
   newcertificatewizard/listwidget.cpp
   newcertificatewizard/listwidget.h
   newcertificatewizard/newcertificatewizard.cpp
   newcertificatewizard/newcertificatewizard.h
   newcertificatewizard/resultpage.cpp
   newcertificatewizard/resultpage_p.h
   newcertificatewizard/wizardpage.cpp
   newcertificatewizard/wizardpage_p.h
   selftest/compliancecheck.cpp
   selftest/compliancecheck.h
   selftest/enginecheck.cpp
   selftest/enginecheck.h
   selftest/gpgagentcheck.cpp
   selftest/gpgagentcheck.h
   selftest/gpgconfcheck.cpp
   selftest/gpgconfcheck.h
   selftest/libkleopatrarccheck.cpp
   selftest/libkleopatrarccheck.h
   selftest/selftest.cpp
   selftest/selftest.h
   smartcard/card.cpp
   smartcard/card.h
   smartcard/deviceinfowatcher.cpp
   smartcard/deviceinfowatcher.h
   smartcard/keypairinfo.cpp
   smartcard/keypairinfo.h
   smartcard/netkeycard.cpp
   smartcard/netkeycard.h
   smartcard/openpgpcard.cpp
   smartcard/openpgpcard.h
   smartcard/p15card.cpp
   smartcard/p15card.h
   smartcard/pivcard.cpp
   smartcard/pivcard.h
   smartcard/readerstatus.cpp
   smartcard/readerstatus.h
   smartcard/utils.cpp
   smartcard/utils.h
   utils/accessibility.cpp
   utils/accessibility.h
   utils/action_data.cpp
   utils/action_data.h
   utils/applicationstate.cpp
   utils/applicationstate.h
   utils/archivedefinition.cpp
   utils/archivedefinition.h
   utils/auditlog.cpp
   utils/auditlog.h
   utils/clipboardmenu.cpp
   utils/clipboardmenu.h
   utils/debug-helpers.cpp
   utils/debug-helpers.h
   utils/dragqueen.cpp
   utils/dragqueen.h
   utils/email.cpp
   utils/email.h
   utils/emptypassphraseprovider.cpp
   utils/emptypassphraseprovider.h
   utils/filedialog.cpp
   utils/filedialog.h
   utils/gui-helper.cpp
   utils/gui-helper.h
   utils/headerview.cpp
   utils/headerview.h
   utils/input.cpp
   utils/input.h
   utils/iodevicelogger.cpp
   utils/iodevicelogger.h
   utils/kdpipeiodevice.cpp
   utils/kdpipeiodevice.h
   utils/keyparameters.cpp
   utils/keyparameters.h
   utils/keys.cpp
   utils/keys.h
   utils/kuniqueservice.cpp
   utils/kuniqueservice.h
   utils/log.cpp
   utils/log.h
   utils/multivalidator.cpp
   utils/multivalidator.h
   utils/output.cpp
   utils/output.h
   utils/path-helper.cpp
   utils/path-helper.h
   utils/scrollarea.cpp
   utils/scrollarea.h
   utils/systemtrayicon.cpp
   utils/systemtrayicon.h
   utils/tags.cpp
   utils/tags.h
   utils/types.cpp
   utils/types.h
   utils/userinfo.cpp
   utils/userinfo.h
   utils/validation.cpp
   utils/validation.h
   utils/writecertassuantransaction.cpp
   utils/writecertassuantransaction.h
   utils/wsastarter.cpp
   utils/wsastarter.h
   view/anchorcache.cpp
   view/anchorcache_p.h
   view/errorlabel.cpp
   view/errorlabel.h
   view/formtextinput.cpp
   view/formtextinput.h
   view/htmllabel.cpp
   view/htmllabel.h
   view/keycacheoverlay.cpp
   view/keycacheoverlay.h
   view/keylistcontroller.cpp
   view/keylistcontroller.h
   view/keytreeview.cpp
   view/keytreeview.h
   view/netkeywidget.cpp
   view/netkeywidget.h
   view/nullpinwidget.cpp
   view/nullpinwidget.h
   view/openpgpkeycardwidget.cpp
   view/openpgpkeycardwidget.h
   view/p15cardwidget.cpp
   view/p15cardwidget.h
   view/padwidget.cpp
   view/padwidget.h
   view/pgpcardwidget.cpp
   view/pgpcardwidget.h
   view/pivcardwidget.cpp
   view/pivcardwidget.h
   view/searchbar.cpp
   view/searchbar.h
   view/smartcardwidget.cpp
   view/smartcardwidget.h
   view/tabwidget.cpp
   view/tabwidget.h
   view/urllabel.cpp
   view/urllabel.h
   view/waitwidget.cpp
   view/waitwidget.h
   view/welcomewidget.cpp
   view/welcomewidget.h
 
   aboutdata.cpp
   aboutdata.h
   kleopatra.qrc
   kleopatraapplication.cpp
   kleopatraapplication.h
   main.cpp
   mainwindow.cpp
   mainwindow.h
   systrayicon.cpp
   systrayicon.h
 )
 
 if(WIN32)
   configure_file (versioninfo.rc.in versioninfo.rc)
   set(_kleopatra_SRCS ${CMAKE_CURRENT_BINARY_DIR}/versioninfo.rc ${_kleopatra_SRCS})
 endif()
 
 set (_kleopatra_SRCS conf/kleopageconfigdialog.cpp ${_kleopatra_SRCS})
 
 ecm_qt_declare_logging_category(_kleopatra_SRCS HEADER kleopatra_debug.h IDENTIFIER KLEOPATRA_LOG CATEGORY_NAME org.kde.pim.kleopatra
         DESCRIPTION "kleopatra (kleopatra)"
         OLD_CATEGORY_NAMES log_kleopatra
         EXPORT KLEOPATRA
     )
 
 
 if(KLEO_MODEL_TEST)
   add_definitions(-DKLEO_MODEL_TEST)
   set(_kleopatra_SRCS ${_kleopatra_SRCS} models/modeltest.cpp)
 endif()
 
 ki18n_wrap_ui(_kleopatra_SRCS
   dialogs/ownertrustdialog.ui
   dialogs/selectchecklevelwidget.ui
   dialogs/setinitialpindialog.ui
   dialogs/trustchainwidget.ui
   newcertificatewizard/listwidget.ui
 )
 
 kconfig_add_kcfg_files(_kleopatra_SRCS
   kcfg/emailoperationspreferences.kcfgc
   kcfg/fileoperationspreferences.kcfgc
   kcfg/settings.kcfgc
   kcfg/smimevalidationpreferences.kcfgc
   kcfg/tagspreferences.kcfgc
   kcfg/tooltippreferences.kcfgc
 )
 
 file(GLOB ICONS_SRCS "${CMAKE_CURRENT_SOURCE_DIR}/icons/*-apps-kleopatra.png")
 ecm_add_app_icon(_kleopatra_SRCS ICONS ${ICONS_SRCS})
 
 add_executable(kleopatra_bin ${_kleopatra_SRCS} ${_kleopatra_uiserver_SRCS})
 
 # For the ConfigureDialog & KCMs
 target_link_libraries(kleopatra_bin kcm_kleopatra_static)
 
 #if (COMPILE_WITH_UNITY_CMAKE_SUPPORT)
 #    set_target_properties(kleopatra_bin PROPERTIES UNITY_BUILD ON)
 #endif()
 set_target_properties(kleopatra_bin PROPERTIES OUTPUT_NAME kleopatra)
 
 if (WIN32)
   set(_kleopatra_platform_libs "secur32")
 endif ()
 
 target_link_libraries(kleopatra_bin
   Gpgmepp
   ${_kleopatra_extra_libs}
   KF5::Libkleo
   KF5::Mime
   KF5::I18n
   KF5::XmlGui
   KF5::IconThemes
   KF5::WindowSystem
   KF5::CoreAddons
   KF5::ItemModels
   KF5::Crash
   ${_kleopatra_mail_libs}
   Qt${QT_MAJOR_VERSION}::Network
   Qt${QT_MAJOR_VERSION}::PrintSupport # Printing secret keys
   ${_kleopatra_uiserver_extra_libs}
   ${_kleopatra_dbusaddons_libs}
   kleopatraclientcore
   ${_kleopatra_platform_libs}
 )
 
 if (QT_MAJOR_VERSION STREQUAL "6")
     target_link_libraries(kleopatra_bin QGpgmeQt6)
 else()
     target_link_libraries(kleopatra_bin QGpgme)
 endif()
 
 install(TARGETS kleopatra_bin ${KDE_INSTALL_TARGETS_DEFAULT_ARGS})
 
 install(
   PROGRAMS data/org.kde.kleopatra.desktop data/kleopatra_import.desktop
   DESTINATION ${KDE_INSTALL_APPDIR}
 )
 install(FILES data/org.kde.kleopatra.appdata.xml DESTINATION ${KDE_INSTALL_METAINFODIR})
 install(
   PROGRAMS data/kleopatra_signencryptfiles.desktop
         data/kleopatra_signencryptfolders.desktop
         data/kleopatra_decryptverifyfiles.desktop
         data/kleopatra_decryptverifyfolders.desktop
   DESTINATION ${KDE_INSTALL_DATADIR}/kio/servicemenus
 )
diff --git a/src/commands/setprimaryuseridcommand.cpp b/src/commands/setprimaryuseridcommand.cpp
new file mode 100644
index 000000000..7f866e5a9
--- /dev/null
+++ b/src/commands/setprimaryuseridcommand.cpp
@@ -0,0 +1,181 @@
+/* -*- mode: c++; c-basic-offset:4 -*-
+    commands/setprimaryuseridcommand.cpp
+
+    This file is part of Kleopatra, the KDE keymanager
+    SPDX-FileCopyrightText: 2022 g10 Code GmbH
+    SPDX-FileContributor: Ingo Klöcker <dev@ingo-kloecker.de>
+
+    SPDX-License-Identifier: GPL-2.0-or-later
+*/
+
+#include <config-kleopatra.h>
+
+#include "setprimaryuseridcommand.h"
+
+#include "command_p.h"
+
+#include <KLocalizedString>
+
+#include <QGpgME/Protocol>
+#ifdef QGPGME_SUPPORTS_SET_PRIMARY_UID
+#include <QGpgME/SetPrimaryUserIDJob>
+#endif
+
+#include <gpgme++/key.h>
+
+#include "kleopatra_debug.h"
+
+using namespace Kleo;
+using namespace Kleo::Commands;
+using namespace GpgME;
+
+class SetPrimaryUserIDCommand::Private : public Command::Private
+{
+    friend class ::Kleo::Commands::SetPrimaryUserIDCommand;
+    SetPrimaryUserIDCommand *q_func() const
+    {
+        return static_cast<SetPrimaryUserIDCommand *>(q);
+    }
+
+public:
+    explicit Private(SetPrimaryUserIDCommand *qq, const UserID &userId);
+    ~Private() override;
+
+    void startJob();
+
+private:
+    void createJob();
+    void slotResult(const Error &err);
+    void showErrorDialog(const Error &error);
+    void showSuccessDialog();
+
+private:
+    GpgME::UserID userId;
+#ifdef QGPGME_SUPPORTS_SET_PRIMARY_UID
+    QPointer<QGpgME::SetPrimaryUserIDJob> job;
+#endif
+};
+
+SetPrimaryUserIDCommand::Private *SetPrimaryUserIDCommand::d_func()
+{
+    return static_cast<Private *>(d.get());
+}
+const SetPrimaryUserIDCommand::Private *SetPrimaryUserIDCommand::d_func() const
+{
+    return static_cast<const Private *>(d.get());
+}
+
+#define d d_func()
+#define q q_func()
+
+SetPrimaryUserIDCommand::Private::Private(SetPrimaryUserIDCommand *qq, const UserID &userId)
+    : Command::Private{qq}
+    , userId{userId}
+{
+}
+
+SetPrimaryUserIDCommand::Private::~Private() = default;
+
+void Commands::SetPrimaryUserIDCommand::Private::startJob()
+{
+#ifdef QGPGME_SUPPORTS_SET_PRIMARY_UID
+    createJob();
+    if (!job) {
+        finished();
+        return;
+    }
+    job->start(userId);
+#else
+    error(i18nc("@info", "The backend does not support this operation."));
+#endif
+}
+
+void SetPrimaryUserIDCommand::Private::createJob()
+{
+#ifdef QGPGME_SUPPORTS_SET_PRIMARY_UID
+    Q_ASSERT(!job);
+
+    const auto backend = QGpgME::openpgp();
+    if (!backend) {
+        return;
+    }
+
+    const auto j = backend->setPrimaryUserIDJob();
+    if (!j) {
+        return;
+    }
+
+    connect(j, &QGpgME::Job::progress, q, &Command::progress);
+    connect(j, &QGpgME::SetPrimaryUserIDJob::result, q, [this](const GpgME::Error &err) {
+        slotResult(err);
+    });
+
+    job = j;
+#endif
+}
+
+void SetPrimaryUserIDCommand::Private::slotResult(const Error &err)
+{
+    if (err.isCanceled()) {
+    } else if (err) {
+        showErrorDialog(err);
+    } else {
+        showSuccessDialog();
+    }
+    finished();
+}
+
+void SetPrimaryUserIDCommand::Private::showErrorDialog(const Error &err)
+{
+    error(xi18nc("@info",
+                 "<para>An error occurred while trying to flag the user ID<nl/><emphasis>%1</emphasis><nl/>as the primary user ID.</para>"
+                 "<para><message>%2</message></para>",
+                 QString::fromUtf8(userId.id()),
+                 QString::fromLocal8Bit(err.asString())));
+}
+
+void SetPrimaryUserIDCommand::Private::showSuccessDialog()
+{
+    success(xi18nc("@info",
+                   "<para>The user ID<nl/><emphasis>%1</emphasis><nl/>has been flagged successfully as the primary user ID.</para>",
+                   QString::fromUtf8(userId.id())));
+}
+
+SetPrimaryUserIDCommand::SetPrimaryUserIDCommand(const GpgME::UserID &userId)
+    : Command{new Private{this, userId}}
+{
+}
+
+SetPrimaryUserIDCommand::~SetPrimaryUserIDCommand()
+{
+    qCDebug(KLEOPATRA_LOG).nospace() << this << "::" << __func__;
+}
+
+void SetPrimaryUserIDCommand::doStart()
+{
+    if (d->userId.isNull()) {
+        d->finished();
+        return;
+    }
+
+    const auto key = d->userId.parent();
+    if (key.protocol() != GpgME::OpenPGP || !key.hasSecret()) {
+        d->finished();
+        return;
+    }
+
+    d->startJob();
+}
+
+void SetPrimaryUserIDCommand::doCancel()
+{
+    qCDebug(KLEOPATRA_LOG).nospace() << this << "::" << __func__;
+#ifdef QGPGME_SUPPORTS_SET_PRIMARY_UID
+    if (d->job) {
+        d->job->slotCancel();
+    }
+#endif
+}
+
+#undef d
+#undef q
diff --git a/src/commands/setprimaryuseridcommand.h b/src/commands/setprimaryuseridcommand.h
new file mode 100644
index 000000000..6177d1809
--- /dev/null
+++ b/src/commands/setprimaryuseridcommand.h
@@ -0,0 +1,43 @@
+/* -*- mode: c++; c-basic-offset:4 -*-
+    commands/setprimaryuseridcommand.h
+
+    This file is part of Kleopatra, the KDE keymanager
+    SPDX-FileCopyrightText: 2022 g10 Code GmbH
+    SPDX-FileContributor: Ingo Klöcker <dev@ingo-kloecker.de>
+
+    SPDX-License-Identifier: GPL-2.0-or-later
+*/
+
+#pragma once
+
+#include "command.h"
+
+namespace GpgME
+{
+class UserID;
+}
+
+namespace Kleo
+{
+namespace Commands
+{
+
+class SetPrimaryUserIDCommand : public Command
+{
+    Q_OBJECT
+public:
+    explicit SetPrimaryUserIDCommand(const GpgME::UserID &userId);
+    ~SetPrimaryUserIDCommand() override;
+
+private:
+    void doStart() override;
+    void doCancel() override;
+
+private:
+    class Private;
+    inline Private *d_func();
+    inline const Private *d_func() const;
+};
+
+}
+}
diff --git a/src/dialogs/certificatedetailswidget.cpp b/src/dialogs/certificatedetailswidget.cpp
index 97bd4a0e3..d1ad7eae7 100644
--- a/src/dialogs/certificatedetailswidget.cpp
+++ b/src/dialogs/certificatedetailswidget.cpp
@@ -1,1209 +1,1268 @@
 /*
     dialogs/certificatedetailswidget.cpp
 
     This file is part of Kleopatra, the KDE keymanager
     SPDX-FileCopyrightText: 2016 Klarälvdalens Datakonsult AB
     SPDX-FileCopyrightText: 2017 Intevation GmbH
     SPDX-FileCopyrightText: 2022 g10 Code GmbH
     SPDX-FileContributor: Ingo Klöcker <dev@ingo-kloecker.de>
     SPDX-FileCopyrightText: 2022 Felix Tiede
 
     SPDX-License-Identifier: GPL-2.0-or-later
 */
 
 #include <config-kleopatra.h>
 
 #include "certificatedetailswidget.h"
 
 #include "kleopatra_debug.h"
 #include "exportdialog.h"
 #include "trustchainwidget.h"
 #include "subkeyswidget.h"
 #include "weboftrustdialog.h"
 
 #include "commands/changepassphrasecommand.h"
 #include "commands/changeexpirycommand.h"
 #include "commands/certifycertificatecommand.h"
 #ifdef MAILAKONADI_ENABLED
 #include "commands/exportopenpgpcerttoprovidercommand.h"
 #endif // MAILAKONADI_ENABLED
 #include "commands/refreshcertificatecommand.h"
 #include "commands/revokecertificationcommand.h"
 #include "commands/revokeuseridcommand.h"
+#include "commands/setprimaryuseridcommand.h"
 #include "commands/adduseridcommand.h"
 #include "commands/genrevokecommand.h"
 #include "commands/detailscommand.h"
 #include "commands/dumpcertificatecommand.h"
 
 #include "utils/keys.h"
 #include "utils/tags.h"
 
 #include <Libkleo/Algorithm>
 #include <Libkleo/Compliance>
 #include <Libkleo/Formatting>
 #include <Libkleo/Dn>
 #include <Libkleo/KeyCache>
 #include <Libkleo/GnuPG>
 #include <Libkleo/NavigatableTreeWidget>
 
 #include <KLocalizedString>
 #include <KMessageBox>
 #include <KSeparator>
 
 #include <gpgme++/context.h>
 #include <gpgme++/key.h>
 #include <gpgme++/keylistresult.h>
 #include <gpgme++/tofuinfo.h>
 
 #include <QGpgME/Debug>
 #include <QGpgME/Protocol>
 #include <QGpgME/KeyListJob>
 
 #include <QClipboard>
 #include <QDateTime>
 #include <QGridLayout>
 #include <QGuiApplication>
 #include <QHBoxLayout>
 #include <QLabel>
 #include <QListWidget>
 #include <QLocale>
 #include <QMenu>
 #include <QPushButton>
 #include <QStringBuilder>
 #include <QTreeWidget>
 #include <QVBoxLayout>
 
 #include <map>
 #if __has_include(<ranges>)
 #include <ranges>
 #define USE_RANGES
 #endif
 #include <set>
 
 Q_DECLARE_METATYPE(GpgME::UserID)
 
 using namespace Kleo;
 
 static const char *accessibleNameProperty = "_kleo_accessibleName";
 
 class InfoField {
 public:
     InfoField(const QString &label, QWidget *parent);
 
     void setValue(const QString &value, const QString &accessibleValue = {});
     QString value() const;
 
     void setIcon(const QIcon &icon);
     void setAction(const QAction *action);
     void setToolTip(const QString &toolTip);
     void setVisible(bool visible);
 
     QLabel *label() const { return mLabel; }
     QLayout *layout() const { return mLayout; }
 
 private:
     void onActionChanged();
 
     QLabel *mLabel = nullptr;
     QHBoxLayout *mLayout = nullptr;
     QLabel *mIcon = nullptr;
     QLabel *mValue = nullptr;
     QPushButton *mButton = nullptr;
     const QAction *mAction = nullptr;
 };
 
 InfoField::InfoField(const QString &label, QWidget *parent)
     : mLabel{new QLabel{label, parent}}
     , mLayout{new QHBoxLayout}
     , mIcon{new QLabel{parent}}
     , mValue{new QLabel{parent}}
     , mButton{new QPushButton{parent}}
 {
     mLabel->setBuddy(mValue);
     mLabel->setTextInteractionFlags(Qt::TextSelectableByMouse);
     mIcon->setVisible(false);
     mLayout->addWidget(mIcon);
     mValue->setTextInteractionFlags(Qt::TextSelectableByMouse);
     mValue->setFocusPolicy(Qt::TabFocus);
     mLayout->addWidget(mValue);
     mButton->setSizePolicy(QSizePolicy::Fixed, QSizePolicy::Fixed);
     mButton->setVisible(false);
     mLayout->addWidget(mButton);
     mLayout->addStretch();
 }
 
 void InfoField::setValue(const QString &value, const QString &accessibleValue)
 {
     mValue->setText(value);
     mValue->setAccessibleName(accessibleValue);
 }
 
 QString InfoField::value() const
 {
     return mValue->text();
 }
 
 void InfoField::setIcon(const QIcon &icon)
 {
     if (!icon.isNull()) {
         const int iconSize = mIcon->style()->pixelMetric(QStyle::PM_SmallIconSize, nullptr, mIcon);
         mIcon->setPixmap(icon.pixmap(iconSize));
         mIcon->setVisible(true);
     } else {
         mIcon->setVisible(false);
         mIcon->clear();
     }
 }
 
 void InfoField::setAction(const QAction *action)
 {
     if (action == mAction) {
         return;
     }
     if (mAction) {
         QObject::disconnect(mButton, {}, mAction, {});
         QObject::disconnect(mAction, {}, mButton, {});
     }
     mAction = action;
     if (mAction) {
         QObject::connect(mButton, &QPushButton::clicked, action, &QAction::trigger);
         QObject::connect(mAction, &QAction::changed, mButton, [this]() {
             onActionChanged();
         });
         onActionChanged();
         mButton->setAccessibleName(mAction->property(accessibleNameProperty).toString());
         mButton->setVisible(true);
     } else {
         mButton->setVisible(false);
         mButton->setText({});
         mButton->setIcon({});
     }
 }
 
 void InfoField::setToolTip(const QString &toolTip)
 {
     mValue->setToolTip(toolTip);
 }
 
 void InfoField::setVisible(bool visible)
 {
     mLabel->setVisible(visible);
     mIcon->setVisible(visible && !mIcon->pixmap(Qt::ReturnByValue).isNull());
     mValue->setVisible(visible);
     mButton->setVisible(visible && mAction);
 }
 
 void InfoField::onActionChanged()
 {
     if (!mAction) {
         return;
     }
     if (mAction->text() != mButton->text()) {
         mButton->setText(mAction->text());
     }
     mButton->setIcon(mAction->icon());
     if (mAction->toolTip() != mButton->toolTip()) {
         mButton->setToolTip(mAction->toolTip());
     }
     if (mAction->isEnabled() != mButton->isEnabled()) {
         mButton->setEnabled(mAction->isEnabled());
     }
 }
 
 namespace
 {
 std::vector<GpgME::UserID> selectedUserIDs(const QTreeWidget *treeWidget) {
     if (!treeWidget) {
         return {};
     }
 
     std::vector<GpgME::UserID> userIDs;
     const auto selected = treeWidget->selectedItems();
     std::transform(selected.begin(), selected.end(), std::back_inserter(userIDs), [](const QTreeWidgetItem *item) {
         return item->data(0, Qt::UserRole).value<GpgME::UserID>();
     });
     return userIDs;
 }
 }
 
 class CertificateDetailsWidget::Private
 {
 public:
     Private(CertificateDetailsWidget *qq);
 
     void setupCommonProperties();
     void updateUserIDActions();
     void setUpUserIDTable();
     void setUpSMIMEAdressList();
     void setupPGPProperties();
     void setupSMIMEProperties();
 
     void revokeUserID(const GpgME::UserID &uid);
     void revokeSelectedUserID();
     void genRevokeCert();
     void refreshCertificate();
     void certifyUserIDs();
     void revokeCertifications();
     void webOfTrustClicked();
     void exportClicked();
     void addUserID();
+    void setPrimaryUserID(const GpgME::UserID &uid = {});
     void changePassphrase();
     void changeExpiration();
     void keysMayHaveChanged();
     void showTrustChainDialog();
     void showMoreDetails();
     void userIDTableContextMenuRequested(const QPoint &p);
 
     QString tofuTooltipString(const GpgME::UserID &uid) const;
     QIcon trustLevelIcon(const GpgME::UserID &uid) const;
     QString trustLevelText(const GpgME::UserID &uid) const;
 
     void showIssuerCertificate();
 
     void updateKey();
     void setUpdatedKey(const GpgME::Key &key);
     void keyListDone(const GpgME::KeyListResult &,
                      const std::vector<GpgME::Key> &, const QString &,
                      const GpgME::Error &);
     void copyFingerprintToClipboard();
 
 private:
     CertificateDetailsWidget *const q;
 
 public:
     GpgME::Key key;
     bool updateInProgress = false;
 
 private:
     InfoField *attributeField(const QString &attributeName)
     {
         const auto keyValuePairIt = ui.smimeAttributeFields.find(attributeName);
         if (keyValuePairIt != ui.smimeAttributeFields.end()) {
             return (*keyValuePairIt).second.get();
         }
         return nullptr;
     }
 
 private:
     struct UI {
         QWidget *userIDs = nullptr;
         QLabel *userIDTableLabel = nullptr;
         NavigatableTreeWidget *userIDTable = nullptr;
         QPushButton *addUserIDBtn = nullptr;
+        QPushButton *setPrimaryUserIDBtn = nullptr;
         QPushButton *certifyBtn = nullptr;
         QPushButton *revokeCertificationsBtn = nullptr;
         QPushButton *revokeUserIDBtn = nullptr;
         QPushButton *webOfTrustBtn = nullptr;
 
         std::map<QString, std::unique_ptr<InfoField>> smimeAttributeFields;
         std::unique_ptr<InfoField> smimeTrustLevelField;
         std::unique_ptr<InfoField> validFromField;
         std::unique_ptr<InfoField> expiresField;
         QAction *changeExpirationAction = nullptr;
         std::unique_ptr<InfoField> fingerprintField;
         QAction *copyFingerprintAction = nullptr;
         std::unique_ptr<InfoField> smimeIssuerField;
         QAction *showIssuerCertificateAction = nullptr;
         std::unique_ptr<InfoField> complianceField;
         std::unique_ptr<InfoField> trustedIntroducerField;
 
         QLabel *smimeRelatedAddresses = nullptr;
         QListWidget *smimeAddressList = nullptr;
 
         QPushButton *moreDetailsBtn = nullptr;
         QPushButton *trustChainDetailsBtn = nullptr;
         QPushButton *refreshBtn = nullptr;
         QPushButton *changePassphraseBtn = nullptr;
         QPushButton *exportBtn = nullptr;
         QPushButton *genRevokeBtn = nullptr;
 
         void setupUi(QWidget *parent)
         {
             auto mainLayout = new QVBoxLayout{parent};
 
             userIDs = new QWidget{parent};
             {
             auto userIDsLayout = new QVBoxLayout{userIDs};
             userIDsLayout->setContentsMargins({});
 
             userIDTableLabel = new QLabel(i18n("User IDs:"), parent);
             userIDsLayout->addWidget(userIDTableLabel);
 
             userIDTable = new NavigatableTreeWidget{parent};
             userIDTableLabel->setBuddy(userIDTable);
             userIDTable->setAccessibleName(i18n("User IDs"));
             QTreeWidgetItem *__qtreewidgetitem = new QTreeWidgetItem();
             __qtreewidgetitem->setText(0, QString::fromUtf8("1"));
             userIDTable->setHeaderItem(__qtreewidgetitem);
             userIDTable->setEditTriggers(QAbstractItemView::NoEditTriggers);
             userIDTable->setSelectionMode(QAbstractItemView::ExtendedSelection);
             userIDTable->setRootIsDecorated(false);
             userIDTable->setUniformRowHeights(true);
             userIDTable->setAllColumnsShowFocus(false);
 
             userIDsLayout->addWidget(userIDTable);
 
             {
             auto buttonRow = new QHBoxLayout;
 
             addUserIDBtn = new QPushButton(i18nc("@action:button", "Add User ID"), parent);
             buttonRow->addWidget(addUserIDBtn);
 
+            setPrimaryUserIDBtn = new QPushButton{i18nc("@action:button", "Flag as Primary"), parent};
+            setPrimaryUserIDBtn->setToolTip(i18nc("@info:tooltip", "Flag the selected user ID as the primary user ID of this key."));
+            buttonRow->addWidget(setPrimaryUserIDBtn);
+
             certifyBtn = new QPushButton(i18nc("@action:button", "Certify User IDs"), parent);
             buttonRow->addWidget(certifyBtn);
 
             webOfTrustBtn = new QPushButton(i18nc("@action:button", "Show Certifications"), parent);
             buttonRow->addWidget(webOfTrustBtn);
 
             revokeCertificationsBtn = new QPushButton(i18nc("@action:button", "Revoke Certifications"), parent);
             buttonRow->addWidget(revokeCertificationsBtn);
 
             revokeUserIDBtn = new QPushButton(i18nc("@action:button", "Revoke User ID"), parent);
             buttonRow->addWidget(revokeUserIDBtn);
 
             buttonRow->addStretch(1);
 
             userIDsLayout->addLayout(buttonRow);
             }
 
             userIDsLayout->addWidget(new KSeparator{Qt::Horizontal, parent});
             }
 
             mainLayout->addWidget(userIDs);
 
             {
                 auto gridLayout = new QGridLayout;
                 gridLayout->setColumnStretch(1, 1);
 
                 int row = -1;
                 for (const auto &attribute : DN::attributeOrder()) {
                     const auto attributeLabel = DN::attributeNameToLabel(attribute);
                     if (attributeLabel.isEmpty()) {
                         continue;
                     }
                     const auto labelWithColon = i18nc("interpunctation for labels", "%1:", attributeLabel);
                     const auto & [it, inserted] = smimeAttributeFields.try_emplace(attribute, std::make_unique<InfoField>(labelWithColon, parent));
                     if (inserted) {
                         row++;
                         const auto &field = it->second;
                         gridLayout->addWidget(field->label(), row, 0);
                         gridLayout->addLayout(field->layout(), row, 1);
                     }
                 }
 
                 row++;
                 smimeTrustLevelField = std::make_unique<InfoField>(i18n("Trust level:"), parent);
                 gridLayout->addWidget(smimeTrustLevelField->label(), row, 0);
                 gridLayout->addLayout(smimeTrustLevelField->layout(), row, 1);
 
                 row++;
                 validFromField = std::make_unique<InfoField>(i18n("Valid from:"), parent);
                 gridLayout->addWidget(validFromField->label(), row, 0);
                 gridLayout->addLayout(validFromField->layout(), row, 1);
 
                 row++;
                 expiresField = std::make_unique<InfoField>(i18n("Valid until:"), parent);
                 changeExpirationAction = new QAction{parent};
                 changeExpirationAction->setIcon(QIcon::fromTheme(QStringLiteral("editor")));
                 changeExpirationAction->setToolTip(i18nc("@info:tooltip", "Change the end of the validity period"));
                 changeExpirationAction->setProperty(accessibleNameProperty, i18nc("@action:button", "Change Validity"));
                 expiresField->setAction(changeExpirationAction);
                 gridLayout->addWidget(expiresField->label(), row, 0);
                 gridLayout->addLayout(expiresField->layout(), row, 1);
 
                 row++;
                 fingerprintField = std::make_unique<InfoField>(i18n("Fingerprint:"), parent);
                 if (QGuiApplication::clipboard()) {
                     copyFingerprintAction = new QAction{parent};
                     copyFingerprintAction->setIcon(QIcon::fromTheme(QStringLiteral("edit-copy")));
                     copyFingerprintAction->setToolTip(i18nc("@info:tooltip", "Copy the fingerprint to the clipboard"));
                     copyFingerprintAction->setProperty(accessibleNameProperty, i18nc("@action:button", "Copy fingerprint"));
                     fingerprintField->setAction(copyFingerprintAction);
                 }
                 gridLayout->addWidget(fingerprintField->label(), row, 0);
                 gridLayout->addLayout(fingerprintField->layout(), row, 1);
 
                 row++;
                 smimeIssuerField = std::make_unique<InfoField>(i18n("Issuer:"), parent);
                 showIssuerCertificateAction = new QAction{parent};
                 showIssuerCertificateAction->setIcon(QIcon::fromTheme(QStringLiteral("dialog-information")));
                 showIssuerCertificateAction->setToolTip(i18nc("@info:tooltip", "Show the issuer certificate"));
                 showIssuerCertificateAction->setProperty(accessibleNameProperty, i18nc("@action:button", "Show certificate"));
                 smimeIssuerField->setAction(showIssuerCertificateAction);
                 gridLayout->addWidget(smimeIssuerField->label(), row, 0);
                 gridLayout->addLayout(smimeIssuerField->layout(), row, 1);
 
                 row++;
                 complianceField = std::make_unique<InfoField>(i18n("Compliance:"), parent);
                 gridLayout->addWidget(complianceField->label(), row, 0);
                 gridLayout->addLayout(complianceField->layout(), row, 1);
 
                 row++;
                 trustedIntroducerField = std::make_unique<InfoField>(i18n("Trusted introducer for:"), parent);
                 gridLayout->addWidget(trustedIntroducerField->label(), row, 0);
                 trustedIntroducerField->setToolTip(i18n("See certifications for details."));
                 gridLayout->addLayout(trustedIntroducerField->layout(), row, 1);
 
                 mainLayout->addLayout(gridLayout);
             }
 
             smimeRelatedAddresses = new QLabel(i18n("Related addresses:"), parent);
             mainLayout->addWidget(smimeRelatedAddresses);
 
             smimeAddressList = new QListWidget{parent};
             smimeRelatedAddresses->setBuddy(smimeAddressList);
             smimeAddressList->setAccessibleName(i18n("Related addresses"));
             smimeAddressList->setEditTriggers(QAbstractItemView::NoEditTriggers);
             smimeAddressList->setSelectionMode(QAbstractItemView::SingleSelection);
 
             mainLayout->addWidget(smimeAddressList);
 
             mainLayout->addStretch();
 
             {
                 auto buttonRow = new QHBoxLayout;
 
                 moreDetailsBtn = new QPushButton(i18nc("@action:button", "More Details..."), parent);
                 buttonRow->addWidget(moreDetailsBtn);
 
                 trustChainDetailsBtn = new QPushButton(i18nc("@action:button", "Trust Chain Details"), parent);
                 buttonRow->addWidget(trustChainDetailsBtn);
 
                 refreshBtn = new QPushButton{i18nc("@action:button", "Update"), parent};
 #ifndef QGPGME_SUPPORTS_KEY_REFRESH
                 refreshBtn->setVisible(false);
 #endif
                 buttonRow->addWidget(refreshBtn);
 
                 exportBtn = new QPushButton(i18nc("@action:button", "Export"), parent);
                 buttonRow->addWidget(exportBtn);
 
                 changePassphraseBtn = new QPushButton(i18nc("@action:button", "Change Passphrase"), parent);
                 buttonRow->addWidget(changePassphraseBtn);
 
                 genRevokeBtn = new QPushButton(i18nc("@action:button", "Generate Revocation Certificate"), parent);
                 genRevokeBtn->setToolTip(u"<html>" %
                                         i18n("A revocation certificate is a file that serves as a \"kill switch\" to publicly "
                                             "declare that a key shall not anymore be used.  It is not possible "
                                             "to retract such a revocation certificate once it has been published.") %
                                         u"</html>");
                 buttonRow->addWidget(genRevokeBtn);
 
                 buttonRow->addStretch(1);
 
                 mainLayout->addLayout(buttonRow);
             }
         }
     } ui;
 };
 
 CertificateDetailsWidget::Private::Private(CertificateDetailsWidget *qq)
     : q{qq}
 {
     ui.setupUi(q);
 
     ui.userIDTable->setContextMenuPolicy(Qt::CustomContextMenu);
     connect(ui.userIDTable, &QAbstractItemView::customContextMenuRequested,
             q, [this](const QPoint &p) { userIDTableContextMenuRequested(p); });
     connect(ui.userIDTable, &QTreeWidget::itemSelectionChanged,
             q, [this]() { updateUserIDActions(); });
     connect(ui.addUserIDBtn, &QPushButton::clicked,
             q, [this]() { addUserID(); });
+    connect(ui.setPrimaryUserIDBtn, &QPushButton::clicked,
+            q, [this]() { setPrimaryUserID(); });
     connect(ui.revokeUserIDBtn, &QPushButton::clicked,
             q, [this]() { revokeSelectedUserID(); });
     connect(ui.changePassphraseBtn, &QPushButton::clicked,
             q, [this]() { changePassphrase(); });
     connect(ui.genRevokeBtn, &QPushButton::clicked,
             q, [this]() { genRevokeCert(); });
     connect(ui.changeExpirationAction, &QAction::triggered,
             q, [this]() { changeExpiration(); });
     connect(ui.showIssuerCertificateAction, &QAction::triggered,
             q, [this]() { showIssuerCertificate(); });
     connect(ui.trustChainDetailsBtn, &QPushButton::pressed,
             q, [this]() { showTrustChainDialog(); });
     connect(ui.moreDetailsBtn, &QPushButton::pressed,
             q, [this]() { showMoreDetails(); });
     connect(ui.refreshBtn, &QPushButton::clicked,
             q, [this]() { refreshCertificate(); });
     connect(ui.certifyBtn, &QPushButton::clicked,
             q, [this]() { certifyUserIDs(); });
     connect(ui.revokeCertificationsBtn, &QPushButton::clicked,
             q, [this]() { revokeCertifications(); });
     connect(ui.webOfTrustBtn, &QPushButton::clicked,
             q, [this]() { webOfTrustClicked(); });
     connect(ui.exportBtn, &QPushButton::clicked,
             q, [this]() { exportClicked(); });
     if (ui.copyFingerprintAction) {
         connect(ui.copyFingerprintAction, &QAction::triggered,
                 q, [this]() { copyFingerprintToClipboard(); });
     }
 
     connect(Kleo::KeyCache::instance().get(), &Kleo::KeyCache::keysMayHaveChanged,
             q, [this]() { keysMayHaveChanged(); });
 }
 
 void CertificateDetailsWidget::Private::setupCommonProperties()
 {
     const bool isOpenPGP = key.protocol() == GpgME::OpenPGP;
     const bool isSMIME = key.protocol() == GpgME::CMS;
     const bool isOwnKey = key.hasSecret();
 
     // update visibility of UI elements
     ui.userIDs->setVisible(isOpenPGP);
     ui.addUserIDBtn->setVisible(isOwnKey);
+#ifdef QGPGME_SUPPORTS_SET_PRIMARY_UID
+    ui.setPrimaryUserIDBtn->setVisible(isOwnKey);
+#else
+    ui.setPrimaryUserIDBtn->setVisible(false);
+#endif
     // ui.certifyBtn->setVisible(true); // always visible (for OpenPGP keys)
     // ui.webOfTrustBtn->setVisible(true); // always visible (for OpenPGP keys)
     ui.revokeCertificationsBtn->setVisible(Kleo::Commands::RevokeCertificationCommand::isSupported());
     ui.revokeUserIDBtn->setVisible(isOwnKey);
 
     for (const auto &[_, field] : ui.smimeAttributeFields) {
         field->setVisible(isSMIME);
     }
     ui.smimeTrustLevelField->setVisible(isSMIME);
     // ui.validFromField->setVisible(true); // always visible
     // ui.expiresField->setVisible(true); // always visible
     if (isOpenPGP && isOwnKey) {
         ui.expiresField->setAction(ui.changeExpirationAction);
     } else {
         ui.expiresField->setAction(nullptr);
     }
     // ui.fingerprintField->setVisible(true); // always visible
     ui.smimeIssuerField->setVisible(isSMIME);
     ui.complianceField->setVisible(DeVSCompliance::isCompliant());
     ui.trustedIntroducerField->setVisible(isOpenPGP); // may be hidden again by setupPGPProperties()
 
     ui.smimeRelatedAddresses->setVisible(isSMIME);
     ui.smimeAddressList->setVisible(isSMIME);
 
     // ui.moreDetailsBtn->setVisible(true); // always visible
     ui.trustChainDetailsBtn->setVisible(isSMIME);
     // ui.refreshBtn->setVisible(true); // always visible
     ui.changePassphraseBtn->setVisible(isSecretKeyStoredInKeyRing(key));
     // ui.exportBtn->setVisible(true); // always visible
     ui.genRevokeBtn->setVisible(isOpenPGP && isOwnKey);
 
     // update availability of buttons
     const auto userCanSignUserIDs = userHasCertificationKey();
     ui.addUserIDBtn->setEnabled(canBeUsedForSecretKeyOperations(key));
+    ui.setPrimaryUserIDBtn->setEnabled(false); // requires a selected user ID
     ui.certifyBtn->setEnabled(userCanSignUserIDs);
     ui.revokeCertificationsBtn->setEnabled(userCanSignUserIDs);
     ui.revokeUserIDBtn->setEnabled(false); // requires a selected user ID
     ui.changeExpirationAction->setEnabled(canBeUsedForSecretKeyOperations(key));
     ui.changePassphraseBtn->setEnabled(isSecretKeyStoredInKeyRing(key));
     ui.genRevokeBtn->setEnabled(canBeUsedForSecretKeyOperations(key));
 
     // update values of protocol-independent UI elements
     ui.validFromField->setValue(Formatting::creationDateString(key), Formatting::accessibleCreationDate(key));
     ui.expiresField->setValue(Formatting::expirationDateString(key, i18nc("Valid until:", "unlimited")),
                               Formatting::accessibleExpirationDate(key));
     ui.fingerprintField->setValue(Formatting::prettyID(key.primaryFingerprint()),
                                   Formatting::accessibleHexID(key.primaryFingerprint()));
     if (DeVSCompliance::isCompliant()) {
         ui.complianceField->setValue(Kleo::Formatting::complianceStringForKey(key));
     }
 }
 
 void CertificateDetailsWidget::Private::updateUserIDActions()
 {
     const auto userIDs = selectedUserIDs(ui.userIDTable);
-    ui.revokeUserIDBtn->setEnabled((userIDs.size() == 1) && canCreateCertifications(key) && canRevokeUserID(userIDs.front()));
+    const auto singleUserID = userIDs.size() == 1 ? userIDs.front() : GpgME::UserID{};
+    const bool isPrimaryUserID = !singleUserID.isNull() && (ui.userIDTable->selectedItems().front() == ui.userIDTable->topLevelItem(0));
+    ui.setPrimaryUserIDBtn->setEnabled(!singleUserID.isNull() //
+                                       && !isPrimaryUserID //
+                                       && !Kleo::isRevokedOrExpired(singleUserID) //
+                                       && canBeUsedForSecretKeyOperations(key));
+    ui.revokeUserIDBtn->setEnabled(!singleUserID.isNull() && canCreateCertifications(key) && canRevokeUserID(singleUserID));
 }
 
 void CertificateDetailsWidget::Private::setUpUserIDTable()
 {
     ui.userIDTable->clear();
 
     QStringList headers = { i18n("Email"), i18n("Name"), i18n("Trust Level"), i18n("Tags") };
     ui.userIDTable->setColumnCount(headers.count());
     ui.userIDTable->setColumnWidth(0, 200);
     ui.userIDTable->setColumnWidth(1, 200);
     ui.userIDTable->setHeaderLabels(headers);
 
     const auto uids = key.userIDs();
     for (unsigned int i = 0; i < uids.size(); ++i) {
         const auto &uid = uids[i];
         auto item = new QTreeWidgetItem;
         const QString toolTip = tofuTooltipString(uid);
         item->setData(0, Qt::UserRole, QVariant::fromValue(uid));
 
         auto pMail = Kleo::Formatting::prettyEMail(uid);
         auto pName = Kleo::Formatting::prettyName(uid);
 
         item->setData(0, Qt::DisplayRole, pMail);
         item->setData(0, Qt::ToolTipRole, toolTip);
         item->setData(0, Qt::AccessibleTextRole, pMail.isEmpty() ? i18nc("text for screen readers for an empty email address", "no email") : pMail);
         item->setData(1, Qt::DisplayRole, pName);
         item->setData(1, Qt::ToolTipRole, toolTip);
 
         item->setData(2, Qt::DecorationRole, trustLevelIcon(uid));
         item->setData(2, Qt::DisplayRole, trustLevelText(uid));
         item->setData(2, Qt::ToolTipRole, toolTip);
 
         GpgME::Error err;
         QStringList tagList;
         for (const auto &tag: uid.remarks(Tags::tagKeys(), err)) {
             if (err) {
                 qCWarning(KLEOPATRA_LOG) << "Getting remarks for user ID" << uid.id() << "failed:" << err;
             }
             tagList << QString::fromStdString(tag);
         }
         qCDebug(KLEOPATRA_LOG) << "tagList:" << tagList;
         const auto tags = tagList.join(QStringLiteral("; "));
         item->setData(3, Qt::DisplayRole, tags);
         item->setData(3, Qt::ToolTipRole, toolTip);
 
         ui.userIDTable->addTopLevelItem(item);
     }
     if (!Tags::tagsEnabled()) {
         ui.userIDTable->hideColumn(3);
     }
 }
 
 void CertificateDetailsWidget::Private::setUpSMIMEAdressList()
 {
     ui.smimeAddressList->clear();
 
     const auto *const emailField = attributeField(QStringLiteral("EMAIL"));
 
     // add email address from primary user ID if not listed already as attribute field
     if (!emailField) {
         const auto ownerId = key.userID(0);
         const Kleo::DN dn(ownerId.id());
         const QString dnEmail = dn[QStringLiteral("EMAIL")];
         if (!dnEmail.isEmpty()) {
             ui.smimeAddressList->addItem(dnEmail);
         }
     }
 
     if (key.numUserIDs() > 1) {
         // iterate over the secondary user IDs
 #ifdef USE_RANGES
         for (const auto uids = key.userIDs(); const auto &uid : std::ranges::subrange(std::next(uids.begin()), uids.end())) {
 #else
         const auto uids = key.userIDs();
         for (auto it = std::next(uids.begin()); it != uids.end(); ++it) {
             const auto &uid = *it;
 #endif
             const auto name = Kleo::Formatting::prettyName(uid);
             const auto email = Kleo::Formatting::prettyEMail(uid);
             QString itemText;
             if (name.isEmpty() && !email.isEmpty()) {
                 // skip email addresses already listed in email attribute field
                 if (emailField && email == emailField->value()) {
                     continue;
                 }
                 itemText = email;
             } else {
                 // S/MIME certificates sometimes contain urls where both
                 // name and mail is empty. In that case we print whatever
                 // the uid is as name.
                 //
                 // Can be ugly like (3:uri24:http://ca.intevation.org), but
                 // this is better then showing an empty entry.
                 itemText = QString::fromUtf8(uid.id());
             }
             // avoid duplicate entries in the list
             if (ui.smimeAddressList->findItems(itemText, Qt::MatchExactly).empty()) {
                 ui.smimeAddressList->addItem(itemText);
             }
         }
     }
 
     if (ui.smimeAddressList->count() == 0) {
         ui.smimeRelatedAddresses->setVisible(false);
         ui.smimeAddressList->setVisible(false);
     }
 }
 
 void CertificateDetailsWidget::Private::revokeUserID(const GpgME::UserID &userId)
 {
     const QString message = xi18nc(
         "@info",
         "<para>Do you really want to revoke the user ID<nl/><emphasis>%1</emphasis> ?</para>",
         QString::fromUtf8(userId.id()));
     auto confirmButton = KStandardGuiItem::yes();
     confirmButton.setText(i18nc("@action:button", "Revoke User ID"));
     confirmButton.setToolTip({});
     const auto choice = KMessageBox::questionYesNo(
         q->window(), message, i18nc("@title:window", "Confirm Revocation"),
         confirmButton, KStandardGuiItem::cancel(), {}, KMessageBox::Notify | KMessageBox::WindowModal);
     if (choice != KMessageBox::Yes) {
         return;
     }
 
     auto cmd = new Commands::RevokeUserIDCommand(userId);
     cmd->setParentWidget(q);
     connect(cmd, &Command::finished, q, [this]() {
         ui.userIDTable->setEnabled(true);
         // the Revoke User ID button will be updated by the key update
         updateKey();
     });
     ui.userIDTable->setEnabled(false);
     ui.revokeUserIDBtn->setEnabled(false);
     cmd->start();
 }
 
 void CertificateDetailsWidget::Private::revokeSelectedUserID()
 {
     const auto userIDs = selectedUserIDs(ui.userIDTable);
     if (userIDs.size() != 1) {
         return;
     }
     revokeUserID(userIDs.front());
 }
 
 void CertificateDetailsWidget::Private::changeExpiration()
 {
     auto cmd = new Kleo::Commands::ChangeExpiryCommand(key);
     QObject::connect(cmd, &Kleo::Commands::ChangeExpiryCommand::finished,
                      q, [this]() {
                          ui.changeExpirationAction->setEnabled(true);
                      });
     ui.changeExpirationAction->setEnabled(false);
     cmd->start();
 }
 
 void CertificateDetailsWidget::Private::changePassphrase()
 {
     auto cmd = new Kleo::Commands::ChangePassphraseCommand(key);
     QObject::connect(cmd, &Kleo::Commands::ChangePassphraseCommand::finished,
                      q, [this]() {
                          ui.changePassphraseBtn->setEnabled(true);
                      });
     ui.changePassphraseBtn->setEnabled(false);
     cmd->start();
 }
 
 void CertificateDetailsWidget::Private::genRevokeCert()
 {
     auto cmd = new Kleo::Commands::GenRevokeCommand(key);
     QObject::connect(cmd, &Kleo::Commands::GenRevokeCommand::finished,
                      q, [this]() {
                          ui.genRevokeBtn->setEnabled(true);
                      });
     ui.genRevokeBtn->setEnabled(false);
     cmd->start();
 }
 
 void CertificateDetailsWidget::Private::refreshCertificate()
 {
     auto cmd = new Kleo::RefreshCertificateCommand{key};
     QObject::connect(cmd, &Kleo::RefreshCertificateCommand::finished,
                      q, [this]() {
                          ui.refreshBtn->setEnabled(true);
                      });
     ui.refreshBtn->setEnabled(false);
     cmd->start();
 }
 
 void CertificateDetailsWidget::Private::certifyUserIDs()
 {
     const auto userIDs = selectedUserIDs(ui.userIDTable);
     auto cmd = userIDs.empty() ? new Kleo::Commands::CertifyCertificateCommand{key} //
                                : new Kleo::Commands::CertifyCertificateCommand{userIDs};
     QObject::connect(cmd, &Kleo::Commands::CertifyCertificateCommand::finished,
                      q, [this]() {
                          updateKey();
                          ui.certifyBtn->setEnabled(true);
                      });
     ui.certifyBtn->setEnabled(false);
     cmd->start();
 }
 
 void CertificateDetailsWidget::Private::revokeCertifications()
 {
     const auto userIDs = selectedUserIDs(ui.userIDTable);
     auto cmd = userIDs.empty() ? new Kleo::Commands::RevokeCertificationCommand{key} //
                                : new Kleo::Commands::RevokeCertificationCommand{userIDs};
     QObject::connect(cmd, &Kleo::Command::finished,
                      q, [this]() {
                          updateKey();
                          ui.revokeCertificationsBtn->setEnabled(true);
                      });
     ui.revokeCertificationsBtn->setEnabled(false);
     cmd->start();
 }
 
 void CertificateDetailsWidget::Private::webOfTrustClicked()
 {
     QScopedPointer<WebOfTrustDialog> dlg(new WebOfTrustDialog(q));
     dlg->setKey(key);
     dlg->exec();
 }
 
 void CertificateDetailsWidget::Private::exportClicked()
 {
     QScopedPointer<ExportDialog> dlg(new ExportDialog(q));
     dlg->setKey(key);
     dlg->exec();
 }
 
 void CertificateDetailsWidget::Private::addUserID()
 {
     auto cmd = new Kleo::Commands::AddUserIDCommand(key);
     QObject::connect(cmd, &Kleo::Commands::AddUserIDCommand::finished,
                      q, [this]() {
                          ui.addUserIDBtn->setEnabled(true);
                          updateKey();
                      });
     ui.addUserIDBtn->setEnabled(false);
     cmd->start();
 }
 
+void CertificateDetailsWidget::Private::setPrimaryUserID(const GpgME::UserID &uid)
+{
+    auto userId = uid;
+    if (userId.isNull()) {
+        const auto userIDs = selectedUserIDs(ui.userIDTable);
+        if (userIDs.size() != 1) {
+            return;
+        }
+        userId = userIDs.front();
+    }
+
+    auto cmd = new Kleo::Commands::SetPrimaryUserIDCommand(userId);
+    QObject::connect(cmd, &Kleo::Commands::SetPrimaryUserIDCommand::finished, q, [this]() {
+        ui.userIDTable->setEnabled(true);
+        // the Flag As Primary button will be updated by the key update
+        updateKey();
+    });
+    ui.userIDTable->setEnabled(false);
+    ui.setPrimaryUserIDBtn->setEnabled(false);
+    cmd->start();
+}
+
 namespace
 {
 void ensureThatKeyDetailsAreLoaded(GpgME::Key &key)
 {
     if (key.userID(0).numSignatures() == 0) {
         key.update();
     }
 }
 }
 
 void CertificateDetailsWidget::Private::keysMayHaveChanged()
 {
     auto newKey = Kleo::KeyCache::instance()->findByFingerprint(key.primaryFingerprint());
     if (!newKey.isNull()) {
         ensureThatKeyDetailsAreLoaded(newKey);
         setUpdatedKey(newKey);
     }
 }
 
 void CertificateDetailsWidget::Private::showTrustChainDialog()
 {
     QScopedPointer<TrustChainDialog> dlg(new TrustChainDialog(q));
     dlg->setKey(key);
     dlg->exec();
 }
 
 void CertificateDetailsWidget::Private::userIDTableContextMenuRequested(const QPoint &p)
 {
     const auto userIDs = selectedUserIDs(ui.userIDTable);
     const auto singleUserID = (userIDs.size() == 1) ? userIDs.front() : GpgME::UserID{};
+#ifdef QGPGME_SUPPORTS_SET_PRIMARY_UID
+    const bool isPrimaryUserID = !singleUserID.isNull() && (ui.userIDTable->selectedItems().front() == ui.userIDTable->topLevelItem(0));
+#endif
     const bool canSignUserIDs = userHasCertificationKey();
 
     auto menu = new QMenu(q);
+#ifdef QGPGME_SUPPORTS_SET_PRIMARY_UID
+    if (key.hasSecret()) {
+        auto action = menu->addAction(QIcon::fromTheme(QStringLiteral("favorite")),
+                                      i18nc("@action:inmenu", "Flag as Primary User ID"),
+                                      q, [this, singleUserID]() {
+                                          setPrimaryUserID(singleUserID);
+                                      });
+        action->setEnabled(!singleUserID.isNull() //
+                           && !isPrimaryUserID //
+                           && !Kleo::isRevokedOrExpired(singleUserID) //
+                           && canBeUsedForSecretKeyOperations(key));
+    }
+#endif
     {
         const auto actionText = userIDs.empty() ? i18nc("@action:inmenu", "Certify User IDs...")
                                                 : i18ncp("@action:inmenu", "Certify User ID...", "Certify User IDs...", userIDs.size());
         auto action = menu->addAction(QIcon::fromTheme(QStringLiteral("view-certificate-sign")),
                                       actionText,
                                       q, [this]() {
                                           certifyUserIDs();
                                       });
         action->setEnabled(canSignUserIDs);
     }
     if (Kleo::Commands::RevokeCertificationCommand::isSupported()) {
         const auto actionText = userIDs.empty() ? i18nc("@action:inmenu", "Revoke Certifications...")
                                                 : i18ncp("@action:inmenu", "Revoke Certification...", "Revoke Certifications...", userIDs.size());
         auto action = menu->addAction(QIcon::fromTheme(QStringLiteral("view-certificate-revoke")),
                                       actionText,
                                       q, [this]() {
                                           revokeCertifications();
                                       });
         action->setEnabled(canSignUserIDs);
     }
 #ifdef MAILAKONADI_ENABLED
     if (key.hasSecret()) {
         auto action = menu->addAction(QIcon::fromTheme(QStringLiteral("view-certificate-export")),
                                       i18nc("@action:inmenu", "Publish at Mail Provider ..."),
                                       q, [this, singleUserID]() {
             auto cmd = new Kleo::Commands::ExportOpenPGPCertToProviderCommand(singleUserID);
             ui.userIDTable->setEnabled(false);
             connect(cmd, &Kleo::Commands::ExportOpenPGPCertToProviderCommand::finished,
                     q, [this]() { ui.userIDTable->setEnabled(true); });
             cmd->start();
         });
         action->setEnabled(!singleUserID.isNull());
     }
 #endif // MAILAKONADI_ENABLED
     {
         auto action = menu->addAction(QIcon::fromTheme(QStringLiteral("view-certificate-revoke")),
                                       i18nc("@action:inmenu", "Revoke User ID"),
                                       q, [this, singleUserID]() {
                                           revokeUserID(singleUserID);
                                       });
         action->setEnabled(!singleUserID.isNull() && canCreateCertifications(key) && canRevokeUserID(singleUserID));
     }
     connect(menu, &QMenu::aboutToHide, menu, &QObject::deleteLater);
     menu->popup(ui.userIDTable->viewport()->mapToGlobal(p));
 }
 
 void CertificateDetailsWidget::Private::showMoreDetails()
 {
     ui.moreDetailsBtn->setEnabled(false);
     if (key.protocol() == GpgME::CMS) {
         auto cmd = new Kleo::Commands::DumpCertificateCommand(key);
         connect(cmd, &Kleo::Commands::DumpCertificateCommand::finished,
                 q, [this]() {
                     ui.moreDetailsBtn->setEnabled(true);
                 });
         cmd->setUseDialog(true);
         cmd->start();
     } else {
         QScopedPointer<SubKeysDialog> dlg(new SubKeysDialog(q));
         dlg->setKey(key);
         dlg->exec();
         ui.moreDetailsBtn->setEnabled(true);
     }
 }
 
 QString CertificateDetailsWidget::Private::tofuTooltipString(const GpgME::UserID &uid) const
 {
     const auto tofu = uid.tofuInfo();
     if (tofu.isNull()) {
         return QString();
     }
 
     QString html = QStringLiteral("<table border=\"0\" cell-padding=\"5\">");
     const auto appendRow = [&html](const QString &lbl, const QString &val) {
         html += QStringLiteral("<tr>"
                                "<th style=\"text-align: right; padding-right: 5px; white-space: nowrap;\">%1:</th>"
                                "<td style=\"white-space: nowrap;\">%2</td>"
                                "</tr>")
                     .arg(lbl, val);
     };
     const auto appendHeader = [this, &html](const QString &hdr) {
         html += QStringLiteral("<tr><th colspan=\"2\" style=\"background-color: %1; color: %2\">%3</th></tr>")
                     .arg(q->palette().highlight().color().name(),
                          q->palette().highlightedText().color().name(),
                          hdr);
     };
     const auto dateTime = [](long ts) {
         QLocale l;
         return ts == 0 ? i18n("never") : l.toString(QDateTime::fromSecsSinceEpoch(ts), QLocale::ShortFormat);
     };
     appendHeader(i18n("Signing"));
     appendRow(i18n("First message"), dateTime(tofu.signFirst()));
     appendRow(i18n("Last message"), dateTime(tofu.signLast()));
     appendRow(i18n("Message count"), QString::number(tofu.signCount()));
     appendHeader(i18n("Encryption"));
     appendRow(i18n("First message"), dateTime(tofu.encrFirst()));
     appendRow(i18n("Last message"), dateTime(tofu.encrLast()));
     appendRow(i18n("Message count"), QString::number(tofu.encrCount()));
 
     html += QStringLiteral("</table>");
     // Make sure the tooltip string is different for each UserID, even if the
     // data are the same, otherwise the tooltip is not updated and moved when
     // user moves mouse from one row to another.
     html += QStringLiteral("<!-- %1 //-->").arg(QString::fromUtf8(uid.id()));
     return html;
 }
 
 QIcon CertificateDetailsWidget::Private::trustLevelIcon(const GpgME::UserID &uid) const
 {
     if (updateInProgress) {
         return QIcon::fromTheme(QStringLiteral("emblem-question"));
     }
     switch (uid.validity()) {
     case GpgME::UserID::Unknown:
     case GpgME::UserID::Undefined:
         return QIcon::fromTheme(QStringLiteral("emblem-question"));
     case GpgME::UserID::Never:
         return QIcon::fromTheme(QStringLiteral("emblem-error"));
     case GpgME::UserID::Marginal:
         return QIcon::fromTheme(QStringLiteral("emblem-warning"));
     case GpgME::UserID::Full:
     case GpgME::UserID::Ultimate:
         return QIcon::fromTheme(QStringLiteral("emblem-success"));
     }
     return {};
 }
 
 QString CertificateDetailsWidget::Private::trustLevelText(const GpgME::UserID &uid) const
 {
     return updateInProgress ? i18n("Updating...") : Formatting::validityShort(uid);
 }
 
 namespace
 {
 auto isGood(const GpgME::UserID::Signature &signature)
 {
     return signature.status() == GpgME::UserID::Signature::NoError &&
            !signature.isInvalid() &&
            0x10 <= signature.certClass() && signature.certClass() <= 0x13;
 }
 
 auto accumulateTrustDomains(const std::vector<GpgME::UserID::Signature> &signatures)
 {
     return std::accumulate(
         std::begin(signatures), std::end(signatures),
         std::set<QString>(),
         [] (auto domains, const auto &signature) {
             if (isGood(signature) && signature.isTrustSignature()) {
                 domains.insert(Formatting::trustSignatureDomain(signature));
             }
             return domains;
         }
     );
 }
 
 auto accumulateTrustDomains(const std::vector<GpgME::UserID> &userIds)
 {
     return std::accumulate(
         std::begin(userIds), std::end(userIds),
         std::set<QString>(),
         [] (auto domains, const auto &userID) {
             const auto newDomains = accumulateTrustDomains(userID.signatures());
             std::copy(std::begin(newDomains), std::end(newDomains), std::inserter(domains, std::end(domains)));
             return domains;
         }
     );
 }
 }
 
 void CertificateDetailsWidget::Private::setupPGPProperties()
 {
     setUpUserIDTable();
 
     const auto trustDomains = accumulateTrustDomains(key.userIDs());
     ui.trustedIntroducerField->setVisible(!trustDomains.empty());
     ui.trustedIntroducerField->setValue(QStringList(std::begin(trustDomains), std::end(trustDomains)).join(u", "));
 
     ui.refreshBtn->setToolTip(i18nc("@info:tooltip", "Update the key from external sources."));
 }
 
 static QString formatDNToolTip(const Kleo::DN &dn)
 {
     QString html = QStringLiteral("<table border=\"0\" cell-spacing=15>");
 
     const auto appendRow = [&html, dn](const QString &lbl, const QString &attr) {
                                 const QString val = dn[attr];
                                 if (!val.isEmpty()) {
                                     html += QStringLiteral(
                                             "<tr><th style=\"text-align: left; white-space: nowrap\">%1:</th>"
                                                 "<td style=\"white-space: nowrap\">%2</td>"
                                             "</tr>").arg(lbl, val);
                                 }
                             };
     appendRow(i18n("Common Name"), QStringLiteral("CN"));
     appendRow(i18n("Organization"), QStringLiteral("O"));
     appendRow(i18n("Street"), QStringLiteral("STREET"));
     appendRow(i18n("City"),  QStringLiteral("L"));
     appendRow(i18n("State"), QStringLiteral("ST"));
     appendRow(i18n("Country"), QStringLiteral("C"));
     html += QStringLiteral("</table>");
 
     return html;
 }
 
 void CertificateDetailsWidget::Private::setupSMIMEProperties()
 {
     const auto ownerId = key.userID(0);
     const Kleo::DN dn(ownerId.id());
 
     for (const auto &[attributeName, field] : ui.smimeAttributeFields) {
         const QString attributeValue = dn[attributeName];
         field->setValue(attributeValue);
         field->setVisible(!attributeValue.isEmpty());
     }
     ui.smimeTrustLevelField->setIcon(trustLevelIcon(ownerId));
     ui.smimeTrustLevelField->setValue(trustLevelText(ownerId));
 
     const Kleo::DN issuerDN(key.issuerName());
     const QString issuerCN = issuerDN[QStringLiteral("CN")];
     const QString issuer = issuerCN.isEmpty() ? QString::fromUtf8(key.issuerName()) : issuerCN;
     ui.smimeIssuerField->setValue(issuer);
     ui.smimeIssuerField->setToolTip(formatDNToolTip(issuerDN));
     ui.showIssuerCertificateAction->setEnabled(!key.isRoot());
 
     setUpSMIMEAdressList();
 
     ui.refreshBtn->setToolTip(i18nc("@info:tooltip", "Update the CRLs and do a full validation check of the certificate."));
 }
 
 void CertificateDetailsWidget::Private::showIssuerCertificate()
 {
     // there is either one or no parent key
     const auto parentKeys = KeyCache::instance()->findIssuers(key, KeyCache::NoOption);
 
     if (parentKeys.empty()) {
         KMessageBox::error(q, i18n("The issuer certificate could not be found locally."));
         return;
     }
     auto cmd = new Kleo::Commands::DetailsCommand(parentKeys.front(), nullptr);
     cmd->setParentWidget(q);
     cmd->start();
 }
 
 void CertificateDetailsWidget::Private::copyFingerprintToClipboard()
 {
     if (auto clipboard = QGuiApplication::clipboard()) {
         clipboard->setText(QString::fromLatin1(key.primaryFingerprint()));
     }
 }
 
 CertificateDetailsWidget::CertificateDetailsWidget(QWidget *parent)
     : QWidget{parent}
     , d{std::make_unique<Private>(this)}
 {
 }
 
 CertificateDetailsWidget::~CertificateDetailsWidget() = default;
 
 void CertificateDetailsWidget::Private::keyListDone(const GpgME::KeyListResult &,
                                                     const std::vector<GpgME::Key> &keys,
                                                     const QString &,
                                                     const GpgME::Error &)
 {
     updateInProgress = false;
     if (keys.size() != 1) {
         qCWarning(KLEOPATRA_LOG) << "Invalid keylist result in update.";
         return;
     }
     // As we listen for keysmayhavechanged we get the update
     // after updating the keycache.
     KeyCache::mutableInstance()->insert(keys);
 }
 
 void CertificateDetailsWidget::Private::updateKey()
 {
     key.update();
     setUpdatedKey(key);
 }
 
 void CertificateDetailsWidget::Private::setUpdatedKey(const GpgME::Key &k)
 {
     key = k;
 
     setupCommonProperties();
     if (key.protocol() == GpgME::OpenPGP) {
         setupPGPProperties();
     } else {
         setupSMIMEProperties();
     }
 }
 
 void CertificateDetailsWidget::setKey(const GpgME::Key &key)
 {
     if (key.protocol() == GpgME::CMS) {
         // For everything but S/MIME this should be quick
         // and we don't need to show another status.
         d->updateInProgress = true;
     }
     d->setUpdatedKey(key);
 
     // Run a keylistjob with full details (TOFU / Validate)
     QGpgME::KeyListJob *job = key.protocol() == GpgME::OpenPGP ? QGpgME::openpgp()->keyListJob(false, true, true) :
                                                                  QGpgME::smime()->keyListJob(false, true, true);
 
     auto ctx = QGpgME::Job::context(job);
     ctx->addKeyListMode(GpgME::WithTofu);
     ctx->addKeyListMode(GpgME::SignatureNotations);
     if (key.hasSecret()) {
         ctx->addKeyListMode(GpgME::WithSecret);
     }
 
     // Windows QGpgME new style connect problem makes this necessary.
     connect(job, SIGNAL(result(GpgME::KeyListResult,std::vector<GpgME::Key>,QString,GpgME::Error)),
             this, SLOT(keyListDone(GpgME::KeyListResult,std::vector<GpgME::Key>,QString,GpgME::Error)));
 
     job->start(QStringList() << QLatin1String(key.primaryFingerprint()));
 }
 
 GpgME::Key CertificateDetailsWidget::key() const
 {
     return d->key;
 }
 
 #include "moc_certificatedetailswidget.cpp"