diff --git a/dist/src/lib/keyring.c b/dist/src/lib/keyring.c
index aa1c4fe..2888755 100644
--- a/dist/src/lib/keyring.c
+++ b/dist/src/lib/keyring.c
@@ -424,6 +424,10 @@ key_get_pubkey_from_subidx(
         const uint8_t **id, 
         int32_t subkeyidx)
 {
+    if(subkeyidx == -2){
+        return NULL;
+    }
+    
     if(subkeyidx != -1)
     {
         if(id) 
@@ -445,6 +449,10 @@ key_get_seckey_from_subidx(
         const uint8_t **id, 
         int32_t subkeyidx)
 {
+    if(subkeyidx == -2){
+        return NULL;
+    }
+
     if(subkeyidx != -1)
     {
         if(id) 
@@ -851,6 +859,8 @@ pgp_add_selfsigned_userid(pgp_key_t *skey, pgp_key_t *pkey, uint8_t *userid, uin
 	pgp_sig_start_key_sig(sig, &skey->key.seckey.pubkey, userid, PGP_CERT_POSITIVE);
 	pgp_add_creation_time(sig, (uint64_t)time(NULL));
 	pgp_add_key_expiration_time(sig, (uint64_t)duration);
+    pgp_add_key_flags(sig, PGP_KEYFLAG_SIGN_DATA|PGP_KEYFLAG_ENC_COMM);
+
 	pgp_add_issuer_keyid(sig, skey->pubkeyid);
 	pgp_add_primary_userid(sig, 1);
 	pgp_end_hashed_subpkts(sig);
diff --git a/dist/src/lib/signature.c b/dist/src/lib/signature.c
index 66458d0..5e71bd6 100644
--- a/dist/src/lib/signature.c
+++ b/dist/src/lib/signature.c
@@ -850,7 +850,10 @@ pgp_add_creation_time(pgp_create_sig_t *sig, uint64_t when)
 
 	tag = PGP_PTAG_SS_CREATION_TIME;
 
-	return pgp_write_ss_header(sig->output, 5, tag) &&
+    sig->sig.info.birthtime = when;
+    sig->sig.info.birthtime_set = 1;
+
+    return pgp_write_ss_header(sig->output, 5, tag) &&
 		pgp_write_scalar(sig->output, when, 4/*sizeof(when)*/);
 }
 
@@ -861,7 +864,10 @@ pgp_add_sig_expiration_time(pgp_create_sig_t *sig, uint64_t duration)
 
 	tag = PGP_PTAG_SS_EXPIRATION_TIME;
 
-	return pgp_write_ss_header(sig->output, 5, tag) &&
+    sig->sig.info.duration = duration;
+    sig->sig.info.duration_set = 1;
+
+    return pgp_write_ss_header(sig->output, 5, tag) &&
 		pgp_write_scalar(sig->output, duration, 4/*sizeof(duration)*/);
 }
 
@@ -872,10 +878,27 @@ pgp_add_key_expiration_time(pgp_create_sig_t *sig, uint64_t duration)
 
 	tag = PGP_PTAG_SS_KEY_EXPIRY;
 
+    sig->sig.info.key_expiry = duration;
+    sig->sig.info.key_expiry_set = 1;
+
 	return pgp_write_ss_header(sig->output, 5, tag) &&
 		pgp_write_scalar(sig->output, duration, 4/*sizeof(duration)*/);
 }
 
+unsigned
+pgp_add_key_flags(pgp_create_sig_t *sig, uint8_t flags)
+{
+    pgp_content_enum	tag;
+    
+    tag = PGP_PTAG_SS_KEY_FLAGS;
+    
+    sig->sig.info.key_flags = flags;
+    sig->sig.info.key_flags_set = 1;
+    
+    return pgp_write_ss_header(sig->output, 2, tag) &&
+    pgp_write_scalar(sig->output, flags, 1);
+}
+
 /**
  * \ingroup Core_Signature
  *
diff --git a/dist/src/lib/signature.h b/dist/src/lib/signature.h
index 2ee8a74..8d4b81c 100644
--- a/dist/src/lib/signature.h
+++ b/dist/src/lib/signature.h
@@ -108,6 +108,8 @@ unsigned
 pgp_add_sig_expiration_time(pgp_create_sig_t *sig, uint64_t duration);
 unsigned 
 pgp_add_key_expiration_time(pgp_create_sig_t *sig, uint64_t duration);
+unsigned
+pgp_add_key_flags(pgp_create_sig_t *sig, uint8_t flags);
 
 /* Standard Interface */
 unsigned   pgp_sign_file(pgp_io_t *,