Implement SOPs validate-userid command

pgpainless-sop/src/main/kotlin/org/pgpainless/sop/SOPImpl.kt

@@ -68,7 +68,7 @@ class SOPImpl(
 
     override fun updateKey(): UpdateKey? = null
 
-    override fun validateUserId(): ValidateUserId? = null
+    override fun validateUserId(): ValidateUserId = ValidateUserIdImpl(api)
 
     override fun version(): Version = sopv.version()!!
 }

pgpainless-sop/src/main/kotlin/org/pgpainless/sop/ValidateUserIdImpl.kt

@@ -0,0 +1,38 @@
+// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package org.pgpainless.sop
+
+import java.io.InputStream
+import java.util.*
+import org.bouncycastle.openpgp.api.OpenPGPCertificate
+import org.pgpainless.PGPainless
+import sop.operation.ValidateUserId
+
+class ValidateUserIdImpl(private val api: PGPainless) : ValidateUserId {
+
+    private var addSpecOnly = false
+    private var userId: String? = null
+    private val authorities: MutableList<OpenPGPCertificate> = mutableListOf()
+    private var validateAt: Date = Date()
+
+    override fun addrSpecOnly(): ValidateUserId = apply { addSpecOnly = true }
+
+    override fun authorities(certs: InputStream): ValidateUserId = apply {
+        authorities.addAll(api.readKey().parseCertificates(certs))
+    }
+
+    override fun subjects(certs: InputStream): Boolean {
+        requireNotNull(userId) { "Missing parameter USERID" }
+        return api.readKey().parseCertificates(certs).all { cert ->
+            authorities.all { authority ->
+                cert.getUserId(userId)?.getCertificationBy(authority, validateAt)?.isValid == true
+            }
+        }
+    }
+
+    override fun userId(userId: String): ValidateUserId = apply { this.userId = userId }
+
+    override fun validateAt(date: Date): ValidateUserId = apply { validateAt = date }
+}