Release new version

bower.json

@@ -1,6 +1,6 @@
 {
   "name": "openpgp",
-  "version": "2.3.8",
+  "version": "2.4.0",
   "license": "LGPL-3.0+",
   "homepage": "http://openpgpjs.org/",
   "authors": [

dist/openpgp.js

@@ -4806,7 +4806,7 @@ exports.default = {
   debug: false,
   show_version: true,
   show_comment: true,
-  versionstring: "OpenPGP.js v2.3.8",
+  versionstring: "OpenPGP.js v2.4.0",
   commentstring: "http://openpgpjs.org",
   keyserver: "https://keyserver.ubuntu.com",
   node_store: './openpgp.store'
@@ -13591,7 +13591,7 @@ Key.prototype.getPrimaryUser = function () {
       continue;
     }
     for (var j = 0; j < this.users[i].selfCertifications.length; j++) {
-      primUser.push({ user: this.users[i], selfCertificate: this.users[i].selfCertifications[j] });
+      primUser.push({ index: i, user: this.users[i], selfCertificate: this.users[i].selfCertifications[j] });
     }
   }
   // sort by primary user flag and signature creation time
@@ -13711,6 +13711,77 @@ function mergeSignatures(source, dest, attr, checkFn) {
 // TODO
 Key.prototype.revoke = function () {};
 
+/**
+ * Signs primary user of key
+ * @param  {Array<module:key~Key>} privateKey decrypted private keys for signing
+ * @return {module:key~Key} new public key with new certificate signature
+ */
+Key.prototype.signPrimaryUser = function (privateKeys) {
+  var _ref = this.getPrimaryUser() || {};
+
+  var index = _ref.index;
+  var user = _ref.user;
+
+  if (!user) {
+    throw new Error('Could not find primary user');
+  }
+  user = user.sign(this.primaryKey, privateKeys);
+  var key = new Key(this.toPacketlist());
+  key.users[index] = user;
+  return key;
+};
+
+/**
+ * Signs all users of key
+ * @param  {Array<module:key~Key>} privateKeys decrypted private keys for signing
+ * @return {module:key~Key} new public key with new certificate signature
+ */
+Key.prototype.signAllUsers = function (privateKeys) {
+  var _this = this;
+
+  var users = this.users.map(function (user) {
+    return user.sign(_this.primaryKey, privateKeys);
+  });
+  var key = new Key(this.toPacketlist());
+  key.users = users;
+  return key;
+};
+
+/**
+ * Verifies primary user of key
+ * @param  {Array<module:key~Key>} keys array of keys to verify certificate signatures
+ * @return {Array<({keyid: module:type/keyid, valid: Boolean})>} list of signer's keyid and validity of signature
+ */
+Key.prototype.verifyPrimaryUser = function (keys) {
+  var _ref2 = this.getPrimaryUser() || {};
+
+  var user = _ref2.user;
+
+  if (!user) {
+    throw new Error('Could not find primary user');
+  }
+  return user.verifyAllSignatures(this.primaryKey, keys);
+};
+
+/**
+ * Verifies all users of key
+ * @param  {Array<module:key~Key>} keys array of keys to verify certificate signatures
+ * @return {Array<({userid: String, keyid: module:type/keyid, valid: Boolean})>} list of userid, signer's keyid and validity of signature
+ */
+Key.prototype.verifyAllUsers = function (keys) {
+  var _this2 = this;
+
+  return this.users.reduce(function (signatures, user) {
+    return signatures.concat(user.verifyAllSignatures(_this2.primaryKey, keys).map(function (signature) {
+      return {
+        userid: user.userId.userid,
+        keyid: signature.keyid,
+        valid: signature.valid
+      };
+    }));
+  }, []);
+};
+
 /**
  * @class
  * @classdesc Class that represents an user ID or attribute packet and the relevant signatures.
@@ -13795,6 +13866,70 @@ User.prototype.isValidSelfCertificate = function (primaryKey, selfCertificate) {
   return false;
 };
 
+/**
+ * Signs user
+ * @param  {module:packet/secret_key|module:packet/public_key} primaryKey The primary key packet
+ * @param  {Array<module:key~Key>} privateKeys decrypted private keys for signing
+ * @return {module:key~Key} new user with new certificate signatures
+ */
+User.prototype.sign = function (primaryKey, privateKeys) {
+  var user, dataToSign, signingKeyPacket, signaturePacket;
+  dataToSign = {};
+  dataToSign.key = primaryKey;
+  dataToSign.userid = this.userId || this.userAttribute;
+  user = new User(this.userId || this.userAttribute);
+  user.otherCertifications = [];
+  privateKeys.forEach(function (privateKey) {
+    if (privateKey.isPublic()) {
+      throw new Error('Need private key for signing');
+    }
+    if (privateKey.primaryKey.getFingerprint() === primaryKey.getFingerprint()) {
+      throw new Error('Not implemented for self signing');
+    }
+    signingKeyPacket = privateKey.getSigningKeyPacket();
+    if (!signingKeyPacket) {
+      throw new Error('Could not find valid signing key packet');
+    }
+    if (!signingKeyPacket.isDecrypted) {
+      throw new Error('Private key is not decrypted.');
+    }
+    signaturePacket = new _packet2.default.Signature();
+    // Most OpenPGP implementations use generic certification (0x10)
+    signaturePacket.signatureType = _enums2.default.write(_enums2.default.signature, _enums2.default.signature.cert_generic);
+    signaturePacket.keyFlags = [_enums2.default.keyFlags.certify_keys | _enums2.default.keyFlags.sign_data];
+    signaturePacket.hashAlgorithm = privateKey.getPreferredHashAlgorithm();
+    signaturePacket.publicKeyAlgorithm = signingKeyPacket.algorithm;
+    signaturePacket.signingKeyId = signingKeyPacket.getKeyId();
+    signaturePacket.sign(signingKeyPacket, dataToSign);
+    user.otherCertifications.push(signaturePacket);
+  });
+  user.update(this, primaryKey);
+  return user;
+};
+
+/**
+ * Verifies all user signatures
+ * @param  {module:packet/secret_key|module:packet/public_key} primaryKey The primary key packet
+ * @param  {Array<module:key~Key>} keys array of keys to verify certificate signatures
+ * @return {Array<({keyid: module:type/keyid, valid: Boolean})>} list of signer's keyid and validity of signature
+ */
+User.prototype.verifyAllSignatures = function (primaryKey, keys) {
+  var dataToVerify = { userid: this.userId || this.userAttribute, key: primaryKey };
+  var certificates = this.selfCertifications.concat(this.otherCertifications || []);
+  return certificates.map(function (signaturePacket) {
+    var keyPackets = keys.filter(function (key) {
+      return key.getSigningKeyPacket(signaturePacket.issuerKeyId);
+    });
+    var valid = null;
+    if (keyPackets.length > 0) {
+      valid = keyPackets.some(function (keyPacket) {
+        return signaturePacket.verify(keyPacket.primaryKey, dataToVerify);
+      });
+    }
+    return { keyid: signaturePacket.issuerKeyId, valid: valid };
+  });
+};
+
 /**
  * Verify User. Checks for existence of self signatures, revocation signatures
  * and validity of self signature

package.json

@@ -1,7 +1,7 @@
 {
   "name": "openpgp",
   "description": "OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.",
-  "version": "2.3.8",
+  "version": "2.4.0",
   "license": "LGPL-3.0+",
   "homepage": "http://openpgpjs.org/",
   "engines": {