Merge branch 'HSM-706'

Author: islamaminBitGo

modules/bitgo/test/v2/unit/internal/opengpgUtils.ts

@@ -5,6 +5,7 @@ import * as assert from 'assert';
 
 import { openpgpUtils } from '@bitgo/sdk-core';
 import { ecc as secp256k1 } from '@bitgo/utxo-lib';
+import * as sinon from 'sinon';
 
 const sodium = require('libsodium-wrappers-sumo');
 
@@ -181,6 +182,24 @@ describe('OpenGPG Utils Tests', function () {
       isValid = await openpgpUtils.verifySharedDataProof(senderKey.publicKey, proof, dataToProofArray);
       isValid.should.be.false();
     });
+
+    it('should be able verify data proof if created in the future', async function () {
+      const sharedData1 = crypto.randomBytes(32).toString('hex');
+      const sharedData2 = crypto.randomBytes(32).toString('hex');
+      const dataToProofArray = [
+        { name: 's1', value: sharedData1 },
+        { name: 's2', value: sharedData2 },
+      ];
+      const proof = await openpgpUtils.createSharedDataProof(
+        senderKey.privateKey,
+        otherKey.publicKey,
+        dataToProofArray
+      );
+      const clock = sinon.useFakeTimers(new Date('2001-02-14T12:00:00Z').getTime());
+      const isValid = await openpgpUtils.verifySharedDataProof(senderKey.publicKey, proof, dataToProofArray);
+      isValid.should.be.true();
+      clock.restore();
+    });
   });
 
   describe('encrypt and decrypt with signing', function () {

modules/sdk-core/src/bitgo/utils/opengpgUtils.ts

@@ -132,13 +132,13 @@ export async function verifySharedDataProof(
   const senderPubKey = await pgp.readKey({ armoredKey: senderPubKeyArm });
   const signedKey = await pgp.readKey({ armoredKey: keyWithNotation });
   if (
-    !(await verifyPrimaryUserWrapper(signedKey, senderPubKey, true).then((values) =>
+    !(await verifyPrimaryUserWrapper(signedKey, senderPubKey, false).then((values) =>
       _.some(values, (value) => value.valid)
     ))
   ) {
     return false;
   }
-  const primaryUser = await signedKey.getPrimaryUser();
+  const primaryUser = await signedKey.getPrimaryUser(null as unknown as undefined);
   const anyInvalidProof = _.some(
     // @ts-ignore
     primaryUser.user.otherCertifications[0].rawNotations,
@@ -165,7 +165,7 @@ export async function createSharedDataProof(
   const dateTime = new Date();
   // UserId Packet.
   const userIdPkt = new pgp.UserIDPacket();
-  const primaryUser = await publicKeyToCert.getPrimaryUser();
+  const primaryUser = await publicKeyToCert.getPrimaryUser(null as unknown as undefined);
   // @ts-ignore
   userIdPkt.userID = primaryUser.user.userID.userID;
   // Signature packet.

modules/sdk-lib-mpc/src/tss/ecdsa-dkls/commsLayer.ts

@@ -49,6 +49,7 @@ export async function encryptAndDetachSignData(
       showVersion: false,
       showComment: false,
     },
+    date: null as unknown as undefined,
   });
   const signature = await pgp.sign({
     message,
@@ -89,6 +90,7 @@ export async function decryptAndVerifySignedData(
       showComment: false,
     },
     format: 'binary',
+    date: null as unknown as undefined,
   });
   const verificationResult = await pgp.verify({
     message: await pgp.createMessage({ binary: decryptedMessage.data }),