-
So I tried deploying my project Cryptochan to Vercel at cryptochan.vercel.app and I've encountered a big fat problem with them. It turns out that the clocks on their cloud functions are running behind, in my experimentation it fluctuates between 100ms to 5000 ms but always behind. This is messing with OpenPGP's ability to validate signatures, it keeps thinking a signature was signed in the future and throwing this error:
I tried fixing this on the OpenPGP level by signing signatures 30s ago (by manually setting the date) but that doesn't help with validating public keys. I also tried writing code to automatically delay the next procedure in the event that error was thrown, but I couldn't catch it with a I've looked at this every way I can. I can't figure out what's going on. I already open a support case with Vercel, it's gonna take them forever to get back to me. I just wanted to try asking here if there's any way I can make OpenPGP ignore time? And before anybody says this; yes I know I shouldn't be doing cryptography on a cloud function. It's a prototype, I'll get to it later. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
Hey 👋 Yes, you can pass |
Beta Was this translation helpful? Give feedback.
Hey 👋 Yes, you can pass
date: null
to ignore expiry when validating keys and signatures. (Or you could pass a date slightly in the future, of course, to compensate for their clocks running late.)