npm - @vizamodo/aws-sts-core - Versions diffs - 0.1.17 → 0.1.21 - Mend

@vizamodo/aws-sts-core 0.1.17 → 0.1.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/sts/signer.js +46 -7
package/package.json +1 -1

package/dist/sts/signer.js CHANGED Viewed

@@ -10,22 +10,61 @@ import { InternalError } from "./errors";
 export async function signStringToSign(stringToSign, signingKey) {
     try {
         const data = new TextEncoder().encode(stringToSign);
-        const signature = await crypto.subtle.sign({
+        const signatureRaw = await crypto.subtle.sign({
             name: "ECDSA",
             hash: "SHA-256",
         }, signingKey, data);
-        return arrayBufferToHex(signature);
+        // WebCrypto trả về 64 bytes (R và S)
+        // Cần convert sang DER format cho AWS
+        const derSignature = rawToDer(new Uint8Array(signatureRaw));
+        return uint8ArrayToHex(derSignature);
     }
-    catch {
+    catch (e) {
+        console.error("[SIGNING_DEBUG]", e);
         throw new InternalError("signing_failed");
     }
 }
 /**
- * Convert ArrayBuffer → lowercase hex string.
- * This matches AWS SigV4 expectations.
+ * Convert IEEE P1363 (Raw) ECDSA signature to ASN.1 DER
  */
-function arrayBufferToHex(buf) {
-    const bytes = new Uint8Array(buf);
+function rawToDer(raw) {
+    const r = raw.slice(0, 32);
+    const s = raw.slice(32);
+    const toAsn1Int = (bytes) => {
+        // Loại bỏ các byte 0 ở đầu
+        let start = 0;
+        while (start < bytes.length - 1 && bytes[start] === 0)
+            start++;
+        let payload = bytes.slice(start);
+        // Nếu bit cao nhất là 1, phải thêm 0x00 để không bị hiểu lầm là số âm
+        if (payload[0] > 0x7f) {
+            const padded = new Uint8Array(payload.length + 1);
+            padded.set(payload, 1);
+            return padded;
+        }
+        return payload;
+    };
+    const rAsn1 = toAsn1Int(r);
+    const sAsn1 = toAsn1Int(s);
+    const length = rAsn1.length + sAsn1.length + 4;
+    const der = new Uint8Array(length + 2);
+    der[0] = 0x30; // Sequence
+    der[1] = length;
+    let offset = 2;
+    der[offset++] = 0x02; // Integer tag
+    der[offset++] = rAsn1.length;
+    der.set(rAsn1, offset);
+    offset += rAsn1.length;
+    der[offset++] = 0x02; // Integer tag
+    der[offset++] = sAsn1.length;
+    der.set(sAsn1, offset);
+    return der;
+}
+/**
+ * Convert Uint8Array → lowercase hex string.
+ * Avoids ArrayBuffer vs SharedArrayBuffer type mismatch.
+ */
+function uint8ArrayToHex(bytes) {
     let hex = "";
     for (let i = 0; i < bytes.length; i++) {
         hex += bytes[i].toString(16).padStart(2, "0");

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@vizamodo/aws-sts-core",
-  "version": "0.1.17",
+  "version": "0.1.21",
   "description": "Pure AWS STS + SigV4 (X509 Roles Anywhere) core logic",
   "type": "module",
   "main": "dist/index.js",