npm - @vizamodo/aws-sts-core - Versions diffs - 0.4.19 → 0.4.21 - Mend

@vizamodo/aws-sts-core 0.4.19 → 0.4.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/sts/issue.js +12 -0
package/package.json +1 -1

package/dist/sts/issue.js CHANGED Viewed

@@ -74,6 +74,12 @@ export async function issueAwsCredentials(input) {
     const normalizedCert = normalizeCert(certBase64);
     // No isolate cache — stale cached values caused wrong-serial bugs.
     const certSerialDec = parseCertSerialDec(normalizedCert);
+    console.debug("[cert-serial-debug]", {
+        certLen: normalizedCert.length,
+        certPreview: normalizedCert.slice(0, 40),
+        certSerialDec,
+        certSerialHex: BigInt(certSerialDec).toString(16),
+    });
     const cacheKey = `${region}|${roleArn}|${profileArn}|${trustAnchorArn}|${certSerialDec}`;
     // BUG 1 KEPT: signing happens before getCachedOrFetch — runs on every
     // request even when L1/L2 cache would have returned a hit.
@@ -191,13 +197,19 @@ function parseCertSerialDec(normalizedCertBase64) {
         if (der[offset++] !== 0x30)
             throw new Error("bad tbs");
         readLen();
+        // Log raw DER bytes to diagnose parser mismatch
+        const rawBytes8to20 = Array.from(der.slice(8, 20)).map(b => b.toString(16).padStart(2, '0')).join(' ');
+        console.debug("[der-raw]", { rawBytes8to20, derLen: der.length });
+        const beforeVersionOffset = offset;
         if (der[offset] === 0xa0) {
             offset++;
             offset += readLen();
         }
+        const afterVersionOffset = offset;
         if (der[offset++] !== 0x02)
             throw new Error("bad serial tag");
         const serialLen = readLen();
+        console.debug("[der-debug]", { beforeVersionOffset, afterVersionOffset, serialLen, serialByte0: der[offset]?.toString(16) });
         if (offset + serialLen > der.length)
             throw new Error("DER overflow");
         let serial = der.slice(offset, offset + serialLen);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@vizamodo/aws-sts-core",
-  "version": "0.4.19",
+  "version": "0.4.21",
   "description": "Pure AWS STS + SigV4 (X509 Roles Anywhere) core logic",
   "type": "module",
   "main": "dist/index.js",