Computed HMAC error from v2 to v3

[imjma]

v2.0.2 code

const Credstash  = require('nodecredstash');

const localAwsOpt = {
  region: 'ap-southeast-2', 
  endpoint: "https://localhost.localstack.cloud:4566",
};
const credstash = new Credstash({awsOpts: localAwsOpt});

credstash.getSecret({name: 'test'})
  .then(secrets => console.log(secrets))
  .catch(err => console.error(err));

v3.1.0 code

const {CredStash}  = require('nodecredstash');

const localAwsOpt = {
  region: 'ap-southeast-2', 
  endpoint: "https://localhost.localstack.cloud:4566",
};

const credstash = new CredStash({dynamoOpts: localAwsOpt, kmsOpts: localAwsOpt});

credstash.getSecret({name: 'test'})
  .then(secrets => console.log(secrets))
  .catch(err => console.error(err));

It throws the error

Error: Computed HMAC on test does not match stored HMAC
  at openAesCtr (.../node_modules/nodecredstash/src/lib/aesCredstash.js:33:15)
  at openAesCtrLegacy (.../node_modules/nodecredstash/src/lib/aesCredstash.js:75:12)
  at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
  at async CredStash.getSecret (.../node_modules/nodecredstash/src/index.js:107:27)

Anything is not correct when I upgrade from v2 to v3? Thanks

[imjma]

Ok, I found where caused the different. v2 the splitKmsKey is hard coded the length

  splitKmsKey(buffer) {
    const dataKey = buffer.slice(0, 32);
    const hmacKey = buffer.slice(32);
    return {
      dataKey, hmacKey,
    };
  },

v3 is using half length of key

const halveKey = (key: Uint8Array) => {
  const half = Math.floor(key.length / 2);
  return {
    dataKey: key.slice(0, half),
    hmacKey: key.slice(half),
  };
};

the length of key in my localstack is 32, so it had different hmac after calculation. Is there any solution for this? Thanks