npm - @certd/plugin-cert - Versions diffs - 1.0.3 → 1.0.5 - Mend

@certd/plugin-cert 1.0.3 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/.eslintrc +1 -0
package/CHANGELOG.md +8 -0
package/dist/bundle.js +1 -1
package/dist/d/dns-provider/api.d.ts +20 -0
package/dist/d/dns-provider/decorator.d.ts +3 -0
package/dist/d/dns-provider/index.d.ts +3 -0
package/dist/d/dns-provider/registry.d.ts +2 -0
package/dist/d/index.d.ts +2 -0
package/dist/d/plugin/cert-plugin/acme.d.ts +45 -0
package/dist/d/plugin/cert-plugin/cert-reader.d.ts +16 -0
package/dist/d/plugin/cert-plugin/index.d.ts +48 -0
package/dist/d/plugin/index.d.ts +1 -0
package/package.json +4 -4
package/rollup.config.js +10 -2
package/index.ts +0 -1

package/dist/bundle.js CHANGED Viewed

	@@ -1 +1 @@
1	- "use strict";var e=require("@certd/pipeline"),t=require("dayjs"),r=require("@certd/acme-client"),a=require("lodash"),n=require("fs"),i=require("os"),s=require("crypto"),o=require("path");function c(e){var t=Object.create(null);return e&&Object.keys(e).forEach((function(r){if("default"!==r){var a=Object.getOwnPropertyDescriptor(e,r);Object.defineProperty(t,r,a.get?a:{enumerable:!0,get:function(){return e[r]}})}})),t.default=e,Object.freeze(t)}var u=c(r);function l(e,t,r,a){var n,i=arguments.length,s=i<3?t:null===a?a=Object.getOwnPropertyDescriptor(t,r):a;if("object"==typeof Reflect&&"function"==typeof Reflect.decorate)s=Reflect.decorate(e,t,r,a);else for(var o=e.length-1;o>=0;o--)(n=e[o])&&(s=(i<3?n(s):i>3?n(t,r,s):n(t,r))\|\|s);return i>3&&s&&Object.defineProperty(t,r,s),s}class p{userContext;logger;constructor(e){this.userContext=e.userContext,this.logger=e.logger,u.setLogger((e=>{this.logger.info(e)}))}async getAccountConfig(e){return await this.userContext.getObj(this.buildAccountKey(e))\|\|{}}buildAccountKey(e){return"acme.config."+e}async saveAccountConfig(e,t){await this.userContext.setObj(this.buildAccountKey(e),t)}async getAcmeClient(e,t=!1){const r=await this.getAccountConfig(e);null==r.key&&(r.key=await this.createNewKey(),await this.saveAccountConfig(e,r));const a=new u.Client({directoryUrl:t?u.directory.letsencrypt.staging:u.directory.letsencrypt.production,accountKey:r.key,accountUrl:r.accountUrl,backoffAttempts:20,backoffMin:5e3,backoffMax:1e4});if(null==r.accountUrl){const t={termsOfServiceAgreed:!0,contact:[`mailto:${e}`]};await a.createAccount(t),r.accountUrl=a.getAccountUrl(),await this.saveAccountConfig(e,r)}return a}async createNewKey(){return(await u.forge.createPrivateKey()).toString()}async challengeCreateFn(e,t,r,a){if(this.logger.info("Triggered challengeCreateFn()"),"http-01"===t.type){const a=`/var/www/html/.well-known/acme-challenge/${t.token}`,n=r;this.logger.info(`Creating challenge response for ${e.identifier.value} at path: ${a}`),this.logger.info(`Would write "${n}" to path "${a}"`)}else if("dns-01"===t.type){const t=`_acme-challenge.${e.identifier.value}`,n=r;return this.logger.info(`Creating TXT record for ${e.identifier.value}: ${t}`),this.logger.info(`Would create TXT record "${t}" with value "${n}"`),await a.createRecord({fullRecord:t,type:"TXT",value:n})}}async challengeRemoveFn(e,t,r,a,n){if(this.logger.info("Triggered challengeRemoveFn()"),"http-01"===t.type){const r=`/var/www/html/.well-known/acme-challenge/${t.token}`;this.logger.info(`Removing challenge response for ${e.identifier.value} at path: ${r}`),this.logger.info(`Would remove file on path "${r}"`)}else if("dns-01"===t.type){const t=`_acme-challenge.${e.identifier.value}`,i=r;this.logger.info(`Removing TXT record for ${e.identifier.value}: ${t}`),this.logger.info(`Would remove TXT record "${t}" with value "${i}"`);try{await n.removeRecord({fullRecord:t,type:"TXT",value:r,record:a})}catch(e){throw this.logger.error("删除解析记录出错：",e),e}}}async order(e){const{email:t,isTest:r,domains:a,csrInfo:n,dnsProvider:i}=e,s=await this.getAcmeClient(t,r),{commonName:o,altNames:c}=this.buildCommonNameByDomains(a),[l,p]=await u.forge.createCsr({commonName:o,...n,altNames:c});if(null==i)throw new Error("dnsProvider 不能为空");const h={crt:(await s.auto({csr:p,email:t,termsOfServiceAgreed:!0,challengePriority:["dns-01"],challengeCreateFn:async(e,t,r)=>await this.challengeCreateFn(e,t,r,i),challengeRemoveFn:async(e,t,r,a)=>await this.challengeRemoveFn(e,t,r,a,i)})).toString(),key:l.toString(),csr:p.toString()};return this.logger.debug(`CSR:\n${h.csr}`),this.logger.debug(`Certificate:\n${h.crt}`),this.logger.info("证书申请成功"),h}buildCommonNameByDomains(e){if("string"==typeof e&&(e=e.split(",")),0===e.length)throw new Error("domain can not be empty");const t=e[0];let r;return e.length>1&&(r=a.slice(e,1)),{commonName:t,altNames:r}}}const h={};function f(e,t){let r=h[e];null==r&&(r={},h[e]=r),r[t]=!0}const d={target:function(e,t){return"object"==typeof e&&e.constructor&&(e=e.constructor),null!=t&&f(e,t),e},attachProperty:f,getClassProperties:function(e){return h[e]\|\|{}},inject:function(e,t,r,n){a.forEach(e,((e,a)=>{n&&n(e,a,t,r),null!=r[a]&&(t[a]=r[a])}))}},y=new e.Registry,g="pipeline:dns-provider";var m="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function v(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}var C={},E={get exports(){return C},set exports(e){C=e}},S={options:{usePureJavaScript:!1}},T={},I=T,A={};T.encode=function(e,t,r){if("string"!=typeof t)throw new TypeError('"alphabet" must be a string.');if(void 0!==r&&"number"!=typeof r)throw new TypeError('"maxline" must be a number.');var a="";if(e instanceof Uint8Array){var n=0,i=t.length,s=t.charAt(0),o=[0];for(n=0;n<e.length;++n){for(var c=0,u=e[n];c<o.length;++c)u+=o[c]<<8,o[c]=u%i,u=u/i\|0;for(;u>0;)o.push(u%i),u=u/i\|0}for(n=0;0===e[n]&&n<e.length-1;++n)a+=s;for(n=o.length-1;n>=0;--n)a+=t[o[n]]}else a=function(e,t){var r=0,a=t.length,n=t.charAt(0),i=[0];for(r=0;r<e.length();++r){for(var s=0,o=e.at(r);s<i.length;++s)o+=i[s]<<8,i[s]=o%a,o=o/a\|0;for(;o>0;)i.push(o%a),o=o/a\|0}var c="";for(r=0;0===e.at(r)&&r<e.length()-1;++r)c+=n;for(r=i.length-1;r>=0;--r)c+=t[i[r]];return c}(e,t);if(r){var l=new RegExp(".{1,"+r+"}","g");a=a.match(l).join("\r\n")}return a},T.decode=function(e,t){if("string"!=typeof e)throw new TypeError('"input" must be a string.');if("string"!=typeof t)throw new TypeError('"alphabet" must be a string.');var r=A[t];if(!r){r=A[t]=[];for(var a=0;a<t.length;++a)r[t.charCodeAt(a)]=a}e=e.replace(/\s/g,"");var n=t.length,i=t.charAt(0),s=[0];for(a=0;a<e.length;a++){var o=r[e.charCodeAt(a)];if(void 0===o)return;for(var c=0,u=o;c<s.length;++c)u+=s[c]n,s[c]=255&u,u>>=8;for(;u>0;)s.push(255&u),u>>=8}for(var l=0;e[l]===i&&l<e.length-1;++l)s.push(0);return"undefined"!=typeof Buffer?Buffer.from(s.reverse()):new Uint8Array(s.reverse())};var b=S,B=I,N=b.util=b.util\|\|{};function w(e){if(8!==e&&16!==e&&24!==e&&32!==e)throw new Error("Only 8, 16, 24, or 32 bits supported: "+e)}function k(e){if(this.data="",this.read=0,"string"==typeof e)this.data=e;else if(N.isArrayBuffer(e)\|\|N.isArrayBufferView(e))if("undefined"!=typeof Buffer&&e instanceof Buffer)this.data=e.toString("binary");else{var t=new Uint8Array(e);try{this.data=String.fromCharCode.apply(null,t)}catch(e){for(var r=0;r<t.length;++r)this.putByte(t[r])}}else(e instanceof k\|\|"object"==typeof e&&"string"==typeof e.data&&"number"==typeof e.read)&&(this.data=e.data,this.read=e.read);this._constructedStringLength=0}!function(){if("undefined"!=typeof process&&process.nextTick&&!process.browser)return N.nextTick=process.nextTick,void("function"==typeof setImmediate?N.setImmediate=setImmediate:N.setImmediate=N.nextTick);if("function"==typeof setImmediate)return N.setImmediate=function(){return setImmediate.apply(void 0,arguments)},void(N.nextTick=function(e){return setImmediate(e)});if(N.setImmediate=function(e){setTimeout(e,0)},"undefined"!=typeof window&&"function"==typeof window.postMessage){var e="forge.setImmediate",t=[];function s(r){if(r.source===window&&r.data===e){r.stopPropagation();var a=t.slice();t.length=0,a.forEach((function(e){e()}))}}N.setImmediate=function(r){t.push(r),1===t.length&&window.postMessage(e,"")},window.addEventListener("message",s,!0)}if("undefined"!=typeof MutationObserver){var r=Date.now(),a=!0,n=document.createElement("div");t=[];new MutationObserver((function(){var e=t.slice();t.length=0,e.forEach((function(e){e()}))})).observe(n,{attributes:!0});var i=N.setImmediate;N.setImmediate=function(e){Date.now()-r>15?(r=Date.now(),i(e)):(t.push(e),1===t.length&&n.setAttribute("a",a=!a))}}N.nextTick=N.setImmediate}(),N.isNodejs="undefined"!=typeof process&&process.versions&&process.versions.node,N.globalScope=N.isNodejs?m:"undefined"==typeof self?window:self,N.isArray=Array.isArray\|\|function(e){return"[object Array]"===Object.prototype.toString.call(e)},N.isArrayBuffer=function(e){return"undefined"!=typeof ArrayBuffer&&e instanceof ArrayBuffer},N.isArrayBufferView=function(e){return e&&N.isArrayBuffer(e.buffer)&&void 0!==e.byteLength},N.ByteBuffer=k,N.ByteStringBuffer=k;N.ByteStringBuffer.prototype._optimizeConstructedString=function(e){this._constructedStringLength+=e,this._constructedStringLength>4096&&(this.data.substr(0,1),this._constructedStringLength=0)},N.ByteStringBuffer.prototype.length=function(){return this.data.length-this.read},N.ByteStringBuffer.prototype.isEmpty=function(){return this.length()<=0},N.ByteStringBuffer.prototype.putByte=function(e){return this.putBytes(String.fromCharCode(e))},N.ByteStringBuffer.prototype.fillWithByte=function(e,t){e=String.fromCharCode(e);for(var r=this.data;t>0;)1&t&&(r+=e),(t>>>=1)>0&&(e+=e);return this.data=r,this._optimizeConstructedString(t),this},N.ByteStringBuffer.prototype.putBytes=function(e){return this.data+=e,this._optimizeConstructedString(e.length),this},N.ByteStringBuffer.prototype.putString=function(e){return this.putBytes(N.encodeUtf8(e))},N.ByteStringBuffer.prototype.putInt16=function(e){return this.putBytes(String.fromCharCode(e>>8&255)+String.fromCharCode(255&e))},N.ByteStringBuffer.prototype.putInt24=function(e){return this.putBytes(String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(255&e))},N.ByteStringBuffer.prototype.putInt32=function(e){return this.putBytes(String.fromCharCode(e>>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(255&e))},N.ByteStringBuffer.prototype.putInt16Le=function(e){return this.putBytes(String.fromCharCode(255&e)+String.fromCharCode(e>>8&255))},N.ByteStringBuffer.prototype.putInt24Le=function(e){return this.putBytes(String.fromCharCode(255&e)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255))},N.ByteStringBuffer.prototype.putInt32Le=function(e){return this.putBytes(String.fromCharCode(255&e)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>24&255))},N.ByteStringBuffer.prototype.putInt=function(e,t){w(t);var r="";do{t-=8,r+=String.fromCharCode(e>>t&255)}while(t>0);return this.putBytes(r)},N.ByteStringBuffer.prototype.putSignedInt=function(e,t){return e<0&&(e+=2<<t-1),this.putInt(e,t)},N.ByteStringBuffer.prototype.putBuffer=function(e){return this.putBytes(e.getBytes())},N.ByteStringBuffer.prototype.getByte=function(){return this.data.charCodeAt(this.read++)},N.ByteStringBuffer.prototype.getInt16=function(){var e=this.data.charCodeAt(this.read)<<8^this.data.charCodeAt(this.read+1);return this.read+=2,e},N.ByteStringBuffer.prototype.getInt24=function(){var e=this.data.charCodeAt(this.read)<<16^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2);return this.read+=3,e},N.ByteStringBuffer.prototype.getInt32=function(){var e=this.data.charCodeAt(this.read)<<24^this.data.charCodeAt(this.read+1)<<16^this.data.charCodeAt(this.read+2)<<8^this.data.charCodeAt(this.read+3);return this.read+=4,e},N.ByteStringBuffer.prototype.getInt16Le=function(){var e=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8;return this.read+=2,e},N.ByteStringBuffer.prototype.getInt24Le=function(){var e=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2)<<16;return this.read+=3,e},N.ByteStringBuffer.prototype.getInt32Le=function(){var e=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2)<<16^this.data.charCodeAt(this.read+3)<<24;return this.read+=4,e},N.ByteStringBuffer.prototype.getInt=function(e){w(e);var t=0;do{t=(t<<8)+this.data.charCodeAt(this.read++),e-=8}while(e>0);return t},N.ByteStringBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),r=2<<e-2;return t>=r&&(t-=r<<1),t},N.ByteStringBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):0===e?t="":(t=0===this.read?this.data:this.data.slice(this.read),this.clear()),t},N.ByteStringBuffer.prototype.bytes=function(e){return void 0===e?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},N.ByteStringBuffer.prototype.at=function(e){return this.data.charCodeAt(this.read+e)},N.ByteStringBuffer.prototype.setAt=function(e,t){return this.data=this.data.substr(0,this.read+e)+String.fromCharCode(t)+this.data.substr(this.read+e+1),this},N.ByteStringBuffer.prototype.last=function(){return this.data.charCodeAt(this.data.length-1)},N.ByteStringBuffer.prototype.copy=function(){var e=N.createBuffer(this.data);return e.read=this.read,e},N.ByteStringBuffer.prototype.compact=function(){return this.read>0&&(this.data=this.data.slice(this.read),this.read=0),this},N.ByteStringBuffer.prototype.clear=function(){return this.data="",this.read=0,this},N.ByteStringBuffer.prototype.truncate=function(e){var t=Math.max(0,this.length()-e);return this.data=this.data.substr(this.read,t),this.read=0,this},N.ByteStringBuffer.prototype.toHex=function(){for(var e="",t=this.read;t<this.data.length;++t){var r=this.data.charCodeAt(t);r<16&&(e+="0"),e+=r.toString(16)}return e},N.ByteStringBuffer.prototype.toString=function(){return N.decodeUtf8(this.bytes())},N.DataBuffer=function(e,t){t=t\|\|{},this.read=t.readOffset\|\|0,this.growSize=t.growSize\|\|1024;var r=N.isArrayBuffer(e),a=N.isArrayBufferView(e);if(r\|\|a)return this.data=r?new DataView(e):new DataView(e.buffer,e.byteOffset,e.byteLength),void(this.write="writeOffset"in t?t.writeOffset:this.data.byteLength);this.data=new DataView(new ArrayBuffer(0)),this.write=0,null!=e&&this.putBytes(e),"writeOffset"in t&&(this.write=t.writeOffset)},N.DataBuffer.prototype.length=function(){return this.write-this.read},N.DataBuffer.prototype.isEmpty=function(){return this.length()<=0},N.DataBuffer.prototype.accommodate=function(e,t){if(this.length()>=e)return this;t=Math.max(t\|\|this.growSize,e);var r=new Uint8Array(this.data.buffer,this.data.byteOffset,this.data.byteLength),a=new Uint8Array(this.length()+t);return a.set(r),this.data=new DataView(a.buffer),this},N.DataBuffer.prototype.putByte=function(e){return this.accommodate(1),this.data.setUint8(this.write++,e),this},N.DataBuffer.prototype.fillWithByte=function(e,t){this.accommodate(t);for(var r=0;r<t;++r)this.data.setUint8(e);return this},N.DataBuffer.prototype.putBytes=function(e,t){if(N.isArrayBufferView(e)){var r=(a=new Uint8Array(e.buffer,e.byteOffset,e.byteLength)).byteLength-a.byteOffset;return this.accommodate(r),new Uint8Array(this.data.buffer,this.write).set(a),this.write+=r,this}if(N.isArrayBuffer(e)){var a=new Uint8Array(e);return this.accommodate(a.byteLength),new Uint8Array(this.data.buffer).set(a,this.write),this.write+=a.byteLength,this}if(e instanceof N.DataBuffer\|\|"object"==typeof e&&"number"==typeof e.read&&"number"==typeof e.write&&N.isArrayBufferView(e.data)){a=new Uint8Array(e.data.byteLength,e.read,e.length());return this.accommodate(a.byteLength),new Uint8Array(e.data.byteLength,this.write).set(a),this.write+=a.byteLength,this}if(e instanceof N.ByteStringBuffer&&(e=e.data,t="binary"),t=t\|\|"binary","string"==typeof e){var n;if("hex"===t)return this.accommodate(Math.ceil(e.length/2)),n=new Uint8Array(this.data.buffer,this.write),this.write+=N.binary.hex.decode(e,n,this.write),this;if("base64"===t)return this.accommodate(3Math.ceil(e.length/4)),n=new Uint8Array(this.data.buffer,this.write),this.write+=N.binary.base64.decode(e,n,this.write),this;if("utf8"===t&&(e=N.encodeUtf8(e),t="binary"),"binary"===t\|\|"raw"===t)return this.accommodate(e.length),n=new Uint8Array(this.data.buffer,this.write),this.write+=N.binary.raw.decode(n),this;if("utf16"===t)return this.accommodate(2e.length),n=new Uint16Array(this.data.buffer,this.write),this.write+=N.text.utf16.encode(n),this;throw new Error("Invalid encoding: "+t)}throw Error("Invalid parameter: "+e)},N.DataBuffer.prototype.putBuffer=function(e){return this.putBytes(e),e.clear(),this},N.DataBuffer.prototype.putString=function(e){return this.putBytes(e,"utf16")},N.DataBuffer.prototype.putInt16=function(e){return this.accommodate(2),this.data.setInt16(this.write,e),this.write+=2,this},N.DataBuffer.prototype.putInt24=function(e){return this.accommodate(3),this.data.setInt16(this.write,e>>8&65535),this.data.setInt8(this.write,e>>16&255),this.write+=3,this},N.DataBuffer.prototype.putInt32=function(e){return this.accommodate(4),this.data.setInt32(this.write,e),this.write+=4,this},N.DataBuffer.prototype.putInt16Le=function(e){return this.accommodate(2),this.data.setInt16(this.write,e,!0),this.write+=2,this},N.DataBuffer.prototype.putInt24Le=function(e){return this.accommodate(3),this.data.setInt8(this.write,e>>16&255),this.data.setInt16(this.write,e>>8&65535,!0),this.write+=3,this},N.DataBuffer.prototype.putInt32Le=function(e){return this.accommodate(4),this.data.setInt32(this.write,e,!0),this.write+=4,this},N.DataBuffer.prototype.putInt=function(e,t){w(t),this.accommodate(t/8);do{t-=8,this.data.setInt8(this.write++,e>>t&255)}while(t>0);return this},N.DataBuffer.prototype.putSignedInt=function(e,t){return w(t),this.accommodate(t/8),e<0&&(e+=2<<t-1),this.putInt(e,t)},N.DataBuffer.prototype.getByte=function(){return this.data.getInt8(this.read++)},N.DataBuffer.prototype.getInt16=function(){var e=this.data.getInt16(this.read);return this.read+=2,e},N.DataBuffer.prototype.getInt24=function(){var e=this.data.getInt16(this.read)<<8^this.data.getInt8(this.read+2);return this.read+=3,e},N.DataBuffer.prototype.getInt32=function(){var e=this.data.getInt32(this.read);return this.read+=4,e},N.DataBuffer.prototype.getInt16Le=function(){var e=this.data.getInt16(this.read,!0);return this.read+=2,e},N.DataBuffer.prototype.getInt24Le=function(){var e=this.data.getInt8(this.read)^this.data.getInt16(this.read+1,!0)<<8;return this.read+=3,e},N.DataBuffer.prototype.getInt32Le=function(){var e=this.data.getInt32(this.read,!0);return this.read+=4,e},N.DataBuffer.prototype.getInt=function(e){w(e);var t=0;do{t=(t<<8)+this.data.getInt8(this.read++),e-=8}while(e>0);return t},N.DataBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),r=2<<e-2;return t>=r&&(t-=r<<1),t},N.DataBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):0===e?t="":(t=0===this.read?this.data:this.data.slice(this.read),this.clear()),t},N.DataBuffer.prototype.bytes=function(e){return void 0===e?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},N.DataBuffer.prototype.at=function(e){return this.data.getUint8(this.read+e)},N.DataBuffer.prototype.setAt=function(e,t){return this.data.setUint8(e,t),this},N.DataBuffer.prototype.last=function(){return this.data.getUint8(this.write-1)},N.DataBuffer.prototype.copy=function(){return new N.DataBuffer(this)},N.DataBuffer.prototype.compact=function(){if(this.read>0){var e=new Uint8Array(this.data.buffer,this.read),t=new Uint8Array(e.byteLength);t.set(e),this.data=new DataView(t),this.write-=this.read,this.read=0}return this},N.DataBuffer.prototype.clear=function(){return this.data=new DataView(new ArrayBuffer(0)),this.read=this.write=0,this},N.DataBuffer.prototype.truncate=function(e){return this.write=Math.max(0,this.length()-e),this.read=Math.min(this.read,this.write),this},N.DataBuffer.prototype.toHex=function(){for(var e="",t=this.read;t<this.data.byteLength;++t){var r=this.data.getUint8(t);r<16&&(e+="0"),e+=r.toString(16)}return e},N.DataBuffer.prototype.toString=function(e){var t=new Uint8Array(this.data,this.read,this.length());if("binary"===(e=e\|\|"utf8")\|\|"raw"===e)return N.binary.raw.encode(t);if("hex"===e)return N.binary.hex.encode(t);if("base64"===e)return N.binary.base64.encode(t);if("utf8"===e)return N.text.utf8.decode(t);if("utf16"===e)return N.text.utf16.decode(t);throw new Error("Invalid encoding: "+e)},N.createBuffer=function(e,t){return t=t\|\|"raw",void 0!==e&&"utf8"===t&&(e=N.encodeUtf8(e)),new N.ByteBuffer(e)},N.fillString=function(e,t){for(var r="";t>0;)1&t&&(r+=e),(t>>>=1)>0&&(e+=e);return r},N.xorBytes=function(e,t,r){for(var a="",n="",i="",s=0,o=0;r>0;--r,++s)n=e.charCodeAt(s)^t.charCodeAt(s),o>=10&&(a+=i,i="",o=0),i+=String.fromCharCode(n),++o;return a+=i},N.hexToBytes=function(e){var t="",r=0;for(!0&e.length&&(r=1,t+=String.fromCharCode(parseInt(e[0],16)));r<e.length;r+=2)t+=String.fromCharCode(parseInt(e.substr(r,2),16));return t},N.bytesToHex=function(e){return N.createBuffer(e).toHex()},N.int32ToBytes=function(e){return String.fromCharCode(e>>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(255&e)};var R="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",_=[62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,64,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51],L="123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";N.encode64=function(e,t){for(var r,a,n,i="",s="",o=0;o<e.length;)r=e.charCodeAt(o++),a=e.charCodeAt(o++),n=e.charCodeAt(o++),i+=R.charAt(r>>2),i+=R.charAt((3&r)<<4\|a>>4),isNaN(a)?i+="==":(i+=R.charAt((15&a)<<2\|n>>6),i+=isNaN(n)?"=":R.charAt(63&n)),t&&i.length>t&&(s+=i.substr(0,t)+"\r\n",i=i.substr(t));return s+=i},N.decode64=function(e){e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");for(var t,r,a,n,i="",s=0;s<e.length;)t=_[e.charCodeAt(s++)-43],r=_[e.charCodeAt(s++)-43],a=_[e.charCodeAt(s++)-43],n=_[e.charCodeAt(s++)-43],i+=String.fromCharCode(t<<2\|r>>4),64!==a&&(i+=String.fromCharCode((15&r)<<4\|a>>2),64!==n&&(i+=String.fromCharCode((3&a)<<6\|n)));return i},N.encodeUtf8=function(e){return unescape(encodeURIComponent(e))},N.decodeUtf8=function(e){return decodeURIComponent(escape(e))},N.binary={raw:{},hex:{},base64:{},base58:{},baseN:{encode:B.encode,decode:B.decode}},N.binary.raw.encode=function(e){return String.fromCharCode.apply(null,e)},N.binary.raw.decode=function(e,t,r){var a=t;a\|\|(a=new Uint8Array(e.length));for(var n=r=r\|\|0,i=0;i<e.length;++i)a[n++]=e.charCodeAt(i);return t?n-r:a},N.binary.hex.encode=N.bytesToHex,N.binary.hex.decode=function(e,t,r){var a=t;a\|\|(a=new Uint8Array(Math.ceil(e.length/2)));var n=0,i=r=r\|\|0;for(1&e.length&&(n=1,a[i++]=parseInt(e[0],16));n<e.length;n+=2)a[i++]=parseInt(e.substr(n,2),16);return t?i-r:a},N.binary.base64.encode=function(e,t){for(var r,a,n,i="",s="",o=0;o<e.byteLength;)r=e[o++],a=e[o++],n=e[o++],i+=R.charAt(r>>2),i+=R.charAt((3&r)<<4\|a>>4),isNaN(a)?i+="==":(i+=R.charAt((15&a)<<2\|n>>6),i+=isNaN(n)?"=":R.charAt(63&n)),t&&i.length>t&&(s+=i.substr(0,t)+"\r\n",i=i.substr(t));return s+=i},N.binary.base64.decode=function(e,t,r){var a,n,i,s,o=t;o\|\|(o=new Uint8Array(3Math.ceil(e.length/4))),e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");for(var c=0,u=r=r\|\|0;c<e.length;)a=_[e.charCodeAt(c++)-43],n=_[e.charCodeAt(c++)-43],i=_[e.charCodeAt(c++)-43],s=_[e.charCodeAt(c++)-43],o[u++]=a<<2\|n>>4,64!==i&&(o[u++]=(15&n)<<4\|i>>2,64!==s&&(o[u++]=(3&i)<<6\|s));return t?u-r:o.subarray(0,u)},N.binary.base58.encode=function(e,t){return N.binary.baseN.encode(e,L,t)},N.binary.base58.decode=function(e,t){return N.binary.baseN.decode(e,L,t)},N.text={utf8:{},utf16:{}},N.text.utf8.encode=function(e,t,r){e=N.encodeUtf8(e);var a=t;a\|\|(a=new Uint8Array(e.length));for(var n=r=r\|\|0,i=0;i<e.length;++i)a[n++]=e.charCodeAt(i);return t?n-r:a},N.text.utf8.decode=function(e){return N.decodeUtf8(String.fromCharCode.apply(null,e))},N.text.utf16.encode=function(e,t,r){var a=t;a\|\|(a=new Uint8Array(2e.length));for(var n=new Uint16Array(a.buffer),i=r=r\|\|0,s=r,o=0;o<e.length;++o)n[s++]=e.charCodeAt(o),i+=2;return t?i-r:a},N.text.utf16.decode=function(e){return String.fromCharCode.apply(null,new Uint16Array(e.buffer))},N.deflate=function(e,t,r){if(t=N.decode64(e.deflate(N.encode64(t)).rval),r){var a=2;32&t.charCodeAt(1)&&(a=6),t=t.substring(a,t.length-4)}return t},N.inflate=function(e,t,r){var a=e.inflate(N.encode64(t)).rval;return null===a?null:N.decode64(a)};var U=function(e,t,r){if(!e)throw new Error("WebStorage not available.");var a;if(null===r?a=e.removeItem(t):(r=N.encode64(JSON.stringify(r)),a=e.setItem(t,r)),void 0!==a&&!0!==a.rval){var n=new Error(a.error.message);throw n.id=a.error.id,n.name=a.error.name,n}},D=function(e,t){if(!e)throw new Error("WebStorage not available.");var r=e.getItem(t);if(e.init)if(null===r.rval){if(r.error){var a=new Error(r.error.message);throw a.id=r.error.id,a.name=r.error.name,a}r=null}else r=r.rval;return null!==r&&(r=JSON.parse(N.decode64(r))),r},P=function(e,t,r,a){var n=D(e,t);null===n&&(n={}),n[r]=a,U(e,t,n)},V=function(e,t,r){var a=D(e,t);return null!==a&&(a=r in a?a[r]:null),a},O=function(e,t,r){var a=D(e,t);if(null!==a&&r in a){delete a[r];var n=!0;for(var i in a){n=!1;break}n&&(a=null),U(e,t,a)}},K=function(e,t){U(e,t,null)},x=function(e,t,r){var a,n=null;void 0===r&&(r=["web","flash"]);var i=!1,s=null;for(var o in r){a=r[o];try{if("flash"===a\|\|"both"===a){if(null===t[0])throw new Error("Flash local storage not available.");n=e.apply(this,t),i="flash"===a}"web"!==a&&"both"!==a\|\|(t[0]=localStorage,n=e.apply(this,t),i=!0)}catch(e){s=e}if(i)break}if(!i)throw s;return n};N.setItem=function(e,t,r,a,n){x(P,arguments,n)},N.getItem=function(e,t,r,a){return x(V,arguments,a)},N.removeItem=function(e,t,r,a){x(O,arguments,a)},N.clearItems=function(e,t,r){x(K,arguments,r)},N.parseUrl=function(e){var t=/^(https?):\/\/([^:&^\/]):?(\d)(.)$/g;t.lastIndex=0;var r=t.exec(e),a=null===r?null:{full:e,scheme:r[1],host:r[2],port:r[3],path:r[4]};return a&&(a.fullHost=a.host,a.port?(80!==a.port&&"http"===a.scheme\|\|443!==a.port&&"https"===a.scheme)&&(a.fullHost+=":"+a.port):"http"===a.scheme?a.port=80:"https"===a.scheme&&(a.port=443),a.full=a.scheme+"://"+a.fullHost),a};var M=null;N.getQueryVariables=function(e){var t,r=function(e){for(var t={},r=e.split("&"),a=0;a<r.length;a++){var n,i,s=r[a].indexOf("=");s>0?(n=r[a].substring(0,s),i=r[a].substring(s+1)):(n=r[a],i=null),n in t\|\|(t[n]=[]),n in Object.prototype\|\|null===i\|\|t[n].push(unescape(i))}return t};return void 0===e?(null===M&&(M="undefined"!=typeof window&&window.location&&window.location.search?r(window.location.search.substring(1)):{}),t=M):t=r(e),t},N.parseFragment=function(e){var t=e,r="",a=e.indexOf("?");a>0&&(t=e.substring(0,a),r=e.substring(a+1));var n=t.split("/");return n.length>0&&""===n[0]&&n.shift(),{pathString:t,queryString:r,path:n,query:""===r?{}:N.getQueryVariables(r)}},N.makeRequest=function(e){var t=N.parseFragment(e),r={path:t.pathString,query:t.queryString,getPath:function(e){return void 0===e?t.path:t.path[e]},getQuery:function(e,r){var a;return void 0===e?a=t.query:(a=t.query[e])&&void 0!==r&&(a=a[r]),a},getQueryLast:function(e,t){var a=r.getQuery(e);return a?a[a.length-1]:t}};return r},N.makeLink=function(e,t,r){e=jQuery.isArray(e)?e.join("/"):e;var a=jQuery.param(t\|\|{});return r=r\|\|"",e+(a.length>0?"?"+a:"")+(r.length>0?"#"+r:"")},N.isEmpty=function(e){for(var t in e)if(e.hasOwnProperty(t))return!1;return!0},N.format=function(e){for(var t,r,a=/%./g,n=0,i=[],s=0;t=a.exec(e);){(r=e.substring(s,a.lastIndex-2)).length>0&&i.push(r),s=a.lastIndex;var o=t[0][1];switch(o){case"s":case"o":n<arguments.length?i.push(arguments[1+n++]):i.push("<?>");break;case"%":i.push("%");break;default:i.push("<%"+o+"?>")}}return i.push(e.substring(s)),i.join("")},N.formatNumber=function(e,t,r,a){var n=e,i=isNaN(t=Math.abs(t))?2:t,s=void 0===r?",":r,o=void 0===a?".":a,c=n<0?"-":"",u=parseInt(n=Math.abs(+n\|\|0).toFixed(i),10)+"",l=u.length>3?u.length%3:0;return c+(l?u.substr(0,l)+o:"")+u.substr(l).replace(/(\d{3})(?=\d)/g,"$1"+o)+(i?s+Math.abs(n-u).toFixed(i).slice(2):"")},N.formatSize=function(e){return e=e>=1073741824?N.formatNumber(e/1073741824,2,".","")+" GiB":e>=1048576?N.formatNumber(e/1048576,2,".","")+" MiB":e>=1024?N.formatNumber(e/1024,0)+" KiB":N.formatNumber(e,0)+" bytes"},N.bytesFromIP=function(e){return-1!==e.indexOf(".")?N.bytesFromIPv4(e):-1!==e.indexOf(":")?N.bytesFromIPv6(e):null},N.bytesFromIPv4=function(e){if(4!==(e=e.split(".")).length)return null;for(var t=N.createBuffer(),r=0;r<e.length;++r){var a=parseInt(e[r],10);if(isNaN(a))return null;t.putByte(a)}return t.getBytes()},N.bytesFromIPv6=function(e){for(var t=0,r=2(8-(e=e.split(":").filter((function(e){return 0===e.length&&++t,!0}))).length+t),a=N.createBuffer(),n=0;n<8;++n)if(e[n]&&0!==e[n].length){var i=N.hexToBytes(e[n]);i.length<2&&a.putByte(0),a.putBytes(i)}else a.fillWithByte(0,r),r=0;return a.getBytes()},N.bytesToIP=function(e){return 4===e.length?N.bytesToIPv4(e):16===e.length?N.bytesToIPv6(e):null},N.bytesToIPv4=function(e){if(4!==e.length)return null;for(var t=[],r=0;r<e.length;++r)t.push(e.charCodeAt(r));return t.join(".")},N.bytesToIPv6=function(e){if(16!==e.length)return null;for(var t=[],r=[],a=0,n=0;n<e.length;n+=2){for(var i=N.bytesToHex(e[n]+e[n+1]);"0"===i[0]&&"0"!==i;)i=i.substr(1);if("0"===i){var s=r[r.length-1],o=t.length;s&&o===s.end+1?(s.end=o,s.end-s.start>r[a].end-r[a].start&&(a=r.length-1)):r.push({start:o,end:o})}t.push(i)}if(r.length>0){var c=r[a];c.end-c.start>0&&(t.splice(c.start,c.end-c.start+1,""),0===c.start&&t.unshift(""),7===c.end&&t.push(""))}return t.join(":")},N.estimateCores=function(e,t){if("function"==typeof e&&(t=e,e={}),e=e\|\|{},"cores"in N&&!e.update)return t(null,N.cores);if("undefined"!=typeof navigator&&"hardwareConcurrency"in navigator&&navigator.hardwareConcurrency>0)return N.cores=navigator.hardwareConcurrency,t(null,N.cores);if("undefined"==typeof Worker)return N.cores=1,t(null,N.cores);if("undefined"==typeof Blob)return N.cores=2,t(null,N.cores);var r=URL.createObjectURL(new Blob(["(",function(){self.addEventListener("message",(function(e){var t=Date.now(),r=t+4;self.postMessage({st:t,et:r})}))}.toString(),")()"],{type:"application/javascript"}));!function e(a,n,i){if(0===n){var s=Math.floor(a.reduce((function(e,t){return e+t}),0)/a.length);return N.cores=Math.max(1,s),URL.revokeObjectURL(r),t(null,N.cores)}!function(e,t){for(var a=[],n=[],i=0;i<e;++i){var s=new Worker(r);s.addEventListener("message",(function(r){if(n.push(r.data),n.length===e){for(var i=0;i<e;++i)a[i].terminate();t(null,n)}})),a.push(s)}for(i=0;i<e;++i)a[i].postMessage(i)}(i,(function(t,r){a.push(function(e,t){for(var r=[],a=0;a<e;++a)for(var n=t[a],i=r[a]=[],s=0;s<e;++s)if(a!==s){var o=t[s];(n.st>o.st&&n.st<o.et\|\|o.st>n.st&&o.st<n.et)&&i.push(s)}return r.reduce((function(e,t){return Math.max(e,t.length)}),0)}(i,r)),e(a,n-1,i)}))}([],5,16)};var F=S;F.cipher=F.cipher\|\|{},F.cipher.algorithms=F.cipher.algorithms\|\|{},F.cipher.createCipher=function(e,t){var r=e;if("string"==typeof r&&(r=F.cipher.getAlgorithm(r))&&(r=r()),!r)throw new Error("Unsupported algorithm: "+e);return new F.cipher.BlockCipher({algorithm:r,key:t,decrypt:!1})},F.cipher.createDecipher=function(e,t){var r=e;if("string"==typeof r&&(r=F.cipher.getAlgorithm(r))&&(r=r()),!r)throw new Error("Unsupported algorithm: "+e);return new F.cipher.BlockCipher({algorithm:r,key:t,decrypt:!0})},F.cipher.registerAlgorithm=function(e,t){e=e.toUpperCase(),F.cipher.algorithms[e]=t},F.cipher.getAlgorithm=function(e){return(e=e.toUpperCase())in F.cipher.algorithms?F.cipher.algorithms[e]:null};var q=F.cipher.BlockCipher=function(e){this.algorithm=e.algorithm,this.mode=this.algorithm.mode,this.blockSize=this.mode.blockSize,this._finish=!1,this._input=null,this.output=null,this._op=e.decrypt?this.mode.decrypt:this.mode.encrypt,this._decrypt=e.decrypt,this.algorithm.initialize(e)};q.prototype.start=function(e){e=e\|\|{};var t={};for(var r in e)t[r]=e[r];t.decrypt=this._decrypt,this._finish=!1,this._input=F.util.createBuffer(),this.output=e.output\|\|F.util.createBuffer(),this.mode.start(t)},q.prototype.update=function(e){for(e&&this._input.putBuffer(e);!this._op.call(this.mode,this._input,this.output,this._finish)&&!this._finish;);this._input.compact()},q.prototype.finish=function(e){!e\|\|"ECB"!==this.mode.name&&"CBC"!==this.mode.name\|\|(this.mode.pad=function(t){return e(this.blockSize,t,!1)},this.mode.unpad=function(t){return e(this.blockSize,t,!0)});var t={};return t.decrypt=this._decrypt,t.overflow=this._input.length()%this.blockSize,!(!this._decrypt&&this.mode.pad&&!this.mode.pad(this._input,t))&&(this._finish=!0,this.update(),!(this._decrypt&&this.mode.unpad&&!this.mode.unpad(this.output,t))&&!(this.mode.afterFinish&&!this.mode.afterFinish(this.output,t)))};var j=S;j.cipher=j.cipher\|\|{};var G=j.cipher.modes=j.cipher.modes\|\|{};function H(e,t){if("string"==typeof e&&(e=j.util.createBuffer(e)),j.util.isArray(e)&&e.length>4){var r=e;e=j.util.createBuffer();for(var a=0;a<r.length;++a)e.putByte(r[a])}if(e.length()<t)throw new Error("Invalid IV length; got "+e.length()+" bytes and expected "+t+" bytes.");if(!j.util.isArray(e)){var n=[],i=t/4;for(a=0;a<i;++a)n.push(e.getInt32());e=n}return e}function Q(e){e[e.length-1]=e[e.length-1]+1&4294967295}function z(e){return[e/4294967296\|0,4294967295&e]}G.ecb=function(e){e=e\|\|{},this.name="ECB",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints)},G.ecb.prototype.start=function(e){},G.ecb.prototype.encrypt=function(e,t,r){if(e.length()<this.blockSize&&!(r&&e.length()>0))return!0;for(var a=0;a<this._ints;++a)this._inBlock[a]=e.getInt32();this.cipher.encrypt(this._inBlock,this._outBlock);for(a=0;a<this._ints;++a)t.putInt32(this._outBlock[a])},G.ecb.prototype.decrypt=function(e,t,r){if(e.length()<this.blockSize&&!(r&&e.length()>0))return!0;for(var a=0;a<this._ints;++a)this._inBlock[a]=e.getInt32();this.cipher.decrypt(this._inBlock,this._outBlock);for(a=0;a<this._ints;++a)t.putInt32(this._outBlock[a])},G.ecb.prototype.pad=function(e,t){var r=e.length()===this.blockSize?this.blockSize:this.blockSize-e.length();return e.fillWithByte(r,r),!0},G.ecb.prototype.unpad=function(e,t){if(t.overflow>0)return!1;var r=e.length(),a=e.at(r-1);return!(a>this.blockSize<<2)&&(e.truncate(a),!0)},G.cbc=function(e){e=e\|\|{},this.name="CBC",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints)},G.cbc.prototype.start=function(e){if(null===e.iv){if(!this._prev)throw new Error("Invalid IV parameter.");this._iv=this._prev.slice(0)}else{if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=H(e.iv,this.blockSize),this._prev=this._iv.slice(0)}},G.cbc.prototype.encrypt=function(e,t,r){if(e.length()<this.blockSize&&!(r&&e.length()>0))return!0;for(var a=0;a<this._ints;++a)this._inBlock[a]=this._prev[a]^e.getInt32();this.cipher.encrypt(this._inBlock,this._outBlock);for(a=0;a<this._ints;++a)t.putInt32(this._outBlock[a]);this._prev=this._outBlock},G.cbc.prototype.decrypt=function(e,t,r){if(e.length()<this.blockSize&&!(r&&e.length()>0))return!0;for(var a=0;a<this._ints;++a)this._inBlock[a]=e.getInt32();this.cipher.decrypt(this._inBlock,this._outBlock);for(a=0;a<this._ints;++a)t.putInt32(this._prev[a]^this._outBlock[a]);this._prev=this._inBlock.slice(0)},G.cbc.prototype.pad=function(e,t){var r=e.length()===this.blockSize?this.blockSize:this.blockSize-e.length();return e.fillWithByte(r,r),!0},G.cbc.prototype.unpad=function(e,t){if(t.overflow>0)return!1;var r=e.length(),a=e.at(r-1);return!(a>this.blockSize<<2)&&(e.truncate(a),!0)},G.cfb=function(e){e=e\|\|{},this.name="CFB",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialBlock=new Array(this._ints),this._partialOutput=j.util.createBuffer(),this._partialBytes=0},G.cfb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=H(e.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},G.cfb.prototype.encrypt=function(e,t,r){var a=e.length();if(0===a)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize)for(var n=0;n<this._ints;++n)this._inBlock[n]=e.getInt32()^this._outBlock[n],t.putInt32(this._inBlock[n]);else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialBlock[n]=e.getInt32()^this._outBlock[n],this._partialOutput.putInt32(this._partialBlock[n]);if(i>0)e.read-=this.blockSize;else for(n=0;n<this._ints;++n)this._inBlock[n]=this._partialBlock[n];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}},G.cfb.prototype.decrypt=function(e,t,r){var a=e.length();if(0===a)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize)for(var n=0;n<this._ints;++n)this._inBlock[n]=e.getInt32(),t.putInt32(this._inBlock[n]^this._outBlock[n]);else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialBlock[n]=e.getInt32(),this._partialOutput.putInt32(this._partialBlock[n]^this._outBlock[n]);if(i>0)e.read-=this.blockSize;else for(n=0;n<this._ints;++n)this._inBlock[n]=this._partialBlock[n];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}},G.ofb=function(e){e=e\|\|{},this.name="OFB",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialOutput=j.util.createBuffer(),this._partialBytes=0},G.ofb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=H(e.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},G.ofb.prototype.encrypt=function(e,t,r){var a=e.length();if(0===e.length())return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize)for(var n=0;n<this._ints;++n)t.putInt32(e.getInt32()^this._outBlock[n]),this._inBlock[n]=this._outBlock[n];else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialOutput.putInt32(e.getInt32()^this._outBlock[n]);if(i>0)e.read-=this.blockSize;else for(n=0;n<this._ints;++n)this._inBlock[n]=this._outBlock[n];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}},G.ofb.prototype.decrypt=G.ofb.prototype.encrypt,G.ctr=function(e){e=e\|\|{},this.name="CTR",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialOutput=j.util.createBuffer(),this._partialBytes=0},G.ctr.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=H(e.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},G.ctr.prototype.encrypt=function(e,t,r){var a=e.length();if(0===a)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize)for(var n=0;n<this._ints;++n)t.putInt32(e.getInt32()^this._outBlock[n]);else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialOutput.putInt32(e.getInt32()^this._outBlock[n]);if(i>0&&(e.read-=this.blockSize),this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}Q(this._inBlock)},G.ctr.prototype.decrypt=G.ctr.prototype.encrypt,G.gcm=function(e){e=e\|\|{},this.name="GCM",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints),this._partialOutput=j.util.createBuffer(),this._partialBytes=0,this._R=3774873600},G.gcm.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");var t,r=j.util.createBuffer(e.iv);if(this._cipherLength=0,t="additionalData"in e?j.util.createBuffer(e.additionalData):j.util.createBuffer(),this._tagLength="tagLength"in e?e.tagLength:128,this._tag=null,e.decrypt&&(this._tag=j.util.createBuffer(e.tag).getBytes(),this._tag.length!==this._tagLength/8))throw new Error("Authentication tag does not match tag length.");this._hashBlock=new Array(this._ints),this.tag=null,this._hashSubkey=new Array(this._ints),this.cipher.encrypt([0,0,0,0],this._hashSubkey),this.componentBits=4,this._m=this.generateHashTable(this._hashSubkey,this.componentBits);var a=r.length();if(12===a)this._j0=[r.getInt32(),r.getInt32(),r.getInt32(),1];else{for(this._j0=[0,0,0,0];r.length()>0;)this._j0=this.ghash(this._hashSubkey,this._j0,[r.getInt32(),r.getInt32(),r.getInt32(),r.getInt32()]);this._j0=this.ghash(this._hashSubkey,this._j0,[0,0].concat(z(8a)))}this._inBlock=this._j0.slice(0),Q(this._inBlock),this._partialBytes=0,t=j.util.createBuffer(t),this._aDataLength=z(8t.length());var n=t.length()%this.blockSize;for(n&&t.fillWithByte(0,this.blockSize-n),this._s=[0,0,0,0];t.length()>0;)this._s=this.ghash(this._hashSubkey,this._s,[t.getInt32(),t.getInt32(),t.getInt32(),t.getInt32()])},G.gcm.prototype.encrypt=function(e,t,r){var a=e.length();if(0===a)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize){for(var n=0;n<this._ints;++n)t.putInt32(this._outBlock[n]^=e.getInt32());this._cipherLength+=this.blockSize}else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialOutput.putInt32(e.getInt32()^this._outBlock[n]);if(i<=0\|\|r){if(r){var s=a%this.blockSize;this._cipherLength+=s,this._partialOutput.truncate(this.blockSize-s)}else this._cipherLength+=this.blockSize;for(n=0;n<this._ints;++n)this._outBlock[n]=this._partialOutput.getInt32();this._partialOutput.read-=this.blockSize}if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return e.read-=this.blockSize,t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}this._s=this.ghash(this._hashSubkey,this._s,this._outBlock),Q(this._inBlock)},G.gcm.prototype.decrypt=function(e,t,r){var a=e.length();if(a<this.blockSize&&!(r&&a>0))return!0;this.cipher.encrypt(this._inBlock,this._outBlock),Q(this._inBlock),this._hashBlock[0]=e.getInt32(),this._hashBlock[1]=e.getInt32(),this._hashBlock[2]=e.getInt32(),this._hashBlock[3]=e.getInt32(),this._s=this.ghash(this._hashSubkey,this._s,this._hashBlock);for(var n=0;n<this._ints;++n)t.putInt32(this._outBlock[n]^this._hashBlock[n]);a<this.blockSize?this._cipherLength+=a%this.blockSize:this._cipherLength+=this.blockSize},G.gcm.prototype.afterFinish=function(e,t){var r=!0;t.decrypt&&t.overflow&&e.truncate(this.blockSize-t.overflow),this.tag=j.util.createBuffer();var a=this._aDataLength.concat(z(8this._cipherLength));this._s=this.ghash(this._hashSubkey,this._s,a);var n=[];this.cipher.encrypt(this._j0,n);for(var i=0;i<this._ints;++i)this.tag.putInt32(this._s[i]^n[i]);return this.tag.truncate(this.tag.length()%(this._tagLength/8)),t.decrypt&&this.tag.bytes()!==this._tag&&(r=!1),r},G.gcm.prototype.multiply=function(e,t){for(var r=[0,0,0,0],a=t.slice(0),n=0;n<128;++n){e[n/32\|0]&1<<31-n%32&&(r[0]^=a[0],r[1]^=a[1],r[2]^=a[2],r[3]^=a[3]),this.pow(a,a)}return r},G.gcm.prototype.pow=function(e,t){for(var r=1&e[3],a=3;a>0;--a)t[a]=e[a]>>>1\|(1&e[a-1])<<31;t[0]=e[0]>>>1,r&&(t[0]^=this._R)},G.gcm.prototype.tableMultiply=function(e){for(var t=[0,0,0,0],r=0;r<32;++r){var a=e[r/8\|0]>>>4(7-r%8)&15,n=this._m[r][a];t[0]^=n[0],t[1]^=n[1],t[2]^=n[2],t[3]^=n[3]}return t},G.gcm.prototype.ghash=function(e,t,r){return t[0]^=r[0],t[1]^=r[1],t[2]^=r[2],t[3]^=r[3],this.tableMultiply(t)},G.gcm.prototype.generateHashTable=function(e,t){for(var r=8/t,a=4r,n=16r,i=new Array(n),s=0;s<n;++s){var o=[0,0,0,0],c=(a-1-s%a)t;o[s/a\|0]=1<<t-1<<c,i[s]=this.generateSubHashTable(this.multiply(o,e),t)}return i},G.gcm.prototype.generateSubHashTable=function(e,t){var r=1<<t,a=r>>>1,n=new Array(r);n[a]=e.slice(0);for(var i=a>>>1;i>0;)this.pow(n[2i],n[i]=[]),i>>=1;for(i=2;i<a;){for(var s=1;s<i;++s){var o=n[i],c=n[s];n[i+s]=[o[0]^c[0],o[1]^c[1],o[2]^c[2],o[3]^c[3]]}i=2}for(n[0]=[0,0,0,0],i=a+1;i<r;++i){var u=n[i^a];n[i]=[e[0]^u[0],e[1]^u[1],e[2]^u[2],e[3]^u[3]]}return n};var W=S;function Y(e,t){W.cipher.registerAlgorithm(e,(function(){return new W.aes.Algorithm(e,t)}))}W.aes=W.aes\|\|{},W.aes.startEncrypting=function(e,t,r,a){var n=se({key:e,output:r,decrypt:!1,mode:a});return n.start(t),n},W.aes.createEncryptionCipher=function(e,t){return se({key:e,output:null,decrypt:!1,mode:t})},W.aes.startDecrypting=function(e,t,r,a){var n=se({key:e,output:r,decrypt:!0,mode:a});return n.start(t),n},W.aes.createDecryptionCipher=function(e,t){return se({key:e,output:null,decrypt:!0,mode:t})},W.aes.Algorithm=function(e,t){te\|\|ae();var r=this;r.name=e,r.mode=new t({blockSize:16,cipher:{encrypt:function(e,t){return ie(r._w,e,t,!1)},decrypt:function(e,t){return ie(r._w,e,t,!0)}}}),r._init=!1},W.aes.Algorithm.prototype.initialize=function(e){if(!this._init){var t,r=e.key;if("string"!=typeof r\|\|16!==r.length&&24!==r.length&&32!==r.length){if(W.util.isArray(r)&&(16===r.length\|\|24===r.length\|\|32===r.length)){t=r,r=W.util.createBuffer();for(var a=0;a<t.length;++a)r.putByte(t[a])}}else r=W.util.createBuffer(r);if(!W.util.isArray(r)){t=r,r=[];var n=t.length();if(16===n\|\|24===n\|\|32===n){n>>>=2;for(a=0;a<n;++a)r.push(t.getInt32())}}if(!W.util.isArray(r)\|\|4!==r.length&&6!==r.length&&8!==r.length)throw new Error("Invalid key parameter.");var i=this.mode.name,s=-1!==["CFB","OFB","CTR","GCM"].indexOf(i);this._w=ne(r,e.decrypt&&!s),this._init=!0}},W.aes._expandKey=function(e,t){return te\|\|ae(),ne(e,t)},W.aes._updateBlock=ie,Y("AES-ECB",W.cipher.modes.ecb),Y("AES-CBC",W.cipher.modes.cbc),Y("AES-CFB",W.cipher.modes.cfb),Y("AES-OFB",W.cipher.modes.ofb),Y("AES-CTR",W.cipher.modes.ctr),Y("AES-GCM",W.cipher.modes.gcm);var X,Z,$,J,ee,te=!1,re=4;function ae(){te=!0,$=[0,1,2,4,8,16,32,64,128,27,54];for(var e=new Array(256),t=0;t<128;++t)e[t]=t<<1,e[t+128]=t+128<<1^283;X=new Array(256),Z=new Array(256),J=new Array(4),ee=new Array(4);for(t=0;t<4;++t)J[t]=new Array(256),ee[t]=new Array(256);var r,a,n,i,s,o,c,u=0,l=0;for(t=0;t<256;++t){i=(i=l^l<<1^l<<2^l<<3^l<<4)>>8^255&i^99,X[u]=i,Z[i]=u,o=(s=e[i])<<24^i<<16^i<<8^i^s,c=((r=e[u])^(a=e[r])^(n=e[a]))<<24^(u^n)<<16^(u^a^n)<<8^u^r^n;for(var p=0;p<4;++p)J[p][u]=o,ee[p][i]=c,o=o<<24\|o>>>8,c=c<<24\|c>>>8;0===u?u=l=1:(u=r^e[e[e[r^n]]],l^=e[e[l]])}}function ne(e,t){for(var r,a=e.slice(0),n=1,i=a.length,s=re(i+6+1),o=i;o<s;++o)r=a[o-1],o%i==0?(r=X[r>>>16&255]<<24^X[r>>>8&255]<<16^X[255&r]<<8^X[r>>>24]^$[n]<<24,n++):i>6&&o%i==4&&(r=X[r>>>24]<<24^X[r>>>16&255]<<16^X[r>>>8&255]<<8^X[255&r]),a[o]=a[o-i]^r;if(t){for(var c,u=ee[0],l=ee[1],p=ee[2],h=ee[3],f=a.slice(0),d=(o=0,(s=a.length)-re);o<s;o+=re,d-=re)if(0===o\|\|o===s-re)f[o]=a[d],f[o+1]=a[d+3],f[o+2]=a[d+2],f[o+3]=a[d+1];else for(var y=0;y<re;++y)c=a[d+y],f[o+(3&-y)]=u[X[c>>>24]]^l[X[c>>>16&255]]^p[X[c>>>8&255]]^h[X[255&c]];a=f}return a}function ie(e,t,r,a){var n,i,s,o,c,u,l,p,h,f,d,y,g=e.length/4-1;a?(n=ee[0],i=ee[1],s=ee[2],o=ee[3],c=Z):(n=J[0],i=J[1],s=J[2],o=J[3],c=X),u=t[0]^e[0],l=t[a?3:1]^e[1],p=t[2]^e[2],h=t[a?1:3]^e[3];for(var m=3,v=1;v<g;++v)f=n[u>>>24]^i[l>>>16&255]^s[p>>>8&255]^o[255&h]^e[++m],d=n[l>>>24]^i[p>>>16&255]^s[h>>>8&255]^o[255&u]^e[++m],y=n[p>>>24]^i[h>>>16&255]^s[u>>>8&255]^o[255&l]^e[++m],h=n[h>>>24]^i[u>>>16&255]^s[l>>>8&255]^o[255&p]^e[++m],u=f,l=d,p=y;r[0]=c[u>>>24]<<24^c[l>>>16&255]<<16^c[p>>>8&255]<<8^c[255&h]^e[++m],r[a?3:1]=c[l>>>24]<<24^c[p>>>16&255]<<16^c[h>>>8&255]<<8^c[255&u]^e[++m],r[2]=c[p>>>24]<<24^c[h>>>16&255]<<16^c[u>>>8&255]<<8^c[255&l]^e[++m],r[a?1:3]=c[h>>>24]<<24^c[u>>>16&255]<<16^c[l>>>8&255]<<8^c[255&p]^e[++m]}function se(e){var t,r="AES-"+((e=e\|\|{}).mode\|\|"CBC").toUpperCase(),a=(t=e.decrypt?W.cipher.createDecipher(r,e.key):W.cipher.createCipher(r,e.key)).start;return t.start=function(e,r){var n=null;r instanceof W.util.ByteBuffer&&(n=r,r={}),(r=r\|\|{}).output=n,r.iv=e,a.call(t,r)},t}var oe=S;oe.pki=oe.pki\|\|{};var ce=oe.pki.oids=oe.oids=oe.oids\|\|{};function ue(e,t){ce[e]=t,ce[t]=e}function le(e,t){ce[e]=t}ue("1.2.840.113549.1.1.1","rsaEncryption"),ue("1.2.840.113549.1.1.4","md5WithRSAEncryption"),ue("1.2.840.113549.1.1.5","sha1WithRSAEncryption"),ue("1.2.840.113549.1.1.7","RSAES-OAEP"),ue("1.2.840.113549.1.1.8","mgf1"),ue("1.2.840.113549.1.1.9","pSpecified"),ue("1.2.840.113549.1.1.10","RSASSA-PSS"),ue("1.2.840.113549.1.1.11","sha256WithRSAEncryption"),ue("1.2.840.113549.1.1.12","sha384WithRSAEncryption"),ue("1.2.840.113549.1.1.13","sha512WithRSAEncryption"),ue("1.3.101.112","EdDSA25519"),ue("1.2.840.10040.4.3","dsa-with-sha1"),ue("1.3.14.3.2.7","desCBC"),ue("1.3.14.3.2.26","sha1"),ue("2.16.840.1.101.3.4.2.1","sha256"),ue("2.16.840.1.101.3.4.2.2","sha384"),ue("2.16.840.1.101.3.4.2.3","sha512"),ue("1.2.840.113549.2.5","md5"),ue("1.2.840.113549.1.7.1","data"),ue("1.2.840.113549.1.7.2","signedData"),ue("1.2.840.113549.1.7.3","envelopedData"),ue("1.2.840.113549.1.7.4","signedAndEnvelopedData"),ue("1.2.840.113549.1.7.5","digestedData"),ue("1.2.840.113549.1.7.6","encryptedData"),ue("1.2.840.113549.1.9.1","emailAddress"),ue("1.2.840.113549.1.9.2","unstructuredName"),ue("1.2.840.113549.1.9.3","contentType"),ue("1.2.840.113549.1.9.4","messageDigest"),ue("1.2.840.113549.1.9.5","signingTime"),ue("1.2.840.113549.1.9.6","counterSignature"),ue("1.2.840.113549.1.9.7","challengePassword"),ue("1.2.840.113549.1.9.8","unstructuredAddress"),ue("1.2.840.113549.1.9.14","extensionRequest"),ue("1.2.840.113549.1.9.20","friendlyName"),ue("1.2.840.113549.1.9.21","localKeyId"),ue("1.2.840.113549.1.9.22.1","x509Certificate"),ue("1.2.840.113549.1.12.10.1.1","keyBag"),ue("1.2.840.113549.1.12.10.1.2","pkcs8ShroudedKeyBag"),ue("1.2.840.113549.1.12.10.1.3","certBag"),ue("1.2.840.113549.1.12.10.1.4","crlBag"),ue("1.2.840.113549.1.12.10.1.5","secretBag"),ue("1.2.840.113549.1.12.10.1.6","safeContentsBag"),ue("1.2.840.113549.1.5.13","pkcs5PBES2"),ue("1.2.840.113549.1.5.12","pkcs5PBKDF2"),ue("1.2.840.113549.1.12.1.1","pbeWithSHAAnd128BitRC4"),ue("1.2.840.113549.1.12.1.2","pbeWithSHAAnd40BitRC4"),ue("1.2.840.113549.1.12.1.3","pbeWithSHAAnd3-KeyTripleDES-CBC"),ue("1.2.840.113549.1.12.1.4","pbeWithSHAAnd2-KeyTripleDES-CBC"),ue("1.2.840.113549.1.12.1.5","pbeWithSHAAnd128BitRC2-CBC"),ue("1.2.840.113549.1.12.1.6","pbewithSHAAnd40BitRC2-CBC"),ue("1.2.840.113549.2.7","hmacWithSHA1"),ue("1.2.840.113549.2.8","hmacWithSHA224"),ue("1.2.840.113549.2.9","hmacWithSHA256"),ue("1.2.840.113549.2.10","hmacWithSHA384"),ue("1.2.840.113549.2.11","hmacWithSHA512"),ue("1.2.840.113549.3.7","des-EDE3-CBC"),ue("2.16.840.1.101.3.4.1.2","aes128-CBC"),ue("2.16.840.1.101.3.4.1.22","aes192-CBC"),ue("2.16.840.1.101.3.4.1.42","aes256-CBC"),ue("2.5.4.3","commonName"),ue("2.5.4.5","serialName"),ue("2.5.4.6","countryName"),ue("2.5.4.7","localityName"),ue("2.5.4.8","stateOrProvinceName"),ue("2.5.4.9","streetAddress"),ue("2.5.4.10","organizationName"),ue("2.5.4.11","organizationalUnitName"),ue("2.5.4.13","description"),ue("2.5.4.15","businessCategory"),ue("2.5.4.17","postalCode"),ue("1.3.6.1.4.1.311.60.2.1.2","jurisdictionOfIncorporationStateOrProvinceName"),ue("1.3.6.1.4.1.311.60.2.1.3","jurisdictionOfIncorporationCountryName"),ue("2.16.840.1.113730.1.1","nsCertType"),ue("2.16.840.1.113730.1.13","nsComment"),le("2.5.29.1","authorityKeyIdentifier"),le("2.5.29.2","keyAttributes"),le("2.5.29.3","certificatePolicies"),le("2.5.29.4","keyUsageRestriction"),le("2.5.29.5","policyMapping"),le("2.5.29.6","subtreesConstraint"),le("2.5.29.7","subjectAltName"),le("2.5.29.8","issuerAltName"),le("2.5.29.9","subjectDirectoryAttributes"),le("2.5.29.10","basicConstraints"),le("2.5.29.11","nameConstraints"),le("2.5.29.12","policyConstraints"),le("2.5.29.13","basicConstraints"),ue("2.5.29.14","subjectKeyIdentifier"),ue("2.5.29.15","keyUsage"),le("2.5.29.16","privateKeyUsagePeriod"),ue("2.5.29.17","subjectAltName"),ue("2.5.29.18","issuerAltName"),ue("2.5.29.19","basicConstraints"),le("2.5.29.20","cRLNumber"),le("2.5.29.21","cRLReason"),le("2.5.29.22","expirationDate"),le("2.5.29.23","instructionCode"),le("2.5.29.24","invalidityDate"),le("2.5.29.25","cRLDistributionPoints"),le("2.5.29.26","issuingDistributionPoint"),le("2.5.29.27","deltaCRLIndicator"),le("2.5.29.28","issuingDistributionPoint"),le("2.5.29.29","certificateIssuer"),le("2.5.29.30","nameConstraints"),ue("2.5.29.31","cRLDistributionPoints"),ue("2.5.29.32","certificatePolicies"),le("2.5.29.33","policyMappings"),le("2.5.29.34","policyConstraints"),ue("2.5.29.35","authorityKeyIdentifier"),le("2.5.29.36","policyConstraints"),ue("2.5.29.37","extKeyUsage"),le("2.5.29.46","freshestCRL"),le("2.5.29.54","inhibitAnyPolicy"),ue("1.3.6.1.4.1.11129.2.4.2","timestampList"),ue("1.3.6.1.5.5.7.1.1","authorityInfoAccess"),ue("1.3.6.1.5.5.7.3.1","serverAuth"),ue("1.3.6.1.5.5.7.3.2","clientAuth"),ue("1.3.6.1.5.5.7.3.3","codeSigning"),ue("1.3.6.1.5.5.7.3.4","emailProtection"),ue("1.3.6.1.5.5.7.3.8","timeStamping");var pe=S,he=pe.asn1=pe.asn1\|\|{};function fe(e,t,r){if(r>t){var a=new Error("Too few bytes to parse DER.");throw a.available=e.length(),a.remaining=t,a.requested=r,a}}he.Class={UNIVERSAL:0,APPLICATION:64,CONTEXT_SPECIFIC:128,PRIVATE:192},he.Type={NONE:0,BOOLEAN:1,INTEGER:2,BITSTRING:3,OCTETSTRING:4,NULL:5,OID:6,ODESC:7,EXTERNAL:8,REAL:9,ENUMERATED:10,EMBEDDED:11,UTF8:12,ROID:13,SEQUENCE:16,SET:17,PRINTABLESTRING:19,IA5STRING:22,UTCTIME:23,GENERALIZEDTIME:24,BMPSTRING:30},he.create=function(e,t,r,a,n){if(pe.util.isArray(a)){for(var i=[],s=0;s<a.length;++s)void 0!==a[s]&&i.push(a[s]);a=i}var o={tagClass:e,type:t,constructed:r,composed:r\|\|pe.util.isArray(a),value:a};return n&&"bitStringContents"in n&&(o.bitStringContents=n.bitStringContents,o.original=he.copy(o)),o},he.copy=function(e,t){var r;if(pe.util.isArray(e)){r=[];for(var a=0;a<e.length;++a)r.push(he.copy(e[a],t));return r}return"string"==typeof e?e:(r={tagClass:e.tagClass,type:e.type,constructed:e.constructed,composed:e.composed,value:he.copy(e.value,t)},t&&!t.excludeBitStringContents&&(r.bitStringContents=e.bitStringContents),r)},he.equals=function(e,t,r){if(pe.util.isArray(e)){if(!pe.util.isArray(t))return!1;if(e.length!==t.length)return!1;for(var a=0;a<e.length;++a)if(!he.equals(e[a],t[a]))return!1;return!0}if(typeof e!=typeof t)return!1;if("string"==typeof e)return e===t;var n=e.tagClass===t.tagClass&&e.type===t.type&&e.constructed===t.constructed&&e.composed===t.composed&&he.equals(e.value,t.value);return r&&r.includeBitStringContents&&(n=n&&e.bitStringContents===t.bitStringContents),n},he.getBerValueLength=function(e){var t=e.getByte();if(128!==t)return 128&t?e.getInt((127&t)<<3):t};function de(e,t,r,a){var n;fe(e,t,2);var i=e.getByte();t--;var s=192&i,o=31&i;n=e.length();var c,u,l=function(e,t){var r=e.getByte();if(t--,128!==r){var a;if(128&r){var n=127&r;fe(e,t,n),a=e.getInt(n<<3)}else a=r;if(a<0)throw new Error("Negative length: "+a);return a}}(e,t);if(t-=n-e.length(),void 0!==l&&l>t){if(a.strict){var p=new Error("Too few bytes to read ASN.1 value.");throw p.available=e.length(),p.remaining=t,p.requested=l,p}l=t}var h=32==(32&i);if(h)if(c=[],void 0===l)for(;;){if(fe(e,t,2),e.bytes(2)===String.fromCharCode(0,0)){e.getBytes(2),t-=2;break}n=e.length(),c.push(de(e,t,r+1,a)),t-=n-e.length()}else for(;l>0;)n=e.length(),c.push(de(e,l,r+1,a)),t-=n-e.length(),l-=n-e.length();if(void 0===c&&s===he.Class.UNIVERSAL&&o===he.Type.BITSTRING&&(u=e.bytes(l)),void 0===c&&a.decodeBitStrings&&s===he.Class.UNIVERSAL&&o===he.Type.BITSTRING&&l>1){var f=e.read,d=t,y=0;if(o===he.Type.BITSTRING&&(fe(e,t,1),y=e.getByte(),t--),0===y)try{n=e.length();var g=de(e,t,r+1,{verbose:a.verbose,strict:!0,decodeBitStrings:!0}),m=n-e.length();t-=m,o==he.Type.BITSTRING&&m++;var v=g.tagClass;m!==l\|\|v!==he.Class.UNIVERSAL&&v!==he.Class.CONTEXT_SPECIFIC\|\|(c=[g])}catch(e){}void 0===c&&(e.read=f,t=d)}if(void 0===c){if(void 0===l){if(a.strict)throw new Error("Non-constructed ASN.1 object of indefinite length.");l=t}if(o===he.Type.BMPSTRING)for(c="";l>0;l-=2)fe(e,t,2),c+=String.fromCharCode(e.getInt16()),t-=2;else c=e.getBytes(l)}var C=void 0===u?null:{bitStringContents:u};return he.create(s,o,h,c,C)}he.fromDer=function(e,t){return void 0===t&&(t={strict:!0,decodeBitStrings:!0}),"boolean"==typeof t&&(t={strict:t,decodeBitStrings:!0}),"strict"in t\|\|(t.strict=!0),"decodeBitStrings"in t\|\|(t.decodeBitStrings=!0),"string"==typeof e&&(e=pe.util.createBuffer(e)),de(e,e.length(),0,t)},he.toDer=function(e){var t=pe.util.createBuffer(),r=e.tagClass\|e.type,a=pe.util.createBuffer(),n=!1;if("bitStringContents"in e&&(n=!0,e.original&&(n=he.equals(e,e.original))),n)a.putBytes(e.bitStringContents);else if(e.composed){e.constructed?r\|=32:a.putByte(0);for(var i=0;i<e.value.length;++i)void 0!==e.value[i]&&a.putBuffer(he.toDer(e.value[i]))}else if(e.type===he.Type.BMPSTRING)for(i=0;i<e.value.length;++i)a.putInt16(e.value.charCodeAt(i));else e.type===he.Type.INTEGER&&e.value.length>1&&(0===e.value.charCodeAt(0)&&0==(128&e.value.charCodeAt(1))\|\|255===e.value.charCodeAt(0)&&128==(128&e.value.charCodeAt(1)))?a.putBytes(e.value.substr(1)):a.putBytes(e.value);if(t.putByte(r),a.length()<=127)t.putByte(127&a.length());else{var s=a.length(),o="";do{o+=String.fromCharCode(255&s),s>>>=8}while(s>0);t.putByte(128\|o.length);for(i=o.length-1;i>=0;--i)t.putByte(o.charCodeAt(i))}return t.putBuffer(a),t},he.oidToDer=function(e){var t,r,a,n,i=e.split("."),s=pe.util.createBuffer();s.putByte(40parseInt(i[0],10)+parseInt(i[1],10));for(var o=2;o<i.length;++o){t=!0,r=[],a=parseInt(i[o],10);do{n=127&a,a>>>=7,t\|\|(n\|=128),r.push(n),t=!1}while(a>0);for(var c=r.length-1;c>=0;--c)s.putByte(r[c])}return s},he.derToOid=function(e){var t;"string"==typeof e&&(e=pe.util.createBuffer(e));var r=e.getByte();t=Math.floor(r/40)+"."+r%40;for(var a=0;e.length()>0;)a<<=7,128&(r=e.getByte())?a+=127&r:(t+="."+(a+r),a=0);return t},he.utcTimeToDate=function(e){var t=new Date,r=parseInt(e.substr(0,2),10);r=r>=50?1900+r:2e3+r;var a=parseInt(e.substr(2,2),10)-1,n=parseInt(e.substr(4,2),10),i=parseInt(e.substr(6,2),10),s=parseInt(e.substr(8,2),10),o=0;if(e.length>11){var c=e.charAt(10),u=10;"+"!==c&&"-"!==c&&(o=parseInt(e.substr(10,2),10),u+=2)}if(t.setUTCFullYear(r,a,n),t.setUTCHours(i,s,o,0),u&&("+"===(c=e.charAt(u))\|\|"-"===c)){var l=60parseInt(e.substr(u+1,2),10)+parseInt(e.substr(u+4,2),10);l=6e4,"+"===c?t.setTime(+t-l):t.setTime(+t+l)}return t},he.generalizedTimeToDate=function(e){var t=new Date,r=parseInt(e.substr(0,4),10),a=parseInt(e.substr(4,2),10)-1,n=parseInt(e.substr(6,2),10),i=parseInt(e.substr(8,2),10),s=parseInt(e.substr(10,2),10),o=parseInt(e.substr(12,2),10),c=0,u=0,l=!1;"Z"===e.charAt(e.length-1)&&(l=!0);var p=e.length-5,h=e.charAt(p);"+"!==h&&"-"!==h\|\|(u=60parseInt(e.substr(p+1,2),10)+parseInt(e.substr(p+4,2),10),u=6e4,"+"===h&&(u=-1),l=!0);return"."===e.charAt(14)&&(c=1e3parseFloat(e.substr(14),10)),l?(t.setUTCFullYear(r,a,n),t.setUTCHours(i,s,o,c),t.setTime(+t+u)):(t.setFullYear(r,a,n),t.setHours(i,s,o,c)),t},he.dateToUtcTime=function(e){if("string"==typeof e)return e;var t="",r=[];r.push((""+e.getUTCFullYear()).substr(2)),r.push(""+(e.getUTCMonth()+1)),r.push(""+e.getUTCDate()),r.push(""+e.getUTCHours()),r.push(""+e.getUTCMinutes()),r.push(""+e.getUTCSeconds());for(var a=0;a<r.length;++a)r[a].length<2&&(t+="0"),t+=r[a];return t+="Z"},he.dateToGeneralizedTime=function(e){if("string"==typeof e)return e;var t="",r=[];r.push(""+e.getUTCFullYear()),r.push(""+(e.getUTCMonth()+1)),r.push(""+e.getUTCDate()),r.push(""+e.getUTCHours()),r.push(""+e.getUTCMinutes()),r.push(""+e.getUTCSeconds());for(var a=0;a<r.length;++a)r[a].length<2&&(t+="0"),t+=r[a];return t+="Z"},he.integerToDer=function(e){var t=pe.util.createBuffer();if(e>=-128&&e<128)return t.putSignedInt(e,8);if(e>=-32768&&e<32768)return t.putSignedInt(e,16);if(e>=-8388608&&e<8388608)return t.putSignedInt(e,24);if(e>=-2147483648&&e<2147483648)return t.putSignedInt(e,32);var r=new Error("Integer too large; max is 32-bits.");throw r.integer=e,r},he.derToInteger=function(e){"string"==typeof e&&(e=pe.util.createBuffer(e));var t=8e.length();if(t>32)throw new Error("Integer too large; max is 32-bits.");return e.getSignedInt(t)},he.validate=function(e,t,r,a){var n=!1;if(e.tagClass!==t.tagClass&&void 0!==t.tagClass\|\|e.type!==t.type&&void 0!==t.type)a&&(e.tagClass!==t.tagClass&&a.push("["+t.name+'] Expected tag class "'+t.tagClass+'", got "'+e.tagClass+'"'),e.type!==t.type&&a.push("["+t.name+'] Expected type "'+t.type+'", got "'+e.type+'"'));else if(e.constructed===t.constructed\|\|void 0===t.constructed){if(n=!0,t.value&&pe.util.isArray(t.value))for(var i=0,s=0;n&&s<t.value.length;++s)n=t.value[s].optional\|\|!1,e.value[i]&&((n=he.validate(e.value[i],t.value[s],r,a))?++i:t.value[s].optional&&(n=!0)),!n&&a&&a.push("["+t.name+'] Tag class "'+t.tagClass+'", type "'+t.type+'" expected value length "'+t.value.length+'", got "'+e.value.length+'"');if(n&&r&&(t.capture&&(r[t.capture]=e.value),t.captureAsn1&&(r[t.captureAsn1]=e),t.captureBitStringContents&&"bitStringContents"in e&&(r[t.captureBitStringContents]=e.bitStringContents),t.captureBitStringValue&&"bitStringContents"in e))if(e.bitStringContents.length<2)r[t.captureBitStringValue]="";else{if(0!==e.bitStringContents.charCodeAt(0))throw new Error("captureBitStringValue only supported for zero unused bits");r[t.captureBitStringValue]=e.bitStringContents.slice(1)}}else a&&a.push("["+t.name+'] Expected constructed "'+t.constructed+'", got "'+e.constructed+'"');return n};var ye=/[^\\u0000-\\u00ff]/;he.prettyPrint=function(e,t,r){var a="";r=r\|\|2,(t=t\|\|0)>0&&(a+="\n");for(var n="",i=0;i<tr;++i)n+=" ";switch(a+=n+"Tag: ",e.tagClass){case he.Class.UNIVERSAL:a+="Universal:";break;case he.Class.APPLICATION:a+="Application:";break;case he.Class.CONTEXT_SPECIFIC:a+="Context-Specific:";break;case he.Class.PRIVATE:a+="Private:"}if(e.tagClass===he.Class.UNIVERSAL)switch(a+=e.type,e.type){case he.Type.NONE:a+=" (None)";break;case he.Type.BOOLEAN:a+=" (Boolean)";break;case he.Type.INTEGER:a+=" (Integer)";break;case he.Type.BITSTRING:a+=" (Bit string)";break;case he.Type.OCTETSTRING:a+=" (Octet string)";break;case he.Type.NULL:a+=" (Null)";break;case he.Type.OID:a+=" (Object Identifier)";break;case he.Type.ODESC:a+=" (Object Descriptor)";break;case he.Type.EXTERNAL:a+=" (External or Instance of)";break;case he.Type.REAL:a+=" (Real)";break;case he.Type.ENUMERATED:a+=" (Enumerated)";break;case he.Type.EMBEDDED:a+=" (Embedded PDV)";break;case he.Type.UTF8:a+=" (UTF8)";break;case he.Type.ROID:a+=" (Relative Object Identifier)";break;case he.Type.SEQUENCE:a+=" (Sequence)";break;case he.Type.SET:a+=" (Set)";break;case he.Type.PRINTABLESTRING:a+=" (Printable String)";break;case he.Type.IA5String:a+=" (IA5String (ASCII))";break;case he.Type.UTCTIME:a+=" (UTC time)";break;case he.Type.GENERALIZEDTIME:a+=" (Generalized time)";break;case he.Type.BMPSTRING:a+=" (BMP String)"}else a+=e.type;if(a+="\n",a+=n+"Constructed: "+e.constructed+"\n",e.composed){var s=0,o="";for(i=0;i<e.value.length;++i)void 0!==e.value[i]&&(s+=1,o+=he.prettyPrint(e.value[i],t+1,r),i+1<e.value.length&&(o+=","));a+=n+"Sub values: "+s+o}else{if(a+=n+"Value: ",e.type===he.Type.OID){var c=he.derToOid(e.value);a+=c,pe.pki&&pe.pki.oids&&c in pe.pki.oids&&(a+=" ("+pe.pki.oids[c]+") ")}if(e.type===he.Type.INTEGER)try{a+=he.derToInteger(e.value)}catch(t){a+="0x"+pe.util.bytesToHex(e.value)}else if(e.type===he.Type.BITSTRING){if(e.value.length>1?a+="0x"+pe.util.bytesToHex(e.value.slice(1)):a+="(none)",e.value.length>0){var u=e.value.charCodeAt(0);1==u?a+=" (1 unused bit shown)":u>1&&(a+=" ("+u+" unused bits shown)")}}else e.type===he.Type.OCTETSTRING?(ye.test(e.value)\|\|(a+="("+e.value+") "),a+="0x"+pe.util.bytesToHex(e.value)):e.type===he.Type.UTF8?a+=pe.util.decodeUtf8(e.value):e.type===he.Type.PRINTABLESTRING\|\|e.type===he.Type.IA5String?a+=e.value:ye.test(e.value)?a+="0x"+pe.util.bytesToHex(e.value):0===e.value.length?a+="[null]":a+=e.value}return a};var ge=S,me=ge.md=ge.md\|\|{};ge.md.algorithms=ge.md.algorithms\|\|{};var ve=S;(ve.hmac=ve.hmac\|\|{}).create=function(){var e=null,t=null,r=null,a=null,n={start:function(n,i){if(null!==n)if("string"==typeof n){if(!((n=n.toLowerCase())in ve.md.algorithms))throw new Error('Unknown hash algorithm "'+n+'"');t=ve.md.algorithms[n].create()}else t=n;if(null===i)i=e;else{if("string"==typeof i)i=ve.util.createBuffer(i);else if(ve.util.isArray(i)){var s=i;i=ve.util.createBuffer();for(var o=0;o<s.length;++o)i.putByte(s[o])}var c=i.length();c>t.blockLength&&(t.start(),t.update(i.bytes()),i=t.digest()),r=ve.util.createBuffer(),a=ve.util.createBuffer(),c=i.length();for(o=0;o<c;++o){s=i.at(o);r.putByte(54^s),a.putByte(92^s)}if(c<t.blockLength)for(s=t.blockLength-c,o=0;o<s;++o)r.putByte(54),a.putByte(92);e=i,r=r.bytes(),a=a.bytes()}t.start(),t.update(r)},update:function(e){t.update(e)},getMac:function(){var e=t.digest().bytes();return t.start(),t.update(a),t.update(e),t.digest()}};return n.digest=n.getMac,n};var Ce=S,Ee=Ce.md5=Ce.md5\|\|{};Ce.md.md5=Ce.md.algorithms.md5=Ee,Ee.create=function(){be\|\|function(){Se=String.fromCharCode(128),Se+=Ce.util.fillString(String.fromCharCode(0),64),Te=[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,1,6,11,0,5,10,15,4,9,14,3,8,13,2,7,12,5,8,11,14,1,4,7,10,13,0,3,6,9,12,15,2,0,7,14,5,12,3,10,1,8,15,6,13,4,11,2,9],Ie=[7,12,17,22,7,12,17,22,7,12,17,22,7,12,17,22,5,9,14,20,5,9,14,20,5,9,14,20,5,9,14,20,4,11,16,23,4,11,16,23,4,11,16,23,4,11,16,23,6,10,15,21,6,10,15,21,6,10,15,21,6,10,15,21],Ae=new Array(64);for(var e=0;e<64;++e)Ae[e]=Math.floor(4294967296Math.abs(Math.sin(e+1)));be=!0}();var e=null,t=Ce.util.createBuffer(),r=new Array(16),a={algorithm:"md5",blockLength:64,digestLength:16,messageLength:0,fullMessageLength:null,messageLengthSize:8,start:function(){a.messageLength=0,a.fullMessageLength=a.messageLength64=[];for(var r=a.messageLengthSize/4,n=0;n<r;++n)a.fullMessageLength.push(0);return t=Ce.util.createBuffer(),e={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878},a}};return a.start(),a.update=function(n,i){"utf8"===i&&(n=Ce.util.encodeUtf8(n));var s=n.length;a.messageLength+=s,s=[s/4294967296>>>0,s>>>0];for(var o=a.fullMessageLength.length-1;o>=0;--o)a.fullMessageLength[o]+=s[1],s[1]=s[0]+(a.fullMessageLength[o]/4294967296>>>0),a.fullMessageLength[o]=a.fullMessageLength[o]>>>0,s[0]=s[1]/4294967296>>>0;return t.putBytes(n),Be(e,r,t),(t.read>2048\|\|0===t.length())&&t.compact(),a},a.digest=function(){var n=Ce.util.createBuffer();n.putBytes(t.bytes());var i=a.fullMessageLength[a.fullMessageLength.length-1]+a.messageLengthSize&a.blockLength-1;n.putBytes(Se.substr(0,a.blockLength-i));for(var s,o=0,c=a.fullMessageLength.length-1;c>=0;--c)o=(s=8a.fullMessageLength[c]+o)/4294967296>>>0,n.putInt32Le(s>>>0);var u={h0:e.h0,h1:e.h1,h2:e.h2,h3:e.h3};Be(u,r,n);var l=Ce.util.createBuffer();return l.putInt32Le(u.h0),l.putInt32Le(u.h1),l.putInt32Le(u.h2),l.putInt32Le(u.h3),l},a};var Se=null,Te=null,Ie=null,Ae=null,be=!1;function Be(e,t,r){for(var a,n,i,s,o,c,u,l=r.length();l>=64;){for(n=e.h0,i=e.h1,s=e.h2,o=e.h3,u=0;u<16;++u)t[u]=r.getInt32Le(),a=n+(o^i&(s^o))+Ae[u]+t[u],n=o,o=s,s=i,i+=a<<(c=Ie[u])\|a>>>32-c;for(;u<32;++u)a=n+(s^o&(i^s))+Ae[u]+t[Te[u]],n=o,o=s,s=i,i+=a<<(c=Ie[u])\|a>>>32-c;for(;u<48;++u)a=n+(i^s^o)+Ae[u]+t[Te[u]],n=o,o=s,s=i,i+=a<<(c=Ie[u])\|a>>>32-c;for(;u<64;++u)a=n+(s^(i\|~o))+Ae[u]+t[Te[u]],n=o,o=s,s=i,i+=a<<(c=Ie[u])\|a>>>32-c;e.h0=e.h0+n\|0,e.h1=e.h1+i\|0,e.h2=e.h2+s\|0,e.h3=e.h3+o\|0,l-=64}}var Ne=S,we=Ne.pem=Ne.pem\|\|{};function ke(e){for(var t=e.name+": ",r=[],a=function(e,t){return" "+t},n=0;n<e.values.length;++n)r.push(e.values[n].replace(/^(\S+\r\n)/,a));t+=r.join(",")+"\r\n";var i=0,s=-1;for(n=0;n<t.length;++n,++i)if(i>65&&-1!==s){var o=t[s];","===o?(++s,t=t.substr(0,s)+"\r\n "+t.substr(s)):t=t.substr(0,s)+"\r\n"+o+t.substr(s+1),i=n-s-1,s=-1,++n}else" "!==t[n]&&"\t"!==t[n]&&","!==t[n]\|\|(s=n);return t}function Re(e){return e.replace(/^\s+/,"")}we.encode=function(e,t){t=t\|\|{};var r,a="-----BEGIN "+e.type+"-----\r\n";if(e.procType&&(a+=ke(r={name:"Proc-Type",values:[String(e.procType.version),e.procType.type]})),e.contentDomain&&(a+=ke(r={name:"Content-Domain",values:[e.contentDomain]})),e.dekInfo&&(r={name:"DEK-Info",values:[e.dekInfo.algorithm]},e.dekInfo.parameters&&r.values.push(e.dekInfo.parameters),a+=ke(r)),e.headers)for(var n=0;n<e.headers.length;++n)a+=ke(e.headers[n]);return e.procType&&(a+="\r\n"),a+=Ne.util.encode64(e.body,t.maxline\|\|64)+"\r\n",a+="-----END "+e.type+"-----\r\n"},we.decode=function(e){for(var t,r=[],a=/\s-----BEGIN ([A-Z0-9- ]+)-----\r?\n?([\x21-\x7e\s]+?(?:\r?\n\r?\n))?([:A-Za-z0-9+\/=\s]+?)-----END \1-----/g,n=/([\x21-\x7e]+):\s([\x21-\x7e\s^:]+)/,i=/\r?\n/;t=a.exec(e);){var s={type:t[1],procType:null,contentDomain:null,dekInfo:null,headers:[],body:Ne.util.decode64(t[3])};if(r.push(s),t[2]){for(var o=t[2].split(i),c=0;t&&c<o.length;){for(var u=o[c].replace(/\s+$/,""),l=c+1;l<o.length;++l){var p=o[l];if(!/\s/.test(p[0]))break;u+=p,c=l}if(t=u.match(n)){for(var h={name:t[1],values:[]},f=t[2].split(","),d=0;d<f.length;++d)h.values.push(Re(f[d]));if(s.procType)if(s.contentDomain\|\|"Content-Domain"!==h.name)if(s.dekInfo\|\|"DEK-Info"!==h.name)s.headers.push(h);else{if(0===h.values.length)throw new Error('Invalid PEM formatted message. The "DEK-Info" header must have at least one subfield.');s.dekInfo={algorithm:f[0],parameters:f[1]\|\|null}}else s.contentDomain=f[0]\|\|"";else{if("Proc-Type"!==h.name)throw new Error('Invalid PEM formatted message. The first encapsulated header must be "Proc-Type".');if(2!==h.values.length)throw new Error('Invalid PEM formatted message. The "Proc-Type" header must have two subfields.');s.procType={version:f[0],type:f[1]}}}++c}if("ENCRYPTED"===s.procType&&!s.dekInfo)throw new Error('Invalid PEM formatted message. The "DEK-Info" header must be present if "Proc-Type" is "ENCRYPTED".')}}if(0===r.length)throw new Error("Invalid PEM formatted message.");return r};var _e=S;function Le(e,t){_e.cipher.registerAlgorithm(e,(function(){return new _e.des.Algorithm(e,t)}))}_e.des=_e.des\|\|{},_e.des.startEncrypting=function(e,t,r,a){var n=qe({key:e,output:r,decrypt:!1,mode:a\|\|(null===t?"ECB":"CBC")});return n.start(t),n},_e.des.createEncryptionCipher=function(e,t){return qe({key:e,output:null,decrypt:!1,mode:t})},_e.des.startDecrypting=function(e,t,r,a){var n=qe({key:e,output:r,decrypt:!0,mode:a\|\|(null===t?"ECB":"CBC")});return n.start(t),n},_e.des.createDecryptionCipher=function(e,t){return qe({key:e,output:null,decrypt:!0,mode:t})},_e.des.Algorithm=function(e,t){var r=this;r.name=e,r.mode=new t({blockSize:8,cipher:{encrypt:function(e,t){return Fe(r._keys,e,t,!1)},decrypt:function(e,t){return Fe(r._keys,e,t,!0)}}}),r._init=!1},_e.des.Algorithm.prototype.initialize=function(e){if(!this._init){var t=_e.util.createBuffer(e.key);if(0===this.name.indexOf("3DES")&&24!==t.length())throw new Error("Invalid Triple-DES key size: "+8t.length());this._keys=function(e){for(var t,r=[0,4,536870912,536870916,65536,65540,536936448,536936452,512,516,536871424,536871428,66048,66052,536936960,536936964],a=[0,1,1048576,1048577,67108864,67108865,68157440,68157441,256,257,1048832,1048833,67109120,67109121,68157696,68157697],n=[0,8,2048,2056,16777216,16777224,16779264,16779272,0,8,2048,2056,16777216,16777224,16779264,16779272],i=[0,2097152,134217728,136314880,8192,2105344,134225920,136323072,131072,2228224,134348800,136445952,139264,2236416,134356992,136454144],s=[0,262144,16,262160,0,262144,16,262160,4096,266240,4112,266256,4096,266240,4112,266256],o=[0,1024,32,1056,0,1024,32,1056,33554432,33555456,33554464,33555488,33554432,33555456,33554464,33555488],c=[0,268435456,524288,268959744,2,268435458,524290,268959746,0,268435456,524288,268959744,2,268435458,524290,268959746],u=[0,65536,2048,67584,536870912,536936448,536872960,536938496,131072,196608,133120,198656,537001984,537067520,537004032,537069568],l=[0,262144,0,262144,2,262146,2,262146,33554432,33816576,33554432,33816576,33554434,33816578,33554434,33816578],p=[0,268435456,8,268435464,0,268435456,8,268435464,1024,268436480,1032,268436488,1024,268436480,1032,268436488],h=[0,32,0,32,1048576,1048608,1048576,1048608,8192,8224,8192,8224,1056768,1056800,1056768,1056800],f=[0,16777216,512,16777728,2097152,18874368,2097664,18874880,67108864,83886080,67109376,83886592,69206016,85983232,69206528,85983744],d=[0,4096,134217728,134221824,524288,528384,134742016,134746112,16,4112,134217744,134221840,524304,528400,134742032,134746128],y=[0,4,256,260,0,4,256,260,1,5,257,261,1,5,257,261],g=e.length()>8?3:1,m=[],v=[0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0],C=0,E=0;E<g;E++){var S=e.getInt32(),T=e.getInt32();S^=(t=252645135&(S>>>4^T))<<4,S^=t=65535&((T^=t)>>>-16^S),S^=(t=858993459&(S>>>2^(T^=t<<-16)))<<2,S^=t=65535&((T^=t)>>>-16^S),S^=(t=1431655765&(S>>>1^(T^=t<<-16)))<<1,S^=t=16711935&((T^=t)>>>8^S),t=(S^=(t=1431655765&(S>>>1^(T^=t<<8)))<<1)<<8\|(T^=t)>>>20&240,S=T<<24\|T<<8&16711680\|T>>>8&65280\|T>>>24&240,T=t;for(var I=0;I<v.length;++I){v[I]?(S=S<<2\|S>>>26,T=T<<2\|T>>>26):(S=S<<1\|S>>>27,T=T<<1\|T>>>27),T&=-15;var A=r[(S&=-15)>>>28]\|a[S>>>24&15]\|n[S>>>20&15]\|i[S>>>16&15]\|s[S>>>12&15]\|o[S>>>8&15]\|c[S>>>4&15],b=u[T>>>28]\|l[T>>>24&15]\|p[T>>>20&15]\|h[T>>>16&15]\|f[T>>>12&15]\|d[T>>>8&15]\|y[T>>>4&15];t=65535&(b>>>16^A),m[C++]=A^t,m[C++]=b^t<<16}}return m}(t),this._init=!0}},Le("DES-ECB",_e.cipher.modes.ecb),Le("DES-CBC",_e.cipher.modes.cbc),Le("DES-CFB",_e.cipher.modes.cfb),Le("DES-OFB",_e.cipher.modes.ofb),Le("DES-CTR",_e.cipher.modes.ctr),Le("3DES-ECB",_e.cipher.modes.ecb),Le("3DES-CBC",_e.cipher.modes.cbc),Le("3DES-CFB",_e.cipher.modes.cfb),Le("3DES-OFB",_e.cipher.modes.ofb),Le("3DES-CTR",_e.cipher.modes.ctr);var Ue=[16843776,0,65536,16843780,16842756,66564,4,65536,1024,16843776,16843780,1024,16778244,16842756,16777216,4,1028,16778240,16778240,66560,66560,16842752,16842752,16778244,65540,16777220,16777220,65540,0,1028,66564,16777216,65536,16843780,4,16842752,16843776,16777216,16777216,1024,16842756,65536,66560,16777220,1024,4,16778244,66564,16843780,65540,16842752,16778244,16777220,1028,66564,16843776,1028,16778240,16778240,0,65540,66560,0,16842756],De=[-2146402272,-2147450880,32768,1081376,1048576,32,-2146435040,-2147450848,-2147483616,-2146402272,-2146402304,-2147483648,-2147450880,1048576,32,-2146435040,1081344,1048608,-2147450848,0,-2147483648,32768,1081376,-2146435072,1048608,-2147483616,0,1081344,32800,-2146402304,-2146435072,32800,0,1081376,-2146435040,1048576,-2147450848,-2146435072,-2146402304,32768,-2146435072,-2147450880,32,-2146402272,1081376,32,32768,-2147483648,32800,-2146402304,1048576,-2147483616,1048608,-2147450848,-2147483616,1048608,1081344,0,-2147450880,32800,-2147483648,-2146435040,-2146402272,1081344],Pe=[520,134349312,0,134348808,134218240,0,131592,134218240,131080,134217736,134217736,131072,134349320,131080,134348800,520,134217728,8,134349312,512,131584,134348800,134348808,131592,134218248,131584,131072,134218248,8,134349320,512,134217728,134349312,134217728,131080,520,131072,134349312,134218240,0,512,131080,134349320,134218240,134217736,512,0,134348808,134218248,131072,134217728,134349320,8,131592,131584,134217736,134348800,134218248,520,134348800,131592,8,134348808,131584],Ve=[8396801,8321,8321,128,8396928,8388737,8388609,8193,0,8396800,8396800,8396929,129,0,8388736,8388609,1,8192,8388608,8396801,128,8388608,8193,8320,8388737,1,8320,8388736,8192,8396928,8396929,129,8388736,8388609,8396800,8396929,129,0,0,8396800,8320,8388736,8388737,1,8396801,8321,8321,128,8396929,129,1,8192,8388609,8193,8396928,8388737,8193,8320,8388608,8396801,128,8388608,8192,8396928],Oe=[256,34078976,34078720,1107296512,524288,256,1073741824,34078720,1074266368,524288,33554688,1074266368,1107296512,1107820544,524544,1073741824,33554432,1074266112,1074266112,0,1073742080,1107820800,1107820800,33554688,1107820544,1073742080,0,1107296256,34078976,33554432,1107296256,524544,524288,1107296512,256,33554432,1073741824,34078720,1107296512,1074266368,33554688,1073741824,1107820544,34078976,1074266368,256,33554432,1107820544,1107820800,524544,1107296256,1107820800,34078720,0,1074266112,1107296256,524544,33554688,1073742080,524288,0,1074266112,34078976,1073742080],Ke=[536870928,541065216,16384,541081616,541065216,16,541081616,4194304,536887296,4210704,4194304,536870928,4194320,536887296,536870912,16400,0,4194320,536887312,16384,4210688,536887312,16,541065232,541065232,0,4210704,541081600,16400,4210688,541081600,536870912,536887296,16,541065232,4210688,541081616,4194304,16400,536870928,4194304,536887296,536870912,16400,536870928,541081616,4210688,541065216,4210704,541081600,0,541065232,16,16384,541065216,4210704,16384,4194320,536887312,0,541081600,536870912,4194320,536887312],xe=[2097152,69206018,67110914,0,2048,67110914,2099202,69208064,69208066,2097152,0,67108866,2,67108864,69206018,2050,67110912,2099202,2097154,67110912,67108866,69206016,69208064,2097154,69206016,2048,2050,69208066,2099200,2,67108864,2099200,67108864,2099200,2097152,67110914,67110914,69206018,69206018,2,2097154,67108864,67110912,2097152,69208064,2050,2099202,69208064,2050,67108866,69208066,69206016,2099200,0,2,69208066,0,2099202,69206016,2048,67108866,67110912,2048,2097154],Me=[268439616,4096,262144,268701760,268435456,268439616,64,268435456,262208,268697600,268701760,266240,268701696,266304,4096,64,268697600,268435520,268439552,4160,266240,262208,268697664,268701696,4160,0,0,268697664,268435520,268439552,266304,262144,266304,262144,268701696,4096,64,268697664,4096,266304,268439552,64,268435520,268697600,268697664,268435456,262144,268439616,0,268701760,262208,268435520,268697600,268439552,268439616,0,268701760,266240,266240,4160,4160,262208,268435456,268701696];function Fe(e,t,r,a){var n,i,s=32===e.length?3:9;n=3===s?a?[30,-2,-2]:[0,32,2]:a?[94,62,-2,32,64,2,30,-2,-2]:[0,32,2,62,30,-2,64,96,2];var o=t[0],c=t[1];o^=(i=252645135&(o>>>4^c))<<4,o^=(i=65535&(o>>>16^(c^=i)))<<16,o^=i=858993459&((c^=i)>>>2^o),o^=i=16711935&((c^=i<<2)>>>8^o),o=(o^=(i=1431655765&(o>>>1^(c^=i<<8)))<<1)<<1\|o>>>31,c=(c^=i)<<1\|c>>>31;for(var u=0;u<s;u+=3){for(var l=n[u+1],p=n[u+2],h=n[u];h!=l;h+=p){var f=c^e[h],d=(c>>>4\|c<<28)^e[h+1];i=o,o=c,c=i^(De[f>>>24&63]\|Ve[f>>>16&63]\|Ke[f>>>8&63]\|Me[63&f]\|Ue[d>>>24&63]\|Pe[d>>>16&63]\|Oe[d>>>8&63]\|xe[63&d])}i=o,o=c,c=i}c=c>>>1\|c<<31,c^=i=1431655765&((o=o>>>1\|o<<31)>>>1^c),c^=(i=16711935&(c>>>8^(o^=i<<1)))<<8,c^=(i=858993459&(c>>>2^(o^=i)))<<2,c^=i=65535&((o^=i)>>>16^c),c^=i=252645135&((o^=i<<16)>>>4^c),o^=i<<4,r[0]=o,r[1]=c}function qe(e){var t,r="DES-"+((e=e\|\|{}).mode\|\|"CBC").toUpperCase(),a=(t=e.decrypt?_e.cipher.createDecipher(r,e.key):_e.cipher.createCipher(r,e.key)).start;return t.start=function(e,r){var n=null;r instanceof _e.util.ByteBuffer&&(n=r,r={}),(r=r\|\|{}).output=n,r.iv=e,a.call(t,r)},t}var je,Ge=S,He=Ge.pkcs5=Ge.pkcs5\|\|{};Ge.util.isNodejs&&!Ge.options.usePureJavaScript&&(je=s),Ge.pbkdf2=He.pbkdf2=function(e,t,r,a,n,i){if("function"==typeof n&&(i=n,n=null),Ge.util.isNodejs&&!Ge.options.usePureJavaScript&&je.pbkdf2&&(null===n\|\|"object"!=typeof n)&&(je.pbkdf2Sync.length>4\|\|!n\|\|"sha1"===n))return"string"!=typeof n&&(n="sha1"),e=Buffer.from(e,"binary"),t=Buffer.from(t,"binary"),i?4===je.pbkdf2Sync.length?je.pbkdf2(e,t,r,a,(function(e,t){if(e)return i(e);i(null,t.toString("binary"))})):je.pbkdf2(e,t,r,a,n,(function(e,t){if(e)return i(e);i(null,t.toString("binary"))})):4===je.pbkdf2Sync.length?je.pbkdf2Sync(e,t,r,a).toString("binary"):je.pbkdf2Sync(e,t,r,a,n).toString("binary");if(null==n&&(n="sha1"),"string"==typeof n){if(!(n in Ge.md.algorithms))throw new Error("Unknown hash algorithm: "+n);n=Ge.md[n].create()}var s=n.digestLength;if(a>4294967295s){var o=new Error("Derived key is too long.");if(i)return i(o);throw o}var c=Math.ceil(a/s),u=a-(c-1)s,l=Ge.hmac.create();l.start(n,e);var p,h,f,d="";if(!i){for(var y=1;y<=c;++y){l.start(null,null),l.update(t),l.update(Ge.util.int32ToBytes(y)),p=f=l.digest().getBytes();for(var g=2;g<=r;++g)l.start(null,null),l.update(f),h=l.digest().getBytes(),p=Ge.util.xorBytes(p,h,s),f=h;d+=y<c?p:p.substr(0,u)}return d}y=1;function m(){if(y>c)return i(null,d);l.start(null,null),l.update(t),l.update(Ge.util.int32ToBytes(y)),p=f=l.digest().getBytes(),g=2,v()}function v(){if(g<=r)return l.start(null,null),l.update(f),h=l.digest().getBytes(),p=Ge.util.xorBytes(p,h,s),f=h,++g,Ge.util.setImmediate(v);d+=y<c?p:p.substr(0,u),++y,m()}m()};var Qe=S,ze=Qe.sha256=Qe.sha256\|\|{};Qe.md.sha256=Qe.md.algorithms.sha256=ze,ze.create=function(){Ye\|\|(We=String.fromCharCode(128),We+=Qe.util.fillString(String.fromCharCode(0),64),Xe=[1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298],Ye=!0);var e=null,t=Qe.util.createBuffer(),r=new Array(64),a={algorithm:"sha256",blockLength:64,digestLength:32,messageLength:0,fullMessageLength:null,messageLengthSize:8,start:function(){a.messageLength=0,a.fullMessageLength=a.messageLength64=[];for(var r=a.messageLengthSize/4,n=0;n<r;++n)a.fullMessageLength.push(0);return t=Qe.util.createBuffer(),e={h0:1779033703,h1:3144134277,h2:1013904242,h3:2773480762,h4:1359893119,h5:2600822924,h6:528734635,h7:1541459225},a}};return a.start(),a.update=function(n,i){"utf8"===i&&(n=Qe.util.encodeUtf8(n));var s=n.length;a.messageLength+=s,s=[s/4294967296>>>0,s>>>0];for(var o=a.fullMessageLength.length-1;o>=0;--o)a.fullMessageLength[o]+=s[1],s[1]=s[0]+(a.fullMessageLength[o]/4294967296>>>0),a.fullMessageLength[o]=a.fullMessageLength[o]>>>0,s[0]=s[1]/4294967296>>>0;return t.putBytes(n),Ze(e,r,t),(t.read>2048\|\|0===t.length())&&t.compact(),a},a.digest=function(){var n=Qe.util.createBuffer();n.putBytes(t.bytes());var i,s=a.fullMessageLength[a.fullMessageLength.length-1]+a.messageLengthSize&a.blockLength-1;n.putBytes(We.substr(0,a.blockLength-s));for(var o=8a.fullMessageLength[0],c=0;c<a.fullMessageLength.length-1;++c)o+=(i=8a.fullMessageLength[c+1])/4294967296>>>0,n.putInt32(o>>>0),o=i>>>0;n.putInt32(o);var u={h0:e.h0,h1:e.h1,h2:e.h2,h3:e.h3,h4:e.h4,h5:e.h5,h6:e.h6,h7:e.h7};Ze(u,r,n);var l=Qe.util.createBuffer();return l.putInt32(u.h0),l.putInt32(u.h1),l.putInt32(u.h2),l.putInt32(u.h3),l.putInt32(u.h4),l.putInt32(u.h5),l.putInt32(u.h6),l.putInt32(u.h7),l},a};var We=null,Ye=!1,Xe=null;function Ze(e,t,r){for(var a,n,i,s,o,c,u,l,p,h,f,d,y,g=r.length();g>=64;){for(o=0;o<16;++o)t[o]=r.getInt32();for(;o<64;++o)a=((a=t[o-2])>>>17\|a<<15)^(a>>>19\|a<<13)^a>>>10,n=((n=t[o-15])>>>7\|n<<25)^(n>>>18\|n<<14)^n>>>3,t[o]=a+t[o-7]+n+t[o-16]\|0;for(c=e.h0,u=e.h1,l=e.h2,p=e.h3,h=e.h4,f=e.h5,d=e.h6,y=e.h7,o=0;o<64;++o)i=(c>>>2\|c<<30)^(c>>>13\|c<<19)^(c>>>22\|c<<10),s=c&u\|l&(c^u),a=y+((h>>>6\|h<<26)^(h>>>11\|h<<21)^(h>>>25\|h<<7))+(d^h&(f^d))+Xe[o]+t[o],y=d,d=f,f=h,h=p+a>>>0,p=l,l=u,u=c,c=a+(n=i+s)>>>0;e.h0=e.h0+c\|0,e.h1=e.h1+u\|0,e.h2=e.h2+l\|0,e.h3=e.h3+p\|0,e.h4=e.h4+h\|0,e.h5=e.h5+f\|0,e.h6=e.h6+d\|0,e.h7=e.h7+y\|0,g-=64}}var $e=S,Je=null;!$e.util.isNodejs\|\|$e.options.usePureJavaScript\|\|process.versions["node-webkit"]\|\|(Je=s),($e.prng=$e.prng\|\|{}).create=function(e){for(var t={plugin:e,key:null,seed:null,time:null,reseeds:0,generated:0,keyBytes:""},r=e.md,a=new Array(32),n=0;n<32;++n)a[n]=r.create();function i(){if(t.pools[0].messageLength>=32)return s();var e=32-t.pools[0].messageLength<<5;t.collect(t.seedFileSync(e)),s()}function s(){t.reseeds=4294967295===t.reseeds?0:t.reseeds+1;var e=t.plugin.md.create();e.update(t.keyBytes);for(var r=1,a=0;a<32;++a)t.reseeds%r==0&&(e.update(t.pools[a].digest().getBytes()),t.pools[a].start()),r<<=1;t.keyBytes=e.digest().getBytes(),e.start(),e.update(t.keyBytes);var n=e.digest().getBytes();t.key=t.plugin.formatKey(t.keyBytes),t.seed=t.plugin.formatSeed(n),t.generated=0}function o(e){var t=null,r=$e.util.globalScope,a=r.crypto\|\|r.msCrypto;a&&a.getRandomValues&&(t=function(e){return a.getRandomValues(e)});var n=$e.util.createBuffer();if(t)for(;n.length()<e;){var i=Math.max(1,Math.min(e-n.length(),65536)/4),s=new Uint32Array(Math.floor(i));try{t(s);for(var o=0;o<s.length;++o)n.putInt32(s[o])}catch(e){if(!("undefined"!=typeof QuotaExceededError&&e instanceof QuotaExceededError))throw e}}if(n.length()<e)for(var c,u,l,p=Math.floor(65536Math.random());n.length()<e;){u=16807(65535&p),u+=(32767&(c=16807(p>>16)))<<16,p=4294967295&(u=(2147483647&(u+=c>>15))+(u>>31));for(o=0;o<3;++o)l=p>>>(o<<3),l^=Math.floor(256Math.random()),n.putByte(String.fromCharCode(255&l))}return n.getBytes(e)}return t.pools=a,t.pool=0,t.generate=function(e,r){if(!r)return t.generateSync(e);var a=t.plugin.cipher,n=t.plugin.increment,i=t.plugin.formatKey,o=t.plugin.formatSeed,c=$e.util.createBuffer();t.key=null,function u(l){if(l)return r(l);if(c.length()>=e)return r(null,c.getBytes(e));t.generated>1048575&&(t.key=null);if(null===t.key)return $e.util.nextTick((function(){!function(e){if(t.pools[0].messageLength>=32)return s(),e();var r=32-t.pools[0].messageLength<<5;t.seedFile(r,(function(r,a){if(r)return e(r);t.collect(a),s(),e()}))}(u)}));var p=a(t.key,t.seed);t.generated+=p.length,c.putBytes(p),t.key=i(a(t.key,n(t.seed))),t.seed=o(a(t.key,t.seed)),$e.util.setImmediate(u)}()},t.generateSync=function(e){var r=t.plugin.cipher,a=t.plugin.increment,n=t.plugin.formatKey,s=t.plugin.formatSeed;t.key=null;for(var o=$e.util.createBuffer();o.length()<e;){t.generated>1048575&&(t.key=null),null===t.key&&i();var c=r(t.key,t.seed);t.generated+=c.length,o.putBytes(c),t.key=n(r(t.key,a(t.seed))),t.seed=s(r(t.key,t.seed))}return o.getBytes(e)},Je?(t.seedFile=function(e,t){Je.randomBytes(e,(function(e,r){if(e)return t(e);t(null,r.toString())}))},t.seedFileSync=function(e){return Je.randomBytes(e).toString()}):(t.seedFile=function(e,t){try{t(null,o(e))}catch(e){t(e)}},t.seedFileSync=o),t.collect=function(e){for(var r=e.length,a=0;a<r;++a)t.pools[t.pool].update(e.substr(a,1)),t.pool=31===t.pool?0:t.pool+1},t.collectInt=function(e,r){for(var a="",n=0;n<r;n+=8)a+=String.fromCharCode(e>>n&255);t.collect(a)},t.registerWorker=function(e){if(e===self)t.seedFile=function(e,t){self.addEventListener("message",(function e(r){var a=r.data;a.forge&&a.forge.prng&&(self.removeEventListener("message",e),t(a.forge.prng.err,a.forge.prng.bytes))})),self.postMessage({forge:{prng:{needed:e}}})};else{e.addEventListener("message",(function(r){var a=r.data;a.forge&&a.forge.prng&&t.seedFile(a.forge.prng.needed,(function(t,r){e.postMessage({forge:{prng:{err:t,bytes:r}}})}))}))}},t};var et=S;et.random&&et.random.getBytes?et.random:function(e){var t={},r=new Array(4),a=et.util.createBuffer();function n(){var e=et.prng.create(t);return e.getBytes=function(t,r){return e.generate(t,r)},e.getBytesSync=function(t){return e.generate(t)},e}t.formatKey=function(e){var t=et.util.createBuffer(e);return(e=new Array(4))[0]=t.getInt32(),e[1]=t.getInt32(),e[2]=t.getInt32(),e[3]=t.getInt32(),et.aes._expandKey(e,!1)},t.formatSeed=function(e){var t=et.util.createBuffer(e);return(e=new Array(4))[0]=t.getInt32(),e[1]=t.getInt32(),e[2]=t.getInt32(),e[3]=t.getInt32(),e},t.cipher=function(e,t){return et.aes._updateBlock(e,t,r,!1),a.putInt32(r[0]),a.putInt32(r[1]),a.putInt32(r[2]),a.putInt32(r[3]),a.getBytes()},t.increment=function(e){return++e[3],e},t.md=et.md.sha256;var i=n(),s=null,o=et.util.globalScope,c=o.crypto\|\|o.msCrypto;if(c&&c.getRandomValues&&(s=function(e){return c.getRandomValues(e)}),et.options.usePureJavaScript\|\|!et.util.isNodejs&&!s){if(i.collectInt(+new Date,32),"undefined"!=typeof navigator){var u="";for(var l in navigator)try{"string"==typeof navigator[l]&&(u+=navigator[l])}catch(e){}i.collect(u),u=null}e&&(e().mousemove((function(e){i.collectInt(e.clientX,16),i.collectInt(e.clientY,16)})),e().keypress((function(e){i.collectInt(e.charCode,8)})))}if(et.random)for(var l in i)et.random[l]=i[l];else et.random=i;et.random.createInstance=n,et.random}("undefined"!=typeof jQuery?jQuery:null);var tt=S,rt=[217,120,249,196,25,221,181,237,40,233,253,121,74,160,216,157,198,126,55,131,43,118,83,142,98,76,100,136,68,139,251,162,23,154,89,245,135,179,79,19,97,69,109,141,9,129,125,50,189,143,64,235,134,183,123,11,240,149,33,34,92,107,78,130,84,214,101,147,206,96,178,28,115,86,192,20,167,140,241,220,18,117,202,31,59,190,228,209,66,61,212,48,163,60,182,38,111,191,14,218,70,105,7,87,39,242,29,155,188,148,67,3,248,17,199,246,144,239,62,231,6,195,213,47,200,102,30,215,8,232,234,222,128,82,238,247,132,170,114,172,53,77,106,42,150,26,210,113,90,21,73,116,75,159,208,94,4,24,164,236,194,224,65,110,15,81,203,204,36,145,175,80,161,244,112,57,153,124,58,133,35,184,180,122,252,2,54,91,37,85,151,49,45,93,250,152,227,138,146,174,5,223,41,16,103,108,186,201,211,0,230,207,225,158,168,44,99,22,1,63,88,226,137,169,13,56,52,27,171,51,255,176,187,72,12,95,185,177,205,46,197,243,219,71,229,165,156,119,10,166,32,104,254,127,193,173],at=[1,2,3,5],nt=function(e,t){return e<<t&65535\|(65535&e)>>16-t},it=function(e,t){return(65535&e)>>t\|e<<16-t&65535};tt.rc2=tt.rc2\|\|{},tt.rc2.expandKey=function(e,t){"string"==typeof e&&(e=tt.util.createBuffer(e)),t=t\|\|128;var r,a=e,n=e.length(),i=t,s=Math.ceil(i/8),o=255>>(7&i);for(r=n;r<128;r++)a.putByte(rt[a.at(r-1)+a.at(r-n)&255]);for(a.setAt(128-s,rt[a.at(128-s)&o]),r=127-s;r>=0;r--)a.setAt(r,rt[a.at(r+1)^a.at(r+s)]);return a};var st=function(e,t,r){var a,n,i,s,o=!1,c=null,u=null,l=null,p=[];for(e=tt.rc2.expandKey(e,t),i=0;i<64;i++)p.push(e.getInt16Le());r?(a=function(e){for(i=0;i<4;i++)e[i]+=p[s]+(e[(i+3)%4]&e[(i+2)%4])+(~e[(i+3)%4]&e[(i+1)%4]),e[i]=nt(e[i],at[i]),s++},n=function(e){for(i=0;i<4;i++)e[i]+=p[63&e[(i+3)%4]]}):(a=function(e){for(i=3;i>=0;i--)e[i]=it(e[i],at[i]),e[i]-=p[s]+(e[(i+3)%4]&e[(i+2)%4])+(~e[(i+3)%4]&e[(i+1)%4]),s--},n=function(e){for(i=3;i>=0;i--)e[i]-=p[63&e[(i+3)%4]]});var h=function(e){var t=[];for(i=0;i<4;i++){var a=c.getInt16Le();null!==l&&(r?a^=l.getInt16Le():l.putInt16Le(a)),t.push(65535&a)}s=r?0:63;for(var n=0;n<e.length;n++)for(var o=0;o<e[n][0];o++)e[n][1](t);for(i=0;i<4;i++)null!==l&&(r?l.putInt16Le(t[i]):t[i]^=l.getInt16Le()),u.putInt16Le(t[i])},f=null;return f={start:function(e,t){e&&"string"==typeof e&&(e=tt.util.createBuffer(e)),o=!1,c=tt.util.createBuffer(),u=t\|\|new tt.util.createBuffer,l=e,f.output=u},update:function(e){for(o\|\|c.putBuffer(e);c.length()>=8;)h([[5,a],[1,n],[6,a],[1,n],[5,a]])},finish:function(e){var t=!0;if(r)if(e)t=e(8,c,!r);else{var a=8===c.length()?8:8-c.length();c.fillWithByte(a,a)}if(t&&(o=!0,f.update()),!r&&(t=0===c.length()))if(e)t=e(8,u,!r);else{var n=u.length(),i=u.at(n-1);i>n?t=!1:u.truncate(i)}return t}}};tt.rc2.startEncrypting=function(e,t,r){var a=tt.rc2.createEncryptionCipher(e,128);return a.start(t,r),a},tt.rc2.createEncryptionCipher=function(e,t){return st(e,t,!0)},tt.rc2.startDecrypting=function(e,t,r){var a=tt.rc2.createDecryptionCipher(e,128);return a.start(t,r),a},tt.rc2.createDecryptionCipher=function(e,t){return st(e,t,!1)};var ot,ct=S;function ut(e,t,r){this.data=[],null!=e&&("number"==typeof e?this.fromNumber(e,t,r):null==t&&"string"!=typeof e?this.fromString(e,256):this.fromString(e,t))}function lt(){return new ut(null)}function pt(e,t,r,a,n,i){for(var s=16383&t,o=t>>14;--i>=0;){var c=16383&this.data[e],u=this.data[e++]>>14,l=oc+us;n=((c=sc+((16383&l)<<14)+r.data[a]+n)>>28)+(l>>14)+ou,r.data[a++]=268435455&c}return n}ct.jsbn=ct.jsbn\|\|{},ct.jsbn.BigInteger=ut,"undefined"==typeof navigator?(ut.prototype.am=pt,ot=28):"Microsoft Internet Explorer"==navigator.appName?(ut.prototype.am=function(e,t,r,a,n,i){for(var s=32767&t,o=t>>15;--i>=0;){var c=32767&this.data[e],u=this.data[e++]>>15,l=oc+us;n=((c=sc+((32767&l)<<15)+r.data[a]+(1073741823&n))>>>30)+(l>>>15)+ou+(n>>>30),r.data[a++]=1073741823&c}return n},ot=30):"Netscape"!=navigator.appName?(ut.prototype.am=function(e,t,r,a,n,i){for(;--i>=0;){var s=tthis.data[e++]+r.data[a]+n;n=Math.floor(s/67108864),r.data[a++]=67108863&s}return n},ot=26):(ut.prototype.am=pt,ot=28),ut.prototype.DB=ot,ut.prototype.DM=(1<<ot)-1,ut.prototype.DV=1<<ot;ut.prototype.FV=Math.pow(2,52),ut.prototype.F1=52-ot,ut.prototype.F2=2ot-52;var ht,ft,dt="0123456789abcdefghijklmnopqrstuvwxyz",yt=new Array;for(ht="0".charCodeAt(0),ft=0;ft<=9;++ft)yt[ht++]=ft;for(ht="a".charCodeAt(0),ft=10;ft<36;++ft)yt[ht++]=ft;for(ht="A".charCodeAt(0),ft=10;ft<36;++ft)yt[ht++]=ft;function gt(e){return dt.charAt(e)}function mt(e,t){var r=yt[e.charCodeAt(t)];return null==r?-1:r}function vt(e){var t=lt();return t.fromInt(e),t}function Ct(e){var t,r=1;return 0!=(t=e>>>16)&&(e=t,r+=16),0!=(t=e>>8)&&(e=t,r+=8),0!=(t=e>>4)&&(e=t,r+=4),0!=(t=e>>2)&&(e=t,r+=2),0!=(t=e>>1)&&(e=t,r+=1),r}function Et(e){this.m=e}function St(e){this.m=e,this.mp=e.invDigit(),this.mpl=32767&this.mp,this.mph=this.mp>>15,this.um=(1<<e.DB-15)-1,this.mt2=2e.t}function Tt(e,t){return e&t}function It(e,t){return e\|t}function At(e,t){return e^t}function bt(e,t){return e&~t}function Bt(e){if(0==e)return-1;var t=0;return 0==(65535&e)&&(e>>=16,t+=16),0==(255&e)&&(e>>=8,t+=8),0==(15&e)&&(e>>=4,t+=4),0==(3&e)&&(e>>=2,t+=2),0==(1&e)&&++t,t}function Nt(e){for(var t=0;0!=e;)e&=e-1,++t;return t}function wt(){}function kt(e){return e}function Rt(e){this.r2=lt(),this.q3=lt(),ut.ONE.dlShiftTo(2e.t,this.r2),this.mu=this.r2.divide(e),this.m=e}Et.prototype.convert=function(e){return e.s<0\|\|e.compareTo(this.m)>=0?e.mod(this.m):e},Et.prototype.revert=function(e){return e},Et.prototype.reduce=function(e){e.divRemTo(this.m,null,e)},Et.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r),this.reduce(r)},Et.prototype.sqrTo=function(e,t){e.squareTo(t),this.reduce(t)},St.prototype.convert=function(e){var t=lt();return e.abs().dlShiftTo(this.m.t,t),t.divRemTo(this.m,null,t),e.s<0&&t.compareTo(ut.ZERO)>0&&this.m.subTo(t,t),t},St.prototype.revert=function(e){var t=lt();return e.copyTo(t),this.reduce(t),t},St.prototype.reduce=function(e){for(;e.t<=this.mt2;)e.data[e.t++]=0;for(var t=0;t<this.m.t;++t){var r=32767&e.data[t],a=rthis.mpl+((rthis.mph+(e.data[t]>>15)this.mpl&this.um)<<15)&e.DM;for(r=t+this.m.t,e.data[r]+=this.m.am(0,a,e,t,0,this.m.t);e.data[r]>=e.DV;)e.data[r]-=e.DV,e.data[++r]++}e.clamp(),e.drShiftTo(this.m.t,e),e.compareTo(this.m)>=0&&e.subTo(this.m,e)},St.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r),this.reduce(r)},St.prototype.sqrTo=function(e,t){e.squareTo(t),this.reduce(t)},ut.prototype.copyTo=function(e){for(var t=this.t-1;t>=0;--t)e.data[t]=this.data[t];e.t=this.t,e.s=this.s},ut.prototype.fromInt=function(e){this.t=1,this.s=e<0?-1:0,e>0?this.data[0]=e:e<-1?this.data[0]=e+this.DV:this.t=0},ut.prototype.fromString=function(e,t){var r;if(16==t)r=4;else if(8==t)r=3;else if(256==t)r=8;else if(2==t)r=1;else if(32==t)r=5;else{if(4!=t)return void this.fromRadix(e,t);r=2}this.t=0,this.s=0;for(var a=e.length,n=!1,i=0;--a>=0;){var s=8==r?255&e[a]:mt(e,a);s<0?"-"==e.charAt(a)&&(n=!0):(n=!1,0==i?this.data[this.t++]=s:i+r>this.DB?(this.data[this.t-1]\|=(s&(1<<this.DB-i)-1)<<i,this.data[this.t++]=s>>this.DB-i):this.data[this.t-1]\|=s<<i,(i+=r)>=this.DB&&(i-=this.DB))}8==r&&0!=(128&e[0])&&(this.s=-1,i>0&&(this.data[this.t-1]\|=(1<<this.DB-i)-1<<i)),this.clamp(),n&&ut.ZERO.subTo(this,this)},ut.prototype.clamp=function(){for(var e=this.s&this.DM;this.t>0&&this.data[this.t-1]==e;)--this.t},ut.prototype.dlShiftTo=function(e,t){var r;for(r=this.t-1;r>=0;--r)t.data[r+e]=this.data[r];for(r=e-1;r>=0;--r)t.data[r]=0;t.t=this.t+e,t.s=this.s},ut.prototype.drShiftTo=function(e,t){for(var r=e;r<this.t;++r)t.data[r-e]=this.data[r];t.t=Math.max(this.t-e,0),t.s=this.s},ut.prototype.lShiftTo=function(e,t){var r,a=e%this.DB,n=this.DB-a,i=(1<<n)-1,s=Math.floor(e/this.DB),o=this.s<<a&this.DM;for(r=this.t-1;r>=0;--r)t.data[r+s+1]=this.data[r]>>n\|o,o=(this.data[r]&i)<<a;for(r=s-1;r>=0;--r)t.data[r]=0;t.data[s]=o,t.t=this.t+s+1,t.s=this.s,t.clamp()},ut.prototype.rShiftTo=function(e,t){t.s=this.s;var r=Math.floor(e/this.DB);if(r>=this.t)t.t=0;else{var a=e%this.DB,n=this.DB-a,i=(1<<a)-1;t.data[0]=this.data[r]>>a;for(var s=r+1;s<this.t;++s)t.data[s-r-1]\|=(this.data[s]&i)<<n,t.data[s-r]=this.data[s]>>a;a>0&&(t.data[this.t-r-1]\|=(this.s&i)<<n),t.t=this.t-r,t.clamp()}},ut.prototype.subTo=function(e,t){for(var r=0,a=0,n=Math.min(e.t,this.t);r<n;)a+=this.data[r]-e.data[r],t.data[r++]=a&this.DM,a>>=this.DB;if(e.t<this.t){for(a-=e.s;r<this.t;)a+=this.data[r],t.data[r++]=a&this.DM,a>>=this.DB;a+=this.s}else{for(a+=this.s;r<e.t;)a-=e.data[r],t.data[r++]=a&this.DM,a>>=this.DB;a-=e.s}t.s=a<0?-1:0,a<-1?t.data[r++]=this.DV+a:a>0&&(t.data[r++]=a),t.t=r,t.clamp()},ut.prototype.multiplyTo=function(e,t){var r=this.abs(),a=e.abs(),n=r.t;for(t.t=n+a.t;--n>=0;)t.data[n]=0;for(n=0;n<a.t;++n)t.data[n+r.t]=r.am(0,a.data[n],t,n,0,r.t);t.s=0,t.clamp(),this.s!=e.s&&ut.ZERO.subTo(t,t)},ut.prototype.squareTo=function(e){for(var t=this.abs(),r=e.t=2t.t;--r>=0;)e.data[r]=0;for(r=0;r<t.t-1;++r){var a=t.am(r,t.data[r],e,2r,0,1);(e.data[r+t.t]+=t.am(r+1,2t.data[r],e,2r+1,a,t.t-r-1))>=t.DV&&(e.data[r+t.t]-=t.DV,e.data[r+t.t+1]=1)}e.t>0&&(e.data[e.t-1]+=t.am(r,t.data[r],e,2r,0,1)),e.s=0,e.clamp()},ut.prototype.divRemTo=function(e,t,r){var a=e.abs();if(!(a.t<=0)){var n=this.abs();if(n.t<a.t)return null!=t&&t.fromInt(0),void(null!=r&&this.copyTo(r));null==r&&(r=lt());var i=lt(),s=this.s,o=e.s,c=this.DB-Ct(a.data[a.t-1]);c>0?(a.lShiftTo(c,i),n.lShiftTo(c,r)):(a.copyTo(i),n.copyTo(r));var u=i.t,l=i.data[u-1];if(0!=l){var p=l(1<<this.F1)+(u>1?i.data[u-2]>>this.F2:0),h=this.FV/p,f=(1<<this.F1)/p,d=1<<this.F2,y=r.t,g=y-u,m=null==t?lt():t;for(i.dlShiftTo(g,m),r.compareTo(m)>=0&&(r.data[r.t++]=1,r.subTo(m,r)),ut.ONE.dlShiftTo(u,m),m.subTo(i,i);i.t<u;)i.data[i.t++]=0;for(;--g>=0;){var v=r.data[--y]==l?this.DM:Math.floor(r.data[y]h+(r.data[y-1]+d)f);if((r.data[y]+=i.am(0,v,r,g,0,u))<v)for(i.dlShiftTo(g,m),r.subTo(m,r);r.data[y]<--v;)r.subTo(m,r)}null!=t&&(r.drShiftTo(u,t),s!=o&&ut.ZERO.subTo(t,t)),r.t=u,r.clamp(),c>0&&r.rShiftTo(c,r),s<0&&ut.ZERO.subTo(r,r)}}},ut.prototype.invDigit=function(){if(this.t<1)return 0;var e=this.data[0];if(0==(1&e))return 0;var t=3&e;return(t=(t=(t=(t=t(2-(15&e)t)&15)(2-(255&e)t)&255)(2-((65535&e)t&65535))&65535)(2-et%this.DV)%this.DV)>0?this.DV-t:-t},ut.prototype.isEven=function(){return 0==(this.t>0?1&this.data[0]:this.s)},ut.prototype.exp=function(e,t){if(e>4294967295\|\|e<1)return ut.ONE;var r=lt(),a=lt(),n=t.convert(this),i=Ct(e)-1;for(n.copyTo(r);--i>=0;)if(t.sqrTo(r,a),(e&1<<i)>0)t.mulTo(a,n,r);else{var s=r;r=a,a=s}return t.revert(r)},ut.prototype.toString=function(e){if(this.s<0)return"-"+this.negate().toString(e);var t;if(16==e)t=4;else if(8==e)t=3;else if(2==e)t=1;else if(32==e)t=5;else{if(4!=e)return this.toRadix(e);t=2}var r,a=(1<<t)-1,n=!1,i="",s=this.t,o=this.DB-sthis.DB%t;if(s-- >0)for(o<this.DB&&(r=this.data[s]>>o)>0&&(n=!0,i=gt(r));s>=0;)o<t?(r=(this.data[s]&(1<<o)-1)<<t-o,r\|=this.data[--s]>>(o+=this.DB-t)):(r=this.data[s]>>(o-=t)&a,o<=0&&(o+=this.DB,--s)),r>0&&(n=!0),n&&(i+=gt(r));return n?i:"0"},ut.prototype.negate=function(){var e=lt();return ut.ZERO.subTo(this,e),e},ut.prototype.abs=function(){return this.s<0?this.negate():this},ut.prototype.compareTo=function(e){var t=this.s-e.s;if(0!=t)return t;var r=this.t;if(0!=(t=r-e.t))return this.s<0?-t:t;for(;--r>=0;)if(0!=(t=this.data[r]-e.data[r]))return t;return 0},ut.prototype.bitLength=function(){return this.t<=0?0:this.DB(this.t-1)+Ct(this.data[this.t-1]^this.s&this.DM)},ut.prototype.mod=function(e){var t=lt();return this.abs().divRemTo(e,null,t),this.s<0&&t.compareTo(ut.ZERO)>0&&e.subTo(t,t),t},ut.prototype.modPowInt=function(e,t){var r;return r=e<256\|\|t.isEven()?new Et(t):new St(t),this.exp(e,r)},ut.ZERO=vt(0),ut.ONE=vt(1),wt.prototype.convert=kt,wt.prototype.revert=kt,wt.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r)},wt.prototype.sqrTo=function(e,t){e.squareTo(t)},Rt.prototype.convert=function(e){if(e.s<0\|\|e.t>2this.m.t)return e.mod(this.m);if(e.compareTo(this.m)<0)return e;var t=lt();return e.copyTo(t),this.reduce(t),t},Rt.prototype.revert=function(e){return e},Rt.prototype.reduce=function(e){for(e.drShiftTo(this.m.t-1,this.r2),e.t>this.m.t+1&&(e.t=this.m.t+1,e.clamp()),this.mu.multiplyUpperTo(this.r2,this.m.t+1,this.q3),this.m.multiplyLowerTo(this.q3,this.m.t+1,this.r2);e.compareTo(this.r2)<0;)e.dAddOffset(1,this.m.t+1);for(e.subTo(this.r2,e);e.compareTo(this.m)>=0;)e.subTo(this.m,e)},Rt.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r),this.reduce(r)},Rt.prototype.sqrTo=function(e,t){e.squareTo(t),this.reduce(t)};var _t=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509],Lt=(1<<26)/_t[_t.length-1];ut.prototype.chunkSize=function(e){return Math.floor(Math.LN2this.DB/Math.log(e))},ut.prototype.toRadix=function(e){if(null==e&&(e=10),0==this.signum()\|\|e<2\|\|e>36)return"0";var t=this.chunkSize(e),r=Math.pow(e,t),a=vt(r),n=lt(),i=lt(),s="";for(this.divRemTo(a,n,i);n.signum()>0;)s=(r+i.intValue()).toString(e).substr(1)+s,n.divRemTo(a,n,i);return i.intValue().toString(e)+s},ut.prototype.fromRadix=function(e,t){this.fromInt(0),null==t&&(t=10);for(var r=this.chunkSize(t),a=Math.pow(t,r),n=!1,i=0,s=0,o=0;o<e.length;++o){var c=mt(e,o);c<0?"-"==e.charAt(o)&&0==this.signum()&&(n=!0):(s=ts+c,++i>=r&&(this.dMultiply(a),this.dAddOffset(s,0),i=0,s=0))}i>0&&(this.dMultiply(Math.pow(t,i)),this.dAddOffset(s,0)),n&&ut.ZERO.subTo(this,this)},ut.prototype.fromNumber=function(e,t,r){if("number"==typeof t)if(e<2)this.fromInt(1);else for(this.fromNumber(e,r),this.testBit(e-1)\|\|this.bitwiseTo(ut.ONE.shiftLeft(e-1),It,this),this.isEven()&&this.dAddOffset(1,0);!this.isProbablePrime(t);)this.dAddOffset(2,0),this.bitLength()>e&&this.subTo(ut.ONE.shiftLeft(e-1),this);else{var a=new Array,n=7&e;a.length=1+(e>>3),t.nextBytes(a),n>0?a[0]&=(1<<n)-1:a[0]=0,this.fromString(a,256)}},ut.prototype.bitwiseTo=function(e,t,r){var a,n,i=Math.min(e.t,this.t);for(a=0;a<i;++a)r.data[a]=t(this.data[a],e.data[a]);if(e.t<this.t){for(n=e.s&this.DM,a=i;a<this.t;++a)r.data[a]=t(this.data[a],n);r.t=this.t}else{for(n=this.s&this.DM,a=i;a<e.t;++a)r.data[a]=t(n,e.data[a]);r.t=e.t}r.s=t(this.s,e.s),r.clamp()},ut.prototype.changeBit=function(e,t){var r=ut.ONE.shiftLeft(e);return this.bitwiseTo(r,t,r),r},ut.prototype.addTo=function(e,t){for(var r=0,a=0,n=Math.min(e.t,this.t);r<n;)a+=this.data[r]+e.data[r],t.data[r++]=a&this.DM,a>>=this.DB;if(e.t<this.t){for(a+=e.s;r<this.t;)a+=this.data[r],t.data[r++]=a&this.DM,a>>=this.DB;a+=this.s}else{for(a+=this.s;r<e.t;)a+=e.data[r],t.data[r++]=a&this.DM,a>>=this.DB;a+=e.s}t.s=a<0?-1:0,a>0?t.data[r++]=a:a<-1&&(t.data[r++]=this.DV+a),t.t=r,t.clamp()},ut.prototype.dMultiply=function(e){this.data[this.t]=this.am(0,e-1,this,0,0,this.t),++this.t,this.clamp()},ut.prototype.dAddOffset=function(e,t){if(0!=e){for(;this.t<=t;)this.data[this.t++]=0;for(this.data[t]+=e;this.data[t]>=this.DV;)this.data[t]-=this.DV,++t>=this.t&&(this.data[this.t++]=0),++this.data[t]}},ut.prototype.multiplyLowerTo=function(e,t,r){var a,n=Math.min(this.t+e.t,t);for(r.s=0,r.t=n;n>0;)r.data[--n]=0;for(a=r.t-this.t;n<a;++n)r.data[n+this.t]=this.am(0,e.data[n],r,n,0,this.t);for(a=Math.min(e.t,t);n<a;++n)this.am(0,e.data[n],r,n,0,t-n);r.clamp()},ut.prototype.multiplyUpperTo=function(e,t,r){--t;var a=r.t=this.t+e.t-t;for(r.s=0;--a>=0;)r.data[a]=0;for(a=Math.max(t-this.t,0);a<e.t;++a)r.data[this.t+a-t]=this.am(t-a,e.data[a],r,0,0,this.t+a-t);r.clamp(),r.drShiftTo(1,r)},ut.prototype.modInt=function(e){if(e<=0)return 0;var t=this.DV%e,r=this.s<0?e-1:0;if(this.t>0)if(0==t)r=this.data[0]%e;else for(var a=this.t-1;a>=0;--a)r=(tr+this.data[a])%e;return r},ut.prototype.millerRabin=function(e){var t=this.subtract(ut.ONE),r=t.getLowestSetBit();if(r<=0)return!1;for(var a,n=t.shiftRight(r),i={nextBytes:function(e){for(var t=0;t<e.length;++t)e[t]=Math.floor(256Math.random())}},s=0;s<e;++s){do{a=new ut(this.bitLength(),i)}while(a.compareTo(ut.ONE)<=0\|\|a.compareTo(t)>=0);var o=a.modPow(n,this);if(0!=o.compareTo(ut.ONE)&&0!=o.compareTo(t)){for(var c=1;c++<r&&0!=o.compareTo(t);)if(0==(o=o.modPowInt(2,this)).compareTo(ut.ONE))return!1;if(0!=o.compareTo(t))return!1}}return!0},ut.prototype.clone=function(){var e=lt();return this.copyTo(e),e},ut.prototype.intValue=function(){if(this.s<0){if(1==this.t)return this.data[0]-this.DV;if(0==this.t)return-1}else{if(1==this.t)return this.data[0];if(0==this.t)return 0}return(this.data[1]&(1<<32-this.DB)-1)<<this.DB\|this.data[0]},ut.prototype.byteValue=function(){return 0==this.t?this.s:this.data[0]<<24>>24},ut.prototype.shortValue=function(){return 0==this.t?this.s:this.data[0]<<16>>16},ut.prototype.signum=function(){return this.s<0?-1:this.t<=0\|\|1==this.t&&this.data[0]<=0?0:1},ut.prototype.toByteArray=function(){var e=this.t,t=new Array;t[0]=this.s;var r,a=this.DB-ethis.DB%8,n=0;if(e-- >0)for(a<this.DB&&(r=this.data[e]>>a)!=(this.s&this.DM)>>a&&(t[n++]=r\|this.s<<this.DB-a);e>=0;)a<8?(r=(this.data[e]&(1<<a)-1)<<8-a,r\|=this.data[--e]>>(a+=this.DB-8)):(r=this.data[e]>>(a-=8)&255,a<=0&&(a+=this.DB,--e)),0!=(128&r)&&(r\|=-256),0==n&&(128&this.s)!=(128&r)&&++n,(n>0\|\|r!=this.s)&&(t[n++]=r);return t},ut.prototype.equals=function(e){return 0==this.compareTo(e)},ut.prototype.min=function(e){return this.compareTo(e)<0?this:e},ut.prototype.max=function(e){return this.compareTo(e)>0?this:e},ut.prototype.and=function(e){var t=lt();return this.bitwiseTo(e,Tt,t),t},ut.prototype.or=function(e){var t=lt();return this.bitwiseTo(e,It,t),t},ut.prototype.xor=function(e){var t=lt();return this.bitwiseTo(e,At,t),t},ut.prototype.andNot=function(e){var t=lt();return this.bitwiseTo(e,bt,t),t},ut.prototype.not=function(){for(var e=lt(),t=0;t<this.t;++t)e.data[t]=this.DM&~this.data[t];return e.t=this.t,e.s=~this.s,e},ut.prototype.shiftLeft=function(e){var t=lt();return e<0?this.rShiftTo(-e,t):this.lShiftTo(e,t),t},ut.prototype.shiftRight=function(e){var t=lt();return e<0?this.lShiftTo(-e,t):this.rShiftTo(e,t),t},ut.prototype.getLowestSetBit=function(){for(var e=0;e<this.t;++e)if(0!=this.data[e])return ethis.DB+Bt(this.data[e]);return this.s<0?this.tthis.DB:-1},ut.prototype.bitCount=function(){for(var e=0,t=this.s&this.DM,r=0;r<this.t;++r)e+=Nt(this.data[r]^t);return e},ut.prototype.testBit=function(e){var t=Math.floor(e/this.DB);return t>=this.t?0!=this.s:0!=(this.data[t]&1<<e%this.DB)},ut.prototype.setBit=function(e){return this.changeBit(e,It)},ut.prototype.clearBit=function(e){return this.changeBit(e,bt)},ut.prototype.flipBit=function(e){return this.changeBit(e,At)},ut.prototype.add=function(e){var t=lt();return this.addTo(e,t),t},ut.prototype.subtract=function(e){var t=lt();return this.subTo(e,t),t},ut.prototype.multiply=function(e){var t=lt();return this.multiplyTo(e,t),t},ut.prototype.divide=function(e){var t=lt();return this.divRemTo(e,t,null),t},ut.prototype.remainder=function(e){var t=lt();return this.divRemTo(e,null,t),t},ut.prototype.divideAndRemainder=function(e){var t=lt(),r=lt();return this.divRemTo(e,t,r),new Array(t,r)},ut.prototype.modPow=function(e,t){var r,a,n=e.bitLength(),i=vt(1);if(n<=0)return i;r=n<18?1:n<48?3:n<144?4:n<768?5:6,a=n<8?new Et(t):t.isEven()?new Rt(t):new St(t);var s=new Array,o=3,c=r-1,u=(1<<r)-1;if(s[1]=a.convert(this),r>1){var l=lt();for(a.sqrTo(s[1],l);o<=u;)s[o]=lt(),a.mulTo(l,s[o-2],s[o]),o+=2}var p,h,f=e.t-1,d=!0,y=lt();for(n=Ct(e.data[f])-1;f>=0;){for(n>=c?p=e.data[f]>>n-c&u:(p=(e.data[f]&(1<<n+1)-1)<<c-n,f>0&&(p\|=e.data[f-1]>>this.DB+n-c)),o=r;0==(1&p);)p>>=1,--o;if((n-=o)<0&&(n+=this.DB,--f),d)s[p].copyTo(i),d=!1;else{for(;o>1;)a.sqrTo(i,y),a.sqrTo(y,i),o-=2;o>0?a.sqrTo(i,y):(h=i,i=y,y=h),a.mulTo(y,s[p],i)}for(;f>=0&&0==(e.data[f]&1<<n);)a.sqrTo(i,y),h=i,i=y,y=h,--n<0&&(n=this.DB-1,--f)}return a.revert(i)},ut.prototype.modInverse=function(e){var t=e.isEven();if(this.isEven()&&t\|\|0==e.signum())return ut.ZERO;for(var r=e.clone(),a=this.clone(),n=vt(1),i=vt(0),s=vt(0),o=vt(1);0!=r.signum();){for(;r.isEven();)r.rShiftTo(1,r),t?(n.isEven()&&i.isEven()\|\|(n.addTo(this,n),i.subTo(e,i)),n.rShiftTo(1,n)):i.isEven()\|\|i.subTo(e,i),i.rShiftTo(1,i);for(;a.isEven();)a.rShiftTo(1,a),t?(s.isEven()&&o.isEven()\|\|(s.addTo(this,s),o.subTo(e,o)),s.rShiftTo(1,s)):o.isEven()\|\|o.subTo(e,o),o.rShiftTo(1,o);r.compareTo(a)>=0?(r.subTo(a,r),t&&n.subTo(s,n),i.subTo(o,i)):(a.subTo(r,a),t&&s.subTo(n,s),o.subTo(i,o))}return 0!=a.compareTo(ut.ONE)?ut.ZERO:o.compareTo(e)>=0?o.subtract(e):o.signum()<0?(o.addTo(e,o),o.signum()<0?o.add(e):o):o},ut.prototype.pow=function(e){return this.exp(e,new wt)},ut.prototype.gcd=function(e){var t=this.s<0?this.negate():this.clone(),r=e.s<0?e.negate():e.clone();if(t.compareTo(r)<0){var a=t;t=r,r=a}var n=t.getLowestSetBit(),i=r.getLowestSetBit();if(i<0)return t;for(n<i&&(i=n),i>0&&(t.rShiftTo(i,t),r.rShiftTo(i,r));t.signum()>0;)(n=t.getLowestSetBit())>0&&t.rShiftTo(n,t),(n=r.getLowestSetBit())>0&&r.rShiftTo(n,r),t.compareTo(r)>=0?(t.subTo(r,t),t.rShiftTo(1,t)):(r.subTo(t,r),r.rShiftTo(1,r));return i>0&&r.lShiftTo(i,r),r},ut.prototype.isProbablePrime=function(e){var t,r=this.abs();if(1==r.t&&r.data[0]<=_t[_t.length-1]){for(t=0;t<_t.length;++t)if(r.data[0]==_t[t])return!0;return!1}if(r.isEven())return!1;for(t=1;t<_t.length;){for(var a=_t[t],n=t+1;n<_t.length&&a<Lt;)a=_t[n++];for(a=r.modInt(a);t<n;)if(a%_t[t++]==0)return!1}return r.millerRabin(e)};var Ut=S,Dt=Ut.sha1=Ut.sha1\|\|{};Ut.md.sha1=Ut.md.algorithms.sha1=Dt,Dt.create=function(){Vt\|\|(Pt=String.fromCharCode(128),Pt+=Ut.util.fillString(String.fromCharCode(0),64),Vt=!0);var e=null,t=Ut.util.createBuffer(),r=new Array(80),a={algorithm:"sha1",blockLength:64,digestLength:20,messageLength:0,fullMessageLength:null,messageLengthSize:8,start:function(){a.messageLength=0,a.fullMessageLength=a.messageLength64=[];for(var r=a.messageLengthSize/4,n=0;n<r;++n)a.fullMessageLength.push(0);return t=Ut.util.createBuffer(),e={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878,h4:3285377520},a}};return a.start(),a.update=function(n,i){"utf8"===i&&(n=Ut.util.encodeUtf8(n));var s=n.length;a.messageLength+=s,s=[s/4294967296>>>0,s>>>0];for(var o=a.fullMessageLength.length-1;o>=0;--o)a.fullMessageLength[o]+=s[1],s[1]=s[0]+(a.fullMessageLength[o]/4294967296>>>0),a.fullMessageLength[o]=a.fullMessageLength[o]>>>0,s[0]=s[1]/4294967296>>>0;return t.putBytes(n),Ot(e,r,t),(t.read>2048\|\|0===t.length())&&t.compact(),a},a.digest=function(){var n=Ut.util.createBuffer();n.putBytes(t.bytes());var i,s=a.fullMessageLength[a.fullMessageLength.length-1]+a.messageLengthSize&a.blockLength-1;n.putBytes(Pt.substr(0,a.blockLength-s));for(var o=8a.fullMessageLength[0],c=0;c<a.fullMessageLength.length-1;++c)o+=(i=8a.fullMessageLength[c+1])/4294967296>>>0,n.putInt32(o>>>0),o=i>>>0;n.putInt32(o);var u={h0:e.h0,h1:e.h1,h2:e.h2,h3:e.h3,h4:e.h4};Ot(u,r,n);var l=Ut.util.createBuffer();return l.putInt32(u.h0),l.putInt32(u.h1),l.putInt32(u.h2),l.putInt32(u.h3),l.putInt32(u.h4),l},a};var Pt=null,Vt=!1;function Ot(e,t,r){for(var a,n,i,s,o,c,u,l=r.length();l>=64;){for(n=e.h0,i=e.h1,s=e.h2,o=e.h3,c=e.h4,u=0;u<16;++u)a=r.getInt32(),t[u]=a,a=(n<<5\|n>>>27)+(o^i&(s^o))+c+1518500249+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<20;++u)a=(a=t[u-3]^t[u-8]^t[u-14]^t[u-16])<<1\|a>>>31,t[u]=a,a=(n<<5\|n>>>27)+(o^i&(s^o))+c+1518500249+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<32;++u)a=(a=t[u-3]^t[u-8]^t[u-14]^t[u-16])<<1\|a>>>31,t[u]=a,a=(n<<5\|n>>>27)+(i^s^o)+c+1859775393+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<40;++u)a=(a=t[u-6]^t[u-16]^t[u-28]^t[u-32])<<2\|a>>>30,t[u]=a,a=(n<<5\|n>>>27)+(i^s^o)+c+1859775393+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<60;++u)a=(a=t[u-6]^t[u-16]^t[u-28]^t[u-32])<<2\|a>>>30,t[u]=a,a=(n<<5\|n>>>27)+(i&s\|o&(i^s))+c+2400959708+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<80;++u)a=(a=t[u-6]^t[u-16]^t[u-28]^t[u-32])<<2\|a>>>30,t[u]=a,a=(n<<5\|n>>>27)+(i^s^o)+c+3395469782+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;e.h0=e.h0+n\|0,e.h1=e.h1+i\|0,e.h2=e.h2+s\|0,e.h3=e.h3+o\|0,e.h4=e.h4+c\|0,l-=64}}var Kt=S,xt=Kt.pkcs1=Kt.pkcs1\|\|{};function Mt(e,t,r){r\|\|(r=Kt.md.sha1.create());for(var a="",n=Math.ceil(t/r.digestLength),i=0;i<n;++i){var s=String.fromCharCode(i>>24&255,i>>16&255,i>>8&255,255&i);r.start(),r.update(e+s),a+=r.digest().getBytes()}return a.substring(0,t)}xt.encode_rsa_oaep=function(e,t,r){var a,n,i,s;"string"==typeof r?(a=r,n=arguments[3]\|\|void 0,i=arguments[4]\|\|void 0):r&&(a=r.label\|\|void 0,n=r.seed\|\|void 0,i=r.md\|\|void 0,r.mgf1&&r.mgf1.md&&(s=r.mgf1.md)),i?i.start():i=Kt.md.sha1.create(),s\|\|(s=i);var o=Math.ceil(e.n.bitLength()/8),c=o-2i.digestLength-2;if(t.length>c)throw(d=new Error("RSAES-OAEP input message length is too long.")).length=t.length,d.maxLength=c,d;a\|\|(a=""),i.update(a,"raw");for(var u=i.digest(),l="",p=c-t.length,h=0;h<p;h++)l+="\0";var f=u.getBytes()+l+""+t;if(n){if(n.length!==i.digestLength){var d;throw(d=new Error("Invalid RSAES-OAEP seed. The seed length must match the digest length.")).seedLength=n.length,d.digestLength=i.digestLength,d}}else n=Kt.random.getBytes(i.digestLength);var y=Mt(n,o-i.digestLength-1,s),g=Kt.util.xorBytes(f,y,f.length),m=Mt(g,i.digestLength,s);return"\0"+Kt.util.xorBytes(n,m,n.length)+g},xt.decode_rsa_oaep=function(e,t,r){var a,n,i;"string"==typeof r?(a=r,n=arguments[3]\|\|void 0):r&&(a=r.label\|\|void 0,n=r.md\|\|void 0,r.mgf1&&r.mgf1.md&&(i=r.mgf1.md));var s=Math.ceil(e.n.bitLength()/8);if(t.length!==s)throw(y=new Error("RSAES-OAEP encoded message length is invalid.")).length=t.length,y.expectedLength=s,y;if(void 0===n?n=Kt.md.sha1.create():n.start(),i\|\|(i=n),s<2n.digestLength+2)throw new Error("RSAES-OAEP key is too short for the hash function.");a\|\|(a=""),n.update(a,"raw");for(var o=n.digest().getBytes(),c=t.charAt(0),u=t.substring(1,n.digestLength+1),l=t.substring(1+n.digestLength),p=Mt(l,n.digestLength,i),h=Mt(Kt.util.xorBytes(u,p,u.length),s-n.digestLength-1,i),f=Kt.util.xorBytes(l,h,l.length),d=f.substring(0,n.digestLength),y="\0"!==c,g=0;g<n.digestLength;++g)y\|=o.charAt(g)!==d.charAt(g);for(var m=1,v=n.digestLength,C=n.digestLength;C<f.length;C++){var E=f.charCodeAt(C);y\|=E&(m?65534:0),v+=m&=1&E^1}if(y\|\|1!==f.charCodeAt(v))throw new Error("Invalid RSAES-OAEP padding.");return f.substring(v+1)};var Ft=S;!function(){if(Ft.prime)Ft.prime;else{var e=Ft.prime=Ft.prime\|\|{},t=Ft.jsbn.BigInteger,r=[6,4,2,4,2,4,6,2],a=new t(null);a.fromInt(30);var n=function(e,t){return e\|t};e.generateProbablePrime=function(e,r,a){"function"==typeof r&&(a=r,r={});var n=(r=r\|\|{}).algorithm\|\|"PRIMEINC";"string"==typeof n&&(n={name:n}),n.options=n.options\|\|{};var s=r.prng\|\|Ft.random,c={nextBytes:function(e){for(var t=s.getBytesSync(e.length),r=0;r<e.length;++r)e[r]=t.charCodeAt(r)}};if("PRIMEINC"===n.name)return function(e,r,a,n){if("workers"in a)return function(e,r,a,n){if("undefined"==typeof Worker)return i(e,r,a,n);var s=o(e,r),c=a.workers,u=a.workLoad\|\|100,l=30u/8,p=a.workerScript\|\|"forge/prime.worker.js";if(-1===c)return Ft.util.estimateCores((function(e,t){e&&(t=2),c=t-1,h()}));function h(){c=Math.max(1,c);for(var a=[],i=0;i<c;++i)a[i]=new Worker(p);for(i=0;i<c;++i)a[i].addEventListener("message",f);var h=!1;function f(i){if(!h){var c=i.data;if(c.found){for(var p=0;p<a.length;++p)a[p].terminate();return h=!0,n(null,new t(c.prime,16))}s.bitLength()>e&&(s=o(e,r));var f=s.toString(16);i.target.postMessage({hex:f,workLoad:u}),s.dAddOffset(l,0)}}}h()}(e,r,a,n);return i(e,r,a,n)}(e,c,n.options,a);throw new Error("Invalid prime generation algorithm: "+n.name)}}function i(e,t,r,a){var n=o(e,t),i=function(e){return e<=100?27:e<=150?18:e<=200?15:e<=250?12:e<=300?9:e<=350?8:e<=400?7:e<=500?6:e<=600?5:e<=800?4:e<=1250?3:2}(n.bitLength());"millerRabinTests"in r&&(i=r.millerRabinTests);var c=10;"maxBlockTime"in r&&(c=r.maxBlockTime),s(n,e,t,0,i,c,a)}function s(e,t,a,n,i,c,u){var l=+new Date;do{if(e.bitLength()>t&&(e=o(t,a)),e.isProbablePrime(i))return u(null,e);e.dAddOffset(r[n++%8],0)}while(c<0\|\|+new Date-l<c);Ft.util.setImmediate((function(){s(e,t,a,n,i,c,u)}))}function o(e,r){var i=new t(e,r),s=e-1;return i.testBit(s)\|\|i.bitwiseTo(t.ONE.shiftLeft(s),n,i),i.dAddOffset(31-i.mod(a).byteValue(),0),i}}();var qt=S;if(void 0===jt)var jt=qt.jsbn.BigInteger;var Gt=qt.util.isNodejs?s:null,Ht=qt.asn1,Qt=qt.util;qt.pki=qt.pki\|\|{},qt.pki.rsa=qt.rsa=qt.rsa\|\|{};var zt=qt.pki,Wt=[6,4,2,4,2,4,6,2],Yt={name:"PrivateKeyInfo",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.SEQUENCE,constructed:!0,value:[{name:"PrivateKeyInfo.version",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"PrivateKeyInfo.privateKeyAlgorithm",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.OID,constructed:!1,capture:"privateKeyOid"}]},{name:"PrivateKeyInfo",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.OCTETSTRING,constructed:!1,capture:"privateKey"}]},Xt={name:"RSAPrivateKey",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPrivateKey.version",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"RSAPrivateKey.modulus",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyModulus"},{name:"RSAPrivateKey.publicExponent",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyPublicExponent"},{name:"RSAPrivateKey.privateExponent",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyPrivateExponent"},{name:"RSAPrivateKey.prime1",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyPrime1"},{name:"RSAPrivateKey.prime2",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyPrime2"},{name:"RSAPrivateKey.exponent1",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyExponent1"},{name:"RSAPrivateKey.exponent2",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyExponent2"},{name:"RSAPrivateKey.coefficient",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"privateKeyCoefficient"}]},Zt={name:"RSAPublicKey",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPublicKey.modulus",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"publicKeyModulus"},{name:"RSAPublicKey.exponent",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.INTEGER,constructed:!1,capture:"publicKeyExponent"}]},$t=qt.pki.rsa.publicKeyValidator={name:"SubjectPublicKeyInfo",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.SEQUENCE,constructed:!0,captureAsn1:"subjectPublicKeyInfo",value:[{name:"SubjectPublicKeyInfo.AlgorithmIdentifier",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.OID,constructed:!1,capture:"publicKeyOid"}]},{name:"SubjectPublicKeyInfo.subjectPublicKey",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.BITSTRING,constructed:!1,value:[{name:"SubjectPublicKeyInfo.subjectPublicKey.RSAPublicKey",tagClass:Ht.Class.UNIVERSAL,type:Ht.Type.SEQUENCE,constructed:!0,optional:!0,captureAsn1:"rsaPublicKey"}]}]},Jt=function(e){var t;if(!(e.algorithm in zt.oids)){var r=new Error("Unknown message digest algorithm.");throw r.algorithm=e.algorithm,r}t=zt.oids[e.algorithm];var a=Ht.oidToDer(t).getBytes(),n=Ht.create(Ht.Class.UNIVERSAL,Ht.Type.SEQUENCE,!0,[]),i=Ht.create(Ht.Class.UNIVERSAL,Ht.Type.SEQUENCE,!0,[]);i.value.push(Ht.create(Ht.Class.UNIVERSAL,Ht.Type.OID,!1,a)),i.value.push(Ht.create(Ht.Class.UNIVERSAL,Ht.Type.NULL,!1,""));var s=Ht.create(Ht.Class.UNIVERSAL,Ht.Type.OCTETSTRING,!1,e.digest().getBytes());return n.value.push(i),n.value.push(s),Ht.toDer(n).getBytes()},er=function(e,t,r){if(r)return e.modPow(t.e,t.n);if(!t.p\|\|!t.q)return e.modPow(t.d,t.n);var a;t.dP\|\|(t.dP=t.d.mod(t.p.subtract(jt.ONE))),t.dQ\|\|(t.dQ=t.d.mod(t.q.subtract(jt.ONE))),t.qInv\|\|(t.qInv=t.q.modInverse(t.p));do{a=new jt(qt.util.bytesToHex(qt.random.getBytes(t.n.bitLength()/8)),16)}while(a.compareTo(t.n)>=0\|\|!a.gcd(t.n).equals(jt.ONE));for(var n=(e=e.multiply(a.modPow(t.e,t.n)).mod(t.n)).mod(t.p).modPow(t.dP,t.p),i=e.mod(t.q).modPow(t.dQ,t.q);n.compareTo(i)<0;)n=n.add(t.p);var s=n.subtract(i).multiply(t.qInv).mod(t.p).multiply(t.q).add(i);return s=s.multiply(a.modInverse(t.n)).mod(t.n)};function tr(e,t,r){var a=qt.util.createBuffer(),n=Math.ceil(t.n.bitLength()/8);if(e.length>n-11){var i=new Error("Message is too long for PKCS#1 v1.5 padding.");throw i.length=e.length,i.max=n-11,i}a.putByte(0),a.putByte(r);var s,o=n-3-e.length;if(0===r\|\|1===r){s=0===r?0:255;for(var c=0;c<o;++c)a.putByte(s)}else for(;o>0;){var u=0,l=qt.random.getBytes(o);for(c=0;c<o;++c)0===(s=l.charCodeAt(c))?++u:a.putByte(s);o=u}return a.putByte(0),a.putBytes(e),a}function rr(e,t,r,a){var n=Math.ceil(t.n.bitLength()/8),i=qt.util.createBuffer(e),s=i.getByte(),o=i.getByte();if(0!==s\|\|r&&0!==o&&1!==o\|\|!r&&2!=o\|\|r&&0===o&&void 0===a)throw new Error("Encryption block is invalid.");var c=0;if(0===o){c=n-3-a;for(var u=0;u<c;++u)if(0!==i.getByte())throw new Error("Encryption block is invalid.")}else if(1===o)for(c=0;i.length()>1;){if(255!==i.getByte()){--i.read;break}++c}else if(2===o)for(c=0;i.length()>1;){if(0===i.getByte()){--i.read;break}++c}if(0!==i.getByte()\|\|c!==n-3-i.length())throw new Error("Encryption block is invalid.");return i.getBytes()}function ar(e){var t=e.toString(16);t[0]>="8"&&(t="00"+t);var r=qt.util.hexToBytes(t);return r.length>1&&(0===r.charCodeAt(0)&&0==(128&r.charCodeAt(1))\|\|255===r.charCodeAt(0)&&128==(128&r.charCodeAt(1)))?r.substr(1):r}function nr(e){return e<=100?27:e<=150?18:e<=200?15:e<=250?12:e<=300?9:e<=350?8:e<=400?7:e<=500?6:e<=600?5:e<=800?4:e<=1250?3:2}function ir(e){return qt.util.isNodejs&&"function"==typeof Gt[e]}function sr(e){return void 0!==Qt.globalScope&&"object"==typeof Qt.globalScope.crypto&&"object"==typeof Qt.globalScope.crypto.subtle&&"function"==typeof Qt.globalScope.crypto.subtle[e]}function or(e){return void 0!==Qt.globalScope&&"object"==typeof Qt.globalScope.msCrypto&&"object"==typeof Qt.globalScope.msCrypto.subtle&&"function"==typeof Qt.globalScope.msCrypto.subtle[e]}function cr(e){for(var t=qt.util.hexToBytes(e.toString(16)),r=new Uint8Array(t.length),a=0;a<t.length;++a)r[a]=t.charCodeAt(a);return r}zt.rsa.encrypt=function(e,t,r){var a,n=r,i=Math.ceil(t.n.bitLength()/8);!1!==r&&!0!==r?(n=2===r,a=tr(e,t,r)):(a=qt.util.createBuffer()).putBytes(e);for(var s=new jt(a.toHex(),16),o=er(s,t,n).toString(16),c=qt.util.createBuffer(),u=i-Math.ceil(o.length/2);u>0;)c.putByte(0),--u;return c.putBytes(qt.util.hexToBytes(o)),c.getBytes()},zt.rsa.decrypt=function(e,t,r,a){var n=Math.ceil(t.n.bitLength()/8);if(e.length!==n){var i=new Error("Encrypted message length is invalid.");throw i.length=e.length,i.expected=n,i}var s=new jt(qt.util.createBuffer(e).toHex(),16);if(s.compareTo(t.n)>=0)throw new Error("Encrypted message is invalid.");for(var o=er(s,t,r).toString(16),c=qt.util.createBuffer(),u=n-Math.ceil(o.length/2);u>0;)c.putByte(0),--u;return c.putBytes(qt.util.hexToBytes(o)),!1!==a?rr(c.getBytes(),t,r):c.getBytes()},zt.rsa.createKeyPairGenerationState=function(e,t,r){"string"==typeof e&&(e=parseInt(e,10)),e=e\|\|2048;var a,n=(r=r\|\|{}).prng\|\|qt.random,i={nextBytes:function(e){for(var t=n.getBytesSync(e.length),r=0;r<e.length;++r)e[r]=t.charCodeAt(r)}},s=r.algorithm\|\|"PRIMEINC";if("PRIMEINC"!==s)throw new Error("Invalid key generation algorithm: "+s);return(a={algorithm:s,state:0,bits:e,rng:i,eInt:t\|\|65537,e:new jt(null),p:null,q:null,qBits:e>>1,pBits:e-(e>>1),pqState:0,num:null,keys:null}).e.fromInt(a.eInt),a},zt.rsa.stepKeyPairGenerationState=function(e,t){"algorithm"in e\|\|(e.algorithm="PRIMEINC");var r=new jt(null);r.fromInt(30);for(var a,n=0,i=function(e,t){return e\|t},s=+new Date,o=0;null===e.keys&&(t<=0\|\|o<t);){if(0===e.state){var c=null===e.p?e.pBits:e.qBits,u=c-1;0===e.pqState?(e.num=new jt(c,e.rng),e.num.testBit(u)\|\|e.num.bitwiseTo(jt.ONE.shiftLeft(u),i,e.num),e.num.dAddOffset(31-e.num.mod(r).byteValue(),0),n=0,++e.pqState):1===e.pqState?e.num.bitLength()>c?e.pqState=0:e.num.isProbablePrime(nr(e.num.bitLength()))?++e.pqState:e.num.dAddOffset(Wt[n++%8],0):2===e.pqState?e.pqState=0===e.num.subtract(jt.ONE).gcd(e.e).compareTo(jt.ONE)?3:0:3===e.pqState&&(e.pqState=0,null===e.p?e.p=e.num:e.q=e.num,null!==e.p&&null!==e.q&&++e.state,e.num=null)}else if(1===e.state)e.p.compareTo(e.q)<0&&(e.num=e.p,e.p=e.q,e.q=e.num),++e.state;else if(2===e.state)e.p1=e.p.subtract(jt.ONE),e.q1=e.q.subtract(jt.ONE),e.phi=e.p1.multiply(e.q1),++e.state;else if(3===e.state)0===e.phi.gcd(e.e).compareTo(jt.ONE)?++e.state:(e.p=null,e.q=null,e.state=0);else if(4===e.state)e.n=e.p.multiply(e.q),e.n.bitLength()===e.bits?++e.state:(e.q=null,e.state=0);else if(5===e.state){var l=e.e.modInverse(e.phi);e.keys={privateKey:zt.rsa.setPrivateKey(e.n,e.e,l,e.p,e.q,l.mod(e.p1),l.mod(e.q1),e.q.modInverse(e.p)),publicKey:zt.rsa.setPublicKey(e.n,e.e)}}o+=(a=+new Date)-s,s=a}return null!==e.keys},zt.rsa.generateKeyPair=function(e,t,r,a){if(1===arguments.length?"object"==typeof e?(r=e,e=void 0):"function"==typeof e&&(a=e,e=void 0):2===arguments.length?"number"==typeof e?"function"==typeof t?(a=t,t=void 0):"number"!=typeof t&&(r=t,t=void 0):(r=e,a=t,e=void 0,t=void 0):3===arguments.length&&("number"==typeof t?"function"==typeof r&&(a=r,r=void 0):(a=r,r=t,t=void 0)),r=r\|\|{},void 0===e&&(e=r.bits\|\|2048),void 0===t&&(t=r.e\|\|65537),!qt.options.usePureJavaScript&&!r.prng&&e>=256&&e<=16384&&(65537===t\|\|3===t))if(a){if(ir("generateKeyPair"))return Gt.generateKeyPair("rsa",{modulusLength:e,publicExponent:t,publicKeyEncoding:{type:"spki",format:"pem"},privateKeyEncoding:{type:"pkcs8",format:"pem"}},(function(e,t,r){if(e)return a(e);a(null,{privateKey:zt.privateKeyFromPem(r),publicKey:zt.publicKeyFromPem(t)})}));if(sr("generateKey")&&sr("exportKey"))return Qt.globalScope.crypto.subtle.generateKey({name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:cr(t),hash:{name:"SHA-256"}},!0,["sign","verify"]).then((function(e){return Qt.globalScope.crypto.subtle.exportKey("pkcs8",e.privateKey)})).then(void 0,(function(e){a(e)})).then((function(e){if(e){var t=zt.privateKeyFromAsn1(Ht.fromDer(qt.util.createBuffer(e)));a(null,{privateKey:t,publicKey:zt.setRsaPublicKey(t.n,t.e)})}}));if(or("generateKey")&&or("exportKey")){var n=Qt.globalScope.msCrypto.subtle.generateKey({name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:cr(t),hash:{name:"SHA-256"}},!0,["sign","verify"]);return n.oncomplete=function(e){var t=e.target.result,r=Qt.globalScope.msCrypto.subtle.exportKey("pkcs8",t.privateKey);r.oncomplete=function(e){var t=e.target.result,r=zt.privateKeyFromAsn1(Ht.fromDer(qt.util.createBuffer(t)));a(null,{privateKey:r,publicKey:zt.setRsaPublicKey(r.n,r.e)})},r.onerror=function(e){a(e)}},void(n.onerror=function(e){a(e)})}}else if(ir("generateKeyPairSync")){var i=Gt.generateKeyPairSync("rsa",{modulusLength:e,publicExponent:t,publicKeyEncoding:{type:"spki",format:"pem"},privateKeyEncoding:{type:"pkcs8",format:"pem"}});return{privateKey:zt.privateKeyFromPem(i.privateKey),publicKey:zt.publicKeyFromPem(i.publicKey)}}var s=zt.rsa.createKeyPairGenerationState(e,t,r);if(!a)return zt.rsa.stepKeyPairGenerationState(s,0),s.keys;!function(e,t,r){"function"==typeof t&&(r=t,t={});t=t\|\|{};var a={algorithm:{name:t.algorithm\|\|"PRIMEINC",options:{workers:t.workers\|\|2,workLoad:t.workLoad\|\|100,workerScript:t.workerScript}}};"prng"in t&&(a.prng=t.prng);function n(){i(e.pBits,(function(t,a){return t?r(t):(e.p=a,null!==e.q?s(t,e.q):void i(e.qBits,s))}))}function i(e,t){qt.prime.generateProbablePrime(e,a,t)}function s(t,a){if(t)return r(t);if(e.q=a,e.p.compareTo(e.q)<0){var o=e.p;e.p=e.q,e.q=o}if(0!==e.p.subtract(jt.ONE).gcd(e.e).compareTo(jt.ONE))return e.p=null,void n();if(0!==e.q.subtract(jt.ONE).gcd(e.e).compareTo(jt.ONE))return e.q=null,void i(e.qBits,s);if(e.p1=e.p.subtract(jt.ONE),e.q1=e.q.subtract(jt.ONE),e.phi=e.p1.multiply(e.q1),0!==e.phi.gcd(e.e).compareTo(jt.ONE))return e.p=e.q=null,void n();if(e.n=e.p.multiply(e.q),e.n.bitLength()!==e.bits)return e.q=null,void i(e.qBits,s);var c=e.e.modInverse(e.phi);e.keys={privateKey:zt.rsa.setPrivateKey(e.n,e.e,c,e.p,e.q,c.mod(e.p1),c.mod(e.q1),e.q.modInverse(e.p)),publicKey:zt.rsa.setPublicKey(e.n,e.e)},r(null,e.keys)}n()}(s,r,a)},zt.setRsaPublicKey=zt.rsa.setPublicKey=function(e,t){var r={n:e,e:t,encrypt:function(e,t,a){if("string"==typeof t?t=t.toUpperCase():void 0===t&&(t="RSAES-PKCS1-V1_5"),"RSAES-PKCS1-V1_5"===t)t={encode:function(e,t,r){return tr(e,t,2).getBytes()}};else if("RSA-OAEP"===t\|\|"RSAES-OAEP"===t)t={encode:function(e,t){return qt.pkcs1.encode_rsa_oaep(t,e,a)}};else if(-1!==["RAW","NONE","NULL",null].indexOf(t))t={encode:function(e){return e}};else if("string"==typeof t)throw new Error('Unsupported encryption scheme: "'+t+'".');var n=t.encode(e,r,!0);return zt.rsa.encrypt(n,r,!0)},verify:function(e,t,a){"string"==typeof a?a=a.toUpperCase():void 0===a&&(a="RSASSA-PKCS1-V1_5"),"RSASSA-PKCS1-V1_5"===a?a={verify:function(e,t){return t=rr(t,r,!0),e===Ht.fromDer(t).value[1].value}}:"NONE"!==a&&"NULL"!==a&&null!==a\|\|(a={verify:function(e,t){return e===(t=rr(t,r,!0))}});var n=zt.rsa.decrypt(t,r,!0,!1);return a.verify(e,n,r.n.bitLength())}};return r},zt.setRsaPrivateKey=zt.rsa.setPrivateKey=function(e,t,r,a,n,i,s,o){var c={n:e,e:t,d:r,p:a,q:n,dP:i,dQ:s,qInv:o,decrypt:function(e,t,r){"string"==typeof t?t=t.toUpperCase():void 0===t&&(t="RSAES-PKCS1-V1_5");var a=zt.rsa.decrypt(e,c,!1,!1);if("RSAES-PKCS1-V1_5"===t)t={decode:rr};else if("RSA-OAEP"===t\|\|"RSAES-OAEP"===t)t={decode:function(e,t){return qt.pkcs1.decode_rsa_oaep(t,e,r)}};else{if(-1===["RAW","NONE","NULL",null].indexOf(t))throw new Error('Unsupported encryption scheme: "'+t+'".');t={decode:function(e){return e}}}return t.decode(a,c,!1)},sign:function(e,t){var r=!1;"string"==typeof t&&(t=t.toUpperCase()),void 0===t\|\|"RSASSA-PKCS1-V1_5"===t?(t={encode:Jt},r=1):"NONE"!==t&&"NULL"!==t&&null!==t\|\|(t={encode:function(){return e}},r=1);var a=t.encode(e,c.n.bitLength());return zt.rsa.encrypt(a,c,r)}};return c},zt.wrapRsaPrivateKey=function(e){return Ht.create(Ht.Class.UNIVERSAL,Ht.Type.SEQUENCE,!0,[Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,Ht.integerToDer(0).getBytes()),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.SEQUENCE,!0,[Ht.create(Ht.Class.UNIVERSAL,Ht.Type.OID,!1,Ht.oidToDer(zt.oids.rsaEncryption).getBytes()),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.NULL,!1,"")]),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.OCTETSTRING,!1,Ht.toDer(e).getBytes())])},zt.privateKeyFromAsn1=function(e){var t,r,a,n,i,s,o,c,u={},l=[];if(Ht.validate(e,Yt,u,l)&&(e=Ht.fromDer(qt.util.createBuffer(u.privateKey))),u={},l=[],!Ht.validate(e,Xt,u,l)){var p=new Error("Cannot read private key. ASN.1 object does not contain an RSAPrivateKey.");throw p.errors=l,p}return t=qt.util.createBuffer(u.privateKeyModulus).toHex(),r=qt.util.createBuffer(u.privateKeyPublicExponent).toHex(),a=qt.util.createBuffer(u.privateKeyPrivateExponent).toHex(),n=qt.util.createBuffer(u.privateKeyPrime1).toHex(),i=qt.util.createBuffer(u.privateKeyPrime2).toHex(),s=qt.util.createBuffer(u.privateKeyExponent1).toHex(),o=qt.util.createBuffer(u.privateKeyExponent2).toHex(),c=qt.util.createBuffer(u.privateKeyCoefficient).toHex(),zt.setRsaPrivateKey(new jt(t,16),new jt(r,16),new jt(a,16),new jt(n,16),new jt(i,16),new jt(s,16),new jt(o,16),new jt(c,16))},zt.privateKeyToAsn1=zt.privateKeyToRSAPrivateKey=function(e){return Ht.create(Ht.Class.UNIVERSAL,Ht.Type.SEQUENCE,!0,[Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,Ht.integerToDer(0).getBytes()),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.n)),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.e)),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.d)),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.p)),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.q)),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.dP)),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.dQ)),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.qInv))])},zt.publicKeyFromAsn1=function(e){var t={},r=[];if(Ht.validate(e,$t,t,r)){var a,n=Ht.derToOid(t.publicKeyOid);if(n!==zt.oids.rsaEncryption)throw(a=new Error("Cannot read public key. Unknown OID.")).oid=n,a;e=t.rsaPublicKey}if(r=[],!Ht.validate(e,Zt,t,r))throw(a=new Error("Cannot read public key. ASN.1 object does not contain an RSAPublicKey.")).errors=r,a;var i=qt.util.createBuffer(t.publicKeyModulus).toHex(),s=qt.util.createBuffer(t.publicKeyExponent).toHex();return zt.setRsaPublicKey(new jt(i,16),new jt(s,16))},zt.publicKeyToAsn1=zt.publicKeyToSubjectPublicKeyInfo=function(e){return Ht.create(Ht.Class.UNIVERSAL,Ht.Type.SEQUENCE,!0,[Ht.create(Ht.Class.UNIVERSAL,Ht.Type.SEQUENCE,!0,[Ht.create(Ht.Class.UNIVERSAL,Ht.Type.OID,!1,Ht.oidToDer(zt.oids.rsaEncryption).getBytes()),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.NULL,!1,"")]),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.BITSTRING,!1,[zt.publicKeyToRSAPublicKey(e)])])},zt.publicKeyToRSAPublicKey=function(e){return Ht.create(Ht.Class.UNIVERSAL,Ht.Type.SEQUENCE,!0,[Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.n)),Ht.create(Ht.Class.UNIVERSAL,Ht.Type.INTEGER,!1,ar(e.e))])};var ur=S;if(void 0===lr)var lr=ur.jsbn.BigInteger;var pr=ur.asn1,hr=ur.pki=ur.pki\|\|{};hr.pbe=ur.pbe=ur.pbe\|\|{};var fr=hr.oids,dr={name:"EncryptedPrivateKeyInfo",tagClass:pr.Class.UNIVERSAL,type:pr.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedPrivateKeyInfo.encryptionAlgorithm",tagClass:pr.Class.UNIVERSAL,type:pr.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:pr.Class.UNIVERSAL,type:pr.Type.OID,constructed:!1,capture:"encryptionOid"},{name:"AlgorithmIdentifier.parameters",tagClass:pr.Class.UNIVERSAL,type:pr.Type.SEQUENCE,constructed:!0,captureAsn1:"encryptionParams"}]},{name:"EncryptedPrivateKeyInfo.encryptedData",tagClass:pr.Class.UNIVERSAL,type:pr.Type.OCTETSTRING,constructed:!1,capture:"encryptedData"}]},yr={name:"PBES2Algorithms",tagClass:pr.Class.UNIVERSAL,type:pr.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.keyDerivationFunc",tagClass:pr.Class.UNIVERSAL,type:pr.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.keyDerivationFunc.oid",tagClass:pr.Class.UNIVERSAL,type:pr.Type.OID,constructed:!1,capture:"kdfOid"},{name:"PBES2Algorithms.params",tagClass:pr.Class.UNIVERSAL,type:pr.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.params.salt",tagClass:pr.Class.UNIVERSAL,type:pr.Type.OCTETSTRING,constructed:!1,capture:"kdfSalt"},{name:"PBES2Algorithms.params.iterationCount",tagClass:pr.Class.UNIVERSAL,type:pr.Type.INTEGER,constructed:!1,capture:"kdfIterationCount"},{name:"PBES2Algorithms.params.keyLength",tagClass:pr.Class.UNIVERSAL,type:pr.Type.INTEGER,constructed:!1,optional:!0,capture:"keyLength"},{name:"PBES2Algorithms.params.prf",tagClass:pr.Class.UNIVERSAL,type:pr.Type.SEQUENCE,constructed:!0,optional:!0,value:[{name:"PBES2Algorithms.params.prf.algorithm",tagClass:pr.Class.UNIVERSAL,type:pr.Type.OID,constructed:!1,capture:"prfOid"}]}]}]},{name:"PBES2Algorithms.encryptionScheme",tagClass:pr.Class.UNIVERSAL,type:pr.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.encryptionScheme.oid",tagClass:pr.Class.UNIVERSAL,type:pr.Type.OID,constructed:!1,capture:"encOid"},{name:"PBES2Algorithms.encryptionScheme.iv",tagClass:pr.Class.UNIVERSAL,type:pr.Type.OCTETSTRING,constructed:!1,capture:"encIv"}]}]},gr={name:"pkcs-12PbeParams",tagClass:pr.Class.UNIVERSAL,type:pr.Type.SEQUENCE,constructed:!0,value:[{name:"pkcs-12PbeParams.salt",tagClass:pr.Class.UNIVERSAL,type:pr.Type.OCTETSTRING,constructed:!1,capture:"salt"},{name:"pkcs-12PbeParams.iterations",tagClass:pr.Class.UNIVERSAL,type:pr.Type.INTEGER,constructed:!1,capture:"iterations"}]};function mr(e,t){return e.start().update(t).digest().getBytes()}function vr(e){var t;if(e){if(!(t=hr.oids[pr.derToOid(e)])){var r=new Error("Unsupported PRF OID.");throw r.oid=e,r.supported=["hmacWithSHA1","hmacWithSHA224","hmacWithSHA256","hmacWithSHA384","hmacWithSHA512"],r}}else t="hmacWithSHA1";return Cr(t)}function Cr(e){var t=ur.md;switch(e){case"hmacWithSHA224":t=ur.md.sha512;case"hmacWithSHA1":case"hmacWithSHA256":case"hmacWithSHA384":case"hmacWithSHA512":e=e.substr(8).toLowerCase();break;default:var r=new Error("Unsupported PRF algorithm.");throw r.algorithm=e,r.supported=["hmacWithSHA1","hmacWithSHA224","hmacWithSHA256","hmacWithSHA384","hmacWithSHA512"],r}if(!t\|\|!(e in t))throw new Error("Unknown hash algorithm: "+e);return t[e].create()}hr.encryptPrivateKeyInfo=function(e,t,r){(r=r\|\|{}).saltSize=r.saltSize\|\|8,r.count=r.count\|\|2048,r.algorithm=r.algorithm\|\|"aes128",r.prfAlgorithm=r.prfAlgorithm\|\|"sha1";var a,n,i,s=ur.random.getBytesSync(r.saltSize),o=r.count,c=pr.integerToDer(o);if(0===r.algorithm.indexOf("aes")\|\|"des"===r.algorithm){var u,l,p;switch(r.algorithm){case"aes128":a=16,u=16,l=fr["aes128-CBC"],p=ur.aes.createEncryptionCipher;break;case"aes192":a=24,u=16,l=fr["aes192-CBC"],p=ur.aes.createEncryptionCipher;break;case"aes256":a=32,u=16,l=fr["aes256-CBC"],p=ur.aes.createEncryptionCipher;break;case"des":a=8,u=8,l=fr.desCBC,p=ur.des.createEncryptionCipher;break;default:throw(m=new Error("Cannot encrypt private key. Unknown encryption algorithm.")).algorithm=r.algorithm,m}var h="hmacWith"+r.prfAlgorithm.toUpperCase(),f=Cr(h),d=ur.pkcs5.pbkdf2(t,s,o,a,f),y=ur.random.getBytesSync(u);(v=p(d)).start(y),v.update(pr.toDer(e)),v.finish(),i=v.output.getBytes();var g=function(e,t,r,a){var n=pr.create(pr.Class.UNIVERSAL,pr.Type.SEQUENCE,!0,[pr.create(pr.Class.UNIVERSAL,pr.Type.OCTETSTRING,!1,e),pr.create(pr.Class.UNIVERSAL,pr.Type.INTEGER,!1,t.getBytes())]);"hmacWithSHA1"!==a&&n.value.push(pr.create(pr.Class.UNIVERSAL,pr.Type.INTEGER,!1,ur.util.hexToBytes(r.toString(16))),pr.create(pr.Class.UNIVERSAL,pr.Type.SEQUENCE,!0,[pr.create(pr.Class.UNIVERSAL,pr.Type.OID,!1,pr.oidToDer(hr.oids[a]).getBytes()),pr.create(pr.Class.UNIVERSAL,pr.Type.NULL,!1,"")]));return n}(s,c,a,h);n=pr.create(pr.Class.UNIVERSAL,pr.Type.SEQUENCE,!0,[pr.create(pr.Class.UNIVERSAL,pr.Type.OID,!1,pr.oidToDer(fr.pkcs5PBES2).getBytes()),pr.create(pr.Class.UNIVERSAL,pr.Type.SEQUENCE,!0,[pr.create(pr.Class.UNIVERSAL,pr.Type.SEQUENCE,!0,[pr.create(pr.Class.UNIVERSAL,pr.Type.OID,!1,pr.oidToDer(fr.pkcs5PBKDF2).getBytes()),g]),pr.create(pr.Class.UNIVERSAL,pr.Type.SEQUENCE,!0,[pr.create(pr.Class.UNIVERSAL,pr.Type.OID,!1,pr.oidToDer(l).getBytes()),pr.create(pr.Class.UNIVERSAL,pr.Type.OCTETSTRING,!1,y)])])])}else{var m;if("3des"!==r.algorithm)throw(m=new Error("Cannot encrypt private key. Unknown encryption algorithm.")).algorithm=r.algorithm,m;a=24;var v,C=new ur.util.ByteBuffer(s);d=hr.pbe.generatePkcs12Key(t,C,1,o,a),y=hr.pbe.generatePkcs12Key(t,C,2,o,a);(v=ur.des.createEncryptionCipher(d)).start(y),v.update(pr.toDer(e)),v.finish(),i=v.output.getBytes(),n=pr.create(pr.Class.UNIVERSAL,pr.Type.SEQUENCE,!0,[pr.create(pr.Class.UNIVERSAL,pr.Type.OID,!1,pr.oidToDer(fr["pbeWithSHAAnd3-KeyTripleDES-CBC"]).getBytes()),pr.create(pr.Class.UNIVERSAL,pr.Type.SEQUENCE,!0,[pr.create(pr.Class.UNIVERSAL,pr.Type.OCTETSTRING,!1,s),pr.create(pr.Class.UNIVERSAL,pr.Type.INTEGER,!1,c.getBytes())])])}return pr.create(pr.Class.UNIVERSAL,pr.Type.SEQUENCE,!0,[n,pr.create(pr.Class.UNIVERSAL,pr.Type.OCTETSTRING,!1,i)])},hr.decryptPrivateKeyInfo=function(e,t){var r=null,a={},n=[];if(!pr.validate(e,dr,a,n)){var i=new Error("Cannot read encrypted private key. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw i.errors=n,i}var s=pr.derToOid(a.encryptionOid),o=hr.pbe.getCipher(s,a.encryptionParams,t),c=ur.util.createBuffer(a.encryptedData);return o.update(c),o.finish()&&(r=pr.fromDer(o.output)),r},hr.encryptedPrivateKeyToPem=function(e,t){var r={type:"ENCRYPTED PRIVATE KEY",body:pr.toDer(e).getBytes()};return ur.pem.encode(r,{maxline:t})},hr.encryptedPrivateKeyFromPem=function(e){var t=ur.pem.decode(e)[0];if("ENCRYPTED PRIVATE KEY"!==t.type){var r=new Error('Could not convert encrypted private key from PEM; PEM header type is "ENCRYPTED PRIVATE KEY".');throw r.headerType=t.type,r}if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert encrypted private key from PEM; PEM is encrypted.");return pr.fromDer(t.body)},hr.encryptRsaPrivateKey=function(e,t,r){if(!(r=r\|\|{}).legacy){var a=hr.wrapRsaPrivateKey(hr.privateKeyToAsn1(e));return a=hr.encryptPrivateKeyInfo(a,t,r),hr.encryptedPrivateKeyToPem(a)}var n,i,s,o;switch(r.algorithm){case"aes128":n="AES-128-CBC",s=16,i=ur.random.getBytesSync(16),o=ur.aes.createEncryptionCipher;break;case"aes192":n="AES-192-CBC",s=24,i=ur.random.getBytesSync(16),o=ur.aes.createEncryptionCipher;break;case"aes256":n="AES-256-CBC",s=32,i=ur.random.getBytesSync(16),o=ur.aes.createEncryptionCipher;break;case"3des":n="DES-EDE3-CBC",s=24,i=ur.random.getBytesSync(8),o=ur.des.createEncryptionCipher;break;case"des":n="DES-CBC",s=8,i=ur.random.getBytesSync(8),o=ur.des.createEncryptionCipher;break;default:var c=new Error('Could not encrypt RSA private key; unsupported encryption algorithm "'+r.algorithm+'".');throw c.algorithm=r.algorithm,c}var u=o(ur.pbe.opensslDeriveBytes(t,i.substr(0,8),s));u.start(i),u.update(pr.toDer(hr.privateKeyToAsn1(e))),u.finish();var l={type:"RSA PRIVATE KEY",procType:{version:"4",type:"ENCRYPTED"},dekInfo:{algorithm:n,parameters:ur.util.bytesToHex(i).toUpperCase()},body:u.output.getBytes()};return ur.pem.encode(l)},hr.decryptRsaPrivateKey=function(e,t){var r=null,a=ur.pem.decode(e)[0];if("ENCRYPTED PRIVATE KEY"!==a.type&&"PRIVATE KEY"!==a.type&&"RSA PRIVATE KEY"!==a.type)throw(s=new Error('Could not convert private key from PEM; PEM header type is not "ENCRYPTED PRIVATE KEY", "PRIVATE KEY", or "RSA PRIVATE KEY".')).headerType=s,s;if(a.procType&&"ENCRYPTED"===a.procType.type){var n,i;switch(a.dekInfo.algorithm){case"DES-CBC":n=8,i=ur.des.createDecryptionCipher;break;case"DES-EDE3-CBC":n=24,i=ur.des.createDecryptionCipher;break;case"AES-128-CBC":n=16,i=ur.aes.createDecryptionCipher;break;case"AES-192-CBC":n=24,i=ur.aes.createDecryptionCipher;break;case"AES-256-CBC":n=32,i=ur.aes.createDecryptionCipher;break;case"RC2-40-CBC":n=5,i=function(e){return ur.rc2.createDecryptionCipher(e,40)};break;case"RC2-64-CBC":n=8,i=function(e){return ur.rc2.createDecryptionCipher(e,64)};break;case"RC2-128-CBC":n=16,i=function(e){return ur.rc2.createDecryptionCipher(e,128)};break;default:var s;throw(s=new Error('Could not decrypt private key; unsupported encryption algorithm "'+a.dekInfo.algorithm+'".')).algorithm=a.dekInfo.algorithm,s}var o=ur.util.hexToBytes(a.dekInfo.parameters),c=i(ur.pbe.opensslDeriveBytes(t,o.substr(0,8),n));if(c.start(o),c.update(ur.util.createBuffer(a.body)),!c.finish())return r;r=c.output.getBytes()}else r=a.body;return null!==(r="ENCRYPTED PRIVATE KEY"===a.type?hr.decryptPrivateKeyInfo(pr.fromDer(r),t):pr.fromDer(r))&&(r=hr.privateKeyFromAsn1(r)),r},hr.pbe.generatePkcs12Key=function(e,t,r,a,n,i){var s,o;if(null==i){if(!("sha1"in ur.md))throw new Error('"sha1" hash algorithm unavailable.');i=ur.md.sha1.create()}var c=i.digestLength,u=i.blockLength,l=new ur.util.ByteBuffer,p=new ur.util.ByteBuffer;if(null!=e){for(o=0;o<e.length;o++)p.putInt16(e.charCodeAt(o));p.putInt16(0)}var h=p.length(),f=t.length(),d=new ur.util.ByteBuffer;d.fillWithByte(r,u);var y=uMath.ceil(f/u),g=new ur.util.ByteBuffer;for(o=0;o<y;o++)g.putByte(t.at(o%f));var m=uMath.ceil(h/u),v=new ur.util.ByteBuffer;for(o=0;o<m;o++)v.putByte(p.at(o%h));var C=g;C.putBuffer(v);for(var E=Math.ceil(n/c),S=1;S<=E;S++){var T=new ur.util.ByteBuffer;T.putBytes(d.bytes()),T.putBytes(C.bytes());for(var I=0;I<a;I++)i.start(),i.update(T.getBytes()),T=i.digest();var A=new ur.util.ByteBuffer;for(o=0;o<u;o++)A.putByte(T.at(o%c));var b=Math.ceil(f/u)+Math.ceil(h/u),B=new ur.util.ByteBuffer;for(s=0;s<b;s++){var N=new ur.util.ByteBuffer(C.getBytes(u)),w=511;for(o=A.length()-1;o>=0;o--)w>>=8,w+=A.at(o)+N.at(o),N.setAt(o,255&w);B.putBuffer(N)}C=B,l.putBuffer(T)}return l.truncate(l.length()-n),l},hr.pbe.getCipher=function(e,t,r){switch(e){case hr.oids.pkcs5PBES2:return hr.pbe.getCipherForPBES2(e,t,r);case hr.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:case hr.oids["pbewithSHAAnd40BitRC2-CBC"]:return hr.pbe.getCipherForPKCS12PBE(e,t,r);default:var a=new Error("Cannot read encrypted PBE data block. Unsupported OID.");throw a.oid=e,a.supportedOids=["pkcs5PBES2","pbeWithSHAAnd3-KeyTripleDES-CBC","pbewithSHAAnd40BitRC2-CBC"],a}},hr.pbe.getCipherForPBES2=function(e,t,r){var a,n={},i=[];if(!pr.validate(t,yr,n,i))throw(a=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.")).errors=i,a;if((e=pr.derToOid(n.kdfOid))!==hr.oids.pkcs5PBKDF2)throw(a=new Error("Cannot read encrypted private key. Unsupported key derivation function OID.")).oid=e,a.supportedOids=["pkcs5PBKDF2"],a;if((e=pr.derToOid(n.encOid))!==hr.oids["aes128-CBC"]&&e!==hr.oids["aes192-CBC"]&&e!==hr.oids["aes256-CBC"]&&e!==hr.oids["des-EDE3-CBC"]&&e!==hr.oids.desCBC)throw(a=new Error("Cannot read encrypted private key. Unsupported encryption scheme OID.")).oid=e,a.supportedOids=["aes128-CBC","aes192-CBC","aes256-CBC","des-EDE3-CBC","desCBC"],a;var s,o,c=n.kdfSalt,u=ur.util.createBuffer(n.kdfIterationCount);switch(u=u.getInt(u.length()<<3),hr.oids[e]){case"aes128-CBC":s=16,o=ur.aes.createDecryptionCipher;break;case"aes192-CBC":s=24,o=ur.aes.createDecryptionCipher;break;case"aes256-CBC":s=32,o=ur.aes.createDecryptionCipher;break;case"des-EDE3-CBC":s=24,o=ur.des.createDecryptionCipher;break;case"desCBC":s=8,o=ur.des.createDecryptionCipher}var l=vr(n.prfOid),p=ur.pkcs5.pbkdf2(r,c,u,s,l),h=n.encIv,f=o(p);return f.start(h),f},hr.pbe.getCipherForPKCS12PBE=function(e,t,r){var a={},n=[];if(!pr.validate(t,gr,a,n))throw(l=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.")).errors=n,l;var i,s,o,c=ur.util.createBuffer(a.salt),u=ur.util.createBuffer(a.iterations);switch(u=u.getInt(u.length()<<3),e){case hr.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:i=24,s=8,o=ur.des.startDecrypting;break;case hr.oids["pbewithSHAAnd40BitRC2-CBC"]:i=5,s=8,o=function(e,t){var r=ur.rc2.createDecryptionCipher(e,40);return r.start(t,null),r};break;default:var l;throw(l=new Error("Cannot read PKCS #12 PBE data block. Unsupported OID.")).oid=e,l}var p=vr(a.prfOid),h=hr.pbe.generatePkcs12Key(r,c,1,u,i,p);return p.start(),o(h,hr.pbe.generatePkcs12Key(r,c,2,u,s,p))},hr.pbe.opensslDeriveBytes=function(e,t,r,a){if(null==a){if(!("md5"in ur.md))throw new Error('"md5" hash algorithm unavailable.');a=ur.md.md5.create()}null===t&&(t="");for(var n=[mr(a,e+t)],i=16,s=1;i<r;++s,i+=16)n.push(mr(a,n[s-1]+e+t));return n.join("").substr(0,r)};var Er=S,Sr=Er.asn1,Tr=Er.pkcs7asn1=Er.pkcs7asn1\|\|{};Er.pkcs7=Er.pkcs7\|\|{},Er.pkcs7.asn1=Tr;var Ir={name:"ContentInfo",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"ContentInfo.ContentType",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.OID,constructed:!1,capture:"contentType"},{name:"ContentInfo.content",tagClass:Sr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,captureAsn1:"content"}]};Tr.contentInfoValidator=Ir;var Ar={name:"EncryptedContentInfo",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedContentInfo.contentType",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.OID,constructed:!1,capture:"contentType"},{name:"EncryptedContentInfo.contentEncryptionAlgorithm",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedContentInfo.contentEncryptionAlgorithm.algorithm",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.OID,constructed:!1,capture:"encAlgorithm"},{name:"EncryptedContentInfo.contentEncryptionAlgorithm.parameter",tagClass:Sr.Class.UNIVERSAL,captureAsn1:"encParameter"}]},{name:"EncryptedContentInfo.encryptedContent",tagClass:Sr.Class.CONTEXT_SPECIFIC,type:0,capture:"encryptedContent",captureAsn1:"encryptedContentAsn1"}]};Tr.envelopedDataValidator={name:"EnvelopedData",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"EnvelopedData.Version",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.INTEGER,constructed:!1,capture:"version"},{name:"EnvelopedData.RecipientInfos",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SET,constructed:!0,captureAsn1:"recipientInfos"}].concat(Ar)},Tr.encryptedDataValidator={name:"EncryptedData",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedData.Version",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.INTEGER,constructed:!1,capture:"version"}].concat(Ar)};var br={name:"SignerInfo",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.version",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.INTEGER,constructed:!1},{name:"SignerInfo.issuerAndSerialNumber",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.issuerAndSerialNumber.issuer",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,captureAsn1:"issuer"},{name:"SignerInfo.issuerAndSerialNumber.serialNumber",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.INTEGER,constructed:!1,capture:"serial"}]},{name:"SignerInfo.digestAlgorithm",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.digestAlgorithm.algorithm",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.OID,constructed:!1,capture:"digestAlgorithm"},{name:"SignerInfo.digestAlgorithm.parameter",tagClass:Sr.Class.UNIVERSAL,constructed:!1,captureAsn1:"digestParameter",optional:!0}]},{name:"SignerInfo.authenticatedAttributes",tagClass:Sr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,capture:"authenticatedAttributes"},{name:"SignerInfo.digestEncryptionAlgorithm",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,capture:"signatureAlgorithm"},{name:"SignerInfo.encryptedDigest",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.OCTETSTRING,constructed:!1,capture:"signature"},{name:"SignerInfo.unauthenticatedAttributes",tagClass:Sr.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,optional:!0,capture:"unauthenticatedAttributes"}]};Tr.signedDataValidator={name:"SignedData",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"SignedData.Version",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.INTEGER,constructed:!1,capture:"version"},{name:"SignedData.DigestAlgorithms",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SET,constructed:!0,captureAsn1:"digestAlgorithms"},Ir,{name:"SignedData.Certificates",tagClass:Sr.Class.CONTEXT_SPECIFIC,type:0,optional:!0,captureAsn1:"certificates"},{name:"SignedData.CertificateRevocationLists",tagClass:Sr.Class.CONTEXT_SPECIFIC,type:1,optional:!0,captureAsn1:"crls"},{name:"SignedData.SignerInfos",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SET,capture:"signerInfos",optional:!0,value:[br]}]},Tr.recipientInfoValidator={name:"RecipientInfo",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.version",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.INTEGER,constructed:!1,capture:"version"},{name:"RecipientInfo.issuerAndSerial",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.issuerAndSerial.issuer",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,captureAsn1:"issuer"},{name:"RecipientInfo.issuerAndSerial.serialNumber",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.INTEGER,constructed:!1,capture:"serial"}]},{name:"RecipientInfo.keyEncryptionAlgorithm",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.keyEncryptionAlgorithm.algorithm",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.OID,constructed:!1,capture:"encAlgorithm"},{name:"RecipientInfo.keyEncryptionAlgorithm.parameter",tagClass:Sr.Class.UNIVERSAL,constructed:!1,captureAsn1:"encParameter"}]},{name:"RecipientInfo.encryptedKey",tagClass:Sr.Class.UNIVERSAL,type:Sr.Type.OCTETSTRING,constructed:!1,capture:"encKey"}]};var Br=S;Br.mgf=Br.mgf\|\|{},(Br.mgf.mgf1=Br.mgf1=Br.mgf1\|\|{}).create=function(e){var t={generate:function(t,r){for(var a=new Br.util.ByteBuffer,n=Math.ceil(r/e.digestLength),i=0;i<n;i++){var s=new Br.util.ByteBuffer;s.putInt32(i),e.start(),e.update(t+s.getBytes()),a.putBuffer(e.digest())}return a.truncate(a.length()-r),a.getBytes()}};return t};var Nr=S;Nr.mgf=Nr.mgf\|\|{},Nr.mgf.mgf1=Nr.mgf1;var wr=S;(wr.pss=wr.pss\|\|{}).create=function(e){3===arguments.length&&(e={md:arguments[0],mgf:arguments[1],saltLength:arguments[2]});var t,r=e.md,a=e.mgf,n=r.digestLength,i=e.salt\|\|null;if("string"==typeof i&&(i=wr.util.createBuffer(i)),"saltLength"in e)t=e.saltLength;else{if(null===i)throw new Error("Salt length not specified or specific salt not given.");t=i.length()}if(null!==i&&i.length()!==t)throw new Error("Given salt length does not match length of given salt.");var s=e.prng\|\|wr.random,o={encode:function(e,o){var c,u,l=o-1,p=Math.ceil(l/8),h=e.digest().getBytes();if(p<n+t+2)throw new Error("Message is too long to encrypt.");u=null===i?s.getBytesSync(t):i.bytes();var f=new wr.util.ByteBuffer;f.fillWithByte(0,8),f.putBytes(h),f.putBytes(u),r.start(),r.update(f.getBytes());var d=r.digest().getBytes(),y=new wr.util.ByteBuffer;y.fillWithByte(0,p-t-n-2),y.putByte(1),y.putBytes(u);var g=y.getBytes(),m=p-n-1,v=a.generate(d,m),C="";for(c=0;c<m;c++)C+=String.fromCharCode(g.charCodeAt(c)^v.charCodeAt(c));var E=65280>>8p-l&255;return(C=String.fromCharCode(C.charCodeAt(0)&~E)+C.substr(1))+d+String.fromCharCode(188)},verify:function(e,i,s){var o,c=s-1,u=Math.ceil(c/8);if(i=i.substr(-u),u<n+t+2)throw new Error("Inconsistent parameters to PSS signature verification.");if(188!==i.charCodeAt(u-1))throw new Error("Encoded message does not end in 0xBC.");var l=u-n-1,p=i.substr(0,l),h=i.substr(l,n),f=65280>>8u-c&255;if(0!=(p.charCodeAt(0)&f))throw new Error("Bits beyond keysize not zero as expected.");var d=a.generate(h,l),y="";for(o=0;o<l;o++)y+=String.fromCharCode(p.charCodeAt(o)^d.charCodeAt(o));y=String.fromCharCode(y.charCodeAt(0)&~f)+y.substr(1);var g=u-n-t-2;for(o=0;o<g;o++)if(0!==y.charCodeAt(o))throw new Error("Leftmost octets not zero as expected");if(1!==y.charCodeAt(g))throw new Error("Inconsistent PSS signature, 0x01 marker not found");var m=y.substr(-t),v=new wr.util.ByteBuffer;return v.fillWithByte(0,8),v.putBytes(e),v.putBytes(m),r.start(),r.update(v.getBytes()),h===r.digest().getBytes()}};return o};var kr=S,Rr=kr.asn1,_r=kr.pki=kr.pki\|\|{},Lr=_r.oids,Ur={};Ur.CN=Lr.commonName,Ur.commonName="CN",Ur.C=Lr.countryName,Ur.countryName="C",Ur.L=Lr.localityName,Ur.localityName="L",Ur.ST=Lr.stateOrProvinceName,Ur.stateOrProvinceName="ST",Ur.O=Lr.organizationName,Ur.organizationName="O",Ur.OU=Lr.organizationalUnitName,Ur.organizationalUnitName="OU",Ur.E=Lr.emailAddress,Ur.emailAddress="E";var Dr=kr.pki.rsa.publicKeyValidator,Pr={name:"Certificate",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,captureAsn1:"tbsCertificate",value:[{name:"Certificate.TBSCertificate.version",tagClass:Rr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.version.integer",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.INTEGER,constructed:!1,capture:"certVersion"}]},{name:"Certificate.TBSCertificate.serialNumber",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.INTEGER,constructed:!1,capture:"certSerialNumber"},{name:"Certificate.TBSCertificate.signature",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate.signature.algorithm",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.OID,constructed:!1,capture:"certinfoSignatureOid"},{name:"Certificate.TBSCertificate.signature.parameters",tagClass:Rr.Class.UNIVERSAL,optional:!0,captureAsn1:"certinfoSignatureParams"}]},{name:"Certificate.TBSCertificate.issuer",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,captureAsn1:"certIssuer"},{name:"Certificate.TBSCertificate.validity",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate.validity.notBefore (utc)",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.UTCTIME,constructed:!1,optional:!0,capture:"certValidity1UTCTime"},{name:"Certificate.TBSCertificate.validity.notBefore (generalized)",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.GENERALIZEDTIME,constructed:!1,optional:!0,capture:"certValidity2GeneralizedTime"},{name:"Certificate.TBSCertificate.validity.notAfter (utc)",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.UTCTIME,constructed:!1,optional:!0,capture:"certValidity3UTCTime"},{name:"Certificate.TBSCertificate.validity.notAfter (generalized)",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.GENERALIZEDTIME,constructed:!1,optional:!0,capture:"certValidity4GeneralizedTime"}]},{name:"Certificate.TBSCertificate.subject",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,captureAsn1:"certSubject"},Dr,{name:"Certificate.TBSCertificate.issuerUniqueID",tagClass:Rr.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.issuerUniqueID.id",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.BITSTRING,constructed:!1,captureBitStringValue:"certIssuerUniqueId"}]},{name:"Certificate.TBSCertificate.subjectUniqueID",tagClass:Rr.Class.CONTEXT_SPECIFIC,type:2,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.subjectUniqueID.id",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.BITSTRING,constructed:!1,captureBitStringValue:"certSubjectUniqueId"}]},{name:"Certificate.TBSCertificate.extensions",tagClass:Rr.Class.CONTEXT_SPECIFIC,type:3,constructed:!0,captureAsn1:"certExtensions",optional:!0}]},{name:"Certificate.signatureAlgorithm",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.signatureAlgorithm.algorithm",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.OID,constructed:!1,capture:"certSignatureOid"},{name:"Certificate.TBSCertificate.signature.parameters",tagClass:Rr.Class.UNIVERSAL,optional:!0,captureAsn1:"certSignatureParams"}]},{name:"Certificate.signatureValue",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.BITSTRING,constructed:!1,captureBitStringValue:"certSignature"}]},Vr={name:"rsapss",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,value:[{name:"rsapss.hashAlgorithm",tagClass:Rr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,value:[{name:"rsapss.hashAlgorithm.AlgorithmIdentifier",tagClass:Rr.Class.UNIVERSAL,type:Rr.Class.SEQUENCE,constructed:!0,optional:!0,value:[{name:"rsapss.hashAlgorithm.AlgorithmIdentifier.algorithm",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.OID,constructed:!1,capture:"hashOid"}]}]},{name:"rsapss.maskGenAlgorithm",tagClass:Rr.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier",tagClass:Rr.Class.UNIVERSAL,type:Rr.Class.SEQUENCE,constructed:!0,optional:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.algorithm",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.OID,constructed:!1,capture:"maskGenOid"},{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.params",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.params.algorithm",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.OID,constructed:!1,capture:"maskGenHashOid"}]}]}]},{name:"rsapss.saltLength",tagClass:Rr.Class.CONTEXT_SPECIFIC,type:2,optional:!0,value:[{name:"rsapss.saltLength.saltLength",tagClass:Rr.Class.UNIVERSAL,type:Rr.Class.INTEGER,constructed:!1,capture:"saltLength"}]},{name:"rsapss.trailerField",tagClass:Rr.Class.CONTEXT_SPECIFIC,type:3,optional:!0,value:[{name:"rsapss.trailer.trailer",tagClass:Rr.Class.UNIVERSAL,type:Rr.Class.INTEGER,constructed:!1,capture:"trailer"}]}]},Or={name:"CertificationRequestInfo",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,captureAsn1:"certificationRequestInfo",value:[{name:"CertificationRequestInfo.integer",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.INTEGER,constructed:!1,capture:"certificationRequestInfoVersion"},{name:"CertificationRequestInfo.subject",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,captureAsn1:"certificationRequestInfoSubject"},Dr,{name:"CertificationRequestInfo.attributes",tagClass:Rr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,capture:"certificationRequestInfoAttributes",value:[{name:"CertificationRequestInfo.attributes",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,value:[{name:"CertificationRequestInfo.attributes.type",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.OID,constructed:!1},{name:"CertificationRequestInfo.attributes.value",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SET,constructed:!0}]}]}]},Kr={name:"CertificationRequest",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,captureAsn1:"csr",value:[Or,{name:"CertificationRequest.signatureAlgorithm",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.SEQUENCE,constructed:!0,value:[{name:"CertificationRequest.signatureAlgorithm.algorithm",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.OID,constructed:!1,capture:"csrSignatureOid"},{name:"CertificationRequest.signatureAlgorithm.parameters",tagClass:Rr.Class.UNIVERSAL,optional:!0,captureAsn1:"csrSignatureParams"}]},{name:"CertificationRequest.signature",tagClass:Rr.Class.UNIVERSAL,type:Rr.Type.BITSTRING,constructed:!1,captureBitStringValue:"csrSignature"}]};function xr(e,t){"string"==typeof t&&(t={shortName:t});for(var r,a=null,n=0;null===a&&n<e.attributes.length;++n)r=e.attributes[n],(t.type&&t.type===r.type\|\|t.name&&t.name===r.name\|\|t.shortName&&t.shortName===r.shortName)&&(a=r);return a}_r.RDNAttributesAsArray=function(e,t){for(var r,a,n,i=[],s=0;s<e.value.length;++s){r=e.value[s];for(var o=0;o<r.value.length;++o)n={},a=r.value[o],n.type=Rr.derToOid(a.value[0].value),n.value=a.value[1].value,n.valueTagClass=a.value[1].type,n.type in Lr&&(n.name=Lr[n.type],n.name in Ur&&(n.shortName=Ur[n.name])),t&&(t.update(n.type),t.update(n.value)),i.push(n)}return i},_r.CRIAttributesAsArray=function(e){for(var t=[],r=0;r<e.length;++r)for(var a=e[r],n=Rr.derToOid(a.value[0].value),i=a.value[1].value,s=0;s<i.length;++s){var o={};if(o.type=n,o.value=i[s].value,o.valueTagClass=i[s].type,o.type in Lr&&(o.name=Lr[o.type],o.name in Ur&&(o.shortName=Ur[o.name])),o.type===Lr.extensionRequest){o.extensions=[];for(var c=0;c<o.value.length;++c)o.extensions.push(_r.certificateExtensionFromAsn1(o.value[c]))}t.push(o)}return t};var Mr=function(e,t,r){var a={};if(e!==Lr["RSASSA-PSS"])return a;r&&(a={hash:{algorithmOid:Lr.sha1},mgf:{algorithmOid:Lr.mgf1,hash:{algorithmOid:Lr.sha1}},saltLength:20});var n={},i=[];if(!Rr.validate(t,Vr,n,i)){var s=new Error("Cannot read RSASSA-PSS parameter block.");throw s.errors=i,s}return void 0!==n.hashOid&&(a.hash=a.hash\|\|{},a.hash.algorithmOid=Rr.derToOid(n.hashOid)),void 0!==n.maskGenOid&&(a.mgf=a.mgf\|\|{},a.mgf.algorithmOid=Rr.derToOid(n.maskGenOid),a.mgf.hash=a.mgf.hash\|\|{},a.mgf.hash.algorithmOid=Rr.derToOid(n.maskGenHashOid)),void 0!==n.saltLength&&(a.saltLength=n.saltLength.charCodeAt(0)),a};function Fr(e){for(var t,r,a=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[]),n=e.attributes,i=0;i<n.length;++i){var s=(t=n[i]).value,o=Rr.Type.PRINTABLESTRING;"valueTagClass"in t&&(o=t.valueTagClass)===Rr.Type.UTF8&&(s=kr.util.encodeUtf8(s)),r=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SET,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(t.type).getBytes()),Rr.create(Rr.Class.UNIVERSAL,o,!1,s)])]),a.value.push(r)}return a}function qr(e){for(var t,r=0;r<e.length;++r){if(void 0===(t=e[r]).name&&(t.type&&t.type in _r.oids?t.name=_r.oids[t.type]:t.shortName&&t.shortName in Ur&&(t.name=_r.oids[Ur[t.shortName]])),void 0===t.type){if(!t.name\|\|!(t.name in _r.oids))throw(n=new Error("Attribute type not specified.")).attribute=t,n;t.type=_r.oids[t.name]}if(void 0===t.shortName&&t.name&&t.name in Ur&&(t.shortName=Ur[t.name]),t.type===Lr.extensionRequest&&(t.valueConstructed=!0,t.valueTagClass=Rr.Type.SEQUENCE,!t.value&&t.extensions)){t.value=[];for(var a=0;a<t.extensions.length;++a)t.value.push(_r.certificateExtensionToAsn1(jr(t.extensions[a])))}var n;if(void 0===t.value)throw(n=new Error("Attribute value not specified.")).attribute=t,n}}function jr(e,t){if(t=t\|\|{},void 0===e.name&&e.id&&e.id in _r.oids&&(e.name=_r.oids[e.id]),void 0===e.id){if(!e.name\|\|!(e.name in _r.oids))throw(g=new Error("Extension ID not specified.")).extension=e,g;e.id=_r.oids[e.name]}if(void 0!==e.value)return e;if("keyUsage"===e.name){var r=0,a=0,n=0;e.digitalSignature&&(a\|=128,r=7),e.nonRepudiation&&(a\|=64,r=6),e.keyEncipherment&&(a\|=32,r=5),e.dataEncipherment&&(a\|=16,r=4),e.keyAgreement&&(a\|=8,r=3),e.keyCertSign&&(a\|=4,r=2),e.cRLSign&&(a\|=2,r=1),e.encipherOnly&&(a\|=1,r=0),e.decipherOnly&&(n\|=128,r=7);var i=String.fromCharCode(r);0!==n?i+=String.fromCharCode(a)+String.fromCharCode(n):0!==a&&(i+=String.fromCharCode(a)),e.value=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.BITSTRING,!1,i)}else if("basicConstraints"===e.name)e.value=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[]),e.cA&&e.value.value.push(Rr.create(Rr.Class.UNIVERSAL,Rr.Type.BOOLEAN,!1,String.fromCharCode(255))),"pathLenConstraint"in e&&e.value.value.push(Rr.create(Rr.Class.UNIVERSAL,Rr.Type.INTEGER,!1,Rr.integerToDer(e.pathLenConstraint).getBytes()));else if("extKeyUsage"===e.name){e.value=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[]);var s=e.value.value;for(var o in e)!0===e[o]&&(o in Lr?s.push(Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(Lr[o]).getBytes())):-1!==o.indexOf(".")&&s.push(Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(o).getBytes())))}else if("nsCertType"===e.name){r=0,a=0;e.client&&(a\|=128,r=7),e.server&&(a\|=64,r=6),e.email&&(a\|=32,r=5),e.objsign&&(a\|=16,r=4),e.reserved&&(a\|=8,r=3),e.sslCA&&(a\|=4,r=2),e.emailCA&&(a\|=2,r=1),e.objCA&&(a\|=1,r=0);i=String.fromCharCode(r);0!==a&&(i+=String.fromCharCode(a)),e.value=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.BITSTRING,!1,i)}else if("subjectAltName"===e.name\|\|"issuerAltName"===e.name){e.value=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[]);for(var c=0;c<e.altNames.length;++c){i=(f=e.altNames[c]).value;if(7===f.type&&f.ip){if(null===(i=kr.util.bytesFromIP(f.ip)))throw(g=new Error('Extension "ip" value is not a valid IPv4 or IPv6 address.')).extension=e,g}else 8===f.type&&(i=f.oid?Rr.oidToDer(Rr.oidToDer(f.oid)):Rr.oidToDer(i));e.value.value.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,f.type,!1,i))}}else if("nsComment"===e.name&&t.cert){if(!/^[\x00-\x7F]$/.test(e.comment)\|\|e.comment.length<1\|\|e.comment.length>128)throw new Error('Invalid "nsComment" content.');e.value=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.IA5STRING,!1,e.comment)}else if("subjectKeyIdentifier"===e.name&&t.cert){var u=t.cert.generateSubjectKeyIdentifier();e.subjectKeyIdentifier=u.toHex(),e.value=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OCTETSTRING,!1,u.getBytes())}else if("authorityKeyIdentifier"===e.name&&t.cert){e.value=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[]);s=e.value.value;if(e.keyIdentifier){var l=!0===e.keyIdentifier?t.cert.generateSubjectKeyIdentifier().getBytes():e.keyIdentifier;s.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,0,!1,l))}if(e.authorityCertIssuer){var p=[Rr.create(Rr.Class.CONTEXT_SPECIFIC,4,!0,[Fr(!0===e.authorityCertIssuer?t.cert.issuer:e.authorityCertIssuer)])];s.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,1,!0,p))}if(e.serialNumber){var h=kr.util.hexToBytes(!0===e.serialNumber?t.cert.serialNumber:e.serialNumber);s.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,2,!1,h))}}else if("cRLDistributionPoints"===e.name){e.value=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[]);s=e.value.value;var f,d=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[]),y=Rr.create(Rr.Class.CONTEXT_SPECIFIC,0,!0,[]);for(c=0;c<e.altNames.length;++c){i=(f=e.altNames[c]).value;if(7===f.type&&f.ip){if(null===(i=kr.util.bytesFromIP(f.ip)))throw(g=new Error('Extension "ip" value is not a valid IPv4 or IPv6 address.')).extension=e,g}else 8===f.type&&(i=f.oid?Rr.oidToDer(Rr.oidToDer(f.oid)):Rr.oidToDer(i));y.value.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,f.type,!1,i))}d.value.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,0,!0,[y])),s.push(d)}var g;if(void 0===e.value)throw(g=new Error("Extension value not specified.")).extension=e,g;return e}function Gr(e,t){if(e===Lr["RSASSA-PSS"]){var r=[];return void 0!==t.hash.algorithmOid&&r.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,0,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(t.hash.algorithmOid).getBytes()),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.NULL,!1,"")])])),void 0!==t.mgf.algorithmOid&&r.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,1,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(t.mgf.algorithmOid).getBytes()),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(t.mgf.hash.algorithmOid).getBytes()),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.NULL,!1,"")])])])),void 0!==t.saltLength&&r.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,2,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.INTEGER,!1,Rr.integerToDer(t.saltLength).getBytes())])),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,r)}return Rr.create(Rr.Class.UNIVERSAL,Rr.Type.NULL,!1,"")}function Hr(e){var t=Rr.create(Rr.Class.CONTEXT_SPECIFIC,0,!0,[]);if(0===e.attributes.length)return t;for(var r=e.attributes,a=0;a<r.length;++a){var n=r[a],i=n.value,s=Rr.Type.UTF8;"valueTagClass"in n&&(s=n.valueTagClass),s===Rr.Type.UTF8&&(i=kr.util.encodeUtf8(i));var o=!1;"valueConstructed"in n&&(o=n.valueConstructed);var c=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(n.type).getBytes()),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SET,!0,[Rr.create(Rr.Class.UNIVERSAL,s,o,i)])]);t.value.push(c)}return t}_r.certificateFromPem=function(e,t,r){var a=kr.pem.decode(e)[0];if("CERTIFICATE"!==a.type&&"X509 CERTIFICATE"!==a.type&&"TRUSTED CERTIFICATE"!==a.type){var n=new Error('Could not convert certificate from PEM; PEM header type is not "CERTIFICATE", "X509 CERTIFICATE", or "TRUSTED CERTIFICATE".');throw n.headerType=a.type,n}if(a.procType&&"ENCRYPTED"===a.procType.type)throw new Error("Could not convert certificate from PEM; PEM is encrypted.");var i=Rr.fromDer(a.body,r);return _r.certificateFromAsn1(i,t)},_r.certificateToPem=function(e,t){var r={type:"CERTIFICATE",body:Rr.toDer(_r.certificateToAsn1(e)).getBytes()};return kr.pem.encode(r,{maxline:t})},_r.publicKeyFromPem=function(e){var t=kr.pem.decode(e)[0];if("PUBLIC KEY"!==t.type&&"RSA PUBLIC KEY"!==t.type){var r=new Error('Could not convert public key from PEM; PEM header type is not "PUBLIC KEY" or "RSA PUBLIC KEY".');throw r.headerType=t.type,r}if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert public key from PEM; PEM is encrypted.");var a=Rr.fromDer(t.body);return _r.publicKeyFromAsn1(a)},_r.publicKeyToPem=function(e,t){var r={type:"PUBLIC KEY",body:Rr.toDer(_r.publicKeyToAsn1(e)).getBytes()};return kr.pem.encode(r,{maxline:t})},_r.publicKeyToRSAPublicKeyPem=function(e,t){var r={type:"RSA PUBLIC KEY",body:Rr.toDer(_r.publicKeyToRSAPublicKey(e)).getBytes()};return kr.pem.encode(r,{maxline:t})},_r.getPublicKeyFingerprint=function(e,t){var r,a=(t=t\|\|{}).md\|\|kr.md.sha1.create();switch(t.type\|\|"RSAPublicKey"){case"RSAPublicKey":r=Rr.toDer(_r.publicKeyToRSAPublicKey(e)).getBytes();break;case"SubjectPublicKeyInfo":r=Rr.toDer(_r.publicKeyToAsn1(e)).getBytes();break;default:throw new Error('Unknown fingerprint type "'+t.type+'".')}a.start(),a.update(r);var n=a.digest();if("hex"===t.encoding){var i=n.toHex();return t.delimiter?i.match(/.{2}/g).join(t.delimiter):i}if("binary"===t.encoding)return n.getBytes();if(t.encoding)throw new Error('Unknown encoding "'+t.encoding+'".');return n},_r.certificationRequestFromPem=function(e,t,r){var a=kr.pem.decode(e)[0];if("CERTIFICATE REQUEST"!==a.type){var n=new Error('Could not convert certification request from PEM; PEM header type is not "CERTIFICATE REQUEST".');throw n.headerType=a.type,n}if(a.procType&&"ENCRYPTED"===a.procType.type)throw new Error("Could not convert certification request from PEM; PEM is encrypted.");var i=Rr.fromDer(a.body,r);return _r.certificationRequestFromAsn1(i,t)},_r.certificationRequestToPem=function(e,t){var r={type:"CERTIFICATE REQUEST",body:Rr.toDer(_r.certificationRequestToAsn1(e)).getBytes()};return kr.pem.encode(r,{maxline:t})},_r.createCertificate=function(){var e={version:2,serialNumber:"00",signatureOid:null,signature:null,siginfo:{}};return e.siginfo.algorithmOid=null,e.validity={},e.validity.notBefore=new Date,e.validity.notAfter=new Date,e.issuer={},e.issuer.getField=function(t){return xr(e.issuer,t)},e.issuer.addField=function(t){qr([t]),e.issuer.attributes.push(t)},e.issuer.attributes=[],e.issuer.hash=null,e.subject={},e.subject.getField=function(t){return xr(e.subject,t)},e.subject.addField=function(t){qr([t]),e.subject.attributes.push(t)},e.subject.attributes=[],e.subject.hash=null,e.extensions=[],e.publicKey=null,e.md=null,e.setSubject=function(t,r){qr(t),e.subject.attributes=t,delete e.subject.uniqueId,r&&(e.subject.uniqueId=r),e.subject.hash=null},e.setIssuer=function(t,r){qr(t),e.issuer.attributes=t,delete e.issuer.uniqueId,r&&(e.issuer.uniqueId=r),e.issuer.hash=null},e.setExtensions=function(t){for(var r=0;r<t.length;++r)jr(t[r],{cert:e});e.extensions=t},e.getExtension=function(t){"string"==typeof t&&(t={name:t});for(var r,a=null,n=0;null===a&&n<e.extensions.length;++n)r=e.extensions[n],(t.id&&r.id===t.id\|\|t.name&&r.name===t.name)&&(a=r);return a},e.sign=function(t,r){e.md=r\|\|kr.md.sha1.create();var a=Lr[e.md.algorithm+"WithRSAEncryption"];if(!a){var n=new Error("Could not compute certificate digest. Unknown message digest algorithm OID.");throw n.algorithm=e.md.algorithm,n}e.signatureOid=e.siginfo.algorithmOid=a,e.tbsCertificate=_r.getTBSCertificate(e);var i=Rr.toDer(e.tbsCertificate);e.md.update(i.getBytes()),e.signature=t.sign(e.md)},e.verify=function(t){var r=!1;if(!e.issued(t)){var a=t.issuer,n=e.subject;throw(p=new Error("The parent certificate did not issue the given child certificate; the child certificate's issuer does not match the parent's subject.")).expectedIssuer=a.attributes,p.actualIssuer=n.attributes,p}var i=t.md;if(null===i){if(t.signatureOid in Lr)switch(Lr[t.signatureOid]){case"sha1WithRSAEncryption":i=kr.md.sha1.create();break;case"md5WithRSAEncryption":i=kr.md.md5.create();break;case"sha256WithRSAEncryption":case"RSASSA-PSS":i=kr.md.sha256.create();break;case"sha384WithRSAEncryption":i=kr.md.sha384.create();break;case"sha512WithRSAEncryption":i=kr.md.sha512.create()}if(null===i)throw(p=new Error("Could not compute certificate digest. Unknown signature OID.")).signatureOid=t.signatureOid,p;var s=t.tbsCertificate\|\|_r.getTBSCertificate(t),o=Rr.toDer(s);i.update(o.getBytes())}if(null!==i){var c;switch(t.signatureOid){case Lr.sha1WithRSAEncryption:c=void 0;break;case Lr["RSASSA-PSS"]:var u,l,p;if(void 0===(u=Lr[t.signatureParameters.mgf.hash.algorithmOid])\|\|void 0===kr.md[u])throw(p=new Error("Unsupported MGF hash function.")).oid=t.signatureParameters.mgf.hash.algorithmOid,p.name=u,p;if(void 0===(l=Lr[t.signatureParameters.mgf.algorithmOid])\|\|void 0===kr.mgf[l])throw(p=new Error("Unsupported MGF function.")).oid=t.signatureParameters.mgf.algorithmOid,p.name=l,p;if(l=kr.mgf[l].create(kr.md[u].create()),void 0===(u=Lr[t.signatureParameters.hash.algorithmOid])\|\|void 0===kr.md[u])throw{message:"Unsupported RSASSA-PSS hash function.",oid:t.signatureParameters.hash.algorithmOid,name:u};c=kr.pss.create(kr.md[u].create(),l,t.signatureParameters.saltLength)}r=e.publicKey.verify(i.digest().getBytes(),t.signature,c)}return r},e.isIssuer=function(t){var r=!1,a=e.issuer,n=t.subject;if(a.hash&&n.hash)r=a.hash===n.hash;else if(a.attributes.length===n.attributes.length){var i,s;r=!0;for(var o=0;r&&o<a.attributes.length;++o)i=a.attributes[o],s=n.attributes[o],i.type===s.type&&i.value===s.value\|\|(r=!1)}return r},e.issued=function(t){return t.isIssuer(e)},e.generateSubjectKeyIdentifier=function(){return _r.getPublicKeyFingerprint(e.publicKey,{type:"RSAPublicKey"})},e.verifySubjectKeyIdentifier=function(){for(var t=Lr.subjectKeyIdentifier,r=0;r<e.extensions.length;++r){var a=e.extensions[r];if(a.id===t){var n=e.generateSubjectKeyIdentifier().getBytes();return kr.util.hexToBytes(a.subjectKeyIdentifier)===n}}return!1},e},_r.certificateFromAsn1=function(e,t){var r={},a=[];if(!Rr.validate(e,Pr,r,a))throw(o=new Error("Cannot read X.509 certificate. ASN.1 object is not an X509v3 Certificate.")).errors=a,o;if(Rr.derToOid(r.publicKeyOid)!==_r.oids.rsaEncryption)throw new Error("Cannot read public key. OID is not RSA.");var n=_r.createCertificate();n.version=r.certVersion?r.certVersion.charCodeAt(0):0;var i=kr.util.createBuffer(r.certSerialNumber);n.serialNumber=i.toHex(),n.signatureOid=kr.asn1.derToOid(r.certSignatureOid),n.signatureParameters=Mr(n.signatureOid,r.certSignatureParams,!0),n.siginfo.algorithmOid=kr.asn1.derToOid(r.certinfoSignatureOid),n.siginfo.parameters=Mr(n.siginfo.algorithmOid,r.certinfoSignatureParams,!1),n.signature=r.certSignature;var s=[];if(void 0!==r.certValidity1UTCTime&&s.push(Rr.utcTimeToDate(r.certValidity1UTCTime)),void 0!==r.certValidity2GeneralizedTime&&s.push(Rr.generalizedTimeToDate(r.certValidity2GeneralizedTime)),void 0!==r.certValidity3UTCTime&&s.push(Rr.utcTimeToDate(r.certValidity3UTCTime)),void 0!==r.certValidity4GeneralizedTime&&s.push(Rr.generalizedTimeToDate(r.certValidity4GeneralizedTime)),s.length>2)throw new Error("Cannot read notBefore/notAfter validity times; more than two times were provided in the certificate.");if(s.length<2)throw new Error("Cannot read notBefore/notAfter validity times; they were not provided as either UTCTime or GeneralizedTime.");if(n.validity.notBefore=s[0],n.validity.notAfter=s[1],n.tbsCertificate=r.tbsCertificate,t){var o;if(n.md=null,n.signatureOid in Lr)switch(Lr[n.signatureOid]){case"sha1WithRSAEncryption":n.md=kr.md.sha1.create();break;case"md5WithRSAEncryption":n.md=kr.md.md5.create();break;case"sha256WithRSAEncryption":case"RSASSA-PSS":n.md=kr.md.sha256.create();break;case"sha384WithRSAEncryption":n.md=kr.md.sha384.create();break;case"sha512WithRSAEncryption":n.md=kr.md.sha512.create()}if(null===n.md)throw(o=new Error("Could not compute certificate digest. Unknown signature OID.")).signatureOid=n.signatureOid,o;var c=Rr.toDer(n.tbsCertificate);n.md.update(c.getBytes())}var u=kr.md.sha1.create();n.issuer.getField=function(e){return xr(n.issuer,e)},n.issuer.addField=function(e){qr([e]),n.issuer.attributes.push(e)},n.issuer.attributes=_r.RDNAttributesAsArray(r.certIssuer,u),r.certIssuerUniqueId&&(n.issuer.uniqueId=r.certIssuerUniqueId),n.issuer.hash=u.digest().toHex();var l=kr.md.sha1.create();return n.subject.getField=function(e){return xr(n.subject,e)},n.subject.addField=function(e){qr([e]),n.subject.attributes.push(e)},n.subject.attributes=_r.RDNAttributesAsArray(r.certSubject,l),r.certSubjectUniqueId&&(n.subject.uniqueId=r.certSubjectUniqueId),n.subject.hash=l.digest().toHex(),r.certExtensions?n.extensions=_r.certificateExtensionsFromAsn1(r.certExtensions):n.extensions=[],n.publicKey=_r.publicKeyFromAsn1(r.subjectPublicKeyInfo),n},_r.certificateExtensionsFromAsn1=function(e){for(var t=[],r=0;r<e.value.length;++r)for(var a=e.value[r],n=0;n<a.value.length;++n)t.push(_r.certificateExtensionFromAsn1(a.value[n]));return t},_r.certificateExtensionFromAsn1=function(e){var t={};if(t.id=Rr.derToOid(e.value[0].value),t.critical=!1,e.value[1].type===Rr.Type.BOOLEAN?(t.critical=0!==e.value[1].value.charCodeAt(0),t.value=e.value[2].value):t.value=e.value[1].value,t.id in Lr)if(t.name=Lr[t.id],"keyUsage"===t.name){var r=0,a=0;(i=Rr.fromDer(t.value)).value.length>1&&(r=i.value.charCodeAt(1),a=i.value.length>2?i.value.charCodeAt(2):0),t.digitalSignature=128==(128&r),t.nonRepudiation=64==(64&r),t.keyEncipherment=32==(32&r),t.dataEncipherment=16==(16&r),t.keyAgreement=8==(8&r),t.keyCertSign=4==(4&r),t.cRLSign=2==(2&r),t.encipherOnly=1==(1&r),t.decipherOnly=128==(128&a)}else if("basicConstraints"===t.name){(i=Rr.fromDer(t.value)).value.length>0&&i.value[0].type===Rr.Type.BOOLEAN?t.cA=0!==i.value[0].value.charCodeAt(0):t.cA=!1;var n=null;i.value.length>0&&i.value[0].type===Rr.Type.INTEGER?n=i.value[0].value:i.value.length>1&&(n=i.value[1].value),null!==n&&(t.pathLenConstraint=Rr.derToInteger(n))}else if("extKeyUsage"===t.name)for(var i=Rr.fromDer(t.value),s=0;s<i.value.length;++s){var o=Rr.derToOid(i.value[s].value);o in Lr?t[Lr[o]]=!0:t[o]=!0}else if("nsCertType"===t.name){r=0;(i=Rr.fromDer(t.value)).value.length>1&&(r=i.value.charCodeAt(1)),t.client=128==(128&r),t.server=64==(64&r),t.email=32==(32&r),t.objsign=16==(16&r),t.reserved=8==(8&r),t.sslCA=4==(4&r),t.emailCA=2==(2&r),t.objCA=1==(1&r)}else if("subjectAltName"===t.name\|\|"issuerAltName"===t.name){var c;t.altNames=[];i=Rr.fromDer(t.value);for(var u=0;u<i.value.length;++u){var l={type:(c=i.value[u]).type,value:c.value};switch(t.altNames.push(l),c.type){case 1:case 2:case 6:break;case 7:l.ip=kr.util.bytesToIP(c.value);break;case 8:l.oid=Rr.derToOid(c.value)}}}else if("subjectKeyIdentifier"===t.name){i=Rr.fromDer(t.value);t.subjectKeyIdentifier=kr.util.bytesToHex(i.value)}return t},_r.certificationRequestFromAsn1=function(e,t){var r={},a=[];if(!Rr.validate(e,Kr,r,a))throw(i=new Error("Cannot read PKCS#10 certificate request. ASN.1 object is not a PKCS#10 CertificationRequest.")).errors=a,i;if(Rr.derToOid(r.publicKeyOid)!==_r.oids.rsaEncryption)throw new Error("Cannot read public key. OID is not RSA.");var n=_r.createCertificationRequest();if(n.version=r.csrVersion?r.csrVersion.charCodeAt(0):0,n.signatureOid=kr.asn1.derToOid(r.csrSignatureOid),n.signatureParameters=Mr(n.signatureOid,r.csrSignatureParams,!0),n.siginfo.algorithmOid=kr.asn1.derToOid(r.csrSignatureOid),n.siginfo.parameters=Mr(n.siginfo.algorithmOid,r.csrSignatureParams,!1),n.signature=r.csrSignature,n.certificationRequestInfo=r.certificationRequestInfo,t){var i;if(n.md=null,n.signatureOid in Lr)switch(Lr[n.signatureOid]){case"sha1WithRSAEncryption":n.md=kr.md.sha1.create();break;case"md5WithRSAEncryption":n.md=kr.md.md5.create();break;case"sha256WithRSAEncryption":case"RSASSA-PSS":n.md=kr.md.sha256.create();break;case"sha384WithRSAEncryption":n.md=kr.md.sha384.create();break;case"sha512WithRSAEncryption":n.md=kr.md.sha512.create()}if(null===n.md)throw(i=new Error("Could not compute certification request digest. Unknown signature OID.")).signatureOid=n.signatureOid,i;var s=Rr.toDer(n.certificationRequestInfo);n.md.update(s.getBytes())}var o=kr.md.sha1.create();return n.subject.getField=function(e){return xr(n.subject,e)},n.subject.addField=function(e){qr([e]),n.subject.attributes.push(e)},n.subject.attributes=_r.RDNAttributesAsArray(r.certificationRequestInfoSubject,o),n.subject.hash=o.digest().toHex(),n.publicKey=_r.publicKeyFromAsn1(r.subjectPublicKeyInfo),n.getAttribute=function(e){return xr(n,e)},n.addAttribute=function(e){qr([e]),n.attributes.push(e)},n.attributes=_r.CRIAttributesAsArray(r.certificationRequestInfoAttributes\|\|[]),n},_r.createCertificationRequest=function(){var e={version:0,signatureOid:null,signature:null,siginfo:{}};return e.siginfo.algorithmOid=null,e.subject={},e.subject.getField=function(t){return xr(e.subject,t)},e.subject.addField=function(t){qr([t]),e.subject.attributes.push(t)},e.subject.attributes=[],e.subject.hash=null,e.publicKey=null,e.attributes=[],e.getAttribute=function(t){return xr(e,t)},e.addAttribute=function(t){qr([t]),e.attributes.push(t)},e.md=null,e.setSubject=function(t){qr(t),e.subject.attributes=t,e.subject.hash=null},e.setAttributes=function(t){qr(t),e.attributes=t},e.sign=function(t,r){e.md=r\|\|kr.md.sha1.create();var a=Lr[e.md.algorithm+"WithRSAEncryption"];if(!a){var n=new Error("Could not compute certification request digest. Unknown message digest algorithm OID.");throw n.algorithm=e.md.algorithm,n}e.signatureOid=e.siginfo.algorithmOid=a,e.certificationRequestInfo=_r.getCertificationRequestInfo(e);var i=Rr.toDer(e.certificationRequestInfo);e.md.update(i.getBytes()),e.signature=t.sign(e.md)},e.verify=function(){var t=!1,r=e.md;if(null===r){if(e.signatureOid in Lr)switch(Lr[e.signatureOid]){case"sha1WithRSAEncryption":r=kr.md.sha1.create();break;case"md5WithRSAEncryption":r=kr.md.md5.create();break;case"sha256WithRSAEncryption":case"RSASSA-PSS":r=kr.md.sha256.create();break;case"sha384WithRSAEncryption":r=kr.md.sha384.create();break;case"sha512WithRSAEncryption":r=kr.md.sha512.create()}if(null===r)throw(c=new Error("Could not compute certification request digest. Unknown signature OID.")).signatureOid=e.signatureOid,c;var a=e.certificationRequestInfo\|\|_r.getCertificationRequestInfo(e),n=Rr.toDer(a);r.update(n.getBytes())}if(null!==r){var i;switch(e.signatureOid){case Lr.sha1WithRSAEncryption:break;case Lr["RSASSA-PSS"]:var s,o,c;if(void 0===(s=Lr[e.signatureParameters.mgf.hash.algorithmOid])\|\|void 0===kr.md[s])throw(c=new Error("Unsupported MGF hash function.")).oid=e.signatureParameters.mgf.hash.algorithmOid,c.name=s,c;if(void 0===(o=Lr[e.signatureParameters.mgf.algorithmOid])\|\|void 0===kr.mgf[o])throw(c=new Error("Unsupported MGF function.")).oid=e.signatureParameters.mgf.algorithmOid,c.name=o,c;if(o=kr.mgf[o].create(kr.md[s].create()),void 0===(s=Lr[e.signatureParameters.hash.algorithmOid])\|\|void 0===kr.md[s])throw(c=new Error("Unsupported RSASSA-PSS hash function.")).oid=e.signatureParameters.hash.algorithmOid,c.name=s,c;i=kr.pss.create(kr.md[s].create(),o,e.signatureParameters.saltLength)}t=e.publicKey.verify(r.digest().getBytes(),e.signature,i)}return t},e};var Qr=new Date("1950-01-01T00:00:00Z"),zr=new Date("2050-01-01T00:00:00Z");function Wr(e){return e>=Qr&&e<zr?Rr.create(Rr.Class.UNIVERSAL,Rr.Type.UTCTIME,!1,Rr.dateToUtcTime(e)):Rr.create(Rr.Class.UNIVERSAL,Rr.Type.GENERALIZEDTIME,!1,Rr.dateToGeneralizedTime(e))}_r.getTBSCertificate=function(e){var t=Wr(e.validity.notBefore),r=Wr(e.validity.notAfter),a=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.CONTEXT_SPECIFIC,0,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.INTEGER,!1,Rr.integerToDer(e.version).getBytes())]),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.INTEGER,!1,kr.util.hexToBytes(e.serialNumber)),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(e.siginfo.algorithmOid).getBytes()),Gr(e.siginfo.algorithmOid,e.siginfo.parameters)]),Fr(e.issuer),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[t,r]),Fr(e.subject),_r.publicKeyToAsn1(e.publicKey)]);return e.issuer.uniqueId&&a.value.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,1,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.BITSTRING,!1,String.fromCharCode(0)+e.issuer.uniqueId)])),e.subject.uniqueId&&a.value.push(Rr.create(Rr.Class.CONTEXT_SPECIFIC,2,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.BITSTRING,!1,String.fromCharCode(0)+e.subject.uniqueId)])),e.extensions.length>0&&a.value.push(_r.certificateExtensionsToAsn1(e.extensions)),a},_r.getCertificationRequestInfo=function(e){return Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.INTEGER,!1,Rr.integerToDer(e.version).getBytes()),Fr(e.subject),_r.publicKeyToAsn1(e.publicKey),Hr(e)])},_r.distinguishedNameToAsn1=function(e){return Fr(e)},_r.certificateToAsn1=function(e){var t=e.tbsCertificate\|\|_r.getTBSCertificate(e);return Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[t,Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(e.signatureOid).getBytes()),Gr(e.signatureOid,e.signatureParameters)]),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.BITSTRING,!1,String.fromCharCode(0)+e.signature)])},_r.certificateExtensionsToAsn1=function(e){var t=Rr.create(Rr.Class.CONTEXT_SPECIFIC,3,!0,[]),r=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[]);t.value.push(r);for(var a=0;a<e.length;++a)r.value.push(_r.certificateExtensionToAsn1(e[a]));return t},_r.certificateExtensionToAsn1=function(e){var t=Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[]);t.value.push(Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(e.id).getBytes())),e.critical&&t.value.push(Rr.create(Rr.Class.UNIVERSAL,Rr.Type.BOOLEAN,!1,String.fromCharCode(255)));var r=e.value;return"string"!=typeof e.value&&(r=Rr.toDer(r).getBytes()),t.value.push(Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OCTETSTRING,!1,r)),t},_r.certificationRequestToAsn1=function(e){var t=e.certificationRequestInfo\|\|_r.getCertificationRequestInfo(e);return Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[t,Rr.create(Rr.Class.UNIVERSAL,Rr.Type.SEQUENCE,!0,[Rr.create(Rr.Class.UNIVERSAL,Rr.Type.OID,!1,Rr.oidToDer(e.signatureOid).getBytes()),Gr(e.signatureOid,e.signatureParameters)]),Rr.create(Rr.Class.UNIVERSAL,Rr.Type.BITSTRING,!1,String.fromCharCode(0)+e.signature)])},_r.createCaStore=function(e){var t={certs:{}};function r(e){return a(e),t.certs[e.hash]\|\|null}function a(e){if(!e.hash){var t=kr.md.sha1.create();e.attributes=_r.RDNAttributesAsArray(Fr(e),t),e.hash=t.digest().toHex()}}if(t.getIssuer=function(e){return r(e.issuer)},t.addCertificate=function(e){if("string"==typeof e&&(e=kr.pki.certificateFromPem(e)),a(e.subject),!t.hasCertificate(e))if(e.subject.hash in t.certs){var r=t.certs[e.subject.hash];kr.util.isArray(r)\|\|(r=[r]),r.push(e),t.certs[e.subject.hash]=r}else t.certs[e.subject.hash]=e},t.hasCertificate=function(e){"string"==typeof e&&(e=kr.pki.certificateFromPem(e));var t=r(e.subject);if(!t)return!1;kr.util.isArray(t)\|\|(t=[t]);for(var a=Rr.toDer(_r.certificateToAsn1(e)).getBytes(),n=0;n<t.length;++n){if(a===Rr.toDer(_r.certificateToAsn1(t[n])).getBytes())return!0}return!1},t.listAllCertificates=function(){var e=[];for(var r in t.certs)if(t.certs.hasOwnProperty(r)){var a=t.certs[r];if(kr.util.isArray(a))for(var n=0;n<a.length;++n)e.push(a[n]);else e.push(a)}return e},t.removeCertificate=function(e){var n;if("string"==typeof e&&(e=kr.pki.certificateFromPem(e)),a(e.subject),!t.hasCertificate(e))return null;var i=r(e.subject);if(!kr.util.isArray(i))return n=t.certs[e.subject.hash],delete t.certs[e.subject.hash],n;for(var s=Rr.toDer(_r.certificateToAsn1(e)).getBytes(),o=0;o<i.length;++o){s===Rr.toDer(_r.certificateToAsn1(i[o])).getBytes()&&(n=i[o],i.splice(o,1))}return 0===i.length&&delete t.certs[e.subject.hash],n},e)for(var n=0;n<e.length;++n){var i=e[n];t.addCertificate(i)}return t},_r.certificateError={bad_certificate:"forge.pki.BadCertificate",unsupported_certificate:"forge.pki.UnsupportedCertificate",certificate_revoked:"forge.pki.CertificateRevoked",certificate_expired:"forge.pki.CertificateExpired",certificate_unknown:"forge.pki.CertificateUnknown",unknown_ca:"forge.pki.UnknownCertificateAuthority"},_r.verifyCertificateChain=function(e,t,r){"function"==typeof r&&(r={verify:r}),r=r\|\|{};var a=(t=t.slice(0)).slice(0),n=r.validityCheckDate;void 0===n&&(n=new Date);var i=!0,s=null,o=0;do{var c=t.shift(),u=null,l=!1;if(n&&(n<c.validity.notBefore\|\|n>c.validity.notAfter)&&(s={message:"Certificate is not valid yet or has expired.",error:_r.certificateError.certificate_expired,notBefore:c.validity.notBefore,notAfter:c.validity.notAfter,now:n}),null===s){if(null===(u=t[0]\|\|e.getIssuer(c))&&c.isIssuer(c)&&(l=!0,u=c),u){var p=u;kr.util.isArray(p)\|\|(p=[p]);for(var h=!1;!h&&p.length>0;){u=p.shift();try{h=u.verify(c)}catch(e){}}h\|\|(s={message:"Certificate signature is invalid.",error:_r.certificateError.bad_certificate})}null!==s\|\|u&&!l\|\|e.hasCertificate(c)\|\|(s={message:"Certificate is not trusted.",error:_r.certificateError.unknown_ca})}if(null===s&&u&&!c.isIssuer(u)&&(s={message:"Certificate issuer is invalid.",error:_r.certificateError.bad_certificate}),null===s)for(var f={keyUsage:!0,basicConstraints:!0},d=0;null===s&&d<c.extensions.length;++d){var y=c.extensions[d];y.critical&&!(y.name in f)&&(s={message:"Certificate has an unsupported critical extension.",error:_r.certificateError.unsupported_certificate})}if(null===s&&(!i\|\|0===t.length&&(!u\|\|l))){var g=c.getExtension("basicConstraints"),m=c.getExtension("keyUsage");if(null!==m&&(m.keyCertSign&&null!==g\|\|(s={message:"Certificate keyUsage or basicConstraints conflict or indicate that the certificate is not a CA. If the certificate is the only one in the chain or isn't the first then the certificate must be a valid CA.",error:_r.certificateError.bad_certificate})),null!==s\|\|null===g\|\|g.cA\|\|(s={message:"Certificate basicConstraints indicates the certificate is not a CA.",error:_r.certificateError.bad_certificate}),null===s&&null!==m&&"pathLenConstraint"in g)o-1>g.pathLenConstraint&&(s={message:"Certificate basicConstraints pathLenConstraint violated.",error:_r.certificateError.bad_certificate})}var v=null===s\|\|s.error,C=r.verify?r.verify(v,o,a):v;if(!0!==C)throw!0===v&&(s={message:"The application rejected the certificate.",error:_r.certificateError.bad_certificate}),(C\|\|0===C)&&("object"!=typeof C\|\|kr.util.isArray(C)?"string"==typeof C&&(s.error=C):(C.message&&(s.message=C.message),C.error&&(s.error=C.error))),s;s=null,i=!1,++o}while(t.length>0);return!0};var Yr=S,Xr=Yr.asn1,Zr=Yr.pki,$r=Yr.pkcs12=Yr.pkcs12\|\|{},Jr={name:"ContentInfo",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SEQUENCE,constructed:!0,value:[{name:"ContentInfo.contentType",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.OID,constructed:!1,capture:"contentType"},{name:"ContentInfo.content",tagClass:Xr.Class.CONTEXT_SPECIFIC,constructed:!0,captureAsn1:"content"}]},ea={name:"PFX",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.version",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.INTEGER,constructed:!1,capture:"version"},Jr,{name:"PFX.macData",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SEQUENCE,constructed:!0,optional:!0,captureAsn1:"mac",value:[{name:"PFX.macData.mac",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.macData.mac.digestAlgorithm",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.macData.mac.digestAlgorithm.algorithm",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.OID,constructed:!1,capture:"macAlgorithm"},{name:"PFX.macData.mac.digestAlgorithm.parameters",tagClass:Xr.Class.UNIVERSAL,captureAsn1:"macAlgorithmParameters"}]},{name:"PFX.macData.mac.digest",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.OCTETSTRING,constructed:!1,capture:"macDigest"}]},{name:"PFX.macData.macSalt",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.OCTETSTRING,constructed:!1,capture:"macSalt"},{name:"PFX.macData.iterations",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.INTEGER,constructed:!1,optional:!0,capture:"macIterations"}]}]},ta={name:"SafeBag",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SEQUENCE,constructed:!0,value:[{name:"SafeBag.bagId",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.OID,constructed:!1,capture:"bagId"},{name:"SafeBag.bagValue",tagClass:Xr.Class.CONTEXT_SPECIFIC,constructed:!0,captureAsn1:"bagValue"},{name:"SafeBag.bagAttributes",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SET,constructed:!0,optional:!0,capture:"bagAttributes"}]},ra={name:"Attribute",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SEQUENCE,constructed:!0,value:[{name:"Attribute.attrId",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.OID,constructed:!1,capture:"oid"},{name:"Attribute.attrValues",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SET,constructed:!0,capture:"values"}]},aa={name:"CertBag",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.SEQUENCE,constructed:!0,value:[{name:"CertBag.certId",tagClass:Xr.Class.UNIVERSAL,type:Xr.Type.OID,constructed:!1,capture:"certId"},{name:"CertBag.certValue",tagClass:Xr.Class.CONTEXT_SPECIFIC,constructed:!0,value:[{name:"CertBag.certValue[0]",tagClass:Xr.Class.UNIVERSAL,type:Xr.Class.OCTETSTRING,constructed:!1,capture:"cert"}]}]};function na(e,t,r,a){for(var n=[],i=0;i<e.length;i++)for(var s=0;s<e[i].safeBags.length;s++){var o=e[i].safeBags[s];void 0!==a&&o.type!==a\|\|(null!==t?void 0!==o.attributes[t]&&o.attributes[t].indexOf(r)>=0&&n.push(o):n.push(o))}return n}function ia(e){if(e.composed\|\|e.constructed){for(var t=Yr.util.createBuffer(),r=0;r<e.value.length;++r)t.putBytes(e.value[r].value);e.composed=e.constructed=!1,e.value=t.getBytes()}return e}function sa(e,t){var r={},a=[];if(!Xr.validate(e,Yr.pkcs7.asn1.encryptedDataValidator,r,a))throw(n=new Error("Cannot read EncryptedContentInfo.")).errors=a,n;var n,i=Xr.derToOid(r.contentType);if(i!==Zr.oids.data)throw(n=new Error("PKCS#12 EncryptedContentInfo ContentType is not Data.")).oid=i,n;i=Xr.derToOid(r.encAlgorithm);var s=Zr.pbe.getCipher(i,r.encParameter,t),o=ia(r.encryptedContentAsn1),c=Yr.util.createBuffer(o.value);if(s.update(c),!s.finish())throw new Error("Failed to decrypt PKCS#12 SafeContents.");return s.output.getBytes()}function oa(e,t,r){if(!t&&0===e.length)return[];if((e=Xr.fromDer(e,t)).tagClass!==Xr.Class.UNIVERSAL\|\|e.type!==Xr.Type.SEQUENCE\|\|!0!==e.constructed)throw new Error("PKCS#12 SafeContents expected to be a SEQUENCE OF SafeBag.");for(var a=[],n=0;n<e.value.length;n++){var i=e.value[n],s={},o=[];if(!Xr.validate(i,ta,s,o))throw(h=new Error("Cannot read SafeBag.")).errors=o,h;var c,u,l={type:Xr.derToOid(s.bagId),attributes:ca(s.bagAttributes)};a.push(l);var p=s.bagValue.value[0];switch(l.type){case Zr.oids.pkcs8ShroudedKeyBag:if(null===(p=Zr.decryptPrivateKeyInfo(p,r)))throw new Error("Unable to decrypt PKCS#8 ShroudedKeyBag, wrong password?");case Zr.oids.keyBag:try{l.key=Zr.privateKeyFromAsn1(p)}catch(e){l.key=null,l.asn1=p}continue;case Zr.oids.certBag:c=aa,u=function(){if(Xr.derToOid(s.certId)!==Zr.oids.x509Certificate){var e=new Error("Unsupported certificate type, only X.509 supported.");throw e.oid=Xr.derToOid(s.certId),e}var r=Xr.fromDer(s.cert,t);try{l.cert=Zr.certificateFromAsn1(r,!0)}catch(e){l.cert=null,l.asn1=r}};break;default:var h;throw(h=new Error("Unsupported PKCS#12 SafeBag type.")).oid=l.type,h}if(void 0!==c&&!Xr.validate(p,c,s,o))throw(h=new Error("Cannot read PKCS#12 "+c.name)).errors=o,h;u()}return a}function ca(e){var t={};if(void 0!==e)for(var r=0;r<e.length;++r){var a={},n=[];if(!Xr.validate(e[r],ra,a,n)){var i=new Error("Cannot read PKCS#12 BagAttribute.");throw i.errors=n,i}var s=Xr.derToOid(a.oid);if(void 0!==Zr.oids[s]){t[Zr.oids[s]]=[];for(var o=0;o<a.values.length;++o)t[Zr.oids[s]].push(a.values[o].value)}}return t}$r.pkcs12FromAsn1=function(e,t,r){"string"==typeof t?(r=t,t=!0):void 0===t&&(t=!0);var a={};if(!Xr.validate(e,ea,a,[]))throw(n=new Error("Cannot read PKCS#12 PFX. ASN.1 object is not an PKCS#12 PFX.")).errors=n,n;var n,i={version:a.version.charCodeAt(0),safeContents:[],getBags:function(e){var t,r={};return"localKeyId"in e?t=e.localKeyId:"localKeyIdHex"in e&&(t=Yr.util.hexToBytes(e.localKeyIdHex)),void 0===t&&!("friendlyName"in e)&&"bagType"in e&&(r[e.bagType]=na(i.safeContents,null,null,e.bagType)),void 0!==t&&(r.localKeyId=na(i.safeContents,"localKeyId",t,e.bagType)),"friendlyName"in e&&(r.friendlyName=na(i.safeContents,"friendlyName",e.friendlyName,e.bagType)),r},getBagsByFriendlyName:function(e,t){return na(i.safeContents,"friendlyName",e,t)},getBagsByLocalKeyId:function(e,t){return na(i.safeContents,"localKeyId",e,t)}};if(3!==a.version.charCodeAt(0))throw(n=new Error("PKCS#12 PFX of version other than 3 not supported.")).version=a.version.charCodeAt(0),n;if(Xr.derToOid(a.contentType)!==Zr.oids.data)throw(n=new Error("Only PKCS#12 PFX in password integrity mode supported.")).oid=Xr.derToOid(a.contentType),n;var s=a.content.value[0];if(s.tagClass!==Xr.Class.UNIVERSAL\|\|s.type!==Xr.Type.OCTETSTRING)throw new Error("PKCS#12 authSafe content data is not an OCTET STRING.");if(s=ia(s),a.mac){var o=null,c=0,u=Xr.derToOid(a.macAlgorithm);switch(u){case Zr.oids.sha1:o=Yr.md.sha1.create(),c=20;break;case Zr.oids.sha256:o=Yr.md.sha256.create(),c=32;break;case Zr.oids.sha384:o=Yr.md.sha384.create(),c=48;break;case Zr.oids.sha512:o=Yr.md.sha512.create(),c=64;break;case Zr.oids.md5:o=Yr.md.md5.create(),c=16}if(null===o)throw new Error("PKCS#12 uses unsupported MAC algorithm: "+u);var l=new Yr.util.ByteBuffer(a.macSalt),p="macIterations"in a?parseInt(Yr.util.bytesToHex(a.macIterations),16):1,h=$r.generateKey(r,l,3,p,c,o),f=Yr.hmac.create();if(f.start(o,h),f.update(s.value),f.getMac().getBytes()!==a.macDigest)throw new Error("PKCS#12 MAC could not be verified. Invalid password?")}return function(e,t,r,a){if(t=Xr.fromDer(t,r),t.tagClass!==Xr.Class.UNIVERSAL\|\|t.type!==Xr.Type.SEQUENCE\|\|!0!==t.constructed)throw new Error("PKCS#12 AuthenticatedSafe expected to be a SEQUENCE OF ContentInfo");for(var n=0;n<t.value.length;n++){var i=t.value[n],s={},o=[];if(!Xr.validate(i,Jr,s,o))throw(p=new Error("Cannot read ContentInfo.")).errors=o,p;var c={encrypted:!1},u=null,l=s.content.value[0];switch(Xr.derToOid(s.contentType)){case Zr.oids.data:if(l.tagClass!==Xr.Class.UNIVERSAL\|\|l.type!==Xr.Type.OCTETSTRING)throw new Error("PKCS#12 SafeContents Data is not an OCTET STRING.");u=ia(l).value;break;case Zr.oids.encryptedData:u=sa(l,a),c.encrypted=!0;break;default:var p;throw(p=new Error("Unsupported PKCS#12 contentType.")).contentType=Xr.derToOid(s.contentType),p}c.safeBags=oa(u,r,a),e.safeContents.push(c)}}(i,s.value,t,r),i},$r.toPkcs12Asn1=function(e,t,r,a){(a=a\|\|{}).saltSize=a.saltSize\|\|8,a.count=a.count\|\|2048,a.algorithm=a.algorithm\|\|a.encAlgorithm\|\|"aes128","useMac"in a\|\|(a.useMac=!0),"localKeyId"in a\|\|(a.localKeyId=null),"generateLocalKeyId"in a\|\|(a.generateLocalKeyId=!0);var n,i=a.localKeyId;if(null!==i)i=Yr.util.hexToBytes(i);else if(a.generateLocalKeyId)if(t){var s=Yr.util.isArray(t)?t[0]:t;"string"==typeof s&&(s=Zr.certificateFromPem(s)),(I=Yr.md.sha1.create()).update(Xr.toDer(Zr.certificateToAsn1(s)).getBytes()),i=I.digest().getBytes()}else i=Yr.random.getBytes(20);var o=[];null!==i&&o.push(Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.localKeyId).getBytes()),Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SET,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OCTETSTRING,!1,i)])])),"friendlyName"in a&&o.push(Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.friendlyName).getBytes()),Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SET,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.BMPSTRING,!1,a.friendlyName)])])),o.length>0&&(n=Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SET,!0,o));var c=[],u=[];null!==t&&(u=Yr.util.isArray(t)?t:[t]);for(var l=[],p=0;p<u.length;++p){"string"==typeof(t=u[p])&&(t=Zr.certificateFromPem(t));var h=0===p?n:void 0,f=Zr.certificateToAsn1(t),d=Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.certBag).getBytes()),Xr.create(Xr.Class.CONTEXT_SPECIFIC,0,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.x509Certificate).getBytes()),Xr.create(Xr.Class.CONTEXT_SPECIFIC,0,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OCTETSTRING,!1,Xr.toDer(f).getBytes())])])]),h]);l.push(d)}if(l.length>0){var y=Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,l),g=Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.data).getBytes()),Xr.create(Xr.Class.CONTEXT_SPECIFIC,0,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OCTETSTRING,!1,Xr.toDer(y).getBytes())])]);c.push(g)}var m=null;if(null!==e){var v=Zr.wrapRsaPrivateKey(Zr.privateKeyToAsn1(e));m=null===r?Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.keyBag).getBytes()),Xr.create(Xr.Class.CONTEXT_SPECIFIC,0,!0,[v]),n]):Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.pkcs8ShroudedKeyBag).getBytes()),Xr.create(Xr.Class.CONTEXT_SPECIFIC,0,!0,[Zr.encryptPrivateKeyInfo(v,r,a)]),n]);var C=Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[m]),E=Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.data).getBytes()),Xr.create(Xr.Class.CONTEXT_SPECIFIC,0,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OCTETSTRING,!1,Xr.toDer(C).getBytes())])]);c.push(E)}var S,T=Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,c);if(a.useMac){var I=Yr.md.sha1.create(),A=new Yr.util.ByteBuffer(Yr.random.getBytes(a.saltSize)),b=a.count,B=(e=$r.generateKey(r,A,3,b,20),Yr.hmac.create());B.start(I,e),B.update(Xr.toDer(T).getBytes());var N=B.getMac();S=Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.sha1).getBytes()),Xr.create(Xr.Class.UNIVERSAL,Xr.Type.NULL,!1,"")]),Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OCTETSTRING,!1,N.getBytes())]),Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OCTETSTRING,!1,A.getBytes()),Xr.create(Xr.Class.UNIVERSAL,Xr.Type.INTEGER,!1,Xr.integerToDer(b).getBytes())])}return Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.INTEGER,!1,Xr.integerToDer(3).getBytes()),Xr.create(Xr.Class.UNIVERSAL,Xr.Type.SEQUENCE,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OID,!1,Xr.oidToDer(Zr.oids.data).getBytes()),Xr.create(Xr.Class.CONTEXT_SPECIFIC,0,!0,[Xr.create(Xr.Class.UNIVERSAL,Xr.Type.OCTETSTRING,!1,Xr.toDer(T).getBytes())])]),S])},$r.generateKey=Yr.pbe.generatePkcs12Key;var ua=S,la=ua.asn1,pa=ua.pki=ua.pki\|\|{};pa.pemToDer=function(e){var t=ua.pem.decode(e)[0];if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert PEM to DER; PEM is encrypted.");return ua.util.createBuffer(t.body)},pa.privateKeyFromPem=function(e){var t=ua.pem.decode(e)[0];if("PRIVATE KEY"!==t.type&&"RSA PRIVATE KEY"!==t.type){var r=new Error('Could not convert private key from PEM; PEM header type is not "PRIVATE KEY" or "RSA PRIVATE KEY".');throw r.headerType=t.type,r}if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert private key from PEM; PEM is encrypted.");var a=la.fromDer(t.body);return pa.privateKeyFromAsn1(a)},pa.privateKeyToPem=function(e,t){var r={type:"RSA PRIVATE KEY",body:la.toDer(pa.privateKeyToAsn1(e)).getBytes()};return ua.pem.encode(r,{maxline:t})},pa.privateKeyInfoToPem=function(e,t){var r={type:"PRIVATE KEY",body:la.toDer(e).getBytes()};return ua.pem.encode(r,{maxline:t})};var ha=S,fa=function(e,t,r,a){var n=ha.util.createBuffer(),i=e.length>>1,s=i+(1&e.length),o=e.substr(0,s),c=e.substr(i,s),u=ha.util.createBuffer(),l=ha.hmac.create();r=t+r;var p=Math.ceil(a/16),h=Math.ceil(a/20);l.start("MD5",o);var f=ha.util.createBuffer();u.putBytes(r);for(var d=0;d<p;++d)l.start(null,null),l.update(u.getBytes()),u.putBuffer(l.digest()),l.start(null,null),l.update(u.bytes()+r),f.putBuffer(l.digest());l.start("SHA1",c);var y=ha.util.createBuffer();u.clear(),u.putBytes(r);for(d=0;d<h;++d)l.start(null,null),l.update(u.getBytes()),u.putBuffer(l.digest()),l.start(null,null),l.update(u.bytes()+r),y.putBuffer(l.digest());return n.putBytes(ha.util.xorBytes(f.getBytes(),y.getBytes(),a)),n},da=function(e,t,r){var a=!1;try{var n=e.deflate(t.fragment.getBytes());t.fragment=ha.util.createBuffer(n),t.length=n.length,a=!0}catch(e){}return a},ya=function(e,t,r){var a=!1;try{var n=e.inflate(t.fragment.getBytes());t.fragment=ha.util.createBuffer(n),t.length=n.length,a=!0}catch(e){}return a},ga=function(e,t){var r=0;switch(t){case 1:r=e.getByte();break;case 2:r=e.getInt16();break;case 3:r=e.getInt24();break;case 4:r=e.getInt32()}return ha.util.createBuffer(e.getBytes(r))},ma=function(e,t,r){e.putInt(r.length(),t<<3),e.putBuffer(r)},va={Versions:{TLS_1_0:{major:3,minor:1},TLS_1_1:{major:3,minor:2},TLS_1_2:{major:3,minor:3}}};va.SupportedVersions=[va.Versions.TLS_1_1,va.Versions.TLS_1_0],va.Version=va.SupportedVersions[0],va.MaxFragment=15360,va.ConnectionEnd={server:0,client:1},va.PRFAlgorithm={tls_prf_sha256:0},va.BulkCipherAlgorithm={none:null,rc4:0,des3:1,aes:2},va.CipherType={stream:0,block:1,aead:2},va.MACAlgorithm={none:null,hmac_md5:0,hmac_sha1:1,hmac_sha256:2,hmac_sha384:3,hmac_sha512:4},va.CompressionMethod={none:0,deflate:1},va.ContentType={change_cipher_spec:20,alert:21,handshake:22,application_data:23,heartbeat:24},va.HandshakeType={hello_request:0,client_hello:1,server_hello:2,certificate:11,server_key_exchange:12,certificate_request:13,server_hello_done:14,certificate_verify:15,client_key_exchange:16,finished:20},va.Alert={},va.Alert.Level={warning:1,fatal:2},va.Alert.Description={close_notify:0,unexpected_message:10,bad_record_mac:20,decryption_failed:21,record_overflow:22,decompression_failure:30,handshake_failure:40,bad_certificate:42,unsupported_certificate:43,certificate_revoked:44,certificate_expired:45,certificate_unknown:46,illegal_parameter:47,unknown_ca:48,access_denied:49,decode_error:50,decrypt_error:51,export_restriction:60,protocol_version:70,insufficient_security:71,internal_error:80,user_canceled:90,no_renegotiation:100},va.HeartbeatMessageType={heartbeat_request:1,heartbeat_response:2},va.CipherSuites={},va.getCipherSuite=function(e){var t=null;for(var r in va.CipherSuites){var a=va.CipherSuites[r];if(a.id[0]===e.charCodeAt(0)&&a.id[1]===e.charCodeAt(1)){t=a;break}}return t},va.handleUnexpected=function(e,t){!e.open&&e.entity===va.ConnectionEnd.client\|\|e.error(e,{message:"Unexpected message. Received TLS record out of order.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.unexpected_message}})},va.handleHelloRequest=function(e,t,r){!e.handshaking&&e.handshakes>0&&(va.queue(e,va.createAlert(e,{level:va.Alert.Level.warning,description:va.Alert.Description.no_renegotiation})),va.flush(e)),e.process()},va.parseHelloMessage=function(e,t,r){var a=null,n=e.entity===va.ConnectionEnd.client;if(r<38)e.error(e,{message:n?"Invalid ServerHello message. Message too short.":"Invalid ClientHello message. Message too short.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.illegal_parameter}});else{var i=t.fragment,s=i.length();if(a={version:{major:i.getByte(),minor:i.getByte()},random:ha.util.createBuffer(i.getBytes(32)),session_id:ga(i,1),extensions:[]},n?(a.cipher_suite=i.getBytes(2),a.compression_method=i.getByte()):(a.cipher_suites=ga(i,2),a.compression_methods=ga(i,1)),(s=r-(s-i.length()))>0){for(var o=ga(i,2);o.length()>0;)a.extensions.push({type:[o.getByte(),o.getByte()],data:ga(o,2)});if(!n)for(var c=0;c<a.extensions.length;++c){var u=a.extensions[c];if(0===u.type[0]&&0===u.type[1])for(var l=ga(u.data,2);l.length()>0;){if(0!==l.getByte())break;e.session.extensions.server_name.serverNameList.push(ga(l,2).getBytes())}}}if(e.session.version&&(a.version.major!==e.session.version.major\|\|a.version.minor!==e.session.version.minor))return e.error(e,{message:"TLS version change is disallowed during renegotiation.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.protocol_version}});if(n)e.session.cipherSuite=va.getCipherSuite(a.cipher_suite);else for(var p=ha.util.createBuffer(a.cipher_suites.bytes());p.length()>0&&(e.session.cipherSuite=va.getCipherSuite(p.getBytes(2)),null===e.session.cipherSuite););if(null===e.session.cipherSuite)return e.error(e,{message:"No cipher suites in common.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.handshake_failure},cipherSuite:ha.util.bytesToHex(a.cipher_suite)});e.session.compressionMethod=n?a.compression_method:va.CompressionMethod.none}return a},va.createSecurityParameters=function(e,t){var r=e.entity===va.ConnectionEnd.client,a=t.random.bytes(),n=r?e.session.sp.client_random:a,i=r?a:va.createRandom().getBytes();e.session.sp={entity:e.entity,prf_algorithm:va.PRFAlgorithm.tls_prf_sha256,bulk_cipher_algorithm:null,cipher_type:null,enc_key_length:null,block_length:null,fixed_iv_length:null,record_iv_length:null,mac_algorithm:null,mac_length:null,mac_key_length:null,compression_algorithm:e.session.compressionMethod,pre_master_secret:null,master_secret:null,client_random:n,server_random:i}},va.handleServerHello=function(e,t,r){var a=va.parseHelloMessage(e,t,r);if(!e.fail){if(!(a.version.minor<=e.version.minor))return e.error(e,{message:"Incompatible TLS version.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.protocol_version}});e.version.minor=a.version.minor,e.session.version=e.version;var n=a.session_id.bytes();n.length>0&&n===e.session.id?(e.expect=Ia,e.session.resuming=!0,e.session.sp.server_random=a.random.bytes()):(e.expect=Ca,e.session.resuming=!1,va.createSecurityParameters(e,a)),e.session.id=n,e.process()}},va.handleClientHello=function(e,t,r){var a=va.parseHelloMessage(e,t,r);if(!e.fail){var n=a.session_id.bytes(),i=null;if(e.sessionCache&&(null===(i=e.sessionCache.getSession(n))?n="":(i.version.major!==a.version.major\|\|i.version.minor>a.version.minor)&&(i=null,n="")),0===n.length&&(n=ha.random.getBytes(32)),e.session.id=n,e.session.clientHelloVersion=a.version,e.session.sp={},i)e.version=e.session.version=i.version,e.session.sp=i.sp;else{for(var s,o=1;o<va.SupportedVersions.length&&!((s=va.SupportedVersions[o]).minor<=a.version.minor);++o);e.version={major:s.major,minor:s.minor},e.session.version=e.version}null!==i?(e.expect=Ra,e.session.resuming=!0,e.session.sp.client_random=a.random.bytes()):(e.expect=!1!==e.verifyClient?Na:wa,e.session.resuming=!1,va.createSecurityParameters(e,a)),e.open=!0,va.queue(e,va.createRecord(e,{type:va.ContentType.handshake,data:va.createServerHello(e)})),e.session.resuming?(va.queue(e,va.createRecord(e,{type:va.ContentType.change_cipher_spec,data:va.createChangeCipherSpec()})),e.state.pending=va.createConnectionState(e),e.state.current.write=e.state.pending.write,va.queue(e,va.createRecord(e,{type:va.ContentType.handshake,data:va.createFinished(e)}))):(va.queue(e,va.createRecord(e,{type:va.ContentType.handshake,data:va.createCertificate(e)})),e.fail\|\|(va.queue(e,va.createRecord(e,{type:va.ContentType.handshake,data:va.createServerKeyExchange(e)})),!1!==e.verifyClient&&va.queue(e,va.createRecord(e,{type:va.ContentType.handshake,data:va.createCertificateRequest(e)})),va.queue(e,va.createRecord(e,{type:va.ContentType.handshake,data:va.createServerHelloDone(e)})))),va.flush(e),e.process()}},va.handleCertificate=function(e,t,r){if(r<3)return e.error(e,{message:"Invalid Certificate message. Message too short.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.illegal_parameter}});var a,n,i=t.fragment,s={certificate_list:ga(i,3)},o=[];try{for(;s.certificate_list.length()>0;)a=ga(s.certificate_list,3),n=ha.asn1.fromDer(a),a=ha.pki.certificateFromAsn1(n,!0),o.push(a)}catch(t){return e.error(e,{message:"Could not parse certificate list.",cause:t,send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.bad_certificate}})}var c=e.entity===va.ConnectionEnd.client;!c&&!0!==e.verifyClient\|\|0!==o.length?0===o.length?e.expect=c?Ea:wa:(c?e.session.serverCertificate=o[0]:e.session.clientCertificate=o[0],va.verifyCertificateChain(e,o)&&(e.expect=c?Ea:wa)):e.error(e,{message:c?"No server certificate provided.":"No client certificate provided.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.illegal_parameter}}),e.process()},va.handleServerKeyExchange=function(e,t,r){if(r>0)return e.error(e,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.unsupported_certificate}});e.expect=Sa,e.process()},va.handleClientKeyExchange=function(e,t,r){if(r<48)return e.error(e,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.unsupported_certificate}});var a=t.fragment,n={enc_pre_master_secret:ga(a,2).getBytes()},i=null;if(e.getPrivateKey)try{i=e.getPrivateKey(e,e.session.serverCertificate),i=ha.pki.privateKeyFromPem(i)}catch(t){e.error(e,{message:"Could not get private key.",cause:t,send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.internal_error}})}if(null===i)return e.error(e,{message:"No private key set.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.internal_error}});try{var s=e.session.sp;s.pre_master_secret=i.decrypt(n.enc_pre_master_secret);var o=e.session.clientHelloVersion;if(o.major!==s.pre_master_secret.charCodeAt(0)\|\|o.minor!==s.pre_master_secret.charCodeAt(1))throw new Error("TLS version rollback attack detected.")}catch(e){s.pre_master_secret=ha.random.getBytes(48)}e.expect=Ra,null!==e.session.clientCertificate&&(e.expect=ka),e.process()},va.handleCertificateRequest=function(e,t,r){if(r<3)return e.error(e,{message:"Invalid CertificateRequest. Message too short.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.illegal_parameter}});var a=t.fragment,n={certificate_types:ga(a,1),certificate_authorities:ga(a,2)};e.session.certificateRequest=n,e.expect=Ta,e.process()},va.handleCertificateVerify=function(e,t,r){if(r<2)return e.error(e,{message:"Invalid CertificateVerify. Message too short.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.illegal_parameter}});var a=t.fragment;a.read-=4;var n=a.bytes();a.read+=4;var i={signature:ga(a,2).getBytes()},s=ha.util.createBuffer();s.putBuffer(e.session.md5.digest()),s.putBuffer(e.session.sha1.digest()),s=s.getBytes();try{if(!e.session.clientCertificate.publicKey.verify(s,i.signature,"NONE"))throw new Error("CertificateVerify signature does not match.");e.session.md5.update(n),e.session.sha1.update(n)}catch(t){return e.error(e,{message:"Bad signature in CertificateVerify.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.handshake_failure}})}e.expect=Ra,e.process()},va.handleServerHelloDone=function(e,t,r){if(r>0)return e.error(e,{message:"Invalid ServerHelloDone message. Invalid length.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.record_overflow}});if(null===e.serverCertificate){var a={message:"No server certificate provided. Not enough security.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.insufficient_security}},n=e.verify(e,a.alert.description,0,[]);if(!0!==n)return(n\|\|0===n)&&("object"!=typeof n\|\|ha.util.isArray(n)?"number"==typeof n&&(a.alert.description=n):(n.message&&(a.message=n.message),n.alert&&(a.alert.description=n.alert))),e.error(e,a)}null!==e.session.certificateRequest&&(t=va.createRecord(e,{type:va.ContentType.handshake,data:va.createCertificate(e)}),va.queue(e,t)),t=va.createRecord(e,{type:va.ContentType.handshake,data:va.createClientKeyExchange(e)}),va.queue(e,t),e.expect=Ba;var i=function(e,t){null!==e.session.certificateRequest&&null!==e.session.clientCertificate&&va.queue(e,va.createRecord(e,{type:va.ContentType.handshake,data:va.createCertificateVerify(e,t)})),va.queue(e,va.createRecord(e,{type:va.ContentType.change_cipher_spec,data:va.createChangeCipherSpec()})),e.state.pending=va.createConnectionState(e),e.state.current.write=e.state.pending.write,va.queue(e,va.createRecord(e,{type:va.ContentType.handshake,data:va.createFinished(e)})),e.expect=Ia,va.flush(e),e.process()};if(null===e.session.certificateRequest\|\|null===e.session.clientCertificate)return i(e,null);va.getClientSignature(e,i)},va.handleChangeCipherSpec=function(e,t){if(1!==t.fragment.getByte())return e.error(e,{message:"Invalid ChangeCipherSpec message received.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.illegal_parameter}});var r=e.entity===va.ConnectionEnd.client;(e.session.resuming&&r\|\|!e.session.resuming&&!r)&&(e.state.pending=va.createConnectionState(e)),e.state.current.read=e.state.pending.read,(!e.session.resuming&&r\|\|e.session.resuming&&!r)&&(e.state.pending=null),e.expect=r?Aa:_a,e.process()},va.handleFinished=function(e,t,r){var a=t.fragment;a.read-=4;var n=a.bytes();a.read+=4;var i=t.fragment.getBytes();(a=ha.util.createBuffer()).putBuffer(e.session.md5.digest()),a.putBuffer(e.session.sha1.digest());var s=e.entity===va.ConnectionEnd.client,o=s?"server finished":"client finished",c=e.session.sp;if((a=fa(c.master_secret,o,a.getBytes(),12)).getBytes()!==i)return e.error(e,{message:"Invalid verify_data in Finished message.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.decrypt_error}});e.session.md5.update(n),e.session.sha1.update(n),(e.session.resuming&&s\|\|!e.session.resuming&&!s)&&(va.queue(e,va.createRecord(e,{type:va.ContentType.change_cipher_spec,data:va.createChangeCipherSpec()})),e.state.current.write=e.state.pending.write,e.state.pending=null,va.queue(e,va.createRecord(e,{type:va.ContentType.handshake,data:va.createFinished(e)}))),e.expect=s?ba:La,e.handshaking=!1,++e.handshakes,e.peerCertificate=s?e.session.serverCertificate:e.session.clientCertificate,va.flush(e),e.isConnected=!0,e.connected(e),e.process()},va.handleAlert=function(e,t){var r,a=t.fragment,n={level:a.getByte(),description:a.getByte()};switch(n.description){case va.Alert.Description.close_notify:r="Connection closed.";break;case va.Alert.Description.unexpected_message:r="Unexpected message.";break;case va.Alert.Description.bad_record_mac:r="Bad record MAC.";break;case va.Alert.Description.decryption_failed:r="Decryption failed.";break;case va.Alert.Description.record_overflow:r="Record overflow.";break;case va.Alert.Description.decompression_failure:r="Decompression failed.";break;case va.Alert.Description.handshake_failure:r="Handshake failure.";break;case va.Alert.Description.bad_certificate:r="Bad certificate.";break;case va.Alert.Description.unsupported_certificate:r="Unsupported certificate.";break;case va.Alert.Description.certificate_revoked:r="Certificate revoked.";break;case va.Alert.Description.certificate_expired:r="Certificate expired.";break;case va.Alert.Description.certificate_unknown:r="Certificate unknown.";break;case va.Alert.Description.illegal_parameter:r="Illegal parameter.";break;case va.Alert.Description.unknown_ca:r="Unknown certificate authority.";break;case va.Alert.Description.access_denied:r="Access denied.";break;case va.Alert.Description.decode_error:r="Decode error.";break;case va.Alert.Description.decrypt_error:r="Decrypt error.";break;case va.Alert.Description.export_restriction:r="Export restriction.";break;case va.Alert.Description.protocol_version:r="Unsupported protocol version.";break;case va.Alert.Description.insufficient_security:r="Insufficient security.";break;case va.Alert.Description.internal_error:r="Internal error.";break;case va.Alert.Description.user_canceled:r="User canceled.";break;case va.Alert.Description.no_renegotiation:r="Renegotiation not supported.";break;default:r="Unknown error."}if(n.description===va.Alert.Description.close_notify)return e.close();e.error(e,{message:r,send:!1,origin:e.entity===va.ConnectionEnd.client?"server":"client",alert:n}),e.process()},va.handleHandshake=function(e,t){var r=t.fragment,a=r.getByte(),n=r.getInt24();if(n>r.length())return e.fragmented=t,t.fragment=ha.util.createBuffer(),r.read-=4,e.process();e.fragmented=null,r.read-=4;var i=r.bytes(n+4);r.read+=4,a in za[e.entity][e.expect]?(e.entity!==va.ConnectionEnd.server\|\|e.open\|\|e.fail\|\|(e.handshaking=!0,e.session={version:null,extensions:{server_name:{serverNameList:[]}},cipherSuite:null,compressionMethod:null,serverCertificate:null,clientCertificate:null,md5:ha.md.md5.create(),sha1:ha.md.sha1.create()}),a!==va.HandshakeType.hello_request&&a!==va.HandshakeType.certificate_verify&&a!==va.HandshakeType.finished&&(e.session.md5.update(i),e.session.sha1.update(i)),za[e.entity][e.expect][a](e,t,n)):va.handleUnexpected(e,t)},va.handleApplicationData=function(e,t){e.data.putBuffer(t.fragment),e.dataReady(e),e.process()},va.handleHeartbeat=function(e,t){var r=t.fragment,a=r.getByte(),n=r.getInt16(),i=r.getBytes(n);if(a===va.HeartbeatMessageType.heartbeat_request){if(e.handshaking\|\|n>i.length)return e.process();va.queue(e,va.createRecord(e,{type:va.ContentType.heartbeat,data:va.createHeartbeat(va.HeartbeatMessageType.heartbeat_response,i)})),va.flush(e)}else if(a===va.HeartbeatMessageType.heartbeat_response){if(i!==e.expectedHeartbeatPayload)return e.process();e.heartbeatReceived&&e.heartbeatReceived(e,ha.util.createBuffer(i))}e.process()};var Ca=1,Ea=2,Sa=3,Ta=4,Ia=5,Aa=6,ba=7,Ba=8,Na=1,wa=2,ka=3,Ra=4,_a=5,La=6,Ua=va.handleUnexpected,Da=va.handleChangeCipherSpec,Pa=va.handleAlert,Va=va.handleHandshake,Oa=va.handleApplicationData,Ka=va.handleHeartbeat,xa=[];xa[va.ConnectionEnd.client]=[[Ua,Pa,Va,Ua,Ka],[Ua,Pa,Va,Ua,Ka],[Ua,Pa,Va,Ua,Ka],[Ua,Pa,Va,Ua,Ka],[Ua,Pa,Va,Ua,Ka],[Da,Pa,Ua,Ua,Ka],[Ua,Pa,Va,Ua,Ka],[Ua,Pa,Va,Oa,Ka],[Ua,Pa,Va,Ua,Ka]],xa[va.ConnectionEnd.server]=[[Ua,Pa,Va,Ua,Ka],[Ua,Pa,Va,Ua,Ka],[Ua,Pa,Va,Ua,Ka],[Ua,Pa,Va,Ua,Ka],[Da,Pa,Ua,Ua,Ka],[Ua,Pa,Va,Ua,Ka],[Ua,Pa,Va,Oa,Ka],[Ua,Pa,Va,Ua,Ka]];var Ma=va.handleHelloRequest,Fa=va.handleServerHello,qa=va.handleCertificate,ja=va.handleServerKeyExchange,Ga=va.handleCertificateRequest,Ha=va.handleServerHelloDone,Qa=va.handleFinished,za=[];za[va.ConnectionEnd.client]=[[Ua,Ua,Fa,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua],[Ma,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,qa,ja,Ga,Ha,Ua,Ua,Ua,Ua,Ua,Ua],[Ma,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,ja,Ga,Ha,Ua,Ua,Ua,Ua,Ua,Ua],[Ma,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ga,Ha,Ua,Ua,Ua,Ua,Ua,Ua],[Ma,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ha,Ua,Ua,Ua,Ua,Ua,Ua],[Ma,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua],[Ma,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Qa],[Ma,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua],[Ma,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua]];var Wa=va.handleClientHello,Ya=va.handleClientKeyExchange,Xa=va.handleCertificateVerify;za[va.ConnectionEnd.server]=[[Ua,Wa,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua],[Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,qa,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua],[Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ya,Ua,Ua,Ua,Ua],[Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Xa,Ua,Ua,Ua,Ua,Ua],[Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua],[Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Qa],[Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua],[Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua,Ua]],va.generateKeys=function(e,t){var r=fa,a=t.client_random+t.server_random;e.session.resuming\|\|(t.master_secret=r(t.pre_master_secret,"master secret",a,48).bytes(),t.pre_master_secret=null),a=t.server_random+t.client_random;var n=2t.mac_key_length+2t.enc_key_length,i=e.version.major===va.Versions.TLS_1_0.major&&e.version.minor===va.Versions.TLS_1_0.minor;i&&(n+=2t.fixed_iv_length);var s=r(t.master_secret,"key expansion",a,n),o={client_write_MAC_key:s.getBytes(t.mac_key_length),server_write_MAC_key:s.getBytes(t.mac_key_length),client_write_key:s.getBytes(t.enc_key_length),server_write_key:s.getBytes(t.enc_key_length)};return i&&(o.client_write_IV=s.getBytes(t.fixed_iv_length),o.server_write_IV=s.getBytes(t.fixed_iv_length)),o},va.createConnectionState=function(e){var t=e.entity===va.ConnectionEnd.client,r=function(){var e={sequenceNumber:[0,0],macKey:null,macLength:0,macFunction:null,cipherState:null,cipherFunction:function(e){return!0},compressionState:null,compressFunction:function(e){return!0},updateSequenceNumber:function(){4294967295===e.sequenceNumber[1]?(e.sequenceNumber[1]=0,++e.sequenceNumber[0]):++e.sequenceNumber[1]}};return e},a={read:r(),write:r()};if(a.read.update=function(e,t){return a.read.cipherFunction(t,a.read)?a.read.compressFunction(e,t,a.read)\|\|e.error(e,{message:"Could not decompress record.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.decompression_failure}}):e.error(e,{message:"Could not decrypt record or bad MAC.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.bad_record_mac}}),!e.fail},a.write.update=function(e,t){return a.write.compressFunction(e,t,a.write)?a.write.cipherFunction(t,a.write)\|\|e.error(e,{message:"Could not encrypt record.",send:!1,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.internal_error}}):e.error(e,{message:"Could not compress record.",send:!1,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.internal_error}}),!e.fail},e.session){var n=e.session.sp;switch(e.session.cipherSuite.initSecurityParameters(n),n.keys=va.generateKeys(e,n),a.read.macKey=t?n.keys.server_write_MAC_key:n.keys.client_write_MAC_key,a.write.macKey=t?n.keys.client_write_MAC_key:n.keys.server_write_MAC_key,e.session.cipherSuite.initConnectionState(a,e,n),n.compression_algorithm){case va.CompressionMethod.none:break;case va.CompressionMethod.deflate:a.read.compressFunction=ya,a.write.compressFunction=da;break;default:throw new Error("Unsupported compression algorithm.")}}return a},va.createRandom=function(){var e=new Date,t=+e+6e4e.getTimezoneOffset(),r=ha.util.createBuffer();return r.putInt32(t),r.putBytes(ha.random.getBytes(28)),r},va.createRecord=function(e,t){return t.data?{type:t.type,version:{major:e.version.major,minor:e.version.minor},length:t.data.length(),fragment:t.data}:null},va.createAlert=function(e,t){var r=ha.util.createBuffer();return r.putByte(t.level),r.putByte(t.description),va.createRecord(e,{type:va.ContentType.alert,data:r})},va.createClientHello=function(e){e.session.clientHelloVersion={major:e.version.major,minor:e.version.minor};for(var t=ha.util.createBuffer(),r=0;r<e.cipherSuites.length;++r){var a=e.cipherSuites[r];t.putByte(a.id[0]),t.putByte(a.id[1])}var n=t.length(),i=ha.util.createBuffer();i.putByte(va.CompressionMethod.none);var s=i.length(),o=ha.util.createBuffer();if(e.virtualHost){var c=ha.util.createBuffer();c.putByte(0),c.putByte(0);var u=ha.util.createBuffer();u.putByte(0),ma(u,2,ha.util.createBuffer(e.virtualHost));var l=ha.util.createBuffer();ma(l,2,u),ma(c,2,l),o.putBuffer(c)}var p=o.length();p>0&&(p+=2);var h=e.session.id,f=h.length+1+2+4+28+2+n+1+s+p,d=ha.util.createBuffer();return d.putByte(va.HandshakeType.client_hello),d.putInt24(f),d.putByte(e.version.major),d.putByte(e.version.minor),d.putBytes(e.session.sp.client_random),ma(d,1,ha.util.createBuffer(h)),ma(d,2,t),ma(d,1,i),p>0&&ma(d,2,o),d},va.createServerHello=function(e){var t=e.session.id,r=t.length+1+2+4+28+2+1,a=ha.util.createBuffer();return a.putByte(va.HandshakeType.server_hello),a.putInt24(r),a.putByte(e.version.major),a.putByte(e.version.minor),a.putBytes(e.session.sp.server_random),ma(a,1,ha.util.createBuffer(t)),a.putByte(e.session.cipherSuite.id[0]),a.putByte(e.session.cipherSuite.id[1]),a.putByte(e.session.compressionMethod),a},va.createCertificate=function(e){var t,r=e.entity===va.ConnectionEnd.client,a=null;e.getCertificate&&(t=r?e.session.certificateRequest:e.session.extensions.server_name.serverNameList,a=e.getCertificate(e,t));var n=ha.util.createBuffer();if(null!==a)try{ha.util.isArray(a)\|\|(a=[a]);for(var i=null,s=0;s<a.length;++s){var o=ha.pem.decode(a[s])[0];if("CERTIFICATE"!==o.type&&"X509 CERTIFICATE"!==o.type&&"TRUSTED CERTIFICATE"!==o.type){var c=new Error('Could not convert certificate from PEM; PEM header type is not "CERTIFICATE", "X509 CERTIFICATE", or "TRUSTED CERTIFICATE".');throw c.headerType=o.type,c}if(o.procType&&"ENCRYPTED"===o.procType.type)throw new Error("Could not convert certificate from PEM; PEM is encrypted.");var u=ha.util.createBuffer(o.body);null===i&&(i=ha.asn1.fromDer(u.bytes(),!1));var l=ha.util.createBuffer();ma(l,3,u),n.putBuffer(l)}a=ha.pki.certificateFromAsn1(i),r?e.session.clientCertificate=a:e.session.serverCertificate=a}catch(t){return e.error(e,{message:"Could not send certificate list.",cause:t,send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.bad_certificate}})}var p=3+n.length(),h=ha.util.createBuffer();return h.putByte(va.HandshakeType.certificate),h.putInt24(p),ma(h,3,n),h},va.createClientKeyExchange=function(e){var t=ha.util.createBuffer();t.putByte(e.session.clientHelloVersion.major),t.putByte(e.session.clientHelloVersion.minor),t.putBytes(ha.random.getBytes(46));var r=e.session.sp;r.pre_master_secret=t.getBytes();var a=(t=e.session.serverCertificate.publicKey.encrypt(r.pre_master_secret)).length+2,n=ha.util.createBuffer();return n.putByte(va.HandshakeType.client_key_exchange),n.putInt24(a),n.putInt16(t.length),n.putBytes(t),n},va.createServerKeyExchange=function(e){return ha.util.createBuffer()},va.getClientSignature=function(e,t){var r=ha.util.createBuffer();r.putBuffer(e.session.md5.digest()),r.putBuffer(e.session.sha1.digest()),r=r.getBytes(),e.getSignature=e.getSignature\|\|function(e,t,r){var a=null;if(e.getPrivateKey)try{a=e.getPrivateKey(e,e.session.clientCertificate),a=ha.pki.privateKeyFromPem(a)}catch(t){e.error(e,{message:"Could not get private key.",cause:t,send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.internal_error}})}null===a?e.error(e,{message:"No private key set.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.internal_error}}):t=a.sign(t,null),r(e,t)},e.getSignature(e,r,t)},va.createCertificateVerify=function(e,t){var r=t.length+2,a=ha.util.createBuffer();return a.putByte(va.HandshakeType.certificate_verify),a.putInt24(r),a.putInt16(t.length),a.putBytes(t),a},va.createCertificateRequest=function(e){var t=ha.util.createBuffer();t.putByte(1);var r=ha.util.createBuffer();for(var a in e.caStore.certs){var n=e.caStore.certs[a],i=ha.pki.distinguishedNameToAsn1(n.subject),s=ha.asn1.toDer(i);r.putInt16(s.length()),r.putBuffer(s)}var o=1+t.length()+2+r.length(),c=ha.util.createBuffer();return c.putByte(va.HandshakeType.certificate_request),c.putInt24(o),ma(c,1,t),ma(c,2,r),c},va.createServerHelloDone=function(e){var t=ha.util.createBuffer();return t.putByte(va.HandshakeType.server_hello_done),t.putInt24(0),t},va.createChangeCipherSpec=function(){var e=ha.util.createBuffer();return e.putByte(1),e},va.createFinished=function(e){var t=ha.util.createBuffer();t.putBuffer(e.session.md5.digest()),t.putBuffer(e.session.sha1.digest());var r=e.entity===va.ConnectionEnd.client,a=e.session.sp,n=r?"client finished":"server finished";t=fa(a.master_secret,n,t.getBytes(),12);var i=ha.util.createBuffer();return i.putByte(va.HandshakeType.finished),i.putInt24(t.length()),i.putBuffer(t),i},va.createHeartbeat=function(e,t,r){void 0===r&&(r=t.length);var a=ha.util.createBuffer();a.putByte(e),a.putInt16(r),a.putBytes(t);var n=a.length(),i=Math.max(16,n-r-3);return a.putBytes(ha.random.getBytes(i)),a},va.queue=function(e,t){if(t&&(0!==t.fragment.length()\|\|t.type!==va.ContentType.handshake&&t.type!==va.ContentType.alert&&t.type!==va.ContentType.change_cipher_spec)){if(t.type===va.ContentType.handshake){var r=t.fragment.bytes();e.session.md5.update(r),e.session.sha1.update(r),r=null}var a;if(t.fragment.length()<=va.MaxFragment)a=[t];else{a=[];for(var n=t.fragment.bytes();n.length>va.MaxFragment;)a.push(va.createRecord(e,{type:t.type,data:ha.util.createBuffer(n.slice(0,va.MaxFragment))})),n=n.slice(va.MaxFragment);n.length>0&&a.push(va.createRecord(e,{type:t.type,data:ha.util.createBuffer(n)}))}for(var i=0;i<a.length&&!e.fail;++i){var s=a[i];e.state.current.write.update(e,s)&&e.records.push(s)}}},va.flush=function(e){for(var t=0;t<e.records.length;++t){var r=e.records[t];e.tlsData.putByte(r.type),e.tlsData.putByte(r.version.major),e.tlsData.putByte(r.version.minor),e.tlsData.putInt16(r.fragment.length()),e.tlsData.putBuffer(e.records[t].fragment)}return e.records=[],e.tlsDataReady(e)};var Za=function(e){switch(e){case!0:return!0;case ha.pki.certificateError.bad_certificate:return va.Alert.Description.bad_certificate;case ha.pki.certificateError.unsupported_certificate:return va.Alert.Description.unsupported_certificate;case ha.pki.certificateError.certificate_revoked:return va.Alert.Description.certificate_revoked;case ha.pki.certificateError.certificate_expired:return va.Alert.Description.certificate_expired;case ha.pki.certificateError.certificate_unknown:return va.Alert.Description.certificate_unknown;case ha.pki.certificateError.unknown_ca:return va.Alert.Description.unknown_ca;default:return va.Alert.Description.bad_certificate}};for(var $a in va.verifyCertificateChain=function(e,t){try{var r={};for(var a in e.verifyOptions)r[a]=e.verifyOptions[a];r.verify=function(t,r,a){Za(t);var n=e.verify(e,t,r,a);if(!0!==n){if("object"==typeof n&&!ha.util.isArray(n)){var i=new Error("The application rejected the certificate.");throw i.send=!0,i.alert={level:va.Alert.Level.fatal,description:va.Alert.Description.bad_certificate},n.message&&(i.message=n.message),n.alert&&(i.alert.description=n.alert),i}n!==t&&(n=function(e){switch(e){case!0:return!0;case va.Alert.Description.bad_certificate:return ha.pki.certificateError.bad_certificate;case va.Alert.Description.unsupported_certificate:return ha.pki.certificateError.unsupported_certificate;case va.Alert.Description.certificate_revoked:return ha.pki.certificateError.certificate_revoked;case va.Alert.Description.certificate_expired:return ha.pki.certificateError.certificate_expired;case va.Alert.Description.certificate_unknown:return ha.pki.certificateError.certificate_unknown;case va.Alert.Description.unknown_ca:return ha.pki.certificateError.unknown_ca;default:return ha.pki.certificateError.bad_certificate}}(n))}return n},ha.pki.verifyCertificateChain(e.caStore,t,r)}catch(t){var n=t;("object"!=typeof n\|\|ha.util.isArray(n))&&(n={send:!0,alert:{level:va.Alert.Level.fatal,description:Za(t)}}),"send"in n\|\|(n.send=!0),"alert"in n\|\|(n.alert={level:va.Alert.Level.fatal,description:Za(n.error)}),e.error(e,n)}return!e.fail},va.createSessionCache=function(e,t){var r=null;if(e&&e.getSession&&e.setSession&&e.order)r=e;else{for(var a in(r={}).cache=e\|\|{},r.capacity=Math.max(t\|\|100,1),r.order=[],e)r.order.length<=t?r.order.push(a):delete e[a];r.getSession=function(e){var t=null,a=null;if(e?a=ha.util.bytesToHex(e):r.order.length>0&&(a=r.order[0]),null!==a&&a in r.cache)for(var n in t=r.cache[a],delete r.cache[a],r.order)if(r.order[n]===a){r.order.splice(n,1);break}return t},r.setSession=function(e,t){if(r.order.length===r.capacity){var a=r.order.shift();delete r.cache[a]}a=ha.util.bytesToHex(e);r.order.push(a),r.cache[a]=t}}return r},va.createConnection=function(e){var t=null;t=e.caStore?ha.util.isArray(e.caStore)?ha.pki.createCaStore(e.caStore):e.caStore:ha.pki.createCaStore();var r=e.cipherSuites\|\|null;if(null===r)for(var a in r=[],va.CipherSuites)r.push(va.CipherSuites[a]);var n=e.server?va.ConnectionEnd.server:va.ConnectionEnd.client,i=e.sessionCache?va.createSessionCache(e.sessionCache):null,s={version:{major:va.Version.major,minor:va.Version.minor},entity:n,sessionId:e.sessionId,caStore:t,sessionCache:i,cipherSuites:r,connected:e.connected,virtualHost:e.virtualHost\|\|null,verifyClient:e.verifyClient\|\|!1,verify:e.verify\|\|function(e,t,r,a){return t},verifyOptions:e.verifyOptions\|\|{},getCertificate:e.getCertificate\|\|null,getPrivateKey:e.getPrivateKey\|\|null,getSignature:e.getSignature\|\|null,input:ha.util.createBuffer(),tlsData:ha.util.createBuffer(),data:ha.util.createBuffer(),tlsDataReady:e.tlsDataReady,dataReady:e.dataReady,heartbeatReceived:e.heartbeatReceived,closed:e.closed,error:function(t,r){r.origin=r.origin\|\|(t.entity===va.ConnectionEnd.client?"client":"server"),r.send&&(va.queue(t,va.createAlert(t,r.alert)),va.flush(t));var a=!1!==r.fatal;a&&(t.fail=!0),e.error(t,r),a&&t.close(!1)},deflate:e.deflate\|\|null,inflate:e.inflate\|\|null,reset:function(e){s.version={major:va.Version.major,minor:va.Version.minor},s.record=null,s.session=null,s.peerCertificate=null,s.state={pending:null,current:null},s.expect=(s.entity,va.ConnectionEnd.client,0),s.fragmented=null,s.records=[],s.open=!1,s.handshakes=0,s.handshaking=!1,s.isConnected=!1,s.fail=!(e\|\|void 0===e),s.input.clear(),s.tlsData.clear(),s.data.clear(),s.state.current=va.createConnectionState(s)}};s.reset();return s.handshake=function(e){if(s.entity!==va.ConnectionEnd.client)s.error(s,{message:"Cannot initiate handshake as a server.",fatal:!1});else if(s.handshaking)s.error(s,{message:"Handshake already in progress.",fatal:!1});else{s.fail&&!s.open&&0===s.handshakes&&(s.fail=!1),s.handshaking=!0;var t=null;(e=e\|\|"").length>0&&(s.sessionCache&&(t=s.sessionCache.getSession(e)),null===t&&(e="")),0===e.length&&s.sessionCache&&null!==(t=s.sessionCache.getSession())&&(e=t.id),s.session={id:e,version:null,cipherSuite:null,compressionMethod:null,serverCertificate:null,certificateRequest:null,clientCertificate:null,sp:{},md5:ha.md.md5.create(),sha1:ha.md.sha1.create()},t&&(s.version=t.version,s.session.sp=t.sp),s.session.sp.client_random=va.createRandom().getBytes(),s.open=!0,va.queue(s,va.createRecord(s,{type:va.ContentType.handshake,data:va.createClientHello(s)})),va.flush(s)}},s.process=function(e){var t=0;return e&&s.input.putBytes(e),s.fail\|\|(null!==s.record&&s.record.ready&&s.record.fragment.isEmpty()&&(s.record=null),null===s.record&&(t=function(e){var t=0,r=e.input,a=r.length();if(a<5)t=5-a;else{e.record={type:r.getByte(),version:{major:r.getByte(),minor:r.getByte()},length:r.getInt16(),fragment:ha.util.createBuffer(),ready:!1};var n=e.record.version.major===e.version.major;n&&e.session&&e.session.version&&(n=e.record.version.minor===e.version.minor),n\|\|e.error(e,{message:"Incompatible TLS version.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.protocol_version}})}return t}(s)),s.fail\|\|null===s.record\|\|s.record.ready\|\|(t=function(e){var t=0,r=e.input,a=r.length();return a<e.record.length?t=e.record.length-a:(e.record.fragment.putBytes(r.getBytes(e.record.length)),r.compact(),e.state.current.read.update(e,e.record)&&(null!==e.fragmented&&(e.fragmented.type===e.record.type?(e.fragmented.fragment.putBuffer(e.record.fragment),e.record=e.fragmented):e.error(e,{message:"Invalid fragmented record.",send:!0,alert:{level:va.Alert.Level.fatal,description:va.Alert.Description.unexpected_message}})),e.record.ready=!0)),t}(s)),!s.fail&&null!==s.record&&s.record.ready&&function(e,t){var r=t.type-va.ContentType.change_cipher_spec,a=xa[e.entity][e.expect];r in a?a[r](e,t):va.handleUnexpected(e,t)}(s,s.record)),t},s.prepare=function(e){return va.queue(s,va.createRecord(s,{type:va.ContentType.application_data,data:ha.util.createBuffer(e)})),va.flush(s)},s.prepareHeartbeatRequest=function(e,t){return e instanceof ha.util.ByteBuffer&&(e=e.bytes()),void 0===t&&(t=e.length),s.expectedHeartbeatPayload=e,va.queue(s,va.createRecord(s,{type:va.ContentType.heartbeat,data:va.createHeartbeat(va.HeartbeatMessageType.heartbeat_request,e,t)})),va.flush(s)},s.close=function(e){if(!s.fail&&s.sessionCache&&s.session){var t={id:s.session.id,version:s.session.version,sp:s.session.sp};t.sp.keys=null,s.sessionCache.setSession(t.id,t)}s.open&&(s.open=!1,s.input.clear(),(s.isConnected\|\|s.handshaking)&&(s.isConnected=s.handshaking=!1,va.queue(s,va.createAlert(s,{level:va.Alert.Level.warning,description:va.Alert.Description.close_notify})),va.flush(s)),s.closed(s)),s.reset(e)},s},ha.tls=ha.tls\|\|{},va)"function"!=typeof va[$a]&&(ha.tls[$a]=va[$a]);ha.tls.prf_tls1=fa,ha.tls.hmac_sha1=function(e,t,r){var a=ha.hmac.create();a.start("SHA1",e);var n=ha.util.createBuffer();return n.putInt32(t[0]),n.putInt32(t[1]),n.putByte(r.type),n.putByte(r.version.major),n.putByte(r.version.minor),n.putInt16(r.length),n.putBytes(r.fragment.bytes()),a.update(n.getBytes()),a.digest().getBytes()},ha.tls.createSessionCache=va.createSessionCache,ha.tls.createConnection=va.createConnection;var Ja=S,en=Ja.tls;function tn(e,t,r){var a=t.entity===Ja.tls.ConnectionEnd.client;e.read.cipherState={init:!1,cipher:Ja.cipher.createDecipher("AES-CBC",a?r.keys.server_write_key:r.keys.client_write_key),iv:a?r.keys.server_write_IV:r.keys.client_write_IV},e.write.cipherState={init:!1,cipher:Ja.cipher.createCipher("AES-CBC",a?r.keys.client_write_key:r.keys.server_write_key),iv:a?r.keys.client_write_IV:r.keys.server_write_IV},e.read.cipherFunction=sn,e.write.cipherFunction=rn,e.read.macLength=e.write.macLength=r.mac_length,e.read.macFunction=e.write.macFunction=en.hmac_sha1}function rn(e,t){var r,a=!1,n=t.macFunction(t.macKey,t.sequenceNumber,e);e.fragment.putBytes(n),t.updateSequenceNumber(),r=e.version.minor===en.Versions.TLS_1_0.minor?t.cipherState.init?null:t.cipherState.iv:Ja.random.getBytesSync(16),t.cipherState.init=!0;var i=t.cipherState.cipher;return i.start({iv:r}),e.version.minor>=en.Versions.TLS_1_1.minor&&i.output.putBytes(r),i.update(e.fragment),i.finish(an)&&(e.fragment=i.output,e.length=e.fragment.length(),a=!0),a}function an(e,t,r){if(!r){var a=e-t.length()%e;t.fillWithByte(a-1,a)}return!0}function nn(e,t,r){var a=!0;if(r){for(var n=t.length(),i=t.last(),s=n-1-i;s<n-1;++s)a=a&&t.at(s)==i;a&&t.truncate(i+1)}return a}function sn(e,t){var r,a=!1;r=e.version.minor===en.Versions.TLS_1_0.minor?t.cipherState.init?null:t.cipherState.iv:e.fragment.getBytes(16),t.cipherState.init=!0;var n=t.cipherState.cipher;n.start({iv:r}),n.update(e.fragment),a=n.finish(nn);var i=t.macLength,s=Ja.random.getBytesSync(i),o=n.output.length();o>=i?(e.fragment=n.output.getBytes(o-i),s=n.output.getBytes(i)):e.fragment=n.output.getBytes(),e.fragment=Ja.util.createBuffer(e.fragment),e.length=e.fragment.length();var c=t.macFunction(t.macKey,t.sequenceNumber,e);return t.updateSequenceNumber(),a=function(e,t,r){var a=Ja.hmac.create();return a.start("SHA1",e),a.update(t),t=a.digest().getBytes(),a.start(null,null),a.update(r),r=a.digest().getBytes(),t===r}(t.macKey,s,c)&&a,a}en.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA={id:[0,47],name:"TLS_RSA_WITH_AES_128_CBC_SHA",initSecurityParameters:function(e){e.bulk_cipher_algorithm=en.BulkCipherAlgorithm.aes,e.cipher_type=en.CipherType.block,e.enc_key_length=16,e.block_length=16,e.fixed_iv_length=16,e.record_iv_length=16,e.mac_algorithm=en.MACAlgorithm.hmac_sha1,e.mac_length=20,e.mac_key_length=20},initConnectionState:tn},en.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA={id:[0,53],name:"TLS_RSA_WITH_AES_256_CBC_SHA",initSecurityParameters:function(e){e.bulk_cipher_algorithm=en.BulkCipherAlgorithm.aes,e.cipher_type=en.CipherType.block,e.enc_key_length=32,e.block_length=16,e.fixed_iv_length=16,e.record_iv_length=16,e.mac_algorithm=en.MACAlgorithm.hmac_sha1,e.mac_length=20,e.mac_key_length=20},initConnectionState:tn};var on=S;on.debug=on.debug\|\|{},on.debug.storage={},on.debug.get=function(e,t){var r;return void 0===e?r=on.debug.storage:e in on.debug.storage&&(r=void 0===t?on.debug.storage[e]:on.debug.storage[e][t]),r},on.debug.set=function(e,t,r){e in on.debug.storage\|\|(on.debug.storage[e]={}),on.debug.storage[e][t]=r},on.debug.clear=function(e,t){void 0===e?on.debug.storage={}:e in on.debug.storage&&(void 0===t?delete on.debug.storage[e]:delete on.debug.storage[e][t])};var cn=S,un=cn.sha512=cn.sha512\|\|{};cn.md.sha512=cn.md.algorithms.sha512=un;var ln=cn.sha384=cn.sha512.sha384=cn.sha512.sha384\|\|{};ln.create=function(){return un.create("SHA-384")},cn.md.sha384=cn.md.algorithms.sha384=ln,cn.sha512.sha256=cn.sha512.sha256\|\|{create:function(){return un.create("SHA-512/256")}},cn.md["sha512/256"]=cn.md.algorithms["sha512/256"]=cn.sha512.sha256,cn.sha512.sha224=cn.sha512.sha224\|\|{create:function(){return un.create("SHA-512/224")}},cn.md["sha512/224"]=cn.md.algorithms["sha512/224"]=cn.sha512.sha224,un.create=function(e){if(hn\|\|(pn=String.fromCharCode(128),pn+=cn.util.fillString(String.fromCharCode(0),128),fn=[[1116352408,3609767458],[1899447441,602891725],[3049323471,3964484399],[3921009573,2173295548],[961987163,4081628472],[1508970993,3053834265],[2453635748,2937671579],[2870763221,3664609560],[3624381080,2734883394],[310598401,1164996542],[607225278,1323610764],[1426881987,3590304994],[1925078388,4068182383],[2162078206,991336113],[2614888103,633803317],[3248222580,3479774868],[3835390401,2666613458],[4022224774,944711139],[264347078,2341262773],[604807628,2007800933],[770255983,1495990901],[1249150122,1856431235],[1555081692,3175218132],[1996064986,2198950837],[2554220882,3999719339],[2821834349,766784016],[2952996808,2566594879],[3210313671,3203337956],[3336571891,1034457026],[3584528711,2466948901],[113926993,3758326383],[338241895,168717936],[666307205,1188179964],[773529912,1546045734],[1294757372,1522805485],[1396182291,2643833823],[1695183700,2343527390],[1986661051,1014477480],[2177026350,1206759142],[2456956037,344077627],[2730485921,1290863460],[2820302411,3158454273],[3259730800,3505952657],[3345764771,106217008],[3516065817,3606008344],[3600352804,1432725776],[4094571909,1467031594],[275423344,851169720],[430227734,3100823752],[506948616,1363258195],[659060556,3750685593],[883997877,3785050280],[958139571,3318307427],[1322822218,3812723403],[1537002063,2003034995],[1747873779,3602036899],[1955562222,1575990012],[2024104815,1125592928],[2227730452,2716904306],[2361852424,442776044],[2428436474,593698344],[2756734187,3733110249],[3204031479,2999351573],[3329325298,3815920427],[3391569614,3928383900],[3515267271,566280711],[3940187606,3454069534],[4118630271,4000239992],[116418474,1914138554],[174292421,2731055270],[289380356,3203993006],[460393269,320620315],[685471733,587496836],[852142971,1086792851],[1017036298,365543100],[1126000580,2618297676],[1288033470,3409855158],[1501505948,4234509866],[1607167915,987167468],[1816402316,1246189591]],(dn={})["SHA-512"]=[[1779033703,4089235720],[3144134277,2227873595],[1013904242,4271175723],[2773480762,1595750129],[1359893119,2917565137],[2600822924,725511199],[528734635,4215389547],[1541459225,327033209]],dn["SHA-384"]=[[3418070365,3238371032],[1654270250,914150663],[2438529370,812702999],[355462360,4144912697],[1731405415,4290775857],[2394180231,1750603025],[3675008525,1694076839],[1203062813,3204075428]],dn["SHA-512/256"]=[[573645204,4230739756],[2673172387,3360449730],[596883563,1867755857],[2520282905,1497426621],[2519219938,2827943907],[3193839141,1401305490],[721525244,746961066],[246885852,2177182882]],dn["SHA-512/224"]=[[2352822216,424955298],[1944164710,2312950998],[502970286,855612546],[1738396948,1479516111],[258812777,2077511080],[2011393907,79989058],[1067287976,1780299464],[286451373,2446758561]],hn=!0),void 0===e&&(e="SHA-512"),!(e in dn))throw new Error("Invalid SHA-512 algorithm: "+e);for(var t=dn[e],r=null,a=cn.util.createBuffer(),n=new Array(80),i=0;i<80;++i)n[i]=new Array(2);var s=64;switch(e){case"SHA-384":s=48;break;case"SHA-512/256":s=32;break;case"SHA-512/224":s=28}var o={algorithm:e.replace("-","").toLowerCase(),blockLength:128,digestLength:s,messageLength:0,fullMessageLength:null,messageLengthSize:16,start:function(){o.messageLength=0,o.fullMessageLength=o.messageLength128=[];for(var e=o.messageLengthSize/4,n=0;n<e;++n)o.fullMessageLength.push(0);a=cn.util.createBuffer(),r=new Array(t.length);for(n=0;n<t.length;++n)r[n]=t[n].slice(0);return o}};return o.start(),o.update=function(e,t){"utf8"===t&&(e=cn.util.encodeUtf8(e));var i=e.length;o.messageLength+=i,i=[i/4294967296>>>0,i>>>0];for(var s=o.fullMessageLength.length-1;s>=0;--s)o.fullMessageLength[s]+=i[1],i[1]=i[0]+(o.fullMessageLength[s]/4294967296>>>0),o.fullMessageLength[s]=o.fullMessageLength[s]>>>0,i[0]=i[1]/4294967296>>>0;return a.putBytes(e),yn(r,n,a),(a.read>2048\|\|0===a.length())&&a.compact(),o},o.digest=function(){var t=cn.util.createBuffer();t.putBytes(a.bytes());var i,s=o.fullMessageLength[o.fullMessageLength.length-1]+o.messageLengthSize&o.blockLength-1;t.putBytes(pn.substr(0,o.blockLength-s));for(var c=8o.fullMessageLength[0],u=0;u<o.fullMessageLength.length-1;++u)c+=(i=8o.fullMessageLength[u+1])/4294967296>>>0,t.putInt32(c>>>0),c=i>>>0;t.putInt32(c);var l=new Array(r.length);for(u=0;u<r.length;++u)l[u]=r[u].slice(0);yn(l,n,t);var p,h=cn.util.createBuffer();p="SHA-512"===e?l.length:"SHA-384"===e?l.length-2:l.length-4;for(u=0;u<p;++u)h.putInt32(l[u][0]),u===p-1&&"SHA-512/224"===e\|\|h.putInt32(l[u][1]);return h},o};var pn=null,hn=!1,fn=null,dn=null;function yn(e,t,r){for(var a,n,i,s,o,c,u,l,p,h,f,d,y,g,m,v,C,E,S,T,I,A,b,B,N,w,k,R,_,L,U,D,P,V=r.length();V>=128;){for(k=0;k<16;++k)t[k][0]=r.getInt32()>>>0,t[k][1]=r.getInt32()>>>0;for(;k<80;++k)a=(((R=(L=t[k-2])[0])>>>19\|(_=L[1])<<13)^(_>>>29\|R<<3)^R>>>6)>>>0,n=((R<<13\|_>>>19)^(_<<3\|R>>>29)^(R<<26\|_>>>6))>>>0,i=(((R=(D=t[k-15])[0])>>>1\|(_=D[1])<<31)^(R>>>8\|_<<24)^R>>>7)>>>0,s=((R<<31\|_>>>1)^(R<<24\|_>>>8)^(R<<25\|_>>>7))>>>0,U=t[k-7],P=t[k-16],_=n+U[1]+s+P[1],t[k][0]=a+U[0]+i+P[0]+(_/4294967296>>>0)>>>0,t[k][1]=_>>>0;for(f=e[0][0],d=e[0][1],y=e[1][0],g=e[1][1],m=e[2][0],v=e[2][1],C=e[3][0],E=e[3][1],S=e[4][0],T=e[4][1],I=e[5][0],A=e[5][1],b=e[6][0],B=e[6][1],N=e[7][0],w=e[7][1],k=0;k<80;++k)u=((S>>>14\|T<<18)^(S>>>18\|T<<14)^(T>>>9\|S<<23))>>>0,l=(b^S&(I^b))>>>0,o=((f>>>28\|d<<4)^(d>>>2\|f<<30)^(d>>>7\|f<<25))>>>0,c=((f<<4\|d>>>28)^(d<<30\|f>>>2)^(d<<25\|f>>>7))>>>0,p=(f&y\|m&(f^y))>>>0,h=(d&g\|v&(d^g))>>>0,_=w+(((S<<18\|T>>>14)^(S<<14\|T>>>18)^(T<<23\|S>>>9))>>>0)+((B^T&(A^B))>>>0)+fn[k][1]+t[k][1],a=N+u+l+fn[k][0]+t[k][0]+(_/4294967296>>>0)>>>0,n=_>>>0,i=o+p+((_=c+h)/4294967296>>>0)>>>0,s=_>>>0,N=b,w=B,b=I,B=A,I=S,A=T,S=C+a+((_=E+n)/4294967296>>>0)>>>0,T=_>>>0,C=m,E=v,m=y,v=g,y=f,g=d,f=a+i+((_=n+s)/4294967296>>>0)>>>0,d=_>>>0;_=e[0][1]+d,e[0][0]=e[0][0]+f+(_/4294967296>>>0)>>>0,e[0][1]=_>>>0,_=e[1][1]+g,e[1][0]=e[1][0]+y+(_/4294967296>>>0)>>>0,e[1][1]=_>>>0,_=e[2][1]+v,e[2][0]=e[2][0]+m+(_/4294967296>>>0)>>>0,e[2][1]=_>>>0,_=e[3][1]+E,e[3][0]=e[3][0]+C+(_/4294967296>>>0)>>>0,e[3][1]=_>>>0,_=e[4][1]+T,e[4][0]=e[4][0]+S+(_/4294967296>>>0)>>>0,e[4][1]=_>>>0,_=e[5][1]+A,e[5][0]=e[5][0]+I+(_/4294967296>>>0)>>>0,e[5][1]=_>>>0,_=e[6][1]+B,e[6][0]=e[6][0]+b+(_/4294967296>>>0)>>>0,e[6][1]=_>>>0,_=e[7][1]+w,e[7][0]=e[7][0]+N+(_/4294967296>>>0)>>>0,e[7][1]=_>>>0,V-=128}}var gn={},mn=S.asn1;gn.privateKeyValidator={name:"PrivateKeyInfo",tagClass:mn.Class.UNIVERSAL,type:mn.Type.SEQUENCE,constructed:!0,value:[{name:"PrivateKeyInfo.version",tagClass:mn.Class.UNIVERSAL,type:mn.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"PrivateKeyInfo.privateKeyAlgorithm",tagClass:mn.Class.UNIVERSAL,type:mn.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:mn.Class.UNIVERSAL,type:mn.Type.OID,constructed:!1,capture:"privateKeyOid"}]},{name:"PrivateKeyInfo",tagClass:mn.Class.UNIVERSAL,type:mn.Type.OCTETSTRING,constructed:!1,capture:"privateKey"}]},gn.publicKeyValidator={name:"SubjectPublicKeyInfo",tagClass:mn.Class.UNIVERSAL,type:mn.Type.SEQUENCE,constructed:!0,captureAsn1:"subjectPublicKeyInfo",value:[{name:"SubjectPublicKeyInfo.AlgorithmIdentifier",tagClass:mn.Class.UNIVERSAL,type:mn.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:mn.Class.UNIVERSAL,type:mn.Type.OID,constructed:!1,capture:"publicKeyOid"}]},{tagClass:mn.Class.UNIVERSAL,type:mn.Type.BITSTRING,constructed:!1,composed:!0,captureBitStringValue:"ed25519PublicKey"}]};var vn=S,Cn=gn,En=Cn.publicKeyValidator,Sn=Cn.privateKeyValidator;if(void 0===Tn)var Tn=vn.jsbn.BigInteger;var In=vn.util.ByteBuffer,An="undefined"==typeof Buffer?Uint8Array:Buffer;vn.pki=vn.pki\|\|{},vn.pki.ed25519=vn.ed25519=vn.ed25519\|\|{};var bn=vn.ed25519;function Bn(e){var t=e.message;if(t instanceof Uint8Array\|\|t instanceof An)return t;var r=e.encoding;if(void 0===t){if(!e.md)throw new TypeError('"options.message" or "options.md" not specified.');t=e.md.digest().getBytes(),r="binary"}if("string"==typeof t&&!r)throw new TypeError('"options.encoding" must be "binary" or "utf8".');if("string"==typeof t){if("undefined"!=typeof Buffer)return Buffer.from(t,r);t=new In(t,r)}else if(!(t instanceof In))throw new TypeError('"options.message" must be a node.js Buffer, a Uint8Array, a forge ByteBuffer, or a string with "options.encoding" specifying its encoding.');for(var a=new An(t.length()),n=0;n<a.length;++n)a[n]=t.at(n);return a}bn.constants={},bn.constants.PUBLIC_KEY_BYTE_LENGTH=32,bn.constants.PRIVATE_KEY_BYTE_LENGTH=64,bn.constants.SEED_BYTE_LENGTH=32,bn.constants.SIGN_BYTE_LENGTH=64,bn.constants.HASH_BYTE_LENGTH=64,bn.generateKeyPair=function(e){var t=(e=e\|\|{}).seed;if(void 0===t)t=vn.random.getBytesSync(bn.constants.SEED_BYTE_LENGTH);else if("string"==typeof t){if(t.length!==bn.constants.SEED_BYTE_LENGTH)throw new TypeError('"seed" must be '+bn.constants.SEED_BYTE_LENGTH+" bytes in length.")}else if(!(t instanceof Uint8Array))throw new TypeError('"seed" must be a node.js Buffer, Uint8Array, or a binary string.');t=Bn({message:t,encoding:"binary"});for(var r=new An(bn.constants.PUBLIC_KEY_BYTE_LENGTH),a=new An(bn.constants.PRIVATE_KEY_BYTE_LENGTH),n=0;n<32;++n)a[n]=t[n];return function(e,t){var r,a=[Xn(),Xn(),Xn(),Xn()],n=Pn(t,32);for(n[0]&=248,n[31]&=127,n[31]\|=64,Qn(a,n),Mn(e,a),r=0;r<32;++r)t[r+32]=e[r]}(r,a),{publicKey:r,privateKey:a}},bn.privateKeyFromAsn1=function(e){var t={},r=[];if(!vn.asn1.validate(e,Sn,t,r)){var a=new Error("Invalid Key.");throw a.errors=r,a}var n=vn.asn1.derToOid(t.privateKeyOid),i=vn.oids.EdDSA25519;if(n!==i)throw new Error('Invalid OID "'+n+'"; OID must be "'+i+'".');var s=t.privateKey;return{privateKeyBytes:Bn({message:vn.asn1.fromDer(s).value,encoding:"binary"})}},bn.publicKeyFromAsn1=function(e){var t={},r=[];if(!vn.asn1.validate(e,En,t,r)){var a=new Error("Invalid Key.");throw a.errors=r,a}var n=vn.asn1.derToOid(t.publicKeyOid),i=vn.oids.EdDSA25519;if(n!==i)throw new Error('Invalid OID "'+n+'"; OID must be "'+i+'".');var s=t.ed25519PublicKey;if(s.length!==bn.constants.PUBLIC_KEY_BYTE_LENGTH)throw new Error("Key length is invalid.");return Bn({message:s,encoding:"binary"})},bn.publicKeyFromPrivateKey=function(e){var t=Bn({message:(e=e\|\|{}).privateKey,encoding:"binary"});if(t.length!==bn.constants.PRIVATE_KEY_BYTE_LENGTH)throw new TypeError('"options.privateKey" must have a byte length of '+bn.constants.PRIVATE_KEY_BYTE_LENGTH);for(var r=new An(bn.constants.PUBLIC_KEY_BYTE_LENGTH),a=0;a<r.length;++a)r[a]=t[32+a];return r},bn.sign=function(e){var t=Bn(e=e\|\|{}),r=Bn({message:e.privateKey,encoding:"binary"});if(r.length===bn.constants.SEED_BYTE_LENGTH)r=bn.generateKeyPair({seed:r}).privateKey;else if(r.length!==bn.constants.PRIVATE_KEY_BYTE_LENGTH)throw new TypeError('"options.privateKey" must have a byte length of '+bn.constants.SEED_BYTE_LENGTH+" or "+bn.constants.PRIVATE_KEY_BYTE_LENGTH);var a=new An(bn.constants.SIGN_BYTE_LENGTH+t.length);!function(e,t,r,a){var n,i,s=new Float64Array(64),o=[Xn(),Xn(),Xn(),Xn()],c=Pn(a,32);c[0]&=248,c[31]&=127,c[31]\|=64;var u=r+64;for(n=0;n<r;++n)e[64+n]=t[n];for(n=0;n<32;++n)e[32+n]=c[32+n];var l=Pn(e.subarray(32),r+32);for(On(l),Qn(o,l),Mn(e,o),n=32;n<64;++n)e[n]=a[n];var p=Pn(e,r+64);for(On(p),n=32;n<64;++n)s[n]=0;for(n=0;n<32;++n)s[n]=l[n];for(n=0;n<32;++n)for(i=0;i<32;i++)s[n+i]+=p[n]c[i];Vn(e.subarray(32),s)}(a,t,t.length,r);for(var n=new An(bn.constants.SIGN_BYTE_LENGTH),i=0;i<n.length;++i)n[i]=a[i];return n},bn.verify=function(e){var t=Bn(e=e\|\|{});if(void 0===e.signature)throw new TypeError('"options.signature" must be a node.js Buffer, a Uint8Array, a forge ByteBuffer, or a binary string.');var r=Bn({message:e.signature,encoding:"binary"});if(r.length!==bn.constants.SIGN_BYTE_LENGTH)throw new TypeError('"options.signature" must have a byte length of '+bn.constants.SIGN_BYTE_LENGTH);var a=Bn({message:e.publicKey,encoding:"binary"});if(a.length!==bn.constants.PUBLIC_KEY_BYTE_LENGTH)throw new TypeError('"options.publicKey" must have a byte length of '+bn.constants.PUBLIC_KEY_BYTE_LENGTH);var n,i=new An(bn.constants.SIGN_BYTE_LENGTH+t.length),s=new An(bn.constants.SIGN_BYTE_LENGTH+t.length);for(n=0;n<bn.constants.SIGN_BYTE_LENGTH;++n)i[n]=r[n];for(n=0;n<t.length;++n)i[n+bn.constants.SIGN_BYTE_LENGTH]=t[n];return function(e,t,r,a){var n,i=new An(32),s=[Xn(),Xn(),Xn(),Xn()],o=[Xn(),Xn(),Xn(),Xn()];if(-1,r<64)return-1;if(function(e,t){var r=Xn(),a=Xn(),n=Xn(),i=Xn(),s=Xn(),o=Xn(),c=Xn();zn(e[2],wn),function(e,t){var r;for(r=0;r<16;++r)e[r]=t[2r]+(t[2r+1]<<8);e[15]&=32767}(e[1],t),Jn(n,e[1]),ei(i,n,kn),$n(n,n,e[2]),Zn(i,e[2],i),Jn(s,i),Jn(o,s),ei(c,o,s),ei(r,c,n),ei(r,r,i),function(e,t){var r,a=Xn();for(r=0;r<16;++r)a[r]=t[r];for(r=250;r>=0;--r)Jn(a,a),1!==r&&ei(a,a,t);for(r=0;r<16;++r)e[r]=a[r]}(r,r),ei(r,r,n),ei(r,r,i),ei(r,r,i),ei(e[0],r,i),Jn(a,e[0]),ei(a,a,i),qn(a,n)&&ei(e[0],e[0],Dn);if(Jn(a,e[0]),ei(a,a,i),qn(a,n))return-1;Gn(e[0])===t[31]>>7&&$n(e[0],Nn,e[0]);return ei(e[3],e[0],e[1]),0}(o,a))return-1;for(n=0;n<r;++n)e[n]=t[n];for(n=0;n<32;++n)e[n+32]=a[n];var c=Pn(e,r);if(On(c),Hn(s,o,c),Qn(o,t.subarray(32)),Kn(s,o),Mn(i,s),r-=64,jn(t,0,i,0)){for(n=0;n<r;++n)e[n]=0;return-1}for(n=0;n<r;++n)e[n]=t[n+64];return r}(s,i,i.length,a)>=0};var Nn=Xn(),wn=Xn([1]),kn=Xn([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),Rn=Xn([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),_n=Xn([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),Ln=Xn([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),Un=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]),Dn=Xn([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function Pn(e,t){var r=vn.md.sha512.create(),a=new In(e);r.update(a.getBytes(t),"binary");var n=r.digest().getBytes();if("undefined"!=typeof Buffer)return Buffer.from(n,"binary");for(var i=new An(bn.constants.HASH_BYTE_LENGTH),s=0;s<64;++s)i[s]=n.charCodeAt(s);return i}function Vn(e,t){var r,a,n,i;for(a=63;a>=32;--a){for(r=0,n=a-32,i=a-12;n<i;++n)t[n]+=r-16t[a]Un[n-(a-32)],r=t[n]+128>>8,t[n]-=256r;t[n]+=r,t[a]=0}for(r=0,n=0;n<32;++n)t[n]+=r-(t[31]>>4)Un[n],r=t[n]>>8,t[n]&=255;for(n=0;n<32;++n)t[n]-=rUn[n];for(a=0;a<32;++a)t[a+1]+=t[a]>>8,e[a]=255&t[a]}function On(e){for(var t=new Float64Array(64),r=0;r<64;++r)t[r]=e[r],e[r]=0;Vn(e,t)}function Kn(e,t){var r=Xn(),a=Xn(),n=Xn(),i=Xn(),s=Xn(),o=Xn(),c=Xn(),u=Xn(),l=Xn();$n(r,e[1],e[0]),$n(l,t[1],t[0]),ei(r,r,l),Zn(a,e[0],e[1]),Zn(l,t[0],t[1]),ei(a,a,l),ei(n,e[3],t[3]),ei(n,n,Rn),ei(i,e[2],t[2]),Zn(i,i,i),$n(s,a,r),$n(o,i,n),Zn(c,i,n),Zn(u,a,r),ei(e[0],s,o),ei(e[1],u,c),ei(e[2],c,o),ei(e[3],s,u)}function xn(e,t,r){for(var a=0;a<4;++a)Yn(e[a],t[a],r)}function Mn(e,t){var r=Xn(),a=Xn(),n=Xn();!function(e,t){var r,a=Xn();for(r=0;r<16;++r)a[r]=t[r];for(r=253;r>=0;--r)Jn(a,a),2!==r&&4!==r&&ei(a,a,t);for(r=0;r<16;++r)e[r]=a[r]}(n,t[2]),ei(r,t[0],n),ei(a,t[1],n),Fn(e,a),e[31]^=Gn(r)<<7}function Fn(e,t){var r,a,n,i=Xn(),s=Xn();for(r=0;r<16;++r)s[r]=t[r];for(Wn(s),Wn(s),Wn(s),a=0;a<2;++a){for(i[0]=s[0]-65517,r=1;r<15;++r)i[r]=s[r]-65535-(i[r-1]>>16&1),i[r-1]&=65535;i[15]=s[15]-32767-(i[14]>>16&1),n=i[15]>>16&1,i[14]&=65535,Yn(s,i,1-n)}for(r=0;r<16;r++)e[2r]=255&s[r],e[2r+1]=s[r]>>8}function qn(e,t){var r=new An(32),a=new An(32);return Fn(r,e),Fn(a,t),jn(r,0,a,0)}function jn(e,t,r,a){return function(e,t,r,a,n){var i,s=0;for(i=0;i<n;++i)s\|=e[t+i]^r[a+i];return(1&s-1>>>8)-1}(e,t,r,a,32)}function Gn(e){var t=new An(32);return Fn(t,e),1&t[0]}function Hn(e,t,r){var a,n;for(zn(e[0],Nn),zn(e[1],wn),zn(e[2],wn),zn(e[3],Nn),n=255;n>=0;--n)xn(e,t,a=r[n/8\|0]>>(7&n)&1),Kn(t,e),Kn(e,e),xn(e,t,a)}function Qn(e,t){var r=[Xn(),Xn(),Xn(),Xn()];zn(r[0],_n),zn(r[1],Ln),zn(r[2],wn),ei(r[3],_n,Ln),Hn(e,r,t)}function zn(e,t){var r;for(r=0;r<16;r++)e[r]=0\|t[r]}function Wn(e){var t,r,a=1;for(t=0;t<16;++t)r=e[t]+a+65535,a=Math.floor(r/65536),e[t]=r-65536a;e[0]+=a-1+37(a-1)}function Yn(e,t,r){for(var a,n=~(r-1),i=0;i<16;++i)a=n&(e[i]^t[i]),e[i]^=a,t[i]^=a}function Xn(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;++t)r[t]=e[t];return r}function Zn(e,t,r){for(var a=0;a<16;++a)e[a]=t[a]+r[a]}function $n(e,t,r){for(var a=0;a<16;++a)e[a]=t[a]-r[a]}function Jn(e,t){ei(e,t,t)}function ei(e,t,r){var a,n,i=0,s=0,o=0,c=0,u=0,l=0,p=0,h=0,f=0,d=0,y=0,g=0,m=0,v=0,C=0,E=0,S=0,T=0,I=0,A=0,b=0,B=0,N=0,w=0,k=0,R=0,_=0,L=0,U=0,D=0,P=0,V=r[0],O=r[1],K=r[2],x=r[3],M=r[4],F=r[5],q=r[6],j=r[7],G=r[8],H=r[9],Q=r[10],z=r[11],W=r[12],Y=r[13],X=r[14],Z=r[15];i+=(a=t[0])V,s+=aO,o+=aK,c+=ax,u+=aM,l+=aF,p+=aq,h+=aj,f+=aG,d+=aH,y+=aQ,g+=az,m+=aW,v+=aY,C+=aX,E+=aZ,s+=(a=t[1])V,o+=aO,c+=aK,u+=ax,l+=aM,p+=aF,h+=aq,f+=aj,d+=aG,y+=aH,g+=aQ,m+=az,v+=aW,C+=aY,E+=aX,S+=aZ,o+=(a=t[2])V,c+=aO,u+=aK,l+=ax,p+=aM,h+=aF,f+=aq,d+=aj,y+=aG,g+=aH,m+=aQ,v+=az,C+=aW,E+=aY,S+=aX,T+=aZ,c+=(a=t[3])V,u+=aO,l+=aK,p+=ax,h+=aM,f+=aF,d+=aq,y+=aj,g+=aG,m+=aH,v+=aQ,C+=az,E+=aW,S+=aY,T+=aX,I+=aZ,u+=(a=t[4])V,l+=aO,p+=aK,h+=ax,f+=aM,d+=aF,y+=aq,g+=aj,m+=aG,v+=aH,C+=aQ,E+=az,S+=aW,T+=aY,I+=aX,A+=aZ,l+=(a=t[5])V,p+=aO,h+=aK,f+=ax,d+=aM,y+=aF,g+=aq,m+=aj,v+=aG,C+=aH,E+=aQ,S+=az,T+=aW,I+=aY,A+=aX,b+=aZ,p+=(a=t[6])V,h+=aO,f+=aK,d+=ax,y+=aM,g+=aF,m+=aq,v+=aj,C+=aG,E+=aH,S+=aQ,T+=az,I+=aW,A+=aY,b+=aX,B+=aZ,h+=(a=t[7])V,f+=aO,d+=aK,y+=ax,g+=aM,m+=aF,v+=aq,C+=aj,E+=aG,S+=aH,T+=aQ,I+=az,A+=aW,b+=aY,B+=aX,N+=aZ,f+=(a=t[8])V,d+=aO,y+=aK,g+=ax,m+=aM,v+=aF,C+=aq,E+=aj,S+=aG,T+=aH,I+=aQ,A+=az,b+=aW,B+=aY,N+=aX,w+=aZ,d+=(a=t[9])V,y+=aO,g+=aK,m+=ax,v+=aM,C+=aF,E+=aq,S+=aj,T+=aG,I+=aH,A+=aQ,b+=az,B+=aW,N+=aY,w+=aX,k+=aZ,y+=(a=t[10])V,g+=aO,m+=aK,v+=ax,C+=aM,E+=aF,S+=aq,T+=aj,I+=aG,A+=aH,b+=aQ,B+=az,N+=aW,w+=aY,k+=aX,R+=aZ,g+=(a=t[11])V,m+=aO,v+=aK,C+=ax,E+=aM,S+=aF,T+=aq,I+=aj,A+=aG,b+=aH,B+=aQ,N+=az,w+=aW,k+=aY,R+=aX,_+=aZ,m+=(a=t[12])V,v+=aO,C+=aK,E+=ax,S+=aM,T+=aF,I+=aq,A+=aj,b+=aG,B+=aH,N+=aQ,w+=az,k+=aW,R+=aY,_+=aX,L+=aZ,v+=(a=t[13])V,C+=aO,E+=aK,S+=ax,T+=aM,I+=aF,A+=aq,b+=aj,B+=aG,N+=aH,w+=aQ,k+=az,R+=aW,_+=aY,L+=aX,U+=aZ,C+=(a=t[14])V,E+=aO,S+=aK,T+=ax,I+=aM,A+=aF,b+=aq,B+=aj,N+=aG,w+=aH,k+=aQ,R+=az,_+=aW,L+=aY,U+=aX,D+=aZ,E+=(a=t[15])V,s+=38(T+=aK),o+=38(I+=ax),c+=38(A+=aM),u+=38(b+=aF),l+=38(B+=aq),p+=38(N+=aj),h+=38(w+=aG),f+=38(k+=aH),d+=38(R+=aQ),y+=38(_+=az),g+=38(L+=aW),m+=38(U+=aY),v+=38(D+=aX),C+=38(P+=aZ),i=(a=(i+=38(S+=aO))+(n=1)+65535)-65536(n=Math.floor(a/65536)),s=(a=s+n+65535)-65536(n=Math.floor(a/65536)),o=(a=o+n+65535)-65536(n=Math.floor(a/65536)),c=(a=c+n+65535)-65536(n=Math.floor(a/65536)),u=(a=u+n+65535)-65536(n=Math.floor(a/65536)),l=(a=l+n+65535)-65536(n=Math.floor(a/65536)),p=(a=p+n+65535)-65536(n=Math.floor(a/65536)),h=(a=h+n+65535)-65536(n=Math.floor(a/65536)),f=(a=f+n+65535)-65536(n=Math.floor(a/65536)),d=(a=d+n+65535)-65536(n=Math.floor(a/65536)),y=(a=y+n+65535)-65536(n=Math.floor(a/65536)),g=(a=g+n+65535)-65536(n=Math.floor(a/65536)),m=(a=m+n+65535)-65536(n=Math.floor(a/65536)),v=(a=v+n+65535)-65536(n=Math.floor(a/65536)),C=(a=C+n+65535)-65536(n=Math.floor(a/65536)),E=(a=E+n+65535)-65536(n=Math.floor(a/65536)),i=(a=(i+=n-1+37(n-1))+(n=1)+65535)-65536(n=Math.floor(a/65536)),s=(a=s+n+65535)-65536(n=Math.floor(a/65536)),o=(a=o+n+65535)-65536(n=Math.floor(a/65536)),c=(a=c+n+65535)-65536(n=Math.floor(a/65536)),u=(a=u+n+65535)-65536(n=Math.floor(a/65536)),l=(a=l+n+65535)-65536(n=Math.floor(a/65536)),p=(a=p+n+65535)-65536(n=Math.floor(a/65536)),h=(a=h+n+65535)-65536(n=Math.floor(a/65536)),f=(a=f+n+65535)-65536(n=Math.floor(a/65536)),d=(a=d+n+65535)-65536(n=Math.floor(a/65536)),y=(a=y+n+65535)-65536(n=Math.floor(a/65536)),g=(a=g+n+65535)-65536(n=Math.floor(a/65536)),m=(a=m+n+65535)-65536(n=Math.floor(a/65536)),v=(a=v+n+65535)-65536(n=Math.floor(a/65536)),C=(a=C+n+65535)-65536(n=Math.floor(a/65536)),E=(a=E+n+65535)-65536(n=Math.floor(a/65536)),i+=n-1+37(n-1),e[0]=i,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=l,e[6]=p,e[7]=h,e[8]=f,e[9]=d,e[10]=y,e[11]=g,e[12]=m,e[13]=v,e[14]=C,e[15]=E}var ti=S;ti.kem=ti.kem\|\|{};var ri=ti.jsbn.BigInteger;function ai(e,t,r,a){e.generate=function(e,n){for(var i=new ti.util.ByteBuffer,s=Math.ceil(n/a)+r,o=new ti.util.ByteBuffer,c=r;c<s;++c){o.putInt32(c),t.start(),t.update(e+o.getBytes());var u=t.digest();i.putBytes(u.getBytes(a))}return i.truncate(i.length()-n),i.getBytes()}}ti.kem.rsa={},ti.kem.rsa.create=function(e,t){var r=(t=t\|\|{}).prng\|\|ti.random,a={encrypt:function(t,a){var n,i=Math.ceil(t.n.bitLength()/8);do{n=new ri(ti.util.bytesToHex(r.getBytesSync(i)),16).mod(t.n)}while(n.compareTo(ri.ONE)<=0);var s=i-(n=ti.util.hexToBytes(n.toString(16))).length;return s>0&&(n=ti.util.fillString(String.fromCharCode(0),s)+n),{encapsulation:t.encrypt(n,"NONE"),key:e.generate(n,a)}},decrypt:function(t,r,a){var n=t.decrypt(r,"NONE");return e.generate(n,a)}};return a},ti.kem.kdf1=function(e,t){ai(this,e,0,t\|\|e.digestLength)},ti.kem.kdf2=function(e,t){ai(this,e,1,t\|\|e.digestLength)};var ni=S;ni.log=ni.log\|\|{},ni.log.levels=["none","error","warning","info","debug","verbose","max"];var ii={},si=[],oi=null;ni.log.LEVEL_LOCKED=2,ni.log.NO_LEVEL_CHECK=4,ni.log.INTERPOLATE=8;for(var ci=0;ci<ni.log.levels.length;++ci){var ui=ni.log.levels[ci];ii[ui]={index:ci,name:ui.toUpperCase()}}ni.log.logMessage=function(e){for(var t=ii[e.level].index,r=0;r<si.length;++r){var a=si[r];if(a.flags&ni.log.NO_LEVEL_CHECK)a.f(e);else t<=ii[a.level].index&&a.f(a,e)}},ni.log.prepareStandard=function(e){"standard"in e\|\|(e.standard=ii[e.level].name+" ["+e.category+"] "+e.message)},ni.log.prepareFull=function(e){if(!("full"in e)){var t=[e.message];t=t.concat([]\|\|e.arguments),e.full=ni.util.format.apply(this,t)}},ni.log.prepareStandardFull=function(e){"standardFull"in e\|\|(ni.log.prepareStandard(e),e.standardFull=e.standard)};var li=["error","warning","info","debug","verbose"];for(ci=0;ci<li.length;++ci)!function(e){ni.log[e]=function(t,r){var a=Array.prototype.slice.call(arguments).slice(2),n={timestamp:new Date,level:e,category:t,message:r,arguments:a};ni.log.logMessage(n)}}(li[ci]);if(ni.log.makeLogger=function(e){var t={flags:0,f:e};return ni.log.setLevel(t,"none"),t},ni.log.setLevel=function(e,t){var r=!1;if(e&&!(e.flags&ni.log.LEVEL_LOCKED))for(var a=0;a<ni.log.levels.length;++a){if(t==ni.log.levels[a]){e.level=t,r=!0;break}}return r},ni.log.lock=function(e,t){void 0===t\|\|t?e.flags\|=ni.log.LEVEL_LOCKED:e.flags&=~ni.log.LEVEL_LOCKED},ni.log.addLogger=function(e){si.push(e)},"undefined"!=typeof console&&"log"in console){var pi;if(console.error&&console.warn&&console.info&&console.debug){var hi={error:console.error,warning:console.warn,info:console.info,debug:console.debug,verbose:console.debug},fi=function(e,t){ni.log.prepareStandard(t);var r=hi[t.level],a=[t.standard];a=a.concat(t.arguments.slice()),r.apply(console,a)};pi=ni.log.makeLogger(fi)}else{fi=function(e,t){ni.log.prepareStandardFull(t),console.log(t.standardFull)};pi=ni.log.makeLogger(fi)}ni.log.setLevel(pi,"debug"),ni.log.addLogger(pi),oi=pi}else console={log:function(){}};if(null!==oi){var di=ni.util.getQueryVariables();if("console.level"in di&&ni.log.setLevel(oi,di["console.level"].slice(-1)[0]),"console.lock"in di)"true"==di["console.lock"].slice(-1)[0]&&ni.log.lock(oi)}ni.log.consoleLogger=oi;var yi={};({get exports(){return yi},set exports(e){yi=e}}).exports=me;var gi=S,mi=gi.asn1,vi=gi.pkcs7=gi.pkcs7\|\|{};function Ci(e){var t={},r=[];if(!mi.validate(e,vi.asn1.recipientInfoValidator,t,r)){var a=new Error("Cannot read PKCS#7 RecipientInfo. ASN.1 object is not an PKCS#7 RecipientInfo.");throw a.errors=r,a}return{version:t.version.charCodeAt(0),issuer:gi.pki.RDNAttributesAsArray(t.issuer),serialNumber:gi.util.createBuffer(t.serial).toHex(),encryptedContent:{algorithm:mi.derToOid(t.encAlgorithm),parameter:t.encParameter.value,content:t.encKey}}}function Ei(e){for(var t,r=[],a=0;a<e.length;++a)r.push((t=e[a],mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.INTEGER,!1,mi.integerToDer(t.version).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[gi.pki.distinguishedNameToAsn1({attributes:t.issuer}),mi.create(mi.Class.UNIVERSAL,mi.Type.INTEGER,!1,gi.util.hexToBytes(t.serialNumber))]),mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(t.encryptedContent.algorithm).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.NULL,!1,"")]),mi.create(mi.Class.UNIVERSAL,mi.Type.OCTETSTRING,!1,t.encryptedContent.content)])));return r}function Si(e){var t=mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.INTEGER,!1,mi.integerToDer(e.version).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[gi.pki.distinguishedNameToAsn1({attributes:e.issuer}),mi.create(mi.Class.UNIVERSAL,mi.Type.INTEGER,!1,gi.util.hexToBytes(e.serialNumber))]),mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(e.digestAlgorithm).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.NULL,!1,"")])]);if(e.authenticatedAttributesAsn1&&t.value.push(e.authenticatedAttributesAsn1),t.value.push(mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(e.signatureAlgorithm).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.NULL,!1,"")])),t.value.push(mi.create(mi.Class.UNIVERSAL,mi.Type.OCTETSTRING,!1,e.signature)),e.unauthenticatedAttributes.length>0){for(var r=mi.create(mi.Class.CONTEXT_SPECIFIC,1,!0,[]),a=0;a<e.unauthenticatedAttributes.length;++a){var n=e.unauthenticatedAttributes[a];r.values.push(Ti(n))}t.value.push(r)}return t}function Ti(e){var t;if(e.type===gi.pki.oids.contentType)t=mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(e.value).getBytes());else if(e.type===gi.pki.oids.messageDigest)t=mi.create(mi.Class.UNIVERSAL,mi.Type.OCTETSTRING,!1,e.value.bytes());else if(e.type===gi.pki.oids.signingTime){var r=new Date("1950-01-01T00:00:00Z"),a=new Date("2050-01-01T00:00:00Z"),n=e.value;if("string"==typeof n){var i=Date.parse(n);n=isNaN(i)?13===n.length?mi.utcTimeToDate(n):mi.generalizedTimeToDate(n):new Date(i)}t=n>=r&&n<a?mi.create(mi.Class.UNIVERSAL,mi.Type.UTCTIME,!1,mi.dateToUtcTime(n)):mi.create(mi.Class.UNIVERSAL,mi.Type.GENERALIZEDTIME,!1,mi.dateToGeneralizedTime(n))}return mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(e.type).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.SET,!0,[t])])}function Ii(e,t,r){var a={};if(!mi.validate(t,r,a,[])){var n=new Error("Cannot read PKCS#7 message. ASN.1 object is not a supported PKCS#7 message.");throw n.errors=n,n}if(mi.derToOid(a.contentType)!==gi.pki.oids.data)throw new Error("Unsupported PKCS#7 message. Only wrapped ContentType Data supported.");if(a.encryptedContent){var i="";if(gi.util.isArray(a.encryptedContent))for(var s=0;s<a.encryptedContent.length;++s){if(a.encryptedContent[s].type!==mi.Type.OCTETSTRING)throw new Error("Malformed PKCS#7 message, expecting encrypted content constructed of only OCTET STRING objects.");i+=a.encryptedContent[s].value}else i=a.encryptedContent;e.encryptedContent={algorithm:mi.derToOid(a.encAlgorithm),parameter:gi.util.createBuffer(a.encParameter.value),content:gi.util.createBuffer(i)}}if(a.content){i="";if(gi.util.isArray(a.content))for(s=0;s<a.content.length;++s){if(a.content[s].type!==mi.Type.OCTETSTRING)throw new Error("Malformed PKCS#7 message, expecting content constructed of only OCTET STRING objects.");i+=a.content[s].value}else i=a.content;e.content=gi.util.createBuffer(i)}return e.version=a.version.charCodeAt(0),e.rawCapture=a,a}function Ai(e){if(void 0===e.encryptedContent.key)throw new Error("Symmetric key not available.");if(void 0===e.content){var t;switch(e.encryptedContent.algorithm){case gi.pki.oids["aes128-CBC"]:case gi.pki.oids["aes192-CBC"]:case gi.pki.oids["aes256-CBC"]:t=gi.aes.createDecryptionCipher(e.encryptedContent.key);break;case gi.pki.oids.desCBC:case gi.pki.oids["des-EDE3-CBC"]:t=gi.des.createDecryptionCipher(e.encryptedContent.key);break;default:throw new Error("Unsupported symmetric cipher, OID "+e.encryptedContent.algorithm)}if(t.start(e.encryptedContent.parameter),t.update(e.encryptedContent.content),!t.finish())throw new Error("Symmetric decryption failed.");e.content=t.output}}vi.messageFromPem=function(e){var t=gi.pem.decode(e)[0];if("PKCS7"!==t.type){var r=new Error('Could not convert PKCS#7 message from PEM; PEM header type is not "PKCS#7".');throw r.headerType=t.type,r}if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert PKCS#7 message from PEM; PEM is encrypted.");var a=mi.fromDer(t.body);return vi.messageFromAsn1(a)},vi.messageToPem=function(e,t){var r={type:"PKCS7",body:mi.toDer(e.toAsn1()).getBytes()};return gi.pem.encode(r,{maxline:t})},vi.messageFromAsn1=function(e){var t={},r=[];if(!mi.validate(e,vi.asn1.contentInfoValidator,t,r)){var a=new Error("Cannot read PKCS#7 message. ASN.1 object is not an PKCS#7 ContentInfo.");throw a.errors=r,a}var n,i=mi.derToOid(t.contentType);switch(i){case gi.pki.oids.envelopedData:n=vi.createEnvelopedData();break;case gi.pki.oids.encryptedData:n=vi.createEncryptedData();break;case gi.pki.oids.signedData:n=vi.createSignedData();break;default:throw new Error("Cannot read PKCS#7 message. ContentType with OID "+i+" is not (yet) supported.")}return n.fromAsn1(t.content.value[0]),n},vi.createSignedData=function(){var e=null;return e={type:gi.pki.oids.signedData,version:1,certificates:[],crls:[],signers:[],digestAlgorithmIdentifiers:[],contentInfo:null,signerInfos:[],fromAsn1:function(t){if(Ii(e,t,vi.asn1.signedDataValidator),e.certificates=[],e.crls=[],e.digestAlgorithmIdentifiers=[],e.contentInfo=null,e.signerInfos=[],e.rawCapture.certificates)for(var r=e.rawCapture.certificates.value,a=0;a<r.length;++a)e.certificates.push(gi.pki.certificateFromAsn1(r[a]))},toAsn1:function(){e.contentInfo\|\|e.sign();for(var t=[],r=0;r<e.certificates.length;++r)t.push(gi.pki.certificateToAsn1(e.certificates[r]));var a=[],n=mi.create(mi.Class.CONTEXT_SPECIFIC,0,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.INTEGER,!1,mi.integerToDer(e.version).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.SET,!0,e.digestAlgorithmIdentifiers),e.contentInfo])]);return t.length>0&&n.value[0].value.push(mi.create(mi.Class.CONTEXT_SPECIFIC,0,!0,t)),a.length>0&&n.value[0].value.push(mi.create(mi.Class.CONTEXT_SPECIFIC,1,!0,a)),n.value[0].value.push(mi.create(mi.Class.UNIVERSAL,mi.Type.SET,!0,e.signerInfos)),mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(e.type).getBytes()),n])},addSigner:function(t){var r=t.issuer,a=t.serialNumber;if(t.certificate){var n=t.certificate;"string"==typeof n&&(n=gi.pki.certificateFromPem(n)),r=n.issuer.attributes,a=n.serialNumber}var i=t.key;if(!i)throw new Error("Could not add PKCS#7 signer; no private key specified.");"string"==typeof i&&(i=gi.pki.privateKeyFromPem(i));var s=t.digestAlgorithm\|\|gi.pki.oids.sha1;switch(s){case gi.pki.oids.sha1:case gi.pki.oids.sha256:case gi.pki.oids.sha384:case gi.pki.oids.sha512:case gi.pki.oids.md5:break;default:throw new Error("Could not add PKCS#7 signer; unknown message digest algorithm: "+s)}var o=t.authenticatedAttributes\|\|[];if(o.length>0){for(var c=!1,u=!1,l=0;l<o.length;++l){var p=o[l];if(c\|\|p.type!==gi.pki.oids.contentType){if(u\|\|p.type!==gi.pki.oids.messageDigest);else if(u=!0,c)break}else if(c=!0,u)break}if(!c\|\|!u)throw new Error("Invalid signer.authenticatedAttributes. If signer.authenticatedAttributes is specified, then it must contain at least two attributes, PKCS #9 content-type and PKCS #9 message-digest.")}e.signers.push({key:i,version:1,issuer:r,serialNumber:a,digestAlgorithm:s,signatureAlgorithm:gi.pki.oids.rsaEncryption,signature:null,authenticatedAttributes:o,unauthenticatedAttributes:[]})},sign:function(t){var r;(t=t\|\|{},"object"!=typeof e.content\|\|null===e.contentInfo)&&(e.contentInfo=mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(gi.pki.oids.data).getBytes())]),"content"in e&&(e.content instanceof gi.util.ByteBuffer?r=e.content.bytes():"string"==typeof e.content&&(r=gi.util.encodeUtf8(e.content)),t.detached?e.detachedContent=mi.create(mi.Class.UNIVERSAL,mi.Type.OCTETSTRING,!1,r):e.contentInfo.value.push(mi.create(mi.Class.CONTEXT_SPECIFIC,0,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OCTETSTRING,!1,r)]))));if(0!==e.signers.length){var a=function(){for(var t={},r=0;r<e.signers.length;++r){var a=e.signers[r];(n=a.digestAlgorithm)in t\|\|(t[n]=gi.md[gi.pki.oids[n]].create()),0===a.authenticatedAttributes.length?a.md=t[n]:a.md=gi.md[gi.pki.oids[n]].create()}for(var n in e.digestAlgorithmIdentifiers=[],t)e.digestAlgorithmIdentifiers.push(mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(n).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.NULL,!1,"")]));return t}();!function(t){var r;r=e.detachedContent?e.detachedContent:(r=e.contentInfo.value[1]).value[0];if(!r)throw new Error("Could not sign PKCS#7 message; there is no content to sign.");var a=mi.derToOid(e.contentInfo.value[0].value),n=mi.toDer(r);for(var i in n.getByte(),mi.getBerValueLength(n),n=n.getBytes(),t)t[i].start().update(n);for(var s=new Date,o=0;o<e.signers.length;++o){var c=e.signers[o];if(0===c.authenticatedAttributes.length){if(a!==gi.pki.oids.data)throw new Error("Invalid signer; authenticatedAttributes must be present when the ContentInfo content type is not PKCS#7 Data.")}else{c.authenticatedAttributesAsn1=mi.create(mi.Class.CONTEXT_SPECIFIC,0,!0,[]);for(var u=mi.create(mi.Class.UNIVERSAL,mi.Type.SET,!0,[]),l=0;l<c.authenticatedAttributes.length;++l){var p=c.authenticatedAttributes[l];p.type===gi.pki.oids.messageDigest?p.value=t[c.digestAlgorithm].digest():p.type===gi.pki.oids.signingTime&&(p.value\|\|(p.value=s)),u.value.push(Ti(p)),c.authenticatedAttributesAsn1.value.push(Ti(p))}n=mi.toDer(u).getBytes(),c.md.start().update(n)}c.signature=c.key.sign(c.md,"RSASSA-PKCS1-V1_5")}e.signerInfos=function(e){for(var t=[],r=0;r<e.length;++r)t.push(Si(e[r]));return t}(e.signers)}(a)}},verify:function(){throw new Error("PKCS#7 signature verification not yet implemented.")},addCertificate:function(t){"string"==typeof t&&(t=gi.pki.certificateFromPem(t)),e.certificates.push(t)},addCertificateRevokationList:function(e){throw new Error("PKCS#7 CRL support not yet implemented.")}},e},vi.createEncryptedData=function(){var e=null;return e={type:gi.pki.oids.encryptedData,version:0,encryptedContent:{algorithm:gi.pki.oids["aes256-CBC"]},fromAsn1:function(t){Ii(e,t,vi.asn1.encryptedDataValidator)},decrypt:function(t){void 0!==t&&(e.encryptedContent.key=t),Ai(e)}},e},vi.createEnvelopedData=function(){var e=null;return e={type:gi.pki.oids.envelopedData,version:0,recipients:[],encryptedContent:{algorithm:gi.pki.oids["aes256-CBC"]},fromAsn1:function(t){var r=Ii(e,t,vi.asn1.envelopedDataValidator);e.recipients=function(e){for(var t=[],r=0;r<e.length;++r)t.push(Ci(e[r]));return t}(r.recipientInfos.value)},toAsn1:function(){return mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(e.type).getBytes()),mi.create(mi.Class.CONTEXT_SPECIFIC,0,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.INTEGER,!1,mi.integerToDer(e.version).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.SET,!0,Ei(e.recipients)),mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,(t=e.encryptedContent,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(gi.pki.oids.data).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.SEQUENCE,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OID,!1,mi.oidToDer(t.algorithm).getBytes()),mi.create(mi.Class.UNIVERSAL,mi.Type.OCTETSTRING,!1,t.parameter.getBytes())]),mi.create(mi.Class.CONTEXT_SPECIFIC,0,!0,[mi.create(mi.Class.UNIVERSAL,mi.Type.OCTETSTRING,!1,t.content.getBytes())])]))])])]);var t},findRecipient:function(t){for(var r=t.issuer.attributes,a=0;a<e.recipients.length;++a){var n=e.recipients[a],i=n.issuer;if(n.serialNumber===t.serialNumber&&i.length===r.length){for(var s=!0,o=0;o<r.length;++o)if(i[o].type!==r[o].type\|\|i[o].value!==r[o].value){s=!1;break}if(s)return n}}return null},decrypt:function(t,r){if(void 0===e.encryptedContent.key&&void 0!==t&&void 0!==r)switch(t.encryptedContent.algorithm){case gi.pki.oids.rsaEncryption:case gi.pki.oids.desCBC:var a=r.decrypt(t.encryptedContent.content);e.encryptedContent.key=gi.util.createBuffer(a);break;default:throw new Error("Unsupported asymmetric cipher, OID "+t.encryptedContent.algorithm)}Ai(e)},addRecipient:function(t){e.recipients.push({version:0,issuer:t.issuer.attributes,serialNumber:t.serialNumber,encryptedContent:{algorithm:gi.pki.oids.rsaEncryption,key:t.publicKey}})},encrypt:function(t,r){if(void 0===e.encryptedContent.content){var a,n,i;switch(r=r\|\|e.encryptedContent.algorithm,t=t\|\|e.encryptedContent.key,r){case gi.pki.oids["aes128-CBC"]:a=16,n=16,i=gi.aes.createEncryptionCipher;break;case gi.pki.oids["aes192-CBC"]:a=24,n=16,i=gi.aes.createEncryptionCipher;break;case gi.pki.oids["aes256-CBC"]:a=32,n=16,i=gi.aes.createEncryptionCipher;break;case gi.pki.oids["des-EDE3-CBC"]:a=24,n=8,i=gi.des.createEncryptionCipher;break;default:throw new Error("Unsupported symmetric cipher, OID "+r)}if(void 0===t)t=gi.util.createBuffer(gi.random.getBytes(a));else if(t.length()!=a)throw new Error("Symmetric key has wrong length; got "+t.length()+" bytes, expected "+a+".");e.encryptedContent.algorithm=r,e.encryptedContent.key=t,e.encryptedContent.parameter=gi.util.createBuffer(gi.random.getBytes(n));var s=i(t);if(s.start(e.encryptedContent.parameter.copy()),s.update(e.content),!s.finish())throw new Error("Symmetric encryption failed.");e.encryptedContent.content=s.output}for(var o=0;o<e.recipients.length;++o){var c=e.recipients[o];if(void 0===c.encryptedContent.content){if(c.encryptedContent.algorithm!==gi.pki.oids.rsaEncryption)throw new Error("Unsupported asymmetric cipher, OID "+c.encryptedContent.algorithm);c.encryptedContent.content=c.encryptedContent.key.encrypt(e.encryptedContent.key.data)}}}},e};var bi=S,Bi=bi.ssh=bi.ssh\|\|{};function Ni(e,t){var r=t.toString(16);r[0]>="8"&&(r="00"+r);var a=bi.util.hexToBytes(r);e.putInt32(a.length),e.putBytes(a)}function wi(e,t){e.putInt32(t.length),e.putString(t)}function ki(){for(var e=bi.md.sha1.create(),t=arguments.length,r=0;r<t;++r)e.update(arguments[r]);return e.digest()}Bi.privateKeyToPutty=function(e,t,r){var a="ssh-rsa",n=""===(t=t\|\|"")?"none":"aes256-cbc",i="PuTTY-User-Key-File-2: "+a+"\r\n";i+="Encryption: "+n+"\r\n",i+="Comment: "+(r=r\|\|"")+"\r\n";var s=bi.util.createBuffer();wi(s,a),Ni(s,e.e),Ni(s,e.n);var o=bi.util.encode64(s.bytes(),64),c=Math.floor(o.length/66)+1;i+="Public-Lines: "+c+"\r\n",i+=o;var u,l=bi.util.createBuffer();if(Ni(l,e.d),Ni(l,e.p),Ni(l,e.q),Ni(l,e.qInv),t){var p=l.length()+16-1;p-=p%16;var h=ki(l.bytes());h.truncate(h.length()-p+l.length()),l.putBuffer(h);var f=bi.util.createBuffer();f.putBuffer(ki("\0\0\0\0",t)),f.putBuffer(ki("\0\0\0",t));var d=bi.aes.createEncryptionCipher(f.truncate(8),"CBC");d.start(bi.util.createBuffer().fillWithByte(0,16)),d.update(l.copy()),d.finish();var y=d.output;y.truncate(16),u=bi.util.encode64(y.bytes(),64)}else u=bi.util.encode64(l.bytes(),64);i+="\r\nPrivate-Lines: "+(c=Math.floor(u.length/66)+1)+"\r\n",i+=u;var g=ki("putty-private-key-file-mac-key",t),m=bi.util.createBuffer();wi(m,a),wi(m,n),wi(m,r),m.putInt32(s.length()),m.putBuffer(s),m.putInt32(l.length()),m.putBuffer(l);var v=bi.hmac.create();return v.start("sha1",g),v.update(m.bytes()),i+="\r\nPrivate-MAC: "+v.digest().toHex()+"\r\n"},Bi.publicKeyToOpenSSH=function(e,t){var r="ssh-rsa";t=t\|\|"";var a=bi.util.createBuffer();return wi(a,r),Ni(a,e.e),Ni(a,e.n),r+" "+bi.util.encode64(a.bytes())+" "+t},Bi.privateKeyToOpenSSH=function(e,t){return t?bi.pki.encryptRsaPrivateKey(e,t,{legacy:!0,algorithm:"aes128"}):bi.pki.privateKeyToPem(e)},Bi.getPublicKeyFingerprint=function(e,t){var r=(t=t\|\|{}).md\|\|bi.md.md5.create(),a=bi.util.createBuffer();wi(a,"ssh-rsa"),Ni(a,e.e),Ni(a,e.n),r.start(),r.update(a.getBytes());var n=r.digest();if("hex"===t.encoding){var i=n.toHex();return t.delimiter?i.match(/.{2}/g).join(t.delimiter):i}if("binary"===t.encoding)return n.getBytes();if(t.encoding)throw new Error('Unknown encoding "'+t.encoding+'".');return n};var Ri=S,_i="forge.task",Li={},Ui=0;Ri.debug.set(_i,"tasks",Li);var Di={};Ri.debug.set(_i,"queues",Di);var Pi="ready",Vi="running",Oi="blocked",Ki="sleeping",xi="done",Mi="error",Fi="stop",qi="start",ji="block",Gi="unblock",Hi="sleep",Qi="wakeup",zi="cancel",Wi="fail",Yi={};Yi[Pi]={},Yi[Pi][Fi]=Pi,Yi[Pi][qi]=Vi,Yi[Pi][zi]=xi,Yi[Pi][Wi]=Mi,Yi[Vi]={},Yi[Vi][Fi]=Pi,Yi[Vi][qi]=Vi,Yi[Vi][ji]=Oi,Yi[Vi][Gi]=Vi,Yi[Vi][Hi]=Ki,Yi[Vi][Qi]=Vi,Yi[Vi][zi]=xi,Yi[Vi][Wi]=Mi,Yi[Oi]={},Yi[Oi][Fi]=Oi,Yi[Oi][qi]=Oi,Yi[Oi][ji]=Oi,Yi[Oi][Gi]=Oi,Yi[Oi][Hi]=Oi,Yi[Oi][Qi]=Oi,Yi[Oi][zi]=xi,Yi[Oi][Wi]=Mi,Yi[Ki]={},Yi[Ki][Fi]=Ki,Yi[Ki][qi]=Ki,Yi[Ki][ji]=Ki,Yi[Ki][Gi]=Ki,Yi[Ki][Hi]=Ki,Yi[Ki][Qi]=Ki,Yi[Ki][zi]=xi,Yi[Ki][Wi]=Mi,Yi[xi]={},Yi[xi][Fi]=xi,Yi[xi][qi]=xi,Yi[xi][ji]=xi,Yi[xi][Gi]=xi,Yi[xi][Hi]=xi,Yi[xi][Qi]=xi,Yi[xi][zi]=xi,Yi[xi][Wi]=Mi,Yi[Mi]={},Yi[Mi][Fi]=Mi,Yi[Mi][qi]=Mi,Yi[Mi][ji]=Mi,Yi[Mi][Gi]=Mi,Yi[Mi][Hi]=Mi,Yi[Mi][Qi]=Mi,Yi[Mi][zi]=Mi,Yi[Mi][Wi]=Mi;var Xi=function(e){this.id=-1,this.name=e.name\|\|"?",this.parent=e.parent\|\|null,this.run=e.run,this.subtasks=[],this.error=!1,this.state=Pi,this.blocks=0,this.timeoutId=null,this.swapTime=null,this.userData=null,this.id=Ui++,Li[this.id]=this};Xi.prototype.debug=function(e){e=e\|\|"",Ri.log.debug(_i,e,"[%s][%s] task:",this.id,this.name,this,"subtasks:",this.subtasks.length,"queue:",Di)},Xi.prototype.next=function(e,t){"function"==typeof e&&(t=e,e=this.name);var r=new Xi({run:t,name:e,parent:this});return r.state=Vi,r.type=this.type,r.successCallback=this.successCallback\|\|null,r.failureCallback=this.failureCallback\|\|null,this.subtasks.push(r),this},Xi.prototype.parallel=function(e,t){return Ri.util.isArray(e)&&(t=e,e=this.name),this.next(e,(function(r){var a=r;a.block(t.length);for(var n=function(e,r){Ri.task.start({type:e,run:function(e){t[r](e)},success:function(e){a.unblock()},failure:function(e){a.unblock()}})},i=0;i<t.length;i++){n(e+"__parallel-"+r.id+"-"+i,i)}}))},Xi.prototype.stop=function(){this.state=Yi[this.state][Fi]},Xi.prototype.start=function(){this.error=!1,this.state=Yi[this.state][qi],this.state===Vi&&(this.start=new Date,this.run(this),Zi(this,0))},Xi.prototype.block=function(e){e=void 0===e?1:e,this.blocks+=e,this.blocks>0&&(this.state=Yi[this.state][ji])},Xi.prototype.unblock=function(e){return e=void 0===e?1:e,this.blocks-=e,0===this.blocks&&this.state!==xi&&(this.state=Vi,Zi(this,0)),this.blocks},Xi.prototype.sleep=function(e){e=void 0===e?0:e,this.state=Yi[this.state][Hi];var t=this;this.timeoutId=setTimeout((function(){t.timeoutId=null,t.state=Vi,Zi(t,0)}),e)},Xi.prototype.wait=function(e){e.wait(this)},Xi.prototype.wakeup=function(){this.state===Ki&&(cancelTimeout(this.timeoutId),this.timeoutId=null,this.state=Vi,Zi(this,0))},Xi.prototype.cancel=function(){this.state=Yi[this.state][zi],this.permitsNeeded=0,null!==this.timeoutId&&(cancelTimeout(this.timeoutId),this.timeoutId=null),this.subtasks=[]},Xi.prototype.fail=function(e){if(this.error=!0,$i(this,!0),e)e.error=this.error,e.swapTime=this.swapTime,e.userData=this.userData,Zi(e,0);else{if(null!==this.parent){for(var t=this.parent;null!==t.parent;)t.error=this.error,t.swapTime=this.swapTime,t.userData=this.userData,t=t.parent;$i(t,!0)}this.failureCallback&&this.failureCallback(this)}};var Zi=function(e,t){var r=t>30\|\|+new Date-e.swapTime>20,a=function(t){if(t++,e.state===Vi)if(r&&(e.swapTime=+new Date),e.subtasks.length>0){var a=e.subtasks.shift();a.error=e.error,a.swapTime=e.swapTime,a.userData=e.userData,a.run(a),a.error\|\|Zi(a,t)}else $i(e),e.error\|\|null!==e.parent&&(e.parent.error=e.error,e.parent.swapTime=e.swapTime,e.parent.userData=e.userData,Zi(e.parent,t))};r?setTimeout(a,0):a(t)},$i=function(e,t){e.state=xi,delete Li[e.id],null===e.parent&&(e.type in Di?0===Di[e.type].length?Ri.log.error(_i,"[%s][%s] task queue empty [%s]",e.id,e.name,e.type):Di[e.type][0]!==e?Ri.log.error(_i,"[%s][%s] task not first in queue [%s]",e.id,e.name,e.type):(Di[e.type].shift(),0===Di[e.type].length?delete Di[e.type]:Di[e.type][0].start()):Ri.log.error(_i,"[%s][%s] task queue missing [%s]",e.id,e.name,e.type),t\|\|(e.error&&e.failureCallback?e.failureCallback(e):!e.error&&e.successCallback&&e.successCallback(e)))};Ri.task=Ri.task\|\|{},Ri.task.start=function(e){var t=new Xi({run:e.run,name:e.name\|\|"?"});t.type=e.type,t.successCallback=e.success\|\|null,t.failureCallback=e.failure\|\|null,t.type in Di?Di[e.type].push(t):(Di[t.type]=[t],function(e){e.error=!1,e.state=Yi[e.state][qi],setTimeout((function(){e.state===Vi&&(e.swapTime=+new Date,e.run(e),Zi(e,0))}),0)}(t))},Ri.task.cancel=function(e){e in Di&&(Di[e]=[Di[e][0]])},Ri.task.createCondition=function(){var e={tasks:{},wait:function(t){t.id in e.tasks\|\|(t.block(),e.tasks[t.id]=t)},notify:function(){var t=e.tasks;for(var r in e.tasks={},t)t[r].unblock()}};return e},E.exports=S;var Ji=v(C);class es{crt;key;csr;detail;expires;constructor(e){this.crt=e.crt,this.key=e.key,this.csr=e.csr;const{detail:t,expires:r}=this.getCrtDetail(this.crt);this.detail=t,this.expires=r.getTime()}toCertInfo(){return{crt:this.crt,key:this.key,csr:this.csr}}getCrtDetail(e){const t=Ji.pki.certificateFromPem(e.toString());return{detail:t,expires:t.validity.notAfter}}saveToFile(e,t){null==t&&(t=o.join(i.tmpdir(),"/certd/tmp/",Math.floor(1e6Math.random())+"",`cert.${e}`));const r=o.dirname(t);return n.existsSync(r)\|\|n.mkdirSync(r,{recursive:!0}),n.writeFileSync(t,this[e]),t}}exports.CertApplyPlugin=class extends e.AbstractTaskPlugin{domains;email;dnsProviderType;dnsProviderAccess;renewDays;forceUpdate;csrInfo;acme;logger;userContext;accessService;http;lastStatus;cert;async onInstance(){this.acme=new p({userContext:this.userContext,logger:this.logger})}async execute(){const e=await this.condition();if(null!=e)return this.output(e);const t=await this.doCertApply();if(null==t)throw new Error("申请证书失败");this.output(t.toCertInfo()),this.clearLastStatus()}output(e){this.cert=e}async condition(){if(this.forceUpdate)return null;let e=!1;let r;JSON.stringify(this.lastStatus?.input?.domains)!==JSON.stringify(this.domains)&&(e=!0);try{r=await this.readLastCert()}catch(e){this.logger.warn("读取cert失败：",e)}if(null==r)return this.logger.info("还未申请过，准备申请新证书"),null;if(e)return this.logger.info("输入参数变更，申请新证书"),null;const a=this.isWillExpire(r.expires,this.renewDays);return a.isWillExpire?(this.logger.info("即将过期，开始更新证书"),null):(this.logger.info(`证书还未过期：过期时间${t(r.expires).format("YYYY-MM-DD HH:mm:ss")},剩余${a.leftDays}天`),r)}async doCertApply(){const e=this.email,t=this.domains,r=this.dnsProviderType,n=this.dnsProviderAccess,i=a.merge({country:"CN",state:"GuangDong",locality:"ShengZhen",organization:"CertD Org.",organizationUnit:"IT Department",emailAddress:e},this.csrInfo);this.logger.info("开始申请证书,",e,t);const s=y.get(r),o=s.target,c=s.define,u=await this.accessService.getById(n),l=new o,p={access:u,logger:this.logger,http:this.http};d.inject(c.autowire,l,p),await l.onInstance();const h=await this.acme.order({email:e,domains:t,dnsProvider:l,csrInfo:i,isTest:!1}),f=this.formatCerts(h);return new es(f)}formatCert(e){return e=(e=(e=e.replace(/\r/g,"")).replace(/\n\n/g,"\n")).replace(/\n$/g,"")}formatCerts(e){return{crt:this.formatCert(e.crt),key:this.formatCert(e.key),csr:this.formatCert(e.csr)}}async readLastCert(){const e=this.lastStatus?.status?.output?.cert;if(null!=e)return new es(e)}isWillExpire(e,r=20){if(null==e)throw new Error("过期时间不能为空");const a=t(e).diff(t(),"day");return{isWillExpire:a<r,leftDays:a}}},l([e.TaskInput({title:"域名",component:{name:"a-select",vModel:"value",mode:"tags",open:!1},required:!0,col:{span:24},helper:"支持通配符域名，例如： .foo.com 、 .test.handsfree.work\n支持多个域名、多个子域名、多个通配符域名打到一个证书上（域名必须是在同一个DNS提供商解析）\n多级子域名要分成多个域名输入（*.foo.com的证书不能用于xxx.yyy.foo.com）\n输入一个回车之后，再输入下一个"})],exports.CertApplyPlugin.prototype,"domains",void 0),l([e.TaskInput({title:"邮箱",component:{name:"a-input",vModel:"value"},required:!0,helper:"请输入邮箱"})],exports.CertApplyPlugin.prototype,"email",void 0),l([e.TaskInput({title:"DNS提供商",component:{name:"pi-dns-provider-selector"},required:!0,helper:"请选择dns解析提供商"})],exports.CertApplyPlugin.prototype,"dnsProviderType",void 0),l([e.TaskInput({title:"DNS解析授权",component:{name:"pi-access-selector"},required:!0,helper:"请选择dns解析提供商授权"})],exports.CertApplyPlugin.prototype,"dnsProviderAccess",void 0),l([e.TaskInput({title:"更新天数",component:{name:"a-input-number",vModel:"value"},required:!0,helper:"到期前多少天后更新证书"})],exports.CertApplyPlugin.prototype,"renewDays",void 0),l([e.TaskInput({title:"强制更新",component:{name:"a-switch",vModel:"checked"},helper:"是否强制重新申请证书"})],exports.CertApplyPlugin.prototype,"forceUpdate",void 0),l([e.TaskInput({title:"CsrInfo"})],exports.CertApplyPlugin.prototype,"csrInfo",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"logger",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"userContext",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"accessService",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"http",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"lastStatus",void 0),l([e.TaskOutput({title:"域名证书"})],exports.CertApplyPlugin.prototype,"cert",void 0),exports.CertApplyPlugin=l([e.IsTaskPlugin({name:"CertApply",title:"证书申请",desc:"免费通配符域名证书申请，支持多个域名打到同一个证书上",default:{input:{renewDays:20,forceUpdate:!1},strategy:{runStrategy:e.RunStrategy.AlwaysRun}}})],exports.CertApplyPlugin),new exports.CertApplyPlugin,exports.CertReader=es,exports.DNS_PROVIDER_CLASS_KEY=g,exports.IsDnsProvider=function(t){return r=>{r=e.Decorator.target(r);const n={},i=e.Decorator.getClassProperties(r);for(const t in i){const a=Reflect.getMetadata(e.AUTOWIRE_KEY,r,t);a&&(n[t]=a)}a.merge(t,{autowire:n}),Reflect.defineMetadata(g,t,r),r.define=t,y.register(t.name,{define:t,target:r})}},exports.dnsProviderRegistry=y;
1	+ "use strict";var e=require("@certd/pipeline"),t=require("dayjs"),r=require("@certd/acme-client"),a=require("lodash"),n=require("fs"),i=require("os"),s=require("crypto"),o=require("path");function c(e){var t=Object.create(null);return e&&Object.keys(e).forEach((function(r){if("default"!==r){var a=Object.getOwnPropertyDescriptor(e,r);Object.defineProperty(t,r,a.get?a:{enumerable:!0,get:function(){return e[r]}})}})),t.default=e,Object.freeze(t)}var u=c(r);function l(e,t,r,a){var n,i=arguments.length,s=i<3?t:null===a?a=Object.getOwnPropertyDescriptor(t,r):a;if("object"==typeof Reflect&&"function"==typeof Reflect.decorate)s=Reflect.decorate(e,t,r,a);else for(var o=e.length-1;o>=0;o--)(n=e[o])&&(s=(i<3?n(s):i>3?n(t,r,s):n(t,r))\|\|s);return i>3&&s&&Object.defineProperty(t,r,s),s}class p{userContext;logger;constructor(e){this.userContext=e.userContext,this.logger=e.logger,u.setLogger((e=>{this.logger.info(e)}))}async getAccountConfig(e){return await this.userContext.getObj(this.buildAccountKey(e))\|\|{}}buildAccountKey(e){return"acme.config."+e}async saveAccountConfig(e,t){await this.userContext.setObj(this.buildAccountKey(e),t)}async getAcmeClient(e,t=!1){const r=await this.getAccountConfig(e);null==r.key&&(r.key=await this.createNewKey(),await this.saveAccountConfig(e,r));const a=new u.Client({directoryUrl:t?u.directory.letsencrypt.staging:u.directory.letsencrypt.production,accountKey:r.key,accountUrl:r.accountUrl,backoffAttempts:20,backoffMin:5e3,backoffMax:1e4});if(null==r.accountUrl){const t={termsOfServiceAgreed:!0,contact:[`mailto:${e}`]};await a.createAccount(t),r.accountUrl=a.getAccountUrl(),await this.saveAccountConfig(e,r)}return a}async createNewKey(){return(await u.forge.createPrivateKey()).toString()}async challengeCreateFn(e,t,r,a){if(this.logger.info("Triggered challengeCreateFn()"),"http-01"===t.type){const a=`/var/www/html/.well-known/acme-challenge/${t.token}`,n=r;this.logger.info(`Creating challenge response for ${e.identifier.value} at path: ${a}`),this.logger.info(`Would write "${n}" to path "${a}"`)}else if("dns-01"===t.type){const t=`_acme-challenge.${e.identifier.value}`,n=r;return this.logger.info(`Creating TXT record for ${e.identifier.value}: ${t}`),this.logger.info(`Would create TXT record "${t}" with value "${n}"`),await a.createRecord({fullRecord:t,type:"TXT",value:n})}}async challengeRemoveFn(e,t,r,a,n){if(this.logger.info("Triggered challengeRemoveFn()"),"http-01"===t.type){const r=`/var/www/html/.well-known/acme-challenge/${t.token}`;this.logger.info(`Removing challenge response for ${e.identifier.value} at path: ${r}`),this.logger.info(`Would remove file on path "${r}"`)}else if("dns-01"===t.type){const t=`_acme-challenge.${e.identifier.value}`,i=r;this.logger.info(`Removing TXT record for ${e.identifier.value}: ${t}`),this.logger.info(`Would remove TXT record "${t}" with value "${i}"`);try{await n.removeRecord({fullRecord:t,type:"TXT",value:r,record:a})}catch(e){throw this.logger.error("删除解析记录出错：",e),e}}}async order(e){const{email:t,isTest:r,domains:a,csrInfo:n,dnsProvider:i}=e,s=await this.getAcmeClient(t,r),{commonName:o,altNames:c}=this.buildCommonNameByDomains(a),[l,p]=await u.forge.createCsr({commonName:o,...n,altNames:c});if(null==i)throw new Error("dnsProvider 不能为空");const h={crt:(await s.auto({csr:p,email:t,termsOfServiceAgreed:!0,challengePriority:["dns-01"],challengeCreateFn:async(e,t,r)=>await this.challengeCreateFn(e,t,r,i),challengeRemoveFn:async(e,t,r,a)=>await this.challengeRemoveFn(e,t,r,a,i)})).toString(),key:l.toString(),csr:p.toString()};return this.logger.debug(`CSR:\n${h.csr}`),this.logger.debug(`Certificate:\n${h.crt}`),this.logger.info("证书申请成功"),h}buildCommonNameByDomains(e){if("string"==typeof e&&(e=e.split(",")),0===e.length)throw new Error("domain can not be empty");const t=e[0];let r;return e.length>1&&(r=a.slice(e,1)),{commonName:t,altNames:r}}}const h=new e.Registry,f="pipeline:dns-provider";var d="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function y(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}var g={},m={get exports(){return g},set exports(e){g=e}},v={options:{usePureJavaScript:!1}},C={},E=C,S={};C.encode=function(e,t,r){if("string"!=typeof t)throw new TypeError('"alphabet" must be a string.');if(void 0!==r&&"number"!=typeof r)throw new TypeError('"maxline" must be a number.');var a="";if(e instanceof Uint8Array){var n=0,i=t.length,s=t.charAt(0),o=[0];for(n=0;n<e.length;++n){for(var c=0,u=e[n];c<o.length;++c)u+=o[c]<<8,o[c]=u%i,u=u/i\|0;for(;u>0;)o.push(u%i),u=u/i\|0}for(n=0;0===e[n]&&n<e.length-1;++n)a+=s;for(n=o.length-1;n>=0;--n)a+=t[o[n]]}else a=function(e,t){var r=0,a=t.length,n=t.charAt(0),i=[0];for(r=0;r<e.length();++r){for(var s=0,o=e.at(r);s<i.length;++s)o+=i[s]<<8,i[s]=o%a,o=o/a\|0;for(;o>0;)i.push(o%a),o=o/a\|0}var c="";for(r=0;0===e.at(r)&&r<e.length()-1;++r)c+=n;for(r=i.length-1;r>=0;--r)c+=t[i[r]];return c}(e,t);if(r){var l=new RegExp(".{1,"+r+"}","g");a=a.match(l).join("\r\n")}return a},C.decode=function(e,t){if("string"!=typeof e)throw new TypeError('"input" must be a string.');if("string"!=typeof t)throw new TypeError('"alphabet" must be a string.');var r=S[t];if(!r){r=S[t]=[];for(var a=0;a<t.length;++a)r[t.charCodeAt(a)]=a}e=e.replace(/\s/g,"");var n=t.length,i=t.charAt(0),s=[0];for(a=0;a<e.length;a++){var o=r[e.charCodeAt(a)];if(void 0===o)return;for(var c=0,u=o;c<s.length;++c)u+=s[c]n,s[c]=255&u,u>>=8;for(;u>0;)s.push(255&u),u>>=8}for(var l=0;e[l]===i&&l<e.length-1;++l)s.push(0);return"undefined"!=typeof Buffer?Buffer.from(s.reverse()):new Uint8Array(s.reverse())};var T=v,I=E,A=T.util=T.util\|\|{};function b(e){if(8!==e&&16!==e&&24!==e&&32!==e)throw new Error("Only 8, 16, 24, or 32 bits supported: "+e)}function B(e){if(this.data="",this.read=0,"string"==typeof e)this.data=e;else if(A.isArrayBuffer(e)\|\|A.isArrayBufferView(e))if("undefined"!=typeof Buffer&&e instanceof Buffer)this.data=e.toString("binary");else{var t=new Uint8Array(e);try{this.data=String.fromCharCode.apply(null,t)}catch(e){for(var r=0;r<t.length;++r)this.putByte(t[r])}}else(e instanceof B\|\|"object"==typeof e&&"string"==typeof e.data&&"number"==typeof e.read)&&(this.data=e.data,this.read=e.read);this._constructedStringLength=0}!function(){if("undefined"!=typeof process&&process.nextTick&&!process.browser)return A.nextTick=process.nextTick,void("function"==typeof setImmediate?A.setImmediate=setImmediate:A.setImmediate=A.nextTick);if("function"==typeof setImmediate)return A.setImmediate=function(){return setImmediate.apply(void 0,arguments)},void(A.nextTick=function(e){return setImmediate(e)});if(A.setImmediate=function(e){setTimeout(e,0)},"undefined"!=typeof window&&"function"==typeof window.postMessage){var e="forge.setImmediate",t=[];function s(r){if(r.source===window&&r.data===e){r.stopPropagation();var a=t.slice();t.length=0,a.forEach((function(e){e()}))}}A.setImmediate=function(r){t.push(r),1===t.length&&window.postMessage(e,"")},window.addEventListener("message",s,!0)}if("undefined"!=typeof MutationObserver){var r=Date.now(),a=!0,n=document.createElement("div");t=[];new MutationObserver((function(){var e=t.slice();t.length=0,e.forEach((function(e){e()}))})).observe(n,{attributes:!0});var i=A.setImmediate;A.setImmediate=function(e){Date.now()-r>15?(r=Date.now(),i(e)):(t.push(e),1===t.length&&n.setAttribute("a",a=!a))}}A.nextTick=A.setImmediate}(),A.isNodejs="undefined"!=typeof process&&process.versions&&process.versions.node,A.globalScope=A.isNodejs?d:"undefined"==typeof self?window:self,A.isArray=Array.isArray\|\|function(e){return"[object Array]"===Object.prototype.toString.call(e)},A.isArrayBuffer=function(e){return"undefined"!=typeof ArrayBuffer&&e instanceof ArrayBuffer},A.isArrayBufferView=function(e){return e&&A.isArrayBuffer(e.buffer)&&void 0!==e.byteLength},A.ByteBuffer=B,A.ByteStringBuffer=B;A.ByteStringBuffer.prototype._optimizeConstructedString=function(e){this._constructedStringLength+=e,this._constructedStringLength>4096&&(this.data.substr(0,1),this._constructedStringLength=0)},A.ByteStringBuffer.prototype.length=function(){return this.data.length-this.read},A.ByteStringBuffer.prototype.isEmpty=function(){return this.length()<=0},A.ByteStringBuffer.prototype.putByte=function(e){return this.putBytes(String.fromCharCode(e))},A.ByteStringBuffer.prototype.fillWithByte=function(e,t){e=String.fromCharCode(e);for(var r=this.data;t>0;)1&t&&(r+=e),(t>>>=1)>0&&(e+=e);return this.data=r,this._optimizeConstructedString(t),this},A.ByteStringBuffer.prototype.putBytes=function(e){return this.data+=e,this._optimizeConstructedString(e.length),this},A.ByteStringBuffer.prototype.putString=function(e){return this.putBytes(A.encodeUtf8(e))},A.ByteStringBuffer.prototype.putInt16=function(e){return this.putBytes(String.fromCharCode(e>>8&255)+String.fromCharCode(255&e))},A.ByteStringBuffer.prototype.putInt24=function(e){return this.putBytes(String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(255&e))},A.ByteStringBuffer.prototype.putInt32=function(e){return this.putBytes(String.fromCharCode(e>>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(255&e))},A.ByteStringBuffer.prototype.putInt16Le=function(e){return this.putBytes(String.fromCharCode(255&e)+String.fromCharCode(e>>8&255))},A.ByteStringBuffer.prototype.putInt24Le=function(e){return this.putBytes(String.fromCharCode(255&e)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255))},A.ByteStringBuffer.prototype.putInt32Le=function(e){return this.putBytes(String.fromCharCode(255&e)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>24&255))},A.ByteStringBuffer.prototype.putInt=function(e,t){b(t);var r="";do{t-=8,r+=String.fromCharCode(e>>t&255)}while(t>0);return this.putBytes(r)},A.ByteStringBuffer.prototype.putSignedInt=function(e,t){return e<0&&(e+=2<<t-1),this.putInt(e,t)},A.ByteStringBuffer.prototype.putBuffer=function(e){return this.putBytes(e.getBytes())},A.ByteStringBuffer.prototype.getByte=function(){return this.data.charCodeAt(this.read++)},A.ByteStringBuffer.prototype.getInt16=function(){var e=this.data.charCodeAt(this.read)<<8^this.data.charCodeAt(this.read+1);return this.read+=2,e},A.ByteStringBuffer.prototype.getInt24=function(){var e=this.data.charCodeAt(this.read)<<16^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2);return this.read+=3,e},A.ByteStringBuffer.prototype.getInt32=function(){var e=this.data.charCodeAt(this.read)<<24^this.data.charCodeAt(this.read+1)<<16^this.data.charCodeAt(this.read+2)<<8^this.data.charCodeAt(this.read+3);return this.read+=4,e},A.ByteStringBuffer.prototype.getInt16Le=function(){var e=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8;return this.read+=2,e},A.ByteStringBuffer.prototype.getInt24Le=function(){var e=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2)<<16;return this.read+=3,e},A.ByteStringBuffer.prototype.getInt32Le=function(){var e=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2)<<16^this.data.charCodeAt(this.read+3)<<24;return this.read+=4,e},A.ByteStringBuffer.prototype.getInt=function(e){b(e);var t=0;do{t=(t<<8)+this.data.charCodeAt(this.read++),e-=8}while(e>0);return t},A.ByteStringBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),r=2<<e-2;return t>=r&&(t-=r<<1),t},A.ByteStringBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):0===e?t="":(t=0===this.read?this.data:this.data.slice(this.read),this.clear()),t},A.ByteStringBuffer.prototype.bytes=function(e){return void 0===e?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},A.ByteStringBuffer.prototype.at=function(e){return this.data.charCodeAt(this.read+e)},A.ByteStringBuffer.prototype.setAt=function(e,t){return this.data=this.data.substr(0,this.read+e)+String.fromCharCode(t)+this.data.substr(this.read+e+1),this},A.ByteStringBuffer.prototype.last=function(){return this.data.charCodeAt(this.data.length-1)},A.ByteStringBuffer.prototype.copy=function(){var e=A.createBuffer(this.data);return e.read=this.read,e},A.ByteStringBuffer.prototype.compact=function(){return this.read>0&&(this.data=this.data.slice(this.read),this.read=0),this},A.ByteStringBuffer.prototype.clear=function(){return this.data="",this.read=0,this},A.ByteStringBuffer.prototype.truncate=function(e){var t=Math.max(0,this.length()-e);return this.data=this.data.substr(this.read,t),this.read=0,this},A.ByteStringBuffer.prototype.toHex=function(){for(var e="",t=this.read;t<this.data.length;++t){var r=this.data.charCodeAt(t);r<16&&(e+="0"),e+=r.toString(16)}return e},A.ByteStringBuffer.prototype.toString=function(){return A.decodeUtf8(this.bytes())},A.DataBuffer=function(e,t){t=t\|\|{},this.read=t.readOffset\|\|0,this.growSize=t.growSize\|\|1024;var r=A.isArrayBuffer(e),a=A.isArrayBufferView(e);if(r\|\|a)return this.data=r?new DataView(e):new DataView(e.buffer,e.byteOffset,e.byteLength),void(this.write="writeOffset"in t?t.writeOffset:this.data.byteLength);this.data=new DataView(new ArrayBuffer(0)),this.write=0,null!=e&&this.putBytes(e),"writeOffset"in t&&(this.write=t.writeOffset)},A.DataBuffer.prototype.length=function(){return this.write-this.read},A.DataBuffer.prototype.isEmpty=function(){return this.length()<=0},A.DataBuffer.prototype.accommodate=function(e,t){if(this.length()>=e)return this;t=Math.max(t\|\|this.growSize,e);var r=new Uint8Array(this.data.buffer,this.data.byteOffset,this.data.byteLength),a=new Uint8Array(this.length()+t);return a.set(r),this.data=new DataView(a.buffer),this},A.DataBuffer.prototype.putByte=function(e){return this.accommodate(1),this.data.setUint8(this.write++,e),this},A.DataBuffer.prototype.fillWithByte=function(e,t){this.accommodate(t);for(var r=0;r<t;++r)this.data.setUint8(e);return this},A.DataBuffer.prototype.putBytes=function(e,t){if(A.isArrayBufferView(e)){var r=(a=new Uint8Array(e.buffer,e.byteOffset,e.byteLength)).byteLength-a.byteOffset;return this.accommodate(r),new Uint8Array(this.data.buffer,this.write).set(a),this.write+=r,this}if(A.isArrayBuffer(e)){var a=new Uint8Array(e);return this.accommodate(a.byteLength),new Uint8Array(this.data.buffer).set(a,this.write),this.write+=a.byteLength,this}if(e instanceof A.DataBuffer\|\|"object"==typeof e&&"number"==typeof e.read&&"number"==typeof e.write&&A.isArrayBufferView(e.data)){a=new Uint8Array(e.data.byteLength,e.read,e.length());return this.accommodate(a.byteLength),new Uint8Array(e.data.byteLength,this.write).set(a),this.write+=a.byteLength,this}if(e instanceof A.ByteStringBuffer&&(e=e.data,t="binary"),t=t\|\|"binary","string"==typeof e){var n;if("hex"===t)return this.accommodate(Math.ceil(e.length/2)),n=new Uint8Array(this.data.buffer,this.write),this.write+=A.binary.hex.decode(e,n,this.write),this;if("base64"===t)return this.accommodate(3Math.ceil(e.length/4)),n=new Uint8Array(this.data.buffer,this.write),this.write+=A.binary.base64.decode(e,n,this.write),this;if("utf8"===t&&(e=A.encodeUtf8(e),t="binary"),"binary"===t\|\|"raw"===t)return this.accommodate(e.length),n=new Uint8Array(this.data.buffer,this.write),this.write+=A.binary.raw.decode(n),this;if("utf16"===t)return this.accommodate(2e.length),n=new Uint16Array(this.data.buffer,this.write),this.write+=A.text.utf16.encode(n),this;throw new Error("Invalid encoding: "+t)}throw Error("Invalid parameter: "+e)},A.DataBuffer.prototype.putBuffer=function(e){return this.putBytes(e),e.clear(),this},A.DataBuffer.prototype.putString=function(e){return this.putBytes(e,"utf16")},A.DataBuffer.prototype.putInt16=function(e){return this.accommodate(2),this.data.setInt16(this.write,e),this.write+=2,this},A.DataBuffer.prototype.putInt24=function(e){return this.accommodate(3),this.data.setInt16(this.write,e>>8&65535),this.data.setInt8(this.write,e>>16&255),this.write+=3,this},A.DataBuffer.prototype.putInt32=function(e){return this.accommodate(4),this.data.setInt32(this.write,e),this.write+=4,this},A.DataBuffer.prototype.putInt16Le=function(e){return this.accommodate(2),this.data.setInt16(this.write,e,!0),this.write+=2,this},A.DataBuffer.prototype.putInt24Le=function(e){return this.accommodate(3),this.data.setInt8(this.write,e>>16&255),this.data.setInt16(this.write,e>>8&65535,!0),this.write+=3,this},A.DataBuffer.prototype.putInt32Le=function(e){return this.accommodate(4),this.data.setInt32(this.write,e,!0),this.write+=4,this},A.DataBuffer.prototype.putInt=function(e,t){b(t),this.accommodate(t/8);do{t-=8,this.data.setInt8(this.write++,e>>t&255)}while(t>0);return this},A.DataBuffer.prototype.putSignedInt=function(e,t){return b(t),this.accommodate(t/8),e<0&&(e+=2<<t-1),this.putInt(e,t)},A.DataBuffer.prototype.getByte=function(){return this.data.getInt8(this.read++)},A.DataBuffer.prototype.getInt16=function(){var e=this.data.getInt16(this.read);return this.read+=2,e},A.DataBuffer.prototype.getInt24=function(){var e=this.data.getInt16(this.read)<<8^this.data.getInt8(this.read+2);return this.read+=3,e},A.DataBuffer.prototype.getInt32=function(){var e=this.data.getInt32(this.read);return this.read+=4,e},A.DataBuffer.prototype.getInt16Le=function(){var e=this.data.getInt16(this.read,!0);return this.read+=2,e},A.DataBuffer.prototype.getInt24Le=function(){var e=this.data.getInt8(this.read)^this.data.getInt16(this.read+1,!0)<<8;return this.read+=3,e},A.DataBuffer.prototype.getInt32Le=function(){var e=this.data.getInt32(this.read,!0);return this.read+=4,e},A.DataBuffer.prototype.getInt=function(e){b(e);var t=0;do{t=(t<<8)+this.data.getInt8(this.read++),e-=8}while(e>0);return t},A.DataBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),r=2<<e-2;return t>=r&&(t-=r<<1),t},A.DataBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):0===e?t="":(t=0===this.read?this.data:this.data.slice(this.read),this.clear()),t},A.DataBuffer.prototype.bytes=function(e){return void 0===e?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},A.DataBuffer.prototype.at=function(e){return this.data.getUint8(this.read+e)},A.DataBuffer.prototype.setAt=function(e,t){return this.data.setUint8(e,t),this},A.DataBuffer.prototype.last=function(){return this.data.getUint8(this.write-1)},A.DataBuffer.prototype.copy=function(){return new A.DataBuffer(this)},A.DataBuffer.prototype.compact=function(){if(this.read>0){var e=new Uint8Array(this.data.buffer,this.read),t=new Uint8Array(e.byteLength);t.set(e),this.data=new DataView(t),this.write-=this.read,this.read=0}return this},A.DataBuffer.prototype.clear=function(){return this.data=new DataView(new ArrayBuffer(0)),this.read=this.write=0,this},A.DataBuffer.prototype.truncate=function(e){return this.write=Math.max(0,this.length()-e),this.read=Math.min(this.read,this.write),this},A.DataBuffer.prototype.toHex=function(){for(var e="",t=this.read;t<this.data.byteLength;++t){var r=this.data.getUint8(t);r<16&&(e+="0"),e+=r.toString(16)}return e},A.DataBuffer.prototype.toString=function(e){var t=new Uint8Array(this.data,this.read,this.length());if("binary"===(e=e\|\|"utf8")\|\|"raw"===e)return A.binary.raw.encode(t);if("hex"===e)return A.binary.hex.encode(t);if("base64"===e)return A.binary.base64.encode(t);if("utf8"===e)return A.text.utf8.decode(t);if("utf16"===e)return A.text.utf16.decode(t);throw new Error("Invalid encoding: "+e)},A.createBuffer=function(e,t){return t=t\|\|"raw",void 0!==e&&"utf8"===t&&(e=A.encodeUtf8(e)),new A.ByteBuffer(e)},A.fillString=function(e,t){for(var r="";t>0;)1&t&&(r+=e),(t>>>=1)>0&&(e+=e);return r},A.xorBytes=function(e,t,r){for(var a="",n="",i="",s=0,o=0;r>0;--r,++s)n=e.charCodeAt(s)^t.charCodeAt(s),o>=10&&(a+=i,i="",o=0),i+=String.fromCharCode(n),++o;return a+=i},A.hexToBytes=function(e){var t="",r=0;for(!0&e.length&&(r=1,t+=String.fromCharCode(parseInt(e[0],16)));r<e.length;r+=2)t+=String.fromCharCode(parseInt(e.substr(r,2),16));return t},A.bytesToHex=function(e){return A.createBuffer(e).toHex()},A.int32ToBytes=function(e){return String.fromCharCode(e>>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(255&e)};var N="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",w=[62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,64,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51],k="123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";A.encode64=function(e,t){for(var r,a,n,i="",s="",o=0;o<e.length;)r=e.charCodeAt(o++),a=e.charCodeAt(o++),n=e.charCodeAt(o++),i+=N.charAt(r>>2),i+=N.charAt((3&r)<<4\|a>>4),isNaN(a)?i+="==":(i+=N.charAt((15&a)<<2\|n>>6),i+=isNaN(n)?"=":N.charAt(63&n)),t&&i.length>t&&(s+=i.substr(0,t)+"\r\n",i=i.substr(t));return s+=i},A.decode64=function(e){e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");for(var t,r,a,n,i="",s=0;s<e.length;)t=w[e.charCodeAt(s++)-43],r=w[e.charCodeAt(s++)-43],a=w[e.charCodeAt(s++)-43],n=w[e.charCodeAt(s++)-43],i+=String.fromCharCode(t<<2\|r>>4),64!==a&&(i+=String.fromCharCode((15&r)<<4\|a>>2),64!==n&&(i+=String.fromCharCode((3&a)<<6\|n)));return i},A.encodeUtf8=function(e){return unescape(encodeURIComponent(e))},A.decodeUtf8=function(e){return decodeURIComponent(escape(e))},A.binary={raw:{},hex:{},base64:{},base58:{},baseN:{encode:I.encode,decode:I.decode}},A.binary.raw.encode=function(e){return String.fromCharCode.apply(null,e)},A.binary.raw.decode=function(e,t,r){var a=t;a\|\|(a=new Uint8Array(e.length));for(var n=r=r\|\|0,i=0;i<e.length;++i)a[n++]=e.charCodeAt(i);return t?n-r:a},A.binary.hex.encode=A.bytesToHex,A.binary.hex.decode=function(e,t,r){var a=t;a\|\|(a=new Uint8Array(Math.ceil(e.length/2)));var n=0,i=r=r\|\|0;for(1&e.length&&(n=1,a[i++]=parseInt(e[0],16));n<e.length;n+=2)a[i++]=parseInt(e.substr(n,2),16);return t?i-r:a},A.binary.base64.encode=function(e,t){for(var r,a,n,i="",s="",o=0;o<e.byteLength;)r=e[o++],a=e[o++],n=e[o++],i+=N.charAt(r>>2),i+=N.charAt((3&r)<<4\|a>>4),isNaN(a)?i+="==":(i+=N.charAt((15&a)<<2\|n>>6),i+=isNaN(n)?"=":N.charAt(63&n)),t&&i.length>t&&(s+=i.substr(0,t)+"\r\n",i=i.substr(t));return s+=i},A.binary.base64.decode=function(e,t,r){var a,n,i,s,o=t;o\|\|(o=new Uint8Array(3Math.ceil(e.length/4))),e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");for(var c=0,u=r=r\|\|0;c<e.length;)a=w[e.charCodeAt(c++)-43],n=w[e.charCodeAt(c++)-43],i=w[e.charCodeAt(c++)-43],s=w[e.charCodeAt(c++)-43],o[u++]=a<<2\|n>>4,64!==i&&(o[u++]=(15&n)<<4\|i>>2,64!==s&&(o[u++]=(3&i)<<6\|s));return t?u-r:o.subarray(0,u)},A.binary.base58.encode=function(e,t){return A.binary.baseN.encode(e,k,t)},A.binary.base58.decode=function(e,t){return A.binary.baseN.decode(e,k,t)},A.text={utf8:{},utf16:{}},A.text.utf8.encode=function(e,t,r){e=A.encodeUtf8(e);var a=t;a\|\|(a=new Uint8Array(e.length));for(var n=r=r\|\|0,i=0;i<e.length;++i)a[n++]=e.charCodeAt(i);return t?n-r:a},A.text.utf8.decode=function(e){return A.decodeUtf8(String.fromCharCode.apply(null,e))},A.text.utf16.encode=function(e,t,r){var a=t;a\|\|(a=new Uint8Array(2e.length));for(var n=new Uint16Array(a.buffer),i=r=r\|\|0,s=r,o=0;o<e.length;++o)n[s++]=e.charCodeAt(o),i+=2;return t?i-r:a},A.text.utf16.decode=function(e){return String.fromCharCode.apply(null,new Uint16Array(e.buffer))},A.deflate=function(e,t,r){if(t=A.decode64(e.deflate(A.encode64(t)).rval),r){var a=2;32&t.charCodeAt(1)&&(a=6),t=t.substring(a,t.length-4)}return t},A.inflate=function(e,t,r){var a=e.inflate(A.encode64(t)).rval;return null===a?null:A.decode64(a)};var R=function(e,t,r){if(!e)throw new Error("WebStorage not available.");var a;if(null===r?a=e.removeItem(t):(r=A.encode64(JSON.stringify(r)),a=e.setItem(t,r)),void 0!==a&&!0!==a.rval){var n=new Error(a.error.message);throw n.id=a.error.id,n.name=a.error.name,n}},_=function(e,t){if(!e)throw new Error("WebStorage not available.");var r=e.getItem(t);if(e.init)if(null===r.rval){if(r.error){var a=new Error(r.error.message);throw a.id=r.error.id,a.name=r.error.name,a}r=null}else r=r.rval;return null!==r&&(r=JSON.parse(A.decode64(r))),r},L=function(e,t,r,a){var n=_(e,t);null===n&&(n={}),n[r]=a,R(e,t,n)},U=function(e,t,r){var a=_(e,t);return null!==a&&(a=r in a?a[r]:null),a},D=function(e,t,r){var a=_(e,t);if(null!==a&&r in a){delete a[r];var n=!0;for(var i in a){n=!1;break}n&&(a=null),R(e,t,a)}},P=function(e,t){R(e,t,null)},V=function(e,t,r){var a,n=null;void 0===r&&(r=["web","flash"]);var i=!1,s=null;for(var o in r){a=r[o];try{if("flash"===a\|\|"both"===a){if(null===t[0])throw new Error("Flash local storage not available.");n=e.apply(this,t),i="flash"===a}"web"!==a&&"both"!==a\|\|(t[0]=localStorage,n=e.apply(this,t),i=!0)}catch(e){s=e}if(i)break}if(!i)throw s;return n};A.setItem=function(e,t,r,a,n){V(L,arguments,n)},A.getItem=function(e,t,r,a){return V(U,arguments,a)},A.removeItem=function(e,t,r,a){V(D,arguments,a)},A.clearItems=function(e,t,r){V(P,arguments,r)},A.parseUrl=function(e){var t=/^(https?):\/\/([^:&^\/]):?(\d)(.)$/g;t.lastIndex=0;var r=t.exec(e),a=null===r?null:{full:e,scheme:r[1],host:r[2],port:r[3],path:r[4]};return a&&(a.fullHost=a.host,a.port?(80!==a.port&&"http"===a.scheme\|\|443!==a.port&&"https"===a.scheme)&&(a.fullHost+=":"+a.port):"http"===a.scheme?a.port=80:"https"===a.scheme&&(a.port=443),a.full=a.scheme+"://"+a.fullHost),a};var O=null;A.getQueryVariables=function(e){var t,r=function(e){for(var t={},r=e.split("&"),a=0;a<r.length;a++){var n,i,s=r[a].indexOf("=");s>0?(n=r[a].substring(0,s),i=r[a].substring(s+1)):(n=r[a],i=null),n in t\|\|(t[n]=[]),n in Object.prototype\|\|null===i\|\|t[n].push(unescape(i))}return t};return void 0===e?(null===O&&(O="undefined"!=typeof window&&window.location&&window.location.search?r(window.location.search.substring(1)):{}),t=O):t=r(e),t},A.parseFragment=function(e){var t=e,r="",a=e.indexOf("?");a>0&&(t=e.substring(0,a),r=e.substring(a+1));var n=t.split("/");return n.length>0&&""===n[0]&&n.shift(),{pathString:t,queryString:r,path:n,query:""===r?{}:A.getQueryVariables(r)}},A.makeRequest=function(e){var t=A.parseFragment(e),r={path:t.pathString,query:t.queryString,getPath:function(e){return void 0===e?t.path:t.path[e]},getQuery:function(e,r){var a;return void 0===e?a=t.query:(a=t.query[e])&&void 0!==r&&(a=a[r]),a},getQueryLast:function(e,t){var a=r.getQuery(e);return a?a[a.length-1]:t}};return r},A.makeLink=function(e,t,r){e=jQuery.isArray(e)?e.join("/"):e;var a=jQuery.param(t\|\|{});return r=r\|\|"",e+(a.length>0?"?"+a:"")+(r.length>0?"#"+r:"")},A.isEmpty=function(e){for(var t in e)if(e.hasOwnProperty(t))return!1;return!0},A.format=function(e){for(var t,r,a=/%./g,n=0,i=[],s=0;t=a.exec(e);){(r=e.substring(s,a.lastIndex-2)).length>0&&i.push(r),s=a.lastIndex;var o=t[0][1];switch(o){case"s":case"o":n<arguments.length?i.push(arguments[1+n++]):i.push("<?>");break;case"%":i.push("%");break;default:i.push("<%"+o+"?>")}}return i.push(e.substring(s)),i.join("")},A.formatNumber=function(e,t,r,a){var n=e,i=isNaN(t=Math.abs(t))?2:t,s=void 0===r?",":r,o=void 0===a?".":a,c=n<0?"-":"",u=parseInt(n=Math.abs(+n\|\|0).toFixed(i),10)+"",l=u.length>3?u.length%3:0;return c+(l?u.substr(0,l)+o:"")+u.substr(l).replace(/(\d{3})(?=\d)/g,"$1"+o)+(i?s+Math.abs(n-u).toFixed(i).slice(2):"")},A.formatSize=function(e){return e=e>=1073741824?A.formatNumber(e/1073741824,2,".","")+" GiB":e>=1048576?A.formatNumber(e/1048576,2,".","")+" MiB":e>=1024?A.formatNumber(e/1024,0)+" KiB":A.formatNumber(e,0)+" bytes"},A.bytesFromIP=function(e){return-1!==e.indexOf(".")?A.bytesFromIPv4(e):-1!==e.indexOf(":")?A.bytesFromIPv6(e):null},A.bytesFromIPv4=function(e){if(4!==(e=e.split(".")).length)return null;for(var t=A.createBuffer(),r=0;r<e.length;++r){var a=parseInt(e[r],10);if(isNaN(a))return null;t.putByte(a)}return t.getBytes()},A.bytesFromIPv6=function(e){for(var t=0,r=2(8-(e=e.split(":").filter((function(e){return 0===e.length&&++t,!0}))).length+t),a=A.createBuffer(),n=0;n<8;++n)if(e[n]&&0!==e[n].length){var i=A.hexToBytes(e[n]);i.length<2&&a.putByte(0),a.putBytes(i)}else a.fillWithByte(0,r),r=0;return a.getBytes()},A.bytesToIP=function(e){return 4===e.length?A.bytesToIPv4(e):16===e.length?A.bytesToIPv6(e):null},A.bytesToIPv4=function(e){if(4!==e.length)return null;for(var t=[],r=0;r<e.length;++r)t.push(e.charCodeAt(r));return t.join(".")},A.bytesToIPv6=function(e){if(16!==e.length)return null;for(var t=[],r=[],a=0,n=0;n<e.length;n+=2){for(var i=A.bytesToHex(e[n]+e[n+1]);"0"===i[0]&&"0"!==i;)i=i.substr(1);if("0"===i){var s=r[r.length-1],o=t.length;s&&o===s.end+1?(s.end=o,s.end-s.start>r[a].end-r[a].start&&(a=r.length-1)):r.push({start:o,end:o})}t.push(i)}if(r.length>0){var c=r[a];c.end-c.start>0&&(t.splice(c.start,c.end-c.start+1,""),0===c.start&&t.unshift(""),7===c.end&&t.push(""))}return t.join(":")},A.estimateCores=function(e,t){if("function"==typeof e&&(t=e,e={}),e=e\|\|{},"cores"in A&&!e.update)return t(null,A.cores);if("undefined"!=typeof navigator&&"hardwareConcurrency"in navigator&&navigator.hardwareConcurrency>0)return A.cores=navigator.hardwareConcurrency,t(null,A.cores);if("undefined"==typeof Worker)return A.cores=1,t(null,A.cores);if("undefined"==typeof Blob)return A.cores=2,t(null,A.cores);var r=URL.createObjectURL(new Blob(["(",function(){self.addEventListener("message",(function(e){var t=Date.now(),r=t+4;self.postMessage({st:t,et:r})}))}.toString(),")()"],{type:"application/javascript"}));!function e(a,n,i){if(0===n){var s=Math.floor(a.reduce((function(e,t){return e+t}),0)/a.length);return A.cores=Math.max(1,s),URL.revokeObjectURL(r),t(null,A.cores)}!function(e,t){for(var a=[],n=[],i=0;i<e;++i){var s=new Worker(r);s.addEventListener("message",(function(r){if(n.push(r.data),n.length===e){for(var i=0;i<e;++i)a[i].terminate();t(null,n)}})),a.push(s)}for(i=0;i<e;++i)a[i].postMessage(i)}(i,(function(t,r){a.push(function(e,t){for(var r=[],a=0;a<e;++a)for(var n=t[a],i=r[a]=[],s=0;s<e;++s)if(a!==s){var o=t[s];(n.st>o.st&&n.st<o.et\|\|o.st>n.st&&o.st<n.et)&&i.push(s)}return r.reduce((function(e,t){return Math.max(e,t.length)}),0)}(i,r)),e(a,n-1,i)}))}([],5,16)};var K=v;K.cipher=K.cipher\|\|{},K.cipher.algorithms=K.cipher.algorithms\|\|{},K.cipher.createCipher=function(e,t){var r=e;if("string"==typeof r&&(r=K.cipher.getAlgorithm(r))&&(r=r()),!r)throw new Error("Unsupported algorithm: "+e);return new K.cipher.BlockCipher({algorithm:r,key:t,decrypt:!1})},K.cipher.createDecipher=function(e,t){var r=e;if("string"==typeof r&&(r=K.cipher.getAlgorithm(r))&&(r=r()),!r)throw new Error("Unsupported algorithm: "+e);return new K.cipher.BlockCipher({algorithm:r,key:t,decrypt:!0})},K.cipher.registerAlgorithm=function(e,t){e=e.toUpperCase(),K.cipher.algorithms[e]=t},K.cipher.getAlgorithm=function(e){return(e=e.toUpperCase())in K.cipher.algorithms?K.cipher.algorithms[e]:null};var x=K.cipher.BlockCipher=function(e){this.algorithm=e.algorithm,this.mode=this.algorithm.mode,this.blockSize=this.mode.blockSize,this._finish=!1,this._input=null,this.output=null,this._op=e.decrypt?this.mode.decrypt:this.mode.encrypt,this._decrypt=e.decrypt,this.algorithm.initialize(e)};x.prototype.start=function(e){e=e\|\|{};var t={};for(var r in e)t[r]=e[r];t.decrypt=this._decrypt,this._finish=!1,this._input=K.util.createBuffer(),this.output=e.output\|\|K.util.createBuffer(),this.mode.start(t)},x.prototype.update=function(e){for(e&&this._input.putBuffer(e);!this._op.call(this.mode,this._input,this.output,this._finish)&&!this._finish;);this._input.compact()},x.prototype.finish=function(e){!e\|\|"ECB"!==this.mode.name&&"CBC"!==this.mode.name\|\|(this.mode.pad=function(t){return e(this.blockSize,t,!1)},this.mode.unpad=function(t){return e(this.blockSize,t,!0)});var t={};return t.decrypt=this._decrypt,t.overflow=this._input.length()%this.blockSize,!(!this._decrypt&&this.mode.pad&&!this.mode.pad(this._input,t))&&(this._finish=!0,this.update(),!(this._decrypt&&this.mode.unpad&&!this.mode.unpad(this.output,t))&&!(this.mode.afterFinish&&!this.mode.afterFinish(this.output,t)))};var M=v;M.cipher=M.cipher\|\|{};var F=M.cipher.modes=M.cipher.modes\|\|{};function q(e,t){if("string"==typeof e&&(e=M.util.createBuffer(e)),M.util.isArray(e)&&e.length>4){var r=e;e=M.util.createBuffer();for(var a=0;a<r.length;++a)e.putByte(r[a])}if(e.length()<t)throw new Error("Invalid IV length; got "+e.length()+" bytes and expected "+t+" bytes.");if(!M.util.isArray(e)){var n=[],i=t/4;for(a=0;a<i;++a)n.push(e.getInt32());e=n}return e}function j(e){e[e.length-1]=e[e.length-1]+1&4294967295}function G(e){return[e/4294967296\|0,4294967295&e]}F.ecb=function(e){e=e\|\|{},this.name="ECB",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints)},F.ecb.prototype.start=function(e){},F.ecb.prototype.encrypt=function(e,t,r){if(e.length()<this.blockSize&&!(r&&e.length()>0))return!0;for(var a=0;a<this._ints;++a)this._inBlock[a]=e.getInt32();this.cipher.encrypt(this._inBlock,this._outBlock);for(a=0;a<this._ints;++a)t.putInt32(this._outBlock[a])},F.ecb.prototype.decrypt=function(e,t,r){if(e.length()<this.blockSize&&!(r&&e.length()>0))return!0;for(var a=0;a<this._ints;++a)this._inBlock[a]=e.getInt32();this.cipher.decrypt(this._inBlock,this._outBlock);for(a=0;a<this._ints;++a)t.putInt32(this._outBlock[a])},F.ecb.prototype.pad=function(e,t){var r=e.length()===this.blockSize?this.blockSize:this.blockSize-e.length();return e.fillWithByte(r,r),!0},F.ecb.prototype.unpad=function(e,t){if(t.overflow>0)return!1;var r=e.length(),a=e.at(r-1);return!(a>this.blockSize<<2)&&(e.truncate(a),!0)},F.cbc=function(e){e=e\|\|{},this.name="CBC",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints)},F.cbc.prototype.start=function(e){if(null===e.iv){if(!this._prev)throw new Error("Invalid IV parameter.");this._iv=this._prev.slice(0)}else{if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=q(e.iv,this.blockSize),this._prev=this._iv.slice(0)}},F.cbc.prototype.encrypt=function(e,t,r){if(e.length()<this.blockSize&&!(r&&e.length()>0))return!0;for(var a=0;a<this._ints;++a)this._inBlock[a]=this._prev[a]^e.getInt32();this.cipher.encrypt(this._inBlock,this._outBlock);for(a=0;a<this._ints;++a)t.putInt32(this._outBlock[a]);this._prev=this._outBlock},F.cbc.prototype.decrypt=function(e,t,r){if(e.length()<this.blockSize&&!(r&&e.length()>0))return!0;for(var a=0;a<this._ints;++a)this._inBlock[a]=e.getInt32();this.cipher.decrypt(this._inBlock,this._outBlock);for(a=0;a<this._ints;++a)t.putInt32(this._prev[a]^this._outBlock[a]);this._prev=this._inBlock.slice(0)},F.cbc.prototype.pad=function(e,t){var r=e.length()===this.blockSize?this.blockSize:this.blockSize-e.length();return e.fillWithByte(r,r),!0},F.cbc.prototype.unpad=function(e,t){if(t.overflow>0)return!1;var r=e.length(),a=e.at(r-1);return!(a>this.blockSize<<2)&&(e.truncate(a),!0)},F.cfb=function(e){e=e\|\|{},this.name="CFB",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialBlock=new Array(this._ints),this._partialOutput=M.util.createBuffer(),this._partialBytes=0},F.cfb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=q(e.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},F.cfb.prototype.encrypt=function(e,t,r){var a=e.length();if(0===a)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize)for(var n=0;n<this._ints;++n)this._inBlock[n]=e.getInt32()^this._outBlock[n],t.putInt32(this._inBlock[n]);else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialBlock[n]=e.getInt32()^this._outBlock[n],this._partialOutput.putInt32(this._partialBlock[n]);if(i>0)e.read-=this.blockSize;else for(n=0;n<this._ints;++n)this._inBlock[n]=this._partialBlock[n];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}},F.cfb.prototype.decrypt=function(e,t,r){var a=e.length();if(0===a)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize)for(var n=0;n<this._ints;++n)this._inBlock[n]=e.getInt32(),t.putInt32(this._inBlock[n]^this._outBlock[n]);else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialBlock[n]=e.getInt32(),this._partialOutput.putInt32(this._partialBlock[n]^this._outBlock[n]);if(i>0)e.read-=this.blockSize;else for(n=0;n<this._ints;++n)this._inBlock[n]=this._partialBlock[n];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}},F.ofb=function(e){e=e\|\|{},this.name="OFB",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialOutput=M.util.createBuffer(),this._partialBytes=0},F.ofb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=q(e.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},F.ofb.prototype.encrypt=function(e,t,r){var a=e.length();if(0===e.length())return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize)for(var n=0;n<this._ints;++n)t.putInt32(e.getInt32()^this._outBlock[n]),this._inBlock[n]=this._outBlock[n];else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialOutput.putInt32(e.getInt32()^this._outBlock[n]);if(i>0)e.read-=this.blockSize;else for(n=0;n<this._ints;++n)this._inBlock[n]=this._outBlock[n];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}},F.ofb.prototype.decrypt=F.ofb.prototype.encrypt,F.ctr=function(e){e=e\|\|{},this.name="CTR",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialOutput=M.util.createBuffer(),this._partialBytes=0},F.ctr.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=q(e.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},F.ctr.prototype.encrypt=function(e,t,r){var a=e.length();if(0===a)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize)for(var n=0;n<this._ints;++n)t.putInt32(e.getInt32()^this._outBlock[n]);else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialOutput.putInt32(e.getInt32()^this._outBlock[n]);if(i>0&&(e.read-=this.blockSize),this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}j(this._inBlock)},F.ctr.prototype.decrypt=F.ctr.prototype.encrypt,F.gcm=function(e){e=e\|\|{},this.name="GCM",this.cipher=e.cipher,this.blockSize=e.blockSize\|\|16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints),this._partialOutput=M.util.createBuffer(),this._partialBytes=0,this._R=3774873600},F.gcm.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");var t,r=M.util.createBuffer(e.iv);if(this._cipherLength=0,t="additionalData"in e?M.util.createBuffer(e.additionalData):M.util.createBuffer(),this._tagLength="tagLength"in e?e.tagLength:128,this._tag=null,e.decrypt&&(this._tag=M.util.createBuffer(e.tag).getBytes(),this._tag.length!==this._tagLength/8))throw new Error("Authentication tag does not match tag length.");this._hashBlock=new Array(this._ints),this.tag=null,this._hashSubkey=new Array(this._ints),this.cipher.encrypt([0,0,0,0],this._hashSubkey),this.componentBits=4,this._m=this.generateHashTable(this._hashSubkey,this.componentBits);var a=r.length();if(12===a)this._j0=[r.getInt32(),r.getInt32(),r.getInt32(),1];else{for(this._j0=[0,0,0,0];r.length()>0;)this._j0=this.ghash(this._hashSubkey,this._j0,[r.getInt32(),r.getInt32(),r.getInt32(),r.getInt32()]);this._j0=this.ghash(this._hashSubkey,this._j0,[0,0].concat(G(8a)))}this._inBlock=this._j0.slice(0),j(this._inBlock),this._partialBytes=0,t=M.util.createBuffer(t),this._aDataLength=G(8t.length());var n=t.length()%this.blockSize;for(n&&t.fillWithByte(0,this.blockSize-n),this._s=[0,0,0,0];t.length()>0;)this._s=this.ghash(this._hashSubkey,this._s,[t.getInt32(),t.getInt32(),t.getInt32(),t.getInt32()])},F.gcm.prototype.encrypt=function(e,t,r){var a=e.length();if(0===a)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),0===this._partialBytes&&a>=this.blockSize){for(var n=0;n<this._ints;++n)t.putInt32(this._outBlock[n]^=e.getInt32());this._cipherLength+=this.blockSize}else{var i=(this.blockSize-a)%this.blockSize;i>0&&(i=this.blockSize-i),this._partialOutput.clear();for(n=0;n<this._ints;++n)this._partialOutput.putInt32(e.getInt32()^this._outBlock[n]);if(i<=0\|\|r){if(r){var s=a%this.blockSize;this._cipherLength+=s,this._partialOutput.truncate(this.blockSize-s)}else this._cipherLength+=this.blockSize;for(n=0;n<this._ints;++n)this._outBlock[n]=this._partialOutput.getInt32();this._partialOutput.read-=this.blockSize}if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),i>0&&!r)return e.read-=this.blockSize,t.putBytes(this._partialOutput.getBytes(i-this._partialBytes)),this._partialBytes=i,!0;t.putBytes(this._partialOutput.getBytes(a-this._partialBytes)),this._partialBytes=0}this._s=this.ghash(this._hashSubkey,this._s,this._outBlock),j(this._inBlock)},F.gcm.prototype.decrypt=function(e,t,r){var a=e.length();if(a<this.blockSize&&!(r&&a>0))return!0;this.cipher.encrypt(this._inBlock,this._outBlock),j(this._inBlock),this._hashBlock[0]=e.getInt32(),this._hashBlock[1]=e.getInt32(),this._hashBlock[2]=e.getInt32(),this._hashBlock[3]=e.getInt32(),this._s=this.ghash(this._hashSubkey,this._s,this._hashBlock);for(var n=0;n<this._ints;++n)t.putInt32(this._outBlock[n]^this._hashBlock[n]);a<this.blockSize?this._cipherLength+=a%this.blockSize:this._cipherLength+=this.blockSize},F.gcm.prototype.afterFinish=function(e,t){var r=!0;t.decrypt&&t.overflow&&e.truncate(this.blockSize-t.overflow),this.tag=M.util.createBuffer();var a=this._aDataLength.concat(G(8this._cipherLength));this._s=this.ghash(this._hashSubkey,this._s,a);var n=[];this.cipher.encrypt(this._j0,n);for(var i=0;i<this._ints;++i)this.tag.putInt32(this._s[i]^n[i]);return this.tag.truncate(this.tag.length()%(this._tagLength/8)),t.decrypt&&this.tag.bytes()!==this._tag&&(r=!1),r},F.gcm.prototype.multiply=function(e,t){for(var r=[0,0,0,0],a=t.slice(0),n=0;n<128;++n){e[n/32\|0]&1<<31-n%32&&(r[0]^=a[0],r[1]^=a[1],r[2]^=a[2],r[3]^=a[3]),this.pow(a,a)}return r},F.gcm.prototype.pow=function(e,t){for(var r=1&e[3],a=3;a>0;--a)t[a]=e[a]>>>1\|(1&e[a-1])<<31;t[0]=e[0]>>>1,r&&(t[0]^=this._R)},F.gcm.prototype.tableMultiply=function(e){for(var t=[0,0,0,0],r=0;r<32;++r){var a=e[r/8\|0]>>>4(7-r%8)&15,n=this._m[r][a];t[0]^=n[0],t[1]^=n[1],t[2]^=n[2],t[3]^=n[3]}return t},F.gcm.prototype.ghash=function(e,t,r){return t[0]^=r[0],t[1]^=r[1],t[2]^=r[2],t[3]^=r[3],this.tableMultiply(t)},F.gcm.prototype.generateHashTable=function(e,t){for(var r=8/t,a=4r,n=16r,i=new Array(n),s=0;s<n;++s){var o=[0,0,0,0],c=(a-1-s%a)t;o[s/a\|0]=1<<t-1<<c,i[s]=this.generateSubHashTable(this.multiply(o,e),t)}return i},F.gcm.prototype.generateSubHashTable=function(e,t){var r=1<<t,a=r>>>1,n=new Array(r);n[a]=e.slice(0);for(var i=a>>>1;i>0;)this.pow(n[2i],n[i]=[]),i>>=1;for(i=2;i<a;){for(var s=1;s<i;++s){var o=n[i],c=n[s];n[i+s]=[o[0]^c[0],o[1]^c[1],o[2]^c[2],o[3]^c[3]]}i=2}for(n[0]=[0,0,0,0],i=a+1;i<r;++i){var u=n[i^a];n[i]=[e[0]^u[0],e[1]^u[1],e[2]^u[2],e[3]^u[3]]}return n};var H=v;function Q(e,t){H.cipher.registerAlgorithm(e,(function(){return new H.aes.Algorithm(e,t)}))}H.aes=H.aes\|\|{},H.aes.startEncrypting=function(e,t,r,a){var n=ae({key:e,output:r,decrypt:!1,mode:a});return n.start(t),n},H.aes.createEncryptionCipher=function(e,t){return ae({key:e,output:null,decrypt:!1,mode:t})},H.aes.startDecrypting=function(e,t,r,a){var n=ae({key:e,output:r,decrypt:!0,mode:a});return n.start(t),n},H.aes.createDecryptionCipher=function(e,t){return ae({key:e,output:null,decrypt:!0,mode:t})},H.aes.Algorithm=function(e,t){$\|\|ee();var r=this;r.name=e,r.mode=new t({blockSize:16,cipher:{encrypt:function(e,t){return re(r._w,e,t,!1)},decrypt:function(e,t){return re(r._w,e,t,!0)}}}),r._init=!1},H.aes.Algorithm.prototype.initialize=function(e){if(!this._init){var t,r=e.key;if("string"!=typeof r\|\|16!==r.length&&24!==r.length&&32!==r.length){if(H.util.isArray(r)&&(16===r.length\|\|24===r.length\|\|32===r.length)){t=r,r=H.util.createBuffer();for(var a=0;a<t.length;++a)r.putByte(t[a])}}else r=H.util.createBuffer(r);if(!H.util.isArray(r)){t=r,r=[];var n=t.length();if(16===n\|\|24===n\|\|32===n){n>>>=2;for(a=0;a<n;++a)r.push(t.getInt32())}}if(!H.util.isArray(r)\|\|4!==r.length&&6!==r.length&&8!==r.length)throw new Error("Invalid key parameter.");var i=this.mode.name,s=-1!==["CFB","OFB","CTR","GCM"].indexOf(i);this._w=te(r,e.decrypt&&!s),this._init=!0}},H.aes._expandKey=function(e,t){return $\|\|ee(),te(e,t)},H.aes._updateBlock=re,Q("AES-ECB",H.cipher.modes.ecb),Q("AES-CBC",H.cipher.modes.cbc),Q("AES-CFB",H.cipher.modes.cfb),Q("AES-OFB",H.cipher.modes.ofb),Q("AES-CTR",H.cipher.modes.ctr),Q("AES-GCM",H.cipher.modes.gcm);var z,W,Y,X,Z,$=!1,J=4;function ee(){$=!0,Y=[0,1,2,4,8,16,32,64,128,27,54];for(var e=new Array(256),t=0;t<128;++t)e[t]=t<<1,e[t+128]=t+128<<1^283;z=new Array(256),W=new Array(256),X=new Array(4),Z=new Array(4);for(t=0;t<4;++t)X[t]=new Array(256),Z[t]=new Array(256);var r,a,n,i,s,o,c,u=0,l=0;for(t=0;t<256;++t){i=(i=l^l<<1^l<<2^l<<3^l<<4)>>8^255&i^99,z[u]=i,W[i]=u,o=(s=e[i])<<24^i<<16^i<<8^i^s,c=((r=e[u])^(a=e[r])^(n=e[a]))<<24^(u^n)<<16^(u^a^n)<<8^u^r^n;for(var p=0;p<4;++p)X[p][u]=o,Z[p][i]=c,o=o<<24\|o>>>8,c=c<<24\|c>>>8;0===u?u=l=1:(u=r^e[e[e[r^n]]],l^=e[e[l]])}}function te(e,t){for(var r,a=e.slice(0),n=1,i=a.length,s=J(i+6+1),o=i;o<s;++o)r=a[o-1],o%i==0?(r=z[r>>>16&255]<<24^z[r>>>8&255]<<16^z[255&r]<<8^z[r>>>24]^Y[n]<<24,n++):i>6&&o%i==4&&(r=z[r>>>24]<<24^z[r>>>16&255]<<16^z[r>>>8&255]<<8^z[255&r]),a[o]=a[o-i]^r;if(t){for(var c,u=Z[0],l=Z[1],p=Z[2],h=Z[3],f=a.slice(0),d=(o=0,(s=a.length)-J);o<s;o+=J,d-=J)if(0===o\|\|o===s-J)f[o]=a[d],f[o+1]=a[d+3],f[o+2]=a[d+2],f[o+3]=a[d+1];else for(var y=0;y<J;++y)c=a[d+y],f[o+(3&-y)]=u[z[c>>>24]]^l[z[c>>>16&255]]^p[z[c>>>8&255]]^h[z[255&c]];a=f}return a}function re(e,t,r,a){var n,i,s,o,c,u,l,p,h,f,d,y,g=e.length/4-1;a?(n=Z[0],i=Z[1],s=Z[2],o=Z[3],c=W):(n=X[0],i=X[1],s=X[2],o=X[3],c=z),u=t[0]^e[0],l=t[a?3:1]^e[1],p=t[2]^e[2],h=t[a?1:3]^e[3];for(var m=3,v=1;v<g;++v)f=n[u>>>24]^i[l>>>16&255]^s[p>>>8&255]^o[255&h]^e[++m],d=n[l>>>24]^i[p>>>16&255]^s[h>>>8&255]^o[255&u]^e[++m],y=n[p>>>24]^i[h>>>16&255]^s[u>>>8&255]^o[255&l]^e[++m],h=n[h>>>24]^i[u>>>16&255]^s[l>>>8&255]^o[255&p]^e[++m],u=f,l=d,p=y;r[0]=c[u>>>24]<<24^c[l>>>16&255]<<16^c[p>>>8&255]<<8^c[255&h]^e[++m],r[a?3:1]=c[l>>>24]<<24^c[p>>>16&255]<<16^c[h>>>8&255]<<8^c[255&u]^e[++m],r[2]=c[p>>>24]<<24^c[h>>>16&255]<<16^c[u>>>8&255]<<8^c[255&l]^e[++m],r[a?1:3]=c[h>>>24]<<24^c[u>>>16&255]<<16^c[l>>>8&255]<<8^c[255&p]^e[++m]}function ae(e){var t,r="AES-"+((e=e\|\|{}).mode\|\|"CBC").toUpperCase(),a=(t=e.decrypt?H.cipher.createDecipher(r,e.key):H.cipher.createCipher(r,e.key)).start;return t.start=function(e,r){var n=null;r instanceof H.util.ByteBuffer&&(n=r,r={}),(r=r\|\|{}).output=n,r.iv=e,a.call(t,r)},t}var ne=v;ne.pki=ne.pki\|\|{};var ie=ne.pki.oids=ne.oids=ne.oids\|\|{};function se(e,t){ie[e]=t,ie[t]=e}function oe(e,t){ie[e]=t}se("1.2.840.113549.1.1.1","rsaEncryption"),se("1.2.840.113549.1.1.4","md5WithRSAEncryption"),se("1.2.840.113549.1.1.5","sha1WithRSAEncryption"),se("1.2.840.113549.1.1.7","RSAES-OAEP"),se("1.2.840.113549.1.1.8","mgf1"),se("1.2.840.113549.1.1.9","pSpecified"),se("1.2.840.113549.1.1.10","RSASSA-PSS"),se("1.2.840.113549.1.1.11","sha256WithRSAEncryption"),se("1.2.840.113549.1.1.12","sha384WithRSAEncryption"),se("1.2.840.113549.1.1.13","sha512WithRSAEncryption"),se("1.3.101.112","EdDSA25519"),se("1.2.840.10040.4.3","dsa-with-sha1"),se("1.3.14.3.2.7","desCBC"),se("1.3.14.3.2.26","sha1"),se("2.16.840.1.101.3.4.2.1","sha256"),se("2.16.840.1.101.3.4.2.2","sha384"),se("2.16.840.1.101.3.4.2.3","sha512"),se("1.2.840.113549.2.5","md5"),se("1.2.840.113549.1.7.1","data"),se("1.2.840.113549.1.7.2","signedData"),se("1.2.840.113549.1.7.3","envelopedData"),se("1.2.840.113549.1.7.4","signedAndEnvelopedData"),se("1.2.840.113549.1.7.5","digestedData"),se("1.2.840.113549.1.7.6","encryptedData"),se("1.2.840.113549.1.9.1","emailAddress"),se("1.2.840.113549.1.9.2","unstructuredName"),se("1.2.840.113549.1.9.3","contentType"),se("1.2.840.113549.1.9.4","messageDigest"),se("1.2.840.113549.1.9.5","signingTime"),se("1.2.840.113549.1.9.6","counterSignature"),se("1.2.840.113549.1.9.7","challengePassword"),se("1.2.840.113549.1.9.8","unstructuredAddress"),se("1.2.840.113549.1.9.14","extensionRequest"),se("1.2.840.113549.1.9.20","friendlyName"),se("1.2.840.113549.1.9.21","localKeyId"),se("1.2.840.113549.1.9.22.1","x509Certificate"),se("1.2.840.113549.1.12.10.1.1","keyBag"),se("1.2.840.113549.1.12.10.1.2","pkcs8ShroudedKeyBag"),se("1.2.840.113549.1.12.10.1.3","certBag"),se("1.2.840.113549.1.12.10.1.4","crlBag"),se("1.2.840.113549.1.12.10.1.5","secretBag"),se("1.2.840.113549.1.12.10.1.6","safeContentsBag"),se("1.2.840.113549.1.5.13","pkcs5PBES2"),se("1.2.840.113549.1.5.12","pkcs5PBKDF2"),se("1.2.840.113549.1.12.1.1","pbeWithSHAAnd128BitRC4"),se("1.2.840.113549.1.12.1.2","pbeWithSHAAnd40BitRC4"),se("1.2.840.113549.1.12.1.3","pbeWithSHAAnd3-KeyTripleDES-CBC"),se("1.2.840.113549.1.12.1.4","pbeWithSHAAnd2-KeyTripleDES-CBC"),se("1.2.840.113549.1.12.1.5","pbeWithSHAAnd128BitRC2-CBC"),se("1.2.840.113549.1.12.1.6","pbewithSHAAnd40BitRC2-CBC"),se("1.2.840.113549.2.7","hmacWithSHA1"),se("1.2.840.113549.2.8","hmacWithSHA224"),se("1.2.840.113549.2.9","hmacWithSHA256"),se("1.2.840.113549.2.10","hmacWithSHA384"),se("1.2.840.113549.2.11","hmacWithSHA512"),se("1.2.840.113549.3.7","des-EDE3-CBC"),se("2.16.840.1.101.3.4.1.2","aes128-CBC"),se("2.16.840.1.101.3.4.1.22","aes192-CBC"),se("2.16.840.1.101.3.4.1.42","aes256-CBC"),se("2.5.4.3","commonName"),se("2.5.4.5","serialName"),se("2.5.4.6","countryName"),se("2.5.4.7","localityName"),se("2.5.4.8","stateOrProvinceName"),se("2.5.4.9","streetAddress"),se("2.5.4.10","organizationName"),se("2.5.4.11","organizationalUnitName"),se("2.5.4.13","description"),se("2.5.4.15","businessCategory"),se("2.5.4.17","postalCode"),se("1.3.6.1.4.1.311.60.2.1.2","jurisdictionOfIncorporationStateOrProvinceName"),se("1.3.6.1.4.1.311.60.2.1.3","jurisdictionOfIncorporationCountryName"),se("2.16.840.1.113730.1.1","nsCertType"),se("2.16.840.1.113730.1.13","nsComment"),oe("2.5.29.1","authorityKeyIdentifier"),oe("2.5.29.2","keyAttributes"),oe("2.5.29.3","certificatePolicies"),oe("2.5.29.4","keyUsageRestriction"),oe("2.5.29.5","policyMapping"),oe("2.5.29.6","subtreesConstraint"),oe("2.5.29.7","subjectAltName"),oe("2.5.29.8","issuerAltName"),oe("2.5.29.9","subjectDirectoryAttributes"),oe("2.5.29.10","basicConstraints"),oe("2.5.29.11","nameConstraints"),oe("2.5.29.12","policyConstraints"),oe("2.5.29.13","basicConstraints"),se("2.5.29.14","subjectKeyIdentifier"),se("2.5.29.15","keyUsage"),oe("2.5.29.16","privateKeyUsagePeriod"),se("2.5.29.17","subjectAltName"),se("2.5.29.18","issuerAltName"),se("2.5.29.19","basicConstraints"),oe("2.5.29.20","cRLNumber"),oe("2.5.29.21","cRLReason"),oe("2.5.29.22","expirationDate"),oe("2.5.29.23","instructionCode"),oe("2.5.29.24","invalidityDate"),oe("2.5.29.25","cRLDistributionPoints"),oe("2.5.29.26","issuingDistributionPoint"),oe("2.5.29.27","deltaCRLIndicator"),oe("2.5.29.28","issuingDistributionPoint"),oe("2.5.29.29","certificateIssuer"),oe("2.5.29.30","nameConstraints"),se("2.5.29.31","cRLDistributionPoints"),se("2.5.29.32","certificatePolicies"),oe("2.5.29.33","policyMappings"),oe("2.5.29.34","policyConstraints"),se("2.5.29.35","authorityKeyIdentifier"),oe("2.5.29.36","policyConstraints"),se("2.5.29.37","extKeyUsage"),oe("2.5.29.46","freshestCRL"),oe("2.5.29.54","inhibitAnyPolicy"),se("1.3.6.1.4.1.11129.2.4.2","timestampList"),se("1.3.6.1.5.5.7.1.1","authorityInfoAccess"),se("1.3.6.1.5.5.7.3.1","serverAuth"),se("1.3.6.1.5.5.7.3.2","clientAuth"),se("1.3.6.1.5.5.7.3.3","codeSigning"),se("1.3.6.1.5.5.7.3.4","emailProtection"),se("1.3.6.1.5.5.7.3.8","timeStamping");var ce=v,ue=ce.asn1=ce.asn1\|\|{};function le(e,t,r){if(r>t){var a=new Error("Too few bytes to parse DER.");throw a.available=e.length(),a.remaining=t,a.requested=r,a}}ue.Class={UNIVERSAL:0,APPLICATION:64,CONTEXT_SPECIFIC:128,PRIVATE:192},ue.Type={NONE:0,BOOLEAN:1,INTEGER:2,BITSTRING:3,OCTETSTRING:4,NULL:5,OID:6,ODESC:7,EXTERNAL:8,REAL:9,ENUMERATED:10,EMBEDDED:11,UTF8:12,ROID:13,SEQUENCE:16,SET:17,PRINTABLESTRING:19,IA5STRING:22,UTCTIME:23,GENERALIZEDTIME:24,BMPSTRING:30},ue.create=function(e,t,r,a,n){if(ce.util.isArray(a)){for(var i=[],s=0;s<a.length;++s)void 0!==a[s]&&i.push(a[s]);a=i}var o={tagClass:e,type:t,constructed:r,composed:r\|\|ce.util.isArray(a),value:a};return n&&"bitStringContents"in n&&(o.bitStringContents=n.bitStringContents,o.original=ue.copy(o)),o},ue.copy=function(e,t){var r;if(ce.util.isArray(e)){r=[];for(var a=0;a<e.length;++a)r.push(ue.copy(e[a],t));return r}return"string"==typeof e?e:(r={tagClass:e.tagClass,type:e.type,constructed:e.constructed,composed:e.composed,value:ue.copy(e.value,t)},t&&!t.excludeBitStringContents&&(r.bitStringContents=e.bitStringContents),r)},ue.equals=function(e,t,r){if(ce.util.isArray(e)){if(!ce.util.isArray(t))return!1;if(e.length!==t.length)return!1;for(var a=0;a<e.length;++a)if(!ue.equals(e[a],t[a]))return!1;return!0}if(typeof e!=typeof t)return!1;if("string"==typeof e)return e===t;var n=e.tagClass===t.tagClass&&e.type===t.type&&e.constructed===t.constructed&&e.composed===t.composed&&ue.equals(e.value,t.value);return r&&r.includeBitStringContents&&(n=n&&e.bitStringContents===t.bitStringContents),n},ue.getBerValueLength=function(e){var t=e.getByte();if(128!==t)return 128&t?e.getInt((127&t)<<3):t};function pe(e,t,r,a){var n;le(e,t,2);var i=e.getByte();t--;var s=192&i,o=31&i;n=e.length();var c,u,l=function(e,t){var r=e.getByte();if(t--,128!==r){var a;if(128&r){var n=127&r;le(e,t,n),a=e.getInt(n<<3)}else a=r;if(a<0)throw new Error("Negative length: "+a);return a}}(e,t);if(t-=n-e.length(),void 0!==l&&l>t){if(a.strict){var p=new Error("Too few bytes to read ASN.1 value.");throw p.available=e.length(),p.remaining=t,p.requested=l,p}l=t}var h=32==(32&i);if(h)if(c=[],void 0===l)for(;;){if(le(e,t,2),e.bytes(2)===String.fromCharCode(0,0)){e.getBytes(2),t-=2;break}n=e.length(),c.push(pe(e,t,r+1,a)),t-=n-e.length()}else for(;l>0;)n=e.length(),c.push(pe(e,l,r+1,a)),t-=n-e.length(),l-=n-e.length();if(void 0===c&&s===ue.Class.UNIVERSAL&&o===ue.Type.BITSTRING&&(u=e.bytes(l)),void 0===c&&a.decodeBitStrings&&s===ue.Class.UNIVERSAL&&o===ue.Type.BITSTRING&&l>1){var f=e.read,d=t,y=0;if(o===ue.Type.BITSTRING&&(le(e,t,1),y=e.getByte(),t--),0===y)try{n=e.length();var g=pe(e,t,r+1,{verbose:a.verbose,strict:!0,decodeBitStrings:!0}),m=n-e.length();t-=m,o==ue.Type.BITSTRING&&m++;var v=g.tagClass;m!==l\|\|v!==ue.Class.UNIVERSAL&&v!==ue.Class.CONTEXT_SPECIFIC\|\|(c=[g])}catch(e){}void 0===c&&(e.read=f,t=d)}if(void 0===c){if(void 0===l){if(a.strict)throw new Error("Non-constructed ASN.1 object of indefinite length.");l=t}if(o===ue.Type.BMPSTRING)for(c="";l>0;l-=2)le(e,t,2),c+=String.fromCharCode(e.getInt16()),t-=2;else c=e.getBytes(l)}var C=void 0===u?null:{bitStringContents:u};return ue.create(s,o,h,c,C)}ue.fromDer=function(e,t){return void 0===t&&(t={strict:!0,decodeBitStrings:!0}),"boolean"==typeof t&&(t={strict:t,decodeBitStrings:!0}),"strict"in t\|\|(t.strict=!0),"decodeBitStrings"in t\|\|(t.decodeBitStrings=!0),"string"==typeof e&&(e=ce.util.createBuffer(e)),pe(e,e.length(),0,t)},ue.toDer=function(e){var t=ce.util.createBuffer(),r=e.tagClass\|e.type,a=ce.util.createBuffer(),n=!1;if("bitStringContents"in e&&(n=!0,e.original&&(n=ue.equals(e,e.original))),n)a.putBytes(e.bitStringContents);else if(e.composed){e.constructed?r\|=32:a.putByte(0);for(var i=0;i<e.value.length;++i)void 0!==e.value[i]&&a.putBuffer(ue.toDer(e.value[i]))}else if(e.type===ue.Type.BMPSTRING)for(i=0;i<e.value.length;++i)a.putInt16(e.value.charCodeAt(i));else e.type===ue.Type.INTEGER&&e.value.length>1&&(0===e.value.charCodeAt(0)&&0==(128&e.value.charCodeAt(1))\|\|255===e.value.charCodeAt(0)&&128==(128&e.value.charCodeAt(1)))?a.putBytes(e.value.substr(1)):a.putBytes(e.value);if(t.putByte(r),a.length()<=127)t.putByte(127&a.length());else{var s=a.length(),o="";do{o+=String.fromCharCode(255&s),s>>>=8}while(s>0);t.putByte(128\|o.length);for(i=o.length-1;i>=0;--i)t.putByte(o.charCodeAt(i))}return t.putBuffer(a),t},ue.oidToDer=function(e){var t,r,a,n,i=e.split("."),s=ce.util.createBuffer();s.putByte(40parseInt(i[0],10)+parseInt(i[1],10));for(var o=2;o<i.length;++o){t=!0,r=[],a=parseInt(i[o],10);do{n=127&a,a>>>=7,t\|\|(n\|=128),r.push(n),t=!1}while(a>0);for(var c=r.length-1;c>=0;--c)s.putByte(r[c])}return s},ue.derToOid=function(e){var t;"string"==typeof e&&(e=ce.util.createBuffer(e));var r=e.getByte();t=Math.floor(r/40)+"."+r%40;for(var a=0;e.length()>0;)a<<=7,128&(r=e.getByte())?a+=127&r:(t+="."+(a+r),a=0);return t},ue.utcTimeToDate=function(e){var t=new Date,r=parseInt(e.substr(0,2),10);r=r>=50?1900+r:2e3+r;var a=parseInt(e.substr(2,2),10)-1,n=parseInt(e.substr(4,2),10),i=parseInt(e.substr(6,2),10),s=parseInt(e.substr(8,2),10),o=0;if(e.length>11){var c=e.charAt(10),u=10;"+"!==c&&"-"!==c&&(o=parseInt(e.substr(10,2),10),u+=2)}if(t.setUTCFullYear(r,a,n),t.setUTCHours(i,s,o,0),u&&("+"===(c=e.charAt(u))\|\|"-"===c)){var l=60parseInt(e.substr(u+1,2),10)+parseInt(e.substr(u+4,2),10);l=6e4,"+"===c?t.setTime(+t-l):t.setTime(+t+l)}return t},ue.generalizedTimeToDate=function(e){var t=new Date,r=parseInt(e.substr(0,4),10),a=parseInt(e.substr(4,2),10)-1,n=parseInt(e.substr(6,2),10),i=parseInt(e.substr(8,2),10),s=parseInt(e.substr(10,2),10),o=parseInt(e.substr(12,2),10),c=0,u=0,l=!1;"Z"===e.charAt(e.length-1)&&(l=!0);var p=e.length-5,h=e.charAt(p);"+"!==h&&"-"!==h\|\|(u=60parseInt(e.substr(p+1,2),10)+parseInt(e.substr(p+4,2),10),u=6e4,"+"===h&&(u=-1),l=!0);return"."===e.charAt(14)&&(c=1e3parseFloat(e.substr(14),10)),l?(t.setUTCFullYear(r,a,n),t.setUTCHours(i,s,o,c),t.setTime(+t+u)):(t.setFullYear(r,a,n),t.setHours(i,s,o,c)),t},ue.dateToUtcTime=function(e){if("string"==typeof e)return e;var t="",r=[];r.push((""+e.getUTCFullYear()).substr(2)),r.push(""+(e.getUTCMonth()+1)),r.push(""+e.getUTCDate()),r.push(""+e.getUTCHours()),r.push(""+e.getUTCMinutes()),r.push(""+e.getUTCSeconds());for(var a=0;a<r.length;++a)r[a].length<2&&(t+="0"),t+=r[a];return t+="Z"},ue.dateToGeneralizedTime=function(e){if("string"==typeof e)return e;var t="",r=[];r.push(""+e.getUTCFullYear()),r.push(""+(e.getUTCMonth()+1)),r.push(""+e.getUTCDate()),r.push(""+e.getUTCHours()),r.push(""+e.getUTCMinutes()),r.push(""+e.getUTCSeconds());for(var a=0;a<r.length;++a)r[a].length<2&&(t+="0"),t+=r[a];return t+="Z"},ue.integerToDer=function(e){var t=ce.util.createBuffer();if(e>=-128&&e<128)return t.putSignedInt(e,8);if(e>=-32768&&e<32768)return t.putSignedInt(e,16);if(e>=-8388608&&e<8388608)return t.putSignedInt(e,24);if(e>=-2147483648&&e<2147483648)return t.putSignedInt(e,32);var r=new Error("Integer too large; max is 32-bits.");throw r.integer=e,r},ue.derToInteger=function(e){"string"==typeof e&&(e=ce.util.createBuffer(e));var t=8e.length();if(t>32)throw new Error("Integer too large; max is 32-bits.");return e.getSignedInt(t)},ue.validate=function(e,t,r,a){var n=!1;if(e.tagClass!==t.tagClass&&void 0!==t.tagClass\|\|e.type!==t.type&&void 0!==t.type)a&&(e.tagClass!==t.tagClass&&a.push("["+t.name+'] Expected tag class "'+t.tagClass+'", got "'+e.tagClass+'"'),e.type!==t.type&&a.push("["+t.name+'] Expected type "'+t.type+'", got "'+e.type+'"'));else if(e.constructed===t.constructed\|\|void 0===t.constructed){if(n=!0,t.value&&ce.util.isArray(t.value))for(var i=0,s=0;n&&s<t.value.length;++s)n=t.value[s].optional\|\|!1,e.value[i]&&((n=ue.validate(e.value[i],t.value[s],r,a))?++i:t.value[s].optional&&(n=!0)),!n&&a&&a.push("["+t.name+'] Tag class "'+t.tagClass+'", type "'+t.type+'" expected value length "'+t.value.length+'", got "'+e.value.length+'"');if(n&&r&&(t.capture&&(r[t.capture]=e.value),t.captureAsn1&&(r[t.captureAsn1]=e),t.captureBitStringContents&&"bitStringContents"in e&&(r[t.captureBitStringContents]=e.bitStringContents),t.captureBitStringValue&&"bitStringContents"in e))if(e.bitStringContents.length<2)r[t.captureBitStringValue]="";else{if(0!==e.bitStringContents.charCodeAt(0))throw new Error("captureBitStringValue only supported for zero unused bits");r[t.captureBitStringValue]=e.bitStringContents.slice(1)}}else a&&a.push("["+t.name+'] Expected constructed "'+t.constructed+'", got "'+e.constructed+'"');return n};var he=/[^\\u0000-\\u00ff]/;ue.prettyPrint=function(e,t,r){var a="";r=r\|\|2,(t=t\|\|0)>0&&(a+="\n");for(var n="",i=0;i<tr;++i)n+=" ";switch(a+=n+"Tag: ",e.tagClass){case ue.Class.UNIVERSAL:a+="Universal:";break;case ue.Class.APPLICATION:a+="Application:";break;case ue.Class.CONTEXT_SPECIFIC:a+="Context-Specific:";break;case ue.Class.PRIVATE:a+="Private:"}if(e.tagClass===ue.Class.UNIVERSAL)switch(a+=e.type,e.type){case ue.Type.NONE:a+=" (None)";break;case ue.Type.BOOLEAN:a+=" (Boolean)";break;case ue.Type.INTEGER:a+=" (Integer)";break;case ue.Type.BITSTRING:a+=" (Bit string)";break;case ue.Type.OCTETSTRING:a+=" (Octet string)";break;case ue.Type.NULL:a+=" (Null)";break;case ue.Type.OID:a+=" (Object Identifier)";break;case ue.Type.ODESC:a+=" (Object Descriptor)";break;case ue.Type.EXTERNAL:a+=" (External or Instance of)";break;case ue.Type.REAL:a+=" (Real)";break;case ue.Type.ENUMERATED:a+=" (Enumerated)";break;case ue.Type.EMBEDDED:a+=" (Embedded PDV)";break;case ue.Type.UTF8:a+=" (UTF8)";break;case ue.Type.ROID:a+=" (Relative Object Identifier)";break;case ue.Type.SEQUENCE:a+=" (Sequence)";break;case ue.Type.SET:a+=" (Set)";break;case ue.Type.PRINTABLESTRING:a+=" (Printable String)";break;case ue.Type.IA5String:a+=" (IA5String (ASCII))";break;case ue.Type.UTCTIME:a+=" (UTC time)";break;case ue.Type.GENERALIZEDTIME:a+=" (Generalized time)";break;case ue.Type.BMPSTRING:a+=" (BMP String)"}else a+=e.type;if(a+="\n",a+=n+"Constructed: "+e.constructed+"\n",e.composed){var s=0,o="";for(i=0;i<e.value.length;++i)void 0!==e.value[i]&&(s+=1,o+=ue.prettyPrint(e.value[i],t+1,r),i+1<e.value.length&&(o+=","));a+=n+"Sub values: "+s+o}else{if(a+=n+"Value: ",e.type===ue.Type.OID){var c=ue.derToOid(e.value);a+=c,ce.pki&&ce.pki.oids&&c in ce.pki.oids&&(a+=" ("+ce.pki.oids[c]+") ")}if(e.type===ue.Type.INTEGER)try{a+=ue.derToInteger(e.value)}catch(t){a+="0x"+ce.util.bytesToHex(e.value)}else if(e.type===ue.Type.BITSTRING){if(e.value.length>1?a+="0x"+ce.util.bytesToHex(e.value.slice(1)):a+="(none)",e.value.length>0){var u=e.value.charCodeAt(0);1==u?a+=" (1 unused bit shown)":u>1&&(a+=" ("+u+" unused bits shown)")}}else e.type===ue.Type.OCTETSTRING?(he.test(e.value)\|\|(a+="("+e.value+") "),a+="0x"+ce.util.bytesToHex(e.value)):e.type===ue.Type.UTF8?a+=ce.util.decodeUtf8(e.value):e.type===ue.Type.PRINTABLESTRING\|\|e.type===ue.Type.IA5String?a+=e.value:he.test(e.value)?a+="0x"+ce.util.bytesToHex(e.value):0===e.value.length?a+="[null]":a+=e.value}return a};var fe=v,de=fe.md=fe.md\|\|{};fe.md.algorithms=fe.md.algorithms\|\|{};var ye=v;(ye.hmac=ye.hmac\|\|{}).create=function(){var e=null,t=null,r=null,a=null,n={start:function(n,i){if(null!==n)if("string"==typeof n){if(!((n=n.toLowerCase())in ye.md.algorithms))throw new Error('Unknown hash algorithm "'+n+'"');t=ye.md.algorithms[n].create()}else t=n;if(null===i)i=e;else{if("string"==typeof i)i=ye.util.createBuffer(i);else if(ye.util.isArray(i)){var s=i;i=ye.util.createBuffer();for(var o=0;o<s.length;++o)i.putByte(s[o])}var c=i.length();c>t.blockLength&&(t.start(),t.update(i.bytes()),i=t.digest()),r=ye.util.createBuffer(),a=ye.util.createBuffer(),c=i.length();for(o=0;o<c;++o){s=i.at(o);r.putByte(54^s),a.putByte(92^s)}if(c<t.blockLength)for(s=t.blockLength-c,o=0;o<s;++o)r.putByte(54),a.putByte(92);e=i,r=r.bytes(),a=a.bytes()}t.start(),t.update(r)},update:function(e){t.update(e)},getMac:function(){var e=t.digest().bytes();return t.start(),t.update(a),t.update(e),t.digest()}};return n.digest=n.getMac,n};var ge=v,me=ge.md5=ge.md5\|\|{};ge.md.md5=ge.md.algorithms.md5=me,me.create=function(){Te\|\|function(){ve=String.fromCharCode(128),ve+=ge.util.fillString(String.fromCharCode(0),64),Ce=[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,1,6,11,0,5,10,15,4,9,14,3,8,13,2,7,12,5,8,11,14,1,4,7,10,13,0,3,6,9,12,15,2,0,7,14,5,12,3,10,1,8,15,6,13,4,11,2,9],Ee=[7,12,17,22,7,12,17,22,7,12,17,22,7,12,17,22,5,9,14,20,5,9,14,20,5,9,14,20,5,9,14,20,4,11,16,23,4,11,16,23,4,11,16,23,4,11,16,23,6,10,15,21,6,10,15,21,6,10,15,21,6,10,15,21],Se=new Array(64);for(var e=0;e<64;++e)Se[e]=Math.floor(4294967296Math.abs(Math.sin(e+1)));Te=!0}();var e=null,t=ge.util.createBuffer(),r=new Array(16),a={algorithm:"md5",blockLength:64,digestLength:16,messageLength:0,fullMessageLength:null,messageLengthSize:8,start:function(){a.messageLength=0,a.fullMessageLength=a.messageLength64=[];for(var r=a.messageLengthSize/4,n=0;n<r;++n)a.fullMessageLength.push(0);return t=ge.util.createBuffer(),e={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878},a}};return a.start(),a.update=function(n,i){"utf8"===i&&(n=ge.util.encodeUtf8(n));var s=n.length;a.messageLength+=s,s=[s/4294967296>>>0,s>>>0];for(var o=a.fullMessageLength.length-1;o>=0;--o)a.fullMessageLength[o]+=s[1],s[1]=s[0]+(a.fullMessageLength[o]/4294967296>>>0),a.fullMessageLength[o]=a.fullMessageLength[o]>>>0,s[0]=s[1]/4294967296>>>0;return t.putBytes(n),Ie(e,r,t),(t.read>2048\|\|0===t.length())&&t.compact(),a},a.digest=function(){var n=ge.util.createBuffer();n.putBytes(t.bytes());var i=a.fullMessageLength[a.fullMessageLength.length-1]+a.messageLengthSize&a.blockLength-1;n.putBytes(ve.substr(0,a.blockLength-i));for(var s,o=0,c=a.fullMessageLength.length-1;c>=0;--c)o=(s=8a.fullMessageLength[c]+o)/4294967296>>>0,n.putInt32Le(s>>>0);var u={h0:e.h0,h1:e.h1,h2:e.h2,h3:e.h3};Ie(u,r,n);var l=ge.util.createBuffer();return l.putInt32Le(u.h0),l.putInt32Le(u.h1),l.putInt32Le(u.h2),l.putInt32Le(u.h3),l},a};var ve=null,Ce=null,Ee=null,Se=null,Te=!1;function Ie(e,t,r){for(var a,n,i,s,o,c,u,l=r.length();l>=64;){for(n=e.h0,i=e.h1,s=e.h2,o=e.h3,u=0;u<16;++u)t[u]=r.getInt32Le(),a=n+(o^i&(s^o))+Se[u]+t[u],n=o,o=s,s=i,i+=a<<(c=Ee[u])\|a>>>32-c;for(;u<32;++u)a=n+(s^o&(i^s))+Se[u]+t[Ce[u]],n=o,o=s,s=i,i+=a<<(c=Ee[u])\|a>>>32-c;for(;u<48;++u)a=n+(i^s^o)+Se[u]+t[Ce[u]],n=o,o=s,s=i,i+=a<<(c=Ee[u])\|a>>>32-c;for(;u<64;++u)a=n+(s^(i\|~o))+Se[u]+t[Ce[u]],n=o,o=s,s=i,i+=a<<(c=Ee[u])\|a>>>32-c;e.h0=e.h0+n\|0,e.h1=e.h1+i\|0,e.h2=e.h2+s\|0,e.h3=e.h3+o\|0,l-=64}}var Ae=v,be=Ae.pem=Ae.pem\|\|{};function Be(e){for(var t=e.name+": ",r=[],a=function(e,t){return" "+t},n=0;n<e.values.length;++n)r.push(e.values[n].replace(/^(\S+\r\n)/,a));t+=r.join(",")+"\r\n";var i=0,s=-1;for(n=0;n<t.length;++n,++i)if(i>65&&-1!==s){var o=t[s];","===o?(++s,t=t.substr(0,s)+"\r\n "+t.substr(s)):t=t.substr(0,s)+"\r\n"+o+t.substr(s+1),i=n-s-1,s=-1,++n}else" "!==t[n]&&"\t"!==t[n]&&","!==t[n]\|\|(s=n);return t}function Ne(e){return e.replace(/^\s+/,"")}be.encode=function(e,t){t=t\|\|{};var r,a="-----BEGIN "+e.type+"-----\r\n";if(e.procType&&(a+=Be(r={name:"Proc-Type",values:[String(e.procType.version),e.procType.type]})),e.contentDomain&&(a+=Be(r={name:"Content-Domain",values:[e.contentDomain]})),e.dekInfo&&(r={name:"DEK-Info",values:[e.dekInfo.algorithm]},e.dekInfo.parameters&&r.values.push(e.dekInfo.parameters),a+=Be(r)),e.headers)for(var n=0;n<e.headers.length;++n)a+=Be(e.headers[n]);return e.procType&&(a+="\r\n"),a+=Ae.util.encode64(e.body,t.maxline\|\|64)+"\r\n",a+="-----END "+e.type+"-----\r\n"},be.decode=function(e){for(var t,r=[],a=/\s-----BEGIN ([A-Z0-9- ]+)-----\r?\n?([\x21-\x7e\s]+?(?:\r?\n\r?\n))?([:A-Za-z0-9+\/=\s]+?)-----END \1-----/g,n=/([\x21-\x7e]+):\s([\x21-\x7e\s^:]+)/,i=/\r?\n/;t=a.exec(e);){var s={type:t[1],procType:null,contentDomain:null,dekInfo:null,headers:[],body:Ae.util.decode64(t[3])};if(r.push(s),t[2]){for(var o=t[2].split(i),c=0;t&&c<o.length;){for(var u=o[c].replace(/\s+$/,""),l=c+1;l<o.length;++l){var p=o[l];if(!/\s/.test(p[0]))break;u+=p,c=l}if(t=u.match(n)){for(var h={name:t[1],values:[]},f=t[2].split(","),d=0;d<f.length;++d)h.values.push(Ne(f[d]));if(s.procType)if(s.contentDomain\|\|"Content-Domain"!==h.name)if(s.dekInfo\|\|"DEK-Info"!==h.name)s.headers.push(h);else{if(0===h.values.length)throw new Error('Invalid PEM formatted message. The "DEK-Info" header must have at least one subfield.');s.dekInfo={algorithm:f[0],parameters:f[1]\|\|null}}else s.contentDomain=f[0]\|\|"";else{if("Proc-Type"!==h.name)throw new Error('Invalid PEM formatted message. The first encapsulated header must be "Proc-Type".');if(2!==h.values.length)throw new Error('Invalid PEM formatted message. The "Proc-Type" header must have two subfields.');s.procType={version:f[0],type:f[1]}}}++c}if("ENCRYPTED"===s.procType&&!s.dekInfo)throw new Error('Invalid PEM formatted message. The "DEK-Info" header must be present if "Proc-Type" is "ENCRYPTED".')}}if(0===r.length)throw new Error("Invalid PEM formatted message.");return r};var we=v;function ke(e,t){we.cipher.registerAlgorithm(e,(function(){return new we.des.Algorithm(e,t)}))}we.des=we.des\|\|{},we.des.startEncrypting=function(e,t,r,a){var n=xe({key:e,output:r,decrypt:!1,mode:a\|\|(null===t?"ECB":"CBC")});return n.start(t),n},we.des.createEncryptionCipher=function(e,t){return xe({key:e,output:null,decrypt:!1,mode:t})},we.des.startDecrypting=function(e,t,r,a){var n=xe({key:e,output:r,decrypt:!0,mode:a\|\|(null===t?"ECB":"CBC")});return n.start(t),n},we.des.createDecryptionCipher=function(e,t){return xe({key:e,output:null,decrypt:!0,mode:t})},we.des.Algorithm=function(e,t){var r=this;r.name=e,r.mode=new t({blockSize:8,cipher:{encrypt:function(e,t){return Ke(r._keys,e,t,!1)},decrypt:function(e,t){return Ke(r._keys,e,t,!0)}}}),r._init=!1},we.des.Algorithm.prototype.initialize=function(e){if(!this._init){var t=we.util.createBuffer(e.key);if(0===this.name.indexOf("3DES")&&24!==t.length())throw new Error("Invalid Triple-DES key size: "+8t.length());this._keys=function(e){for(var t,r=[0,4,536870912,536870916,65536,65540,536936448,536936452,512,516,536871424,536871428,66048,66052,536936960,536936964],a=[0,1,1048576,1048577,67108864,67108865,68157440,68157441,256,257,1048832,1048833,67109120,67109121,68157696,68157697],n=[0,8,2048,2056,16777216,16777224,16779264,16779272,0,8,2048,2056,16777216,16777224,16779264,16779272],i=[0,2097152,134217728,136314880,8192,2105344,134225920,136323072,131072,2228224,134348800,136445952,139264,2236416,134356992,136454144],s=[0,262144,16,262160,0,262144,16,262160,4096,266240,4112,266256,4096,266240,4112,266256],o=[0,1024,32,1056,0,1024,32,1056,33554432,33555456,33554464,33555488,33554432,33555456,33554464,33555488],c=[0,268435456,524288,268959744,2,268435458,524290,268959746,0,268435456,524288,268959744,2,268435458,524290,268959746],u=[0,65536,2048,67584,536870912,536936448,536872960,536938496,131072,196608,133120,198656,537001984,537067520,537004032,537069568],l=[0,262144,0,262144,2,262146,2,262146,33554432,33816576,33554432,33816576,33554434,33816578,33554434,33816578],p=[0,268435456,8,268435464,0,268435456,8,268435464,1024,268436480,1032,268436488,1024,268436480,1032,268436488],h=[0,32,0,32,1048576,1048608,1048576,1048608,8192,8224,8192,8224,1056768,1056800,1056768,1056800],f=[0,16777216,512,16777728,2097152,18874368,2097664,18874880,67108864,83886080,67109376,83886592,69206016,85983232,69206528,85983744],d=[0,4096,134217728,134221824,524288,528384,134742016,134746112,16,4112,134217744,134221840,524304,528400,134742032,134746128],y=[0,4,256,260,0,4,256,260,1,5,257,261,1,5,257,261],g=e.length()>8?3:1,m=[],v=[0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0],C=0,E=0;E<g;E++){var S=e.getInt32(),T=e.getInt32();S^=(t=252645135&(S>>>4^T))<<4,S^=t=65535&((T^=t)>>>-16^S),S^=(t=858993459&(S>>>2^(T^=t<<-16)))<<2,S^=t=65535&((T^=t)>>>-16^S),S^=(t=1431655765&(S>>>1^(T^=t<<-16)))<<1,S^=t=16711935&((T^=t)>>>8^S),t=(S^=(t=1431655765&(S>>>1^(T^=t<<8)))<<1)<<8\|(T^=t)>>>20&240,S=T<<24\|T<<8&16711680\|T>>>8&65280\|T>>>24&240,T=t;for(var I=0;I<v.length;++I){v[I]?(S=S<<2\|S>>>26,T=T<<2\|T>>>26):(S=S<<1\|S>>>27,T=T<<1\|T>>>27),T&=-15;var A=r[(S&=-15)>>>28]\|a[S>>>24&15]\|n[S>>>20&15]\|i[S>>>16&15]\|s[S>>>12&15]\|o[S>>>8&15]\|c[S>>>4&15],b=u[T>>>28]\|l[T>>>24&15]\|p[T>>>20&15]\|h[T>>>16&15]\|f[T>>>12&15]\|d[T>>>8&15]\|y[T>>>4&15];t=65535&(b>>>16^A),m[C++]=A^t,m[C++]=b^t<<16}}return m}(t),this._init=!0}},ke("DES-ECB",we.cipher.modes.ecb),ke("DES-CBC",we.cipher.modes.cbc),ke("DES-CFB",we.cipher.modes.cfb),ke("DES-OFB",we.cipher.modes.ofb),ke("DES-CTR",we.cipher.modes.ctr),ke("3DES-ECB",we.cipher.modes.ecb),ke("3DES-CBC",we.cipher.modes.cbc),ke("3DES-CFB",we.cipher.modes.cfb),ke("3DES-OFB",we.cipher.modes.ofb),ke("3DES-CTR",we.cipher.modes.ctr);var Re=[16843776,0,65536,16843780,16842756,66564,4,65536,1024,16843776,16843780,1024,16778244,16842756,16777216,4,1028,16778240,16778240,66560,66560,16842752,16842752,16778244,65540,16777220,16777220,65540,0,1028,66564,16777216,65536,16843780,4,16842752,16843776,16777216,16777216,1024,16842756,65536,66560,16777220,1024,4,16778244,66564,16843780,65540,16842752,16778244,16777220,1028,66564,16843776,1028,16778240,16778240,0,65540,66560,0,16842756],_e=[-2146402272,-2147450880,32768,1081376,1048576,32,-2146435040,-2147450848,-2147483616,-2146402272,-2146402304,-2147483648,-2147450880,1048576,32,-2146435040,1081344,1048608,-2147450848,0,-2147483648,32768,1081376,-2146435072,1048608,-2147483616,0,1081344,32800,-2146402304,-2146435072,32800,0,1081376,-2146435040,1048576,-2147450848,-2146435072,-2146402304,32768,-2146435072,-2147450880,32,-2146402272,1081376,32,32768,-2147483648,32800,-2146402304,1048576,-2147483616,1048608,-2147450848,-2147483616,1048608,1081344,0,-2147450880,32800,-2147483648,-2146435040,-2146402272,1081344],Le=[520,134349312,0,134348808,134218240,0,131592,134218240,131080,134217736,134217736,131072,134349320,131080,134348800,520,134217728,8,134349312,512,131584,134348800,134348808,131592,134218248,131584,131072,134218248,8,134349320,512,134217728,134349312,134217728,131080,520,131072,134349312,134218240,0,512,131080,134349320,134218240,134217736,512,0,134348808,134218248,131072,134217728,134349320,8,131592,131584,134217736,134348800,134218248,520,134348800,131592,8,134348808,131584],Ue=[8396801,8321,8321,128,8396928,8388737,8388609,8193,0,8396800,8396800,8396929,129,0,8388736,8388609,1,8192,8388608,8396801,128,8388608,8193,8320,8388737,1,8320,8388736,8192,8396928,8396929,129,8388736,8388609,8396800,8396929,129,0,0,8396800,8320,8388736,8388737,1,8396801,8321,8321,128,8396929,129,1,8192,8388609,8193,8396928,8388737,8193,8320,8388608,8396801,128,8388608,8192,8396928],De=[256,34078976,34078720,1107296512,524288,256,1073741824,34078720,1074266368,524288,33554688,1074266368,1107296512,1107820544,524544,1073741824,33554432,1074266112,1074266112,0,1073742080,1107820800,1107820800,33554688,1107820544,1073742080,0,1107296256,34078976,33554432,1107296256,524544,524288,1107296512,256,33554432,1073741824,34078720,1107296512,1074266368,33554688,1073741824,1107820544,34078976,1074266368,256,33554432,1107820544,1107820800,524544,1107296256,1107820800,34078720,0,1074266112,1107296256,524544,33554688,1073742080,524288,0,1074266112,34078976,1073742080],Pe=[536870928,541065216,16384,541081616,541065216,16,541081616,4194304,536887296,4210704,4194304,536870928,4194320,536887296,536870912,16400,0,4194320,536887312,16384,4210688,536887312,16,541065232,541065232,0,4210704,541081600,16400,4210688,541081600,536870912,536887296,16,541065232,4210688,541081616,4194304,16400,536870928,4194304,536887296,536870912,16400,536870928,541081616,4210688,541065216,4210704,541081600,0,541065232,16,16384,541065216,4210704,16384,4194320,536887312,0,541081600,536870912,4194320,536887312],Ve=[2097152,69206018,67110914,0,2048,67110914,2099202,69208064,69208066,2097152,0,67108866,2,67108864,69206018,2050,67110912,2099202,2097154,67110912,67108866,69206016,69208064,2097154,69206016,2048,2050,69208066,2099200,2,67108864,2099200,67108864,2099200,2097152,67110914,67110914,69206018,69206018,2,2097154,67108864,67110912,2097152,69208064,2050,2099202,69208064,2050,67108866,69208066,69206016,2099200,0,2,69208066,0,2099202,69206016,2048,67108866,67110912,2048,2097154],Oe=[268439616,4096,262144,268701760,268435456,268439616,64,268435456,262208,268697600,268701760,266240,268701696,266304,4096,64,268697600,268435520,268439552,4160,266240,262208,268697664,268701696,4160,0,0,268697664,268435520,268439552,266304,262144,266304,262144,268701696,4096,64,268697664,4096,266304,268439552,64,268435520,268697600,268697664,268435456,262144,268439616,0,268701760,262208,268435520,268697600,268439552,268439616,0,268701760,266240,266240,4160,4160,262208,268435456,268701696];function Ke(e,t,r,a){var n,i,s=32===e.length?3:9;n=3===s?a?[30,-2,-2]:[0,32,2]:a?[94,62,-2,32,64,2,30,-2,-2]:[0,32,2,62,30,-2,64,96,2];var o=t[0],c=t[1];o^=(i=252645135&(o>>>4^c))<<4,o^=(i=65535&(o>>>16^(c^=i)))<<16,o^=i=858993459&((c^=i)>>>2^o),o^=i=16711935&((c^=i<<2)>>>8^o),o=(o^=(i=1431655765&(o>>>1^(c^=i<<8)))<<1)<<1\|o>>>31,c=(c^=i)<<1\|c>>>31;for(var u=0;u<s;u+=3){for(var l=n[u+1],p=n[u+2],h=n[u];h!=l;h+=p){var f=c^e[h],d=(c>>>4\|c<<28)^e[h+1];i=o,o=c,c=i^(_e[f>>>24&63]\|Ue[f>>>16&63]\|Pe[f>>>8&63]\|Oe[63&f]\|Re[d>>>24&63]\|Le[d>>>16&63]\|De[d>>>8&63]\|Ve[63&d])}i=o,o=c,c=i}c=c>>>1\|c<<31,c^=i=1431655765&((o=o>>>1\|o<<31)>>>1^c),c^=(i=16711935&(c>>>8^(o^=i<<1)))<<8,c^=(i=858993459&(c>>>2^(o^=i)))<<2,c^=i=65535&((o^=i)>>>16^c),c^=i=252645135&((o^=i<<16)>>>4^c),o^=i<<4,r[0]=o,r[1]=c}function xe(e){var t,r="DES-"+((e=e\|\|{}).mode\|\|"CBC").toUpperCase(),a=(t=e.decrypt?we.cipher.createDecipher(r,e.key):we.cipher.createCipher(r,e.key)).start;return t.start=function(e,r){var n=null;r instanceof we.util.ByteBuffer&&(n=r,r={}),(r=r\|\|{}).output=n,r.iv=e,a.call(t,r)},t}var Me,Fe=v,qe=Fe.pkcs5=Fe.pkcs5\|\|{};Fe.util.isNodejs&&!Fe.options.usePureJavaScript&&(Me=s),Fe.pbkdf2=qe.pbkdf2=function(e,t,r,a,n,i){if("function"==typeof n&&(i=n,n=null),Fe.util.isNodejs&&!Fe.options.usePureJavaScript&&Me.pbkdf2&&(null===n\|\|"object"!=typeof n)&&(Me.pbkdf2Sync.length>4\|\|!n\|\|"sha1"===n))return"string"!=typeof n&&(n="sha1"),e=Buffer.from(e,"binary"),t=Buffer.from(t,"binary"),i?4===Me.pbkdf2Sync.length?Me.pbkdf2(e,t,r,a,(function(e,t){if(e)return i(e);i(null,t.toString("binary"))})):Me.pbkdf2(e,t,r,a,n,(function(e,t){if(e)return i(e);i(null,t.toString("binary"))})):4===Me.pbkdf2Sync.length?Me.pbkdf2Sync(e,t,r,a).toString("binary"):Me.pbkdf2Sync(e,t,r,a,n).toString("binary");if(null==n&&(n="sha1"),"string"==typeof n){if(!(n in Fe.md.algorithms))throw new Error("Unknown hash algorithm: "+n);n=Fe.md[n].create()}var s=n.digestLength;if(a>4294967295s){var o=new Error("Derived key is too long.");if(i)return i(o);throw o}var c=Math.ceil(a/s),u=a-(c-1)s,l=Fe.hmac.create();l.start(n,e);var p,h,f,d="";if(!i){for(var y=1;y<=c;++y){l.start(null,null),l.update(t),l.update(Fe.util.int32ToBytes(y)),p=f=l.digest().getBytes();for(var g=2;g<=r;++g)l.start(null,null),l.update(f),h=l.digest().getBytes(),p=Fe.util.xorBytes(p,h,s),f=h;d+=y<c?p:p.substr(0,u)}return d}y=1;function m(){if(y>c)return i(null,d);l.start(null,null),l.update(t),l.update(Fe.util.int32ToBytes(y)),p=f=l.digest().getBytes(),g=2,v()}function v(){if(g<=r)return l.start(null,null),l.update(f),h=l.digest().getBytes(),p=Fe.util.xorBytes(p,h,s),f=h,++g,Fe.util.setImmediate(v);d+=y<c?p:p.substr(0,u),++y,m()}m()};var je=v,Ge=je.sha256=je.sha256\|\|{};je.md.sha256=je.md.algorithms.sha256=Ge,Ge.create=function(){Qe\|\|(He=String.fromCharCode(128),He+=je.util.fillString(String.fromCharCode(0),64),ze=[1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298],Qe=!0);var e=null,t=je.util.createBuffer(),r=new Array(64),a={algorithm:"sha256",blockLength:64,digestLength:32,messageLength:0,fullMessageLength:null,messageLengthSize:8,start:function(){a.messageLength=0,a.fullMessageLength=a.messageLength64=[];for(var r=a.messageLengthSize/4,n=0;n<r;++n)a.fullMessageLength.push(0);return t=je.util.createBuffer(),e={h0:1779033703,h1:3144134277,h2:1013904242,h3:2773480762,h4:1359893119,h5:2600822924,h6:528734635,h7:1541459225},a}};return a.start(),a.update=function(n,i){"utf8"===i&&(n=je.util.encodeUtf8(n));var s=n.length;a.messageLength+=s,s=[s/4294967296>>>0,s>>>0];for(var o=a.fullMessageLength.length-1;o>=0;--o)a.fullMessageLength[o]+=s[1],s[1]=s[0]+(a.fullMessageLength[o]/4294967296>>>0),a.fullMessageLength[o]=a.fullMessageLength[o]>>>0,s[0]=s[1]/4294967296>>>0;return t.putBytes(n),We(e,r,t),(t.read>2048\|\|0===t.length())&&t.compact(),a},a.digest=function(){var n=je.util.createBuffer();n.putBytes(t.bytes());var i,s=a.fullMessageLength[a.fullMessageLength.length-1]+a.messageLengthSize&a.blockLength-1;n.putBytes(He.substr(0,a.blockLength-s));for(var o=8a.fullMessageLength[0],c=0;c<a.fullMessageLength.length-1;++c)o+=(i=8a.fullMessageLength[c+1])/4294967296>>>0,n.putInt32(o>>>0),o=i>>>0;n.putInt32(o);var u={h0:e.h0,h1:e.h1,h2:e.h2,h3:e.h3,h4:e.h4,h5:e.h5,h6:e.h6,h7:e.h7};We(u,r,n);var l=je.util.createBuffer();return l.putInt32(u.h0),l.putInt32(u.h1),l.putInt32(u.h2),l.putInt32(u.h3),l.putInt32(u.h4),l.putInt32(u.h5),l.putInt32(u.h6),l.putInt32(u.h7),l},a};var He=null,Qe=!1,ze=null;function We(e,t,r){for(var a,n,i,s,o,c,u,l,p,h,f,d,y,g=r.length();g>=64;){for(o=0;o<16;++o)t[o]=r.getInt32();for(;o<64;++o)a=((a=t[o-2])>>>17\|a<<15)^(a>>>19\|a<<13)^a>>>10,n=((n=t[o-15])>>>7\|n<<25)^(n>>>18\|n<<14)^n>>>3,t[o]=a+t[o-7]+n+t[o-16]\|0;for(c=e.h0,u=e.h1,l=e.h2,p=e.h3,h=e.h4,f=e.h5,d=e.h6,y=e.h7,o=0;o<64;++o)i=(c>>>2\|c<<30)^(c>>>13\|c<<19)^(c>>>22\|c<<10),s=c&u\|l&(c^u),a=y+((h>>>6\|h<<26)^(h>>>11\|h<<21)^(h>>>25\|h<<7))+(d^h&(f^d))+ze[o]+t[o],y=d,d=f,f=h,h=p+a>>>0,p=l,l=u,u=c,c=a+(n=i+s)>>>0;e.h0=e.h0+c\|0,e.h1=e.h1+u\|0,e.h2=e.h2+l\|0,e.h3=e.h3+p\|0,e.h4=e.h4+h\|0,e.h5=e.h5+f\|0,e.h6=e.h6+d\|0,e.h7=e.h7+y\|0,g-=64}}var Ye=v,Xe=null;!Ye.util.isNodejs\|\|Ye.options.usePureJavaScript\|\|process.versions["node-webkit"]\|\|(Xe=s),(Ye.prng=Ye.prng\|\|{}).create=function(e){for(var t={plugin:e,key:null,seed:null,time:null,reseeds:0,generated:0,keyBytes:""},r=e.md,a=new Array(32),n=0;n<32;++n)a[n]=r.create();function i(){if(t.pools[0].messageLength>=32)return s();var e=32-t.pools[0].messageLength<<5;t.collect(t.seedFileSync(e)),s()}function s(){t.reseeds=4294967295===t.reseeds?0:t.reseeds+1;var e=t.plugin.md.create();e.update(t.keyBytes);for(var r=1,a=0;a<32;++a)t.reseeds%r==0&&(e.update(t.pools[a].digest().getBytes()),t.pools[a].start()),r<<=1;t.keyBytes=e.digest().getBytes(),e.start(),e.update(t.keyBytes);var n=e.digest().getBytes();t.key=t.plugin.formatKey(t.keyBytes),t.seed=t.plugin.formatSeed(n),t.generated=0}function o(e){var t=null,r=Ye.util.globalScope,a=r.crypto\|\|r.msCrypto;a&&a.getRandomValues&&(t=function(e){return a.getRandomValues(e)});var n=Ye.util.createBuffer();if(t)for(;n.length()<e;){var i=Math.max(1,Math.min(e-n.length(),65536)/4),s=new Uint32Array(Math.floor(i));try{t(s);for(var o=0;o<s.length;++o)n.putInt32(s[o])}catch(e){if(!("undefined"!=typeof QuotaExceededError&&e instanceof QuotaExceededError))throw e}}if(n.length()<e)for(var c,u,l,p=Math.floor(65536Math.random());n.length()<e;){u=16807(65535&p),u+=(32767&(c=16807(p>>16)))<<16,p=4294967295&(u=(2147483647&(u+=c>>15))+(u>>31));for(o=0;o<3;++o)l=p>>>(o<<3),l^=Math.floor(256Math.random()),n.putByte(String.fromCharCode(255&l))}return n.getBytes(e)}return t.pools=a,t.pool=0,t.generate=function(e,r){if(!r)return t.generateSync(e);var a=t.plugin.cipher,n=t.plugin.increment,i=t.plugin.formatKey,o=t.plugin.formatSeed,c=Ye.util.createBuffer();t.key=null,function u(l){if(l)return r(l);if(c.length()>=e)return r(null,c.getBytes(e));t.generated>1048575&&(t.key=null);if(null===t.key)return Ye.util.nextTick((function(){!function(e){if(t.pools[0].messageLength>=32)return s(),e();var r=32-t.pools[0].messageLength<<5;t.seedFile(r,(function(r,a){if(r)return e(r);t.collect(a),s(),e()}))}(u)}));var p=a(t.key,t.seed);t.generated+=p.length,c.putBytes(p),t.key=i(a(t.key,n(t.seed))),t.seed=o(a(t.key,t.seed)),Ye.util.setImmediate(u)}()},t.generateSync=function(e){var r=t.plugin.cipher,a=t.plugin.increment,n=t.plugin.formatKey,s=t.plugin.formatSeed;t.key=null;for(var o=Ye.util.createBuffer();o.length()<e;){t.generated>1048575&&(t.key=null),null===t.key&&i();var c=r(t.key,t.seed);t.generated+=c.length,o.putBytes(c),t.key=n(r(t.key,a(t.seed))),t.seed=s(r(t.key,t.seed))}return o.getBytes(e)},Xe?(t.seedFile=function(e,t){Xe.randomBytes(e,(function(e,r){if(e)return t(e);t(null,r.toString())}))},t.seedFileSync=function(e){return Xe.randomBytes(e).toString()}):(t.seedFile=function(e,t){try{t(null,o(e))}catch(e){t(e)}},t.seedFileSync=o),t.collect=function(e){for(var r=e.length,a=0;a<r;++a)t.pools[t.pool].update(e.substr(a,1)),t.pool=31===t.pool?0:t.pool+1},t.collectInt=function(e,r){for(var a="",n=0;n<r;n+=8)a+=String.fromCharCode(e>>n&255);t.collect(a)},t.registerWorker=function(e){if(e===self)t.seedFile=function(e,t){self.addEventListener("message",(function e(r){var a=r.data;a.forge&&a.forge.prng&&(self.removeEventListener("message",e),t(a.forge.prng.err,a.forge.prng.bytes))})),self.postMessage({forge:{prng:{needed:e}}})};else{e.addEventListener("message",(function(r){var a=r.data;a.forge&&a.forge.prng&&t.seedFile(a.forge.prng.needed,(function(t,r){e.postMessage({forge:{prng:{err:t,bytes:r}}})}))}))}},t};var Ze=v;Ze.random&&Ze.random.getBytes?Ze.random:function(e){var t={},r=new Array(4),a=Ze.util.createBuffer();function n(){var e=Ze.prng.create(t);return e.getBytes=function(t,r){return e.generate(t,r)},e.getBytesSync=function(t){return e.generate(t)},e}t.formatKey=function(e){var t=Ze.util.createBuffer(e);return(e=new Array(4))[0]=t.getInt32(),e[1]=t.getInt32(),e[2]=t.getInt32(),e[3]=t.getInt32(),Ze.aes._expandKey(e,!1)},t.formatSeed=function(e){var t=Ze.util.createBuffer(e);return(e=new Array(4))[0]=t.getInt32(),e[1]=t.getInt32(),e[2]=t.getInt32(),e[3]=t.getInt32(),e},t.cipher=function(e,t){return Ze.aes._updateBlock(e,t,r,!1),a.putInt32(r[0]),a.putInt32(r[1]),a.putInt32(r[2]),a.putInt32(r[3]),a.getBytes()},t.increment=function(e){return++e[3],e},t.md=Ze.md.sha256;var i=n(),s=null,o=Ze.util.globalScope,c=o.crypto\|\|o.msCrypto;if(c&&c.getRandomValues&&(s=function(e){return c.getRandomValues(e)}),Ze.options.usePureJavaScript\|\|!Ze.util.isNodejs&&!s){if(i.collectInt(+new Date,32),"undefined"!=typeof navigator){var u="";for(var l in navigator)try{"string"==typeof navigator[l]&&(u+=navigator[l])}catch(e){}i.collect(u),u=null}e&&(e().mousemove((function(e){i.collectInt(e.clientX,16),i.collectInt(e.clientY,16)})),e().keypress((function(e){i.collectInt(e.charCode,8)})))}if(Ze.random)for(var l in i)Ze.random[l]=i[l];else Ze.random=i;Ze.random.createInstance=n,Ze.random}("undefined"!=typeof jQuery?jQuery:null);var $e=v,Je=[217,120,249,196,25,221,181,237,40,233,253,121,74,160,216,157,198,126,55,131,43,118,83,142,98,76,100,136,68,139,251,162,23,154,89,245,135,179,79,19,97,69,109,141,9,129,125,50,189,143,64,235,134,183,123,11,240,149,33,34,92,107,78,130,84,214,101,147,206,96,178,28,115,86,192,20,167,140,241,220,18,117,202,31,59,190,228,209,66,61,212,48,163,60,182,38,111,191,14,218,70,105,7,87,39,242,29,155,188,148,67,3,248,17,199,246,144,239,62,231,6,195,213,47,200,102,30,215,8,232,234,222,128,82,238,247,132,170,114,172,53,77,106,42,150,26,210,113,90,21,73,116,75,159,208,94,4,24,164,236,194,224,65,110,15,81,203,204,36,145,175,80,161,244,112,57,153,124,58,133,35,184,180,122,252,2,54,91,37,85,151,49,45,93,250,152,227,138,146,174,5,223,41,16,103,108,186,201,211,0,230,207,225,158,168,44,99,22,1,63,88,226,137,169,13,56,52,27,171,51,255,176,187,72,12,95,185,177,205,46,197,243,219,71,229,165,156,119,10,166,32,104,254,127,193,173],et=[1,2,3,5],tt=function(e,t){return e<<t&65535\|(65535&e)>>16-t},rt=function(e,t){return(65535&e)>>t\|e<<16-t&65535};$e.rc2=$e.rc2\|\|{},$e.rc2.expandKey=function(e,t){"string"==typeof e&&(e=$e.util.createBuffer(e)),t=t\|\|128;var r,a=e,n=e.length(),i=t,s=Math.ceil(i/8),o=255>>(7&i);for(r=n;r<128;r++)a.putByte(Je[a.at(r-1)+a.at(r-n)&255]);for(a.setAt(128-s,Je[a.at(128-s)&o]),r=127-s;r>=0;r--)a.setAt(r,Je[a.at(r+1)^a.at(r+s)]);return a};var at=function(e,t,r){var a,n,i,s,o=!1,c=null,u=null,l=null,p=[];for(e=$e.rc2.expandKey(e,t),i=0;i<64;i++)p.push(e.getInt16Le());r?(a=function(e){for(i=0;i<4;i++)e[i]+=p[s]+(e[(i+3)%4]&e[(i+2)%4])+(~e[(i+3)%4]&e[(i+1)%4]),e[i]=tt(e[i],et[i]),s++},n=function(e){for(i=0;i<4;i++)e[i]+=p[63&e[(i+3)%4]]}):(a=function(e){for(i=3;i>=0;i--)e[i]=rt(e[i],et[i]),e[i]-=p[s]+(e[(i+3)%4]&e[(i+2)%4])+(~e[(i+3)%4]&e[(i+1)%4]),s--},n=function(e){for(i=3;i>=0;i--)e[i]-=p[63&e[(i+3)%4]]});var h=function(e){var t=[];for(i=0;i<4;i++){var a=c.getInt16Le();null!==l&&(r?a^=l.getInt16Le():l.putInt16Le(a)),t.push(65535&a)}s=r?0:63;for(var n=0;n<e.length;n++)for(var o=0;o<e[n][0];o++)e[n][1](t);for(i=0;i<4;i++)null!==l&&(r?l.putInt16Le(t[i]):t[i]^=l.getInt16Le()),u.putInt16Le(t[i])},f=null;return f={start:function(e,t){e&&"string"==typeof e&&(e=$e.util.createBuffer(e)),o=!1,c=$e.util.createBuffer(),u=t\|\|new $e.util.createBuffer,l=e,f.output=u},update:function(e){for(o\|\|c.putBuffer(e);c.length()>=8;)h([[5,a],[1,n],[6,a],[1,n],[5,a]])},finish:function(e){var t=!0;if(r)if(e)t=e(8,c,!r);else{var a=8===c.length()?8:8-c.length();c.fillWithByte(a,a)}if(t&&(o=!0,f.update()),!r&&(t=0===c.length()))if(e)t=e(8,u,!r);else{var n=u.length(),i=u.at(n-1);i>n?t=!1:u.truncate(i)}return t}}};$e.rc2.startEncrypting=function(e,t,r){var a=$e.rc2.createEncryptionCipher(e,128);return a.start(t,r),a},$e.rc2.createEncryptionCipher=function(e,t){return at(e,t,!0)},$e.rc2.startDecrypting=function(e,t,r){var a=$e.rc2.createDecryptionCipher(e,128);return a.start(t,r),a},$e.rc2.createDecryptionCipher=function(e,t){return at(e,t,!1)};var nt,it=v;function st(e,t,r){this.data=[],null!=e&&("number"==typeof e?this.fromNumber(e,t,r):null==t&&"string"!=typeof e?this.fromString(e,256):this.fromString(e,t))}function ot(){return new st(null)}function ct(e,t,r,a,n,i){for(var s=16383&t,o=t>>14;--i>=0;){var c=16383&this.data[e],u=this.data[e++]>>14,l=oc+us;n=((c=sc+((16383&l)<<14)+r.data[a]+n)>>28)+(l>>14)+ou,r.data[a++]=268435455&c}return n}it.jsbn=it.jsbn\|\|{},it.jsbn.BigInteger=st,"undefined"==typeof navigator?(st.prototype.am=ct,nt=28):"Microsoft Internet Explorer"==navigator.appName?(st.prototype.am=function(e,t,r,a,n,i){for(var s=32767&t,o=t>>15;--i>=0;){var c=32767&this.data[e],u=this.data[e++]>>15,l=oc+us;n=((c=sc+((32767&l)<<15)+r.data[a]+(1073741823&n))>>>30)+(l>>>15)+ou+(n>>>30),r.data[a++]=1073741823&c}return n},nt=30):"Netscape"!=navigator.appName?(st.prototype.am=function(e,t,r,a,n,i){for(;--i>=0;){var s=tthis.data[e++]+r.data[a]+n;n=Math.floor(s/67108864),r.data[a++]=67108863&s}return n},nt=26):(st.prototype.am=ct,nt=28),st.prototype.DB=nt,st.prototype.DM=(1<<nt)-1,st.prototype.DV=1<<nt;st.prototype.FV=Math.pow(2,52),st.prototype.F1=52-nt,st.prototype.F2=2nt-52;var ut,lt,pt="0123456789abcdefghijklmnopqrstuvwxyz",ht=new Array;for(ut="0".charCodeAt(0),lt=0;lt<=9;++lt)ht[ut++]=lt;for(ut="a".charCodeAt(0),lt=10;lt<36;++lt)ht[ut++]=lt;for(ut="A".charCodeAt(0),lt=10;lt<36;++lt)ht[ut++]=lt;function ft(e){return pt.charAt(e)}function dt(e,t){var r=ht[e.charCodeAt(t)];return null==r?-1:r}function yt(e){var t=ot();return t.fromInt(e),t}function gt(e){var t,r=1;return 0!=(t=e>>>16)&&(e=t,r+=16),0!=(t=e>>8)&&(e=t,r+=8),0!=(t=e>>4)&&(e=t,r+=4),0!=(t=e>>2)&&(e=t,r+=2),0!=(t=e>>1)&&(e=t,r+=1),r}function mt(e){this.m=e}function vt(e){this.m=e,this.mp=e.invDigit(),this.mpl=32767&this.mp,this.mph=this.mp>>15,this.um=(1<<e.DB-15)-1,this.mt2=2e.t}function Ct(e,t){return e&t}function Et(e,t){return e\|t}function St(e,t){return e^t}function Tt(e,t){return e&~t}function It(e){if(0==e)return-1;var t=0;return 0==(65535&e)&&(e>>=16,t+=16),0==(255&e)&&(e>>=8,t+=8),0==(15&e)&&(e>>=4,t+=4),0==(3&e)&&(e>>=2,t+=2),0==(1&e)&&++t,t}function At(e){for(var t=0;0!=e;)e&=e-1,++t;return t}function bt(){}function Bt(e){return e}function Nt(e){this.r2=ot(),this.q3=ot(),st.ONE.dlShiftTo(2e.t,this.r2),this.mu=this.r2.divide(e),this.m=e}mt.prototype.convert=function(e){return e.s<0\|\|e.compareTo(this.m)>=0?e.mod(this.m):e},mt.prototype.revert=function(e){return e},mt.prototype.reduce=function(e){e.divRemTo(this.m,null,e)},mt.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r),this.reduce(r)},mt.prototype.sqrTo=function(e,t){e.squareTo(t),this.reduce(t)},vt.prototype.convert=function(e){var t=ot();return e.abs().dlShiftTo(this.m.t,t),t.divRemTo(this.m,null,t),e.s<0&&t.compareTo(st.ZERO)>0&&this.m.subTo(t,t),t},vt.prototype.revert=function(e){var t=ot();return e.copyTo(t),this.reduce(t),t},vt.prototype.reduce=function(e){for(;e.t<=this.mt2;)e.data[e.t++]=0;for(var t=0;t<this.m.t;++t){var r=32767&e.data[t],a=rthis.mpl+((rthis.mph+(e.data[t]>>15)this.mpl&this.um)<<15)&e.DM;for(r=t+this.m.t,e.data[r]+=this.m.am(0,a,e,t,0,this.m.t);e.data[r]>=e.DV;)e.data[r]-=e.DV,e.data[++r]++}e.clamp(),e.drShiftTo(this.m.t,e),e.compareTo(this.m)>=0&&e.subTo(this.m,e)},vt.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r),this.reduce(r)},vt.prototype.sqrTo=function(e,t){e.squareTo(t),this.reduce(t)},st.prototype.copyTo=function(e){for(var t=this.t-1;t>=0;--t)e.data[t]=this.data[t];e.t=this.t,e.s=this.s},st.prototype.fromInt=function(e){this.t=1,this.s=e<0?-1:0,e>0?this.data[0]=e:e<-1?this.data[0]=e+this.DV:this.t=0},st.prototype.fromString=function(e,t){var r;if(16==t)r=4;else if(8==t)r=3;else if(256==t)r=8;else if(2==t)r=1;else if(32==t)r=5;else{if(4!=t)return void this.fromRadix(e,t);r=2}this.t=0,this.s=0;for(var a=e.length,n=!1,i=0;--a>=0;){var s=8==r?255&e[a]:dt(e,a);s<0?"-"==e.charAt(a)&&(n=!0):(n=!1,0==i?this.data[this.t++]=s:i+r>this.DB?(this.data[this.t-1]\|=(s&(1<<this.DB-i)-1)<<i,this.data[this.t++]=s>>this.DB-i):this.data[this.t-1]\|=s<<i,(i+=r)>=this.DB&&(i-=this.DB))}8==r&&0!=(128&e[0])&&(this.s=-1,i>0&&(this.data[this.t-1]\|=(1<<this.DB-i)-1<<i)),this.clamp(),n&&st.ZERO.subTo(this,this)},st.prototype.clamp=function(){for(var e=this.s&this.DM;this.t>0&&this.data[this.t-1]==e;)--this.t},st.prototype.dlShiftTo=function(e,t){var r;for(r=this.t-1;r>=0;--r)t.data[r+e]=this.data[r];for(r=e-1;r>=0;--r)t.data[r]=0;t.t=this.t+e,t.s=this.s},st.prototype.drShiftTo=function(e,t){for(var r=e;r<this.t;++r)t.data[r-e]=this.data[r];t.t=Math.max(this.t-e,0),t.s=this.s},st.prototype.lShiftTo=function(e,t){var r,a=e%this.DB,n=this.DB-a,i=(1<<n)-1,s=Math.floor(e/this.DB),o=this.s<<a&this.DM;for(r=this.t-1;r>=0;--r)t.data[r+s+1]=this.data[r]>>n\|o,o=(this.data[r]&i)<<a;for(r=s-1;r>=0;--r)t.data[r]=0;t.data[s]=o,t.t=this.t+s+1,t.s=this.s,t.clamp()},st.prototype.rShiftTo=function(e,t){t.s=this.s;var r=Math.floor(e/this.DB);if(r>=this.t)t.t=0;else{var a=e%this.DB,n=this.DB-a,i=(1<<a)-1;t.data[0]=this.data[r]>>a;for(var s=r+1;s<this.t;++s)t.data[s-r-1]\|=(this.data[s]&i)<<n,t.data[s-r]=this.data[s]>>a;a>0&&(t.data[this.t-r-1]\|=(this.s&i)<<n),t.t=this.t-r,t.clamp()}},st.prototype.subTo=function(e,t){for(var r=0,a=0,n=Math.min(e.t,this.t);r<n;)a+=this.data[r]-e.data[r],t.data[r++]=a&this.DM,a>>=this.DB;if(e.t<this.t){for(a-=e.s;r<this.t;)a+=this.data[r],t.data[r++]=a&this.DM,a>>=this.DB;a+=this.s}else{for(a+=this.s;r<e.t;)a-=e.data[r],t.data[r++]=a&this.DM,a>>=this.DB;a-=e.s}t.s=a<0?-1:0,a<-1?t.data[r++]=this.DV+a:a>0&&(t.data[r++]=a),t.t=r,t.clamp()},st.prototype.multiplyTo=function(e,t){var r=this.abs(),a=e.abs(),n=r.t;for(t.t=n+a.t;--n>=0;)t.data[n]=0;for(n=0;n<a.t;++n)t.data[n+r.t]=r.am(0,a.data[n],t,n,0,r.t);t.s=0,t.clamp(),this.s!=e.s&&st.ZERO.subTo(t,t)},st.prototype.squareTo=function(e){for(var t=this.abs(),r=e.t=2t.t;--r>=0;)e.data[r]=0;for(r=0;r<t.t-1;++r){var a=t.am(r,t.data[r],e,2r,0,1);(e.data[r+t.t]+=t.am(r+1,2t.data[r],e,2r+1,a,t.t-r-1))>=t.DV&&(e.data[r+t.t]-=t.DV,e.data[r+t.t+1]=1)}e.t>0&&(e.data[e.t-1]+=t.am(r,t.data[r],e,2r,0,1)),e.s=0,e.clamp()},st.prototype.divRemTo=function(e,t,r){var a=e.abs();if(!(a.t<=0)){var n=this.abs();if(n.t<a.t)return null!=t&&t.fromInt(0),void(null!=r&&this.copyTo(r));null==r&&(r=ot());var i=ot(),s=this.s,o=e.s,c=this.DB-gt(a.data[a.t-1]);c>0?(a.lShiftTo(c,i),n.lShiftTo(c,r)):(a.copyTo(i),n.copyTo(r));var u=i.t,l=i.data[u-1];if(0!=l){var p=l(1<<this.F1)+(u>1?i.data[u-2]>>this.F2:0),h=this.FV/p,f=(1<<this.F1)/p,d=1<<this.F2,y=r.t,g=y-u,m=null==t?ot():t;for(i.dlShiftTo(g,m),r.compareTo(m)>=0&&(r.data[r.t++]=1,r.subTo(m,r)),st.ONE.dlShiftTo(u,m),m.subTo(i,i);i.t<u;)i.data[i.t++]=0;for(;--g>=0;){var v=r.data[--y]==l?this.DM:Math.floor(r.data[y]h+(r.data[y-1]+d)f);if((r.data[y]+=i.am(0,v,r,g,0,u))<v)for(i.dlShiftTo(g,m),r.subTo(m,r);r.data[y]<--v;)r.subTo(m,r)}null!=t&&(r.drShiftTo(u,t),s!=o&&st.ZERO.subTo(t,t)),r.t=u,r.clamp(),c>0&&r.rShiftTo(c,r),s<0&&st.ZERO.subTo(r,r)}}},st.prototype.invDigit=function(){if(this.t<1)return 0;var e=this.data[0];if(0==(1&e))return 0;var t=3&e;return(t=(t=(t=(t=t(2-(15&e)t)&15)(2-(255&e)t)&255)(2-((65535&e)t&65535))&65535)(2-et%this.DV)%this.DV)>0?this.DV-t:-t},st.prototype.isEven=function(){return 0==(this.t>0?1&this.data[0]:this.s)},st.prototype.exp=function(e,t){if(e>4294967295\|\|e<1)return st.ONE;var r=ot(),a=ot(),n=t.convert(this),i=gt(e)-1;for(n.copyTo(r);--i>=0;)if(t.sqrTo(r,a),(e&1<<i)>0)t.mulTo(a,n,r);else{var s=r;r=a,a=s}return t.revert(r)},st.prototype.toString=function(e){if(this.s<0)return"-"+this.negate().toString(e);var t;if(16==e)t=4;else if(8==e)t=3;else if(2==e)t=1;else if(32==e)t=5;else{if(4!=e)return this.toRadix(e);t=2}var r,a=(1<<t)-1,n=!1,i="",s=this.t,o=this.DB-sthis.DB%t;if(s-- >0)for(o<this.DB&&(r=this.data[s]>>o)>0&&(n=!0,i=ft(r));s>=0;)o<t?(r=(this.data[s]&(1<<o)-1)<<t-o,r\|=this.data[--s]>>(o+=this.DB-t)):(r=this.data[s]>>(o-=t)&a,o<=0&&(o+=this.DB,--s)),r>0&&(n=!0),n&&(i+=ft(r));return n?i:"0"},st.prototype.negate=function(){var e=ot();return st.ZERO.subTo(this,e),e},st.prototype.abs=function(){return this.s<0?this.negate():this},st.prototype.compareTo=function(e){var t=this.s-e.s;if(0!=t)return t;var r=this.t;if(0!=(t=r-e.t))return this.s<0?-t:t;for(;--r>=0;)if(0!=(t=this.data[r]-e.data[r]))return t;return 0},st.prototype.bitLength=function(){return this.t<=0?0:this.DB(this.t-1)+gt(this.data[this.t-1]^this.s&this.DM)},st.prototype.mod=function(e){var t=ot();return this.abs().divRemTo(e,null,t),this.s<0&&t.compareTo(st.ZERO)>0&&e.subTo(t,t),t},st.prototype.modPowInt=function(e,t){var r;return r=e<256\|\|t.isEven()?new mt(t):new vt(t),this.exp(e,r)},st.ZERO=yt(0),st.ONE=yt(1),bt.prototype.convert=Bt,bt.prototype.revert=Bt,bt.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r)},bt.prototype.sqrTo=function(e,t){e.squareTo(t)},Nt.prototype.convert=function(e){if(e.s<0\|\|e.t>2this.m.t)return e.mod(this.m);if(e.compareTo(this.m)<0)return e;var t=ot();return e.copyTo(t),this.reduce(t),t},Nt.prototype.revert=function(e){return e},Nt.prototype.reduce=function(e){for(e.drShiftTo(this.m.t-1,this.r2),e.t>this.m.t+1&&(e.t=this.m.t+1,e.clamp()),this.mu.multiplyUpperTo(this.r2,this.m.t+1,this.q3),this.m.multiplyLowerTo(this.q3,this.m.t+1,this.r2);e.compareTo(this.r2)<0;)e.dAddOffset(1,this.m.t+1);for(e.subTo(this.r2,e);e.compareTo(this.m)>=0;)e.subTo(this.m,e)},Nt.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r),this.reduce(r)},Nt.prototype.sqrTo=function(e,t){e.squareTo(t),this.reduce(t)};var wt=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509],kt=(1<<26)/wt[wt.length-1];st.prototype.chunkSize=function(e){return Math.floor(Math.LN2this.DB/Math.log(e))},st.prototype.toRadix=function(e){if(null==e&&(e=10),0==this.signum()\|\|e<2\|\|e>36)return"0";var t=this.chunkSize(e),r=Math.pow(e,t),a=yt(r),n=ot(),i=ot(),s="";for(this.divRemTo(a,n,i);n.signum()>0;)s=(r+i.intValue()).toString(e).substr(1)+s,n.divRemTo(a,n,i);return i.intValue().toString(e)+s},st.prototype.fromRadix=function(e,t){this.fromInt(0),null==t&&(t=10);for(var r=this.chunkSize(t),a=Math.pow(t,r),n=!1,i=0,s=0,o=0;o<e.length;++o){var c=dt(e,o);c<0?"-"==e.charAt(o)&&0==this.signum()&&(n=!0):(s=ts+c,++i>=r&&(this.dMultiply(a),this.dAddOffset(s,0),i=0,s=0))}i>0&&(this.dMultiply(Math.pow(t,i)),this.dAddOffset(s,0)),n&&st.ZERO.subTo(this,this)},st.prototype.fromNumber=function(e,t,r){if("number"==typeof t)if(e<2)this.fromInt(1);else for(this.fromNumber(e,r),this.testBit(e-1)\|\|this.bitwiseTo(st.ONE.shiftLeft(e-1),Et,this),this.isEven()&&this.dAddOffset(1,0);!this.isProbablePrime(t);)this.dAddOffset(2,0),this.bitLength()>e&&this.subTo(st.ONE.shiftLeft(e-1),this);else{var a=new Array,n=7&e;a.length=1+(e>>3),t.nextBytes(a),n>0?a[0]&=(1<<n)-1:a[0]=0,this.fromString(a,256)}},st.prototype.bitwiseTo=function(e,t,r){var a,n,i=Math.min(e.t,this.t);for(a=0;a<i;++a)r.data[a]=t(this.data[a],e.data[a]);if(e.t<this.t){for(n=e.s&this.DM,a=i;a<this.t;++a)r.data[a]=t(this.data[a],n);r.t=this.t}else{for(n=this.s&this.DM,a=i;a<e.t;++a)r.data[a]=t(n,e.data[a]);r.t=e.t}r.s=t(this.s,e.s),r.clamp()},st.prototype.changeBit=function(e,t){var r=st.ONE.shiftLeft(e);return this.bitwiseTo(r,t,r),r},st.prototype.addTo=function(e,t){for(var r=0,a=0,n=Math.min(e.t,this.t);r<n;)a+=this.data[r]+e.data[r],t.data[r++]=a&this.DM,a>>=this.DB;if(e.t<this.t){for(a+=e.s;r<this.t;)a+=this.data[r],t.data[r++]=a&this.DM,a>>=this.DB;a+=this.s}else{for(a+=this.s;r<e.t;)a+=e.data[r],t.data[r++]=a&this.DM,a>>=this.DB;a+=e.s}t.s=a<0?-1:0,a>0?t.data[r++]=a:a<-1&&(t.data[r++]=this.DV+a),t.t=r,t.clamp()},st.prototype.dMultiply=function(e){this.data[this.t]=this.am(0,e-1,this,0,0,this.t),++this.t,this.clamp()},st.prototype.dAddOffset=function(e,t){if(0!=e){for(;this.t<=t;)this.data[this.t++]=0;for(this.data[t]+=e;this.data[t]>=this.DV;)this.data[t]-=this.DV,++t>=this.t&&(this.data[this.t++]=0),++this.data[t]}},st.prototype.multiplyLowerTo=function(e,t,r){var a,n=Math.min(this.t+e.t,t);for(r.s=0,r.t=n;n>0;)r.data[--n]=0;for(a=r.t-this.t;n<a;++n)r.data[n+this.t]=this.am(0,e.data[n],r,n,0,this.t);for(a=Math.min(e.t,t);n<a;++n)this.am(0,e.data[n],r,n,0,t-n);r.clamp()},st.prototype.multiplyUpperTo=function(e,t,r){--t;var a=r.t=this.t+e.t-t;for(r.s=0;--a>=0;)r.data[a]=0;for(a=Math.max(t-this.t,0);a<e.t;++a)r.data[this.t+a-t]=this.am(t-a,e.data[a],r,0,0,this.t+a-t);r.clamp(),r.drShiftTo(1,r)},st.prototype.modInt=function(e){if(e<=0)return 0;var t=this.DV%e,r=this.s<0?e-1:0;if(this.t>0)if(0==t)r=this.data[0]%e;else for(var a=this.t-1;a>=0;--a)r=(tr+this.data[a])%e;return r},st.prototype.millerRabin=function(e){var t=this.subtract(st.ONE),r=t.getLowestSetBit();if(r<=0)return!1;for(var a,n=t.shiftRight(r),i={nextBytes:function(e){for(var t=0;t<e.length;++t)e[t]=Math.floor(256Math.random())}},s=0;s<e;++s){do{a=new st(this.bitLength(),i)}while(a.compareTo(st.ONE)<=0\|\|a.compareTo(t)>=0);var o=a.modPow(n,this);if(0!=o.compareTo(st.ONE)&&0!=o.compareTo(t)){for(var c=1;c++<r&&0!=o.compareTo(t);)if(0==(o=o.modPowInt(2,this)).compareTo(st.ONE))return!1;if(0!=o.compareTo(t))return!1}}return!0},st.prototype.clone=function(){var e=ot();return this.copyTo(e),e},st.prototype.intValue=function(){if(this.s<0){if(1==this.t)return this.data[0]-this.DV;if(0==this.t)return-1}else{if(1==this.t)return this.data[0];if(0==this.t)return 0}return(this.data[1]&(1<<32-this.DB)-1)<<this.DB\|this.data[0]},st.prototype.byteValue=function(){return 0==this.t?this.s:this.data[0]<<24>>24},st.prototype.shortValue=function(){return 0==this.t?this.s:this.data[0]<<16>>16},st.prototype.signum=function(){return this.s<0?-1:this.t<=0\|\|1==this.t&&this.data[0]<=0?0:1},st.prototype.toByteArray=function(){var e=this.t,t=new Array;t[0]=this.s;var r,a=this.DB-ethis.DB%8,n=0;if(e-- >0)for(a<this.DB&&(r=this.data[e]>>a)!=(this.s&this.DM)>>a&&(t[n++]=r\|this.s<<this.DB-a);e>=0;)a<8?(r=(this.data[e]&(1<<a)-1)<<8-a,r\|=this.data[--e]>>(a+=this.DB-8)):(r=this.data[e]>>(a-=8)&255,a<=0&&(a+=this.DB,--e)),0!=(128&r)&&(r\|=-256),0==n&&(128&this.s)!=(128&r)&&++n,(n>0\|\|r!=this.s)&&(t[n++]=r);return t},st.prototype.equals=function(e){return 0==this.compareTo(e)},st.prototype.min=function(e){return this.compareTo(e)<0?this:e},st.prototype.max=function(e){return this.compareTo(e)>0?this:e},st.prototype.and=function(e){var t=ot();return this.bitwiseTo(e,Ct,t),t},st.prototype.or=function(e){var t=ot();return this.bitwiseTo(e,Et,t),t},st.prototype.xor=function(e){var t=ot();return this.bitwiseTo(e,St,t),t},st.prototype.andNot=function(e){var t=ot();return this.bitwiseTo(e,Tt,t),t},st.prototype.not=function(){for(var e=ot(),t=0;t<this.t;++t)e.data[t]=this.DM&~this.data[t];return e.t=this.t,e.s=~this.s,e},st.prototype.shiftLeft=function(e){var t=ot();return e<0?this.rShiftTo(-e,t):this.lShiftTo(e,t),t},st.prototype.shiftRight=function(e){var t=ot();return e<0?this.lShiftTo(-e,t):this.rShiftTo(e,t),t},st.prototype.getLowestSetBit=function(){for(var e=0;e<this.t;++e)if(0!=this.data[e])return ethis.DB+It(this.data[e]);return this.s<0?this.tthis.DB:-1},st.prototype.bitCount=function(){for(var e=0,t=this.s&this.DM,r=0;r<this.t;++r)e+=At(this.data[r]^t);return e},st.prototype.testBit=function(e){var t=Math.floor(e/this.DB);return t>=this.t?0!=this.s:0!=(this.data[t]&1<<e%this.DB)},st.prototype.setBit=function(e){return this.changeBit(e,Et)},st.prototype.clearBit=function(e){return this.changeBit(e,Tt)},st.prototype.flipBit=function(e){return this.changeBit(e,St)},st.prototype.add=function(e){var t=ot();return this.addTo(e,t),t},st.prototype.subtract=function(e){var t=ot();return this.subTo(e,t),t},st.prototype.multiply=function(e){var t=ot();return this.multiplyTo(e,t),t},st.prototype.divide=function(e){var t=ot();return this.divRemTo(e,t,null),t},st.prototype.remainder=function(e){var t=ot();return this.divRemTo(e,null,t),t},st.prototype.divideAndRemainder=function(e){var t=ot(),r=ot();return this.divRemTo(e,t,r),new Array(t,r)},st.prototype.modPow=function(e,t){var r,a,n=e.bitLength(),i=yt(1);if(n<=0)return i;r=n<18?1:n<48?3:n<144?4:n<768?5:6,a=n<8?new mt(t):t.isEven()?new Nt(t):new vt(t);var s=new Array,o=3,c=r-1,u=(1<<r)-1;if(s[1]=a.convert(this),r>1){var l=ot();for(a.sqrTo(s[1],l);o<=u;)s[o]=ot(),a.mulTo(l,s[o-2],s[o]),o+=2}var p,h,f=e.t-1,d=!0,y=ot();for(n=gt(e.data[f])-1;f>=0;){for(n>=c?p=e.data[f]>>n-c&u:(p=(e.data[f]&(1<<n+1)-1)<<c-n,f>0&&(p\|=e.data[f-1]>>this.DB+n-c)),o=r;0==(1&p);)p>>=1,--o;if((n-=o)<0&&(n+=this.DB,--f),d)s[p].copyTo(i),d=!1;else{for(;o>1;)a.sqrTo(i,y),a.sqrTo(y,i),o-=2;o>0?a.sqrTo(i,y):(h=i,i=y,y=h),a.mulTo(y,s[p],i)}for(;f>=0&&0==(e.data[f]&1<<n);)a.sqrTo(i,y),h=i,i=y,y=h,--n<0&&(n=this.DB-1,--f)}return a.revert(i)},st.prototype.modInverse=function(e){var t=e.isEven();if(this.isEven()&&t\|\|0==e.signum())return st.ZERO;for(var r=e.clone(),a=this.clone(),n=yt(1),i=yt(0),s=yt(0),o=yt(1);0!=r.signum();){for(;r.isEven();)r.rShiftTo(1,r),t?(n.isEven()&&i.isEven()\|\|(n.addTo(this,n),i.subTo(e,i)),n.rShiftTo(1,n)):i.isEven()\|\|i.subTo(e,i),i.rShiftTo(1,i);for(;a.isEven();)a.rShiftTo(1,a),t?(s.isEven()&&o.isEven()\|\|(s.addTo(this,s),o.subTo(e,o)),s.rShiftTo(1,s)):o.isEven()\|\|o.subTo(e,o),o.rShiftTo(1,o);r.compareTo(a)>=0?(r.subTo(a,r),t&&n.subTo(s,n),i.subTo(o,i)):(a.subTo(r,a),t&&s.subTo(n,s),o.subTo(i,o))}return 0!=a.compareTo(st.ONE)?st.ZERO:o.compareTo(e)>=0?o.subtract(e):o.signum()<0?(o.addTo(e,o),o.signum()<0?o.add(e):o):o},st.prototype.pow=function(e){return this.exp(e,new bt)},st.prototype.gcd=function(e){var t=this.s<0?this.negate():this.clone(),r=e.s<0?e.negate():e.clone();if(t.compareTo(r)<0){var a=t;t=r,r=a}var n=t.getLowestSetBit(),i=r.getLowestSetBit();if(i<0)return t;for(n<i&&(i=n),i>0&&(t.rShiftTo(i,t),r.rShiftTo(i,r));t.signum()>0;)(n=t.getLowestSetBit())>0&&t.rShiftTo(n,t),(n=r.getLowestSetBit())>0&&r.rShiftTo(n,r),t.compareTo(r)>=0?(t.subTo(r,t),t.rShiftTo(1,t)):(r.subTo(t,r),r.rShiftTo(1,r));return i>0&&r.lShiftTo(i,r),r},st.prototype.isProbablePrime=function(e){var t,r=this.abs();if(1==r.t&&r.data[0]<=wt[wt.length-1]){for(t=0;t<wt.length;++t)if(r.data[0]==wt[t])return!0;return!1}if(r.isEven())return!1;for(t=1;t<wt.length;){for(var a=wt[t],n=t+1;n<wt.length&&a<kt;)a=wt[n++];for(a=r.modInt(a);t<n;)if(a%wt[t++]==0)return!1}return r.millerRabin(e)};var Rt=v,_t=Rt.sha1=Rt.sha1\|\|{};Rt.md.sha1=Rt.md.algorithms.sha1=_t,_t.create=function(){Ut\|\|(Lt=String.fromCharCode(128),Lt+=Rt.util.fillString(String.fromCharCode(0),64),Ut=!0);var e=null,t=Rt.util.createBuffer(),r=new Array(80),a={algorithm:"sha1",blockLength:64,digestLength:20,messageLength:0,fullMessageLength:null,messageLengthSize:8,start:function(){a.messageLength=0,a.fullMessageLength=a.messageLength64=[];for(var r=a.messageLengthSize/4,n=0;n<r;++n)a.fullMessageLength.push(0);return t=Rt.util.createBuffer(),e={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878,h4:3285377520},a}};return a.start(),a.update=function(n,i){"utf8"===i&&(n=Rt.util.encodeUtf8(n));var s=n.length;a.messageLength+=s,s=[s/4294967296>>>0,s>>>0];for(var o=a.fullMessageLength.length-1;o>=0;--o)a.fullMessageLength[o]+=s[1],s[1]=s[0]+(a.fullMessageLength[o]/4294967296>>>0),a.fullMessageLength[o]=a.fullMessageLength[o]>>>0,s[0]=s[1]/4294967296>>>0;return t.putBytes(n),Dt(e,r,t),(t.read>2048\|\|0===t.length())&&t.compact(),a},a.digest=function(){var n=Rt.util.createBuffer();n.putBytes(t.bytes());var i,s=a.fullMessageLength[a.fullMessageLength.length-1]+a.messageLengthSize&a.blockLength-1;n.putBytes(Lt.substr(0,a.blockLength-s));for(var o=8a.fullMessageLength[0],c=0;c<a.fullMessageLength.length-1;++c)o+=(i=8a.fullMessageLength[c+1])/4294967296>>>0,n.putInt32(o>>>0),o=i>>>0;n.putInt32(o);var u={h0:e.h0,h1:e.h1,h2:e.h2,h3:e.h3,h4:e.h4};Dt(u,r,n);var l=Rt.util.createBuffer();return l.putInt32(u.h0),l.putInt32(u.h1),l.putInt32(u.h2),l.putInt32(u.h3),l.putInt32(u.h4),l},a};var Lt=null,Ut=!1;function Dt(e,t,r){for(var a,n,i,s,o,c,u,l=r.length();l>=64;){for(n=e.h0,i=e.h1,s=e.h2,o=e.h3,c=e.h4,u=0;u<16;++u)a=r.getInt32(),t[u]=a,a=(n<<5\|n>>>27)+(o^i&(s^o))+c+1518500249+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<20;++u)a=(a=t[u-3]^t[u-8]^t[u-14]^t[u-16])<<1\|a>>>31,t[u]=a,a=(n<<5\|n>>>27)+(o^i&(s^o))+c+1518500249+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<32;++u)a=(a=t[u-3]^t[u-8]^t[u-14]^t[u-16])<<1\|a>>>31,t[u]=a,a=(n<<5\|n>>>27)+(i^s^o)+c+1859775393+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<40;++u)a=(a=t[u-6]^t[u-16]^t[u-28]^t[u-32])<<2\|a>>>30,t[u]=a,a=(n<<5\|n>>>27)+(i^s^o)+c+1859775393+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<60;++u)a=(a=t[u-6]^t[u-16]^t[u-28]^t[u-32])<<2\|a>>>30,t[u]=a,a=(n<<5\|n>>>27)+(i&s\|o&(i^s))+c+2400959708+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;for(;u<80;++u)a=(a=t[u-6]^t[u-16]^t[u-28]^t[u-32])<<2\|a>>>30,t[u]=a,a=(n<<5\|n>>>27)+(i^s^o)+c+3395469782+a,c=o,o=s,s=(i<<30\|i>>>2)>>>0,i=n,n=a;e.h0=e.h0+n\|0,e.h1=e.h1+i\|0,e.h2=e.h2+s\|0,e.h3=e.h3+o\|0,e.h4=e.h4+c\|0,l-=64}}var Pt=v,Vt=Pt.pkcs1=Pt.pkcs1\|\|{};function Ot(e,t,r){r\|\|(r=Pt.md.sha1.create());for(var a="",n=Math.ceil(t/r.digestLength),i=0;i<n;++i){var s=String.fromCharCode(i>>24&255,i>>16&255,i>>8&255,255&i);r.start(),r.update(e+s),a+=r.digest().getBytes()}return a.substring(0,t)}Vt.encode_rsa_oaep=function(e,t,r){var a,n,i,s;"string"==typeof r?(a=r,n=arguments[3]\|\|void 0,i=arguments[4]\|\|void 0):r&&(a=r.label\|\|void 0,n=r.seed\|\|void 0,i=r.md\|\|void 0,r.mgf1&&r.mgf1.md&&(s=r.mgf1.md)),i?i.start():i=Pt.md.sha1.create(),s\|\|(s=i);var o=Math.ceil(e.n.bitLength()/8),c=o-2i.digestLength-2;if(t.length>c)throw(d=new Error("RSAES-OAEP input message length is too long.")).length=t.length,d.maxLength=c,d;a\|\|(a=""),i.update(a,"raw");for(var u=i.digest(),l="",p=c-t.length,h=0;h<p;h++)l+="\0";var f=u.getBytes()+l+""+t;if(n){if(n.length!==i.digestLength){var d;throw(d=new Error("Invalid RSAES-OAEP seed. The seed length must match the digest length.")).seedLength=n.length,d.digestLength=i.digestLength,d}}else n=Pt.random.getBytes(i.digestLength);var y=Ot(n,o-i.digestLength-1,s),g=Pt.util.xorBytes(f,y,f.length),m=Ot(g,i.digestLength,s);return"\0"+Pt.util.xorBytes(n,m,n.length)+g},Vt.decode_rsa_oaep=function(e,t,r){var a,n,i;"string"==typeof r?(a=r,n=arguments[3]\|\|void 0):r&&(a=r.label\|\|void 0,n=r.md\|\|void 0,r.mgf1&&r.mgf1.md&&(i=r.mgf1.md));var s=Math.ceil(e.n.bitLength()/8);if(t.length!==s)throw(y=new Error("RSAES-OAEP encoded message length is invalid.")).length=t.length,y.expectedLength=s,y;if(void 0===n?n=Pt.md.sha1.create():n.start(),i\|\|(i=n),s<2n.digestLength+2)throw new Error("RSAES-OAEP key is too short for the hash function.");a\|\|(a=""),n.update(a,"raw");for(var o=n.digest().getBytes(),c=t.charAt(0),u=t.substring(1,n.digestLength+1),l=t.substring(1+n.digestLength),p=Ot(l,n.digestLength,i),h=Ot(Pt.util.xorBytes(u,p,u.length),s-n.digestLength-1,i),f=Pt.util.xorBytes(l,h,l.length),d=f.substring(0,n.digestLength),y="\0"!==c,g=0;g<n.digestLength;++g)y\|=o.charAt(g)!==d.charAt(g);for(var m=1,v=n.digestLength,C=n.digestLength;C<f.length;C++){var E=f.charCodeAt(C);y\|=E&(m?65534:0),v+=m&=1&E^1}if(y\|\|1!==f.charCodeAt(v))throw new Error("Invalid RSAES-OAEP padding.");return f.substring(v+1)};var Kt=v;!function(){if(Kt.prime)Kt.prime;else{var e=Kt.prime=Kt.prime\|\|{},t=Kt.jsbn.BigInteger,r=[6,4,2,4,2,4,6,2],a=new t(null);a.fromInt(30);var n=function(e,t){return e\|t};e.generateProbablePrime=function(e,r,a){"function"==typeof r&&(a=r,r={});var n=(r=r\|\|{}).algorithm\|\|"PRIMEINC";"string"==typeof n&&(n={name:n}),n.options=n.options\|\|{};var s=r.prng\|\|Kt.random,c={nextBytes:function(e){for(var t=s.getBytesSync(e.length),r=0;r<e.length;++r)e[r]=t.charCodeAt(r)}};if("PRIMEINC"===n.name)return function(e,r,a,n){if("workers"in a)return function(e,r,a,n){if("undefined"==typeof Worker)return i(e,r,a,n);var s=o(e,r),c=a.workers,u=a.workLoad\|\|100,l=30u/8,p=a.workerScript\|\|"forge/prime.worker.js";if(-1===c)return Kt.util.estimateCores((function(e,t){e&&(t=2),c=t-1,h()}));function h(){c=Math.max(1,c);for(var a=[],i=0;i<c;++i)a[i]=new Worker(p);for(i=0;i<c;++i)a[i].addEventListener("message",f);var h=!1;function f(i){if(!h){var c=i.data;if(c.found){for(var p=0;p<a.length;++p)a[p].terminate();return h=!0,n(null,new t(c.prime,16))}s.bitLength()>e&&(s=o(e,r));var f=s.toString(16);i.target.postMessage({hex:f,workLoad:u}),s.dAddOffset(l,0)}}}h()}(e,r,a,n);return i(e,r,a,n)}(e,c,n.options,a);throw new Error("Invalid prime generation algorithm: "+n.name)}}function i(e,t,r,a){var n=o(e,t),i=function(e){return e<=100?27:e<=150?18:e<=200?15:e<=250?12:e<=300?9:e<=350?8:e<=400?7:e<=500?6:e<=600?5:e<=800?4:e<=1250?3:2}(n.bitLength());"millerRabinTests"in r&&(i=r.millerRabinTests);var c=10;"maxBlockTime"in r&&(c=r.maxBlockTime),s(n,e,t,0,i,c,a)}function s(e,t,a,n,i,c,u){var l=+new Date;do{if(e.bitLength()>t&&(e=o(t,a)),e.isProbablePrime(i))return u(null,e);e.dAddOffset(r[n++%8],0)}while(c<0\|\|+new Date-l<c);Kt.util.setImmediate((function(){s(e,t,a,n,i,c,u)}))}function o(e,r){var i=new t(e,r),s=e-1;return i.testBit(s)\|\|i.bitwiseTo(t.ONE.shiftLeft(s),n,i),i.dAddOffset(31-i.mod(a).byteValue(),0),i}}();var xt=v;if(void 0===Mt)var Mt=xt.jsbn.BigInteger;var Ft=xt.util.isNodejs?s:null,qt=xt.asn1,jt=xt.util;xt.pki=xt.pki\|\|{},xt.pki.rsa=xt.rsa=xt.rsa\|\|{};var Gt=xt.pki,Ht=[6,4,2,4,2,4,6,2],Qt={name:"PrivateKeyInfo",tagClass:qt.Class.UNIVERSAL,type:qt.Type.SEQUENCE,constructed:!0,value:[{name:"PrivateKeyInfo.version",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"PrivateKeyInfo.privateKeyAlgorithm",tagClass:qt.Class.UNIVERSAL,type:qt.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:qt.Class.UNIVERSAL,type:qt.Type.OID,constructed:!1,capture:"privateKeyOid"}]},{name:"PrivateKeyInfo",tagClass:qt.Class.UNIVERSAL,type:qt.Type.OCTETSTRING,constructed:!1,capture:"privateKey"}]},zt={name:"RSAPrivateKey",tagClass:qt.Class.UNIVERSAL,type:qt.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPrivateKey.version",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"RSAPrivateKey.modulus",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyModulus"},{name:"RSAPrivateKey.publicExponent",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyPublicExponent"},{name:"RSAPrivateKey.privateExponent",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyPrivateExponent"},{name:"RSAPrivateKey.prime1",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyPrime1"},{name:"RSAPrivateKey.prime2",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyPrime2"},{name:"RSAPrivateKey.exponent1",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyExponent1"},{name:"RSAPrivateKey.exponent2",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyExponent2"},{name:"RSAPrivateKey.coefficient",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"privateKeyCoefficient"}]},Wt={name:"RSAPublicKey",tagClass:qt.Class.UNIVERSAL,type:qt.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPublicKey.modulus",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"publicKeyModulus"},{name:"RSAPublicKey.exponent",tagClass:qt.Class.UNIVERSAL,type:qt.Type.INTEGER,constructed:!1,capture:"publicKeyExponent"}]},Yt=xt.pki.rsa.publicKeyValidator={name:"SubjectPublicKeyInfo",tagClass:qt.Class.UNIVERSAL,type:qt.Type.SEQUENCE,constructed:!0,captureAsn1:"subjectPublicKeyInfo",value:[{name:"SubjectPublicKeyInfo.AlgorithmIdentifier",tagClass:qt.Class.UNIVERSAL,type:qt.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:qt.Class.UNIVERSAL,type:qt.Type.OID,constructed:!1,capture:"publicKeyOid"}]},{name:"SubjectPublicKeyInfo.subjectPublicKey",tagClass:qt.Class.UNIVERSAL,type:qt.Type.BITSTRING,constructed:!1,value:[{name:"SubjectPublicKeyInfo.subjectPublicKey.RSAPublicKey",tagClass:qt.Class.UNIVERSAL,type:qt.Type.SEQUENCE,constructed:!0,optional:!0,captureAsn1:"rsaPublicKey"}]}]},Xt=function(e){var t;if(!(e.algorithm in Gt.oids)){var r=new Error("Unknown message digest algorithm.");throw r.algorithm=e.algorithm,r}t=Gt.oids[e.algorithm];var a=qt.oidToDer(t).getBytes(),n=qt.create(qt.Class.UNIVERSAL,qt.Type.SEQUENCE,!0,[]),i=qt.create(qt.Class.UNIVERSAL,qt.Type.SEQUENCE,!0,[]);i.value.push(qt.create(qt.Class.UNIVERSAL,qt.Type.OID,!1,a)),i.value.push(qt.create(qt.Class.UNIVERSAL,qt.Type.NULL,!1,""));var s=qt.create(qt.Class.UNIVERSAL,qt.Type.OCTETSTRING,!1,e.digest().getBytes());return n.value.push(i),n.value.push(s),qt.toDer(n).getBytes()},Zt=function(e,t,r){if(r)return e.modPow(t.e,t.n);if(!t.p\|\|!t.q)return e.modPow(t.d,t.n);var a;t.dP\|\|(t.dP=t.d.mod(t.p.subtract(Mt.ONE))),t.dQ\|\|(t.dQ=t.d.mod(t.q.subtract(Mt.ONE))),t.qInv\|\|(t.qInv=t.q.modInverse(t.p));do{a=new Mt(xt.util.bytesToHex(xt.random.getBytes(t.n.bitLength()/8)),16)}while(a.compareTo(t.n)>=0\|\|!a.gcd(t.n).equals(Mt.ONE));for(var n=(e=e.multiply(a.modPow(t.e,t.n)).mod(t.n)).mod(t.p).modPow(t.dP,t.p),i=e.mod(t.q).modPow(t.dQ,t.q);n.compareTo(i)<0;)n=n.add(t.p);var s=n.subtract(i).multiply(t.qInv).mod(t.p).multiply(t.q).add(i);return s=s.multiply(a.modInverse(t.n)).mod(t.n)};function $t(e,t,r){var a=xt.util.createBuffer(),n=Math.ceil(t.n.bitLength()/8);if(e.length>n-11){var i=new Error("Message is too long for PKCS#1 v1.5 padding.");throw i.length=e.length,i.max=n-11,i}a.putByte(0),a.putByte(r);var s,o=n-3-e.length;if(0===r\|\|1===r){s=0===r?0:255;for(var c=0;c<o;++c)a.putByte(s)}else for(;o>0;){var u=0,l=xt.random.getBytes(o);for(c=0;c<o;++c)0===(s=l.charCodeAt(c))?++u:a.putByte(s);o=u}return a.putByte(0),a.putBytes(e),a}function Jt(e,t,r,a){var n=Math.ceil(t.n.bitLength()/8),i=xt.util.createBuffer(e),s=i.getByte(),o=i.getByte();if(0!==s\|\|r&&0!==o&&1!==o\|\|!r&&2!=o\|\|r&&0===o&&void 0===a)throw new Error("Encryption block is invalid.");var c=0;if(0===o){c=n-3-a;for(var u=0;u<c;++u)if(0!==i.getByte())throw new Error("Encryption block is invalid.")}else if(1===o)for(c=0;i.length()>1;){if(255!==i.getByte()){--i.read;break}++c}else if(2===o)for(c=0;i.length()>1;){if(0===i.getByte()){--i.read;break}++c}if(0!==i.getByte()\|\|c!==n-3-i.length())throw new Error("Encryption block is invalid.");return i.getBytes()}function er(e){var t=e.toString(16);t[0]>="8"&&(t="00"+t);var r=xt.util.hexToBytes(t);return r.length>1&&(0===r.charCodeAt(0)&&0==(128&r.charCodeAt(1))\|\|255===r.charCodeAt(0)&&128==(128&r.charCodeAt(1)))?r.substr(1):r}function tr(e){return e<=100?27:e<=150?18:e<=200?15:e<=250?12:e<=300?9:e<=350?8:e<=400?7:e<=500?6:e<=600?5:e<=800?4:e<=1250?3:2}function rr(e){return xt.util.isNodejs&&"function"==typeof Ft[e]}function ar(e){return void 0!==jt.globalScope&&"object"==typeof jt.globalScope.crypto&&"object"==typeof jt.globalScope.crypto.subtle&&"function"==typeof jt.globalScope.crypto.subtle[e]}function nr(e){return void 0!==jt.globalScope&&"object"==typeof jt.globalScope.msCrypto&&"object"==typeof jt.globalScope.msCrypto.subtle&&"function"==typeof jt.globalScope.msCrypto.subtle[e]}function ir(e){for(var t=xt.util.hexToBytes(e.toString(16)),r=new Uint8Array(t.length),a=0;a<t.length;++a)r[a]=t.charCodeAt(a);return r}Gt.rsa.encrypt=function(e,t,r){var a,n=r,i=Math.ceil(t.n.bitLength()/8);!1!==r&&!0!==r?(n=2===r,a=$t(e,t,r)):(a=xt.util.createBuffer()).putBytes(e);for(var s=new Mt(a.toHex(),16),o=Zt(s,t,n).toString(16),c=xt.util.createBuffer(),u=i-Math.ceil(o.length/2);u>0;)c.putByte(0),--u;return c.putBytes(xt.util.hexToBytes(o)),c.getBytes()},Gt.rsa.decrypt=function(e,t,r,a){var n=Math.ceil(t.n.bitLength()/8);if(e.length!==n){var i=new Error("Encrypted message length is invalid.");throw i.length=e.length,i.expected=n,i}var s=new Mt(xt.util.createBuffer(e).toHex(),16);if(s.compareTo(t.n)>=0)throw new Error("Encrypted message is invalid.");for(var o=Zt(s,t,r).toString(16),c=xt.util.createBuffer(),u=n-Math.ceil(o.length/2);u>0;)c.putByte(0),--u;return c.putBytes(xt.util.hexToBytes(o)),!1!==a?Jt(c.getBytes(),t,r):c.getBytes()},Gt.rsa.createKeyPairGenerationState=function(e,t,r){"string"==typeof e&&(e=parseInt(e,10)),e=e\|\|2048;var a,n=(r=r\|\|{}).prng\|\|xt.random,i={nextBytes:function(e){for(var t=n.getBytesSync(e.length),r=0;r<e.length;++r)e[r]=t.charCodeAt(r)}},s=r.algorithm\|\|"PRIMEINC";if("PRIMEINC"!==s)throw new Error("Invalid key generation algorithm: "+s);return(a={algorithm:s,state:0,bits:e,rng:i,eInt:t\|\|65537,e:new Mt(null),p:null,q:null,qBits:e>>1,pBits:e-(e>>1),pqState:0,num:null,keys:null}).e.fromInt(a.eInt),a},Gt.rsa.stepKeyPairGenerationState=function(e,t){"algorithm"in e\|\|(e.algorithm="PRIMEINC");var r=new Mt(null);r.fromInt(30);for(var a,n=0,i=function(e,t){return e\|t},s=+new Date,o=0;null===e.keys&&(t<=0\|\|o<t);){if(0===e.state){var c=null===e.p?e.pBits:e.qBits,u=c-1;0===e.pqState?(e.num=new Mt(c,e.rng),e.num.testBit(u)\|\|e.num.bitwiseTo(Mt.ONE.shiftLeft(u),i,e.num),e.num.dAddOffset(31-e.num.mod(r).byteValue(),0),n=0,++e.pqState):1===e.pqState?e.num.bitLength()>c?e.pqState=0:e.num.isProbablePrime(tr(e.num.bitLength()))?++e.pqState:e.num.dAddOffset(Ht[n++%8],0):2===e.pqState?e.pqState=0===e.num.subtract(Mt.ONE).gcd(e.e).compareTo(Mt.ONE)?3:0:3===e.pqState&&(e.pqState=0,null===e.p?e.p=e.num:e.q=e.num,null!==e.p&&null!==e.q&&++e.state,e.num=null)}else if(1===e.state)e.p.compareTo(e.q)<0&&(e.num=e.p,e.p=e.q,e.q=e.num),++e.state;else if(2===e.state)e.p1=e.p.subtract(Mt.ONE),e.q1=e.q.subtract(Mt.ONE),e.phi=e.p1.multiply(e.q1),++e.state;else if(3===e.state)0===e.phi.gcd(e.e).compareTo(Mt.ONE)?++e.state:(e.p=null,e.q=null,e.state=0);else if(4===e.state)e.n=e.p.multiply(e.q),e.n.bitLength()===e.bits?++e.state:(e.q=null,e.state=0);else if(5===e.state){var l=e.e.modInverse(e.phi);e.keys={privateKey:Gt.rsa.setPrivateKey(e.n,e.e,l,e.p,e.q,l.mod(e.p1),l.mod(e.q1),e.q.modInverse(e.p)),publicKey:Gt.rsa.setPublicKey(e.n,e.e)}}o+=(a=+new Date)-s,s=a}return null!==e.keys},Gt.rsa.generateKeyPair=function(e,t,r,a){if(1===arguments.length?"object"==typeof e?(r=e,e=void 0):"function"==typeof e&&(a=e,e=void 0):2===arguments.length?"number"==typeof e?"function"==typeof t?(a=t,t=void 0):"number"!=typeof t&&(r=t,t=void 0):(r=e,a=t,e=void 0,t=void 0):3===arguments.length&&("number"==typeof t?"function"==typeof r&&(a=r,r=void 0):(a=r,r=t,t=void 0)),r=r\|\|{},void 0===e&&(e=r.bits\|\|2048),void 0===t&&(t=r.e\|\|65537),!xt.options.usePureJavaScript&&!r.prng&&e>=256&&e<=16384&&(65537===t\|\|3===t))if(a){if(rr("generateKeyPair"))return Ft.generateKeyPair("rsa",{modulusLength:e,publicExponent:t,publicKeyEncoding:{type:"spki",format:"pem"},privateKeyEncoding:{type:"pkcs8",format:"pem"}},(function(e,t,r){if(e)return a(e);a(null,{privateKey:Gt.privateKeyFromPem(r),publicKey:Gt.publicKeyFromPem(t)})}));if(ar("generateKey")&&ar("exportKey"))return jt.globalScope.crypto.subtle.generateKey({name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:ir(t),hash:{name:"SHA-256"}},!0,["sign","verify"]).then((function(e){return jt.globalScope.crypto.subtle.exportKey("pkcs8",e.privateKey)})).then(void 0,(function(e){a(e)})).then((function(e){if(e){var t=Gt.privateKeyFromAsn1(qt.fromDer(xt.util.createBuffer(e)));a(null,{privateKey:t,publicKey:Gt.setRsaPublicKey(t.n,t.e)})}}));if(nr("generateKey")&&nr("exportKey")){var n=jt.globalScope.msCrypto.subtle.generateKey({name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:ir(t),hash:{name:"SHA-256"}},!0,["sign","verify"]);return n.oncomplete=function(e){var t=e.target.result,r=jt.globalScope.msCrypto.subtle.exportKey("pkcs8",t.privateKey);r.oncomplete=function(e){var t=e.target.result,r=Gt.privateKeyFromAsn1(qt.fromDer(xt.util.createBuffer(t)));a(null,{privateKey:r,publicKey:Gt.setRsaPublicKey(r.n,r.e)})},r.onerror=function(e){a(e)}},void(n.onerror=function(e){a(e)})}}else if(rr("generateKeyPairSync")){var i=Ft.generateKeyPairSync("rsa",{modulusLength:e,publicExponent:t,publicKeyEncoding:{type:"spki",format:"pem"},privateKeyEncoding:{type:"pkcs8",format:"pem"}});return{privateKey:Gt.privateKeyFromPem(i.privateKey),publicKey:Gt.publicKeyFromPem(i.publicKey)}}var s=Gt.rsa.createKeyPairGenerationState(e,t,r);if(!a)return Gt.rsa.stepKeyPairGenerationState(s,0),s.keys;!function(e,t,r){"function"==typeof t&&(r=t,t={});t=t\|\|{};var a={algorithm:{name:t.algorithm\|\|"PRIMEINC",options:{workers:t.workers\|\|2,workLoad:t.workLoad\|\|100,workerScript:t.workerScript}}};"prng"in t&&(a.prng=t.prng);function n(){i(e.pBits,(function(t,a){return t?r(t):(e.p=a,null!==e.q?s(t,e.q):void i(e.qBits,s))}))}function i(e,t){xt.prime.generateProbablePrime(e,a,t)}function s(t,a){if(t)return r(t);if(e.q=a,e.p.compareTo(e.q)<0){var o=e.p;e.p=e.q,e.q=o}if(0!==e.p.subtract(Mt.ONE).gcd(e.e).compareTo(Mt.ONE))return e.p=null,void n();if(0!==e.q.subtract(Mt.ONE).gcd(e.e).compareTo(Mt.ONE))return e.q=null,void i(e.qBits,s);if(e.p1=e.p.subtract(Mt.ONE),e.q1=e.q.subtract(Mt.ONE),e.phi=e.p1.multiply(e.q1),0!==e.phi.gcd(e.e).compareTo(Mt.ONE))return e.p=e.q=null,void n();if(e.n=e.p.multiply(e.q),e.n.bitLength()!==e.bits)return e.q=null,void i(e.qBits,s);var c=e.e.modInverse(e.phi);e.keys={privateKey:Gt.rsa.setPrivateKey(e.n,e.e,c,e.p,e.q,c.mod(e.p1),c.mod(e.q1),e.q.modInverse(e.p)),publicKey:Gt.rsa.setPublicKey(e.n,e.e)},r(null,e.keys)}n()}(s,r,a)},Gt.setRsaPublicKey=Gt.rsa.setPublicKey=function(e,t){var r={n:e,e:t,encrypt:function(e,t,a){if("string"==typeof t?t=t.toUpperCase():void 0===t&&(t="RSAES-PKCS1-V1_5"),"RSAES-PKCS1-V1_5"===t)t={encode:function(e,t,r){return $t(e,t,2).getBytes()}};else if("RSA-OAEP"===t\|\|"RSAES-OAEP"===t)t={encode:function(e,t){return xt.pkcs1.encode_rsa_oaep(t,e,a)}};else if(-1!==["RAW","NONE","NULL",null].indexOf(t))t={encode:function(e){return e}};else if("string"==typeof t)throw new Error('Unsupported encryption scheme: "'+t+'".');var n=t.encode(e,r,!0);return Gt.rsa.encrypt(n,r,!0)},verify:function(e,t,a){"string"==typeof a?a=a.toUpperCase():void 0===a&&(a="RSASSA-PKCS1-V1_5"),"RSASSA-PKCS1-V1_5"===a?a={verify:function(e,t){return t=Jt(t,r,!0),e===qt.fromDer(t).value[1].value}}:"NONE"!==a&&"NULL"!==a&&null!==a\|\|(a={verify:function(e,t){return e===(t=Jt(t,r,!0))}});var n=Gt.rsa.decrypt(t,r,!0,!1);return a.verify(e,n,r.n.bitLength())}};return r},Gt.setRsaPrivateKey=Gt.rsa.setPrivateKey=function(e,t,r,a,n,i,s,o){var c={n:e,e:t,d:r,p:a,q:n,dP:i,dQ:s,qInv:o,decrypt:function(e,t,r){"string"==typeof t?t=t.toUpperCase():void 0===t&&(t="RSAES-PKCS1-V1_5");var a=Gt.rsa.decrypt(e,c,!1,!1);if("RSAES-PKCS1-V1_5"===t)t={decode:Jt};else if("RSA-OAEP"===t\|\|"RSAES-OAEP"===t)t={decode:function(e,t){return xt.pkcs1.decode_rsa_oaep(t,e,r)}};else{if(-1===["RAW","NONE","NULL",null].indexOf(t))throw new Error('Unsupported encryption scheme: "'+t+'".');t={decode:function(e){return e}}}return t.decode(a,c,!1)},sign:function(e,t){var r=!1;"string"==typeof t&&(t=t.toUpperCase()),void 0===t\|\|"RSASSA-PKCS1-V1_5"===t?(t={encode:Xt},r=1):"NONE"!==t&&"NULL"!==t&&null!==t\|\|(t={encode:function(){return e}},r=1);var a=t.encode(e,c.n.bitLength());return Gt.rsa.encrypt(a,c,r)}};return c},Gt.wrapRsaPrivateKey=function(e){return qt.create(qt.Class.UNIVERSAL,qt.Type.SEQUENCE,!0,[qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,qt.integerToDer(0).getBytes()),qt.create(qt.Class.UNIVERSAL,qt.Type.SEQUENCE,!0,[qt.create(qt.Class.UNIVERSAL,qt.Type.OID,!1,qt.oidToDer(Gt.oids.rsaEncryption).getBytes()),qt.create(qt.Class.UNIVERSAL,qt.Type.NULL,!1,"")]),qt.create(qt.Class.UNIVERSAL,qt.Type.OCTETSTRING,!1,qt.toDer(e).getBytes())])},Gt.privateKeyFromAsn1=function(e){var t,r,a,n,i,s,o,c,u={},l=[];if(qt.validate(e,Qt,u,l)&&(e=qt.fromDer(xt.util.createBuffer(u.privateKey))),u={},l=[],!qt.validate(e,zt,u,l)){var p=new Error("Cannot read private key. ASN.1 object does not contain an RSAPrivateKey.");throw p.errors=l,p}return t=xt.util.createBuffer(u.privateKeyModulus).toHex(),r=xt.util.createBuffer(u.privateKeyPublicExponent).toHex(),a=xt.util.createBuffer(u.privateKeyPrivateExponent).toHex(),n=xt.util.createBuffer(u.privateKeyPrime1).toHex(),i=xt.util.createBuffer(u.privateKeyPrime2).toHex(),s=xt.util.createBuffer(u.privateKeyExponent1).toHex(),o=xt.util.createBuffer(u.privateKeyExponent2).toHex(),c=xt.util.createBuffer(u.privateKeyCoefficient).toHex(),Gt.setRsaPrivateKey(new Mt(t,16),new Mt(r,16),new Mt(a,16),new Mt(n,16),new Mt(i,16),new Mt(s,16),new Mt(o,16),new Mt(c,16))},Gt.privateKeyToAsn1=Gt.privateKeyToRSAPrivateKey=function(e){return qt.create(qt.Class.UNIVERSAL,qt.Type.SEQUENCE,!0,[qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,qt.integerToDer(0).getBytes()),qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.n)),qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.e)),qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.d)),qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.p)),qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.q)),qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.dP)),qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.dQ)),qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.qInv))])},Gt.publicKeyFromAsn1=function(e){var t={},r=[];if(qt.validate(e,Yt,t,r)){var a,n=qt.derToOid(t.publicKeyOid);if(n!==Gt.oids.rsaEncryption)throw(a=new Error("Cannot read public key. Unknown OID.")).oid=n,a;e=t.rsaPublicKey}if(r=[],!qt.validate(e,Wt,t,r))throw(a=new Error("Cannot read public key. ASN.1 object does not contain an RSAPublicKey.")).errors=r,a;var i=xt.util.createBuffer(t.publicKeyModulus).toHex(),s=xt.util.createBuffer(t.publicKeyExponent).toHex();return Gt.setRsaPublicKey(new Mt(i,16),new Mt(s,16))},Gt.publicKeyToAsn1=Gt.publicKeyToSubjectPublicKeyInfo=function(e){return qt.create(qt.Class.UNIVERSAL,qt.Type.SEQUENCE,!0,[qt.create(qt.Class.UNIVERSAL,qt.Type.SEQUENCE,!0,[qt.create(qt.Class.UNIVERSAL,qt.Type.OID,!1,qt.oidToDer(Gt.oids.rsaEncryption).getBytes()),qt.create(qt.Class.UNIVERSAL,qt.Type.NULL,!1,"")]),qt.create(qt.Class.UNIVERSAL,qt.Type.BITSTRING,!1,[Gt.publicKeyToRSAPublicKey(e)])])},Gt.publicKeyToRSAPublicKey=function(e){return qt.create(qt.Class.UNIVERSAL,qt.Type.SEQUENCE,!0,[qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.n)),qt.create(qt.Class.UNIVERSAL,qt.Type.INTEGER,!1,er(e.e))])};var sr=v;if(void 0===or)var or=sr.jsbn.BigInteger;var cr=sr.asn1,ur=sr.pki=sr.pki\|\|{};ur.pbe=sr.pbe=sr.pbe\|\|{};var lr=ur.oids,pr={name:"EncryptedPrivateKeyInfo",tagClass:cr.Class.UNIVERSAL,type:cr.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedPrivateKeyInfo.encryptionAlgorithm",tagClass:cr.Class.UNIVERSAL,type:cr.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:cr.Class.UNIVERSAL,type:cr.Type.OID,constructed:!1,capture:"encryptionOid"},{name:"AlgorithmIdentifier.parameters",tagClass:cr.Class.UNIVERSAL,type:cr.Type.SEQUENCE,constructed:!0,captureAsn1:"encryptionParams"}]},{name:"EncryptedPrivateKeyInfo.encryptedData",tagClass:cr.Class.UNIVERSAL,type:cr.Type.OCTETSTRING,constructed:!1,capture:"encryptedData"}]},hr={name:"PBES2Algorithms",tagClass:cr.Class.UNIVERSAL,type:cr.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.keyDerivationFunc",tagClass:cr.Class.UNIVERSAL,type:cr.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.keyDerivationFunc.oid",tagClass:cr.Class.UNIVERSAL,type:cr.Type.OID,constructed:!1,capture:"kdfOid"},{name:"PBES2Algorithms.params",tagClass:cr.Class.UNIVERSAL,type:cr.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.params.salt",tagClass:cr.Class.UNIVERSAL,type:cr.Type.OCTETSTRING,constructed:!1,capture:"kdfSalt"},{name:"PBES2Algorithms.params.iterationCount",tagClass:cr.Class.UNIVERSAL,type:cr.Type.INTEGER,constructed:!1,capture:"kdfIterationCount"},{name:"PBES2Algorithms.params.keyLength",tagClass:cr.Class.UNIVERSAL,type:cr.Type.INTEGER,constructed:!1,optional:!0,capture:"keyLength"},{name:"PBES2Algorithms.params.prf",tagClass:cr.Class.UNIVERSAL,type:cr.Type.SEQUENCE,constructed:!0,optional:!0,value:[{name:"PBES2Algorithms.params.prf.algorithm",tagClass:cr.Class.UNIVERSAL,type:cr.Type.OID,constructed:!1,capture:"prfOid"}]}]}]},{name:"PBES2Algorithms.encryptionScheme",tagClass:cr.Class.UNIVERSAL,type:cr.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.encryptionScheme.oid",tagClass:cr.Class.UNIVERSAL,type:cr.Type.OID,constructed:!1,capture:"encOid"},{name:"PBES2Algorithms.encryptionScheme.iv",tagClass:cr.Class.UNIVERSAL,type:cr.Type.OCTETSTRING,constructed:!1,capture:"encIv"}]}]},fr={name:"pkcs-12PbeParams",tagClass:cr.Class.UNIVERSAL,type:cr.Type.SEQUENCE,constructed:!0,value:[{name:"pkcs-12PbeParams.salt",tagClass:cr.Class.UNIVERSAL,type:cr.Type.OCTETSTRING,constructed:!1,capture:"salt"},{name:"pkcs-12PbeParams.iterations",tagClass:cr.Class.UNIVERSAL,type:cr.Type.INTEGER,constructed:!1,capture:"iterations"}]};function dr(e,t){return e.start().update(t).digest().getBytes()}function yr(e){var t;if(e){if(!(t=ur.oids[cr.derToOid(e)])){var r=new Error("Unsupported PRF OID.");throw r.oid=e,r.supported=["hmacWithSHA1","hmacWithSHA224","hmacWithSHA256","hmacWithSHA384","hmacWithSHA512"],r}}else t="hmacWithSHA1";return gr(t)}function gr(e){var t=sr.md;switch(e){case"hmacWithSHA224":t=sr.md.sha512;case"hmacWithSHA1":case"hmacWithSHA256":case"hmacWithSHA384":case"hmacWithSHA512":e=e.substr(8).toLowerCase();break;default:var r=new Error("Unsupported PRF algorithm.");throw r.algorithm=e,r.supported=["hmacWithSHA1","hmacWithSHA224","hmacWithSHA256","hmacWithSHA384","hmacWithSHA512"],r}if(!t\|\|!(e in t))throw new Error("Unknown hash algorithm: "+e);return t[e].create()}ur.encryptPrivateKeyInfo=function(e,t,r){(r=r\|\|{}).saltSize=r.saltSize\|\|8,r.count=r.count\|\|2048,r.algorithm=r.algorithm\|\|"aes128",r.prfAlgorithm=r.prfAlgorithm\|\|"sha1";var a,n,i,s=sr.random.getBytesSync(r.saltSize),o=r.count,c=cr.integerToDer(o);if(0===r.algorithm.indexOf("aes")\|\|"des"===r.algorithm){var u,l,p;switch(r.algorithm){case"aes128":a=16,u=16,l=lr["aes128-CBC"],p=sr.aes.createEncryptionCipher;break;case"aes192":a=24,u=16,l=lr["aes192-CBC"],p=sr.aes.createEncryptionCipher;break;case"aes256":a=32,u=16,l=lr["aes256-CBC"],p=sr.aes.createEncryptionCipher;break;case"des":a=8,u=8,l=lr.desCBC,p=sr.des.createEncryptionCipher;break;default:throw(m=new Error("Cannot encrypt private key. Unknown encryption algorithm.")).algorithm=r.algorithm,m}var h="hmacWith"+r.prfAlgorithm.toUpperCase(),f=gr(h),d=sr.pkcs5.pbkdf2(t,s,o,a,f),y=sr.random.getBytesSync(u);(v=p(d)).start(y),v.update(cr.toDer(e)),v.finish(),i=v.output.getBytes();var g=function(e,t,r,a){var n=cr.create(cr.Class.UNIVERSAL,cr.Type.SEQUENCE,!0,[cr.create(cr.Class.UNIVERSAL,cr.Type.OCTETSTRING,!1,e),cr.create(cr.Class.UNIVERSAL,cr.Type.INTEGER,!1,t.getBytes())]);"hmacWithSHA1"!==a&&n.value.push(cr.create(cr.Class.UNIVERSAL,cr.Type.INTEGER,!1,sr.util.hexToBytes(r.toString(16))),cr.create(cr.Class.UNIVERSAL,cr.Type.SEQUENCE,!0,[cr.create(cr.Class.UNIVERSAL,cr.Type.OID,!1,cr.oidToDer(ur.oids[a]).getBytes()),cr.create(cr.Class.UNIVERSAL,cr.Type.NULL,!1,"")]));return n}(s,c,a,h);n=cr.create(cr.Class.UNIVERSAL,cr.Type.SEQUENCE,!0,[cr.create(cr.Class.UNIVERSAL,cr.Type.OID,!1,cr.oidToDer(lr.pkcs5PBES2).getBytes()),cr.create(cr.Class.UNIVERSAL,cr.Type.SEQUENCE,!0,[cr.create(cr.Class.UNIVERSAL,cr.Type.SEQUENCE,!0,[cr.create(cr.Class.UNIVERSAL,cr.Type.OID,!1,cr.oidToDer(lr.pkcs5PBKDF2).getBytes()),g]),cr.create(cr.Class.UNIVERSAL,cr.Type.SEQUENCE,!0,[cr.create(cr.Class.UNIVERSAL,cr.Type.OID,!1,cr.oidToDer(l).getBytes()),cr.create(cr.Class.UNIVERSAL,cr.Type.OCTETSTRING,!1,y)])])])}else{var m;if("3des"!==r.algorithm)throw(m=new Error("Cannot encrypt private key. Unknown encryption algorithm.")).algorithm=r.algorithm,m;a=24;var v,C=new sr.util.ByteBuffer(s);d=ur.pbe.generatePkcs12Key(t,C,1,o,a),y=ur.pbe.generatePkcs12Key(t,C,2,o,a);(v=sr.des.createEncryptionCipher(d)).start(y),v.update(cr.toDer(e)),v.finish(),i=v.output.getBytes(),n=cr.create(cr.Class.UNIVERSAL,cr.Type.SEQUENCE,!0,[cr.create(cr.Class.UNIVERSAL,cr.Type.OID,!1,cr.oidToDer(lr["pbeWithSHAAnd3-KeyTripleDES-CBC"]).getBytes()),cr.create(cr.Class.UNIVERSAL,cr.Type.SEQUENCE,!0,[cr.create(cr.Class.UNIVERSAL,cr.Type.OCTETSTRING,!1,s),cr.create(cr.Class.UNIVERSAL,cr.Type.INTEGER,!1,c.getBytes())])])}return cr.create(cr.Class.UNIVERSAL,cr.Type.SEQUENCE,!0,[n,cr.create(cr.Class.UNIVERSAL,cr.Type.OCTETSTRING,!1,i)])},ur.decryptPrivateKeyInfo=function(e,t){var r=null,a={},n=[];if(!cr.validate(e,pr,a,n)){var i=new Error("Cannot read encrypted private key. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw i.errors=n,i}var s=cr.derToOid(a.encryptionOid),o=ur.pbe.getCipher(s,a.encryptionParams,t),c=sr.util.createBuffer(a.encryptedData);return o.update(c),o.finish()&&(r=cr.fromDer(o.output)),r},ur.encryptedPrivateKeyToPem=function(e,t){var r={type:"ENCRYPTED PRIVATE KEY",body:cr.toDer(e).getBytes()};return sr.pem.encode(r,{maxline:t})},ur.encryptedPrivateKeyFromPem=function(e){var t=sr.pem.decode(e)[0];if("ENCRYPTED PRIVATE KEY"!==t.type){var r=new Error('Could not convert encrypted private key from PEM; PEM header type is "ENCRYPTED PRIVATE KEY".');throw r.headerType=t.type,r}if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert encrypted private key from PEM; PEM is encrypted.");return cr.fromDer(t.body)},ur.encryptRsaPrivateKey=function(e,t,r){if(!(r=r\|\|{}).legacy){var a=ur.wrapRsaPrivateKey(ur.privateKeyToAsn1(e));return a=ur.encryptPrivateKeyInfo(a,t,r),ur.encryptedPrivateKeyToPem(a)}var n,i,s,o;switch(r.algorithm){case"aes128":n="AES-128-CBC",s=16,i=sr.random.getBytesSync(16),o=sr.aes.createEncryptionCipher;break;case"aes192":n="AES-192-CBC",s=24,i=sr.random.getBytesSync(16),o=sr.aes.createEncryptionCipher;break;case"aes256":n="AES-256-CBC",s=32,i=sr.random.getBytesSync(16),o=sr.aes.createEncryptionCipher;break;case"3des":n="DES-EDE3-CBC",s=24,i=sr.random.getBytesSync(8),o=sr.des.createEncryptionCipher;break;case"des":n="DES-CBC",s=8,i=sr.random.getBytesSync(8),o=sr.des.createEncryptionCipher;break;default:var c=new Error('Could not encrypt RSA private key; unsupported encryption algorithm "'+r.algorithm+'".');throw c.algorithm=r.algorithm,c}var u=o(sr.pbe.opensslDeriveBytes(t,i.substr(0,8),s));u.start(i),u.update(cr.toDer(ur.privateKeyToAsn1(e))),u.finish();var l={type:"RSA PRIVATE KEY",procType:{version:"4",type:"ENCRYPTED"},dekInfo:{algorithm:n,parameters:sr.util.bytesToHex(i).toUpperCase()},body:u.output.getBytes()};return sr.pem.encode(l)},ur.decryptRsaPrivateKey=function(e,t){var r=null,a=sr.pem.decode(e)[0];if("ENCRYPTED PRIVATE KEY"!==a.type&&"PRIVATE KEY"!==a.type&&"RSA PRIVATE KEY"!==a.type)throw(s=new Error('Could not convert private key from PEM; PEM header type is not "ENCRYPTED PRIVATE KEY", "PRIVATE KEY", or "RSA PRIVATE KEY".')).headerType=s,s;if(a.procType&&"ENCRYPTED"===a.procType.type){var n,i;switch(a.dekInfo.algorithm){case"DES-CBC":n=8,i=sr.des.createDecryptionCipher;break;case"DES-EDE3-CBC":n=24,i=sr.des.createDecryptionCipher;break;case"AES-128-CBC":n=16,i=sr.aes.createDecryptionCipher;break;case"AES-192-CBC":n=24,i=sr.aes.createDecryptionCipher;break;case"AES-256-CBC":n=32,i=sr.aes.createDecryptionCipher;break;case"RC2-40-CBC":n=5,i=function(e){return sr.rc2.createDecryptionCipher(e,40)};break;case"RC2-64-CBC":n=8,i=function(e){return sr.rc2.createDecryptionCipher(e,64)};break;case"RC2-128-CBC":n=16,i=function(e){return sr.rc2.createDecryptionCipher(e,128)};break;default:var s;throw(s=new Error('Could not decrypt private key; unsupported encryption algorithm "'+a.dekInfo.algorithm+'".')).algorithm=a.dekInfo.algorithm,s}var o=sr.util.hexToBytes(a.dekInfo.parameters),c=i(sr.pbe.opensslDeriveBytes(t,o.substr(0,8),n));if(c.start(o),c.update(sr.util.createBuffer(a.body)),!c.finish())return r;r=c.output.getBytes()}else r=a.body;return null!==(r="ENCRYPTED PRIVATE KEY"===a.type?ur.decryptPrivateKeyInfo(cr.fromDer(r),t):cr.fromDer(r))&&(r=ur.privateKeyFromAsn1(r)),r},ur.pbe.generatePkcs12Key=function(e,t,r,a,n,i){var s,o;if(null==i){if(!("sha1"in sr.md))throw new Error('"sha1" hash algorithm unavailable.');i=sr.md.sha1.create()}var c=i.digestLength,u=i.blockLength,l=new sr.util.ByteBuffer,p=new sr.util.ByteBuffer;if(null!=e){for(o=0;o<e.length;o++)p.putInt16(e.charCodeAt(o));p.putInt16(0)}var h=p.length(),f=t.length(),d=new sr.util.ByteBuffer;d.fillWithByte(r,u);var y=uMath.ceil(f/u),g=new sr.util.ByteBuffer;for(o=0;o<y;o++)g.putByte(t.at(o%f));var m=uMath.ceil(h/u),v=new sr.util.ByteBuffer;for(o=0;o<m;o++)v.putByte(p.at(o%h));var C=g;C.putBuffer(v);for(var E=Math.ceil(n/c),S=1;S<=E;S++){var T=new sr.util.ByteBuffer;T.putBytes(d.bytes()),T.putBytes(C.bytes());for(var I=0;I<a;I++)i.start(),i.update(T.getBytes()),T=i.digest();var A=new sr.util.ByteBuffer;for(o=0;o<u;o++)A.putByte(T.at(o%c));var b=Math.ceil(f/u)+Math.ceil(h/u),B=new sr.util.ByteBuffer;for(s=0;s<b;s++){var N=new sr.util.ByteBuffer(C.getBytes(u)),w=511;for(o=A.length()-1;o>=0;o--)w>>=8,w+=A.at(o)+N.at(o),N.setAt(o,255&w);B.putBuffer(N)}C=B,l.putBuffer(T)}return l.truncate(l.length()-n),l},ur.pbe.getCipher=function(e,t,r){switch(e){case ur.oids.pkcs5PBES2:return ur.pbe.getCipherForPBES2(e,t,r);case ur.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:case ur.oids["pbewithSHAAnd40BitRC2-CBC"]:return ur.pbe.getCipherForPKCS12PBE(e,t,r);default:var a=new Error("Cannot read encrypted PBE data block. Unsupported OID.");throw a.oid=e,a.supportedOids=["pkcs5PBES2","pbeWithSHAAnd3-KeyTripleDES-CBC","pbewithSHAAnd40BitRC2-CBC"],a}},ur.pbe.getCipherForPBES2=function(e,t,r){var a,n={},i=[];if(!cr.validate(t,hr,n,i))throw(a=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.")).errors=i,a;if((e=cr.derToOid(n.kdfOid))!==ur.oids.pkcs5PBKDF2)throw(a=new Error("Cannot read encrypted private key. Unsupported key derivation function OID.")).oid=e,a.supportedOids=["pkcs5PBKDF2"],a;if((e=cr.derToOid(n.encOid))!==ur.oids["aes128-CBC"]&&e!==ur.oids["aes192-CBC"]&&e!==ur.oids["aes256-CBC"]&&e!==ur.oids["des-EDE3-CBC"]&&e!==ur.oids.desCBC)throw(a=new Error("Cannot read encrypted private key. Unsupported encryption scheme OID.")).oid=e,a.supportedOids=["aes128-CBC","aes192-CBC","aes256-CBC","des-EDE3-CBC","desCBC"],a;var s,o,c=n.kdfSalt,u=sr.util.createBuffer(n.kdfIterationCount);switch(u=u.getInt(u.length()<<3),ur.oids[e]){case"aes128-CBC":s=16,o=sr.aes.createDecryptionCipher;break;case"aes192-CBC":s=24,o=sr.aes.createDecryptionCipher;break;case"aes256-CBC":s=32,o=sr.aes.createDecryptionCipher;break;case"des-EDE3-CBC":s=24,o=sr.des.createDecryptionCipher;break;case"desCBC":s=8,o=sr.des.createDecryptionCipher}var l=yr(n.prfOid),p=sr.pkcs5.pbkdf2(r,c,u,s,l),h=n.encIv,f=o(p);return f.start(h),f},ur.pbe.getCipherForPKCS12PBE=function(e,t,r){var a={},n=[];if(!cr.validate(t,fr,a,n))throw(l=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.")).errors=n,l;var i,s,o,c=sr.util.createBuffer(a.salt),u=sr.util.createBuffer(a.iterations);switch(u=u.getInt(u.length()<<3),e){case ur.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:i=24,s=8,o=sr.des.startDecrypting;break;case ur.oids["pbewithSHAAnd40BitRC2-CBC"]:i=5,s=8,o=function(e,t){var r=sr.rc2.createDecryptionCipher(e,40);return r.start(t,null),r};break;default:var l;throw(l=new Error("Cannot read PKCS #12 PBE data block. Unsupported OID.")).oid=e,l}var p=yr(a.prfOid),h=ur.pbe.generatePkcs12Key(r,c,1,u,i,p);return p.start(),o(h,ur.pbe.generatePkcs12Key(r,c,2,u,s,p))},ur.pbe.opensslDeriveBytes=function(e,t,r,a){if(null==a){if(!("md5"in sr.md))throw new Error('"md5" hash algorithm unavailable.');a=sr.md.md5.create()}null===t&&(t="");for(var n=[dr(a,e+t)],i=16,s=1;i<r;++s,i+=16)n.push(dr(a,n[s-1]+e+t));return n.join("").substr(0,r)};var mr=v,vr=mr.asn1,Cr=mr.pkcs7asn1=mr.pkcs7asn1\|\|{};mr.pkcs7=mr.pkcs7\|\|{},mr.pkcs7.asn1=Cr;var Er={name:"ContentInfo",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"ContentInfo.ContentType",tagClass:vr.Class.UNIVERSAL,type:vr.Type.OID,constructed:!1,capture:"contentType"},{name:"ContentInfo.content",tagClass:vr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,captureAsn1:"content"}]};Cr.contentInfoValidator=Er;var Sr={name:"EncryptedContentInfo",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedContentInfo.contentType",tagClass:vr.Class.UNIVERSAL,type:vr.Type.OID,constructed:!1,capture:"contentType"},{name:"EncryptedContentInfo.contentEncryptionAlgorithm",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedContentInfo.contentEncryptionAlgorithm.algorithm",tagClass:vr.Class.UNIVERSAL,type:vr.Type.OID,constructed:!1,capture:"encAlgorithm"},{name:"EncryptedContentInfo.contentEncryptionAlgorithm.parameter",tagClass:vr.Class.UNIVERSAL,captureAsn1:"encParameter"}]},{name:"EncryptedContentInfo.encryptedContent",tagClass:vr.Class.CONTEXT_SPECIFIC,type:0,capture:"encryptedContent",captureAsn1:"encryptedContentAsn1"}]};Cr.envelopedDataValidator={name:"EnvelopedData",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"EnvelopedData.Version",tagClass:vr.Class.UNIVERSAL,type:vr.Type.INTEGER,constructed:!1,capture:"version"},{name:"EnvelopedData.RecipientInfos",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SET,constructed:!0,captureAsn1:"recipientInfos"}].concat(Sr)},Cr.encryptedDataValidator={name:"EncryptedData",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedData.Version",tagClass:vr.Class.UNIVERSAL,type:vr.Type.INTEGER,constructed:!1,capture:"version"}].concat(Sr)};var Tr={name:"SignerInfo",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.version",tagClass:vr.Class.UNIVERSAL,type:vr.Type.INTEGER,constructed:!1},{name:"SignerInfo.issuerAndSerialNumber",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.issuerAndSerialNumber.issuer",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,captureAsn1:"issuer"},{name:"SignerInfo.issuerAndSerialNumber.serialNumber",tagClass:vr.Class.UNIVERSAL,type:vr.Type.INTEGER,constructed:!1,capture:"serial"}]},{name:"SignerInfo.digestAlgorithm",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.digestAlgorithm.algorithm",tagClass:vr.Class.UNIVERSAL,type:vr.Type.OID,constructed:!1,capture:"digestAlgorithm"},{name:"SignerInfo.digestAlgorithm.parameter",tagClass:vr.Class.UNIVERSAL,constructed:!1,captureAsn1:"digestParameter",optional:!0}]},{name:"SignerInfo.authenticatedAttributes",tagClass:vr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,capture:"authenticatedAttributes"},{name:"SignerInfo.digestEncryptionAlgorithm",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,capture:"signatureAlgorithm"},{name:"SignerInfo.encryptedDigest",tagClass:vr.Class.UNIVERSAL,type:vr.Type.OCTETSTRING,constructed:!1,capture:"signature"},{name:"SignerInfo.unauthenticatedAttributes",tagClass:vr.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,optional:!0,capture:"unauthenticatedAttributes"}]};Cr.signedDataValidator={name:"SignedData",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"SignedData.Version",tagClass:vr.Class.UNIVERSAL,type:vr.Type.INTEGER,constructed:!1,capture:"version"},{name:"SignedData.DigestAlgorithms",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SET,constructed:!0,captureAsn1:"digestAlgorithms"},Er,{name:"SignedData.Certificates",tagClass:vr.Class.CONTEXT_SPECIFIC,type:0,optional:!0,captureAsn1:"certificates"},{name:"SignedData.CertificateRevocationLists",tagClass:vr.Class.CONTEXT_SPECIFIC,type:1,optional:!0,captureAsn1:"crls"},{name:"SignedData.SignerInfos",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SET,capture:"signerInfos",optional:!0,value:[Tr]}]},Cr.recipientInfoValidator={name:"RecipientInfo",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.version",tagClass:vr.Class.UNIVERSAL,type:vr.Type.INTEGER,constructed:!1,capture:"version"},{name:"RecipientInfo.issuerAndSerial",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.issuerAndSerial.issuer",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,captureAsn1:"issuer"},{name:"RecipientInfo.issuerAndSerial.serialNumber",tagClass:vr.Class.UNIVERSAL,type:vr.Type.INTEGER,constructed:!1,capture:"serial"}]},{name:"RecipientInfo.keyEncryptionAlgorithm",tagClass:vr.Class.UNIVERSAL,type:vr.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.keyEncryptionAlgorithm.algorithm",tagClass:vr.Class.UNIVERSAL,type:vr.Type.OID,constructed:!1,capture:"encAlgorithm"},{name:"RecipientInfo.keyEncryptionAlgorithm.parameter",tagClass:vr.Class.UNIVERSAL,constructed:!1,captureAsn1:"encParameter"}]},{name:"RecipientInfo.encryptedKey",tagClass:vr.Class.UNIVERSAL,type:vr.Type.OCTETSTRING,constructed:!1,capture:"encKey"}]};var Ir=v;Ir.mgf=Ir.mgf\|\|{},(Ir.mgf.mgf1=Ir.mgf1=Ir.mgf1\|\|{}).create=function(e){var t={generate:function(t,r){for(var a=new Ir.util.ByteBuffer,n=Math.ceil(r/e.digestLength),i=0;i<n;i++){var s=new Ir.util.ByteBuffer;s.putInt32(i),e.start(),e.update(t+s.getBytes()),a.putBuffer(e.digest())}return a.truncate(a.length()-r),a.getBytes()}};return t};var Ar=v;Ar.mgf=Ar.mgf\|\|{},Ar.mgf.mgf1=Ar.mgf1;var br=v;(br.pss=br.pss\|\|{}).create=function(e){3===arguments.length&&(e={md:arguments[0],mgf:arguments[1],saltLength:arguments[2]});var t,r=e.md,a=e.mgf,n=r.digestLength,i=e.salt\|\|null;if("string"==typeof i&&(i=br.util.createBuffer(i)),"saltLength"in e)t=e.saltLength;else{if(null===i)throw new Error("Salt length not specified or specific salt not given.");t=i.length()}if(null!==i&&i.length()!==t)throw new Error("Given salt length does not match length of given salt.");var s=e.prng\|\|br.random,o={encode:function(e,o){var c,u,l=o-1,p=Math.ceil(l/8),h=e.digest().getBytes();if(p<n+t+2)throw new Error("Message is too long to encrypt.");u=null===i?s.getBytesSync(t):i.bytes();var f=new br.util.ByteBuffer;f.fillWithByte(0,8),f.putBytes(h),f.putBytes(u),r.start(),r.update(f.getBytes());var d=r.digest().getBytes(),y=new br.util.ByteBuffer;y.fillWithByte(0,p-t-n-2),y.putByte(1),y.putBytes(u);var g=y.getBytes(),m=p-n-1,v=a.generate(d,m),C="";for(c=0;c<m;c++)C+=String.fromCharCode(g.charCodeAt(c)^v.charCodeAt(c));var E=65280>>8p-l&255;return(C=String.fromCharCode(C.charCodeAt(0)&~E)+C.substr(1))+d+String.fromCharCode(188)},verify:function(e,i,s){var o,c=s-1,u=Math.ceil(c/8);if(i=i.substr(-u),u<n+t+2)throw new Error("Inconsistent parameters to PSS signature verification.");if(188!==i.charCodeAt(u-1))throw new Error("Encoded message does not end in 0xBC.");var l=u-n-1,p=i.substr(0,l),h=i.substr(l,n),f=65280>>8u-c&255;if(0!=(p.charCodeAt(0)&f))throw new Error("Bits beyond keysize not zero as expected.");var d=a.generate(h,l),y="";for(o=0;o<l;o++)y+=String.fromCharCode(p.charCodeAt(o)^d.charCodeAt(o));y=String.fromCharCode(y.charCodeAt(0)&~f)+y.substr(1);var g=u-n-t-2;for(o=0;o<g;o++)if(0!==y.charCodeAt(o))throw new Error("Leftmost octets not zero as expected");if(1!==y.charCodeAt(g))throw new Error("Inconsistent PSS signature, 0x01 marker not found");var m=y.substr(-t),v=new br.util.ByteBuffer;return v.fillWithByte(0,8),v.putBytes(e),v.putBytes(m),r.start(),r.update(v.getBytes()),h===r.digest().getBytes()}};return o};var Br=v,Nr=Br.asn1,wr=Br.pki=Br.pki\|\|{},kr=wr.oids,Rr={};Rr.CN=kr.commonName,Rr.commonName="CN",Rr.C=kr.countryName,Rr.countryName="C",Rr.L=kr.localityName,Rr.localityName="L",Rr.ST=kr.stateOrProvinceName,Rr.stateOrProvinceName="ST",Rr.O=kr.organizationName,Rr.organizationName="O",Rr.OU=kr.organizationalUnitName,Rr.organizationalUnitName="OU",Rr.E=kr.emailAddress,Rr.emailAddress="E";var _r=Br.pki.rsa.publicKeyValidator,Lr={name:"Certificate",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,captureAsn1:"tbsCertificate",value:[{name:"Certificate.TBSCertificate.version",tagClass:Nr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.version.integer",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.INTEGER,constructed:!1,capture:"certVersion"}]},{name:"Certificate.TBSCertificate.serialNumber",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.INTEGER,constructed:!1,capture:"certSerialNumber"},{name:"Certificate.TBSCertificate.signature",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate.signature.algorithm",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.OID,constructed:!1,capture:"certinfoSignatureOid"},{name:"Certificate.TBSCertificate.signature.parameters",tagClass:Nr.Class.UNIVERSAL,optional:!0,captureAsn1:"certinfoSignatureParams"}]},{name:"Certificate.TBSCertificate.issuer",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,captureAsn1:"certIssuer"},{name:"Certificate.TBSCertificate.validity",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate.validity.notBefore (utc)",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.UTCTIME,constructed:!1,optional:!0,capture:"certValidity1UTCTime"},{name:"Certificate.TBSCertificate.validity.notBefore (generalized)",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.GENERALIZEDTIME,constructed:!1,optional:!0,capture:"certValidity2GeneralizedTime"},{name:"Certificate.TBSCertificate.validity.notAfter (utc)",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.UTCTIME,constructed:!1,optional:!0,capture:"certValidity3UTCTime"},{name:"Certificate.TBSCertificate.validity.notAfter (generalized)",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.GENERALIZEDTIME,constructed:!1,optional:!0,capture:"certValidity4GeneralizedTime"}]},{name:"Certificate.TBSCertificate.subject",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,captureAsn1:"certSubject"},_r,{name:"Certificate.TBSCertificate.issuerUniqueID",tagClass:Nr.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.issuerUniqueID.id",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.BITSTRING,constructed:!1,captureBitStringValue:"certIssuerUniqueId"}]},{name:"Certificate.TBSCertificate.subjectUniqueID",tagClass:Nr.Class.CONTEXT_SPECIFIC,type:2,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.subjectUniqueID.id",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.BITSTRING,constructed:!1,captureBitStringValue:"certSubjectUniqueId"}]},{name:"Certificate.TBSCertificate.extensions",tagClass:Nr.Class.CONTEXT_SPECIFIC,type:3,constructed:!0,captureAsn1:"certExtensions",optional:!0}]},{name:"Certificate.signatureAlgorithm",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.signatureAlgorithm.algorithm",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.OID,constructed:!1,capture:"certSignatureOid"},{name:"Certificate.TBSCertificate.signature.parameters",tagClass:Nr.Class.UNIVERSAL,optional:!0,captureAsn1:"certSignatureParams"}]},{name:"Certificate.signatureValue",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.BITSTRING,constructed:!1,captureBitStringValue:"certSignature"}]},Ur={name:"rsapss",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,value:[{name:"rsapss.hashAlgorithm",tagClass:Nr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,value:[{name:"rsapss.hashAlgorithm.AlgorithmIdentifier",tagClass:Nr.Class.UNIVERSAL,type:Nr.Class.SEQUENCE,constructed:!0,optional:!0,value:[{name:"rsapss.hashAlgorithm.AlgorithmIdentifier.algorithm",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.OID,constructed:!1,capture:"hashOid"}]}]},{name:"rsapss.maskGenAlgorithm",tagClass:Nr.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier",tagClass:Nr.Class.UNIVERSAL,type:Nr.Class.SEQUENCE,constructed:!0,optional:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.algorithm",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.OID,constructed:!1,capture:"maskGenOid"},{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.params",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.params.algorithm",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.OID,constructed:!1,capture:"maskGenHashOid"}]}]}]},{name:"rsapss.saltLength",tagClass:Nr.Class.CONTEXT_SPECIFIC,type:2,optional:!0,value:[{name:"rsapss.saltLength.saltLength",tagClass:Nr.Class.UNIVERSAL,type:Nr.Class.INTEGER,constructed:!1,capture:"saltLength"}]},{name:"rsapss.trailerField",tagClass:Nr.Class.CONTEXT_SPECIFIC,type:3,optional:!0,value:[{name:"rsapss.trailer.trailer",tagClass:Nr.Class.UNIVERSAL,type:Nr.Class.INTEGER,constructed:!1,capture:"trailer"}]}]},Dr={name:"CertificationRequestInfo",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,captureAsn1:"certificationRequestInfo",value:[{name:"CertificationRequestInfo.integer",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.INTEGER,constructed:!1,capture:"certificationRequestInfoVersion"},{name:"CertificationRequestInfo.subject",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,captureAsn1:"certificationRequestInfoSubject"},_r,{name:"CertificationRequestInfo.attributes",tagClass:Nr.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,capture:"certificationRequestInfoAttributes",value:[{name:"CertificationRequestInfo.attributes",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,value:[{name:"CertificationRequestInfo.attributes.type",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.OID,constructed:!1},{name:"CertificationRequestInfo.attributes.value",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SET,constructed:!0}]}]}]},Pr={name:"CertificationRequest",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,captureAsn1:"csr",value:[Dr,{name:"CertificationRequest.signatureAlgorithm",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.SEQUENCE,constructed:!0,value:[{name:"CertificationRequest.signatureAlgorithm.algorithm",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.OID,constructed:!1,capture:"csrSignatureOid"},{name:"CertificationRequest.signatureAlgorithm.parameters",tagClass:Nr.Class.UNIVERSAL,optional:!0,captureAsn1:"csrSignatureParams"}]},{name:"CertificationRequest.signature",tagClass:Nr.Class.UNIVERSAL,type:Nr.Type.BITSTRING,constructed:!1,captureBitStringValue:"csrSignature"}]};function Vr(e,t){"string"==typeof t&&(t={shortName:t});for(var r,a=null,n=0;null===a&&n<e.attributes.length;++n)r=e.attributes[n],(t.type&&t.type===r.type\|\|t.name&&t.name===r.name\|\|t.shortName&&t.shortName===r.shortName)&&(a=r);return a}wr.RDNAttributesAsArray=function(e,t){for(var r,a,n,i=[],s=0;s<e.value.length;++s){r=e.value[s];for(var o=0;o<r.value.length;++o)n={},a=r.value[o],n.type=Nr.derToOid(a.value[0].value),n.value=a.value[1].value,n.valueTagClass=a.value[1].type,n.type in kr&&(n.name=kr[n.type],n.name in Rr&&(n.shortName=Rr[n.name])),t&&(t.update(n.type),t.update(n.value)),i.push(n)}return i},wr.CRIAttributesAsArray=function(e){for(var t=[],r=0;r<e.length;++r)for(var a=e[r],n=Nr.derToOid(a.value[0].value),i=a.value[1].value,s=0;s<i.length;++s){var o={};if(o.type=n,o.value=i[s].value,o.valueTagClass=i[s].type,o.type in kr&&(o.name=kr[o.type],o.name in Rr&&(o.shortName=Rr[o.name])),o.type===kr.extensionRequest){o.extensions=[];for(var c=0;c<o.value.length;++c)o.extensions.push(wr.certificateExtensionFromAsn1(o.value[c]))}t.push(o)}return t};var Or=function(e,t,r){var a={};if(e!==kr["RSASSA-PSS"])return a;r&&(a={hash:{algorithmOid:kr.sha1},mgf:{algorithmOid:kr.mgf1,hash:{algorithmOid:kr.sha1}},saltLength:20});var n={},i=[];if(!Nr.validate(t,Ur,n,i)){var s=new Error("Cannot read RSASSA-PSS parameter block.");throw s.errors=i,s}return void 0!==n.hashOid&&(a.hash=a.hash\|\|{},a.hash.algorithmOid=Nr.derToOid(n.hashOid)),void 0!==n.maskGenOid&&(a.mgf=a.mgf\|\|{},a.mgf.algorithmOid=Nr.derToOid(n.maskGenOid),a.mgf.hash=a.mgf.hash\|\|{},a.mgf.hash.algorithmOid=Nr.derToOid(n.maskGenHashOid)),void 0!==n.saltLength&&(a.saltLength=n.saltLength.charCodeAt(0)),a};function Kr(e){for(var t,r,a=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[]),n=e.attributes,i=0;i<n.length;++i){var s=(t=n[i]).value,o=Nr.Type.PRINTABLESTRING;"valueTagClass"in t&&(o=t.valueTagClass)===Nr.Type.UTF8&&(s=Br.util.encodeUtf8(s)),r=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SET,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(t.type).getBytes()),Nr.create(Nr.Class.UNIVERSAL,o,!1,s)])]),a.value.push(r)}return a}function xr(e){for(var t,r=0;r<e.length;++r){if(void 0===(t=e[r]).name&&(t.type&&t.type in wr.oids?t.name=wr.oids[t.type]:t.shortName&&t.shortName in Rr&&(t.name=wr.oids[Rr[t.shortName]])),void 0===t.type){if(!t.name\|\|!(t.name in wr.oids))throw(n=new Error("Attribute type not specified.")).attribute=t,n;t.type=wr.oids[t.name]}if(void 0===t.shortName&&t.name&&t.name in Rr&&(t.shortName=Rr[t.name]),t.type===kr.extensionRequest&&(t.valueConstructed=!0,t.valueTagClass=Nr.Type.SEQUENCE,!t.value&&t.extensions)){t.value=[];for(var a=0;a<t.extensions.length;++a)t.value.push(wr.certificateExtensionToAsn1(Mr(t.extensions[a])))}var n;if(void 0===t.value)throw(n=new Error("Attribute value not specified.")).attribute=t,n}}function Mr(e,t){if(t=t\|\|{},void 0===e.name&&e.id&&e.id in wr.oids&&(e.name=wr.oids[e.id]),void 0===e.id){if(!e.name\|\|!(e.name in wr.oids))throw(g=new Error("Extension ID not specified.")).extension=e,g;e.id=wr.oids[e.name]}if(void 0!==e.value)return e;if("keyUsage"===e.name){var r=0,a=0,n=0;e.digitalSignature&&(a\|=128,r=7),e.nonRepudiation&&(a\|=64,r=6),e.keyEncipherment&&(a\|=32,r=5),e.dataEncipherment&&(a\|=16,r=4),e.keyAgreement&&(a\|=8,r=3),e.keyCertSign&&(a\|=4,r=2),e.cRLSign&&(a\|=2,r=1),e.encipherOnly&&(a\|=1,r=0),e.decipherOnly&&(n\|=128,r=7);var i=String.fromCharCode(r);0!==n?i+=String.fromCharCode(a)+String.fromCharCode(n):0!==a&&(i+=String.fromCharCode(a)),e.value=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.BITSTRING,!1,i)}else if("basicConstraints"===e.name)e.value=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[]),e.cA&&e.value.value.push(Nr.create(Nr.Class.UNIVERSAL,Nr.Type.BOOLEAN,!1,String.fromCharCode(255))),"pathLenConstraint"in e&&e.value.value.push(Nr.create(Nr.Class.UNIVERSAL,Nr.Type.INTEGER,!1,Nr.integerToDer(e.pathLenConstraint).getBytes()));else if("extKeyUsage"===e.name){e.value=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[]);var s=e.value.value;for(var o in e)!0===e[o]&&(o in kr?s.push(Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(kr[o]).getBytes())):-1!==o.indexOf(".")&&s.push(Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(o).getBytes())))}else if("nsCertType"===e.name){r=0,a=0;e.client&&(a\|=128,r=7),e.server&&(a\|=64,r=6),e.email&&(a\|=32,r=5),e.objsign&&(a\|=16,r=4),e.reserved&&(a\|=8,r=3),e.sslCA&&(a\|=4,r=2),e.emailCA&&(a\|=2,r=1),e.objCA&&(a\|=1,r=0);i=String.fromCharCode(r);0!==a&&(i+=String.fromCharCode(a)),e.value=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.BITSTRING,!1,i)}else if("subjectAltName"===e.name\|\|"issuerAltName"===e.name){e.value=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[]);for(var c=0;c<e.altNames.length;++c){i=(f=e.altNames[c]).value;if(7===f.type&&f.ip){if(null===(i=Br.util.bytesFromIP(f.ip)))throw(g=new Error('Extension "ip" value is not a valid IPv4 or IPv6 address.')).extension=e,g}else 8===f.type&&(i=f.oid?Nr.oidToDer(Nr.oidToDer(f.oid)):Nr.oidToDer(i));e.value.value.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,f.type,!1,i))}}else if("nsComment"===e.name&&t.cert){if(!/^[\x00-\x7F]$/.test(e.comment)\|\|e.comment.length<1\|\|e.comment.length>128)throw new Error('Invalid "nsComment" content.');e.value=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.IA5STRING,!1,e.comment)}else if("subjectKeyIdentifier"===e.name&&t.cert){var u=t.cert.generateSubjectKeyIdentifier();e.subjectKeyIdentifier=u.toHex(),e.value=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OCTETSTRING,!1,u.getBytes())}else if("authorityKeyIdentifier"===e.name&&t.cert){e.value=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[]);s=e.value.value;if(e.keyIdentifier){var l=!0===e.keyIdentifier?t.cert.generateSubjectKeyIdentifier().getBytes():e.keyIdentifier;s.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,0,!1,l))}if(e.authorityCertIssuer){var p=[Nr.create(Nr.Class.CONTEXT_SPECIFIC,4,!0,[Kr(!0===e.authorityCertIssuer?t.cert.issuer:e.authorityCertIssuer)])];s.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,1,!0,p))}if(e.serialNumber){var h=Br.util.hexToBytes(!0===e.serialNumber?t.cert.serialNumber:e.serialNumber);s.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,2,!1,h))}}else if("cRLDistributionPoints"===e.name){e.value=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[]);s=e.value.value;var f,d=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[]),y=Nr.create(Nr.Class.CONTEXT_SPECIFIC,0,!0,[]);for(c=0;c<e.altNames.length;++c){i=(f=e.altNames[c]).value;if(7===f.type&&f.ip){if(null===(i=Br.util.bytesFromIP(f.ip)))throw(g=new Error('Extension "ip" value is not a valid IPv4 or IPv6 address.')).extension=e,g}else 8===f.type&&(i=f.oid?Nr.oidToDer(Nr.oidToDer(f.oid)):Nr.oidToDer(i));y.value.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,f.type,!1,i))}d.value.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,0,!0,[y])),s.push(d)}var g;if(void 0===e.value)throw(g=new Error("Extension value not specified.")).extension=e,g;return e}function Fr(e,t){if(e===kr["RSASSA-PSS"]){var r=[];return void 0!==t.hash.algorithmOid&&r.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,0,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(t.hash.algorithmOid).getBytes()),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.NULL,!1,"")])])),void 0!==t.mgf.algorithmOid&&r.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,1,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(t.mgf.algorithmOid).getBytes()),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(t.mgf.hash.algorithmOid).getBytes()),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.NULL,!1,"")])])])),void 0!==t.saltLength&&r.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,2,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.INTEGER,!1,Nr.integerToDer(t.saltLength).getBytes())])),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,r)}return Nr.create(Nr.Class.UNIVERSAL,Nr.Type.NULL,!1,"")}function qr(e){var t=Nr.create(Nr.Class.CONTEXT_SPECIFIC,0,!0,[]);if(0===e.attributes.length)return t;for(var r=e.attributes,a=0;a<r.length;++a){var n=r[a],i=n.value,s=Nr.Type.UTF8;"valueTagClass"in n&&(s=n.valueTagClass),s===Nr.Type.UTF8&&(i=Br.util.encodeUtf8(i));var o=!1;"valueConstructed"in n&&(o=n.valueConstructed);var c=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(n.type).getBytes()),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SET,!0,[Nr.create(Nr.Class.UNIVERSAL,s,o,i)])]);t.value.push(c)}return t}wr.certificateFromPem=function(e,t,r){var a=Br.pem.decode(e)[0];if("CERTIFICATE"!==a.type&&"X509 CERTIFICATE"!==a.type&&"TRUSTED CERTIFICATE"!==a.type){var n=new Error('Could not convert certificate from PEM; PEM header type is not "CERTIFICATE", "X509 CERTIFICATE", or "TRUSTED CERTIFICATE".');throw n.headerType=a.type,n}if(a.procType&&"ENCRYPTED"===a.procType.type)throw new Error("Could not convert certificate from PEM; PEM is encrypted.");var i=Nr.fromDer(a.body,r);return wr.certificateFromAsn1(i,t)},wr.certificateToPem=function(e,t){var r={type:"CERTIFICATE",body:Nr.toDer(wr.certificateToAsn1(e)).getBytes()};return Br.pem.encode(r,{maxline:t})},wr.publicKeyFromPem=function(e){var t=Br.pem.decode(e)[0];if("PUBLIC KEY"!==t.type&&"RSA PUBLIC KEY"!==t.type){var r=new Error('Could not convert public key from PEM; PEM header type is not "PUBLIC KEY" or "RSA PUBLIC KEY".');throw r.headerType=t.type,r}if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert public key from PEM; PEM is encrypted.");var a=Nr.fromDer(t.body);return wr.publicKeyFromAsn1(a)},wr.publicKeyToPem=function(e,t){var r={type:"PUBLIC KEY",body:Nr.toDer(wr.publicKeyToAsn1(e)).getBytes()};return Br.pem.encode(r,{maxline:t})},wr.publicKeyToRSAPublicKeyPem=function(e,t){var r={type:"RSA PUBLIC KEY",body:Nr.toDer(wr.publicKeyToRSAPublicKey(e)).getBytes()};return Br.pem.encode(r,{maxline:t})},wr.getPublicKeyFingerprint=function(e,t){var r,a=(t=t\|\|{}).md\|\|Br.md.sha1.create();switch(t.type\|\|"RSAPublicKey"){case"RSAPublicKey":r=Nr.toDer(wr.publicKeyToRSAPublicKey(e)).getBytes();break;case"SubjectPublicKeyInfo":r=Nr.toDer(wr.publicKeyToAsn1(e)).getBytes();break;default:throw new Error('Unknown fingerprint type "'+t.type+'".')}a.start(),a.update(r);var n=a.digest();if("hex"===t.encoding){var i=n.toHex();return t.delimiter?i.match(/.{2}/g).join(t.delimiter):i}if("binary"===t.encoding)return n.getBytes();if(t.encoding)throw new Error('Unknown encoding "'+t.encoding+'".');return n},wr.certificationRequestFromPem=function(e,t,r){var a=Br.pem.decode(e)[0];if("CERTIFICATE REQUEST"!==a.type){var n=new Error('Could not convert certification request from PEM; PEM header type is not "CERTIFICATE REQUEST".');throw n.headerType=a.type,n}if(a.procType&&"ENCRYPTED"===a.procType.type)throw new Error("Could not convert certification request from PEM; PEM is encrypted.");var i=Nr.fromDer(a.body,r);return wr.certificationRequestFromAsn1(i,t)},wr.certificationRequestToPem=function(e,t){var r={type:"CERTIFICATE REQUEST",body:Nr.toDer(wr.certificationRequestToAsn1(e)).getBytes()};return Br.pem.encode(r,{maxline:t})},wr.createCertificate=function(){var e={version:2,serialNumber:"00",signatureOid:null,signature:null,siginfo:{}};return e.siginfo.algorithmOid=null,e.validity={},e.validity.notBefore=new Date,e.validity.notAfter=new Date,e.issuer={},e.issuer.getField=function(t){return Vr(e.issuer,t)},e.issuer.addField=function(t){xr([t]),e.issuer.attributes.push(t)},e.issuer.attributes=[],e.issuer.hash=null,e.subject={},e.subject.getField=function(t){return Vr(e.subject,t)},e.subject.addField=function(t){xr([t]),e.subject.attributes.push(t)},e.subject.attributes=[],e.subject.hash=null,e.extensions=[],e.publicKey=null,e.md=null,e.setSubject=function(t,r){xr(t),e.subject.attributes=t,delete e.subject.uniqueId,r&&(e.subject.uniqueId=r),e.subject.hash=null},e.setIssuer=function(t,r){xr(t),e.issuer.attributes=t,delete e.issuer.uniqueId,r&&(e.issuer.uniqueId=r),e.issuer.hash=null},e.setExtensions=function(t){for(var r=0;r<t.length;++r)Mr(t[r],{cert:e});e.extensions=t},e.getExtension=function(t){"string"==typeof t&&(t={name:t});for(var r,a=null,n=0;null===a&&n<e.extensions.length;++n)r=e.extensions[n],(t.id&&r.id===t.id\|\|t.name&&r.name===t.name)&&(a=r);return a},e.sign=function(t,r){e.md=r\|\|Br.md.sha1.create();var a=kr[e.md.algorithm+"WithRSAEncryption"];if(!a){var n=new Error("Could not compute certificate digest. Unknown message digest algorithm OID.");throw n.algorithm=e.md.algorithm,n}e.signatureOid=e.siginfo.algorithmOid=a,e.tbsCertificate=wr.getTBSCertificate(e);var i=Nr.toDer(e.tbsCertificate);e.md.update(i.getBytes()),e.signature=t.sign(e.md)},e.verify=function(t){var r=!1;if(!e.issued(t)){var a=t.issuer,n=e.subject;throw(p=new Error("The parent certificate did not issue the given child certificate; the child certificate's issuer does not match the parent's subject.")).expectedIssuer=a.attributes,p.actualIssuer=n.attributes,p}var i=t.md;if(null===i){if(t.signatureOid in kr)switch(kr[t.signatureOid]){case"sha1WithRSAEncryption":i=Br.md.sha1.create();break;case"md5WithRSAEncryption":i=Br.md.md5.create();break;case"sha256WithRSAEncryption":case"RSASSA-PSS":i=Br.md.sha256.create();break;case"sha384WithRSAEncryption":i=Br.md.sha384.create();break;case"sha512WithRSAEncryption":i=Br.md.sha512.create()}if(null===i)throw(p=new Error("Could not compute certificate digest. Unknown signature OID.")).signatureOid=t.signatureOid,p;var s=t.tbsCertificate\|\|wr.getTBSCertificate(t),o=Nr.toDer(s);i.update(o.getBytes())}if(null!==i){var c;switch(t.signatureOid){case kr.sha1WithRSAEncryption:c=void 0;break;case kr["RSASSA-PSS"]:var u,l,p;if(void 0===(u=kr[t.signatureParameters.mgf.hash.algorithmOid])\|\|void 0===Br.md[u])throw(p=new Error("Unsupported MGF hash function.")).oid=t.signatureParameters.mgf.hash.algorithmOid,p.name=u,p;if(void 0===(l=kr[t.signatureParameters.mgf.algorithmOid])\|\|void 0===Br.mgf[l])throw(p=new Error("Unsupported MGF function.")).oid=t.signatureParameters.mgf.algorithmOid,p.name=l,p;if(l=Br.mgf[l].create(Br.md[u].create()),void 0===(u=kr[t.signatureParameters.hash.algorithmOid])\|\|void 0===Br.md[u])throw{message:"Unsupported RSASSA-PSS hash function.",oid:t.signatureParameters.hash.algorithmOid,name:u};c=Br.pss.create(Br.md[u].create(),l,t.signatureParameters.saltLength)}r=e.publicKey.verify(i.digest().getBytes(),t.signature,c)}return r},e.isIssuer=function(t){var r=!1,a=e.issuer,n=t.subject;if(a.hash&&n.hash)r=a.hash===n.hash;else if(a.attributes.length===n.attributes.length){var i,s;r=!0;for(var o=0;r&&o<a.attributes.length;++o)i=a.attributes[o],s=n.attributes[o],i.type===s.type&&i.value===s.value\|\|(r=!1)}return r},e.issued=function(t){return t.isIssuer(e)},e.generateSubjectKeyIdentifier=function(){return wr.getPublicKeyFingerprint(e.publicKey,{type:"RSAPublicKey"})},e.verifySubjectKeyIdentifier=function(){for(var t=kr.subjectKeyIdentifier,r=0;r<e.extensions.length;++r){var a=e.extensions[r];if(a.id===t){var n=e.generateSubjectKeyIdentifier().getBytes();return Br.util.hexToBytes(a.subjectKeyIdentifier)===n}}return!1},e},wr.certificateFromAsn1=function(e,t){var r={},a=[];if(!Nr.validate(e,Lr,r,a))throw(o=new Error("Cannot read X.509 certificate. ASN.1 object is not an X509v3 Certificate.")).errors=a,o;if(Nr.derToOid(r.publicKeyOid)!==wr.oids.rsaEncryption)throw new Error("Cannot read public key. OID is not RSA.");var n=wr.createCertificate();n.version=r.certVersion?r.certVersion.charCodeAt(0):0;var i=Br.util.createBuffer(r.certSerialNumber);n.serialNumber=i.toHex(),n.signatureOid=Br.asn1.derToOid(r.certSignatureOid),n.signatureParameters=Or(n.signatureOid,r.certSignatureParams,!0),n.siginfo.algorithmOid=Br.asn1.derToOid(r.certinfoSignatureOid),n.siginfo.parameters=Or(n.siginfo.algorithmOid,r.certinfoSignatureParams,!1),n.signature=r.certSignature;var s=[];if(void 0!==r.certValidity1UTCTime&&s.push(Nr.utcTimeToDate(r.certValidity1UTCTime)),void 0!==r.certValidity2GeneralizedTime&&s.push(Nr.generalizedTimeToDate(r.certValidity2GeneralizedTime)),void 0!==r.certValidity3UTCTime&&s.push(Nr.utcTimeToDate(r.certValidity3UTCTime)),void 0!==r.certValidity4GeneralizedTime&&s.push(Nr.generalizedTimeToDate(r.certValidity4GeneralizedTime)),s.length>2)throw new Error("Cannot read notBefore/notAfter validity times; more than two times were provided in the certificate.");if(s.length<2)throw new Error("Cannot read notBefore/notAfter validity times; they were not provided as either UTCTime or GeneralizedTime.");if(n.validity.notBefore=s[0],n.validity.notAfter=s[1],n.tbsCertificate=r.tbsCertificate,t){var o;if(n.md=null,n.signatureOid in kr)switch(kr[n.signatureOid]){case"sha1WithRSAEncryption":n.md=Br.md.sha1.create();break;case"md5WithRSAEncryption":n.md=Br.md.md5.create();break;case"sha256WithRSAEncryption":case"RSASSA-PSS":n.md=Br.md.sha256.create();break;case"sha384WithRSAEncryption":n.md=Br.md.sha384.create();break;case"sha512WithRSAEncryption":n.md=Br.md.sha512.create()}if(null===n.md)throw(o=new Error("Could not compute certificate digest. Unknown signature OID.")).signatureOid=n.signatureOid,o;var c=Nr.toDer(n.tbsCertificate);n.md.update(c.getBytes())}var u=Br.md.sha1.create();n.issuer.getField=function(e){return Vr(n.issuer,e)},n.issuer.addField=function(e){xr([e]),n.issuer.attributes.push(e)},n.issuer.attributes=wr.RDNAttributesAsArray(r.certIssuer,u),r.certIssuerUniqueId&&(n.issuer.uniqueId=r.certIssuerUniqueId),n.issuer.hash=u.digest().toHex();var l=Br.md.sha1.create();return n.subject.getField=function(e){return Vr(n.subject,e)},n.subject.addField=function(e){xr([e]),n.subject.attributes.push(e)},n.subject.attributes=wr.RDNAttributesAsArray(r.certSubject,l),r.certSubjectUniqueId&&(n.subject.uniqueId=r.certSubjectUniqueId),n.subject.hash=l.digest().toHex(),r.certExtensions?n.extensions=wr.certificateExtensionsFromAsn1(r.certExtensions):n.extensions=[],n.publicKey=wr.publicKeyFromAsn1(r.subjectPublicKeyInfo),n},wr.certificateExtensionsFromAsn1=function(e){for(var t=[],r=0;r<e.value.length;++r)for(var a=e.value[r],n=0;n<a.value.length;++n)t.push(wr.certificateExtensionFromAsn1(a.value[n]));return t},wr.certificateExtensionFromAsn1=function(e){var t={};if(t.id=Nr.derToOid(e.value[0].value),t.critical=!1,e.value[1].type===Nr.Type.BOOLEAN?(t.critical=0!==e.value[1].value.charCodeAt(0),t.value=e.value[2].value):t.value=e.value[1].value,t.id in kr)if(t.name=kr[t.id],"keyUsage"===t.name){var r=0,a=0;(i=Nr.fromDer(t.value)).value.length>1&&(r=i.value.charCodeAt(1),a=i.value.length>2?i.value.charCodeAt(2):0),t.digitalSignature=128==(128&r),t.nonRepudiation=64==(64&r),t.keyEncipherment=32==(32&r),t.dataEncipherment=16==(16&r),t.keyAgreement=8==(8&r),t.keyCertSign=4==(4&r),t.cRLSign=2==(2&r),t.encipherOnly=1==(1&r),t.decipherOnly=128==(128&a)}else if("basicConstraints"===t.name){(i=Nr.fromDer(t.value)).value.length>0&&i.value[0].type===Nr.Type.BOOLEAN?t.cA=0!==i.value[0].value.charCodeAt(0):t.cA=!1;var n=null;i.value.length>0&&i.value[0].type===Nr.Type.INTEGER?n=i.value[0].value:i.value.length>1&&(n=i.value[1].value),null!==n&&(t.pathLenConstraint=Nr.derToInteger(n))}else if("extKeyUsage"===t.name)for(var i=Nr.fromDer(t.value),s=0;s<i.value.length;++s){var o=Nr.derToOid(i.value[s].value);o in kr?t[kr[o]]=!0:t[o]=!0}else if("nsCertType"===t.name){r=0;(i=Nr.fromDer(t.value)).value.length>1&&(r=i.value.charCodeAt(1)),t.client=128==(128&r),t.server=64==(64&r),t.email=32==(32&r),t.objsign=16==(16&r),t.reserved=8==(8&r),t.sslCA=4==(4&r),t.emailCA=2==(2&r),t.objCA=1==(1&r)}else if("subjectAltName"===t.name\|\|"issuerAltName"===t.name){var c;t.altNames=[];i=Nr.fromDer(t.value);for(var u=0;u<i.value.length;++u){var l={type:(c=i.value[u]).type,value:c.value};switch(t.altNames.push(l),c.type){case 1:case 2:case 6:break;case 7:l.ip=Br.util.bytesToIP(c.value);break;case 8:l.oid=Nr.derToOid(c.value)}}}else if("subjectKeyIdentifier"===t.name){i=Nr.fromDer(t.value);t.subjectKeyIdentifier=Br.util.bytesToHex(i.value)}return t},wr.certificationRequestFromAsn1=function(e,t){var r={},a=[];if(!Nr.validate(e,Pr,r,a))throw(i=new Error("Cannot read PKCS#10 certificate request. ASN.1 object is not a PKCS#10 CertificationRequest.")).errors=a,i;if(Nr.derToOid(r.publicKeyOid)!==wr.oids.rsaEncryption)throw new Error("Cannot read public key. OID is not RSA.");var n=wr.createCertificationRequest();if(n.version=r.csrVersion?r.csrVersion.charCodeAt(0):0,n.signatureOid=Br.asn1.derToOid(r.csrSignatureOid),n.signatureParameters=Or(n.signatureOid,r.csrSignatureParams,!0),n.siginfo.algorithmOid=Br.asn1.derToOid(r.csrSignatureOid),n.siginfo.parameters=Or(n.siginfo.algorithmOid,r.csrSignatureParams,!1),n.signature=r.csrSignature,n.certificationRequestInfo=r.certificationRequestInfo,t){var i;if(n.md=null,n.signatureOid in kr)switch(kr[n.signatureOid]){case"sha1WithRSAEncryption":n.md=Br.md.sha1.create();break;case"md5WithRSAEncryption":n.md=Br.md.md5.create();break;case"sha256WithRSAEncryption":case"RSASSA-PSS":n.md=Br.md.sha256.create();break;case"sha384WithRSAEncryption":n.md=Br.md.sha384.create();break;case"sha512WithRSAEncryption":n.md=Br.md.sha512.create()}if(null===n.md)throw(i=new Error("Could not compute certification request digest. Unknown signature OID.")).signatureOid=n.signatureOid,i;var s=Nr.toDer(n.certificationRequestInfo);n.md.update(s.getBytes())}var o=Br.md.sha1.create();return n.subject.getField=function(e){return Vr(n.subject,e)},n.subject.addField=function(e){xr([e]),n.subject.attributes.push(e)},n.subject.attributes=wr.RDNAttributesAsArray(r.certificationRequestInfoSubject,o),n.subject.hash=o.digest().toHex(),n.publicKey=wr.publicKeyFromAsn1(r.subjectPublicKeyInfo),n.getAttribute=function(e){return Vr(n,e)},n.addAttribute=function(e){xr([e]),n.attributes.push(e)},n.attributes=wr.CRIAttributesAsArray(r.certificationRequestInfoAttributes\|\|[]),n},wr.createCertificationRequest=function(){var e={version:0,signatureOid:null,signature:null,siginfo:{}};return e.siginfo.algorithmOid=null,e.subject={},e.subject.getField=function(t){return Vr(e.subject,t)},e.subject.addField=function(t){xr([t]),e.subject.attributes.push(t)},e.subject.attributes=[],e.subject.hash=null,e.publicKey=null,e.attributes=[],e.getAttribute=function(t){return Vr(e,t)},e.addAttribute=function(t){xr([t]),e.attributes.push(t)},e.md=null,e.setSubject=function(t){xr(t),e.subject.attributes=t,e.subject.hash=null},e.setAttributes=function(t){xr(t),e.attributes=t},e.sign=function(t,r){e.md=r\|\|Br.md.sha1.create();var a=kr[e.md.algorithm+"WithRSAEncryption"];if(!a){var n=new Error("Could not compute certification request digest. Unknown message digest algorithm OID.");throw n.algorithm=e.md.algorithm,n}e.signatureOid=e.siginfo.algorithmOid=a,e.certificationRequestInfo=wr.getCertificationRequestInfo(e);var i=Nr.toDer(e.certificationRequestInfo);e.md.update(i.getBytes()),e.signature=t.sign(e.md)},e.verify=function(){var t=!1,r=e.md;if(null===r){if(e.signatureOid in kr)switch(kr[e.signatureOid]){case"sha1WithRSAEncryption":r=Br.md.sha1.create();break;case"md5WithRSAEncryption":r=Br.md.md5.create();break;case"sha256WithRSAEncryption":case"RSASSA-PSS":r=Br.md.sha256.create();break;case"sha384WithRSAEncryption":r=Br.md.sha384.create();break;case"sha512WithRSAEncryption":r=Br.md.sha512.create()}if(null===r)throw(c=new Error("Could not compute certification request digest. Unknown signature OID.")).signatureOid=e.signatureOid,c;var a=e.certificationRequestInfo\|\|wr.getCertificationRequestInfo(e),n=Nr.toDer(a);r.update(n.getBytes())}if(null!==r){var i;switch(e.signatureOid){case kr.sha1WithRSAEncryption:break;case kr["RSASSA-PSS"]:var s,o,c;if(void 0===(s=kr[e.signatureParameters.mgf.hash.algorithmOid])\|\|void 0===Br.md[s])throw(c=new Error("Unsupported MGF hash function.")).oid=e.signatureParameters.mgf.hash.algorithmOid,c.name=s,c;if(void 0===(o=kr[e.signatureParameters.mgf.algorithmOid])\|\|void 0===Br.mgf[o])throw(c=new Error("Unsupported MGF function.")).oid=e.signatureParameters.mgf.algorithmOid,c.name=o,c;if(o=Br.mgf[o].create(Br.md[s].create()),void 0===(s=kr[e.signatureParameters.hash.algorithmOid])\|\|void 0===Br.md[s])throw(c=new Error("Unsupported RSASSA-PSS hash function.")).oid=e.signatureParameters.hash.algorithmOid,c.name=s,c;i=Br.pss.create(Br.md[s].create(),o,e.signatureParameters.saltLength)}t=e.publicKey.verify(r.digest().getBytes(),e.signature,i)}return t},e};var jr=new Date("1950-01-01T00:00:00Z"),Gr=new Date("2050-01-01T00:00:00Z");function Hr(e){return e>=jr&&e<Gr?Nr.create(Nr.Class.UNIVERSAL,Nr.Type.UTCTIME,!1,Nr.dateToUtcTime(e)):Nr.create(Nr.Class.UNIVERSAL,Nr.Type.GENERALIZEDTIME,!1,Nr.dateToGeneralizedTime(e))}wr.getTBSCertificate=function(e){var t=Hr(e.validity.notBefore),r=Hr(e.validity.notAfter),a=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.CONTEXT_SPECIFIC,0,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.INTEGER,!1,Nr.integerToDer(e.version).getBytes())]),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.INTEGER,!1,Br.util.hexToBytes(e.serialNumber)),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(e.siginfo.algorithmOid).getBytes()),Fr(e.siginfo.algorithmOid,e.siginfo.parameters)]),Kr(e.issuer),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[t,r]),Kr(e.subject),wr.publicKeyToAsn1(e.publicKey)]);return e.issuer.uniqueId&&a.value.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,1,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.BITSTRING,!1,String.fromCharCode(0)+e.issuer.uniqueId)])),e.subject.uniqueId&&a.value.push(Nr.create(Nr.Class.CONTEXT_SPECIFIC,2,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.BITSTRING,!1,String.fromCharCode(0)+e.subject.uniqueId)])),e.extensions.length>0&&a.value.push(wr.certificateExtensionsToAsn1(e.extensions)),a},wr.getCertificationRequestInfo=function(e){return Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.INTEGER,!1,Nr.integerToDer(e.version).getBytes()),Kr(e.subject),wr.publicKeyToAsn1(e.publicKey),qr(e)])},wr.distinguishedNameToAsn1=function(e){return Kr(e)},wr.certificateToAsn1=function(e){var t=e.tbsCertificate\|\|wr.getTBSCertificate(e);return Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[t,Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(e.signatureOid).getBytes()),Fr(e.signatureOid,e.signatureParameters)]),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.BITSTRING,!1,String.fromCharCode(0)+e.signature)])},wr.certificateExtensionsToAsn1=function(e){var t=Nr.create(Nr.Class.CONTEXT_SPECIFIC,3,!0,[]),r=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[]);t.value.push(r);for(var a=0;a<e.length;++a)r.value.push(wr.certificateExtensionToAsn1(e[a]));return t},wr.certificateExtensionToAsn1=function(e){var t=Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[]);t.value.push(Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(e.id).getBytes())),e.critical&&t.value.push(Nr.create(Nr.Class.UNIVERSAL,Nr.Type.BOOLEAN,!1,String.fromCharCode(255)));var r=e.value;return"string"!=typeof e.value&&(r=Nr.toDer(r).getBytes()),t.value.push(Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OCTETSTRING,!1,r)),t},wr.certificationRequestToAsn1=function(e){var t=e.certificationRequestInfo\|\|wr.getCertificationRequestInfo(e);return Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[t,Nr.create(Nr.Class.UNIVERSAL,Nr.Type.SEQUENCE,!0,[Nr.create(Nr.Class.UNIVERSAL,Nr.Type.OID,!1,Nr.oidToDer(e.signatureOid).getBytes()),Fr(e.signatureOid,e.signatureParameters)]),Nr.create(Nr.Class.UNIVERSAL,Nr.Type.BITSTRING,!1,String.fromCharCode(0)+e.signature)])},wr.createCaStore=function(e){var t={certs:{}};function r(e){return a(e),t.certs[e.hash]\|\|null}function a(e){if(!e.hash){var t=Br.md.sha1.create();e.attributes=wr.RDNAttributesAsArray(Kr(e),t),e.hash=t.digest().toHex()}}if(t.getIssuer=function(e){return r(e.issuer)},t.addCertificate=function(e){if("string"==typeof e&&(e=Br.pki.certificateFromPem(e)),a(e.subject),!t.hasCertificate(e))if(e.subject.hash in t.certs){var r=t.certs[e.subject.hash];Br.util.isArray(r)\|\|(r=[r]),r.push(e),t.certs[e.subject.hash]=r}else t.certs[e.subject.hash]=e},t.hasCertificate=function(e){"string"==typeof e&&(e=Br.pki.certificateFromPem(e));var t=r(e.subject);if(!t)return!1;Br.util.isArray(t)\|\|(t=[t]);for(var a=Nr.toDer(wr.certificateToAsn1(e)).getBytes(),n=0;n<t.length;++n){if(a===Nr.toDer(wr.certificateToAsn1(t[n])).getBytes())return!0}return!1},t.listAllCertificates=function(){var e=[];for(var r in t.certs)if(t.certs.hasOwnProperty(r)){var a=t.certs[r];if(Br.util.isArray(a))for(var n=0;n<a.length;++n)e.push(a[n]);else e.push(a)}return e},t.removeCertificate=function(e){var n;if("string"==typeof e&&(e=Br.pki.certificateFromPem(e)),a(e.subject),!t.hasCertificate(e))return null;var i=r(e.subject);if(!Br.util.isArray(i))return n=t.certs[e.subject.hash],delete t.certs[e.subject.hash],n;for(var s=Nr.toDer(wr.certificateToAsn1(e)).getBytes(),o=0;o<i.length;++o){s===Nr.toDer(wr.certificateToAsn1(i[o])).getBytes()&&(n=i[o],i.splice(o,1))}return 0===i.length&&delete t.certs[e.subject.hash],n},e)for(var n=0;n<e.length;++n){var i=e[n];t.addCertificate(i)}return t},wr.certificateError={bad_certificate:"forge.pki.BadCertificate",unsupported_certificate:"forge.pki.UnsupportedCertificate",certificate_revoked:"forge.pki.CertificateRevoked",certificate_expired:"forge.pki.CertificateExpired",certificate_unknown:"forge.pki.CertificateUnknown",unknown_ca:"forge.pki.UnknownCertificateAuthority"},wr.verifyCertificateChain=function(e,t,r){"function"==typeof r&&(r={verify:r}),r=r\|\|{};var a=(t=t.slice(0)).slice(0),n=r.validityCheckDate;void 0===n&&(n=new Date);var i=!0,s=null,o=0;do{var c=t.shift(),u=null,l=!1;if(n&&(n<c.validity.notBefore\|\|n>c.validity.notAfter)&&(s={message:"Certificate is not valid yet or has expired.",error:wr.certificateError.certificate_expired,notBefore:c.validity.notBefore,notAfter:c.validity.notAfter,now:n}),null===s){if(null===(u=t[0]\|\|e.getIssuer(c))&&c.isIssuer(c)&&(l=!0,u=c),u){var p=u;Br.util.isArray(p)\|\|(p=[p]);for(var h=!1;!h&&p.length>0;){u=p.shift();try{h=u.verify(c)}catch(e){}}h\|\|(s={message:"Certificate signature is invalid.",error:wr.certificateError.bad_certificate})}null!==s\|\|u&&!l\|\|e.hasCertificate(c)\|\|(s={message:"Certificate is not trusted.",error:wr.certificateError.unknown_ca})}if(null===s&&u&&!c.isIssuer(u)&&(s={message:"Certificate issuer is invalid.",error:wr.certificateError.bad_certificate}),null===s)for(var f={keyUsage:!0,basicConstraints:!0},d=0;null===s&&d<c.extensions.length;++d){var y=c.extensions[d];y.critical&&!(y.name in f)&&(s={message:"Certificate has an unsupported critical extension.",error:wr.certificateError.unsupported_certificate})}if(null===s&&(!i\|\|0===t.length&&(!u\|\|l))){var g=c.getExtension("basicConstraints"),m=c.getExtension("keyUsage");if(null!==m&&(m.keyCertSign&&null!==g\|\|(s={message:"Certificate keyUsage or basicConstraints conflict or indicate that the certificate is not a CA. If the certificate is the only one in the chain or isn't the first then the certificate must be a valid CA.",error:wr.certificateError.bad_certificate})),null!==s\|\|null===g\|\|g.cA\|\|(s={message:"Certificate basicConstraints indicates the certificate is not a CA.",error:wr.certificateError.bad_certificate}),null===s&&null!==m&&"pathLenConstraint"in g)o-1>g.pathLenConstraint&&(s={message:"Certificate basicConstraints pathLenConstraint violated.",error:wr.certificateError.bad_certificate})}var v=null===s\|\|s.error,C=r.verify?r.verify(v,o,a):v;if(!0!==C)throw!0===v&&(s={message:"The application rejected the certificate.",error:wr.certificateError.bad_certificate}),(C\|\|0===C)&&("object"!=typeof C\|\|Br.util.isArray(C)?"string"==typeof C&&(s.error=C):(C.message&&(s.message=C.message),C.error&&(s.error=C.error))),s;s=null,i=!1,++o}while(t.length>0);return!0};var Qr=v,zr=Qr.asn1,Wr=Qr.pki,Yr=Qr.pkcs12=Qr.pkcs12\|\|{},Xr={name:"ContentInfo",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SEQUENCE,constructed:!0,value:[{name:"ContentInfo.contentType",tagClass:zr.Class.UNIVERSAL,type:zr.Type.OID,constructed:!1,capture:"contentType"},{name:"ContentInfo.content",tagClass:zr.Class.CONTEXT_SPECIFIC,constructed:!0,captureAsn1:"content"}]},Zr={name:"PFX",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.version",tagClass:zr.Class.UNIVERSAL,type:zr.Type.INTEGER,constructed:!1,capture:"version"},Xr,{name:"PFX.macData",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SEQUENCE,constructed:!0,optional:!0,captureAsn1:"mac",value:[{name:"PFX.macData.mac",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.macData.mac.digestAlgorithm",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.macData.mac.digestAlgorithm.algorithm",tagClass:zr.Class.UNIVERSAL,type:zr.Type.OID,constructed:!1,capture:"macAlgorithm"},{name:"PFX.macData.mac.digestAlgorithm.parameters",tagClass:zr.Class.UNIVERSAL,captureAsn1:"macAlgorithmParameters"}]},{name:"PFX.macData.mac.digest",tagClass:zr.Class.UNIVERSAL,type:zr.Type.OCTETSTRING,constructed:!1,capture:"macDigest"}]},{name:"PFX.macData.macSalt",tagClass:zr.Class.UNIVERSAL,type:zr.Type.OCTETSTRING,constructed:!1,capture:"macSalt"},{name:"PFX.macData.iterations",tagClass:zr.Class.UNIVERSAL,type:zr.Type.INTEGER,constructed:!1,optional:!0,capture:"macIterations"}]}]},$r={name:"SafeBag",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SEQUENCE,constructed:!0,value:[{name:"SafeBag.bagId",tagClass:zr.Class.UNIVERSAL,type:zr.Type.OID,constructed:!1,capture:"bagId"},{name:"SafeBag.bagValue",tagClass:zr.Class.CONTEXT_SPECIFIC,constructed:!0,captureAsn1:"bagValue"},{name:"SafeBag.bagAttributes",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SET,constructed:!0,optional:!0,capture:"bagAttributes"}]},Jr={name:"Attribute",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SEQUENCE,constructed:!0,value:[{name:"Attribute.attrId",tagClass:zr.Class.UNIVERSAL,type:zr.Type.OID,constructed:!1,capture:"oid"},{name:"Attribute.attrValues",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SET,constructed:!0,capture:"values"}]},ea={name:"CertBag",tagClass:zr.Class.UNIVERSAL,type:zr.Type.SEQUENCE,constructed:!0,value:[{name:"CertBag.certId",tagClass:zr.Class.UNIVERSAL,type:zr.Type.OID,constructed:!1,capture:"certId"},{name:"CertBag.certValue",tagClass:zr.Class.CONTEXT_SPECIFIC,constructed:!0,value:[{name:"CertBag.certValue[0]",tagClass:zr.Class.UNIVERSAL,type:zr.Class.OCTETSTRING,constructed:!1,capture:"cert"}]}]};function ta(e,t,r,a){for(var n=[],i=0;i<e.length;i++)for(var s=0;s<e[i].safeBags.length;s++){var o=e[i].safeBags[s];void 0!==a&&o.type!==a\|\|(null!==t?void 0!==o.attributes[t]&&o.attributes[t].indexOf(r)>=0&&n.push(o):n.push(o))}return n}function ra(e){if(e.composed\|\|e.constructed){for(var t=Qr.util.createBuffer(),r=0;r<e.value.length;++r)t.putBytes(e.value[r].value);e.composed=e.constructed=!1,e.value=t.getBytes()}return e}function aa(e,t){var r={},a=[];if(!zr.validate(e,Qr.pkcs7.asn1.encryptedDataValidator,r,a))throw(n=new Error("Cannot read EncryptedContentInfo.")).errors=a,n;var n,i=zr.derToOid(r.contentType);if(i!==Wr.oids.data)throw(n=new Error("PKCS#12 EncryptedContentInfo ContentType is not Data.")).oid=i,n;i=zr.derToOid(r.encAlgorithm);var s=Wr.pbe.getCipher(i,r.encParameter,t),o=ra(r.encryptedContentAsn1),c=Qr.util.createBuffer(o.value);if(s.update(c),!s.finish())throw new Error("Failed to decrypt PKCS#12 SafeContents.");return s.output.getBytes()}function na(e,t,r){if(!t&&0===e.length)return[];if((e=zr.fromDer(e,t)).tagClass!==zr.Class.UNIVERSAL\|\|e.type!==zr.Type.SEQUENCE\|\|!0!==e.constructed)throw new Error("PKCS#12 SafeContents expected to be a SEQUENCE OF SafeBag.");for(var a=[],n=0;n<e.value.length;n++){var i=e.value[n],s={},o=[];if(!zr.validate(i,$r,s,o))throw(h=new Error("Cannot read SafeBag.")).errors=o,h;var c,u,l={type:zr.derToOid(s.bagId),attributes:ia(s.bagAttributes)};a.push(l);var p=s.bagValue.value[0];switch(l.type){case Wr.oids.pkcs8ShroudedKeyBag:if(null===(p=Wr.decryptPrivateKeyInfo(p,r)))throw new Error("Unable to decrypt PKCS#8 ShroudedKeyBag, wrong password?");case Wr.oids.keyBag:try{l.key=Wr.privateKeyFromAsn1(p)}catch(e){l.key=null,l.asn1=p}continue;case Wr.oids.certBag:c=ea,u=function(){if(zr.derToOid(s.certId)!==Wr.oids.x509Certificate){var e=new Error("Unsupported certificate type, only X.509 supported.");throw e.oid=zr.derToOid(s.certId),e}var r=zr.fromDer(s.cert,t);try{l.cert=Wr.certificateFromAsn1(r,!0)}catch(e){l.cert=null,l.asn1=r}};break;default:var h;throw(h=new Error("Unsupported PKCS#12 SafeBag type.")).oid=l.type,h}if(void 0!==c&&!zr.validate(p,c,s,o))throw(h=new Error("Cannot read PKCS#12 "+c.name)).errors=o,h;u()}return a}function ia(e){var t={};if(void 0!==e)for(var r=0;r<e.length;++r){var a={},n=[];if(!zr.validate(e[r],Jr,a,n)){var i=new Error("Cannot read PKCS#12 BagAttribute.");throw i.errors=n,i}var s=zr.derToOid(a.oid);if(void 0!==Wr.oids[s]){t[Wr.oids[s]]=[];for(var o=0;o<a.values.length;++o)t[Wr.oids[s]].push(a.values[o].value)}}return t}Yr.pkcs12FromAsn1=function(e,t,r){"string"==typeof t?(r=t,t=!0):void 0===t&&(t=!0);var a={};if(!zr.validate(e,Zr,a,[]))throw(n=new Error("Cannot read PKCS#12 PFX. ASN.1 object is not an PKCS#12 PFX.")).errors=n,n;var n,i={version:a.version.charCodeAt(0),safeContents:[],getBags:function(e){var t,r={};return"localKeyId"in e?t=e.localKeyId:"localKeyIdHex"in e&&(t=Qr.util.hexToBytes(e.localKeyIdHex)),void 0===t&&!("friendlyName"in e)&&"bagType"in e&&(r[e.bagType]=ta(i.safeContents,null,null,e.bagType)),void 0!==t&&(r.localKeyId=ta(i.safeContents,"localKeyId",t,e.bagType)),"friendlyName"in e&&(r.friendlyName=ta(i.safeContents,"friendlyName",e.friendlyName,e.bagType)),r},getBagsByFriendlyName:function(e,t){return ta(i.safeContents,"friendlyName",e,t)},getBagsByLocalKeyId:function(e,t){return ta(i.safeContents,"localKeyId",e,t)}};if(3!==a.version.charCodeAt(0))throw(n=new Error("PKCS#12 PFX of version other than 3 not supported.")).version=a.version.charCodeAt(0),n;if(zr.derToOid(a.contentType)!==Wr.oids.data)throw(n=new Error("Only PKCS#12 PFX in password integrity mode supported.")).oid=zr.derToOid(a.contentType),n;var s=a.content.value[0];if(s.tagClass!==zr.Class.UNIVERSAL\|\|s.type!==zr.Type.OCTETSTRING)throw new Error("PKCS#12 authSafe content data is not an OCTET STRING.");if(s=ra(s),a.mac){var o=null,c=0,u=zr.derToOid(a.macAlgorithm);switch(u){case Wr.oids.sha1:o=Qr.md.sha1.create(),c=20;break;case Wr.oids.sha256:o=Qr.md.sha256.create(),c=32;break;case Wr.oids.sha384:o=Qr.md.sha384.create(),c=48;break;case Wr.oids.sha512:o=Qr.md.sha512.create(),c=64;break;case Wr.oids.md5:o=Qr.md.md5.create(),c=16}if(null===o)throw new Error("PKCS#12 uses unsupported MAC algorithm: "+u);var l=new Qr.util.ByteBuffer(a.macSalt),p="macIterations"in a?parseInt(Qr.util.bytesToHex(a.macIterations),16):1,h=Yr.generateKey(r,l,3,p,c,o),f=Qr.hmac.create();if(f.start(o,h),f.update(s.value),f.getMac().getBytes()!==a.macDigest)throw new Error("PKCS#12 MAC could not be verified. Invalid password?")}return function(e,t,r,a){if(t=zr.fromDer(t,r),t.tagClass!==zr.Class.UNIVERSAL\|\|t.type!==zr.Type.SEQUENCE\|\|!0!==t.constructed)throw new Error("PKCS#12 AuthenticatedSafe expected to be a SEQUENCE OF ContentInfo");for(var n=0;n<t.value.length;n++){var i=t.value[n],s={},o=[];if(!zr.validate(i,Xr,s,o))throw(p=new Error("Cannot read ContentInfo.")).errors=o,p;var c={encrypted:!1},u=null,l=s.content.value[0];switch(zr.derToOid(s.contentType)){case Wr.oids.data:if(l.tagClass!==zr.Class.UNIVERSAL\|\|l.type!==zr.Type.OCTETSTRING)throw new Error("PKCS#12 SafeContents Data is not an OCTET STRING.");u=ra(l).value;break;case Wr.oids.encryptedData:u=aa(l,a),c.encrypted=!0;break;default:var p;throw(p=new Error("Unsupported PKCS#12 contentType.")).contentType=zr.derToOid(s.contentType),p}c.safeBags=na(u,r,a),e.safeContents.push(c)}}(i,s.value,t,r),i},Yr.toPkcs12Asn1=function(e,t,r,a){(a=a\|\|{}).saltSize=a.saltSize\|\|8,a.count=a.count\|\|2048,a.algorithm=a.algorithm\|\|a.encAlgorithm\|\|"aes128","useMac"in a\|\|(a.useMac=!0),"localKeyId"in a\|\|(a.localKeyId=null),"generateLocalKeyId"in a\|\|(a.generateLocalKeyId=!0);var n,i=a.localKeyId;if(null!==i)i=Qr.util.hexToBytes(i);else if(a.generateLocalKeyId)if(t){var s=Qr.util.isArray(t)?t[0]:t;"string"==typeof s&&(s=Wr.certificateFromPem(s)),(I=Qr.md.sha1.create()).update(zr.toDer(Wr.certificateToAsn1(s)).getBytes()),i=I.digest().getBytes()}else i=Qr.random.getBytes(20);var o=[];null!==i&&o.push(zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.localKeyId).getBytes()),zr.create(zr.Class.UNIVERSAL,zr.Type.SET,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OCTETSTRING,!1,i)])])),"friendlyName"in a&&o.push(zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.friendlyName).getBytes()),zr.create(zr.Class.UNIVERSAL,zr.Type.SET,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.BMPSTRING,!1,a.friendlyName)])])),o.length>0&&(n=zr.create(zr.Class.UNIVERSAL,zr.Type.SET,!0,o));var c=[],u=[];null!==t&&(u=Qr.util.isArray(t)?t:[t]);for(var l=[],p=0;p<u.length;++p){"string"==typeof(t=u[p])&&(t=Wr.certificateFromPem(t));var h=0===p?n:void 0,f=Wr.certificateToAsn1(t),d=zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.certBag).getBytes()),zr.create(zr.Class.CONTEXT_SPECIFIC,0,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.x509Certificate).getBytes()),zr.create(zr.Class.CONTEXT_SPECIFIC,0,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OCTETSTRING,!1,zr.toDer(f).getBytes())])])]),h]);l.push(d)}if(l.length>0){var y=zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,l),g=zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.data).getBytes()),zr.create(zr.Class.CONTEXT_SPECIFIC,0,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OCTETSTRING,!1,zr.toDer(y).getBytes())])]);c.push(g)}var m=null;if(null!==e){var v=Wr.wrapRsaPrivateKey(Wr.privateKeyToAsn1(e));m=null===r?zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.keyBag).getBytes()),zr.create(zr.Class.CONTEXT_SPECIFIC,0,!0,[v]),n]):zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.pkcs8ShroudedKeyBag).getBytes()),zr.create(zr.Class.CONTEXT_SPECIFIC,0,!0,[Wr.encryptPrivateKeyInfo(v,r,a)]),n]);var C=zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[m]),E=zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.data).getBytes()),zr.create(zr.Class.CONTEXT_SPECIFIC,0,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OCTETSTRING,!1,zr.toDer(C).getBytes())])]);c.push(E)}var S,T=zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,c);if(a.useMac){var I=Qr.md.sha1.create(),A=new Qr.util.ByteBuffer(Qr.random.getBytes(a.saltSize)),b=a.count,B=(e=Yr.generateKey(r,A,3,b,20),Qr.hmac.create());B.start(I,e),B.update(zr.toDer(T).getBytes());var N=B.getMac();S=zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.sha1).getBytes()),zr.create(zr.Class.UNIVERSAL,zr.Type.NULL,!1,"")]),zr.create(zr.Class.UNIVERSAL,zr.Type.OCTETSTRING,!1,N.getBytes())]),zr.create(zr.Class.UNIVERSAL,zr.Type.OCTETSTRING,!1,A.getBytes()),zr.create(zr.Class.UNIVERSAL,zr.Type.INTEGER,!1,zr.integerToDer(b).getBytes())])}return zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.INTEGER,!1,zr.integerToDer(3).getBytes()),zr.create(zr.Class.UNIVERSAL,zr.Type.SEQUENCE,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OID,!1,zr.oidToDer(Wr.oids.data).getBytes()),zr.create(zr.Class.CONTEXT_SPECIFIC,0,!0,[zr.create(zr.Class.UNIVERSAL,zr.Type.OCTETSTRING,!1,zr.toDer(T).getBytes())])]),S])},Yr.generateKey=Qr.pbe.generatePkcs12Key;var sa=v,oa=sa.asn1,ca=sa.pki=sa.pki\|\|{};ca.pemToDer=function(e){var t=sa.pem.decode(e)[0];if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert PEM to DER; PEM is encrypted.");return sa.util.createBuffer(t.body)},ca.privateKeyFromPem=function(e){var t=sa.pem.decode(e)[0];if("PRIVATE KEY"!==t.type&&"RSA PRIVATE KEY"!==t.type){var r=new Error('Could not convert private key from PEM; PEM header type is not "PRIVATE KEY" or "RSA PRIVATE KEY".');throw r.headerType=t.type,r}if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert private key from PEM; PEM is encrypted.");var a=oa.fromDer(t.body);return ca.privateKeyFromAsn1(a)},ca.privateKeyToPem=function(e,t){var r={type:"RSA PRIVATE KEY",body:oa.toDer(ca.privateKeyToAsn1(e)).getBytes()};return sa.pem.encode(r,{maxline:t})},ca.privateKeyInfoToPem=function(e,t){var r={type:"PRIVATE KEY",body:oa.toDer(e).getBytes()};return sa.pem.encode(r,{maxline:t})};var ua=v,la=function(e,t,r,a){var n=ua.util.createBuffer(),i=e.length>>1,s=i+(1&e.length),o=e.substr(0,s),c=e.substr(i,s),u=ua.util.createBuffer(),l=ua.hmac.create();r=t+r;var p=Math.ceil(a/16),h=Math.ceil(a/20);l.start("MD5",o);var f=ua.util.createBuffer();u.putBytes(r);for(var d=0;d<p;++d)l.start(null,null),l.update(u.getBytes()),u.putBuffer(l.digest()),l.start(null,null),l.update(u.bytes()+r),f.putBuffer(l.digest());l.start("SHA1",c);var y=ua.util.createBuffer();u.clear(),u.putBytes(r);for(d=0;d<h;++d)l.start(null,null),l.update(u.getBytes()),u.putBuffer(l.digest()),l.start(null,null),l.update(u.bytes()+r),y.putBuffer(l.digest());return n.putBytes(ua.util.xorBytes(f.getBytes(),y.getBytes(),a)),n},pa=function(e,t,r){var a=!1;try{var n=e.deflate(t.fragment.getBytes());t.fragment=ua.util.createBuffer(n),t.length=n.length,a=!0}catch(e){}return a},ha=function(e,t,r){var a=!1;try{var n=e.inflate(t.fragment.getBytes());t.fragment=ua.util.createBuffer(n),t.length=n.length,a=!0}catch(e){}return a},fa=function(e,t){var r=0;switch(t){case 1:r=e.getByte();break;case 2:r=e.getInt16();break;case 3:r=e.getInt24();break;case 4:r=e.getInt32()}return ua.util.createBuffer(e.getBytes(r))},da=function(e,t,r){e.putInt(r.length(),t<<3),e.putBuffer(r)},ya={Versions:{TLS_1_0:{major:3,minor:1},TLS_1_1:{major:3,minor:2},TLS_1_2:{major:3,minor:3}}};ya.SupportedVersions=[ya.Versions.TLS_1_1,ya.Versions.TLS_1_0],ya.Version=ya.SupportedVersions[0],ya.MaxFragment=15360,ya.ConnectionEnd={server:0,client:1},ya.PRFAlgorithm={tls_prf_sha256:0},ya.BulkCipherAlgorithm={none:null,rc4:0,des3:1,aes:2},ya.CipherType={stream:0,block:1,aead:2},ya.MACAlgorithm={none:null,hmac_md5:0,hmac_sha1:1,hmac_sha256:2,hmac_sha384:3,hmac_sha512:4},ya.CompressionMethod={none:0,deflate:1},ya.ContentType={change_cipher_spec:20,alert:21,handshake:22,application_data:23,heartbeat:24},ya.HandshakeType={hello_request:0,client_hello:1,server_hello:2,certificate:11,server_key_exchange:12,certificate_request:13,server_hello_done:14,certificate_verify:15,client_key_exchange:16,finished:20},ya.Alert={},ya.Alert.Level={warning:1,fatal:2},ya.Alert.Description={close_notify:0,unexpected_message:10,bad_record_mac:20,decryption_failed:21,record_overflow:22,decompression_failure:30,handshake_failure:40,bad_certificate:42,unsupported_certificate:43,certificate_revoked:44,certificate_expired:45,certificate_unknown:46,illegal_parameter:47,unknown_ca:48,access_denied:49,decode_error:50,decrypt_error:51,export_restriction:60,protocol_version:70,insufficient_security:71,internal_error:80,user_canceled:90,no_renegotiation:100},ya.HeartbeatMessageType={heartbeat_request:1,heartbeat_response:2},ya.CipherSuites={},ya.getCipherSuite=function(e){var t=null;for(var r in ya.CipherSuites){var a=ya.CipherSuites[r];if(a.id[0]===e.charCodeAt(0)&&a.id[1]===e.charCodeAt(1)){t=a;break}}return t},ya.handleUnexpected=function(e,t){!e.open&&e.entity===ya.ConnectionEnd.client\|\|e.error(e,{message:"Unexpected message. Received TLS record out of order.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.unexpected_message}})},ya.handleHelloRequest=function(e,t,r){!e.handshaking&&e.handshakes>0&&(ya.queue(e,ya.createAlert(e,{level:ya.Alert.Level.warning,description:ya.Alert.Description.no_renegotiation})),ya.flush(e)),e.process()},ya.parseHelloMessage=function(e,t,r){var a=null,n=e.entity===ya.ConnectionEnd.client;if(r<38)e.error(e,{message:n?"Invalid ServerHello message. Message too short.":"Invalid ClientHello message. Message too short.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.illegal_parameter}});else{var i=t.fragment,s=i.length();if(a={version:{major:i.getByte(),minor:i.getByte()},random:ua.util.createBuffer(i.getBytes(32)),session_id:fa(i,1),extensions:[]},n?(a.cipher_suite=i.getBytes(2),a.compression_method=i.getByte()):(a.cipher_suites=fa(i,2),a.compression_methods=fa(i,1)),(s=r-(s-i.length()))>0){for(var o=fa(i,2);o.length()>0;)a.extensions.push({type:[o.getByte(),o.getByte()],data:fa(o,2)});if(!n)for(var c=0;c<a.extensions.length;++c){var u=a.extensions[c];if(0===u.type[0]&&0===u.type[1])for(var l=fa(u.data,2);l.length()>0;){if(0!==l.getByte())break;e.session.extensions.server_name.serverNameList.push(fa(l,2).getBytes())}}}if(e.session.version&&(a.version.major!==e.session.version.major\|\|a.version.minor!==e.session.version.minor))return e.error(e,{message:"TLS version change is disallowed during renegotiation.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.protocol_version}});if(n)e.session.cipherSuite=ya.getCipherSuite(a.cipher_suite);else for(var p=ua.util.createBuffer(a.cipher_suites.bytes());p.length()>0&&(e.session.cipherSuite=ya.getCipherSuite(p.getBytes(2)),null===e.session.cipherSuite););if(null===e.session.cipherSuite)return e.error(e,{message:"No cipher suites in common.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.handshake_failure},cipherSuite:ua.util.bytesToHex(a.cipher_suite)});e.session.compressionMethod=n?a.compression_method:ya.CompressionMethod.none}return a},ya.createSecurityParameters=function(e,t){var r=e.entity===ya.ConnectionEnd.client,a=t.random.bytes(),n=r?e.session.sp.client_random:a,i=r?a:ya.createRandom().getBytes();e.session.sp={entity:e.entity,prf_algorithm:ya.PRFAlgorithm.tls_prf_sha256,bulk_cipher_algorithm:null,cipher_type:null,enc_key_length:null,block_length:null,fixed_iv_length:null,record_iv_length:null,mac_algorithm:null,mac_length:null,mac_key_length:null,compression_algorithm:e.session.compressionMethod,pre_master_secret:null,master_secret:null,client_random:n,server_random:i}},ya.handleServerHello=function(e,t,r){var a=ya.parseHelloMessage(e,t,r);if(!e.fail){if(!(a.version.minor<=e.version.minor))return e.error(e,{message:"Incompatible TLS version.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.protocol_version}});e.version.minor=a.version.minor,e.session.version=e.version;var n=a.session_id.bytes();n.length>0&&n===e.session.id?(e.expect=Ea,e.session.resuming=!0,e.session.sp.server_random=a.random.bytes()):(e.expect=ga,e.session.resuming=!1,ya.createSecurityParameters(e,a)),e.session.id=n,e.process()}},ya.handleClientHello=function(e,t,r){var a=ya.parseHelloMessage(e,t,r);if(!e.fail){var n=a.session_id.bytes(),i=null;if(e.sessionCache&&(null===(i=e.sessionCache.getSession(n))?n="":(i.version.major!==a.version.major\|\|i.version.minor>a.version.minor)&&(i=null,n="")),0===n.length&&(n=ua.random.getBytes(32)),e.session.id=n,e.session.clientHelloVersion=a.version,e.session.sp={},i)e.version=e.session.version=i.version,e.session.sp=i.sp;else{for(var s,o=1;o<ya.SupportedVersions.length&&!((s=ya.SupportedVersions[o]).minor<=a.version.minor);++o);e.version={major:s.major,minor:s.minor},e.session.version=e.version}null!==i?(e.expect=Na,e.session.resuming=!0,e.session.sp.client_random=a.random.bytes()):(e.expect=!1!==e.verifyClient?Aa:ba,e.session.resuming=!1,ya.createSecurityParameters(e,a)),e.open=!0,ya.queue(e,ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createServerHello(e)})),e.session.resuming?(ya.queue(e,ya.createRecord(e,{type:ya.ContentType.change_cipher_spec,data:ya.createChangeCipherSpec()})),e.state.pending=ya.createConnectionState(e),e.state.current.write=e.state.pending.write,ya.queue(e,ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createFinished(e)}))):(ya.queue(e,ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createCertificate(e)})),e.fail\|\|(ya.queue(e,ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createServerKeyExchange(e)})),!1!==e.verifyClient&&ya.queue(e,ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createCertificateRequest(e)})),ya.queue(e,ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createServerHelloDone(e)})))),ya.flush(e),e.process()}},ya.handleCertificate=function(e,t,r){if(r<3)return e.error(e,{message:"Invalid Certificate message. Message too short.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.illegal_parameter}});var a,n,i=t.fragment,s={certificate_list:fa(i,3)},o=[];try{for(;s.certificate_list.length()>0;)a=fa(s.certificate_list,3),n=ua.asn1.fromDer(a),a=ua.pki.certificateFromAsn1(n,!0),o.push(a)}catch(t){return e.error(e,{message:"Could not parse certificate list.",cause:t,send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.bad_certificate}})}var c=e.entity===ya.ConnectionEnd.client;!c&&!0!==e.verifyClient\|\|0!==o.length?0===o.length?e.expect=c?ma:ba:(c?e.session.serverCertificate=o[0]:e.session.clientCertificate=o[0],ya.verifyCertificateChain(e,o)&&(e.expect=c?ma:ba)):e.error(e,{message:c?"No server certificate provided.":"No client certificate provided.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.illegal_parameter}}),e.process()},ya.handleServerKeyExchange=function(e,t,r){if(r>0)return e.error(e,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.unsupported_certificate}});e.expect=va,e.process()},ya.handleClientKeyExchange=function(e,t,r){if(r<48)return e.error(e,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.unsupported_certificate}});var a=t.fragment,n={enc_pre_master_secret:fa(a,2).getBytes()},i=null;if(e.getPrivateKey)try{i=e.getPrivateKey(e,e.session.serverCertificate),i=ua.pki.privateKeyFromPem(i)}catch(t){e.error(e,{message:"Could not get private key.",cause:t,send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.internal_error}})}if(null===i)return e.error(e,{message:"No private key set.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.internal_error}});try{var s=e.session.sp;s.pre_master_secret=i.decrypt(n.enc_pre_master_secret);var o=e.session.clientHelloVersion;if(o.major!==s.pre_master_secret.charCodeAt(0)\|\|o.minor!==s.pre_master_secret.charCodeAt(1))throw new Error("TLS version rollback attack detected.")}catch(e){s.pre_master_secret=ua.random.getBytes(48)}e.expect=Na,null!==e.session.clientCertificate&&(e.expect=Ba),e.process()},ya.handleCertificateRequest=function(e,t,r){if(r<3)return e.error(e,{message:"Invalid CertificateRequest. Message too short.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.illegal_parameter}});var a=t.fragment,n={certificate_types:fa(a,1),certificate_authorities:fa(a,2)};e.session.certificateRequest=n,e.expect=Ca,e.process()},ya.handleCertificateVerify=function(e,t,r){if(r<2)return e.error(e,{message:"Invalid CertificateVerify. Message too short.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.illegal_parameter}});var a=t.fragment;a.read-=4;var n=a.bytes();a.read+=4;var i={signature:fa(a,2).getBytes()},s=ua.util.createBuffer();s.putBuffer(e.session.md5.digest()),s.putBuffer(e.session.sha1.digest()),s=s.getBytes();try{if(!e.session.clientCertificate.publicKey.verify(s,i.signature,"NONE"))throw new Error("CertificateVerify signature does not match.");e.session.md5.update(n),e.session.sha1.update(n)}catch(t){return e.error(e,{message:"Bad signature in CertificateVerify.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.handshake_failure}})}e.expect=Na,e.process()},ya.handleServerHelloDone=function(e,t,r){if(r>0)return e.error(e,{message:"Invalid ServerHelloDone message. Invalid length.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.record_overflow}});if(null===e.serverCertificate){var a={message:"No server certificate provided. Not enough security.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.insufficient_security}},n=e.verify(e,a.alert.description,0,[]);if(!0!==n)return(n\|\|0===n)&&("object"!=typeof n\|\|ua.util.isArray(n)?"number"==typeof n&&(a.alert.description=n):(n.message&&(a.message=n.message),n.alert&&(a.alert.description=n.alert))),e.error(e,a)}null!==e.session.certificateRequest&&(t=ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createCertificate(e)}),ya.queue(e,t)),t=ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createClientKeyExchange(e)}),ya.queue(e,t),e.expect=Ia;var i=function(e,t){null!==e.session.certificateRequest&&null!==e.session.clientCertificate&&ya.queue(e,ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createCertificateVerify(e,t)})),ya.queue(e,ya.createRecord(e,{type:ya.ContentType.change_cipher_spec,data:ya.createChangeCipherSpec()})),e.state.pending=ya.createConnectionState(e),e.state.current.write=e.state.pending.write,ya.queue(e,ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createFinished(e)})),e.expect=Ea,ya.flush(e),e.process()};if(null===e.session.certificateRequest\|\|null===e.session.clientCertificate)return i(e,null);ya.getClientSignature(e,i)},ya.handleChangeCipherSpec=function(e,t){if(1!==t.fragment.getByte())return e.error(e,{message:"Invalid ChangeCipherSpec message received.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.illegal_parameter}});var r=e.entity===ya.ConnectionEnd.client;(e.session.resuming&&r\|\|!e.session.resuming&&!r)&&(e.state.pending=ya.createConnectionState(e)),e.state.current.read=e.state.pending.read,(!e.session.resuming&&r\|\|e.session.resuming&&!r)&&(e.state.pending=null),e.expect=r?Sa:wa,e.process()},ya.handleFinished=function(e,t,r){var a=t.fragment;a.read-=4;var n=a.bytes();a.read+=4;var i=t.fragment.getBytes();(a=ua.util.createBuffer()).putBuffer(e.session.md5.digest()),a.putBuffer(e.session.sha1.digest());var s=e.entity===ya.ConnectionEnd.client,o=s?"server finished":"client finished",c=e.session.sp;if((a=la(c.master_secret,o,a.getBytes(),12)).getBytes()!==i)return e.error(e,{message:"Invalid verify_data in Finished message.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.decrypt_error}});e.session.md5.update(n),e.session.sha1.update(n),(e.session.resuming&&s\|\|!e.session.resuming&&!s)&&(ya.queue(e,ya.createRecord(e,{type:ya.ContentType.change_cipher_spec,data:ya.createChangeCipherSpec()})),e.state.current.write=e.state.pending.write,e.state.pending=null,ya.queue(e,ya.createRecord(e,{type:ya.ContentType.handshake,data:ya.createFinished(e)}))),e.expect=s?Ta:ka,e.handshaking=!1,++e.handshakes,e.peerCertificate=s?e.session.serverCertificate:e.session.clientCertificate,ya.flush(e),e.isConnected=!0,e.connected(e),e.process()},ya.handleAlert=function(e,t){var r,a=t.fragment,n={level:a.getByte(),description:a.getByte()};switch(n.description){case ya.Alert.Description.close_notify:r="Connection closed.";break;case ya.Alert.Description.unexpected_message:r="Unexpected message.";break;case ya.Alert.Description.bad_record_mac:r="Bad record MAC.";break;case ya.Alert.Description.decryption_failed:r="Decryption failed.";break;case ya.Alert.Description.record_overflow:r="Record overflow.";break;case ya.Alert.Description.decompression_failure:r="Decompression failed.";break;case ya.Alert.Description.handshake_failure:r="Handshake failure.";break;case ya.Alert.Description.bad_certificate:r="Bad certificate.";break;case ya.Alert.Description.unsupported_certificate:r="Unsupported certificate.";break;case ya.Alert.Description.certificate_revoked:r="Certificate revoked.";break;case ya.Alert.Description.certificate_expired:r="Certificate expired.";break;case ya.Alert.Description.certificate_unknown:r="Certificate unknown.";break;case ya.Alert.Description.illegal_parameter:r="Illegal parameter.";break;case ya.Alert.Description.unknown_ca:r="Unknown certificate authority.";break;case ya.Alert.Description.access_denied:r="Access denied.";break;case ya.Alert.Description.decode_error:r="Decode error.";break;case ya.Alert.Description.decrypt_error:r="Decrypt error.";break;case ya.Alert.Description.export_restriction:r="Export restriction.";break;case ya.Alert.Description.protocol_version:r="Unsupported protocol version.";break;case ya.Alert.Description.insufficient_security:r="Insufficient security.";break;case ya.Alert.Description.internal_error:r="Internal error.";break;case ya.Alert.Description.user_canceled:r="User canceled.";break;case ya.Alert.Description.no_renegotiation:r="Renegotiation not supported.";break;default:r="Unknown error."}if(n.description===ya.Alert.Description.close_notify)return e.close();e.error(e,{message:r,send:!1,origin:e.entity===ya.ConnectionEnd.client?"server":"client",alert:n}),e.process()},ya.handleHandshake=function(e,t){var r=t.fragment,a=r.getByte(),n=r.getInt24();if(n>r.length())return e.fragmented=t,t.fragment=ua.util.createBuffer(),r.read-=4,e.process();e.fragmented=null,r.read-=4;var i=r.bytes(n+4);r.read+=4,a in Ga[e.entity][e.expect]?(e.entity!==ya.ConnectionEnd.server\|\|e.open\|\|e.fail\|\|(e.handshaking=!0,e.session={version:null,extensions:{server_name:{serverNameList:[]}},cipherSuite:null,compressionMethod:null,serverCertificate:null,clientCertificate:null,md5:ua.md.md5.create(),sha1:ua.md.sha1.create()}),a!==ya.HandshakeType.hello_request&&a!==ya.HandshakeType.certificate_verify&&a!==ya.HandshakeType.finished&&(e.session.md5.update(i),e.session.sha1.update(i)),Ga[e.entity][e.expect][a](e,t,n)):ya.handleUnexpected(e,t)},ya.handleApplicationData=function(e,t){e.data.putBuffer(t.fragment),e.dataReady(e),e.process()},ya.handleHeartbeat=function(e,t){var r=t.fragment,a=r.getByte(),n=r.getInt16(),i=r.getBytes(n);if(a===ya.HeartbeatMessageType.heartbeat_request){if(e.handshaking\|\|n>i.length)return e.process();ya.queue(e,ya.createRecord(e,{type:ya.ContentType.heartbeat,data:ya.createHeartbeat(ya.HeartbeatMessageType.heartbeat_response,i)})),ya.flush(e)}else if(a===ya.HeartbeatMessageType.heartbeat_response){if(i!==e.expectedHeartbeatPayload)return e.process();e.heartbeatReceived&&e.heartbeatReceived(e,ua.util.createBuffer(i))}e.process()};var ga=1,ma=2,va=3,Ca=4,Ea=5,Sa=6,Ta=7,Ia=8,Aa=1,ba=2,Ba=3,Na=4,wa=5,ka=6,Ra=ya.handleUnexpected,_a=ya.handleChangeCipherSpec,La=ya.handleAlert,Ua=ya.handleHandshake,Da=ya.handleApplicationData,Pa=ya.handleHeartbeat,Va=[];Va[ya.ConnectionEnd.client]=[[Ra,La,Ua,Ra,Pa],[Ra,La,Ua,Ra,Pa],[Ra,La,Ua,Ra,Pa],[Ra,La,Ua,Ra,Pa],[Ra,La,Ua,Ra,Pa],[_a,La,Ra,Ra,Pa],[Ra,La,Ua,Ra,Pa],[Ra,La,Ua,Da,Pa],[Ra,La,Ua,Ra,Pa]],Va[ya.ConnectionEnd.server]=[[Ra,La,Ua,Ra,Pa],[Ra,La,Ua,Ra,Pa],[Ra,La,Ua,Ra,Pa],[Ra,La,Ua,Ra,Pa],[_a,La,Ra,Ra,Pa],[Ra,La,Ua,Ra,Pa],[Ra,La,Ua,Da,Pa],[Ra,La,Ua,Ra,Pa]];var Oa=ya.handleHelloRequest,Ka=ya.handleServerHello,xa=ya.handleCertificate,Ma=ya.handleServerKeyExchange,Fa=ya.handleCertificateRequest,qa=ya.handleServerHelloDone,ja=ya.handleFinished,Ga=[];Ga[ya.ConnectionEnd.client]=[[Ra,Ra,Ka,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra],[Oa,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,xa,Ma,Fa,qa,Ra,Ra,Ra,Ra,Ra,Ra],[Oa,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ma,Fa,qa,Ra,Ra,Ra,Ra,Ra,Ra],[Oa,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Fa,qa,Ra,Ra,Ra,Ra,Ra,Ra],[Oa,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,qa,Ra,Ra,Ra,Ra,Ra,Ra],[Oa,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra],[Oa,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,ja],[Oa,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra],[Oa,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra]];var Ha=ya.handleClientHello,Qa=ya.handleClientKeyExchange,za=ya.handleCertificateVerify;Ga[ya.ConnectionEnd.server]=[[Ra,Ha,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra],[Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,xa,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra],[Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Qa,Ra,Ra,Ra,Ra],[Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,za,Ra,Ra,Ra,Ra,Ra],[Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra],[Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,ja],[Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra],[Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra,Ra]],ya.generateKeys=function(e,t){var r=la,a=t.client_random+t.server_random;e.session.resuming\|\|(t.master_secret=r(t.pre_master_secret,"master secret",a,48).bytes(),t.pre_master_secret=null),a=t.server_random+t.client_random;var n=2t.mac_key_length+2t.enc_key_length,i=e.version.major===ya.Versions.TLS_1_0.major&&e.version.minor===ya.Versions.TLS_1_0.minor;i&&(n+=2t.fixed_iv_length);var s=r(t.master_secret,"key expansion",a,n),o={client_write_MAC_key:s.getBytes(t.mac_key_length),server_write_MAC_key:s.getBytes(t.mac_key_length),client_write_key:s.getBytes(t.enc_key_length),server_write_key:s.getBytes(t.enc_key_length)};return i&&(o.client_write_IV=s.getBytes(t.fixed_iv_length),o.server_write_IV=s.getBytes(t.fixed_iv_length)),o},ya.createConnectionState=function(e){var t=e.entity===ya.ConnectionEnd.client,r=function(){var e={sequenceNumber:[0,0],macKey:null,macLength:0,macFunction:null,cipherState:null,cipherFunction:function(e){return!0},compressionState:null,compressFunction:function(e){return!0},updateSequenceNumber:function(){4294967295===e.sequenceNumber[1]?(e.sequenceNumber[1]=0,++e.sequenceNumber[0]):++e.sequenceNumber[1]}};return e},a={read:r(),write:r()};if(a.read.update=function(e,t){return a.read.cipherFunction(t,a.read)?a.read.compressFunction(e,t,a.read)\|\|e.error(e,{message:"Could not decompress record.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.decompression_failure}}):e.error(e,{message:"Could not decrypt record or bad MAC.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.bad_record_mac}}),!e.fail},a.write.update=function(e,t){return a.write.compressFunction(e,t,a.write)?a.write.cipherFunction(t,a.write)\|\|e.error(e,{message:"Could not encrypt record.",send:!1,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.internal_error}}):e.error(e,{message:"Could not compress record.",send:!1,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.internal_error}}),!e.fail},e.session){var n=e.session.sp;switch(e.session.cipherSuite.initSecurityParameters(n),n.keys=ya.generateKeys(e,n),a.read.macKey=t?n.keys.server_write_MAC_key:n.keys.client_write_MAC_key,a.write.macKey=t?n.keys.client_write_MAC_key:n.keys.server_write_MAC_key,e.session.cipherSuite.initConnectionState(a,e,n),n.compression_algorithm){case ya.CompressionMethod.none:break;case ya.CompressionMethod.deflate:a.read.compressFunction=ha,a.write.compressFunction=pa;break;default:throw new Error("Unsupported compression algorithm.")}}return a},ya.createRandom=function(){var e=new Date,t=+e+6e4e.getTimezoneOffset(),r=ua.util.createBuffer();return r.putInt32(t),r.putBytes(ua.random.getBytes(28)),r},ya.createRecord=function(e,t){return t.data?{type:t.type,version:{major:e.version.major,minor:e.version.minor},length:t.data.length(),fragment:t.data}:null},ya.createAlert=function(e,t){var r=ua.util.createBuffer();return r.putByte(t.level),r.putByte(t.description),ya.createRecord(e,{type:ya.ContentType.alert,data:r})},ya.createClientHello=function(e){e.session.clientHelloVersion={major:e.version.major,minor:e.version.minor};for(var t=ua.util.createBuffer(),r=0;r<e.cipherSuites.length;++r){var a=e.cipherSuites[r];t.putByte(a.id[0]),t.putByte(a.id[1])}var n=t.length(),i=ua.util.createBuffer();i.putByte(ya.CompressionMethod.none);var s=i.length(),o=ua.util.createBuffer();if(e.virtualHost){var c=ua.util.createBuffer();c.putByte(0),c.putByte(0);var u=ua.util.createBuffer();u.putByte(0),da(u,2,ua.util.createBuffer(e.virtualHost));var l=ua.util.createBuffer();da(l,2,u),da(c,2,l),o.putBuffer(c)}var p=o.length();p>0&&(p+=2);var h=e.session.id,f=h.length+1+2+4+28+2+n+1+s+p,d=ua.util.createBuffer();return d.putByte(ya.HandshakeType.client_hello),d.putInt24(f),d.putByte(e.version.major),d.putByte(e.version.minor),d.putBytes(e.session.sp.client_random),da(d,1,ua.util.createBuffer(h)),da(d,2,t),da(d,1,i),p>0&&da(d,2,o),d},ya.createServerHello=function(e){var t=e.session.id,r=t.length+1+2+4+28+2+1,a=ua.util.createBuffer();return a.putByte(ya.HandshakeType.server_hello),a.putInt24(r),a.putByte(e.version.major),a.putByte(e.version.minor),a.putBytes(e.session.sp.server_random),da(a,1,ua.util.createBuffer(t)),a.putByte(e.session.cipherSuite.id[0]),a.putByte(e.session.cipherSuite.id[1]),a.putByte(e.session.compressionMethod),a},ya.createCertificate=function(e){var t,r=e.entity===ya.ConnectionEnd.client,a=null;e.getCertificate&&(t=r?e.session.certificateRequest:e.session.extensions.server_name.serverNameList,a=e.getCertificate(e,t));var n=ua.util.createBuffer();if(null!==a)try{ua.util.isArray(a)\|\|(a=[a]);for(var i=null,s=0;s<a.length;++s){var o=ua.pem.decode(a[s])[0];if("CERTIFICATE"!==o.type&&"X509 CERTIFICATE"!==o.type&&"TRUSTED CERTIFICATE"!==o.type){var c=new Error('Could not convert certificate from PEM; PEM header type is not "CERTIFICATE", "X509 CERTIFICATE", or "TRUSTED CERTIFICATE".');throw c.headerType=o.type,c}if(o.procType&&"ENCRYPTED"===o.procType.type)throw new Error("Could not convert certificate from PEM; PEM is encrypted.");var u=ua.util.createBuffer(o.body);null===i&&(i=ua.asn1.fromDer(u.bytes(),!1));var l=ua.util.createBuffer();da(l,3,u),n.putBuffer(l)}a=ua.pki.certificateFromAsn1(i),r?e.session.clientCertificate=a:e.session.serverCertificate=a}catch(t){return e.error(e,{message:"Could not send certificate list.",cause:t,send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.bad_certificate}})}var p=3+n.length(),h=ua.util.createBuffer();return h.putByte(ya.HandshakeType.certificate),h.putInt24(p),da(h,3,n),h},ya.createClientKeyExchange=function(e){var t=ua.util.createBuffer();t.putByte(e.session.clientHelloVersion.major),t.putByte(e.session.clientHelloVersion.minor),t.putBytes(ua.random.getBytes(46));var r=e.session.sp;r.pre_master_secret=t.getBytes();var a=(t=e.session.serverCertificate.publicKey.encrypt(r.pre_master_secret)).length+2,n=ua.util.createBuffer();return n.putByte(ya.HandshakeType.client_key_exchange),n.putInt24(a),n.putInt16(t.length),n.putBytes(t),n},ya.createServerKeyExchange=function(e){return ua.util.createBuffer()},ya.getClientSignature=function(e,t){var r=ua.util.createBuffer();r.putBuffer(e.session.md5.digest()),r.putBuffer(e.session.sha1.digest()),r=r.getBytes(),e.getSignature=e.getSignature\|\|function(e,t,r){var a=null;if(e.getPrivateKey)try{a=e.getPrivateKey(e,e.session.clientCertificate),a=ua.pki.privateKeyFromPem(a)}catch(t){e.error(e,{message:"Could not get private key.",cause:t,send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.internal_error}})}null===a?e.error(e,{message:"No private key set.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.internal_error}}):t=a.sign(t,null),r(e,t)},e.getSignature(e,r,t)},ya.createCertificateVerify=function(e,t){var r=t.length+2,a=ua.util.createBuffer();return a.putByte(ya.HandshakeType.certificate_verify),a.putInt24(r),a.putInt16(t.length),a.putBytes(t),a},ya.createCertificateRequest=function(e){var t=ua.util.createBuffer();t.putByte(1);var r=ua.util.createBuffer();for(var a in e.caStore.certs){var n=e.caStore.certs[a],i=ua.pki.distinguishedNameToAsn1(n.subject),s=ua.asn1.toDer(i);r.putInt16(s.length()),r.putBuffer(s)}var o=1+t.length()+2+r.length(),c=ua.util.createBuffer();return c.putByte(ya.HandshakeType.certificate_request),c.putInt24(o),da(c,1,t),da(c,2,r),c},ya.createServerHelloDone=function(e){var t=ua.util.createBuffer();return t.putByte(ya.HandshakeType.server_hello_done),t.putInt24(0),t},ya.createChangeCipherSpec=function(){var e=ua.util.createBuffer();return e.putByte(1),e},ya.createFinished=function(e){var t=ua.util.createBuffer();t.putBuffer(e.session.md5.digest()),t.putBuffer(e.session.sha1.digest());var r=e.entity===ya.ConnectionEnd.client,a=e.session.sp,n=r?"client finished":"server finished";t=la(a.master_secret,n,t.getBytes(),12);var i=ua.util.createBuffer();return i.putByte(ya.HandshakeType.finished),i.putInt24(t.length()),i.putBuffer(t),i},ya.createHeartbeat=function(e,t,r){void 0===r&&(r=t.length);var a=ua.util.createBuffer();a.putByte(e),a.putInt16(r),a.putBytes(t);var n=a.length(),i=Math.max(16,n-r-3);return a.putBytes(ua.random.getBytes(i)),a},ya.queue=function(e,t){if(t&&(0!==t.fragment.length()\|\|t.type!==ya.ContentType.handshake&&t.type!==ya.ContentType.alert&&t.type!==ya.ContentType.change_cipher_spec)){if(t.type===ya.ContentType.handshake){var r=t.fragment.bytes();e.session.md5.update(r),e.session.sha1.update(r),r=null}var a;if(t.fragment.length()<=ya.MaxFragment)a=[t];else{a=[];for(var n=t.fragment.bytes();n.length>ya.MaxFragment;)a.push(ya.createRecord(e,{type:t.type,data:ua.util.createBuffer(n.slice(0,ya.MaxFragment))})),n=n.slice(ya.MaxFragment);n.length>0&&a.push(ya.createRecord(e,{type:t.type,data:ua.util.createBuffer(n)}))}for(var i=0;i<a.length&&!e.fail;++i){var s=a[i];e.state.current.write.update(e,s)&&e.records.push(s)}}},ya.flush=function(e){for(var t=0;t<e.records.length;++t){var r=e.records[t];e.tlsData.putByte(r.type),e.tlsData.putByte(r.version.major),e.tlsData.putByte(r.version.minor),e.tlsData.putInt16(r.fragment.length()),e.tlsData.putBuffer(e.records[t].fragment)}return e.records=[],e.tlsDataReady(e)};var Wa=function(e){switch(e){case!0:return!0;case ua.pki.certificateError.bad_certificate:return ya.Alert.Description.bad_certificate;case ua.pki.certificateError.unsupported_certificate:return ya.Alert.Description.unsupported_certificate;case ua.pki.certificateError.certificate_revoked:return ya.Alert.Description.certificate_revoked;case ua.pki.certificateError.certificate_expired:return ya.Alert.Description.certificate_expired;case ua.pki.certificateError.certificate_unknown:return ya.Alert.Description.certificate_unknown;case ua.pki.certificateError.unknown_ca:return ya.Alert.Description.unknown_ca;default:return ya.Alert.Description.bad_certificate}};for(var Ya in ya.verifyCertificateChain=function(e,t){try{var r={};for(var a in e.verifyOptions)r[a]=e.verifyOptions[a];r.verify=function(t,r,a){Wa(t);var n=e.verify(e,t,r,a);if(!0!==n){if("object"==typeof n&&!ua.util.isArray(n)){var i=new Error("The application rejected the certificate.");throw i.send=!0,i.alert={level:ya.Alert.Level.fatal,description:ya.Alert.Description.bad_certificate},n.message&&(i.message=n.message),n.alert&&(i.alert.description=n.alert),i}n!==t&&(n=function(e){switch(e){case!0:return!0;case ya.Alert.Description.bad_certificate:return ua.pki.certificateError.bad_certificate;case ya.Alert.Description.unsupported_certificate:return ua.pki.certificateError.unsupported_certificate;case ya.Alert.Description.certificate_revoked:return ua.pki.certificateError.certificate_revoked;case ya.Alert.Description.certificate_expired:return ua.pki.certificateError.certificate_expired;case ya.Alert.Description.certificate_unknown:return ua.pki.certificateError.certificate_unknown;case ya.Alert.Description.unknown_ca:return ua.pki.certificateError.unknown_ca;default:return ua.pki.certificateError.bad_certificate}}(n))}return n},ua.pki.verifyCertificateChain(e.caStore,t,r)}catch(t){var n=t;("object"!=typeof n\|\|ua.util.isArray(n))&&(n={send:!0,alert:{level:ya.Alert.Level.fatal,description:Wa(t)}}),"send"in n\|\|(n.send=!0),"alert"in n\|\|(n.alert={level:ya.Alert.Level.fatal,description:Wa(n.error)}),e.error(e,n)}return!e.fail},ya.createSessionCache=function(e,t){var r=null;if(e&&e.getSession&&e.setSession&&e.order)r=e;else{for(var a in(r={}).cache=e\|\|{},r.capacity=Math.max(t\|\|100,1),r.order=[],e)r.order.length<=t?r.order.push(a):delete e[a];r.getSession=function(e){var t=null,a=null;if(e?a=ua.util.bytesToHex(e):r.order.length>0&&(a=r.order[0]),null!==a&&a in r.cache)for(var n in t=r.cache[a],delete r.cache[a],r.order)if(r.order[n]===a){r.order.splice(n,1);break}return t},r.setSession=function(e,t){if(r.order.length===r.capacity){var a=r.order.shift();delete r.cache[a]}a=ua.util.bytesToHex(e);r.order.push(a),r.cache[a]=t}}return r},ya.createConnection=function(e){var t=null;t=e.caStore?ua.util.isArray(e.caStore)?ua.pki.createCaStore(e.caStore):e.caStore:ua.pki.createCaStore();var r=e.cipherSuites\|\|null;if(null===r)for(var a in r=[],ya.CipherSuites)r.push(ya.CipherSuites[a]);var n=e.server?ya.ConnectionEnd.server:ya.ConnectionEnd.client,i=e.sessionCache?ya.createSessionCache(e.sessionCache):null,s={version:{major:ya.Version.major,minor:ya.Version.minor},entity:n,sessionId:e.sessionId,caStore:t,sessionCache:i,cipherSuites:r,connected:e.connected,virtualHost:e.virtualHost\|\|null,verifyClient:e.verifyClient\|\|!1,verify:e.verify\|\|function(e,t,r,a){return t},verifyOptions:e.verifyOptions\|\|{},getCertificate:e.getCertificate\|\|null,getPrivateKey:e.getPrivateKey\|\|null,getSignature:e.getSignature\|\|null,input:ua.util.createBuffer(),tlsData:ua.util.createBuffer(),data:ua.util.createBuffer(),tlsDataReady:e.tlsDataReady,dataReady:e.dataReady,heartbeatReceived:e.heartbeatReceived,closed:e.closed,error:function(t,r){r.origin=r.origin\|\|(t.entity===ya.ConnectionEnd.client?"client":"server"),r.send&&(ya.queue(t,ya.createAlert(t,r.alert)),ya.flush(t));var a=!1!==r.fatal;a&&(t.fail=!0),e.error(t,r),a&&t.close(!1)},deflate:e.deflate\|\|null,inflate:e.inflate\|\|null,reset:function(e){s.version={major:ya.Version.major,minor:ya.Version.minor},s.record=null,s.session=null,s.peerCertificate=null,s.state={pending:null,current:null},s.expect=(s.entity,ya.ConnectionEnd.client,0),s.fragmented=null,s.records=[],s.open=!1,s.handshakes=0,s.handshaking=!1,s.isConnected=!1,s.fail=!(e\|\|void 0===e),s.input.clear(),s.tlsData.clear(),s.data.clear(),s.state.current=ya.createConnectionState(s)}};s.reset();return s.handshake=function(e){if(s.entity!==ya.ConnectionEnd.client)s.error(s,{message:"Cannot initiate handshake as a server.",fatal:!1});else if(s.handshaking)s.error(s,{message:"Handshake already in progress.",fatal:!1});else{s.fail&&!s.open&&0===s.handshakes&&(s.fail=!1),s.handshaking=!0;var t=null;(e=e\|\|"").length>0&&(s.sessionCache&&(t=s.sessionCache.getSession(e)),null===t&&(e="")),0===e.length&&s.sessionCache&&null!==(t=s.sessionCache.getSession())&&(e=t.id),s.session={id:e,version:null,cipherSuite:null,compressionMethod:null,serverCertificate:null,certificateRequest:null,clientCertificate:null,sp:{},md5:ua.md.md5.create(),sha1:ua.md.sha1.create()},t&&(s.version=t.version,s.session.sp=t.sp),s.session.sp.client_random=ya.createRandom().getBytes(),s.open=!0,ya.queue(s,ya.createRecord(s,{type:ya.ContentType.handshake,data:ya.createClientHello(s)})),ya.flush(s)}},s.process=function(e){var t=0;return e&&s.input.putBytes(e),s.fail\|\|(null!==s.record&&s.record.ready&&s.record.fragment.isEmpty()&&(s.record=null),null===s.record&&(t=function(e){var t=0,r=e.input,a=r.length();if(a<5)t=5-a;else{e.record={type:r.getByte(),version:{major:r.getByte(),minor:r.getByte()},length:r.getInt16(),fragment:ua.util.createBuffer(),ready:!1};var n=e.record.version.major===e.version.major;n&&e.session&&e.session.version&&(n=e.record.version.minor===e.version.minor),n\|\|e.error(e,{message:"Incompatible TLS version.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.protocol_version}})}return t}(s)),s.fail\|\|null===s.record\|\|s.record.ready\|\|(t=function(e){var t=0,r=e.input,a=r.length();return a<e.record.length?t=e.record.length-a:(e.record.fragment.putBytes(r.getBytes(e.record.length)),r.compact(),e.state.current.read.update(e,e.record)&&(null!==e.fragmented&&(e.fragmented.type===e.record.type?(e.fragmented.fragment.putBuffer(e.record.fragment),e.record=e.fragmented):e.error(e,{message:"Invalid fragmented record.",send:!0,alert:{level:ya.Alert.Level.fatal,description:ya.Alert.Description.unexpected_message}})),e.record.ready=!0)),t}(s)),!s.fail&&null!==s.record&&s.record.ready&&function(e,t){var r=t.type-ya.ContentType.change_cipher_spec,a=Va[e.entity][e.expect];r in a?a[r](e,t):ya.handleUnexpected(e,t)}(s,s.record)),t},s.prepare=function(e){return ya.queue(s,ya.createRecord(s,{type:ya.ContentType.application_data,data:ua.util.createBuffer(e)})),ya.flush(s)},s.prepareHeartbeatRequest=function(e,t){return e instanceof ua.util.ByteBuffer&&(e=e.bytes()),void 0===t&&(t=e.length),s.expectedHeartbeatPayload=e,ya.queue(s,ya.createRecord(s,{type:ya.ContentType.heartbeat,data:ya.createHeartbeat(ya.HeartbeatMessageType.heartbeat_request,e,t)})),ya.flush(s)},s.close=function(e){if(!s.fail&&s.sessionCache&&s.session){var t={id:s.session.id,version:s.session.version,sp:s.session.sp};t.sp.keys=null,s.sessionCache.setSession(t.id,t)}s.open&&(s.open=!1,s.input.clear(),(s.isConnected\|\|s.handshaking)&&(s.isConnected=s.handshaking=!1,ya.queue(s,ya.createAlert(s,{level:ya.Alert.Level.warning,description:ya.Alert.Description.close_notify})),ya.flush(s)),s.closed(s)),s.reset(e)},s},ua.tls=ua.tls\|\|{},ya)"function"!=typeof ya[Ya]&&(ua.tls[Ya]=ya[Ya]);ua.tls.prf_tls1=la,ua.tls.hmac_sha1=function(e,t,r){var a=ua.hmac.create();a.start("SHA1",e);var n=ua.util.createBuffer();return n.putInt32(t[0]),n.putInt32(t[1]),n.putByte(r.type),n.putByte(r.version.major),n.putByte(r.version.minor),n.putInt16(r.length),n.putBytes(r.fragment.bytes()),a.update(n.getBytes()),a.digest().getBytes()},ua.tls.createSessionCache=ya.createSessionCache,ua.tls.createConnection=ya.createConnection;var Xa=v,Za=Xa.tls;function $a(e,t,r){var a=t.entity===Xa.tls.ConnectionEnd.client;e.read.cipherState={init:!1,cipher:Xa.cipher.createDecipher("AES-CBC",a?r.keys.server_write_key:r.keys.client_write_key),iv:a?r.keys.server_write_IV:r.keys.client_write_IV},e.write.cipherState={init:!1,cipher:Xa.cipher.createCipher("AES-CBC",a?r.keys.client_write_key:r.keys.server_write_key),iv:a?r.keys.client_write_IV:r.keys.server_write_IV},e.read.cipherFunction=rn,e.write.cipherFunction=Ja,e.read.macLength=e.write.macLength=r.mac_length,e.read.macFunction=e.write.macFunction=Za.hmac_sha1}function Ja(e,t){var r,a=!1,n=t.macFunction(t.macKey,t.sequenceNumber,e);e.fragment.putBytes(n),t.updateSequenceNumber(),r=e.version.minor===Za.Versions.TLS_1_0.minor?t.cipherState.init?null:t.cipherState.iv:Xa.random.getBytesSync(16),t.cipherState.init=!0;var i=t.cipherState.cipher;return i.start({iv:r}),e.version.minor>=Za.Versions.TLS_1_1.minor&&i.output.putBytes(r),i.update(e.fragment),i.finish(en)&&(e.fragment=i.output,e.length=e.fragment.length(),a=!0),a}function en(e,t,r){if(!r){var a=e-t.length()%e;t.fillWithByte(a-1,a)}return!0}function tn(e,t,r){var a=!0;if(r){for(var n=t.length(),i=t.last(),s=n-1-i;s<n-1;++s)a=a&&t.at(s)==i;a&&t.truncate(i+1)}return a}function rn(e,t){var r,a=!1;r=e.version.minor===Za.Versions.TLS_1_0.minor?t.cipherState.init?null:t.cipherState.iv:e.fragment.getBytes(16),t.cipherState.init=!0;var n=t.cipherState.cipher;n.start({iv:r}),n.update(e.fragment),a=n.finish(tn);var i=t.macLength,s=Xa.random.getBytesSync(i),o=n.output.length();o>=i?(e.fragment=n.output.getBytes(o-i),s=n.output.getBytes(i)):e.fragment=n.output.getBytes(),e.fragment=Xa.util.createBuffer(e.fragment),e.length=e.fragment.length();var c=t.macFunction(t.macKey,t.sequenceNumber,e);return t.updateSequenceNumber(),a=function(e,t,r){var a=Xa.hmac.create();return a.start("SHA1",e),a.update(t),t=a.digest().getBytes(),a.start(null,null),a.update(r),r=a.digest().getBytes(),t===r}(t.macKey,s,c)&&a,a}Za.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA={id:[0,47],name:"TLS_RSA_WITH_AES_128_CBC_SHA",initSecurityParameters:function(e){e.bulk_cipher_algorithm=Za.BulkCipherAlgorithm.aes,e.cipher_type=Za.CipherType.block,e.enc_key_length=16,e.block_length=16,e.fixed_iv_length=16,e.record_iv_length=16,e.mac_algorithm=Za.MACAlgorithm.hmac_sha1,e.mac_length=20,e.mac_key_length=20},initConnectionState:$a},Za.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA={id:[0,53],name:"TLS_RSA_WITH_AES_256_CBC_SHA",initSecurityParameters:function(e){e.bulk_cipher_algorithm=Za.BulkCipherAlgorithm.aes,e.cipher_type=Za.CipherType.block,e.enc_key_length=32,e.block_length=16,e.fixed_iv_length=16,e.record_iv_length=16,e.mac_algorithm=Za.MACAlgorithm.hmac_sha1,e.mac_length=20,e.mac_key_length=20},initConnectionState:$a};var an=v;an.debug=an.debug\|\|{},an.debug.storage={},an.debug.get=function(e,t){var r;return void 0===e?r=an.debug.storage:e in an.debug.storage&&(r=void 0===t?an.debug.storage[e]:an.debug.storage[e][t]),r},an.debug.set=function(e,t,r){e in an.debug.storage\|\|(an.debug.storage[e]={}),an.debug.storage[e][t]=r},an.debug.clear=function(e,t){void 0===e?an.debug.storage={}:e in an.debug.storage&&(void 0===t?delete an.debug.storage[e]:delete an.debug.storage[e][t])};var nn=v,sn=nn.sha512=nn.sha512\|\|{};nn.md.sha512=nn.md.algorithms.sha512=sn;var on=nn.sha384=nn.sha512.sha384=nn.sha512.sha384\|\|{};on.create=function(){return sn.create("SHA-384")},nn.md.sha384=nn.md.algorithms.sha384=on,nn.sha512.sha256=nn.sha512.sha256\|\|{create:function(){return sn.create("SHA-512/256")}},nn.md["sha512/256"]=nn.md.algorithms["sha512/256"]=nn.sha512.sha256,nn.sha512.sha224=nn.sha512.sha224\|\|{create:function(){return sn.create("SHA-512/224")}},nn.md["sha512/224"]=nn.md.algorithms["sha512/224"]=nn.sha512.sha224,sn.create=function(e){if(un\|\|(cn=String.fromCharCode(128),cn+=nn.util.fillString(String.fromCharCode(0),128),ln=[[1116352408,3609767458],[1899447441,602891725],[3049323471,3964484399],[3921009573,2173295548],[961987163,4081628472],[1508970993,3053834265],[2453635748,2937671579],[2870763221,3664609560],[3624381080,2734883394],[310598401,1164996542],[607225278,1323610764],[1426881987,3590304994],[1925078388,4068182383],[2162078206,991336113],[2614888103,633803317],[3248222580,3479774868],[3835390401,2666613458],[4022224774,944711139],[264347078,2341262773],[604807628,2007800933],[770255983,1495990901],[1249150122,1856431235],[1555081692,3175218132],[1996064986,2198950837],[2554220882,3999719339],[2821834349,766784016],[2952996808,2566594879],[3210313671,3203337956],[3336571891,1034457026],[3584528711,2466948901],[113926993,3758326383],[338241895,168717936],[666307205,1188179964],[773529912,1546045734],[1294757372,1522805485],[1396182291,2643833823],[1695183700,2343527390],[1986661051,1014477480],[2177026350,1206759142],[2456956037,344077627],[2730485921,1290863460],[2820302411,3158454273],[3259730800,3505952657],[3345764771,106217008],[3516065817,3606008344],[3600352804,1432725776],[4094571909,1467031594],[275423344,851169720],[430227734,3100823752],[506948616,1363258195],[659060556,3750685593],[883997877,3785050280],[958139571,3318307427],[1322822218,3812723403],[1537002063,2003034995],[1747873779,3602036899],[1955562222,1575990012],[2024104815,1125592928],[2227730452,2716904306],[2361852424,442776044],[2428436474,593698344],[2756734187,3733110249],[3204031479,2999351573],[3329325298,3815920427],[3391569614,3928383900],[3515267271,566280711],[3940187606,3454069534],[4118630271,4000239992],[116418474,1914138554],[174292421,2731055270],[289380356,3203993006],[460393269,320620315],[685471733,587496836],[852142971,1086792851],[1017036298,365543100],[1126000580,2618297676],[1288033470,3409855158],[1501505948,4234509866],[1607167915,987167468],[1816402316,1246189591]],(pn={})["SHA-512"]=[[1779033703,4089235720],[3144134277,2227873595],[1013904242,4271175723],[2773480762,1595750129],[1359893119,2917565137],[2600822924,725511199],[528734635,4215389547],[1541459225,327033209]],pn["SHA-384"]=[[3418070365,3238371032],[1654270250,914150663],[2438529370,812702999],[355462360,4144912697],[1731405415,4290775857],[2394180231,1750603025],[3675008525,1694076839],[1203062813,3204075428]],pn["SHA-512/256"]=[[573645204,4230739756],[2673172387,3360449730],[596883563,1867755857],[2520282905,1497426621],[2519219938,2827943907],[3193839141,1401305490],[721525244,746961066],[246885852,2177182882]],pn["SHA-512/224"]=[[2352822216,424955298],[1944164710,2312950998],[502970286,855612546],[1738396948,1479516111],[258812777,2077511080],[2011393907,79989058],[1067287976,1780299464],[286451373,2446758561]],un=!0),void 0===e&&(e="SHA-512"),!(e in pn))throw new Error("Invalid SHA-512 algorithm: "+e);for(var t=pn[e],r=null,a=nn.util.createBuffer(),n=new Array(80),i=0;i<80;++i)n[i]=new Array(2);var s=64;switch(e){case"SHA-384":s=48;break;case"SHA-512/256":s=32;break;case"SHA-512/224":s=28}var o={algorithm:e.replace("-","").toLowerCase(),blockLength:128,digestLength:s,messageLength:0,fullMessageLength:null,messageLengthSize:16,start:function(){o.messageLength=0,o.fullMessageLength=o.messageLength128=[];for(var e=o.messageLengthSize/4,n=0;n<e;++n)o.fullMessageLength.push(0);a=nn.util.createBuffer(),r=new Array(t.length);for(n=0;n<t.length;++n)r[n]=t[n].slice(0);return o}};return o.start(),o.update=function(e,t){"utf8"===t&&(e=nn.util.encodeUtf8(e));var i=e.length;o.messageLength+=i,i=[i/4294967296>>>0,i>>>0];for(var s=o.fullMessageLength.length-1;s>=0;--s)o.fullMessageLength[s]+=i[1],i[1]=i[0]+(o.fullMessageLength[s]/4294967296>>>0),o.fullMessageLength[s]=o.fullMessageLength[s]>>>0,i[0]=i[1]/4294967296>>>0;return a.putBytes(e),hn(r,n,a),(a.read>2048\|\|0===a.length())&&a.compact(),o},o.digest=function(){var t=nn.util.createBuffer();t.putBytes(a.bytes());var i,s=o.fullMessageLength[o.fullMessageLength.length-1]+o.messageLengthSize&o.blockLength-1;t.putBytes(cn.substr(0,o.blockLength-s));for(var c=8o.fullMessageLength[0],u=0;u<o.fullMessageLength.length-1;++u)c+=(i=8o.fullMessageLength[u+1])/4294967296>>>0,t.putInt32(c>>>0),c=i>>>0;t.putInt32(c);var l=new Array(r.length);for(u=0;u<r.length;++u)l[u]=r[u].slice(0);hn(l,n,t);var p,h=nn.util.createBuffer();p="SHA-512"===e?l.length:"SHA-384"===e?l.length-2:l.length-4;for(u=0;u<p;++u)h.putInt32(l[u][0]),u===p-1&&"SHA-512/224"===e\|\|h.putInt32(l[u][1]);return h},o};var cn=null,un=!1,ln=null,pn=null;function hn(e,t,r){for(var a,n,i,s,o,c,u,l,p,h,f,d,y,g,m,v,C,E,S,T,I,A,b,B,N,w,k,R,_,L,U,D,P,V=r.length();V>=128;){for(k=0;k<16;++k)t[k][0]=r.getInt32()>>>0,t[k][1]=r.getInt32()>>>0;for(;k<80;++k)a=(((R=(L=t[k-2])[0])>>>19\|(_=L[1])<<13)^(_>>>29\|R<<3)^R>>>6)>>>0,n=((R<<13\|_>>>19)^(_<<3\|R>>>29)^(R<<26\|_>>>6))>>>0,i=(((R=(D=t[k-15])[0])>>>1\|(_=D[1])<<31)^(R>>>8\|_<<24)^R>>>7)>>>0,s=((R<<31\|_>>>1)^(R<<24\|_>>>8)^(R<<25\|_>>>7))>>>0,U=t[k-7],P=t[k-16],_=n+U[1]+s+P[1],t[k][0]=a+U[0]+i+P[0]+(_/4294967296>>>0)>>>0,t[k][1]=_>>>0;for(f=e[0][0],d=e[0][1],y=e[1][0],g=e[1][1],m=e[2][0],v=e[2][1],C=e[3][0],E=e[3][1],S=e[4][0],T=e[4][1],I=e[5][0],A=e[5][1],b=e[6][0],B=e[6][1],N=e[7][0],w=e[7][1],k=0;k<80;++k)u=((S>>>14\|T<<18)^(S>>>18\|T<<14)^(T>>>9\|S<<23))>>>0,l=(b^S&(I^b))>>>0,o=((f>>>28\|d<<4)^(d>>>2\|f<<30)^(d>>>7\|f<<25))>>>0,c=((f<<4\|d>>>28)^(d<<30\|f>>>2)^(d<<25\|f>>>7))>>>0,p=(f&y\|m&(f^y))>>>0,h=(d&g\|v&(d^g))>>>0,_=w+(((S<<18\|T>>>14)^(S<<14\|T>>>18)^(T<<23\|S>>>9))>>>0)+((B^T&(A^B))>>>0)+ln[k][1]+t[k][1],a=N+u+l+ln[k][0]+t[k][0]+(_/4294967296>>>0)>>>0,n=_>>>0,i=o+p+((_=c+h)/4294967296>>>0)>>>0,s=_>>>0,N=b,w=B,b=I,B=A,I=S,A=T,S=C+a+((_=E+n)/4294967296>>>0)>>>0,T=_>>>0,C=m,E=v,m=y,v=g,y=f,g=d,f=a+i+((_=n+s)/4294967296>>>0)>>>0,d=_>>>0;_=e[0][1]+d,e[0][0]=e[0][0]+f+(_/4294967296>>>0)>>>0,e[0][1]=_>>>0,_=e[1][1]+g,e[1][0]=e[1][0]+y+(_/4294967296>>>0)>>>0,e[1][1]=_>>>0,_=e[2][1]+v,e[2][0]=e[2][0]+m+(_/4294967296>>>0)>>>0,e[2][1]=_>>>0,_=e[3][1]+E,e[3][0]=e[3][0]+C+(_/4294967296>>>0)>>>0,e[3][1]=_>>>0,_=e[4][1]+T,e[4][0]=e[4][0]+S+(_/4294967296>>>0)>>>0,e[4][1]=_>>>0,_=e[5][1]+A,e[5][0]=e[5][0]+I+(_/4294967296>>>0)>>>0,e[5][1]=_>>>0,_=e[6][1]+B,e[6][0]=e[6][0]+b+(_/4294967296>>>0)>>>0,e[6][1]=_>>>0,_=e[7][1]+w,e[7][0]=e[7][0]+N+(_/4294967296>>>0)>>>0,e[7][1]=_>>>0,V-=128}}var fn={},dn=v.asn1;fn.privateKeyValidator={name:"PrivateKeyInfo",tagClass:dn.Class.UNIVERSAL,type:dn.Type.SEQUENCE,constructed:!0,value:[{name:"PrivateKeyInfo.version",tagClass:dn.Class.UNIVERSAL,type:dn.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"PrivateKeyInfo.privateKeyAlgorithm",tagClass:dn.Class.UNIVERSAL,type:dn.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:dn.Class.UNIVERSAL,type:dn.Type.OID,constructed:!1,capture:"privateKeyOid"}]},{name:"PrivateKeyInfo",tagClass:dn.Class.UNIVERSAL,type:dn.Type.OCTETSTRING,constructed:!1,capture:"privateKey"}]},fn.publicKeyValidator={name:"SubjectPublicKeyInfo",tagClass:dn.Class.UNIVERSAL,type:dn.Type.SEQUENCE,constructed:!0,captureAsn1:"subjectPublicKeyInfo",value:[{name:"SubjectPublicKeyInfo.AlgorithmIdentifier",tagClass:dn.Class.UNIVERSAL,type:dn.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:dn.Class.UNIVERSAL,type:dn.Type.OID,constructed:!1,capture:"publicKeyOid"}]},{tagClass:dn.Class.UNIVERSAL,type:dn.Type.BITSTRING,constructed:!1,composed:!0,captureBitStringValue:"ed25519PublicKey"}]};var yn=v,gn=fn,mn=gn.publicKeyValidator,vn=gn.privateKeyValidator;if(void 0===Cn)var Cn=yn.jsbn.BigInteger;var En=yn.util.ByteBuffer,Sn="undefined"==typeof Buffer?Uint8Array:Buffer;yn.pki=yn.pki\|\|{},yn.pki.ed25519=yn.ed25519=yn.ed25519\|\|{};var Tn=yn.ed25519;function In(e){var t=e.message;if(t instanceof Uint8Array\|\|t instanceof Sn)return t;var r=e.encoding;if(void 0===t){if(!e.md)throw new TypeError('"options.message" or "options.md" not specified.');t=e.md.digest().getBytes(),r="binary"}if("string"==typeof t&&!r)throw new TypeError('"options.encoding" must be "binary" or "utf8".');if("string"==typeof t){if("undefined"!=typeof Buffer)return Buffer.from(t,r);t=new En(t,r)}else if(!(t instanceof En))throw new TypeError('"options.message" must be a node.js Buffer, a Uint8Array, a forge ByteBuffer, or a string with "options.encoding" specifying its encoding.');for(var a=new Sn(t.length()),n=0;n<a.length;++n)a[n]=t.at(n);return a}Tn.constants={},Tn.constants.PUBLIC_KEY_BYTE_LENGTH=32,Tn.constants.PRIVATE_KEY_BYTE_LENGTH=64,Tn.constants.SEED_BYTE_LENGTH=32,Tn.constants.SIGN_BYTE_LENGTH=64,Tn.constants.HASH_BYTE_LENGTH=64,Tn.generateKeyPair=function(e){var t=(e=e\|\|{}).seed;if(void 0===t)t=yn.random.getBytesSync(Tn.constants.SEED_BYTE_LENGTH);else if("string"==typeof t){if(t.length!==Tn.constants.SEED_BYTE_LENGTH)throw new TypeError('"seed" must be '+Tn.constants.SEED_BYTE_LENGTH+" bytes in length.")}else if(!(t instanceof Uint8Array))throw new TypeError('"seed" must be a node.js Buffer, Uint8Array, or a binary string.');t=In({message:t,encoding:"binary"});for(var r=new Sn(Tn.constants.PUBLIC_KEY_BYTE_LENGTH),a=new Sn(Tn.constants.PRIVATE_KEY_BYTE_LENGTH),n=0;n<32;++n)a[n]=t[n];return function(e,t){var r,a=[zn(),zn(),zn(),zn()],n=Ln(t,32);for(n[0]&=248,n[31]&=127,n[31]\|=64,jn(a,n),On(e,a),r=0;r<32;++r)t[r+32]=e[r]}(r,a),{publicKey:r,privateKey:a}},Tn.privateKeyFromAsn1=function(e){var t={},r=[];if(!yn.asn1.validate(e,vn,t,r)){var a=new Error("Invalid Key.");throw a.errors=r,a}var n=yn.asn1.derToOid(t.privateKeyOid),i=yn.oids.EdDSA25519;if(n!==i)throw new Error('Invalid OID "'+n+'"; OID must be "'+i+'".');var s=t.privateKey;return{privateKeyBytes:In({message:yn.asn1.fromDer(s).value,encoding:"binary"})}},Tn.publicKeyFromAsn1=function(e){var t={},r=[];if(!yn.asn1.validate(e,mn,t,r)){var a=new Error("Invalid Key.");throw a.errors=r,a}var n=yn.asn1.derToOid(t.publicKeyOid),i=yn.oids.EdDSA25519;if(n!==i)throw new Error('Invalid OID "'+n+'"; OID must be "'+i+'".');var s=t.ed25519PublicKey;if(s.length!==Tn.constants.PUBLIC_KEY_BYTE_LENGTH)throw new Error("Key length is invalid.");return In({message:s,encoding:"binary"})},Tn.publicKeyFromPrivateKey=function(e){var t=In({message:(e=e\|\|{}).privateKey,encoding:"binary"});if(t.length!==Tn.constants.PRIVATE_KEY_BYTE_LENGTH)throw new TypeError('"options.privateKey" must have a byte length of '+Tn.constants.PRIVATE_KEY_BYTE_LENGTH);for(var r=new Sn(Tn.constants.PUBLIC_KEY_BYTE_LENGTH),a=0;a<r.length;++a)r[a]=t[32+a];return r},Tn.sign=function(e){var t=In(e=e\|\|{}),r=In({message:e.privateKey,encoding:"binary"});if(r.length===Tn.constants.SEED_BYTE_LENGTH)r=Tn.generateKeyPair({seed:r}).privateKey;else if(r.length!==Tn.constants.PRIVATE_KEY_BYTE_LENGTH)throw new TypeError('"options.privateKey" must have a byte length of '+Tn.constants.SEED_BYTE_LENGTH+" or "+Tn.constants.PRIVATE_KEY_BYTE_LENGTH);var a=new Sn(Tn.constants.SIGN_BYTE_LENGTH+t.length);!function(e,t,r,a){var n,i,s=new Float64Array(64),o=[zn(),zn(),zn(),zn()],c=Ln(a,32);c[0]&=248,c[31]&=127,c[31]\|=64;var u=r+64;for(n=0;n<r;++n)e[64+n]=t[n];for(n=0;n<32;++n)e[32+n]=c[32+n];var l=Ln(e.subarray(32),r+32);for(Dn(l),jn(o,l),On(e,o),n=32;n<64;++n)e[n]=a[n];var p=Ln(e,r+64);for(Dn(p),n=32;n<64;++n)s[n]=0;for(n=0;n<32;++n)s[n]=l[n];for(n=0;n<32;++n)for(i=0;i<32;i++)s[n+i]+=p[n]c[i];Un(e.subarray(32),s)}(a,t,t.length,r);for(var n=new Sn(Tn.constants.SIGN_BYTE_LENGTH),i=0;i<n.length;++i)n[i]=a[i];return n},Tn.verify=function(e){var t=In(e=e\|\|{});if(void 0===e.signature)throw new TypeError('"options.signature" must be a node.js Buffer, a Uint8Array, a forge ByteBuffer, or a binary string.');var r=In({message:e.signature,encoding:"binary"});if(r.length!==Tn.constants.SIGN_BYTE_LENGTH)throw new TypeError('"options.signature" must have a byte length of '+Tn.constants.SIGN_BYTE_LENGTH);var a=In({message:e.publicKey,encoding:"binary"});if(a.length!==Tn.constants.PUBLIC_KEY_BYTE_LENGTH)throw new TypeError('"options.publicKey" must have a byte length of '+Tn.constants.PUBLIC_KEY_BYTE_LENGTH);var n,i=new Sn(Tn.constants.SIGN_BYTE_LENGTH+t.length),s=new Sn(Tn.constants.SIGN_BYTE_LENGTH+t.length);for(n=0;n<Tn.constants.SIGN_BYTE_LENGTH;++n)i[n]=r[n];for(n=0;n<t.length;++n)i[n+Tn.constants.SIGN_BYTE_LENGTH]=t[n];return function(e,t,r,a){var n,i=new Sn(32),s=[zn(),zn(),zn(),zn()],o=[zn(),zn(),zn(),zn()];if(-1,r<64)return-1;if(function(e,t){var r=zn(),a=zn(),n=zn(),i=zn(),s=zn(),o=zn(),c=zn();Gn(e[2],bn),function(e,t){var r;for(r=0;r<16;++r)e[r]=t[2r]+(t[2r+1]<<8);e[15]&=32767}(e[1],t),Xn(n,e[1]),Zn(i,n,Bn),Yn(n,n,e[2]),Wn(i,e[2],i),Xn(s,i),Xn(o,s),Zn(c,o,s),Zn(r,c,n),Zn(r,r,i),function(e,t){var r,a=zn();for(r=0;r<16;++r)a[r]=t[r];for(r=250;r>=0;--r)Xn(a,a),1!==r&&Zn(a,a,t);for(r=0;r<16;++r)e[r]=a[r]}(r,r),Zn(r,r,n),Zn(r,r,i),Zn(r,r,i),Zn(e[0],r,i),Xn(a,e[0]),Zn(a,a,i),xn(a,n)&&Zn(e[0],e[0],_n);if(Xn(a,e[0]),Zn(a,a,i),xn(a,n))return-1;Fn(e[0])===t[31]>>7&&Yn(e[0],An,e[0]);return Zn(e[3],e[0],e[1]),0}(o,a))return-1;for(n=0;n<r;++n)e[n]=t[n];for(n=0;n<32;++n)e[n+32]=a[n];var c=Ln(e,r);if(Dn(c),qn(s,o,c),jn(o,t.subarray(32)),Pn(s,o),On(i,s),r-=64,Mn(t,0,i,0)){for(n=0;n<r;++n)e[n]=0;return-1}for(n=0;n<r;++n)e[n]=t[n+64];return r}(s,i,i.length,a)>=0};var An=zn(),bn=zn([1]),Bn=zn([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),Nn=zn([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),wn=zn([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),kn=zn([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),Rn=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]),_n=zn([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function Ln(e,t){var r=yn.md.sha512.create(),a=new En(e);r.update(a.getBytes(t),"binary");var n=r.digest().getBytes();if("undefined"!=typeof Buffer)return Buffer.from(n,"binary");for(var i=new Sn(Tn.constants.HASH_BYTE_LENGTH),s=0;s<64;++s)i[s]=n.charCodeAt(s);return i}function Un(e,t){var r,a,n,i;for(a=63;a>=32;--a){for(r=0,n=a-32,i=a-12;n<i;++n)t[n]+=r-16t[a]Rn[n-(a-32)],r=t[n]+128>>8,t[n]-=256r;t[n]+=r,t[a]=0}for(r=0,n=0;n<32;++n)t[n]+=r-(t[31]>>4)Rn[n],r=t[n]>>8,t[n]&=255;for(n=0;n<32;++n)t[n]-=rRn[n];for(a=0;a<32;++a)t[a+1]+=t[a]>>8,e[a]=255&t[a]}function Dn(e){for(var t=new Float64Array(64),r=0;r<64;++r)t[r]=e[r],e[r]=0;Un(e,t)}function Pn(e,t){var r=zn(),a=zn(),n=zn(),i=zn(),s=zn(),o=zn(),c=zn(),u=zn(),l=zn();Yn(r,e[1],e[0]),Yn(l,t[1],t[0]),Zn(r,r,l),Wn(a,e[0],e[1]),Wn(l,t[0],t[1]),Zn(a,a,l),Zn(n,e[3],t[3]),Zn(n,n,Nn),Zn(i,e[2],t[2]),Wn(i,i,i),Yn(s,a,r),Yn(o,i,n),Wn(c,i,n),Wn(u,a,r),Zn(e[0],s,o),Zn(e[1],u,c),Zn(e[2],c,o),Zn(e[3],s,u)}function Vn(e,t,r){for(var a=0;a<4;++a)Qn(e[a],t[a],r)}function On(e,t){var r=zn(),a=zn(),n=zn();!function(e,t){var r,a=zn();for(r=0;r<16;++r)a[r]=t[r];for(r=253;r>=0;--r)Xn(a,a),2!==r&&4!==r&&Zn(a,a,t);for(r=0;r<16;++r)e[r]=a[r]}(n,t[2]),Zn(r,t[0],n),Zn(a,t[1],n),Kn(e,a),e[31]^=Fn(r)<<7}function Kn(e,t){var r,a,n,i=zn(),s=zn();for(r=0;r<16;++r)s[r]=t[r];for(Hn(s),Hn(s),Hn(s),a=0;a<2;++a){for(i[0]=s[0]-65517,r=1;r<15;++r)i[r]=s[r]-65535-(i[r-1]>>16&1),i[r-1]&=65535;i[15]=s[15]-32767-(i[14]>>16&1),n=i[15]>>16&1,i[14]&=65535,Qn(s,i,1-n)}for(r=0;r<16;r++)e[2r]=255&s[r],e[2r+1]=s[r]>>8}function xn(e,t){var r=new Sn(32),a=new Sn(32);return Kn(r,e),Kn(a,t),Mn(r,0,a,0)}function Mn(e,t,r,a){return function(e,t,r,a,n){var i,s=0;for(i=0;i<n;++i)s\|=e[t+i]^r[a+i];return(1&s-1>>>8)-1}(e,t,r,a,32)}function Fn(e){var t=new Sn(32);return Kn(t,e),1&t[0]}function qn(e,t,r){var a,n;for(Gn(e[0],An),Gn(e[1],bn),Gn(e[2],bn),Gn(e[3],An),n=255;n>=0;--n)Vn(e,t,a=r[n/8\|0]>>(7&n)&1),Pn(t,e),Pn(e,e),Vn(e,t,a)}function jn(e,t){var r=[zn(),zn(),zn(),zn()];Gn(r[0],wn),Gn(r[1],kn),Gn(r[2],bn),Zn(r[3],wn,kn),qn(e,r,t)}function Gn(e,t){var r;for(r=0;r<16;r++)e[r]=0\|t[r]}function Hn(e){var t,r,a=1;for(t=0;t<16;++t)r=e[t]+a+65535,a=Math.floor(r/65536),e[t]=r-65536a;e[0]+=a-1+37(a-1)}function Qn(e,t,r){for(var a,n=~(r-1),i=0;i<16;++i)a=n&(e[i]^t[i]),e[i]^=a,t[i]^=a}function zn(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;++t)r[t]=e[t];return r}function Wn(e,t,r){for(var a=0;a<16;++a)e[a]=t[a]+r[a]}function Yn(e,t,r){for(var a=0;a<16;++a)e[a]=t[a]-r[a]}function Xn(e,t){Zn(e,t,t)}function Zn(e,t,r){var a,n,i=0,s=0,o=0,c=0,u=0,l=0,p=0,h=0,f=0,d=0,y=0,g=0,m=0,v=0,C=0,E=0,S=0,T=0,I=0,A=0,b=0,B=0,N=0,w=0,k=0,R=0,_=0,L=0,U=0,D=0,P=0,V=r[0],O=r[1],K=r[2],x=r[3],M=r[4],F=r[5],q=r[6],j=r[7],G=r[8],H=r[9],Q=r[10],z=r[11],W=r[12],Y=r[13],X=r[14],Z=r[15];i+=(a=t[0])V,s+=aO,o+=aK,c+=ax,u+=aM,l+=aF,p+=aq,h+=aj,f+=aG,d+=aH,y+=aQ,g+=az,m+=aW,v+=aY,C+=aX,E+=aZ,s+=(a=t[1])V,o+=aO,c+=aK,u+=ax,l+=aM,p+=aF,h+=aq,f+=aj,d+=aG,y+=aH,g+=aQ,m+=az,v+=aW,C+=aY,E+=aX,S+=aZ,o+=(a=t[2])V,c+=aO,u+=aK,l+=ax,p+=aM,h+=aF,f+=aq,d+=aj,y+=aG,g+=aH,m+=aQ,v+=az,C+=aW,E+=aY,S+=aX,T+=aZ,c+=(a=t[3])V,u+=aO,l+=aK,p+=ax,h+=aM,f+=aF,d+=aq,y+=aj,g+=aG,m+=aH,v+=aQ,C+=az,E+=aW,S+=aY,T+=aX,I+=aZ,u+=(a=t[4])V,l+=aO,p+=aK,h+=ax,f+=aM,d+=aF,y+=aq,g+=aj,m+=aG,v+=aH,C+=aQ,E+=az,S+=aW,T+=aY,I+=aX,A+=aZ,l+=(a=t[5])V,p+=aO,h+=aK,f+=ax,d+=aM,y+=aF,g+=aq,m+=aj,v+=aG,C+=aH,E+=aQ,S+=az,T+=aW,I+=aY,A+=aX,b+=aZ,p+=(a=t[6])V,h+=aO,f+=aK,d+=ax,y+=aM,g+=aF,m+=aq,v+=aj,C+=aG,E+=aH,S+=aQ,T+=az,I+=aW,A+=aY,b+=aX,B+=aZ,h+=(a=t[7])V,f+=aO,d+=aK,y+=ax,g+=aM,m+=aF,v+=aq,C+=aj,E+=aG,S+=aH,T+=aQ,I+=az,A+=aW,b+=aY,B+=aX,N+=aZ,f+=(a=t[8])V,d+=aO,y+=aK,g+=ax,m+=aM,v+=aF,C+=aq,E+=aj,S+=aG,T+=aH,I+=aQ,A+=az,b+=aW,B+=aY,N+=aX,w+=aZ,d+=(a=t[9])V,y+=aO,g+=aK,m+=ax,v+=aM,C+=aF,E+=aq,S+=aj,T+=aG,I+=aH,A+=aQ,b+=az,B+=aW,N+=aY,w+=aX,k+=aZ,y+=(a=t[10])V,g+=aO,m+=aK,v+=ax,C+=aM,E+=aF,S+=aq,T+=aj,I+=aG,A+=aH,b+=aQ,B+=az,N+=aW,w+=aY,k+=aX,R+=aZ,g+=(a=t[11])V,m+=aO,v+=aK,C+=ax,E+=aM,S+=aF,T+=aq,I+=aj,A+=aG,b+=aH,B+=aQ,N+=az,w+=aW,k+=aY,R+=aX,_+=aZ,m+=(a=t[12])V,v+=aO,C+=aK,E+=ax,S+=aM,T+=aF,I+=aq,A+=aj,b+=aG,B+=aH,N+=aQ,w+=az,k+=aW,R+=aY,_+=aX,L+=aZ,v+=(a=t[13])V,C+=aO,E+=aK,S+=ax,T+=aM,I+=aF,A+=aq,b+=aj,B+=aG,N+=aH,w+=aQ,k+=az,R+=aW,_+=aY,L+=aX,U+=aZ,C+=(a=t[14])V,E+=aO,S+=aK,T+=ax,I+=aM,A+=aF,b+=aq,B+=aj,N+=aG,w+=aH,k+=aQ,R+=az,_+=aW,L+=aY,U+=aX,D+=aZ,E+=(a=t[15])V,s+=38(T+=aK),o+=38(I+=ax),c+=38(A+=aM),u+=38(b+=aF),l+=38(B+=aq),p+=38(N+=aj),h+=38(w+=aG),f+=38(k+=aH),d+=38(R+=aQ),y+=38(_+=az),g+=38(L+=aW),m+=38(U+=aY),v+=38(D+=aX),C+=38(P+=aZ),i=(a=(i+=38(S+=aO))+(n=1)+65535)-65536(n=Math.floor(a/65536)),s=(a=s+n+65535)-65536(n=Math.floor(a/65536)),o=(a=o+n+65535)-65536(n=Math.floor(a/65536)),c=(a=c+n+65535)-65536(n=Math.floor(a/65536)),u=(a=u+n+65535)-65536(n=Math.floor(a/65536)),l=(a=l+n+65535)-65536(n=Math.floor(a/65536)),p=(a=p+n+65535)-65536(n=Math.floor(a/65536)),h=(a=h+n+65535)-65536(n=Math.floor(a/65536)),f=(a=f+n+65535)-65536(n=Math.floor(a/65536)),d=(a=d+n+65535)-65536(n=Math.floor(a/65536)),y=(a=y+n+65535)-65536(n=Math.floor(a/65536)),g=(a=g+n+65535)-65536(n=Math.floor(a/65536)),m=(a=m+n+65535)-65536(n=Math.floor(a/65536)),v=(a=v+n+65535)-65536(n=Math.floor(a/65536)),C=(a=C+n+65535)-65536(n=Math.floor(a/65536)),E=(a=E+n+65535)-65536(n=Math.floor(a/65536)),i=(a=(i+=n-1+37(n-1))+(n=1)+65535)-65536(n=Math.floor(a/65536)),s=(a=s+n+65535)-65536(n=Math.floor(a/65536)),o=(a=o+n+65535)-65536(n=Math.floor(a/65536)),c=(a=c+n+65535)-65536(n=Math.floor(a/65536)),u=(a=u+n+65535)-65536(n=Math.floor(a/65536)),l=(a=l+n+65535)-65536(n=Math.floor(a/65536)),p=(a=p+n+65535)-65536(n=Math.floor(a/65536)),h=(a=h+n+65535)-65536(n=Math.floor(a/65536)),f=(a=f+n+65535)-65536(n=Math.floor(a/65536)),d=(a=d+n+65535)-65536(n=Math.floor(a/65536)),y=(a=y+n+65535)-65536(n=Math.floor(a/65536)),g=(a=g+n+65535)-65536(n=Math.floor(a/65536)),m=(a=m+n+65535)-65536(n=Math.floor(a/65536)),v=(a=v+n+65535)-65536(n=Math.floor(a/65536)),C=(a=C+n+65535)-65536(n=Math.floor(a/65536)),E=(a=E+n+65535)-65536(n=Math.floor(a/65536)),i+=n-1+37(n-1),e[0]=i,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=l,e[6]=p,e[7]=h,e[8]=f,e[9]=d,e[10]=y,e[11]=g,e[12]=m,e[13]=v,e[14]=C,e[15]=E}var $n=v;$n.kem=$n.kem\|\|{};var Jn=$n.jsbn.BigInteger;function ei(e,t,r,a){e.generate=function(e,n){for(var i=new $n.util.ByteBuffer,s=Math.ceil(n/a)+r,o=new $n.util.ByteBuffer,c=r;c<s;++c){o.putInt32(c),t.start(),t.update(e+o.getBytes());var u=t.digest();i.putBytes(u.getBytes(a))}return i.truncate(i.length()-n),i.getBytes()}}$n.kem.rsa={},$n.kem.rsa.create=function(e,t){var r=(t=t\|\|{}).prng\|\|$n.random,a={encrypt:function(t,a){var n,i=Math.ceil(t.n.bitLength()/8);do{n=new Jn($n.util.bytesToHex(r.getBytesSync(i)),16).mod(t.n)}while(n.compareTo(Jn.ONE)<=0);var s=i-(n=$n.util.hexToBytes(n.toString(16))).length;return s>0&&(n=$n.util.fillString(String.fromCharCode(0),s)+n),{encapsulation:t.encrypt(n,"NONE"),key:e.generate(n,a)}},decrypt:function(t,r,a){var n=t.decrypt(r,"NONE");return e.generate(n,a)}};return a},$n.kem.kdf1=function(e,t){ei(this,e,0,t\|\|e.digestLength)},$n.kem.kdf2=function(e,t){ei(this,e,1,t\|\|e.digestLength)};var ti=v;ti.log=ti.log\|\|{},ti.log.levels=["none","error","warning","info","debug","verbose","max"];var ri={},ai=[],ni=null;ti.log.LEVEL_LOCKED=2,ti.log.NO_LEVEL_CHECK=4,ti.log.INTERPOLATE=8;for(var ii=0;ii<ti.log.levels.length;++ii){var si=ti.log.levels[ii];ri[si]={index:ii,name:si.toUpperCase()}}ti.log.logMessage=function(e){for(var t=ri[e.level].index,r=0;r<ai.length;++r){var a=ai[r];if(a.flags&ti.log.NO_LEVEL_CHECK)a.f(e);else t<=ri[a.level].index&&a.f(a,e)}},ti.log.prepareStandard=function(e){"standard"in e\|\|(e.standard=ri[e.level].name+" ["+e.category+"] "+e.message)},ti.log.prepareFull=function(e){if(!("full"in e)){var t=[e.message];t=t.concat([]\|\|e.arguments),e.full=ti.util.format.apply(this,t)}},ti.log.prepareStandardFull=function(e){"standardFull"in e\|\|(ti.log.prepareStandard(e),e.standardFull=e.standard)};var oi=["error","warning","info","debug","verbose"];for(ii=0;ii<oi.length;++ii)!function(e){ti.log[e]=function(t,r){var a=Array.prototype.slice.call(arguments).slice(2),n={timestamp:new Date,level:e,category:t,message:r,arguments:a};ti.log.logMessage(n)}}(oi[ii]);if(ti.log.makeLogger=function(e){var t={flags:0,f:e};return ti.log.setLevel(t,"none"),t},ti.log.setLevel=function(e,t){var r=!1;if(e&&!(e.flags&ti.log.LEVEL_LOCKED))for(var a=0;a<ti.log.levels.length;++a){if(t==ti.log.levels[a]){e.level=t,r=!0;break}}return r},ti.log.lock=function(e,t){void 0===t\|\|t?e.flags\|=ti.log.LEVEL_LOCKED:e.flags&=~ti.log.LEVEL_LOCKED},ti.log.addLogger=function(e){ai.push(e)},"undefined"!=typeof console&&"log"in console){var ci;if(console.error&&console.warn&&console.info&&console.debug){var ui={error:console.error,warning:console.warn,info:console.info,debug:console.debug,verbose:console.debug},li=function(e,t){ti.log.prepareStandard(t);var r=ui[t.level],a=[t.standard];a=a.concat(t.arguments.slice()),r.apply(console,a)};ci=ti.log.makeLogger(li)}else{li=function(e,t){ti.log.prepareStandardFull(t),console.log(t.standardFull)};ci=ti.log.makeLogger(li)}ti.log.setLevel(ci,"debug"),ti.log.addLogger(ci),ni=ci}else console={log:function(){}};if(null!==ni){var pi=ti.util.getQueryVariables();if("console.level"in pi&&ti.log.setLevel(ni,pi["console.level"].slice(-1)[0]),"console.lock"in pi)"true"==pi["console.lock"].slice(-1)[0]&&ti.log.lock(ni)}ti.log.consoleLogger=ni;var hi={};({get exports(){return hi},set exports(e){hi=e}}).exports=de;var fi=v,di=fi.asn1,yi=fi.pkcs7=fi.pkcs7\|\|{};function gi(e){var t={},r=[];if(!di.validate(e,yi.asn1.recipientInfoValidator,t,r)){var a=new Error("Cannot read PKCS#7 RecipientInfo. ASN.1 object is not an PKCS#7 RecipientInfo.");throw a.errors=r,a}return{version:t.version.charCodeAt(0),issuer:fi.pki.RDNAttributesAsArray(t.issuer),serialNumber:fi.util.createBuffer(t.serial).toHex(),encryptedContent:{algorithm:di.derToOid(t.encAlgorithm),parameter:t.encParameter.value,content:t.encKey}}}function mi(e){for(var t,r=[],a=0;a<e.length;++a)r.push((t=e[a],di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.INTEGER,!1,di.integerToDer(t.version).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[fi.pki.distinguishedNameToAsn1({attributes:t.issuer}),di.create(di.Class.UNIVERSAL,di.Type.INTEGER,!1,fi.util.hexToBytes(t.serialNumber))]),di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(t.encryptedContent.algorithm).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.NULL,!1,"")]),di.create(di.Class.UNIVERSAL,di.Type.OCTETSTRING,!1,t.encryptedContent.content)])));return r}function vi(e){var t=di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.INTEGER,!1,di.integerToDer(e.version).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[fi.pki.distinguishedNameToAsn1({attributes:e.issuer}),di.create(di.Class.UNIVERSAL,di.Type.INTEGER,!1,fi.util.hexToBytes(e.serialNumber))]),di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(e.digestAlgorithm).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.NULL,!1,"")])]);if(e.authenticatedAttributesAsn1&&t.value.push(e.authenticatedAttributesAsn1),t.value.push(di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(e.signatureAlgorithm).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.NULL,!1,"")])),t.value.push(di.create(di.Class.UNIVERSAL,di.Type.OCTETSTRING,!1,e.signature)),e.unauthenticatedAttributes.length>0){for(var r=di.create(di.Class.CONTEXT_SPECIFIC,1,!0,[]),a=0;a<e.unauthenticatedAttributes.length;++a){var n=e.unauthenticatedAttributes[a];r.values.push(Ci(n))}t.value.push(r)}return t}function Ci(e){var t;if(e.type===fi.pki.oids.contentType)t=di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(e.value).getBytes());else if(e.type===fi.pki.oids.messageDigest)t=di.create(di.Class.UNIVERSAL,di.Type.OCTETSTRING,!1,e.value.bytes());else if(e.type===fi.pki.oids.signingTime){var r=new Date("1950-01-01T00:00:00Z"),a=new Date("2050-01-01T00:00:00Z"),n=e.value;if("string"==typeof n){var i=Date.parse(n);n=isNaN(i)?13===n.length?di.utcTimeToDate(n):di.generalizedTimeToDate(n):new Date(i)}t=n>=r&&n<a?di.create(di.Class.UNIVERSAL,di.Type.UTCTIME,!1,di.dateToUtcTime(n)):di.create(di.Class.UNIVERSAL,di.Type.GENERALIZEDTIME,!1,di.dateToGeneralizedTime(n))}return di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(e.type).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.SET,!0,[t])])}function Ei(e,t,r){var a={};if(!di.validate(t,r,a,[])){var n=new Error("Cannot read PKCS#7 message. ASN.1 object is not a supported PKCS#7 message.");throw n.errors=n,n}if(di.derToOid(a.contentType)!==fi.pki.oids.data)throw new Error("Unsupported PKCS#7 message. Only wrapped ContentType Data supported.");if(a.encryptedContent){var i="";if(fi.util.isArray(a.encryptedContent))for(var s=0;s<a.encryptedContent.length;++s){if(a.encryptedContent[s].type!==di.Type.OCTETSTRING)throw new Error("Malformed PKCS#7 message, expecting encrypted content constructed of only OCTET STRING objects.");i+=a.encryptedContent[s].value}else i=a.encryptedContent;e.encryptedContent={algorithm:di.derToOid(a.encAlgorithm),parameter:fi.util.createBuffer(a.encParameter.value),content:fi.util.createBuffer(i)}}if(a.content){i="";if(fi.util.isArray(a.content))for(s=0;s<a.content.length;++s){if(a.content[s].type!==di.Type.OCTETSTRING)throw new Error("Malformed PKCS#7 message, expecting content constructed of only OCTET STRING objects.");i+=a.content[s].value}else i=a.content;e.content=fi.util.createBuffer(i)}return e.version=a.version.charCodeAt(0),e.rawCapture=a,a}function Si(e){if(void 0===e.encryptedContent.key)throw new Error("Symmetric key not available.");if(void 0===e.content){var t;switch(e.encryptedContent.algorithm){case fi.pki.oids["aes128-CBC"]:case fi.pki.oids["aes192-CBC"]:case fi.pki.oids["aes256-CBC"]:t=fi.aes.createDecryptionCipher(e.encryptedContent.key);break;case fi.pki.oids.desCBC:case fi.pki.oids["des-EDE3-CBC"]:t=fi.des.createDecryptionCipher(e.encryptedContent.key);break;default:throw new Error("Unsupported symmetric cipher, OID "+e.encryptedContent.algorithm)}if(t.start(e.encryptedContent.parameter),t.update(e.encryptedContent.content),!t.finish())throw new Error("Symmetric decryption failed.");e.content=t.output}}yi.messageFromPem=function(e){var t=fi.pem.decode(e)[0];if("PKCS7"!==t.type){var r=new Error('Could not convert PKCS#7 message from PEM; PEM header type is not "PKCS#7".');throw r.headerType=t.type,r}if(t.procType&&"ENCRYPTED"===t.procType.type)throw new Error("Could not convert PKCS#7 message from PEM; PEM is encrypted.");var a=di.fromDer(t.body);return yi.messageFromAsn1(a)},yi.messageToPem=function(e,t){var r={type:"PKCS7",body:di.toDer(e.toAsn1()).getBytes()};return fi.pem.encode(r,{maxline:t})},yi.messageFromAsn1=function(e){var t={},r=[];if(!di.validate(e,yi.asn1.contentInfoValidator,t,r)){var a=new Error("Cannot read PKCS#7 message. ASN.1 object is not an PKCS#7 ContentInfo.");throw a.errors=r,a}var n,i=di.derToOid(t.contentType);switch(i){case fi.pki.oids.envelopedData:n=yi.createEnvelopedData();break;case fi.pki.oids.encryptedData:n=yi.createEncryptedData();break;case fi.pki.oids.signedData:n=yi.createSignedData();break;default:throw new Error("Cannot read PKCS#7 message. ContentType with OID "+i+" is not (yet) supported.")}return n.fromAsn1(t.content.value[0]),n},yi.createSignedData=function(){var e=null;return e={type:fi.pki.oids.signedData,version:1,certificates:[],crls:[],signers:[],digestAlgorithmIdentifiers:[],contentInfo:null,signerInfos:[],fromAsn1:function(t){if(Ei(e,t,yi.asn1.signedDataValidator),e.certificates=[],e.crls=[],e.digestAlgorithmIdentifiers=[],e.contentInfo=null,e.signerInfos=[],e.rawCapture.certificates)for(var r=e.rawCapture.certificates.value,a=0;a<r.length;++a)e.certificates.push(fi.pki.certificateFromAsn1(r[a]))},toAsn1:function(){e.contentInfo\|\|e.sign();for(var t=[],r=0;r<e.certificates.length;++r)t.push(fi.pki.certificateToAsn1(e.certificates[r]));var a=[],n=di.create(di.Class.CONTEXT_SPECIFIC,0,!0,[di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.INTEGER,!1,di.integerToDer(e.version).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.SET,!0,e.digestAlgorithmIdentifiers),e.contentInfo])]);return t.length>0&&n.value[0].value.push(di.create(di.Class.CONTEXT_SPECIFIC,0,!0,t)),a.length>0&&n.value[0].value.push(di.create(di.Class.CONTEXT_SPECIFIC,1,!0,a)),n.value[0].value.push(di.create(di.Class.UNIVERSAL,di.Type.SET,!0,e.signerInfos)),di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(e.type).getBytes()),n])},addSigner:function(t){var r=t.issuer,a=t.serialNumber;if(t.certificate){var n=t.certificate;"string"==typeof n&&(n=fi.pki.certificateFromPem(n)),r=n.issuer.attributes,a=n.serialNumber}var i=t.key;if(!i)throw new Error("Could not add PKCS#7 signer; no private key specified.");"string"==typeof i&&(i=fi.pki.privateKeyFromPem(i));var s=t.digestAlgorithm\|\|fi.pki.oids.sha1;switch(s){case fi.pki.oids.sha1:case fi.pki.oids.sha256:case fi.pki.oids.sha384:case fi.pki.oids.sha512:case fi.pki.oids.md5:break;default:throw new Error("Could not add PKCS#7 signer; unknown message digest algorithm: "+s)}var o=t.authenticatedAttributes\|\|[];if(o.length>0){for(var c=!1,u=!1,l=0;l<o.length;++l){var p=o[l];if(c\|\|p.type!==fi.pki.oids.contentType){if(u\|\|p.type!==fi.pki.oids.messageDigest);else if(u=!0,c)break}else if(c=!0,u)break}if(!c\|\|!u)throw new Error("Invalid signer.authenticatedAttributes. If signer.authenticatedAttributes is specified, then it must contain at least two attributes, PKCS #9 content-type and PKCS #9 message-digest.")}e.signers.push({key:i,version:1,issuer:r,serialNumber:a,digestAlgorithm:s,signatureAlgorithm:fi.pki.oids.rsaEncryption,signature:null,authenticatedAttributes:o,unauthenticatedAttributes:[]})},sign:function(t){var r;(t=t\|\|{},"object"!=typeof e.content\|\|null===e.contentInfo)&&(e.contentInfo=di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(fi.pki.oids.data).getBytes())]),"content"in e&&(e.content instanceof fi.util.ByteBuffer?r=e.content.bytes():"string"==typeof e.content&&(r=fi.util.encodeUtf8(e.content)),t.detached?e.detachedContent=di.create(di.Class.UNIVERSAL,di.Type.OCTETSTRING,!1,r):e.contentInfo.value.push(di.create(di.Class.CONTEXT_SPECIFIC,0,!0,[di.create(di.Class.UNIVERSAL,di.Type.OCTETSTRING,!1,r)]))));if(0!==e.signers.length){var a=function(){for(var t={},r=0;r<e.signers.length;++r){var a=e.signers[r];(n=a.digestAlgorithm)in t\|\|(t[n]=fi.md[fi.pki.oids[n]].create()),0===a.authenticatedAttributes.length?a.md=t[n]:a.md=fi.md[fi.pki.oids[n]].create()}for(var n in e.digestAlgorithmIdentifiers=[],t)e.digestAlgorithmIdentifiers.push(di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(n).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.NULL,!1,"")]));return t}();!function(t){var r;r=e.detachedContent?e.detachedContent:(r=e.contentInfo.value[1]).value[0];if(!r)throw new Error("Could not sign PKCS#7 message; there is no content to sign.");var a=di.derToOid(e.contentInfo.value[0].value),n=di.toDer(r);for(var i in n.getByte(),di.getBerValueLength(n),n=n.getBytes(),t)t[i].start().update(n);for(var s=new Date,o=0;o<e.signers.length;++o){var c=e.signers[o];if(0===c.authenticatedAttributes.length){if(a!==fi.pki.oids.data)throw new Error("Invalid signer; authenticatedAttributes must be present when the ContentInfo content type is not PKCS#7 Data.")}else{c.authenticatedAttributesAsn1=di.create(di.Class.CONTEXT_SPECIFIC,0,!0,[]);for(var u=di.create(di.Class.UNIVERSAL,di.Type.SET,!0,[]),l=0;l<c.authenticatedAttributes.length;++l){var p=c.authenticatedAttributes[l];p.type===fi.pki.oids.messageDigest?p.value=t[c.digestAlgorithm].digest():p.type===fi.pki.oids.signingTime&&(p.value\|\|(p.value=s)),u.value.push(Ci(p)),c.authenticatedAttributesAsn1.value.push(Ci(p))}n=di.toDer(u).getBytes(),c.md.start().update(n)}c.signature=c.key.sign(c.md,"RSASSA-PKCS1-V1_5")}e.signerInfos=function(e){for(var t=[],r=0;r<e.length;++r)t.push(vi(e[r]));return t}(e.signers)}(a)}},verify:function(){throw new Error("PKCS#7 signature verification not yet implemented.")},addCertificate:function(t){"string"==typeof t&&(t=fi.pki.certificateFromPem(t)),e.certificates.push(t)},addCertificateRevokationList:function(e){throw new Error("PKCS#7 CRL support not yet implemented.")}},e},yi.createEncryptedData=function(){var e=null;return e={type:fi.pki.oids.encryptedData,version:0,encryptedContent:{algorithm:fi.pki.oids["aes256-CBC"]},fromAsn1:function(t){Ei(e,t,yi.asn1.encryptedDataValidator)},decrypt:function(t){void 0!==t&&(e.encryptedContent.key=t),Si(e)}},e},yi.createEnvelopedData=function(){var e=null;return e={type:fi.pki.oids.envelopedData,version:0,recipients:[],encryptedContent:{algorithm:fi.pki.oids["aes256-CBC"]},fromAsn1:function(t){var r=Ei(e,t,yi.asn1.envelopedDataValidator);e.recipients=function(e){for(var t=[],r=0;r<e.length;++r)t.push(gi(e[r]));return t}(r.recipientInfos.value)},toAsn1:function(){return di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(e.type).getBytes()),di.create(di.Class.CONTEXT_SPECIFIC,0,!0,[di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.INTEGER,!1,di.integerToDer(e.version).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.SET,!0,mi(e.recipients)),di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,(t=e.encryptedContent,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(fi.pki.oids.data).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.SEQUENCE,!0,[di.create(di.Class.UNIVERSAL,di.Type.OID,!1,di.oidToDer(t.algorithm).getBytes()),di.create(di.Class.UNIVERSAL,di.Type.OCTETSTRING,!1,t.parameter.getBytes())]),di.create(di.Class.CONTEXT_SPECIFIC,0,!0,[di.create(di.Class.UNIVERSAL,di.Type.OCTETSTRING,!1,t.content.getBytes())])]))])])]);var t},findRecipient:function(t){for(var r=t.issuer.attributes,a=0;a<e.recipients.length;++a){var n=e.recipients[a],i=n.issuer;if(n.serialNumber===t.serialNumber&&i.length===r.length){for(var s=!0,o=0;o<r.length;++o)if(i[o].type!==r[o].type\|\|i[o].value!==r[o].value){s=!1;break}if(s)return n}}return null},decrypt:function(t,r){if(void 0===e.encryptedContent.key&&void 0!==t&&void 0!==r)switch(t.encryptedContent.algorithm){case fi.pki.oids.rsaEncryption:case fi.pki.oids.desCBC:var a=r.decrypt(t.encryptedContent.content);e.encryptedContent.key=fi.util.createBuffer(a);break;default:throw new Error("Unsupported asymmetric cipher, OID "+t.encryptedContent.algorithm)}Si(e)},addRecipient:function(t){e.recipients.push({version:0,issuer:t.issuer.attributes,serialNumber:t.serialNumber,encryptedContent:{algorithm:fi.pki.oids.rsaEncryption,key:t.publicKey}})},encrypt:function(t,r){if(void 0===e.encryptedContent.content){var a,n,i;switch(r=r\|\|e.encryptedContent.algorithm,t=t\|\|e.encryptedContent.key,r){case fi.pki.oids["aes128-CBC"]:a=16,n=16,i=fi.aes.createEncryptionCipher;break;case fi.pki.oids["aes192-CBC"]:a=24,n=16,i=fi.aes.createEncryptionCipher;break;case fi.pki.oids["aes256-CBC"]:a=32,n=16,i=fi.aes.createEncryptionCipher;break;case fi.pki.oids["des-EDE3-CBC"]:a=24,n=8,i=fi.des.createEncryptionCipher;break;default:throw new Error("Unsupported symmetric cipher, OID "+r)}if(void 0===t)t=fi.util.createBuffer(fi.random.getBytes(a));else if(t.length()!=a)throw new Error("Symmetric key has wrong length; got "+t.length()+" bytes, expected "+a+".");e.encryptedContent.algorithm=r,e.encryptedContent.key=t,e.encryptedContent.parameter=fi.util.createBuffer(fi.random.getBytes(n));var s=i(t);if(s.start(e.encryptedContent.parameter.copy()),s.update(e.content),!s.finish())throw new Error("Symmetric encryption failed.");e.encryptedContent.content=s.output}for(var o=0;o<e.recipients.length;++o){var c=e.recipients[o];if(void 0===c.encryptedContent.content){if(c.encryptedContent.algorithm!==fi.pki.oids.rsaEncryption)throw new Error("Unsupported asymmetric cipher, OID "+c.encryptedContent.algorithm);c.encryptedContent.content=c.encryptedContent.key.encrypt(e.encryptedContent.key.data)}}}},e};var Ti=v,Ii=Ti.ssh=Ti.ssh\|\|{};function Ai(e,t){var r=t.toString(16);r[0]>="8"&&(r="00"+r);var a=Ti.util.hexToBytes(r);e.putInt32(a.length),e.putBytes(a)}function bi(e,t){e.putInt32(t.length),e.putString(t)}function Bi(){for(var e=Ti.md.sha1.create(),t=arguments.length,r=0;r<t;++r)e.update(arguments[r]);return e.digest()}Ii.privateKeyToPutty=function(e,t,r){var a="ssh-rsa",n=""===(t=t\|\|"")?"none":"aes256-cbc",i="PuTTY-User-Key-File-2: "+a+"\r\n";i+="Encryption: "+n+"\r\n",i+="Comment: "+(r=r\|\|"")+"\r\n";var s=Ti.util.createBuffer();bi(s,a),Ai(s,e.e),Ai(s,e.n);var o=Ti.util.encode64(s.bytes(),64),c=Math.floor(o.length/66)+1;i+="Public-Lines: "+c+"\r\n",i+=o;var u,l=Ti.util.createBuffer();if(Ai(l,e.d),Ai(l,e.p),Ai(l,e.q),Ai(l,e.qInv),t){var p=l.length()+16-1;p-=p%16;var h=Bi(l.bytes());h.truncate(h.length()-p+l.length()),l.putBuffer(h);var f=Ti.util.createBuffer();f.putBuffer(Bi("\0\0\0\0",t)),f.putBuffer(Bi("\0\0\0",t));var d=Ti.aes.createEncryptionCipher(f.truncate(8),"CBC");d.start(Ti.util.createBuffer().fillWithByte(0,16)),d.update(l.copy()),d.finish();var y=d.output;y.truncate(16),u=Ti.util.encode64(y.bytes(),64)}else u=Ti.util.encode64(l.bytes(),64);i+="\r\nPrivate-Lines: "+(c=Math.floor(u.length/66)+1)+"\r\n",i+=u;var g=Bi("putty-private-key-file-mac-key",t),m=Ti.util.createBuffer();bi(m,a),bi(m,n),bi(m,r),m.putInt32(s.length()),m.putBuffer(s),m.putInt32(l.length()),m.putBuffer(l);var v=Ti.hmac.create();return v.start("sha1",g),v.update(m.bytes()),i+="\r\nPrivate-MAC: "+v.digest().toHex()+"\r\n"},Ii.publicKeyToOpenSSH=function(e,t){var r="ssh-rsa";t=t\|\|"";var a=Ti.util.createBuffer();return bi(a,r),Ai(a,e.e),Ai(a,e.n),r+" "+Ti.util.encode64(a.bytes())+" "+t},Ii.privateKeyToOpenSSH=function(e,t){return t?Ti.pki.encryptRsaPrivateKey(e,t,{legacy:!0,algorithm:"aes128"}):Ti.pki.privateKeyToPem(e)},Ii.getPublicKeyFingerprint=function(e,t){var r=(t=t\|\|{}).md\|\|Ti.md.md5.create(),a=Ti.util.createBuffer();bi(a,"ssh-rsa"),Ai(a,e.e),Ai(a,e.n),r.start(),r.update(a.getBytes());var n=r.digest();if("hex"===t.encoding){var i=n.toHex();return t.delimiter?i.match(/.{2}/g).join(t.delimiter):i}if("binary"===t.encoding)return n.getBytes();if(t.encoding)throw new Error('Unknown encoding "'+t.encoding+'".');return n};var Ni=v,wi="forge.task",ki={},Ri=0;Ni.debug.set(wi,"tasks",ki);var _i={};Ni.debug.set(wi,"queues",_i);var Li="ready",Ui="running",Di="blocked",Pi="sleeping",Vi="done",Oi="error",Ki="stop",xi="start",Mi="block",Fi="unblock",qi="sleep",ji="wakeup",Gi="cancel",Hi="fail",Qi={};Qi[Li]={},Qi[Li][Ki]=Li,Qi[Li][xi]=Ui,Qi[Li][Gi]=Vi,Qi[Li][Hi]=Oi,Qi[Ui]={},Qi[Ui][Ki]=Li,Qi[Ui][xi]=Ui,Qi[Ui][Mi]=Di,Qi[Ui][Fi]=Ui,Qi[Ui][qi]=Pi,Qi[Ui][ji]=Ui,Qi[Ui][Gi]=Vi,Qi[Ui][Hi]=Oi,Qi[Di]={},Qi[Di][Ki]=Di,Qi[Di][xi]=Di,Qi[Di][Mi]=Di,Qi[Di][Fi]=Di,Qi[Di][qi]=Di,Qi[Di][ji]=Di,Qi[Di][Gi]=Vi,Qi[Di][Hi]=Oi,Qi[Pi]={},Qi[Pi][Ki]=Pi,Qi[Pi][xi]=Pi,Qi[Pi][Mi]=Pi,Qi[Pi][Fi]=Pi,Qi[Pi][qi]=Pi,Qi[Pi][ji]=Pi,Qi[Pi][Gi]=Vi,Qi[Pi][Hi]=Oi,Qi[Vi]={},Qi[Vi][Ki]=Vi,Qi[Vi][xi]=Vi,Qi[Vi][Mi]=Vi,Qi[Vi][Fi]=Vi,Qi[Vi][qi]=Vi,Qi[Vi][ji]=Vi,Qi[Vi][Gi]=Vi,Qi[Vi][Hi]=Oi,Qi[Oi]={},Qi[Oi][Ki]=Oi,Qi[Oi][xi]=Oi,Qi[Oi][Mi]=Oi,Qi[Oi][Fi]=Oi,Qi[Oi][qi]=Oi,Qi[Oi][ji]=Oi,Qi[Oi][Gi]=Oi,Qi[Oi][Hi]=Oi;var zi=function(e){this.id=-1,this.name=e.name\|\|"?",this.parent=e.parent\|\|null,this.run=e.run,this.subtasks=[],this.error=!1,this.state=Li,this.blocks=0,this.timeoutId=null,this.swapTime=null,this.userData=null,this.id=Ri++,ki[this.id]=this};zi.prototype.debug=function(e){e=e\|\|"",Ni.log.debug(wi,e,"[%s][%s] task:",this.id,this.name,this,"subtasks:",this.subtasks.length,"queue:",_i)},zi.prototype.next=function(e,t){"function"==typeof e&&(t=e,e=this.name);var r=new zi({run:t,name:e,parent:this});return r.state=Ui,r.type=this.type,r.successCallback=this.successCallback\|\|null,r.failureCallback=this.failureCallback\|\|null,this.subtasks.push(r),this},zi.prototype.parallel=function(e,t){return Ni.util.isArray(e)&&(t=e,e=this.name),this.next(e,(function(r){var a=r;a.block(t.length);for(var n=function(e,r){Ni.task.start({type:e,run:function(e){t[r](e)},success:function(e){a.unblock()},failure:function(e){a.unblock()}})},i=0;i<t.length;i++){n(e+"__parallel-"+r.id+"-"+i,i)}}))},zi.prototype.stop=function(){this.state=Qi[this.state][Ki]},zi.prototype.start=function(){this.error=!1,this.state=Qi[this.state][xi],this.state===Ui&&(this.start=new Date,this.run(this),Wi(this,0))},zi.prototype.block=function(e){e=void 0===e?1:e,this.blocks+=e,this.blocks>0&&(this.state=Qi[this.state][Mi])},zi.prototype.unblock=function(e){return e=void 0===e?1:e,this.blocks-=e,0===this.blocks&&this.state!==Vi&&(this.state=Ui,Wi(this,0)),this.blocks},zi.prototype.sleep=function(e){e=void 0===e?0:e,this.state=Qi[this.state][qi];var t=this;this.timeoutId=setTimeout((function(){t.timeoutId=null,t.state=Ui,Wi(t,0)}),e)},zi.prototype.wait=function(e){e.wait(this)},zi.prototype.wakeup=function(){this.state===Pi&&(cancelTimeout(this.timeoutId),this.timeoutId=null,this.state=Ui,Wi(this,0))},zi.prototype.cancel=function(){this.state=Qi[this.state][Gi],this.permitsNeeded=0,null!==this.timeoutId&&(cancelTimeout(this.timeoutId),this.timeoutId=null),this.subtasks=[]},zi.prototype.fail=function(e){if(this.error=!0,Yi(this,!0),e)e.error=this.error,e.swapTime=this.swapTime,e.userData=this.userData,Wi(e,0);else{if(null!==this.parent){for(var t=this.parent;null!==t.parent;)t.error=this.error,t.swapTime=this.swapTime,t.userData=this.userData,t=t.parent;Yi(t,!0)}this.failureCallback&&this.failureCallback(this)}};var Wi=function(e,t){var r=t>30\|\|+new Date-e.swapTime>20,a=function(t){if(t++,e.state===Ui)if(r&&(e.swapTime=+new Date),e.subtasks.length>0){var a=e.subtasks.shift();a.error=e.error,a.swapTime=e.swapTime,a.userData=e.userData,a.run(a),a.error\|\|Wi(a,t)}else Yi(e),e.error\|\|null!==e.parent&&(e.parent.error=e.error,e.parent.swapTime=e.swapTime,e.parent.userData=e.userData,Wi(e.parent,t))};r?setTimeout(a,0):a(t)},Yi=function(e,t){e.state=Vi,delete ki[e.id],null===e.parent&&(e.type in _i?0===_i[e.type].length?Ni.log.error(wi,"[%s][%s] task queue empty [%s]",e.id,e.name,e.type):_i[e.type][0]!==e?Ni.log.error(wi,"[%s][%s] task not first in queue [%s]",e.id,e.name,e.type):(_i[e.type].shift(),0===_i[e.type].length?delete _i[e.type]:_i[e.type][0].start()):Ni.log.error(wi,"[%s][%s] task queue missing [%s]",e.id,e.name,e.type),t\|\|(e.error&&e.failureCallback?e.failureCallback(e):!e.error&&e.successCallback&&e.successCallback(e)))};Ni.task=Ni.task\|\|{},Ni.task.start=function(e){var t=new zi({run:e.run,name:e.name\|\|"?"});t.type=e.type,t.successCallback=e.success\|\|null,t.failureCallback=e.failure\|\|null,t.type in _i?_i[e.type].push(t):(_i[t.type]=[t],function(e){e.error=!1,e.state=Qi[e.state][xi],setTimeout((function(){e.state===Ui&&(e.swapTime=+new Date,e.run(e),Wi(e,0))}),0)}(t))},Ni.task.cancel=function(e){e in _i&&(_i[e]=[_i[e][0]])},Ni.task.createCondition=function(){var e={tasks:{},wait:function(t){t.id in e.tasks\|\|(t.block(),e.tasks[t.id]=t)},notify:function(){var t=e.tasks;for(var r in e.tasks={},t)t[r].unblock()}};return e},m.exports=v;var Xi=y(g);class Zi{crt;key;csr;detail;expires;constructor(e){this.crt=e.crt,this.key=e.key,this.csr=e.csr;const{detail:t,expires:r}=this.getCrtDetail(this.crt);this.detail=t,this.expires=r.getTime()}toCertInfo(){return{crt:this.crt,key:this.key,csr:this.csr}}getCrtDetail(e){const t=Xi.pki.certificateFromPem(e.toString());return{detail:t,expires:t.validity.notAfter}}saveToFile(e,t){null==t&&(t=o.join(i.tmpdir(),"/certd/tmp/",Math.floor(1e6Math.random())+"",`cert.${e}`));const r=o.dirname(t);return n.existsSync(r)\|\|n.mkdirSync(r,{recursive:!0}),n.writeFileSync(t,this[e]),t}}exports.CertApplyPlugin=class extends e.AbstractTaskPlugin{domains;email;dnsProviderType;dnsProviderAccess;renewDays;forceUpdate;csrInfo;acme;logger;userContext;accessService;http;lastStatus;cert;async onInstance(){this.acme=new p({userContext:this.userContext,logger:this.logger})}async execute(){const e=await this.condition();if(null!=e)return this.output(e);const t=await this.doCertApply();if(null==t)throw new Error("申请证书失败");this.output(t.toCertInfo()),this.clearLastStatus()}output(e){this.cert=e}async condition(){if(this.forceUpdate)return null;let e=!1;let r;JSON.stringify(this.lastStatus?.input?.domains)!==JSON.stringify(this.domains)&&(e=!0);try{r=await this.readLastCert()}catch(e){this.logger.warn("读取cert失败：",e)}if(null==r)return this.logger.info("还未申请过，准备申请新证书"),null;if(e)return this.logger.info("输入参数变更，申请新证书"),null;const a=this.isWillExpire(r.expires,this.renewDays);return a.isWillExpire?(this.logger.info("即将过期，开始更新证书"),null):(this.logger.info(`证书还未过期：过期时间${t(r.expires).format("YYYY-MM-DD HH:mm:ss")},剩余${a.leftDays}天`),r)}async doCertApply(){const t=this.email,r=this.domains,n=this.dnsProviderType,i=this.dnsProviderAccess,s=a.merge({country:"CN",state:"GuangDong",locality:"ShengZhen",organization:"CertD Org.",organizationUnit:"IT Department",emailAddress:t},this.csrInfo);this.logger.info("开始申请证书,",t,r);const o=h.get(n),c=o.target,u=o.define,l=await this.accessService.getById(i),p=new c,f={access:l,logger:this.logger,http:this.http};e.Decorator.inject(u.autowire,p,f),await p.onInstance();const d=await this.acme.order({email:t,domains:r,dnsProvider:p,csrInfo:s,isTest:!1}),y=this.formatCerts(d);return new Zi(y)}formatCert(e){return e=(e=(e=e.replace(/\r/g,"")).replace(/\n\n/g,"\n")).replace(/\n$/g,"")}formatCerts(e){return{crt:this.formatCert(e.crt),key:this.formatCert(e.key),csr:this.formatCert(e.csr)}}async readLastCert(){const e=this.lastStatus?.status?.output?.cert;if(null!=e)return new Zi(e)}isWillExpire(e,r=20){if(null==e)throw new Error("过期时间不能为空");const a=t(e).diff(t(),"day");return{isWillExpire:a<r,leftDays:a}}},l([e.TaskInput({title:"域名",component:{name:"a-select",vModel:"value",mode:"tags",open:!1},required:!0,col:{span:24},helper:"支持通配符域名，例如： .foo.com 、 .test.handsfree.work\n支持多个域名、多个子域名、多个通配符域名打到一个证书上（域名必须是在同一个DNS提供商解析）\n多级子域名要分成多个域名输入（*.foo.com的证书不能用于xxx.yyy.foo.com）\n输入一个回车之后，再输入下一个"})],exports.CertApplyPlugin.prototype,"domains",void 0),l([e.TaskInput({title:"邮箱",component:{name:"a-input",vModel:"value"},required:!0,helper:"请输入邮箱"})],exports.CertApplyPlugin.prototype,"email",void 0),l([e.TaskInput({title:"DNS提供商",component:{name:"pi-dns-provider-selector"},required:!0,helper:"请选择dns解析提供商"})],exports.CertApplyPlugin.prototype,"dnsProviderType",void 0),l([e.TaskInput({title:"DNS解析授权",component:{name:"pi-access-selector"},required:!0,helper:"请选择dns解析提供商授权"})],exports.CertApplyPlugin.prototype,"dnsProviderAccess",void 0),l([e.TaskInput({title:"更新天数",component:{name:"a-input-number",vModel:"value"},required:!0,helper:"到期前多少天后更新证书"})],exports.CertApplyPlugin.prototype,"renewDays",void 0),l([e.TaskInput({title:"强制更新",component:{name:"a-switch",vModel:"checked"},helper:"是否强制重新申请证书"})],exports.CertApplyPlugin.prototype,"forceUpdate",void 0),l([e.TaskInput({title:"CsrInfo"})],exports.CertApplyPlugin.prototype,"csrInfo",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"logger",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"userContext",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"accessService",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"http",void 0),l([e.Autowire()],exports.CertApplyPlugin.prototype,"lastStatus",void 0),l([e.TaskOutput({title:"域名证书"})],exports.CertApplyPlugin.prototype,"cert",void 0),exports.CertApplyPlugin=l([e.IsTaskPlugin({name:"CertApply",title:"证书申请",desc:"免费通配符域名证书申请，支持多个域名打到同一个证书上",default:{input:{renewDays:20,forceUpdate:!1},strategy:{runStrategy:e.RunStrategy.AlwaysRun}}})],exports.CertApplyPlugin),new exports.CertApplyPlugin,exports.CertReader=Zi,exports.DNS_PROVIDER_CLASS_KEY=f,exports.IsDnsProvider=function(t){return r=>{r=e.Decorator.target(r);const n={},i=e.Decorator.getClassProperties(r);for(const t in i){const a=Reflect.getMetadata(e.AUTOWIRE_KEY,r,t);a&&(n[t]=a)}a.merge(t,{autowire:n}),Reflect.defineMetadata(f,t,r),r.define=t,h.register(t.name,{define:t,target:r})}},exports.dnsProviderRegistry=h;