@certd/plugin-cert 1.23.1 → 1.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (33) hide show
  1. package/CHANGELOG.md +18 -0
  2. package/dist/access/eab-access.d.ts +4 -4
  3. package/dist/access/index.d.ts +1 -1
  4. package/dist/bundle.js +1 -1
  5. package/dist/d/plugin/cert-plugin/acme.d.ts +0 -2
  6. package/dist/d/plugin/cert-plugin/index.d.ts +0 -1
  7. package/dist/dns-provider/api.d.ts +27 -27
  8. package/dist/dns-provider/base.d.ts +8 -8
  9. package/dist/dns-provider/decorator.d.ts +3 -3
  10. package/dist/dns-provider/index.d.ts +4 -4
  11. package/dist/dns-provider/registry.d.ts +2 -2
  12. package/dist/index.d.ts +3 -3
  13. package/dist/plugin/cert-plugin/acme.d.ts +7 -3
  14. package/dist/plugin/cert-plugin/acme.js +40 -11
  15. package/dist/plugin/cert-plugin/base.d.ts +1 -4
  16. package/dist/plugin/cert-plugin/base.js +3 -7
  17. package/dist/plugin/cert-plugin/cert-reader.d.ts +1 -2
  18. package/dist/plugin/cert-plugin/cert-reader.js +4 -5
  19. package/dist/plugin/cert-plugin/index.d.ts +2 -1
  20. package/dist/plugin/cert-plugin/index.js +30 -5
  21. package/dist/plugin/cert-plugin/lego/dns.d.ts +1 -1
  22. package/dist/plugin/cert-plugin/lego/index.d.ts +17 -17
  23. package/dist/plugin/cert-plugin/lego/index.js +2 -2
  24. package/dist/plugin/cert-plugin/lego.d.ts +16 -16
  25. package/dist/plugin/cert-plugin/lego.js +153 -145
  26. package/dist/plugin/index.d.ts +2 -2
  27. package/dist/plugin-cert.mjs +11786 -0
  28. package/dist/plugin-cert.umd.js +28 -0
  29. package/package.json +4 -4
  30. package/stats.html +6177 -0
  31. package/test/user.secret.js +7 -0
  32. package/test/user.secret.ts +4 -0
  33. package/tsconfig.tsbuildinfo +1 -1
package/dist/plugin-cert.umd.js ADDED
@@ -0,0 +1,28 @@
1
+ (function(ee,ae){typeof exports=="object"&&typeof module<"u"?ae(exports,require("@certd/pipeline"),require("dayjs"),require("@certd/acme-client"),require("lodash-es")):typeof define=="function"&&define.amd?define(["exports","@certd/pipeline","dayjs","@certd/acme-client","lodash-es"],ae):(ee=typeof globalThis<"u"?globalThis:ee||self,ae(ee.CertdPluginCert={},ee.CertdPluginPipeline,ee.dayjs,ee.CertdAcmeClient,ee._))})(this,function(ee,ae,Mt,Si,Ti){"use strict";var _u=Object.defineProperty;var Nu=(ee,ae,Mt)=>ae in ee?_u(ee,ae,{enumerable:!0,configurable:!0,writable:!0,value:Mt}):ee[ae]=Mt;var Ce=(ee,ae,Mt)=>(Nu(ee,typeof ae!="symbol"?ae+"":ae,Mt),Mt);const en=e=>e&&typeof e=="object"&&"default"in e?e:{default:e};function Ai(e){if(e&&e.__esModule)return e;const t=Object.create(null,{[Symbol.toStringTag]:{value:"Module"}});if(e){for(const a in e)if(a!=="default"){const r=Object.getOwnPropertyDescriptor(e,a);Object.defineProperty(t,a,r.get?r:{enumerable:!0,get:()=>e[a]})}}return t.default=e,Object.freeze(t)}const ia=en(Mt),er=Ai(Si),Rr=en(Ti);function et(e,t,a,r){var n=arguments.length,s=n<3?t:r===null?r=Object.getOwnPropertyDescriptor(t,a):r,i;if(typeof Reflect=="object"&&typeof Reflect.decorate=="function")s=Reflect.decorate(e,t,a,r);else for(var o=e.length-1;o>=0;o--)(i=e[o])&&(s=(n<3?i(s):n>3?i(t,a,s):i(t,a))||s);return n>3&&s&&Object.defineProperty(t,a,s),s}class Ii{constructor(t){Ce(this,"userContext");Ce(this,"logger");this.userContext=t.userContext,this.logger=t.logger,er.setLogger(a=>{this.logger.info(a)})}async getAccountConfig(t){return await this.userContext.getObj(this.buildAccountKey(t))||{}}buildAccountKey(t){return"acme.config."+t}async saveAccountConfig(t,a){await this.userContext.setObj(this.buildAccountKey(t),a)}async getAcmeClient(t,a=!1){const r=await this.getAccountConfig(t);r.key==null&&(r.key=await this.createNewKey(),await this.saveAccountConfig(t,r));const n=new er.Client({directoryUrl:a?er.directory.letsencrypt.staging:er.directory.letsencrypt.production,accountKey:r.key,accountUrl:r.accountUrl,backoffAttempts:20,backoffMin:5e3,backoffMax:1e4});if(r.accountUrl==null){const s={termsOfServiceAgreed:!0,contact:[`mailto:${t}`]};await n.createAccount(s),r.accountUrl=n.getAccountUrl(),await this.saveAccountConfig(t,r)}return n}async createNewKey(){return(await er.forge.createPrivateKey()).toString()}async challengeCreateFn(t,a,r,n){if(this.logger.info("Triggered challengeCreateFn()"),a.type==="http-01"){const s=`/var/www/html/.well-known/acme-challenge/${a.token}`,i=r;this.logger.info(`Creating challenge response for ${t.identifier.value} at path: ${s}`),this.logger.info(`Would write "${i}" to path "${s}"`)}else if(a.type==="dns-01"){const s=`_acme-challenge.${t.identifier.value}`,i=r;return this.logger.info(`Creating TXT record for ${t.identifier.value}: ${s}`),this.logger.info(`Would create TXT record "${s}" with value "${i}"`),await n.createRecord({fullRecord:s,type:"TXT",value:i})}}async challengeRemoveFn(t,a,r,n,s){if(this.logger.info("Triggered challengeRemoveFn()"),a.type==="http-01"){const i=`/var/www/html/.well-known/acme-challenge/${a.token}`;this.logger.info(`Removing challenge response for ${t.identifier.value} at path: ${i}`),this.logger.info(`Would remove file on path "${i}"`)}else if(a.type==="dns-01"){const i=`_acme-challenge.${t.identifier.value}`,o=r;this.logger.info(`Removing TXT record for ${t.identifier.value}: ${i}`),this.logger.info(`Would remove TXT record "${i}" with value "${o}"`);try{await s.removeRecord({fullRecord:i,type:"TXT",value:r,record:n})}catch(u){throw this.logger.error("\u5220\u9664\u89E3\u6790\u8BB0\u5F55\u51FA\u9519\uFF1A",u),u}}}async order(t){const{email:a,isTest:r,domains:n,csrInfo:s,dnsProvider:i}=t,o=await this.getAcmeClient(a,r),{commonName:u,altNames:l}=this.buildCommonNameByDomains(n),[f,c]=await er.forge.createCsr({commonName:u,...s,altNames:l});if(i==null)throw new Error("dnsProvider \u4E0D\u80FD\u4E3A\u7A7A");const m={crt:(await o.auto({csr:c,email:a,termsOfServiceAgreed:!0,challengePriority:["dns-01"],challengeCreateFn:async(y,x,S)=>await this.challengeCreateFn(y,x,S,i),challengeRemoveFn:async(y,x,S,A)=>await this.challengeRemoveFn(y,x,S,A,i)})).toString(),key:f.toString(),csr:c.toString()};return this.logger.debug(`CSR:
2
+ ${m.csr}`),this.logger.debug(`Certificate:
3
+ ${m.crt}`),this.logger.info("\u8BC1\u4E66\u7533\u8BF7\u6210\u529F"),m}buildCommonNameByDomains(t){if(typeof t=="string"&&(t=t.split(",")),t.length===0)throw new Error("domain can not be empty");const a=t[0];let r;return t.length>1&&(r=Rr.default.slice(t,1)),{commonName:a,altNames:r}}}const sa={};function tn(e,t){let a=sa[e];a==null&&(a={},sa[e]=a),a[t]=!0}function Bi(e){return sa[e]||{}}function bi(e,t){return typeof e=="object"&&e.constructor&&(e=e.constructor),t!=null&&tn(e,t),e}function _i(e,t,a,r){Rr.default.forEach(e,(n,s)=>{r&&r(n,s,t,a),a[s]!=null&&(t[s]=a[s])})}const Ni={target:bi,attachProperty:tn,getClassProperties:Bi,inject:_i},oa=new ae.Registry,rn="pipeline:dns-provider";function wi(e){return t=>{t=ae.Decorator.target(t);const a={},r=ae.Decorator.getClassProperties(t);for(const n in r){const s=Reflect.getMetadata(ae.AUTOWIRE_KEY,t,n);s&&(a[n]=s)}Rr.default.merge(e,{autowire:a}),Reflect.defineMetadata(rn,e,t),t.define=e,oa.register(e.name,{define:e,target:t})}}const Ht={},Ri=Object.freeze(Object.defineProperty({__proto__:null,default:Ht},Symbol.toStringTag,{value:"Module"}));var Li=typeof globalThis<"u"?globalThis:typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{};function Di(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}function ki(e){var t=e.default;if(typeof t=="function"){var a=function(){return t.apply(this,arguments)};a.prototype=t.prototype}else a={};return Object.defineProperty(a,"__esModule",{value:!0}),Object.keys(e).forEach(function(r){var n=Object.getOwnPropertyDescriptor(e,r);Object.defineProperty(a,r,n.get?n:{enumerable:!0,get:function(){return e[r]}})}),a}var an={exports:{}},Y={options:{usePureJavaScript:!1}},ua={},Ui=ua,nn={};ua.encode=function(e,t,a){if(typeof t!="string")throw new TypeError('"alphabet" must be a string.');if(a!==void 0&&typeof a!="number")throw new TypeError('"maxline" must be a number.');var r="";if(!(e instanceof Uint8Array))r=Pi(e,t);else{var n=0,s=t.length,i=t.charAt(0),o=[0];for(n=0;n<e.length;++n){for(var u=0,l=e[n];u<o.length;++u)l+=o[u]<<8,o[u]=l%s,l=l/s|0;for(;l>0;)o.push(l%s),l=l/s|0}for(n=0;e[n]===0&&n<e.length-1;++n)r+=i;for(n=o.length-1;n>=0;--n)r+=t[o[n]]}if(a){var f=new RegExp(".{1,"+a+"}","g");r=r.match(f).join(`\r
4
+ `)}return r},ua.decode=function(e,t){if(typeof e!="string")throw new TypeError('"input" must be a string.');if(typeof t!="string")throw new TypeError('"alphabet" must be a string.');var a=nn[t];if(!a){a=nn[t]=[];for(var r=0;r<t.length;++r)a[t.charCodeAt(r)]=r}e=e.replace(/\s/g,"");for(var n=t.length,s=t.charAt(0),i=[0],r=0;r<e.length;r++){var o=a[e.charCodeAt(r)];if(o===void 0)return;for(var u=0,l=o;u<i.length;++u)l+=i[u]*n,i[u]=l&255,l>>=8;for(;l>0;)i.push(l&255),l>>=8}for(var f=0;e[f]===s&&f<e.length-1;++f)i.push(0);return typeof Buffer<"u"?Buffer.from(i.reverse()):new Uint8Array(i.reverse())};function Pi(e,t){var a=0,r=t.length,n=t.charAt(0),s=[0];for(a=0;a<e.length();++a){for(var i=0,o=e.at(a);i<s.length;++i)o+=s[i]<<8,s[i]=o%r,o=o/r|0;for(;o>0;)s.push(o%r),o=o/r|0}var u="";for(a=0;e.at(a)===0&&a<e.length()-1;++a)u+=n;for(a=s.length-1;a>=0;--a)u+=t[s[a]];return u}var sn=Y,on=Ui,E=sn.util=sn.util||{};(function(){if(typeof process<"u"&&process.nextTick&&!process.browser){E.nextTick=process.nextTick,typeof setImmediate=="function"?E.setImmediate=setImmediate:E.setImmediate=E.nextTick;return}if(typeof setImmediate=="function"){E.setImmediate=function(){return setImmediate.apply(void 0,arguments)},E.nextTick=function(i){return setImmediate(i)};return}if(E.setImmediate=function(i){setTimeout(i,0)},typeof window<"u"&&typeof window.postMessage=="function"){let i=function(o){if(o.source===window&&o.data===e){o.stopPropagation();var u=t.slice();t.length=0,u.forEach(function(l){l()})}};var e="forge.setImmediate",t=[];E.setImmediate=function(o){t.push(o),t.length===1&&window.postMessage(e,"*")},window.addEventListener("message",i,!0)}if(typeof MutationObserver<"u"){var a=Date.now(),r=!0,n=document.createElement("div"),t=[];new MutationObserver(function(){var o=t.slice();t.length=0,o.forEach(function(u){u()})}).observe(n,{attributes:!0});var s=E.setImmediate;E.setImmediate=function(o){Date.now()-a>15?(a=Date.now(),s(o)):(t.push(o),t.length===1&&n.setAttribute("a",r=!r))}}E.nextTick=E.setImmediate})(),E.isNodejs=typeof process<"u"&&process.versions&&process.versions.node,E.globalScope=function(){return E.isNodejs?Li:typeof self>"u"?window:self}(),E.isArray=Array.isArray||function(e){return Object.prototype.toString.call(e)==="[object Array]"},E.isArrayBuffer=function(e){return typeof ArrayBuffer<"u"&&e instanceof ArrayBuffer},E.isArrayBufferView=function(e){return e&&E.isArrayBuffer(e.buffer)&&e.byteLength!==void 0};function mr(e){if(!(e===8||e===16||e===24||e===32))throw new Error("Only 8, 16, 24, or 32 bits supported: "+e)}E.ByteBuffer=la;function la(e){if(this.data="",this.read=0,typeof e=="string")this.data=e;else if(E.isArrayBuffer(e)||E.isArrayBufferView(e))if(typeof Buffer<"u"&&e instanceof Buffer)this.data=e.toString("binary");else{var t=new Uint8Array(e);try{this.data=String.fromCharCode.apply(null,t)}catch{for(var a=0;a<t.length;++a)this.putByte(t[a])}}else(e instanceof la||typeof e=="object"&&typeof e.data=="string"&&typeof e.read=="number")&&(this.data=e.data,this.read=e.read);this._constructedStringLength=0}E.ByteStringBuffer=la;var Vi=4096;E.ByteStringBuffer.prototype._optimizeConstructedString=function(e){this._constructedStringLength+=e,this._constructedStringLength>Vi&&(this.data.substr(0,1),this._constructedStringLength=0)},E.ByteStringBuffer.prototype.length=function(){return this.data.length-this.read},E.ByteStringBuffer.prototype.isEmpty=function(){return this.length()<=0},E.ByteStringBuffer.prototype.putByte=function(e){return this.putBytes(String.fromCharCode(e))},E.ByteStringBuffer.prototype.fillWithByte=function(e,t){e=String.fromCharCode(e);for(var a=this.data;t>0;)t&1&&(a+=e),t>>>=1,t>0&&(e+=e);return this.data=a,this._optimizeConstructedString(t),this},E.ByteStringBuffer.prototype.putBytes=function(e){return this.data+=e,this._optimizeConstructedString(e.length),this},E.ByteStringBuffer.prototype.putString=function(e){return this.putBytes(E.encodeUtf8(e))},E.ByteStringBuffer.prototype.putInt16=function(e){return this.putBytes(String.fromCharCode(e>>8&255)+String.fromCharCode(e&255))},E.ByteStringBuffer.prototype.putInt24=function(e){return this.putBytes(String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e&255))},E.ByteStringBuffer.prototype.putInt32=function(e){return this.putBytes(String.fromCharCode(e>>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e&255))},E.ByteStringBuffer.prototype.putInt16Le=function(e){return this.putBytes(String.fromCharCode(e&255)+String.fromCharCode(e>>8&255))},E.ByteStringBuffer.prototype.putInt24Le=function(e){return this.putBytes(String.fromCharCode(e&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255))},E.ByteStringBuffer.prototype.putInt32Le=function(e){return this.putBytes(String.fromCharCode(e&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>24&255))},E.ByteStringBuffer.prototype.putInt=function(e,t){mr(t);var a="";do t-=8,a+=String.fromCharCode(e>>t&255);while(t>0);return this.putBytes(a)},E.ByteStringBuffer.prototype.putSignedInt=function(e,t){return e<0&&(e+=2<<t-1),this.putInt(e,t)},E.ByteStringBuffer.prototype.putBuffer=function(e){return this.putBytes(e.getBytes())},E.ByteStringBuffer.prototype.getByte=function(){return this.data.charCodeAt(this.read++)},E.ByteStringBuffer.prototype.getInt16=function(){var e=this.data.charCodeAt(this.read)<<8^this.data.charCodeAt(this.read+1);return this.read+=2,e},E.ByteStringBuffer.prototype.getInt24=function(){var e=this.data.charCodeAt(this.read)<<16^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2);return this.read+=3,e},E.ByteStringBuffer.prototype.getInt32=function(){var e=this.data.charCodeAt(this.read)<<24^this.data.charCodeAt(this.read+1)<<16^this.data.charCodeAt(this.read+2)<<8^this.data.charCodeAt(this.read+3);return this.read+=4,e},E.ByteStringBuffer.prototype.getInt16Le=function(){var e=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8;return this.read+=2,e},E.ByteStringBuffer.prototype.getInt24Le=function(){var e=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2)<<16;return this.read+=3,e},E.ByteStringBuffer.prototype.getInt32Le=function(){var e=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2)<<16^this.data.charCodeAt(this.read+3)<<24;return this.read+=4,e},E.ByteStringBuffer.prototype.getInt=function(e){mr(e);var t=0;do t=(t<<8)+this.data.charCodeAt(this.read++),e-=8;while(e>0);return t},E.ByteStringBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),a=2<<e-2;return t>=a&&(t-=a<<1),t},E.ByteStringBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):e===0?t="":(t=this.read===0?this.data:this.data.slice(this.read),this.clear()),t},E.ByteStringBuffer.prototype.bytes=function(e){return typeof e>"u"?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},E.ByteStringBuffer.prototype.at=function(e){return this.data.charCodeAt(this.read+e)},E.ByteStringBuffer.prototype.setAt=function(e,t){return this.data=this.data.substr(0,this.read+e)+String.fromCharCode(t)+this.data.substr(this.read+e+1),this},E.ByteStringBuffer.prototype.last=function(){return this.data.charCodeAt(this.data.length-1)},E.ByteStringBuffer.prototype.copy=function(){var e=E.createBuffer(this.data);return e.read=this.read,e},E.ByteStringBuffer.prototype.compact=function(){return this.read>0&&(this.data=this.data.slice(this.read),this.read=0),this},E.ByteStringBuffer.prototype.clear=function(){return this.data="",this.read=0,this},E.ByteStringBuffer.prototype.truncate=function(e){var t=Math.max(0,this.length()-e);return this.data=this.data.substr(this.read,t),this.read=0,this},E.ByteStringBuffer.prototype.toHex=function(){for(var e="",t=this.read;t<this.data.length;++t){var a=this.data.charCodeAt(t);a<16&&(e+="0"),e+=a.toString(16)}return e},E.ByteStringBuffer.prototype.toString=function(){return E.decodeUtf8(this.bytes())};function Fi(e,t){t=t||{},this.read=t.readOffset||0,this.growSize=t.growSize||1024;var a=E.isArrayBuffer(e),r=E.isArrayBufferView(e);if(a||r){a?this.data=new DataView(e):this.data=new DataView(e.buffer,e.byteOffset,e.byteLength),this.write="writeOffset"in t?t.writeOffset:this.data.byteLength;return}this.data=new DataView(new ArrayBuffer(0)),this.write=0,e!=null&&this.putBytes(e),"writeOffset"in t&&(this.write=t.writeOffset)}E.DataBuffer=Fi,E.DataBuffer.prototype.length=function(){return this.write-this.read},E.DataBuffer.prototype.isEmpty=function(){return this.length()<=0},E.DataBuffer.prototype.accommodate=function(e,t){if(this.length()>=e)return this;t=Math.max(t||this.growSize,e);var a=new Uint8Array(this.data.buffer,this.data.byteOffset,this.data.byteLength),r=new Uint8Array(this.length()+t);return r.set(a),this.data=new DataView(r.buffer),this},E.DataBuffer.prototype.putByte=function(e){return this.accommodate(1),this.data.setUint8(this.write++,e),this},E.DataBuffer.prototype.fillWithByte=function(e,t){this.accommodate(t);for(var a=0;a<t;++a)this.data.setUint8(e);return this},E.DataBuffer.prototype.putBytes=function(e,t){if(E.isArrayBufferView(e)){var a=new Uint8Array(e.buffer,e.byteOffset,e.byteLength),r=a.byteLength-a.byteOffset;this.accommodate(r);var n=new Uint8Array(this.data.buffer,this.write);return n.set(a),this.write+=r,this}if(E.isArrayBuffer(e)){var a=new Uint8Array(e);this.accommodate(a.byteLength);var n=new Uint8Array(this.data.buffer);return n.set(a,this.write),this.write+=a.byteLength,this}if(e instanceof E.DataBuffer||typeof e=="object"&&typeof e.read=="number"&&typeof e.write=="number"&&E.isArrayBufferView(e.data)){var a=new Uint8Array(e.data.byteLength,e.read,e.length());this.accommodate(a.byteLength);var n=new Uint8Array(e.data.byteLength,this.write);return n.set(a),this.write+=a.byteLength,this}if(e instanceof E.ByteStringBuffer&&(e=e.data,t="binary"),t=t||"binary",typeof e=="string"){var s;if(t==="hex")return this.accommodate(Math.ceil(e.length/2)),s=new Uint8Array(this.data.buffer,this.write),this.write+=E.binary.hex.decode(e,s,this.write),this;if(t==="base64")return this.accommodate(Math.ceil(e.length/4)*3),s=new Uint8Array(this.data.buffer,this.write),this.write+=E.binary.base64.decode(e,s,this.write),this;if(t==="utf8"&&(e=E.encodeUtf8(e),t="binary"),t==="binary"||t==="raw")return this.accommodate(e.length),s=new Uint8Array(this.data.buffer,this.write),this.write+=E.binary.raw.decode(s),this;if(t==="utf16")return this.accommodate(e.length*2),s=new Uint16Array(this.data.buffer,this.write),this.write+=E.text.utf16.encode(s),this;throw new Error("Invalid encoding: "+t)}throw Error("Invalid parameter: "+e)},E.DataBuffer.prototype.putBuffer=function(e){return this.putBytes(e),e.clear(),this},E.DataBuffer.prototype.putString=function(e){return this.putBytes(e,"utf16")},E.DataBuffer.prototype.putInt16=function(e){return this.accommodate(2),this.data.setInt16(this.write,e),this.write+=2,this},E.DataBuffer.prototype.putInt24=function(e){return this.accommodate(3),this.data.setInt16(this.write,e>>8&65535),this.data.setInt8(this.write,e>>16&255),this.write+=3,this},E.DataBuffer.prototype.putInt32=function(e){return this.accommodate(4),this.data.setInt32(this.write,e),this.write+=4,this},E.DataBuffer.prototype.putInt16Le=function(e){return this.accommodate(2),this.data.setInt16(this.write,e,!0),this.write+=2,this},E.DataBuffer.prototype.putInt24Le=function(e){return this.accommodate(3),this.data.setInt8(this.write,e>>16&255),this.data.setInt16(this.write,e>>8&65535,!0),this.write+=3,this},E.DataBuffer.prototype.putInt32Le=function(e){return this.accommodate(4),this.data.setInt32(this.write,e,!0),this.write+=4,this},E.DataBuffer.prototype.putInt=function(e,t){mr(t),this.accommodate(t/8);do t-=8,this.data.setInt8(this.write++,e>>t&255);while(t>0);return this},E.DataBuffer.prototype.putSignedInt=function(e,t){return mr(t),this.accommodate(t/8),e<0&&(e+=2<<t-1),this.putInt(e,t)},E.DataBuffer.prototype.getByte=function(){return this.data.getInt8(this.read++)},E.DataBuffer.prototype.getInt16=function(){var e=this.data.getInt16(this.read);return this.read+=2,e},E.DataBuffer.prototype.getInt24=function(){var e=this.data.getInt16(this.read)<<8^this.data.getInt8(this.read+2);return this.read+=3,e},E.DataBuffer.prototype.getInt32=function(){var e=this.data.getInt32(this.read);return this.read+=4,e},E.DataBuffer.prototype.getInt16Le=function(){var e=this.data.getInt16(this.read,!0);return this.read+=2,e},E.DataBuffer.prototype.getInt24Le=function(){var e=this.data.getInt8(this.read)^this.data.getInt16(this.read+1,!0)<<8;return this.read+=3,e},E.DataBuffer.prototype.getInt32Le=function(){var e=this.data.getInt32(this.read,!0);return this.read+=4,e},E.DataBuffer.prototype.getInt=function(e){mr(e);var t=0;do t=(t<<8)+this.data.getInt8(this.read++),e-=8;while(e>0);return t},E.DataBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),a=2<<e-2;return t>=a&&(t-=a<<1),t},E.DataBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):e===0?t="":(t=this.read===0?this.data:this.data.slice(this.read),this.clear()),t},E.DataBuffer.prototype.bytes=function(e){return typeof e>"u"?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},E.DataBuffer.prototype.at=function(e){return this.data.getUint8(this.read+e)},E.DataBuffer.prototype.setAt=function(e,t){return this.data.setUint8(e,t),this},E.DataBuffer.prototype.last=function(){return this.data.getUint8(this.write-1)},E.DataBuffer.prototype.copy=function(){return new E.DataBuffer(this)},E.DataBuffer.prototype.compact=function(){if(this.read>0){var e=new Uint8Array(this.data.buffer,this.read),t=new Uint8Array(e.byteLength);t.set(e),this.data=new DataView(t),this.write-=this.read,this.read=0}return this},E.DataBuffer.prototype.clear=function(){return this.data=new DataView(new ArrayBuffer(0)),this.read=this.write=0,this},E.DataBuffer.prototype.truncate=function(e){return this.write=Math.max(0,this.length()-e),this.read=Math.min(this.read,this.write),this},E.DataBuffer.prototype.toHex=function(){for(var e="",t=this.read;t<this.data.byteLength;++t){var a=this.data.getUint8(t);a<16&&(e+="0"),e+=a.toString(16)}return e},E.DataBuffer.prototype.toString=function(e){var t=new Uint8Array(this.data,this.read,this.length());if(e=e||"utf8",e==="binary"||e==="raw")return E.binary.raw.encode(t);if(e==="hex")return E.binary.hex.encode(t);if(e==="base64")return E.binary.base64.encode(t);if(e==="utf8")return E.text.utf8.decode(t);if(e==="utf16")return E.text.utf16.decode(t);throw new Error("Invalid encoding: "+e)},E.createBuffer=function(e,t){return t=t||"raw",e!==void 0&&t==="utf8"&&(e=E.encodeUtf8(e)),new E.ByteBuffer(e)},E.fillString=function(e,t){for(var a="";t>0;)t&1&&(a+=e),t>>>=1,t>0&&(e+=e);return a},E.xorBytes=function(e,t,a){for(var r="",n="",s="",i=0,o=0;a>0;--a,++i)n=e.charCodeAt(i)^t.charCodeAt(i),o>=10&&(r+=s,s="",o=0),s+=String.fromCharCode(n),++o;return r+=s,r},E.hexToBytes=function(e){var t="",a=0;for(e.length&!0&&(a=1,t+=String.fromCharCode(parseInt(e[0],16)));a<e.length;a+=2)t+=String.fromCharCode(parseInt(e.substr(a,2),16));return t},E.bytesToHex=function(e){return E.createBuffer(e).toHex()},E.int32ToBytes=function(e){return String.fromCharCode(e>>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e&255)};var _t="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",Nt=[62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,64,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51],un="123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";E.encode64=function(e,t){for(var a="",r="",n,s,i,o=0;o<e.length;)n=e.charCodeAt(o++),s=e.charCodeAt(o++),i=e.charCodeAt(o++),a+=_t.charAt(n>>2),a+=_t.charAt((n&3)<<4|s>>4),isNaN(s)?a+="==":(a+=_t.charAt((s&15)<<2|i>>6),a+=isNaN(i)?"=":_t.charAt(i&63)),t&&a.length>t&&(r+=a.substr(0,t)+`\r
5
+ `,a=a.substr(t));return r+=a,r},E.decode64=function(e){e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");for(var t="",a,r,n,s,i=0;i<e.length;)a=Nt[e.charCodeAt(i++)-43],r=Nt[e.charCodeAt(i++)-43],n=Nt[e.charCodeAt(i++)-43],s=Nt[e.charCodeAt(i++)-43],t+=String.fromCharCode(a<<2|r>>4),n!==64&&(t+=String.fromCharCode((r&15)<<4|n>>2),s!==64&&(t+=String.fromCharCode((n&3)<<6|s)));return t},E.encodeUtf8=function(e){return unescape(encodeURIComponent(e))},E.decodeUtf8=function(e){return decodeURIComponent(escape(e))},E.binary={raw:{},hex:{},base64:{},base58:{},baseN:{encode:on.encode,decode:on.decode}},E.binary.raw.encode=function(e){return String.fromCharCode.apply(null,e)},E.binary.raw.decode=function(e,t,a){var r=t;r||(r=new Uint8Array(e.length)),a=a||0;for(var n=a,s=0;s<e.length;++s)r[n++]=e.charCodeAt(s);return t?n-a:r},E.binary.hex.encode=E.bytesToHex,E.binary.hex.decode=function(e,t,a){var r=t;r||(r=new Uint8Array(Math.ceil(e.length/2))),a=a||0;var n=0,s=a;for(e.length&1&&(n=1,r[s++]=parseInt(e[0],16));n<e.length;n+=2)r[s++]=parseInt(e.substr(n,2),16);return t?s-a:r},E.binary.base64.encode=function(e,t){for(var a="",r="",n,s,i,o=0;o<e.byteLength;)n=e[o++],s=e[o++],i=e[o++],a+=_t.charAt(n>>2),a+=_t.charAt((n&3)<<4|s>>4),isNaN(s)?a+="==":(a+=_t.charAt((s&15)<<2|i>>6),a+=isNaN(i)?"=":_t.charAt(i&63)),t&&a.length>t&&(r+=a.substr(0,t)+`\r
6
+ `,a=a.substr(t));return r+=a,r},E.binary.base64.decode=function(e,t,a){var r=t;r||(r=new Uint8Array(Math.ceil(e.length/4)*3)),e=e.replace(/[^A-Za-z0-9\+\/\=]/g,""),a=a||0;for(var n,s,i,o,u=0,l=a;u<e.length;)n=Nt[e.charCodeAt(u++)-43],s=Nt[e.charCodeAt(u++)-43],i=Nt[e.charCodeAt(u++)-43],o=Nt[e.charCodeAt(u++)-43],r[l++]=n<<2|s>>4,i!==64&&(r[l++]=(s&15)<<4|i>>2,o!==64&&(r[l++]=(i&3)<<6|o));return t?l-a:r.subarray(0,l)},E.binary.base58.encode=function(e,t){return E.binary.baseN.encode(e,un,t)},E.binary.base58.decode=function(e,t){return E.binary.baseN.decode(e,un,t)},E.text={utf8:{},utf16:{}},E.text.utf8.encode=function(e,t,a){e=E.encodeUtf8(e);var r=t;r||(r=new Uint8Array(e.length)),a=a||0;for(var n=a,s=0;s<e.length;++s)r[n++]=e.charCodeAt(s);return t?n-a:r},E.text.utf8.decode=function(e){return E.decodeUtf8(String.fromCharCode.apply(null,e))},E.text.utf16.encode=function(e,t,a){var r=t;r||(r=new Uint8Array(e.length*2));var n=new Uint16Array(r.buffer);a=a||0;for(var s=a,i=a,o=0;o<e.length;++o)n[i++]=e.charCodeAt(o),s+=2;return t?s-a:r},E.text.utf16.decode=function(e){return String.fromCharCode.apply(null,new Uint16Array(e.buffer))},E.deflate=function(e,t,a){if(t=E.decode64(e.deflate(E.encode64(t)).rval),a){var r=2,n=t.charCodeAt(1);n&32&&(r=6),t=t.substring(r,t.length-4)}return t},E.inflate=function(e,t,a){var r=e.inflate(E.encode64(t)).rval;return r===null?null:E.decode64(r)};var fa=function(e,t,a){if(!e)throw new Error("WebStorage not available.");var r;if(a===null?r=e.removeItem(t):(a=E.encode64(JSON.stringify(a)),r=e.setItem(t,a)),typeof r<"u"&&r.rval!==!0){var n=new Error(r.error.message);throw n.id=r.error.id,n.name=r.error.name,n}},ca=function(e,t){if(!e)throw new Error("WebStorage not available.");var a=e.getItem(t);if(e.init)if(a.rval===null){if(a.error){var r=new Error(a.error.message);throw r.id=a.error.id,r.name=a.error.name,r}a=null}else a=a.rval;return a!==null&&(a=JSON.parse(E.decode64(a))),a},Oi=function(e,t,a,r){var n=ca(e,t);n===null&&(n={}),n[a]=r,fa(e,t,n)},Ki=function(e,t,a){var r=ca(e,t);return r!==null&&(r=a in r?r[a]:null),r},Mi=function(e,t,a){var r=ca(e,t);if(r!==null&&a in r){delete r[a];var n=!0;for(var s in r){n=!1;break}n&&(r=null),fa(e,t,r)}},Hi=function(e,t){fa(e,t,null)},Lr=function(e,t,a){var r=null;typeof a>"u"&&(a=["web","flash"]);var n,s=!1,i=null;for(var o in a){n=a[o];try{if(n==="flash"||n==="both"){if(t[0]===null)throw new Error("Flash local storage not available.");r=e.apply(this,t),s=n==="flash"}(n==="web"||n==="both")&&(t[0]=localStorage,r=e.apply(this,t),s=!0)}catch(u){i=u}if(s)break}if(!s)throw i;return r};E.setItem=function(e,t,a,r,n){Lr(Oi,arguments,n)},E.getItem=function(e,t,a,r){return Lr(Ki,arguments,r)},E.removeItem=function(e,t,a,r){Lr(Mi,arguments,r)},E.clearItems=function(e,t,a){Lr(Hi,arguments,a)},E.parseUrl=function(e){var t=/^(https?):\/\/([^:&^\/]*):?(\d*)(.*)$/g;t.lastIndex=0;var a=t.exec(e),r=a===null?null:{full:e,scheme:a[1],host:a[2],port:a[3],path:a[4]};return r&&(r.fullHost=r.host,r.port?(r.port!==80&&r.scheme==="http"||r.port!==443&&r.scheme==="https")&&(r.fullHost+=":"+r.port):r.scheme==="http"?r.port=80:r.scheme==="https"&&(r.port=443),r.full=r.scheme+"://"+r.fullHost),r};var Dr=null;E.getQueryVariables=function(e){var t=function(r){for(var n={},s=r.split("&"),i=0;i<s.length;i++){var o=s[i].indexOf("="),u,l;o>0?(u=s[i].substring(0,o),l=s[i].substring(o+1)):(u=s[i],l=null),u in n||(n[u]=[]),!(u in Object.prototype)&&l!==null&&n[u].push(unescape(l))}return n},a;return typeof e>"u"?(Dr===null&&(typeof window<"u"&&window.location&&window.location.search?Dr=t(window.location.search.substring(1)):Dr={}),a=Dr):a=t(e),a},E.parseFragment=function(e){var t=e,a="",r=e.indexOf("?");r>0&&(t=e.substring(0,r),a=e.substring(r+1));var n=t.split("/");n.length>0&&n[0]===""&&n.shift();var s=a===""?{}:E.getQueryVariables(a);return{pathString:t,queryString:a,path:n,query:s}},E.makeRequest=function(e){var t=E.parseFragment(e),a={path:t.pathString,query:t.queryString,getPath:function(r){return typeof r>"u"?t.path:t.path[r]},getQuery:function(r,n){var s;return typeof r>"u"?s=t.query:(s=t.query[r],s&&typeof n<"u"&&(s=s[n])),s},getQueryLast:function(r,n){var s,i=a.getQuery(r);return i?s=i[i.length-1]:s=n,s}};return a},E.makeLink=function(e,t,a){e=jQuery.isArray(e)?e.join("/"):e;var r=jQuery.param(t||{});return a=a||"",e+(r.length>0?"?"+r:"")+(a.length>0?"#"+a:"")},E.isEmpty=function(e){for(var t in e)if(e.hasOwnProperty(t))return!1;return!0},E.format=function(e){for(var t=/%./g,a,r,n=0,s=[],i=0;a=t.exec(e);){r=e.substring(i,t.lastIndex-2),r.length>0&&s.push(r),i=t.lastIndex;var o=a[0][1];switch(o){case"s":case"o":n<arguments.length?s.push(arguments[n+++1]):s.push("<?>");break;case"%":s.push("%");break;default:s.push("<%"+o+"?>")}}return s.push(e.substring(i)),s.join("")},E.formatNumber=function(e,t,a,r){var n=e,s=isNaN(t=Math.abs(t))?2:t,i=a===void 0?",":a,o=r===void 0?".":r,u=n<0?"-":"",l=parseInt(n=Math.abs(+n||0).toFixed(s),10)+"",f=l.length>3?l.length%3:0;return u+(f?l.substr(0,f)+o:"")+l.substr(f).replace(/(\d{3})(?=\d)/g,"$1"+o)+(s?i+Math.abs(n-l).toFixed(s).slice(2):"")},E.formatSize=function(e){return e>=1073741824?e=E.formatNumber(e/1073741824,2,".","")+" GiB":e>=1048576?e=E.formatNumber(e/1048576,2,".","")+" MiB":e>=1024?e=E.formatNumber(e/1024,0)+" KiB":e=E.formatNumber(e,0)+" bytes",e},E.bytesFromIP=function(e){return e.indexOf(".")!==-1?E.bytesFromIPv4(e):e.indexOf(":")!==-1?E.bytesFromIPv6(e):null},E.bytesFromIPv4=function(e){if(e=e.split("."),e.length!==4)return null;for(var t=E.createBuffer(),a=0;a<e.length;++a){var r=parseInt(e[a],10);if(isNaN(r))return null;t.putByte(r)}return t.getBytes()},E.bytesFromIPv6=function(e){var t=0;e=e.split(":").filter(function(i){return i.length===0&&++t,!0});for(var a=(8-e.length+t)*2,r=E.createBuffer(),n=0;n<8;++n){if(!e[n]||e[n].length===0){r.fillWithByte(0,a),a=0;continue}var s=E.hexToBytes(e[n]);s.length<2&&r.putByte(0),r.putBytes(s)}return r.getBytes()},E.bytesToIP=function(e){return e.length===4?E.bytesToIPv4(e):e.length===16?E.bytesToIPv6(e):null},E.bytesToIPv4=function(e){if(e.length!==4)return null;for(var t=[],a=0;a<e.length;++a)t.push(e.charCodeAt(a));return t.join(".")},E.bytesToIPv6=function(e){if(e.length!==16)return null;for(var t=[],a=[],r=0,n=0;n<e.length;n+=2){for(var s=E.bytesToHex(e[n]+e[n+1]);s[0]==="0"&&s!=="0";)s=s.substr(1);if(s==="0"){var i=a[a.length-1],o=t.length;!i||o!==i.end+1?a.push({start:o,end:o}):(i.end=o,i.end-i.start>a[r].end-a[r].start&&(r=a.length-1))}t.push(s)}if(a.length>0){var u=a[r];u.end-u.start>0&&(t.splice(u.start,u.end-u.start+1,""),u.start===0&&t.unshift(""),u.end===7&&t.push(""))}return t.join(":")},E.estimateCores=function(e,t){if(typeof e=="function"&&(t=e,e={}),e=e||{},"cores"in E&&!e.update)return t(null,E.cores);if(typeof navigator<"u"&&"hardwareConcurrency"in navigator&&navigator.hardwareConcurrency>0)return E.cores=navigator.hardwareConcurrency,t(null,E.cores);if(typeof Worker>"u")return E.cores=1,t(null,E.cores);if(typeof Blob>"u")return E.cores=2,t(null,E.cores);var a=URL.createObjectURL(new Blob(["(",function(){self.addEventListener("message",function(i){var o=Date.now(),u=o+4;self.postMessage({st:o,et:u})})}.toString(),")()"],{type:"application/javascript"}));r([],5,16);function r(i,o,u){if(o===0){var l=Math.floor(i.reduce(function(f,c){return f+c},0)/i.length);return E.cores=Math.max(1,l),URL.revokeObjectURL(a),t(null,E.cores)}n(u,function(f,c){i.push(s(u,c)),r(i,o-1,u)})}function n(i,o){for(var u=[],l=[],f=0;f<i;++f){var c=new Worker(a);c.addEventListener("message",function(v){if(l.push(v.data),l.length===i){for(var m=0;m<i;++m)u[m].terminate();o(null,l)}}),u.push(c)}for(var f=0;f<i;++f)u[f].postMessage(f)}function s(i,o){for(var u=[],l=0;l<i;++l)for(var f=o[l],c=u[l]=[],v=0;v<i;++v)if(l!==v){var m=o[v];(f.st>m.st&&f.st<m.et||m.st>f.st&&m.st<f.et)&&c.push(v)}return u.reduce(function(y,x){return Math.max(y,x.length)},0)}};var Be=Y;Be.cipher=Be.cipher||{},Be.cipher.algorithms=Be.cipher.algorithms||{},Be.cipher.createCipher=function(e,t){var a=e;if(typeof a=="string"&&(a=Be.cipher.getAlgorithm(a),a&&(a=a())),!a)throw new Error("Unsupported algorithm: "+e);return new Be.cipher.BlockCipher({algorithm:a,key:t,decrypt:!1})},Be.cipher.createDecipher=function(e,t){var a=e;if(typeof a=="string"&&(a=Be.cipher.getAlgorithm(a),a&&(a=a())),!a)throw new Error("Unsupported algorithm: "+e);return new Be.cipher.BlockCipher({algorithm:a,key:t,decrypt:!0})},Be.cipher.registerAlgorithm=function(e,t){e=e.toUpperCase(),Be.cipher.algorithms[e]=t},Be.cipher.getAlgorithm=function(e){return e=e.toUpperCase(),e in Be.cipher.algorithms?Be.cipher.algorithms[e]:null};var ha=Be.cipher.BlockCipher=function(e){this.algorithm=e.algorithm,this.mode=this.algorithm.mode,this.blockSize=this.mode.blockSize,this._finish=!1,this._input=null,this.output=null,this._op=e.decrypt?this.mode.decrypt:this.mode.encrypt,this._decrypt=e.decrypt,this.algorithm.initialize(e)};ha.prototype.start=function(e){e=e||{};var t={};for(var a in e)t[a]=e[a];t.decrypt=this._decrypt,this._finish=!1,this._input=Be.util.createBuffer(),this.output=e.output||Be.util.createBuffer(),this.mode.start(t)},ha.prototype.update=function(e){for(e&&this._input.putBuffer(e);!this._op.call(this.mode,this._input,this.output,this._finish)&&!this._finish;);this._input.compact()},ha.prototype.finish=function(e){e&&(this.mode.name==="ECB"||this.mode.name==="CBC")&&(this.mode.pad=function(a){return e(this.blockSize,a,!1)},this.mode.unpad=function(a){return e(this.blockSize,a,!0)});var t={};return t.decrypt=this._decrypt,t.overflow=this._input.length()%this.blockSize,!(!this._decrypt&&this.mode.pad&&!this.mode.pad(this._input,t)||(this._finish=!0,this.update(),this._decrypt&&this.mode.unpad&&!this.mode.unpad(this.output,t))||this.mode.afterFinish&&!this.mode.afterFinish(this.output,t))};var be=Y;be.cipher=be.cipher||{};var j=be.cipher.modes=be.cipher.modes||{};j.ecb=function(e){e=e||{},this.name="ECB",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints)},j.ecb.prototype.start=function(e){},j.ecb.prototype.encrypt=function(e,t,a){if(e.length()<this.blockSize&&!(a&&e.length()>0))return!0;for(var r=0;r<this._ints;++r)this._inBlock[r]=e.getInt32();this.cipher.encrypt(this._inBlock,this._outBlock);for(var r=0;r<this._ints;++r)t.putInt32(this._outBlock[r])},j.ecb.prototype.decrypt=function(e,t,a){if(e.length()<this.blockSize&&!(a&&e.length()>0))return!0;for(var r=0;r<this._ints;++r)this._inBlock[r]=e.getInt32();this.cipher.decrypt(this._inBlock,this._outBlock);for(var r=0;r<this._ints;++r)t.putInt32(this._outBlock[r])},j.ecb.prototype.pad=function(e,t){var a=e.length()===this.blockSize?this.blockSize:this.blockSize-e.length();return e.fillWithByte(a,a),!0},j.ecb.prototype.unpad=function(e,t){if(t.overflow>0)return!1;var a=e.length(),r=e.at(a-1);return r>this.blockSize<<2?!1:(e.truncate(r),!0)},j.cbc=function(e){e=e||{},this.name="CBC",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints)},j.cbc.prototype.start=function(e){if(e.iv===null){if(!this._prev)throw new Error("Invalid IV parameter.");this._iv=this._prev.slice(0)}else if("iv"in e)this._iv=kr(e.iv,this.blockSize),this._prev=this._iv.slice(0);else throw new Error("Invalid IV parameter.")},j.cbc.prototype.encrypt=function(e,t,a){if(e.length()<this.blockSize&&!(a&&e.length()>0))return!0;for(var r=0;r<this._ints;++r)this._inBlock[r]=this._prev[r]^e.getInt32();this.cipher.encrypt(this._inBlock,this._outBlock);for(var r=0;r<this._ints;++r)t.putInt32(this._outBlock[r]);this._prev=this._outBlock},j.cbc.prototype.decrypt=function(e,t,a){if(e.length()<this.blockSize&&!(a&&e.length()>0))return!0;for(var r=0;r<this._ints;++r)this._inBlock[r]=e.getInt32();this.cipher.decrypt(this._inBlock,this._outBlock);for(var r=0;r<this._ints;++r)t.putInt32(this._prev[r]^this._outBlock[r]);this._prev=this._inBlock.slice(0)},j.cbc.prototype.pad=function(e,t){var a=e.length()===this.blockSize?this.blockSize:this.blockSize-e.length();return e.fillWithByte(a,a),!0},j.cbc.prototype.unpad=function(e,t){if(t.overflow>0)return!1;var a=e.length(),r=e.at(a-1);return r>this.blockSize<<2?!1:(e.truncate(r),!0)},j.cfb=function(e){e=e||{},this.name="CFB",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialBlock=new Array(this._ints),this._partialOutput=be.util.createBuffer(),this._partialBytes=0},j.cfb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=kr(e.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},j.cfb.prototype.encrypt=function(e,t,a){var r=e.length();if(r===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&r>=this.blockSize){for(var n=0;n<this._ints;++n)this._inBlock[n]=e.getInt32()^this._outBlock[n],t.putInt32(this._inBlock[n]);return}var s=(this.blockSize-r)%this.blockSize;s>0&&(s=this.blockSize-s),this._partialOutput.clear();for(var n=0;n<this._ints;++n)this._partialBlock[n]=e.getInt32()^this._outBlock[n],this._partialOutput.putInt32(this._partialBlock[n]);if(s>0)e.read-=this.blockSize;else for(var n=0;n<this._ints;++n)this._inBlock[n]=this._partialBlock[n];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),s>0&&!a)return t.putBytes(this._partialOutput.getBytes(s-this._partialBytes)),this._partialBytes=s,!0;t.putBytes(this._partialOutput.getBytes(r-this._partialBytes)),this._partialBytes=0},j.cfb.prototype.decrypt=function(e,t,a){var r=e.length();if(r===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&r>=this.blockSize){for(var n=0;n<this._ints;++n)this._inBlock[n]=e.getInt32(),t.putInt32(this._inBlock[n]^this._outBlock[n]);return}var s=(this.blockSize-r)%this.blockSize;s>0&&(s=this.blockSize-s),this._partialOutput.clear();for(var n=0;n<this._ints;++n)this._partialBlock[n]=e.getInt32(),this._partialOutput.putInt32(this._partialBlock[n]^this._outBlock[n]);if(s>0)e.read-=this.blockSize;else for(var n=0;n<this._ints;++n)this._inBlock[n]=this._partialBlock[n];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),s>0&&!a)return t.putBytes(this._partialOutput.getBytes(s-this._partialBytes)),this._partialBytes=s,!0;t.putBytes(this._partialOutput.getBytes(r-this._partialBytes)),this._partialBytes=0},j.ofb=function(e){e=e||{},this.name="OFB",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialOutput=be.util.createBuffer(),this._partialBytes=0},j.ofb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=kr(e.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},j.ofb.prototype.encrypt=function(e,t,a){var r=e.length();if(e.length()===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&r>=this.blockSize){for(var n=0;n<this._ints;++n)t.putInt32(e.getInt32()^this._outBlock[n]),this._inBlock[n]=this._outBlock[n];return}var s=(this.blockSize-r)%this.blockSize;s>0&&(s=this.blockSize-s),this._partialOutput.clear();for(var n=0;n<this._ints;++n)this._partialOutput.putInt32(e.getInt32()^this._outBlock[n]);if(s>0)e.read-=this.blockSize;else for(var n=0;n<this._ints;++n)this._inBlock[n]=this._outBlock[n];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),s>0&&!a)return t.putBytes(this._partialOutput.getBytes(s-this._partialBytes)),this._partialBytes=s,!0;t.putBytes(this._partialOutput.getBytes(r-this._partialBytes)),this._partialBytes=0},j.ofb.prototype.decrypt=j.ofb.prototype.encrypt,j.ctr=function(e){e=e||{},this.name="CTR",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialOutput=be.util.createBuffer(),this._partialBytes=0},j.ctr.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=kr(e.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},j.ctr.prototype.encrypt=function(e,t,a){var r=e.length();if(r===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&r>=this.blockSize)for(var n=0;n<this._ints;++n)t.putInt32(e.getInt32()^this._outBlock[n]);else{var s=(this.blockSize-r)%this.blockSize;s>0&&(s=this.blockSize-s),this._partialOutput.clear();for(var n=0;n<this._ints;++n)this._partialOutput.putInt32(e.getInt32()^this._outBlock[n]);if(s>0&&(e.read-=this.blockSize),this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),s>0&&!a)return t.putBytes(this._partialOutput.getBytes(s-this._partialBytes)),this._partialBytes=s,!0;t.putBytes(this._partialOutput.getBytes(r-this._partialBytes)),this._partialBytes=0}Ur(this._inBlock)},j.ctr.prototype.decrypt=j.ctr.prototype.encrypt,j.gcm=function(e){e=e||{},this.name="GCM",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints),this._partialOutput=be.util.createBuffer(),this._partialBytes=0,this._R=3774873600},j.gcm.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");var t=be.util.createBuffer(e.iv);this._cipherLength=0;var a;if("additionalData"in e?a=be.util.createBuffer(e.additionalData):a=be.util.createBuffer(),"tagLength"in e?this._tagLength=e.tagLength:this._tagLength=128,this._tag=null,e.decrypt&&(this._tag=be.util.createBuffer(e.tag).getBytes(),this._tag.length!==this._tagLength/8))throw new Error("Authentication tag does not match tag length.");this._hashBlock=new Array(this._ints),this.tag=null,this._hashSubkey=new Array(this._ints),this.cipher.encrypt([0,0,0,0],this._hashSubkey),this.componentBits=4,this._m=this.generateHashTable(this._hashSubkey,this.componentBits);var r=t.length();if(r===12)this._j0=[t.getInt32(),t.getInt32(),t.getInt32(),1];else{for(this._j0=[0,0,0,0];t.length()>0;)this._j0=this.ghash(this._hashSubkey,this._j0,[t.getInt32(),t.getInt32(),t.getInt32(),t.getInt32()]);this._j0=this.ghash(this._hashSubkey,this._j0,[0,0].concat(da(r*8)))}this._inBlock=this._j0.slice(0),Ur(this._inBlock),this._partialBytes=0,a=be.util.createBuffer(a),this._aDataLength=da(a.length()*8);var n=a.length()%this.blockSize;for(n&&a.fillWithByte(0,this.blockSize-n),this._s=[0,0,0,0];a.length()>0;)this._s=this.ghash(this._hashSubkey,this._s,[a.getInt32(),a.getInt32(),a.getInt32(),a.getInt32()])},j.gcm.prototype.encrypt=function(e,t,a){var r=e.length();if(r===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&r>=this.blockSize){for(var n=0;n<this._ints;++n)t.putInt32(this._outBlock[n]^=e.getInt32());this._cipherLength+=this.blockSize}else{var s=(this.blockSize-r)%this.blockSize;s>0&&(s=this.blockSize-s),this._partialOutput.clear();for(var n=0;n<this._ints;++n)this._partialOutput.putInt32(e.getInt32()^this._outBlock[n]);if(s<=0||a){if(a){var i=r%this.blockSize;this._cipherLength+=i,this._partialOutput.truncate(this.blockSize-i)}else this._cipherLength+=this.blockSize;for(var n=0;n<this._ints;++n)this._outBlock[n]=this._partialOutput.getInt32();this._partialOutput.read-=this.blockSize}if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),s>0&&!a)return e.read-=this.blockSize,t.putBytes(this._partialOutput.getBytes(s-this._partialBytes)),this._partialBytes=s,!0;t.putBytes(this._partialOutput.getBytes(r-this._partialBytes)),this._partialBytes=0}this._s=this.ghash(this._hashSubkey,this._s,this._outBlock),Ur(this._inBlock)},j.gcm.prototype.decrypt=function(e,t,a){var r=e.length();if(r<this.blockSize&&!(a&&r>0))return!0;this.cipher.encrypt(this._inBlock,this._outBlock),Ur(this._inBlock),this._hashBlock[0]=e.getInt32(),this._hashBlock[1]=e.getInt32(),this._hashBlock[2]=e.getInt32(),this._hashBlock[3]=e.getInt32(),this._s=this.ghash(this._hashSubkey,this._s,this._hashBlock);for(var n=0;n<this._ints;++n)t.putInt32(this._outBlock[n]^this._hashBlock[n]);r<this.blockSize?this._cipherLength+=r%this.blockSize:this._cipherLength+=this.blockSize},j.gcm.prototype.afterFinish=function(e,t){var a=!0;t.decrypt&&t.overflow&&e.truncate(this.blockSize-t.overflow),this.tag=be.util.createBuffer();var r=this._aDataLength.concat(da(this._cipherLength*8));this._s=this.ghash(this._hashSubkey,this._s,r);var n=[];this.cipher.encrypt(this._j0,n);for(var s=0;s<this._ints;++s)this.tag.putInt32(this._s[s]^n[s]);return this.tag.truncate(this.tag.length()%(this._tagLength/8)),t.decrypt&&this.tag.bytes()!==this._tag&&(a=!1),a},j.gcm.prototype.multiply=function(e,t){for(var a=[0,0,0,0],r=t.slice(0),n=0;n<128;++n){var s=e[n/32|0]&1<<31-n%32;s&&(a[0]^=r[0],a[1]^=r[1],a[2]^=r[2],a[3]^=r[3]),this.pow(r,r)}return a},j.gcm.prototype.pow=function(e,t){for(var a=e[3]&1,r=3;r>0;--r)t[r]=e[r]>>>1|(e[r-1]&1)<<31;t[0]=e[0]>>>1,a&&(t[0]^=this._R)},j.gcm.prototype.tableMultiply=function(e){for(var t=[0,0,0,0],a=0;a<32;++a){var r=a/8|0,n=e[r]>>>(7-a%8)*4&15,s=this._m[a][n];t[0]^=s[0],t[1]^=s[1],t[2]^=s[2],t[3]^=s[3]}return t},j.gcm.prototype.ghash=function(e,t,a){return t[0]^=a[0],t[1]^=a[1],t[2]^=a[2],t[3]^=a[3],this.tableMultiply(t)},j.gcm.prototype.generateHashTable=function(e,t){for(var a=8/t,r=4*a,n=16*a,s=new Array(n),i=0;i<n;++i){var o=[0,0,0,0],u=i/r|0,l=(r-1-i%r)*t;o[u]=1<<t-1<<l,s[i]=this.generateSubHashTable(this.multiply(o,e),t)}return s},j.gcm.prototype.generateSubHashTable=function(e,t){var a=1<<t,r=a>>>1,n=new Array(a);n[r]=e.slice(0);for(var s=r>>>1;s>0;)this.pow(n[2*s],n[s]=[]),s>>=1;for(s=2;s<r;){for(var i=1;i<s;++i){var o=n[s],u=n[i];n[s+i]=[o[0]^u[0],o[1]^u[1],o[2]^u[2],o[3]^u[3]]}s*=2}for(n[0]=[0,0,0,0],s=r+1;s<a;++s){var l=n[s^r];n[s]=[e[0]^l[0],e[1]^l[1],e[2]^l[2],e[3]^l[3]]}return n};function kr(e,t){if(typeof e=="string"&&(e=be.util.createBuffer(e)),be.util.isArray(e)&&e.length>4){var a=e;e=be.util.createBuffer();for(var r=0;r<a.length;++r)e.putByte(a[r])}if(e.length()<t)throw new Error("Invalid IV length; got "+e.length()+" bytes and expected "+t+" bytes.");if(!be.util.isArray(e)){for(var n=[],s=t/4,r=0;r<s;++r)n.push(e.getInt32());e=n}return e}function Ur(e){e[e.length-1]=e[e.length-1]+1&4294967295}function da(e){return[e/4294967296|0,e&4294967295]}var fe=Y;fe.aes=fe.aes||{},fe.aes.startEncrypting=function(e,t,a,r){var n=Pr({key:e,output:a,decrypt:!1,mode:r});return n.start(t),n},fe.aes.createEncryptionCipher=function(e,t){return Pr({key:e,output:null,decrypt:!1,mode:t})},fe.aes.startDecrypting=function(e,t,a,r){var n=Pr({key:e,output:a,decrypt:!0,mode:r});return n.start(t),n},fe.aes.createDecryptionCipher=function(e,t){return Pr({key:e,output:null,decrypt:!0,mode:t})},fe.aes.Algorithm=function(e,t){pa||fn();var a=this;a.name=e,a.mode=new t({blockSize:16,cipher:{encrypt:function(r,n){return ya(a._w,r,n,!1)},decrypt:function(r,n){return ya(a._w,r,n,!0)}}}),a._init=!1},fe.aes.Algorithm.prototype.initialize=function(e){if(!this._init){var t=e.key,a;if(typeof t=="string"&&(t.length===16||t.length===24||t.length===32))t=fe.util.createBuffer(t);else if(fe.util.isArray(t)&&(t.length===16||t.length===24||t.length===32)){a=t,t=fe.util.createBuffer();for(var r=0;r<a.length;++r)t.putByte(a[r])}if(!fe.util.isArray(t)){a=t,t=[];var n=a.length();if(n===16||n===24||n===32){n=n>>>2;for(var r=0;r<n;++r)t.push(a.getInt32())}}if(!fe.util.isArray(t)||!(t.length===4||t.length===6||t.length===8))throw new Error("Invalid key parameter.");var s=this.mode.name,i=["CFB","OFB","CTR","GCM"].indexOf(s)!==-1;this._w=cn(t,e.decrypt&&!i),this._init=!0}},fe.aes._expandKey=function(e,t){return pa||fn(),cn(e,t)},fe.aes._updateBlock=ya,tr("AES-ECB",fe.cipher.modes.ecb),tr("AES-CBC",fe.cipher.modes.cbc),tr("AES-CFB",fe.cipher.modes.cfb),tr("AES-OFB",fe.cipher.modes.ofb),tr("AES-CTR",fe.cipher.modes.ctr),tr("AES-GCM",fe.cipher.modes.gcm);function tr(e,t){var a=function(){return new fe.aes.Algorithm(e,t)};fe.cipher.registerAlgorithm(e,a)}var pa=!1,rr=4,je,va,ln,qt,pt;function fn(){pa=!0,ln=[0,1,2,4,8,16,32,64,128,27,54];for(var e=new Array(256),t=0;t<128;++t)e[t]=t<<1,e[t+128]=t+128<<1^283;je=new Array(256),va=new Array(256),qt=new Array(4),pt=new Array(4);for(var t=0;t<4;++t)qt[t]=new Array(256),pt[t]=new Array(256);for(var a=0,r=0,n,s,i,o,u,l,f,t=0;t<256;++t){o=r^r<<1^r<<2^r<<3^r<<4,o=o>>8^o&255^99,je[a]=o,va[o]=a,u=e[o],n=e[a],s=e[n],i=e[s],l=u<<24^o<<16^o<<8^(o^u),f=(n^s^i)<<24^(a^i)<<16^(a^s^i)<<8^(a^n^i);for(var c=0;c<4;++c)qt[c][a]=l,pt[c][o]=f,l=l<<24|l>>>8,f=f<<24|f>>>8;a===0?a=r=1:(a=n^e[e[e[n^i]]],r^=e[e[r]])}}function cn(e,t){for(var a=e.slice(0),r,n=1,s=a.length,i=s+6+1,o=rr*i,u=s;u<o;++u)r=a[u-1],u%s===0?(r=je[r>>>16&255]<<24^je[r>>>8&255]<<16^je[r&255]<<8^je[r>>>24]^ln[n]<<24,n++):s>6&&u%s===4&&(r=je[r>>>24]<<24^je[r>>>16&255]<<16^je[r>>>8&255]<<8^je[r&255]),a[u]=a[u-s]^r;if(t){var l,f=pt[0],c=pt[1],v=pt[2],m=pt[3],y=a.slice(0);o=a.length;for(var u=0,x=o-rr;u<o;u+=rr,x-=rr)if(u===0||u===o-rr)y[u]=a[x],y[u+1]=a[x+3],y[u+2]=a[x+2],y[u+3]=a[x+1];else for(var S=0;S<rr;++S)l=a[x+S],y[u+(3&-S)]=f[je[l>>>24]]^c[je[l>>>16&255]]^v[je[l>>>8&255]]^m[je[l&255]];a=y}return a}function ya(e,t,a,r){var n=e.length/4-1,s,i,o,u,l;r?(s=pt[0],i=pt[1],o=pt[2],u=pt[3],l=va):(s=qt[0],i=qt[1],o=qt[2],u=qt[3],l=je);var f,c,v,m,y,x,S;f=t[0]^e[0],c=t[r?3:1]^e[1],v=t[2]^e[2],m=t[r?1:3]^e[3];for(var A=3,B=1;B<n;++B)y=s[f>>>24]^i[c>>>16&255]^o[v>>>8&255]^u[m&255]^e[++A],x=s[c>>>24]^i[v>>>16&255]^o[m>>>8&255]^u[f&255]^e[++A],S=s[v>>>24]^i[m>>>16&255]^o[f>>>8&255]^u[c&255]^e[++A],m=s[m>>>24]^i[f>>>16&255]^o[c>>>8&255]^u[v&255]^e[++A],f=y,c=x,v=S;a[0]=l[f>>>24]<<24^l[c>>>16&255]<<16^l[v>>>8&255]<<8^l[m&255]^e[++A],a[r?3:1]=l[c>>>24]<<24^l[v>>>16&255]<<16^l[m>>>8&255]<<8^l[f&255]^e[++A],a[2]=l[v>>>24]<<24^l[m>>>16&255]<<16^l[f>>>8&255]<<8^l[c&255]^e[++A],a[r?1:3]=l[m>>>24]<<24^l[f>>>16&255]<<16^l[c>>>8&255]<<8^l[v&255]^e[++A]}function Pr(e){e=e||{};var t=(e.mode||"CBC").toUpperCase(),a="AES-"+t,r;e.decrypt?r=fe.cipher.createDecipher(a,e.key):r=fe.cipher.createCipher(a,e.key);var n=r.start;return r.start=function(s,i){var o=null;i instanceof fe.util.ByteBuffer&&(o=i,i={}),i=i||{},i.output=o,i.iv=s,n.call(r,i)},r}var Cr=Y;Cr.pki=Cr.pki||{};var ga=Cr.pki.oids=Cr.oids=Cr.oids||{};function w(e,t){ga[e]=t,ga[t]=e}function ne(e,t){ga[e]=t}w("1.2.840.113549.1.1.1","rsaEncryption"),w("1.2.840.113549.1.1.4","md5WithRSAEncryption"),w("1.2.840.113549.1.1.5","sha1WithRSAEncryption"),w("1.2.840.113549.1.1.7","RSAES-OAEP"),w("1.2.840.113549.1.1.8","mgf1"),w("1.2.840.113549.1.1.9","pSpecified"),w("1.2.840.113549.1.1.10","RSASSA-PSS"),w("1.2.840.113549.1.1.11","sha256WithRSAEncryption"),w("1.2.840.113549.1.1.12","sha384WithRSAEncryption"),w("1.2.840.113549.1.1.13","sha512WithRSAEncryption"),w("1.3.101.112","EdDSA25519"),w("1.2.840.10040.4.3","dsa-with-sha1"),w("1.3.14.3.2.7","desCBC"),w("1.3.14.3.2.26","sha1"),w("2.16.840.1.101.3.4.2.1","sha256"),w("2.16.840.1.101.3.4.2.2","sha384"),w("2.16.840.1.101.3.4.2.3","sha512"),w("1.2.840.113549.2.5","md5"),w("1.2.840.113549.1.7.1","data"),w("1.2.840.113549.1.7.2","signedData"),w("1.2.840.113549.1.7.3","envelopedData"),w("1.2.840.113549.1.7.4","signedAndEnvelopedData"),w("1.2.840.113549.1.7.5","digestedData"),w("1.2.840.113549.1.7.6","encryptedData"),w("1.2.840.113549.1.9.1","emailAddress"),w("1.2.840.113549.1.9.2","unstructuredName"),w("1.2.840.113549.1.9.3","contentType"),w("1.2.840.113549.1.9.4","messageDigest"),w("1.2.840.113549.1.9.5","signingTime"),w("1.2.840.113549.1.9.6","counterSignature"),w("1.2.840.113549.1.9.7","challengePassword"),w("1.2.840.113549.1.9.8","unstructuredAddress"),w("1.2.840.113549.1.9.14","extensionRequest"),w("1.2.840.113549.1.9.20","friendlyName"),w("1.2.840.113549.1.9.21","localKeyId"),w("1.2.840.113549.1.9.22.1","x509Certificate"),w("1.2.840.113549.1.12.10.1.1","keyBag"),w("1.2.840.113549.1.12.10.1.2","pkcs8ShroudedKeyBag"),w("1.2.840.113549.1.12.10.1.3","certBag"),w("1.2.840.113549.1.12.10.1.4","crlBag"),w("1.2.840.113549.1.12.10.1.5","secretBag"),w("1.2.840.113549.1.12.10.1.6","safeContentsBag"),w("1.2.840.113549.1.5.13","pkcs5PBES2"),w("1.2.840.113549.1.5.12","pkcs5PBKDF2"),w("1.2.840.113549.1.12.1.1","pbeWithSHAAnd128BitRC4"),w("1.2.840.113549.1.12.1.2","pbeWithSHAAnd40BitRC4"),w("1.2.840.113549.1.12.1.3","pbeWithSHAAnd3-KeyTripleDES-CBC"),w("1.2.840.113549.1.12.1.4","pbeWithSHAAnd2-KeyTripleDES-CBC"),w("1.2.840.113549.1.12.1.5","pbeWithSHAAnd128BitRC2-CBC"),w("1.2.840.113549.1.12.1.6","pbewithSHAAnd40BitRC2-CBC"),w("1.2.840.113549.2.7","hmacWithSHA1"),w("1.2.840.113549.2.8","hmacWithSHA224"),w("1.2.840.113549.2.9","hmacWithSHA256"),w("1.2.840.113549.2.10","hmacWithSHA384"),w("1.2.840.113549.2.11","hmacWithSHA512"),w("1.2.840.113549.3.7","des-EDE3-CBC"),w("2.16.840.1.101.3.4.1.2","aes128-CBC"),w("2.16.840.1.101.3.4.1.22","aes192-CBC"),w("2.16.840.1.101.3.4.1.42","aes256-CBC"),w("2.5.4.3","commonName"),w("2.5.4.5","serialName"),w("2.5.4.6","countryName"),w("2.5.4.7","localityName"),w("2.5.4.8","stateOrProvinceName"),w("2.5.4.9","streetAddress"),w("2.5.4.10","organizationName"),w("2.5.4.11","organizationalUnitName"),w("2.5.4.13","description"),w("2.5.4.15","businessCategory"),w("2.5.4.17","postalCode"),w("1.3.6.1.4.1.311.60.2.1.2","jurisdictionOfIncorporationStateOrProvinceName"),w("1.3.6.1.4.1.311.60.2.1.3","jurisdictionOfIncorporationCountryName"),w("2.16.840.1.113730.1.1","nsCertType"),w("2.16.840.1.113730.1.13","nsComment"),ne("2.5.29.1","authorityKeyIdentifier"),ne("2.5.29.2","keyAttributes"),ne("2.5.29.3","certificatePolicies"),ne("2.5.29.4","keyUsageRestriction"),ne("2.5.29.5","policyMapping"),ne("2.5.29.6","subtreesConstraint"),ne("2.5.29.7","subjectAltName"),ne("2.5.29.8","issuerAltName"),ne("2.5.29.9","subjectDirectoryAttributes"),ne("2.5.29.10","basicConstraints"),ne("2.5.29.11","nameConstraints"),ne("2.5.29.12","policyConstraints"),ne("2.5.29.13","basicConstraints"),w("2.5.29.14","subjectKeyIdentifier"),w("2.5.29.15","keyUsage"),ne("2.5.29.16","privateKeyUsagePeriod"),w("2.5.29.17","subjectAltName"),w("2.5.29.18","issuerAltName"),w("2.5.29.19","basicConstraints"),ne("2.5.29.20","cRLNumber"),ne("2.5.29.21","cRLReason"),ne("2.5.29.22","expirationDate"),ne("2.5.29.23","instructionCode"),ne("2.5.29.24","invalidityDate"),ne("2.5.29.25","cRLDistributionPoints"),ne("2.5.29.26","issuingDistributionPoint"),ne("2.5.29.27","deltaCRLIndicator"),ne("2.5.29.28","issuingDistributionPoint"),ne("2.5.29.29","certificateIssuer"),ne("2.5.29.30","nameConstraints"),w("2.5.29.31","cRLDistributionPoints"),w("2.5.29.32","certificatePolicies"),ne("2.5.29.33","policyMappings"),ne("2.5.29.34","policyConstraints"),w("2.5.29.35","authorityKeyIdentifier"),ne("2.5.29.36","policyConstraints"),w("2.5.29.37","extKeyUsage"),ne("2.5.29.46","freshestCRL"),ne("2.5.29.54","inhibitAnyPolicy"),w("1.3.6.1.4.1.11129.2.4.2","timestampList"),w("1.3.6.1.5.5.7.1.1","authorityInfoAccess"),w("1.3.6.1.5.5.7.3.1","serverAuth"),w("1.3.6.1.5.5.7.3.2","clientAuth"),w("1.3.6.1.5.5.7.3.3","codeSigning"),w("1.3.6.1.5.5.7.3.4","emailProtection"),w("1.3.6.1.5.5.7.3.8","timeStamping");var de=Y,P=de.asn1=de.asn1||{};P.Class={UNIVERSAL:0,APPLICATION:64,CONTEXT_SPECIFIC:128,PRIVATE:192},P.Type={NONE:0,BOOLEAN:1,INTEGER:2,BITSTRING:3,OCTETSTRING:4,NULL:5,OID:6,ODESC:7,EXTERNAL:8,REAL:9,ENUMERATED:10,EMBEDDED:11,UTF8:12,ROID:13,SEQUENCE:16,SET:17,PRINTABLESTRING:19,IA5STRING:22,UTCTIME:23,GENERALIZEDTIME:24,BMPSTRING:30},P.create=function(e,t,a,r,n){if(de.util.isArray(r)){for(var s=[],i=0;i<r.length;++i)r[i]!==void 0&&s.push(r[i]);r=s}var o={tagClass:e,type:t,constructed:a,composed:a||de.util.isArray(r),value:r};return n&&"bitStringContents"in n&&(o.bitStringContents=n.bitStringContents,o.original=P.copy(o)),o},P.copy=function(e,t){var a;if(de.util.isArray(e)){a=[];for(var r=0;r<e.length;++r)a.push(P.copy(e[r],t));return a}return typeof e=="string"?e:(a={tagClass:e.tagClass,type:e.type,constructed:e.constructed,composed:e.composed,value:P.copy(e.value,t)},t&&!t.excludeBitStringContents&&(a.bitStringContents=e.bitStringContents),a)},P.equals=function(e,t,a){if(de.util.isArray(e)){if(!de.util.isArray(t)||e.length!==t.length)return!1;for(var r=0;r<e.length;++r)if(!P.equals(e[r],t[r]))return!1;return!0}if(typeof e!=typeof t)return!1;if(typeof e=="string")return e===t;var n=e.tagClass===t.tagClass&&e.type===t.type&&e.constructed===t.constructed&&e.composed===t.composed&&P.equals(e.value,t.value);return a&&a.includeBitStringContents&&(n=n&&e.bitStringContents===t.bitStringContents),n},P.getBerValueLength=function(e){var t=e.getByte();if(t!==128){var a,r=t&128;return r?a=e.getInt((t&127)<<3):a=t,a}};function Er(e,t,a){if(a>t){var r=new Error("Too few bytes to parse DER.");throw r.available=e.length(),r.remaining=t,r.requested=a,r}}var qi=function(e,t){var a=e.getByte();if(t--,a!==128){var r,n=a&128;if(!n)r=a;else{var s=a&127;Er(e,t,s),r=e.getInt(s<<3)}if(r<0)throw new Error("Negative length: "+r);return r}};P.fromDer=function(e,t){return t===void 0&&(t={strict:!0,decodeBitStrings:!0}),typeof t=="boolean"&&(t={strict:t,decodeBitStrings:!0}),"strict"in t||(t.strict=!0),"decodeBitStrings"in t||(t.decodeBitStrings=!0),typeof e=="string"&&(e=de.util.createBuffer(e)),Vr(e,e.length(),0,t)};function Vr(e,t,a,r){var n;Er(e,t,2);var s=e.getByte();t--;var i=s&192,o=s&31;n=e.length();var u=qi(e,t);if(t-=n-e.length(),u!==void 0&&u>t){if(r.strict){var l=new Error("Too few bytes to read ASN.1 value.");throw l.available=e.length(),l.remaining=t,l.requested=u,l}u=t}var f,c,v=(s&32)===32;if(v)if(f=[],u===void 0)for(;;){if(Er(e,t,2),e.bytes(2)===String.fromCharCode(0,0)){e.getBytes(2),t-=2;break}n=e.length(),f.push(Vr(e,t,a+1,r)),t-=n-e.length()}else for(;u>0;)n=e.length(),f.push(Vr(e,u,a+1,r)),t-=n-e.length(),u-=n-e.length();if(f===void 0&&i===P.Class.UNIVERSAL&&o===P.Type.BITSTRING&&(c=e.bytes(u)),f===void 0&&r.decodeBitStrings&&i===P.Class.UNIVERSAL&&o===P.Type.BITSTRING&&u>1){var m=e.read,y=t,x=0;if(o===P.Type.BITSTRING&&(Er(e,t,1),x=e.getByte(),t--),x===0)try{n=e.length();var S={verbose:r.verbose,strict:!0,decodeBitStrings:!0},A=Vr(e,t,a+1,S),B=n-e.length();t-=B,o==P.Type.BITSTRING&&B++;var N=A.tagClass;B===u&&(N===P.Class.UNIVERSAL||N===P.Class.CONTEXT_SPECIFIC)&&(f=[A])}catch{}f===void 0&&(e.read=m,t=y)}if(f===void 0){if(u===void 0){if(r.strict)throw new Error("Non-constructed ASN.1 object of indefinite length.");u=t}if(o===P.Type.BMPSTRING)for(f="";u>0;u-=2)Er(e,t,2),f+=String.fromCharCode(e.getInt16()),t-=2;else f=e.getBytes(u)}var F=c===void 0?null:{bitStringContents:c};return P.create(i,o,v,f,F)}P.toDer=function(e){var t=de.util.createBuffer(),a=e.tagClass|e.type,r=de.util.createBuffer(),n=!1;if("bitStringContents"in e&&(n=!0,e.original&&(n=P.equals(e,e.original))),n)r.putBytes(e.bitStringContents);else if(e.composed){e.constructed?a|=32:r.putByte(0);for(var s=0;s<e.value.length;++s)e.value[s]!==void 0&&r.putBuffer(P.toDer(e.value[s]))}else if(e.type===P.Type.BMPSTRING)for(var s=0;s<e.value.length;++s)r.putInt16(e.value.charCodeAt(s));else e.type===P.Type.INTEGER&&e.value.length>1&&(e.value.charCodeAt(0)===0&&(e.value.charCodeAt(1)&128)===0||e.value.charCodeAt(0)===255&&(e.value.charCodeAt(1)&128)===128)?r.putBytes(e.value.substr(1)):r.putBytes(e.value);if(t.putByte(a),r.length()<=127)t.putByte(r.length()&127);else{var i=r.length(),o="";do o+=String.fromCharCode(i&255),i=i>>>8;while(i>0);t.putByte(o.length|128);for(var s=o.length-1;s>=0;--s)t.putByte(o.charCodeAt(s))}return t.putBuffer(r),t},P.oidToDer=function(e){var t=e.split("."),a=de.util.createBuffer();a.putByte(40*parseInt(t[0],10)+parseInt(t[1],10));for(var r,n,s,i,o=2;o<t.length;++o){r=!0,n=[],s=parseInt(t[o],10);do i=s&127,s=s>>>7,r||(i|=128),n.push(i),r=!1;while(s>0);for(var u=n.length-1;u>=0;--u)a.putByte(n[u])}return a},P.derToOid=function(e){var t;typeof e=="string"&&(e=de.util.createBuffer(e));var a=e.getByte();t=Math.floor(a/40)+"."+a%40;for(var r=0;e.length()>0;)a=e.getByte(),r=r<<7,a&128?r+=a&127:(t+="."+(r+a),r=0);return t},P.utcTimeToDate=function(e){var t=new Date,a=parseInt(e.substr(0,2),10);a=a>=50?1900+a:2e3+a;var r=parseInt(e.substr(2,2),10)-1,n=parseInt(e.substr(4,2),10),s=parseInt(e.substr(6,2),10),i=parseInt(e.substr(8,2),10),o=0;if(e.length>11){var u=e.charAt(10),l=10;u!=="+"&&u!=="-"&&(o=parseInt(e.substr(10,2),10),l+=2)}if(t.setUTCFullYear(a,r,n),t.setUTCHours(s,i,o,0),l&&(u=e.charAt(l),u==="+"||u==="-")){var f=parseInt(e.substr(l+1,2),10),c=parseInt(e.substr(l+4,2),10),v=f*60+c;v*=6e4,u==="+"?t.setTime(+t-v):t.setTime(+t+v)}return t},P.generalizedTimeToDate=function(e){var t=new Date,a=parseInt(e.substr(0,4),10),r=parseInt(e.substr(4,2),10)-1,n=parseInt(e.substr(6,2),10),s=parseInt(e.substr(8,2),10),i=parseInt(e.substr(10,2),10),o=parseInt(e.substr(12,2),10),u=0,l=0,f=!1;e.charAt(e.length-1)==="Z"&&(f=!0);var c=e.length-5,v=e.charAt(c);if(v==="+"||v==="-"){var m=parseInt(e.substr(c+1,2),10),y=parseInt(e.substr(c+4,2),10);l=m*60+y,l*=6e4,v==="+"&&(l*=-1),f=!0}return e.charAt(14)==="."&&(u=parseFloat(e.substr(14),10)*1e3),f?(t.setUTCFullYear(a,r,n),t.setUTCHours(s,i,o,u),t.setTime(+t+l)):(t.setFullYear(a,r,n),t.setHours(s,i,o,u)),t},P.dateToUtcTime=function(e){if(typeof e=="string")return e;var t="",a=[];a.push((""+e.getUTCFullYear()).substr(2)),a.push(""+(e.getUTCMonth()+1)),a.push(""+e.getUTCDate()),a.push(""+e.getUTCHours()),a.push(""+e.getUTCMinutes()),a.push(""+e.getUTCSeconds());for(var r=0;r<a.length;++r)a[r].length<2&&(t+="0"),t+=a[r];return t+="Z",t},P.dateToGeneralizedTime=function(e){if(typeof e=="string")return e;var t="",a=[];a.push(""+e.getUTCFullYear()),a.push(""+(e.getUTCMonth()+1)),a.push(""+e.getUTCDate()),a.push(""+e.getUTCHours()),a.push(""+e.getUTCMinutes()),a.push(""+e.getUTCSeconds());for(var r=0;r<a.length;++r)a[r].length<2&&(t+="0"),t+=a[r];return t+="Z",t},P.integerToDer=function(e){var t=de.util.createBuffer();if(e>=-128&&e<128)return t.putSignedInt(e,8);if(e>=-32768&&e<32768)return t.putSignedInt(e,16);if(e>=-8388608&&e<8388608)return t.putSignedInt(e,24);if(e>=-2147483648&&e<2147483648)return t.putSignedInt(e,32);var a=new Error("Integer too large; max is 32-bits.");throw a.integer=e,a},P.derToInteger=function(e){typeof e=="string"&&(e=de.util.createBuffer(e));var t=e.length()*8;if(t>32)throw new Error("Integer too large; max is 32-bits.");return e.getSignedInt(t)},P.validate=function(e,t,a,r){var n=!1;if((e.tagClass===t.tagClass||typeof t.tagClass>"u")&&(e.type===t.type||typeof t.type>"u"))if(e.constructed===t.constructed||typeof t.constructed>"u"){if(n=!0,t.value&&de.util.isArray(t.value))for(var s=0,i=0;n&&i<t.value.length;++i)n=t.value[i].optional||!1,e.value[s]&&(n=P.validate(e.value[s],t.value[i],a,r),n?++s:t.value[i].optional&&(n=!0)),!n&&r&&r.push("["+t.name+'] Tag class "'+t.tagClass+'", type "'+t.type+'" expected value length "'+t.value.length+'", got "'+e.value.length+'"');if(n&&a&&(t.capture&&(a[t.capture]=e.value),t.captureAsn1&&(a[t.captureAsn1]=e),t.captureBitStringContents&&"bitStringContents"in e&&(a[t.captureBitStringContents]=e.bitStringContents),t.captureBitStringValue&&"bitStringContents"in e))if(e.bitStringContents.length<2)a[t.captureBitStringValue]="";else{var o=e.bitStringContents.charCodeAt(0);if(o!==0)throw new Error("captureBitStringValue only supported for zero unused bits");a[t.captureBitStringValue]=e.bitStringContents.slice(1)}}else r&&r.push("["+t.name+'] Expected constructed "'+t.constructed+'", got "'+e.constructed+'"');else r&&(e.tagClass!==t.tagClass&&r.push("["+t.name+'] Expected tag class "'+t.tagClass+'", got "'+e.tagClass+'"'),e.type!==t.type&&r.push("["+t.name+'] Expected type "'+t.type+'", got "'+e.type+'"'));return n};var hn=/[^\\u0000-\\u00ff]/;P.prettyPrint=function(e,t,a){var r="";t=t||0,a=a||2,t>0&&(r+=`
7
+ `);for(var n="",s=0;s<t*a;++s)n+=" ";switch(r+=n+"Tag: ",e.tagClass){case P.Class.UNIVERSAL:r+="Universal:";break;case P.Class.APPLICATION:r+="Application:";break;case P.Class.CONTEXT_SPECIFIC:r+="Context-Specific:";break;case P.Class.PRIVATE:r+="Private:";break}if(e.tagClass===P.Class.UNIVERSAL)switch(r+=e.type,e.type){case P.Type.NONE:r+=" (None)";break;case P.Type.BOOLEAN:r+=" (Boolean)";break;case P.Type.INTEGER:r+=" (Integer)";break;case P.Type.BITSTRING:r+=" (Bit string)";break;case P.Type.OCTETSTRING:r+=" (Octet string)";break;case P.Type.NULL:r+=" (Null)";break;case P.Type.OID:r+=" (Object Identifier)";break;case P.Type.ODESC:r+=" (Object Descriptor)";break;case P.Type.EXTERNAL:r+=" (External or Instance of)";break;case P.Type.REAL:r+=" (Real)";break;case P.Type.ENUMERATED:r+=" (Enumerated)";break;case P.Type.EMBEDDED:r+=" (Embedded PDV)";break;case P.Type.UTF8:r+=" (UTF8)";break;case P.Type.ROID:r+=" (Relative Object Identifier)";break;case P.Type.SEQUENCE:r+=" (Sequence)";break;case P.Type.SET:r+=" (Set)";break;case P.Type.PRINTABLESTRING:r+=" (Printable String)";break;case P.Type.IA5String:r+=" (IA5String (ASCII))";break;case P.Type.UTCTIME:r+=" (UTC time)";break;case P.Type.GENERALIZEDTIME:r+=" (Generalized time)";break;case P.Type.BMPSTRING:r+=" (BMP String)";break}else r+=e.type;if(r+=`
8
+ `,r+=n+"Constructed: "+e.constructed+`
9
+ `,e.composed){for(var i=0,o="",s=0;s<e.value.length;++s)e.value[s]!==void 0&&(i+=1,o+=P.prettyPrint(e.value[s],t+1,a),s+1<e.value.length&&(o+=","));r+=n+"Sub values: "+i+o}else{if(r+=n+"Value: ",e.type===P.Type.OID){var u=P.derToOid(e.value);r+=u,de.pki&&de.pki.oids&&u in de.pki.oids&&(r+=" ("+de.pki.oids[u]+") ")}if(e.type===P.Type.INTEGER)try{r+=P.derToInteger(e.value)}catch{r+="0x"+de.util.bytesToHex(e.value)}else if(e.type===P.Type.BITSTRING){if(e.value.length>1?r+="0x"+de.util.bytesToHex(e.value.slice(1)):r+="(none)",e.value.length>0){var l=e.value.charCodeAt(0);l==1?r+=" (1 unused bit shown)":l>1&&(r+=" ("+l+" unused bits shown)")}}else e.type===P.Type.OCTETSTRING?(hn.test(e.value)||(r+="("+e.value+") "),r+="0x"+de.util.bytesToHex(e.value)):e.type===P.Type.UTF8?r+=de.util.decodeUtf8(e.value):e.type===P.Type.PRINTABLESTRING||e.type===P.Type.IA5String?r+=e.value:hn.test(e.value)?r+="0x"+de.util.bytesToHex(e.value):e.value.length===0?r+="[null]":r+=e.value}return r};var Fr=Y,Gi=Fr.md=Fr.md||{};Fr.md.algorithms=Fr.md.algorithms||{};var At=Y,Qi=At.hmac=At.hmac||{};Qi.create=function(){var e=null,t=null,a=null,r=null,n={};return n.start=function(s,i){if(s!==null)if(typeof s=="string")if(s=s.toLowerCase(),s in At.md.algorithms)t=At.md.algorithms[s].create();else throw new Error('Unknown hash algorithm "'+s+'"');else t=s;if(i===null)i=e;else{if(typeof i=="string")i=At.util.createBuffer(i);else if(At.util.isArray(i)){var o=i;i=At.util.createBuffer();for(var u=0;u<o.length;++u)i.putByte(o[u])}var l=i.length();l>t.blockLength&&(t.start(),t.update(i.bytes()),i=t.digest()),a=At.util.createBuffer(),r=At.util.createBuffer(),l=i.length();for(var u=0;u<l;++u){var o=i.at(u);a.putByte(54^o),r.putByte(92^o)}if(l<t.blockLength)for(var o=t.blockLength-l,u=0;u<o;++u)a.putByte(54),r.putByte(92);e=i,a=a.bytes(),r=r.bytes()}t.start(),t.update(a)},n.update=function(s){t.update(s)},n.getMac=function(){var s=t.digest().bytes();return t.start(),t.update(r),t.update(s),t.digest()},n.digest=n.getMac,n};var yt=Y,dn=yt.md5=yt.md5||{};yt.md.md5=yt.md.algorithms.md5=dn,dn.create=function(){pn||zi();var e=null,t=yt.util.createBuffer(),a=new Array(16),r={algorithm:"md5",blockLength:64,digestLength:16,messageLength:0,fullMessageLength:null,messageLengthSize:8};return r.start=function(){r.messageLength=0,r.fullMessageLength=r.messageLength64=[];for(var n=r.messageLengthSize/4,s=0;s<n;++s)r.fullMessageLength.push(0);return t=yt.util.createBuffer(),e={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878},r},r.start(),r.update=function(n,s){s==="utf8"&&(n=yt.util.encodeUtf8(n));var i=n.length;r.messageLength+=i,i=[i/4294967296>>>0,i>>>0];for(var o=r.fullMessageLength.length-1;o>=0;--o)r.fullMessageLength[o]+=i[1],i[1]=i[0]+(r.fullMessageLength[o]/4294967296>>>0),r.fullMessageLength[o]=r.fullMessageLength[o]>>>0,i[0]=i[1]/4294967296>>>0;return t.putBytes(n),vn(e,a,t),(t.read>2048||t.length()===0)&&t.compact(),r},r.digest=function(){var n=yt.util.createBuffer();n.putBytes(t.bytes());var s=r.fullMessageLength[r.fullMessageLength.length-1]+r.messageLengthSize,i=s&r.blockLength-1;n.putBytes(ma.substr(0,r.blockLength-i));for(var o,u=0,l=r.fullMessageLength.length-1;l>=0;--l)o=r.fullMessageLength[l]*8+u,u=o/4294967296>>>0,n.putInt32Le(o>>>0);var f={h0:e.h0,h1:e.h1,h2:e.h2,h3:e.h3};vn(f,a,n);var c=yt.util.createBuffer();return c.putInt32Le(f.h0),c.putInt32Le(f.h1),c.putInt32Le(f.h2),c.putInt32Le(f.h3),c},r};var ma=null,Or=null,xr=null,ar=null,pn=!1;function zi(){ma=String.fromCharCode(128),ma+=yt.util.fillString(String.fromCharCode(0),64),Or=[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,1,6,11,0,5,10,15,4,9,14,3,8,13,2,7,12,5,8,11,14,1,4,7,10,13,0,3,6,9,12,15,2,0,7,14,5,12,3,10,1,8,15,6,13,4,11,2,9],xr=[7,12,17,22,7,12,17,22,7,12,17,22,7,12,17,22,5,9,14,20,5,9,14,20,5,9,14,20,5,9,14,20,4,11,16,23,4,11,16,23,4,11,16,23,4,11,16,23,6,10,15,21,6,10,15,21,6,10,15,21,6,10,15,21],ar=new Array(64);for(var e=0;e<64;++e)ar[e]=Math.floor(Math.abs(Math.sin(e+1))*4294967296);pn=!0}function vn(e,t,a){for(var r,n,s,i,o,u,l,f,c=a.length();c>=64;){for(n=e.h0,s=e.h1,i=e.h2,o=e.h3,f=0;f<16;++f)t[f]=a.getInt32Le(),u=o^s&(i^o),r=n+u+ar[f]+t[f],l=xr[f],n=o,o=i,i=s,s+=r<<l|r>>>32-l;for(;f<32;++f)u=i^o&(s^i),r=n+u+ar[f]+t[Or[f]],l=xr[f],n=o,o=i,i=s,s+=r<<l|r>>>32-l;for(;f<48;++f)u=s^i^o,r=n+u+ar[f]+t[Or[f]],l=xr[f],n=o,o=i,i=s,s+=r<<l|r>>>32-l;for(;f<64;++f)u=i^(s|~o),r=n+u+ar[f]+t[Or[f]],l=xr[f],n=o,o=i,i=s,s+=r<<l|r>>>32-l;e.h0=e.h0+n|0,e.h1=e.h1+s|0,e.h2=e.h2+i|0,e.h3=e.h3+o|0,c-=64}}var Kr=Y,yn=Kr.pem=Kr.pem||{};yn.encode=function(e,t){t=t||{};var a="-----BEGIN "+e.type+`-----\r
10
+ `,r;if(e.procType&&(r={name:"Proc-Type",values:[String(e.procType.version),e.procType.type]},a+=Mr(r)),e.contentDomain&&(r={name:"Content-Domain",values:[e.contentDomain]},a+=Mr(r)),e.dekInfo&&(r={name:"DEK-Info",values:[e.dekInfo.algorithm]},e.dekInfo.parameters&&r.values.push(e.dekInfo.parameters),a+=Mr(r)),e.headers)for(var n=0;n<e.headers.length;++n)a+=Mr(e.headers[n]);return e.procType&&(a+=`\r
11
+ `),a+=Kr.util.encode64(e.body,t.maxline||64)+`\r
12
+ `,a+="-----END "+e.type+`-----\r
13
+ `,a},yn.decode=function(e){for(var t=[],a=/\s*-----BEGIN ([A-Z0-9- ]+)-----\r?\n?([\x21-\x7e\s]+?(?:\r?\n\r?\n))?([:A-Za-z0-9+\/=\s]+?)-----END \1-----/g,r=/([\x21-\x7e]+):\s*([\x21-\x7e\s^:]+)/,n=/\r?\n/,s;s=a.exec(e),!!s;){var i={type:s[1],procType:null,contentDomain:null,dekInfo:null,headers:[],body:Kr.util.decode64(s[3])};if(t.push(i),!!s[2]){for(var o=s[2].split(n),u=0;s&&u<o.length;){for(var l=o[u].replace(/\s+$/,""),f=u+1;f<o.length;++f){var c=o[f];if(!/\s/.test(c[0]))break;l+=c,u=f}if(s=l.match(r),s){for(var v={name:s[1],values:[]},m=s[2].split(","),y=0;y<m.length;++y)v.values.push(Yi(m[y]));if(i.procType)if(!i.contentDomain&&v.name==="Content-Domain")i.contentDomain=m[0]||"";else if(!i.dekInfo&&v.name==="DEK-Info"){if(v.values.length===0)throw new Error('Invalid PEM formatted message. The "DEK-Info" header must have at least one subfield.');i.dekInfo={algorithm:m[0],parameters:m[1]||null}}else i.headers.push(v);else{if(v.name!=="Proc-Type")throw new Error('Invalid PEM formatted message. The first encapsulated header must be "Proc-Type".');if(v.values.length!==2)throw new Error('Invalid PEM formatted message. The "Proc-Type" header must have two subfields.');i.procType={version:m[0],type:m[1]}}}++u}if(i.procType==="ENCRYPTED"&&!i.dekInfo)throw new Error('Invalid PEM formatted message. The "DEK-Info" header must be present if "Proc-Type" is "ENCRYPTED".')}}if(t.length===0)throw new Error("Invalid PEM formatted message.");return t};function Mr(e){for(var t=e.name+": ",a=[],r=function(u,l){return" "+l},n=0;n<e.values.length;++n)a.push(e.values[n].replace(/^(\S+\r\n)/,r));t+=a.join(",")+`\r
14
+ `;for(var s=0,i=-1,n=0;n<t.length;++n,++s)if(s>65&&i!==-1){var o=t[i];o===","?(++i,t=t.substr(0,i)+`\r
15
+ `+t.substr(i)):t=t.substr(0,i)+`\r
16
+ `+o+t.substr(i+1),s=n-i-1,i=-1,++n}else(t[n]===" "||t[n]===" "||t[n]===",")&&(i=n);return t}function Yi(e){return e.replace(/^\s+/,"")}var pe=Y;pe.des=pe.des||{},pe.des.startEncrypting=function(e,t,a,r){var n=Hr({key:e,output:a,decrypt:!1,mode:r||(t===null?"ECB":"CBC")});return n.start(t),n},pe.des.createEncryptionCipher=function(e,t){return Hr({key:e,output:null,decrypt:!1,mode:t})},pe.des.startDecrypting=function(e,t,a,r){var n=Hr({key:e,output:a,decrypt:!0,mode:r||(t===null?"ECB":"CBC")});return n.start(t),n},pe.des.createDecryptionCipher=function(e,t){return Hr({key:e,output:null,decrypt:!0,mode:t})},pe.des.Algorithm=function(e,t){var a=this;a.name=e,a.mode=new t({blockSize:8,cipher:{encrypt:function(r,n){return gn(a._keys,r,n,!1)},decrypt:function(r,n){return gn(a._keys,r,n,!0)}}}),a._init=!1},pe.des.Algorithm.prototype.initialize=function(e){if(!this._init){var t=pe.util.createBuffer(e.key);if(this.name.indexOf("3DES")===0&&t.length()!==24)throw new Error("Invalid Triple-DES key size: "+t.length()*8);this._keys=rs(t),this._init=!0}},gt("DES-ECB",pe.cipher.modes.ecb),gt("DES-CBC",pe.cipher.modes.cbc),gt("DES-CFB",pe.cipher.modes.cfb),gt("DES-OFB",pe.cipher.modes.ofb),gt("DES-CTR",pe.cipher.modes.ctr),gt("3DES-ECB",pe.cipher.modes.ecb),gt("3DES-CBC",pe.cipher.modes.cbc),gt("3DES-CFB",pe.cipher.modes.cfb),gt("3DES-OFB",pe.cipher.modes.ofb),gt("3DES-CTR",pe.cipher.modes.ctr);function gt(e,t){var a=function(){return new pe.des.Algorithm(e,t)};pe.cipher.registerAlgorithm(e,a)}var Wi=[16843776,0,65536,16843780,16842756,66564,4,65536,1024,16843776,16843780,1024,16778244,16842756,16777216,4,1028,16778240,16778240,66560,66560,16842752,16842752,16778244,65540,16777220,16777220,65540,0,1028,66564,16777216,65536,16843780,4,16842752,16843776,16777216,16777216,1024,16842756,65536,66560,16777220,1024,4,16778244,66564,16843780,65540,16842752,16778244,16777220,1028,66564,16843776,1028,16778240,16778240,0,65540,66560,0,16842756],ji=[-2146402272,-2147450880,32768,1081376,1048576,32,-2146435040,-2147450848,-2147483616,-2146402272,-2146402304,-2147483648,-2147450880,1048576,32,-2146435040,1081344,1048608,-2147450848,0,-2147483648,32768,1081376,-2146435072,1048608,-2147483616,0,1081344,32800,-2146402304,-2146435072,32800,0,1081376,-2146435040,1048576,-2147450848,-2146435072,-2146402304,32768,-2146435072,-2147450880,32,-2146402272,1081376,32,32768,-2147483648,32800,-2146402304,1048576,-2147483616,1048608,-2147450848,-2147483616,1048608,1081344,0,-2147450880,32800,-2147483648,-2146435040,-2146402272,1081344],Xi=[520,134349312,0,134348808,134218240,0,131592,134218240,131080,134217736,134217736,131072,134349320,131080,134348800,520,134217728,8,134349312,512,131584,134348800,134348808,131592,134218248,131584,131072,134218248,8,134349320,512,134217728,134349312,134217728,131080,520,131072,134349312,134218240,0,512,131080,134349320,134218240,134217736,512,0,134348808,134218248,131072,134217728,134349320,8,131592,131584,134217736,134348800,134218248,520,134348800,131592,8,134348808,131584],$i=[8396801,8321,8321,128,8396928,8388737,8388609,8193,0,8396800,8396800,8396929,129,0,8388736,8388609,1,8192,8388608,8396801,128,8388608,8193,8320,8388737,1,8320,8388736,8192,8396928,8396929,129,8388736,8388609,8396800,8396929,129,0,0,8396800,8320,8388736,8388737,1,8396801,8321,8321,128,8396929,129,1,8192,8388609,8193,8396928,8388737,8193,8320,8388608,8396801,128,8388608,8192,8396928],Zi=[256,34078976,34078720,1107296512,524288,256,1073741824,34078720,1074266368,524288,33554688,1074266368,1107296512,1107820544,524544,1073741824,33554432,1074266112,1074266112,0,1073742080,1107820800,1107820800,33554688,1107820544,1073742080,0,1107296256,34078976,33554432,1107296256,524544,524288,1107296512,256,33554432,1073741824,34078720,1107296512,1074266368,33554688,1073741824,1107820544,34078976,1074266368,256,33554432,1107820544,1107820800,524544,1107296256,1107820800,34078720,0,1074266112,1107296256,524544,33554688,1073742080,524288,0,1074266112,34078976,1073742080],Ji=[536870928,541065216,16384,541081616,541065216,16,541081616,4194304,536887296,4210704,4194304,536870928,4194320,536887296,536870912,16400,0,4194320,536887312,16384,4210688,536887312,16,541065232,541065232,0,4210704,541081600,16400,4210688,541081600,536870912,536887296,16,541065232,4210688,541081616,4194304,16400,536870928,4194304,536887296,536870912,16400,536870928,541081616,4210688,541065216,4210704,541081600,0,541065232,16,16384,541065216,4210704,16384,4194320,536887312,0,541081600,536870912,4194320,536887312],es=[2097152,69206018,67110914,0,2048,67110914,2099202,69208064,69208066,2097152,0,67108866,2,67108864,69206018,2050,67110912,2099202,2097154,67110912,67108866,69206016,69208064,2097154,69206016,2048,2050,69208066,2099200,2,67108864,2099200,67108864,2099200,2097152,67110914,67110914,69206018,69206018,2,2097154,67108864,67110912,2097152,69208064,2050,2099202,69208064,2050,67108866,69208066,69206016,2099200,0,2,69208066,0,2099202,69206016,2048,67108866,67110912,2048,2097154],ts=[268439616,4096,262144,268701760,268435456,268439616,64,268435456,262208,268697600,268701760,266240,268701696,266304,4096,64,268697600,268435520,268439552,4160,266240,262208,268697664,268701696,4160,0,0,268697664,268435520,268439552,266304,262144,266304,262144,268701696,4096,64,268697664,4096,266304,268439552,64,268435520,268697600,268697664,268435456,262144,268439616,0,268701760,262208,268435520,268697600,268439552,268439616,0,268701760,266240,266240,4160,4160,262208,268435456,268701696];function rs(e){for(var t=[0,4,536870912,536870916,65536,65540,536936448,536936452,512,516,536871424,536871428,66048,66052,536936960,536936964],a=[0,1,1048576,1048577,67108864,67108865,68157440,68157441,256,257,1048832,1048833,67109120,67109121,68157696,68157697],r=[0,8,2048,2056,16777216,16777224,16779264,16779272,0,8,2048,2056,16777216,16777224,16779264,16779272],n=[0,2097152,134217728,136314880,8192,2105344,134225920,136323072,131072,2228224,134348800,136445952,139264,2236416,134356992,136454144],s=[0,262144,16,262160,0,262144,16,262160,4096,266240,4112,266256,4096,266240,4112,266256],i=[0,1024,32,1056,0,1024,32,1056,33554432,33555456,33554464,33555488,33554432,33555456,33554464,33555488],o=[0,268435456,524288,268959744,2,268435458,524290,268959746,0,268435456,524288,268959744,2,268435458,524290,268959746],u=[0,65536,2048,67584,536870912,536936448,536872960,536938496,131072,196608,133120,198656,537001984,537067520,537004032,537069568],l=[0,262144,0,262144,2,262146,2,262146,33554432,33816576,33554432,33816576,33554434,33816578,33554434,33816578],f=[0,268435456,8,268435464,0,268435456,8,268435464,1024,268436480,1032,268436488,1024,268436480,1032,268436488],c=[0,32,0,32,1048576,1048608,1048576,1048608,8192,8224,8192,8224,1056768,1056800,1056768,1056800],v=[0,16777216,512,16777728,2097152,18874368,2097664,18874880,67108864,83886080,67109376,83886592,69206016,85983232,69206528,85983744],m=[0,4096,134217728,134221824,524288,528384,134742016,134746112,16,4112,134217744,134221840,524304,528400,134742032,134746128],y=[0,4,256,260,0,4,256,260,1,5,257,261,1,5,257,261],x=e.length()>8?3:1,S=[],A=[0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0],B=0,N,F=0;F<x;F++){var D=e.getInt32(),R=e.getInt32();N=(D>>>4^R)&252645135,R^=N,D^=N<<4,N=(R>>>-16^D)&65535,D^=N,R^=N<<-16,N=(D>>>2^R)&858993459,R^=N,D^=N<<2,N=(R>>>-16^D)&65535,D^=N,R^=N<<-16,N=(D>>>1^R)&1431655765,R^=N,D^=N<<1,N=(R>>>8^D)&16711935,D^=N,R^=N<<8,N=(D>>>1^R)&1431655765,R^=N,D^=N<<1,N=D<<8|R>>>20&240,D=R<<24|R<<8&16711680|R>>>8&65280|R>>>24&240,R=N;for(var z=0;z<A.length;++z){A[z]?(D=D<<2|D>>>26,R=R<<2|R>>>26):(D=D<<1|D>>>27,R=R<<1|R>>>27),D&=-15,R&=-15;var J=t[D>>>28]|a[D>>>24&15]|r[D>>>20&15]|n[D>>>16&15]|s[D>>>12&15]|i[D>>>8&15]|o[D>>>4&15],ie=u[R>>>28]|l[R>>>24&15]|f[R>>>20&15]|c[R>>>16&15]|v[R>>>12&15]|m[R>>>8&15]|y[R>>>4&15];N=(ie>>>16^J)&65535,S[B++]=J^N,S[B++]=ie^N<<16}}return S}function gn(e,t,a,r){var n=e.length===32?3:9,s;n===3?s=r?[30,-2,-2]:[0,32,2]:s=r?[94,62,-2,32,64,2,30,-2,-2]:[0,32,2,62,30,-2,64,96,2];var i,o=t[0],u=t[1];i=(o>>>4^u)&252645135,u^=i,o^=i<<4,i=(o>>>16^u)&65535,u^=i,o^=i<<16,i=(u>>>2^o)&858993459,o^=i,u^=i<<2,i=(u>>>8^o)&16711935,o^=i,u^=i<<8,i=(o>>>1^u)&1431655765,u^=i,o^=i<<1,o=o<<1|o>>>31,u=u<<1|u>>>31;for(var l=0;l<n;l+=3){for(var f=s[l+1],c=s[l+2],v=s[l];v!=f;v+=c){var m=u^e[v],y=(u>>>4|u<<28)^e[v+1];i=o,o=u,u=i^(ji[m>>>24&63]|$i[m>>>16&63]|Ji[m>>>8&63]|ts[m&63]|Wi[y>>>24&63]|Xi[y>>>16&63]|Zi[y>>>8&63]|es[y&63])}i=o,o=u,u=i}o=o>>>1|o<<31,u=u>>>1|u<<31,i=(o>>>1^u)&1431655765,u^=i,o^=i<<1,i=(u>>>8^o)&16711935,o^=i,u^=i<<8,i=(u>>>2^o)&858993459,o^=i,u^=i<<2,i=(o>>>16^u)&65535,u^=i,o^=i<<16,i=(o>>>4^u)&252645135,u^=i,o^=i<<4,a[0]=o,a[1]=u}function Hr(e){e=e||{};var t=(e.mode||"CBC").toUpperCase(),a="DES-"+t,r;e.decrypt?r=pe.cipher.createDecipher(a,e.key):r=pe.cipher.createCipher(a,e.key);var n=r.start;return r.start=function(s,i){var o=null;i instanceof pe.util.ByteBuffer&&(o=i,i={}),i=i||{},i.output=o,i.iv=s,n.call(r,i)},r}const Ca=ki(Ri);var Xe=Y,as=Xe.pkcs5=Xe.pkcs5||{},It;Xe.util.isNodejs&&!Xe.options.usePureJavaScript&&(It=Ca),Xe.pbkdf2=as.pbkdf2=function(e,t,a,r,n,s){if(typeof n=="function"&&(s=n,n=null),Xe.util.isNodejs&&!Xe.options.usePureJavaScript&&It.pbkdf2&&(n===null||typeof n!="object")&&(It.pbkdf2Sync.length>4||!n||n==="sha1"))return typeof n!="string"&&(n="sha1"),e=Buffer.from(e,"binary"),t=Buffer.from(t,"binary"),s?It.pbkdf2Sync.length===4?It.pbkdf2(e,t,a,r,function(N,F){if(N)return s(N);s(null,F.toString("binary"))}):It.pbkdf2(e,t,a,r,n,function(N,F){if(N)return s(N);s(null,F.toString("binary"))}):It.pbkdf2Sync.length===4?It.pbkdf2Sync(e,t,a,r).toString("binary"):It.pbkdf2Sync(e,t,a,r,n).toString("binary");if((typeof n>"u"||n===null)&&(n="sha1"),typeof n=="string"){if(!(n in Xe.md.algorithms))throw new Error("Unknown hash algorithm: "+n);n=Xe.md[n].create()}var i=n.digestLength;if(r>4294967295*i){var o=new Error("Derived key is too long.");if(s)return s(o);throw o}var u=Math.ceil(r/i),l=r-(u-1)*i,f=Xe.hmac.create();f.start(n,e);var c="",v,m,y;if(!s){for(var x=1;x<=u;++x){f.start(null,null),f.update(t),f.update(Xe.util.int32ToBytes(x)),v=y=f.digest().getBytes();for(var S=2;S<=a;++S)f.start(null,null),f.update(y),m=f.digest().getBytes(),v=Xe.util.xorBytes(v,m,i),y=m;c+=x<u?v:v.substr(0,l)}return c}var x=1,S;function A(){if(x>u)return s(null,c);f.start(null,null),f.update(t),f.update(Xe.util.int32ToBytes(x)),v=y=f.digest().getBytes(),S=2,B()}function B(){if(S<=a)return f.start(null,null),f.update(y),m=f.digest().getBytes(),v=Xe.util.xorBytes(v,m,i),y=m,++S,Xe.util.setImmediate(B);c+=x<u?v:v.substr(0,l),++x,A()}A()};var mt=Y,mn=mt.sha256=mt.sha256||{};mt.md.sha256=mt.md.algorithms.sha256=mn,mn.create=function(){Cn||ns();var e=null,t=mt.util.createBuffer(),a=new Array(64),r={algorithm:"sha256",blockLength:64,digestLength:32,messageLength:0,fullMessageLength:null,messageLengthSize:8};return r.start=function(){r.messageLength=0,r.fullMessageLength=r.messageLength64=[];for(var n=r.messageLengthSize/4,s=0;s<n;++s)r.fullMessageLength.push(0);return t=mt.util.createBuffer(),e={h0:1779033703,h1:3144134277,h2:1013904242,h3:2773480762,h4:1359893119,h5:2600822924,h6:528734635,h7:1541459225},r},r.start(),r.update=function(n,s){s==="utf8"&&(n=mt.util.encodeUtf8(n));var i=n.length;r.messageLength+=i,i=[i/4294967296>>>0,i>>>0];for(var o=r.fullMessageLength.length-1;o>=0;--o)r.fullMessageLength[o]+=i[1],i[1]=i[0]+(r.fullMessageLength[o]/4294967296>>>0),r.fullMessageLength[o]=r.fullMessageLength[o]>>>0,i[0]=i[1]/4294967296>>>0;return t.putBytes(n),xn(e,a,t),(t.read>2048||t.length()===0)&&t.compact(),r},r.digest=function(){var n=mt.util.createBuffer();n.putBytes(t.bytes());var s=r.fullMessageLength[r.fullMessageLength.length-1]+r.messageLengthSize,i=s&r.blockLength-1;n.putBytes(Ea.substr(0,r.blockLength-i));for(var o,u,l=r.fullMessageLength[0]*8,f=0;f<r.fullMessageLength.length-1;++f)o=r.fullMessageLength[f+1]*8,u=o/4294967296>>>0,l+=u,n.putInt32(l>>>0),l=o>>>0;n.putInt32(l);var c={h0:e.h0,h1:e.h1,h2:e.h2,h3:e.h3,h4:e.h4,h5:e.h5,h6:e.h6,h7:e.h7};xn(c,a,n);var v=mt.util.createBuffer();return v.putInt32(c.h0),v.putInt32(c.h1),v.putInt32(c.h2),v.putInt32(c.h3),v.putInt32(c.h4),v.putInt32(c.h5),v.putInt32(c.h6),v.putInt32(c.h7),v},r};var Ea=null,Cn=!1,En=null;function ns(){Ea=String.fromCharCode(128),Ea+=mt.util.fillString(String.fromCharCode(0),64),En=[1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298],Cn=!0}function xn(e,t,a){for(var r,n,s,i,o,u,l,f,c,v,m,y,x,S,A,B=a.length();B>=64;){for(l=0;l<16;++l)t[l]=a.getInt32();for(;l<64;++l)r=t[l-2],r=(r>>>17|r<<15)^(r>>>19|r<<13)^r>>>10,n=t[l-15],n=(n>>>7|n<<25)^(n>>>18|n<<14)^n>>>3,t[l]=r+t[l-7]+n+t[l-16]|0;for(f=e.h0,c=e.h1,v=e.h2,m=e.h3,y=e.h4,x=e.h5,S=e.h6,A=e.h7,l=0;l<64;++l)i=(y>>>6|y<<26)^(y>>>11|y<<21)^(y>>>25|y<<7),o=S^y&(x^S),s=(f>>>2|f<<30)^(f>>>13|f<<19)^(f>>>22|f<<10),u=f&c|v&(f^c),r=A+i+o+En[l]+t[l],n=s+u,A=S,S=x,x=y,y=m+r>>>0,m=v,v=c,c=f,f=r+n>>>0;e.h0=e.h0+f|0,e.h1=e.h1+c|0,e.h2=e.h2+v|0,e.h3=e.h3+m|0,e.h4=e.h4+y|0,e.h5=e.h5+x|0,e.h6=e.h6+S|0,e.h7=e.h7+A|0,B-=64}}var Ct=Y,qr=null;Ct.util.isNodejs&&!Ct.options.usePureJavaScript&&!process.versions["node-webkit"]&&(qr=Ca);var is=Ct.prng=Ct.prng||{};is.create=function(e){for(var t={plugin:e,key:null,seed:null,time:null,reseeds:0,generated:0,keyBytes:""},a=e.md,r=new Array(32),n=0;n<32;++n)r[n]=a.create();t.pools=r,t.pool=0,t.generate=function(l,f){if(!f)return t.generateSync(l);var c=t.plugin.cipher,v=t.plugin.increment,m=t.plugin.formatKey,y=t.plugin.formatSeed,x=Ct.util.createBuffer();t.key=null,S();function S(A){if(A)return f(A);if(x.length()>=l)return f(null,x.getBytes(l));if(t.generated>1048575&&(t.key=null),t.key===null)return Ct.util.nextTick(function(){s(S)});var B=c(t.key,t.seed);t.generated+=B.length,x.putBytes(B),t.key=m(c(t.key,v(t.seed))),t.seed=y(c(t.key,t.seed)),Ct.util.setImmediate(S)}},t.generateSync=function(l){var f=t.plugin.cipher,c=t.plugin.increment,v=t.plugin.formatKey,m=t.plugin.formatSeed;t.key=null;for(var y=Ct.util.createBuffer();y.length()<l;){t.generated>1048575&&(t.key=null),t.key===null&&i();var x=f(t.key,t.seed);t.generated+=x.length,y.putBytes(x),t.key=v(f(t.key,c(t.seed))),t.seed=m(f(t.key,t.seed))}return y.getBytes(l)};function s(l){if(t.pools[0].messageLength>=32)return o(),l();var f=32-t.pools[0].messageLength<<5;t.seedFile(f,function(c,v){if(c)return l(c);t.collect(v),o(),l()})}function i(){if(t.pools[0].messageLength>=32)return o();var l=32-t.pools[0].messageLength<<5;t.collect(t.seedFileSync(l)),o()}function o(){t.reseeds=t.reseeds===4294967295?0:t.reseeds+1;var l=t.plugin.md.create();l.update(t.keyBytes);for(var f=1,c=0;c<32;++c)t.reseeds%f===0&&(l.update(t.pools[c].digest().getBytes()),t.pools[c].start()),f=f<<1;t.keyBytes=l.digest().getBytes(),l.start(),l.update(t.keyBytes);var v=l.digest().getBytes();t.key=t.plugin.formatKey(t.keyBytes),t.seed=t.plugin.formatSeed(v),t.generated=0}function u(l){var f=null,c=Ct.util.globalScope,v=c.crypto||c.msCrypto;v&&v.getRandomValues&&(f=function(D){return v.getRandomValues(D)});var m=Ct.util.createBuffer();if(f)for(;m.length()<l;){var y=Math.max(1,Math.min(l-m.length(),65536)/4),x=new Uint32Array(Math.floor(y));try{f(x);for(var S=0;S<x.length;++S)m.putInt32(x[S])}catch(D){if(!(typeof QuotaExceededError<"u"&&D instanceof QuotaExceededError))throw D}}if(m.length()<l)for(var A,B,N,F=Math.floor(Math.random()*65536);m.length()<l;){B=16807*(F&65535),A=16807*(F>>16),B+=(A&32767)<<16,B+=A>>15,B=(B&2147483647)+(B>>31),F=B&4294967295;for(var S=0;S<3;++S)N=F>>>(S<<3),N^=Math.floor(Math.random()*256),m.putByte(String.fromCharCode(N&255))}return m.getBytes(l)}return qr?(t.seedFile=function(l,f){qr.randomBytes(l,function(c,v){if(c)return f(c);f(null,v.toString())})},t.seedFileSync=function(l){return qr.randomBytes(l).toString()}):(t.seedFile=function(l,f){try{f(null,u(l))}catch(c){f(c)}},t.seedFileSync=u),t.collect=function(l){for(var f=l.length,c=0;c<f;++c)t.pools[t.pool].update(l.substr(c,1)),t.pool=t.pool===31?0:t.pool+1},t.collectInt=function(l,f){for(var c="",v=0;v<f;v+=8)c+=String.fromCharCode(l>>v&255);t.collect(c)},t.registerWorker=function(l){if(l===self)t.seedFile=function(c,v){function m(y){var x=y.data;x.forge&&x.forge.prng&&(self.removeEventListener("message",m),v(x.forge.prng.err,x.forge.prng.bytes))}self.addEventListener("message",m),self.postMessage({forge:{prng:{needed:c}}})};else{var f=function(c){var v=c.data;v.forge&&v.forge.prng&&t.seedFile(v.forge.prng.needed,function(m,y){l.postMessage({forge:{prng:{err:m,bytes:y}}})})};l.addEventListener("message",f)}},t};var _e=Y;(function(){if(_e.random&&_e.random.getBytes){_e.random;return}(function(e){var t={},a=new Array(4),r=_e.util.createBuffer();t.formatKey=function(c){var v=_e.util.createBuffer(c);return c=new Array(4),c[0]=v.getInt32(),c[1]=v.getInt32(),c[2]=v.getInt32(),c[3]=v.getInt32(),_e.aes._expandKey(c,!1)},t.formatSeed=function(c){var v=_e.util.createBuffer(c);return c=new Array(4),c[0]=v.getInt32(),c[1]=v.getInt32(),c[2]=v.getInt32(),c[3]=v.getInt32(),c},t.cipher=function(c,v){return _e.aes._updateBlock(c,v,a,!1),r.putInt32(a[0]),r.putInt32(a[1]),r.putInt32(a[2]),r.putInt32(a[3]),r.getBytes()},t.increment=function(c){return++c[3],c},t.md=_e.md.sha256;function n(){var c=_e.prng.create(t);return c.getBytes=function(v,m){return c.generate(v,m)},c.getBytesSync=function(v){return c.generate(v)},c}var s=n(),i=null,o=_e.util.globalScope,u=o.crypto||o.msCrypto;if(u&&u.getRandomValues&&(i=function(c){return u.getRandomValues(c)}),_e.options.usePureJavaScript||!_e.util.isNodejs&&!i){if(s.collectInt(+new Date,32),typeof navigator<"u"){var l="";for(var f in navigator)try{typeof navigator[f]=="string"&&(l+=navigator[f])}catch{}s.collect(l),l=null}e&&(e().mousemove(function(c){s.collectInt(c.clientX,16),s.collectInt(c.clientY,16)}),e().keypress(function(c){s.collectInt(c.charCode,8)}))}if(!_e.random)_e.random=s;else for(var f in s)_e.random[f]=s[f];_e.random.createInstance=n,_e.random})(typeof jQuery<"u"?jQuery:null)})();var tt=Y,xa=[217,120,249,196,25,221,181,237,40,233,253,121,74,160,216,157,198,126,55,131,43,118,83,142,98,76,100,136,68,139,251,162,23,154,89,245,135,179,79,19,97,69,109,141,9,129,125,50,189,143,64,235,134,183,123,11,240,149,33,34,92,107,78,130,84,214,101,147,206,96,178,28,115,86,192,20,167,140,241,220,18,117,202,31,59,190,228,209,66,61,212,48,163,60,182,38,111,191,14,218,70,105,7,87,39,242,29,155,188,148,67,3,248,17,199,246,144,239,62,231,6,195,213,47,200,102,30,215,8,232,234,222,128,82,238,247,132,170,114,172,53,77,106,42,150,26,210,113,90,21,73,116,75,159,208,94,4,24,164,236,194,224,65,110,15,81,203,204,36,145,175,80,161,244,112,57,153,124,58,133,35,184,180,122,252,2,54,91,37,85,151,49,45,93,250,152,227,138,146,174,5,223,41,16,103,108,186,201,211,0,230,207,225,158,168,44,99,22,1,63,88,226,137,169,13,56,52,27,171,51,255,176,187,72,12,95,185,177,205,46,197,243,219,71,229,165,156,119,10,166,32,104,254,127,193,173],Sn=[1,2,3,5],ss=function(e,t){return e<<t&65535|(e&65535)>>16-t},os=function(e,t){return(e&65535)>>t|e<<16-t&65535};tt.rc2=tt.rc2||{},tt.rc2.expandKey=function(e,t){typeof e=="string"&&(e=tt.util.createBuffer(e)),t=t||128;var a=e,r=e.length(),n=t,s=Math.ceil(n/8),i=255>>(n&7),o;for(o=r;o<128;o++)a.putByte(xa[a.at(o-1)+a.at(o-r)&255]);for(a.setAt(128-s,xa[a.at(128-s)&i]),o=127-s;o>=0;o--)a.setAt(o,xa[a.at(o+1)^a.at(o+s)]);return a};var Tn=function(e,t,a){var r=!1,n=null,s=null,i=null,o,u,l,f,c=[];for(e=tt.rc2.expandKey(e,t),l=0;l<64;l++)c.push(e.getInt16Le());a?(o=function(y){for(l=0;l<4;l++)y[l]+=c[f]+(y[(l+3)%4]&y[(l+2)%4])+(~y[(l+3)%4]&y[(l+1)%4]),y[l]=ss(y[l],Sn[l]),f++},u=function(y){for(l=0;l<4;l++)y[l]+=c[y[(l+3)%4]&63]}):(o=function(y){for(l=3;l>=0;l--)y[l]=os(y[l],Sn[l]),y[l]-=c[f]+(y[(l+3)%4]&y[(l+2)%4])+(~y[(l+3)%4]&y[(l+1)%4]),f--},u=function(y){for(l=3;l>=0;l--)y[l]-=c[y[(l+3)%4]&63]});var v=function(y){var x=[];for(l=0;l<4;l++){var S=n.getInt16Le();i!==null&&(a?S^=i.getInt16Le():i.putInt16Le(S)),x.push(S&65535)}f=a?0:63;for(var A=0;A<y.length;A++)for(var B=0;B<y[A][0];B++)y[A][1](x);for(l=0;l<4;l++)i!==null&&(a?i.putInt16Le(x[l]):x[l]^=i.getInt16Le()),s.putInt16Le(x[l])},m=null;return m={start:function(y,x){y&&typeof y=="string"&&(y=tt.util.createBuffer(y)),r=!1,n=tt.util.createBuffer(),s=x||new tt.util.createBuffer,i=y,m.output=s},update:function(y){for(r||n.putBuffer(y);n.length()>=8;)v([[5,o],[1,u],[6,o],[1,u],[5,o]])},finish:function(y){var x=!0;if(a)if(y)x=y(8,n,!a);else{var S=n.length()===8?8:8-n.length();n.fillWithByte(S,S)}if(x&&(r=!0,m.update()),!a&&(x=n.length()===0,x))if(y)x=y(8,s,!a);else{var A=s.length(),B=s.at(A-1);B>A?x=!1:s.truncate(B)}return x}},m};tt.rc2.startEncrypting=function(e,t,a){var r=tt.rc2.createEncryptionCipher(e,128);return r.start(t,a),r},tt.rc2.createEncryptionCipher=function(e,t){return Tn(e,t,!0)},tt.rc2.startDecrypting=function(e,t,a){var r=tt.rc2.createDecryptionCipher(e,128);return r.start(t,a),r},tt.rc2.createDecryptionCipher=function(e,t){return Tn(e,t,!1)};var Sa=Y;Sa.jsbn=Sa.jsbn||{};var Bt;function b(e,t,a){this.data=[],e!=null&&(typeof e=="number"?this.fromNumber(e,t,a):t==null&&typeof e!="string"?this.fromString(e,256):this.fromString(e,t))}Sa.jsbn.BigInteger=b;function te(){return new b(null)}function us(e,t,a,r,n,s){for(;--s>=0;){var i=t*this.data[e++]+a.data[r]+n;n=Math.floor(i/67108864),a.data[r++]=i&67108863}return n}function ls(e,t,a,r,n,s){for(var i=t&32767,o=t>>15;--s>=0;){var u=this.data[e]&32767,l=this.data[e++]>>15,f=o*u+l*i;u=i*u+((f&32767)<<15)+a.data[r]+(n&1073741823),n=(u>>>30)+(f>>>15)+o*l+(n>>>30),a.data[r++]=u&1073741823}return n}function An(e,t,a,r,n,s){for(var i=t&16383,o=t>>14;--s>=0;){var u=this.data[e]&16383,l=this.data[e++]>>14,f=o*u+l*i;u=i*u+((f&16383)<<14)+a.data[r]+n,n=(u>>28)+(f>>14)+o*l,a.data[r++]=u&268435455}return n}typeof navigator>"u"?(b.prototype.am=An,Bt=28):navigator.appName=="Microsoft Internet Explorer"?(b.prototype.am=ls,Bt=30):navigator.appName!="Netscape"?(b.prototype.am=us,Bt=26):(b.prototype.am=An,Bt=28),b.prototype.DB=Bt,b.prototype.DM=(1<<Bt)-1,b.prototype.DV=1<<Bt;var Ta=52;b.prototype.FV=Math.pow(2,Ta),b.prototype.F1=Ta-Bt,b.prototype.F2=2*Bt-Ta;var fs="0123456789abcdefghijklmnopqrstuvwxyz",Gr=new Array,nr,ut;for(nr="0".charCodeAt(0),ut=0;ut<=9;++ut)Gr[nr++]=ut;for(nr="a".charCodeAt(0),ut=10;ut<36;++ut)Gr[nr++]=ut;for(nr="A".charCodeAt(0),ut=10;ut<36;++ut)Gr[nr++]=ut;function In(e){return fs.charAt(e)}function Bn(e,t){var a=Gr[e.charCodeAt(t)];return a==null?-1:a}function cs(e){for(var t=this.t-1;t>=0;--t)e.data[t]=this.data[t];e.t=this.t,e.s=this.s}function hs(e){this.t=1,this.s=e<0?-1:0,e>0?this.data[0]=e:e<-1?this.data[0]=e+this.DV:this.t=0}function wt(e){var t=te();return t.fromInt(e),t}function ds(e,t){var a;if(t==16)a=4;else if(t==8)a=3;else if(t==256)a=8;else if(t==2)a=1;else if(t==32)a=5;else if(t==4)a=2;else{this.fromRadix(e,t);return}this.t=0,this.s=0;for(var r=e.length,n=!1,s=0;--r>=0;){var i=a==8?e[r]&255:Bn(e,r);if(i<0){e.charAt(r)=="-"&&(n=!0);continue}n=!1,s==0?this.data[this.t++]=i:s+a>this.DB?(this.data[this.t-1]|=(i&(1<<this.DB-s)-1)<<s,this.data[this.t++]=i>>this.DB-s):this.data[this.t-1]|=i<<s,s+=a,s>=this.DB&&(s-=this.DB)}a==8&&(e[0]&128)!=0&&(this.s=-1,s>0&&(this.data[this.t-1]|=(1<<this.DB-s)-1<<s)),this.clamp(),n&&b.ZERO.subTo(this,this)}function ps(){for(var e=this.s&this.DM;this.t>0&&this.data[this.t-1]==e;)--this.t}function vs(e){if(this.s<0)return"-"+this.negate().toString(e);var t;if(e==16)t=4;else if(e==8)t=3;else if(e==2)t=1;else if(e==32)t=5;else if(e==4)t=2;else return this.toRadix(e);var a=(1<<t)-1,r,n=!1,s="",i=this.t,o=this.DB-i*this.DB%t;if(i-- >0)for(o<this.DB&&(r=this.data[i]>>o)>0&&(n=!0,s=In(r));i>=0;)o<t?(r=(this.data[i]&(1<<o)-1)<<t-o,r|=this.data[--i]>>(o+=this.DB-t)):(r=this.data[i]>>(o-=t)&a,o<=0&&(o+=this.DB,--i)),r>0&&(n=!0),n&&(s+=In(r));return n?s:"0"}function ys(){var e=te();return b.ZERO.subTo(this,e),e}function gs(){return this.s<0?this.negate():this}function ms(e){var t=this.s-e.s;if(t!=0)return t;var a=this.t;if(t=a-e.t,t!=0)return this.s<0?-t:t;for(;--a>=0;)if((t=this.data[a]-e.data[a])!=0)return t;return 0}function Qr(e){var t=1,a;return(a=e>>>16)!=0&&(e=a,t+=16),(a=e>>8)!=0&&(e=a,t+=8),(a=e>>4)!=0&&(e=a,t+=4),(a=e>>2)!=0&&(e=a,t+=2),(a=e>>1)!=0&&(e=a,t+=1),t}function Cs(){return this.t<=0?0:this.DB*(this.t-1)+Qr(this.data[this.t-1]^this.s&this.DM)}function Es(e,t){var a;for(a=this.t-1;a>=0;--a)t.data[a+e]=this.data[a];for(a=e-1;a>=0;--a)t.data[a]=0;t.t=this.t+e,t.s=this.s}function xs(e,t){for(var a=e;a<this.t;++a)t.data[a-e]=this.data[a];t.t=Math.max(this.t-e,0),t.s=this.s}function Ss(e,t){var a=e%this.DB,r=this.DB-a,n=(1<<r)-1,s=Math.floor(e/this.DB),i=this.s<<a&this.DM,o;for(o=this.t-1;o>=0;--o)t.data[o+s+1]=this.data[o]>>r|i,i=(this.data[o]&n)<<a;for(o=s-1;o>=0;--o)t.data[o]=0;t.data[s]=i,t.t=this.t+s+1,t.s=this.s,t.clamp()}function Ts(e,t){t.s=this.s;var a=Math.floor(e/this.DB);if(a>=this.t){t.t=0;return}var r=e%this.DB,n=this.DB-r,s=(1<<r)-1;t.data[0]=this.data[a]>>r;for(var i=a+1;i<this.t;++i)t.data[i-a-1]|=(this.data[i]&s)<<n,t.data[i-a]=this.data[i]>>r;r>0&&(t.data[this.t-a-1]|=(this.s&s)<<n),t.t=this.t-a,t.clamp()}function As(e,t){for(var a=0,r=0,n=Math.min(e.t,this.t);a<n;)r+=this.data[a]-e.data[a],t.data[a++]=r&this.DM,r>>=this.DB;if(e.t<this.t){for(r-=e.s;a<this.t;)r+=this.data[a],t.data[a++]=r&this.DM,r>>=this.DB;r+=this.s}else{for(r+=this.s;a<e.t;)r-=e.data[a],t.data[a++]=r&this.DM,r>>=this.DB;r-=e.s}t.s=r<0?-1:0,r<-1?t.data[a++]=this.DV+r:r>0&&(t.data[a++]=r),t.t=a,t.clamp()}function Is(e,t){var a=this.abs(),r=e.abs(),n=a.t;for(t.t=n+r.t;--n>=0;)t.data[n]=0;for(n=0;n<r.t;++n)t.data[n+a.t]=a.am(0,r.data[n],t,n,0,a.t);t.s=0,t.clamp(),this.s!=e.s&&b.ZERO.subTo(t,t)}function Bs(e){for(var t=this.abs(),a=e.t=2*t.t;--a>=0;)e.data[a]=0;for(a=0;a<t.t-1;++a){var r=t.am(a,t.data[a],e,2*a,0,1);(e.data[a+t.t]+=t.am(a+1,2*t.data[a],e,2*a+1,r,t.t-a-1))>=t.DV&&(e.data[a+t.t]-=t.DV,e.data[a+t.t+1]=1)}e.t>0&&(e.data[e.t-1]+=t.am(a,t.data[a],e,2*a,0,1)),e.s=0,e.clamp()}function bs(e,t,a){var r=e.abs();if(!(r.t<=0)){var n=this.abs();if(n.t<r.t){t!=null&&t.fromInt(0),a!=null&&this.copyTo(a);return}a==null&&(a=te());var s=te(),i=this.s,o=e.s,u=this.DB-Qr(r.data[r.t-1]);u>0?(r.lShiftTo(u,s),n.lShiftTo(u,a)):(r.copyTo(s),n.copyTo(a));var l=s.t,f=s.data[l-1];if(f!=0){var c=f*(1<<this.F1)+(l>1?s.data[l-2]>>this.F2:0),v=this.FV/c,m=(1<<this.F1)/c,y=1<<this.F2,x=a.t,S=x-l,A=t==null?te():t;for(s.dlShiftTo(S,A),a.compareTo(A)>=0&&(a.data[a.t++]=1,a.subTo(A,a)),b.ONE.dlShiftTo(l,A),A.subTo(s,s);s.t<l;)s.data[s.t++]=0;for(;--S>=0;){var B=a.data[--x]==f?this.DM:Math.floor(a.data[x]*v+(a.data[x-1]+y)*m);if((a.data[x]+=s.am(0,B,a,S,0,l))<B)for(s.dlShiftTo(S,A),a.subTo(A,a);a.data[x]<--B;)a.subTo(A,a)}t!=null&&(a.drShiftTo(l,t),i!=o&&b.ZERO.subTo(t,t)),a.t=l,a.clamp(),u>0&&a.rShiftTo(u,a),i<0&&b.ZERO.subTo(a,a)}}}function _s(e){var t=te();return this.abs().divRemTo(e,null,t),this.s<0&&t.compareTo(b.ZERO)>0&&e.subTo(t,t),t}function Gt(e){this.m=e}function Ns(e){return e.s<0||e.compareTo(this.m)>=0?e.mod(this.m):e}function ws(e){return e}function Rs(e){e.divRemTo(this.m,null,e)}function Ls(e,t,a){e.multiplyTo(t,a),this.reduce(a)}function Ds(e,t){e.squareTo(t),this.reduce(t)}Gt.prototype.convert=Ns,Gt.prototype.revert=ws,Gt.prototype.reduce=Rs,Gt.prototype.mulTo=Ls,Gt.prototype.sqrTo=Ds;function ks(){if(this.t<1)return 0;var e=this.data[0];if((e&1)==0)return 0;var t=e&3;return t=t*(2-(e&15)*t)&15,t=t*(2-(e&255)*t)&255,t=t*(2-((e&65535)*t&65535))&65535,t=t*(2-e*t%this.DV)%this.DV,t>0?this.DV-t:-t}function Qt(e){this.m=e,this.mp=e.invDigit(),this.mpl=this.mp&32767,this.mph=this.mp>>15,this.um=(1<<e.DB-15)-1,this.mt2=2*e.t}function Us(e){var t=te();return e.abs().dlShiftTo(this.m.t,t),t.divRemTo(this.m,null,t),e.s<0&&t.compareTo(b.ZERO)>0&&this.m.subTo(t,t),t}function Ps(e){var t=te();return e.copyTo(t),this.reduce(t),t}function Vs(e){for(;e.t<=this.mt2;)e.data[e.t++]=0;for(var t=0;t<this.m.t;++t){var a=e.data[t]&32767,r=a*this.mpl+((a*this.mph+(e.data[t]>>15)*this.mpl&this.um)<<15)&e.DM;for(a=t+this.m.t,e.data[a]+=this.m.am(0,r,e,t,0,this.m.t);e.data[a]>=e.DV;)e.data[a]-=e.DV,e.data[++a]++}e.clamp(),e.drShiftTo(this.m.t,e),e.compareTo(this.m)>=0&&e.subTo(this.m,e)}function Fs(e,t){e.squareTo(t),this.reduce(t)}function Os(e,t,a){e.multiplyTo(t,a),this.reduce(a)}Qt.prototype.convert=Us,Qt.prototype.revert=Ps,Qt.prototype.reduce=Vs,Qt.prototype.mulTo=Os,Qt.prototype.sqrTo=Fs;function Ks(){return(this.t>0?this.data[0]&1:this.s)==0}function Ms(e,t){if(e>4294967295||e<1)return b.ONE;var a=te(),r=te(),n=t.convert(this),s=Qr(e)-1;for(n.copyTo(a);--s>=0;)if(t.sqrTo(a,r),(e&1<<s)>0)t.mulTo(r,n,a);else{var i=a;a=r,r=i}return t.revert(a)}function Hs(e,t){var a;return e<256||t.isEven()?a=new Gt(t):a=new Qt(t),this.exp(e,a)}b.prototype.copyTo=cs,b.prototype.fromInt=hs,b.prototype.fromString=ds,b.prototype.clamp=ps,b.prototype.dlShiftTo=Es,b.prototype.drShiftTo=xs,b.prototype.lShiftTo=Ss,b.prototype.rShiftTo=Ts,b.prototype.subTo=As,b.prototype.multiplyTo=Is,b.prototype.squareTo=Bs,b.prototype.divRemTo=bs,b.prototype.invDigit=ks,b.prototype.isEven=Ks,b.prototype.exp=Ms,b.prototype.toString=vs,b.prototype.negate=ys,b.prototype.abs=gs,b.prototype.compareTo=ms,b.prototype.bitLength=Cs,b.prototype.mod=_s,b.prototype.modPowInt=Hs,b.ZERO=wt(0),b.ONE=wt(1);function qs(){var e=te();return this.copyTo(e),e}function Gs(){if(this.s<0){if(this.t==1)return this.data[0]-this.DV;if(this.t==0)return-1}else{if(this.t==1)return this.data[0];if(this.t==0)return 0}return(this.data[1]&(1<<32-this.DB)-1)<<this.DB|this.data[0]}function Qs(){return this.t==0?this.s:this.data[0]<<24>>24}function zs(){return this.t==0?this.s:this.data[0]<<16>>16}function Ys(e){return Math.floor(Math.LN2*this.DB/Math.log(e))}function Ws(){return this.s<0?-1:this.t<=0||this.t==1&&this.data[0]<=0?0:1}function js(e){if(e==null&&(e=10),this.signum()==0||e<2||e>36)return"0";var t=this.chunkSize(e),a=Math.pow(e,t),r=wt(a),n=te(),s=te(),i="";for(this.divRemTo(r,n,s);n.signum()>0;)i=(a+s.intValue()).toString(e).substr(1)+i,n.divRemTo(r,n,s);return s.intValue().toString(e)+i}function Xs(e,t){this.fromInt(0),t==null&&(t=10);for(var a=this.chunkSize(t),r=Math.pow(t,a),n=!1,s=0,i=0,o=0;o<e.length;++o){var u=Bn(e,o);if(u<0){e.charAt(o)=="-"&&this.signum()==0&&(n=!0);continue}i=t*i+u,++s>=a&&(this.dMultiply(r),this.dAddOffset(i,0),s=0,i=0)}s>0&&(this.dMultiply(Math.pow(t,s)),this.dAddOffset(i,0)),n&&b.ZERO.subTo(this,this)}function $s(e,t,a){if(typeof t=="number")if(e<2)this.fromInt(1);else for(this.fromNumber(e,a),this.testBit(e-1)||this.bitwiseTo(b.ONE.shiftLeft(e-1),Aa,this),this.isEven()&&this.dAddOffset(1,0);!this.isProbablePrime(t);)this.dAddOffset(2,0),this.bitLength()>e&&this.subTo(b.ONE.shiftLeft(e-1),this);else{var r=new Array,n=e&7;r.length=(e>>3)+1,t.nextBytes(r),n>0?r[0]&=(1<<n)-1:r[0]=0,this.fromString(r,256)}}function Zs(){var e=this.t,t=new Array;t[0]=this.s;var a=this.DB-e*this.DB%8,r,n=0;if(e-- >0)for(a<this.DB&&(r=this.data[e]>>a)!=(this.s&this.DM)>>a&&(t[n++]=r|this.s<<this.DB-a);e>=0;)a<8?(r=(this.data[e]&(1<<a)-1)<<8-a,r|=this.data[--e]>>(a+=this.DB-8)):(r=this.data[e]>>(a-=8)&255,a<=0&&(a+=this.DB,--e)),(r&128)!=0&&(r|=-256),n==0&&(this.s&128)!=(r&128)&&++n,(n>0||r!=this.s)&&(t[n++]=r);return t}function Js(e){return this.compareTo(e)==0}function eo(e){return this.compareTo(e)<0?this:e}function to(e){return this.compareTo(e)>0?this:e}function ro(e,t,a){var r,n,s=Math.min(e.t,this.t);for(r=0;r<s;++r)a.data[r]=t(this.data[r],e.data[r]);if(e.t<this.t){for(n=e.s&this.DM,r=s;r<this.t;++r)a.data[r]=t(this.data[r],n);a.t=this.t}else{for(n=this.s&this.DM,r=s;r<e.t;++r)a.data[r]=t(n,e.data[r]);a.t=e.t}a.s=t(this.s,e.s),a.clamp()}function ao(e,t){return e&t}function no(e){var t=te();return this.bitwiseTo(e,ao,t),t}function Aa(e,t){return e|t}function io(e){var t=te();return this.bitwiseTo(e,Aa,t),t}function bn(e,t){return e^t}function so(e){var t=te();return this.bitwiseTo(e,bn,t),t}function _n(e,t){return e&~t}function oo(e){var t=te();return this.bitwiseTo(e,_n,t),t}function uo(){for(var e=te(),t=0;t<this.t;++t)e.data[t]=this.DM&~this.data[t];return e.t=this.t,e.s=~this.s,e}function lo(e){var t=te();return e<0?this.rShiftTo(-e,t):this.lShiftTo(e,t),t}function fo(e){var t=te();return e<0?this.lShiftTo(-e,t):this.rShiftTo(e,t),t}function co(e){if(e==0)return-1;var t=0;return(e&65535)==0&&(e>>=16,t+=16),(e&255)==0&&(e>>=8,t+=8),(e&15)==0&&(e>>=4,t+=4),(e&3)==0&&(e>>=2,t+=2),(e&1)==0&&++t,t}function ho(){for(var e=0;e<this.t;++e)if(this.data[e]!=0)return e*this.DB+co(this.data[e]);return this.s<0?this.t*this.DB:-1}function po(e){for(var t=0;e!=0;)e&=e-1,++t;return t}function vo(){for(var e=0,t=this.s&this.DM,a=0;a<this.t;++a)e+=po(this.data[a]^t);return e}function yo(e){var t=Math.floor(e/this.DB);return t>=this.t?this.s!=0:(this.data[t]&1<<e%this.DB)!=0}function go(e,t){var a=b.ONE.shiftLeft(e);return this.bitwiseTo(a,t,a),a}function mo(e){return this.changeBit(e,Aa)}function Co(e){return this.changeBit(e,_n)}function Eo(e){return this.changeBit(e,bn)}function xo(e,t){for(var a=0,r=0,n=Math.min(e.t,this.t);a<n;)r+=this.data[a]+e.data[a],t.data[a++]=r&this.DM,r>>=this.DB;if(e.t<this.t){for(r+=e.s;a<this.t;)r+=this.data[a],t.data[a++]=r&this.DM,r>>=this.DB;r+=this.s}else{for(r+=this.s;a<e.t;)r+=e.data[a],t.data[a++]=r&this.DM,r>>=this.DB;r+=e.s}t.s=r<0?-1:0,r>0?t.data[a++]=r:r<-1&&(t.data[a++]=this.DV+r),t.t=a,t.clamp()}function So(e){var t=te();return this.addTo(e,t),t}function To(e){var t=te();return this.subTo(e,t),t}function Ao(e){var t=te();return this.multiplyTo(e,t),t}function Io(e){var t=te();return this.divRemTo(e,t,null),t}function Bo(e){var t=te();return this.divRemTo(e,null,t),t}function bo(e){var t=te(),a=te();return this.divRemTo(e,t,a),new Array(t,a)}function _o(e){this.data[this.t]=this.am(0,e-1,this,0,0,this.t),++this.t,this.clamp()}function No(e,t){if(e!=0){for(;this.t<=t;)this.data[this.t++]=0;for(this.data[t]+=e;this.data[t]>=this.DV;)this.data[t]-=this.DV,++t>=this.t&&(this.data[this.t++]=0),++this.data[t]}}function Sr(){}function Nn(e){return e}function wo(e,t,a){e.multiplyTo(t,a)}function Ro(e,t){e.squareTo(t)}Sr.prototype.convert=Nn,Sr.prototype.revert=Nn,Sr.prototype.mulTo=wo,Sr.prototype.sqrTo=Ro;function Lo(e){return this.exp(e,new Sr)}function Do(e,t,a){var r=Math.min(this.t+e.t,t);for(a.s=0,a.t=r;r>0;)a.data[--r]=0;var n;for(n=a.t-this.t;r<n;++r)a.data[r+this.t]=this.am(0,e.data[r],a,r,0,this.t);for(n=Math.min(e.t,t);r<n;++r)this.am(0,e.data[r],a,r,0,t-r);a.clamp()}function ko(e,t,a){--t;var r=a.t=this.t+e.t-t;for(a.s=0;--r>=0;)a.data[r]=0;for(r=Math.max(t-this.t,0);r<e.t;++r)a.data[this.t+r-t]=this.am(t-r,e.data[r],a,0,0,this.t+r-t);a.clamp(),a.drShiftTo(1,a)}function ir(e){this.r2=te(),this.q3=te(),b.ONE.dlShiftTo(2*e.t,this.r2),this.mu=this.r2.divide(e),this.m=e}function Uo(e){if(e.s<0||e.t>2*this.m.t)return e.mod(this.m);if(e.compareTo(this.m)<0)return e;var t=te();return e.copyTo(t),this.reduce(t),t}function Po(e){return e}function Vo(e){for(e.drShiftTo(this.m.t-1,this.r2),e.t>this.m.t+1&&(e.t=this.m.t+1,e.clamp()),this.mu.multiplyUpperTo(this.r2,this.m.t+1,this.q3),this.m.multiplyLowerTo(this.q3,this.m.t+1,this.r2);e.compareTo(this.r2)<0;)e.dAddOffset(1,this.m.t+1);for(e.subTo(this.r2,e);e.compareTo(this.m)>=0;)e.subTo(this.m,e)}function Fo(e,t){e.squareTo(t),this.reduce(t)}function Oo(e,t,a){e.multiplyTo(t,a),this.reduce(a)}ir.prototype.convert=Uo,ir.prototype.revert=Po,ir.prototype.reduce=Vo,ir.prototype.mulTo=Oo,ir.prototype.sqrTo=Fo;function Ko(e,t){var a=e.bitLength(),r,n=wt(1),s;if(a<=0)return n;a<18?r=1:a<48?r=3:a<144?r=4:a<768?r=5:r=6,a<8?s=new Gt(t):t.isEven()?s=new ir(t):s=new Qt(t);var i=new Array,o=3,u=r-1,l=(1<<r)-1;if(i[1]=s.convert(this),r>1){var f=te();for(s.sqrTo(i[1],f);o<=l;)i[o]=te(),s.mulTo(f,i[o-2],i[o]),o+=2}var c=e.t-1,v,m=!0,y=te(),x;for(a=Qr(e.data[c])-1;c>=0;){for(a>=u?v=e.data[c]>>a-u&l:(v=(e.data[c]&(1<<a+1)-1)<<u-a,c>0&&(v|=e.data[c-1]>>this.DB+a-u)),o=r;(v&1)==0;)v>>=1,--o;if((a-=o)<0&&(a+=this.DB,--c),m)i[v].copyTo(n),m=!1;else{for(;o>1;)s.sqrTo(n,y),s.sqrTo(y,n),o-=2;o>0?s.sqrTo(n,y):(x=n,n=y,y=x),s.mulTo(y,i[v],n)}for(;c>=0&&(e.data[c]&1<<a)==0;)s.sqrTo(n,y),x=n,n=y,y=x,--a<0&&(a=this.DB-1,--c)}return s.revert(n)}function Mo(e){var t=this.s<0?this.negate():this.clone(),a=e.s<0?e.negate():e.clone();if(t.compareTo(a)<0){var r=t;t=a,a=r}var n=t.getLowestSetBit(),s=a.getLowestSetBit();if(s<0)return t;for(n<s&&(s=n),s>0&&(t.rShiftTo(s,t),a.rShiftTo(s,a));t.signum()>0;)(n=t.getLowestSetBit())>0&&t.rShiftTo(n,t),(n=a.getLowestSetBit())>0&&a.rShiftTo(n,a),t.compareTo(a)>=0?(t.subTo(a,t),t.rShiftTo(1,t)):(a.subTo(t,a),a.rShiftTo(1,a));return s>0&&a.lShiftTo(s,a),a}function Ho(e){if(e<=0)return 0;var t=this.DV%e,a=this.s<0?e-1:0;if(this.t>0)if(t==0)a=this.data[0]%e;else for(var r=this.t-1;r>=0;--r)a=(t*a+this.data[r])%e;return a}function qo(e){var t=e.isEven();if(this.isEven()&&t||e.signum()==0)return b.ZERO;for(var a=e.clone(),r=this.clone(),n=wt(1),s=wt(0),i=wt(0),o=wt(1);a.signum()!=0;){for(;a.isEven();)a.rShiftTo(1,a),t?((!n.isEven()||!s.isEven())&&(n.addTo(this,n),s.subTo(e,s)),n.rShiftTo(1,n)):s.isEven()||s.subTo(e,s),s.rShiftTo(1,s);for(;r.isEven();)r.rShiftTo(1,r),t?((!i.isEven()||!o.isEven())&&(i.addTo(this,i),o.subTo(e,o)),i.rShiftTo(1,i)):o.isEven()||o.subTo(e,o),o.rShiftTo(1,o);a.compareTo(r)>=0?(a.subTo(r,a),t&&n.subTo(i,n),s.subTo(o,s)):(r.subTo(a,r),t&&i.subTo(n,i),o.subTo(s,o))}if(r.compareTo(b.ONE)!=0)return b.ZERO;if(o.compareTo(e)>=0)return o.subtract(e);if(o.signum()<0)o.addTo(e,o);else return o;return o.signum()<0?o.add(e):o}var vt=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509],Go=(1<<26)/vt[vt.length-1];function Qo(e){var t,a=this.abs();if(a.t==1&&a.data[0]<=vt[vt.length-1]){for(t=0;t<vt.length;++t)if(a.data[0]==vt[t])return!0;return!1}if(a.isEven())return!1;for(t=1;t<vt.length;){for(var r=vt[t],n=t+1;n<vt.length&&r<Go;)r*=vt[n++];for(r=a.modInt(r);t<n;)if(r%vt[t++]==0)return!1}return a.millerRabin(e)}function zo(e){var t=this.subtract(b.ONE),a=t.getLowestSetBit();if(a<=0)return!1;for(var r=t.shiftRight(a),n=Yo(),s,i=0;i<e;++i){do s=new b(this.bitLength(),n);while(s.compareTo(b.ONE)<=0||s.compareTo(t)>=0);var o=s.modPow(r,this);if(o.compareTo(b.ONE)!=0&&o.compareTo(t)!=0){for(var u=1;u++<a&&o.compareTo(t)!=0;)if(o=o.modPowInt(2,this),o.compareTo(b.ONE)==0)return!1;if(o.compareTo(t)!=0)return!1}}return!0}function Yo(){return{nextBytes:function(e){for(var t=0;t<e.length;++t)e[t]=Math.floor(Math.random()*256)}}}b.prototype.chunkSize=Ys,b.prototype.toRadix=js,b.prototype.fromRadix=Xs,b.prototype.fromNumber=$s,b.prototype.bitwiseTo=ro,b.prototype.changeBit=go,b.prototype.addTo=xo,b.prototype.dMultiply=_o,b.prototype.dAddOffset=No,b.prototype.multiplyLowerTo=Do,b.prototype.multiplyUpperTo=ko,b.prototype.modInt=Ho,b.prototype.millerRabin=zo,b.prototype.clone=qs,b.prototype.intValue=Gs,b.prototype.byteValue=Qs,b.prototype.shortValue=zs,b.prototype.signum=Ws,b.prototype.toByteArray=Zs,b.prototype.equals=Js,b.prototype.min=eo,b.prototype.max=to,b.prototype.and=no,b.prototype.or=io,b.prototype.xor=so,b.prototype.andNot=oo,b.prototype.not=uo,b.prototype.shiftLeft=lo,b.prototype.shiftRight=fo,b.prototype.getLowestSetBit=ho,b.prototype.bitCount=vo,b.prototype.testBit=yo,b.prototype.setBit=mo,b.prototype.clearBit=Co,b.prototype.flipBit=Eo,b.prototype.add=So,b.prototype.subtract=To,b.prototype.multiply=Ao,b.prototype.divide=Io,b.prototype.remainder=Bo,b.prototype.divideAndRemainder=bo,b.prototype.modPow=Ko,b.prototype.modInverse=qo,b.prototype.pow=Lo,b.prototype.gcd=Mo,b.prototype.isProbablePrime=Qo;var Et=Y,wn=Et.sha1=Et.sha1||{};Et.md.sha1=Et.md.algorithms.sha1=wn,wn.create=function(){Rn||Wo();var e=null,t=Et.util.createBuffer(),a=new Array(80),r={algorithm:"sha1",blockLength:64,digestLength:20,messageLength:0,fullMessageLength:null,messageLengthSize:8};return r.start=function(){r.messageLength=0,r.fullMessageLength=r.messageLength64=[];for(var n=r.messageLengthSize/4,s=0;s<n;++s)r.fullMessageLength.push(0);return t=Et.util.createBuffer(),e={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878,h4:3285377520},r},r.start(),r.update=function(n,s){s==="utf8"&&(n=Et.util.encodeUtf8(n));var i=n.length;r.messageLength+=i,i=[i/4294967296>>>0,i>>>0];for(var o=r.fullMessageLength.length-1;o>=0;--o)r.fullMessageLength[o]+=i[1],i[1]=i[0]+(r.fullMessageLength[o]/4294967296>>>0),r.fullMessageLength[o]=r.fullMessageLength[o]>>>0,i[0]=i[1]/4294967296>>>0;return t.putBytes(n),Ln(e,a,t),(t.read>2048||t.length()===0)&&t.compact(),r},r.digest=function(){var n=Et.util.createBuffer();n.putBytes(t.bytes());var s=r.fullMessageLength[r.fullMessageLength.length-1]+r.messageLengthSize,i=s&r.blockLength-1;n.putBytes(Ia.substr(0,r.blockLength-i));for(var o,u,l=r.fullMessageLength[0]*8,f=0;f<r.fullMessageLength.length-1;++f)o=r.fullMessageLength[f+1]*8,u=o/4294967296>>>0,l+=u,n.putInt32(l>>>0),l=o>>>0;n.putInt32(l);var c={h0:e.h0,h1:e.h1,h2:e.h2,h3:e.h3,h4:e.h4};Ln(c,a,n);var v=Et.util.createBuffer();return v.putInt32(c.h0),v.putInt32(c.h1),v.putInt32(c.h2),v.putInt32(c.h3),v.putInt32(c.h4),v},r};var Ia=null,Rn=!1;function Wo(){Ia=String.fromCharCode(128),Ia+=Et.util.fillString(String.fromCharCode(0),64),Rn=!0}function Ln(e,t,a){for(var r,n,s,i,o,u,l,f,c=a.length();c>=64;){for(n=e.h0,s=e.h1,i=e.h2,o=e.h3,u=e.h4,f=0;f<16;++f)r=a.getInt32(),t[f]=r,l=o^s&(i^o),r=(n<<5|n>>>27)+l+u+1518500249+r,u=o,o=i,i=(s<<30|s>>>2)>>>0,s=n,n=r;for(;f<20;++f)r=t[f-3]^t[f-8]^t[f-14]^t[f-16],r=r<<1|r>>>31,t[f]=r,l=o^s&(i^o),r=(n<<5|n>>>27)+l+u+1518500249+r,u=o,o=i,i=(s<<30|s>>>2)>>>0,s=n,n=r;for(;f<32;++f)r=t[f-3]^t[f-8]^t[f-14]^t[f-16],r=r<<1|r>>>31,t[f]=r,l=s^i^o,r=(n<<5|n>>>27)+l+u+1859775393+r,u=o,o=i,i=(s<<30|s>>>2)>>>0,s=n,n=r;for(;f<40;++f)r=t[f-6]^t[f-16]^t[f-28]^t[f-32],r=r<<2|r>>>30,t[f]=r,l=s^i^o,r=(n<<5|n>>>27)+l+u+1859775393+r,u=o,o=i,i=(s<<30|s>>>2)>>>0,s=n,n=r;for(;f<60;++f)r=t[f-6]^t[f-16]^t[f-28]^t[f-32],r=r<<2|r>>>30,t[f]=r,l=s&i|o&(s^i),r=(n<<5|n>>>27)+l+u+2400959708+r,u=o,o=i,i=(s<<30|s>>>2)>>>0,s=n,n=r;for(;f<80;++f)r=t[f-6]^t[f-16]^t[f-28]^t[f-32],r=r<<2|r>>>30,t[f]=r,l=s^i^o,r=(n<<5|n>>>27)+l+u+3395469782+r,u=o,o=i,i=(s<<30|s>>>2)>>>0,s=n,n=r;e.h0=e.h0+n|0,e.h1=e.h1+s|0,e.h2=e.h2+i|0,e.h3=e.h3+o|0,e.h4=e.h4+u|0,c-=64}}var xt=Y,Dn=xt.pkcs1=xt.pkcs1||{};Dn.encode_rsa_oaep=function(e,t,a){var r,n,s,i;typeof a=="string"?(r=a,n=arguments[3]||void 0,s=arguments[4]||void 0):a&&(r=a.label||void 0,n=a.seed||void 0,s=a.md||void 0,a.mgf1&&a.mgf1.md&&(i=a.mgf1.md)),s?s.start():s=xt.md.sha1.create(),i||(i=s);var o=Math.ceil(e.n.bitLength()/8),u=o-2*s.digestLength-2;if(t.length>u){var l=new Error("RSAES-OAEP input message length is too long.");throw l.length=t.length,l.maxLength=u,l}r||(r=""),s.update(r,"raw");for(var f=s.digest(),c="",v=u-t.length,m=0;m<v;m++)c+="\0";var y=f.getBytes()+c+""+t;if(!n)n=xt.random.getBytes(s.digestLength);else if(n.length!==s.digestLength){var l=new Error("Invalid RSAES-OAEP seed. The seed length must match the digest length.");throw l.seedLength=n.length,l.digestLength=s.digestLength,l}var x=zr(n,o-s.digestLength-1,i),S=xt.util.xorBytes(y,x,y.length),A=zr(S,s.digestLength,i),B=xt.util.xorBytes(n,A,n.length);return"\0"+B+S},Dn.decode_rsa_oaep=function(e,t,a){var r,n,s;typeof a=="string"?(r=a,n=arguments[3]||void 0):a&&(r=a.label||void 0,n=a.md||void 0,a.mgf1&&a.mgf1.md&&(s=a.mgf1.md));var i=Math.ceil(e.n.bitLength()/8);if(t.length!==i){var S=new Error("RSAES-OAEP encoded message length is invalid.");throw S.length=t.length,S.expectedLength=i,S}if(n===void 0?n=xt.md.sha1.create():n.start(),s||(s=n),i<2*n.digestLength+2)throw new Error("RSAES-OAEP key is too short for the hash function.");r||(r=""),n.update(r,"raw");for(var o=n.digest().getBytes(),u=t.charAt(0),l=t.substring(1,n.digestLength+1),f=t.substring(1+n.digestLength),c=zr(f,n.digestLength,s),v=xt.util.xorBytes(l,c,l.length),m=zr(v,i-n.digestLength-1,s),y=xt.util.xorBytes(f,m,f.length),x=y.substring(0,n.digestLength),S=u!=="\0",A=0;A<n.digestLength;++A)S|=o.charAt(A)!==x.charAt(A);for(var B=1,N=n.digestLength,F=n.digestLength;F<y.length;F++){var D=y.charCodeAt(F),R=D&1^1,z=B?65534:0;S|=D&z,B=B&R,N+=B}if(S||y.charCodeAt(N)!==1)throw new Error("Invalid RSAES-OAEP padding.");return y.substring(N+1)};function zr(e,t,a){a||(a=xt.md.sha1.create());for(var r="",n=Math.ceil(t/a.digestLength),s=0;s<n;++s){var i=String.fromCharCode(s>>24&255,s>>16&255,s>>8&255,s&255);a.start(),a.update(e+i),r+=a.digest().getBytes()}return r.substring(0,t)}var Rt=Y;(function(){if(Rt.prime){Rt.prime;return}var e=Rt.prime=Rt.prime||{},t=Rt.jsbn.BigInteger,a=[6,4,2,4,2,4,6,2],r=new t(null);r.fromInt(30);var n=function(c,v){return c|v};e.generateProbablePrime=function(c,v,m){typeof v=="function"&&(m=v,v={}),v=v||{};var y=v.algorithm||"PRIMEINC";typeof y=="string"&&(y={name:y}),y.options=y.options||{};var x=v.prng||Rt.random,S={nextBytes:function(A){for(var B=x.getBytesSync(A.length),N=0;N<A.length;++N)A[N]=B.charCodeAt(N)}};if(y.name==="PRIMEINC")return s(c,S,y.options,m);throw new Error("Invalid prime generation algorithm: "+y.name)};function s(c,v,m,y){return"workers"in m?u(c,v,m,y):i(c,v,m,y)}function i(c,v,m,y){var x=l(c,v),S=0,A=f(x.bitLength());"millerRabinTests"in m&&(A=m.millerRabinTests);var B=10;"maxBlockTime"in m&&(B=m.maxBlockTime),o(x,c,v,S,A,B,y)}function o(c,v,m,y,x,S,A){var B=+new Date;do{if(c.bitLength()>v&&(c=l(v,m)),c.isProbablePrime(x))return A(null,c);c.dAddOffset(a[y++%8],0)}while(S<0||+new Date-B<S);Rt.util.setImmediate(function(){o(c,v,m,y,x,S,A)})}function u(c,v,m,y){if(typeof Worker>"u")return i(c,v,m,y);var x=l(c,v),S=m.workers,A=m.workLoad||100,B=A*30/8,N=m.workerScript||"forge/prime.worker.js";if(S===-1)return Rt.util.estimateCores(function(D,R){D&&(R=2),S=R-1,F()});F();function F(){S=Math.max(1,S);for(var D=[],R=0;R<S;++R)D[R]=new Worker(N);for(var R=0;R<S;++R)D[R].addEventListener("message",J);var z=!1;function J(ie){if(!z){var oe=ie.data;if(oe.found){for(var ue=0;ue<D.length;++ue)D[ue].terminate();return z=!0,y(null,new t(oe.prime,16))}x.bitLength()>c&&(x=l(c,v));var ve=x.toString(16);ie.target.postMessage({hex:ve,workLoad:A}),x.dAddOffset(B,0)}}}}function l(c,v){var m=new t(c,v),y=c-1;return m.testBit(y)||m.bitwiseTo(t.ONE.shiftLeft(y),n,m),m.dAddOffset(31-m.mod(r).byteValue(),0),m}function f(c){return c<=100?27:c<=150?18:c<=200?15:c<=250?12:c<=300?9:c<=350?8:c<=400?7:c<=500?6:c<=600?5:c<=800?4:c<=1250?3:2}})();var G=Y;if(typeof re>"u")var re=G.jsbn.BigInteger;var Ba=G.util.isNodejs?Ca:null,T=G.asn1,lt=G.util;G.pki=G.pki||{},G.pki.rsa=G.rsa=G.rsa||{};var Q=G.pki,jo=[6,4,2,4,2,4,6,2],Xo={name:"PrivateKeyInfo",tagClass:T.Class.UNIVERSAL,type:T.Type.SEQUENCE,constructed:!0,value:[{name:"PrivateKeyInfo.version",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"PrivateKeyInfo.privateKeyAlgorithm",tagClass:T.Class.UNIVERSAL,type:T.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:T.Class.UNIVERSAL,type:T.Type.OID,constructed:!1,capture:"privateKeyOid"}]},{name:"PrivateKeyInfo",tagClass:T.Class.UNIVERSAL,type:T.Type.OCTETSTRING,constructed:!1,capture:"privateKey"}]},$o={name:"RSAPrivateKey",tagClass:T.Class.UNIVERSAL,type:T.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPrivateKey.version",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"RSAPrivateKey.modulus",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyModulus"},{name:"RSAPrivateKey.publicExponent",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyPublicExponent"},{name:"RSAPrivateKey.privateExponent",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyPrivateExponent"},{name:"RSAPrivateKey.prime1",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyPrime1"},{name:"RSAPrivateKey.prime2",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyPrime2"},{name:"RSAPrivateKey.exponent1",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyExponent1"},{name:"RSAPrivateKey.exponent2",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyExponent2"},{name:"RSAPrivateKey.coefficient",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"privateKeyCoefficient"}]},Zo={name:"RSAPublicKey",tagClass:T.Class.UNIVERSAL,type:T.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPublicKey.modulus",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"publicKeyModulus"},{name:"RSAPublicKey.exponent",tagClass:T.Class.UNIVERSAL,type:T.Type.INTEGER,constructed:!1,capture:"publicKeyExponent"}]},Jo=G.pki.rsa.publicKeyValidator={name:"SubjectPublicKeyInfo",tagClass:T.Class.UNIVERSAL,type:T.Type.SEQUENCE,constructed:!0,captureAsn1:"subjectPublicKeyInfo",value:[{name:"SubjectPublicKeyInfo.AlgorithmIdentifier",tagClass:T.Class.UNIVERSAL,type:T.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:T.Class.UNIVERSAL,type:T.Type.OID,constructed:!1,capture:"publicKeyOid"}]},{name:"SubjectPublicKeyInfo.subjectPublicKey",tagClass:T.Class.UNIVERSAL,type:T.Type.BITSTRING,constructed:!1,value:[{name:"SubjectPublicKeyInfo.subjectPublicKey.RSAPublicKey",tagClass:T.Class.UNIVERSAL,type:T.Type.SEQUENCE,constructed:!0,optional:!0,captureAsn1:"rsaPublicKey"}]}]},e0=function(e){var t;if(e.algorithm in Q.oids)t=Q.oids[e.algorithm];else{var a=new Error("Unknown message digest algorithm.");throw a.algorithm=e.algorithm,a}var r=T.oidToDer(t).getBytes(),n=T.create(T.Class.UNIVERSAL,T.Type.SEQUENCE,!0,[]),s=T.create(T.Class.UNIVERSAL,T.Type.SEQUENCE,!0,[]);s.value.push(T.create(T.Class.UNIVERSAL,T.Type.OID,!1,r)),s.value.push(T.create(T.Class.UNIVERSAL,T.Type.NULL,!1,""));var i=T.create(T.Class.UNIVERSAL,T.Type.OCTETSTRING,!1,e.digest().getBytes());return n.value.push(s),n.value.push(i),T.toDer(n).getBytes()},kn=function(e,t,a){if(a)return e.modPow(t.e,t.n);if(!t.p||!t.q)return e.modPow(t.d,t.n);t.dP||(t.dP=t.d.mod(t.p.subtract(re.ONE))),t.dQ||(t.dQ=t.d.mod(t.q.subtract(re.ONE))),t.qInv||(t.qInv=t.q.modInverse(t.p));var r;do r=new re(G.util.bytesToHex(G.random.getBytes(t.n.bitLength()/8)),16);while(r.compareTo(t.n)>=0||!r.gcd(t.n).equals(re.ONE));e=e.multiply(r.modPow(t.e,t.n)).mod(t.n);for(var n=e.mod(t.p).modPow(t.dP,t.p),s=e.mod(t.q).modPow(t.dQ,t.q);n.compareTo(s)<0;)n=n.add(t.p);var i=n.subtract(s).multiply(t.qInv).mod(t.p).multiply(t.q).add(s);return i=i.multiply(r.modInverse(t.n)).mod(t.n),i};Q.rsa.encrypt=function(e,t,a){var r=a,n,s=Math.ceil(t.n.bitLength()/8);a!==!1&&a!==!0?(r=a===2,n=Un(e,t,a)):(n=G.util.createBuffer(),n.putBytes(e));for(var i=new re(n.toHex(),16),o=kn(i,t,r),u=o.toString(16),l=G.util.createBuffer(),f=s-Math.ceil(u.length/2);f>0;)l.putByte(0),--f;return l.putBytes(G.util.hexToBytes(u)),l.getBytes()},Q.rsa.decrypt=function(e,t,a,r){var n=Math.ceil(t.n.bitLength()/8);if(e.length!==n){var s=new Error("Encrypted message length is invalid.");throw s.length=e.length,s.expected=n,s}var i=new re(G.util.createBuffer(e).toHex(),16);if(i.compareTo(t.n)>=0)throw new Error("Encrypted message is invalid.");for(var o=kn(i,t,a),u=o.toString(16),l=G.util.createBuffer(),f=n-Math.ceil(u.length/2);f>0;)l.putByte(0),--f;return l.putBytes(G.util.hexToBytes(u)),r!==!1?Yr(l.getBytes(),t,a):l.getBytes()},Q.rsa.createKeyPairGenerationState=function(e,t,a){typeof e=="string"&&(e=parseInt(e,10)),e=e||2048,a=a||{};var r=a.prng||G.random,n={nextBytes:function(o){for(var u=r.getBytesSync(o.length),l=0;l<o.length;++l)o[l]=u.charCodeAt(l)}},s=a.algorithm||"PRIMEINC",i;if(s==="PRIMEINC")i={algorithm:s,state:0,bits:e,rng:n,eInt:t||65537,e:new re(null),p:null,q:null,qBits:e>>1,pBits:e-(e>>1),pqState:0,num:null,keys:null},i.e.fromInt(i.eInt);else throw new Error("Invalid key generation algorithm: "+s);return i},Q.rsa.stepKeyPairGenerationState=function(e,t){"algorithm"in e||(e.algorithm="PRIMEINC");var a=new re(null);a.fromInt(30);for(var r=0,n=function(c,v){return c|v},s=+new Date,i,o=0;e.keys===null&&(t<=0||o<t);){if(e.state===0){var u=e.p===null?e.pBits:e.qBits,l=u-1;e.pqState===0?(e.num=new re(u,e.rng),e.num.testBit(l)||e.num.bitwiseTo(re.ONE.shiftLeft(l),n,e.num),e.num.dAddOffset(31-e.num.mod(a).byteValue(),0),r=0,++e.pqState):e.pqState===1?e.num.bitLength()>u?e.pqState=0:e.num.isProbablePrime(r0(e.num.bitLength()))?++e.pqState:e.num.dAddOffset(jo[r++%8],0):e.pqState===2?e.pqState=e.num.subtract(re.ONE).gcd(e.e).compareTo(re.ONE)===0?3:0:e.pqState===3&&(e.pqState=0,e.p===null?e.p=e.num:e.q=e.num,e.p!==null&&e.q!==null&&++e.state,e.num=null)}else if(e.state===1)e.p.compareTo(e.q)<0&&(e.num=e.p,e.p=e.q,e.q=e.num),++e.state;else if(e.state===2)e.p1=e.p.subtract(re.ONE),e.q1=e.q.subtract(re.ONE),e.phi=e.p1.multiply(e.q1),++e.state;else if(e.state===3)e.phi.gcd(e.e).compareTo(re.ONE)===0?++e.state:(e.p=null,e.q=null,e.state=0);else if(e.state===4)e.n=e.p.multiply(e.q),e.n.bitLength()===e.bits?++e.state:(e.q=null,e.state=0);else if(e.state===5){var f=e.e.modInverse(e.phi);e.keys={privateKey:Q.rsa.setPrivateKey(e.n,e.e,f,e.p,e.q,f.mod(e.p1),f.mod(e.q1),e.q.modInverse(e.p)),publicKey:Q.rsa.setPublicKey(e.n,e.e)}}i=+new Date,o+=i-s,s=i}return e.keys!==null},Q.rsa.generateKeyPair=function(e,t,a,r){if(arguments.length===1?typeof e=="object"?(a=e,e=void 0):typeof e=="function"&&(r=e,e=void 0):arguments.length===2?typeof e=="number"?typeof t=="function"?(r=t,t=void 0):typeof t!="number"&&(a=t,t=void 0):(a=e,r=t,e=void 0,t=void 0):arguments.length===3&&(typeof t=="number"?typeof a=="function"&&(r=a,a=void 0):(r=a,a=t,t=void 0)),a=a||{},e===void 0&&(e=a.bits||2048),t===void 0&&(t=a.e||65537),!G.options.usePureJavaScript&&!a.prng&&e>=256&&e<=16384&&(t===65537||t===3)){if(r){if(Pn("generateKeyPair"))return Ba.generateKeyPair("rsa",{modulusLength:e,publicExponent:t,publicKeyEncoding:{type:"spki",format:"pem"},privateKeyEncoding:{type:"pkcs8",format:"pem"}},function(o,u,l){if(o)return r(o);r(null,{privateKey:Q.privateKeyFromPem(l),publicKey:Q.publicKeyFromPem(u)})});if(Vn("generateKey")&&Vn("exportKey"))return lt.globalScope.crypto.subtle.generateKey({name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:On(t),hash:{name:"SHA-256"}},!0,["sign","verify"]).then(function(o){return lt.globalScope.crypto.subtle.exportKey("pkcs8",o.privateKey)}).then(void 0,function(o){r(o)}).then(function(o){if(o){var u=Q.privateKeyFromAsn1(T.fromDer(G.util.createBuffer(o)));r(null,{privateKey:u,publicKey:Q.setRsaPublicKey(u.n,u.e)})}});if(Fn("generateKey")&&Fn("exportKey")){var n=lt.globalScope.msCrypto.subtle.generateKey({name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:On(t),hash:{name:"SHA-256"}},!0,["sign","verify"]);n.oncomplete=function(o){var u=o.target.result,l=lt.globalScope.msCrypto.subtle.exportKey("pkcs8",u.privateKey);l.oncomplete=function(f){var c=f.target.result,v=Q.privateKeyFromAsn1(T.fromDer(G.util.createBuffer(c)));r(null,{privateKey:v,publicKey:Q.setRsaPublicKey(v.n,v.e)})},l.onerror=function(f){r(f)}},n.onerror=function(o){r(o)};return}}else if(Pn("generateKeyPairSync")){var s=Ba.generateKeyPairSync("rsa",{modulusLength:e,publicExponent:t,publicKeyEncoding:{type:"spki",format:"pem"},privateKeyEncoding:{type:"pkcs8",format:"pem"}});return{privateKey:Q.privateKeyFromPem(s.privateKey),publicKey:Q.publicKeyFromPem(s.publicKey)}}}var i=Q.rsa.createKeyPairGenerationState(e,t,a);if(!r)return Q.rsa.stepKeyPairGenerationState(i,0),i.keys;t0(i,a,r)},Q.setRsaPublicKey=Q.rsa.setPublicKey=function(e,t){var a={n:e,e:t};return a.encrypt=function(r,n,s){if(typeof n=="string"?n=n.toUpperCase():n===void 0&&(n="RSAES-PKCS1-V1_5"),n==="RSAES-PKCS1-V1_5")n={encode:function(o,u,l){return Un(o,u,2).getBytes()}};else if(n==="RSA-OAEP"||n==="RSAES-OAEP")n={encode:function(o,u){return G.pkcs1.encode_rsa_oaep(u,o,s)}};else if(["RAW","NONE","NULL",null].indexOf(n)!==-1)n={encode:function(o){return o}};else if(typeof n=="string")throw new Error('Unsupported encryption scheme: "'+n+'".');var i=n.encode(r,a,!0);return Q.rsa.encrypt(i,a,!0)},a.verify=function(r,n,s){typeof s=="string"?s=s.toUpperCase():s===void 0&&(s="RSASSA-PKCS1-V1_5"),s==="RSASSA-PKCS1-V1_5"?s={verify:function(o,u){u=Yr(u,a,!0);var l=T.fromDer(u);return o===l.value[1].value}}:(s==="NONE"||s==="NULL"||s===null)&&(s={verify:function(o,u){return u=Yr(u,a,!0),o===u}});var i=Q.rsa.decrypt(n,a,!0,!1);return s.verify(r,i,a.n.bitLength())},a},Q.setRsaPrivateKey=Q.rsa.setPrivateKey=function(e,t,a,r,n,s,i,o){var u={n:e,e:t,d:a,p:r,q:n,dP:s,dQ:i,qInv:o};return u.decrypt=function(l,f,c){typeof f=="string"?f=f.toUpperCase():f===void 0&&(f="RSAES-PKCS1-V1_5");var v=Q.rsa.decrypt(l,u,!1,!1);if(f==="RSAES-PKCS1-V1_5")f={decode:Yr};else if(f==="RSA-OAEP"||f==="RSAES-OAEP")f={decode:function(m,y){return G.pkcs1.decode_rsa_oaep(y,m,c)}};else if(["RAW","NONE","NULL",null].indexOf(f)!==-1)f={decode:function(m){return m}};else throw new Error('Unsupported encryption scheme: "'+f+'".');return f.decode(v,u,!1)},u.sign=function(l,f){var c=!1;typeof f=="string"&&(f=f.toUpperCase()),f===void 0||f==="RSASSA-PKCS1-V1_5"?(f={encode:e0},c=1):(f==="NONE"||f==="NULL"||f===null)&&(f={encode:function(){return l}},c=1);var v=f.encode(l,u.n.bitLength());return Q.rsa.encrypt(v,u,c)},u},Q.wrapRsaPrivateKey=function(e){return T.create(T.Class.UNIVERSAL,T.Type.SEQUENCE,!0,[T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,T.integerToDer(0).getBytes()),T.create(T.Class.UNIVERSAL,T.Type.SEQUENCE,!0,[T.create(T.Class.UNIVERSAL,T.Type.OID,!1,T.oidToDer(Q.oids.rsaEncryption).getBytes()),T.create(T.Class.UNIVERSAL,T.Type.NULL,!1,"")]),T.create(T.Class.UNIVERSAL,T.Type.OCTETSTRING,!1,T.toDer(e).getBytes())])},Q.privateKeyFromAsn1=function(e){var t={},a=[];if(T.validate(e,Xo,t,a)&&(e=T.fromDer(G.util.createBuffer(t.privateKey))),t={},a=[],!T.validate(e,$o,t,a)){var r=new Error("Cannot read private key. ASN.1 object does not contain an RSAPrivateKey.");throw r.errors=a,r}var n,s,i,o,u,l,f,c;return n=G.util.createBuffer(t.privateKeyModulus).toHex(),s=G.util.createBuffer(t.privateKeyPublicExponent).toHex(),i=G.util.createBuffer(t.privateKeyPrivateExponent).toHex(),o=G.util.createBuffer(t.privateKeyPrime1).toHex(),u=G.util.createBuffer(t.privateKeyPrime2).toHex(),l=G.util.createBuffer(t.privateKeyExponent1).toHex(),f=G.util.createBuffer(t.privateKeyExponent2).toHex(),c=G.util.createBuffer(t.privateKeyCoefficient).toHex(),Q.setRsaPrivateKey(new re(n,16),new re(s,16),new re(i,16),new re(o,16),new re(u,16),new re(l,16),new re(f,16),new re(c,16))},Q.privateKeyToAsn1=Q.privateKeyToRSAPrivateKey=function(e){return T.create(T.Class.UNIVERSAL,T.Type.SEQUENCE,!0,[T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,T.integerToDer(0).getBytes()),T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.n)),T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.e)),T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.d)),T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.p)),T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.q)),T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.dP)),T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.dQ)),T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.qInv))])},Q.publicKeyFromAsn1=function(e){var t={},a=[];if(T.validate(e,Jo,t,a)){var r=T.derToOid(t.publicKeyOid);if(r!==Q.oids.rsaEncryption){var n=new Error("Cannot read public key. Unknown OID.");throw n.oid=r,n}e=t.rsaPublicKey}if(a=[],!T.validate(e,Zo,t,a)){var n=new Error("Cannot read public key. ASN.1 object does not contain an RSAPublicKey.");throw n.errors=a,n}var s=G.util.createBuffer(t.publicKeyModulus).toHex(),i=G.util.createBuffer(t.publicKeyExponent).toHex();return Q.setRsaPublicKey(new re(s,16),new re(i,16))},Q.publicKeyToAsn1=Q.publicKeyToSubjectPublicKeyInfo=function(e){return T.create(T.Class.UNIVERSAL,T.Type.SEQUENCE,!0,[T.create(T.Class.UNIVERSAL,T.Type.SEQUENCE,!0,[T.create(T.Class.UNIVERSAL,T.Type.OID,!1,T.oidToDer(Q.oids.rsaEncryption).getBytes()),T.create(T.Class.UNIVERSAL,T.Type.NULL,!1,"")]),T.create(T.Class.UNIVERSAL,T.Type.BITSTRING,!1,[Q.publicKeyToRSAPublicKey(e)])])},Q.publicKeyToRSAPublicKey=function(e){return T.create(T.Class.UNIVERSAL,T.Type.SEQUENCE,!0,[T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.n)),T.create(T.Class.UNIVERSAL,T.Type.INTEGER,!1,St(e.e))])};function Un(e,t,a){var r=G.util.createBuffer(),n=Math.ceil(t.n.bitLength()/8);if(e.length>n-11){var s=new Error("Message is too long for PKCS#1 v1.5 padding.");throw s.length=e.length,s.max=n-11,s}r.putByte(0),r.putByte(a);var i=n-3-e.length,o;if(a===0||a===1){o=a===0?0:255;for(var u=0;u<i;++u)r.putByte(o)}else for(;i>0;){for(var l=0,f=G.random.getBytes(i),u=0;u<i;++u)o=f.charCodeAt(u),o===0?++l:r.putByte(o);i=l}return r.putByte(0),r.putBytes(e),r}function Yr(e,t,a,r){var n=Math.ceil(t.n.bitLength()/8),s=G.util.createBuffer(e),i=s.getByte(),o=s.getByte();if(i!==0||a&&o!==0&&o!==1||!a&&o!=2||a&&o===0&&typeof r>"u")throw new Error("Encryption block is invalid.");var u=0;if(o===0){u=n-3-r;for(var l=0;l<u;++l)if(s.getByte()!==0)throw new Error("Encryption block is invalid.")}else if(o===1)for(u=0;s.length()>1;){if(s.getByte()!==255){--s.read;break}++u}else if(o===2)for(u=0;s.length()>1;){if(s.getByte()===0){--s.read;break}++u}var f=s.getByte();if(f!==0||u!==n-3-s.length())throw new Error("Encryption block is invalid.");return s.getBytes()}function t0(e,t,a){typeof t=="function"&&(a=t,t={}),t=t||{};var r={algorithm:{name:t.algorithm||"PRIMEINC",options:{workers:t.workers||2,workLoad:t.workLoad||100,workerScript:t.workerScript}}};"prng"in t&&(r.prng=t.prng),n();function n(){s(e.pBits,function(o,u){if(o)return a(o);if(e.p=u,e.q!==null)return i(o,e.q);s(e.qBits,i)})}function s(o,u){G.prime.generateProbablePrime(o,r,u)}function i(o,u){if(o)return a(o);if(e.q=u,e.p.compareTo(e.q)<0){var l=e.p;e.p=e.q,e.q=l}if(e.p.subtract(re.ONE).gcd(e.e).compareTo(re.ONE)!==0){e.p=null,n();return}if(e.q.subtract(re.ONE).gcd(e.e).compareTo(re.ONE)!==0){e.q=null,s(e.qBits,i);return}if(e.p1=e.p.subtract(re.ONE),e.q1=e.q.subtract(re.ONE),e.phi=e.p1.multiply(e.q1),e.phi.gcd(e.e).compareTo(re.ONE)!==0){e.p=e.q=null,n();return}if(e.n=e.p.multiply(e.q),e.n.bitLength()!==e.bits){e.q=null,s(e.qBits,i);return}var f=e.e.modInverse(e.phi);e.keys={privateKey:Q.rsa.setPrivateKey(e.n,e.e,f,e.p,e.q,f.mod(e.p1),f.mod(e.q1),e.q.modInverse(e.p)),publicKey:Q.rsa.setPublicKey(e.n,e.e)},a(null,e.keys)}}function St(e){var t=e.toString(16);t[0]>="8"&&(t="00"+t);var a=G.util.hexToBytes(t);return a.length>1&&(a.charCodeAt(0)===0&&(a.charCodeAt(1)&128)===0||a.charCodeAt(0)===255&&(a.charCodeAt(1)&128)===128)?a.substr(1):a}function r0(e){return e<=100?27:e<=150?18:e<=200?15:e<=250?12:e<=300?9:e<=350?8:e<=400?7:e<=500?6:e<=600?5:e<=800?4:e<=1250?3:2}function Pn(e){return G.util.isNodejs&&typeof Ba[e]=="function"}function Vn(e){return typeof lt.globalScope<"u"&&typeof lt.globalScope.crypto=="object"&&typeof lt.globalScope.crypto.subtle=="object"&&typeof lt.globalScope.crypto.subtle[e]=="function"}function Fn(e){return typeof lt.globalScope<"u"&&typeof lt.globalScope.msCrypto=="object"&&typeof lt.globalScope.msCrypto.subtle=="object"&&typeof lt.globalScope.msCrypto.subtle[e]=="function"}function On(e){for(var t=G.util.hexToBytes(e.toString(16)),a=new Uint8Array(t.length),r=0;r<t.length;++r)a[r]=t.charCodeAt(r);return a}var O=Y;if(typeof a0>"u")var a0=O.jsbn.BigInteger;var I=O.asn1,W=O.pki=O.pki||{};W.pbe=O.pbe=O.pbe||{};var zt=W.oids,n0={name:"EncryptedPrivateKeyInfo",tagClass:I.Class.UNIVERSAL,type:I.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedPrivateKeyInfo.encryptionAlgorithm",tagClass:I.Class.UNIVERSAL,type:I.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:I.Class.UNIVERSAL,type:I.Type.OID,constructed:!1,capture:"encryptionOid"},{name:"AlgorithmIdentifier.parameters",tagClass:I.Class.UNIVERSAL,type:I.Type.SEQUENCE,constructed:!0,captureAsn1:"encryptionParams"}]},{name:"EncryptedPrivateKeyInfo.encryptedData",tagClass:I.Class.UNIVERSAL,type:I.Type.OCTETSTRING,constructed:!1,capture:"encryptedData"}]},i0={name:"PBES2Algorithms",tagClass:I.Class.UNIVERSAL,type:I.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.keyDerivationFunc",tagClass:I.Class.UNIVERSAL,type:I.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.keyDerivationFunc.oid",tagClass:I.Class.UNIVERSAL,type:I.Type.OID,constructed:!1,capture:"kdfOid"},{name:"PBES2Algorithms.params",tagClass:I.Class.UNIVERSAL,type:I.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.params.salt",tagClass:I.Class.UNIVERSAL,type:I.Type.OCTETSTRING,constructed:!1,capture:"kdfSalt"},{name:"PBES2Algorithms.params.iterationCount",tagClass:I.Class.UNIVERSAL,type:I.Type.INTEGER,constructed:!1,capture:"kdfIterationCount"},{name:"PBES2Algorithms.params.keyLength",tagClass:I.Class.UNIVERSAL,type:I.Type.INTEGER,constructed:!1,optional:!0,capture:"keyLength"},{name:"PBES2Algorithms.params.prf",tagClass:I.Class.UNIVERSAL,type:I.Type.SEQUENCE,constructed:!0,optional:!0,value:[{name:"PBES2Algorithms.params.prf.algorithm",tagClass:I.Class.UNIVERSAL,type:I.Type.OID,constructed:!1,capture:"prfOid"}]}]}]},{name:"PBES2Algorithms.encryptionScheme",tagClass:I.Class.UNIVERSAL,type:I.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.encryptionScheme.oid",tagClass:I.Class.UNIVERSAL,type:I.Type.OID,constructed:!1,capture:"encOid"},{name:"PBES2Algorithms.encryptionScheme.iv",tagClass:I.Class.UNIVERSAL,type:I.Type.OCTETSTRING,constructed:!1,capture:"encIv"}]}]},s0={name:"pkcs-12PbeParams",tagClass:I.Class.UNIVERSAL,type:I.Type.SEQUENCE,constructed:!0,value:[{name:"pkcs-12PbeParams.salt",tagClass:I.Class.UNIVERSAL,type:I.Type.OCTETSTRING,constructed:!1,capture:"salt"},{name:"pkcs-12PbeParams.iterations",tagClass:I.Class.UNIVERSAL,type:I.Type.INTEGER,constructed:!1,capture:"iterations"}]};W.encryptPrivateKeyInfo=function(e,t,a){a=a||{},a.saltSize=a.saltSize||8,a.count=a.count||2048,a.algorithm=a.algorithm||"aes128",a.prfAlgorithm=a.prfAlgorithm||"sha1";var r=O.random.getBytesSync(a.saltSize),n=a.count,s=I.integerToDer(n),i,o,u;if(a.algorithm.indexOf("aes")===0||a.algorithm==="des"){var l,f,c;switch(a.algorithm){case"aes128":i=16,l=16,f=zt["aes128-CBC"],c=O.aes.createEncryptionCipher;break;case"aes192":i=24,l=16,f=zt["aes192-CBC"],c=O.aes.createEncryptionCipher;break;case"aes256":i=32,l=16,f=zt["aes256-CBC"],c=O.aes.createEncryptionCipher;break;case"des":i=8,l=8,f=zt.desCBC,c=O.des.createEncryptionCipher;break;default:var v=new Error("Cannot encrypt private key. Unknown encryption algorithm.");throw v.algorithm=a.algorithm,v}var m="hmacWith"+a.prfAlgorithm.toUpperCase(),y=Hn(m),x=O.pkcs5.pbkdf2(t,r,n,i,y),S=O.random.getBytesSync(l),A=c(x);A.start(S),A.update(I.toDer(e)),A.finish(),u=A.output.getBytes();var B=o0(r,s,i,m);o=I.create(I.Class.UNIVERSAL,I.Type.SEQUENCE,!0,[I.create(I.Class.UNIVERSAL,I.Type.OID,!1,I.oidToDer(zt.pkcs5PBES2).getBytes()),I.create(I.Class.UNIVERSAL,I.Type.SEQUENCE,!0,[I.create(I.Class.UNIVERSAL,I.Type.SEQUENCE,!0,[I.create(I.Class.UNIVERSAL,I.Type.OID,!1,I.oidToDer(zt.pkcs5PBKDF2).getBytes()),B]),I.create(I.Class.UNIVERSAL,I.Type.SEQUENCE,!0,[I.create(I.Class.UNIVERSAL,I.Type.OID,!1,I.oidToDer(f).getBytes()),I.create(I.Class.UNIVERSAL,I.Type.OCTETSTRING,!1,S)])])])}else if(a.algorithm==="3des"){i=24;var N=new O.util.ByteBuffer(r),x=W.pbe.generatePkcs12Key(t,N,1,n,i),S=W.pbe.generatePkcs12Key(t,N,2,n,i),A=O.des.createEncryptionCipher(x);A.start(S),A.update(I.toDer(e)),A.finish(),u=A.output.getBytes(),o=I.create(I.Class.UNIVERSAL,I.Type.SEQUENCE,!0,[I.create(I.Class.UNIVERSAL,I.Type.OID,!1,I.oidToDer(zt["pbeWithSHAAnd3-KeyTripleDES-CBC"]).getBytes()),I.create(I.Class.UNIVERSAL,I.Type.SEQUENCE,!0,[I.create(I.Class.UNIVERSAL,I.Type.OCTETSTRING,!1,r),I.create(I.Class.UNIVERSAL,I.Type.INTEGER,!1,s.getBytes())])])}else{var v=new Error("Cannot encrypt private key. Unknown encryption algorithm.");throw v.algorithm=a.algorithm,v}var F=I.create(I.Class.UNIVERSAL,I.Type.SEQUENCE,!0,[o,I.create(I.Class.UNIVERSAL,I.Type.OCTETSTRING,!1,u)]);return F},W.decryptPrivateKeyInfo=function(e,t){var a=null,r={},n=[];if(!I.validate(e,n0,r,n)){var s=new Error("Cannot read encrypted private key. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw s.errors=n,s}var i=I.derToOid(r.encryptionOid),o=W.pbe.getCipher(i,r.encryptionParams,t),u=O.util.createBuffer(r.encryptedData);return o.update(u),o.finish()&&(a=I.fromDer(o.output)),a},W.encryptedPrivateKeyToPem=function(e,t){var a={type:"ENCRYPTED PRIVATE KEY",body:I.toDer(e).getBytes()};return O.pem.encode(a,{maxline:t})},W.encryptedPrivateKeyFromPem=function(e){var t=O.pem.decode(e)[0];if(t.type!=="ENCRYPTED PRIVATE KEY"){var a=new Error('Could not convert encrypted private key from PEM; PEM header type is "ENCRYPTED PRIVATE KEY".');throw a.headerType=t.type,a}if(t.procType&&t.procType.type==="ENCRYPTED")throw new Error("Could not convert encrypted private key from PEM; PEM is encrypted.");return I.fromDer(t.body)},W.encryptRsaPrivateKey=function(e,t,a){if(a=a||{},!a.legacy){var r=W.wrapRsaPrivateKey(W.privateKeyToAsn1(e));return r=W.encryptPrivateKeyInfo(r,t,a),W.encryptedPrivateKeyToPem(r)}var n,s,i,o;switch(a.algorithm){case"aes128":n="AES-128-CBC",i=16,s=O.random.getBytesSync(16),o=O.aes.createEncryptionCipher;break;case"aes192":n="AES-192-CBC",i=24,s=O.random.getBytesSync(16),o=O.aes.createEncryptionCipher;break;case"aes256":n="AES-256-CBC",i=32,s=O.random.getBytesSync(16),o=O.aes.createEncryptionCipher;break;case"3des":n="DES-EDE3-CBC",i=24,s=O.random.getBytesSync(8),o=O.des.createEncryptionCipher;break;case"des":n="DES-CBC",i=8,s=O.random.getBytesSync(8),o=O.des.createEncryptionCipher;break;default:var u=new Error('Could not encrypt RSA private key; unsupported encryption algorithm "'+a.algorithm+'".');throw u.algorithm=a.algorithm,u}var l=O.pbe.opensslDeriveBytes(t,s.substr(0,8),i),f=o(l);f.start(s),f.update(I.toDer(W.privateKeyToAsn1(e))),f.finish();var c={type:"RSA PRIVATE KEY",procType:{version:"4",type:"ENCRYPTED"},dekInfo:{algorithm:n,parameters:O.util.bytesToHex(s).toUpperCase()},body:f.output.getBytes()};return O.pem.encode(c)},W.decryptRsaPrivateKey=function(e,t){var a=null,r=O.pem.decode(e)[0];if(r.type!=="ENCRYPTED PRIVATE KEY"&&r.type!=="PRIVATE KEY"&&r.type!=="RSA PRIVATE KEY"){var n=new Error('Could not convert private key from PEM; PEM header type is not "ENCRYPTED PRIVATE KEY", "PRIVATE KEY", or "RSA PRIVATE KEY".');throw n.headerType=n,n}if(r.procType&&r.procType.type==="ENCRYPTED"){var s,i;switch(r.dekInfo.algorithm){case"DES-CBC":s=8,i=O.des.createDecryptionCipher;break;case"DES-EDE3-CBC":s=24,i=O.des.createDecryptionCipher;break;case"AES-128-CBC":s=16,i=O.aes.createDecryptionCipher;break;case"AES-192-CBC":s=24,i=O.aes.createDecryptionCipher;break;case"AES-256-CBC":s=32,i=O.aes.createDecryptionCipher;break;case"RC2-40-CBC":s=5,i=function(c){return O.rc2.createDecryptionCipher(c,40)};break;case"RC2-64-CBC":s=8,i=function(c){return O.rc2.createDecryptionCipher(c,64)};break;case"RC2-128-CBC":s=16,i=function(c){return O.rc2.createDecryptionCipher(c,128)};break;default:var n=new Error('Could not decrypt private key; unsupported encryption algorithm "'+r.dekInfo.algorithm+'".');throw n.algorithm=r.dekInfo.algorithm,n}var o=O.util.hexToBytes(r.dekInfo.parameters),u=O.pbe.opensslDeriveBytes(t,o.substr(0,8),s),l=i(u);if(l.start(o),l.update(O.util.createBuffer(r.body)),l.finish())a=l.output.getBytes();else return a}else a=r.body;return r.type==="ENCRYPTED PRIVATE KEY"?a=W.decryptPrivateKeyInfo(I.fromDer(a),t):a=I.fromDer(a),a!==null&&(a=W.privateKeyFromAsn1(a)),a},W.pbe.generatePkcs12Key=function(e,t,a,r,n,s){var i,o;if(typeof s>"u"||s===null){if(!("sha1"in O.md))throw new Error('"sha1" hash algorithm unavailable.');s=O.md.sha1.create()}var u=s.digestLength,l=s.blockLength,f=new O.util.ByteBuffer,c=new O.util.ByteBuffer;if(e!=null){for(o=0;o<e.length;o++)c.putInt16(e.charCodeAt(o));c.putInt16(0)}var v=c.length(),m=t.length(),y=new O.util.ByteBuffer;y.fillWithByte(a,l);var x=l*Math.ceil(m/l),S=new O.util.ByteBuffer;for(o=0;o<x;o++)S.putByte(t.at(o%m));var A=l*Math.ceil(v/l),B=new O.util.ByteBuffer;for(o=0;o<A;o++)B.putByte(c.at(o%v));var N=S;N.putBuffer(B);for(var F=Math.ceil(n/u),D=1;D<=F;D++){var R=new O.util.ByteBuffer;R.putBytes(y.bytes()),R.putBytes(N.bytes());for(var z=0;z<r;z++)s.start(),s.update(R.getBytes()),R=s.digest();var J=new O.util.ByteBuffer;for(o=0;o<l;o++)J.putByte(R.at(o%u));var ie=Math.ceil(m/l)+Math.ceil(v/l),oe=new O.util.ByteBuffer;for(i=0;i<ie;i++){var ue=new O.util.ByteBuffer(N.getBytes(l)),ve=511;for(o=J.length()-1;o>=0;o--)ve=ve>>8,ve+=J.at(o)+ue.at(o),ue.setAt(o,ve&255);oe.putBuffer(ue)}N=oe,f.putBuffer(R)}return f.truncate(f.length()-n),f},W.pbe.getCipher=function(e,t,a){switch(e){case W.oids.pkcs5PBES2:return W.pbe.getCipherForPBES2(e,t,a);case W.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:case W.oids["pbewithSHAAnd40BitRC2-CBC"]:return W.pbe.getCipherForPKCS12PBE(e,t,a);default:var r=new Error("Cannot read encrypted PBE data block. Unsupported OID.");throw r.oid=e,r.supportedOids=["pkcs5PBES2","pbeWithSHAAnd3-KeyTripleDES-CBC","pbewithSHAAnd40BitRC2-CBC"],r}},W.pbe.getCipherForPBES2=function(e,t,a){var r={},n=[];if(!I.validate(t,i0,r,n)){var s=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw s.errors=n,s}if(e=I.derToOid(r.kdfOid),e!==W.oids.pkcs5PBKDF2){var s=new Error("Cannot read encrypted private key. Unsupported key derivation function OID.");throw s.oid=e,s.supportedOids=["pkcs5PBKDF2"],s}if(e=I.derToOid(r.encOid),e!==W.oids["aes128-CBC"]&&e!==W.oids["aes192-CBC"]&&e!==W.oids["aes256-CBC"]&&e!==W.oids["des-EDE3-CBC"]&&e!==W.oids.desCBC){var s=new Error("Cannot read encrypted private key. Unsupported encryption scheme OID.");throw s.oid=e,s.supportedOids=["aes128-CBC","aes192-CBC","aes256-CBC","des-EDE3-CBC","desCBC"],s}var i=r.kdfSalt,o=O.util.createBuffer(r.kdfIterationCount);o=o.getInt(o.length()<<3);var u,l;switch(W.oids[e]){case"aes128-CBC":u=16,l=O.aes.createDecryptionCipher;break;case"aes192-CBC":u=24,l=O.aes.createDecryptionCipher;break;case"aes256-CBC":u=32,l=O.aes.createDecryptionCipher;break;case"des-EDE3-CBC":u=24,l=O.des.createDecryptionCipher;break;case"desCBC":u=8,l=O.des.createDecryptionCipher;break}var f=Mn(r.prfOid),c=O.pkcs5.pbkdf2(a,i,o,u,f),v=r.encIv,m=l(c);return m.start(v),m},W.pbe.getCipherForPKCS12PBE=function(e,t,a){var r={},n=[];if(!I.validate(t,s0,r,n)){var s=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw s.errors=n,s}var i=O.util.createBuffer(r.salt),o=O.util.createBuffer(r.iterations);o=o.getInt(o.length()<<3);var u,l,f;switch(e){case W.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:u=24,l=8,f=O.des.startDecrypting;break;case W.oids["pbewithSHAAnd40BitRC2-CBC"]:u=5,l=8,f=function(x,S){var A=O.rc2.createDecryptionCipher(x,40);return A.start(S,null),A};break;default:var s=new Error("Cannot read PKCS #12 PBE data block. Unsupported OID.");throw s.oid=e,s}var c=Mn(r.prfOid),v=W.pbe.generatePkcs12Key(a,i,1,o,u,c);c.start();var m=W.pbe.generatePkcs12Key(a,i,2,o,l,c);return f(v,m)},W.pbe.opensslDeriveBytes=function(e,t,a,r){if(typeof r>"u"||r===null){if(!("md5"in O.md))throw new Error('"md5" hash algorithm unavailable.');r=O.md.md5.create()}t===null&&(t="");for(var n=[Kn(r,e+t)],s=16,i=1;s<a;++i,s+=16)n.push(Kn(r,n[i-1]+e+t));return n.join("").substr(0,a)};function Kn(e,t){return e.start().update(t).digest().getBytes()}function Mn(e){var t;if(!e)t="hmacWithSHA1";else if(t=W.oids[I.derToOid(e)],!t){var a=new Error("Unsupported PRF OID.");throw a.oid=e,a.supported=["hmacWithSHA1","hmacWithSHA224","hmacWithSHA256","hmacWithSHA384","hmacWithSHA512"],a}return Hn(t)}function Hn(e){var t=O.md;switch(e){case"hmacWithSHA224":t=O.md.sha512;case"hmacWithSHA1":case"hmacWithSHA256":case"hmacWithSHA384":case"hmacWithSHA512":e=e.substr(8).toLowerCase();break;default:var a=new Error("Unsupported PRF algorithm.");throw a.algorithm=e,a.supported=["hmacWithSHA1","hmacWithSHA224","hmacWithSHA256","hmacWithSHA384","hmacWithSHA512"],a}if(!t||!(e in t))throw new Error("Unknown hash algorithm: "+e);return t[e].create()}function o0(e,t,a,r){var n=I.create(I.Class.UNIVERSAL,I.Type.SEQUENCE,!0,[I.create(I.Class.UNIVERSAL,I.Type.OCTETSTRING,!1,e),I.create(I.Class.UNIVERSAL,I.Type.INTEGER,!1,t.getBytes())]);return r!=="hmacWithSHA1"&&n.value.push(I.create(I.Class.UNIVERSAL,I.Type.INTEGER,!1,O.util.hexToBytes(a.toString(16))),I.create(I.Class.UNIVERSAL,I.Type.SEQUENCE,!0,[I.create(I.Class.UNIVERSAL,I.Type.OID,!1,I.oidToDer(W.oids[r]).getBytes()),I.create(I.Class.UNIVERSAL,I.Type.NULL,!1,"")])),n}var sr=Y,V=sr.asn1,or=sr.pkcs7asn1=sr.pkcs7asn1||{};sr.pkcs7=sr.pkcs7||{},sr.pkcs7.asn1=or;var qn={name:"ContentInfo",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"ContentInfo.ContentType",tagClass:V.Class.UNIVERSAL,type:V.Type.OID,constructed:!1,capture:"contentType"},{name:"ContentInfo.content",tagClass:V.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,captureAsn1:"content"}]};or.contentInfoValidator=qn;var Gn={name:"EncryptedContentInfo",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedContentInfo.contentType",tagClass:V.Class.UNIVERSAL,type:V.Type.OID,constructed:!1,capture:"contentType"},{name:"EncryptedContentInfo.contentEncryptionAlgorithm",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedContentInfo.contentEncryptionAlgorithm.algorithm",tagClass:V.Class.UNIVERSAL,type:V.Type.OID,constructed:!1,capture:"encAlgorithm"},{name:"EncryptedContentInfo.contentEncryptionAlgorithm.parameter",tagClass:V.Class.UNIVERSAL,captureAsn1:"encParameter"}]},{name:"EncryptedContentInfo.encryptedContent",tagClass:V.Class.CONTEXT_SPECIFIC,type:0,capture:"encryptedContent",captureAsn1:"encryptedContentAsn1"}]};or.envelopedDataValidator={name:"EnvelopedData",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"EnvelopedData.Version",tagClass:V.Class.UNIVERSAL,type:V.Type.INTEGER,constructed:!1,capture:"version"},{name:"EnvelopedData.RecipientInfos",tagClass:V.Class.UNIVERSAL,type:V.Type.SET,constructed:!0,captureAsn1:"recipientInfos"}].concat(Gn)},or.encryptedDataValidator={name:"EncryptedData",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedData.Version",tagClass:V.Class.UNIVERSAL,type:V.Type.INTEGER,constructed:!1,capture:"version"}].concat(Gn)};var u0={name:"SignerInfo",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.version",tagClass:V.Class.UNIVERSAL,type:V.Type.INTEGER,constructed:!1},{name:"SignerInfo.issuerAndSerialNumber",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.issuerAndSerialNumber.issuer",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,captureAsn1:"issuer"},{name:"SignerInfo.issuerAndSerialNumber.serialNumber",tagClass:V.Class.UNIVERSAL,type:V.Type.INTEGER,constructed:!1,capture:"serial"}]},{name:"SignerInfo.digestAlgorithm",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.digestAlgorithm.algorithm",tagClass:V.Class.UNIVERSAL,type:V.Type.OID,constructed:!1,capture:"digestAlgorithm"},{name:"SignerInfo.digestAlgorithm.parameter",tagClass:V.Class.UNIVERSAL,constructed:!1,captureAsn1:"digestParameter",optional:!0}]},{name:"SignerInfo.authenticatedAttributes",tagClass:V.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,capture:"authenticatedAttributes"},{name:"SignerInfo.digestEncryptionAlgorithm",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,capture:"signatureAlgorithm"},{name:"SignerInfo.encryptedDigest",tagClass:V.Class.UNIVERSAL,type:V.Type.OCTETSTRING,constructed:!1,capture:"signature"},{name:"SignerInfo.unauthenticatedAttributes",tagClass:V.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,optional:!0,capture:"unauthenticatedAttributes"}]};or.signedDataValidator={name:"SignedData",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"SignedData.Version",tagClass:V.Class.UNIVERSAL,type:V.Type.INTEGER,constructed:!1,capture:"version"},{name:"SignedData.DigestAlgorithms",tagClass:V.Class.UNIVERSAL,type:V.Type.SET,constructed:!0,captureAsn1:"digestAlgorithms"},qn,{name:"SignedData.Certificates",tagClass:V.Class.CONTEXT_SPECIFIC,type:0,optional:!0,captureAsn1:"certificates"},{name:"SignedData.CertificateRevocationLists",tagClass:V.Class.CONTEXT_SPECIFIC,type:1,optional:!0,captureAsn1:"crls"},{name:"SignedData.SignerInfos",tagClass:V.Class.UNIVERSAL,type:V.Type.SET,capture:"signerInfos",optional:!0,value:[u0]}]},or.recipientInfoValidator={name:"RecipientInfo",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.version",tagClass:V.Class.UNIVERSAL,type:V.Type.INTEGER,constructed:!1,capture:"version"},{name:"RecipientInfo.issuerAndSerial",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.issuerAndSerial.issuer",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,captureAsn1:"issuer"},{name:"RecipientInfo.issuerAndSerial.serialNumber",tagClass:V.Class.UNIVERSAL,type:V.Type.INTEGER,constructed:!1,capture:"serial"}]},{name:"RecipientInfo.keyEncryptionAlgorithm",tagClass:V.Class.UNIVERSAL,type:V.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.keyEncryptionAlgorithm.algorithm",tagClass:V.Class.UNIVERSAL,type:V.Type.OID,constructed:!1,capture:"encAlgorithm"},{name:"RecipientInfo.keyEncryptionAlgorithm.parameter",tagClass:V.Class.UNIVERSAL,constructed:!1,captureAsn1:"encParameter"}]},{name:"RecipientInfo.encryptedKey",tagClass:V.Class.UNIVERSAL,type:V.Type.OCTETSTRING,constructed:!1,capture:"encKey"}]};var Yt=Y;Yt.mgf=Yt.mgf||{};var l0=Yt.mgf.mgf1=Yt.mgf1=Yt.mgf1||{};l0.create=function(e){var t={generate:function(a,r){for(var n=new Yt.util.ByteBuffer,s=Math.ceil(r/e.digestLength),i=0;i<s;i++){var o=new Yt.util.ByteBuffer;o.putInt32(i),e.start(),e.update(a+o.getBytes()),n.putBuffer(e.digest())}return n.truncate(n.length()-r),n.getBytes()}};return t};var Wr=Y;Wr.mgf=Wr.mgf||{},Wr.mgf.mgf1=Wr.mgf1;var Wt=Y,f0=Wt.pss=Wt.pss||{};f0.create=function(e){arguments.length===3&&(e={md:arguments[0],mgf:arguments[1],saltLength:arguments[2]});var t=e.md,a=e.mgf,r=t.digestLength,n=e.salt||null;typeof n=="string"&&(n=Wt.util.createBuffer(n));var s;if("saltLength"in e)s=e.saltLength;else if(n!==null)s=n.length();else throw new Error("Salt length not specified or specific salt not given.");if(n!==null&&n.length()!==s)throw new Error("Given salt length does not match length of given salt.");var i=e.prng||Wt.random,o={};return o.encode=function(u,l){var f,c=l-1,v=Math.ceil(c/8),m=u.digest().getBytes();if(v<r+s+2)throw new Error("Message is too long to encrypt.");var y;n===null?y=i.getBytesSync(s):y=n.bytes();var x=new Wt.util.ByteBuffer;x.fillWithByte(0,8),x.putBytes(m),x.putBytes(y),t.start(),t.update(x.getBytes());var S=t.digest().getBytes(),A=new Wt.util.ByteBuffer;A.fillWithByte(0,v-s-r-2),A.putByte(1),A.putBytes(y);var B=A.getBytes(),N=v-r-1,F=a.generate(S,N),D="";for(f=0;f<N;f++)D+=String.fromCharCode(B.charCodeAt(f)^F.charCodeAt(f));var R=65280>>8*v-c&255;return D=String.fromCharCode(D.charCodeAt(0)&~R)+D.substr(1),D+S+String.fromCharCode(188)},o.verify=function(u,l,f){var c,v=f-1,m=Math.ceil(v/8);if(l=l.substr(-m),m<r+s+2)throw new Error("Inconsistent parameters to PSS signature verification.");if(l.charCodeAt(m-1)!==188)throw new Error("Encoded message does not end in 0xBC.");var y=m-r-1,x=l.substr(0,y),S=l.substr(y,r),A=65280>>8*m-v&255;if((x.charCodeAt(0)&A)!==0)throw new Error("Bits beyond keysize not zero as expected.");var B=a.generate(S,y),N="";for(c=0;c<y;c++)N+=String.fromCharCode(x.charCodeAt(c)^B.charCodeAt(c));N=String.fromCharCode(N.charCodeAt(0)&~A)+N.substr(1);var F=m-r-s-2;for(c=0;c<F;c++)if(N.charCodeAt(c)!==0)throw new Error("Leftmost octets not zero as expected");if(N.charCodeAt(F)!==1)throw new Error("Inconsistent PSS signature, 0x01 marker not found");var D=N.substr(-s),R=new Wt.util.ByteBuffer;R.fillWithByte(0,8),R.putBytes(u),R.putBytes(D),t.start(),t.update(R.getBytes());var z=t.digest().getBytes();return S===z},o};var k=Y,h=k.asn1,L=k.pki=k.pki||{},q=L.oids,ye={};ye.CN=q.commonName,ye.commonName="CN",ye.C=q.countryName,ye.countryName="C",ye.L=q.localityName,ye.localityName="L",ye.ST=q.stateOrProvinceName,ye.stateOrProvinceName="ST",ye.O=q.organizationName,ye.organizationName="O",ye.OU=q.organizationalUnitName,ye.organizationalUnitName="OU",ye.E=q.emailAddress,ye.emailAddress="E";var Qn=k.pki.rsa.publicKeyValidator,c0={name:"Certificate",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,captureAsn1:"tbsCertificate",value:[{name:"Certificate.TBSCertificate.version",tagClass:h.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.version.integer",tagClass:h.Class.UNIVERSAL,type:h.Type.INTEGER,constructed:!1,capture:"certVersion"}]},{name:"Certificate.TBSCertificate.serialNumber",tagClass:h.Class.UNIVERSAL,type:h.Type.INTEGER,constructed:!1,capture:"certSerialNumber"},{name:"Certificate.TBSCertificate.signature",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate.signature.algorithm",tagClass:h.Class.UNIVERSAL,type:h.Type.OID,constructed:!1,capture:"certinfoSignatureOid"},{name:"Certificate.TBSCertificate.signature.parameters",tagClass:h.Class.UNIVERSAL,optional:!0,captureAsn1:"certinfoSignatureParams"}]},{name:"Certificate.TBSCertificate.issuer",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,captureAsn1:"certIssuer"},{name:"Certificate.TBSCertificate.validity",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate.validity.notBefore (utc)",tagClass:h.Class.UNIVERSAL,type:h.Type.UTCTIME,constructed:!1,optional:!0,capture:"certValidity1UTCTime"},{name:"Certificate.TBSCertificate.validity.notBefore (generalized)",tagClass:h.Class.UNIVERSAL,type:h.Type.GENERALIZEDTIME,constructed:!1,optional:!0,capture:"certValidity2GeneralizedTime"},{name:"Certificate.TBSCertificate.validity.notAfter (utc)",tagClass:h.Class.UNIVERSAL,type:h.Type.UTCTIME,constructed:!1,optional:!0,capture:"certValidity3UTCTime"},{name:"Certificate.TBSCertificate.validity.notAfter (generalized)",tagClass:h.Class.UNIVERSAL,type:h.Type.GENERALIZEDTIME,constructed:!1,optional:!0,capture:"certValidity4GeneralizedTime"}]},{name:"Certificate.TBSCertificate.subject",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,captureAsn1:"certSubject"},Qn,{name:"Certificate.TBSCertificate.issuerUniqueID",tagClass:h.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.issuerUniqueID.id",tagClass:h.Class.UNIVERSAL,type:h.Type.BITSTRING,constructed:!1,captureBitStringValue:"certIssuerUniqueId"}]},{name:"Certificate.TBSCertificate.subjectUniqueID",tagClass:h.Class.CONTEXT_SPECIFIC,type:2,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.subjectUniqueID.id",tagClass:h.Class.UNIVERSAL,type:h.Type.BITSTRING,constructed:!1,captureBitStringValue:"certSubjectUniqueId"}]},{name:"Certificate.TBSCertificate.extensions",tagClass:h.Class.CONTEXT_SPECIFIC,type:3,constructed:!0,captureAsn1:"certExtensions",optional:!0}]},{name:"Certificate.signatureAlgorithm",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.signatureAlgorithm.algorithm",tagClass:h.Class.UNIVERSAL,type:h.Type.OID,constructed:!1,capture:"certSignatureOid"},{name:"Certificate.TBSCertificate.signature.parameters",tagClass:h.Class.UNIVERSAL,optional:!0,captureAsn1:"certSignatureParams"}]},{name:"Certificate.signatureValue",tagClass:h.Class.UNIVERSAL,type:h.Type.BITSTRING,constructed:!1,captureBitStringValue:"certSignature"}]},h0={name:"rsapss",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,value:[{name:"rsapss.hashAlgorithm",tagClass:h.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,value:[{name:"rsapss.hashAlgorithm.AlgorithmIdentifier",tagClass:h.Class.UNIVERSAL,type:h.Class.SEQUENCE,constructed:!0,optional:!0,value:[{name:"rsapss.hashAlgorithm.AlgorithmIdentifier.algorithm",tagClass:h.Class.UNIVERSAL,type:h.Type.OID,constructed:!1,capture:"hashOid"}]}]},{name:"rsapss.maskGenAlgorithm",tagClass:h.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier",tagClass:h.Class.UNIVERSAL,type:h.Class.SEQUENCE,constructed:!0,optional:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.algorithm",tagClass:h.Class.UNIVERSAL,type:h.Type.OID,constructed:!1,capture:"maskGenOid"},{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.params",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.params.algorithm",tagClass:h.Class.UNIVERSAL,type:h.Type.OID,constructed:!1,capture:"maskGenHashOid"}]}]}]},{name:"rsapss.saltLength",tagClass:h.Class.CONTEXT_SPECIFIC,type:2,optional:!0,value:[{name:"rsapss.saltLength.saltLength",tagClass:h.Class.UNIVERSAL,type:h.Class.INTEGER,constructed:!1,capture:"saltLength"}]},{name:"rsapss.trailerField",tagClass:h.Class.CONTEXT_SPECIFIC,type:3,optional:!0,value:[{name:"rsapss.trailer.trailer",tagClass:h.Class.UNIVERSAL,type:h.Class.INTEGER,constructed:!1,capture:"trailer"}]}]},d0={name:"CertificationRequestInfo",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,captureAsn1:"certificationRequestInfo",value:[{name:"CertificationRequestInfo.integer",tagClass:h.Class.UNIVERSAL,type:h.Type.INTEGER,constructed:!1,capture:"certificationRequestInfoVersion"},{name:"CertificationRequestInfo.subject",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,captureAsn1:"certificationRequestInfoSubject"},Qn,{name:"CertificationRequestInfo.attributes",tagClass:h.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,capture:"certificationRequestInfoAttributes",value:[{name:"CertificationRequestInfo.attributes",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,value:[{name:"CertificationRequestInfo.attributes.type",tagClass:h.Class.UNIVERSAL,type:h.Type.OID,constructed:!1},{name:"CertificationRequestInfo.attributes.value",tagClass:h.Class.UNIVERSAL,type:h.Type.SET,constructed:!0}]}]}]},p0={name:"CertificationRequest",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,captureAsn1:"csr",value:[d0,{name:"CertificationRequest.signatureAlgorithm",tagClass:h.Class.UNIVERSAL,type:h.Type.SEQUENCE,constructed:!0,value:[{name:"CertificationRequest.signatureAlgorithm.algorithm",tagClass:h.Class.UNIVERSAL,type:h.Type.OID,constructed:!1,capture:"csrSignatureOid"},{name:"CertificationRequest.signatureAlgorithm.parameters",tagClass:h.Class.UNIVERSAL,optional:!0,captureAsn1:"csrSignatureParams"}]},{name:"CertificationRequest.signature",tagClass:h.Class.UNIVERSAL,type:h.Type.BITSTRING,constructed:!1,captureBitStringValue:"csrSignature"}]};L.RDNAttributesAsArray=function(e,t){for(var a=[],r,n,s,i=0;i<e.value.length;++i){r=e.value[i];for(var o=0;o<r.value.length;++o)s={},n=r.value[o],s.type=h.derToOid(n.value[0].value),s.value=n.value[1].value,s.valueTagClass=n.value[1].type,s.type in q&&(s.name=q[s.type],s.name in ye&&(s.shortName=ye[s.name])),t&&(t.update(s.type),t.update(s.value)),a.push(s)}return a},L.CRIAttributesAsArray=function(e){for(var t=[],a=0;a<e.length;++a)for(var r=e[a],n=h.derToOid(r.value[0].value),s=r.value[1].value,i=0;i<s.length;++i){var o={};if(o.type=n,o.value=s[i].value,o.valueTagClass=s[i].type,o.type in q&&(o.name=q[o.type],o.name in ye&&(o.shortName=ye[o.name])),o.type===q.extensionRequest){o.extensions=[];for(var u=0;u<o.value.length;++u)o.extensions.push(L.certificateExtensionFromAsn1(o.value[u]))}t.push(o)}return t};function Lt(e,t){typeof t=="string"&&(t={shortName:t});for(var a=null,r,n=0;a===null&&n<e.attributes.length;++n)r=e.attributes[n],(t.type&&t.type===r.type||t.name&&t.name===r.name||t.shortName&&t.shortName===r.shortName)&&(a=r);return a}var jr=function(e,t,a){var r={};if(e!==q["RSASSA-PSS"])return r;a&&(r={hash:{algorithmOid:q.sha1},mgf:{algorithmOid:q.mgf1,hash:{algorithmOid:q.sha1}},saltLength:20});var n={},s=[];if(!h.validate(t,h0,n,s)){var i=new Error("Cannot read RSASSA-PSS parameter block.");throw i.errors=s,i}return n.hashOid!==void 0&&(r.hash=r.hash||{},r.hash.algorithmOid=h.derToOid(n.hashOid)),n.maskGenOid!==void 0&&(r.mgf=r.mgf||{},r.mgf.algorithmOid=h.derToOid(n.maskGenOid),r.mgf.hash=r.mgf.hash||{},r.mgf.hash.algorithmOid=h.derToOid(n.maskGenHashOid)),n.saltLength!==void 0&&(r.saltLength=n.saltLength.charCodeAt(0)),r};L.certificateFromPem=function(e,t,a){var r=k.pem.decode(e)[0];if(r.type!=="CERTIFICATE"&&r.type!=="X509 CERTIFICATE"&&r.type!=="TRUSTED CERTIFICATE"){var n=new Error('Could not convert certificate from PEM; PEM header type is not "CERTIFICATE", "X509 CERTIFICATE", or "TRUSTED CERTIFICATE".');throw n.headerType=r.type,n}if(r.procType&&r.procType.type==="ENCRYPTED")throw new Error("Could not convert certificate from PEM; PEM is encrypted.");var s=h.fromDer(r.body,a);return L.certificateFromAsn1(s,t)},L.certificateToPem=function(e,t){var a={type:"CERTIFICATE",body:h.toDer(L.certificateToAsn1(e)).getBytes()};return k.pem.encode(a,{maxline:t})},L.publicKeyFromPem=function(e){var t=k.pem.decode(e)[0];if(t.type!=="PUBLIC KEY"&&t.type!=="RSA PUBLIC KEY"){var a=new Error('Could not convert public key from PEM; PEM header type is not "PUBLIC KEY" or "RSA PUBLIC KEY".');throw a.headerType=t.type,a}if(t.procType&&t.procType.type==="ENCRYPTED")throw new Error("Could not convert public key from PEM; PEM is encrypted.");var r=h.fromDer(t.body);return L.publicKeyFromAsn1(r)},L.publicKeyToPem=function(e,t){var a={type:"PUBLIC KEY",body:h.toDer(L.publicKeyToAsn1(e)).getBytes()};return k.pem.encode(a,{maxline:t})},L.publicKeyToRSAPublicKeyPem=function(e,t){var a={type:"RSA PUBLIC KEY",body:h.toDer(L.publicKeyToRSAPublicKey(e)).getBytes()};return k.pem.encode(a,{maxline:t})},L.getPublicKeyFingerprint=function(e,t){t=t||{};var a=t.md||k.md.sha1.create(),r=t.type||"RSAPublicKey",n;switch(r){case"RSAPublicKey":n=h.toDer(L.publicKeyToRSAPublicKey(e)).getBytes();break;case"SubjectPublicKeyInfo":n=h.toDer(L.publicKeyToAsn1(e)).getBytes();break;default:throw new Error('Unknown fingerprint type "'+t.type+'".')}a.start(),a.update(n);var s=a.digest();if(t.encoding==="hex"){var i=s.toHex();return t.delimiter?i.match(/.{2}/g).join(t.delimiter):i}else{if(t.encoding==="binary")return s.getBytes();if(t.encoding)throw new Error('Unknown encoding "'+t.encoding+'".')}return s},L.certificationRequestFromPem=function(e,t,a){var r=k.pem.decode(e)[0];if(r.type!=="CERTIFICATE REQUEST"){var n=new Error('Could not convert certification request from PEM; PEM header type is not "CERTIFICATE REQUEST".');throw n.headerType=r.type,n}if(r.procType&&r.procType.type==="ENCRYPTED")throw new Error("Could not convert certification request from PEM; PEM is encrypted.");var s=h.fromDer(r.body,a);return L.certificationRequestFromAsn1(s,t)},L.certificationRequestToPem=function(e,t){var a={type:"CERTIFICATE REQUEST",body:h.toDer(L.certificationRequestToAsn1(e)).getBytes()};return k.pem.encode(a,{maxline:t})},L.createCertificate=function(){var e={};return e.version=2,e.serialNumber="00",e.signatureOid=null,e.signature=null,e.siginfo={},e.siginfo.algorithmOid=null,e.validity={},e.validity.notBefore=new Date,e.validity.notAfter=new Date,e.issuer={},e.issuer.getField=function(t){return Lt(e.issuer,t)},e.issuer.addField=function(t){ft([t]),e.issuer.attributes.push(t)},e.issuer.attributes=[],e.issuer.hash=null,e.subject={},e.subject.getField=function(t){return Lt(e.subject,t)},e.subject.addField=function(t){ft([t]),e.subject.attributes.push(t)},e.subject.attributes=[],e.subject.hash=null,e.extensions=[],e.publicKey=null,e.md=null,e.setSubject=function(t,a){ft(t),e.subject.attributes=t,delete e.subject.uniqueId,a&&(e.subject.uniqueId=a),e.subject.hash=null},e.setIssuer=function(t,a){ft(t),e.issuer.attributes=t,delete e.issuer.uniqueId,a&&(e.issuer.uniqueId=a),e.issuer.hash=null},e.setExtensions=function(t){for(var a=0;a<t.length;++a)zn(t[a],{cert:e});e.extensions=t},e.getExtension=function(t){typeof t=="string"&&(t={name:t});for(var a=null,r,n=0;a===null&&n<e.extensions.length;++n)r=e.extensions[n],(t.id&&r.id===t.id||t.name&&r.name===t.name)&&(a=r);return a},e.sign=function(t,a){e.md=a||k.md.sha1.create();var r=q[e.md.algorithm+"WithRSAEncryption"];if(!r){var n=new Error("Could not compute certificate digest. Unknown message digest algorithm OID.");throw n.algorithm=e.md.algorithm,n}e.signatureOid=e.siginfo.algorithmOid=r,e.tbsCertificate=L.getTBSCertificate(e);var s=h.toDer(e.tbsCertificate);e.md.update(s.getBytes()),e.signature=t.sign(e.md)},e.verify=function(t){var a=!1;if(!e.issued(t)){var r=t.issuer,n=e.subject,s=new Error("The parent certificate did not issue the given child certificate; the child certificate's issuer does not match the parent's subject.");throw s.expectedIssuer=r.attributes,s.actualIssuer=n.attributes,s}var i=t.md;if(i===null){if(t.signatureOid in q){var o=q[t.signatureOid];switch(o){case"sha1WithRSAEncryption":i=k.md.sha1.create();break;case"md5WithRSAEncryption":i=k.md.md5.create();break;case"sha256WithRSAEncryption":i=k.md.sha256.create();break;case"sha384WithRSAEncryption":i=k.md.sha384.create();break;case"sha512WithRSAEncryption":i=k.md.sha512.create();break;case"RSASSA-PSS":i=k.md.sha256.create();break}}if(i===null){var s=new Error("Could not compute certificate digest. Unknown signature OID.");throw s.signatureOid=t.signatureOid,s}var u=t.tbsCertificate||L.getTBSCertificate(t),l=h.toDer(u);i.update(l.getBytes())}if(i!==null){var f;switch(t.signatureOid){case q.sha1WithRSAEncryption:f=void 0;break;case q["RSASSA-PSS"]:var c,v;if(c=q[t.signatureParameters.mgf.hash.algorithmOid],c===void 0||k.md[c]===void 0){var s=new Error("Unsupported MGF hash function.");throw s.oid=t.signatureParameters.mgf.hash.algorithmOid,s.name=c,s}if(v=q[t.signatureParameters.mgf.algorithmOid],v===void 0||k.mgf[v]===void 0){var s=new Error("Unsupported MGF function.");throw s.oid=t.signatureParameters.mgf.algorithmOid,s.name=v,s}if(v=k.mgf[v].create(k.md[c].create()),c=q[t.signatureParameters.hash.algorithmOid],c===void 0||k.md[c]===void 0)throw{message:"Unsupported RSASSA-PSS hash function.",oid:t.signatureParameters.hash.algorithmOid,name:c};f=k.pss.create(k.md[c].create(),v,t.signatureParameters.saltLength);break}a=e.publicKey.verify(i.digest().getBytes(),t.signature,f)}return a},e.isIssuer=function(t){var a=!1,r=e.issuer,n=t.subject;if(r.hash&&n.hash)a=r.hash===n.hash;else if(r.attributes.length===n.attributes.length){a=!0;for(var s,i,o=0;a&&o<r.attributes.length;++o)s=r.attributes[o],i=n.attributes[o],(s.type!==i.type||s.value!==i.value)&&(a=!1)}return a},e.issued=function(t){return t.isIssuer(e)},e.generateSubjectKeyIdentifier=function(){return L.getPublicKeyFingerprint(e.publicKey,{type:"RSAPublicKey"})},e.verifySubjectKeyIdentifier=function(){for(var t=q.subjectKeyIdentifier,a=0;a<e.extensions.length;++a){var r=e.extensions[a];if(r.id===t){var n=e.generateSubjectKeyIdentifier().getBytes();return k.util.hexToBytes(r.subjectKeyIdentifier)===n}}return!1},e},L.certificateFromAsn1=function(e,t){var a={},r=[];if(!h.validate(e,c0,a,r)){var n=new Error("Cannot read X.509 certificate. ASN.1 object is not an X509v3 Certificate.");throw n.errors=r,n}var s=h.derToOid(a.publicKeyOid);if(s!==L.oids.rsaEncryption)throw new Error("Cannot read public key. OID is not RSA.");var i=L.createCertificate();i.version=a.certVersion?a.certVersion.charCodeAt(0):0;var o=k.util.createBuffer(a.certSerialNumber);i.serialNumber=o.toHex(),i.signatureOid=k.asn1.derToOid(a.certSignatureOid),i.signatureParameters=jr(i.signatureOid,a.certSignatureParams,!0),i.siginfo.algorithmOid=k.asn1.derToOid(a.certinfoSignatureOid),i.siginfo.parameters=jr(i.siginfo.algorithmOid,a.certinfoSignatureParams,!1),i.signature=a.certSignature;var u=[];if(a.certValidity1UTCTime!==void 0&&u.push(h.utcTimeToDate(a.certValidity1UTCTime)),a.certValidity2GeneralizedTime!==void 0&&u.push(h.generalizedTimeToDate(a.certValidity2GeneralizedTime)),a.certValidity3UTCTime!==void 0&&u.push(h.utcTimeToDate(a.certValidity3UTCTime)),a.certValidity4GeneralizedTime!==void 0&&u.push(h.generalizedTimeToDate(a.certValidity4GeneralizedTime)),u.length>2)throw new Error("Cannot read notBefore/notAfter validity times; more than two times were provided in the certificate.");if(u.length<2)throw new Error("Cannot read notBefore/notAfter validity times; they were not provided as either UTCTime or GeneralizedTime.");if(i.validity.notBefore=u[0],i.validity.notAfter=u[1],i.tbsCertificate=a.tbsCertificate,t){if(i.md=null,i.signatureOid in q){var s=q[i.signatureOid];switch(s){case"sha1WithRSAEncryption":i.md=k.md.sha1.create();break;case"md5WithRSAEncryption":i.md=k.md.md5.create();break;case"sha256WithRSAEncryption":i.md=k.md.sha256.create();break;case"sha384WithRSAEncryption":i.md=k.md.sha384.create();break;case"sha512WithRSAEncryption":i.md=k.md.sha512.create();break;case"RSASSA-PSS":i.md=k.md.sha256.create();break}}if(i.md===null){var n=new Error("Could not compute certificate digest. Unknown signature OID.");throw n.signatureOid=i.signatureOid,n}var l=h.toDer(i.tbsCertificate);i.md.update(l.getBytes())}var f=k.md.sha1.create();i.issuer.getField=function(v){return Lt(i.issuer,v)},i.issuer.addField=function(v){ft([v]),i.issuer.attributes.push(v)},i.issuer.attributes=L.RDNAttributesAsArray(a.certIssuer,f),a.certIssuerUniqueId&&(i.issuer.uniqueId=a.certIssuerUniqueId),i.issuer.hash=f.digest().toHex();var c=k.md.sha1.create();return i.subject.getField=function(v){return Lt(i.subject,v)},i.subject.addField=function(v){ft([v]),i.subject.attributes.push(v)},i.subject.attributes=L.RDNAttributesAsArray(a.certSubject,c),a.certSubjectUniqueId&&(i.subject.uniqueId=a.certSubjectUniqueId),i.subject.hash=c.digest().toHex(),a.certExtensions?i.extensions=L.certificateExtensionsFromAsn1(a.certExtensions):i.extensions=[],i.publicKey=L.publicKeyFromAsn1(a.subjectPublicKeyInfo),i},L.certificateExtensionsFromAsn1=function(e){for(var t=[],a=0;a<e.value.length;++a)for(var r=e.value[a],n=0;n<r.value.length;++n)t.push(L.certificateExtensionFromAsn1(r.value[n]));return t},L.certificateExtensionFromAsn1=function(e){var t={};if(t.id=h.derToOid(e.value[0].value),t.critical=!1,e.value[1].type===h.Type.BOOLEAN?(t.critical=e.value[1].value.charCodeAt(0)!==0,t.value=e.value[2].value):t.value=e.value[1].value,t.id in q){if(t.name=q[t.id],t.name==="keyUsage"){var a=h.fromDer(t.value),r=0,n=0;a.value.length>1&&(r=a.value.charCodeAt(1),n=a.value.length>2?a.value.charCodeAt(2):0),t.digitalSignature=(r&128)===128,t.nonRepudiation=(r&64)===64,t.keyEncipherment=(r&32)===32,t.dataEncipherment=(r&16)===16,t.keyAgreement=(r&8)===8,t.keyCertSign=(r&4)===4,t.cRLSign=(r&2)===2,t.encipherOnly=(r&1)===1,t.decipherOnly=(n&128)===128}else if(t.name==="basicConstraints"){var a=h.fromDer(t.value);a.value.length>0&&a.value[0].type===h.Type.BOOLEAN?t.cA=a.value[0].value.charCodeAt(0)!==0:t.cA=!1;var s=null;a.value.length>0&&a.value[0].type===h.Type.INTEGER?s=a.value[0].value:a.value.length>1&&(s=a.value[1].value),s!==null&&(t.pathLenConstraint=h.derToInteger(s))}else if(t.name==="extKeyUsage")for(var a=h.fromDer(t.value),i=0;i<a.value.length;++i){var o=h.derToOid(a.value[i].value);o in q?t[q[o]]=!0:t[o]=!0}else if(t.name==="nsCertType"){var a=h.fromDer(t.value),r=0;a.value.length>1&&(r=a.value.charCodeAt(1)),t.client=(r&128)===128,t.server=(r&64)===64,t.email=(r&32)===32,t.objsign=(r&16)===16,t.reserved=(r&8)===8,t.sslCA=(r&4)===4,t.emailCA=(r&2)===2,t.objCA=(r&1)===1}else if(t.name==="subjectAltName"||t.name==="issuerAltName"){t.altNames=[];for(var u,a=h.fromDer(t.value),l=0;l<a.value.length;++l){u=a.value[l];var f={type:u.type,value:u.value};switch(t.altNames.push(f),u.type){case 1:case 2:case 6:break;case 7:f.ip=k.util.bytesToIP(u.value);break;case 8:f.oid=h.derToOid(u.value);break}}}else if(t.name==="subjectKeyIdentifier"){var a=h.fromDer(t.value);t.subjectKeyIdentifier=k.util.bytesToHex(a.value)}}return t},L.certificationRequestFromAsn1=function(e,t){var a={},r=[];if(!h.validate(e,p0,a,r)){var n=new Error("Cannot read PKCS#10 certificate request. ASN.1 object is not a PKCS#10 CertificationRequest.");throw n.errors=r,n}var s=h.derToOid(a.publicKeyOid);if(s!==L.oids.rsaEncryption)throw new Error("Cannot read public key. OID is not RSA.");var i=L.createCertificationRequest();if(i.version=a.csrVersion?a.csrVersion.charCodeAt(0):0,i.signatureOid=k.asn1.derToOid(a.csrSignatureOid),i.signatureParameters=jr(i.signatureOid,a.csrSignatureParams,!0),i.siginfo.algorithmOid=k.asn1.derToOid(a.csrSignatureOid),i.siginfo.parameters=jr(i.siginfo.algorithmOid,a.csrSignatureParams,!1),i.signature=a.csrSignature,i.certificationRequestInfo=a.certificationRequestInfo,t){if(i.md=null,i.signatureOid in q){var s=q[i.signatureOid];switch(s){case"sha1WithRSAEncryption":i.md=k.md.sha1.create();break;case"md5WithRSAEncryption":i.md=k.md.md5.create();break;case"sha256WithRSAEncryption":i.md=k.md.sha256.create();break;case"sha384WithRSAEncryption":i.md=k.md.sha384.create();break;case"sha512WithRSAEncryption":i.md=k.md.sha512.create();break;case"RSASSA-PSS":i.md=k.md.sha256.create();break}}if(i.md===null){var n=new Error("Could not compute certification request digest. Unknown signature OID.");throw n.signatureOid=i.signatureOid,n}var o=h.toDer(i.certificationRequestInfo);i.md.update(o.getBytes())}var u=k.md.sha1.create();return i.subject.getField=function(l){return Lt(i.subject,l)},i.subject.addField=function(l){ft([l]),i.subject.attributes.push(l)},i.subject.attributes=L.RDNAttributesAsArray(a.certificationRequestInfoSubject,u),i.subject.hash=u.digest().toHex(),i.publicKey=L.publicKeyFromAsn1(a.subjectPublicKeyInfo),i.getAttribute=function(l){return Lt(i,l)},i.addAttribute=function(l){ft([l]),i.attributes.push(l)},i.attributes=L.CRIAttributesAsArray(a.certificationRequestInfoAttributes||[]),i},L.createCertificationRequest=function(){var e={};return e.version=0,e.signatureOid=null,e.signature=null,e.siginfo={},e.siginfo.algorithmOid=null,e.subject={},e.subject.getField=function(t){return Lt(e.subject,t)},e.subject.addField=function(t){ft([t]),e.subject.attributes.push(t)},e.subject.attributes=[],e.subject.hash=null,e.publicKey=null,e.attributes=[],e.getAttribute=function(t){return Lt(e,t)},e.addAttribute=function(t){ft([t]),e.attributes.push(t)},e.md=null,e.setSubject=function(t){ft(t),e.subject.attributes=t,e.subject.hash=null},e.setAttributes=function(t){ft(t),e.attributes=t},e.sign=function(t,a){e.md=a||k.md.sha1.create();var r=q[e.md.algorithm+"WithRSAEncryption"];if(!r){var n=new Error("Could not compute certification request digest. Unknown message digest algorithm OID.");throw n.algorithm=e.md.algorithm,n}e.signatureOid=e.siginfo.algorithmOid=r,e.certificationRequestInfo=L.getCertificationRequestInfo(e);var s=h.toDer(e.certificationRequestInfo);e.md.update(s.getBytes()),e.signature=t.sign(e.md)},e.verify=function(){var t=!1,a=e.md;if(a===null){if(e.signatureOid in q){var r=q[e.signatureOid];switch(r){case"sha1WithRSAEncryption":a=k.md.sha1.create();break;case"md5WithRSAEncryption":a=k.md.md5.create();break;case"sha256WithRSAEncryption":a=k.md.sha256.create();break;case"sha384WithRSAEncryption":a=k.md.sha384.create();break;case"sha512WithRSAEncryption":a=k.md.sha512.create();break;case"RSASSA-PSS":a=k.md.sha256.create();break}}if(a===null){var n=new Error("Could not compute certification request digest. Unknown signature OID.");throw n.signatureOid=e.signatureOid,n}var s=e.certificationRequestInfo||L.getCertificationRequestInfo(e),i=h.toDer(s);a.update(i.getBytes())}if(a!==null){var o;switch(e.signatureOid){case q.sha1WithRSAEncryption:break;case q["RSASSA-PSS"]:var u,l;if(u=q[e.signatureParameters.mgf.hash.algorithmOid],u===void 0||k.md[u]===void 0){var n=new Error("Unsupported MGF hash function.");throw n.oid=e.signatureParameters.mgf.hash.algorithmOid,n.name=u,n}if(l=q[e.signatureParameters.mgf.algorithmOid],l===void 0||k.mgf[l]===void 0){var n=new Error("Unsupported MGF function.");throw n.oid=e.signatureParameters.mgf.algorithmOid,n.name=l,n}if(l=k.mgf[l].create(k.md[u].create()),u=q[e.signatureParameters.hash.algorithmOid],u===void 0||k.md[u]===void 0){var n=new Error("Unsupported RSASSA-PSS hash function.");throw n.oid=e.signatureParameters.hash.algorithmOid,n.name=u,n}o=k.pss.create(k.md[u].create(),l,e.signatureParameters.saltLength);break}t=e.publicKey.verify(a.digest().getBytes(),e.signature,o)}return t},e};function ur(e){for(var t=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[]),a,r,n=e.attributes,s=0;s<n.length;++s){a=n[s];var i=a.value,o=h.Type.PRINTABLESTRING;"valueTagClass"in a&&(o=a.valueTagClass,o===h.Type.UTF8&&(i=k.util.encodeUtf8(i))),r=h.create(h.Class.UNIVERSAL,h.Type.SET,!0,[h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(a.type).getBytes()),h.create(h.Class.UNIVERSAL,o,!1,i)])]),t.value.push(r)}return t}function ft(e){for(var t,a=0;a<e.length;++a){if(t=e[a],typeof t.name>"u"&&(t.type&&t.type in L.oids?t.name=L.oids[t.type]:t.shortName&&t.shortName in ye&&(t.name=L.oids[ye[t.shortName]])),typeof t.type>"u")if(t.name&&t.name in L.oids)t.type=L.oids[t.name];else{var r=new Error("Attribute type not specified.");throw r.attribute=t,r}if(typeof t.shortName>"u"&&t.name&&t.name in ye&&(t.shortName=ye[t.name]),t.type===q.extensionRequest&&(t.valueConstructed=!0,t.valueTagClass=h.Type.SEQUENCE,!t.value&&t.extensions)){t.value=[];for(var n=0;n<t.extensions.length;++n)t.value.push(L.certificateExtensionToAsn1(zn(t.extensions[n])))}if(typeof t.value>"u"){var r=new Error("Attribute value not specified.");throw r.attribute=t,r}}}function zn(e,t){if(t=t||{},typeof e.name>"u"&&e.id&&e.id in L.oids&&(e.name=L.oids[e.id]),typeof e.id>"u")if(e.name&&e.name in L.oids)e.id=L.oids[e.name];else{var a=new Error("Extension ID not specified.");throw a.extension=e,a}if(typeof e.value<"u")return e;if(e.name==="keyUsage"){var r=0,n=0,s=0;e.digitalSignature&&(n|=128,r=7),e.nonRepudiation&&(n|=64,r=6),e.keyEncipherment&&(n|=32,r=5),e.dataEncipherment&&(n|=16,r=4),e.keyAgreement&&(n|=8,r=3),e.keyCertSign&&(n|=4,r=2),e.cRLSign&&(n|=2,r=1),e.encipherOnly&&(n|=1,r=0),e.decipherOnly&&(s|=128,r=7);var i=String.fromCharCode(r);s!==0?i+=String.fromCharCode(n)+String.fromCharCode(s):n!==0&&(i+=String.fromCharCode(n)),e.value=h.create(h.Class.UNIVERSAL,h.Type.BITSTRING,!1,i)}else if(e.name==="basicConstraints")e.value=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[]),e.cA&&e.value.value.push(h.create(h.Class.UNIVERSAL,h.Type.BOOLEAN,!1,String.fromCharCode(255))),"pathLenConstraint"in e&&e.value.value.push(h.create(h.Class.UNIVERSAL,h.Type.INTEGER,!1,h.integerToDer(e.pathLenConstraint).getBytes()));else if(e.name==="extKeyUsage"){e.value=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[]);var o=e.value.value;for(var u in e)e[u]===!0&&(u in q?o.push(h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(q[u]).getBytes())):u.indexOf(".")!==-1&&o.push(h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(u).getBytes())))}else if(e.name==="nsCertType"){var r=0,n=0;e.client&&(n|=128,r=7),e.server&&(n|=64,r=6),e.email&&(n|=32,r=5),e.objsign&&(n|=16,r=4),e.reserved&&(n|=8,r=3),e.sslCA&&(n|=4,r=2),e.emailCA&&(n|=2,r=1),e.objCA&&(n|=1,r=0);var i=String.fromCharCode(r);n!==0&&(i+=String.fromCharCode(n)),e.value=h.create(h.Class.UNIVERSAL,h.Type.BITSTRING,!1,i)}else if(e.name==="subjectAltName"||e.name==="issuerAltName"){e.value=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[]);for(var l,f=0;f<e.altNames.length;++f){l=e.altNames[f];var i=l.value;if(l.type===7&&l.ip){if(i=k.util.bytesFromIP(l.ip),i===null){var a=new Error('Extension "ip" value is not a valid IPv4 or IPv6 address.');throw a.extension=e,a}}else l.type===8&&(l.oid?i=h.oidToDer(h.oidToDer(l.oid)):i=h.oidToDer(i));e.value.value.push(h.create(h.Class.CONTEXT_SPECIFIC,l.type,!1,i))}}else if(e.name==="nsComment"&&t.cert){if(!/^[\x00-\x7F]*$/.test(e.comment)||e.comment.length<1||e.comment.length>128)throw new Error('Invalid "nsComment" content.');e.value=h.create(h.Class.UNIVERSAL,h.Type.IA5STRING,!1,e.comment)}else if(e.name==="subjectKeyIdentifier"&&t.cert){var c=t.cert.generateSubjectKeyIdentifier();e.subjectKeyIdentifier=c.toHex(),e.value=h.create(h.Class.UNIVERSAL,h.Type.OCTETSTRING,!1,c.getBytes())}else if(e.name==="authorityKeyIdentifier"&&t.cert){e.value=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[]);var o=e.value.value;if(e.keyIdentifier){var v=e.keyIdentifier===!0?t.cert.generateSubjectKeyIdentifier().getBytes():e.keyIdentifier;o.push(h.create(h.Class.CONTEXT_SPECIFIC,0,!1,v))}if(e.authorityCertIssuer){var m=[h.create(h.Class.CONTEXT_SPECIFIC,4,!0,[ur(e.authorityCertIssuer===!0?t.cert.issuer:e.authorityCertIssuer)])];o.push(h.create(h.Class.CONTEXT_SPECIFIC,1,!0,m))}if(e.serialNumber){var y=k.util.hexToBytes(e.serialNumber===!0?t.cert.serialNumber:e.serialNumber);o.push(h.create(h.Class.CONTEXT_SPECIFIC,2,!1,y))}}else if(e.name==="cRLDistributionPoints"){e.value=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[]);for(var o=e.value.value,x=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[]),S=h.create(h.Class.CONTEXT_SPECIFIC,0,!0,[]),l,f=0;f<e.altNames.length;++f){l=e.altNames[f];var i=l.value;if(l.type===7&&l.ip){if(i=k.util.bytesFromIP(l.ip),i===null){var a=new Error('Extension "ip" value is not a valid IPv4 or IPv6 address.');throw a.extension=e,a}}else l.type===8&&(l.oid?i=h.oidToDer(h.oidToDer(l.oid)):i=h.oidToDer(i));S.value.push(h.create(h.Class.CONTEXT_SPECIFIC,l.type,!1,i))}x.value.push(h.create(h.Class.CONTEXT_SPECIFIC,0,!0,[S])),o.push(x)}if(typeof e.value>"u"){var a=new Error("Extension value not specified.");throw a.extension=e,a}return e}function ba(e,t){switch(e){case q["RSASSA-PSS"]:var a=[];return t.hash.algorithmOid!==void 0&&a.push(h.create(h.Class.CONTEXT_SPECIFIC,0,!0,[h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(t.hash.algorithmOid).getBytes()),h.create(h.Class.UNIVERSAL,h.Type.NULL,!1,"")])])),t.mgf.algorithmOid!==void 0&&a.push(h.create(h.Class.CONTEXT_SPECIFIC,1,!0,[h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(t.mgf.algorithmOid).getBytes()),h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(t.mgf.hash.algorithmOid).getBytes()),h.create(h.Class.UNIVERSAL,h.Type.NULL,!1,"")])])])),t.saltLength!==void 0&&a.push(h.create(h.Class.CONTEXT_SPECIFIC,2,!0,[h.create(h.Class.UNIVERSAL,h.Type.INTEGER,!1,h.integerToDer(t.saltLength).getBytes())])),h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,a);default:return h.create(h.Class.UNIVERSAL,h.Type.NULL,!1,"")}}function v0(e){var t=h.create(h.Class.CONTEXT_SPECIFIC,0,!0,[]);if(e.attributes.length===0)return t;for(var a=e.attributes,r=0;r<a.length;++r){var n=a[r],s=n.value,i=h.Type.UTF8;"valueTagClass"in n&&(i=n.valueTagClass),i===h.Type.UTF8&&(s=k.util.encodeUtf8(s));var o=!1;"valueConstructed"in n&&(o=n.valueConstructed);var u=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(n.type).getBytes()),h.create(h.Class.UNIVERSAL,h.Type.SET,!0,[h.create(h.Class.UNIVERSAL,i,o,s)])]);t.value.push(u)}return t}var y0=new Date("1950-01-01T00:00:00Z"),g0=new Date("2050-01-01T00:00:00Z");function Yn(e){return e>=y0&&e<g0?h.create(h.Class.UNIVERSAL,h.Type.UTCTIME,!1,h.dateToUtcTime(e)):h.create(h.Class.UNIVERSAL,h.Type.GENERALIZEDTIME,!1,h.dateToGeneralizedTime(e))}L.getTBSCertificate=function(e){var t=Yn(e.validity.notBefore),a=Yn(e.validity.notAfter),r=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.CONTEXT_SPECIFIC,0,!0,[h.create(h.Class.UNIVERSAL,h.Type.INTEGER,!1,h.integerToDer(e.version).getBytes())]),h.create(h.Class.UNIVERSAL,h.Type.INTEGER,!1,k.util.hexToBytes(e.serialNumber)),h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(e.siginfo.algorithmOid).getBytes()),ba(e.siginfo.algorithmOid,e.siginfo.parameters)]),ur(e.issuer),h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[t,a]),ur(e.subject),L.publicKeyToAsn1(e.publicKey)]);return e.issuer.uniqueId&&r.value.push(h.create(h.Class.CONTEXT_SPECIFIC,1,!0,[h.create(h.Class.UNIVERSAL,h.Type.BITSTRING,!1,String.fromCharCode(0)+e.issuer.uniqueId)])),e.subject.uniqueId&&r.value.push(h.create(h.Class.CONTEXT_SPECIFIC,2,!0,[h.create(h.Class.UNIVERSAL,h.Type.BITSTRING,!1,String.fromCharCode(0)+e.subject.uniqueId)])),e.extensions.length>0&&r.value.push(L.certificateExtensionsToAsn1(e.extensions)),r},L.getCertificationRequestInfo=function(e){var t=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.UNIVERSAL,h.Type.INTEGER,!1,h.integerToDer(e.version).getBytes()),ur(e.subject),L.publicKeyToAsn1(e.publicKey),v0(e)]);return t},L.distinguishedNameToAsn1=function(e){return ur(e)},L.certificateToAsn1=function(e){var t=e.tbsCertificate||L.getTBSCertificate(e);return h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[t,h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(e.signatureOid).getBytes()),ba(e.signatureOid,e.signatureParameters)]),h.create(h.Class.UNIVERSAL,h.Type.BITSTRING,!1,String.fromCharCode(0)+e.signature)])},L.certificateExtensionsToAsn1=function(e){var t=h.create(h.Class.CONTEXT_SPECIFIC,3,!0,[]),a=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[]);t.value.push(a);for(var r=0;r<e.length;++r)a.value.push(L.certificateExtensionToAsn1(e[r]));return t},L.certificateExtensionToAsn1=function(e){var t=h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[]);t.value.push(h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(e.id).getBytes())),e.critical&&t.value.push(h.create(h.Class.UNIVERSAL,h.Type.BOOLEAN,!1,String.fromCharCode(255)));var a=e.value;return typeof e.value!="string"&&(a=h.toDer(a).getBytes()),t.value.push(h.create(h.Class.UNIVERSAL,h.Type.OCTETSTRING,!1,a)),t},L.certificationRequestToAsn1=function(e){var t=e.certificationRequestInfo||L.getCertificationRequestInfo(e);return h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[t,h.create(h.Class.UNIVERSAL,h.Type.SEQUENCE,!0,[h.create(h.Class.UNIVERSAL,h.Type.OID,!1,h.oidToDer(e.signatureOid).getBytes()),ba(e.signatureOid,e.signatureParameters)]),h.create(h.Class.UNIVERSAL,h.Type.BITSTRING,!1,String.fromCharCode(0)+e.signature)])},L.createCaStore=function(e){var t={certs:{}};t.getIssuer=function(i){var o=a(i.issuer);return o},t.addCertificate=function(i){if(typeof i=="string"&&(i=k.pki.certificateFromPem(i)),r(i.subject),!t.hasCertificate(i))if(i.subject.hash in t.certs){var o=t.certs[i.subject.hash];k.util.isArray(o)||(o=[o]),o.push(i),t.certs[i.subject.hash]=o}else t.certs[i.subject.hash]=i},t.hasCertificate=function(i){typeof i=="string"&&(i=k.pki.certificateFromPem(i));var o=a(i.subject);if(!o)return!1;k.util.isArray(o)||(o=[o]);for(var u=h.toDer(L.certificateToAsn1(i)).getBytes(),l=0;l<o.length;++l){var f=h.toDer(L.certificateToAsn1(o[l])).getBytes();if(u===f)return!0}return!1},t.listAllCertificates=function(){var i=[];for(var o in t.certs)if(t.certs.hasOwnProperty(o)){var u=t.certs[o];if(!k.util.isArray(u))i.push(u);else for(var l=0;l<u.length;++l)i.push(u[l])}return i},t.removeCertificate=function(i){var o;if(typeof i=="string"&&(i=k.pki.certificateFromPem(i)),r(i.subject),!t.hasCertificate(i))return null;var u=a(i.subject);if(!k.util.isArray(u))return o=t.certs[i.subject.hash],delete t.certs[i.subject.hash],o;for(var l=h.toDer(L.certificateToAsn1(i)).getBytes(),f=0;f<u.length;++f){var c=h.toDer(L.certificateToAsn1(u[f])).getBytes();l===c&&(o=u[f],u.splice(f,1))}return u.length===0&&delete t.certs[i.subject.hash],o};function a(i){return r(i),t.certs[i.hash]||null}function r(i){if(!i.hash){var o=k.md.sha1.create();i.attributes=L.RDNAttributesAsArray(ur(i),o),i.hash=o.digest().toHex()}}if(e)for(var n=0;n<e.length;++n){var s=e[n];t.addCertificate(s)}return t},L.certificateError={bad_certificate:"forge.pki.BadCertificate",unsupported_certificate:"forge.pki.UnsupportedCertificate",certificate_revoked:"forge.pki.CertificateRevoked",certificate_expired:"forge.pki.CertificateExpired",certificate_unknown:"forge.pki.CertificateUnknown",unknown_ca:"forge.pki.UnknownCertificateAuthority"},L.verifyCertificateChain=function(e,t,a){typeof a=="function"&&(a={verify:a}),a=a||{},t=t.slice(0);var r=t.slice(0),n=a.validityCheckDate;typeof n>"u"&&(n=new Date);var s=!0,i=null,o=0;do{var u=t.shift(),l=null,f=!1;if(n&&(n<u.validity.notBefore||n>u.validity.notAfter)&&(i={message:"Certificate is not valid yet or has expired.",error:L.certificateError.certificate_expired,notBefore:u.validity.notBefore,notAfter:u.validity.notAfter,now:n}),i===null){if(l=t[0]||e.getIssuer(u),l===null&&u.isIssuer(u)&&(f=!0,l=u),l){var c=l;k.util.isArray(c)||(c=[c]);for(var v=!1;!v&&c.length>0;){l=c.shift();try{v=l.verify(u)}catch{}}v||(i={message:"Certificate signature is invalid.",error:L.certificateError.bad_certificate})}i===null&&(!l||f)&&!e.hasCertificate(u)&&(i={message:"Certificate is not trusted.",error:L.certificateError.unknown_ca})}if(i===null&&l&&!u.isIssuer(l)&&(i={message:"Certificate issuer is invalid.",error:L.certificateError.bad_certificate}),i===null)for(var m={keyUsage:!0,basicConstraints:!0},y=0;i===null&&y<u.extensions.length;++y){var x=u.extensions[y];x.critical&&!(x.name in m)&&(i={message:"Certificate has an unsupported critical extension.",error:L.certificateError.unsupported_certificate})}if(i===null&&(!s||t.length===0&&(!l||f))){var S=u.getExtension("basicConstraints"),A=u.getExtension("keyUsage");if(A!==null&&(!A.keyCertSign||S===null)&&(i={message:"Certificate keyUsage or basicConstraints conflict or indicate that the certificate is not a CA. If the certificate is the only one in the chain or isn't the first then the certificate must be a valid CA.",error:L.certificateError.bad_certificate}),i===null&&S!==null&&!S.cA&&(i={message:"Certificate basicConstraints indicates the certificate is not a CA.",error:L.certificateError.bad_certificate}),i===null&&A!==null&&"pathLenConstraint"in S){var B=o-1;B>S.pathLenConstraint&&(i={message:"Certificate basicConstraints pathLenConstraint violated.",error:L.certificateError.bad_certificate})}}var N=i===null?!0:i.error,F=a.verify?a.verify(N,o,r):N;if(F===!0)i=null;else throw N===!0&&(i={message:"The application rejected the certificate.",error:L.certificateError.bad_certificate}),(F||F===0)&&(typeof F=="object"&&!k.util.isArray(F)?(F.message&&(i.message=F.message),F.error&&(i.error=F.error)):typeof F=="string"&&(i.error=F)),i;s=!1,++o}while(t.length>0);return!0};var ce=Y,g=ce.asn1,X=ce.pki,Tr=ce.pkcs12=ce.pkcs12||{},Wn={name:"ContentInfo",tagClass:g.Class.UNIVERSAL,type:g.Type.SEQUENCE,constructed:!0,value:[{name:"ContentInfo.contentType",tagClass:g.Class.UNIVERSAL,type:g.Type.OID,constructed:!1,capture:"contentType"},{name:"ContentInfo.content",tagClass:g.Class.CONTEXT_SPECIFIC,constructed:!0,captureAsn1:"content"}]},m0={name:"PFX",tagClass:g.Class.UNIVERSAL,type:g.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.version",tagClass:g.Class.UNIVERSAL,type:g.Type.INTEGER,constructed:!1,capture:"version"},Wn,{name:"PFX.macData",tagClass:g.Class.UNIVERSAL,type:g.Type.SEQUENCE,constructed:!0,optional:!0,captureAsn1:"mac",value:[{name:"PFX.macData.mac",tagClass:g.Class.UNIVERSAL,type:g.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.macData.mac.digestAlgorithm",tagClass:g.Class.UNIVERSAL,type:g.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.macData.mac.digestAlgorithm.algorithm",tagClass:g.Class.UNIVERSAL,type:g.Type.OID,constructed:!1,capture:"macAlgorithm"},{name:"PFX.macData.mac.digestAlgorithm.parameters",tagClass:g.Class.UNIVERSAL,captureAsn1:"macAlgorithmParameters"}]},{name:"PFX.macData.mac.digest",tagClass:g.Class.UNIVERSAL,type:g.Type.OCTETSTRING,constructed:!1,capture:"macDigest"}]},{name:"PFX.macData.macSalt",tagClass:g.Class.UNIVERSAL,type:g.Type.OCTETSTRING,constructed:!1,capture:"macSalt"},{name:"PFX.macData.iterations",tagClass:g.Class.UNIVERSAL,type:g.Type.INTEGER,constructed:!1,optional:!0,capture:"macIterations"}]}]},C0={name:"SafeBag",tagClass:g.Class.UNIVERSAL,type:g.Type.SEQUENCE,constructed:!0,value:[{name:"SafeBag.bagId",tagClass:g.Class.UNIVERSAL,type:g.Type.OID,constructed:!1,capture:"bagId"},{name:"SafeBag.bagValue",tagClass:g.Class.CONTEXT_SPECIFIC,constructed:!0,captureAsn1:"bagValue"},{name:"SafeBag.bagAttributes",tagClass:g.Class.UNIVERSAL,type:g.Type.SET,constructed:!0,optional:!0,capture:"bagAttributes"}]},E0={name:"Attribute",tagClass:g.Class.UNIVERSAL,type:g.Type.SEQUENCE,constructed:!0,value:[{name:"Attribute.attrId",tagClass:g.Class.UNIVERSAL,type:g.Type.OID,constructed:!1,capture:"oid"},{name:"Attribute.attrValues",tagClass:g.Class.UNIVERSAL,type:g.Type.SET,constructed:!0,capture:"values"}]},x0={name:"CertBag",tagClass:g.Class.UNIVERSAL,type:g.Type.SEQUENCE,constructed:!0,value:[{name:"CertBag.certId",tagClass:g.Class.UNIVERSAL,type:g.Type.OID,constructed:!1,capture:"certId"},{name:"CertBag.certValue",tagClass:g.Class.CONTEXT_SPECIFIC,constructed:!0,value:[{name:"CertBag.certValue[0]",tagClass:g.Class.UNIVERSAL,type:g.Class.OCTETSTRING,constructed:!1,capture:"cert"}]}]};function Ar(e,t,a,r){for(var n=[],s=0;s<e.length;s++)for(var i=0;i<e[s].safeBags.length;i++){var o=e[s].safeBags[i];if(!(r!==void 0&&o.type!==r)){if(t===null){n.push(o);continue}o.attributes[t]!==void 0&&o.attributes[t].indexOf(a)>=0&&n.push(o)}}return n}Tr.pkcs12FromAsn1=function(e,t,a){typeof t=="string"?(a=t,t=!0):t===void 0&&(t=!0);var r={},n=[];if(!g.validate(e,m0,r,n)){var s=new Error("Cannot read PKCS#12 PFX. ASN.1 object is not an PKCS#12 PFX.");throw s.errors=s,s}var i={version:r.version.charCodeAt(0),safeContents:[],getBags:function(S){var A={},B;return"localKeyId"in S?B=S.localKeyId:"localKeyIdHex"in S&&(B=ce.util.hexToBytes(S.localKeyIdHex)),B===void 0&&!("friendlyName"in S)&&"bagType"in S&&(A[S.bagType]=Ar(i.safeContents,null,null,S.bagType)),B!==void 0&&(A.localKeyId=Ar(i.safeContents,"localKeyId",B,S.bagType)),"friendlyName"in S&&(A.friendlyName=Ar(i.safeContents,"friendlyName",S.friendlyName,S.bagType)),A},getBagsByFriendlyName:function(S,A){return Ar(i.safeContents,"friendlyName",S,A)},getBagsByLocalKeyId:function(S,A){return Ar(i.safeContents,"localKeyId",S,A)}};if(r.version.charCodeAt(0)!==3){var s=new Error("PKCS#12 PFX of version other than 3 not supported.");throw s.version=r.version.charCodeAt(0),s}if(g.derToOid(r.contentType)!==X.oids.data){var s=new Error("Only PKCS#12 PFX in password integrity mode supported.");throw s.oid=g.derToOid(r.contentType),s}var o=r.content.value[0];if(o.tagClass!==g.Class.UNIVERSAL||o.type!==g.Type.OCTETSTRING)throw new Error("PKCS#12 authSafe content data is not an OCTET STRING.");if(o=_a(o),r.mac){var u=null,l=0,f=g.derToOid(r.macAlgorithm);switch(f){case X.oids.sha1:u=ce.md.sha1.create(),l=20;break;case X.oids.sha256:u=ce.md.sha256.create(),l=32;break;case X.oids.sha384:u=ce.md.sha384.create(),l=48;break;case X.oids.sha512:u=ce.md.sha512.create(),l=64;break;case X.oids.md5:u=ce.md.md5.create(),l=16;break}if(u===null)throw new Error("PKCS#12 uses unsupported MAC algorithm: "+f);var c=new ce.util.ByteBuffer(r.macSalt),v="macIterations"in r?parseInt(ce.util.bytesToHex(r.macIterations),16):1,m=Tr.generateKey(a,c,3,v,l,u),y=ce.hmac.create();y.start(u,m),y.update(o.value);var x=y.getMac();if(x.getBytes()!==r.macDigest)throw new Error("PKCS#12 MAC could not be verified. Invalid password?")}return S0(i,o.value,t,a),i};function _a(e){if(e.composed||e.constructed){for(var t=ce.util.createBuffer(),a=0;a<e.value.length;++a)t.putBytes(e.value[a].value);e.composed=e.constructed=!1,e.value=t.getBytes()}return e}function S0(e,t,a,r){if(t=g.fromDer(t,a),t.tagClass!==g.Class.UNIVERSAL||t.type!==g.Type.SEQUENCE||t.constructed!==!0)throw new Error("PKCS#12 AuthenticatedSafe expected to be a SEQUENCE OF ContentInfo");for(var n=0;n<t.value.length;n++){var s=t.value[n],i={},o=[];if(!g.validate(s,Wn,i,o)){var u=new Error("Cannot read ContentInfo.");throw u.errors=o,u}var l={encrypted:!1},f=null,c=i.content.value[0];switch(g.derToOid(i.contentType)){case X.oids.data:if(c.tagClass!==g.Class.UNIVERSAL||c.type!==g.Type.OCTETSTRING)throw new Error("PKCS#12 SafeContents Data is not an OCTET STRING.");f=_a(c).value;break;case X.oids.encryptedData:f=T0(c,r),l.encrypted=!0;break;default:var u=new Error("Unsupported PKCS#12 contentType.");throw u.contentType=g.derToOid(i.contentType),u}l.safeBags=A0(f,a,r),e.safeContents.push(l)}}function T0(e,t){var a={},r=[];if(!g.validate(e,ce.pkcs7.asn1.encryptedDataValidator,a,r)){var n=new Error("Cannot read EncryptedContentInfo.");throw n.errors=r,n}var s=g.derToOid(a.contentType);if(s!==X.oids.data){var n=new Error("PKCS#12 EncryptedContentInfo ContentType is not Data.");throw n.oid=s,n}s=g.derToOid(a.encAlgorithm);var i=X.pbe.getCipher(s,a.encParameter,t),o=_a(a.encryptedContentAsn1),u=ce.util.createBuffer(o.value);if(i.update(u),!i.finish())throw new Error("Failed to decrypt PKCS#12 SafeContents.");return i.output.getBytes()}function A0(e,t,a){if(!t&&e.length===0)return[];if(e=g.fromDer(e,t),e.tagClass!==g.Class.UNIVERSAL||e.type!==g.Type.SEQUENCE||e.constructed!==!0)throw new Error("PKCS#12 SafeContents expected to be a SEQUENCE OF SafeBag.");for(var r=[],n=0;n<e.value.length;n++){var s=e.value[n],i={},o=[];if(!g.validate(s,C0,i,o)){var u=new Error("Cannot read SafeBag.");throw u.errors=o,u}var l={type:g.derToOid(i.bagId),attributes:I0(i.bagAttributes)};r.push(l);var f,c,v=i.bagValue.value[0];switch(l.type){case X.oids.pkcs8ShroudedKeyBag:if(v=X.decryptPrivateKeyInfo(v,a),v===null)throw new Error("Unable to decrypt PKCS#8 ShroudedKeyBag, wrong password?");case X.oids.keyBag:try{l.key=X.privateKeyFromAsn1(v)}catch{l.key=null,l.asn1=v}continue;case X.oids.certBag:f=x0,c=function(){if(g.derToOid(i.certId)!==X.oids.x509Certificate){var y=new Error("Unsupported certificate type, only X.509 supported.");throw y.oid=g.derToOid(i.certId),y}var x=g.fromDer(i.cert,t);try{l.cert=X.certificateFromAsn1(x,!0)}catch{l.cert=null,l.asn1=x}};break;default:var u=new Error("Unsupported PKCS#12 SafeBag type.");throw u.oid=l.type,u}if(f!==void 0&&!g.validate(v,f,i,o)){var u=new Error("Cannot read PKCS#12 "+f.name);throw u.errors=o,u}c()}return r}function I0(e){var t={};if(e!==void 0)for(var a=0;a<e.length;++a){var r={},n=[];if(!g.validate(e[a],E0,r,n)){var s=new Error("Cannot read PKCS#12 BagAttribute.");throw s.errors=n,s}var i=g.derToOid(r.oid);if(X.oids[i]!==void 0){t[X.oids[i]]=[];for(var o=0;o<r.values.length;++o)t[X.oids[i]].push(r.values[o].value)}}return t}Tr.toPkcs12Asn1=function(e,t,a,r){r=r||{},r.saltSize=r.saltSize||8,r.count=r.count||2048,r.algorithm=r.algorithm||r.encAlgorithm||"aes128","useMac"in r||(r.useMac=!0),"localKeyId"in r||(r.localKeyId=null),"generateLocalKeyId"in r||(r.generateLocalKeyId=!0);var n=r.localKeyId,s;if(n!==null)n=ce.util.hexToBytes(n);else if(r.generateLocalKeyId)if(t){var i=ce.util.isArray(t)?t[0]:t;typeof i=="string"&&(i=X.certificateFromPem(i));var o=ce.md.sha1.create();o.update(g.toDer(X.certificateToAsn1(i)).getBytes()),n=o.digest().getBytes()}else n=ce.random.getBytes(20);var u=[];n!==null&&u.push(g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.localKeyId).getBytes()),g.create(g.Class.UNIVERSAL,g.Type.SET,!0,[g.create(g.Class.UNIVERSAL,g.Type.OCTETSTRING,!1,n)])])),"friendlyName"in r&&u.push(g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.friendlyName).getBytes()),g.create(g.Class.UNIVERSAL,g.Type.SET,!0,[g.create(g.Class.UNIVERSAL,g.Type.BMPSTRING,!1,r.friendlyName)])])),u.length>0&&(s=g.create(g.Class.UNIVERSAL,g.Type.SET,!0,u));var l=[],f=[];t!==null&&(ce.util.isArray(t)?f=t:f=[t]);for(var c=[],v=0;v<f.length;++v){t=f[v],typeof t=="string"&&(t=X.certificateFromPem(t));var m=v===0?s:void 0,y=X.certificateToAsn1(t),x=g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.certBag).getBytes()),g.create(g.Class.CONTEXT_SPECIFIC,0,!0,[g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.x509Certificate).getBytes()),g.create(g.Class.CONTEXT_SPECIFIC,0,!0,[g.create(g.Class.UNIVERSAL,g.Type.OCTETSTRING,!1,g.toDer(y).getBytes())])])]),m]);c.push(x)}if(c.length>0){var S=g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,c),A=g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.data).getBytes()),g.create(g.Class.CONTEXT_SPECIFIC,0,!0,[g.create(g.Class.UNIVERSAL,g.Type.OCTETSTRING,!1,g.toDer(S).getBytes())])]);l.push(A)}var B=null;if(e!==null){var N=X.wrapRsaPrivateKey(X.privateKeyToAsn1(e));a===null?B=g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.keyBag).getBytes()),g.create(g.Class.CONTEXT_SPECIFIC,0,!0,[N]),s]):B=g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.pkcs8ShroudedKeyBag).getBytes()),g.create(g.Class.CONTEXT_SPECIFIC,0,!0,[X.encryptPrivateKeyInfo(N,a,r)]),s]);var F=g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[B]),D=g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.data).getBytes()),g.create(g.Class.CONTEXT_SPECIFIC,0,!0,[g.create(g.Class.UNIVERSAL,g.Type.OCTETSTRING,!1,g.toDer(F).getBytes())])]);l.push(D)}var R=g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,l),z;if(r.useMac){var o=ce.md.sha1.create(),J=new ce.util.ByteBuffer(ce.random.getBytes(r.saltSize)),ie=r.count,e=Tr.generateKey(a,J,3,ie,20),oe=ce.hmac.create();oe.start(o,e),oe.update(g.toDer(R).getBytes());var ue=oe.getMac();z=g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.sha1).getBytes()),g.create(g.Class.UNIVERSAL,g.Type.NULL,!1,"")]),g.create(g.Class.UNIVERSAL,g.Type.OCTETSTRING,!1,ue.getBytes())]),g.create(g.Class.UNIVERSAL,g.Type.OCTETSTRING,!1,J.getBytes()),g.create(g.Class.UNIVERSAL,g.Type.INTEGER,!1,g.integerToDer(ie).getBytes())])}return g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.INTEGER,!1,g.integerToDer(3).getBytes()),g.create(g.Class.UNIVERSAL,g.Type.SEQUENCE,!0,[g.create(g.Class.UNIVERSAL,g.Type.OID,!1,g.oidToDer(X.oids.data).getBytes()),g.create(g.Class.CONTEXT_SPECIFIC,0,!0,[g.create(g.Class.UNIVERSAL,g.Type.OCTETSTRING,!1,g.toDer(R).getBytes())])]),z])},Tr.generateKey=ce.pbe.generatePkcs12Key;var Dt=Y,Na=Dt.asn1,lr=Dt.pki=Dt.pki||{};lr.pemToDer=function(e){var t=Dt.pem.decode(e)[0];if(t.procType&&t.procType.type==="ENCRYPTED")throw new Error("Could not convert PEM to DER; PEM is encrypted.");return Dt.util.createBuffer(t.body)},lr.privateKeyFromPem=function(e){var t=Dt.pem.decode(e)[0];if(t.type!=="PRIVATE KEY"&&t.type!=="RSA PRIVATE KEY"){var a=new Error('Could not convert private key from PEM; PEM header type is not "PRIVATE KEY" or "RSA PRIVATE KEY".');throw a.headerType=t.type,a}if(t.procType&&t.procType.type==="ENCRYPTED")throw new Error("Could not convert private key from PEM; PEM is encrypted.");var r=Na.fromDer(t.body);return lr.privateKeyFromAsn1(r)},lr.privateKeyToPem=function(e,t){var a={type:"RSA PRIVATE KEY",body:Na.toDer(lr.privateKeyToAsn1(e)).getBytes()};return Dt.pem.encode(a,{maxline:t})},lr.privateKeyInfoToPem=function(e,t){var a={type:"PRIVATE KEY",body:Na.toDer(e).getBytes()};return Dt.pem.encode(a,{maxline:t})};var _=Y,Xr=function(e,t,a,r){var n=_.util.createBuffer(),s=e.length>>1,i=s+(e.length&1),o=e.substr(0,i),u=e.substr(s,i),l=_.util.createBuffer(),f=_.hmac.create();a=t+a;var c=Math.ceil(r/16),v=Math.ceil(r/20);f.start("MD5",o);var m=_.util.createBuffer();l.putBytes(a);for(var y=0;y<c;++y)f.start(null,null),f.update(l.getBytes()),l.putBuffer(f.digest()),f.start(null,null),f.update(l.bytes()+a),m.putBuffer(f.digest());f.start("SHA1",u);var x=_.util.createBuffer();l.clear(),l.putBytes(a);for(var y=0;y<v;++y)f.start(null,null),f.update(l.getBytes()),l.putBuffer(f.digest()),f.start(null,null),f.update(l.bytes()+a),x.putBuffer(f.digest());return n.putBytes(_.util.xorBytes(m.getBytes(),x.getBytes(),r)),n},B0=function(e,t,a){var r=_.hmac.create();r.start("SHA1",e);var n=_.util.createBuffer();return n.putInt32(t[0]),n.putInt32(t[1]),n.putByte(a.type),n.putByte(a.version.major),n.putByte(a.version.minor),n.putInt16(a.length),n.putBytes(a.fragment.bytes()),r.update(n.getBytes()),r.digest().getBytes()},b0=function(e,t,a){var r=!1;try{var n=e.deflate(t.fragment.getBytes());t.fragment=_.util.createBuffer(n),t.length=n.length,r=!0}catch{}return r},_0=function(e,t,a){var r=!1;try{var n=e.inflate(t.fragment.getBytes());t.fragment=_.util.createBuffer(n),t.length=n.length,r=!0}catch{}return r},nt=function(e,t){var a=0;switch(t){case 1:a=e.getByte();break;case 2:a=e.getInt16();break;case 3:a=e.getInt24();break;case 4:a=e.getInt32();break}return _.util.createBuffer(e.getBytes(a))},ct=function(e,t,a){e.putInt(a.length(),t<<3),e.putBuffer(a)},p={};p.Versions={TLS_1_0:{major:3,minor:1},TLS_1_1:{major:3,minor:2},TLS_1_2:{major:3,minor:3}},p.SupportedVersions=[p.Versions.TLS_1_1,p.Versions.TLS_1_0],p.Version=p.SupportedVersions[0],p.MaxFragment=16384-1024,p.ConnectionEnd={server:0,client:1},p.PRFAlgorithm={tls_prf_sha256:0},p.BulkCipherAlgorithm={none:null,rc4:0,des3:1,aes:2},p.CipherType={stream:0,block:1,aead:2},p.MACAlgorithm={none:null,hmac_md5:0,hmac_sha1:1,hmac_sha256:2,hmac_sha384:3,hmac_sha512:4},p.CompressionMethod={none:0,deflate:1},p.ContentType={change_cipher_spec:20,alert:21,handshake:22,application_data:23,heartbeat:24},p.HandshakeType={hello_request:0,client_hello:1,server_hello:2,certificate:11,server_key_exchange:12,certificate_request:13,server_hello_done:14,certificate_verify:15,client_key_exchange:16,finished:20},p.Alert={},p.Alert.Level={warning:1,fatal:2},p.Alert.Description={close_notify:0,unexpected_message:10,bad_record_mac:20,decryption_failed:21,record_overflow:22,decompression_failure:30,handshake_failure:40,bad_certificate:42,unsupported_certificate:43,certificate_revoked:44,certificate_expired:45,certificate_unknown:46,illegal_parameter:47,unknown_ca:48,access_denied:49,decode_error:50,decrypt_error:51,export_restriction:60,protocol_version:70,insufficient_security:71,internal_error:80,user_canceled:90,no_renegotiation:100},p.HeartbeatMessageType={heartbeat_request:1,heartbeat_response:2},p.CipherSuites={},p.getCipherSuite=function(e){var t=null;for(var a in p.CipherSuites){var r=p.CipherSuites[a];if(r.id[0]===e.charCodeAt(0)&&r.id[1]===e.charCodeAt(1)){t=r;break}}return t},p.handleUnexpected=function(e,t){var a=!e.open&&e.entity===p.ConnectionEnd.client;a||e.error(e,{message:"Unexpected message. Received TLS record out of order.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.unexpected_message}})},p.handleHelloRequest=function(e,t,a){!e.handshaking&&e.handshakes>0&&(p.queue(e,p.createAlert(e,{level:p.Alert.Level.warning,description:p.Alert.Description.no_renegotiation})),p.flush(e)),e.process()},p.parseHelloMessage=function(e,t,a){var r=null,n=e.entity===p.ConnectionEnd.client;if(a<38)e.error(e,{message:n?"Invalid ServerHello message. Message too short.":"Invalid ClientHello message. Message too short.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.illegal_parameter}});else{var s=t.fragment,i=s.length();if(r={version:{major:s.getByte(),minor:s.getByte()},random:_.util.createBuffer(s.getBytes(32)),session_id:nt(s,1),extensions:[]},n?(r.cipher_suite=s.getBytes(2),r.compression_method=s.getByte()):(r.cipher_suites=nt(s,2),r.compression_methods=nt(s,1)),i=a-(i-s.length()),i>0){for(var o=nt(s,2);o.length()>0;)r.extensions.push({type:[o.getByte(),o.getByte()],data:nt(o,2)});if(!n)for(var u=0;u<r.extensions.length;++u){var l=r.extensions[u];if(l.type[0]===0&&l.type[1]===0)for(var f=nt(l.data,2);f.length()>0;){var c=f.getByte();if(c!==0)break;e.session.extensions.server_name.serverNameList.push(nt(f,2).getBytes())}}}if(e.session.version&&(r.version.major!==e.session.version.major||r.version.minor!==e.session.version.minor))return e.error(e,{message:"TLS version change is disallowed during renegotiation.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.protocol_version}});if(n)e.session.cipherSuite=p.getCipherSuite(r.cipher_suite);else for(var v=_.util.createBuffer(r.cipher_suites.bytes());v.length()>0&&(e.session.cipherSuite=p.getCipherSuite(v.getBytes(2)),e.session.cipherSuite===null););if(e.session.cipherSuite===null)return e.error(e,{message:"No cipher suites in common.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.handshake_failure},cipherSuite:_.util.bytesToHex(r.cipher_suite)});n?e.session.compressionMethod=r.compression_method:e.session.compressionMethod=p.CompressionMethod.none}return r},p.createSecurityParameters=function(e,t){var a=e.entity===p.ConnectionEnd.client,r=t.random.bytes(),n=a?e.session.sp.client_random:r,s=a?r:p.createRandom().getBytes();e.session.sp={entity:e.entity,prf_algorithm:p.PRFAlgorithm.tls_prf_sha256,bulk_cipher_algorithm:null,cipher_type:null,enc_key_length:null,block_length:null,fixed_iv_length:null,record_iv_length:null,mac_algorithm:null,mac_length:null,mac_key_length:null,compression_algorithm:e.session.compressionMethod,pre_master_secret:null,master_secret:null,client_random:n,server_random:s}},p.handleServerHello=function(e,t,a){var r=p.parseHelloMessage(e,t,a);if(!e.fail){if(r.version.minor<=e.version.minor)e.version.minor=r.version.minor;else return e.error(e,{message:"Incompatible TLS version.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.protocol_version}});e.session.version=e.version;var n=r.session_id.bytes();n.length>0&&n===e.session.id?(e.expect=Xn,e.session.resuming=!0,e.session.sp.server_random=r.random.bytes()):(e.expect=w0,e.session.resuming=!1,p.createSecurityParameters(e,r)),e.session.id=n,e.process()}},p.handleClientHello=function(e,t,a){var r=p.parseHelloMessage(e,t,a);if(!e.fail){var n=r.session_id.bytes(),s=null;if(e.sessionCache&&(s=e.sessionCache.getSession(n),s===null?n="":(s.version.major!==r.version.major||s.version.minor>r.version.minor)&&(s=null,n="")),n.length===0&&(n=_.random.getBytes(32)),e.session.id=n,e.session.clientHelloVersion=r.version,e.session.sp={},s)e.version=e.session.version=s.version,e.session.sp=s.sp;else{for(var i,o=1;o<p.SupportedVersions.length&&(i=p.SupportedVersions[o],!(i.minor<=r.version.minor));++o);e.version={major:i.major,minor:i.minor},e.session.version=e.version}s!==null?(e.expect=Ra,e.session.resuming=!0,e.session.sp.client_random=r.random.bytes()):(e.expect=e.verifyClient!==!1?V0:wa,e.session.resuming=!1,p.createSecurityParameters(e,r)),e.open=!0,p.queue(e,p.createRecord(e,{type:p.ContentType.handshake,data:p.createServerHello(e)})),e.session.resuming?(p.queue(e,p.createRecord(e,{type:p.ContentType.change_cipher_spec,data:p.createChangeCipherSpec()})),e.state.pending=p.createConnectionState(e),e.state.current.write=e.state.pending.write,p.queue(e,p.createRecord(e,{type:p.ContentType.handshake,data:p.createFinished(e)}))):(p.queue(e,p.createRecord(e,{type:p.ContentType.handshake,data:p.createCertificate(e)})),e.fail||(p.queue(e,p.createRecord(e,{type:p.ContentType.handshake,data:p.createServerKeyExchange(e)})),e.verifyClient!==!1&&p.queue(e,p.createRecord(e,{type:p.ContentType.handshake,data:p.createCertificateRequest(e)})),p.queue(e,p.createRecord(e,{type:p.ContentType.handshake,data:p.createServerHelloDone(e)})))),p.flush(e),e.process()}},p.handleCertificate=function(e,t,a){if(a<3)return e.error(e,{message:"Invalid Certificate message. Message too short.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.illegal_parameter}});var r=t.fragment,n={certificate_list:nt(r,3)},s,i,o=[];try{for(;n.certificate_list.length()>0;)s=nt(n.certificate_list,3),i=_.asn1.fromDer(s),s=_.pki.certificateFromAsn1(i,!0),o.push(s)}catch(l){return e.error(e,{message:"Could not parse certificate list.",cause:l,send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.bad_certificate}})}var u=e.entity===p.ConnectionEnd.client;(u||e.verifyClient===!0)&&o.length===0?e.error(e,{message:u?"No server certificate provided.":"No client certificate provided.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.illegal_parameter}}):o.length===0?e.expect=u?jn:wa:(u?e.session.serverCertificate=o[0]:e.session.clientCertificate=o[0],p.verifyCertificateChain(e,o)&&(e.expect=u?jn:wa)),e.process()},p.handleServerKeyExchange=function(e,t,a){if(a>0)return e.error(e,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.unsupported_certificate}});e.expect=R0,e.process()},p.handleClientKeyExchange=function(e,t,a){if(a<48)return e.error(e,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.unsupported_certificate}});var r=t.fragment,n={enc_pre_master_secret:nt(r,2).getBytes()},s=null;if(e.getPrivateKey)try{s=e.getPrivateKey(e,e.session.serverCertificate),s=_.pki.privateKeyFromPem(s)}catch(u){e.error(e,{message:"Could not get private key.",cause:u,send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.internal_error}})}if(s===null)return e.error(e,{message:"No private key set.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.internal_error}});try{var i=e.session.sp;i.pre_master_secret=s.decrypt(n.enc_pre_master_secret);var o=e.session.clientHelloVersion;if(o.major!==i.pre_master_secret.charCodeAt(0)||o.minor!==i.pre_master_secret.charCodeAt(1))throw new Error("TLS version rollback attack detected.")}catch{i.pre_master_secret=_.random.getBytes(48)}e.expect=Ra,e.session.clientCertificate!==null&&(e.expect=F0),e.process()},p.handleCertificateRequest=function(e,t,a){if(a<3)return e.error(e,{message:"Invalid CertificateRequest. Message too short.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.illegal_parameter}});var r=t.fragment,n={certificate_types:nt(r,1),certificate_authorities:nt(r,2)};e.session.certificateRequest=n,e.expect=L0,e.process()},p.handleCertificateVerify=function(e,t,a){if(a<2)return e.error(e,{message:"Invalid CertificateVerify. Message too short.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.illegal_parameter}});var r=t.fragment;r.read-=4;var n=r.bytes();r.read+=4;var s={signature:nt(r,2).getBytes()},i=_.util.createBuffer();i.putBuffer(e.session.md5.digest()),i.putBuffer(e.session.sha1.digest()),i=i.getBytes();try{var o=e.session.clientCertificate;if(!o.publicKey.verify(i,s.signature,"NONE"))throw new Error("CertificateVerify signature does not match.");e.session.md5.update(n),e.session.sha1.update(n)}catch{return e.error(e,{message:"Bad signature in CertificateVerify.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.handshake_failure}})}e.expect=Ra,e.process()},p.handleServerHelloDone=function(e,t,a){if(a>0)return e.error(e,{message:"Invalid ServerHelloDone message. Invalid length.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.record_overflow}});if(e.serverCertificate===null){var r={message:"No server certificate provided. Not enough security.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.insufficient_security}},n=0,s=e.verify(e,r.alert.description,n,[]);if(s!==!0)return(s||s===0)&&(typeof s=="object"&&!_.util.isArray(s)?(s.message&&(r.message=s.message),s.alert&&(r.alert.description=s.alert)):typeof s=="number"&&(r.alert.description=s)),e.error(e,r)}e.session.certificateRequest!==null&&(t=p.createRecord(e,{type:p.ContentType.handshake,data:p.createCertificate(e)}),p.queue(e,t)),t=p.createRecord(e,{type:p.ContentType.handshake,data:p.createClientKeyExchange(e)}),p.queue(e,t),e.expect=U0;var i=function(o,u){o.session.certificateRequest!==null&&o.session.clientCertificate!==null&&p.queue(o,p.createRecord(o,{type:p.ContentType.handshake,data:p.createCertificateVerify(o,u)})),p.queue(o,p.createRecord(o,{type:p.ContentType.change_cipher_spec,data:p.createChangeCipherSpec()})),o.state.pending=p.createConnectionState(o),o.state.current.write=o.state.pending.write,p.queue(o,p.createRecord(o,{type:p.ContentType.handshake,data:p.createFinished(o)})),o.expect=Xn,p.flush(o),o.process()};if(e.session.certificateRequest===null||e.session.clientCertificate===null)return i(e,null);p.getClientSignature(e,i)},p.handleChangeCipherSpec=function(e,t){if(t.fragment.getByte()!==1)return e.error(e,{message:"Invalid ChangeCipherSpec message received.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.illegal_parameter}});var a=e.entity===p.ConnectionEnd.client;(e.session.resuming&&a||!e.session.resuming&&!a)&&(e.state.pending=p.createConnectionState(e)),e.state.current.read=e.state.pending.read,(!e.session.resuming&&a||e.session.resuming&&!a)&&(e.state.pending=null),e.expect=a?D0:O0,e.process()},p.handleFinished=function(e,t,a){var r=t.fragment;r.read-=4;var n=r.bytes();r.read+=4;var s=t.fragment.getBytes();r=_.util.createBuffer(),r.putBuffer(e.session.md5.digest()),r.putBuffer(e.session.sha1.digest());var i=e.entity===p.ConnectionEnd.client,o=i?"server finished":"client finished",u=e.session.sp,l=12,f=Xr;if(r=f(u.master_secret,o,r.getBytes(),l),r.getBytes()!==s)return e.error(e,{message:"Invalid verify_data in Finished message.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.decrypt_error}});e.session.md5.update(n),e.session.sha1.update(n),(e.session.resuming&&i||!e.session.resuming&&!i)&&(p.queue(e,p.createRecord(e,{type:p.ContentType.change_cipher_spec,data:p.createChangeCipherSpec()})),e.state.current.write=e.state.pending.write,e.state.pending=null,p.queue(e,p.createRecord(e,{type:p.ContentType.handshake,data:p.createFinished(e)}))),e.expect=i?k0:K0,e.handshaking=!1,++e.handshakes,e.peerCertificate=i?e.session.serverCertificate:e.session.clientCertificate,p.flush(e),e.isConnected=!0,e.connected(e),e.process()},p.handleAlert=function(e,t){var a=t.fragment,r={level:a.getByte(),description:a.getByte()},n;switch(r.description){case p.Alert.Description.close_notify:n="Connection closed.";break;case p.Alert.Description.unexpected_message:n="Unexpected message.";break;case p.Alert.Description.bad_record_mac:n="Bad record MAC.";break;case p.Alert.Description.decryption_failed:n="Decryption failed.";break;case p.Alert.Description.record_overflow:n="Record overflow.";break;case p.Alert.Description.decompression_failure:n="Decompression failed.";break;case p.Alert.Description.handshake_failure:n="Handshake failure.";break;case p.Alert.Description.bad_certificate:n="Bad certificate.";break;case p.Alert.Description.unsupported_certificate:n="Unsupported certificate.";break;case p.Alert.Description.certificate_revoked:n="Certificate revoked.";break;case p.Alert.Description.certificate_expired:n="Certificate expired.";break;case p.Alert.Description.certificate_unknown:n="Certificate unknown.";break;case p.Alert.Description.illegal_parameter:n="Illegal parameter.";break;case p.Alert.Description.unknown_ca:n="Unknown certificate authority.";break;case p.Alert.Description.access_denied:n="Access denied.";break;case p.Alert.Description.decode_error:n="Decode error.";break;case p.Alert.Description.decrypt_error:n="Decrypt error.";break;case p.Alert.Description.export_restriction:n="Export restriction.";break;case p.Alert.Description.protocol_version:n="Unsupported protocol version.";break;case p.Alert.Description.insufficient_security:n="Insufficient security.";break;case p.Alert.Description.internal_error:n="Internal error.";break;case p.Alert.Description.user_canceled:n="User canceled.";break;case p.Alert.Description.no_renegotiation:n="Renegotiation not supported.";break;default:n="Unknown error.";break}if(r.description===p.Alert.Description.close_notify)return e.close();e.error(e,{message:n,send:!1,origin:e.entity===p.ConnectionEnd.client?"server":"client",alert:r}),e.process()},p.handleHandshake=function(e,t){var a=t.fragment,r=a.getByte(),n=a.getInt24();if(n>a.length())return e.fragmented=t,t.fragment=_.util.createBuffer(),a.read-=4,e.process();e.fragmented=null,a.read-=4;var s=a.bytes(n+4);a.read+=4,r in Zr[e.entity][e.expect]?(e.entity===p.ConnectionEnd.server&&!e.open&&!e.fail&&(e.handshaking=!0,e.session={version:null,extensions:{server_name:{serverNameList:[]}},cipherSuite:null,compressionMethod:null,serverCertificate:null,clientCertificate:null,md5:_.md.md5.create(),sha1:_.md.sha1.create()}),r!==p.HandshakeType.hello_request&&r!==p.HandshakeType.certificate_verify&&r!==p.HandshakeType.finished&&(e.session.md5.update(s),e.session.sha1.update(s)),Zr[e.entity][e.expect][r](e,t,n)):p.handleUnexpected(e,t)},p.handleApplicationData=function(e,t){e.data.putBuffer(t.fragment),e.dataReady(e),e.process()},p.handleHeartbeat=function(e,t){var a=t.fragment,r=a.getByte(),n=a.getInt16(),s=a.getBytes(n);if(r===p.HeartbeatMessageType.heartbeat_request){if(e.handshaking||n>s.length)return e.process();p.queue(e,p.createRecord(e,{type:p.ContentType.heartbeat,data:p.createHeartbeat(p.HeartbeatMessageType.heartbeat_response,s)})),p.flush(e)}else if(r===p.HeartbeatMessageType.heartbeat_response){if(s!==e.expectedHeartbeatPayload)return e.process();e.heartbeatReceived&&e.heartbeatReceived(e,_.util.createBuffer(s))}e.process()};var N0=0,w0=1,jn=2,R0=3,L0=4,Xn=5,D0=6,k0=7,U0=8,P0=0,V0=1,wa=2,F0=3,Ra=4,O0=5,K0=6,d=p.handleUnexpected,$n=p.handleChangeCipherSpec,we=p.handleAlert,$e=p.handleHandshake,Zn=p.handleApplicationData,Re=p.handleHeartbeat,La=[];La[p.ConnectionEnd.client]=[[d,we,$e,d,Re],[d,we,$e,d,Re],[d,we,$e,d,Re],[d,we,$e,d,Re],[d,we,$e,d,Re],[$n,we,d,d,Re],[d,we,$e,d,Re],[d,we,$e,Zn,Re],[d,we,$e,d,Re]],La[p.ConnectionEnd.server]=[[d,we,$e,d,Re],[d,we,$e,d,Re],[d,we,$e,d,Re],[d,we,$e,d,Re],[$n,we,d,d,Re],[d,we,$e,d,Re],[d,we,$e,Zn,Re],[d,we,$e,d,Re]];var kt=p.handleHelloRequest,M0=p.handleServerHello,Jn=p.handleCertificate,ei=p.handleServerKeyExchange,Da=p.handleCertificateRequest,$r=p.handleServerHelloDone,ti=p.handleFinished,Zr=[];Zr[p.ConnectionEnd.client]=[[d,d,M0,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d],[kt,d,d,d,d,d,d,d,d,d,d,Jn,ei,Da,$r,d,d,d,d,d,d],[kt,d,d,d,d,d,d,d,d,d,d,d,ei,Da,$r,d,d,d,d,d,d],[kt,d,d,d,d,d,d,d,d,d,d,d,d,Da,$r,d,d,d,d,d,d],[kt,d,d,d,d,d,d,d,d,d,d,d,d,d,$r,d,d,d,d,d,d],[kt,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d],[kt,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,ti],[kt,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d],[kt,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d]];var H0=p.handleClientHello,q0=p.handleClientKeyExchange,G0=p.handleCertificateVerify;Zr[p.ConnectionEnd.server]=[[d,H0,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d],[d,d,d,d,d,d,d,d,d,d,d,Jn,d,d,d,d,d,d,d,d,d],[d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,q0,d,d,d,d],[d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,G0,d,d,d,d,d],[d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d],[d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,ti],[d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d],[d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d,d]],p.generateKeys=function(e,t){var a=Xr,r=t.client_random+t.server_random;e.session.resuming||(t.master_secret=a(t.pre_master_secret,"master secret",r,48).bytes(),t.pre_master_secret=null),r=t.server_random+t.client_random;var n=2*t.mac_key_length+2*t.enc_key_length,s=e.version.major===p.Versions.TLS_1_0.major&&e.version.minor===p.Versions.TLS_1_0.minor;s&&(n+=2*t.fixed_iv_length);var i=a(t.master_secret,"key expansion",r,n),o={client_write_MAC_key:i.getBytes(t.mac_key_length),server_write_MAC_key:i.getBytes(t.mac_key_length),client_write_key:i.getBytes(t.enc_key_length),server_write_key:i.getBytes(t.enc_key_length)};return s&&(o.client_write_IV=i.getBytes(t.fixed_iv_length),o.server_write_IV=i.getBytes(t.fixed_iv_length)),o},p.createConnectionState=function(e){var t=e.entity===p.ConnectionEnd.client,a=function(){var s={sequenceNumber:[0,0],macKey:null,macLength:0,macFunction:null,cipherState:null,cipherFunction:function(i){return!0},compressionState:null,compressFunction:function(i){return!0},updateSequenceNumber:function(){s.sequenceNumber[1]===4294967295?(s.sequenceNumber[1]=0,++s.sequenceNumber[0]):++s.sequenceNumber[1]}};return s},r={read:a(),write:a()};if(r.read.update=function(s,i){return r.read.cipherFunction(i,r.read)?r.read.compressFunction(s,i,r.read)||s.error(s,{message:"Could not decompress record.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.decompression_failure}}):s.error(s,{message:"Could not decrypt record or bad MAC.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.bad_record_mac}}),!s.fail},r.write.update=function(s,i){return r.write.compressFunction(s,i,r.write)?r.write.cipherFunction(i,r.write)||s.error(s,{message:"Could not encrypt record.",send:!1,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.internal_error}}):s.error(s,{message:"Could not compress record.",send:!1,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.internal_error}}),!s.fail},e.session){var n=e.session.sp;switch(e.session.cipherSuite.initSecurityParameters(n),n.keys=p.generateKeys(e,n),r.read.macKey=t?n.keys.server_write_MAC_key:n.keys.client_write_MAC_key,r.write.macKey=t?n.keys.client_write_MAC_key:n.keys.server_write_MAC_key,e.session.cipherSuite.initConnectionState(r,e,n),n.compression_algorithm){case p.CompressionMethod.none:break;case p.CompressionMethod.deflate:r.read.compressFunction=_0,r.write.compressFunction=b0;break;default:throw new Error("Unsupported compression algorithm.")}}return r},p.createRandom=function(){var e=new Date,t=+e+e.getTimezoneOffset()*6e4,a=_.util.createBuffer();return a.putInt32(t),a.putBytes(_.random.getBytes(28)),a},p.createRecord=function(e,t){if(!t.data)return null;var a={type:t.type,version:{major:e.version.major,minor:e.version.minor},length:t.data.length(),fragment:t.data};return a},p.createAlert=function(e,t){var a=_.util.createBuffer();return a.putByte(t.level),a.putByte(t.description),p.createRecord(e,{type:p.ContentType.alert,data:a})},p.createClientHello=function(e){e.session.clientHelloVersion={major:e.version.major,minor:e.version.minor};for(var t=_.util.createBuffer(),a=0;a<e.cipherSuites.length;++a){var r=e.cipherSuites[a];t.putByte(r.id[0]),t.putByte(r.id[1])}var n=t.length(),s=_.util.createBuffer();s.putByte(p.CompressionMethod.none);var i=s.length(),o=_.util.createBuffer();if(e.virtualHost){var u=_.util.createBuffer();u.putByte(0),u.putByte(0);var l=_.util.createBuffer();l.putByte(0),ct(l,2,_.util.createBuffer(e.virtualHost));var f=_.util.createBuffer();ct(f,2,l),ct(u,2,f),o.putBuffer(u)}var c=o.length();c>0&&(c+=2);var v=e.session.id,m=v.length+1+2+4+28+2+n+1+i+c,y=_.util.createBuffer();return y.putByte(p.HandshakeType.client_hello),y.putInt24(m),y.putByte(e.version.major),y.putByte(e.version.minor),y.putBytes(e.session.sp.client_random),ct(y,1,_.util.createBuffer(v)),ct(y,2,t),ct(y,1,s),c>0&&ct(y,2,o),y},p.createServerHello=function(e){var t=e.session.id,a=t.length+1+2+4+28+2+1,r=_.util.createBuffer();return r.putByte(p.HandshakeType.server_hello),r.putInt24(a),r.putByte(e.version.major),r.putByte(e.version.minor),r.putBytes(e.session.sp.server_random),ct(r,1,_.util.createBuffer(t)),r.putByte(e.session.cipherSuite.id[0]),r.putByte(e.session.cipherSuite.id[1]),r.putByte(e.session.compressionMethod),r},p.createCertificate=function(e){var t=e.entity===p.ConnectionEnd.client,a=null;if(e.getCertificate){var r;t?r=e.session.certificateRequest:r=e.session.extensions.server_name.serverNameList,a=e.getCertificate(e,r)}var n=_.util.createBuffer();if(a!==null)try{_.util.isArray(a)||(a=[a]);for(var s=null,i=0;i<a.length;++i){var o=_.pem.decode(a[i])[0];if(o.type!=="CERTIFICATE"&&o.type!=="X509 CERTIFICATE"&&o.type!=="TRUSTED CERTIFICATE"){var u=new Error('Could not convert certificate from PEM; PEM header type is not "CERTIFICATE", "X509 CERTIFICATE", or "TRUSTED CERTIFICATE".');throw u.headerType=o.type,u}if(o.procType&&o.procType.type==="ENCRYPTED")throw new Error("Could not convert certificate from PEM; PEM is encrypted.");var l=_.util.createBuffer(o.body);s===null&&(s=_.asn1.fromDer(l.bytes(),!1));var f=_.util.createBuffer();ct(f,3,l),n.putBuffer(f)}a=_.pki.certificateFromAsn1(s),t?e.session.clientCertificate=a:e.session.serverCertificate=a}catch(m){return e.error(e,{message:"Could not send certificate list.",cause:m,send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.bad_certificate}})}var c=3+n.length(),v=_.util.createBuffer();return v.putByte(p.HandshakeType.certificate),v.putInt24(c),ct(v,3,n),v},p.createClientKeyExchange=function(e){var t=_.util.createBuffer();t.putByte(e.session.clientHelloVersion.major),t.putByte(e.session.clientHelloVersion.minor),t.putBytes(_.random.getBytes(46));var a=e.session.sp;a.pre_master_secret=t.getBytes();var r=e.session.serverCertificate.publicKey;t=r.encrypt(a.pre_master_secret);var n=t.length+2,s=_.util.createBuffer();return s.putByte(p.HandshakeType.client_key_exchange),s.putInt24(n),s.putInt16(t.length),s.putBytes(t),s},p.createServerKeyExchange=function(e){var t=_.util.createBuffer();return t},p.getClientSignature=function(e,t){var a=_.util.createBuffer();a.putBuffer(e.session.md5.digest()),a.putBuffer(e.session.sha1.digest()),a=a.getBytes(),e.getSignature=e.getSignature||function(r,n,s){var i=null;if(r.getPrivateKey)try{i=r.getPrivateKey(r,r.session.clientCertificate),i=_.pki.privateKeyFromPem(i)}catch(o){r.error(r,{message:"Could not get private key.",cause:o,send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.internal_error}})}i===null?r.error(r,{message:"No private key set.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.internal_error}}):n=i.sign(n,null),s(r,n)},e.getSignature(e,a,t)},p.createCertificateVerify=function(e,t){var a=t.length+2,r=_.util.createBuffer();return r.putByte(p.HandshakeType.certificate_verify),r.putInt24(a),r.putInt16(t.length),r.putBytes(t),r},p.createCertificateRequest=function(e){var t=_.util.createBuffer();t.putByte(1);var a=_.util.createBuffer();for(var r in e.caStore.certs){var n=e.caStore.certs[r],s=_.pki.distinguishedNameToAsn1(n.subject),i=_.asn1.toDer(s);a.putInt16(i.length()),a.putBuffer(i)}var o=1+t.length()+2+a.length(),u=_.util.createBuffer();return u.putByte(p.HandshakeType.certificate_request),u.putInt24(o),ct(u,1,t),ct(u,2,a),u},p.createServerHelloDone=function(e){var t=_.util.createBuffer();return t.putByte(p.HandshakeType.server_hello_done),t.putInt24(0),t},p.createChangeCipherSpec=function(){var e=_.util.createBuffer();return e.putByte(1),e},p.createFinished=function(e){var t=_.util.createBuffer();t.putBuffer(e.session.md5.digest()),t.putBuffer(e.session.sha1.digest());var a=e.entity===p.ConnectionEnd.client,r=e.session.sp,n=12,s=Xr,i=a?"client finished":"server finished";t=s(r.master_secret,i,t.getBytes(),n);var o=_.util.createBuffer();return o.putByte(p.HandshakeType.finished),o.putInt24(t.length()),o.putBuffer(t),o},p.createHeartbeat=function(e,t,a){typeof a>"u"&&(a=t.length);var r=_.util.createBuffer();r.putByte(e),r.putInt16(a),r.putBytes(t);var n=r.length(),s=Math.max(16,n-a-3);return r.putBytes(_.random.getBytes(s)),r},p.queue=function(e,t){if(!!t&&!(t.fragment.length()===0&&(t.type===p.ContentType.handshake||t.type===p.ContentType.alert||t.type===p.ContentType.change_cipher_spec))){if(t.type===p.ContentType.handshake){var a=t.fragment.bytes();e.session.md5.update(a),e.session.sha1.update(a),a=null}var r;if(t.fragment.length()<=p.MaxFragment)r=[t];else{r=[];for(var n=t.fragment.bytes();n.length>p.MaxFragment;)r.push(p.createRecord(e,{type:t.type,data:_.util.createBuffer(n.slice(0,p.MaxFragment))})),n=n.slice(p.MaxFragment);n.length>0&&r.push(p.createRecord(e,{type:t.type,data:_.util.createBuffer(n)}))}for(var s=0;s<r.length&&!e.fail;++s){var i=r[s],o=e.state.current.write;o.update(e,i)&&e.records.push(i)}}},p.flush=function(e){for(var t=0;t<e.records.length;++t){var a=e.records[t];e.tlsData.putByte(a.type),e.tlsData.putByte(a.version.major),e.tlsData.putByte(a.version.minor),e.tlsData.putInt16(a.fragment.length()),e.tlsData.putBuffer(e.records[t].fragment)}return e.records=[],e.tlsDataReady(e)};var ka=function(e){switch(e){case!0:return!0;case _.pki.certificateError.bad_certificate:return p.Alert.Description.bad_certificate;case _.pki.certificateError.unsupported_certificate:return p.Alert.Description.unsupported_certificate;case _.pki.certificateError.certificate_revoked:return p.Alert.Description.certificate_revoked;case _.pki.certificateError.certificate_expired:return p.Alert.Description.certificate_expired;case _.pki.certificateError.certificate_unknown:return p.Alert.Description.certificate_unknown;case _.pki.certificateError.unknown_ca:return p.Alert.Description.unknown_ca;default:return p.Alert.Description.bad_certificate}},Q0=function(e){switch(e){case!0:return!0;case p.Alert.Description.bad_certificate:return _.pki.certificateError.bad_certificate;case p.Alert.Description.unsupported_certificate:return _.pki.certificateError.unsupported_certificate;case p.Alert.Description.certificate_revoked:return _.pki.certificateError.certificate_revoked;case p.Alert.Description.certificate_expired:return _.pki.certificateError.certificate_expired;case p.Alert.Description.certificate_unknown:return _.pki.certificateError.certificate_unknown;case p.Alert.Description.unknown_ca:return _.pki.certificateError.unknown_ca;default:return _.pki.certificateError.bad_certificate}};p.verifyCertificateChain=function(e,t){try{var a={};for(var r in e.verifyOptions)a[r]=e.verifyOptions[r];a.verify=function(s,i,o){var u=ka(s),l=e.verify(e,s,i,o);if(l!==!0){if(typeof l=="object"&&!_.util.isArray(l)){var f=new Error("The application rejected the certificate.");throw f.send=!0,f.alert={level:p.Alert.Level.fatal,description:p.Alert.Description.bad_certificate},l.message&&(f.message=l.message),l.alert&&(f.alert.description=l.alert),f}l!==s&&(l=Q0(l))}return l},_.pki.verifyCertificateChain(e.caStore,t,a)}catch(s){var n=s;(typeof n!="object"||_.util.isArray(n))&&(n={send:!0,alert:{level:p.Alert.Level.fatal,description:ka(s)}}),"send"in n||(n.send=!0),"alert"in n||(n.alert={level:p.Alert.Level.fatal,description:ka(n.error)}),e.error(e,n)}return!e.fail},p.createSessionCache=function(e,t){var a=null;if(e&&e.getSession&&e.setSession&&e.order)a=e;else{a={},a.cache=e||{},a.capacity=Math.max(t||100,1),a.order=[];for(var r in e)a.order.length<=t?a.order.push(r):delete e[r];a.getSession=function(n){var s=null,i=null;if(n?i=_.util.bytesToHex(n):a.order.length>0&&(i=a.order[0]),i!==null&&i in a.cache){s=a.cache[i],delete a.cache[i];for(var o in a.order)if(a.order[o]===i){a.order.splice(o,1);break}}return s},a.setSession=function(n,s){if(a.order.length===a.capacity){var i=a.order.shift();delete a.cache[i]}var i=_.util.bytesToHex(n);a.order.push(i),a.cache[i]=s}}return a},p.createConnection=function(e){var t=null;e.caStore?_.util.isArray(e.caStore)?t=_.pki.createCaStore(e.caStore):t=e.caStore:t=_.pki.createCaStore();var a=e.cipherSuites||null;if(a===null){a=[];for(var r in p.CipherSuites)a.push(p.CipherSuites[r])}var n=e.server?p.ConnectionEnd.server:p.ConnectionEnd.client,s=e.sessionCache?p.createSessionCache(e.sessionCache):null,i={version:{major:p.Version.major,minor:p.Version.minor},entity:n,sessionId:e.sessionId,caStore:t,sessionCache:s,cipherSuites:a,connected:e.connected,virtualHost:e.virtualHost||null,verifyClient:e.verifyClient||!1,verify:e.verify||function(f,c,v,m){return c},verifyOptions:e.verifyOptions||{},getCertificate:e.getCertificate||null,getPrivateKey:e.getPrivateKey||null,getSignature:e.getSignature||null,input:_.util.createBuffer(),tlsData:_.util.createBuffer(),data:_.util.createBuffer(),tlsDataReady:e.tlsDataReady,dataReady:e.dataReady,heartbeatReceived:e.heartbeatReceived,closed:e.closed,error:function(f,c){c.origin=c.origin||(f.entity===p.ConnectionEnd.client?"client":"server"),c.send&&(p.queue(f,p.createAlert(f,c.alert)),p.flush(f));var v=c.fatal!==!1;v&&(f.fail=!0),e.error(f,c),v&&f.close(!1)},deflate:e.deflate||null,inflate:e.inflate||null};i.reset=function(f){i.version={major:p.Version.major,minor:p.Version.minor},i.record=null,i.session=null,i.peerCertificate=null,i.state={pending:null,current:null},i.expect=i.entity===p.ConnectionEnd.client?N0:P0,i.fragmented=null,i.records=[],i.open=!1,i.handshakes=0,i.handshaking=!1,i.isConnected=!1,i.fail=!(f||typeof f>"u"),i.input.clear(),i.tlsData.clear(),i.data.clear(),i.state.current=p.createConnectionState(i)},i.reset();var o=function(f,c){var v=c.type-p.ContentType.change_cipher_spec,m=La[f.entity][f.expect];v in m?m[v](f,c):p.handleUnexpected(f,c)},u=function(f){var c=0,v=f.input,m=v.length();if(m<5)c=5-m;else{f.record={type:v.getByte(),version:{major:v.getByte(),minor:v.getByte()},length:v.getInt16(),fragment:_.util.createBuffer(),ready:!1};var y=f.record.version.major===f.version.major;y&&f.session&&f.session.version&&(y=f.record.version.minor===f.version.minor),y||f.error(f,{message:"Incompatible TLS version.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.protocol_version}})}return c},l=function(f){var c=0,v=f.input,m=v.length();if(m<f.record.length)c=f.record.length-m;else{f.record.fragment.putBytes(v.getBytes(f.record.length)),v.compact();var y=f.state.current.read;y.update(f,f.record)&&(f.fragmented!==null&&(f.fragmented.type===f.record.type?(f.fragmented.fragment.putBuffer(f.record.fragment),f.record=f.fragmented):f.error(f,{message:"Invalid fragmented record.",send:!0,alert:{level:p.Alert.Level.fatal,description:p.Alert.Description.unexpected_message}})),f.record.ready=!0)}return c};return i.handshake=function(f){if(i.entity!==p.ConnectionEnd.client)i.error(i,{message:"Cannot initiate handshake as a server.",fatal:!1});else if(i.handshaking)i.error(i,{message:"Handshake already in progress.",fatal:!1});else{i.fail&&!i.open&&i.handshakes===0&&(i.fail=!1),i.handshaking=!0,f=f||"";var c=null;f.length>0&&(i.sessionCache&&(c=i.sessionCache.getSession(f)),c===null&&(f="")),f.length===0&&i.sessionCache&&(c=i.sessionCache.getSession(),c!==null&&(f=c.id)),i.session={id:f,version:null,cipherSuite:null,compressionMethod:null,serverCertificate:null,certificateRequest:null,clientCertificate:null,sp:{},md5:_.md.md5.create(),sha1:_.md.sha1.create()},c&&(i.version=c.version,i.session.sp=c.sp),i.session.sp.client_random=p.createRandom().getBytes(),i.open=!0,p.queue(i,p.createRecord(i,{type:p.ContentType.handshake,data:p.createClientHello(i)})),p.flush(i)}},i.process=function(f){var c=0;return f&&i.input.putBytes(f),i.fail||(i.record!==null&&i.record.ready&&i.record.fragment.isEmpty()&&(i.record=null),i.record===null&&(c=u(i)),!i.fail&&i.record!==null&&!i.record.ready&&(c=l(i)),!i.fail&&i.record!==null&&i.record.ready&&o(i,i.record)),c},i.prepare=function(f){return p.queue(i,p.createRecord(i,{type:p.ContentType.application_data,data:_.util.createBuffer(f)})),p.flush(i)},i.prepareHeartbeatRequest=function(f,c){return f instanceof _.util.ByteBuffer&&(f=f.bytes()),typeof c>"u"&&(c=f.length),i.expectedHeartbeatPayload=f,p.queue(i,p.createRecord(i,{type:p.ContentType.heartbeat,data:p.createHeartbeat(p.HeartbeatMessageType.heartbeat_request,f,c)})),p.flush(i)},i.close=function(f){if(!i.fail&&i.sessionCache&&i.session){var c={id:i.session.id,version:i.session.version,sp:i.session.sp};c.sp.keys=null,i.sessionCache.setSession(c.id,c)}i.open&&(i.open=!1,i.input.clear(),(i.isConnected||i.handshaking)&&(i.isConnected=i.handshaking=!1,p.queue(i,p.createAlert(i,{level:p.Alert.Level.warning,description:p.Alert.Description.close_notify})),p.flush(i)),i.closed(i)),i.reset(f)},i},_.tls=_.tls||{};for(var Ua in p)typeof p[Ua]!="function"&&(_.tls[Ua]=p[Ua]);_.tls.prf_tls1=Xr,_.tls.hmac_sha1=B0,_.tls.createSessionCache=p.createSessionCache,_.tls.createConnection=p.createConnection;var Ut=Y,ht=Ut.tls;ht.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA={id:[0,47],name:"TLS_RSA_WITH_AES_128_CBC_SHA",initSecurityParameters:function(e){e.bulk_cipher_algorithm=ht.BulkCipherAlgorithm.aes,e.cipher_type=ht.CipherType.block,e.enc_key_length=16,e.block_length=16,e.fixed_iv_length=16,e.record_iv_length=16,e.mac_algorithm=ht.MACAlgorithm.hmac_sha1,e.mac_length=20,e.mac_key_length=20},initConnectionState:ri},ht.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA={id:[0,53],name:"TLS_RSA_WITH_AES_256_CBC_SHA",initSecurityParameters:function(e){e.bulk_cipher_algorithm=ht.BulkCipherAlgorithm.aes,e.cipher_type=ht.CipherType.block,e.enc_key_length=32,e.block_length=16,e.fixed_iv_length=16,e.record_iv_length=16,e.mac_algorithm=ht.MACAlgorithm.hmac_sha1,e.mac_length=20,e.mac_key_length=20},initConnectionState:ri};function ri(e,t,a){var r=t.entity===Ut.tls.ConnectionEnd.client;e.read.cipherState={init:!1,cipher:Ut.cipher.createDecipher("AES-CBC",r?a.keys.server_write_key:a.keys.client_write_key),iv:r?a.keys.server_write_IV:a.keys.client_write_IV},e.write.cipherState={init:!1,cipher:Ut.cipher.createCipher("AES-CBC",r?a.keys.client_write_key:a.keys.server_write_key),iv:r?a.keys.client_write_IV:a.keys.server_write_IV},e.read.cipherFunction=j0,e.write.cipherFunction=z0,e.read.macLength=e.write.macLength=a.mac_length,e.read.macFunction=e.write.macFunction=ht.hmac_sha1}function z0(e,t){var a=!1,r=t.macFunction(t.macKey,t.sequenceNumber,e);e.fragment.putBytes(r),t.updateSequenceNumber();var n;e.version.minor===ht.Versions.TLS_1_0.minor?n=t.cipherState.init?null:t.cipherState.iv:n=Ut.random.getBytesSync(16),t.cipherState.init=!0;var s=t.cipherState.cipher;return s.start({iv:n}),e.version.minor>=ht.Versions.TLS_1_1.minor&&s.output.putBytes(n),s.update(e.fragment),s.finish(Y0)&&(e.fragment=s.output,e.length=e.fragment.length(),a=!0),a}function Y0(e,t,a){if(!a){var r=e-t.length()%e;t.fillWithByte(r-1,r)}return!0}function W0(e,t,a){var r=!0;if(a){for(var n=t.length(),s=t.last(),i=n-1-s;i<n-1;++i)r=r&&t.at(i)==s;r&&t.truncate(s+1)}return r}function j0(e,t){var a=!1,r;e.version.minor===ht.Versions.TLS_1_0.minor?r=t.cipherState.init?null:t.cipherState.iv:r=e.fragment.getBytes(16),t.cipherState.init=!0;var n=t.cipherState.cipher;n.start({iv:r}),n.update(e.fragment),a=n.finish(W0);var s=t.macLength,i=Ut.random.getBytesSync(s),o=n.output.length();o>=s?(e.fragment=n.output.getBytes(o-s),i=n.output.getBytes(s)):e.fragment=n.output.getBytes(),e.fragment=Ut.util.createBuffer(e.fragment),e.length=e.fragment.length();var u=t.macFunction(t.macKey,t.sequenceNumber,e);return t.updateSequenceNumber(),a=X0(t.macKey,i,u)&&a,a}function X0(e,t,a){var r=Ut.hmac.create();return r.start("SHA1",e),r.update(t),t=r.digest().getBytes(),r.start(null,null),r.update(a),a=r.digest().getBytes(),t===a}var Le=Y;Le.debug=Le.debug||{},Le.debug.storage={},Le.debug.get=function(e,t){var a;return typeof e>"u"?a=Le.debug.storage:e in Le.debug.storage&&(typeof t>"u"?a=Le.debug.storage[e]:a=Le.debug.storage[e][t]),a},Le.debug.set=function(e,t,a){e in Le.debug.storage||(Le.debug.storage[e]={}),Le.debug.storage[e][t]=a},Le.debug.clear=function(e,t){typeof e>"u"?Le.debug.storage={}:e in Le.debug.storage&&(typeof t>"u"?delete Le.debug.storage[e]:delete Le.debug.storage[e][t])};var he=Y,Ir=he.sha512=he.sha512||{};he.md.sha512=he.md.algorithms.sha512=Ir;var ai=he.sha384=he.sha512.sha384=he.sha512.sha384||{};ai.create=function(){return Ir.create("SHA-384")},he.md.sha384=he.md.algorithms.sha384=ai,he.sha512.sha256=he.sha512.sha256||{create:function(){return Ir.create("SHA-512/256")}},he.md["sha512/256"]=he.md.algorithms["sha512/256"]=he.sha512.sha256,he.sha512.sha224=he.sha512.sha224||{create:function(){return Ir.create("SHA-512/224")}},he.md["sha512/224"]=he.md.algorithms["sha512/224"]=he.sha512.sha224,Ir.create=function(e){if(ni||$0(),typeof e>"u"&&(e="SHA-512"),!(e in jt))throw new Error("Invalid SHA-512 algorithm: "+e);for(var t=jt[e],a=null,r=he.util.createBuffer(),n=new Array(80),s=0;s<80;++s)n[s]=new Array(2);var i=64;switch(e){case"SHA-384":i=48;break;case"SHA-512/256":i=32;break;case"SHA-512/224":i=28;break}var o={algorithm:e.replace("-","").toLowerCase(),blockLength:128,digestLength:i,messageLength:0,fullMessageLength:null,messageLengthSize:16};return o.start=function(){o.messageLength=0,o.fullMessageLength=o.messageLength128=[];for(var u=o.messageLengthSize/4,l=0;l<u;++l)o.fullMessageLength.push(0);r=he.util.createBuffer(),a=new Array(t.length);for(var l=0;l<t.length;++l)a[l]=t[l].slice(0);return o},o.start(),o.update=function(u,l){l==="utf8"&&(u=he.util.encodeUtf8(u));var f=u.length;o.messageLength+=f,f=[f/4294967296>>>0,f>>>0];for(var c=o.fullMessageLength.length-1;c>=0;--c)o.fullMessageLength[c]+=f[1],f[1]=f[0]+(o.fullMessageLength[c]/4294967296>>>0),o.fullMessageLength[c]=o.fullMessageLength[c]>>>0,f[0]=f[1]/4294967296>>>0;return r.putBytes(u),ii(a,n,r),(r.read>2048||r.length()===0)&&r.compact(),o},o.digest=function(){var u=he.util.createBuffer();u.putBytes(r.bytes());var l=o.fullMessageLength[o.fullMessageLength.length-1]+o.messageLengthSize,f=l&o.blockLength-1;u.putBytes(Pa.substr(0,o.blockLength-f));for(var c,v,m=o.fullMessageLength[0]*8,y=0;y<o.fullMessageLength.length-1;++y)c=o.fullMessageLength[y+1]*8,v=c/4294967296>>>0,m+=v,u.putInt32(m>>>0),m=c>>>0;u.putInt32(m);for(var x=new Array(a.length),y=0;y<a.length;++y)x[y]=a[y].slice(0);ii(x,n,u);var S=he.util.createBuffer(),A;e==="SHA-512"?A=x.length:e==="SHA-384"?A=x.length-2:A=x.length-4;for(var y=0;y<A;++y)S.putInt32(x[y][0]),(y!==A-1||e!=="SHA-512/224")&&S.putInt32(x[y][1]);return S},o};var Pa=null,ni=!1,Va=null,jt=null;function $0(){Pa=String.fromCharCode(128),Pa+=he.util.fillString(String.fromCharCode(0),128),Va=[[1116352408,3609767458],[1899447441,602891725],[3049323471,3964484399],[3921009573,2173295548],[961987163,4081628472],[1508970993,3053834265],[2453635748,2937671579],[2870763221,3664609560],[3624381080,2734883394],[310598401,1164996542],[607225278,1323610764],[1426881987,3590304994],[1925078388,4068182383],[2162078206,991336113],[2614888103,633803317],[3248222580,3479774868],[3835390401,2666613458],[4022224774,944711139],[264347078,2341262773],[604807628,2007800933],[770255983,1495990901],[1249150122,1856431235],[1555081692,3175218132],[1996064986,2198950837],[2554220882,3999719339],[2821834349,766784016],[2952996808,2566594879],[3210313671,3203337956],[3336571891,1034457026],[3584528711,2466948901],[113926993,3758326383],[338241895,168717936],[666307205,1188179964],[773529912,1546045734],[1294757372,1522805485],[1396182291,2643833823],[1695183700,2343527390],[1986661051,1014477480],[2177026350,1206759142],[2456956037,344077627],[2730485921,1290863460],[2820302411,3158454273],[3259730800,3505952657],[3345764771,106217008],[3516065817,3606008344],[3600352804,1432725776],[4094571909,1467031594],[275423344,851169720],[430227734,3100823752],[506948616,1363258195],[659060556,3750685593],[883997877,3785050280],[958139571,3318307427],[1322822218,3812723403],[1537002063,2003034995],[1747873779,3602036899],[1955562222,1575990012],[2024104815,1125592928],[2227730452,2716904306],[2361852424,442776044],[2428436474,593698344],[2756734187,3733110249],[3204031479,2999351573],[3329325298,3815920427],[3391569614,3928383900],[3515267271,566280711],[3940187606,3454069534],[4118630271,4000239992],[116418474,1914138554],[174292421,2731055270],[289380356,3203993006],[460393269,320620315],[685471733,587496836],[852142971,1086792851],[1017036298,365543100],[1126000580,2618297676],[1288033470,3409855158],[1501505948,4234509866],[1607167915,987167468],[1816402316,1246189591]],jt={},jt["SHA-512"]=[[1779033703,4089235720],[3144134277,2227873595],[1013904242,4271175723],[2773480762,1595750129],[1359893119,2917565137],[2600822924,725511199],[528734635,4215389547],[1541459225,327033209]],jt["SHA-384"]=[[3418070365,3238371032],[1654270250,914150663],[2438529370,812702999],[355462360,4144912697],[1731405415,4290775857],[2394180231,1750603025],[3675008525,1694076839],[1203062813,3204075428]],jt["SHA-512/256"]=[[573645204,4230739756],[2673172387,3360449730],[596883563,1867755857],[2520282905,1497426621],[2519219938,2827943907],[3193839141,1401305490],[721525244,746961066],[246885852,2177182882]],jt["SHA-512/224"]=[[2352822216,424955298],[1944164710,2312950998],[502970286,855612546],[1738396948,1479516111],[258812777,2077511080],[2011393907,79989058],[1067287976,1780299464],[286451373,2446758561]],ni=!0}function ii(e,t,a){for(var r,n,s,i,o,u,l,f,c,v,m,y,x,S,A,B,N,F,D,R,z,J,ie,oe,ue,ve,ot,dt,le,Se,M,Jt,gr,Te,Ae,Ie=a.length();Ie>=128;){for(le=0;le<16;++le)t[le][0]=a.getInt32()>>>0,t[le][1]=a.getInt32()>>>0;for(;le<80;++le)Jt=t[le-2],Se=Jt[0],M=Jt[1],r=((Se>>>19|M<<13)^(M>>>29|Se<<3)^Se>>>6)>>>0,n=((Se<<13|M>>>19)^(M<<3|Se>>>29)^(Se<<26|M>>>6))>>>0,Te=t[le-15],Se=Te[0],M=Te[1],s=((Se>>>1|M<<31)^(Se>>>8|M<<24)^Se>>>7)>>>0,i=((Se<<31|M>>>1)^(Se<<24|M>>>8)^(Se<<25|M>>>7))>>>0,gr=t[le-7],Ae=t[le-16],M=n+gr[1]+i+Ae[1],t[le][0]=r+gr[0]+s+Ae[0]+(M/4294967296>>>0)>>>0,t[le][1]=M>>>0;for(x=e[0][0],S=e[0][1],A=e[1][0],B=e[1][1],N=e[2][0],F=e[2][1],D=e[3][0],R=e[3][1],z=e[4][0],J=e[4][1],ie=e[5][0],oe=e[5][1],ue=e[6][0],ve=e[6][1],ot=e[7][0],dt=e[7][1],le=0;le<80;++le)l=((z>>>14|J<<18)^(z>>>18|J<<14)^(J>>>9|z<<23))>>>0,f=((z<<18|J>>>14)^(z<<14|J>>>18)^(J<<23|z>>>9))>>>0,c=(ue^z&(ie^ue))>>>0,v=(ve^J&(oe^ve))>>>0,o=((x>>>28|S<<4)^(S>>>2|x<<30)^(S>>>7|x<<25))>>>0,u=((x<<4|S>>>28)^(S<<30|x>>>2)^(S<<25|x>>>7))>>>0,m=(x&A|N&(x^A))>>>0,y=(S&B|F&(S^B))>>>0,M=dt+f+v+Va[le][1]+t[le][1],r=ot+l+c+Va[le][0]+t[le][0]+(M/4294967296>>>0)>>>0,n=M>>>0,M=u+y,s=o+m+(M/4294967296>>>0)>>>0,i=M>>>0,ot=ue,dt=ve,ue=ie,ve=oe,ie=z,oe=J,M=R+n,z=D+r+(M/4294967296>>>0)>>>0,J=M>>>0,D=N,R=F,N=A,F=B,A=x,B=S,M=n+i,x=r+s+(M/4294967296>>>0)>>>0,S=M>>>0;M=e[0][1]+S,e[0][0]=e[0][0]+x+(M/4294967296>>>0)>>>0,e[0][1]=M>>>0,M=e[1][1]+B,e[1][0]=e[1][0]+A+(M/4294967296>>>0)>>>0,e[1][1]=M>>>0,M=e[2][1]+F,e[2][0]=e[2][0]+N+(M/4294967296>>>0)>>>0,e[2][1]=M>>>0,M=e[3][1]+R,e[3][0]=e[3][0]+D+(M/4294967296>>>0)>>>0,e[3][1]=M>>>0,M=e[4][1]+J,e[4][0]=e[4][0]+z+(M/4294967296>>>0)>>>0,e[4][1]=M>>>0,M=e[5][1]+oe,e[5][0]=e[5][0]+ie+(M/4294967296>>>0)>>>0,e[5][1]=M>>>0,M=e[6][1]+ve,e[6][0]=e[6][0]+ue+(M/4294967296>>>0)>>>0,e[6][1]=M>>>0,M=e[7][1]+dt,e[7][0]=e[7][0]+ot+(M/4294967296>>>0)>>>0,e[7][1]=M>>>0,Ie-=128}}var Fa={},Z0=Y,Ne=Z0.asn1;Fa.privateKeyValidator={name:"PrivateKeyInfo",tagClass:Ne.Class.UNIVERSAL,type:Ne.Type.SEQUENCE,constructed:!0,value:[{name:"PrivateKeyInfo.version",tagClass:Ne.Class.UNIVERSAL,type:Ne.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"PrivateKeyInfo.privateKeyAlgorithm",tagClass:Ne.Class.UNIVERSAL,type:Ne.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:Ne.Class.UNIVERSAL,type:Ne.Type.OID,constructed:!1,capture:"privateKeyOid"}]},{name:"PrivateKeyInfo",tagClass:Ne.Class.UNIVERSAL,type:Ne.Type.OCTETSTRING,constructed:!1,capture:"privateKey"}]},Fa.publicKeyValidator={name:"SubjectPublicKeyInfo",tagClass:Ne.Class.UNIVERSAL,type:Ne.Type.SEQUENCE,constructed:!0,captureAsn1:"subjectPublicKeyInfo",value:[{name:"SubjectPublicKeyInfo.AlgorithmIdentifier",tagClass:Ne.Class.UNIVERSAL,type:Ne.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:Ne.Class.UNIVERSAL,type:Ne.Type.OID,constructed:!1,capture:"publicKeyOid"}]},{tagClass:Ne.Class.UNIVERSAL,type:Ne.Type.BITSTRING,constructed:!1,composed:!0,captureBitStringValue:"ed25519PublicKey"}]};var De=Y,si=Fa,J0=si.publicKeyValidator,eu=si.privateKeyValidator;if(typeof tu>"u")var tu=De.jsbn.BigInteger;var Oa=De.util.ByteBuffer,rt=typeof Buffer>"u"?Uint8Array:Buffer;De.pki=De.pki||{},De.pki.ed25519=De.ed25519=De.ed25519||{};var $=De.ed25519;$.constants={},$.constants.PUBLIC_KEY_BYTE_LENGTH=32,$.constants.PRIVATE_KEY_BYTE_LENGTH=64,$.constants.SEED_BYTE_LENGTH=32,$.constants.SIGN_BYTE_LENGTH=64,$.constants.HASH_BYTE_LENGTH=64,$.generateKeyPair=function(e){e=e||{};var t=e.seed;if(t===void 0)t=De.random.getBytesSync($.constants.SEED_BYTE_LENGTH);else if(typeof t=="string"){if(t.length!==$.constants.SEED_BYTE_LENGTH)throw new TypeError('"seed" must be '+$.constants.SEED_BYTE_LENGTH+" bytes in length.")}else if(!(t instanceof Uint8Array))throw new TypeError('"seed" must be a node.js Buffer, Uint8Array, or a binary string.');t=bt({message:t,encoding:"binary"});for(var a=new rt($.constants.PUBLIC_KEY_BYTE_LENGTH),r=new rt($.constants.PRIVATE_KEY_BYTE_LENGTH),n=0;n<32;++n)r[n]=t[n];return iu(a,r),{publicKey:a,privateKey:r}},$.privateKeyFromAsn1=function(e){var t={},a=[],r=De.asn1.validate(e,eu,t,a);if(!r){var n=new Error("Invalid Key.");throw n.errors=a,n}var s=De.asn1.derToOid(t.privateKeyOid),i=De.oids.EdDSA25519;if(s!==i)throw new Error('Invalid OID "'+s+'"; OID must be "'+i+'".');var o=t.privateKey,u=bt({message:De.asn1.fromDer(o).value,encoding:"binary"});return{privateKeyBytes:u}},$.publicKeyFromAsn1=function(e){var t={},a=[],r=De.asn1.validate(e,J0,t,a);if(!r){var n=new Error("Invalid Key.");throw n.errors=a,n}var s=De.asn1.derToOid(t.publicKeyOid),i=De.oids.EdDSA25519;if(s!==i)throw new Error('Invalid OID "'+s+'"; OID must be "'+i+'".');var o=t.ed25519PublicKey;if(o.length!==$.constants.PUBLIC_KEY_BYTE_LENGTH)throw new Error("Key length is invalid.");return bt({message:o,encoding:"binary"})},$.publicKeyFromPrivateKey=function(e){e=e||{};var t=bt({message:e.privateKey,encoding:"binary"});if(t.length!==$.constants.PRIVATE_KEY_BYTE_LENGTH)throw new TypeError('"options.privateKey" must have a byte length of '+$.constants.PRIVATE_KEY_BYTE_LENGTH);for(var a=new rt($.constants.PUBLIC_KEY_BYTE_LENGTH),r=0;r<a.length;++r)a[r]=t[32+r];return a},$.sign=function(e){e=e||{};var t=bt(e),a=bt({message:e.privateKey,encoding:"binary"});if(a.length===$.constants.SEED_BYTE_LENGTH){var r=$.generateKeyPair({seed:a});a=r.privateKey}else if(a.length!==$.constants.PRIVATE_KEY_BYTE_LENGTH)throw new TypeError('"options.privateKey" must have a byte length of '+$.constants.SEED_BYTE_LENGTH+" or "+$.constants.PRIVATE_KEY_BYTE_LENGTH);var n=new rt($.constants.SIGN_BYTE_LENGTH+t.length);su(n,t,t.length,a);for(var s=new rt($.constants.SIGN_BYTE_LENGTH),i=0;i<s.length;++i)s[i]=n[i];return s},$.verify=function(e){e=e||{};var t=bt(e);if(e.signature===void 0)throw new TypeError('"options.signature" must be a node.js Buffer, a Uint8Array, a forge ByteBuffer, or a binary string.');var a=bt({message:e.signature,encoding:"binary"});if(a.length!==$.constants.SIGN_BYTE_LENGTH)throw new TypeError('"options.signature" must have a byte length of '+$.constants.SIGN_BYTE_LENGTH);var r=bt({message:e.publicKey,encoding:"binary"});if(r.length!==$.constants.PUBLIC_KEY_BYTE_LENGTH)throw new TypeError('"options.publicKey" must have a byte length of '+$.constants.PUBLIC_KEY_BYTE_LENGTH);var n=new rt($.constants.SIGN_BYTE_LENGTH+t.length),s=new rt($.constants.SIGN_BYTE_LENGTH+t.length),i;for(i=0;i<$.constants.SIGN_BYTE_LENGTH;++i)n[i]=a[i];for(i=0;i<t.length;++i)n[i+$.constants.SIGN_BYTE_LENGTH]=t[i];return ou(s,n,n.length,r)>=0};function bt(e){var t=e.message;if(t instanceof Uint8Array||t instanceof rt)return t;var a=e.encoding;if(t===void 0)if(e.md)t=e.md.digest().getBytes(),a="binary";else throw new TypeError('"options.message" or "options.md" not specified.');if(typeof t=="string"&&!a)throw new TypeError('"options.encoding" must be "binary" or "utf8".');if(typeof t=="string"){if(typeof Buffer<"u")return Buffer.from(t,a);t=new Oa(t,a)}else if(!(t instanceof Oa))throw new TypeError('"options.message" must be a node.js Buffer, a Uint8Array, a forge ByteBuffer, or a string with "options.encoding" specifying its encoding.');for(var r=new rt(t.length()),n=0;n<r.length;++n)r[n]=t.at(n);return r}var Ka=H(),Jr=H([1]),ru=H([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),au=H([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),oi=H([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),ui=H([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),Ma=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]),nu=H([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function Br(e,t){var a=De.md.sha512.create(),r=new Oa(e);a.update(r.getBytes(t),"binary");var n=a.digest().getBytes();if(typeof Buffer<"u")return Buffer.from(n,"binary");for(var s=new rt($.constants.HASH_BYTE_LENGTH),i=0;i<64;++i)s[i]=n.charCodeAt(i);return s}function iu(e,t){var a=[H(),H(),H(),H()],r,n=Br(t,32);for(n[0]&=248,n[31]&=127,n[31]|=64,Qa(a,n),Ga(e,a),r=0;r<32;++r)t[r+32]=e[r];return 0}function su(e,t,a,r){var n,s,i=new Float64Array(64),o=[H(),H(),H(),H()],u=Br(r,32);u[0]&=248,u[31]&=127,u[31]|=64;var l=a+64;for(n=0;n<a;++n)e[64+n]=t[n];for(n=0;n<32;++n)e[32+n]=u[32+n];var f=Br(e.subarray(32),a+32);for(Ha(f),Qa(o,f),Ga(e,o),n=32;n<64;++n)e[n]=r[n];var c=Br(e,a+64);for(Ha(c),n=32;n<64;++n)i[n]=0;for(n=0;n<32;++n)i[n]=f[n];for(n=0;n<32;++n)for(s=0;s<32;s++)i[n+s]+=c[n]*u[s];return li(e.subarray(32),i),l}function ou(e,t,a,r){var n,s,i=new rt(32),o=[H(),H(),H(),H()],u=[H(),H(),H(),H()];if(s=-1,a<64||uu(u,r))return-1;for(n=0;n<a;++n)e[n]=t[n];for(n=0;n<32;++n)e[n+32]=r[n];var l=Br(e,a);if(Ha(l),pi(o,u,l),Qa(u,t.subarray(32)),qa(o,u),Ga(i,o),a-=64,hi(t,0,i,0)){for(n=0;n<a;++n)e[n]=0;return-1}for(n=0;n<a;++n)e[n]=t[n+64];return s=a,s}function li(e,t){var a,r,n,s;for(r=63;r>=32;--r){for(a=0,n=r-32,s=r-12;n<s;++n)t[n]+=a-16*t[r]*Ma[n-(r-32)],a=t[n]+128>>8,t[n]-=a*256;t[n]+=a,t[r]=0}for(a=0,n=0;n<32;++n)t[n]+=a-(t[31]>>4)*Ma[n],a=t[n]>>8,t[n]&=255;for(n=0;n<32;++n)t[n]-=a*Ma[n];for(r=0;r<32;++r)t[r+1]+=t[r]>>8,e[r]=t[r]&255}function Ha(e){for(var t=new Float64Array(64),a=0;a<64;++a)t[a]=e[a],e[a]=0;li(e,t)}function qa(e,t){var a=H(),r=H(),n=H(),s=H(),i=H(),o=H(),u=H(),l=H(),f=H();cr(a,e[1],e[0]),cr(f,t[1],t[0]),se(a,a,f),fr(r,e[0],e[1]),fr(f,t[0],t[1]),se(r,r,f),se(n,e[3],t[3]),se(n,n,au),se(s,e[2],t[2]),fr(s,s,s),cr(i,r,a),cr(o,s,n),fr(u,s,n),fr(l,r,a),se(e[0],i,o),se(e[1],l,u),se(e[2],u,o),se(e[3],i,l)}function fi(e,t,a){for(var r=0;r<4;++r)vi(e[r],t[r],a)}function Ga(e,t){var a=H(),r=H(),n=H();hu(n,t[2]),se(a,t[0],n),se(r,t[1],n),ea(e,r),e[31]^=di(a)<<7}function ea(e,t){var a,r,n,s=H(),i=H();for(a=0;a<16;++a)i[a]=t[a];for(za(i),za(i),za(i),r=0;r<2;++r){for(s[0]=i[0]-65517,a=1;a<15;++a)s[a]=i[a]-65535-(s[a-1]>>16&1),s[a-1]&=65535;s[15]=i[15]-32767-(s[14]>>16&1),n=s[15]>>16&1,s[14]&=65535,vi(i,s,1-n)}for(a=0;a<16;a++)e[2*a]=i[a]&255,e[2*a+1]=i[a]>>8}function uu(e,t){var a=H(),r=H(),n=H(),s=H(),i=H(),o=H(),u=H();return Pt(e[2],Jr),lu(e[1],t),Xt(n,e[1]),se(s,n,ru),cr(n,n,e[2]),fr(s,e[2],s),Xt(i,s),Xt(o,i),se(u,o,i),se(a,u,n),se(a,a,s),fu(a,a),se(a,a,n),se(a,a,s),se(a,a,s),se(e[0],a,s),Xt(r,e[0]),se(r,r,s),ci(r,n)&&se(e[0],e[0],nu),Xt(r,e[0]),se(r,r,s),ci(r,n)?-1:(di(e[0])===t[31]>>7&&cr(e[0],Ka,e[0]),se(e[3],e[0],e[1]),0)}function lu(e,t){var a;for(a=0;a<16;++a)e[a]=t[2*a]+(t[2*a+1]<<8);e[15]&=32767}function fu(e,t){var a=H(),r;for(r=0;r<16;++r)a[r]=t[r];for(r=250;r>=0;--r)Xt(a,a),r!==1&&se(a,a,t);for(r=0;r<16;++r)e[r]=a[r]}function ci(e,t){var a=new rt(32),r=new rt(32);return ea(a,e),ea(r,t),hi(a,0,r,0)}function hi(e,t,a,r){return cu(e,t,a,r,32)}function cu(e,t,a,r,n){var s,i=0;for(s=0;s<n;++s)i|=e[t+s]^a[r+s];return(1&i-1>>>8)-1}function di(e){var t=new rt(32);return ea(t,e),t[0]&1}function pi(e,t,a){var r,n;for(Pt(e[0],Ka),Pt(e[1],Jr),Pt(e[2],Jr),Pt(e[3],Ka),n=255;n>=0;--n)r=a[n/8|0]>>(n&7)&1,fi(e,t,r),qa(t,e),qa(e,e),fi(e,t,r)}function Qa(e,t){var a=[H(),H(),H(),H()];Pt(a[0],oi),Pt(a[1],ui),Pt(a[2],Jr),se(a[3],oi,ui),pi(e,a,t)}function Pt(e,t){var a;for(a=0;a<16;a++)e[a]=t[a]|0}function hu(e,t){var a=H(),r;for(r=0;r<16;++r)a[r]=t[r];for(r=253;r>=0;--r)Xt(a,a),r!==2&&r!==4&&se(a,a,t);for(r=0;r<16;++r)e[r]=a[r]}function za(e){var t,a,r=1;for(t=0;t<16;++t)a=e[t]+r+65535,r=Math.floor(a/65536),e[t]=a-r*65536;e[0]+=r-1+37*(r-1)}function vi(e,t,a){for(var r,n=~(a-1),s=0;s<16;++s)r=n&(e[s]^t[s]),e[s]^=r,t[s]^=r}function H(e){var t,a=new Float64Array(16);if(e)for(t=0;t<e.length;++t)a[t]=e[t];return a}function fr(e,t,a){for(var r=0;r<16;++r)e[r]=t[r]+a[r]}function cr(e,t,a){for(var r=0;r<16;++r)e[r]=t[r]-a[r]}function Xt(e,t){se(e,t,t)}function se(e,t,a){var r,n,s=0,i=0,o=0,u=0,l=0,f=0,c=0,v=0,m=0,y=0,x=0,S=0,A=0,B=0,N=0,F=0,D=0,R=0,z=0,J=0,ie=0,oe=0,ue=0,ve=0,ot=0,dt=0,le=0,Se=0,M=0,Jt=0,gr=0,Te=a[0],Ae=a[1],Ie=a[2],Pe=a[3],Ve=a[4],Fe=a[5],Oe=a[6],Ke=a[7],Me=a[8],He=a[9],qe=a[10],Ge=a[11],Qe=a[12],ze=a[13],Ye=a[14],We=a[15];r=t[0],s+=r*Te,i+=r*Ae,o+=r*Ie,u+=r*Pe,l+=r*Ve,f+=r*Fe,c+=r*Oe,v+=r*Ke,m+=r*Me,y+=r*He,x+=r*qe,S+=r*Ge,A+=r*Qe,B+=r*ze,N+=r*Ye,F+=r*We,r=t[1],i+=r*Te,o+=r*Ae,u+=r*Ie,l+=r*Pe,f+=r*Ve,c+=r*Fe,v+=r*Oe,m+=r*Ke,y+=r*Me,x+=r*He,S+=r*qe,A+=r*Ge,B+=r*Qe,N+=r*ze,F+=r*Ye,D+=r*We,r=t[2],o+=r*Te,u+=r*Ae,l+=r*Ie,f+=r*Pe,c+=r*Ve,v+=r*Fe,m+=r*Oe,y+=r*Ke,x+=r*Me,S+=r*He,A+=r*qe,B+=r*Ge,N+=r*Qe,F+=r*ze,D+=r*Ye,R+=r*We,r=t[3],u+=r*Te,l+=r*Ae,f+=r*Ie,c+=r*Pe,v+=r*Ve,m+=r*Fe,y+=r*Oe,x+=r*Ke,S+=r*Me,A+=r*He,B+=r*qe,N+=r*Ge,F+=r*Qe,D+=r*ze,R+=r*Ye,z+=r*We,r=t[4],l+=r*Te,f+=r*Ae,c+=r*Ie,v+=r*Pe,m+=r*Ve,y+=r*Fe,x+=r*Oe,S+=r*Ke,A+=r*Me,B+=r*He,N+=r*qe,F+=r*Ge,D+=r*Qe,R+=r*ze,z+=r*Ye,J+=r*We,r=t[5],f+=r*Te,c+=r*Ae,v+=r*Ie,m+=r*Pe,y+=r*Ve,x+=r*Fe,S+=r*Oe,A+=r*Ke,B+=r*Me,N+=r*He,F+=r*qe,D+=r*Ge,R+=r*Qe,z+=r*ze,J+=r*Ye,ie+=r*We,r=t[6],c+=r*Te,v+=r*Ae,m+=r*Ie,y+=r*Pe,x+=r*Ve,S+=r*Fe,A+=r*Oe,B+=r*Ke,N+=r*Me,F+=r*He,D+=r*qe,R+=r*Ge,z+=r*Qe,J+=r*ze,ie+=r*Ye,oe+=r*We,r=t[7],v+=r*Te,m+=r*Ae,y+=r*Ie,x+=r*Pe,S+=r*Ve,A+=r*Fe,B+=r*Oe,N+=r*Ke,F+=r*Me,D+=r*He,R+=r*qe,z+=r*Ge,J+=r*Qe,ie+=r*ze,oe+=r*Ye,ue+=r*We,r=t[8],m+=r*Te,y+=r*Ae,x+=r*Ie,S+=r*Pe,A+=r*Ve,B+=r*Fe,N+=r*Oe,F+=r*Ke,D+=r*Me,R+=r*He,z+=r*qe,J+=r*Ge,ie+=r*Qe,oe+=r*ze,ue+=r*Ye,ve+=r*We,r=t[9],y+=r*Te,x+=r*Ae,S+=r*Ie,A+=r*Pe,B+=r*Ve,N+=r*Fe,F+=r*Oe,D+=r*Ke,R+=r*Me,z+=r*He,J+=r*qe,ie+=r*Ge,oe+=r*Qe,ue+=r*ze,ve+=r*Ye,ot+=r*We,r=t[10],x+=r*Te,S+=r*Ae,A+=r*Ie,B+=r*Pe,N+=r*Ve,F+=r*Fe,D+=r*Oe,R+=r*Ke,z+=r*Me,J+=r*He,ie+=r*qe,oe+=r*Ge,ue+=r*Qe,ve+=r*ze,ot+=r*Ye,dt+=r*We,r=t[11],S+=r*Te,A+=r*Ae,B+=r*Ie,N+=r*Pe,F+=r*Ve,D+=r*Fe,R+=r*Oe,z+=r*Ke,J+=r*Me,ie+=r*He,oe+=r*qe,ue+=r*Ge,ve+=r*Qe,ot+=r*ze,dt+=r*Ye,le+=r*We,r=t[12],A+=r*Te,B+=r*Ae,N+=r*Ie,F+=r*Pe,D+=r*Ve,R+=r*Fe,z+=r*Oe,J+=r*Ke,ie+=r*Me,oe+=r*He,ue+=r*qe,ve+=r*Ge,ot+=r*Qe,dt+=r*ze,le+=r*Ye,Se+=r*We,r=t[13],B+=r*Te,N+=r*Ae,F+=r*Ie,D+=r*Pe,R+=r*Ve,z+=r*Fe,J+=r*Oe,ie+=r*Ke,oe+=r*Me,ue+=r*He,ve+=r*qe,ot+=r*Ge,dt+=r*Qe,le+=r*ze,Se+=r*Ye,M+=r*We,r=t[14],N+=r*Te,F+=r*Ae,D+=r*Ie,R+=r*Pe,z+=r*Ve,J+=r*Fe,ie+=r*Oe,oe+=r*Ke,ue+=r*Me,ve+=r*He,ot+=r*qe,dt+=r*Ge,le+=r*Qe,Se+=r*ze,M+=r*Ye,Jt+=r*We,r=t[15],F+=r*Te,D+=r*Ae,R+=r*Ie,z+=r*Pe,J+=r*Ve,ie+=r*Fe,oe+=r*Oe,ue+=r*Ke,ve+=r*Me,ot+=r*He,dt+=r*qe,le+=r*Ge,Se+=r*Qe,M+=r*ze,Jt+=r*Ye,gr+=r*We,s+=38*D,i+=38*R,o+=38*z,u+=38*J,l+=38*ie,f+=38*oe,c+=38*ue,v+=38*ve,m+=38*ot,y+=38*dt,x+=38*le,S+=38*Se,A+=38*M,B+=38*Jt,N+=38*gr,n=1,r=s+n+65535,n=Math.floor(r/65536),s=r-n*65536,r=i+n+65535,n=Math.floor(r/65536),i=r-n*65536,r=o+n+65535,n=Math.floor(r/65536),o=r-n*65536,r=u+n+65535,n=Math.floor(r/65536),u=r-n*65536,r=l+n+65535,n=Math.floor(r/65536),l=r-n*65536,r=f+n+65535,n=Math.floor(r/65536),f=r-n*65536,r=c+n+65535,n=Math.floor(r/65536),c=r-n*65536,r=v+n+65535,n=Math.floor(r/65536),v=r-n*65536,r=m+n+65535,n=Math.floor(r/65536),m=r-n*65536,r=y+n+65535,n=Math.floor(r/65536),y=r-n*65536,r=x+n+65535,n=Math.floor(r/65536),x=r-n*65536,r=S+n+65535,n=Math.floor(r/65536),S=r-n*65536,r=A+n+65535,n=Math.floor(r/65536),A=r-n*65536,r=B+n+65535,n=Math.floor(r/65536),B=r-n*65536,r=N+n+65535,n=Math.floor(r/65536),N=r-n*65536,r=F+n+65535,n=Math.floor(r/65536),F=r-n*65536,s+=n-1+37*(n-1),n=1,r=s+n+65535,n=Math.floor(r/65536),s=r-n*65536,r=i+n+65535,n=Math.floor(r/65536),i=r-n*65536,r=o+n+65535,n=Math.floor(r/65536),o=r-n*65536,r=u+n+65535,n=Math.floor(r/65536),u=r-n*65536,r=l+n+65535,n=Math.floor(r/65536),l=r-n*65536,r=f+n+65535,n=Math.floor(r/65536),f=r-n*65536,r=c+n+65535,n=Math.floor(r/65536),c=r-n*65536,r=v+n+65535,n=Math.floor(r/65536),v=r-n*65536,r=m+n+65535,n=Math.floor(r/65536),m=r-n*65536,r=y+n+65535,n=Math.floor(r/65536),y=r-n*65536,r=x+n+65535,n=Math.floor(r/65536),x=r-n*65536,r=S+n+65535,n=Math.floor(r/65536),S=r-n*65536,r=A+n+65535,n=Math.floor(r/65536),A=r-n*65536,r=B+n+65535,n=Math.floor(r/65536),B=r-n*65536,r=N+n+65535,n=Math.floor(r/65536),N=r-n*65536,r=F+n+65535,n=Math.floor(r/65536),F=r-n*65536,s+=n-1+37*(n-1),e[0]=s,e[1]=i,e[2]=o,e[3]=u,e[4]=l,e[5]=f,e[6]=c,e[7]=v,e[8]=m,e[9]=y,e[10]=x,e[11]=S,e[12]=A,e[13]=B,e[14]=N,e[15]=F}var it=Y;it.kem=it.kem||{};var yi=it.jsbn.BigInteger;it.kem.rsa={},it.kem.rsa.create=function(e,t){t=t||{};var a=t.prng||it.random,r={};return r.encrypt=function(n,s){var i=Math.ceil(n.n.bitLength()/8),o;do o=new yi(it.util.bytesToHex(a.getBytesSync(i)),16).mod(n.n);while(o.compareTo(yi.ONE)<=0);o=it.util.hexToBytes(o.toString(16));var u=i-o.length;u>0&&(o=it.util.fillString(String.fromCharCode(0),u)+o);var l=n.encrypt(o,"NONE"),f=e.generate(o,s);return{encapsulation:l,key:f}},r.decrypt=function(n,s,i){var o=n.decrypt(s,"NONE");return e.generate(o,i)},r},it.kem.kdf1=function(e,t){gi(this,e,0,t||e.digestLength)},it.kem.kdf2=function(e,t){gi(this,e,1,t||e.digestLength)};function gi(e,t,a,r){e.generate=function(n,s){for(var i=new it.util.ByteBuffer,o=Math.ceil(s/r)+a,u=new it.util.ByteBuffer,l=a;l<o;++l){u.putInt32(l),t.start(),t.update(n+u.getBytes());var f=t.digest();i.putBytes(f.getBytes(r))}return i.truncate(i.length()-s),i.getBytes()}}var Z=Y;Z.log=Z.log||{},Z.log.levels=["none","error","warning","info","debug","verbose","max"];var ta={},Ya=[],br=null;Z.log.LEVEL_LOCKED=1<<1,Z.log.NO_LEVEL_CHECK=1<<2,Z.log.INTERPOLATE=1<<3;for(var Vt=0;Vt<Z.log.levels.length;++Vt){var mi=Z.log.levels[Vt];ta[mi]={index:Vt,name:mi.toUpperCase()}}Z.log.logMessage=function(e){for(var t=ta[e.level].index,a=0;a<Ya.length;++a){var r=Ya[a];if(r.flags&Z.log.NO_LEVEL_CHECK)r.f(e);else{var n=ta[r.level].index;t<=n&&r.f(r,e)}}},Z.log.prepareStandard=function(e){"standard"in e||(e.standard=ta[e.level].name+" ["+e.category+"] "+e.message)},Z.log.prepareFull=function(e){if(!("full"in e)){var t=[e.message];t=t.concat([]),e.full=Z.util.format.apply(this,t)}},Z.log.prepareStandardFull=function(e){"standardFull"in e||(Z.log.prepareStandard(e),e.standardFull=e.standard)};for(var Ci=["error","warning","info","debug","verbose"],Vt=0;Vt<Ci.length;++Vt)(function(t){Z.log[t]=function(a,r){var n=Array.prototype.slice.call(arguments).slice(2),s={timestamp:new Date,level:t,category:a,message:r,arguments:n};Z.log.logMessage(s)}})(Ci[Vt]);if(Z.log.makeLogger=function(e){var t={flags:0,f:e};return Z.log.setLevel(t,"none"),t},Z.log.setLevel=function(e,t){var a=!1;if(e&&!(e.flags&Z.log.LEVEL_LOCKED))for(var r=0;r<Z.log.levels.length;++r){var n=Z.log.levels[r];if(t==n){e.level=t,a=!0;break}}return a},Z.log.lock=function(e,t){typeof t>"u"||t?e.flags|=Z.log.LEVEL_LOCKED:e.flags&=~Z.log.LEVEL_LOCKED},Z.log.addLogger=function(e){Ya.push(e)},typeof console<"u"&&"log"in console){var _r;if(console.error&&console.warn&&console.info&&console.debug){var du={error:console.error,warning:console.warn,info:console.info,debug:console.debug,verbose:console.debug},Wa=function(e,t){Z.log.prepareStandard(t);var a=du[t.level],r=[t.standard];r=r.concat(t.arguments.slice()),a.apply(console,r)};_r=Z.log.makeLogger(Wa)}else{var Wa=function(t,a){Z.log.prepareStandardFull(a),console.log(a.standardFull)};_r=Z.log.makeLogger(Wa)}Z.log.setLevel(_r,"debug"),Z.log.addLogger(_r),br=_r}else console={log:function(){}};if(br!==null){var ra=Z.util.getQueryVariables();if("console.level"in ra&&Z.log.setLevel(br,ra["console.level"].slice(-1)[0]),"console.lock"in ra){var pu=ra["console.lock"].slice(-1)[0];pu=="true"&&Z.log.lock(br)}}Z.log.consoleLogger=br;var vu={exports:{}};(function(e){e.exports=Gi})(vu);var U=Y,C=U.asn1,Ze=U.pkcs7=U.pkcs7||{};Ze.messageFromPem=function(e){var t=U.pem.decode(e)[0];if(t.type!=="PKCS7"){var a=new Error('Could not convert PKCS#7 message from PEM; PEM header type is not "PKCS#7".');throw a.headerType=t.type,a}if(t.procType&&t.procType.type==="ENCRYPTED")throw new Error("Could not convert PKCS#7 message from PEM; PEM is encrypted.");var r=C.fromDer(t.body);return Ze.messageFromAsn1(r)},Ze.messageToPem=function(e,t){var a={type:"PKCS7",body:C.toDer(e.toAsn1()).getBytes()};return U.pem.encode(a,{maxline:t})},Ze.messageFromAsn1=function(e){var t={},a=[];if(!C.validate(e,Ze.asn1.contentInfoValidator,t,a)){var r=new Error("Cannot read PKCS#7 message. ASN.1 object is not an PKCS#7 ContentInfo.");throw r.errors=a,r}var n=C.derToOid(t.contentType),s;switch(n){case U.pki.oids.envelopedData:s=Ze.createEnvelopedData();break;case U.pki.oids.encryptedData:s=Ze.createEncryptedData();break;case U.pki.oids.signedData:s=Ze.createSignedData();break;default:throw new Error("Cannot read PKCS#7 message. ContentType with OID "+n+" is not (yet) supported.")}return s.fromAsn1(t.content.value[0]),s},Ze.createSignedData=function(){var e=null;return e={type:U.pki.oids.signedData,version:1,certificates:[],crls:[],signers:[],digestAlgorithmIdentifiers:[],contentInfo:null,signerInfos:[],fromAsn1:function(r){if(Xa(e,r,Ze.asn1.signedDataValidator),e.certificates=[],e.crls=[],e.digestAlgorithmIdentifiers=[],e.contentInfo=null,e.signerInfos=[],e.rawCapture.certificates)for(var n=e.rawCapture.certificates.value,s=0;s<n.length;++s)e.certificates.push(U.pki.certificateFromAsn1(n[s]))},toAsn1:function(){e.contentInfo||e.sign();for(var r=[],n=0;n<e.certificates.length;++n)r.push(U.pki.certificateToAsn1(e.certificates[n]));var s=[],i=C.create(C.Class.CONTEXT_SPECIFIC,0,!0,[C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.INTEGER,!1,C.integerToDer(e.version).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.SET,!0,e.digestAlgorithmIdentifiers),e.contentInfo])]);return r.length>0&&i.value[0].value.push(C.create(C.Class.CONTEXT_SPECIFIC,0,!0,r)),s.length>0&&i.value[0].value.push(C.create(C.Class.CONTEXT_SPECIFIC,1,!0,s)),i.value[0].value.push(C.create(C.Class.UNIVERSAL,C.Type.SET,!0,e.signerInfos)),C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(e.type).getBytes()),i])},addSigner:function(r){var n=r.issuer,s=r.serialNumber;if(r.certificate){var i=r.certificate;typeof i=="string"&&(i=U.pki.certificateFromPem(i)),n=i.issuer.attributes,s=i.serialNumber}var o=r.key;if(!o)throw new Error("Could not add PKCS#7 signer; no private key specified.");typeof o=="string"&&(o=U.pki.privateKeyFromPem(o));var u=r.digestAlgorithm||U.pki.oids.sha1;switch(u){case U.pki.oids.sha1:case U.pki.oids.sha256:case U.pki.oids.sha384:case U.pki.oids.sha512:case U.pki.oids.md5:break;default:throw new Error("Could not add PKCS#7 signer; unknown message digest algorithm: "+u)}var l=r.authenticatedAttributes||[];if(l.length>0){for(var f=!1,c=!1,v=0;v<l.length;++v){var m=l[v];if(!f&&m.type===U.pki.oids.contentType){if(f=!0,c)break;continue}if(!c&&m.type===U.pki.oids.messageDigest){if(c=!0,f)break;continue}}if(!f||!c)throw new Error("Invalid signer.authenticatedAttributes. If signer.authenticatedAttributes is specified, then it must contain at least two attributes, PKCS #9 content-type and PKCS #9 message-digest.")}e.signers.push({key:o,version:1,issuer:n,serialNumber:s,digestAlgorithm:u,signatureAlgorithm:U.pki.oids.rsaEncryption,signature:null,authenticatedAttributes:l,unauthenticatedAttributes:[]})},sign:function(r){if(r=r||{},(typeof e.content!="object"||e.contentInfo===null)&&(e.contentInfo=C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(U.pki.oids.data).getBytes())]),"content"in e)){var n;e.content instanceof U.util.ByteBuffer?n=e.content.bytes():typeof e.content=="string"&&(n=U.util.encodeUtf8(e.content)),r.detached?e.detachedContent=C.create(C.Class.UNIVERSAL,C.Type.OCTETSTRING,!1,n):e.contentInfo.value.push(C.create(C.Class.CONTEXT_SPECIFIC,0,!0,[C.create(C.Class.UNIVERSAL,C.Type.OCTETSTRING,!1,n)]))}if(e.signers.length!==0){var s=t();a(s)}},verify:function(){throw new Error("PKCS#7 signature verification not yet implemented.")},addCertificate:function(r){typeof r=="string"&&(r=U.pki.certificateFromPem(r)),e.certificates.push(r)},addCertificateRevokationList:function(r){throw new Error("PKCS#7 CRL support not yet implemented.")}},e;function t(){for(var r={},n=0;n<e.signers.length;++n){var s=e.signers[n],i=s.digestAlgorithm;i in r||(r[i]=U.md[U.pki.oids[i]].create()),s.authenticatedAttributes.length===0?s.md=r[i]:s.md=U.md[U.pki.oids[i]].create()}e.digestAlgorithmIdentifiers=[];for(var i in r)e.digestAlgorithmIdentifiers.push(C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(i).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.NULL,!1,"")]));return r}function a(r){var n;if(e.detachedContent?n=e.detachedContent:(n=e.contentInfo.value[1],n=n.value[0]),!n)throw new Error("Could not sign PKCS#7 message; there is no content to sign.");var s=C.derToOid(e.contentInfo.value[0].value),i=C.toDer(n);i.getByte(),C.getBerValueLength(i),i=i.getBytes();for(var o in r)r[o].start().update(i);for(var u=new Date,l=0;l<e.signers.length;++l){var f=e.signers[l];if(f.authenticatedAttributes.length===0){if(s!==U.pki.oids.data)throw new Error("Invalid signer; authenticatedAttributes must be present when the ContentInfo content type is not PKCS#7 Data.")}else{f.authenticatedAttributesAsn1=C.create(C.Class.CONTEXT_SPECIFIC,0,!0,[]);for(var c=C.create(C.Class.UNIVERSAL,C.Type.SET,!0,[]),v=0;v<f.authenticatedAttributes.length;++v){var m=f.authenticatedAttributes[v];m.type===U.pki.oids.messageDigest?m.value=r[f.digestAlgorithm].digest():m.type===U.pki.oids.signingTime&&(m.value||(m.value=u)),c.value.push(ja(m)),f.authenticatedAttributesAsn1.value.push(ja(m))}i=C.toDer(c).getBytes(),f.md.start().update(i)}f.signature=f.key.sign(f.md,"RSASSA-PKCS1-V1_5")}e.signerInfos=xu(e.signers)}},Ze.createEncryptedData=function(){var e=null;return e={type:U.pki.oids.encryptedData,version:0,encryptedContent:{algorithm:U.pki.oids["aes256-CBC"]},fromAsn1:function(t){Xa(e,t,Ze.asn1.encryptedDataValidator)},decrypt:function(t){t!==void 0&&(e.encryptedContent.key=t),Ei(e)}},e},Ze.createEnvelopedData=function(){var e=null;return e={type:U.pki.oids.envelopedData,version:0,recipients:[],encryptedContent:{algorithm:U.pki.oids["aes256-CBC"]},fromAsn1:function(t){var a=Xa(e,t,Ze.asn1.envelopedDataValidator);e.recipients=mu(a.recipientInfos.value)},toAsn1:function(){return C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(e.type).getBytes()),C.create(C.Class.CONTEXT_SPECIFIC,0,!0,[C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.INTEGER,!1,C.integerToDer(e.version).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.SET,!0,Cu(e.recipients)),C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,Su(e.encryptedContent))])])])},findRecipient:function(t){for(var a=t.issuer.attributes,r=0;r<e.recipients.length;++r){var n=e.recipients[r],s=n.issuer;if(n.serialNumber===t.serialNumber&&s.length===a.length){for(var i=!0,o=0;o<a.length;++o)if(s[o].type!==a[o].type||s[o].value!==a[o].value){i=!1;break}if(i)return n}}return null},decrypt:function(t,a){if(e.encryptedContent.key===void 0&&t!==void 0&&a!==void 0)switch(t.encryptedContent.algorithm){case U.pki.oids.rsaEncryption:case U.pki.oids.desCBC:var r=a.decrypt(t.encryptedContent.content);e.encryptedContent.key=U.util.createBuffer(r);break;default:throw new Error("Unsupported asymmetric cipher, OID "+t.encryptedContent.algorithm)}Ei(e)},addRecipient:function(t){e.recipients.push({version:0,issuer:t.issuer.attributes,serialNumber:t.serialNumber,encryptedContent:{algorithm:U.pki.oids.rsaEncryption,key:t.publicKey}})},encrypt:function(t,a){if(e.encryptedContent.content===void 0){a=a||e.encryptedContent.algorithm,t=t||e.encryptedContent.key;var r,n,s;switch(a){case U.pki.oids["aes128-CBC"]:r=16,n=16,s=U.aes.createEncryptionCipher;break;case U.pki.oids["aes192-CBC"]:r=24,n=16,s=U.aes.createEncryptionCipher;break;case U.pki.oids["aes256-CBC"]:r=32,n=16,s=U.aes.createEncryptionCipher;break;case U.pki.oids["des-EDE3-CBC"]:r=24,n=8,s=U.des.createEncryptionCipher;break;default:throw new Error("Unsupported symmetric cipher, OID "+a)}if(t===void 0)t=U.util.createBuffer(U.random.getBytes(r));else if(t.length()!=r)throw new Error("Symmetric key has wrong length; got "+t.length()+" bytes, expected "+r+".");e.encryptedContent.algorithm=a,e.encryptedContent.key=t,e.encryptedContent.parameter=U.util.createBuffer(U.random.getBytes(n));var i=s(t);if(i.start(e.encryptedContent.parameter.copy()),i.update(e.content),!i.finish())throw new Error("Symmetric encryption failed.");e.encryptedContent.content=i.output}for(var o=0;o<e.recipients.length;++o){var u=e.recipients[o];if(u.encryptedContent.content===void 0)switch(u.encryptedContent.algorithm){case U.pki.oids.rsaEncryption:u.encryptedContent.content=u.encryptedContent.key.encrypt(e.encryptedContent.key.data);break;default:throw new Error("Unsupported asymmetric cipher, OID "+u.encryptedContent.algorithm)}}}},e};function yu(e){var t={},a=[];if(!C.validate(e,Ze.asn1.recipientInfoValidator,t,a)){var r=new Error("Cannot read PKCS#7 RecipientInfo. ASN.1 object is not an PKCS#7 RecipientInfo.");throw r.errors=a,r}return{version:t.version.charCodeAt(0),issuer:U.pki.RDNAttributesAsArray(t.issuer),serialNumber:U.util.createBuffer(t.serial).toHex(),encryptedContent:{algorithm:C.derToOid(t.encAlgorithm),parameter:t.encParameter.value,content:t.encKey}}}function gu(e){return C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.INTEGER,!1,C.integerToDer(e.version).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[U.pki.distinguishedNameToAsn1({attributes:e.issuer}),C.create(C.Class.UNIVERSAL,C.Type.INTEGER,!1,U.util.hexToBytes(e.serialNumber))]),C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(e.encryptedContent.algorithm).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.NULL,!1,"")]),C.create(C.Class.UNIVERSAL,C.Type.OCTETSTRING,!1,e.encryptedContent.content)])}function mu(e){for(var t=[],a=0;a<e.length;++a)t.push(yu(e[a]));return t}function Cu(e){for(var t=[],a=0;a<e.length;++a)t.push(gu(e[a]));return t}function Eu(e){var t=C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.INTEGER,!1,C.integerToDer(e.version).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[U.pki.distinguishedNameToAsn1({attributes:e.issuer}),C.create(C.Class.UNIVERSAL,C.Type.INTEGER,!1,U.util.hexToBytes(e.serialNumber))]),C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(e.digestAlgorithm).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.NULL,!1,"")])]);if(e.authenticatedAttributesAsn1&&t.value.push(e.authenticatedAttributesAsn1),t.value.push(C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(e.signatureAlgorithm).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.NULL,!1,"")])),t.value.push(C.create(C.Class.UNIVERSAL,C.Type.OCTETSTRING,!1,e.signature)),e.unauthenticatedAttributes.length>0){for(var a=C.create(C.Class.CONTEXT_SPECIFIC,1,!0,[]),r=0;r<e.unauthenticatedAttributes.length;++r){var n=e.unauthenticatedAttributes[r];a.values.push(ja(n))}t.value.push(a)}return t}function xu(e){for(var t=[],a=0;a<e.length;++a)t.push(Eu(e[a]));return t}function ja(e){var t;if(e.type===U.pki.oids.contentType)t=C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(e.value).getBytes());else if(e.type===U.pki.oids.messageDigest)t=C.create(C.Class.UNIVERSAL,C.Type.OCTETSTRING,!1,e.value.bytes());else if(e.type===U.pki.oids.signingTime){var a=new Date("1950-01-01T00:00:00Z"),r=new Date("2050-01-01T00:00:00Z"),n=e.value;if(typeof n=="string"){var s=Date.parse(n);isNaN(s)?n.length===13?n=C.utcTimeToDate(n):n=C.generalizedTimeToDate(n):n=new Date(s)}n>=a&&n<r?t=C.create(C.Class.UNIVERSAL,C.Type.UTCTIME,!1,C.dateToUtcTime(n)):t=C.create(C.Class.UNIVERSAL,C.Type.GENERALIZEDTIME,!1,C.dateToGeneralizedTime(n))}return C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(e.type).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.SET,!0,[t])])}function Su(e){return[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(U.pki.oids.data).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.SEQUENCE,!0,[C.create(C.Class.UNIVERSAL,C.Type.OID,!1,C.oidToDer(e.algorithm).getBytes()),C.create(C.Class.UNIVERSAL,C.Type.OCTETSTRING,!1,e.parameter.getBytes())]),C.create(C.Class.CONTEXT_SPECIFIC,0,!0,[C.create(C.Class.UNIVERSAL,C.Type.OCTETSTRING,!1,e.content.getBytes())])]}function Xa(e,t,a){var r={},n=[];if(!C.validate(t,a,r,n)){var s=new Error("Cannot read PKCS#7 message. ASN.1 object is not a supported PKCS#7 message.");throw s.errors=s,s}var i=C.derToOid(r.contentType);if(i!==U.pki.oids.data)throw new Error("Unsupported PKCS#7 message. Only wrapped ContentType Data supported.");if(r.encryptedContent){var o="";if(U.util.isArray(r.encryptedContent))for(var u=0;u<r.encryptedContent.length;++u){if(r.encryptedContent[u].type!==C.Type.OCTETSTRING)throw new Error("Malformed PKCS#7 message, expecting encrypted content constructed of only OCTET STRING objects.");o+=r.encryptedContent[u].value}else o=r.encryptedContent;e.encryptedContent={algorithm:C.derToOid(r.encAlgorithm),parameter:U.util.createBuffer(r.encParameter.value),content:U.util.createBuffer(o)}}if(r.content){var o="";if(U.util.isArray(r.content))for(var u=0;u<r.content.length;++u){if(r.content[u].type!==C.Type.OCTETSTRING)throw new Error("Malformed PKCS#7 message, expecting content constructed of only OCTET STRING objects.");o+=r.content[u].value}else o=r.content;e.content=U.util.createBuffer(o)}return e.version=r.version.charCodeAt(0),e.rawCapture=r,r}function Ei(e){if(e.encryptedContent.key===void 0)throw new Error("Symmetric key not available.");if(e.content===void 0){var t;switch(e.encryptedContent.algorithm){case U.pki.oids["aes128-CBC"]:case U.pki.oids["aes192-CBC"]:case U.pki.oids["aes256-CBC"]:t=U.aes.createDecryptionCipher(e.encryptedContent.key);break;case U.pki.oids.desCBC:case U.pki.oids["des-EDE3-CBC"]:t=U.des.createDecryptionCipher(e.encryptedContent.key);break;default:throw new Error("Unsupported symmetric cipher, OID "+e.encryptedContent.algorithm)}if(t.start(e.encryptedContent.parameter),t.update(e.encryptedContent.content),!t.finish())throw new Error("Symmetric decryption failed.");e.content=t.output}}var Ee=Y,aa=Ee.ssh=Ee.ssh||{};aa.privateKeyToPutty=function(e,t,a){a=a||"",t=t||"";var r="ssh-rsa",n=t===""?"none":"aes256-cbc",s="PuTTY-User-Key-File-2: "+r+`\r
17
+ `;s+="Encryption: "+n+`\r
18
+ `,s+="Comment: "+a+`\r
19
+ `;var i=Ee.util.createBuffer();hr(i,r),Tt(i,e.e),Tt(i,e.n);var o=Ee.util.encode64(i.bytes(),64),u=Math.floor(o.length/66)+1;s+="Public-Lines: "+u+`\r
20
+ `,s+=o;var l=Ee.util.createBuffer();Tt(l,e.d),Tt(l,e.p),Tt(l,e.q),Tt(l,e.qInv);var f;if(!t)f=Ee.util.encode64(l.bytes(),64);else{var c=l.length()+16-1;c-=c%16;var v=na(l.bytes());v.truncate(v.length()-c+l.length()),l.putBuffer(v);var m=Ee.util.createBuffer();m.putBuffer(na("\0\0\0\0",t)),m.putBuffer(na("\0\0\0",t));var y=Ee.aes.createEncryptionCipher(m.truncate(8),"CBC");y.start(Ee.util.createBuffer().fillWithByte(0,16)),y.update(l.copy()),y.finish();var x=y.output;x.truncate(16),f=Ee.util.encode64(x.bytes(),64)}u=Math.floor(f.length/66)+1,s+=`\r
21
+ Private-Lines: `+u+`\r
22
+ `,s+=f;var S=na("putty-private-key-file-mac-key",t),A=Ee.util.createBuffer();hr(A,r),hr(A,n),hr(A,a),A.putInt32(i.length()),A.putBuffer(i),A.putInt32(l.length()),A.putBuffer(l);var B=Ee.hmac.create();return B.start("sha1",S),B.update(A.bytes()),s+=`\r
23
+ Private-MAC: `+B.digest().toHex()+`\r
24
+ `,s},aa.publicKeyToOpenSSH=function(e,t){var a="ssh-rsa";t=t||"";var r=Ee.util.createBuffer();return hr(r,a),Tt(r,e.e),Tt(r,e.n),a+" "+Ee.util.encode64(r.bytes())+" "+t},aa.privateKeyToOpenSSH=function(e,t){return t?Ee.pki.encryptRsaPrivateKey(e,t,{legacy:!0,algorithm:"aes128"}):Ee.pki.privateKeyToPem(e)},aa.getPublicKeyFingerprint=function(e,t){t=t||{};var a=t.md||Ee.md.md5.create(),r="ssh-rsa",n=Ee.util.createBuffer();hr(n,r),Tt(n,e.e),Tt(n,e.n),a.start(),a.update(n.getBytes());var s=a.digest();if(t.encoding==="hex"){var i=s.toHex();return t.delimiter?i.match(/.{2}/g).join(t.delimiter):i}else{if(t.encoding==="binary")return s.getBytes();if(t.encoding)throw new Error('Unknown encoding "'+t.encoding+'".')}return s};function Tt(e,t){var a=t.toString(16);a[0]>="8"&&(a="00"+a);var r=Ee.util.hexToBytes(a);e.putInt32(r.length),e.putBytes(r)}function hr(e,t){e.putInt32(t.length),e.putString(t)}function na(){for(var e=Ee.md.sha1.create(),t=arguments.length,a=0;a<t;++a)e.update(arguments[a]);return e.digest()}var st=Y,dr="forge.task",$a={},Tu=0;st.debug.set(dr,"tasks",$a);var Je={};st.debug.set(dr,"queues",Je);var xi="?",Au=30,Iu=20,Ft="ready",xe="running",Ue="blocked",ke="sleeping",ge="done",me="error",$t="stop",Ot="start",pr="block",Nr="unblock",vr="sleep",wr="wakeup",Zt="cancel",yr="fail",K={};K[Ft]={},K[Ft][$t]=Ft,K[Ft][Ot]=xe,K[Ft][Zt]=ge,K[Ft][yr]=me,K[xe]={},K[xe][$t]=Ft,K[xe][Ot]=xe,K[xe][pr]=Ue,K[xe][Nr]=xe,K[xe][vr]=ke,K[xe][wr]=xe,K[xe][Zt]=ge,K[xe][yr]=me,K[Ue]={},K[Ue][$t]=Ue,K[Ue][Ot]=Ue,K[Ue][pr]=Ue,K[Ue][Nr]=Ue,K[Ue][vr]=Ue,K[Ue][wr]=Ue,K[Ue][Zt]=ge,K[Ue][yr]=me,K[ke]={},K[ke][$t]=ke,K[ke][Ot]=ke,K[ke][pr]=ke,K[ke][Nr]=ke,K[ke][vr]=ke,K[ke][wr]=ke,K[ke][Zt]=ge,K[ke][yr]=me,K[ge]={},K[ge][$t]=ge,K[ge][Ot]=ge,K[ge][pr]=ge,K[ge][Nr]=ge,K[ge][vr]=ge,K[ge][wr]=ge,K[ge][Zt]=ge,K[ge][yr]=me,K[me]={},K[me][$t]=me,K[me][Ot]=me,K[me][pr]=me,K[me][Nr]=me,K[me][vr]=me,K[me][wr]=me,K[me][Zt]=me,K[me][yr]=me;var at=function(e){this.id=-1,this.name=e.name||xi,this.parent=e.parent||null,this.run=e.run,this.subtasks=[],this.error=!1,this.state=Ft,this.blocks=0,this.timeoutId=null,this.swapTime=null,this.userData=null,this.id=Tu++,$a[this.id]=this};at.prototype.debug=function(e){e=e||"",st.log.debug(dr,e,"[%s][%s] task:",this.id,this.name,this,"subtasks:",this.subtasks.length,"queue:",Je)},at.prototype.next=function(e,t){typeof e=="function"&&(t=e,e=this.name);var a=new at({run:t,name:e,parent:this});return a.state=xe,a.type=this.type,a.successCallback=this.successCallback||null,a.failureCallback=this.failureCallback||null,this.subtasks.push(a),this},at.prototype.parallel=function(e,t){return st.util.isArray(e)&&(t=e,e=this.name),this.next(e,function(a){var r=a;r.block(t.length);for(var n=function(u,l){st.task.start({type:u,run:function(f){t[l](f)},success:function(f){r.unblock()},failure:function(f){r.unblock()}})},s=0;s<t.length;s++){var i=e+"__parallel-"+a.id+"-"+s,o=s;n(i,o)}})},at.prototype.stop=function(){this.state=K[this.state][$t]},at.prototype.start=function(){this.error=!1,this.state=K[this.state][Ot],this.state===xe&&(this.start=new Date,this.run(this),Kt(this,0))},at.prototype.block=function(e){e=typeof e>"u"?1:e,this.blocks+=e,this.blocks>0&&(this.state=K[this.state][pr])},at.prototype.unblock=function(e){return e=typeof e>"u"?1:e,this.blocks-=e,this.blocks===0&&this.state!==ge&&(this.state=xe,Kt(this,0)),this.blocks},at.prototype.sleep=function(e){e=typeof e>"u"?0:e,this.state=K[this.state][vr];var t=this;this.timeoutId=setTimeout(function(){t.timeoutId=null,t.state=xe,Kt(t,0)},e)},at.prototype.wait=function(e){e.wait(this)},at.prototype.wakeup=function(){this.state===ke&&(cancelTimeout(this.timeoutId),this.timeoutId=null,this.state=xe,Kt(this,0))},at.prototype.cancel=function(){this.state=K[this.state][Zt],this.permitsNeeded=0,this.timeoutId!==null&&(cancelTimeout(this.timeoutId),this.timeoutId=null),this.subtasks=[]},at.prototype.fail=function(e){if(this.error=!0,Za(this,!0),e)e.error=this.error,e.swapTime=this.swapTime,e.userData=this.userData,Kt(e,0);else{if(this.parent!==null){for(var t=this.parent;t.parent!==null;)t.error=this.error,t.swapTime=this.swapTime,t.userData=this.userData,t=t.parent;Za(t,!0)}this.failureCallback&&this.failureCallback(this)}};var Bu=function(e){e.error=!1,e.state=K[e.state][Ot],setTimeout(function(){e.state===xe&&(e.swapTime=+new Date,e.run(e),Kt(e,0))},0)},Kt=function(e,t){var a=t>Au||+new Date-e.swapTime>Iu,r=function(n){if(n++,e.state===xe)if(a&&(e.swapTime=+new Date),e.subtasks.length>0){var s=e.subtasks.shift();s.error=e.error,s.swapTime=e.swapTime,s.userData=e.userData,s.run(s),s.error||Kt(s,n)}else Za(e),e.error||e.parent!==null&&(e.parent.error=e.error,e.parent.swapTime=e.swapTime,e.parent.userData=e.userData,Kt(e.parent,n))};a?setTimeout(r,0):r(t)},Za=function(e,t){e.state=ge,delete $a[e.id],e.parent===null&&(e.type in Je?Je[e.type].length===0?st.log.error(dr,"[%s][%s] task queue empty [%s]",e.id,e.name,e.type):Je[e.type][0]!==e?st.log.error(dr,"[%s][%s] task not first in queue [%s]",e.id,e.name,e.type):(Je[e.type].shift(),Je[e.type].length===0?delete Je[e.type]:Je[e.type][0].start()):st.log.error(dr,"[%s][%s] task queue missing [%s]",e.id,e.name,e.type),t||(e.error&&e.failureCallback?e.failureCallback(e):!e.error&&e.successCallback&&e.successCallback(e)))};st.task=st.task||{},st.task.start=function(e){var t=new at({run:e.run,name:e.name||xi});t.type=e.type,t.successCallback=e.success||null,t.failureCallback=e.failure||null,t.type in Je?Je[e.type].push(t):(Je[t.type]=[t],Bu(t))},st.task.cancel=function(e){e in Je&&(Je[e]=[Je[e][0]])},st.task.createCondition=function(){var e={tasks:{}};return e.wait=function(t){t.id in e.tasks||(t.block(),e.tasks[t.id]=t)},e.notify=function(){var t=e.tasks;e.tasks={};for(var a in t)t[a].unblock()},e},function(e){e.exports=Y}(an);const bu=Di(an.exports);class Ja{constructor(t){Ce(this,"crt");Ce(this,"key");Ce(this,"csr");Ce(this,"detail");Ce(this,"expires");this.crt=t.crt,this.key=t.key,this.csr=t.csr;const{detail:a,expires:r}=this.getCrtDetail(this.crt);this.detail=a,this.expires=r.getTime()}toCertInfo(){return{crt:this.crt,key:this.key,csr:this.csr}}getCrtDetail(t){const r=bu.pki.certificateFromPem(t.toString()),n=r.validity.notAfter;return{detail:r,expires:n}}saveToFile(t,a){a==null&&(a=Ht.join(Ht.tmpdir(),"/certd/tmp/",Math.floor(Math.random()*1e6)+"",`cert.${t}`));const r=Ht.dirname(a);return Ht.existsSync(r)||Ht.mkdirSync(r,{recursive:!0}),Ht.writeFileSync(a,this[t]),a}}ee.CertApplyPlugin=class extends ae.AbstractTaskPlugin{constructor(){super(...arguments);Ce(this,"domains");Ce(this,"email");Ce(this,"dnsProviderType");Ce(this,"dnsProviderAccess");Ce(this,"renewDays");Ce(this,"forceUpdate");Ce(this,"csrInfo");Ce(this,"acme");Ce(this,"logger");Ce(this,"userContext");Ce(this,"accessService");Ce(this,"http");Ce(this,"lastStatus");Ce(this,"cert")}async onInstance(){this.acme=new Ii({userContext:this.userContext,logger:this.logger})}async execute(){const a=await this.condition();if(a!=null)return this.output(a);const r=await this.doCertApply();if(r!=null)this.output(r.toCertInfo()),this.clearLastStatus();else throw new Error("\u7533\u8BF7\u8BC1\u4E66\u5931\u8D25")}output(a){this.cert=a}async condition(){var o,u;if(this.forceUpdate)return null;let a=!1;const r=JSON.stringify((u=(o=this.lastStatus)==null?void 0:o.input)==null?void 0:u.domains),n=JSON.stringify(this.domains);r!==n&&(a=!0);let s;try{s=await this.readLastCert()}catch(l){this.logger.warn("\u8BFB\u53D6cert\u5931\u8D25\uFF1A",l)}if(s==null)return this.logger.info("\u8FD8\u672A\u7533\u8BF7\u8FC7\uFF0C\u51C6\u5907\u7533\u8BF7\u65B0\u8BC1\u4E66"),null;if(a)return this.logger.info("\u8F93\u5165\u53C2\u6570\u53D8\u66F4\uFF0C\u7533\u8BF7\u65B0\u8BC1\u4E66"),null;const i=this.isWillExpire(s.expires,this.renewDays);return i.isWillExpire?(this.logger.info("\u5373\u5C06\u8FC7\u671F\uFF0C\u5F00\u59CB\u66F4\u65B0\u8BC1\u4E66"),null):(this.logger.info(`\u8BC1\u4E66\u8FD8\u672A\u8FC7\u671F\uFF1A\u8FC7\u671F\u65F6\u95F4${ia.default(s.expires).format("YYYY-MM-DD HH:mm:ss")},\u5269\u4F59${i.leftDays}\u5929`),s)}async doCertApply(){const a=this.email,r=this.domains,n=this.dnsProviderType,s=this.dnsProviderAccess,i=Rr.default.merge({country:"CN",state:"GuangDong",locality:"ShengZhen",organization:"CertD Org.",organizationUnit:"IT Department",emailAddress:a},this.csrInfo);this.logger.info("\u5F00\u59CB\u7533\u8BF7\u8BC1\u4E66,",a,r);const o=oa.get(n),u=o.target,l=o.define,f=await this.accessService.getById(s),c=new u,v={access:f,logger:this.logger,http:this.http};Ni.inject(l.autowire,c,v),await c.onInstance();const m=await this.acme.order({email:a,domains:r,dnsProvider:c,csrInfo:i,isTest:!1}),y=this.formatCerts(m);return new Ja(y)}formatCert(a){return a=a.replace(/\r/g,""),a=a.replace(/\n\n/g,`
25
+ `),a=a.replace(/\n$/g,""),a}formatCerts(a){return{crt:this.formatCert(a.crt),key:this.formatCert(a.key),csr:this.formatCert(a.csr)}}async readLastCert(){var r,n,s;const a=(s=(n=(r=this.lastStatus)==null?void 0:r.status)==null?void 0:n.output)==null?void 0:s.cert;if(a!=null)return new Ja(a)}isWillExpire(a,r=20){if(a==null)throw new Error("\u8FC7\u671F\u65F6\u95F4\u4E0D\u80FD\u4E3A\u7A7A");const n=ia.default(a).diff(ia.default(),"day");return{isWillExpire:n<r,leftDays:n}}},et([ae.TaskInput({title:"\u57DF\u540D",component:{name:"a-select",vModel:"value",mode:"tags",open:!1},required:!0,col:{span:24},helper:`\u652F\u6301\u901A\u914D\u7B26\u57DF\u540D\uFF0C\u4F8B\u5982\uFF1A *.foo.com \u3001 *.test.handsfree.work
26
+ \u652F\u6301\u591A\u4E2A\u57DF\u540D\u3001\u591A\u4E2A\u5B50\u57DF\u540D\u3001\u591A\u4E2A\u901A\u914D\u7B26\u57DF\u540D\u6253\u5230\u4E00\u4E2A\u8BC1\u4E66\u4E0A\uFF08\u57DF\u540D\u5FC5\u987B\u662F\u5728\u540C\u4E00\u4E2ADNS\u63D0\u4F9B\u5546\u89E3\u6790\uFF09
27
+ \u591A\u7EA7\u5B50\u57DF\u540D\u8981\u5206\u6210\u591A\u4E2A\u57DF\u540D\u8F93\u5165\uFF08*.foo.com\u7684\u8BC1\u4E66\u4E0D\u80FD\u7528\u4E8Exxx.yyy.foo.com\uFF09
28
+ \u8F93\u5165\u4E00\u4E2A\u56DE\u8F66\u4E4B\u540E\uFF0C\u518D\u8F93\u5165\u4E0B\u4E00\u4E2A`})],ee.CertApplyPlugin.prototype,"domains",void 0),et([ae.TaskInput({title:"\u90AE\u7BB1",component:{name:"a-input",vModel:"value"},required:!0,helper:"\u8BF7\u8F93\u5165\u90AE\u7BB1"})],ee.CertApplyPlugin.prototype,"email",void 0),et([ae.TaskInput({title:"DNS\u63D0\u4F9B\u5546",component:{name:"pi-dns-provider-selector"},required:!0,helper:"\u8BF7\u9009\u62E9dns\u89E3\u6790\u63D0\u4F9B\u5546"})],ee.CertApplyPlugin.prototype,"dnsProviderType",void 0),et([ae.TaskInput({title:"DNS\u89E3\u6790\u6388\u6743",component:{name:"pi-access-selector"},required:!0,helper:"\u8BF7\u9009\u62E9dns\u89E3\u6790\u63D0\u4F9B\u5546\u6388\u6743"})],ee.CertApplyPlugin.prototype,"dnsProviderAccess",void 0),et([ae.TaskInput({title:"\u66F4\u65B0\u5929\u6570",component:{name:"a-input-number",vModel:"value"},required:!0,helper:"\u5230\u671F\u524D\u591A\u5C11\u5929\u540E\u66F4\u65B0\u8BC1\u4E66"})],ee.CertApplyPlugin.prototype,"renewDays",void 0),et([ae.TaskInput({title:"\u5F3A\u5236\u66F4\u65B0",component:{name:"a-switch",vModel:"checked"},helper:"\u662F\u5426\u5F3A\u5236\u91CD\u65B0\u7533\u8BF7\u8BC1\u4E66"})],ee.CertApplyPlugin.prototype,"forceUpdate",void 0),et([ae.TaskInput({title:"CsrInfo"})],ee.CertApplyPlugin.prototype,"csrInfo",void 0),et([ae.Autowire()],ee.CertApplyPlugin.prototype,"logger",void 0),et([ae.Autowire()],ee.CertApplyPlugin.prototype,"userContext",void 0),et([ae.Autowire()],ee.CertApplyPlugin.prototype,"accessService",void 0),et([ae.Autowire()],ee.CertApplyPlugin.prototype,"http",void 0),et([ae.Autowire()],ee.CertApplyPlugin.prototype,"lastStatus",void 0),et([ae.TaskOutput({title:"\u57DF\u540D\u8BC1\u4E66"})],ee.CertApplyPlugin.prototype,"cert",void 0),ee.CertApplyPlugin=et([ae.IsTaskPlugin({name:"CertApply",title:"\u8BC1\u4E66\u7533\u8BF7",desc:"\u514D\u8D39\u901A\u914D\u7B26\u57DF\u540D\u8BC1\u4E66\u7533\u8BF7\uFF0C\u652F\u6301\u591A\u4E2A\u57DF\u540D\u6253\u5230\u540C\u4E00\u4E2A\u8BC1\u4E66\u4E0A",default:{input:{renewDays:20,forceUpdate:!1},strategy:{runStrategy:ae.RunStrategy.AlwaysRun}}})],ee.CertApplyPlugin),new ee.CertApplyPlugin,ee.CertReader=Ja,ee.DNS_PROVIDER_CLASS_KEY=rn,ee.IsDnsProvider=wi,ee.dnsProviderRegistry=oa,Object.defineProperties(ee,{__esModule:{value:!0},[Symbol.toStringTag]:{value:"Module"}})});