@lifeready/core 1.0.12 → 1.0.15

package/esm2015/lib/trusted-parties/tp-assembly.js

@@ -1,362 +1,362 @@
-import { __awaiter, __rest } from "tslib";
-import { mapEdges, } from '../api/types';
-import { EncryptionService } from '../cryptography/encryption.service';
-import { KeyFactoryService } from '../cryptography/key-factory.service';
-import { KeyGraphService } from '../cryptography/key-graph.service';
-import * as slip from '../cryptography/slip39.service';
-import { LrBadArgumentException, LrBadStateException, } from '../_common/exceptions';
-import { KeyService } from '../cryptography/key.service';
-import { LrGraphQLService } from '../api/lr-graphql';
-import { TpsKeysQuery } from './tp-assembly.gql.private';
-export class TpAssemblyController {
-    constructor(injector) {
-        this.keyFactory = injector.get(KeyFactoryService);
-        this.keyService = injector.get(KeyService);
-        this.encryptionService = injector.get(EncryptionService);
-        this.keyGraph = injector.get(KeyGraphService);
-        this.slip39Service = injector.get(slip.Slip39Service);
-        this.lrGraphQl = injector.get(LrGraphQLService);
-    }
-    recoverAssemblyKey(partials) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Every receiverPbkCipher should contain this and they should all be the same.
-            let assemblyKeyParams;
-            const shares = partials.map((partial) => {
-                if (assemblyKeyParams) {
-                    if (JSON.stringify(assemblyKeyParams) !==
-                        JSON.stringify(partial.assemblyKeyParams)) {
-                        throw new LrBadStateException('The assembly key parameters are different between the approvals.');
-                    }
-                }
-                else {
-                    assemblyKeyParams = partial.assemblyKeyParams;
-                }
-                return partial.slip39.share.mnemonics;
-            });
-            const rawAssemblyKey = yield this.slip39Service.recoverSecret(shares, this.slip39Passphrase);
-            return yield KeyFactoryService.asKey(Object.assign(Object.assign({}, assemblyKeyParams), { k: rawAssemblyKey }));
-        });
-    }
-    prepareTpWrappingKey(tp) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.keyGraph.getKey(tp.wrappingKeyId);
-        });
-    }
-    prepareAssembly({ subjectKey, rootKey, }) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const assemblyKey = yield this.keyFactory.createKey();
-            console.log('prepareAssembly assemblyKey', assemblyKey);
-            const _a = assemblyKey.toJSON(true), { k: rawAssemblyKey } = _a, assemblyKeyParams = __rest(_a, ["k"]);
-            const assemblyKeyVerifierPrk = yield this.keyFactory.createPkcSignKey();
-            const wrappedAssemblyKeyVerifierPrk = yield this.encryptionService.encryptToString(assemblyKey, assemblyKeyVerifierPrk.toJSON(true));
-            const assemblyKeyVerifierPbk = JSON.stringify(assemblyKeyVerifierPrk.toJSON());
-            const subjectKeyWrappedAssemblyKey = yield this.encryptionService.encryptToString(subjectKey, assemblyKey.toJSON(true));
-            // Encrypt the rootKey with the assemblyKey
-            const assemblyCipherData = yield this.encryptionService.encryptToString(assemblyKey, {
-                rootKey: rootKey.toJSON(true),
-            });
-            return {
-                assemblyKey,
-                rawAssemblyKey,
-                assemblyKeyParams,
-                subjectKeyWrappedAssemblyKey,
-                assemblyCipherData,
-                assemblyKeyVerifierPbk,
-                wrappedAssemblyKeyVerifierPrk,
-            };
-        });
-    }
-    prepareCreateSubAssemblies({ input, subjectKey, slipSubAssemblies, assemblyKeyParams, }) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return Promise.all(input.map((sa, saIndex) => __awaiter(this, void 0, void 0, function* () {
-                const subjectCipherData = yield this.encryptionService.encryptToString(subjectKey, sa.subjectCipherDataClearJson || '');
-                const createApprovers = yield Promise.all(sa.approverTps.map((approverTp, approverIndex) => __awaiter(this, void 0, void 0, function* () {
-                    return this.prepareApprover({
-                        tp: approverTp,
-                        approverIndex,
-                        slipSubAssembly: slipSubAssemblies[saIndex],
-                        assemblyKeyParams,
-                        subjectKey,
-                    });
-                })));
-                return {
-                    singleReject: sa.singleReject,
-                    quorum: sa.quorum,
-                    subjectCipherData,
-                    createApprovers,
-                };
-            })));
-        });
-    }
-    prepareUpdateSubAssemblies({ input, subjectKey, slipSubAssemblies, assemblyKeyParams, subAssemblies, }) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (slipSubAssemblies.length !== input.length) {
-                throw new LrBadArgumentException('The slipSubAssemblies must be the same length as the input');
-            }
-            return Promise.all(input.map((sa, saIndex) => __awaiter(this, void 0, void 0, function* () {
-                const subjectCipherData = yield this.encryptionService.encryptToString(subjectKey, sa.subjectCipherDataClearJson || '');
-                // Get the existing sub-assembly
-                const existingSa = subAssemblies.edges.find((edge) => edge.node.id === sa.id).node;
-                // Get approvers that do not exist yet
-                const createApprovers = [];
-                const updateApprovers = [];
-                sa.approverTps.forEach((tp) => {
-                    var _a;
-                    const approver = (_a = existingSa.approvers.edges.find((edge) => edge.node.tp.id === tp.tpId)) === null || _a === void 0 ? void 0 : _a.node;
-                    if (approver) {
-                        updateApprovers.push({
-                            tp,
-                            approverId: approver.id,
-                        });
-                    }
-                    else {
-                        createApprovers.push({
-                            tp,
-                        });
-                    }
-                });
-                const slipSubAssembly = slipSubAssemblies[saIndex];
-                return {
-                    subAssemblyId: sa.id,
-                    singleReject: sa.singleReject,
-                    quorum: sa.quorum,
-                    subjectCipherData,
-                    createApprovers: yield Promise.all(createApprovers.map(({ tp }, approverIndex) => __awaiter(this, void 0, void 0, function* () {
-                        return this.prepareApprover({
-                            tp,
-                            approverIndex,
-                            slipSubAssembly,
-                            assemblyKeyParams,
-                            subjectKey,
-                        });
-                    }))),
-                    updateApprovers: yield Promise.all(updateApprovers.map(({ tp, approverId }, approverIndex) => __awaiter(this, void 0, void 0, function* () {
-                        return this.prepareApprover({
-                            approverId,
-                            tp,
-                            approverIndex: approverIndex + createApprovers.length,
-                            slipSubAssembly,
-                            assemblyKeyParams,
-                            subjectKey,
-                        });
-                    }))),
-                };
-            })));
-        });
-    }
-    fillWrappingKeyId(input, tps) {
-        // Fill in wrappingKeyId if not present
-        input.forEach((sa) => {
-            sa.approverTps.forEach((approver) => {
-                if (!approver.wrappingKeyId) {
-                    const tp = tps.find((x) => x.id === approver.tpId);
-                    approver.wrappingKeyId = this.getTpWrappingKeyId(tp);
-                }
-            });
-        });
-    }
-    getInputApprovers(input) {
-        const tpIds = [];
-        input.forEach((sa) => {
-            sa.approverTps.forEach((approver) => {
-                tpIds.push(approver.tpId);
-            });
-        });
-        return tpIds;
-    }
-    prepareCreate(input) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const rootKey = yield this.keyService.getCurrentRootKey();
-            const subjectKey = yield this.keyFactory.createKey();
-            const rootKeyWrappedSubjectKey = yield this.keyGraph.wrapKey(rootKey, subjectKey);
-            const _a = yield this.prepareAssembly({
-                rootKey: rootKey.jwk,
-                subjectKey,
-            }), { assemblyKey, rawAssemblyKey, assemblyKeyParams } = _a, assemblyInput = __rest(_a, ["assemblyKey", "rawAssemblyKey", "assemblyKeyParams"]);
-            const slipAssembly = yield this.prepareSlip39(input.createSubAssemblies, input.quorum, rawAssemblyKey);
-            const tpIds = this.getInputApprovers(input.createSubAssemblies);
-            // This should contain all the TPs that we need to update the assembly.
-            const tps = mapEdges((yield this.lrGraphQl.query({
-                query: TpsKeysQuery,
-                variables: {
-                    ids: tpIds,
-                },
-            })).tps);
-            // Fill in wrappingKeyId if not present
-            this.fillWrappingKeyId(input.createSubAssemblies, tps);
-            const createSubAssemblies = yield this.prepareCreateSubAssemblies({
-                input: input.createSubAssemblies,
-                assemblyKeyParams,
-                slipSubAssemblies: slipAssembly.subAssemblies,
-                subjectKey,
-            });
-            return {
-                assemblyKey,
-                mutationInput: Object.assign(Object.assign({}, assemblyInput), { singleReject: input.singleReject, quorum: input.quorum, subjectCipherData: '', // TODO make this a parameter
-                    createSubAssemblies, rootKeyId: rootKey.id, rootKeyWrappedSubjectKey }),
-            };
-        });
-    }
-    getAssemblyApprovers(assembly) {
-        const tpIds = [];
-        // Find all TPs that belong to sub-assemblies
-        mapEdges(assembly.subAssemblies).map((sa) => {
-            mapEdges(sa.approvers).forEach((approver) => tpIds.push(approver.tp.id));
-        });
-        return tpIds;
-    }
-    prepareUpdate(input, assembly // TODO type this to only what we need.
-    ) {
-        return __awaiter(this, void 0, void 0, function* () {
-            input = Object.assign({ createSubAssemblies: [] }, input);
-            const createSubAssembliesInput = input.createSubAssemblies || [];
-            const updateSubAssembliesInput = input.updateSubAssemblies || [];
-            const deleteSubAssembliesInput = input.deleteSubAssemblies || [];
-            // Must have at least one.
-            if (createSubAssembliesInput.length === 0 &&
-                updateSubAssembliesInput.length === 0 &&
-                deleteSubAssembliesInput.length === 0) {
-                throw new LrBadArgumentException('Must specify at least one of: [createSubAssemblies, updateSubAssemblies, deleteSubAssemblies]');
-            }
-            const rootKey = yield this.keyService.getCurrentRootKey();
-            const subjectKey = yield this.keyGraph.getKey(assembly.subjectKey.id);
-            const _a = yield this.prepareAssembly({
-                rootKey: rootKey.jwk,
-                subjectKey: subjectKey.jwk,
-            }), { assemblyKey, rawAssemblyKey, assemblyKeyParams } = _a, assemblyInput = __rest(_a, ["assemblyKey", "rawAssemblyKey", "assemblyKeyParams"]);
-            // Find all the TPs that we need, duplicates are no problem.
-            // Existing approvers
-            const tpIds = this.getAssemblyApprovers(assembly).concat(this.getInputApprovers(createSubAssembliesInput), this.getInputApprovers(updateSubAssembliesInput));
-            // This should contain all the TPs that we need to update the assembly.
-            const tps = mapEdges((yield this.lrGraphQl.query({
-                query: TpsKeysQuery,
-                variables: {
-                    ids: tpIds,
-                },
-            })).tps);
-            // Auto fill the updateSubAssemblies with existing sub assemblies if they are not
-            // explicitly deleted.
-            mapEdges(assembly.subAssemblies).forEach((existing) => {
-                // Deleting existing, don't include it
-                if (deleteSubAssembliesInput.includes(existing.id)) {
-                    return;
-                }
-                // Update already specified in the input
-                if (updateSubAssembliesInput.some((sa) => sa.id === existing.id)) {
-                    return;
-                }
-                const approverTps = mapEdges(existing.approvers).map((approver) => {
-                    return {
-                        tpId: approver.tp.id,
-                        sharedCipherDataClearJson: approver.sharedCipherDataClearJson,
-                        sharedCipherApprovalDataClearJson: approver.sharedCipherApprovalDataClearJson,
-                    };
-                });
-                updateSubAssembliesInput.push({
-                    id: existing.id,
-                    quorum: existing.quorum,
-                    singleReject: existing.singleReject,
-                    approverTps,
-                    subjectCipherDataClearJson: existing.subjectCipherDataClearJson,
-                });
-            });
-            // Fill in wrappingKeyId if not present
-            this.fillWrappingKeyId(createSubAssembliesInput, tps);
-            this.fillWrappingKeyId(updateSubAssembliesInput, tps);
-            let slipAssembly;
-            try {
-                slipAssembly = yield this.prepareSlip39((createSubAssembliesInput || []).concat(updateSubAssembliesInput || []), input.quorum, rawAssemblyKey);
-            }
-            catch (error) {
-                // TODO this sometimes happens. Maybe missing await.
-                console.log('Error while creating slip assembly', error);
-            }
-            const common = {
-                assemblyKeyParams,
-                subjectKey: subjectKey.jwk,
-            };
-            const createSubAssemblies = yield this.prepareCreateSubAssemblies(Object.assign(Object.assign({}, common), { input: createSubAssembliesInput, 
-                // Need to match the slip sub assemblies to the input
-                slipSubAssemblies: slipAssembly.subAssemblies.slice(0, createSubAssembliesInput.length) }));
-            const updateSubAssemblies = yield this.prepareUpdateSubAssemblies(Object.assign(Object.assign({}, common), { input: updateSubAssembliesInput, 
-                // Add an offset to the sub assemblies to skip the one that are created.
-                slipSubAssemblies: slipAssembly.subAssemblies.slice(createSubAssembliesInput.length), subAssemblies: assembly.subAssemblies }));
-            return {
-                assemblyKey,
-                mutationInput: Object.assign(Object.assign({}, assemblyInput), { singleReject: input.singleReject, quorum: input.quorum, subjectCipherData: '', subjectKeyId: subjectKey.id, createSubAssemblies,
-                    updateSubAssemblies }),
-            };
-        });
-    }
-    prepareApprover({ approverId, tp, approverIndex, slipSubAssembly, assemblyKeyParams, subjectKey, }) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const tpWrappingKey = yield this.prepareTpWrappingKey(tp);
-            // shared key is rotated every time.
-            const sharedKey = yield this.keyFactory.createKey();
-            // For TP to access shared_key
-            const tpWrappedSharedKey = yield this.encryptionService.encryptToString(tpWrappingKey.jwk, sharedKey.toJSON(true));
-            // For subject to access shared_key
-            const subjectKeyWrappedSharedKey = yield this.encryptionService.encryptToString(subjectKey, sharedKey.toJSON(true));
-            // If quorum is 1, then using the same share for every member.
-            const share = slipSubAssembly.threshold === 1
-                ? slipSubAssembly.shares[0]
-                : slipSubAssembly.shares[approverIndex];
-            const partialAssemblyKey = {
-                slip39: {
-                    share,
-                    subAssembly: {
-                        quorum: slipSubAssembly.threshold,
-                        size: slipSubAssembly.size,
-                    },
-                },
-                assemblyKeyParams,
-            };
-            console.log('partialAssemblyKey', partialAssemblyKey);
-            const sharedCipherData = yield this.encryptionService.encryptToString(sharedKey, tp.sharedCipherDataClearJson || '');
-            const sharedCipherApprovalData = yield this.encryptionService.encryptToString(sharedKey, tp.sharedCipherApprovalDataClearJson || '');
-            const sharedCipherPartialAssemblyKey = yield this.encryptionService.encryptToString(sharedKey, partialAssemblyKey);
-            return {
-                tpWrappingKeyId: tpWrappingKey.id,
-                tpWrappedSharedKey,
-                subjectKeyWrappedSharedKey,
-                sharedCipherData,
-                sharedCipherApprovalData,
-                sharedCipherPartialAssemblyKey,
-                approverId: approverId || void 0,
-                tpId: approverId ? void 0 : tp.tpId,
-            };
-        });
-    }
-    validateApprovers(approvers) {
-        // Ensure all approvers have mkSharedKey.
-        for (const tp of approvers) {
-            if (!tp.currentUserSharedKey.userSharedKey.mkSharedKey) {
-                const msg = `tp ${tp.other.username} does not have mkSharedKey`;
-                console.log(msg);
-                throw new LrBadArgumentException(msg);
-            }
-        }
-    }
-    // Prepare slip39
-    prepareSlip39(subAssemblies, assemblyQuorum, rawAssemblyKey) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Is there enough sub assemblies to meet quorum
-            if (subAssemblies.length < assemblyQuorum) {
-                throw new LrBadArgumentException('Not enough sub assemblies to meet quorum');
-            }
-            const slipAssembly = new slip.Assembly(assemblyQuorum);
-            subAssemblies.forEach((sa, index) => {
-                let approverCount = sa.approverTps.length;
-                // slip39 restricts quorum == 1 to have only 1 member. So we just share the same
-                // partial key for all sub assembly members.
-                if (sa.quorum === 1) {
-                    approverCount = 1;
-                }
-                slipAssembly.addSubAssembly(new slip.SubAssembly(index, sa.quorum, approverCount));
-            });
-            yield this.slip39Service.generateShares(rawAssemblyKey, this.slip39Passphrase, slipAssembly);
-            return slipAssembly;
-        });
-    }
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHAtYXNzZW1ibHkuanMiLCJzb3VyY2VSb290IjoiL29wdC9hdGxhc3NpYW4vcGlwZWxpbmVzL2FnZW50L2J1aWxkL3Byb2plY3RzL2NvcmUvc3JjLyIsInNvdXJjZXMiOlsibGliL3RydXN0ZWQtcGFydGllcy90cC1hc3NlbWJseS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBRUEsT0FBTyxFQUVMLFFBQVEsR0FJVCxNQUFNLGNBQWMsQ0FBQztBQUN0QixPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxvQ0FBb0MsQ0FBQztBQUN2RSxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxxQ0FBcUMsQ0FBQztBQUN4RSxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sbUNBQW1DLENBQUM7QUFDcEUsT0FBTyxLQUFLLElBQUksTUFBTSxnQ0FBZ0MsQ0FBQztBQUV2RCxPQUFPLEVBQ0wsc0JBQXNCLEVBQ3RCLG1CQUFtQixHQUNwQixNQUFNLHVCQUF1QixDQUFDO0FBQy9CLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQVN6RCxPQUFPLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSxtQkFBbUIsQ0FBQztBQUNyRCxPQUFPLEVBQUUsWUFBWSxFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFFekQsTUFBTSxPQUFnQixvQkFBb0I7SUFVeEMsWUFBWSxRQUFrQjtRQUM1QixJQUFJLENBQUMsVUFBVSxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsaUJBQWlCLENBQUMsQ0FBQztRQUNsRCxJQUFJLENBQUMsVUFBVSxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDM0MsSUFBSSxDQUFDLGlCQUFpQixHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsaUJBQWlCLENBQUMsQ0FBQztRQUN6RCxJQUFJLENBQUMsUUFBUSxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsZUFBZSxDQUFDLENBQUM7UUFDOUMsSUFBSSxDQUFDLGFBQWEsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUN0RCxJQUFJLENBQUMsU0FBUyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNsRCxDQUFDO0lBSUssa0JBQWtCLENBQUMsUUFBOEI7O1lBQ3JELCtFQUErRTtZQUMvRSxJQUFJLGlCQUF5QixDQUFDO1lBRTlCLE1BQU0sTUFBTSxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRTtnQkFDdEMsSUFBSSxpQkFBaUIsRUFBRTtvQkFDckIsSUFDRSxJQUFJLENBQUMsU0FBUyxDQUFDLGlCQUFpQixDQUFDO3dCQUNqQyxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQyxFQUN6Qzt3QkFDQSxNQUFNLElBQUksbUJBQW1CLENBQzNCLGtFQUFrRSxDQUNuRSxDQUFDO3FCQUNIO2lCQUNGO3FCQUFNO29CQUNMLGlCQUFpQixHQUFHLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQztpQkFDL0M7Z0JBQ0QsT0FBTyxPQUFPLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUM7WUFDeEMsQ0FBQyxDQUFDLENBQUM7WUFFSCxNQUFNLGNBQWMsR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUMzRCxNQUFNLEVBQ04sSUFBSSxDQUFDLGdCQUFnQixDQUN0QixDQUFDO1lBRUYsT0FBTyxNQUFNLGlCQUFpQixDQUFDLEtBQUssaUNBQy9CLGlCQUFpQixLQUNwQixDQUFDLEVBQUUsY0FBYyxJQUNqQixDQUFDO1FBQ0wsQ0FBQztLQUFBO0lBRWUsb0JBQW9CLENBQ2xDLEVBQTJCOztZQUUzQixPQUFPLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUNoRCxDQUFDO0tBQUE7SUFFZSxlQUFlLENBQUMsRUFDOUIsVUFBVSxFQUNWLE9BQU8sR0FJUjs7WUFDQyxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDdEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyw2QkFBNkIsRUFBRSxXQUFXLENBQUMsQ0FBQztZQUV4RCxNQUFNLEtBQThDLFdBQVcsQ0FBQyxNQUFNLENBQ3BFLElBQUksQ0FDRSxFQUZGLEVBQUUsQ0FBQyxFQUFFLGNBQWMsT0FFakIsRUFGc0IsaUJBQWlCLGNBQXpDLEtBQTJDLENBRXpDLENBQUM7WUFDVCxNQUFNLHNCQUFzQixHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBQ3hFLE1BQU0sNkJBQTZCLEdBQ2pDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDMUMsV0FBVyxFQUNYLHNCQUFzQixDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDcEMsQ0FBQztZQUNKLE1BQU0sc0JBQXNCLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDM0Msc0JBQXNCLENBQUMsTUFBTSxFQUFFLENBQ2hDLENBQUM7WUFFRixNQUFNLDRCQUE0QixHQUNoQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQzFDLFVBQVUsRUFDVixXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUFDO1lBRUosMkNBQTJDO1lBQzNDLE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUNyRSxXQUFXLEVBQ1g7Z0JBQ0UsT0FBTyxFQUFFLE9BQU8sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDO2FBQzlCLENBQ0YsQ0FBQztZQUVGLE9BQU87Z0JBQ0wsV0FBVztnQkFDWCxjQUFjO2dCQUNkLGlCQUFpQjtnQkFDakIsNEJBQTRCO2dCQUM1QixrQkFBa0I7Z0JBQ2xCLHNCQUFzQjtnQkFDdEIsNkJBQTZCO2FBQzlCLENBQUM7UUFDSixDQUFDO0tBQUE7SUFFZSwwQkFBMEIsQ0FBQyxFQUN6QyxLQUFLLEVBQ0wsVUFBVSxFQUNWLGlCQUFpQixFQUNqQixpQkFBaUIsR0FNbEI7O1lBQ0MsT0FBTyxPQUFPLENBQUMsR0FBRyxDQUNoQixLQUFLLENBQUMsR0FBRyxDQUFDLENBQU8sRUFBRSxFQUFFLE9BQU8sRUFBRSxFQUFFO2dCQUM5QixNQUFNLGlCQUFpQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDcEUsVUFBVSxFQUNWLEVBQUUsQ0FBQywwQkFBMEIsSUFBSSxFQUFFLENBQ3BDLENBQUM7Z0JBRUYsTUFBTSxlQUFlLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUN2QyxFQUFFLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFPLFVBQVUsRUFBRSxhQUFhLEVBQUUsRUFBRTtvQkFDckQsT0FBQSxJQUFJLENBQUMsZUFBZSxDQUFDO3dCQUNuQixFQUFFLEVBQUUsVUFBVTt3QkFDZCxhQUFhO3dCQUNiLGVBQWUsRUFBRSxpQkFBaUIsQ0FBQyxPQUFPLENBQUM7d0JBQzNDLGlCQUFpQjt3QkFDakIsVUFBVTtxQkFDWCxDQUFDLENBQUE7a0JBQUEsQ0FDSCxDQUNGLENBQUM7Z0JBRUYsT0FBTztvQkFDTCxZQUFZLEVBQUUsRUFBRSxDQUFDLFlBQVk7b0JBQzdCLE1BQU0sRUFBRSxFQUFFLENBQUMsTUFBTTtvQkFDakIsaUJBQWlCO29CQUNqQixlQUFlO2lCQUNoQixDQUFDO1lBQ0osQ0FBQyxDQUFBLENBQUMsQ0FDSCxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRWUsMEJBQTBCLENBQUMsRUFDekMsS0FBSyxFQUNMLFVBQVUsRUFDVixpQkFBaUIsRUFDakIsaUJBQWlCLEVBQ2pCLGFBQWEsR0FPZDs7WUFDQyxJQUFJLGlCQUFpQixDQUFDLE1BQU0sS0FBSyxLQUFLLENBQUMsTUFBTSxFQUFFO2dCQUM3QyxNQUFNLElBQUksc0JBQXNCLENBQzlCLDREQUE0RCxDQUM3RCxDQUFDO2FBQ0g7WUFFRCxPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQ2hCLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBTyxFQUFFLEVBQUUsT0FBTyxFQUFFLEVBQUU7Z0JBQzlCLE1BQU0saUJBQWlCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUNwRSxVQUFVLEVBQ1YsRUFBRSxDQUFDLDBCQUEwQixJQUFJLEVBQUUsQ0FDcEMsQ0FBQztnQkFFRixnQ0FBZ0M7Z0JBQ2hDLE1BQU0sVUFBVSxHQUFHLGFBQWEsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUN6QyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsQ0FDakMsQ0FBQyxJQUFJLENBQUM7Z0JBRVAsc0NBQXNDO2dCQUN0QyxNQUFNLGVBQWUsR0FBRyxFQUFFLENBQUM7Z0JBQzNCLE1BQU0sZUFBZSxHQUFHLEVBQUUsQ0FBQztnQkFFM0IsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRTs7b0JBQzVCLE1BQU0sUUFBUSxTQUFHLFVBQVUsQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLElBQUksQ0FDOUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLEVBQUUsS0FBSyxFQUFFLENBQUMsSUFBSSxDQUN0QywwQ0FBRSxJQUFJLENBQUM7b0JBQ1IsSUFBSSxRQUFRLEVBQUU7d0JBQ1osZUFBZSxDQUFDLElBQUksQ0FBQzs0QkFDbkIsRUFBRTs0QkFDRixVQUFVLEVBQUUsUUFBUSxDQUFDLEVBQUU7eUJBQ3hCLENBQUMsQ0FBQztxQkFDSjt5QkFBTTt3QkFDTCxlQUFlLENBQUMsSUFBSSxDQUFDOzRCQUNuQixFQUFFO3lCQUNILENBQUMsQ0FBQztxQkFDSjtnQkFDSCxDQUFDLENBQUMsQ0FBQztnQkFFSCxNQUFNLGVBQWUsR0FBRyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFFbkQsT0FBTztvQkFDTCxhQUFhLEVBQUUsRUFBRSxDQUFDLEVBQUU7b0JBQ3BCLFlBQVksRUFBRSxFQUFFLENBQUMsWUFBWTtvQkFDN0IsTUFBTSxFQUFFLEVBQUUsQ0FBQyxNQUFNO29CQUNqQixpQkFBaUI7b0JBQ2pCLGVBQWUsRUFBRSxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQ2hDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBTyxFQUFFLEVBQUUsRUFBRSxFQUFFLGFBQWEsRUFBRSxFQUFFO3dCQUNsRCxPQUFBLElBQUksQ0FBQyxlQUFlLENBQUM7NEJBQ25CLEVBQUU7NEJBQ0YsYUFBYTs0QkFDYixlQUFlOzRCQUNmLGlCQUFpQjs0QkFDakIsVUFBVTt5QkFDWCxDQUFDLENBQUE7c0JBQUEsQ0FDSCxDQUNGO29CQUNELGVBQWUsRUFBRSxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQ2hDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBTyxFQUFFLEVBQUUsRUFBRSxVQUFVLEVBQUUsRUFBRSxhQUFhLEVBQUUsRUFBRTt3QkFDOUQsT0FBQSxJQUFJLENBQUMsZUFBZSxDQUFDOzRCQUNuQixVQUFVOzRCQUNWLEVBQUU7NEJBQ0YsYUFBYSxFQUFFLGFBQWEsR0FBRyxlQUFlLENBQUMsTUFBTTs0QkFDckQsZUFBZTs0QkFDZixpQkFBaUI7NEJBQ2pCLFVBQVU7eUJBQ1gsQ0FBQyxDQUFBO3NCQUFBLENBQ0gsQ0FDRjtpQkFDRixDQUFDO1lBQ0osQ0FBQyxDQUFBLENBQUMsQ0FDSCxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRU8saUJBQWlCLENBQUMsS0FBaUMsRUFBRSxHQUFhO1FBQ3hFLHVDQUF1QztRQUN2QyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUU7WUFDbkIsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtnQkFDbEMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxhQUFhLEVBQUU7b0JBQzNCLE1BQU0sRUFBRSxHQUFHLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLEtBQUssUUFBUSxDQUFDLElBQUksQ0FBQyxDQUFDO29CQUNuRCxRQUFRLENBQUMsYUFBYSxHQUFHLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsQ0FBQztpQkFDdEQ7WUFDSCxDQUFDLENBQUMsQ0FBQztRQUNMLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVPLGlCQUFpQixDQUFDLEtBQWlDO1FBQ3pELE1BQU0sS0FBSyxHQUFhLEVBQUUsQ0FBQztRQUMzQixLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUU7WUFDbkIsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtnQkFDbEMsS0FBSyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDNUIsQ0FBQyxDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FBQztRQUNILE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUVZLGFBQWEsQ0FBQyxLQUE0Qjs7WUFDckQsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDMUQsTUFBTSxVQUFVLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3JELE1BQU0sd0JBQXdCLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FDMUQsT0FBTyxFQUNQLFVBQVUsQ0FDWCxDQUFDO1lBRUYsTUFBTSxLQUNKLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQztnQkFDekIsT0FBTyxFQUFFLE9BQU8sQ0FBQyxHQUFHO2dCQUNwQixVQUFVO2FBQ1gsQ0FBQyxFQUpFLEVBQUUsV0FBVyxFQUFFLGNBQWMsRUFBRSxpQkFBaUIsT0FJbEQsRUFKdUQsYUFBYSxjQUFsRSxzREFBb0UsQ0FJdEUsQ0FBQztZQUVMLE1BQU0sWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FDM0MsS0FBSyxDQUFDLG1CQUFtQixFQUN6QixLQUFLLENBQUMsTUFBTSxFQUNaLGNBQWMsQ0FDZixDQUFDO1lBRUYsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLEtBQUssQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1lBRWhFLHVFQUF1RTtZQUN2RSxNQUFNLEdBQUcsR0FBRyxRQUFRLENBQ2xCLENBQ0UsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQztnQkFDekIsS0FBSyxFQUFFLFlBQVk7Z0JBQ25CLFNBQVMsRUFBRTtvQkFDVCxHQUFHLEVBQUUsS0FBSztpQkFDWDthQUNGLENBQUMsQ0FDSCxDQUFDLEdBQUcsQ0FDTixDQUFDO1lBRUYsdUNBQXVDO1lBQ3ZDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsbUJBQW1CLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFFdkQsTUFBTSxtQkFBbUIsR0FBRyxNQUFNLElBQUksQ0FBQywwQkFBMEIsQ0FBQztnQkFDaEUsS0FBSyxFQUFFLEtBQUssQ0FBQyxtQkFBbUI7Z0JBQ2hDLGlCQUFpQjtnQkFDakIsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLGFBQWE7Z0JBQzdDLFVBQVU7YUFDWCxDQUFDLENBQUM7WUFFSCxPQUFPO2dCQUNMLFdBQVc7Z0JBQ1gsYUFBYSxrQ0FDUixhQUFhLEtBQ2hCLFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWSxFQUNoQyxNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU0sRUFDcEIsaUJBQWlCLEVBQUUsRUFBRSxFQUFFLDZCQUE2QjtvQkFDcEQsbUJBQW1CLEVBQ25CLFNBQVMsRUFBRSxPQUFPLENBQUMsRUFBRSxFQUNyQix3QkFBd0IsR0FDekI7YUFDRixDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRU8sb0JBQW9CLENBQUMsUUFBd0I7UUFDbkQsTUFBTSxLQUFLLEdBQWEsRUFBRSxDQUFDO1FBRTNCLDZDQUE2QztRQUM3QyxRQUFRLENBQUMsUUFBUSxDQUFDLGFBQWEsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFO1lBQzFDLFFBQVEsQ0FBQyxFQUFFLENBQUMsU0FBUyxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsUUFBUSxFQUFFLEVBQUUsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQztRQUMzRSxDQUFDLENBQUMsQ0FBQztRQUVILE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUVZLGFBQWEsQ0FDeEIsS0FBNEIsRUFDNUIsUUFBd0IsQ0FBQyx1Q0FBdUM7OztZQUVoRSxLQUFLLG1CQUNILG1CQUFtQixFQUFFLEVBQUUsSUFDcEIsS0FBSyxDQUNULENBQUM7WUFFRixNQUFNLHdCQUF3QixHQUFHLEtBQUssQ0FBQyxtQkFBbUIsSUFBSSxFQUFFLENBQUM7WUFDakUsTUFBTSx3QkFBd0IsR0FBRyxLQUFLLENBQUMsbUJBQW1CLElBQUksRUFBRSxDQUFDO1lBQ2pFLE1BQU0sd0JBQXdCLEdBQUcsS0FBSyxDQUFDLG1CQUFtQixJQUFJLEVBQUUsQ0FBQztZQUVqRSwwQkFBMEI7WUFDMUIsSUFDRSx3QkFBd0IsQ0FBQyxNQUFNLEtBQUssQ0FBQztnQkFDckMsd0JBQXdCLENBQUMsTUFBTSxLQUFLLENBQUM7Z0JBQ3JDLHdCQUF3QixDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQ3JDO2dCQUNBLE1BQU0sSUFBSSxzQkFBc0IsQ0FDOUIsK0ZBQStGLENBQ2hHLENBQUM7YUFDSDtZQUVELE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQzFELE1BQU0sVUFBVSxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUV0RSxNQUFNLEtBQ0osTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDO2dCQUN6QixPQUFPLEVBQUUsT0FBTyxDQUFDLEdBQUc7Z0JBQ3BCLFVBQVUsRUFBRSxVQUFVLENBQUMsR0FBRzthQUMzQixDQUFDLEVBSkUsRUFBRSxXQUFXLEVBQUUsY0FBYyxFQUFFLGlCQUFpQixPQUlsRCxFQUp1RCxhQUFhLGNBQWxFLHNEQUFvRSxDQUl0RSxDQUFDO1lBRUwsNERBQTREO1lBQzVELHFCQUFxQjtZQUNyQixNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUMsTUFBTSxDQUN0RCxJQUFJLENBQUMsaUJBQWlCLENBQUMsd0JBQXdCLENBQUMsRUFDaEQsSUFBSSxDQUFDLGlCQUFpQixDQUFDLHdCQUF3QixDQUFDLENBQ2pELENBQUM7WUFFRix1RUFBdUU7WUFDdkUsTUFBTSxHQUFHLEdBQUcsUUFBUSxDQUNsQixDQUNFLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQ3pCLEtBQUssRUFBRSxZQUFZO2dCQUNuQixTQUFTLEVBQUU7b0JBQ1QsR0FBRyxFQUFFLEtBQUs7aUJBQ1g7YUFDRixDQUFDLENBQ0gsQ0FBQyxHQUFHLENBQ04sQ0FBQztZQUVGLGlGQUFpRjtZQUNqRixzQkFBc0I7WUFDdEIsUUFBUSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtnQkFDcEQsc0NBQXNDO2dCQUN0QyxJQUFJLHdCQUF3QixDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDLEVBQUU7b0JBQ2xELE9BQU87aUJBQ1I7Z0JBRUQsd0NBQXdDO2dCQUN4QyxJQUFJLHdCQUF3QixDQUFDLElBQUksQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDLEVBQUUsS0FBSyxRQUFRLENBQUMsRUFBRSxDQUFDLEVBQUU7b0JBQ2hFLE9BQU87aUJBQ1I7Z0JBRUQsTUFBTSxXQUFXLEdBQThCLFFBQVEsQ0FDckQsUUFBUSxDQUFDLFNBQVMsQ0FDbkIsQ0FBQyxHQUFHLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtvQkFDakIsT0FBTzt3QkFDTCxJQUFJLEVBQUUsUUFBUSxDQUFDLEVBQUUsQ0FBQyxFQUFFO3dCQUNwQix5QkFBeUIsRUFBRSxRQUFRLENBQUMseUJBQXlCO3dCQUM3RCxpQ0FBaUMsRUFDL0IsUUFBUSxDQUFDLGlDQUFpQztxQkFDN0MsQ0FBQztnQkFDSixDQUFDLENBQUMsQ0FBQztnQkFFSCx3QkFBd0IsQ0FBQyxJQUFJLENBQUM7b0JBQzVCLEVBQUUsRUFBRSxRQUFRLENBQUMsRUFBRTtvQkFDZixNQUFNLEVBQUUsUUFBUSxDQUFDLE1BQU07b0JBQ3ZCLFlBQVksRUFBRSxRQUFRLENBQUMsWUFBWTtvQkFDbkMsV0FBVztvQkFDWCwwQkFBMEIsRUFBRSxRQUFRLENBQUMsMEJBQTBCO2lCQUNoRSxDQUFDLENBQUM7WUFDTCxDQUFDLENBQUMsQ0FBQztZQUVILHVDQUF1QztZQUN2QyxJQUFJLENBQUMsaUJBQWlCLENBQUMsd0JBQXdCLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFDdEQsSUFBSSxDQUFDLGlCQUFpQixDQUFDLHdCQUF3QixFQUFFLEdBQUcsQ0FBQyxDQUFDO1lBRXRELElBQUksWUFBWSxDQUFDO1lBQ2pCLElBQUk7Z0JBQ0YsWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FDckMsQ0FBQyx3QkFBd0IsSUFBSSxFQUFFLENBQUMsQ0FBQyxNQUFNLENBQUMsd0JBQXdCLElBQUksRUFBRSxDQUFDLEVBQ3ZFLEtBQUssQ0FBQyxNQUFNLEVBQ1osY0FBYyxDQUNmLENBQUM7YUFDSDtZQUFDLE9BQU8sS0FBSyxFQUFFO2dCQUNkLG9EQUFvRDtnQkFDcEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxvQ0FBb0MsRUFBRSxLQUFLLENBQUMsQ0FBQzthQUMxRDtZQUVELE1BQU0sTUFBTSxHQUFHO2dCQUNiLGlCQUFpQjtnQkFDakIsVUFBVSxFQUFFLFVBQVUsQ0FBQyxHQUFHO2FBQzNCLENBQUM7WUFFRixNQUFNLG1CQUFtQixHQUFHLE1BQU0sSUFBSSxDQUFDLDBCQUEwQixpQ0FDNUQsTUFBTSxLQUNULEtBQUssRUFBRSx3QkFBd0I7Z0JBQy9CLHFEQUFxRDtnQkFDckQsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLGFBQWEsQ0FBQyxLQUFLLENBQ2pELENBQUMsRUFDRCx3QkFBd0IsQ0FBQyxNQUFNLENBQ2hDLElBQ0QsQ0FBQztZQUVILE1BQU0sbUJBQW1CLEdBQUcsTUFBTSxJQUFJLENBQUMsMEJBQTBCLGlDQUM1RCxNQUFNLEtBQ1QsS0FBSyxFQUFFLHdCQUF3QjtnQkFDL0Isd0VBQXdFO2dCQUN4RSxpQkFBaUIsRUFBRSxZQUFZLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FDakQsd0JBQXdCLENBQUMsTUFBTSxDQUNoQyxFQUNELGFBQWEsRUFBRSxRQUFRLENBQUMsYUFBYSxJQUNyQyxDQUFDO1lBRUgsT0FBTztnQkFDTCxXQUFXO2dCQUNYLGFBQWEsa0NBQ1IsYUFBYSxLQUNoQixZQUFZLEVBQUUsS0FBSyxDQUFDLFlBQVksRUFDaEMsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNLEVBQ3BCLGlCQUFpQixFQUFFLEVBQUUsRUFDckIsWUFBWSxFQUFFLFVBQVUsQ0FBQyxFQUFFLEVBQzNCLG1CQUFtQjtvQkFDbkIsbUJBQW1CLEdBQ3BCO2FBQ0YsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVhLGVBQWUsQ0FBQyxFQUM1QixVQUFVLEVBQ1YsRUFBRSxFQUNGLGFBQWEsRUFDYixlQUFlLEVBQ2YsaUJBQWlCLEVBQ2pCLFVBQVUsR0FRWDs7WUFDQyxNQUFNLGFBQWEsR0FBRyxNQUFNLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUMxRCxvQ0FBb0M7WUFDcEMsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBRXBELDhCQUE4QjtZQUM5QixNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDckUsYUFBYSxDQUFDLEdBQUcsRUFDakIsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDdkIsQ0FBQztZQUNGLG1DQUFtQztZQUNuQyxNQUFNLDBCQUEwQixHQUM5QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQzFDLFVBQVUsRUFDVixTQUFTLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN2QixDQUFDO1lBRUosOERBQThEO1lBQzlELE1BQU0sS0FBSyxHQUNULGVBQWUsQ0FBQyxTQUFTLEtBQUssQ0FBQztnQkFDN0IsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDO2dCQUMzQixDQUFDLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxhQUFhLENBQUMsQ0FBQztZQUU1QyxNQUFNLGtCQUFrQixHQUF1QjtnQkFDN0MsTUFBTSxFQUFFO29CQUNOLEtBQUs7b0JBQ0wsV0FBVyxFQUFFO3dCQUNYLE1BQU0sRUFBRSxlQUFlLENBQUMsU0FBUzt3QkFDakMsSUFBSSxFQUFFLGVBQWUsQ0FBQyxJQUFJO3FCQUMzQjtpQkFDRjtnQkFDRCxpQkFBaUI7YUFDbEIsQ0FBQztZQUVGLE9BQU8sQ0FBQyxHQUFHLENBQUMsb0JBQW9CLEVBQUUsa0JBQWtCLENBQUMsQ0FBQztZQUV0RCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDbkUsU0FBUyxFQUNULEVBQUUsQ0FBQyx5QkFBeUIsSUFBSSxFQUFFLENBQ25DLENBQUM7WUFFRixNQUFNLHdCQUF3QixHQUM1QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQzFDLFNBQVMsRUFDVCxFQUFFLENBQUMsaUNBQWlDLElBQUksRUFBRSxDQUMzQyxDQUFDO1lBRUosTUFBTSw4QkFBOEIsR0FDbEMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUMxQyxTQUFTLEVBQ1Qsa0JBQWtCLENBQ25CLENBQUM7WUFFSixPQUFPO2dCQUNMLGVBQWUsRUFBRSxhQUFhLENBQUMsRUFBRTtnQkFDakMsa0JBQWtCO2dCQUNsQiwwQkFBMEI7Z0JBQzFCLGdCQUFnQjtnQkFDaEIsd0JBQXdCO2dCQUN4Qiw4QkFBOEI7Z0JBQzlCLFVBQVUsRUFBRSxVQUFVLElBQUksS0FBSyxDQUFDO2dCQUNoQyxJQUFJLEVBQUUsVUFBVSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLElBQUk7YUFDcEMsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVELGlCQUFpQixDQUFDLFNBQW1CO1FBQ25DLHlDQUF5QztRQUN6QyxLQUFLLE1BQU0sRUFBRSxJQUFJLFNBQVMsRUFBRTtZQUMxQixJQUFJLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLGFBQWEsQ0FBQyxXQUFXLEVBQUU7Z0JBQ3RELE1BQU0sR0FBRyxHQUFHLE1BQU0sRUFBRSxDQUFDLEtBQUssQ0FBQyxRQUFRLDRCQUE0QixDQUFDO2dCQUNoRSxPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFDO2dCQUNqQixNQUFNLElBQUksc0JBQXNCLENBQUMsR0FBRyxDQUFDLENBQUM7YUFDdkM7U0FDRjtJQUNILENBQUM7SUFFRCxpQkFBaUI7SUFDRCxhQUFhLENBQzNCLGFBQWEsRUFDYixjQUFzQixFQUN0QixjQUFzQjs7WUFFdEIsZ0RBQWdEO1lBQ2hELElBQUksYUFBYSxDQUFDLE1BQU0sR0FBRyxjQUFjLEVBQUU7Z0JBQ3pDLE1BQU0sSUFBSSxzQkFBc0IsQ0FDOUIsMENBQTBDLENBQzNDLENBQUM7YUFDSDtZQUVELE1BQU0sWUFBWSxHQUFHLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxjQUFjLENBQUMsQ0FBQztZQUV2RCxhQUFhLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxFQUFFLEtBQUssRUFBRSxFQUFFO2dCQUNsQyxJQUFJLGFBQWEsR0FBRyxFQUFFLENBQUMsV0FBVyxDQUFDLE1BQU0sQ0FBQztnQkFFMUMsZ0ZBQWdGO2dCQUNoRiw0Q0FBNEM7Z0JBQzVDLElBQUksRUFBRSxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUU7b0JBQ25CLGFBQWEsR0FBRyxDQUFDLENBQUM7aUJBQ25CO2dCQUNELFlBQVksQ0FBQyxjQUFjLENBQ3pCLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLE1BQU0sRUFBRSxhQUFhLENBQUMsQ0FDdEQsQ0FBQztZQUNKLENBQUMsQ0FBQyxDQUFDO1lBRUgsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLGNBQWMsQ0FDckMsY0FBYyxFQUNkLElBQUksQ0FBQyxnQkFBZ0IsRUFDckIsWUFBWSxDQUNiLENBQUM7WUFDRixPQUFPLFlBQVksQ0FBQztRQUN0QixDQUFDO0tBQUE7Q0FDRiIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEluamVjdG9yIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XG5pbXBvcnQgeyBKV0sgfSBmcm9tICdub2RlLWpvc2UnO1xuaW1wb3J0IHtcbiAgQ29ubmVjdGlvbixcbiAgbWFwRWRnZXMsXG4gIFRwQXNzZW1ibHlOb2RlLFxuICBUcE5vZGUsXG4gIFRwU3ViQXNzZW1ibHlOb2RlLFxufSBmcm9tICcuLi9hcGkvdHlwZXMnO1xuaW1wb3J0IHsgRW5jcnlwdGlvblNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkvZW5jcnlwdGlvbi5zZXJ2aWNlJztcbmltcG9ydCB7IEtleUZhY3RvcnlTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1mYWN0b3J5LnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5R3JhcGhTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1ncmFwaC5zZXJ2aWNlJztcbmltcG9ydCAqIGFzIHNsaXAgZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L3NsaXAzOS5zZXJ2aWNlJztcbmltcG9ydCB7IEtleSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9jcnlwdG9ncmFwaHkudHlwZXMnO1xuaW1wb3J0IHtcbiAgTHJCYWRBcmd1bWVudEV4Y2VwdGlvbixcbiAgTHJCYWRTdGF0ZUV4Y2VwdGlvbixcbn0gZnJvbSAnLi4vX2NvbW1vbi9leGNlcHRpb25zJztcbmltcG9ydCB7IEtleVNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LnNlcnZpY2UnO1xuaW1wb3J0IHtcbiAgQ3JlYXRlVHBBc3NlbWJseUlucHV0LFxuICBDcmVhdGVUcFN1YkFzc2VtYmx5SW5wdXQsXG4gIFBhcnRpYWxBc3NlbWJseUtleSxcbiAgVHBBc3NlbWJseUFwcHJvdmVySW5wdXQsXG4gIFVwZGF0ZVRwQXNzZW1ibHlJbnB1dCxcbiAgVXBkYXRlVHBTdWJBc3NlbWJseUlucHV0LFxufSBmcm9tICcuL3RwLWFzc2VtYmx5LnR5cGVzJztcbmltcG9ydCB7IExyR3JhcGhRTFNlcnZpY2UgfSBmcm9tICcuLi9hcGkvbHItZ3JhcGhxbCc7XG5pbXBvcnQgeyBUcHNLZXlzUXVlcnkgfSBmcm9tICcuL3RwLWFzc2VtYmx5LmdxbC5wcml2YXRlJztcblxuZXhwb3J0IGFic3RyYWN0IGNsYXNzIFRwQXNzZW1ibHlDb250cm9sbGVyIHtcbiAgYWJzdHJhY3Qgc2xpcDM5UGFzc3BocmFzZTogc3RyaW5nO1xuXG4gIHByb3RlY3RlZCBrZXlGYWN0b3J5OiBLZXlGYWN0b3J5U2VydmljZTtcbiAgcHJvdGVjdGVkIGtleVNlcnZpY2U6IEtleVNlcnZpY2U7XG4gIHByb3RlY3RlZCBlbmNyeXB0aW9uU2VydmljZTogRW5jcnlwdGlvblNlcnZpY2U7XG4gIHByb3RlY3RlZCBrZXlHcmFwaDogS2V5R3JhcGhTZXJ2aWNlO1xuICBwcm90ZWN0ZWQgc2xpcDM5U2VydmljZTogc2xpcC5TbGlwMzlTZXJ2aWNlO1xuICBwcm90ZWN0ZWQgbHJHcmFwaFFsOiBMckdyYXBoUUxTZXJ2aWNlO1xuXG4gIGNvbnN0cnVjdG9yKGluamVjdG9yOiBJbmplY3Rvcikge1xuICAgIHRoaXMua2V5RmFjdG9yeSA9IGluamVjdG9yLmdldChLZXlGYWN0b3J5U2VydmljZSk7XG4gICAgdGhpcy5rZXlTZXJ2aWNlID0gaW5qZWN0b3IuZ2V0KEtleVNlcnZpY2UpO1xuICAgIHRoaXMuZW5jcnlwdGlvblNlcnZpY2UgPSBpbmplY3Rvci5nZXQoRW5jcnlwdGlvblNlcnZpY2UpO1xuICAgIHRoaXMua2V5R3JhcGggPSBpbmplY3Rvci5nZXQoS2V5R3JhcGhTZXJ2aWNlKTtcbiAgICB0aGlzLnNsaXAzOVNlcnZpY2UgPSBpbmplY3Rvci5nZXQoc2xpcC5TbGlwMzlTZXJ2aWNlKTtcbiAgICB0aGlzLmxyR3JhcGhRbCA9IGluamVjdG9yLmdldChMckdyYXBoUUxTZXJ2aWNlKTtcbiAgfVxuXG4gIGFic3RyYWN0IGdldFRwV3JhcHBpbmdLZXlJZCh0cDogVHBOb2RlKTogc3RyaW5nO1xuXG4gIGFzeW5jIHJlY292ZXJBc3NlbWJseUtleShwYXJ0aWFsczogUGFydGlhbEFzc2VtYmx5S2V5W10pIHtcbiAgICAvLyBFdmVyeSByZWNlaXZlclBia0NpcGhlciBzaG91bGQgY29udGFpbiB0aGlzIGFuZCB0aGV5IHNob3VsZCBhbGwgYmUgdGhlIHNhbWUuXG4gICAgbGV0IGFzc2VtYmx5S2V5UGFyYW1zOiBvYmplY3Q7XG5cbiAgICBjb25zdCBzaGFyZXMgPSBwYXJ0aWFscy5tYXAoKHBhcnRpYWwpID0+IHtcbiAgICAgIGlmIChhc3NlbWJseUtleVBhcmFtcykge1xuICAgICAgICBpZiAoXG4gICAgICAgICAgSlNPTi5zdHJpbmdpZnkoYXNzZW1ibHlLZXlQYXJhbXMpICE9PVxuICAgICAgICAgIEpTT04uc3RyaW5naWZ5KHBhcnRpYWwuYXNzZW1ibHlLZXlQYXJhbXMpXG4gICAgICAgICkge1xuICAgICAgICAgIHRocm93IG5ldyBMckJhZFN0YXRlRXhjZXB0aW9uKFxuICAgICAgICAgICAgJ1RoZSBhc3NlbWJseSBrZXkgcGFyYW1ldGVycyBhcmUgZGlmZmVyZW50IGJldHdlZW4gdGhlIGFwcHJvdmFscy4nXG4gICAgICAgICAgKTtcbiAgICAgICAgfVxuICAgICAgfSBlbHNlIHtcbiAgICAgICAgYXNzZW1ibHlLZXlQYXJhbXMgPSBwYXJ0aWFsLmFzc2VtYmx5S2V5UGFyYW1zO1xuICAgICAgfVxuICAgICAgcmV0dXJuIHBhcnRpYWwuc2xpcDM5LnNoYXJlLm1uZW1vbmljcztcbiAgICB9KTtcblxuICAgIGNvbnN0IHJhd0Fzc2VtYmx5S2V5ID0gYXdhaXQgdGhpcy5zbGlwMzlTZXJ2aWNlLnJlY292ZXJTZWNyZXQoXG4gICAgICBzaGFyZXMsXG4gICAgICB0aGlzLnNsaXAzOVBhc3NwaHJhc2VcbiAgICApO1xuXG4gICAgcmV0dXJuIGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KHtcbiAgICAgIC4uLmFzc2VtYmx5S2V5UGFyYW1zLFxuICAgICAgazogcmF3QXNzZW1ibHlLZXksXG4gICAgfSk7XG4gIH1cblxuICBwcm90ZWN0ZWQgYXN5bmMgcHJlcGFyZVRwV3JhcHBpbmdLZXkoXG4gICAgdHA6IFRwQXNzZW1ibHlBcHByb3ZlcklucHV0XG4gICk6IFByb21pc2U8S2V5PiB7XG4gICAgcmV0dXJuIHRoaXMua2V5R3JhcGguZ2V0S2V5KHRwLndyYXBwaW5nS2V5SWQpO1xuICB9XG5cbiAgcHJvdGVjdGVkIGFzeW5jIHByZXBhcmVBc3NlbWJseSh7XG4gICAgc3ViamVjdEtleSxcbiAgICByb290S2V5LFxuICB9OiB7XG4gICAgc3ViamVjdEtleTogSldLLktleTtcbiAgICByb290S2V5OiBKV0suS2V5O1xuICB9KSB7XG4gICAgY29uc3QgYXNzZW1ibHlLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgY29uc29sZS5sb2coJ3ByZXBhcmVBc3NlbWJseSBhc3NlbWJseUtleScsIGFzc2VtYmx5S2V5KTtcblxuICAgIGNvbnN0IHsgazogcmF3QXNzZW1ibHlLZXksIC4uLmFzc2VtYmx5S2V5UGFyYW1zIH0gPSBhc3NlbWJseUtleS50b0pTT04oXG4gICAgICB0cnVlXG4gICAgKSBhcyBhbnk7XG4gICAgY29uc3QgYXNzZW1ibHlLZXlWZXJpZmllclByayA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVQa2NTaWduS2V5KCk7XG4gICAgY29uc3Qgd3JhcHBlZEFzc2VtYmx5S2V5VmVyaWZpZXJQcmsgPVxuICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICAgIGFzc2VtYmx5S2V5LFxuICAgICAgICBhc3NlbWJseUtleVZlcmlmaWVyUHJrLnRvSlNPTih0cnVlKVxuICAgICAgKTtcbiAgICBjb25zdCBhc3NlbWJseUtleVZlcmlmaWVyUGJrID0gSlNPTi5zdHJpbmdpZnkoXG4gICAgICBhc3NlbWJseUtleVZlcmlmaWVyUHJrLnRvSlNPTigpXG4gICAgKTtcblxuICAgIGNvbnN0IHN1YmplY3RLZXlXcmFwcGVkQXNzZW1ibHlLZXkgPVxuICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICAgIHN1YmplY3RLZXksXG4gICAgICAgIGFzc2VtYmx5S2V5LnRvSlNPTih0cnVlKVxuICAgICAgKTtcblxuICAgIC8vIEVuY3J5cHQgdGhlIHJvb3RLZXkgd2l0aCB0aGUgYXNzZW1ibHlLZXlcbiAgICBjb25zdCBhc3NlbWJseUNpcGhlckRhdGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgIGFzc2VtYmx5S2V5LFxuICAgICAge1xuICAgICAgICByb290S2V5OiByb290S2V5LnRvSlNPTih0cnVlKSxcbiAgICAgIH1cbiAgICApO1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIGFzc2VtYmx5S2V5LFxuICAgICAgcmF3QXNzZW1ibHlLZXksXG4gICAgICBhc3NlbWJseUtleVBhcmFtcyxcbiAgICAgIHN1YmplY3RLZXlXcmFwcGVkQXNzZW1ibHlLZXksXG4gICAgICBhc3NlbWJseUNpcGhlckRhdGEsXG4gICAgICBhc3NlbWJseUtleVZlcmlmaWVyUGJrLFxuICAgICAgd3JhcHBlZEFzc2VtYmx5S2V5VmVyaWZpZXJQcmssXG4gICAgfTtcbiAgfVxuXG4gIHByb3RlY3RlZCBhc3luYyBwcmVwYXJlQ3JlYXRlU3ViQXNzZW1ibGllcyh7XG4gICAgaW5wdXQsXG4gICAgc3ViamVjdEtleSxcbiAgICBzbGlwU3ViQXNzZW1ibGllcyxcbiAgICBhc3NlbWJseUtleVBhcmFtcyxcbiAgfToge1xuICAgIGlucHV0OiBDcmVhdGVUcFN1YkFzc2VtYmx5SW5wdXRbXTtcbiAgICBzdWJqZWN0S2V5OiBKV0suS2V5O1xuICAgIHNsaXBTdWJBc3NlbWJsaWVzOiBzbGlwLlN1YkFzc2VtYmx5W107XG4gICAgYXNzZW1ibHlLZXlQYXJhbXM7IC8vIFRPRE8gdHlwZSB0aGlzXG4gIH0pIHtcbiAgICByZXR1cm4gUHJvbWlzZS5hbGwoXG4gICAgICBpbnB1dC5tYXAoYXN5bmMgKHNhLCBzYUluZGV4KSA9PiB7XG4gICAgICAgIGNvbnN0IHN1YmplY3RDaXBoZXJEYXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICAgICAgc3ViamVjdEtleSxcbiAgICAgICAgICBzYS5zdWJqZWN0Q2lwaGVyRGF0YUNsZWFySnNvbiB8fCAnJ1xuICAgICAgICApO1xuXG4gICAgICAgIGNvbnN0IGNyZWF0ZUFwcHJvdmVycyA9IGF3YWl0IFByb21pc2UuYWxsKFxuICAgICAgICAgIHNhLmFwcHJvdmVyVHBzLm1hcChhc3luYyAoYXBwcm92ZXJUcCwgYXBwcm92ZXJJbmRleCkgPT5cbiAgICAgICAgICAgIHRoaXMucHJlcGFyZUFwcHJvdmVyKHtcbiAgICAgICAgICAgICAgdHA6IGFwcHJvdmVyVHAsXG4gICAgICAgICAgICAgIGFwcHJvdmVySW5kZXgsXG4gICAgICAgICAgICAgIHNsaXBTdWJBc3NlbWJseTogc2xpcFN1YkFzc2VtYmxpZXNbc2FJbmRleF0sXG4gICAgICAgICAgICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxuICAgICAgICAgICAgICBzdWJqZWN0S2V5LFxuICAgICAgICAgICAgfSlcbiAgICAgICAgICApXG4gICAgICAgICk7XG5cbiAgICAgICAgcmV0dXJuIHtcbiAgICAgICAgICBzaW5nbGVSZWplY3Q6IHNhLnNpbmdsZVJlamVjdCxcbiAgICAgICAgICBxdW9ydW06IHNhLnF1b3J1bSxcbiAgICAgICAgICBzdWJqZWN0Q2lwaGVyRGF0YSxcbiAgICAgICAgICBjcmVhdGVBcHByb3ZlcnMsXG4gICAgICAgIH07XG4gICAgICB9KVxuICAgICk7XG4gIH1cblxuICBwcm90ZWN0ZWQgYXN5bmMgcHJlcGFyZVVwZGF0ZVN1YkFzc2VtYmxpZXMoe1xuICAgIGlucHV0LFxuICAgIHN1YmplY3RLZXksXG4gICAgc2xpcFN1YkFzc2VtYmxpZXMsXG4gICAgYXNzZW1ibHlLZXlQYXJhbXMsXG4gICAgc3ViQXNzZW1ibGllcyxcbiAgfToge1xuICAgIGlucHV0OiBVcGRhdGVUcFN1YkFzc2VtYmx5SW5wdXRbXTtcbiAgICBzdWJqZWN0S2V5OiBKV0suS2V5O1xuICAgIHNsaXBTdWJBc3NlbWJsaWVzOiBzbGlwLlN1YkFzc2VtYmx5W107XG4gICAgYXNzZW1ibHlLZXlQYXJhbXM7IC8vIFRPRE8gdHlwZSB0aGlzXG4gICAgc3ViQXNzZW1ibGllczogQ29ubmVjdGlvbjxUcFN1YkFzc2VtYmx5Tm9kZT47XG4gIH0pIHtcbiAgICBpZiAoc2xpcFN1YkFzc2VtYmxpZXMubGVuZ3RoICE9PSBpbnB1dC5sZW5ndGgpIHtcbiAgICAgIHRocm93IG5ldyBMckJhZEFyZ3VtZW50RXhjZXB0aW9uKFxuICAgICAgICAnVGhlIHNsaXBTdWJBc3NlbWJsaWVzIG11c3QgYmUgdGhlIHNhbWUgbGVuZ3RoIGFzIHRoZSBpbnB1dCdcbiAgICAgICk7XG4gICAgfVxuXG4gICAgcmV0dXJuIFByb21pc2UuYWxsKFxuICAgICAgaW5wdXQubWFwKGFzeW5jIChzYSwgc2FJbmRleCkgPT4ge1xuICAgICAgICBjb25zdCBzdWJqZWN0Q2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdFRvU3RyaW5nKFxuICAgICAgICAgIHN1YmplY3RLZXksXG4gICAgICAgICAgc2Euc3ViamVjdENpcGhlckRhdGFDbGVhckpzb24gfHwgJydcbiAgICAgICAgKTtcblxuICAgICAgICAvLyBHZXQgdGhlIGV4aXN0aW5nIHN1Yi1hc3NlbWJseVxuICAgICAgICBjb25zdCBleGlzdGluZ1NhID0gc3ViQXNzZW1ibGllcy5lZGdlcy5maW5kKFxuICAgICAgICAgIChlZGdlKSA9PiBlZGdlLm5vZGUuaWQgPT09IHNhLmlkXG4gICAgICAgICkubm9kZTtcblxuICAgICAgICAvLyBHZXQgYXBwcm92ZXJzIHRoYXQgZG8gbm90IGV4aXN0IHlldFxuICAgICAgICBjb25zdCBjcmVhdGVBcHByb3ZlcnMgPSBbXTtcbiAgICAgICAgY29uc3QgdXBkYXRlQXBwcm92ZXJzID0gW107XG5cbiAgICAgICAgc2EuYXBwcm92ZXJUcHMuZm9yRWFjaCgodHApID0+IHtcbiAgICAgICAgICBjb25zdCBhcHByb3ZlciA9IGV4aXN0aW5nU2EuYXBwcm92ZXJzLmVkZ2VzLmZpbmQoXG4gICAgICAgICAgICAoZWRnZSkgPT4gZWRnZS5ub2RlLnRwLmlkID09PSB0cC50cElkXG4gICAgICAgICAgKT8ubm9kZTtcbiAgICAgICAgICBpZiAoYXBwcm92ZXIpIHtcbiAgICAgICAgICAgIHVwZGF0ZUFwcHJvdmVycy5wdXNoKHtcbiAgICAgICAgICAgICAgdHAsXG4gICAgICAgICAgICAgIGFwcHJvdmVySWQ6IGFwcHJvdmVyLmlkLFxuICAgICAgICAgICAgfSk7XG4gICAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgIGNyZWF0ZUFwcHJvdmVycy5wdXNoKHtcbiAgICAgICAgICAgICAgdHAsXG4gICAgICAgICAgICB9KTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuXG4gICAgICAgIGNvbnN0IHNsaXBTdWJBc3NlbWJseSA9IHNsaXBTdWJBc3NlbWJsaWVzW3NhSW5kZXhdO1xuXG4gICAgICAgIHJldHVybiB7XG4gICAgICAgICAgc3ViQXNzZW1ibHlJZDogc2EuaWQsXG4gICAgICAgICAgc2luZ2xlUmVqZWN0OiBzYS5zaW5nbGVSZWplY3QsXG4gICAgICAgICAgcXVvcnVtOiBzYS5xdW9ydW0sXG4gICAgICAgICAgc3ViamVjdENpcGhlckRhdGEsXG4gICAgICAgICAgY3JlYXRlQXBwcm92ZXJzOiBhd2FpdCBQcm9taXNlLmFsbChcbiAgICAgICAgICAgIGNyZWF0ZUFwcHJvdmVycy5tYXAoYXN5bmMgKHsgdHAgfSwgYXBwcm92ZXJJbmRleCkgPT5cbiAgICAgICAgICAgICAgdGhpcy5wcmVwYXJlQXBwcm92ZXIoe1xuICAgICAgICAgICAgICAgIHRwLFxuICAgICAgICAgICAgICAgIGFwcHJvdmVySW5kZXgsXG4gICAgICAgICAgICAgICAgc2xpcFN1YkFzc2VtYmx5LFxuICAgICAgICAgICAgICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxuICAgICAgICAgICAgICAgIHN1YmplY3RLZXksXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICApXG4gICAgICAgICAgKSxcbiAgICAgICAgICB1cGRhdGVBcHByb3ZlcnM6IGF3YWl0IFByb21pc2UuYWxsKFxuICAgICAgICAgICAgdXBkYXRlQXBwcm92ZXJzLm1hcChhc3luYyAoeyB0cCwgYXBwcm92ZXJJZCB9LCBhcHByb3ZlckluZGV4KSA9PlxuICAgICAgICAgICAgICB0aGlzLnByZXBhcmVBcHByb3Zlcih7XG4gICAgICAgICAgICAgICAgYXBwcm92ZXJJZCxcbiAgICAgICAgICAgICAgICB0cCxcbiAgICAgICAgICAgICAgICBhcHByb3ZlckluZGV4OiBhcHByb3ZlckluZGV4ICsgY3JlYXRlQXBwcm92ZXJzLmxlbmd0aCxcbiAgICAgICAgICAgICAgICBzbGlwU3ViQXNzZW1ibHksXG4gICAgICAgICAgICAgICAgYXNzZW1ibHlLZXlQYXJhbXMsXG4gICAgICAgICAgICAgICAgc3ViamVjdEtleSxcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgIClcbiAgICAgICAgICApLFxuICAgICAgICB9O1xuICAgICAgfSlcbiAgICApO1xuICB9XG5cbiAgcHJpdmF0ZSBmaWxsV3JhcHBpbmdLZXlJZChpbnB1dDogQ3JlYXRlVHBTdWJBc3NlbWJseUlucHV0W10sIHRwczogVHBOb2RlW10pIHtcbiAgICAvLyBGaWxsIGluIHdyYXBwaW5nS2V5SWQgaWYgbm90IHByZXNlbnRcbiAgICBpbnB1dC5mb3JFYWNoKChzYSkgPT4ge1xuICAgICAgc2EuYXBwcm92ZXJUcHMuZm9yRWFjaCgoYXBwcm92ZXIpID0+IHtcbiAgICAgICAgaWYgKCFhcHByb3Zlci53cmFwcGluZ0tleUlkKSB7XG4gICAgICAgICAgY29uc3QgdHAgPSB0cHMuZmluZCgoeCkgPT4geC5pZCA9PT0gYXBwcm92ZXIudHBJZCk7XG4gICAgICAgICAgYXBwcm92ZXIud3JhcHBpbmdLZXlJZCA9IHRoaXMuZ2V0VHBXcmFwcGluZ0tleUlkKHRwKTtcbiAgICAgICAgfVxuICAgICAgfSk7XG4gICAgfSk7XG4gIH1cblxuICBwcml2YXRlIGdldElucHV0QXBwcm92ZXJzKGlucHV0OiBDcmVhdGVUcFN1YkFzc2VtYmx5SW5wdXRbXSkge1xuICAgIGNvbnN0IHRwSWRzOiBzdHJpbmdbXSA9IFtdO1xuICAgIGlucHV0LmZvckVhY2goKHNhKSA9PiB7XG4gICAgICBzYS5hcHByb3ZlclRwcy5mb3JFYWNoKChhcHByb3ZlcikgPT4ge1xuICAgICAgICB0cElkcy5wdXNoKGFwcHJvdmVyLnRwSWQpO1xuICAgICAgfSk7XG4gICAgfSk7XG4gICAgcmV0dXJuIHRwSWRzO1xuICB9XG5cbiAgcHVibGljIGFzeW5jIHByZXBhcmVDcmVhdGUoaW5wdXQ6IENyZWF0ZVRwQXNzZW1ibHlJbnB1dCkge1xuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcbiAgICBjb25zdCBzdWJqZWN0S2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgIGNvbnN0IHJvb3RLZXlXcmFwcGVkU3ViamVjdEtleSA9IGF3YWl0IHRoaXMua2V5R3JhcGgud3JhcEtleShcbiAgICAgIHJvb3RLZXksXG4gICAgICBzdWJqZWN0S2V5XG4gICAgKTtcblxuICAgIGNvbnN0IHsgYXNzZW1ibHlLZXksIHJhd0Fzc2VtYmx5S2V5LCBhc3NlbWJseUtleVBhcmFtcywgLi4uYXNzZW1ibHlJbnB1dCB9ID1cbiAgICAgIGF3YWl0IHRoaXMucHJlcGFyZUFzc2VtYmx5KHtcbiAgICAgICAgcm9vdEtleTogcm9vdEtleS5qd2ssXG4gICAgICAgIHN1YmplY3RLZXksXG4gICAgICB9KTtcblxuICAgIGNvbnN0IHNsaXBBc3NlbWJseSA9IGF3YWl0IHRoaXMucHJlcGFyZVNsaXAzOShcbiAgICAgIGlucHV0LmNyZWF0ZVN1YkFzc2VtYmxpZXMsXG4gICAgICBpbnB1dC5xdW9ydW0sXG4gICAgICByYXdBc3NlbWJseUtleVxuICAgICk7XG5cbiAgICBjb25zdCB0cElkcyA9IHRoaXMuZ2V0SW5wdXRBcHByb3ZlcnMoaW5wdXQuY3JlYXRlU3ViQXNzZW1ibGllcyk7XG5cbiAgICAvLyBUaGlzIHNob3VsZCBjb250YWluIGFsbCB0aGUgVFBzIHRoYXQgd2UgbmVlZCB0byB1cGRhdGUgdGhlIGFzc2VtYmx5LlxuICAgIGNvbnN0IHRwcyA9IG1hcEVkZ2VzKFxuICAgICAgKFxuICAgICAgICBhd2FpdCB0aGlzLmxyR3JhcGhRbC5xdWVyeSh7XG4gICAgICAgICAgcXVlcnk6IFRwc0tleXNRdWVyeSxcbiAgICAgICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgICAgIGlkczogdHBJZHMsXG4gICAgICAgICAgfSxcbiAgICAgICAgfSlcbiAgICAgICkudHBzXG4gICAgKTtcblxuICAgIC8vIEZpbGwgaW4gd3JhcHBpbmdLZXlJZCBpZiBub3QgcHJlc2VudFxuICAgIHRoaXMuZmlsbFdyYXBwaW5nS2V5SWQoaW5wdXQuY3JlYXRlU3ViQXNzZW1ibGllcywgdHBzKTtcblxuICAgIGNvbnN0IGNyZWF0ZVN1YkFzc2VtYmxpZXMgPSBhd2FpdCB0aGlzLnByZXBhcmVDcmVhdGVTdWJBc3NlbWJsaWVzKHtcbiAgICAgIGlucHV0OiBpbnB1dC5jcmVhdGVTdWJBc3NlbWJsaWVzLFxuICAgICAgYXNzZW1ibHlLZXlQYXJhbXMsXG4gICAgICBzbGlwU3ViQXNzZW1ibGllczogc2xpcEFzc2VtYmx5LnN1YkFzc2VtYmxpZXMsXG4gICAgICBzdWJqZWN0S2V5LFxuICAgIH0pO1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIGFzc2VtYmx5S2V5LFxuICAgICAgbXV0YXRpb25JbnB1dDoge1xuICAgICAgICAuLi5hc3NlbWJseUlucHV0LFxuICAgICAgICBzaW5nbGVSZWplY3Q6IGlucHV0LnNpbmdsZVJlamVjdCxcbiAgICAgICAgcXVvcnVtOiBpbnB1dC5xdW9ydW0sXG4gICAgICAgIHN1YmplY3RDaXBoZXJEYXRhOiAnJywgLy8gVE9ETyBtYWtlIHRoaXMgYSBwYXJhbWV0ZXJcbiAgICAgICAgY3JlYXRlU3ViQXNzZW1ibGllcyxcbiAgICAgICAgcm9vdEtleUlkOiByb290S2V5LmlkLFxuICAgICAgICByb290S2V5V3JhcHBlZFN1YmplY3RLZXksXG4gICAgICB9LFxuICAgIH07XG4gIH1cblxuICBwcml2YXRlIGdldEFzc2VtYmx5QXBwcm92ZXJzKGFzc2VtYmx5OiBUcEFzc2VtYmx5Tm9kZSkge1xuICAgIGNvbnN0IHRwSWRzOiBzdHJpbmdbXSA9IFtdO1xuXG4gICAgLy8gRmluZCBhbGwgVFBzIHRoYXQgYmVsb25nIHRvIHN1Yi1hc3NlbWJsaWVzXG4gICAgbWFwRWRnZXMoYXNzZW1ibHkuc3ViQXNzZW1ibGllcykubWFwKChzYSkgPT4ge1xuICAgICAgbWFwRWRnZXMoc2EuYXBwcm92ZXJzKS5mb3JFYWNoKChhcHByb3ZlcikgPT4gdHBJZHMucHVzaChhcHByb3Zlci50cC5pZCkpO1xuICAgIH0pO1xuXG4gICAgcmV0dXJuIHRwSWRzO1xuICB9XG5cbiAgcHVibGljIGFzeW5jIHByZXBhcmVVcGRhdGUoXG4gICAgaW5wdXQ6IFVwZGF0ZVRwQXNzZW1ibHlJbnB1dCxcbiAgICBhc3NlbWJseTogVHBBc3NlbWJseU5vZGUgLy8gVE9ETyB0eXBlIHRoaXMgdG8gb25seSB3aGF0IHdlIG5lZWQuXG4gICkge1xuICAgIGlucHV0ID0ge1xuICAgICAgY3JlYXRlU3ViQXNzZW1ibGllczogW10sXG4gICAgICAuLi5pbnB1dCxcbiAgICB9O1xuXG4gICAgY29uc3QgY3JlYXRlU3ViQXNzZW1ibGllc0lucHV0ID0gaW5wdXQuY3JlYXRlU3ViQXNzZW1ibGllcyB8fCBbXTtcbiAgICBjb25zdCB1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQgPSBpbnB1dC51cGRhdGVTdWJBc3NlbWJsaWVzIHx8IFtdO1xuICAgIGNvbnN0IGRlbGV0ZVN1YkFzc2VtYmxpZXNJbnB1dCA9IGlucHV0LmRlbGV0ZVN1YkFzc2VtYmxpZXMgfHwgW107XG5cbiAgICAvLyBNdXN0IGhhdmUgYXQgbGVhc3Qgb25lLlxuICAgIGlmIChcbiAgICAgIGNyZWF0ZVN1YkFzc2VtYmxpZXNJbnB1dC5sZW5ndGggPT09IDAgJiZcbiAgICAgIHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dC5sZW5ndGggPT09IDAgJiZcbiAgICAgIGRlbGV0ZVN1YkFzc2VtYmxpZXNJbnB1dC5sZW5ndGggPT09IDBcbiAgICApIHtcbiAgICAgIHRocm93IG5ldyBMckJhZEFyZ3VtZW50RXhjZXB0aW9uKFxuICAgICAgICAnTXVzdCBzcGVjaWZ5IGF0IGxlYXN0IG9uZSBvZjogW2NyZWF0ZVN1YkFzc2VtYmxpZXMsIHVwZGF0ZVN1YkFzc2VtYmxpZXMsIGRlbGV0ZVN1YkFzc2VtYmxpZXNdJ1xuICAgICAgKTtcbiAgICB9XG5cbiAgICBjb25zdCByb290S2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRSb290S2V5KCk7XG4gICAgY29uc3Qgc3ViamVjdEtleSA9IGF3YWl0IHRoaXMua2V5R3JhcGguZ2V0S2V5KGFzc2VtYmx5LnN1YmplY3RLZXkuaWQpO1xuXG4gICAgY29uc3QgeyBhc3NlbWJseUtleSwgcmF3QXNzZW1ibHlLZXksIGFzc2VtYmx5S2V5UGFyYW1zLCAuLi5hc3NlbWJseUlucHV0IH0gPVxuICAgICAgYXdhaXQgdGhpcy5wcmVwYXJlQXNzZW1ibHkoe1xuICAgICAgICByb290S2V5OiByb290S2V5Lmp3ayxcbiAgICAgICAgc3ViamVjdEtleTogc3ViamVjdEtleS5qd2ssXG4gICAgICB9KTtcblxuICAgIC8vIEZpbmQgYWxsIHRoZSBUUHMgdGhhdCB3ZSBuZWVkLCBkdXBsaWNhdGVzIGFyZSBubyBwcm9ibGVtLlxuICAgIC8vIEV4aXN0aW5nIGFwcHJvdmVyc1xuICAgIGNvbnN0IHRwSWRzID0gdGhpcy5nZXRBc3NlbWJseUFwcHJvdmVycyhhc3NlbWJseSkuY29uY2F0KFxuICAgICAgdGhpcy5nZXRJbnB1dEFwcHJvdmVycyhjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQpLFxuICAgICAgdGhpcy5nZXRJbnB1dEFwcHJvdmVycyh1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQpXG4gICAgKTtcblxuICAgIC8vIFRoaXMgc2hvdWxkIGNvbnRhaW4gYWxsIHRoZSBUUHMgdGhhdCB3ZSBuZWVkIHRvIHVwZGF0ZSB0aGUgYXNzZW1ibHkuXG4gICAgY29uc3QgdHBzID0gbWFwRWRnZXMoXG4gICAgICAoXG4gICAgICAgIGF3YWl0IHRoaXMubHJHcmFwaFFsLnF1ZXJ5KHtcbiAgICAgICAgICBxdWVyeTogVHBzS2V5c1F1ZXJ5LFxuICAgICAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICAgICAgaWRzOiB0cElkcyxcbiAgICAgICAgICB9LFxuICAgICAgICB9KVxuICAgICAgKS50cHNcbiAgICApO1xuXG4gICAgLy8gQXV0byBmaWxsIHRoZSB1cGRhdGVTdWJBc3NlbWJsaWVzIHdpdGggZXhpc3Rpbmcgc3ViIGFzc2VtYmxpZXMgaWYgdGhleSBhcmUgbm90XG4gICAgLy8gZXhwbGljaXRseSBkZWxldGVkLlxuICAgIG1hcEVkZ2VzKGFzc2VtYmx5LnN1YkFzc2VtYmxpZXMpLmZvckVhY2goKGV4aXN0aW5nKSA9PiB7XG4gICAgICAvLyBEZWxldGluZyBleGlzdGluZywgZG9uJ3QgaW5jbHVkZSBpdFxuICAgICAgaWYgKGRlbGV0ZVN1YkFzc2VtYmxpZXNJbnB1dC5pbmNsdWRlcyhleGlzdGluZy5pZCkpIHtcbiAgICAgICAgcmV0dXJuO1xuICAgICAgfVxuXG4gICAgICAvLyBVcGRhdGUgYWxyZWFkeSBzcGVjaWZpZWQgaW4gdGhlIGlucHV0XG4gICAgICBpZiAodXBkYXRlU3ViQXNzZW1ibGllc0lucHV0LnNvbWUoKHNhKSA9PiBzYS5pZCA9PT0gZXhpc3RpbmcuaWQpKSB7XG4gICAgICAgIHJldHVybjtcbiAgICAgIH1cblxuICAgICAgY29uc3QgYXBwcm92ZXJUcHM6IFRwQXNzZW1ibHlBcHByb3ZlcklucHV0W10gPSBtYXBFZGdlcyhcbiAgICAgICAgZXhpc3RpbmcuYXBwcm92ZXJzXG4gICAgICApLm1hcCgoYXBwcm92ZXIpID0+IHtcbiAgICAgICAgcmV0dXJuIHtcbiAgICAgICAgICB0cElkOiBhcHByb3Zlci50cC5pZCxcbiAgICAgICAgICBzaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uOiBhcHByb3Zlci5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uLFxuICAgICAgICAgIHNoYXJlZENpcGhlckFwcHJvdmFsRGF0YUNsZWFySnNvbjpcbiAgICAgICAgICAgIGFwcHJvdmVyLnNoYXJlZENpcGhlckFwcHJvdmFsRGF0YUNsZWFySnNvbixcbiAgICAgICAgfTtcbiAgICAgIH0pO1xuXG4gICAgICB1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQucHVzaCh7XG4gICAgICAgIGlkOiBleGlzdGluZy5pZCxcbiAgICAgICAgcXVvcnVtOiBleGlzdGluZy5xdW9ydW0sXG4gICAgICAgIHNpbmdsZVJlamVjdDogZXhpc3Rpbmcuc2luZ2xlUmVqZWN0LFxuICAgICAgICBhcHByb3ZlclRwcyxcbiAgICAgICAgc3ViamVjdENpcGhlckRhdGFDbGVhckpzb246IGV4aXN0aW5nLnN1YmplY3RDaXBoZXJEYXRhQ2xlYXJKc29uLFxuICAgICAgfSk7XG4gICAgfSk7XG5cbiAgICAvLyBGaWxsIGluIHdyYXBwaW5nS2V5SWQgaWYgbm90IHByZXNlbnRcbiAgICB0aGlzLmZpbGxXcmFwcGluZ0tleUlkKGNyZWF0ZVN1YkFzc2VtYmxpZXNJbnB1dCwgdHBzKTtcbiAgICB0aGlzLmZpbGxXcmFwcGluZ0tleUlkKHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dCwgdHBzKTtcblxuICAgIGxldCBzbGlwQXNzZW1ibHk7XG4gICAgdHJ5IHtcbiAgICAgIHNsaXBBc3NlbWJseSA9IGF3YWl0IHRoaXMucHJlcGFyZVNsaXAzOShcbiAgICAgICAgKGNyZWF0ZVN1YkFzc2VtYmxpZXNJbnB1dCB8fCBbXSkuY29uY2F0KHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dCB8fCBbXSksXG4gICAgICAgIGlucHV0LnF1b3J1bSxcbiAgICAgICAgcmF3QXNzZW1ibHlLZXlcbiAgICAgICk7XG4gICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgIC8vIFRPRE8gdGhpcyBzb21ldGltZXMgaGFwcGVucy4gTWF5YmUgbWlzc2luZyBhd2FpdC5cbiAgICAgIGNvbnNvbGUubG9nKCdFcnJvciB3aGlsZSBjcmVhdGluZyBzbGlwIGFzc2VtYmx5JywgZXJyb3IpO1xuICAgIH1cblxuICAgIGNvbnN0IGNvbW1vbiA9IHtcbiAgICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxuICAgICAgc3ViamVjdEtleTogc3ViamVjdEtleS5qd2ssXG4gICAgfTtcblxuICAgIGNvbnN0IGNyZWF0ZVN1YkFzc2VtYmxpZXMgPSBhd2FpdCB0aGlzLnByZXBhcmVDcmVhdGVTdWJBc3NlbWJsaWVzKHtcbiAgICAgIC4uLmNvbW1vbixcbiAgICAgIGlucHV0OiBjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQsXG4gICAgICAvLyBOZWVkIHRvIG1hdGNoIHRoZSBzbGlwIHN1YiBhc3NlbWJsaWVzIHRvIHRoZSBpbnB1dFxuICAgICAgc2xpcFN1YkFzc2VtYmxpZXM6IHNsaXBBc3NlbWJseS5zdWJBc3NlbWJsaWVzLnNsaWNlKFxuICAgICAgICAwLFxuICAgICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQubGVuZ3RoXG4gICAgICApLFxuICAgIH0pO1xuXG4gICAgY29uc3QgdXBkYXRlU3ViQXNzZW1ibGllcyA9IGF3YWl0IHRoaXMucHJlcGFyZVVwZGF0ZVN1YkFzc2VtYmxpZXMoe1xuICAgICAgLi4uY29tbW9uLFxuICAgICAgaW5wdXQ6IHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dCxcbiAgICAgIC8vIEFkZCBhbiBvZmZzZXQgdG8gdGhlIHN1YiBhc3NlbWJsaWVzIHRvIHNraXAgdGhlIG9uZSB0aGF0IGFyZSBjcmVhdGVkLlxuICAgICAgc2xpcFN1YkFzc2VtYmxpZXM6IHNsaXBBc3NlbWJseS5zdWJBc3NlbWJsaWVzLnNsaWNlKFxuICAgICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQubGVuZ3RoXG4gICAgICApLFxuICAgICAgc3ViQXNzZW1ibGllczogYXNzZW1ibHkuc3ViQXNzZW1ibGllcyxcbiAgICB9KTtcblxuICAgIHJldHVybiB7XG4gICAgICBhc3NlbWJseUtleSxcbiAgICAgIG11dGF0aW9uSW5wdXQ6IHtcbiAgICAgICAgLi4uYXNzZW1ibHlJbnB1dCxcbiAgICAgICAgc2luZ2xlUmVqZWN0OiBpbnB1dC5zaW5nbGVSZWplY3QsXG4gICAgICAgIHF1b3J1bTogaW5wdXQucXVvcnVtLFxuICAgICAgICBzdWJqZWN0Q2lwaGVyRGF0YTogJycsIC8vIFRPRE8gbWFrZSB0aGlzIGEgcGFyYW1ldGVyXG4gICAgICAgIHN1YmplY3RLZXlJZDogc3ViamVjdEtleS5pZCxcbiAgICAgICAgY3JlYXRlU3ViQXNzZW1ibGllcyxcbiAgICAgICAgdXBkYXRlU3ViQXNzZW1ibGllcyxcbiAgICAgIH0sXG4gICAgfTtcbiAgfVxuXG4gIHByaXZhdGUgYXN5bmMgcHJlcGFyZUFwcHJvdmVyKHtcbiAgICBhcHByb3ZlcklkLFxuICAgIHRwLFxuICAgIGFwcHJvdmVySW5kZXgsXG4gICAgc2xpcFN1YkFzc2VtYmx5LFxuICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxuICAgIHN1YmplY3RLZXksXG4gIH06IHtcbiAgICBhcHByb3ZlcklkPzogc3RyaW5nOyAvLyBHaXZlbiBpZiB1cGRhdGluZyBleGlzdGluZyBhcHByb3ZlclxuICAgIHRwOiBUcEFzc2VtYmx5QXBwcm92ZXJJbnB1dDtcbiAgICBhcHByb3ZlckluZGV4OiBudW1iZXI7XG4gICAgc2xpcFN1YkFzc2VtYmx5OiBzbGlwLlN1YkFzc2VtYmx5O1xuICAgIGFzc2VtYmx5S2V5UGFyYW1zOiBvYmplY3Q7XG4gICAgc3ViamVjdEtleTogSldLLktleTtcbiAgfSkge1xuICAgIGNvbnN0IHRwV3JhcHBpbmdLZXkgPSBhd2FpdCB0aGlzLnByZXBhcmVUcFdyYXBwaW5nS2V5KHRwKTtcbiAgICAvLyBzaGFyZWQga2V5IGlzIHJvdGF0ZWQgZXZlcnkgdGltZS5cbiAgICBjb25zdCBzaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG5cbiAgICAvLyBGb3IgVFAgdG8gYWNjZXNzIHNoYXJlZF9rZXlcbiAgICBjb25zdCB0cFdyYXBwZWRTaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgIHRwV3JhcHBpbmdLZXkuandrLFxuICAgICAgc2hhcmVkS2V5LnRvSlNPTih0cnVlKVxuICAgICk7XG4gICAgLy8gRm9yIHN1YmplY3QgdG8gYWNjZXNzIHNoYXJlZF9rZXlcbiAgICBjb25zdCBzdWJqZWN0S2V5V3JhcHBlZFNoYXJlZEtleSA9XG4gICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgICAgc3ViamVjdEtleSxcbiAgICAgICAgc2hhcmVkS2V5LnRvSlNPTih0cnVlKVxuICAgICAgKTtcblxuICAgIC8vIElmIHF1b3J1bSBpcyAxLCB0aGVuIHVzaW5nIHRoZSBzYW1lIHNoYXJlIGZvciBldmVyeSBtZW1iZXIuXG4gICAgY29uc3Qgc2hhcmUgPVxuICAgICAgc2xpcFN1YkFzc2VtYmx5LnRocmVzaG9sZCA9PT0gMVxuICAgICAgICA/IHNsaXBTdWJBc3NlbWJseS5zaGFyZXNbMF1cbiAgICAgICAgOiBzbGlwU3ViQXNzZW1ibHkuc2hhcmVzW2FwcHJvdmVySW5kZXhdO1xuXG4gICAgY29uc3QgcGFydGlhbEFzc2VtYmx5S2V5OiBQYXJ0aWFsQXNzZW1ibHlLZXkgPSB7XG4gICAgICBzbGlwMzk6IHtcbiAgICAgICAgc2hhcmUsXG4gICAgICAgIHN1YkFzc2VtYmx5OiB7XG4gICAgICAgICAgcXVvcnVtOiBzbGlwU3ViQXNzZW1ibHkudGhyZXNob2xkLFxuICAgICAgICAgIHNpemU6IHNsaXBTdWJBc3NlbWJseS5zaXplLFxuICAgICAgICB9LFxuICAgICAgfSxcbiAgICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxuICAgIH07XG5cbiAgICBjb25zb2xlLmxvZygncGFydGlhbEFzc2VtYmx5S2V5JywgcGFydGlhbEFzc2VtYmx5S2V5KTtcblxuICAgIGNvbnN0IHNoYXJlZENpcGhlckRhdGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgIHNoYXJlZEtleSxcbiAgICAgIHRwLnNoYXJlZENpcGhlckRhdGFDbGVhckpzb24gfHwgJydcbiAgICApO1xuXG4gICAgY29uc3Qgc2hhcmVkQ2lwaGVyQXBwcm92YWxEYXRhID1cbiAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdFRvU3RyaW5nKFxuICAgICAgICBzaGFyZWRLZXksXG4gICAgICAgIHRwLnNoYXJlZENpcGhlckFwcHJvdmFsRGF0YUNsZWFySnNvbiB8fCAnJ1xuICAgICAgKTtcblxuICAgIGNvbnN0IHNoYXJlZENpcGhlclBhcnRpYWxBc3NlbWJseUtleSA9XG4gICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgICAgc2hhcmVkS2V5LFxuICAgICAgICBwYXJ0aWFsQXNzZW1ibHlLZXlcbiAgICAgICk7XG5cbiAgICByZXR1cm4ge1xuICAgICAgdHBXcmFwcGluZ0tleUlkOiB0cFdyYXBwaW5nS2V5LmlkLFxuICAgICAgdHBXcmFwcGVkU2hhcmVkS2V5LFxuICAgICAgc3ViamVjdEtleVdyYXBwZWRTaGFyZWRLZXksXG4gICAgICBzaGFyZWRDaXBoZXJEYXRhLFxuICAgICAgc2hhcmVkQ2lwaGVyQXBwcm92YWxEYXRhLFxuICAgICAgc2hhcmVkQ2lwaGVyUGFydGlhbEFzc2VtYmx5S2V5LFxuICAgICAgYXBwcm92ZXJJZDogYXBwcm92ZXJJZCB8fCB2b2lkIDAsIC8vIElmIGV4aXN0aW5nIGFwcHJvdmVyXG4gICAgICB0cElkOiBhcHByb3ZlcklkID8gdm9pZCAwIDogdHAudHBJZCwgLy8gZWxzZSBhZGRpbmcgbmV3IFRQXG4gICAgfTtcbiAgfVxuXG4gIHZhbGlkYXRlQXBwcm92ZXJzKGFwcHJvdmVyczogVHBOb2RlW10pOiB2b2lkIHtcbiAgICAvLyBFbnN1cmUgYWxsIGFwcHJvdmVycyBoYXZlIG1rU2hhcmVkS2V5LlxuICAgIGZvciAoY29uc3QgdHAgb2YgYXBwcm92ZXJzKSB7XG4gICAgICBpZiAoIXRwLmN1cnJlbnRVc2VyU2hhcmVkS2V5LnVzZXJTaGFyZWRLZXkubWtTaGFyZWRLZXkpIHtcbiAgICAgICAgY29uc3QgbXNnID0gYHRwICR7dHAub3RoZXIudXNlcm5hbWV9IGRvZXMgbm90IGhhdmUgbWtTaGFyZWRLZXlgO1xuICAgICAgICBjb25zb2xlLmxvZyhtc2cpO1xuICAgICAgICB0aHJvdyBuZXcgTHJCYWRBcmd1bWVudEV4Y2VwdGlvbihtc2cpO1xuICAgICAgfVxuICAgIH1cbiAgfVxuXG4gIC8vIFByZXBhcmUgc2xpcDM5XG4gIHByb3RlY3RlZCBhc3luYyBwcmVwYXJlU2xpcDM5KFxuICAgIHN1YkFzc2VtYmxpZXMsXG4gICAgYXNzZW1ibHlRdW9ydW06IG51bWJlcixcbiAgICByYXdBc3NlbWJseUtleTogc3RyaW5nXG4gICk6IFByb21pc2U8c2xpcC5Bc3NlbWJseT4ge1xuICAgIC8vIElzIHRoZXJlIGVub3VnaCBzdWIgYXNzZW1ibGllcyB0byBtZWV0IHF1b3J1bVxuICAgIGlmIChzdWJBc3NlbWJsaWVzLmxlbmd0aCA8IGFzc2VtYmx5UXVvcnVtKSB7XG4gICAgICB0aHJvdyBuZXcgTHJCYWRBcmd1bWVudEV4Y2VwdGlvbihcbiAgICAgICAgJ05vdCBlbm91Z2ggc3ViIGFzc2VtYmxpZXMgdG8gbWVldCBxdW9ydW0nXG4gICAgICApO1xuICAgIH1cblxuICAgIGNvbnN0IHNsaXBBc3NlbWJseSA9IG5ldyBzbGlwLkFzc2VtYmx5KGFzc2VtYmx5UXVvcnVtKTtcblxuICAgIHN1YkFzc2VtYmxpZXMuZm9yRWFjaCgoc2EsIGluZGV4KSA9PiB7XG4gICAgICBsZXQgYXBwcm92ZXJDb3VudCA9IHNhLmFwcHJvdmVyVHBzLmxlbmd0aDtcblxuICAgICAgLy8gc2xpcDM5IHJlc3RyaWN0cyBxdW9ydW0gPT0gMSB0byBoYXZlIG9ubHkgMSBtZW1iZXIuIFNvIHdlIGp1c3Qgc2hhcmUgdGhlIHNhbWVcbiAgICAgIC8vIHBhcnRpYWwga2V5IGZvciBhbGwgc3ViIGFzc2VtYmx5IG1lbWJlcnMuXG4gICAgICBpZiAoc2EucXVvcnVtID09PSAxKSB7XG4gICAgICAgIGFwcHJvdmVyQ291bnQgPSAxO1xuICAgICAgfVxuICAgICAgc2xpcEFzc2VtYmx5LmFkZFN1YkFzc2VtYmx5KFxuICAgICAgICBuZXcgc2xpcC5TdWJBc3NlbWJseShpbmRleCwgc2EucXVvcnVtLCBhcHByb3ZlckNvdW50KVxuICAgICAgKTtcbiAgICB9KTtcblxuICAgIGF3YWl0IHRoaXMuc2xpcDM5U2VydmljZS5nZW5lcmF0ZVNoYXJlcyhcbiAgICAgIHJhd0Fzc2VtYmx5S2V5LFxuICAgICAgdGhpcy5zbGlwMzlQYXNzcGhyYXNlLFxuICAgICAgc2xpcEFzc2VtYmx5XG4gICAgKTtcbiAgICByZXR1cm4gc2xpcEFzc2VtYmx5O1xuICB9XG59XG4iXX0=
+import { __awaiter, __rest } from "tslib";
+import { mapEdges, } from '../api/types';
+import { EncryptionService } from '../cryptography/encryption.service';
+import { KeyFactoryService } from '../cryptography/key-factory.service';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import * as slip from '../cryptography/slip39.service';
+import { LrBadArgumentException, LrBadStateException, } from '../_common/exceptions';
+import { KeyService } from '../cryptography/key.service';
+import { LrGraphQLService } from '../api/lr-graphql';
+import { TpsKeysQuery } from './tp-assembly.gql.private';
+export class TpAssemblyController {
+    constructor(injector) {
+        this.keyFactory = injector.get(KeyFactoryService);
+        this.keyService = injector.get(KeyService);
+        this.encryptionService = injector.get(EncryptionService);
+        this.keyGraph = injector.get(KeyGraphService);
+        this.slip39Service = injector.get(slip.Slip39Service);
+        this.lrGraphQl = injector.get(LrGraphQLService);
+    }
+    recoverAssemblyKey(partials) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Every receiverPbkCipher should contain this and they should all be the same.
+            let assemblyKeyParams;
+            const shares = partials.map((partial) => {
+                if (assemblyKeyParams) {
+                    if (JSON.stringify(assemblyKeyParams) !==
+                        JSON.stringify(partial.assemblyKeyParams)) {
+                        throw new LrBadStateException('The assembly key parameters are different between the approvals.');
+                    }
+                }
+                else {
+                    assemblyKeyParams = partial.assemblyKeyParams;
+                }
+                return partial.slip39.share.mnemonics;
+            });
+            const rawAssemblyKey = yield this.slip39Service.recoverSecret(shares, this.slip39Passphrase);
+            return yield KeyFactoryService.asKey(Object.assign(Object.assign({}, assemblyKeyParams), { k: rawAssemblyKey }));
+        });
+    }
+    prepareTpWrappingKey(tp) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.keyGraph.getKey(tp.wrappingKeyId);
+        });
+    }
+    prepareAssembly({ subjectKey, rootKey, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const assemblyKey = yield this.keyFactory.createKey();
+            console.log('prepareAssembly assemblyKey', assemblyKey);
+            const _a = assemblyKey.toJSON(true), { k: rawAssemblyKey } = _a, assemblyKeyParams = __rest(_a, ["k"]);
+            const assemblyKeyVerifierPrk = yield this.keyFactory.createPkcSignKey();
+            const wrappedAssemblyKeyVerifierPrk = yield this.encryptionService.encryptToString(assemblyKey, assemblyKeyVerifierPrk.toJSON(true));
+            const assemblyKeyVerifierPbk = JSON.stringify(assemblyKeyVerifierPrk.toJSON());
+            const subjectKeyWrappedAssemblyKey = yield this.encryptionService.encryptToString(subjectKey, assemblyKey.toJSON(true));
+            // Encrypt the rootKey with the assemblyKey
+            const assemblyCipherData = yield this.encryptionService.encryptToString(assemblyKey, {
+                rootKey: rootKey.toJSON(true),
+            });
+            return {
+                assemblyKey,
+                rawAssemblyKey,
+                assemblyKeyParams,
+                subjectKeyWrappedAssemblyKey,
+                assemblyCipherData,
+                assemblyKeyVerifierPbk,
+                wrappedAssemblyKeyVerifierPrk,
+            };
+        });
+    }
+    prepareCreateSubAssemblies({ input, subjectKey, slipSubAssemblies, assemblyKeyParams, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return Promise.all(input.map((sa, saIndex) => __awaiter(this, void 0, void 0, function* () {
+                const subjectCipherData = yield this.encryptionService.encryptToString(subjectKey, sa.subjectCipherDataClearJson || '');
+                const createApprovers = yield Promise.all(sa.approverTps.map((approverTp, approverIndex) => __awaiter(this, void 0, void 0, function* () {
+                    return this.prepareApprover({
+                        tp: approverTp,
+                        approverIndex,
+                        slipSubAssembly: slipSubAssemblies[saIndex],
+                        assemblyKeyParams,
+                        subjectKey,
+                    });
+                })));
+                return {
+                    singleReject: sa.singleReject,
+                    quorum: sa.quorum,
+                    subjectCipherData,
+                    createApprovers,
+                };
+            })));
+        });
+    }
+    prepareUpdateSubAssemblies({ input, subjectKey, slipSubAssemblies, assemblyKeyParams, subAssemblies, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (slipSubAssemblies.length !== input.length) {
+                throw new LrBadArgumentException('The slipSubAssemblies must be the same length as the input');
+            }
+            return Promise.all(input.map((sa, saIndex) => __awaiter(this, void 0, void 0, function* () {
+                const subjectCipherData = yield this.encryptionService.encryptToString(subjectKey, sa.subjectCipherDataClearJson || '');
+                // Get the existing sub-assembly
+                const existingSa = subAssemblies.edges.find((edge) => edge.node.id === sa.id).node;
+                // Get approvers that do not exist yet
+                const createApprovers = [];
+                const updateApprovers = [];
+                sa.approverTps.forEach((tp) => {
+                    var _a;
+                    const approver = (_a = existingSa.approvers.edges.find((edge) => edge.node.tp.id === tp.tpId)) === null || _a === void 0 ? void 0 : _a.node;
+                    if (approver) {
+                        updateApprovers.push({
+                            tp,
+                            approverId: approver.id,
+                        });
+                    }
+                    else {
+                        createApprovers.push({
+                            tp,
+                        });
+                    }
+                });
+                const slipSubAssembly = slipSubAssemblies[saIndex];
+                return {
+                    subAssemblyId: sa.id,
+                    singleReject: sa.singleReject,
+                    quorum: sa.quorum,
+                    subjectCipherData,
+                    createApprovers: yield Promise.all(createApprovers.map(({ tp }, approverIndex) => __awaiter(this, void 0, void 0, function* () {
+                        return this.prepareApprover({
+                            tp,
+                            approverIndex,
+                            slipSubAssembly,
+                            assemblyKeyParams,
+                            subjectKey,
+                        });
+                    }))),
+                    updateApprovers: yield Promise.all(updateApprovers.map(({ tp, approverId }, approverIndex) => __awaiter(this, void 0, void 0, function* () {
+                        return this.prepareApprover({
+                            approverId,
+                            tp,
+                            approverIndex: approverIndex + createApprovers.length,
+                            slipSubAssembly,
+                            assemblyKeyParams,
+                            subjectKey,
+                        });
+                    }))),
+                };
+            })));
+        });
+    }
+    fillWrappingKeyId(input, tps) {
+        // Fill in wrappingKeyId if not present
+        input.forEach((sa) => {
+            sa.approverTps.forEach((approver) => {
+                if (!approver.wrappingKeyId) {
+                    const tp = tps.find((x) => x.id === approver.tpId);
+                    approver.wrappingKeyId = this.getTpWrappingKeyId(tp);
+                }
+            });
+        });
+    }
+    getInputApprovers(input) {
+        const tpIds = [];
+        input.forEach((sa) => {
+            sa.approverTps.forEach((approver) => {
+                tpIds.push(approver.tpId);
+            });
+        });
+        return tpIds;
+    }
+    prepareCreate(input) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const rootKey = yield this.keyService.getCurrentRootKey();
+            const subjectKey = yield this.keyFactory.createKey();
+            const rootKeyWrappedSubjectKey = yield this.keyGraph.wrapKey(rootKey, subjectKey);
+            const _a = yield this.prepareAssembly({
+                rootKey: rootKey.jwk,
+                subjectKey,
+            }), { assemblyKey, rawAssemblyKey, assemblyKeyParams } = _a, assemblyInput = __rest(_a, ["assemblyKey", "rawAssemblyKey", "assemblyKeyParams"]);
+            const slipAssembly = yield this.prepareSlip39(input.createSubAssemblies, input.quorum, rawAssemblyKey);
+            const tpIds = this.getInputApprovers(input.createSubAssemblies);
+            // This should contain all the TPs that we need to update the assembly.
+            const tps = mapEdges((yield this.lrGraphQl.query({
+                query: TpsKeysQuery,
+                variables: {
+                    ids: tpIds,
+                },
+            })).tps);
+            // Fill in wrappingKeyId if not present
+            this.fillWrappingKeyId(input.createSubAssemblies, tps);
+            const createSubAssemblies = yield this.prepareCreateSubAssemblies({
+                input: input.createSubAssemblies,
+                assemblyKeyParams,
+                slipSubAssemblies: slipAssembly.subAssemblies,
+                subjectKey,
+            });
+            return {
+                assemblyKey,
+                mutationInput: Object.assign(Object.assign({}, assemblyInput), { singleReject: input.singleReject, quorum: input.quorum, subjectCipherData: '', // TODO make this a parameter
+                    createSubAssemblies, rootKeyId: rootKey.id, rootKeyWrappedSubjectKey }),
+            };
+        });
+    }
+    getAssemblyApprovers(assembly) {
+        const tpIds = [];
+        // Find all TPs that belong to sub-assemblies
+        mapEdges(assembly.subAssemblies).map((sa) => {
+            mapEdges(sa.approvers).forEach((approver) => tpIds.push(approver.tp.id));
+        });
+        return tpIds;
+    }
+    prepareUpdate(input, assembly // TODO type this to only what we need.
+    ) {
+        return __awaiter(this, void 0, void 0, function* () {
+            input = Object.assign({ createSubAssemblies: [] }, input);
+            const createSubAssembliesInput = input.createSubAssemblies || [];
+            const updateSubAssembliesInput = input.updateSubAssemblies || [];
+            const deleteSubAssembliesInput = input.deleteSubAssemblies || [];
+            // Must have at least one.
+            if (createSubAssembliesInput.length === 0 &&
+                updateSubAssembliesInput.length === 0 &&
+                deleteSubAssembliesInput.length === 0) {
+                throw new LrBadArgumentException('Must specify at least one of: [createSubAssemblies, updateSubAssemblies, deleteSubAssemblies]');
+            }
+            const rootKey = yield this.keyService.getCurrentRootKey();
+            const subjectKey = yield this.keyGraph.getKey(assembly.subjectKey.id);
+            const _a = yield this.prepareAssembly({
+                rootKey: rootKey.jwk,
+                subjectKey: subjectKey.jwk,
+            }), { assemblyKey, rawAssemblyKey, assemblyKeyParams } = _a, assemblyInput = __rest(_a, ["assemblyKey", "rawAssemblyKey", "assemblyKeyParams"]);
+            // Find all the TPs that we need, duplicates are no problem.
+            // Existing approvers
+            const tpIds = this.getAssemblyApprovers(assembly).concat(this.getInputApprovers(createSubAssembliesInput), this.getInputApprovers(updateSubAssembliesInput));
+            // This should contain all the TPs that we need to update the assembly.
+            const tps = mapEdges((yield this.lrGraphQl.query({
+                query: TpsKeysQuery,
+                variables: {
+                    ids: tpIds,
+                },
+            })).tps);
+            // Auto fill the updateSubAssemblies with existing sub assemblies if they are not
+            // explicitly deleted.
+            mapEdges(assembly.subAssemblies).forEach((existing) => {
+                // Deleting existing, don't include it
+                if (deleteSubAssembliesInput.includes(existing.id)) {
+                    return;
+                }
+                // Update already specified in the input
+                if (updateSubAssembliesInput.some((sa) => sa.id === existing.id)) {
+                    return;
+                }
+                const approverTps = mapEdges(existing.approvers).map((approver) => {
+                    return {
+                        tpId: approver.tp.id,
+                        sharedCipherDataClearJson: approver.sharedCipherDataClearJson,
+                        sharedCipherApprovalDataClearJson: approver.sharedCipherApprovalDataClearJson,
+                    };
+                });
+                updateSubAssembliesInput.push({
+                    id: existing.id,
+                    quorum: existing.quorum,
+                    singleReject: existing.singleReject,
+                    approverTps,
+                    subjectCipherDataClearJson: existing.subjectCipherDataClearJson,
+                });
+            });
+            // Fill in wrappingKeyId if not present
+            this.fillWrappingKeyId(createSubAssembliesInput, tps);
+            this.fillWrappingKeyId(updateSubAssembliesInput, tps);
+            let slipAssembly;
+            try {
+                slipAssembly = yield this.prepareSlip39((createSubAssembliesInput || []).concat(updateSubAssembliesInput || []), input.quorum, rawAssemblyKey);
+            }
+            catch (error) {
+                // TODO this sometimes happens. Maybe missing await.
+                console.log('Error while creating slip assembly', error);
+            }
+            const common = {
+                assemblyKeyParams,
+                subjectKey: subjectKey.jwk,
+            };
+            const createSubAssemblies = yield this.prepareCreateSubAssemblies(Object.assign(Object.assign({}, common), { input: createSubAssembliesInput, 
+                // Need to match the slip sub assemblies to the input
+                slipSubAssemblies: slipAssembly.subAssemblies.slice(0, createSubAssembliesInput.length) }));
+            const updateSubAssemblies = yield this.prepareUpdateSubAssemblies(Object.assign(Object.assign({}, common), { input: updateSubAssembliesInput, 
+                // Add an offset to the sub assemblies to skip the one that are created.
+                slipSubAssemblies: slipAssembly.subAssemblies.slice(createSubAssembliesInput.length), subAssemblies: assembly.subAssemblies }));
+            return {
+                assemblyKey,
+                mutationInput: Object.assign(Object.assign({}, assemblyInput), { singleReject: input.singleReject, quorum: input.quorum, subjectCipherData: '', subjectKeyId: subjectKey.id, createSubAssemblies,
+                    updateSubAssemblies }),
+            };
+        });
+    }
+    prepareApprover({ approverId, tp, approverIndex, slipSubAssembly, assemblyKeyParams, subjectKey, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const tpWrappingKey = yield this.prepareTpWrappingKey(tp);
+            // shared key is rotated every time.
+            const sharedKey = yield this.keyFactory.createKey();
+            // For TP to access shared_key
+            const tpWrappedSharedKey = yield this.encryptionService.encryptToString(tpWrappingKey.jwk, sharedKey.toJSON(true));
+            // For subject to access shared_key
+            const subjectKeyWrappedSharedKey = yield this.encryptionService.encryptToString(subjectKey, sharedKey.toJSON(true));
+            // If quorum is 1, then using the same share for every member.
+            const share = slipSubAssembly.threshold === 1
+                ? slipSubAssembly.shares[0]
+                : slipSubAssembly.shares[approverIndex];
+            const partialAssemblyKey = {
+                slip39: {
+                    share,
+                    subAssembly: {
+                        quorum: slipSubAssembly.threshold,
+                        size: slipSubAssembly.size,
+                    },
+                },
+                assemblyKeyParams,
+            };
+            console.log('partialAssemblyKey', partialAssemblyKey);
+            const sharedCipherData = yield this.encryptionService.encryptToString(sharedKey, tp.sharedCipherDataClearJson || '');
+            const sharedCipherApprovalData = yield this.encryptionService.encryptToString(sharedKey, tp.sharedCipherApprovalDataClearJson || '');
+            const sharedCipherPartialAssemblyKey = yield this.encryptionService.encryptToString(sharedKey, partialAssemblyKey);
+            return {
+                tpWrappingKeyId: tpWrappingKey.id,
+                tpWrappedSharedKey,
+                subjectKeyWrappedSharedKey,
+                sharedCipherData,
+                sharedCipherApprovalData,
+                sharedCipherPartialAssemblyKey,
+                approverId: approverId || void 0,
+                tpId: approverId ? void 0 : tp.tpId,
+            };
+        });
+    }
+    validateApprovers(approvers) {
+        // Ensure all approvers have mkSharedKey.
+        for (const tp of approvers) {
+            if (!tp.currentUserSharedKey.userSharedKey.mkSharedKey) {
+                const msg = `tp ${tp.other.username} does not have mkSharedKey`;
+                console.log(msg);
+                throw new LrBadArgumentException(msg);
+            }
+        }
+    }
+    // Prepare slip39
+    prepareSlip39(subAssemblies, assemblyQuorum, rawAssemblyKey) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Is there enough sub assemblies to meet quorum
+            if (subAssemblies.length < assemblyQuorum) {
+                throw new LrBadArgumentException('Not enough sub assemblies to meet quorum');
+            }
+            const slipAssembly = new slip.Assembly(assemblyQuorum);
+            subAssemblies.forEach((sa, index) => {
+                let approverCount = sa.approverTps.length;
+                // slip39 restricts quorum == 1 to have only 1 member. So we just share the same
+                // partial key for all sub assembly members.
+                if (sa.quorum === 1) {
+                    approverCount = 1;
+                }
+                slipAssembly.addSubAssembly(new slip.SubAssembly(index, sa.quorum, approverCount));
+            });
+            yield this.slip39Service.generateShares(rawAssemblyKey, this.slip39Passphrase, slipAssembly);
+            return slipAssembly;
+        });
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHAtYXNzZW1ibHkuanMiLCJzb3VyY2VSb290IjoiQzovUHJvamVjdHMva2MtY2xpZW50L3Byb2plY3RzL2NvcmUvc3JjLyIsInNvdXJjZXMiOlsibGliL3RydXN0ZWQtcGFydGllcy90cC1hc3NlbWJseS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBRUEsT0FBTyxFQUVMLFFBQVEsR0FJVCxNQUFNLGNBQWMsQ0FBQztBQUN0QixPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxvQ0FBb0MsQ0FBQztBQUN2RSxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxxQ0FBcUMsQ0FBQztBQUN4RSxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sbUNBQW1DLENBQUM7QUFDcEUsT0FBTyxLQUFLLElBQUksTUFBTSxnQ0FBZ0MsQ0FBQztBQUV2RCxPQUFPLEVBQ0wsc0JBQXNCLEVBQ3RCLG1CQUFtQixHQUNwQixNQUFNLHVCQUF1QixDQUFDO0FBQy9CLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQVN6RCxPQUFPLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSxtQkFBbUIsQ0FBQztBQUNyRCxPQUFPLEVBQUUsWUFBWSxFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFFekQsTUFBTSxPQUFnQixvQkFBb0I7SUFVeEMsWUFBWSxRQUFrQjtRQUM1QixJQUFJLENBQUMsVUFBVSxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsaUJBQWlCLENBQUMsQ0FBQztRQUNsRCxJQUFJLENBQUMsVUFBVSxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDM0MsSUFBSSxDQUFDLGlCQUFpQixHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsaUJBQWlCLENBQUMsQ0FBQztRQUN6RCxJQUFJLENBQUMsUUFBUSxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsZUFBZSxDQUFDLENBQUM7UUFDOUMsSUFBSSxDQUFDLGFBQWEsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUN0RCxJQUFJLENBQUMsU0FBUyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNsRCxDQUFDO0lBSUssa0JBQWtCLENBQUMsUUFBOEI7O1lBQ3JELCtFQUErRTtZQUMvRSxJQUFJLGlCQUF5QixDQUFDO1lBRTlCLE1BQU0sTUFBTSxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRTtnQkFDdEMsSUFBSSxpQkFBaUIsRUFBRTtvQkFDckIsSUFDRSxJQUFJLENBQUMsU0FBUyxDQUFDLGlCQUFpQixDQUFDO3dCQUNqQyxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQyxFQUN6Qzt3QkFDQSxNQUFNLElBQUksbUJBQW1CLENBQzNCLGtFQUFrRSxDQUNuRSxDQUFDO3FCQUNIO2lCQUNGO3FCQUFNO29CQUNMLGlCQUFpQixHQUFHLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQztpQkFDL0M7Z0JBQ0QsT0FBTyxPQUFPLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUM7WUFDeEMsQ0FBQyxDQUFDLENBQUM7WUFFSCxNQUFNLGNBQWMsR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUMzRCxNQUFNLEVBQ04sSUFBSSxDQUFDLGdCQUFnQixDQUN0QixDQUFDO1lBRUYsT0FBTyxNQUFNLGlCQUFpQixDQUFDLEtBQUssaUNBQy9CLGlCQUFpQixLQUNwQixDQUFDLEVBQUUsY0FBYyxJQUNqQixDQUFDO1FBQ0wsQ0FBQztLQUFBO0lBRWUsb0JBQW9CLENBQ2xDLEVBQTJCOztZQUUzQixPQUFPLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUNoRCxDQUFDO0tBQUE7SUFFZSxlQUFlLENBQUMsRUFDOUIsVUFBVSxFQUNWLE9BQU8sR0FJUjs7WUFDQyxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDdEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyw2QkFBNkIsRUFBRSxXQUFXLENBQUMsQ0FBQztZQUV4RCxNQUFNLEtBQThDLFdBQVcsQ0FBQyxNQUFNLENBQ3BFLElBQUksQ0FDRSxFQUZGLEVBQUUsQ0FBQyxFQUFFLGNBQWMsT0FFakIsRUFGc0IsaUJBQWlCLGNBQXpDLEtBQTJDLENBRXpDLENBQUM7WUFDVCxNQUFNLHNCQUFzQixHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBQ3hFLE1BQU0sNkJBQTZCLEdBQ2pDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDMUMsV0FBVyxFQUNYLHNCQUFzQixDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDcEMsQ0FBQztZQUNKLE1BQU0sc0JBQXNCLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDM0Msc0JBQXNCLENBQUMsTUFBTSxFQUFFLENBQ2hDLENBQUM7WUFFRixNQUFNLDRCQUE0QixHQUNoQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQzFDLFVBQVUsRUFDVixXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUFDO1lBRUosMkNBQTJDO1lBQzNDLE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUNyRSxXQUFXLEVBQ1g7Z0JBQ0UsT0FBTyxFQUFFLE9BQU8sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDO2FBQzlCLENBQ0YsQ0FBQztZQUVGLE9BQU87Z0JBQ0wsV0FBVztnQkFDWCxjQUFjO2dCQUNkLGlCQUFpQjtnQkFDakIsNEJBQTRCO2dCQUM1QixrQkFBa0I7Z0JBQ2xCLHNCQUFzQjtnQkFDdEIsNkJBQTZCO2FBQzlCLENBQUM7UUFDSixDQUFDO0tBQUE7SUFFZSwwQkFBMEIsQ0FBQyxFQUN6QyxLQUFLLEVBQ0wsVUFBVSxFQUNWLGlCQUFpQixFQUNqQixpQkFBaUIsR0FNbEI7O1lBQ0MsT0FBTyxPQUFPLENBQUMsR0FBRyxDQUNoQixLQUFLLENBQUMsR0FBRyxDQUFDLENBQU8sRUFBRSxFQUFFLE9BQU8sRUFBRSxFQUFFO2dCQUM5QixNQUFNLGlCQUFpQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDcEUsVUFBVSxFQUNWLEVBQUUsQ0FBQywwQkFBMEIsSUFBSSxFQUFFLENBQ3BDLENBQUM7Z0JBRUYsTUFBTSxlQUFlLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUN2QyxFQUFFLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFPLFVBQVUsRUFBRSxhQUFhLEVBQUUsRUFBRTtvQkFDckQsT0FBQSxJQUFJLENBQUMsZUFBZSxDQUFDO3dCQUNuQixFQUFFLEVBQUUsVUFBVTt3QkFDZCxhQUFhO3dCQUNiLGVBQWUsRUFBRSxpQkFBaUIsQ0FBQyxPQUFPLENBQUM7d0JBQzNDLGlCQUFpQjt3QkFDakIsVUFBVTtxQkFDWCxDQUFDLENBQUE7a0JBQUEsQ0FDSCxDQUNGLENBQUM7Z0JBRUYsT0FBTztvQkFDTCxZQUFZLEVBQUUsRUFBRSxDQUFDLFlBQVk7b0JBQzdCLE1BQU0sRUFBRSxFQUFFLENBQUMsTUFBTTtvQkFDakIsaUJBQWlCO29CQUNqQixlQUFlO2lCQUNoQixDQUFDO1lBQ0osQ0FBQyxDQUFBLENBQUMsQ0FDSCxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRWUsMEJBQTBCLENBQUMsRUFDekMsS0FBSyxFQUNMLFVBQVUsRUFDVixpQkFBaUIsRUFDakIsaUJBQWlCLEVBQ2pCLGFBQWEsR0FPZDs7WUFDQyxJQUFJLGlCQUFpQixDQUFDLE1BQU0sS0FBSyxLQUFLLENBQUMsTUFBTSxFQUFFO2dCQUM3QyxNQUFNLElBQUksc0JBQXNCLENBQzlCLDREQUE0RCxDQUM3RCxDQUFDO2FBQ0g7WUFFRCxPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQ2hCLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBTyxFQUFFLEVBQUUsT0FBTyxFQUFFLEVBQUU7Z0JBQzlCLE1BQU0saUJBQWlCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUNwRSxVQUFVLEVBQ1YsRUFBRSxDQUFDLDBCQUEwQixJQUFJLEVBQUUsQ0FDcEMsQ0FBQztnQkFFRixnQ0FBZ0M7Z0JBQ2hDLE1BQU0sVUFBVSxHQUFHLGFBQWEsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUN6QyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsQ0FDakMsQ0FBQyxJQUFJLENBQUM7Z0JBRVAsc0NBQXNDO2dCQUN0QyxNQUFNLGVBQWUsR0FBRyxFQUFFLENBQUM7Z0JBQzNCLE1BQU0sZUFBZSxHQUFHLEVBQUUsQ0FBQztnQkFFM0IsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRTs7b0JBQzVCLE1BQU0sUUFBUSxTQUFHLFVBQVUsQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLElBQUksQ0FDOUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLEVBQUUsS0FBSyxFQUFFLENBQUMsSUFBSSxDQUN0QywwQ0FBRSxJQUFJLENBQUM7b0JBQ1IsSUFBSSxRQUFRLEVBQUU7d0JBQ1osZUFBZSxDQUFDLElBQUksQ0FBQzs0QkFDbkIsRUFBRTs0QkFDRixVQUFVLEVBQUUsUUFBUSxDQUFDLEVBQUU7eUJBQ3hCLENBQUMsQ0FBQztxQkFDSjt5QkFBTTt3QkFDTCxlQUFlLENBQUMsSUFBSSxDQUFDOzRCQUNuQixFQUFFO3lCQUNILENBQUMsQ0FBQztxQkFDSjtnQkFDSCxDQUFDLENBQUMsQ0FBQztnQkFFSCxNQUFNLGVBQWUsR0FBRyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFFbkQsT0FBTztvQkFDTCxhQUFhLEVBQUUsRUFBRSxDQUFDLEVBQUU7b0JBQ3BCLFlBQVksRUFBRSxFQUFFLENBQUMsWUFBWTtvQkFDN0IsTUFBTSxFQUFFLEVBQUUsQ0FBQyxNQUFNO29CQUNqQixpQkFBaUI7b0JBQ2pCLGVBQWUsRUFBRSxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQ2hDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBTyxFQUFFLEVBQUUsRUFBRSxFQUFFLGFBQWEsRUFBRSxFQUFFO3dCQUNsRCxPQUFBLElBQUksQ0FBQyxlQUFlLENBQUM7NEJBQ25CLEVBQUU7NEJBQ0YsYUFBYTs0QkFDYixlQUFlOzRCQUNmLGlCQUFpQjs0QkFDakIsVUFBVTt5QkFDWCxDQUFDLENBQUE7c0JBQUEsQ0FDSCxDQUNGO29CQUNELGVBQWUsRUFBRSxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQ2hDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBTyxFQUFFLEVBQUUsRUFBRSxVQUFVLEVBQUUsRUFBRSxhQUFhLEVBQUUsRUFBRTt3QkFDOUQsT0FBQSxJQUFJLENBQUMsZUFBZSxDQUFDOzRCQUNuQixVQUFVOzRCQUNWLEVBQUU7NEJBQ0YsYUFBYSxFQUFFLGFBQWEsR0FBRyxlQUFlLENBQUMsTUFBTTs0QkFDckQsZUFBZTs0QkFDZixpQkFBaUI7NEJBQ2pCLFVBQVU7eUJBQ1gsQ0FBQyxDQUFBO3NCQUFBLENBQ0gsQ0FDRjtpQkFDRixDQUFDO1lBQ0osQ0FBQyxDQUFBLENBQUMsQ0FDSCxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRU8saUJBQWlCLENBQUMsS0FBaUMsRUFBRSxHQUFhO1FBQ3hFLHVDQUF1QztRQUN2QyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUU7WUFDbkIsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtnQkFDbEMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxhQUFhLEVBQUU7b0JBQzNCLE1BQU0sRUFBRSxHQUFHLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLEtBQUssUUFBUSxDQUFDLElBQUksQ0FBQyxDQUFDO29CQUNuRCxRQUFRLENBQUMsYUFBYSxHQUFHLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsQ0FBQztpQkFDdEQ7WUFDSCxDQUFDLENBQUMsQ0FBQztRQUNMLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVPLGlCQUFpQixDQUFDLEtBQWlDO1FBQ3pELE1BQU0sS0FBSyxHQUFhLEVBQUUsQ0FBQztRQUMzQixLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUU7WUFDbkIsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtnQkFDbEMsS0FBSyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDNUIsQ0FBQyxDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FBQztRQUNILE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUVZLGFBQWEsQ0FBQyxLQUE0Qjs7WUFDckQsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDMUQsTUFBTSxVQUFVLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3JELE1BQU0sd0JBQXdCLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FDMUQsT0FBTyxFQUNQLFVBQVUsQ0FDWCxDQUFDO1lBRUYsTUFBTSxLQUNKLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQztnQkFDekIsT0FBTyxFQUFFLE9BQU8sQ0FBQyxHQUFHO2dCQUNwQixVQUFVO2FBQ1gsQ0FBQyxFQUpFLEVBQUUsV0FBVyxFQUFFLGNBQWMsRUFBRSxpQkFBaUIsT0FJbEQsRUFKdUQsYUFBYSxjQUFsRSxzREFBb0UsQ0FJdEUsQ0FBQztZQUVMLE1BQU0sWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FDM0MsS0FBSyxDQUFDLG1CQUFtQixFQUN6QixLQUFLLENBQUMsTUFBTSxFQUNaLGNBQWMsQ0FDZixDQUFDO1lBRUYsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLEtBQUssQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1lBRWhFLHVFQUF1RTtZQUN2RSxNQUFNLEdBQUcsR0FBRyxRQUFRLENBQ2xCLENBQ0UsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQztnQkFDekIsS0FBSyxFQUFFLFlBQVk7Z0JBQ25CLFNBQVMsRUFBRTtvQkFDVCxHQUFHLEVBQUUsS0FBSztpQkFDWDthQUNGLENBQUMsQ0FDSCxDQUFDLEdBQUcsQ0FDTixDQUFDO1lBRUYsdUNBQXVDO1lBQ3ZDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsbUJBQW1CLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFFdkQsTUFBTSxtQkFBbUIsR0FBRyxNQUFNLElBQUksQ0FBQywwQkFBMEIsQ0FBQztnQkFDaEUsS0FBSyxFQUFFLEtBQUssQ0FBQyxtQkFBbUI7Z0JBQ2hDLGlCQUFpQjtnQkFDakIsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLGFBQWE7Z0JBQzdDLFVBQVU7YUFDWCxDQUFDLENBQUM7WUFFSCxPQUFPO2dCQUNMLFdBQVc7Z0JBQ1gsYUFBYSxrQ0FDUixhQUFhLEtBQ2hCLFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWSxFQUNoQyxNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU0sRUFDcEIsaUJBQWlCLEVBQUUsRUFBRSxFQUFFLDZCQUE2QjtvQkFDcEQsbUJBQW1CLEVBQ25CLFNBQVMsRUFBRSxPQUFPLENBQUMsRUFBRSxFQUNyQix3QkFBd0IsR0FDekI7YUFDRixDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRU8sb0JBQW9CLENBQUMsUUFBd0I7UUFDbkQsTUFBTSxLQUFLLEdBQWEsRUFBRSxDQUFDO1FBRTNCLDZDQUE2QztRQUM3QyxRQUFRLENBQUMsUUFBUSxDQUFDLGFBQWEsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFO1lBQzFDLFFBQVEsQ0FBQyxFQUFFLENBQUMsU0FBUyxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsUUFBUSxFQUFFLEVBQUUsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQztRQUMzRSxDQUFDLENBQUMsQ0FBQztRQUVILE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUVZLGFBQWEsQ0FDeEIsS0FBNEIsRUFDNUIsUUFBd0IsQ0FBQyx1Q0FBdUM7OztZQUVoRSxLQUFLLG1CQUNILG1CQUFtQixFQUFFLEVBQUUsSUFDcEIsS0FBSyxDQUNULENBQUM7WUFFRixNQUFNLHdCQUF3QixHQUFHLEtBQUssQ0FBQyxtQkFBbUIsSUFBSSxFQUFFLENBQUM7WUFDakUsTUFBTSx3QkFBd0IsR0FBRyxLQUFLLENBQUMsbUJBQW1CLElBQUksRUFBRSxDQUFDO1lBQ2pFLE1BQU0sd0JBQXdCLEdBQUcsS0FBSyxDQUFDLG1CQUFtQixJQUFJLEVBQUUsQ0FBQztZQUVqRSwwQkFBMEI7WUFDMUIsSUFDRSx3QkFBd0IsQ0FBQyxNQUFNLEtBQUssQ0FBQztnQkFDckMsd0JBQXdCLENBQUMsTUFBTSxLQUFLLENBQUM7Z0JBQ3JDLHdCQUF3QixDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQ3JDO2dCQUNBLE1BQU0sSUFBSSxzQkFBc0IsQ0FDOUIsK0ZBQStGLENBQ2hHLENBQUM7YUFDSDtZQUVELE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQzFELE1BQU0sVUFBVSxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUV0RSxNQUFNLEtBQ0osTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDO2dCQUN6QixPQUFPLEVBQUUsT0FBTyxDQUFDLEdBQUc7Z0JBQ3BCLFVBQVUsRUFBRSxVQUFVLENBQUMsR0FBRzthQUMzQixDQUFDLEVBSkUsRUFBRSxXQUFXLEVBQUUsY0FBYyxFQUFFLGlCQUFpQixPQUlsRCxFQUp1RCxhQUFhLGNBQWxFLHNEQUFvRSxDQUl0RSxDQUFDO1lBRUwsNERBQTREO1lBQzVELHFCQUFxQjtZQUNyQixNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUMsTUFBTSxDQUN0RCxJQUFJLENBQUMsaUJBQWlCLENBQUMsd0JBQXdCLENBQUMsRUFDaEQsSUFBSSxDQUFDLGlCQUFpQixDQUFDLHdCQUF3QixDQUFDLENBQ2pELENBQUM7WUFFRix1RUFBdUU7WUFDdkUsTUFBTSxHQUFHLEdBQUcsUUFBUSxDQUNsQixDQUNFLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQ3pCLEtBQUssRUFBRSxZQUFZO2dCQUNuQixTQUFTLEVBQUU7b0JBQ1QsR0FBRyxFQUFFLEtBQUs7aUJBQ1g7YUFDRixDQUFDLENBQ0gsQ0FBQyxHQUFHLENBQ04sQ0FBQztZQUVGLGlGQUFpRjtZQUNqRixzQkFBc0I7WUFDdEIsUUFBUSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtnQkFDcEQsc0NBQXNDO2dCQUN0QyxJQUFJLHdCQUF3QixDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDLEVBQUU7b0JBQ2xELE9BQU87aUJBQ1I7Z0JBRUQsd0NBQXdDO2dCQUN4QyxJQUFJLHdCQUF3QixDQUFDLElBQUksQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDLEVBQUUsS0FBSyxRQUFRLENBQUMsRUFBRSxDQUFDLEVBQUU7b0JBQ2hFLE9BQU87aUJBQ1I7Z0JBRUQsTUFBTSxXQUFXLEdBQThCLFFBQVEsQ0FDckQsUUFBUSxDQUFDLFNBQVMsQ0FDbkIsQ0FBQyxHQUFHLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtvQkFDakIsT0FBTzt3QkFDTCxJQUFJLEVBQUUsUUFBUSxDQUFDLEVBQUUsQ0FBQyxFQUFFO3dCQUNwQix5QkFBeUIsRUFBRSxRQUFRLENBQUMseUJBQXlCO3dCQUM3RCxpQ0FBaUMsRUFDL0IsUUFBUSxDQUFDLGlDQUFpQztxQkFDN0MsQ0FBQztnQkFDSixDQUFDLENBQUMsQ0FBQztnQkFFSCx3QkFBd0IsQ0FBQyxJQUFJLENBQUM7b0JBQzVCLEVBQUUsRUFBRSxRQUFRLENBQUMsRUFBRTtvQkFDZixNQUFNLEVBQUUsUUFBUSxDQUFDLE1BQU07b0JBQ3ZCLFlBQVksRUFBRSxRQUFRLENBQUMsWUFBWTtvQkFDbkMsV0FBVztvQkFDWCwwQkFBMEIsRUFBRSxRQUFRLENBQUMsMEJBQTBCO2lCQUNoRSxDQUFDLENBQUM7WUFDTCxDQUFDLENBQUMsQ0FBQztZQUVILHVDQUF1QztZQUN2QyxJQUFJLENBQUMsaUJBQWlCLENBQUMsd0JBQXdCLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFDdEQsSUFBSSxDQUFDLGlCQUFpQixDQUFDLHdCQUF3QixFQUFFLEdBQUcsQ0FBQyxDQUFDO1lBRXRELElBQUksWUFBWSxDQUFDO1lBQ2pCLElBQUk7Z0JBQ0YsWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FDckMsQ0FBQyx3QkFBd0IsSUFBSSxFQUFFLENBQUMsQ0FBQyxNQUFNLENBQUMsd0JBQXdCLElBQUksRUFBRSxDQUFDLEVBQ3ZFLEtBQUssQ0FBQyxNQUFNLEVBQ1osY0FBYyxDQUNmLENBQUM7YUFDSDtZQUFDLE9BQU8sS0FBSyxFQUFFO2dCQUNkLG9EQUFvRDtnQkFDcEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxvQ0FBb0MsRUFBRSxLQUFLLENBQUMsQ0FBQzthQUMxRDtZQUVELE1BQU0sTUFBTSxHQUFHO2dCQUNiLGlCQUFpQjtnQkFDakIsVUFBVSxFQUFFLFVBQVUsQ0FBQyxHQUFHO2FBQzNCLENBQUM7WUFFRixNQUFNLG1CQUFtQixHQUFHLE1BQU0sSUFBSSxDQUFDLDBCQUEwQixpQ0FDNUQsTUFBTSxLQUNULEtBQUssRUFBRSx3QkFBd0I7Z0JBQy9CLHFEQUFxRDtnQkFDckQsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLGFBQWEsQ0FBQyxLQUFLLENBQ2pELENBQUMsRUFDRCx3QkFBd0IsQ0FBQyxNQUFNLENBQ2hDLElBQ0QsQ0FBQztZQUVILE1BQU0sbUJBQW1CLEdBQUcsTUFBTSxJQUFJLENBQUMsMEJBQTBCLGlDQUM1RCxNQUFNLEtBQ1QsS0FBSyxFQUFFLHdCQUF3QjtnQkFDL0Isd0VBQXdFO2dCQUN4RSxpQkFBaUIsRUFBRSxZQUFZLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FDakQsd0JBQXdCLENBQUMsTUFBTSxDQUNoQyxFQUNELGFBQWEsRUFBRSxRQUFRLENBQUMsYUFBYSxJQUNyQyxDQUFDO1lBRUgsT0FBTztnQkFDTCxXQUFXO2dCQUNYLGFBQWEsa0NBQ1IsYUFBYSxLQUNoQixZQUFZLEVBQUUsS0FBSyxDQUFDLFlBQVksRUFDaEMsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNLEVBQ3BCLGlCQUFpQixFQUFFLEVBQUUsRUFDckIsWUFBWSxFQUFFLFVBQVUsQ0FBQyxFQUFFLEVBQzNCLG1CQUFtQjtvQkFDbkIsbUJBQW1CLEdBQ3BCO2FBQ0YsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVhLGVBQWUsQ0FBQyxFQUM1QixVQUFVLEVBQ1YsRUFBRSxFQUNGLGFBQWEsRUFDYixlQUFlLEVBQ2YsaUJBQWlCLEVBQ2pCLFVBQVUsR0FRWDs7WUFDQyxNQUFNLGFBQWEsR0FBRyxNQUFNLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUMxRCxvQ0FBb0M7WUFDcEMsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBRXBELDhCQUE4QjtZQUM5QixNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDckUsYUFBYSxDQUFDLEdBQUcsRUFDakIsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDdkIsQ0FBQztZQUNGLG1DQUFtQztZQUNuQyxNQUFNLDBCQUEwQixHQUM5QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQzFDLFVBQVUsRUFDVixTQUFTLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN2QixDQUFDO1lBRUosOERBQThEO1lBQzlELE1BQU0sS0FBSyxHQUNULGVBQWUsQ0FBQyxTQUFTLEtBQUssQ0FBQztnQkFDN0IsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDO2dCQUMzQixDQUFDLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxhQUFhLENBQUMsQ0FBQztZQUU1QyxNQUFNLGtCQUFrQixHQUF1QjtnQkFDN0MsTUFBTSxFQUFFO29CQUNOLEtBQUs7b0JBQ0wsV0FBVyxFQUFFO3dCQUNYLE1BQU0sRUFBRSxlQUFlLENBQUMsU0FBUzt3QkFDakMsSUFBSSxFQUFFLGVBQWUsQ0FBQyxJQUFJO3FCQUMzQjtpQkFDRjtnQkFDRCxpQkFBaUI7YUFDbEIsQ0FBQztZQUVGLE9BQU8sQ0FBQyxHQUFHLENBQUMsb0JBQW9CLEVBQUUsa0JBQWtCLENBQUMsQ0FBQztZQUV0RCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDbkUsU0FBUyxFQUNULEVBQUUsQ0FBQyx5QkFBeUIsSUFBSSxFQUFFLENBQ25DLENBQUM7WUFFRixNQUFNLHdCQUF3QixHQUM1QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQzFDLFNBQVMsRUFDVCxFQUFFLENBQUMsaUNBQWlDLElBQUksRUFBRSxDQUMzQyxDQUFDO1lBRUosTUFBTSw4QkFBOEIsR0FDbEMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUMxQyxTQUFTLEVBQ1Qsa0JBQWtCLENBQ25CLENBQUM7WUFFSixPQUFPO2dCQUNMLGVBQWUsRUFBRSxhQUFhLENBQUMsRUFBRTtnQkFDakMsa0JBQWtCO2dCQUNsQiwwQkFBMEI7Z0JBQzFCLGdCQUFnQjtnQkFDaEIsd0JBQXdCO2dCQUN4Qiw4QkFBOEI7Z0JBQzlCLFVBQVUsRUFBRSxVQUFVLElBQUksS0FBSyxDQUFDO2dCQUNoQyxJQUFJLEVBQUUsVUFBVSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLElBQUk7YUFDcEMsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVELGlCQUFpQixDQUFDLFNBQW1CO1FBQ25DLHlDQUF5QztRQUN6QyxLQUFLLE1BQU0sRUFBRSxJQUFJLFNBQVMsRUFBRTtZQUMxQixJQUFJLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLGFBQWEsQ0FBQyxXQUFXLEVBQUU7Z0JBQ3RELE1BQU0sR0FBRyxHQUFHLE1BQU0sRUFBRSxDQUFDLEtBQUssQ0FBQyxRQUFRLDRCQUE0QixDQUFDO2dCQUNoRSxPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFDO2dCQUNqQixNQUFNLElBQUksc0JBQXNCLENBQUMsR0FBRyxDQUFDLENBQUM7YUFDdkM7U0FDRjtJQUNILENBQUM7SUFFRCxpQkFBaUI7SUFDRCxhQUFhLENBQzNCLGFBQWEsRUFDYixjQUFzQixFQUN0QixjQUFzQjs7WUFFdEIsZ0RBQWdEO1lBQ2hELElBQUksYUFBYSxDQUFDLE1BQU0sR0FBRyxjQUFjLEVBQUU7Z0JBQ3pDLE1BQU0sSUFBSSxzQkFBc0IsQ0FDOUIsMENBQTBDLENBQzNDLENBQUM7YUFDSDtZQUVELE1BQU0sWUFBWSxHQUFHLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxjQUFjLENBQUMsQ0FBQztZQUV2RCxhQUFhLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxFQUFFLEtBQUssRUFBRSxFQUFFO2dCQUNsQyxJQUFJLGFBQWEsR0FBRyxFQUFFLENBQUMsV0FBVyxDQUFDLE1BQU0sQ0FBQztnQkFFMUMsZ0ZBQWdGO2dCQUNoRiw0Q0FBNEM7Z0JBQzVDLElBQUksRUFBRSxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUU7b0JBQ25CLGFBQWEsR0FBRyxDQUFDLENBQUM7aUJBQ25CO2dCQUNELFlBQVksQ0FBQyxjQUFjLENBQ3pCLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLE1BQU0sRUFBRSxhQUFhLENBQUMsQ0FDdEQsQ0FBQztZQUNKLENBQUMsQ0FBQyxDQUFDO1lBRUgsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLGNBQWMsQ0FDckMsY0FBYyxFQUNkLElBQUksQ0FBQyxnQkFBZ0IsRUFDckIsWUFBWSxDQUNiLENBQUM7WUFDRixPQUFPLFlBQVksQ0FBQztRQUN0QixDQUFDO0tBQUE7Q0FDRiIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEluamVjdG9yIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XHJcbmltcG9ydCB7IEpXSyB9IGZyb20gJ25vZGUtam9zZSc7XHJcbmltcG9ydCB7XHJcbiAgQ29ubmVjdGlvbixcclxuICBtYXBFZGdlcyxcclxuICBUcEFzc2VtYmx5Tm9kZSxcclxuICBUcE5vZGUsXHJcbiAgVHBTdWJBc3NlbWJseU5vZGUsXHJcbn0gZnJvbSAnLi4vYXBpL3R5cGVzJztcclxuaW1wb3J0IHsgRW5jcnlwdGlvblNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkvZW5jcnlwdGlvbi5zZXJ2aWNlJztcclxuaW1wb3J0IHsgS2V5RmFjdG9yeVNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LWZhY3Rvcnkuc2VydmljZSc7XHJcbmltcG9ydCB7IEtleUdyYXBoU2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9rZXktZ3JhcGguc2VydmljZSc7XHJcbmltcG9ydCAqIGFzIHNsaXAgZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L3NsaXAzOS5zZXJ2aWNlJztcclxuaW1wb3J0IHsgS2V5IH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2NyeXB0b2dyYXBoeS50eXBlcyc7XHJcbmltcG9ydCB7XHJcbiAgTHJCYWRBcmd1bWVudEV4Y2VwdGlvbixcclxuICBMckJhZFN0YXRlRXhjZXB0aW9uLFxyXG59IGZyb20gJy4uL19jb21tb24vZXhjZXB0aW9ucyc7XHJcbmltcG9ydCB7IEtleVNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LnNlcnZpY2UnO1xyXG5pbXBvcnQge1xyXG4gIENyZWF0ZVRwQXNzZW1ibHlJbnB1dCxcclxuICBDcmVhdGVUcFN1YkFzc2VtYmx5SW5wdXQsXHJcbiAgUGFydGlhbEFzc2VtYmx5S2V5LFxyXG4gIFRwQXNzZW1ibHlBcHByb3ZlcklucHV0LFxyXG4gIFVwZGF0ZVRwQXNzZW1ibHlJbnB1dCxcclxuICBVcGRhdGVUcFN1YkFzc2VtYmx5SW5wdXQsXHJcbn0gZnJvbSAnLi90cC1hc3NlbWJseS50eXBlcyc7XHJcbmltcG9ydCB7IExyR3JhcGhRTFNlcnZpY2UgfSBmcm9tICcuLi9hcGkvbHItZ3JhcGhxbCc7XHJcbmltcG9ydCB7IFRwc0tleXNRdWVyeSB9IGZyb20gJy4vdHAtYXNzZW1ibHkuZ3FsLnByaXZhdGUnO1xyXG5cclxuZXhwb3J0IGFic3RyYWN0IGNsYXNzIFRwQXNzZW1ibHlDb250cm9sbGVyIHtcclxuICBhYnN0cmFjdCBzbGlwMzlQYXNzcGhyYXNlOiBzdHJpbmc7XHJcblxyXG4gIHByb3RlY3RlZCBrZXlGYWN0b3J5OiBLZXlGYWN0b3J5U2VydmljZTtcclxuICBwcm90ZWN0ZWQga2V5U2VydmljZTogS2V5U2VydmljZTtcclxuICBwcm90ZWN0ZWQgZW5jcnlwdGlvblNlcnZpY2U6IEVuY3J5cHRpb25TZXJ2aWNlO1xyXG4gIHByb3RlY3RlZCBrZXlHcmFwaDogS2V5R3JhcGhTZXJ2aWNlO1xyXG4gIHByb3RlY3RlZCBzbGlwMzlTZXJ2aWNlOiBzbGlwLlNsaXAzOVNlcnZpY2U7XHJcbiAgcHJvdGVjdGVkIGxyR3JhcGhRbDogTHJHcmFwaFFMU2VydmljZTtcclxuXHJcbiAgY29uc3RydWN0b3IoaW5qZWN0b3I6IEluamVjdG9yKSB7XHJcbiAgICB0aGlzLmtleUZhY3RvcnkgPSBpbmplY3Rvci5nZXQoS2V5RmFjdG9yeVNlcnZpY2UpO1xyXG4gICAgdGhpcy5rZXlTZXJ2aWNlID0gaW5qZWN0b3IuZ2V0KEtleVNlcnZpY2UpO1xyXG4gICAgdGhpcy5lbmNyeXB0aW9uU2VydmljZSA9IGluamVjdG9yLmdldChFbmNyeXB0aW9uU2VydmljZSk7XHJcbiAgICB0aGlzLmtleUdyYXBoID0gaW5qZWN0b3IuZ2V0KEtleUdyYXBoU2VydmljZSk7XHJcbiAgICB0aGlzLnNsaXAzOVNlcnZpY2UgPSBpbmplY3Rvci5nZXQoc2xpcC5TbGlwMzlTZXJ2aWNlKTtcclxuICAgIHRoaXMubHJHcmFwaFFsID0gaW5qZWN0b3IuZ2V0KExyR3JhcGhRTFNlcnZpY2UpO1xyXG4gIH1cclxuXHJcbiAgYWJzdHJhY3QgZ2V0VHBXcmFwcGluZ0tleUlkKHRwOiBUcE5vZGUpOiBzdHJpbmc7XHJcblxyXG4gIGFzeW5jIHJlY292ZXJBc3NlbWJseUtleShwYXJ0aWFsczogUGFydGlhbEFzc2VtYmx5S2V5W10pIHtcclxuICAgIC8vIEV2ZXJ5IHJlY2VpdmVyUGJrQ2lwaGVyIHNob3VsZCBjb250YWluIHRoaXMgYW5kIHRoZXkgc2hvdWxkIGFsbCBiZSB0aGUgc2FtZS5cclxuICAgIGxldCBhc3NlbWJseUtleVBhcmFtczogb2JqZWN0O1xyXG5cclxuICAgIGNvbnN0IHNoYXJlcyA9IHBhcnRpYWxzLm1hcCgocGFydGlhbCkgPT4ge1xyXG4gICAgICBpZiAoYXNzZW1ibHlLZXlQYXJhbXMpIHtcclxuICAgICAgICBpZiAoXHJcbiAgICAgICAgICBKU09OLnN0cmluZ2lmeShhc3NlbWJseUtleVBhcmFtcykgIT09XHJcbiAgICAgICAgICBKU09OLnN0cmluZ2lmeShwYXJ0aWFsLmFzc2VtYmx5S2V5UGFyYW1zKVxyXG4gICAgICAgICkge1xyXG4gICAgICAgICAgdGhyb3cgbmV3IExyQmFkU3RhdGVFeGNlcHRpb24oXHJcbiAgICAgICAgICAgICdUaGUgYXNzZW1ibHkga2V5IHBhcmFtZXRlcnMgYXJlIGRpZmZlcmVudCBiZXR3ZWVuIHRoZSBhcHByb3ZhbHMuJ1xyXG4gICAgICAgICAgKTtcclxuICAgICAgICB9XHJcbiAgICAgIH0gZWxzZSB7XHJcbiAgICAgICAgYXNzZW1ibHlLZXlQYXJhbXMgPSBwYXJ0aWFsLmFzc2VtYmx5S2V5UGFyYW1zO1xyXG4gICAgICB9XHJcbiAgICAgIHJldHVybiBwYXJ0aWFsLnNsaXAzOS5zaGFyZS5tbmVtb25pY3M7XHJcbiAgICB9KTtcclxuXHJcbiAgICBjb25zdCByYXdBc3NlbWJseUtleSA9IGF3YWl0IHRoaXMuc2xpcDM5U2VydmljZS5yZWNvdmVyU2VjcmV0KFxyXG4gICAgICBzaGFyZXMsXHJcbiAgICAgIHRoaXMuc2xpcDM5UGFzc3BocmFzZVxyXG4gICAgKTtcclxuXHJcbiAgICByZXR1cm4gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoe1xyXG4gICAgICAuLi5hc3NlbWJseUtleVBhcmFtcyxcclxuICAgICAgazogcmF3QXNzZW1ibHlLZXksXHJcbiAgICB9KTtcclxuICB9XHJcblxyXG4gIHByb3RlY3RlZCBhc3luYyBwcmVwYXJlVHBXcmFwcGluZ0tleShcclxuICAgIHRwOiBUcEFzc2VtYmx5QXBwcm92ZXJJbnB1dFxyXG4gICk6IFByb21pc2U8S2V5PiB7XHJcbiAgICByZXR1cm4gdGhpcy5rZXlHcmFwaC5nZXRLZXkodHAud3JhcHBpbmdLZXlJZCk7XHJcbiAgfVxyXG5cclxuICBwcm90ZWN0ZWQgYXN5bmMgcHJlcGFyZUFzc2VtYmx5KHtcclxuICAgIHN1YmplY3RLZXksXHJcbiAgICByb290S2V5LFxyXG4gIH06IHtcclxuICAgIHN1YmplY3RLZXk6IEpXSy5LZXk7XHJcbiAgICByb290S2V5OiBKV0suS2V5O1xyXG4gIH0pIHtcclxuICAgIGNvbnN0IGFzc2VtYmx5S2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xyXG4gICAgY29uc29sZS5sb2coJ3ByZXBhcmVBc3NlbWJseSBhc3NlbWJseUtleScsIGFzc2VtYmx5S2V5KTtcclxuXHJcbiAgICBjb25zdCB7IGs6IHJhd0Fzc2VtYmx5S2V5LCAuLi5hc3NlbWJseUtleVBhcmFtcyB9ID0gYXNzZW1ibHlLZXkudG9KU09OKFxyXG4gICAgICB0cnVlXHJcbiAgICApIGFzIGFueTtcclxuICAgIGNvbnN0IGFzc2VtYmx5S2V5VmVyaWZpZXJQcmsgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlUGtjU2lnbktleSgpO1xyXG4gICAgY29uc3Qgd3JhcHBlZEFzc2VtYmx5S2V5VmVyaWZpZXJQcmsgPVxyXG4gICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgICBhc3NlbWJseUtleSxcclxuICAgICAgICBhc3NlbWJseUtleVZlcmlmaWVyUHJrLnRvSlNPTih0cnVlKVxyXG4gICAgICApO1xyXG4gICAgY29uc3QgYXNzZW1ibHlLZXlWZXJpZmllclBiayA9IEpTT04uc3RyaW5naWZ5KFxyXG4gICAgICBhc3NlbWJseUtleVZlcmlmaWVyUHJrLnRvSlNPTigpXHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IHN1YmplY3RLZXlXcmFwcGVkQXNzZW1ibHlLZXkgPVxyXG4gICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgICBzdWJqZWN0S2V5LFxyXG4gICAgICAgIGFzc2VtYmx5S2V5LnRvSlNPTih0cnVlKVxyXG4gICAgICApO1xyXG5cclxuICAgIC8vIEVuY3J5cHQgdGhlIHJvb3RLZXkgd2l0aCB0aGUgYXNzZW1ibHlLZXlcclxuICAgIGNvbnN0IGFzc2VtYmx5Q2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdFRvU3RyaW5nKFxyXG4gICAgICBhc3NlbWJseUtleSxcclxuICAgICAge1xyXG4gICAgICAgIHJvb3RLZXk6IHJvb3RLZXkudG9KU09OKHRydWUpLFxyXG4gICAgICB9XHJcbiAgICApO1xyXG5cclxuICAgIHJldHVybiB7XHJcbiAgICAgIGFzc2VtYmx5S2V5LFxyXG4gICAgICByYXdBc3NlbWJseUtleSxcclxuICAgICAgYXNzZW1ibHlLZXlQYXJhbXMsXHJcbiAgICAgIHN1YmplY3RLZXlXcmFwcGVkQXNzZW1ibHlLZXksXHJcbiAgICAgIGFzc2VtYmx5Q2lwaGVyRGF0YSxcclxuICAgICAgYXNzZW1ibHlLZXlWZXJpZmllclBiayxcclxuICAgICAgd3JhcHBlZEFzc2VtYmx5S2V5VmVyaWZpZXJQcmssXHJcbiAgICB9O1xyXG4gIH1cclxuXHJcbiAgcHJvdGVjdGVkIGFzeW5jIHByZXBhcmVDcmVhdGVTdWJBc3NlbWJsaWVzKHtcclxuICAgIGlucHV0LFxyXG4gICAgc3ViamVjdEtleSxcclxuICAgIHNsaXBTdWJBc3NlbWJsaWVzLFxyXG4gICAgYXNzZW1ibHlLZXlQYXJhbXMsXHJcbiAgfToge1xyXG4gICAgaW5wdXQ6IENyZWF0ZVRwU3ViQXNzZW1ibHlJbnB1dFtdO1xyXG4gICAgc3ViamVjdEtleTogSldLLktleTtcclxuICAgIHNsaXBTdWJBc3NlbWJsaWVzOiBzbGlwLlN1YkFzc2VtYmx5W107XHJcbiAgICBhc3NlbWJseUtleVBhcmFtczsgLy8gVE9ETyB0eXBlIHRoaXNcclxuICB9KSB7XHJcbiAgICByZXR1cm4gUHJvbWlzZS5hbGwoXHJcbiAgICAgIGlucHV0Lm1hcChhc3luYyAoc2EsIHNhSW5kZXgpID0+IHtcclxuICAgICAgICBjb25zdCBzdWJqZWN0Q2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdFRvU3RyaW5nKFxyXG4gICAgICAgICAgc3ViamVjdEtleSxcclxuICAgICAgICAgIHNhLnN1YmplY3RDaXBoZXJEYXRhQ2xlYXJKc29uIHx8ICcnXHJcbiAgICAgICAgKTtcclxuXHJcbiAgICAgICAgY29uc3QgY3JlYXRlQXBwcm92ZXJzID0gYXdhaXQgUHJvbWlzZS5hbGwoXHJcbiAgICAgICAgICBzYS5hcHByb3ZlclRwcy5tYXAoYXN5bmMgKGFwcHJvdmVyVHAsIGFwcHJvdmVySW5kZXgpID0+XHJcbiAgICAgICAgICAgIHRoaXMucHJlcGFyZUFwcHJvdmVyKHtcclxuICAgICAgICAgICAgICB0cDogYXBwcm92ZXJUcCxcclxuICAgICAgICAgICAgICBhcHByb3ZlckluZGV4LFxyXG4gICAgICAgICAgICAgIHNsaXBTdWJBc3NlbWJseTogc2xpcFN1YkFzc2VtYmxpZXNbc2FJbmRleF0sXHJcbiAgICAgICAgICAgICAgYXNzZW1ibHlLZXlQYXJhbXMsXHJcbiAgICAgICAgICAgICAgc3ViamVjdEtleSxcclxuICAgICAgICAgICAgfSlcclxuICAgICAgICAgIClcclxuICAgICAgICApO1xyXG5cclxuICAgICAgICByZXR1cm4ge1xyXG4gICAgICAgICAgc2luZ2xlUmVqZWN0OiBzYS5zaW5nbGVSZWplY3QsXHJcbiAgICAgICAgICBxdW9ydW06IHNhLnF1b3J1bSxcclxuICAgICAgICAgIHN1YmplY3RDaXBoZXJEYXRhLFxyXG4gICAgICAgICAgY3JlYXRlQXBwcm92ZXJzLFxyXG4gICAgICAgIH07XHJcbiAgICAgIH0pXHJcbiAgICApO1xyXG4gIH1cclxuXHJcbiAgcHJvdGVjdGVkIGFzeW5jIHByZXBhcmVVcGRhdGVTdWJBc3NlbWJsaWVzKHtcclxuICAgIGlucHV0LFxyXG4gICAgc3ViamVjdEtleSxcclxuICAgIHNsaXBTdWJBc3NlbWJsaWVzLFxyXG4gICAgYXNzZW1ibHlLZXlQYXJhbXMsXHJcbiAgICBzdWJBc3NlbWJsaWVzLFxyXG4gIH06IHtcclxuICAgIGlucHV0OiBVcGRhdGVUcFN1YkFzc2VtYmx5SW5wdXRbXTtcclxuICAgIHN1YmplY3RLZXk6IEpXSy5LZXk7XHJcbiAgICBzbGlwU3ViQXNzZW1ibGllczogc2xpcC5TdWJBc3NlbWJseVtdO1xyXG4gICAgYXNzZW1ibHlLZXlQYXJhbXM7IC8vIFRPRE8gdHlwZSB0aGlzXHJcbiAgICBzdWJBc3NlbWJsaWVzOiBDb25uZWN0aW9uPFRwU3ViQXNzZW1ibHlOb2RlPjtcclxuICB9KSB7XHJcbiAgICBpZiAoc2xpcFN1YkFzc2VtYmxpZXMubGVuZ3RoICE9PSBpbnB1dC5sZW5ndGgpIHtcclxuICAgICAgdGhyb3cgbmV3IExyQmFkQXJndW1lbnRFeGNlcHRpb24oXHJcbiAgICAgICAgJ1RoZSBzbGlwU3ViQXNzZW1ibGllcyBtdXN0IGJlIHRoZSBzYW1lIGxlbmd0aCBhcyB0aGUgaW5wdXQnXHJcbiAgICAgICk7XHJcbiAgICB9XHJcblxyXG4gICAgcmV0dXJuIFByb21pc2UuYWxsKFxyXG4gICAgICBpbnB1dC5tYXAoYXN5bmMgKHNhLCBzYUluZGV4KSA9PiB7XHJcbiAgICAgICAgY29uc3Qgc3ViamVjdENpcGhlckRhdGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgICAgIHN1YmplY3RLZXksXHJcbiAgICAgICAgICBzYS5zdWJqZWN0Q2lwaGVyRGF0YUNsZWFySnNvbiB8fCAnJ1xyXG4gICAgICAgICk7XHJcblxyXG4gICAgICAgIC8vIEdldCB0aGUgZXhpc3Rpbmcgc3ViLWFzc2VtYmx5XHJcbiAgICAgICAgY29uc3QgZXhpc3RpbmdTYSA9IHN1YkFzc2VtYmxpZXMuZWRnZXMuZmluZChcclxuICAgICAgICAgIChlZGdlKSA9PiBlZGdlLm5vZGUuaWQgPT09IHNhLmlkXHJcbiAgICAgICAgKS5ub2RlO1xyXG5cclxuICAgICAgICAvLyBHZXQgYXBwcm92ZXJzIHRoYXQgZG8gbm90IGV4aXN0IHlldFxyXG4gICAgICAgIGNvbnN0IGNyZWF0ZUFwcHJvdmVycyA9IFtdO1xyXG4gICAgICAgIGNvbnN0IHVwZGF0ZUFwcHJvdmVycyA9IFtdO1xyXG5cclxuICAgICAgICBzYS5hcHByb3ZlclRwcy5mb3JFYWNoKCh0cCkgPT4ge1xyXG4gICAgICAgICAgY29uc3QgYXBwcm92ZXIgPSBleGlzdGluZ1NhLmFwcHJvdmVycy5lZGdlcy5maW5kKFxyXG4gICAgICAgICAgICAoZWRnZSkgPT4gZWRnZS5ub2RlLnRwLmlkID09PSB0cC50cElkXHJcbiAgICAgICAgICApPy5ub2RlO1xyXG4gICAgICAgICAgaWYgKGFwcHJvdmVyKSB7XHJcbiAgICAgICAgICAgIHVwZGF0ZUFwcHJvdmVycy5wdXNoKHtcclxuICAgICAgICAgICAgICB0cCxcclxuICAgICAgICAgICAgICBhcHByb3ZlcklkOiBhcHByb3Zlci5pZCxcclxuICAgICAgICAgICAgfSk7XHJcbiAgICAgICAgICB9IGVsc2Uge1xyXG4gICAgICAgICAgICBjcmVhdGVBcHByb3ZlcnMucHVzaCh7XHJcbiAgICAgICAgICAgICAgdHAsXHJcbiAgICAgICAgICAgIH0pO1xyXG4gICAgICAgICAgfVxyXG4gICAgICAgIH0pO1xyXG5cclxuICAgICAgICBjb25zdCBzbGlwU3ViQXNzZW1ibHkgPSBzbGlwU3ViQXNzZW1ibGllc1tzYUluZGV4XTtcclxuXHJcbiAgICAgICAgcmV0dXJuIHtcclxuICAgICAgICAgIHN1YkFzc2VtYmx5SWQ6IHNhLmlkLFxyXG4gICAgICAgICAgc2luZ2xlUmVqZWN0OiBzYS5zaW5nbGVSZWplY3QsXHJcbiAgICAgICAgICBxdW9ydW06IHNhLnF1b3J1bSxcclxuICAgICAgICAgIHN1YmplY3RDaXBoZXJEYXRhLFxyXG4gICAgICAgICAgY3JlYXRlQXBwcm92ZXJzOiBhd2FpdCBQcm9taXNlLmFsbChcclxuICAgICAgICAgICAgY3JlYXRlQXBwcm92ZXJzLm1hcChhc3luYyAoeyB0cCB9LCBhcHByb3ZlckluZGV4KSA9PlxyXG4gICAgICAgICAgICAgIHRoaXMucHJlcGFyZUFwcHJvdmVyKHtcclxuICAgICAgICAgICAgICAgIHRwLFxyXG4gICAgICAgICAgICAgICAgYXBwcm92ZXJJbmRleCxcclxuICAgICAgICAgICAgICAgIHNsaXBTdWJBc3NlbWJseSxcclxuICAgICAgICAgICAgICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxyXG4gICAgICAgICAgICAgICAgc3ViamVjdEtleSxcclxuICAgICAgICAgICAgICB9KVxyXG4gICAgICAgICAgICApXHJcbiAgICAgICAgICApLFxyXG4gICAgICAgICAgdXBkYXRlQXBwcm92ZXJzOiBhd2FpdCBQcm9taXNlLmFsbChcclxuICAgICAgICAgICAgdXBkYXRlQXBwcm92ZXJzLm1hcChhc3luYyAoeyB0cCwgYXBwcm92ZXJJZCB9LCBhcHByb3ZlckluZGV4KSA9PlxyXG4gICAgICAgICAgICAgIHRoaXMucHJlcGFyZUFwcHJvdmVyKHtcclxuICAgICAgICAgICAgICAgIGFwcHJvdmVySWQsXHJcbiAgICAgICAgICAgICAgICB0cCxcclxuICAgICAgICAgICAgICAgIGFwcHJvdmVySW5kZXg6IGFwcHJvdmVySW5kZXggKyBjcmVhdGVBcHByb3ZlcnMubGVuZ3RoLFxyXG4gICAgICAgICAgICAgICAgc2xpcFN1YkFzc2VtYmx5LFxyXG4gICAgICAgICAgICAgICAgYXNzZW1ibHlLZXlQYXJhbXMsXHJcbiAgICAgICAgICAgICAgICBzdWJqZWN0S2V5LFxyXG4gICAgICAgICAgICAgIH0pXHJcbiAgICAgICAgICAgIClcclxuICAgICAgICAgICksXHJcbiAgICAgICAgfTtcclxuICAgICAgfSlcclxuICAgICk7XHJcbiAgfVxyXG5cclxuICBwcml2YXRlIGZpbGxXcmFwcGluZ0tleUlkKGlucHV0OiBDcmVhdGVUcFN1YkFzc2VtYmx5SW5wdXRbXSwgdHBzOiBUcE5vZGVbXSkge1xyXG4gICAgLy8gRmlsbCBpbiB3cmFwcGluZ0tleUlkIGlmIG5vdCBwcmVzZW50XHJcbiAgICBpbnB1dC5mb3JFYWNoKChzYSkgPT4ge1xyXG4gICAgICBzYS5hcHByb3ZlclRwcy5mb3JFYWNoKChhcHByb3ZlcikgPT4ge1xyXG4gICAgICAgIGlmICghYXBwcm92ZXIud3JhcHBpbmdLZXlJZCkge1xyXG4gICAgICAgICAgY29uc3QgdHAgPSB0cHMuZmluZCgoeCkgPT4geC5pZCA9PT0gYXBwcm92ZXIudHBJZCk7XHJcbiAgICAgICAgICBhcHByb3Zlci53cmFwcGluZ0tleUlkID0gdGhpcy5nZXRUcFdyYXBwaW5nS2V5SWQodHApO1xyXG4gICAgICAgIH1cclxuICAgICAgfSk7XHJcbiAgICB9KTtcclxuICB9XHJcblxyXG4gIHByaXZhdGUgZ2V0SW5wdXRBcHByb3ZlcnMoaW5wdXQ6IENyZWF0ZVRwU3ViQXNzZW1ibHlJbnB1dFtdKSB7XHJcbiAgICBjb25zdCB0cElkczogc3RyaW5nW10gPSBbXTtcclxuICAgIGlucHV0LmZvckVhY2goKHNhKSA9PiB7XHJcbiAgICAgIHNhLmFwcHJvdmVyVHBzLmZvckVhY2goKGFwcHJvdmVyKSA9PiB7XHJcbiAgICAgICAgdHBJZHMucHVzaChhcHByb3Zlci50cElkKTtcclxuICAgICAgfSk7XHJcbiAgICB9KTtcclxuICAgIHJldHVybiB0cElkcztcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBwcmVwYXJlQ3JlYXRlKGlucHV0OiBDcmVhdGVUcEFzc2VtYmx5SW5wdXQpIHtcclxuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcclxuICAgIGNvbnN0IHN1YmplY3RLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XHJcbiAgICBjb25zdCByb290S2V5V3JhcHBlZFN1YmplY3RLZXkgPSBhd2FpdCB0aGlzLmtleUdyYXBoLndyYXBLZXkoXHJcbiAgICAgIHJvb3RLZXksXHJcbiAgICAgIHN1YmplY3RLZXlcclxuICAgICk7XHJcblxyXG4gICAgY29uc3QgeyBhc3NlbWJseUtleSwgcmF3QXNzZW1ibHlLZXksIGFzc2VtYmx5S2V5UGFyYW1zLCAuLi5hc3NlbWJseUlucHV0IH0gPVxyXG4gICAgICBhd2FpdCB0aGlzLnByZXBhcmVBc3NlbWJseSh7XHJcbiAgICAgICAgcm9vdEtleTogcm9vdEtleS5qd2ssXHJcbiAgICAgICAgc3ViamVjdEtleSxcclxuICAgICAgfSk7XHJcblxyXG4gICAgY29uc3Qgc2xpcEFzc2VtYmx5ID0gYXdhaXQgdGhpcy5wcmVwYXJlU2xpcDM5KFxyXG4gICAgICBpbnB1dC5jcmVhdGVTdWJBc3NlbWJsaWVzLFxyXG4gICAgICBpbnB1dC5xdW9ydW0sXHJcbiAgICAgIHJhd0Fzc2VtYmx5S2V5XHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IHRwSWRzID0gdGhpcy5nZXRJbnB1dEFwcHJvdmVycyhpbnB1dC5jcmVhdGVTdWJBc3NlbWJsaWVzKTtcclxuXHJcbiAgICAvLyBUaGlzIHNob3VsZCBjb250YWluIGFsbCB0aGUgVFBzIHRoYXQgd2UgbmVlZCB0byB1cGRhdGUgdGhlIGFzc2VtYmx5LlxyXG4gICAgY29uc3QgdHBzID0gbWFwRWRnZXMoXHJcbiAgICAgIChcclxuICAgICAgICBhd2FpdCB0aGlzLmxyR3JhcGhRbC5xdWVyeSh7XHJcbiAgICAgICAgICBxdWVyeTogVHBzS2V5c1F1ZXJ5LFxyXG4gICAgICAgICAgdmFyaWFibGVzOiB7XHJcbiAgICAgICAgICAgIGlkczogdHBJZHMsXHJcbiAgICAgICAgICB9LFxyXG4gICAgICAgIH0pXHJcbiAgICAgICkudHBzXHJcbiAgICApO1xyXG5cclxuICAgIC8vIEZpbGwgaW4gd3JhcHBpbmdLZXlJZCBpZiBub3QgcHJlc2VudFxyXG4gICAgdGhpcy5maWxsV3JhcHBpbmdLZXlJZChpbnB1dC5jcmVhdGVTdWJBc3NlbWJsaWVzLCB0cHMpO1xyXG5cclxuICAgIGNvbnN0IGNyZWF0ZVN1YkFzc2VtYmxpZXMgPSBhd2FpdCB0aGlzLnByZXBhcmVDcmVhdGVTdWJBc3NlbWJsaWVzKHtcclxuICAgICAgaW5wdXQ6IGlucHV0LmNyZWF0ZVN1YkFzc2VtYmxpZXMsXHJcbiAgICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxyXG4gICAgICBzbGlwU3ViQXNzZW1ibGllczogc2xpcEFzc2VtYmx5LnN1YkFzc2VtYmxpZXMsXHJcbiAgICAgIHN1YmplY3RLZXksXHJcbiAgICB9KTtcclxuXHJcbiAgICByZXR1cm4ge1xyXG4gICAgICBhc3NlbWJseUtleSxcclxuICAgICAgbXV0YXRpb25JbnB1dDoge1xyXG4gICAgICAgIC4uLmFzc2VtYmx5SW5wdXQsXHJcbiAgICAgICAgc2luZ2xlUmVqZWN0OiBpbnB1dC5zaW5nbGVSZWplY3QsXHJcbiAgICAgICAgcXVvcnVtOiBpbnB1dC5xdW9ydW0sXHJcbiAgICAgICAgc3ViamVjdENpcGhlckRhdGE6ICcnLCAvLyBUT0RPIG1ha2UgdGhpcyBhIHBhcmFtZXRlclxyXG4gICAgICAgIGNyZWF0ZVN1YkFzc2VtYmxpZXMsXHJcbiAgICAgICAgcm9vdEtleUlkOiByb290S2V5LmlkLFxyXG4gICAgICAgIHJvb3RLZXlXcmFwcGVkU3ViamVjdEtleSxcclxuICAgICAgfSxcclxuICAgIH07XHJcbiAgfVxyXG5cclxuICBwcml2YXRlIGdldEFzc2VtYmx5QXBwcm92ZXJzKGFzc2VtYmx5OiBUcEFzc2VtYmx5Tm9kZSkge1xyXG4gICAgY29uc3QgdHBJZHM6IHN0cmluZ1tdID0gW107XHJcblxyXG4gICAgLy8gRmluZCBhbGwgVFBzIHRoYXQgYmVsb25nIHRvIHN1Yi1hc3NlbWJsaWVzXHJcbiAgICBtYXBFZGdlcyhhc3NlbWJseS5zdWJBc3NlbWJsaWVzKS5tYXAoKHNhKSA9PiB7XHJcbiAgICAgIG1hcEVkZ2VzKHNhLmFwcHJvdmVycykuZm9yRWFjaCgoYXBwcm92ZXIpID0+IHRwSWRzLnB1c2goYXBwcm92ZXIudHAuaWQpKTtcclxuICAgIH0pO1xyXG5cclxuICAgIHJldHVybiB0cElkcztcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBwcmVwYXJlVXBkYXRlKFxyXG4gICAgaW5wdXQ6IFVwZGF0ZVRwQXNzZW1ibHlJbnB1dCxcclxuICAgIGFzc2VtYmx5OiBUcEFzc2VtYmx5Tm9kZSAvLyBUT0RPIHR5cGUgdGhpcyB0byBvbmx5IHdoYXQgd2UgbmVlZC5cclxuICApIHtcclxuICAgIGlucHV0ID0ge1xyXG4gICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzOiBbXSxcclxuICAgICAgLi4uaW5wdXQsXHJcbiAgICB9O1xyXG5cclxuICAgIGNvbnN0IGNyZWF0ZVN1YkFzc2VtYmxpZXNJbnB1dCA9IGlucHV0LmNyZWF0ZVN1YkFzc2VtYmxpZXMgfHwgW107XHJcbiAgICBjb25zdCB1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQgPSBpbnB1dC51cGRhdGVTdWJBc3NlbWJsaWVzIHx8IFtdO1xyXG4gICAgY29uc3QgZGVsZXRlU3ViQXNzZW1ibGllc0lucHV0ID0gaW5wdXQuZGVsZXRlU3ViQXNzZW1ibGllcyB8fCBbXTtcclxuXHJcbiAgICAvLyBNdXN0IGhhdmUgYXQgbGVhc3Qgb25lLlxyXG4gICAgaWYgKFxyXG4gICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQubGVuZ3RoID09PSAwICYmXHJcbiAgICAgIHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dC5sZW5ndGggPT09IDAgJiZcclxuICAgICAgZGVsZXRlU3ViQXNzZW1ibGllc0lucHV0Lmxlbmd0aCA9PT0gMFxyXG4gICAgKSB7XHJcbiAgICAgIHRocm93IG5ldyBMckJhZEFyZ3VtZW50RXhjZXB0aW9uKFxyXG4gICAgICAgICdNdXN0IHNwZWNpZnkgYXQgbGVhc3Qgb25lIG9mOiBbY3JlYXRlU3ViQXNzZW1ibGllcywgdXBkYXRlU3ViQXNzZW1ibGllcywgZGVsZXRlU3ViQXNzZW1ibGllc10nXHJcbiAgICAgICk7XHJcbiAgICB9XHJcblxyXG4gICAgY29uc3Qgcm9vdEtleSA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50Um9vdEtleSgpO1xyXG4gICAgY29uc3Qgc3ViamVjdEtleSA9IGF3YWl0IHRoaXMua2V5R3JhcGguZ2V0S2V5KGFzc2VtYmx5LnN1YmplY3RLZXkuaWQpO1xyXG5cclxuICAgIGNvbnN0IHsgYXNzZW1ibHlLZXksIHJhd0Fzc2VtYmx5S2V5LCBhc3NlbWJseUtleVBhcmFtcywgLi4uYXNzZW1ibHlJbnB1dCB9ID1cclxuICAgICAgYXdhaXQgdGhpcy5wcmVwYXJlQXNzZW1ibHkoe1xyXG4gICAgICAgIHJvb3RLZXk6IHJvb3RLZXkuandrLFxyXG4gICAgICAgIHN1YmplY3RLZXk6IHN1YmplY3RLZXkuandrLFxyXG4gICAgICB9KTtcclxuXHJcbiAgICAvLyBGaW5kIGFsbCB0aGUgVFBzIHRoYXQgd2UgbmVlZCwgZHVwbGljYXRlcyBhcmUgbm8gcHJvYmxlbS5cclxuICAgIC8vIEV4aXN0aW5nIGFwcHJvdmVyc1xyXG4gICAgY29uc3QgdHBJZHMgPSB0aGlzLmdldEFzc2VtYmx5QXBwcm92ZXJzKGFzc2VtYmx5KS5jb25jYXQoXHJcbiAgICAgIHRoaXMuZ2V0SW5wdXRBcHByb3ZlcnMoY3JlYXRlU3ViQXNzZW1ibGllc0lucHV0KSxcclxuICAgICAgdGhpcy5nZXRJbnB1dEFwcHJvdmVycyh1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQpXHJcbiAgICApO1xyXG5cclxuICAgIC8vIFRoaXMgc2hvdWxkIGNvbnRhaW4gYWxsIHRoZSBUUHMgdGhhdCB3ZSBuZWVkIHRvIHVwZGF0ZSB0aGUgYXNzZW1ibHkuXHJcbiAgICBjb25zdCB0cHMgPSBtYXBFZGdlcyhcclxuICAgICAgKFxyXG4gICAgICAgIGF3YWl0IHRoaXMubHJHcmFwaFFsLnF1ZXJ5KHtcclxuICAgICAgICAgIHF1ZXJ5OiBUcHNLZXlzUXVlcnksXHJcbiAgICAgICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICAgICAgaWRzOiB0cElkcyxcclxuICAgICAgICAgIH0sXHJcbiAgICAgICAgfSlcclxuICAgICAgKS50cHNcclxuICAgICk7XHJcblxyXG4gICAgLy8gQXV0byBmaWxsIHRoZSB1cGRhdGVTdWJBc3NlbWJsaWVzIHdpdGggZXhpc3Rpbmcgc3ViIGFzc2VtYmxpZXMgaWYgdGhleSBhcmUgbm90XHJcbiAgICAvLyBleHBsaWNpdGx5IGRlbGV0ZWQuXHJcbiAgICBtYXBFZGdlcyhhc3NlbWJseS5zdWJBc3NlbWJsaWVzKS5mb3JFYWNoKChleGlzdGluZykgPT4ge1xyXG4gICAgICAvLyBEZWxldGluZyBleGlzdGluZywgZG9uJ3QgaW5jbHVkZSBpdFxyXG4gICAgICBpZiAoZGVsZXRlU3ViQXNzZW1ibGllc0lucHV0LmluY2x1ZGVzKGV4aXN0aW5nLmlkKSkge1xyXG4gICAgICAgIHJldHVybjtcclxuICAgICAgfVxyXG5cclxuICAgICAgLy8gVXBkYXRlIGFscmVhZHkgc3BlY2lmaWVkIGluIHRoZSBpbnB1dFxyXG4gICAgICBpZiAodXBkYXRlU3ViQXNzZW1ibGllc0lucHV0LnNvbWUoKHNhKSA9PiBzYS5pZCA9PT0gZXhpc3RpbmcuaWQpKSB7XHJcbiAgICAgICAgcmV0dXJuO1xyXG4gICAgICB9XHJcblxyXG4gICAgICBjb25zdCBhcHByb3ZlclRwczogVHBBc3NlbWJseUFwcHJvdmVySW5wdXRbXSA9IG1hcEVkZ2VzKFxyXG4gICAgICAgIGV4aXN0aW5nLmFwcHJvdmVyc1xyXG4gICAgICApLm1hcCgoYXBwcm92ZXIpID0+IHtcclxuICAgICAgICByZXR1cm4ge1xyXG4gICAgICAgICAgdHBJZDogYXBwcm92ZXIudHAuaWQsXHJcbiAgICAgICAgICBzaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uOiBhcHByb3Zlci5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uLFxyXG4gICAgICAgICAgc2hhcmVkQ2lwaGVyQXBwcm92YWxEYXRhQ2xlYXJKc29uOlxyXG4gICAgICAgICAgICBhcHByb3Zlci5zaGFyZWRDaXBoZXJBcHByb3ZhbERhdGFDbGVhckpzb24sXHJcbiAgICAgICAgfTtcclxuICAgICAgfSk7XHJcblxyXG4gICAgICB1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQucHVzaCh7XHJcbiAgICAgICAgaWQ6IGV4aXN0aW5nLmlkLFxyXG4gICAgICAgIHF1b3J1bTogZXhpc3RpbmcucXVvcnVtLFxyXG4gICAgICAgIHNpbmdsZVJlamVjdDogZXhpc3Rpbmcuc2luZ2xlUmVqZWN0LFxyXG4gICAgICAgIGFwcHJvdmVyVHBzLFxyXG4gICAgICAgIHN1YmplY3RDaXBoZXJEYXRhQ2xlYXJKc29uOiBleGlzdGluZy5zdWJqZWN0Q2lwaGVyRGF0YUNsZWFySnNvbixcclxuICAgICAgfSk7XHJcbiAgICB9KTtcclxuXHJcbiAgICAvLyBGaWxsIGluIHdyYXBwaW5nS2V5SWQgaWYgbm90IHByZXNlbnRcclxuICAgIHRoaXMuZmlsbFdyYXBwaW5nS2V5SWQoY3JlYXRlU3ViQXNzZW1ibGllc0lucHV0LCB0cHMpO1xyXG4gICAgdGhpcy5maWxsV3JhcHBpbmdLZXlJZCh1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQsIHRwcyk7XHJcblxyXG4gICAgbGV0IHNsaXBBc3NlbWJseTtcclxuICAgIHRyeSB7XHJcbiAgICAgIHNsaXBBc3NlbWJseSA9IGF3YWl0IHRoaXMucHJlcGFyZVNsaXAzOShcclxuICAgICAgICAoY3JlYXRlU3ViQXNzZW1ibGllc0lucHV0IHx8IFtdKS5jb25jYXQodXBkYXRlU3ViQXNzZW1ibGllc0lucHV0IHx8IFtdKSxcclxuICAgICAgICBpbnB1dC5xdW9ydW0sXHJcbiAgICAgICAgcmF3QXNzZW1ibHlLZXlcclxuICAgICAgKTtcclxuICAgIH0gY2F0Y2ggKGVycm9yKSB7XHJcbiAgICAgIC8vIFRPRE8gdGhpcyBzb21ldGltZXMgaGFwcGVucy4gTWF5YmUgbWlzc2luZyBhd2FpdC5cclxuICAgICAgY29uc29sZS5sb2coJ0Vycm9yIHdoaWxlIGNyZWF0aW5nIHNsaXAgYXNzZW1ibHknLCBlcnJvcik7XHJcbiAgICB9XHJcblxyXG4gICAgY29uc3QgY29tbW9uID0ge1xyXG4gICAgICBhc3NlbWJseUtleVBhcmFtcyxcclxuICAgICAgc3ViamVjdEtleTogc3ViamVjdEtleS5qd2ssXHJcbiAgICB9O1xyXG5cclxuICAgIGNvbnN0IGNyZWF0ZVN1YkFzc2VtYmxpZXMgPSBhd2FpdCB0aGlzLnByZXBhcmVDcmVhdGVTdWJBc3NlbWJsaWVzKHtcclxuICAgICAgLi4uY29tbW9uLFxyXG4gICAgICBpbnB1dDogY3JlYXRlU3ViQXNzZW1ibGllc0lucHV0LFxyXG4gICAgICAvLyBOZWVkIHRvIG1hdGNoIHRoZSBzbGlwIHN1YiBhc3NlbWJsaWVzIHRvIHRoZSBpbnB1dFxyXG4gICAgICBzbGlwU3ViQXNzZW1ibGllczogc2xpcEFzc2VtYmx5LnN1YkFzc2VtYmxpZXMuc2xpY2UoXHJcbiAgICAgICAgMCxcclxuICAgICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQubGVuZ3RoXHJcbiAgICAgICksXHJcbiAgICB9KTtcclxuXHJcbiAgICBjb25zdCB1cGRhdGVTdWJBc3NlbWJsaWVzID0gYXdhaXQgdGhpcy5wcmVwYXJlVXBkYXRlU3ViQXNzZW1ibGllcyh7XHJcbiAgICAgIC4uLmNvbW1vbixcclxuICAgICAgaW5wdXQ6IHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dCxcclxuICAgICAgLy8gQWRkIGFuIG9mZnNldCB0byB0aGUgc3ViIGFzc2VtYmxpZXMgdG8gc2tpcCB0aGUgb25lIHRoYXQgYXJlIGNyZWF0ZWQuXHJcbiAgICAgIHNsaXBTdWJBc3NlbWJsaWVzOiBzbGlwQXNzZW1ibHkuc3ViQXNzZW1ibGllcy5zbGljZShcclxuICAgICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQubGVuZ3RoXHJcbiAgICAgICksXHJcbiAgICAgIHN1YkFzc2VtYmxpZXM6IGFzc2VtYmx5LnN1YkFzc2VtYmxpZXMsXHJcbiAgICB9KTtcclxuXHJcbiAgICByZXR1cm4ge1xyXG4gICAgICBhc3NlbWJseUtleSxcclxuICAgICAgbXV0YXRpb25JbnB1dDoge1xyXG4gICAgICAgIC4uLmFzc2VtYmx5SW5wdXQsXHJcbiAgICAgICAgc2luZ2xlUmVqZWN0OiBpbnB1dC5zaW5nbGVSZWplY3QsXHJcbiAgICAgICAgcXVvcnVtOiBpbnB1dC5xdW9ydW0sXHJcbiAgICAgICAgc3ViamVjdENpcGhlckRhdGE6ICcnLCAvLyBUT0RPIG1ha2UgdGhpcyBhIHBhcmFtZXRlclxyXG4gICAgICAgIHN1YmplY3RLZXlJZDogc3ViamVjdEtleS5pZCxcclxuICAgICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzLFxyXG4gICAgICAgIHVwZGF0ZVN1YkFzc2VtYmxpZXMsXHJcbiAgICAgIH0sXHJcbiAgICB9O1xyXG4gIH1cclxuXHJcbiAgcHJpdmF0ZSBhc3luYyBwcmVwYXJlQXBwcm92ZXIoe1xyXG4gICAgYXBwcm92ZXJJZCxcclxuICAgIHRwLFxyXG4gICAgYXBwcm92ZXJJbmRleCxcclxuICAgIHNsaXBTdWJBc3NlbWJseSxcclxuICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxyXG4gICAgc3ViamVjdEtleSxcclxuICB9OiB7XHJcbiAgICBhcHByb3ZlcklkPzogc3RyaW5nOyAvLyBHaXZlbiBpZiB1cGRhdGluZyBleGlzdGluZyBhcHByb3ZlclxyXG4gICAgdHA6IFRwQXNzZW1ibHlBcHByb3ZlcklucHV0O1xyXG4gICAgYXBwcm92ZXJJbmRleDogbnVtYmVyO1xyXG4gICAgc2xpcFN1YkFzc2VtYmx5OiBzbGlwLlN1YkFzc2VtYmx5O1xyXG4gICAgYXNzZW1ibHlLZXlQYXJhbXM6IG9iamVjdDtcclxuICAgIHN1YmplY3RLZXk6IEpXSy5LZXk7XHJcbiAgfSkge1xyXG4gICAgY29uc3QgdHBXcmFwcGluZ0tleSA9IGF3YWl0IHRoaXMucHJlcGFyZVRwV3JhcHBpbmdLZXkodHApO1xyXG4gICAgLy8gc2hhcmVkIGtleSBpcyByb3RhdGVkIGV2ZXJ5IHRpbWUuXHJcbiAgICBjb25zdCBzaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XHJcblxyXG4gICAgLy8gRm9yIFRQIHRvIGFjY2VzcyBzaGFyZWRfa2V5XHJcbiAgICBjb25zdCB0cFdyYXBwZWRTaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgdHBXcmFwcGluZ0tleS5qd2ssXHJcbiAgICAgIHNoYXJlZEtleS50b0pTT04odHJ1ZSlcclxuICAgICk7XHJcbiAgICAvLyBGb3Igc3ViamVjdCB0byBhY2Nlc3Mgc2hhcmVkX2tleVxyXG4gICAgY29uc3Qgc3ViamVjdEtleVdyYXBwZWRTaGFyZWRLZXkgPVxyXG4gICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgICBzdWJqZWN0S2V5LFxyXG4gICAgICAgIHNoYXJlZEtleS50b0pTT04odHJ1ZSlcclxuICAgICAgKTtcclxuXHJcbiAgICAvLyBJZiBxdW9ydW0gaXMgMSwgdGhlbiB1c2luZyB0aGUgc2FtZSBzaGFyZSBmb3IgZXZlcnkgbWVtYmVyLlxyXG4gICAgY29uc3Qgc2hhcmUgPVxyXG4gICAgICBzbGlwU3ViQXNzZW1ibHkudGhyZXNob2xkID09PSAxXHJcbiAgICAgICAgPyBzbGlwU3ViQXNzZW1ibHkuc2hhcmVzWzBdXHJcbiAgICAgICAgOiBzbGlwU3ViQXNzZW1ibHkuc2hhcmVzW2FwcHJvdmVySW5kZXhdO1xyXG5cclxuICAgIGNvbnN0IHBhcnRpYWxBc3NlbWJseUtleTogUGFydGlhbEFzc2VtYmx5S2V5ID0ge1xyXG4gICAgICBzbGlwMzk6IHtcclxuICAgICAgICBzaGFyZSxcclxuICAgICAgICBzdWJBc3NlbWJseToge1xyXG4gICAgICAgICAgcXVvcnVtOiBzbGlwU3ViQXNzZW1ibHkudGhyZXNob2xkLFxyXG4gICAgICAgICAgc2l6ZTogc2xpcFN1YkFzc2VtYmx5LnNpemUsXHJcbiAgICAgICAgfSxcclxuICAgICAgfSxcclxuICAgICAgYXNzZW1ibHlLZXlQYXJhbXMsXHJcbiAgICB9O1xyXG5cclxuICAgIGNvbnNvbGUubG9nKCdwYXJ0aWFsQXNzZW1ibHlLZXknLCBwYXJ0aWFsQXNzZW1ibHlLZXkpO1xyXG5cclxuICAgIGNvbnN0IHNoYXJlZENpcGhlckRhdGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgc2hhcmVkS2V5LFxyXG4gICAgICB0cC5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uIHx8ICcnXHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IHNoYXJlZENpcGhlckFwcHJvdmFsRGF0YSA9XHJcbiAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdFRvU3RyaW5nKFxyXG4gICAgICAgIHNoYXJlZEtleSxcclxuICAgICAgICB0cC5zaGFyZWRDaXBoZXJBcHByb3ZhbERhdGFDbGVhckpzb24gfHwgJydcclxuICAgICAgKTtcclxuXHJcbiAgICBjb25zdCBzaGFyZWRDaXBoZXJQYXJ0aWFsQXNzZW1ibHlLZXkgPVxyXG4gICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgICBzaGFyZWRLZXksXHJcbiAgICAgICAgcGFydGlhbEFzc2VtYmx5S2V5XHJcbiAgICAgICk7XHJcblxyXG4gICAgcmV0dXJuIHtcclxuICAgICAgdHBXcmFwcGluZ0tleUlkOiB0cFdyYXBwaW5nS2V5LmlkLFxyXG4gICAgICB0cFdyYXBwZWRTaGFyZWRLZXksXHJcbiAgICAgIHN1YmplY3RLZXlXcmFwcGVkU2hhcmVkS2V5LFxyXG4gICAgICBzaGFyZWRDaXBoZXJEYXRhLFxyXG4gICAgICBzaGFyZWRDaXBoZXJBcHByb3ZhbERhdGEsXHJcbiAgICAgIHNoYXJlZENpcGhlclBhcnRpYWxBc3NlbWJseUtleSxcclxuICAgICAgYXBwcm92ZXJJZDogYXBwcm92ZXJJZCB8fCB2b2lkIDAsIC8vIElmIGV4aXN0aW5nIGFwcHJvdmVyXHJcbiAgICAgIHRwSWQ6IGFwcHJvdmVySWQgPyB2b2lkIDAgOiB0cC50cElkLCAvLyBlbHNlIGFkZGluZyBuZXcgVFBcclxuICAgIH07XHJcbiAgfVxyXG5cclxuICB2YWxpZGF0ZUFwcHJvdmVycyhhcHByb3ZlcnM6IFRwTm9kZVtdKTogdm9pZCB7XHJcbiAgICAvLyBFbnN1cmUgYWxsIGFwcHJvdmVycyBoYXZlIG1rU2hhcmVkS2V5LlxyXG4gICAgZm9yIChjb25zdCB0cCBvZiBhcHByb3ZlcnMpIHtcclxuICAgICAgaWYgKCF0cC5jdXJyZW50VXNlclNoYXJlZEtleS51c2VyU2hhcmVkS2V5Lm1rU2hhcmVkS2V5KSB7XHJcbiAgICAgICAgY29uc3QgbXNnID0gYHRwICR7dHAub3RoZXIudXNlcm5hbWV9IGRvZXMgbm90IGhhdmUgbWtTaGFyZWRLZXlgO1xyXG4gICAgICAgIGNvbnNvbGUubG9nKG1zZyk7XHJcbiAgICAgICAgdGhyb3cgbmV3IExyQmFkQXJndW1lbnRFeGNlcHRpb24obXNnKTtcclxuICAgICAgfVxyXG4gICAgfVxyXG4gIH1cclxuXHJcbiAgLy8gUHJlcGFyZSBzbGlwMzlcclxuICBwcm90ZWN0ZWQgYXN5bmMgcHJlcGFyZVNsaXAzOShcclxuICAgIHN1YkFzc2VtYmxpZXMsXHJcbiAgICBhc3NlbWJseVF1b3J1bTogbnVtYmVyLFxyXG4gICAgcmF3QXNzZW1ibHlLZXk6IHN0cmluZ1xyXG4gICk6IFByb21pc2U8c2xpcC5Bc3NlbWJseT4ge1xyXG4gICAgLy8gSXMgdGhlcmUgZW5vdWdoIHN1YiBhc3NlbWJsaWVzIHRvIG1lZXQgcXVvcnVtXHJcbiAgICBpZiAoc3ViQXNzZW1ibGllcy5sZW5ndGggPCBhc3NlbWJseVF1b3J1bSkge1xyXG4gICAgICB0aHJvdyBuZXcgTHJCYWRBcmd1bWVudEV4Y2VwdGlvbihcclxuICAgICAgICAnTm90IGVub3VnaCBzdWIgYXNzZW1ibGllcyB0byBtZWV0IHF1b3J1bSdcclxuICAgICAgKTtcclxuICAgIH1cclxuXHJcbiAgICBjb25zdCBzbGlwQXNzZW1ibHkgPSBuZXcgc2xpcC5Bc3NlbWJseShhc3NlbWJseVF1b3J1bSk7XHJcblxyXG4gICAgc3ViQXNzZW1ibGllcy5mb3JFYWNoKChzYSwgaW5kZXgpID0+IHtcclxuICAgICAgbGV0IGFwcHJvdmVyQ291bnQgPSBzYS5hcHByb3ZlclRwcy5sZW5ndGg7XHJcblxyXG4gICAgICAvLyBzbGlwMzkgcmVzdHJpY3RzIHF1b3J1bSA9PSAxIHRvIGhhdmUgb25seSAxIG1lbWJlci4gU28gd2UganVzdCBzaGFyZSB0aGUgc2FtZVxyXG4gICAgICAvLyBwYXJ0aWFsIGtleSBmb3IgYWxsIHN1YiBhc3NlbWJseSBtZW1iZXJzLlxyXG4gICAgICBpZiAoc2EucXVvcnVtID09PSAxKSB7XHJcbiAgICAgICAgYXBwcm92ZXJDb3VudCA9IDE7XHJcbiAgICAgIH1cclxuICAgICAgc2xpcEFzc2VtYmx5LmFkZFN1YkFzc2VtYmx5KFxyXG4gICAgICAgIG5ldyBzbGlwLlN1YkFzc2VtYmx5KGluZGV4LCBzYS5xdW9ydW0sIGFwcHJvdmVyQ291bnQpXHJcbiAgICAgICk7XHJcbiAgICB9KTtcclxuXHJcbiAgICBhd2FpdCB0aGlzLnNsaXAzOVNlcnZpY2UuZ2VuZXJhdGVTaGFyZXMoXHJcbiAgICAgIHJhd0Fzc2VtYmx5S2V5LFxyXG4gICAgICB0aGlzLnNsaXAzOVBhc3NwaHJhc2UsXHJcbiAgICAgIHNsaXBBc3NlbWJseVxyXG4gICAgKTtcclxuICAgIHJldHVybiBzbGlwQXNzZW1ibHk7XHJcbiAgfVxyXG59XHJcbiJdfQ==