@lifeready/core 1.0.15 → 1.0.16

package/esm2015/lib/api/key-exchange2.service.js

@@ -1,479 +1,479 @@
-import { __awaiter, __decorate } from "tslib";
-import { Injectable, NgZone } from '@angular/core';
-import { EncryptionService, JoseSerialization, } from '../cryptography/encryption.service';
-import { KeyFactoryService } from '../cryptography/key-factory.service';
-import { KeyGraphService } from '../cryptography/key-graph.service';
-import { KeyService } from '../cryptography/key.service';
-import { LrCodeMismatchException } from '../_common/exceptions';
-import { RunOutsideAngular } from '../_common/run-outside-angular';
-import { UserService } from './../users/user.service';
-import { CancelKeyExchangeMutation, CompleteKeyExchangeOtkMutation, CurrentUserSharedKeyQuery2, DeclineKeyExchangeMutation, InitiateKeyExchangeOtkMutation, KeyExchangeQuery2, KeyExchangesQuery2, KeyExchangeTokenQuery2, RespondKeyExchangeOtkMutation, } from './key-exchange2.gql';
-import { LrGraphQLService, LrMutation } from './lr-graphql';
-import * as i0 from "@angular/core";
-import * as i1 from "../cryptography/key-factory.service";
-import * as i2 from "../cryptography/key.service";
-import * as i3 from "../cryptography/encryption.service";
-import * as i4 from "../users/user.service";
-import * as i5 from "../cryptography/key-graph.service";
-import * as i6 from "./lr-graphql/lr-graphql.service";
-let KeyExchange2Service = class KeyExchange2Service {
-    constructor(ngZone, keyFactory, keyService, encryptionService, userService, keyGraph, lrGraphQL) {
-        this.ngZone = ngZone;
-        this.keyFactory = keyFactory;
-        this.keyService = keyService;
-        this.encryptionService = encryptionService;
-        this.userService = userService;
-        this.keyGraph = keyGraph;
-        this.lrGraphQL = lrGraphQL;
-        this.CLIENT_NONCE_LENGTH = 32;
-    }
-    getOtKey(keyExchange, otKeyK) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (otKeyK) {
-                return yield KeyFactoryService.asKey(Object.assign(Object.assign({}, JSON.parse(keyExchange.otk.otKeyParams)), { k: otKeyK }));
-            }
-            else if (keyExchange.otk.state === 'OTK_INITIATED' &&
-                !keyExchange.isInitiator &&
-                keyExchange.otk.responderPbkCipher) {
-                // Assuming existing user getting invited where OTK is wrapped in responder's public key.
-                const prk = yield this.keyService.getCurrentPxk();
-                const decryptedCipher = yield this.encryptionService.decrypt(prk.jwk, JSON.parse(keyExchange.otk.responderPbkCipher), {
-                    serializations: [JoseSerialization.COMPACT],
-                });
-                if (decryptedCipher.otKey) {
-                    return yield KeyFactoryService.asKey(decryptedCipher.otKey);
-                }
-            }
-            return null;
-        });
-    }
-    decryptOtk(keyExchange, otKeyK) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const otKey = yield this.getOtKey(keyExchange, otKeyK);
-            let otk = keyExchange.otk;
-            if (otKey && otk.otKeyCipher) {
-                otk = Object.assign(Object.assign({}, otk), { otKey, otKeyCipherClearJson: yield this.encryptionService.decrypt(otKey, keyExchange.otk.otKeyCipher) });
-            }
-            return Object.assign(Object.assign({}, keyExchange), { otk });
-        });
-    }
-    decryptResponseCipher(otKey, otPrk, content) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // The response could be wrapped by the OtK in addition to the OtPbk
-            try {
-                content = yield this.encryptionService.decrypt(otKey, content);
-            }
-            catch (error) {
-                if (error.message !== 'no key found') {
-                    throw error;
-                }
-                // Do nothing to support older versions where message is not wrapped with otk.
-            }
-            // The Prk is single-use and only used to send information from the responder back to the initiator.
-            return yield this.encryptionService.decrypt(otPrk, content);
-        });
-    }
-    decryptKeyExchangeAsInitiator(keyExchange) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const rootKey = yield this.keyService.getCurrentRootKey();
-            // Decrypt using the root key to get the Prk
-            const initiatorRootKeyCipherClearJson = (yield this.encryptionService.decrypt(rootKey.jwk, keyExchange.initiatorRootKeyCipher));
-            const otKey = yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.otKey);
-            keyExchange = Object.assign(Object.assign({}, keyExchange), { initiatorRootKeyCipherClearJson });
-            let otk = keyExchange.otk;
-            if (otk.initiatorOneTimePbkCipher) {
-                otk = Object.assign(Object.assign({}, otk), { initiatorOneTimePbkCipherClearJson: yield this.decryptResponseCipher(otKey, yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.oneTimePrk), otk.initiatorOneTimePbkCipher) });
-            }
-            if (otk.otKeyCipher) {
-                otk.otKeyCipherClearJson = yield this.encryptionService.decrypt(otKey, otk.otKeyCipher);
-            }
-            return Object.assign(Object.assign({}, keyExchange), { otk });
-        });
-    }
-    decryptKeyExchangeAsResponder(keyExchange, otKeyK) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.decryptOtk(keyExchange, otKeyK);
-        });
-    }
-    decryptKeyExchange(keyExchange, otKeyK) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (keyExchange.isInitiator) {
-                return this.decryptKeyExchangeAsInitiator(keyExchange);
-            }
-            else {
-                return this.decryptKeyExchangeAsResponder(keyExchange, otKeyK);
-            }
-        });
-    }
-    getKeyExchanges({ state } = {}) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const { keyExchanges } = yield this.lrGraphQL.query({
-                query: KeyExchangesQuery2,
-                variables: {
-                    state,
-                },
-            });
-            return Promise.all(keyExchanges.edges.map((edge) => this.decryptKeyExchange(edge.node)));
-        });
-    }
-    /**
-     * @param id If the current user can responder the key exchange if they are either the initiator or the receiver.
-     * @param token If not signed in, or not the initiator or responder, 'token' must be given.
-     * @param otKeyK Is the raw one-time key (string). If the responder is explicitly specified at time of initiation, then
-     *   it's possible to have the otKey wrapped by the public key of the responder. In which case, the otKeyK is not needed.
-     */
-    getKeyExchange(id, { otKeyK, token } = {}) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const res = yield this.lrGraphQL.query({
-                query: token ? KeyExchangeTokenQuery2 : KeyExchangeQuery2,
-                variables: {
-                    id,
-                    token,
-                },
-                includeKeyGraph: !token,
-            });
-            return this.decryptKeyExchange(res.keyExchange, otKeyK);
-        });
-    }
-    getCurrentUserSharedKey(input) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.lrGraphQL.query({
-                query: CurrentUserSharedKeyQuery2,
-                variables: {
-                    username: input.username,
-                    userId: input.userId,
-                },
-            });
-        });
-    }
-    // TODO: deprecate this
-    cancelKeyExchange(id) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.cancelKeyExchangeMutation(id);
-        });
-    }
-    cancelKeyExchangeMutation(id) {
-        return new LrMutation({
-            mutation: CancelKeyExchangeMutation,
-            variables: {
-                input: {
-                    id,
-                },
-            },
-        });
-    }
-    // TODO: deprecate this
-    declineKeyExchange(id, token) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.declineKeyExchangeMutation(id, token);
-        });
-    }
-    declineKeyExchangeMutation(id, token) {
-        return new LrMutation({
-            mutation: DeclineKeyExchangeMutation,
-            variables: {
-                input: {
-                    id,
-                    token,
-                },
-            },
-        });
-    }
-    initiateOtk({ message, email, contactCard, upgrade, } = {}) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const otKey = yield this.keyFactory.createKey();
-            const nonce = this.keyFactory.randomString(this.CLIENT_NONCE_LENGTH);
-            // New PKC key for encryption. This key is used only once when the responder sends
-            // back their signing public key.
-            const initiatorOneTimePrk = yield this.keyFactory.createPkcKey();
-            // Option 1: New PKC key for signing
-            // const initiatorSigPrk = await this.keyService.createPkcSignKey();
-            // Option 2: Use the user's global signing key.
-            // This key is used to prove the initiator's identity.
-            const initiatorPrk = yield this.keyService.getCurrentPxk();
-            const initiatorSigPrk = yield this.keyService.getCurrentSigPxk();
-            let initiatorPlainDataSig = null;
-            if (contactCard && contactCard.ownerPlainDataJson) {
-                initiatorPlainDataSig = yield this.encryptionService.signToString(initiatorSigPrk.jwk, contactCard.ownerPlainDataJson);
-            }
-            const initiator = {
-                message,
-                contactCard: contactCard && {
-                    sharedCipherDataClearJson: contactCard.sharedCipherDataClearJson,
-                },
-            };
-            // Content to be encrypted using the OTK.
-            const plainOtKeyCipher = {
-                // TODO Make sure we also put the OOB code in here as well since the OOB code is the
-                // _only_ information the KC server does not have access to. The server may have
-                // access to OTK and hence the nonce here. It's good to have both the nonce and OOB code
-                // since the user may not be using the OOB code. And it's simple to always include
-                // the nonce, so why not.
-                nonce,
-                initiator: Object.assign(Object.assign({}, initiator), { oneTimePbk: initiatorOneTimePrk.toJSON(), pbk: initiatorPrk.jwk.toJSON(), sigPbk: initiatorSigPrk.jwk.toJSON() }),
-            };
-            const otKeyCipher = yield this.keyGraph.encryptToString(otKey, plainOtKeyCipher);
-            // Content to be encrypted using the initiator's root key.
-            const initiatorRootKeyCipherClearJson = {
-                nonce,
-                oneTimePrk: initiatorOneTimePrk.toJSON(true),
-                // Should not need to keep this encrypted since we are using the global signing key.
-                // sigPrk: initiatorSigPrk.toJSON(true),
-                // Save it in case the initiator want to decode the otKeyCipher.
-                // Since the otKey is only used once, and that otKeyCipher contains only
-                // the public key of the initiator, it's safe just leave the otKey stored here.
-                otKey: otKey.toJSON(true),
-                // These should be storing information such as how the fields of the shared contact card is
-                // derived from the master contact card.
-                initiatorContactCard: contactCard,
-                initiator,
-            };
-            const rootKey = yield this.keyService.getCurrentRootKey();
-            const initiatorRootKeyCipher = yield this.keyGraph.encryptToString(rootKey.jwk, initiatorRootKeyCipherClearJson);
-            // The raw OTK
-            const otKeyK = otKey.toJSON(true).k;
-            // API call
-            const lrMutation = new LrMutation({
-                mutation: InitiateKeyExchangeOtkMutation,
-                variables: {
-                    input: {
-                        // These will be stored on the server
-                        initiatorRootKeyCipher,
-                        initiatorPxkId: initiatorPrk.id,
-                        initiatorSigPxkId: initiatorSigPrk.id,
-                        // These will be sent to the responder
-                        otKeyParams: JSON.stringify(otKey.toJSON()),
-                        otKeyCipher,
-                        sendEmail: email && {
-                            email,
-                            rawOtKey: otKeyK,
-                        },
-                        createTp: true,
-                        initiatorPlainDataSig,
-                        upgrade,
-                    },
-                },
-            });
-            return { lrMutation, otKeyK };
-        });
-    }
-    respondOtk({ keyExchangeId, token, decryptedOtk, message, initiatorContactCard, responderContactCard, }) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const rootKey = yield this.keyService.getCurrentRootKey();
-            const masterKeyId = this.keyService.getCurrentMasterKey().id;
-            const masterKey = yield this.keyService.getCurrentMasterKey();
-            const sharedKey = yield this.keyFactory.createKey();
-            const mkSharedKey = yield this.keyFactory.createKey();
-            const rkWrappedSharedKey = yield this.encryptionService.encrypt(rootKey.jwk, sharedKey.toJSON(true));
-            const mkWrappedMkSharedKey = yield this.encryptionService.encrypt(masterKey.jwk, mkSharedKey.toJSON(true));
-            const initiatorOneTimePbk = yield KeyFactoryService.asKey(decryptedOtk.otKeyCipherClearJson.initiator.oneTimePbk);
-            const initiatorPbk = yield KeyFactoryService.asKey(decryptedOtk.otKeyCipherClearJson.initiator.pbk);
-            const initiatorSigPbk = yield KeyFactoryService.asKey(decryptedOtk.otKeyCipherClearJson.initiator.sigPbk);
-            // Option 1: Using new Prk for each TP pair
-            // Create a new public signing key for the responder.
-            // const responderSigPrk = await this.keyService.createPkcSignKey()
-            // const rkWrappedResponderSigPrk = await this.encrypt(rootKey, responderSigPrk.toJSON(true));
-            // Option 2: Responder already has a signing Prk
-            const responderPrk = yield this.keyService.getCurrentPxk();
-            const responderSigPrk = yield this.keyService.getCurrentSigPxk();
-            const signedInitiatorPbk = yield this.encryptionService.sign(responderSigPrk.jwk, initiatorPbk.toJSON());
-            const signedInitiatorSigPbk = yield this.encryptionService.sign(responderSigPrk.jwk, initiatorSigPbk.toJSON());
-            const initiatorOneTimePbkCipherClearJson = {
-                nonce: decryptedOtk.otKeyCipherClearJson.nonce,
-                sharedKey: sharedKey.toJSON(true),
-                mkSharedKey: mkSharedKey.toJSON(true),
-                responder: {
-                    pbk: responderPrk.jwk.toJSON(),
-                    sigPbk: responderSigPrk.jwk.toJSON(),
-                    message,
-                },
-            };
-            let receivedCardInput;
-            if (decryptedOtk.otKeyCipherClearJson.initiator.contactCard) {
-                // Set the info about the initiator to be the ones sent by the initiator. We need th responder to do the encryption here
-                // because the initiator does not have the shared key yet, and we want the responder to have a functional contact card after
-                // this exchange. The initiator can double check the contact details are correct and sign it when it completes the exchange.
-                const sharedCipherDataClearJson = decryptedOtk.otKeyCipherClearJson.initiator.contactCard
-                    .sharedCipherDataClearJson;
-                // Create keys
-                const receiverKey = yield this.keyFactory.createKey();
-                const ccSharedKey = yield this.keyFactory.createKey();
-                const sigPxk = yield this.keyService.getCurrentSigPxk();
-                receivedCardInput = {
-                    receiverWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, receiverKey.toJSON(true))),
-                    receiverWrappingKeyId: rootKey.id,
-                    receiverCipherData: initiatorContactCard
-                        ? JSON.stringify(yield this.encryptionService.encrypt(receiverKey, initiatorContactCard.receiverCipherDataClearJson))
-                        : '',
-                    sharedWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(sharedKey, ccSharedKey.toJSON(true))),
-                };
-                const sharedCipherData = yield this.encryptionService.encrypt(ccSharedKey, sharedCipherDataClearJson);
-                receivedCardInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(sigPxk.jwk, sharedCipherData));
-                receivedCardInput.sigPxkId = sigPxk.id;
-                initiatorOneTimePbkCipherClearJson.responder.contactCard = Object.assign(Object.assign({}, initiatorOneTimePbkCipherClearJson.responder.contactCard), { sharedCipherKey: ccSharedKey.toJSON(true) });
-            }
-            let responderCardInput;
-            if (responderContactCard) {
-                // Create keys
-                const ownerKey = yield this.keyFactory.createKey();
-                const ccSharedKey = yield this.keyFactory.createKey();
-                const sigPxk = yield this.keyService.getCurrentSigPxk();
-                responderCardInput = {
-                    ownerWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, ownerKey.toJSON(true))),
-                    ownerWrappingKeyId: rootKey.id,
-                    ownerCipherData: responderContactCard.ownerCipherDataClearJson
-                        ? JSON.stringify(yield this.encryptionService.encrypt(ownerKey, responderContactCard.ownerCipherDataClearJson))
-                        : '',
-                    sharedWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(sharedKey, ccSharedKey.toJSON(true))),
-                };
-                const sharedCipherData = yield this.encryptionService.encrypt(ccSharedKey, responderContactCard.sharedCipherDataClearJson);
-                responderCardInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(sigPxk.jwk, sharedCipherData));
-                responderCardInput.sigPxkId = sigPxk.id;
-                if (responderContactCard.ownerPlainDataJson) {
-                    responderCardInput.ownerPlainDataSig = JSON.stringify(yield this.encryptionService.sign(responderSigPrk.jwk, responderContactCard.ownerPlainDataJson));
-                }
-                // Contact card info readable by the initiator
-                initiatorOneTimePbkCipherClearJson.responder.contactCard = Object.assign(Object.assign({}, initiatorOneTimePbkCipherClearJson.responder.contactCard), { sharedCipherDataClearJson: responderContactCard.sharedCipherDataClearJson });
-            }
-            // Encrypt with one-time public key
-            let initiatorOneTimePbkCipher = yield this.encryptionService.encrypt(initiatorOneTimePbk, initiatorOneTimePbkCipherClearJson);
-            // Encrypt with the otk again to keep use of asymmetric keys to a minimum.
-            initiatorOneTimePbkCipher = yield this.encryptionService.encrypt(decryptedOtk.otKey, initiatorOneTimePbkCipher);
-            return new LrMutation({
-                mutation: RespondKeyExchangeOtkMutation,
-                variables: {
-                    input: {
-                        keyExchangeId,
-                        keyExchangeToken: token,
-                        rootKeyId: rootKey.id,
-                        masterKeyId,
-                        // These will be stored on the server
-                        responderPxkId: responderPrk.id,
-                        responderSigPxkId: responderSigPrk.id,
-                        signedInitiatorPbk: JSON.stringify(signedInitiatorPbk),
-                        signedInitiatorSigPbk: JSON.stringify(signedInitiatorSigPbk),
-                        // rkWrappedInitiatorSigPbk: JSON.stringify(rkWrappedInitiatorSigPbk),
-                        // Option 1: Using new Prk for each TP pair
-                        // rkWrappedResponderSigPrk: JSON.stringify(rkWrappedResponderSigPrk),
-                        rkWrappedSharedKey: JSON.stringify(rkWrappedSharedKey),
-                        mkWrappedMkSharedKey: JSON.stringify(mkWrappedMkSharedKey),
-                        // These will be sent to the initiator
-                        initiatorOneTimePbkCipher: JSON.stringify(initiatorOneTimePbkCipher),
-                        initiatorContactCard: receivedCardInput,
-                        responderContactCard: responderCardInput,
-                    },
-                },
-            });
-        });
-    }
-    completeOtk({ keyExchangeId, initiatorRootKeyCipher, initiatorOneTimePbkCipher, responderContactCard, initiatorContactCard, }) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const rootKey = yield this.keyService.getCurrentRootKey();
-            const masterKey = yield this.keyService.getCurrentMasterKey();
-            // Decrypt using the root key to get the Prk
-            const initiatorRootKeyCipherClearJson = (yield this.encryptionService.decrypt(rootKey.jwk, initiatorRootKeyCipher));
-            // The Prk is single-use and only used to send information from the responder back to the initiator.
-            const plainInitiatorOneTimePbkCipher = yield this.decryptResponseCipher(yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.otKey), yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.oneTimePrk), initiatorOneTimePbkCipher);
-            // Check the nonce match to ensure the responder was the one holding the OTK
-            if (initiatorRootKeyCipherClearJson.nonce !==
-                plainInitiatorOneTimePbkCipher.nonce) {
-                throw new LrCodeMismatchException('The nonce returned by responder does not match with the one created by the initiator.');
-            }
-            // Option 1: Assuming the signing key is unique between users.
-            // const initiatorSigPrk = await KFS.asKey(ke.plainInitiatorRootKeyCipher.sigPrk);
-            // const rkWrappedInitiatorSigPrk = await this.encrypt(rootKey, initiatorSigPrk.toJSON(true));
-            // Option 2: Use the user's global signing key.
-            // In this case the initiatorSigPrk is already a part of the key graph.
-            // So there's nothing to do here.
-            // Protected the signing public key of the responder.
-            const initiatorSigPrk = yield this.keyService.getCurrentSigPxk();
-            const responderSigPbk = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.responder.sigPbk);
-            const responderPbk = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.responder.pbk);
-            const signedResponderPbk = yield this.encryptionService.sign(initiatorSigPrk.jwk, responderPbk.toJSON());
-            const signedResponderSigPbk = yield this.encryptionService.sign(initiatorSigPrk.jwk, responderSigPbk.toJSON());
-            const sharedKey = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.sharedKey);
-            const rkWrappedSharedKey = yield this.encryptionService.encrypt(rootKey.jwk, sharedKey.toJSON(true));
-            const mkSharedKey = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.mkSharedKey);
-            const mkWrappedMkSharedKey = yield this.encryptionService.encrypt(masterKey.jwk, mkSharedKey.toJSON(true));
-            let responderContactCardCipherInput;
-            if (responderContactCard) {
-                // Create key
-                const receiverKey = yield this.keyFactory.createKey();
-                responderContactCardCipherInput = {
-                    receiverWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, receiverKey.toJSON(true))),
-                    receiverWrappingKeyId: rootKey.id,
-                    receiverCipherData: JSON.stringify(yield this.encryptionService.encrypt(receiverKey, responderContactCard.receiverCipherDataClearJson)),
-                };
-            }
-            // Get the data needed from the initiator's cipher data.
-            let initiatorContactCardCipherInput;
-            let initiatorContactCardSharedCipherInput;
-            if (initiatorRootKeyCipherClearJson.initiatorContactCard) {
-                // The initiatorContactCard created during the creation of the invite and encrypted using the initiator's
-                // root key
-                const initiatorContactCardFromInit = initiatorRootKeyCipherClearJson.initiatorContactCard;
-                const ownerKey = yield this.keyFactory.createKey();
-                const sharedCipherKey = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.responder.contactCard.sharedCipherKey);
-                const ownerWrappedKey = JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, ownerKey.toJSON(true)));
-                // Allow the initiatorContactCard parameter to override
-                const ownerCipherDataClearJson = (initiatorContactCard === null || initiatorContactCard === void 0 ? void 0 : initiatorContactCard.ownerCipherDataClearJson) ||
-                    initiatorContactCardFromInit.ownerCipherDataClearJson;
-                const ownerCipherData = ownerCipherDataClearJson
-                    ? yield this.keyGraph.encryptToString(ownerKey, ownerCipherDataClearJson)
-                    : '';
-                initiatorContactCardCipherInput = {
-                    ownerWrappedKey,
-                    ownerWrappingKeyId: rootKey.id,
-                    ownerCipherData,
-                };
-                initiatorContactCardSharedCipherInput = {
-                    sigPxkId: initiatorSigPrk.id,
-                };
-                const sharedCipherData = yield this.encryptionService.encrypt(sharedCipherKey, initiatorContactCardFromInit.sharedCipherDataClearJson);
-                initiatorContactCardSharedCipherInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(initiatorSigPrk.jwk, sharedCipherData));
-            }
-            // TODO ideally we update the shared data in the contact card sent to the responder as well since that
-            // CC was created by the responder.
-            return new LrMutation({
-                mutation: CompleteKeyExchangeOtkMutation,
-                variables: {
-                    input: {
-                        keyExchangeId,
-                        rootKeyId: rootKey.id,
-                        masterKeyId: masterKey.id,
-                        initiatorSigPxkId: initiatorSigPrk.id,
-                        signedResponderPbk: JSON.stringify(signedResponderPbk),
-                        signedResponderSigPbk: JSON.stringify(signedResponderSigPbk),
-                        rkWrappedSharedKey: JSON.stringify(rkWrappedSharedKey),
-                        mkWrappedMkSharedKey: JSON.stringify(mkWrappedMkSharedKey),
-                        responderContactCardCipher: responderContactCardCipherInput,
-                        initiatorContactCardCipher: initiatorContactCardCipherInput,
-                        initiatorContactCardSharedCipher: initiatorContactCardSharedCipherInput,
-                    },
-                },
-            });
-        });
-    }
-};
-KeyExchange2Service.ɵprov = i0.ɵɵdefineInjectable({ factory: function KeyExchange2Service_Factory() { return new KeyExchange2Service(i0.ɵɵinject(i0.NgZone), i0.ɵɵinject(i1.KeyFactoryService), i0.ɵɵinject(i2.KeyService), i0.ɵɵinject(i3.EncryptionService), i0.ɵɵinject(i4.UserService), i0.ɵɵinject(i5.KeyGraphService), i0.ɵɵinject(i6.LrGraphQLService)); }, token: KeyExchange2Service, providedIn: "root" });
-KeyExchange2Service.decorators = [
-    { type: Injectable, args: [{
-                providedIn: 'root',
-            },] }
-];
-KeyExchange2Service.ctorParameters = () => [
-    { type: NgZone },
-    { type: KeyFactoryService },
-    { type: KeyService },
-    { type: EncryptionService },
-    { type: UserService },
-    { type: KeyGraphService },
-    { type: LrGraphQLService }
-];
-KeyExchange2Service = __decorate([
-    RunOutsideAngular({
-        ngZoneName: 'ngZone',
-    })
-], KeyExchange2Service);
-export { KeyExchange2Service };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LWV4Y2hhbmdlMi5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IkM6L1Byb2plY3RzL2tjLWNsaWVudC9wcm9qZWN0cy9jb3JlL3NyYy8iLCJzb3VyY2VzIjpbImxpYi9hcGkva2V5LWV4Y2hhbmdlMi5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUVuRCxPQUFPLEVBQ0wsaUJBQWlCLEVBQ2pCLGlCQUFpQixHQUNsQixNQUFNLG9DQUFvQyxDQUFDO0FBQzVDLE9BQU8sRUFBRSxpQkFBaUIsRUFBRSxNQUFNLHFDQUFxQyxDQUFDO0FBQ3hFLE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSxtQ0FBbUMsQ0FBQztBQUNwRSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sNkJBQTZCLENBQUM7QUFDekQsT0FBTyxFQUFFLHVCQUF1QixFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFDaEUsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sZ0NBQWdDLENBQUM7QUFDbkUsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBRXRELE9BQU8sRUFDTCx5QkFBeUIsRUFDekIsOEJBQThCLEVBQzlCLDBCQUEwQixFQUMxQiwwQkFBMEIsRUFDMUIsOEJBQThCLEVBRTlCLGlCQUFpQixFQUNqQixrQkFBa0IsRUFFbEIsc0JBQXNCLEVBQ3RCLDZCQUE2QixHQUM5QixNQUFNLHFCQUFxQixDQUFDO0FBQzdCLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxVQUFVLEVBQUUsTUFBTSxjQUFjLENBQUM7Ozs7Ozs7O0lBNkgvQyxtQkFBbUIsU0FBbkIsbUJBQW1CO0lBRzlCLFlBQ1UsTUFBYyxFQUNkLFVBQTZCLEVBQzdCLFVBQXNCLEVBQ3RCLGlCQUFvQyxFQUNwQyxXQUF3QixFQUN4QixRQUF5QixFQUN6QixTQUEyQjtRQU4zQixXQUFNLEdBQU4sTUFBTSxDQUFRO1FBQ2QsZUFBVSxHQUFWLFVBQVUsQ0FBbUI7UUFDN0IsZUFBVSxHQUFWLFVBQVUsQ0FBWTtRQUN0QixzQkFBaUIsR0FBakIsaUJBQWlCLENBQW1CO1FBQ3BDLGdCQUFXLEdBQVgsV0FBVyxDQUFhO1FBQ3hCLGFBQVEsR0FBUixRQUFRLENBQWlCO1FBQ3pCLGNBQVMsR0FBVCxTQUFTLENBQWtCO1FBVHBCLHdCQUFtQixHQUFHLEVBQUUsQ0FBQztJQVV2QyxDQUFDO0lBRVUsUUFBUSxDQUNwQixXQUFnQyxFQUNoQyxNQUFlOztZQUVmLElBQUksTUFBTSxFQUFFO2dCQUNWLE9BQU8sTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLGlDQUMvQixJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsV0FBVyxDQUFDLEtBQzFDLENBQUMsRUFBRSxNQUFNLElBQ1QsQ0FBQzthQUNKO2lCQUFNLElBQ0wsV0FBVyxDQUFDLEdBQUcsQ0FBQyxLQUFLLEtBQUssZUFBZTtnQkFDekMsQ0FBQyxXQUFXLENBQUMsV0FBVztnQkFDeEIsV0FBVyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsRUFDbEM7Z0JBQ0EseUZBQXlGO2dCQUN6RixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBQ2xELE1BQU0sZUFBZSxHQUFRLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDL0QsR0FBRyxDQUFDLEdBQUcsRUFDUCxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsa0JBQWtCLENBQUMsRUFDOUM7b0JBQ0UsY0FBYyxFQUFFLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDO2lCQUM1QyxDQUNGLENBQUM7Z0JBQ0YsSUFBSSxlQUFlLENBQUMsS0FBSyxFQUFFO29CQUN6QixPQUFPLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxLQUFLLENBQUMsQ0FBQztpQkFDN0Q7YUFDRjtZQUNELE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztLQUFBO0lBRWEsVUFBVSxDQUN0QixXQUFnQyxFQUNoQyxNQUFlOztZQUVmLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLEVBQUUsTUFBTSxDQUFDLENBQUM7WUFFdkQsSUFBSSxHQUFHLEdBQUcsV0FBVyxDQUFDLEdBQUcsQ0FBQztZQUUxQixJQUFJLEtBQUssSUFBSSxHQUFHLENBQUMsV0FBVyxFQUFFO2dCQUM1QixHQUFHLG1DQUNFLEdBQUcsS0FDTixLQUFLLEVBQ0wsb0JBQW9CLEVBQUUsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUN4RCxLQUFLLEVBQ0wsV0FBVyxDQUFDLEdBQUcsQ0FBQyxXQUFXLENBQzVCLEdBQ0YsQ0FBQzthQUNIO1lBRUQsdUNBQ0ssV0FBVyxLQUNkLEdBQUcsSUFDSDtRQUNKLENBQUM7S0FBQTtJQUVhLHFCQUFxQixDQUNqQyxLQUFjLEVBQ2QsS0FBYyxFQUNkLE9BQVk7O1lBRVosb0VBQW9FO1lBQ3BFLElBQUk7Z0JBQ0YsT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsT0FBTyxDQUFDLENBQUM7YUFDaEU7WUFBQyxPQUFPLEtBQUssRUFBRTtnQkFDZCxJQUFJLEtBQUssQ0FBQyxPQUFPLEtBQUssY0FBYyxFQUFFO29CQUNwQyxNQUFNLEtBQUssQ0FBQztpQkFDYjtnQkFDRCw4RUFBOEU7YUFDL0U7WUFFRCxvR0FBb0c7WUFDcEcsT0FBTyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsS0FBSyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQzlELENBQUM7S0FBQTtJQUVhLDZCQUE2QixDQUN6QyxXQUFnQzs7WUFFaEMsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFFMUQsNENBQTRDO1lBQzVDLE1BQU0sK0JBQStCLEdBQUcsQ0FBQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNFLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsV0FBVyxDQUFDLHNCQUFzQixDQUNuQyxDQUFxQyxDQUFDO1lBRXZDLE1BQU0sS0FBSyxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUN6QywrQkFBK0IsQ0FBQyxLQUFLLENBQ3RDLENBQUM7WUFFRixXQUFXLG1DQUNOLFdBQVcsS0FDZCwrQkFBK0IsR0FDaEMsQ0FBQztZQUVGLElBQUksR0FBRyxHQUFHLFdBQVcsQ0FBQyxHQUFHLENBQUM7WUFFMUIsSUFBSSxHQUFHLENBQUMseUJBQXlCLEVBQUU7Z0JBQ2pDLEdBQUcsbUNBQ0UsR0FBRyxLQUNOLGtDQUFrQyxFQUFFLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUNsRSxLQUFLLEVBQ0wsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQzNCLCtCQUErQixDQUFDLFVBQVUsQ0FDM0MsRUFDRCxHQUFHLENBQUMseUJBQXlCLENBQzlCLEdBQ0YsQ0FBQzthQUNIO1lBRUQsSUFBSSxHQUFHLENBQUMsV0FBVyxFQUFFO2dCQUNuQixHQUFHLENBQUMsb0JBQW9CLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUM3RCxLQUFLLEVBQ0wsR0FBRyxDQUFDLFdBQVcsQ0FDaEIsQ0FBQzthQUNIO1lBRUQsdUNBQ0ssV0FBVyxLQUNkLEdBQUcsSUFDSDtRQUNKLENBQUM7S0FBQTtJQUVhLDZCQUE2QixDQUN6QyxXQUFnQyxFQUNoQyxNQUFlOztZQUVmLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQyxXQUFXLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDOUMsQ0FBQztLQUFBO0lBRUssa0JBQWtCLENBQUMsV0FBZ0MsRUFBRSxNQUFlOztZQUN4RSxJQUFJLFdBQVcsQ0FBQyxXQUFXLEVBQUU7Z0JBQzNCLE9BQU8sSUFBSSxDQUFDLDZCQUE2QixDQUFDLFdBQVcsQ0FBQyxDQUFDO2FBQ3hEO2lCQUFNO2dCQUNMLE9BQU8sSUFBSSxDQUFDLDZCQUE2QixDQUFDLFdBQVcsRUFBRSxNQUFNLENBQUMsQ0FBQzthQUNoRTtRQUNILENBQUM7S0FBQTtJQUVLLGVBQWUsQ0FBQyxFQUFFLEtBQUssS0FBb0MsRUFBRTs7WUFDakUsTUFBTSxFQUFFLFlBQVksRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQ2xELEtBQUssRUFBRSxrQkFBa0I7Z0JBQ3pCLFNBQVMsRUFBRTtvQkFDVCxLQUFLO2lCQUNOO2FBQ0YsQ0FBQyxDQUFDO1lBRUgsT0FBTyxPQUFPLENBQUMsR0FBRyxDQUNoQixZQUFZLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUNyRSxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRUQ7Ozs7O09BS0c7SUFDRyxjQUFjLENBQ2xCLEVBQVUsRUFDVixFQUFFLE1BQU0sRUFBRSxLQUFLLEtBQTZCLEVBQUU7O1lBRTlDLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQ3JDLEtBQUssRUFBRSxLQUFLLENBQUMsQ0FBQyxDQUFDLHNCQUFzQixDQUFDLENBQUMsQ0FBQyxpQkFBaUI7Z0JBQ3pELFNBQVMsRUFBRTtvQkFDVCxFQUFFO29CQUNGLEtBQUs7aUJBQ047Z0JBQ0QsZUFBZSxFQUFFLENBQUMsS0FBSzthQUN4QixDQUFDLENBQUM7WUFDSCxPQUFPLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsV0FBVyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBQzFELENBQUM7S0FBQTtJQUVZLHVCQUF1QixDQUFDLEtBR3BDOztZQUNDLE9BQU8sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQzFCLEtBQUssRUFBRSwwQkFBMEI7Z0JBQ2pDLFNBQVMsRUFBRTtvQkFDVCxRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7b0JBQ3hCLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTtpQkFDckI7YUFDRixDQUFDLENBQUM7UUFDTCxDQUFDO0tBQUE7SUFFRCx1QkFBdUI7SUFDakIsaUJBQWlCLENBQUMsRUFBVTs7WUFDaEMsT0FBTyxJQUFJLENBQUMseUJBQXlCLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDNUMsQ0FBQztLQUFBO0lBRUQseUJBQXlCLENBQUMsRUFBVTtRQUNsQyxPQUFPLElBQUksVUFBVSxDQUFDO1lBQ3BCLFFBQVEsRUFBRSx5QkFBeUI7WUFDbkMsU0FBUyxFQUFFO2dCQUNULEtBQUssRUFBRTtvQkFDTCxFQUFFO2lCQUNIO2FBQ0Y7U0FDRixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsdUJBQXVCO0lBQ2pCLGtCQUFrQixDQUFDLEVBQVUsRUFBRSxLQUFhOztZQUNoRCxPQUFPLElBQUksQ0FBQywwQkFBMEIsQ0FBQyxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDcEQsQ0FBQztLQUFBO0lBRUQsMEJBQTBCLENBQUMsRUFBVSxFQUFFLEtBQWE7UUFDbEQsT0FBTyxJQUFJLFVBQVUsQ0FBQztZQUNwQixRQUFRLEVBQUUsMEJBQTBCO1lBQ3BDLFNBQVMsRUFBRTtnQkFDVCxLQUFLLEVBQUU7b0JBQ0wsRUFBRTtvQkFDRixLQUFLO2lCQUNOO2FBQ0Y7U0FDRixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUssV0FBVyxDQUFDLEVBQ2hCLE9BQU8sRUFDUCxLQUFLLEVBQ0wsV0FBVyxFQUNYLE9BQU8sTUFDYyxFQUFFOztZQUN2QixNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDaEQsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUM7WUFFckUsa0ZBQWtGO1lBQ2xGLGlDQUFpQztZQUNqQyxNQUFNLG1CQUFtQixHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUVqRSxvQ0FBb0M7WUFDcEMsb0VBQW9FO1lBRXBFLCtDQUErQztZQUMvQyxzREFBc0Q7WUFDdEQsTUFBTSxZQUFZLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQzNELE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBRWpFLElBQUkscUJBQXFCLEdBQVcsSUFBSSxDQUFDO1lBRXpDLElBQUksV0FBVyxJQUFJLFdBQVcsQ0FBQyxrQkFBa0IsRUFBRTtnQkFDakQscUJBQXFCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsWUFBWSxDQUMvRCxlQUFlLENBQUMsR0FBRyxFQUNuQixXQUFXLENBQUMsa0JBQWtCLENBQy9CLENBQUM7YUFDSDtZQUVELE1BQU0sU0FBUyxHQUFHO2dCQUNoQixPQUFPO2dCQUNQLFdBQVcsRUFBRSxXQUFXLElBQUk7b0JBQzFCLHlCQUF5QixFQUFFLFdBQVcsQ0FBQyx5QkFBeUI7aUJBQ2pFO2FBQ0YsQ0FBQztZQUVGLHlDQUF5QztZQUN6QyxNQUFNLGdCQUFnQixHQUEwQjtnQkFDOUMsb0ZBQW9GO2dCQUNwRixnRkFBZ0Y7Z0JBQ2hGLHdGQUF3RjtnQkFDeEYsa0ZBQWtGO2dCQUNsRix5QkFBeUI7Z0JBQ3pCLEtBQUs7Z0JBQ0wsU0FBUyxrQ0FDSixTQUFTLEtBQ1osVUFBVSxFQUFFLG1CQUFtQixDQUFDLE1BQU0sRUFBRSxFQUN4QyxHQUFHLEVBQUUsWUFBWSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsRUFDOUIsTUFBTSxFQUFFLGVBQWUsQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLEdBQ3JDO2FBQ0YsQ0FBQztZQUVGLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxlQUFlLENBQ3JELEtBQUssRUFDTCxnQkFBZ0IsQ0FDakIsQ0FBQztZQUVGLDBEQUEwRDtZQUMxRCxNQUFNLCtCQUErQixHQUFxQztnQkFDeEUsS0FBSztnQkFDTCxVQUFVLEVBQUUsbUJBQW1CLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQztnQkFDNUMsb0ZBQW9GO2dCQUNwRix3Q0FBd0M7Z0JBRXhDLGdFQUFnRTtnQkFDaEUsd0VBQXdFO2dCQUN4RSwrRUFBK0U7Z0JBQy9FLEtBQUssRUFBRSxLQUFLLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQztnQkFDekIsMkZBQTJGO2dCQUMzRix3Q0FBd0M7Z0JBQ3hDLG9CQUFvQixFQUFFLFdBQVc7Z0JBQ2pDLFNBQVM7YUFDVixDQUFDO1lBRUYsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDMUQsTUFBTSxzQkFBc0IsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsZUFBZSxDQUNoRSxPQUFPLENBQUMsR0FBRyxFQUNYLCtCQUErQixDQUNoQyxDQUFDO1lBRUYsY0FBYztZQUNkLE1BQU0sTUFBTSxHQUFZLEtBQUssQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFTLENBQUMsQ0FBQyxDQUFDO1lBRXJELFdBQVc7WUFDWCxNQUFNLFVBQVUsR0FBRyxJQUFJLFVBQVUsQ0FBQztnQkFDaEMsUUFBUSxFQUFFLDhCQUE4QjtnQkFDeEMsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxxQ0FBcUM7d0JBQ3JDLHNCQUFzQjt3QkFDdEIsY0FBYyxFQUFFLFlBQVksQ0FBQyxFQUFFO3dCQUMvQixpQkFBaUIsRUFBRSxlQUFlLENBQUMsRUFBRTt3QkFDckMsc0NBQXNDO3dCQUN0QyxXQUFXLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsTUFBTSxFQUFFLENBQUM7d0JBQzNDLFdBQVc7d0JBQ1gsU0FBUyxFQUFFLEtBQUssSUFBSTs0QkFDbEIsS0FBSzs0QkFDTCxRQUFRLEVBQUUsTUFBTTt5QkFDakI7d0JBQ0QsUUFBUSxFQUFFLElBQUk7d0JBQ2QscUJBQXFCO3dCQUNyQixPQUFPO3FCQUNSO2lCQUNGO2FBQ0YsQ0FBQyxDQUFDO1lBRUgsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsQ0FBQztRQUNoQyxDQUFDO0tBQUE7SUFFSyxVQUFVLENBQUMsRUFDZixhQUFhLEVBQ2IsS0FBSyxFQUNMLFlBQVksRUFDWixPQUFPLEVBQ1Asb0JBQW9CLEVBQ3BCLG9CQUFvQixHQUNIOztZQUNqQixNQUFNLE9BQU8sR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztZQUUxRCxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUMsRUFBRSxDQUFDO1lBQzdELE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO1lBRTlELE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUNwRCxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7WUFFdEQsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzdELE9BQU8sQ0FBQyxHQUFHLEVBQ1gsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDdkIsQ0FBQztZQUNGLE1BQU0sb0JBQW9CLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMvRCxTQUFTLENBQUMsR0FBRyxFQUNiLFdBQVcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ3pCLENBQUM7WUFFRixNQUFNLG1CQUFtQixHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUN2RCxZQUFZLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FDdkQsQ0FBQztZQUVGLE1BQU0sWUFBWSxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUNoRCxZQUFZLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FDaEQsQ0FBQztZQUNGLE1BQU0sZUFBZSxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUNuRCxZQUFZLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FDbkQsQ0FBQztZQUVGLDJDQUEyQztZQUMzQyxxREFBcUQ7WUFDckQsbUVBQW1FO1lBQ25FLDhGQUE4RjtZQUU5RixnREFBZ0Q7WUFDaEQsTUFBTSxZQUFZLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQzNELE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBRWpFLE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUMxRCxlQUFlLENBQUMsR0FBRyxFQUNuQixZQUFZLENBQUMsTUFBTSxFQUFFLENBQ3RCLENBQUM7WUFDRixNQUFNLHFCQUFxQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FDN0QsZUFBZSxDQUFDLEdBQUcsRUFDbkIsZUFBZSxDQUFDLE1BQU0sRUFBRSxDQUN6QixDQUFDO1lBRUYsTUFBTSxrQ0FBa0MsR0FBdUM7Z0JBQzdFLEtBQUssRUFBRSxZQUFZLENBQUMsb0JBQW9CLENBQUMsS0FBSztnQkFDOUMsU0FBUyxFQUFFLFNBQVMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDO2dCQUNqQyxXQUFXLEVBQUUsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUM7Z0JBQ3JDLFNBQVMsRUFBRTtvQkFDVCxHQUFHLEVBQUUsWUFBWSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUU7b0JBQzlCLE1BQU0sRUFBRSxlQUFlLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRTtvQkFDcEMsT0FBTztpQkFDUjthQUNGLENBQUM7WUFFRixJQUFJLGlCQUFpQixDQUFDO1lBQ3RCLElBQUksWUFBWSxDQUFDLG9CQUFvQixDQUFDLFNBQVMsQ0FBQyxXQUFXLEVBQUU7Z0JBQzNELHdIQUF3SDtnQkFDeEgsNEhBQTRIO2dCQUM1SCw0SEFBNEg7Z0JBQzVILE1BQU0seUJBQXlCLEdBQzdCLFlBQVksQ0FBQyxvQkFBb0IsQ0FBQyxTQUFTLENBQUMsV0FBVztxQkFDcEQseUJBQXlCLENBQUM7Z0JBRS9CLGNBQWM7Z0JBQ2QsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUN0RCxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQ3RELE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO2dCQUV4RCxpQkFBaUIsR0FBRztvQkFDbEIsa0JBQWtCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FDaEMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxPQUFPLENBQUMsR0FBRyxFQUNYLFdBQVcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ3pCLENBQ0Y7b0JBQ0QscUJBQXFCLEVBQUUsT0FBTyxDQUFDLEVBQUU7b0JBQ2pDLGtCQUFrQixFQUFFLG9CQUFvQjt3QkFDdEMsQ0FBQyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQ1osTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxXQUFXLEVBQ1gsb0JBQW9CLENBQUMsMkJBQTJCLENBQ2pELENBQ0Y7d0JBQ0gsQ0FBQyxDQUFDLEVBQUU7b0JBQ04sZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FDOUIsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxTQUFTLEVBQ1QsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDekIsQ0FDRjtpQkFDRixDQUFDO2dCQUVGLE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMzRCxXQUFXLEVBQ1gseUJBQXlCLENBQzFCLENBQUM7Z0JBQ0YsaUJBQWlCLENBQUMsbUJBQW1CLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDcEQsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLEVBQUUsZ0JBQWdCLENBQUMsQ0FDaEUsQ0FBQztnQkFDRixpQkFBaUIsQ0FBQyxRQUFRLEdBQUcsTUFBTSxDQUFDLEVBQUUsQ0FBQztnQkFFdkMsa0NBQWtDLENBQUMsU0FBUyxDQUFDLFdBQVcsbUNBQ25ELGtDQUFrQyxDQUFDLFNBQVMsQ0FBQyxXQUFXLEtBQzNELGVBQWUsRUFBRSxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUMxQyxDQUFDO2FBQ0g7WUFFRCxJQUFJLGtCQUFrQixDQUFDO1lBQ3ZCLElBQUksb0JBQW9CLEVBQUU7Z0JBQ3hCLGNBQWM7Z0JBQ2QsTUFBTSxRQUFRLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUNuRCxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQ3RELE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO2dCQUV4RCxrQkFBa0IsR0FBRztvQkFDbkIsZUFBZSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQzdCLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEMsT0FBTyxDQUFDLEdBQUcsRUFDWCxRQUFRLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN0QixDQUNGO29CQUNELGtCQUFrQixFQUFFLE9BQU8sQ0FBQyxFQUFFO29CQUM5QixlQUFlLEVBQUUsb0JBQW9CLENBQUMsd0JBQXdCO3dCQUM1RCxDQUFDLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FDWixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFFBQVEsRUFDUixvQkFBb0IsQ0FBQyx3QkFBd0IsQ0FDOUMsQ0FDRjt3QkFDSCxDQUFDLENBQUMsRUFBRTtvQkFFTixnQkFBZ0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUM5QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFNBQVMsRUFDVCxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUNGO2lCQUNGLENBQUM7Z0JBRUYsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNELFdBQVcsRUFDWCxvQkFBb0IsQ0FBQyx5QkFBeUIsQ0FDL0MsQ0FBQztnQkFDRixrQkFBa0IsQ0FBQyxtQkFBbUIsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUNyRCxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLEdBQUcsRUFBRSxnQkFBZ0IsQ0FBQyxDQUNoRSxDQUFDO2dCQUNGLGtCQUFrQixDQUFDLFFBQVEsR0FBRyxNQUFNLENBQUMsRUFBRSxDQUFDO2dCQUV4QyxJQUFJLG9CQUFvQixDQUFDLGtCQUFrQixFQUFFO29CQUMzQyxrQkFBa0IsQ0FBQyxpQkFBaUIsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUNuRCxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQy9CLGVBQWUsQ0FBQyxHQUFHLEVBQ25CLG9CQUFvQixDQUFDLGtCQUFrQixDQUN4QyxDQUNGLENBQUM7aUJBQ0g7Z0JBRUQsOENBQThDO2dCQUM5QyxrQ0FBa0MsQ0FBQyxTQUFTLENBQUMsV0FBVyxtQ0FDbkQsa0NBQWtDLENBQUMsU0FBUyxDQUFDLFdBQVcsS0FDM0QseUJBQXlCLEVBQ3ZCLG9CQUFvQixDQUFDLHlCQUF5QixHQUNqRCxDQUFDO2FBQ0g7WUFFRCxtQ0FBbUM7WUFDbkMsSUFBSSx5QkFBeUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xFLG1CQUFtQixFQUNuQixrQ0FBa0MsQ0FDbkMsQ0FBQztZQUVGLDBFQUEwRTtZQUMxRSx5QkFBeUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzlELFlBQVksQ0FBQyxLQUFLLEVBQ2xCLHlCQUF5QixDQUMxQixDQUFDO1lBRUYsT0FBTyxJQUFJLFVBQVUsQ0FBQztnQkFDcEIsUUFBUSxFQUFFLDZCQUE2QjtnQkFDdkMsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxhQUFhO3dCQUNiLGdCQUFnQixFQUFFLEtBQUs7d0JBQ3ZCLFNBQVMsRUFBRSxPQUFPLENBQUMsRUFBRTt3QkFDckIsV0FBVzt3QkFDWCxxQ0FBcUM7d0JBQ3JDLGNBQWMsRUFBRSxZQUFZLENBQUMsRUFBRTt3QkFDL0IsaUJBQWlCLEVBQUUsZUFBZSxDQUFDLEVBQUU7d0JBQ3JDLGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsa0JBQWtCLENBQUM7d0JBQ3RELHFCQUFxQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMscUJBQXFCLENBQUM7d0JBQzVELHNFQUFzRTt3QkFFdEUsMkNBQTJDO3dCQUMzQyxzRUFBc0U7d0JBQ3RFLGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsa0JBQWtCLENBQUM7d0JBQ3RELG9CQUFvQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsb0JBQW9CLENBQUM7d0JBQzFELHNDQUFzQzt3QkFDdEMseUJBQXlCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyx5QkFBeUIsQ0FBQzt3QkFDcEUsb0JBQW9CLEVBQUUsaUJBQWlCO3dCQUN2QyxvQkFBb0IsRUFBRSxrQkFBa0I7cUJBQ3pDO2lCQUNGO2FBQ0YsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztLQUFBO0lBRUssV0FBVyxDQUFDLEVBQ2hCLGFBQWEsRUFDYixzQkFBc0IsRUFDdEIseUJBQXlCLEVBQ3pCLG9CQUFvQixFQUNwQixvQkFBb0IsR0FDRjs7WUFDbEIsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDMUQsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFFOUQsNENBQTRDO1lBQzVDLE1BQU0sK0JBQStCLEdBQUcsQ0FBQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNFLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsc0JBQXNCLENBQ3ZCLENBQXFDLENBQUM7WUFFdkMsb0dBQW9HO1lBQ3BHLE1BQU0sOEJBQThCLEdBQUcsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQ3JFLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUFDLCtCQUErQixDQUFDLEtBQUssQ0FBQyxFQUNwRSxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FBQywrQkFBK0IsQ0FBQyxVQUFVLENBQUMsRUFDekUseUJBQXlCLENBQzFCLENBQUM7WUFFRiw0RUFBNEU7WUFDNUUsSUFDRSwrQkFBK0IsQ0FBQyxLQUFLO2dCQUNyQyw4QkFBOEIsQ0FBQyxLQUFLLEVBQ3BDO2dCQUNBLE1BQU0sSUFBSSx1QkFBdUIsQ0FDL0IsdUZBQXVGLENBQ3hGLENBQUM7YUFDSDtZQUVELDhEQUE4RDtZQUM5RCxrRkFBa0Y7WUFDbEYsOEZBQThGO1lBRTlGLCtDQUErQztZQUMvQyx1RUFBdUU7WUFDdkUsaUNBQWlDO1lBRWpDLHFEQUFxRDtZQUNyRCxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUNqRSxNQUFNLGVBQWUsR0FBRyxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FDbkQsOEJBQThCLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FDaEQsQ0FBQztZQUNGLE1BQU0sWUFBWSxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUNoRCw4QkFBOEIsQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUM3QyxDQUFDO1lBRUYsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQzFELGVBQWUsQ0FBQyxHQUFHLEVBQ25CLFlBQVksQ0FBQyxNQUFNLEVBQUUsQ0FDdEIsQ0FBQztZQUNGLE1BQU0scUJBQXFCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUM3RCxlQUFlLENBQUMsR0FBRyxFQUNuQixlQUFlLENBQUMsTUFBTSxFQUFFLENBQ3pCLENBQUM7WUFFRixNQUFNLFNBQVMsR0FBRyxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FDN0MsOEJBQThCLENBQUMsU0FBUyxDQUN6QyxDQUFDO1lBQ0YsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzdELE9BQU8sQ0FBQyxHQUFHLEVBQ1gsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDdkIsQ0FBQztZQUVGLE1BQU0sV0FBVyxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUMvQyw4QkFBOEIsQ0FBQyxXQUFXLENBQzNDLENBQUM7WUFDRixNQUFNLG9CQUFvQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDL0QsU0FBUyxDQUFDLEdBQUcsRUFDYixXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUFDO1lBRUYsSUFBSSwrQkFBK0IsQ0FBQztZQUNwQyxJQUFJLG9CQUFvQixFQUFFO2dCQUN4QixhQUFhO2dCQUNiLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFFdEQsK0JBQStCLEdBQUc7b0JBQ2hDLGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQ2hDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEMsT0FBTyxDQUFDLEdBQUcsRUFDWCxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUNGO29CQUNELHFCQUFxQixFQUFFLE9BQU8sQ0FBQyxFQUFFO29CQUNqQyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUNoQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFdBQVcsRUFDWCxvQkFBb0IsQ0FBQywyQkFBMkIsQ0FDakQsQ0FDRjtpQkFDRixDQUFDO2FBQ0g7WUFFRCx3REFBd0Q7WUFDeEQsSUFBSSwrQkFBK0IsQ0FBQztZQUNwQyxJQUFJLHFDQUFxQyxDQUFDO1lBQzFDLElBQUksK0JBQStCLENBQUMsb0JBQW9CLEVBQUU7Z0JBQ3hELHlHQUF5RztnQkFDekcsV0FBVztnQkFDWCxNQUFNLDRCQUE0QixHQUNoQywrQkFBK0IsQ0FBQyxvQkFBb0IsQ0FBQztnQkFDdkQsTUFBTSxRQUFRLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUNuRCxNQUFNLGVBQWUsR0FBRyxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FDbkQsOEJBQThCLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQyxlQUFlLENBQ3JFLENBQUM7Z0JBRUYsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDcEMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUUsUUFBUSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUN6RSxDQUFDO2dCQUVGLHVEQUF1RDtnQkFDdkQsTUFBTSx3QkFBd0IsR0FDNUIsQ0FBQSxvQkFBb0IsYUFBcEIsb0JBQW9CLHVCQUFwQixvQkFBb0IsQ0FBRSx3QkFBd0I7b0JBQzlDLDRCQUE0QixDQUFDLHdCQUF3QixDQUFDO2dCQUV4RCxNQUFNLGVBQWUsR0FBRyx3QkFBd0I7b0JBQzlDLENBQUMsQ0FBQyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsZUFBZSxDQUNqQyxRQUFRLEVBQ1Isd0JBQXdCLENBQ3pCO29CQUNILENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBRVAsK0JBQStCLEdBQUc7b0JBQ2hDLGVBQWU7b0JBQ2Ysa0JBQWtCLEVBQUUsT0FBTyxDQUFDLEVBQUU7b0JBQzlCLGVBQWU7aUJBQ2hCLENBQUM7Z0JBRUYscUNBQXFDLEdBQUc7b0JBQ3RDLFFBQVEsRUFBRSxlQUFlLENBQUMsRUFBRTtpQkFDN0IsQ0FBQztnQkFFRixNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDM0QsZUFBZSxFQUNmLDRCQUE0QixDQUFDLHlCQUF5QixDQUN2RCxDQUFDO2dCQUNGLHFDQUFxQyxDQUFDLG1CQUFtQixHQUFHLElBQUksQ0FBQyxTQUFTLENBQ3hFLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxFQUFFLGdCQUFnQixDQUFDLENBQ3pFLENBQUM7YUFDSDtZQUVELHNHQUFzRztZQUN0RyxtQ0FBbUM7WUFFbkMsT0FBTyxJQUFJLFVBQVUsQ0FBQztnQkFDcEIsUUFBUSxFQUFFLDhCQUE4QjtnQkFDeEMsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxhQUFhO3dCQUNiLFNBQVMsRUFBRSxPQUFPLENBQUMsRUFBRTt3QkFDckIsV0FBVyxFQUFFLFNBQVMsQ0FBQyxFQUFFO3dCQUN6QixpQkFBaUIsRUFBRSxlQUFlLENBQUMsRUFBRTt3QkFDckMsa0JBQWtCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxrQkFBa0IsQ0FBQzt3QkFDdEQscUJBQXFCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxxQkFBcUIsQ0FBQzt3QkFDNUQsa0JBQWtCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxrQkFBa0IsQ0FBQzt3QkFDdEQsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxvQkFBb0IsQ0FBQzt3QkFDMUQsMEJBQTBCLEVBQUUsK0JBQStCO3dCQUMzRCwwQkFBMEIsRUFBRSwrQkFBK0I7d0JBQzNELGdDQUFnQyxFQUFFLHFDQUFxQztxQkFDeEU7aUJBQ0Y7YUFDRixDQUFDLENBQUM7UUFDTCxDQUFDO0tBQUE7Q0FDRixDQUFBOzs7WUF0dEJBLFVBQVUsU0FBQztnQkFDVixVQUFVLEVBQUUsTUFBTTthQUNuQjs7O1lBdEpvQixNQUFNO1lBTWxCLGlCQUFpQjtZQUVqQixVQUFVO1lBTGpCLGlCQUFpQjtZQVFWLFdBQVc7WUFKWCxlQUFlO1lBbUJmLGdCQUFnQjs7QUE2SFosbUJBQW1CO0lBTi9CLGlCQUFpQixDQUFDO1FBQ2pCLFVBQVUsRUFBRSxRQUFRO0tBQ3JCLENBQUM7R0FJVyxtQkFBbUIsQ0FtdEIvQjtTQW50QlksbUJBQW1CIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgSW5qZWN0YWJsZSwgTmdab25lIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XHJcbmltcG9ydCB7IEpXSyB9IGZyb20gJ25vZGUtam9zZSc7XHJcbmltcG9ydCB7XHJcbiAgRW5jcnlwdGlvblNlcnZpY2UsXHJcbiAgSm9zZVNlcmlhbGl6YXRpb24sXHJcbn0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2VuY3J5cHRpb24uc2VydmljZSc7XHJcbmltcG9ydCB7IEtleUZhY3RvcnlTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1mYWN0b3J5LnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBLZXlHcmFwaFNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LWdyYXBoLnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBLZXlTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS5zZXJ2aWNlJztcclxuaW1wb3J0IHsgTHJDb2RlTWlzbWF0Y2hFeGNlcHRpb24gfSBmcm9tICcuLi9fY29tbW9uL2V4Y2VwdGlvbnMnO1xyXG5pbXBvcnQgeyBSdW5PdXRzaWRlQW5ndWxhciB9IGZyb20gJy4uL19jb21tb24vcnVuLW91dHNpZGUtYW5ndWxhcic7XHJcbmltcG9ydCB7IFVzZXJTZXJ2aWNlIH0gZnJvbSAnLi8uLi91c2Vycy91c2VyLnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBPd25lclBsYWluRGF0YUpzb24gfSBmcm9tICcuL2NvbnRhY3QtY2FyZDIuc2VydmljZSc7XHJcbmltcG9ydCB7XHJcbiAgQ2FuY2VsS2V5RXhjaGFuZ2VNdXRhdGlvbixcclxuICBDb21wbGV0ZUtleUV4Y2hhbmdlT3RrTXV0YXRpb24sXHJcbiAgQ3VycmVudFVzZXJTaGFyZWRLZXlRdWVyeTIsXHJcbiAgRGVjbGluZUtleUV4Y2hhbmdlTXV0YXRpb24sXHJcbiAgSW5pdGlhdGVLZXlFeGNoYW5nZU90a011dGF0aW9uLFxyXG4gIEtleUV4Y2hhbmdlRnJhZ21lbnQsXHJcbiAgS2V5RXhjaGFuZ2VRdWVyeTIsXHJcbiAgS2V5RXhjaGFuZ2VzUXVlcnkyLFxyXG4gIEtleUV4Y2hhbmdlU3RhdGUyLFxyXG4gIEtleUV4Y2hhbmdlVG9rZW5RdWVyeTIsXHJcbiAgUmVzcG9uZEtleUV4Y2hhbmdlT3RrTXV0YXRpb24sXHJcbn0gZnJvbSAnLi9rZXktZXhjaGFuZ2UyLmdxbCc7XHJcbmltcG9ydCB7IExyR3JhcGhRTFNlcnZpY2UsIExyTXV0YXRpb24gfSBmcm9tICcuL2xyLWdyYXBocWwnO1xyXG5pbXBvcnQgeyBDb250YWN0Q2FyZFNoYXJlZENpcGhlckRhdGEsIE90S2V5Q2lwaGVyQ2xlYXJKc29uMiB9IGZyb20gJy4vdHlwZXMnO1xyXG5cclxuLyoqXHJcbiAqIFRoZSBkZWNyeXB0ZWQgY29udGVudCBvZiB0aGUgb25lLXRpbWUga2V5IGNpcGhlcjtcclxuICogV2hlbiB1c2VyIHN1cHBsaWVzIHRoaXMgaW5mb3JtYXRpb24gdGhlIGxpYiBkb2Vzbid0IG5lZWQgdG8gZG8gYW5vdGhlciBBUEkgY2FsbFxyXG4gKiB0byBmZXRjaCB0aGUga2V5IGV4Y2hhbmdlIG5vZGUuIEFuZCBzaW5jZSB0aGUgdHlwaWNhbCB1c2UgY2FzZSBpcyB0byBkaXNwbGF5XHJcbiAqIHNvbWUgaW5mb3JtYXRpb24gdG8gdGhlIHVzZXIsIHRoZSBrZXkgZXhjaGFuZ2Ugbm9kZSB3b3VsZCBhbHJlYWR5IGhhdmUgYmVlblxyXG4gKiBmZXRjaGVkIGFuZCBkZWNyeXB0ZWQuXHJcbiAqL1xyXG5leHBvcnQgaW50ZXJmYWNlIERlY3J5cHRlZE90azIge1xyXG4gIG90S2V5Q2lwaGVyQ2xlYXJKc29uOiBPdEtleUNpcGhlckNsZWFySnNvbjI7XHJcbiAgb3RLZXk6IEpXSy5LZXk7IC8vIFRoZSBvbmUtdGltZSBrZXlcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBDb250YWN0Q2FyZFJlY2VpdmVyQ2lwaGVyRGF0YSB7XHJcbiAgLy8gVGhlIHJlY2VpdmVyIG9mIHRoZSBjb250YWN0IGNhcmQga2VlcHMgYSBjb3B5XHJcbiAgLy8gb2YgdGhlIG93bmVyJ3MgY29udGFjdCBjYXJkIGluZm9ybWF0aW9uLCBlbmNyeXB0ZWQgdXNpbmcgdGhlIHJlY2VpdmVyJ3Mga2V5cy4gU28gdGhhdCB3aGVuXHJcbiAgLy8gdGhlIG93bmVyIGRlY2lkZXMgdG8gdXBkYXRlIHRoZWlyIHNoYXJlZCBjb250YWN0IGNhcmQgYXQgYSBsYXRlciBkYXRlLCB0aGUgcmVjZWl2ZXIgY2FuXHJcbiAgLy8gY29tcGFyZSBhZ2FpbnN0IHRoZSBvcmlnaW5hbCBjb250YWN0IGNhcmQgc2VudCBkdXJpbmcga2V5IGV4Y2hhbmdlLiBUaGlzIHdheSwgdGhlIG93bmVyXHJcbiAgLy8gY2FuJ3QgdW5pbGF0ZXJhbGx5IHVwZGF0ZSB0aGVpciBzaGFyZWQgY29udGFjdCBjYXJkIHdpdGhvdXQgdGhlIHJlY2VpdmVyIGtub3dpbmcgYWJvdXQgaXQuXHJcbiAgcmVjZWl2ZXJDaXBoZXJEYXRhQ2xlYXJKc29uOiBhbnk7XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgQ29udGFjdENhcmRPd25lclBsYWluRGF0YSB7XHJcbiAgLy8gQWNjZXNzaWJsZSBieSB0aGUgc2VydmVyIGFuZCB0aGUgb3duZXIuIFNlcnZlciBzaWRlIG5vdGlmaWNhdGlvbiBlbWFpbHMgbmVlZCB0byBrbm93IHNvbWVcclxuICAvLyBpbmZvcm1hdGlvbiBhYm91dCB0aGUgb3duZXIuXHJcbiAgLy8gVGhlIG93bmVyIGNvdWxkIGVpdGhlciBiZSB0aGUgaW5pdGlhdG9yIG9yIHRoZSByZXNwb25kZXIuXHJcbiAgb3duZXJQbGFpbkRhdGFKc29uOiBPd25lclBsYWluRGF0YUpzb247XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgQ29udGFjdENhcmRPd25lckNpcGhlckRhdGEge1xyXG4gIC8vIE93bmVyIG9ubHkgYWNjZXNzIHRvIHRoaXMgZGF0YVxyXG4gIG93bmVyQ2lwaGVyRGF0YUNsZWFySnNvbjogYW55O1xyXG59XHJcblxyXG4vKipcclxuICogU2VuZGluZyBjb250YWN0IGNhcmQgaW5mb3JtYXRpb24gZnJvbSB0aGUgb3duZXIgdG8gdGhlIHJlY2VpdmVyLlxyXG4gKi9cclxuZXhwb3J0IHR5cGUgU2VuZENvbnRhY3RDYXJkSW5wdXQgPSBDb250YWN0Q2FyZE93bmVyUGxhaW5EYXRhICZcclxuICBDb250YWN0Q2FyZE93bmVyQ2lwaGVyRGF0YSAmXHJcbiAgQ29udGFjdENhcmRTaGFyZWRDaXBoZXJEYXRhO1xyXG5cclxuZXhwb3J0IGludGVyZmFjZSBJbml0aWF0ZU90a0lucHV0MiB7XHJcbiAgLy8gTm90ZSB0aGF0IGlmIG5laXRoZXIgZW1haWwgbm9yIHJlc3BvbmRlclVzZXJuYW1lIGFyZSBnaXZlbiwgdGhlIG9uZS10aW1lIGtleVxyXG4gIC8vIGNhbiBzdGlsbCBiZSBzZW50IHRvIHRoZSByZXNwb25kZXIgdmlhIE9PQlxyXG4gIGVtYWlsPzogc3RyaW5nO1xyXG4gIG1lc3NhZ2U/OiBhbnk7XHJcbiAgY29udGFjdENhcmQ/OiBTZW5kQ29udGFjdENhcmRJbnB1dDtcclxuICAvLyBJZiBUcnVlLCB0byB1cGdyYWRlIGFuIGVtYWlsIGludml0ZSB0byBhbiBleGlzdGluZyB1c2VyIGludml0ZSBpZiB0aGUgZW1haWxcclxuICAvLyBpcyBhbHJlYWR5IGFzc29jaWF0ZWQgd2l0aCBhbiBleGlzdGluZyB1c2VyLlxyXG4gIHVwZ3JhZGU/OiBib29sZWFuO1xyXG59XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIFJlc3BvbmRPdGtJbnB1dDIge1xyXG4gIGtleUV4Y2hhbmdlSWQ6IHN0cmluZztcclxuICB0b2tlbjogc3RyaW5nO1xyXG4gIGRlY3J5cHRlZE90azogRGVjcnlwdGVkT3RrMjtcclxuICBtZXNzYWdlPzogYW55O1xyXG4gIC8vIFRoZSBpbml0aWF0b3IgaXMgdGhlIG93bmVyIGZvIHRoZSBpbml0aWF0b3JDb250YWN0Q2FyZCwgdGhlIHJlc3BvbmRlclxyXG4gIC8vIGlzIHRoZSByZWNlaXZlci5cclxuICBpbml0aWF0b3JDb250YWN0Q2FyZD86IENvbnRhY3RDYXJkUmVjZWl2ZXJDaXBoZXJEYXRhO1xyXG4gIHJlc3BvbmRlckNvbnRhY3RDYXJkPzogU2VuZENvbnRhY3RDYXJkSW5wdXQ7XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgQ29tcGxldGVPdGtJbnB1dDIge1xyXG4gIGtleUV4Y2hhbmdlSWQ6IHN0cmluZztcclxuICAvLyBUaGlzIGlzIGEgcGFydCBvZiB0aGUga2V5IGV4Y2hhbmdlIGRhdGEuIEl0J3MgZW5jcnlwdGVkIHVzaW5nIHRoZSByb290IGtleVxyXG4gIGluaXRpYXRvclJvb3RLZXlDaXBoZXI6IHN0cmluZztcclxuICAvLyBUaGlzIGlzIGEgcGFydCBvZiB0aGUga2V5IGV4Y2hhbmdlIGRhdGEuIEl0J3MgZW5jcnlwdGVkIHVzaW5nIHRoZSBvbmUtdGltZSBrZXkuXHJcbiAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlcjogc3RyaW5nO1xyXG4gIC8vIFRoZSByZXNwb25kZXIgaXMgdGhlIG93bmVyIGZvIHRoZSByZXNwb25kZXJDb250YWN0Q2FyZCwgdGhlIGluaXRpYXRvclxyXG4gIC8vIGlzIHRoZSByZWNlaXZlci5cclxuICByZXNwb25kZXJDb250YWN0Q2FyZD86IENvbnRhY3RDYXJkUmVjZWl2ZXJDaXBoZXJEYXRhO1xyXG4gIC8vIFRoZSBpbml0aWF0b3IgY2FuIHVwZGF0ZSB0aGUgY2lwaGVyIGRhdGEgdGhhdCBhcmUgb25seSB2aXNpYmxlIHRvIHRoZW0uIEl0IG1ha2VzXHJcbiAgLy8gbGVzcyBzZW5zZSB0byB1cGRhdGUgdGhlIHNoYXJlZCBkYXRhIGJlY2F1c2UgdGhlIHJlc3BvbmRlciB3b3VsZCBoYXZlIGFscmVhZHkgc2VlblxyXG4gIC8vIHRoZSBzaGFyZWQgZGF0YSBhbmQgYWNjZXB0ZWQgdGhhdCBpdCdzIGxlZ2l0LlxyXG4gIC8vIEJ1dCBpbiBhbnkgY2FzZSwgdGhlIGluaXRpYXRvciBjYW4gdXBkYXRlIHRoZSBzaGFyZWQgY29udGFjdCBjYXJkIGluZm8gYXQgYW55IHRpbWUuXHJcbiAgaW5pdGlhdG9yQ29udGFjdENhcmQ/OiBDb250YWN0Q2FyZE93bmVyQ2lwaGVyRGF0YTtcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBJbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uMiB7XHJcbiAgbm9uY2U6IHN0cmluZztcclxuICBvbmVUaW1lUHJrOiBvYmplY3Q7IC8vIG9uZS10aW1lIHB1YmxpYyBlbmNyeXB0aW9uIGtleSByZXNwb25kZXIgdXNlIHRvIHNlbmQgZGF0YSBiYWNrIHRvIGluaXRpYXRvclxyXG4gIG90S2V5OiBvYmplY3Q7IC8vIG9uZS10aW1lIHN5bW1ldHJpYyBrZXkgdGhhdCBuZWVkcyB0byBiZSBzaGFyZWQgT09CXHJcbiAgaW5pdGlhdG9yQ29udGFjdENhcmQ/OiBDb250YWN0Q2FyZE93bmVyQ2lwaGVyRGF0YSAmXHJcbiAgICBDb250YWN0Q2FyZFNoYXJlZENpcGhlckRhdGE7XHJcbiAgaW5pdGlhdG9yOiB7XHJcbiAgICBtZXNzYWdlPzogYW55O1xyXG4gICAgY29udGFjdENhcmQ/OiBDb250YWN0Q2FyZFNoYXJlZENpcGhlckRhdGE7XHJcbiAgfTtcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBJbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uIHtcclxuICBub25jZTogc3RyaW5nO1xyXG4gIHNoYXJlZEtleTogb2JqZWN0O1xyXG4gIG1rU2hhcmVkS2V5OiBvYmplY3Q7XHJcbiAgcmVzcG9uZGVyOiB7XHJcbiAgICBwYms6IG9iamVjdDtcclxuICAgIHNpZ1Biazogb2JqZWN0O1xyXG4gICAgbWVzc2FnZT86IGFueTtcclxuICAgIGNvbnRhY3RDYXJkPzogQ29udGFjdENhcmRTaGFyZWRDaXBoZXJEYXRhICYge1xyXG4gICAgICAvLyBOb3RlIHRoYXQgdGhpcyBpcyBfbm90XyB0aGUgc2FtZSBrZXkgYXMgdGhlIHNoYXJlZEtleS4gVGhlIHNoYXJlZEtleSB3cmFwc1xyXG4gICAgICAvLyB0aGlzIGtleSBpbiB0aGUga2V5IGdyYXBoLiBCdXQgYmVjYXVzZSB0aGlzIGtleSBoYXMgbm90IGJlZW4gZW50ZXJlZCBpbnRvXHJcbiAgICAgIC8vIHRoZSBrZXkgZ3JhcGggd2hlbiB0aGUgcmVzcG9uZGVyIGNhbGxzIHRoZSBBUEksIHdlIHBhc3MgdGhlIEpXSyBkaXJlY3RseSBoZXJlLlxyXG4gICAgICBzaGFyZWRDaXBoZXJLZXk6IG9iamVjdDtcclxuICAgIH07XHJcbiAgfTtcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBHZXRLZXlFeGNoYW5nZU9wdGlvbnMyIHtcclxuICAvLyBUaGUgb3RLZXkgYXMgYSByYXcgc3RyaW5nLiBpLmUuIGtleS50b0pTT04odHJ1ZSkua1xyXG4gIG90S2V5Sz86IHN0cmluZztcclxuICAvLyBVc2VyIG5lZWQgdGhlIHRva2VuIGlmIHRoZXkgaGF2ZSBub3QgcmVzcG9uZGVkIHRvIHRoZSBrZXkgZXhjaGFuZ2UgeWV0LlxyXG4gIC8vIE9uY2UgdGhleSd2ZSByZXNwb25kZWQgKGhlbmNlIHByb3ZlbiB0aGV5IGhhdmUgdGhlIE9PQiBLZXkpIHRoZXkgYmVjb21lXHJcbiAgLy8gdGhlIFwicmVzcG9uZGVyXCIgb2YgdGhpcyBleGNoYW5nZSwgYW5kIGNhbiBhY2Nlc3MgaXQgd2hlbiBzaWduZWQgaW4uXHJcbiAgdG9rZW4/OiBzdHJpbmc7XHJcbn1cclxuXHJcbkBSdW5PdXRzaWRlQW5ndWxhcih7XHJcbiAgbmdab25lTmFtZTogJ25nWm9uZScsXHJcbn0pXHJcbkBJbmplY3RhYmxlKHtcclxuICBwcm92aWRlZEluOiAncm9vdCcsXHJcbn0pXHJcbmV4cG9ydCBjbGFzcyBLZXlFeGNoYW5nZTJTZXJ2aWNlIHtcclxuICBwcml2YXRlIHJlYWRvbmx5IENMSUVOVF9OT05DRV9MRU5HVEggPSAzMjtcclxuXHJcbiAgY29uc3RydWN0b3IoXHJcbiAgICBwcml2YXRlIG5nWm9uZTogTmdab25lLFxyXG4gICAgcHJpdmF0ZSBrZXlGYWN0b3J5OiBLZXlGYWN0b3J5U2VydmljZSxcclxuICAgIHByaXZhdGUga2V5U2VydmljZTogS2V5U2VydmljZSxcclxuICAgIHByaXZhdGUgZW5jcnlwdGlvblNlcnZpY2U6IEVuY3J5cHRpb25TZXJ2aWNlLFxyXG4gICAgcHJpdmF0ZSB1c2VyU2VydmljZTogVXNlclNlcnZpY2UsXHJcbiAgICBwcml2YXRlIGtleUdyYXBoOiBLZXlHcmFwaFNlcnZpY2UsXHJcbiAgICBwcml2YXRlIGxyR3JhcGhRTDogTHJHcmFwaFFMU2VydmljZVxyXG4gICkge31cclxuXHJcbiAgcHJpdmF0ZSBhc3luYyBnZXRPdEtleShcclxuICAgIGtleUV4Y2hhbmdlOiBLZXlFeGNoYW5nZUZyYWdtZW50LFxyXG4gICAgb3RLZXlLPzogc3RyaW5nXHJcbiAgKTogUHJvbWlzZTxKV0suS2V5PiB7XHJcbiAgICBpZiAob3RLZXlLKSB7XHJcbiAgICAgIHJldHVybiBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleSh7XHJcbiAgICAgICAgLi4uSlNPTi5wYXJzZShrZXlFeGNoYW5nZS5vdGsub3RLZXlQYXJhbXMpLFxyXG4gICAgICAgIGs6IG90S2V5SyxcclxuICAgICAgfSk7XHJcbiAgICB9IGVsc2UgaWYgKFxyXG4gICAgICBrZXlFeGNoYW5nZS5vdGsuc3RhdGUgPT09ICdPVEtfSU5JVElBVEVEJyAmJlxyXG4gICAgICAha2V5RXhjaGFuZ2UuaXNJbml0aWF0b3IgJiZcclxuICAgICAga2V5RXhjaGFuZ2Uub3RrLnJlc3BvbmRlclBia0NpcGhlclxyXG4gICAgKSB7XHJcbiAgICAgIC8vIEFzc3VtaW5nIGV4aXN0aW5nIHVzZXIgZ2V0dGluZyBpbnZpdGVkIHdoZXJlIE9USyBpcyB3cmFwcGVkIGluIHJlc3BvbmRlcidzIHB1YmxpYyBrZXkuXHJcbiAgICAgIGNvbnN0IHByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50UHhrKCk7XHJcbiAgICAgIGNvbnN0IGRlY3J5cHRlZENpcGhlcjogYW55ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxyXG4gICAgICAgIHByay5qd2ssXHJcbiAgICAgICAgSlNPTi5wYXJzZShrZXlFeGNoYW5nZS5vdGsucmVzcG9uZGVyUGJrQ2lwaGVyKSxcclxuICAgICAgICB7XHJcbiAgICAgICAgICBzZXJpYWxpemF0aW9uczogW0pvc2VTZXJpYWxpemF0aW9uLkNPTVBBQ1RdLFxyXG4gICAgICAgIH1cclxuICAgICAgKTtcclxuICAgICAgaWYgKGRlY3J5cHRlZENpcGhlci5vdEtleSkge1xyXG4gICAgICAgIHJldHVybiBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShkZWNyeXB0ZWRDaXBoZXIub3RLZXkpO1xyXG4gICAgICB9XHJcbiAgICB9XHJcbiAgICByZXR1cm4gbnVsbDtcclxuICB9XHJcblxyXG4gIHByaXZhdGUgYXN5bmMgZGVjcnlwdE90ayhcclxuICAgIGtleUV4Y2hhbmdlOiBLZXlFeGNoYW5nZUZyYWdtZW50LFxyXG4gICAgb3RLZXlLPzogc3RyaW5nXHJcbiAgKTogUHJvbWlzZTxLZXlFeGNoYW5nZUZyYWdtZW50PiB7XHJcbiAgICBjb25zdCBvdEtleSA9IGF3YWl0IHRoaXMuZ2V0T3RLZXkoa2V5RXhjaGFuZ2UsIG90S2V5Syk7XHJcblxyXG4gICAgbGV0IG90ayA9IGtleUV4Y2hhbmdlLm90aztcclxuXHJcbiAgICBpZiAob3RLZXkgJiYgb3RrLm90S2V5Q2lwaGVyKSB7XHJcbiAgICAgIG90ayA9IHtcclxuICAgICAgICAuLi5vdGssXHJcbiAgICAgICAgb3RLZXksXHJcbiAgICAgICAgb3RLZXlDaXBoZXJDbGVhckpzb246IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcclxuICAgICAgICAgIG90S2V5LFxyXG4gICAgICAgICAga2V5RXhjaGFuZ2Uub3RrLm90S2V5Q2lwaGVyXHJcbiAgICAgICAgKSxcclxuICAgICAgfTtcclxuICAgIH1cclxuXHJcbiAgICByZXR1cm4ge1xyXG4gICAgICAuLi5rZXlFeGNoYW5nZSxcclxuICAgICAgb3RrLFxyXG4gICAgfTtcclxuICB9XHJcblxyXG4gIHByaXZhdGUgYXN5bmMgZGVjcnlwdFJlc3BvbnNlQ2lwaGVyKFxyXG4gICAgb3RLZXk6IEpXSy5LZXksXHJcbiAgICBvdFByazogSldLLktleSxcclxuICAgIGNvbnRlbnQ6IGFueVxyXG4gICk6IFByb21pc2U8SW5pdGlhdG9yT25lVGltZVBia0NpcGhlckNsZWFySnNvbj4ge1xyXG4gICAgLy8gVGhlIHJlc3BvbnNlIGNvdWxkIGJlIHdyYXBwZWQgYnkgdGhlIE90SyBpbiBhZGRpdGlvbiB0byB0aGUgT3RQYmtcclxuICAgIHRyeSB7XHJcbiAgICAgIGNvbnRlbnQgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQob3RLZXksIGNvbnRlbnQpO1xyXG4gICAgfSBjYXRjaCAoZXJyb3IpIHtcclxuICAgICAgaWYgKGVycm9yLm1lc3NhZ2UgIT09ICdubyBrZXkgZm91bmQnKSB7XHJcbiAgICAgICAgdGhyb3cgZXJyb3I7XHJcbiAgICAgIH1cclxuICAgICAgLy8gRG8gbm90aGluZyB0byBzdXBwb3J0IG9sZGVyIHZlcnNpb25zIHdoZXJlIG1lc3NhZ2UgaXMgbm90IHdyYXBwZWQgd2l0aCBvdGsuXHJcbiAgICB9XHJcblxyXG4gICAgLy8gVGhlIFByayBpcyBzaW5nbGUtdXNlIGFuZCBvbmx5IHVzZWQgdG8gc2VuZCBpbmZvcm1hdGlvbiBmcm9tIHRoZSByZXNwb25kZXIgYmFjayB0byB0aGUgaW5pdGlhdG9yLlxyXG4gICAgcmV0dXJuIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChvdFByaywgY29udGVudCk7XHJcbiAgfVxyXG5cclxuICBwcml2YXRlIGFzeW5jIGRlY3J5cHRLZXlFeGNoYW5nZUFzSW5pdGlhdG9yKFxyXG4gICAga2V5RXhjaGFuZ2U6IEtleUV4Y2hhbmdlRnJhZ21lbnRcclxuICApOiBQcm9taXNlPEtleUV4Y2hhbmdlRnJhZ21lbnQ+IHtcclxuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcclxuXHJcbiAgICAvLyBEZWNyeXB0IHVzaW5nIHRoZSByb290IGtleSB0byBnZXQgdGhlIFBya1xyXG4gICAgY29uc3QgaW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbiA9IChhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXHJcbiAgICAgIHJvb3RLZXkuandrLFxyXG4gICAgICBrZXlFeGNoYW5nZS5pbml0aWF0b3JSb290S2V5Q2lwaGVyXHJcbiAgICApKSBhcyBJbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uMjtcclxuXHJcbiAgICBjb25zdCBvdEtleSA9IGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxyXG4gICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uLm90S2V5XHJcbiAgICApO1xyXG5cclxuICAgIGtleUV4Y2hhbmdlID0ge1xyXG4gICAgICAuLi5rZXlFeGNoYW5nZSxcclxuICAgICAgaW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbixcclxuICAgIH07XHJcblxyXG4gICAgbGV0IG90ayA9IGtleUV4Y2hhbmdlLm90aztcclxuXHJcbiAgICBpZiAob3RrLmluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIpIHtcclxuICAgICAgb3RrID0ge1xyXG4gICAgICAgIC4uLm90ayxcclxuICAgICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uOiBhd2FpdCB0aGlzLmRlY3J5cHRSZXNwb25zZUNpcGhlcihcclxuICAgICAgICAgIG90S2V5LFxyXG4gICAgICAgICAgYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXHJcbiAgICAgICAgICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24ub25lVGltZVBya1xyXG4gICAgICAgICAgKSxcclxuICAgICAgICAgIG90ay5pbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyXHJcbiAgICAgICAgKSxcclxuICAgICAgfTtcclxuICAgIH1cclxuXHJcbiAgICBpZiAob3RrLm90S2V5Q2lwaGVyKSB7XHJcbiAgICAgIG90ay5vdEtleUNpcGhlckNsZWFySnNvbiA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcclxuICAgICAgICBvdEtleSxcclxuICAgICAgICBvdGsub3RLZXlDaXBoZXJcclxuICAgICAgKTtcclxuICAgIH1cclxuXHJcbiAgICByZXR1cm4ge1xyXG4gICAgICAuLi5rZXlFeGNoYW5nZSxcclxuICAgICAgb3RrLFxyXG4gICAgfTtcclxuICB9XHJcblxyXG4gIHByaXZhdGUgYXN5bmMgZGVjcnlwdEtleUV4Y2hhbmdlQXNSZXNwb25kZXIoXHJcbiAgICBrZXlFeGNoYW5nZTogS2V5RXhjaGFuZ2VGcmFnbWVudCxcclxuICAgIG90S2V5Sz86IHN0cmluZ1xyXG4gICkge1xyXG4gICAgcmV0dXJuIHRoaXMuZGVjcnlwdE90ayhrZXlFeGNoYW5nZSwgb3RLZXlLKTtcclxuICB9XHJcblxyXG4gIGFzeW5jIGRlY3J5cHRLZXlFeGNoYW5nZShrZXlFeGNoYW5nZTogS2V5RXhjaGFuZ2VGcmFnbWVudCwgb3RLZXlLPzogc3RyaW5nKSB7XHJcbiAgICBpZiAoa2V5RXhjaGFuZ2UuaXNJbml0aWF0b3IpIHtcclxuICAgICAgcmV0dXJuIHRoaXMuZGVjcnlwdEtleUV4Y2hhbmdlQXNJbml0aWF0b3Ioa2V5RXhjaGFuZ2UpO1xyXG4gICAgfSBlbHNlIHtcclxuICAgICAgcmV0dXJuIHRoaXMuZGVjcnlwdEtleUV4Y2hhbmdlQXNSZXNwb25kZXIoa2V5RXhjaGFuZ2UsIG90S2V5Syk7XHJcbiAgICB9XHJcbiAgfVxyXG5cclxuICBhc3luYyBnZXRLZXlFeGNoYW5nZXMoeyBzdGF0ZSB9OiB7IHN0YXRlPzogS2V5RXhjaGFuZ2VTdGF0ZTIgfSA9IHt9KSB7XHJcbiAgICBjb25zdCB7IGtleUV4Y2hhbmdlcyB9ID0gYXdhaXQgdGhpcy5sckdyYXBoUUwucXVlcnkoe1xyXG4gICAgICBxdWVyeTogS2V5RXhjaGFuZ2VzUXVlcnkyLFxyXG4gICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICBzdGF0ZSxcclxuICAgICAgfSxcclxuICAgIH0pO1xyXG5cclxuICAgIHJldHVybiBQcm9taXNlLmFsbChcclxuICAgICAga2V5RXhjaGFuZ2VzLmVkZ2VzLm1hcCgoZWRnZSkgPT4gdGhpcy5kZWNyeXB0S2V5RXhjaGFuZ2UoZWRnZS5ub2RlKSlcclxuICAgICk7XHJcbiAgfVxyXG5cclxuICAvKipcclxuICAgKiBAcGFyYW0gaWQgSWYgdGhlIGN1cnJlbnQgdXNlciBjYW4gcmVzcG9uZGVyIHRoZSBrZXkgZXhjaGFuZ2UgaWYgdGhleSBhcmUgZWl0aGVyIHRoZSBpbml0aWF0b3Igb3IgdGhlIHJlY2VpdmVyLlxyXG4gICAqIEBwYXJhbSB0b2tlbiBJZiBub3Qgc2lnbmVkIGluLCBvciBub3QgdGhlIGluaXRpYXRvciBvciByZXNwb25kZXIsICd0b2tlbicgbXVzdCBiZSBnaXZlbi5cclxuICAgKiBAcGFyYW0gb3RLZXlLIElzIHRoZSByYXcgb25lLXRpbWUga2V5IChzdHJpbmcpLiBJZiB0aGUgcmVzcG9uZGVyIGlzIGV4cGxpY2l0bHkgc3BlY2lmaWVkIGF0IHRpbWUgb2YgaW5pdGlhdGlvbiwgdGhlblxyXG4gICAqICAgaXQncyBwb3NzaWJsZSB0byBoYXZlIHRoZSBvdEtleSB3cmFwcGVkIGJ5IHRoZSBwdWJsaWMga2V5IG9mIHRoZSByZXNwb25kZXIuIEluIHdoaWNoIGNhc2UsIHRoZSBvdEtleUsgaXMgbm90IG5lZWRlZC5cclxuICAgKi9cclxuICBhc3luYyBnZXRLZXlFeGNoYW5nZShcclxuICAgIGlkOiBzdHJpbmcsXHJcbiAgICB7IG90S2V5SywgdG9rZW4gfTogR2V0S2V5RXhjaGFuZ2VPcHRpb25zMiA9IHt9XHJcbiAgKSB7XHJcbiAgICBjb25zdCByZXMgPSBhd2FpdCB0aGlzLmxyR3JhcGhRTC5xdWVyeSh7XHJcbiAgICAgIHF1ZXJ5OiB0b2tlbiA/IEtleUV4Y2hhbmdlVG9rZW5RdWVyeTIgOiBLZXlFeGNoYW5nZVF1ZXJ5MixcclxuICAgICAgdmFyaWFibGVzOiB7XHJcbiAgICAgICAgaWQsXHJcbiAgICAgICAgdG9rZW4sXHJcbiAgICAgIH0sXHJcbiAgICAgIGluY2x1ZGVLZXlHcmFwaDogIXRva2VuLCAvLyBpZiAhdG9rZW4gdGhlbiB3ZSBhcmUgcG9zdCBhdXRoLCBzbyBjYW4gZmV0Y2gga2V5R3JhcGhcclxuICAgIH0pO1xyXG4gICAgcmV0dXJuIHRoaXMuZGVjcnlwdEtleUV4Y2hhbmdlKHJlcy5rZXlFeGNoYW5nZSwgb3RLZXlLKTtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBnZXRDdXJyZW50VXNlclNoYXJlZEtleShpbnB1dDoge1xyXG4gICAgdXNlcm5hbWU/OiBzdHJpbmc7XHJcbiAgICB1c2VySWQ/OiBzdHJpbmc7XHJcbiAgfSkge1xyXG4gICAgcmV0dXJuIHRoaXMubHJHcmFwaFFMLnF1ZXJ5KHtcclxuICAgICAgcXVlcnk6IEN1cnJlbnRVc2VyU2hhcmVkS2V5UXVlcnkyLFxyXG4gICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICB1c2VybmFtZTogaW5wdXQudXNlcm5hbWUsXHJcbiAgICAgICAgdXNlcklkOiBpbnB1dC51c2VySWQsXHJcbiAgICAgIH0sXHJcbiAgICB9KTtcclxuICB9XHJcblxyXG4gIC8vIFRPRE86IGRlcHJlY2F0ZSB0aGlzXHJcbiAgYXN5bmMgY2FuY2VsS2V5RXhjaGFuZ2UoaWQ6IHN0cmluZykge1xyXG4gICAgcmV0dXJuIHRoaXMuY2FuY2VsS2V5RXhjaGFuZ2VNdXRhdGlvbihpZCk7XHJcbiAgfVxyXG5cclxuICBjYW5jZWxLZXlFeGNoYW5nZU11dGF0aW9uKGlkOiBzdHJpbmcpIHtcclxuICAgIHJldHVybiBuZXcgTHJNdXRhdGlvbih7XHJcbiAgICAgIG11dGF0aW9uOiBDYW5jZWxLZXlFeGNoYW5nZU11dGF0aW9uLFxyXG4gICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICBpbnB1dDoge1xyXG4gICAgICAgICAgaWQsXHJcbiAgICAgICAgfSxcclxuICAgICAgfSxcclxuICAgIH0pO1xyXG4gIH1cclxuXHJcbiAgLy8gVE9ETzogZGVwcmVjYXRlIHRoaXNcclxuICBhc3luYyBkZWNsaW5lS2V5RXhjaGFuZ2UoaWQ6IHN0cmluZywgdG9rZW46IHN0cmluZykge1xyXG4gICAgcmV0dXJuIHRoaXMuZGVjbGluZUtleUV4Y2hhbmdlTXV0YXRpb24oaWQsIHRva2VuKTtcclxuICB9XHJcblxyXG4gIGRlY2xpbmVLZXlFeGNoYW5nZU11dGF0aW9uKGlkOiBzdHJpbmcsIHRva2VuOiBzdHJpbmcpIHtcclxuICAgIHJldHVybiBuZXcgTHJNdXRhdGlvbih7XHJcbiAgICAgIG11dGF0aW9uOiBEZWNsaW5lS2V5RXhjaGFuZ2VNdXRhdGlvbixcclxuICAgICAgdmFyaWFibGVzOiB7XHJcbiAgICAgICAgaW5wdXQ6IHtcclxuICAgICAgICAgIGlkLFxyXG4gICAgICAgICAgdG9rZW4sXHJcbiAgICAgICAgfSxcclxuICAgICAgfSxcclxuICAgIH0pO1xyXG4gIH1cclxuXHJcbiAgYXN5bmMgaW5pdGlhdGVPdGsoe1xyXG4gICAgbWVzc2FnZSxcclxuICAgIGVtYWlsLFxyXG4gICAgY29udGFjdENhcmQsXHJcbiAgICB1cGdyYWRlLFxyXG4gIH06IEluaXRpYXRlT3RrSW5wdXQyID0ge30pIHtcclxuICAgIGNvbnN0IG90S2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xyXG4gICAgY29uc3Qgbm9uY2UgPSB0aGlzLmtleUZhY3RvcnkucmFuZG9tU3RyaW5nKHRoaXMuQ0xJRU5UX05PTkNFX0xFTkdUSCk7XHJcblxyXG4gICAgLy8gTmV3IFBLQyBrZXkgZm9yIGVuY3J5cHRpb24uIFRoaXMga2V5IGlzIHVzZWQgb25seSBvbmNlIHdoZW4gdGhlIHJlc3BvbmRlciBzZW5kc1xyXG4gICAgLy8gYmFjayB0aGVpciBzaWduaW5nIHB1YmxpYyBrZXkuXHJcbiAgICBjb25zdCBpbml0aWF0b3JPbmVUaW1lUHJrID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZVBrY0tleSgpO1xyXG5cclxuICAgIC8vIE9wdGlvbiAxOiBOZXcgUEtDIGtleSBmb3Igc2lnbmluZ1xyXG4gICAgLy8gY29uc3QgaW5pdGlhdG9yU2lnUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmNyZWF0ZVBrY1NpZ25LZXkoKTtcclxuXHJcbiAgICAvLyBPcHRpb24gMjogVXNlIHRoZSB1c2VyJ3MgZ2xvYmFsIHNpZ25pbmcga2V5LlxyXG4gICAgLy8gVGhpcyBrZXkgaXMgdXNlZCB0byBwcm92ZSB0aGUgaW5pdGlhdG9yJ3MgaWRlbnRpdHkuXHJcbiAgICBjb25zdCBpbml0aWF0b3JQcmsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFB4aygpO1xyXG4gICAgY29uc3QgaW5pdGlhdG9yU2lnUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRTaWdQeGsoKTtcclxuXHJcbiAgICBsZXQgaW5pdGlhdG9yUGxhaW5EYXRhU2lnOiBzdHJpbmcgPSBudWxsO1xyXG5cclxuICAgIGlmIChjb250YWN0Q2FyZCAmJiBjb250YWN0Q2FyZC5vd25lclBsYWluRGF0YUpzb24pIHtcclxuICAgICAgaW5pdGlhdG9yUGxhaW5EYXRhU2lnID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduVG9TdHJpbmcoXHJcbiAgICAgICAgaW5pdGlhdG9yU2lnUHJrLmp3ayxcclxuICAgICAgICBjb250YWN0Q2FyZC5vd25lclBsYWluRGF0YUpzb25cclxuICAgICAgKTtcclxuICAgIH1cclxuXHJcbiAgICBjb25zdCBpbml0aWF0b3IgPSB7XHJcbiAgICAgIG1lc3NhZ2UsXHJcbiAgICAgIGNvbnRhY3RDYXJkOiBjb250YWN0Q2FyZCAmJiB7XHJcbiAgICAgICAgc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbjogY29udGFjdENhcmQuc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbixcclxuICAgICAgfSxcclxuICAgIH07XHJcblxyXG4gICAgLy8gQ29udGVudCB0byBiZSBlbmNyeXB0ZWQgdXNpbmcgdGhlIE9USy5cclxuICAgIGNvbnN0IHBsYWluT3RLZXlDaXBoZXI6IE90S2V5Q2lwaGVyQ2xlYXJKc29uMiA9IHtcclxuICAgICAgLy8gVE9ETyBNYWtlIHN1cmUgd2UgYWxzbyBwdXQgdGhlIE9PQiBjb2RlIGluIGhlcmUgYXMgd2VsbCBzaW5jZSB0aGUgT09CIGNvZGUgaXMgdGhlXHJcbiAgICAgIC8vIF9vbmx5XyBpbmZvcm1hdGlvbiB0aGUgS0Mgc2VydmVyIGRvZXMgbm90IGhhdmUgYWNjZXNzIHRvLiBUaGUgc2VydmVyIG1heSBoYXZlXHJcbiAgICAgIC8vIGFjY2VzcyB0byBPVEsgYW5kIGhlbmNlIHRoZSBub25jZSBoZXJlLiBJdCdzIGdvb2QgdG8gaGF2ZSBib3RoIHRoZSBub25jZSBhbmQgT09CIGNvZGVcclxuICAgICAgLy8gc2luY2UgdGhlIHVzZXIgbWF5IG5vdCBiZSB1c2luZyB0aGUgT09CIGNvZGUuIEFuZCBpdCdzIHNpbXBsZSB0byBhbHdheXMgaW5jbHVkZVxyXG4gICAgICAvLyB0aGUgbm9uY2UsIHNvIHdoeSBub3QuXHJcbiAgICAgIG5vbmNlLFxyXG4gICAgICBpbml0aWF0b3I6IHtcclxuICAgICAgICAuLi5pbml0aWF0b3IsXHJcbiAgICAgICAgb25lVGltZVBiazogaW5pdGlhdG9yT25lVGltZVByay50b0pTT04oKSwgLy8gb25lLXRpbWUgcHVibGljIGVuY3J5cHRpb24ga2V5IHJlc3BvbmRlciB1c2UgdG8gc2VuZCBkYXRhIGJhY2sgdG8gaW5pdGlhdG9yXHJcbiAgICAgICAgcGJrOiBpbml0aWF0b3JQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMgZW5jcnlwdGlvbiBrZXlcclxuICAgICAgICBzaWdQYms6IGluaXRpYXRvclNpZ1Byay5qd2sudG9KU09OKCksIC8vIHB1YmxpYyBzaWduaW5nIGtleVxyXG4gICAgICB9LFxyXG4gICAgfTtcclxuXHJcbiAgICBjb25zdCBvdEtleUNpcGhlciA9IGF3YWl0IHRoaXMua2V5R3JhcGguZW5jcnlwdFRvU3RyaW5nKFxyXG4gICAgICBvdEtleSxcclxuICAgICAgcGxhaW5PdEtleUNpcGhlclxyXG4gICAgKTtcclxuXHJcbiAgICAvLyBDb250ZW50IHRvIGJlIGVuY3J5cHRlZCB1c2luZyB0aGUgaW5pdGlhdG9yJ3Mgcm9vdCBrZXkuXHJcbiAgICBjb25zdCBpbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uOiBJbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uMiA9IHtcclxuICAgICAgbm9uY2UsXHJcbiAgICAgIG9uZVRpbWVQcms6IGluaXRpYXRvck9uZVRpbWVQcmsudG9KU09OKHRydWUpLFxyXG4gICAgICAvLyBTaG91bGQgbm90IG5lZWQgdG8ga2VlcCB0aGlzIGVuY3J5cHRlZCBzaW5jZSB3ZSBhcmUgdXNpbmcgdGhlIGdsb2JhbCBzaWduaW5nIGtleS5cclxuICAgICAgLy8gc2lnUHJrOiBpbml0aWF0b3JTaWdQcmsudG9KU09OKHRydWUpLFxyXG5cclxuICAgICAgLy8gU2F2ZSBpdCBpbiBjYXNlIHRoZSBpbml0aWF0b3Igd2FudCB0byBkZWNvZGUgdGhlIG90S2V5Q2lwaGVyLlxyXG4gICAgICAvLyBTaW5jZSB0aGUgb3RLZXkgaXMgb25seSB1c2VkIG9uY2UsIGFuZCB0aGF0IG90S2V5Q2lwaGVyIGNvbnRhaW5zIG9ubHlcclxuICAgICAgLy8gdGhlIHB1YmxpYyBrZXkgb2YgdGhlIGluaXRpYXRvciwgaXQncyBzYWZlIGp1c3QgbGVhdmUgdGhlIG90S2V5IHN0b3JlZCBoZXJlLlxyXG4gICAgICBvdEtleTogb3RLZXkudG9KU09OKHRydWUpLFxyXG4gICAgICAvLyBUaGVzZSBzaG91bGQgYmUgc3RvcmluZyBpbmZvcm1hdGlvbiBzdWNoIGFzIGhvdyB0aGUgZmllbGRzIG9mIHRoZSBzaGFyZWQgY29udGFjdCBjYXJkIGlzXHJcbiAgICAgIC8vIGRlcml2ZWQgZnJvbSB0aGUgbWFzdGVyIGNvbnRhY3QgY2FyZC5cclxuICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmQ6IGNvbnRhY3RDYXJkLFxyXG4gICAgICBpbml0aWF0b3IsXHJcbiAgICB9O1xyXG5cclxuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcclxuICAgIGNvbnN0IGluaXRpYXRvclJvb3RLZXlDaXBoZXIgPSBhd2FpdCB0aGlzLmtleUdyYXBoLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgcm9vdEtleS5qd2ssXHJcbiAgICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb25cclxuICAgICk7XHJcblxyXG4gICAgLy8gVGhlIHJhdyBPVEtcclxuICAgIGNvbnN0IG90S2V5Szogc3RyaW5nID0gKG90S2V5LnRvSlNPTih0cnVlKSBhcyBhbnkpLms7XHJcblxyXG4gICAgLy8gQVBJIGNhbGxcclxuICAgIGNvbnN0IGxyTXV0YXRpb24gPSBuZXcgTHJNdXRhdGlvbih7XHJcbiAgICAgIG11dGF0aW9uOiBJbml0aWF0ZUtleUV4Y2hhbmdlT3RrTXV0YXRpb24sXHJcbiAgICAgIHZhcmlhYmxlczoge1xyXG4gICAgICAgIGlucHV0OiB7XHJcbiAgICAgICAgICAvLyBUaGVzZSB3aWxsIGJlIHN0b3JlZCBvbiB0aGUgc2VydmVyXHJcbiAgICAgICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyLFxyXG4gICAgICAgICAgaW5pdGlhdG9yUHhrSWQ6IGluaXRpYXRvclByay5pZCxcclxuICAgICAgICAgIGluaXRpYXRvclNpZ1B4a0lkOiBpbml0aWF0b3JTaWdQcmsuaWQsXHJcbiAgICAgICAgICAvLyBUaGVzZSB3aWxsIGJlIHNlbnQgdG8gdGhlIHJlc3BvbmRlclxyXG4gICAgICAgICAgb3RLZXlQYXJhbXM6IEpTT04uc3RyaW5naWZ5KG90S2V5LnRvSlNPTigpKSxcclxuICAgICAgICAgIG90S2V5Q2lwaGVyLFxyXG4gICAgICAgICAgc2VuZEVtYWlsOiBlbWFpbCAmJiB7XHJcbiAgICAgICAgICAgIGVtYWlsLFxyXG4gICAgICAgICAgICByYXdPdEtleTogb3RLZXlLLFxyXG4gICAgICAgICAgfSxcclxuICAgICAgICAgIGNyZWF0ZVRwOiB0cnVlLFxyXG4gICAgICAgICAgaW5pdGlhdG9yUGxhaW5EYXRhU2lnLFxyXG4gICAgICAgICAgdXBncmFkZSxcclxuICAgICAgICB9LFxyXG4gICAgICB9LFxyXG4gICAgfSk7XHJcblxyXG4gICAgcmV0dXJuIHsgbHJNdXRhdGlvbiwgb3RLZXlLIH07XHJcbiAgfVxyXG5cclxuICBhc3luYyByZXNwb25kT3RrKHtcclxuICAgIGtleUV4Y2hhbmdlSWQsXHJcbiAgICB0b2tlbixcclxuICAgIGRlY3J5cHRlZE90ayxcclxuICAgIG1lc3NhZ2UsXHJcbiAgICBpbml0aWF0b3JDb250YWN0Q2FyZCxcclxuICAgIHJlc3BvbmRlckNvbnRhY3RDYXJkLFxyXG4gIH06IFJlc3BvbmRPdGtJbnB1dDIpIHtcclxuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcclxuXHJcbiAgICBjb25zdCBtYXN0ZXJLZXlJZCA9IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50TWFzdGVyS2V5KCkuaWQ7XHJcbiAgICBjb25zdCBtYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudE1hc3RlcktleSgpO1xyXG5cclxuICAgIGNvbnN0IHNoYXJlZEtleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcclxuICAgIGNvbnN0IG1rU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xyXG5cclxuICAgIGNvbnN0IHJrV3JhcHBlZFNoYXJlZEtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgcm9vdEtleS5qd2ssXHJcbiAgICAgIHNoYXJlZEtleS50b0pTT04odHJ1ZSlcclxuICAgICk7XHJcbiAgICBjb25zdCBta1dyYXBwZWRNa1NoYXJlZEtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgbWFzdGVyS2V5Lmp3ayxcclxuICAgICAgbWtTaGFyZWRLZXkudG9KU09OKHRydWUpXHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IGluaXRpYXRvck9uZVRpbWVQYmsgPSBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShcclxuICAgICAgZGVjcnlwdGVkT3RrLm90S2V5Q2lwaGVyQ2xlYXJKc29uLmluaXRpYXRvci5vbmVUaW1lUGJrXHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IGluaXRpYXRvclBiayA9IGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxyXG4gICAgICBkZWNyeXB0ZWRPdGsub3RLZXlDaXBoZXJDbGVhckpzb24uaW5pdGlhdG9yLnBia1xyXG4gICAgKTtcclxuICAgIGNvbnN0IGluaXRpYXRvclNpZ1BiayA9IGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxyXG4gICAgICBkZWNyeXB0ZWRPdGsub3RLZXlDaXBoZXJDbGVhckpzb24uaW5pdGlhdG9yLnNpZ1Bia1xyXG4gICAgKTtcclxuXHJcbiAgICAvLyBPcHRpb24gMTogVXNpbmcgbmV3IFByayBmb3IgZWFjaCBUUCBwYWlyXHJcbiAgICAvLyBDcmVhdGUgYSBuZXcgcHVibGljIHNpZ25pbmcga2V5IGZvciB0aGUgcmVzcG9uZGVyLlxyXG4gICAgLy8gY29uc3QgcmVzcG9uZGVyU2lnUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmNyZWF0ZVBrY1NpZ25LZXkoKVxyXG4gICAgLy8gY29uc3QgcmtXcmFwcGVkUmVzcG9uZGVyU2lnUHJrID0gYXdhaXQgdGhpcy5lbmNyeXB0KHJvb3RLZXksIHJlc3BvbmRlclNpZ1Byay50b0pTT04odHJ1ZSkpO1xyXG5cclxuICAgIC8vIE9wdGlvbiAyOiBSZXNwb25kZXIgYWxyZWFkeSBoYXMgYSBzaWduaW5nIFBya1xyXG4gICAgY29uc3QgcmVzcG9uZGVyUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRQeGsoKTtcclxuICAgIGNvbnN0IHJlc3BvbmRlclNpZ1ByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50U2lnUHhrKCk7XHJcblxyXG4gICAgY29uc3Qgc2lnbmVkSW5pdGlhdG9yUGJrID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKFxyXG4gICAgICByZXNwb25kZXJTaWdQcmsuandrLFxyXG4gICAgICBpbml0aWF0b3JQYmsudG9KU09OKClcclxuICAgICk7XHJcbiAgICBjb25zdCBzaWduZWRJbml0aWF0b3JTaWdQYmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXHJcbiAgICAgIHJlc3BvbmRlclNpZ1Byay5qd2ssXHJcbiAgICAgIGluaXRpYXRvclNpZ1Biay50b0pTT04oKVxyXG4gICAgKTtcclxuXHJcbiAgICBjb25zdCBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uOiBJbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uID0ge1xyXG4gICAgICBub25jZTogZGVjcnlwdGVkT3RrLm90S2V5Q2lwaGVyQ2xlYXJKc29uLm5vbmNlLFxyXG4gICAgICBzaGFyZWRLZXk6IHNoYXJlZEtleS50b0pTT04odHJ1ZSksXHJcbiAgICAgIG1rU2hhcmVkS2V5OiBta1NoYXJlZEtleS50b0pTT04odHJ1ZSksXHJcbiAgICAgIHJlc3BvbmRlcjoge1xyXG4gICAgICAgIHBiazogcmVzcG9uZGVyUHJrLmp3ay50b0pTT04oKSwgLy8gcHVibGljIGtleVxyXG4gICAgICAgIHNpZ1BiazogcmVzcG9uZGVyU2lnUHJrLmp3ay50b0pTT04oKSwgLy8gcHVibGljIGtleVxyXG4gICAgICAgIG1lc3NhZ2UsXHJcbiAgICAgIH0sXHJcbiAgICB9O1xyXG5cclxuICAgIGxldCByZWNlaXZlZENhcmRJbnB1dDtcclxuICAgIGlmIChkZWNyeXB0ZWRPdGsub3RLZXlDaXBoZXJDbGVhckpzb24uaW5pdGlhdG9yLmNvbnRhY3RDYXJkKSB7XHJcbiAgICAgIC8vIFNldCB0aGUgaW5mbyBhYm91dCB0aGUgaW5pdGlhdG9yIHRvIGJlIHRoZSBvbmVzIHNlbnQgYnkgdGhlIGluaXRpYXRvci4gV2UgbmVlZCB0aCByZXNwb25kZXIgdG8gZG8gdGhlIGVuY3J5cHRpb24gaGVyZVxyXG4gICAgICAvLyBiZWNhdXNlIHRoZSBpbml0aWF0b3IgZG9lcyBub3QgaGF2ZSB0aGUgc2hhcmVkIGtleSB5ZXQsIGFuZCB3ZSB3YW50IHRoZSByZXNwb25kZXIgdG8gaGF2ZSBhIGZ1bmN0aW9uYWwgY29udGFjdCBjYXJkIGFmdGVyXHJcbiAgICAgIC8vIHRoaXMgZXhjaGFuZ2UuIFRoZSBpbml0aWF0b3IgY2FuIGRvdWJsZSBjaGVjayB0aGUgY29udGFjdCBkZXRhaWxzIGFyZSBjb3JyZWN0IGFuZCBzaWduIGl0IHdoZW4gaXQgY29tcGxldGVzIHRoZSBleGNoYW5nZS5cclxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbiA9XHJcbiAgICAgICAgZGVjcnlwdGVkT3RrLm90S2V5Q2lwaGVyQ2xlYXJKc29uLmluaXRpYXRvci5jb250YWN0Q2FyZFxyXG4gICAgICAgICAgLnNoYXJlZENpcGhlckRhdGFDbGVhckpzb247XHJcblxyXG4gICAgICAvLyBDcmVhdGUga2V5c1xyXG4gICAgICBjb25zdCByZWNlaXZlcktleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcclxuICAgICAgY29uc3QgY2NTaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XHJcbiAgICAgIGNvbnN0IHNpZ1B4ayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50U2lnUHhrKCk7XHJcblxyXG4gICAgICByZWNlaXZlZENhcmRJbnB1dCA9IHtcclxuICAgICAgICByZWNlaXZlcldyYXBwZWRLZXk6IEpTT04uc3RyaW5naWZ5KFxyXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICAgICAgICByb290S2V5Lmp3ayxcclxuICAgICAgICAgICAgcmVjZWl2ZXJLZXkudG9KU09OKHRydWUpXHJcbiAgICAgICAgICApXHJcbiAgICAgICAgKSxcclxuICAgICAgICByZWNlaXZlcldyYXBwaW5nS2V5SWQ6IHJvb3RLZXkuaWQsXHJcbiAgICAgICAgcmVjZWl2ZXJDaXBoZXJEYXRhOiBpbml0aWF0b3JDb250YWN0Q2FyZFxyXG4gICAgICAgICAgPyBKU09OLnN0cmluZ2lmeShcclxuICAgICAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXHJcbiAgICAgICAgICAgICAgICByZWNlaXZlcktleSxcclxuICAgICAgICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkLnJlY2VpdmVyQ2lwaGVyRGF0YUNsZWFySnNvblxyXG4gICAgICAgICAgICAgIClcclxuICAgICAgICAgICAgKVxyXG4gICAgICAgICAgOiAnJyxcclxuICAgICAgICBzaGFyZWRXcmFwcGVkS2V5OiBKU09OLnN0cmluZ2lmeShcclxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgICAgICAgc2hhcmVkS2V5LFxyXG4gICAgICAgICAgICBjY1NoYXJlZEtleS50b0pTT04odHJ1ZSlcclxuICAgICAgICAgIClcclxuICAgICAgICApLFxyXG4gICAgICB9O1xyXG5cclxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgICBjY1NoYXJlZEtleSxcclxuICAgICAgICBzaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uXHJcbiAgICAgICk7XHJcbiAgICAgIHJlY2VpdmVkQ2FyZElucHV0LnNoYXJlZENpcGhlckRhdGFTaWcgPSBKU09OLnN0cmluZ2lmeShcclxuICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oc2lnUHhrLmp3aywgc2hhcmVkQ2lwaGVyRGF0YSlcclxuICAgICAgKTtcclxuICAgICAgcmVjZWl2ZWRDYXJkSW5wdXQuc2lnUHhrSWQgPSBzaWdQeGsuaWQ7XHJcblxyXG4gICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uLnJlc3BvbmRlci5jb250YWN0Q2FyZCA9IHtcclxuICAgICAgICAuLi5pbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uLnJlc3BvbmRlci5jb250YWN0Q2FyZCxcclxuICAgICAgICBzaGFyZWRDaXBoZXJLZXk6IGNjU2hhcmVkS2V5LnRvSlNPTih0cnVlKSxcclxuICAgICAgfTtcclxuICAgIH1cclxuXHJcbiAgICBsZXQgcmVzcG9uZGVyQ2FyZElucHV0O1xyXG4gICAgaWYgKHJlc3BvbmRlckNvbnRhY3RDYXJkKSB7XHJcbiAgICAgIC8vIENyZWF0ZSBrZXlzXHJcbiAgICAgIGNvbnN0IG93bmVyS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xyXG4gICAgICBjb25zdCBjY1NoYXJlZEtleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcclxuICAgICAgY29uc3Qgc2lnUHhrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRTaWdQeGsoKTtcclxuXHJcbiAgICAgIHJlc3BvbmRlckNhcmRJbnB1dCA9IHtcclxuICAgICAgICBvd25lcldyYXBwZWRLZXk6IEpTT04uc3RyaW5naWZ5KFxyXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICAgICAgICByb290S2V5Lmp3ayxcclxuICAgICAgICAgICAgb3duZXJLZXkudG9KU09OKHRydWUpXHJcbiAgICAgICAgICApXHJcbiAgICAgICAgKSxcclxuICAgICAgICBvd25lcldyYXBwaW5nS2V5SWQ6IHJvb3RLZXkuaWQsXHJcbiAgICAgICAgb3duZXJDaXBoZXJEYXRhOiByZXNwb25kZXJDb250YWN0Q2FyZC5vd25lckNpcGhlckRhdGFDbGVhckpzb25cclxuICAgICAgICAgID8gSlNPTi5zdHJpbmdpZnkoXHJcbiAgICAgICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICAgICAgICAgICAgb3duZXJLZXksXHJcbiAgICAgICAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5vd25lckNpcGhlckRhdGFDbGVhckpzb25cclxuICAgICAgICAgICAgICApXHJcbiAgICAgICAgICAgIClcclxuICAgICAgICAgIDogJycsXHJcblxyXG4gICAgICAgIHNoYXJlZFdyYXBwZWRLZXk6IEpTT04uc3RyaW5naWZ5KFxyXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICAgICAgICBzaGFyZWRLZXksXHJcbiAgICAgICAgICAgIGNjU2hhcmVkS2V5LnRvSlNPTih0cnVlKVxyXG4gICAgICAgICAgKVxyXG4gICAgICAgICksXHJcbiAgICAgIH07XHJcblxyXG4gICAgICBjb25zdCBzaGFyZWRDaXBoZXJEYXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICAgIGNjU2hhcmVkS2V5LFxyXG4gICAgICAgIHJlc3BvbmRlckNvbnRhY3RDYXJkLnNoYXJlZENpcGhlckRhdGFDbGVhckpzb25cclxuICAgICAgKTtcclxuICAgICAgcmVzcG9uZGVyQ2FyZElucHV0LnNoYXJlZENpcGhlckRhdGFTaWcgPSBKU09OLnN0cmluZ2lmeShcclxuICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oc2lnUHhrLmp3aywgc2hhcmVkQ2lwaGVyRGF0YSlcclxuICAgICAgKTtcclxuICAgICAgcmVzcG9uZGVyQ2FyZElucHV0LnNpZ1B4a0lkID0gc2lnUHhrLmlkO1xyXG5cclxuICAgICAgaWYgKHJlc3BvbmRlckNvbnRhY3RDYXJkLm93bmVyUGxhaW5EYXRhSnNvbikge1xyXG4gICAgICAgIHJlc3BvbmRlckNhcmRJbnB1dC5vd25lclBsYWluRGF0YVNpZyA9IEpTT04uc3RyaW5naWZ5KFxyXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKFxyXG4gICAgICAgICAgICByZXNwb25kZXJTaWdQcmsuandrLFxyXG4gICAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5vd25lclBsYWluRGF0YUpzb25cclxuICAgICAgICAgIClcclxuICAgICAgICApO1xyXG4gICAgICB9XHJcblxyXG4gICAgICAvLyBDb250YWN0IGNhcmQgaW5mbyByZWFkYWJsZSBieSB0aGUgaW5pdGlhdG9yXHJcbiAgICAgIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb24ucmVzcG9uZGVyLmNvbnRhY3RDYXJkID0ge1xyXG4gICAgICAgIC4uLmluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb24ucmVzcG9uZGVyLmNvbnRhY3RDYXJkLFxyXG4gICAgICAgIHNoYXJlZENpcGhlckRhdGFDbGVhckpzb246XHJcbiAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uLFxyXG4gICAgICB9O1xyXG4gICAgfVxyXG5cclxuICAgIC8vIEVuY3J5cHQgd2l0aCBvbmUtdGltZSBwdWJsaWMga2V5XHJcbiAgICBsZXQgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlciA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgaW5pdGlhdG9yT25lVGltZVBiayxcclxuICAgICAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlckNsZWFySnNvblxyXG4gICAgKTtcclxuXHJcbiAgICAvLyBFbmNyeXB0IHdpdGggdGhlIG90ayBhZ2FpbiB0byBrZWVwIHVzZSBvZiBhc3ltbWV0cmljIGtleXMgdG8gYSBtaW5pbXVtLlxyXG4gICAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlciA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgZGVjcnlwdGVkT3RrLm90S2V5LFxyXG4gICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyXHJcbiAgICApO1xyXG5cclxuICAgIHJldHVybiBuZXcgTHJNdXRhdGlvbih7XHJcbiAgICAgIG11dGF0aW9uOiBSZXNwb25kS2V5RXhjaGFuZ2VPdGtNdXRhdGlvbixcclxuICAgICAgdmFyaWFibGVzOiB7XHJcbiAgICAgICAgaW5wdXQ6IHtcclxuICAgICAgICAgIGtleUV4Y2hhbmdlSWQsXHJcbiAgICAgICAgICBrZXlFeGNoYW5nZVRva2VuOiB0b2tlbixcclxuICAgICAgICAgIHJvb3RLZXlJZDogcm9vdEtleS5pZCxcclxuICAgICAgICAgIG1hc3RlcktleUlkLFxyXG4gICAgICAgICAgLy8gVGhlc2Ugd2lsbCBiZSBzdG9yZWQgb24gdGhlIHNlcnZlclxyXG4gICAgICAgICAgcmVzcG9uZGVyUHhrSWQ6IHJlc3BvbmRlclByay5pZCxcclxuICAgICAgICAgIHJlc3BvbmRlclNpZ1B4a0lkOiByZXNwb25kZXJTaWdQcmsuaWQsXHJcbiAgICAgICAgICBzaWduZWRJbml0aWF0b3JQYms6IEpTT04uc3RyaW5naWZ5KHNpZ25lZEluaXRpYXRvclBiayksXHJcbiAgICAgICAgICBzaWduZWRJbml0aWF0b3JTaWdQYms6IEpTT04uc3RyaW5naWZ5KHNpZ25lZEluaXRpYXRvclNpZ1BiayksXHJcbiAgICAgICAgICAvLyBya1dyYXBwZWRJbml0aWF0b3JTaWdQYms6IEpTT04uc3RyaW5naWZ5KHJrV3JhcHBlZEluaXRpYXRvclNpZ1BiayksXHJcblxyXG4gICAgICAgICAgLy8gT3B0aW9uIDE6IFVzaW5nIG5ldyBQcmsgZm9yIGVhY2ggVFAgcGFpclxyXG4gICAgICAgICAgLy8gcmtXcmFwcGVkUmVzcG9uZGVyU2lnUHJrOiBKU09OLnN0cmluZ2lmeShya1dyYXBwZWRSZXNwb25kZXJTaWdQcmspLFxyXG4gICAgICAgICAgcmtXcmFwcGVkU2hhcmVkS2V5OiBKU09OLnN0cmluZ2lmeShya1dyYXBwZWRTaGFyZWRLZXkpLFxyXG4gICAgICAgICAgbWtXcmFwcGVkTWtTaGFyZWRLZXk6IEpTT04uc3RyaW5naWZ5KG1rV3JhcHBlZE1rU2hhcmVkS2V5KSxcclxuICAgICAgICAgIC8vIFRoZXNlIHdpbGwgYmUgc2VudCB0byB0aGUgaW5pdGlhdG9yXHJcbiAgICAgICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyOiBKU09OLnN0cmluZ2lmeShpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyKSxcclxuICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkOiByZWNlaXZlZENhcmRJbnB1dCxcclxuICAgICAgICAgIHJlc3BvbmRlckNvbnRhY3RDYXJkOiByZXNwb25kZXJDYXJkSW5wdXQsXHJcbiAgICAgICAgfSxcclxuICAgICAgfSxcclxuICAgIH0pO1xyXG4gIH1cclxuXHJcbiAgYXN5bmMgY29tcGxldGVPdGsoe1xyXG4gICAga2V5RXhjaGFuZ2VJZCxcclxuICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXIsXHJcbiAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLFxyXG4gICAgcmVzcG9uZGVyQ29udGFjdENhcmQsXHJcbiAgICBpbml0aWF0b3JDb250YWN0Q2FyZCxcclxuICB9OiBDb21wbGV0ZU90a0lucHV0Mikge1xyXG4gICAgY29uc3Qgcm9vdEtleSA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50Um9vdEtleSgpO1xyXG4gICAgY29uc3QgbWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRNYXN0ZXJLZXkoKTtcclxuXHJcbiAgICAvLyBEZWNyeXB0IHVzaW5nIHRoZSByb290IGtleSB0byBnZXQgdGhlIFBya1xyXG4gICAgY29uc3QgaW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbiA9IChhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXHJcbiAgICAgIHJvb3RLZXkuandrLFxyXG4gICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyXHJcbiAgICApKSBhcyBJbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uMjtcclxuXHJcbiAgICAvLyBUaGUgUHJrIGlzIHNpbmdsZS11c2UgYW5kIG9ubHkgdXNlZCB0byBzZW5kIGluZm9ybWF0aW9uIGZyb20gdGhlIHJlc3BvbmRlciBiYWNrIHRvIHRoZSBpbml0aWF0b3IuXHJcbiAgICBjb25zdCBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIgPSBhd2FpdCB0aGlzLmRlY3J5cHRSZXNwb25zZUNpcGhlcihcclxuICAgICAgYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoaW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbi5vdEtleSksXHJcbiAgICAgIGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24ub25lVGltZVByayksXHJcbiAgICAgIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJcclxuICAgICk7XHJcblxyXG4gICAgLy8gQ2hlY2sgdGhlIG5vbmNlIG1hdGNoIHRvIGVuc3VyZSB0aGUgcmVzcG9uZGVyIHdhcyB0aGUgb25lIGhvbGRpbmcgdGhlIE9US1xyXG4gICAgaWYgKFxyXG4gICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uLm5vbmNlICE9PVxyXG4gICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIubm9uY2VcclxuICAgICkge1xyXG4gICAgICB0aHJvdyBuZXcgTHJDb2RlTWlzbWF0Y2hFeGNlcHRpb24oXHJcbiAgICAgICAgJ1RoZSBub25jZSByZXR1cm5lZCBieSByZXNwb25kZXIgZG9lcyBub3QgbWF0Y2ggd2l0aCB0aGUgb25lIGNyZWF0ZWQgYnkgdGhlIGluaXRpYXRvci4nXHJcbiAgICAgICk7XHJcbiAgICB9XHJcblxyXG4gICAgLy8gT3B0aW9uIDE6IEFzc3VtaW5nIHRoZSBzaWduaW5nIGtleSBpcyB1bmlxdWUgYmV0d2VlbiB1c2Vycy5cclxuICAgIC8vIGNvbnN0IGluaXRpYXRvclNpZ1ByayA9IGF3YWl0IEtGUy5hc0tleShrZS5wbGFpbkluaXRpYXRvclJvb3RLZXlDaXBoZXIuc2lnUHJrKTtcclxuICAgIC8vIGNvbnN0IHJrV3JhcHBlZEluaXRpYXRvclNpZ1ByayA9IGF3YWl0IHRoaXMuZW5jcnlwdChyb290S2V5LCBpbml0aWF0b3JTaWdQcmsudG9KU09OKHRydWUpKTtcclxuXHJcbiAgICAvLyBPcHRpb24gMjogVXNlIHRoZSB1c2VyJ3MgZ2xvYmFsIHNpZ25pbmcga2V5LlxyXG4gICAgLy8gSW4gdGhpcyBjYXNlIHRoZSBpbml0aWF0b3JTaWdQcmsgaXMgYWxyZWFkeSBhIHBhcnQgb2YgdGhlIGtleSBncmFwaC5cclxuICAgIC8vIFNvIHRoZXJlJ3Mgbm90aGluZyB0byBkbyBoZXJlLlxyXG5cclxuICAgIC8vIFByb3RlY3RlZCB0aGUgc2lnbmluZyBwdWJsaWMga2V5IG9mIHRoZSByZXNwb25kZXIuXHJcbiAgICBjb25zdCBpbml0aWF0b3JTaWdQcmsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFNpZ1B4aygpO1xyXG4gICAgY29uc3QgcmVzcG9uZGVyU2lnUGJrID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXHJcbiAgICAgIHBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlci5yZXNwb25kZXIuc2lnUGJrXHJcbiAgICApO1xyXG4gICAgY29uc3QgcmVzcG9uZGVyUGJrID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXHJcbiAgICAgIHBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlci5yZXNwb25kZXIucGJrXHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IHNpZ25lZFJlc3BvbmRlclBiayA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihcclxuICAgICAgaW5pdGlhdG9yU2lnUHJrLmp3ayxcclxuICAgICAgcmVzcG9uZGVyUGJrLnRvSlNPTigpXHJcbiAgICApO1xyXG4gICAgY29uc3Qgc2lnbmVkUmVzcG9uZGVyU2lnUGJrID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKFxyXG4gICAgICBpbml0aWF0b3JTaWdQcmsuandrLFxyXG4gICAgICByZXNwb25kZXJTaWdQYmsudG9KU09OKClcclxuICAgICk7XHJcblxyXG4gICAgY29uc3Qgc2hhcmVkS2V5ID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXHJcbiAgICAgIHBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlci5zaGFyZWRLZXlcclxuICAgICk7XHJcbiAgICBjb25zdCBya1dyYXBwZWRTaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXHJcbiAgICAgIHJvb3RLZXkuandrLFxyXG4gICAgICBzaGFyZWRLZXkudG9KU09OKHRydWUpXHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IG1rU2hhcmVkS2V5ID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXHJcbiAgICAgIHBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlci5ta1NoYXJlZEtleVxyXG4gICAgKTtcclxuICAgIGNvbnN0IG1rV3JhcHBlZE1rU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICBtYXN0ZXJLZXkuandrLFxyXG4gICAgICBta1NoYXJlZEtleS50b0pTT04odHJ1ZSlcclxuICAgICk7XHJcblxyXG4gICAgbGV0IHJlc3BvbmRlckNvbnRhY3RDYXJkQ2lwaGVySW5wdXQ7XHJcbiAgICBpZiAocmVzcG9uZGVyQ29udGFjdENhcmQpIHtcclxuICAgICAgLy8gQ3JlYXRlIGtleVxyXG4gICAgICBjb25zdCByZWNlaXZlcktleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcclxuXHJcbiAgICAgIHJlc3BvbmRlckNvbnRhY3RDYXJkQ2lwaGVySW5wdXQgPSB7XHJcbiAgICAgICAgcmVjZWl2ZXJXcmFwcGVkS2V5OiBKU09OLnN0cmluZ2lmeShcclxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgICAgICAgcm9vdEtleS5qd2ssXHJcbiAgICAgICAgICAgIHJlY2VpdmVyS2V5LnRvSlNPTih0cnVlKVxyXG4gICAgICAgICAgKVxyXG4gICAgICAgICksXHJcbiAgICAgICAgcmVjZWl2ZXJXcmFwcGluZ0tleUlkOiByb290S2V5LmlkLFxyXG4gICAgICAgIHJlY2VpdmVyQ2lwaGVyRGF0YTogSlNPTi5zdHJpbmdpZnkoXHJcbiAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXHJcbiAgICAgICAgICAgIHJlY2VpdmVyS2V5LFxyXG4gICAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5yZWNlaXZlckNpcGhlckRhdGFDbGVhckpzb25cclxuICAgICAgICAgIClcclxuICAgICAgICApLFxyXG4gICAgICB9O1xyXG4gICAgfVxyXG5cclxuICAgIC8vIEdldCB0aGUgZGF0YSBuZWVkZWQgZnJvbSB0aGUgaW5pdGlhdG9yJ3MgY2lwaGVyIGRhdGEuXHJcbiAgICBsZXQgaW5pdGlhdG9yQ29udGFjdENhcmRDaXBoZXJJbnB1dDtcclxuICAgIGxldCBpbml0aWF0b3JDb250YWN0Q2FyZFNoYXJlZENpcGhlcklucHV0O1xyXG4gICAgaWYgKGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24uaW5pdGlhdG9yQ29udGFjdENhcmQpIHtcclxuICAgICAgLy8gVGhlIGluaXRpYXRvckNvbnRhY3RDYXJkIGNyZWF0ZWQgZHVyaW5nIHRoZSBjcmVhdGlvbiBvZiB0aGUgaW52aXRlIGFuZCBlbmNyeXB0ZWQgdXNpbmcgdGhlIGluaXRpYXRvcidzXHJcbiAgICAgIC8vIHJvb3Qga2V5XHJcbiAgICAgIGNvbnN0IGluaXRpYXRvckNvbnRhY3RDYXJkRnJvbUluaXQgPVxyXG4gICAgICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24uaW5pdGlhdG9yQ29udGFjdENhcmQ7XHJcbiAgICAgIGNvbnN0IG93bmVyS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xyXG4gICAgICBjb25zdCBzaGFyZWRDaXBoZXJLZXkgPSBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShcclxuICAgICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIucmVzcG9uZGVyLmNvbnRhY3RDYXJkLnNoYXJlZENpcGhlcktleVxyXG4gICAgICApO1xyXG5cclxuICAgICAgY29uc3Qgb3duZXJXcmFwcGVkS2V5ID0gSlNPTi5zdHJpbmdpZnkoXHJcbiAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KHJvb3RLZXkuandrLCBvd25lcktleS50b0pTT04odHJ1ZSkpXHJcbiAgICAgICk7XHJcblxyXG4gICAgICAvLyBBbGxvdyB0aGUgaW5pdGlhdG9yQ29udGFjdENhcmQgcGFyYW1ldGVyIHRvIG92ZXJyaWRlXHJcbiAgICAgIGNvbnN0IG93bmVyQ2lwaGVyRGF0YUNsZWFySnNvbiA9XHJcbiAgICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmQ/Lm93bmVyQ2lwaGVyRGF0YUNsZWFySnNvbiB8fFxyXG4gICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkRnJvbUluaXQub3duZXJDaXBoZXJEYXRhQ2xlYXJKc29uO1xyXG5cclxuICAgICAgY29uc3Qgb3duZXJDaXBoZXJEYXRhID0gb3duZXJDaXBoZXJEYXRhQ2xlYXJKc29uXHJcbiAgICAgICAgPyBhd2FpdCB0aGlzLmtleUdyYXBoLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgICAgICAgb3duZXJLZXksXHJcbiAgICAgICAgICAgIG93bmVyQ2lwaGVyRGF0YUNsZWFySnNvblxyXG4gICAgICAgICAgKVxyXG4gICAgICAgIDogJyc7XHJcblxyXG4gICAgICBpbml0aWF0b3JDb250YWN0Q2FyZENpcGhlcklucHV0ID0ge1xyXG4gICAgICAgIG93bmVyV3JhcHBlZEtleSxcclxuICAgICAgICBvd25lcldyYXBwaW5nS2V5SWQ6IHJvb3RLZXkuaWQsXHJcbiAgICAgICAgb3duZXJDaXBoZXJEYXRhLFxyXG4gICAgICB9O1xyXG5cclxuICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmRTaGFyZWRDaXBoZXJJbnB1dCA9IHtcclxuICAgICAgICBzaWdQeGtJZDogaW5pdGlhdG9yU2lnUHJrLmlkLFxyXG4gICAgICB9O1xyXG5cclxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgICBzaGFyZWRDaXBoZXJLZXksXHJcbiAgICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmRGcm9tSW5pdC5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uXHJcbiAgICAgICk7XHJcbiAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkU2hhcmVkQ2lwaGVySW5wdXQuc2hhcmVkQ2lwaGVyRGF0YVNpZyA9IEpTT04uc3RyaW5naWZ5KFxyXG4gICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihpbml0aWF0b3JTaWdQcmsuandrLCBzaGFyZWRDaXBoZXJEYXRhKVxyXG4gICAgICApO1xyXG4gICAgfVxyXG5cclxuICAgIC8vIFRPRE8gaWRlYWxseSB3ZSB1cGRhdGUgdGhlIHNoYXJlZCBkYXRhIGluIHRoZSBjb250YWN0IGNhcmQgc2VudCB0byB0aGUgcmVzcG9uZGVyIGFzIHdlbGwgc2luY2UgdGhhdFxyXG4gICAgLy8gQ0Mgd2FzIGNyZWF0ZWQgYnkgdGhlIHJlc3BvbmRlci5cclxuXHJcbiAgICByZXR1cm4gbmV3IExyTXV0YXRpb24oe1xyXG4gICAgICBtdXRhdGlvbjogQ29tcGxldGVLZXlFeGNoYW5nZU90a011dGF0aW9uLFxyXG4gICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICBpbnB1dDoge1xyXG4gICAgICAgICAga2V5RXhjaGFuZ2VJZCxcclxuICAgICAgICAgIHJvb3RLZXlJZDogcm9vdEtleS5pZCxcclxuICAgICAgICAgIG1hc3RlcktleUlkOiBtYXN0ZXJLZXkuaWQsXHJcbiAgICAgICAgICBpbml0aWF0b3JTaWdQeGtJZDogaW5pdGlhdG9yU2lnUHJrLmlkLFxyXG4gICAgICAgICAgc2lnbmVkUmVzcG9uZGVyUGJrOiBKU09OLnN0cmluZ2lmeShzaWduZWRSZXNwb25kZXJQYmspLFxyXG4gICAgICAgICAgc2lnbmVkUmVzcG9uZGVyU2lnUGJrOiBKU09OLnN0cmluZ2lmeShzaWduZWRSZXNwb25kZXJTaWdQYmspLFxyXG4gICAgICAgICAgcmtXcmFwcGVkU2hhcmVkS2V5OiBKU09OLnN0cmluZ2lmeShya1dyYXBwZWRTaGFyZWRLZXkpLFxyXG4gICAgICAgICAgbWtXcmFwcGVkTWtTaGFyZWRLZXk6IEpTT04uc3RyaW5naWZ5KG1rV3JhcHBlZE1rU2hhcmVkS2V5KSxcclxuICAgICAgICAgIHJlc3BvbmRlckNvbnRhY3RDYXJkQ2lwaGVyOiByZXNwb25kZXJDb250YWN0Q2FyZENpcGhlcklucHV0LFxyXG4gICAgICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmRDaXBoZXI6IGluaXRpYXRvckNvbnRhY3RDYXJkQ2lwaGVySW5wdXQsXHJcbiAgICAgICAgICBpbml0aWF0b3JDb250YWN0Q2FyZFNoYXJlZENpcGhlcjogaW5pdGlhdG9yQ29udGFjdENhcmRTaGFyZWRDaXBoZXJJbnB1dCxcclxuICAgICAgICB9LFxyXG4gICAgICB9LFxyXG4gICAgfSk7XHJcbiAgfVxyXG59XHJcbiJdfQ==
+import { __awaiter, __decorate } from "tslib";
+import { Injectable, NgZone } from '@angular/core';
+import { EncryptionService, JoseSerialization, } from '../cryptography/encryption.service';
+import { KeyFactoryService } from '../cryptography/key-factory.service';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import { KeyService } from '../cryptography/key.service';
+import { LrCodeMismatchException } from '../_common/exceptions';
+import { RunOutsideAngular } from '../_common/run-outside-angular';
+import { UserService } from './../users/user.service';
+import { CancelKeyExchangeMutation, CompleteKeyExchangeOtkMutation, CurrentUserSharedKeyQuery2, DeclineKeyExchangeMutation, InitiateKeyExchangeOtkMutation, KeyExchangeQuery2, KeyExchangesQuery2, KeyExchangeTokenQuery2, RespondKeyExchangeOtkMutation, } from './key-exchange2.gql';
+import { LrGraphQLService, LrMutation } from './lr-graphql';
+import * as i0 from "@angular/core";
+import * as i1 from "../cryptography/key-factory.service";
+import * as i2 from "../cryptography/key.service";
+import * as i3 from "../cryptography/encryption.service";
+import * as i4 from "../users/user.service";
+import * as i5 from "../cryptography/key-graph.service";
+import * as i6 from "./lr-graphql/lr-graphql.service";
+let KeyExchange2Service = class KeyExchange2Service {
+    constructor(ngZone, keyFactory, keyService, encryptionService, userService, keyGraph, lrGraphQL) {
+        this.ngZone = ngZone;
+        this.keyFactory = keyFactory;
+        this.keyService = keyService;
+        this.encryptionService = encryptionService;
+        this.userService = userService;
+        this.keyGraph = keyGraph;
+        this.lrGraphQL = lrGraphQL;
+        this.CLIENT_NONCE_LENGTH = 32;
+    }
+    getOtKey(keyExchange, otKeyK) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (otKeyK) {
+                return yield KeyFactoryService.asKey(Object.assign(Object.assign({}, JSON.parse(keyExchange.otk.otKeyParams)), { k: otKeyK }));
+            }
+            else if (keyExchange.otk.state === 'OTK_INITIATED' &&
+                !keyExchange.isInitiator &&
+                keyExchange.otk.responderPbkCipher) {
+                // Assuming existing user getting invited where OTK is wrapped in responder's public key.
+                const prk = yield this.keyService.getCurrentPxk();
+                const decryptedCipher = yield this.encryptionService.decrypt(prk.jwk, JSON.parse(keyExchange.otk.responderPbkCipher), {
+                    serializations: [JoseSerialization.COMPACT],
+                });
+                if (decryptedCipher.otKey) {
+                    return yield KeyFactoryService.asKey(decryptedCipher.otKey);
+                }
+            }
+            return null;
+        });
+    }
+    decryptOtk(keyExchange, otKeyK) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const otKey = yield this.getOtKey(keyExchange, otKeyK);
+            let otk = keyExchange.otk;
+            if (otKey && otk.otKeyCipher) {
+                otk = Object.assign(Object.assign({}, otk), { otKey, otKeyCipherClearJson: yield this.encryptionService.decrypt(otKey, keyExchange.otk.otKeyCipher) });
+            }
+            return Object.assign(Object.assign({}, keyExchange), { otk });
+        });
+    }
+    decryptResponseCipher(otKey, otPrk, content) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // The response could be wrapped by the OtK in addition to the OtPbk
+            try {
+                content = yield this.encryptionService.decrypt(otKey, content);
+            }
+            catch (error) {
+                if (error.message !== 'no key found') {
+                    throw error;
+                }
+                // Do nothing to support older versions where message is not wrapped with otk.
+            }
+            // The Prk is single-use and only used to send information from the responder back to the initiator.
+            return yield this.encryptionService.decrypt(otPrk, content);
+        });
+    }
+    decryptKeyExchangeAsInitiator(keyExchange) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const rootKey = yield this.keyService.getCurrentRootKey();
+            // Decrypt using the root key to get the Prk
+            const initiatorRootKeyCipherClearJson = (yield this.encryptionService.decrypt(rootKey.jwk, keyExchange.initiatorRootKeyCipher));
+            const otKey = yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.otKey);
+            keyExchange = Object.assign(Object.assign({}, keyExchange), { initiatorRootKeyCipherClearJson });
+            let otk = keyExchange.otk;
+            if (otk.initiatorOneTimePbkCipher) {
+                otk = Object.assign(Object.assign({}, otk), { initiatorOneTimePbkCipherClearJson: yield this.decryptResponseCipher(otKey, yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.oneTimePrk), otk.initiatorOneTimePbkCipher) });
+            }
+            if (otk.otKeyCipher) {
+                otk.otKeyCipherClearJson = yield this.encryptionService.decrypt(otKey, otk.otKeyCipher);
+            }
+            return Object.assign(Object.assign({}, keyExchange), { otk });
+        });
+    }
+    decryptKeyExchangeAsResponder(keyExchange, otKeyK) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.decryptOtk(keyExchange, otKeyK);
+        });
+    }
+    decryptKeyExchange(keyExchange, otKeyK) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (keyExchange.isInitiator) {
+                return this.decryptKeyExchangeAsInitiator(keyExchange);
+            }
+            else {
+                return this.decryptKeyExchangeAsResponder(keyExchange, otKeyK);
+            }
+        });
+    }
+    getKeyExchanges({ state } = {}) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { keyExchanges } = yield this.lrGraphQL.query({
+                query: KeyExchangesQuery2,
+                variables: {
+                    state,
+                },
+            });
+            return Promise.all(keyExchanges.edges.map((edge) => this.decryptKeyExchange(edge.node)));
+        });
+    }
+    /**
+     * @param id If the current user can responder the key exchange if they are either the initiator or the receiver.
+     * @param token If not signed in, or not the initiator or responder, 'token' must be given.
+     * @param otKeyK Is the raw one-time key (string). If the responder is explicitly specified at time of initiation, then
+     *   it's possible to have the otKey wrapped by the public key of the responder. In which case, the otKeyK is not needed.
+     */
+    getKeyExchange(id, { otKeyK, token } = {}) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = yield this.lrGraphQL.query({
+                query: token ? KeyExchangeTokenQuery2 : KeyExchangeQuery2,
+                variables: {
+                    id,
+                    token,
+                },
+                includeKeyGraph: !token,
+            });
+            return this.decryptKeyExchange(res.keyExchange, otKeyK);
+        });
+    }
+    getCurrentUserSharedKey(input) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.lrGraphQL.query({
+                query: CurrentUserSharedKeyQuery2,
+                variables: {
+                    username: input.username,
+                    userId: input.userId,
+                },
+            });
+        });
+    }
+    // TODO: deprecate this
+    cancelKeyExchange(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.cancelKeyExchangeMutation(id);
+        });
+    }
+    cancelKeyExchangeMutation(id) {
+        return new LrMutation({
+            mutation: CancelKeyExchangeMutation,
+            variables: {
+                input: {
+                    id,
+                },
+            },
+        });
+    }
+    // TODO: deprecate this
+    declineKeyExchange(id, token) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.declineKeyExchangeMutation(id, token);
+        });
+    }
+    declineKeyExchangeMutation(id, token) {
+        return new LrMutation({
+            mutation: DeclineKeyExchangeMutation,
+            variables: {
+                input: {
+                    id,
+                    token,
+                },
+            },
+        });
+    }
+    initiateOtk({ message, email, contactCard, upgrade, } = {}) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const otKey = yield this.keyFactory.createKey();
+            const nonce = this.keyFactory.randomString(this.CLIENT_NONCE_LENGTH);
+            // New PKC key for encryption. This key is used only once when the responder sends
+            // back their signing public key.
+            const initiatorOneTimePrk = yield this.keyFactory.createPkcKey();
+            // Option 1: New PKC key for signing
+            // const initiatorSigPrk = await this.keyService.createPkcSignKey();
+            // Option 2: Use the user's global signing key.
+            // This key is used to prove the initiator's identity.
+            const initiatorPrk = yield this.keyService.getCurrentPxk();
+            const initiatorSigPrk = yield this.keyService.getCurrentSigPxk();
+            let initiatorPlainDataSig = null;
+            if (contactCard && contactCard.ownerPlainDataJson) {
+                initiatorPlainDataSig = yield this.encryptionService.signToString(initiatorSigPrk.jwk, contactCard.ownerPlainDataJson);
+            }
+            const initiator = {
+                message,
+                contactCard: contactCard && {
+                    sharedCipherDataClearJson: contactCard.sharedCipherDataClearJson,
+                },
+            };
+            // Content to be encrypted using the OTK.
+            const plainOtKeyCipher = {
+                // TODO Make sure we also put the OOB code in here as well since the OOB code is the
+                // _only_ information the KC server does not have access to. The server may have
+                // access to OTK and hence the nonce here. It's good to have both the nonce and OOB code
+                // since the user may not be using the OOB code. And it's simple to always include
+                // the nonce, so why not.
+                nonce,
+                initiator: Object.assign(Object.assign({}, initiator), { oneTimePbk: initiatorOneTimePrk.toJSON(), pbk: initiatorPrk.jwk.toJSON(), sigPbk: initiatorSigPrk.jwk.toJSON() }),
+            };
+            const otKeyCipher = yield this.keyGraph.encryptToString(otKey, plainOtKeyCipher);
+            // Content to be encrypted using the initiator's root key.
+            const initiatorRootKeyCipherClearJson = {
+                nonce,
+                oneTimePrk: initiatorOneTimePrk.toJSON(true),
+                // Should not need to keep this encrypted since we are using the global signing key.
+                // sigPrk: initiatorSigPrk.toJSON(true),
+                // Save it in case the initiator want to decode the otKeyCipher.
+                // Since the otKey is only used once, and that otKeyCipher contains only
+                // the public key of the initiator, it's safe just leave the otKey stored here.
+                otKey: otKey.toJSON(true),
+                // These should be storing information such as how the fields of the shared contact card is
+                // derived from the master contact card.
+                initiatorContactCard: contactCard,
+                initiator,
+            };
+            const rootKey = yield this.keyService.getCurrentRootKey();
+            const initiatorRootKeyCipher = yield this.keyGraph.encryptToString(rootKey.jwk, initiatorRootKeyCipherClearJson);
+            // The raw OTK
+            const otKeyK = otKey.toJSON(true).k;
+            // API call
+            const lrMutation = new LrMutation({
+                mutation: InitiateKeyExchangeOtkMutation,
+                variables: {
+                    input: {
+                        // These will be stored on the server
+                        initiatorRootKeyCipher,
+                        initiatorPxkId: initiatorPrk.id,
+                        initiatorSigPxkId: initiatorSigPrk.id,
+                        // These will be sent to the responder
+                        otKeyParams: JSON.stringify(otKey.toJSON()),
+                        otKeyCipher,
+                        sendEmail: email && {
+                            email,
+                            rawOtKey: otKeyK,
+                        },
+                        createTp: true,
+                        initiatorPlainDataSig,
+                        upgrade,
+                    },
+                },
+            });
+            return { lrMutation, otKeyK };
+        });
+    }
+    respondOtk({ keyExchangeId, token, decryptedOtk, message, initiatorContactCard, responderContactCard, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const rootKey = yield this.keyService.getCurrentRootKey();
+            const masterKeyId = this.keyService.getCurrentMasterKey().id;
+            const masterKey = yield this.keyService.getCurrentMasterKey();
+            const sharedKey = yield this.keyFactory.createKey();
+            const mkSharedKey = yield this.keyFactory.createKey();
+            const rkWrappedSharedKey = yield this.encryptionService.encrypt(rootKey.jwk, sharedKey.toJSON(true));
+            const mkWrappedMkSharedKey = yield this.encryptionService.encrypt(masterKey.jwk, mkSharedKey.toJSON(true));
+            const initiatorOneTimePbk = yield KeyFactoryService.asKey(decryptedOtk.otKeyCipherClearJson.initiator.oneTimePbk);
+            const initiatorPbk = yield KeyFactoryService.asKey(decryptedOtk.otKeyCipherClearJson.initiator.pbk);
+            const initiatorSigPbk = yield KeyFactoryService.asKey(decryptedOtk.otKeyCipherClearJson.initiator.sigPbk);
+            // Option 1: Using new Prk for each TP pair
+            // Create a new public signing key for the responder.
+            // const responderSigPrk = await this.keyService.createPkcSignKey()
+            // const rkWrappedResponderSigPrk = await this.encrypt(rootKey, responderSigPrk.toJSON(true));
+            // Option 2: Responder already has a signing Prk
+            const responderPrk = yield this.keyService.getCurrentPxk();
+            const responderSigPrk = yield this.keyService.getCurrentSigPxk();
+            const signedInitiatorPbk = yield this.encryptionService.sign(responderSigPrk.jwk, initiatorPbk.toJSON());
+            const signedInitiatorSigPbk = yield this.encryptionService.sign(responderSigPrk.jwk, initiatorSigPbk.toJSON());
+            const initiatorOneTimePbkCipherClearJson = {
+                nonce: decryptedOtk.otKeyCipherClearJson.nonce,
+                sharedKey: sharedKey.toJSON(true),
+                mkSharedKey: mkSharedKey.toJSON(true),
+                responder: {
+                    pbk: responderPrk.jwk.toJSON(),
+                    sigPbk: responderSigPrk.jwk.toJSON(),
+                    message,
+                },
+            };
+            let receivedCardInput;
+            if (decryptedOtk.otKeyCipherClearJson.initiator.contactCard) {
+                // Set the info about the initiator to be the ones sent by the initiator. We need th responder to do the encryption here
+                // because the initiator does not have the shared key yet, and we want the responder to have a functional contact card after
+                // this exchange. The initiator can double check the contact details are correct and sign it when it completes the exchange.
+                const sharedCipherDataClearJson = decryptedOtk.otKeyCipherClearJson.initiator.contactCard
+                    .sharedCipherDataClearJson;
+                // Create keys
+                const receiverKey = yield this.keyFactory.createKey();
+                const ccSharedKey = yield this.keyFactory.createKey();
+                const sigPxk = yield this.keyService.getCurrentSigPxk();
+                receivedCardInput = {
+                    receiverWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, receiverKey.toJSON(true))),
+                    receiverWrappingKeyId: rootKey.id,
+                    receiverCipherData: initiatorContactCard
+                        ? JSON.stringify(yield this.encryptionService.encrypt(receiverKey, initiatorContactCard.receiverCipherDataClearJson))
+                        : '',
+                    sharedWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(sharedKey, ccSharedKey.toJSON(true))),
+                };
+                const sharedCipherData = yield this.encryptionService.encrypt(ccSharedKey, sharedCipherDataClearJson);
+                receivedCardInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(sigPxk.jwk, sharedCipherData));
+                receivedCardInput.sigPxkId = sigPxk.id;
+                initiatorOneTimePbkCipherClearJson.responder.contactCard = Object.assign(Object.assign({}, initiatorOneTimePbkCipherClearJson.responder.contactCard), { sharedCipherKey: ccSharedKey.toJSON(true) });
+            }
+            let responderCardInput;
+            if (responderContactCard) {
+                // Create keys
+                const ownerKey = yield this.keyFactory.createKey();
+                const ccSharedKey = yield this.keyFactory.createKey();
+                const sigPxk = yield this.keyService.getCurrentSigPxk();
+                responderCardInput = {
+                    ownerWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, ownerKey.toJSON(true))),
+                    ownerWrappingKeyId: rootKey.id,
+                    ownerCipherData: responderContactCard.ownerCipherDataClearJson
+                        ? JSON.stringify(yield this.encryptionService.encrypt(ownerKey, responderContactCard.ownerCipherDataClearJson))
+                        : '',
+                    sharedWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(sharedKey, ccSharedKey.toJSON(true))),
+                };
+                const sharedCipherData = yield this.encryptionService.encrypt(ccSharedKey, responderContactCard.sharedCipherDataClearJson);
+                responderCardInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(sigPxk.jwk, sharedCipherData));
+                responderCardInput.sigPxkId = sigPxk.id;
+                if (responderContactCard.ownerPlainDataJson) {
+                    responderCardInput.ownerPlainDataSig = JSON.stringify(yield this.encryptionService.sign(responderSigPrk.jwk, responderContactCard.ownerPlainDataJson));
+                }
+                // Contact card info readable by the initiator
+                initiatorOneTimePbkCipherClearJson.responder.contactCard = Object.assign(Object.assign({}, initiatorOneTimePbkCipherClearJson.responder.contactCard), { sharedCipherDataClearJson: responderContactCard.sharedCipherDataClearJson });
+            }
+            // Encrypt with one-time public key
+            let initiatorOneTimePbkCipher = yield this.encryptionService.encrypt(initiatorOneTimePbk, initiatorOneTimePbkCipherClearJson);
+            // Encrypt with the otk again to keep use of asymmetric keys to a minimum.
+            initiatorOneTimePbkCipher = yield this.encryptionService.encrypt(decryptedOtk.otKey, initiatorOneTimePbkCipher);
+            return new LrMutation({
+                mutation: RespondKeyExchangeOtkMutation,
+                variables: {
+                    input: {
+                        keyExchangeId,
+                        keyExchangeToken: token,
+                        rootKeyId: rootKey.id,
+                        masterKeyId,
+                        // These will be stored on the server
+                        responderPxkId: responderPrk.id,
+                        responderSigPxkId: responderSigPrk.id,
+                        signedInitiatorPbk: JSON.stringify(signedInitiatorPbk),
+                        signedInitiatorSigPbk: JSON.stringify(signedInitiatorSigPbk),
+                        // rkWrappedInitiatorSigPbk: JSON.stringify(rkWrappedInitiatorSigPbk),
+                        // Option 1: Using new Prk for each TP pair
+                        // rkWrappedResponderSigPrk: JSON.stringify(rkWrappedResponderSigPrk),
+                        rkWrappedSharedKey: JSON.stringify(rkWrappedSharedKey),
+                        mkWrappedMkSharedKey: JSON.stringify(mkWrappedMkSharedKey),
+                        // These will be sent to the initiator
+                        initiatorOneTimePbkCipher: JSON.stringify(initiatorOneTimePbkCipher),
+                        initiatorContactCard: receivedCardInput,
+                        responderContactCard: responderCardInput,
+                    },
+                },
+            });
+        });
+    }
+    completeOtk({ keyExchangeId, initiatorRootKeyCipher, initiatorOneTimePbkCipher, responderContactCard, initiatorContactCard, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const rootKey = yield this.keyService.getCurrentRootKey();
+            const masterKey = yield this.keyService.getCurrentMasterKey();
+            // Decrypt using the root key to get the Prk
+            const initiatorRootKeyCipherClearJson = (yield this.encryptionService.decrypt(rootKey.jwk, initiatorRootKeyCipher));
+            // The Prk is single-use and only used to send information from the responder back to the initiator.
+            const plainInitiatorOneTimePbkCipher = yield this.decryptResponseCipher(yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.otKey), yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.oneTimePrk), initiatorOneTimePbkCipher);
+            // Check the nonce match to ensure the responder was the one holding the OTK
+            if (initiatorRootKeyCipherClearJson.nonce !==
+                plainInitiatorOneTimePbkCipher.nonce) {
+                throw new LrCodeMismatchException('The nonce returned by responder does not match with the one created by the initiator.');
+            }
+            // Option 1: Assuming the signing key is unique between users.
+            // const initiatorSigPrk = await KFS.asKey(ke.plainInitiatorRootKeyCipher.sigPrk);
+            // const rkWrappedInitiatorSigPrk = await this.encrypt(rootKey, initiatorSigPrk.toJSON(true));
+            // Option 2: Use the user's global signing key.
+            // In this case the initiatorSigPrk is already a part of the key graph.
+            // So there's nothing to do here.
+            // Protected the signing public key of the responder.
+            const initiatorSigPrk = yield this.keyService.getCurrentSigPxk();
+            const responderSigPbk = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.responder.sigPbk);
+            const responderPbk = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.responder.pbk);
+            const signedResponderPbk = yield this.encryptionService.sign(initiatorSigPrk.jwk, responderPbk.toJSON());
+            const signedResponderSigPbk = yield this.encryptionService.sign(initiatorSigPrk.jwk, responderSigPbk.toJSON());
+            const sharedKey = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.sharedKey);
+            const rkWrappedSharedKey = yield this.encryptionService.encrypt(rootKey.jwk, sharedKey.toJSON(true));
+            const mkSharedKey = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.mkSharedKey);
+            const mkWrappedMkSharedKey = yield this.encryptionService.encrypt(masterKey.jwk, mkSharedKey.toJSON(true));
+            let responderContactCardCipherInput;
+            if (responderContactCard) {
+                // Create key
+                const receiverKey = yield this.keyFactory.createKey();
+                responderContactCardCipherInput = {
+                    receiverWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, receiverKey.toJSON(true))),
+                    receiverWrappingKeyId: rootKey.id,
+                    receiverCipherData: JSON.stringify(yield this.encryptionService.encrypt(receiverKey, responderContactCard.receiverCipherDataClearJson)),
+                };
+            }
+            // Get the data needed from the initiator's cipher data.
+            let initiatorContactCardCipherInput;
+            let initiatorContactCardSharedCipherInput;
+            if (initiatorRootKeyCipherClearJson.initiatorContactCard) {
+                // The initiatorContactCard created during the creation of the invite and encrypted using the initiator's
+                // root key
+                const initiatorContactCardFromInit = initiatorRootKeyCipherClearJson.initiatorContactCard;
+                const ownerKey = yield this.keyFactory.createKey();
+                const sharedCipherKey = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.responder.contactCard.sharedCipherKey);
+                const ownerWrappedKey = JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, ownerKey.toJSON(true)));
+                // Allow the initiatorContactCard parameter to override
+                const ownerCipherDataClearJson = (initiatorContactCard === null || initiatorContactCard === void 0 ? void 0 : initiatorContactCard.ownerCipherDataClearJson) ||
+                    initiatorContactCardFromInit.ownerCipherDataClearJson;
+                const ownerCipherData = ownerCipherDataClearJson
+                    ? yield this.keyGraph.encryptToString(ownerKey, ownerCipherDataClearJson)
+                    : '';
+                initiatorContactCardCipherInput = {
+                    ownerWrappedKey,
+                    ownerWrappingKeyId: rootKey.id,
+                    ownerCipherData,
+                };
+                initiatorContactCardSharedCipherInput = {
+                    sigPxkId: initiatorSigPrk.id,
+                };
+                const sharedCipherData = yield this.encryptionService.encrypt(sharedCipherKey, initiatorContactCardFromInit.sharedCipherDataClearJson);
+                initiatorContactCardSharedCipherInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(initiatorSigPrk.jwk, sharedCipherData));
+            }
+            // TODO ideally we update the shared data in the contact card sent to the responder as well since that
+            // CC was created by the responder.
+            return new LrMutation({
+                mutation: CompleteKeyExchangeOtkMutation,
+                variables: {
+                    input: {
+                        keyExchangeId,
+                        rootKeyId: rootKey.id,
+                        masterKeyId: masterKey.id,
+                        initiatorSigPxkId: initiatorSigPrk.id,
+                        signedResponderPbk: JSON.stringify(signedResponderPbk),
+                        signedResponderSigPbk: JSON.stringify(signedResponderSigPbk),
+                        rkWrappedSharedKey: JSON.stringify(rkWrappedSharedKey),
+                        mkWrappedMkSharedKey: JSON.stringify(mkWrappedMkSharedKey),
+                        responderContactCardCipher: responderContactCardCipherInput,
+                        initiatorContactCardCipher: initiatorContactCardCipherInput,
+                        initiatorContactCardSharedCipher: initiatorContactCardSharedCipherInput,
+                    },
+                },
+            });
+        });
+    }
+};
+KeyExchange2Service.ɵprov = i0.ɵɵdefineInjectable({ factory: function KeyExchange2Service_Factory() { return new KeyExchange2Service(i0.ɵɵinject(i0.NgZone), i0.ɵɵinject(i1.KeyFactoryService), i0.ɵɵinject(i2.KeyService), i0.ɵɵinject(i3.EncryptionService), i0.ɵɵinject(i4.UserService), i0.ɵɵinject(i5.KeyGraphService), i0.ɵɵinject(i6.LrGraphQLService)); }, token: KeyExchange2Service, providedIn: "root" });
+KeyExchange2Service.decorators = [
+    { type: Injectable, args: [{
+                providedIn: 'root',
+            },] }
+];
+KeyExchange2Service.ctorParameters = () => [
+    { type: NgZone },
+    { type: KeyFactoryService },
+    { type: KeyService },
+    { type: EncryptionService },
+    { type: UserService },
+    { type: KeyGraphService },
+    { type: LrGraphQLService }
+];
+KeyExchange2Service = __decorate([
+    RunOutsideAngular({
+        ngZoneName: 'ngZone',
+    })
+], KeyExchange2Service);
+export { KeyExchange2Service };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LWV4Y2hhbmdlMi5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6Ii9vcHQvYXRsYXNzaWFuL3BpcGVsaW5lcy9hZ2VudC9idWlsZC9wcm9qZWN0cy9jb3JlL3NyYy8iLCJzb3VyY2VzIjpbImxpYi9hcGkva2V5LWV4Y2hhbmdlMi5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUVuRCxPQUFPLEVBQ0wsaUJBQWlCLEVBQ2pCLGlCQUFpQixHQUNsQixNQUFNLG9DQUFvQyxDQUFDO0FBQzVDLE9BQU8sRUFBRSxpQkFBaUIsRUFBRSxNQUFNLHFDQUFxQyxDQUFDO0FBQ3hFLE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSxtQ0FBbUMsQ0FBQztBQUNwRSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sNkJBQTZCLENBQUM7QUFDekQsT0FBTyxFQUFFLHVCQUF1QixFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFDaEUsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sZ0NBQWdDLENBQUM7QUFDbkUsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBRXRELE9BQU8sRUFDTCx5QkFBeUIsRUFDekIsOEJBQThCLEVBQzlCLDBCQUEwQixFQUMxQiwwQkFBMEIsRUFDMUIsOEJBQThCLEVBRTlCLGlCQUFpQixFQUNqQixrQkFBa0IsRUFFbEIsc0JBQXNCLEVBQ3RCLDZCQUE2QixHQUM5QixNQUFNLHFCQUFxQixDQUFDO0FBQzdCLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxVQUFVLEVBQUUsTUFBTSxjQUFjLENBQUM7Ozs7Ozs7O0lBNkgvQyxtQkFBbUIsU0FBbkIsbUJBQW1CO0lBRzlCLFlBQ1UsTUFBYyxFQUNkLFVBQTZCLEVBQzdCLFVBQXNCLEVBQ3RCLGlCQUFvQyxFQUNwQyxXQUF3QixFQUN4QixRQUF5QixFQUN6QixTQUEyQjtRQU4zQixXQUFNLEdBQU4sTUFBTSxDQUFRO1FBQ2QsZUFBVSxHQUFWLFVBQVUsQ0FBbUI7UUFDN0IsZUFBVSxHQUFWLFVBQVUsQ0FBWTtRQUN0QixzQkFBaUIsR0FBakIsaUJBQWlCLENBQW1CO1FBQ3BDLGdCQUFXLEdBQVgsV0FBVyxDQUFhO1FBQ3hCLGFBQVEsR0FBUixRQUFRLENBQWlCO1FBQ3pCLGNBQVMsR0FBVCxTQUFTLENBQWtCO1FBVHBCLHdCQUFtQixHQUFHLEVBQUUsQ0FBQztJQVV2QyxDQUFDO0lBRVUsUUFBUSxDQUNwQixXQUFnQyxFQUNoQyxNQUFlOztZQUVmLElBQUksTUFBTSxFQUFFO2dCQUNWLE9BQU8sTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLGlDQUMvQixJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsV0FBVyxDQUFDLEtBQzFDLENBQUMsRUFBRSxNQUFNLElBQ1QsQ0FBQzthQUNKO2lCQUFNLElBQ0wsV0FBVyxDQUFDLEdBQUcsQ0FBQyxLQUFLLEtBQUssZUFBZTtnQkFDekMsQ0FBQyxXQUFXLENBQUMsV0FBVztnQkFDeEIsV0FBVyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsRUFDbEM7Z0JBQ0EseUZBQXlGO2dCQUN6RixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBQ2xELE1BQU0sZUFBZSxHQUFRLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDL0QsR0FBRyxDQUFDLEdBQUcsRUFDUCxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsa0JBQWtCLENBQUMsRUFDOUM7b0JBQ0UsY0FBYyxFQUFFLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDO2lCQUM1QyxDQUNGLENBQUM7Z0JBQ0YsSUFBSSxlQUFlLENBQUMsS0FBSyxFQUFFO29CQUN6QixPQUFPLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxLQUFLLENBQUMsQ0FBQztpQkFDN0Q7YUFDRjtZQUNELE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztLQUFBO0lBRWEsVUFBVSxDQUN0QixXQUFnQyxFQUNoQyxNQUFlOztZQUVmLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLEVBQUUsTUFBTSxDQUFDLENBQUM7WUFFdkQsSUFBSSxHQUFHLEdBQUcsV0FBVyxDQUFDLEdBQUcsQ0FBQztZQUUxQixJQUFJLEtBQUssSUFBSSxHQUFHLENBQUMsV0FBVyxFQUFFO2dCQUM1QixHQUFHLG1DQUNFLEdBQUcsS0FDTixLQUFLLEVBQ0wsb0JBQW9CLEVBQUUsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUN4RCxLQUFLLEVBQ0wsV0FBVyxDQUFDLEdBQUcsQ0FBQyxXQUFXLENBQzVCLEdBQ0YsQ0FBQzthQUNIO1lBRUQsdUNBQ0ssV0FBVyxLQUNkLEdBQUcsSUFDSDtRQUNKLENBQUM7S0FBQTtJQUVhLHFCQUFxQixDQUNqQyxLQUFjLEVBQ2QsS0FBYyxFQUNkLE9BQVk7O1lBRVosb0VBQW9FO1lBQ3BFLElBQUk7Z0JBQ0YsT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsT0FBTyxDQUFDLENBQUM7YUFDaEU7WUFBQyxPQUFPLEtBQUssRUFBRTtnQkFDZCxJQUFJLEtBQUssQ0FBQyxPQUFPLEtBQUssY0FBYyxFQUFFO29CQUNwQyxNQUFNLEtBQUssQ0FBQztpQkFDYjtnQkFDRCw4RUFBOEU7YUFDL0U7WUFFRCxvR0FBb0c7WUFDcEcsT0FBTyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsS0FBSyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQzlELENBQUM7S0FBQTtJQUVhLDZCQUE2QixDQUN6QyxXQUFnQzs7WUFFaEMsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFFMUQsNENBQTRDO1lBQzVDLE1BQU0sK0JBQStCLEdBQUcsQ0FBQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNFLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsV0FBVyxDQUFDLHNCQUFzQixDQUNuQyxDQUFxQyxDQUFDO1lBRXZDLE1BQU0sS0FBSyxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUN6QywrQkFBK0IsQ0FBQyxLQUFLLENBQ3RDLENBQUM7WUFFRixXQUFXLG1DQUNOLFdBQVcsS0FDZCwrQkFBK0IsR0FDaEMsQ0FBQztZQUVGLElBQUksR0FBRyxHQUFHLFdBQVcsQ0FBQyxHQUFHLENBQUM7WUFFMUIsSUFBSSxHQUFHLENBQUMseUJBQXlCLEVBQUU7Z0JBQ2pDLEdBQUcsbUNBQ0UsR0FBRyxLQUNOLGtDQUFrQyxFQUFFLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUNsRSxLQUFLLEVBQ0wsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQzNCLCtCQUErQixDQUFDLFVBQVUsQ0FDM0MsRUFDRCxHQUFHLENBQUMseUJBQXlCLENBQzlCLEdBQ0YsQ0FBQzthQUNIO1lBRUQsSUFBSSxHQUFHLENBQUMsV0FBVyxFQUFFO2dCQUNuQixHQUFHLENBQUMsb0JBQW9CLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUM3RCxLQUFLLEVBQ0wsR0FBRyxDQUFDLFdBQVcsQ0FDaEIsQ0FBQzthQUNIO1lBRUQsdUNBQ0ssV0FBVyxLQUNkLEdBQUcsSUFDSDtRQUNKLENBQUM7S0FBQTtJQUVhLDZCQUE2QixDQUN6QyxXQUFnQyxFQUNoQyxNQUFlOztZQUVmLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQyxXQUFXLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDOUMsQ0FBQztLQUFBO0lBRUssa0JBQWtCLENBQUMsV0FBZ0MsRUFBRSxNQUFlOztZQUN4RSxJQUFJLFdBQVcsQ0FBQyxXQUFXLEVBQUU7Z0JBQzNCLE9BQU8sSUFBSSxDQUFDLDZCQUE2QixDQUFDLFdBQVcsQ0FBQyxDQUFDO2FBQ3hEO2lCQUFNO2dCQUNMLE9BQU8sSUFBSSxDQUFDLDZCQUE2QixDQUFDLFdBQVcsRUFBRSxNQUFNLENBQUMsQ0FBQzthQUNoRTtRQUNILENBQUM7S0FBQTtJQUVLLGVBQWUsQ0FBQyxFQUFFLEtBQUssS0FBb0MsRUFBRTs7WUFDakUsTUFBTSxFQUFFLFlBQVksRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQ2xELEtBQUssRUFBRSxrQkFBa0I7Z0JBQ3pCLFNBQVMsRUFBRTtvQkFDVCxLQUFLO2lCQUNOO2FBQ0YsQ0FBQyxDQUFDO1lBRUgsT0FBTyxPQUFPLENBQUMsR0FBRyxDQUNoQixZQUFZLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUNyRSxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRUQ7Ozs7O09BS0c7SUFDRyxjQUFjLENBQ2xCLEVBQVUsRUFDVixFQUFFLE1BQU0sRUFBRSxLQUFLLEtBQTZCLEVBQUU7O1lBRTlDLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQ3JDLEtBQUssRUFBRSxLQUFLLENBQUMsQ0FBQyxDQUFDLHNCQUFzQixDQUFDLENBQUMsQ0FBQyxpQkFBaUI7Z0JBQ3pELFNBQVMsRUFBRTtvQkFDVCxFQUFFO29CQUNGLEtBQUs7aUJBQ047Z0JBQ0QsZUFBZSxFQUFFLENBQUMsS0FBSzthQUN4QixDQUFDLENBQUM7WUFDSCxPQUFPLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsV0FBVyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBQzFELENBQUM7S0FBQTtJQUVZLHVCQUF1QixDQUFDLEtBR3BDOztZQUNDLE9BQU8sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQzFCLEtBQUssRUFBRSwwQkFBMEI7Z0JBQ2pDLFNBQVMsRUFBRTtvQkFDVCxRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7b0JBQ3hCLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTtpQkFDckI7YUFDRixDQUFDLENBQUM7UUFDTCxDQUFDO0tBQUE7SUFFRCx1QkFBdUI7SUFDakIsaUJBQWlCLENBQUMsRUFBVTs7WUFDaEMsT0FBTyxJQUFJLENBQUMseUJBQXlCLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDNUMsQ0FBQztLQUFBO0lBRUQseUJBQXlCLENBQUMsRUFBVTtRQUNsQyxPQUFPLElBQUksVUFBVSxDQUFDO1lBQ3BCLFFBQVEsRUFBRSx5QkFBeUI7WUFDbkMsU0FBUyxFQUFFO2dCQUNULEtBQUssRUFBRTtvQkFDTCxFQUFFO2lCQUNIO2FBQ0Y7U0FDRixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsdUJBQXVCO0lBQ2pCLGtCQUFrQixDQUFDLEVBQVUsRUFBRSxLQUFhOztZQUNoRCxPQUFPLElBQUksQ0FBQywwQkFBMEIsQ0FBQyxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDcEQsQ0FBQztLQUFBO0lBRUQsMEJBQTBCLENBQUMsRUFBVSxFQUFFLEtBQWE7UUFDbEQsT0FBTyxJQUFJLFVBQVUsQ0FBQztZQUNwQixRQUFRLEVBQUUsMEJBQTBCO1lBQ3BDLFNBQVMsRUFBRTtnQkFDVCxLQUFLLEVBQUU7b0JBQ0wsRUFBRTtvQkFDRixLQUFLO2lCQUNOO2FBQ0Y7U0FDRixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUssV0FBVyxDQUFDLEVBQ2hCLE9BQU8sRUFDUCxLQUFLLEVBQ0wsV0FBVyxFQUNYLE9BQU8sTUFDYyxFQUFFOztZQUN2QixNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDaEQsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUM7WUFFckUsa0ZBQWtGO1lBQ2xGLGlDQUFpQztZQUNqQyxNQUFNLG1CQUFtQixHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUVqRSxvQ0FBb0M7WUFDcEMsb0VBQW9FO1lBRXBFLCtDQUErQztZQUMvQyxzREFBc0Q7WUFDdEQsTUFBTSxZQUFZLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQzNELE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBRWpFLElBQUkscUJBQXFCLEdBQVcsSUFBSSxDQUFDO1lBRXpDLElBQUksV0FBVyxJQUFJLFdBQVcsQ0FBQyxrQkFBa0IsRUFBRTtnQkFDakQscUJBQXFCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsWUFBWSxDQUMvRCxlQUFlLENBQUMsR0FBRyxFQUNuQixXQUFXLENBQUMsa0JBQWtCLENBQy9CLENBQUM7YUFDSDtZQUVELE1BQU0sU0FBUyxHQUFHO2dCQUNoQixPQUFPO2dCQUNQLFdBQVcsRUFBRSxXQUFXLElBQUk7b0JBQzFCLHlCQUF5QixFQUFFLFdBQVcsQ0FBQyx5QkFBeUI7aUJBQ2pFO2FBQ0YsQ0FBQztZQUVGLHlDQUF5QztZQUN6QyxNQUFNLGdCQUFnQixHQUEwQjtnQkFDOUMsb0ZBQW9GO2dCQUNwRixnRkFBZ0Y7Z0JBQ2hGLHdGQUF3RjtnQkFDeEYsa0ZBQWtGO2dCQUNsRix5QkFBeUI7Z0JBQ3pCLEtBQUs7Z0JBQ0wsU0FBUyxrQ0FDSixTQUFTLEtBQ1osVUFBVSxFQUFFLG1CQUFtQixDQUFDLE1BQU0sRUFBRSxFQUN4QyxHQUFHLEVBQUUsWUFBWSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsRUFDOUIsTUFBTSxFQUFFLGVBQWUsQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLEdBQ3JDO2FBQ0YsQ0FBQztZQUVGLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxlQUFlLENBQ3JELEtBQUssRUFDTCxnQkFBZ0IsQ0FDakIsQ0FBQztZQUVGLDBEQUEwRDtZQUMxRCxNQUFNLCtCQUErQixHQUFxQztnQkFDeEUsS0FBSztnQkFDTCxVQUFVLEVBQUUsbUJBQW1CLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQztnQkFDNUMsb0ZBQW9GO2dCQUNwRix3Q0FBd0M7Z0JBRXhDLGdFQUFnRTtnQkFDaEUsd0VBQXdFO2dCQUN4RSwrRUFBK0U7Z0JBQy9FLEtBQUssRUFBRSxLQUFLLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQztnQkFDekIsMkZBQTJGO2dCQUMzRix3Q0FBd0M7Z0JBQ3hDLG9CQUFvQixFQUFFLFdBQVc7Z0JBQ2pDLFNBQVM7YUFDVixDQUFDO1lBRUYsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDMUQsTUFBTSxzQkFBc0IsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsZUFBZSxDQUNoRSxPQUFPLENBQUMsR0FBRyxFQUNYLCtCQUErQixDQUNoQyxDQUFDO1lBRUYsY0FBYztZQUNkLE1BQU0sTUFBTSxHQUFZLEtBQUssQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFTLENBQUMsQ0FBQyxDQUFDO1lBRXJELFdBQVc7WUFDWCxNQUFNLFVBQVUsR0FBRyxJQUFJLFVBQVUsQ0FBQztnQkFDaEMsUUFBUSxFQUFFLDhCQUE4QjtnQkFDeEMsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxxQ0FBcUM7d0JBQ3JDLHNCQUFzQjt3QkFDdEIsY0FBYyxFQUFFLFlBQVksQ0FBQyxFQUFFO3dCQUMvQixpQkFBaUIsRUFBRSxlQUFlLENBQUMsRUFBRTt3QkFDckMsc0NBQXNDO3dCQUN0QyxXQUFXLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsTUFBTSxFQUFFLENBQUM7d0JBQzNDLFdBQVc7d0JBQ1gsU0FBUyxFQUFFLEtBQUssSUFBSTs0QkFDbEIsS0FBSzs0QkFDTCxRQUFRLEVBQUUsTUFBTTt5QkFDakI7d0JBQ0QsUUFBUSxFQUFFLElBQUk7d0JBQ2QscUJBQXFCO3dCQUNyQixPQUFPO3FCQUNSO2lCQUNGO2FBQ0YsQ0FBQyxDQUFDO1lBRUgsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsQ0FBQztRQUNoQyxDQUFDO0tBQUE7SUFFSyxVQUFVLENBQUMsRUFDZixhQUFhLEVBQ2IsS0FBSyxFQUNMLFlBQVksRUFDWixPQUFPLEVBQ1Asb0JBQW9CLEVBQ3BCLG9CQUFvQixHQUNIOztZQUNqQixNQUFNLE9BQU8sR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztZQUUxRCxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUMsRUFBRSxDQUFDO1lBQzdELE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO1lBRTlELE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUNwRCxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7WUFFdEQsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzdELE9BQU8sQ0FBQyxHQUFHLEVBQ1gsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDdkIsQ0FBQztZQUNGLE1BQU0sb0JBQW9CLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMvRCxTQUFTLENBQUMsR0FBRyxFQUNiLFdBQVcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ3pCLENBQUM7WUFFRixNQUFNLG1CQUFtQixHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUN2RCxZQUFZLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FDdkQsQ0FBQztZQUVGLE1BQU0sWUFBWSxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUNoRCxZQUFZLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FDaEQsQ0FBQztZQUNGLE1BQU0sZUFBZSxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUNuRCxZQUFZLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FDbkQsQ0FBQztZQUVGLDJDQUEyQztZQUMzQyxxREFBcUQ7WUFDckQsbUVBQW1FO1lBQ25FLDhGQUE4RjtZQUU5RixnREFBZ0Q7WUFDaEQsTUFBTSxZQUFZLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQzNELE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBRWpFLE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUMxRCxlQUFlLENBQUMsR0FBRyxFQUNuQixZQUFZLENBQUMsTUFBTSxFQUFFLENBQ3RCLENBQUM7WUFDRixNQUFNLHFCQUFxQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FDN0QsZUFBZSxDQUFDLEdBQUcsRUFDbkIsZUFBZSxDQUFDLE1BQU0sRUFBRSxDQUN6QixDQUFDO1lBRUYsTUFBTSxrQ0FBa0MsR0FBdUM7Z0JBQzdFLEtBQUssRUFBRSxZQUFZLENBQUMsb0JBQW9CLENBQUMsS0FBSztnQkFDOUMsU0FBUyxFQUFFLFNBQVMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDO2dCQUNqQyxXQUFXLEVBQUUsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUM7Z0JBQ3JDLFNBQVMsRUFBRTtvQkFDVCxHQUFHLEVBQUUsWUFBWSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUU7b0JBQzlCLE1BQU0sRUFBRSxlQUFlLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRTtvQkFDcEMsT0FBTztpQkFDUjthQUNGLENBQUM7WUFFRixJQUFJLGlCQUFpQixDQUFDO1lBQ3RCLElBQUksWUFBWSxDQUFDLG9CQUFvQixDQUFDLFNBQVMsQ0FBQyxXQUFXLEVBQUU7Z0JBQzNELHdIQUF3SDtnQkFDeEgsNEhBQTRIO2dCQUM1SCw0SEFBNEg7Z0JBQzVILE1BQU0seUJBQXlCLEdBQzdCLFlBQVksQ0FBQyxvQkFBb0IsQ0FBQyxTQUFTLENBQUMsV0FBVztxQkFDcEQseUJBQXlCLENBQUM7Z0JBRS9CLGNBQWM7Z0JBQ2QsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUN0RCxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQ3RELE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO2dCQUV4RCxpQkFBaUIsR0FBRztvQkFDbEIsa0JBQWtCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FDaEMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxPQUFPLENBQUMsR0FBRyxFQUNYLFdBQVcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ3pCLENBQ0Y7b0JBQ0QscUJBQXFCLEVBQUUsT0FBTyxDQUFDLEVBQUU7b0JBQ2pDLGtCQUFrQixFQUFFLG9CQUFvQjt3QkFDdEMsQ0FBQyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQ1osTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxXQUFXLEVBQ1gsb0JBQW9CLENBQUMsMkJBQTJCLENBQ2pELENBQ0Y7d0JBQ0gsQ0FBQyxDQUFDLEVBQUU7b0JBQ04sZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FDOUIsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxTQUFTLEVBQ1QsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDekIsQ0FDRjtpQkFDRixDQUFDO2dCQUVGLE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMzRCxXQUFXLEVBQ1gseUJBQXlCLENBQzFCLENBQUM7Z0JBQ0YsaUJBQWlCLENBQUMsbUJBQW1CLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDcEQsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLEVBQUUsZ0JBQWdCLENBQUMsQ0FDaEUsQ0FBQztnQkFDRixpQkFBaUIsQ0FBQyxRQUFRLEdBQUcsTUFBTSxDQUFDLEVBQUUsQ0FBQztnQkFFdkMsa0NBQWtDLENBQUMsU0FBUyxDQUFDLFdBQVcsbUNBQ25ELGtDQUFrQyxDQUFDLFNBQVMsQ0FBQyxXQUFXLEtBQzNELGVBQWUsRUFBRSxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUMxQyxDQUFDO2FBQ0g7WUFFRCxJQUFJLGtCQUFrQixDQUFDO1lBQ3ZCLElBQUksb0JBQW9CLEVBQUU7Z0JBQ3hCLGNBQWM7Z0JBQ2QsTUFBTSxRQUFRLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUNuRCxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQ3RELE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO2dCQUV4RCxrQkFBa0IsR0FBRztvQkFDbkIsZUFBZSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQzdCLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEMsT0FBTyxDQUFDLEdBQUcsRUFDWCxRQUFRLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN0QixDQUNGO29CQUNELGtCQUFrQixFQUFFLE9BQU8sQ0FBQyxFQUFFO29CQUM5QixlQUFlLEVBQUUsb0JBQW9CLENBQUMsd0JBQXdCO3dCQUM1RCxDQUFDLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FDWixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFFBQVEsRUFDUixvQkFBb0IsQ0FBQyx3QkFBd0IsQ0FDOUMsQ0FDRjt3QkFDSCxDQUFDLENBQUMsRUFBRTtvQkFFTixnQkFBZ0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUM5QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFNBQVMsRUFDVCxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUNGO2lCQUNGLENBQUM7Z0JBRUYsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNELFdBQVcsRUFDWCxvQkFBb0IsQ0FBQyx5QkFBeUIsQ0FDL0MsQ0FBQztnQkFDRixrQkFBa0IsQ0FBQyxtQkFBbUIsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUNyRCxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLEdBQUcsRUFBRSxnQkFBZ0IsQ0FBQyxDQUNoRSxDQUFDO2dCQUNGLGtCQUFrQixDQUFDLFFBQVEsR0FBRyxNQUFNLENBQUMsRUFBRSxDQUFDO2dCQUV4QyxJQUFJLG9CQUFvQixDQUFDLGtCQUFrQixFQUFFO29CQUMzQyxrQkFBa0IsQ0FBQyxpQkFBaUIsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUNuRCxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQy9CLGVBQWUsQ0FBQyxHQUFHLEVBQ25CLG9CQUFvQixDQUFDLGtCQUFrQixDQUN4QyxDQUNGLENBQUM7aUJBQ0g7Z0JBRUQsOENBQThDO2dCQUM5QyxrQ0FBa0MsQ0FBQyxTQUFTLENBQUMsV0FBVyxtQ0FDbkQsa0NBQWtDLENBQUMsU0FBUyxDQUFDLFdBQVcsS0FDM0QseUJBQXlCLEVBQ3ZCLG9CQUFvQixDQUFDLHlCQUF5QixHQUNqRCxDQUFDO2FBQ0g7WUFFRCxtQ0FBbUM7WUFDbkMsSUFBSSx5QkFBeUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xFLG1CQUFtQixFQUNuQixrQ0FBa0MsQ0FDbkMsQ0FBQztZQUVGLDBFQUEwRTtZQUMxRSx5QkFBeUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzlELFlBQVksQ0FBQyxLQUFLLEVBQ2xCLHlCQUF5QixDQUMxQixDQUFDO1lBRUYsT0FBTyxJQUFJLFVBQVUsQ0FBQztnQkFDcEIsUUFBUSxFQUFFLDZCQUE2QjtnQkFDdkMsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxhQUFhO3dCQUNiLGdCQUFnQixFQUFFLEtBQUs7d0JBQ3ZCLFNBQVMsRUFBRSxPQUFPLENBQUMsRUFBRTt3QkFDckIsV0FBVzt3QkFDWCxxQ0FBcUM7d0JBQ3JDLGNBQWMsRUFBRSxZQUFZLENBQUMsRUFBRTt3QkFDL0IsaUJBQWlCLEVBQUUsZUFBZSxDQUFDLEVBQUU7d0JBQ3JDLGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsa0JBQWtCLENBQUM7d0JBQ3RELHFCQUFxQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMscUJBQXFCLENBQUM7d0JBQzVELHNFQUFzRTt3QkFFdEUsMkNBQTJDO3dCQUMzQyxzRUFBc0U7d0JBQ3RFLGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsa0JBQWtCLENBQUM7d0JBQ3RELG9CQUFvQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsb0JBQW9CLENBQUM7d0JBQzFELHNDQUFzQzt3QkFDdEMseUJBQXlCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyx5QkFBeUIsQ0FBQzt3QkFDcEUsb0JBQW9CLEVBQUUsaUJBQWlCO3dCQUN2QyxvQkFBb0IsRUFBRSxrQkFBa0I7cUJBQ3pDO2lCQUNGO2FBQ0YsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztLQUFBO0lBRUssV0FBVyxDQUFDLEVBQ2hCLGFBQWEsRUFDYixzQkFBc0IsRUFDdEIseUJBQXlCLEVBQ3pCLG9CQUFvQixFQUNwQixvQkFBb0IsR0FDRjs7WUFDbEIsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDMUQsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFFOUQsNENBQTRDO1lBQzVDLE1BQU0sK0JBQStCLEdBQUcsQ0FBQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNFLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsc0JBQXNCLENBQ3ZCLENBQXFDLENBQUM7WUFFdkMsb0dBQW9HO1lBQ3BHLE1BQU0sOEJBQThCLEdBQUcsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQ3JFLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUFDLCtCQUErQixDQUFDLEtBQUssQ0FBQyxFQUNwRSxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FBQywrQkFBK0IsQ0FBQyxVQUFVLENBQUMsRUFDekUseUJBQXlCLENBQzFCLENBQUM7WUFFRiw0RUFBNEU7WUFDNUUsSUFDRSwrQkFBK0IsQ0FBQyxLQUFLO2dCQUNyQyw4QkFBOEIsQ0FBQyxLQUFLLEVBQ3BDO2dCQUNBLE1BQU0sSUFBSSx1QkFBdUIsQ0FDL0IsdUZBQXVGLENBQ3hGLENBQUM7YUFDSDtZQUVELDhEQUE4RDtZQUM5RCxrRkFBa0Y7WUFDbEYsOEZBQThGO1lBRTlGLCtDQUErQztZQUMvQyx1RUFBdUU7WUFDdkUsaUNBQWlDO1lBRWpDLHFEQUFxRDtZQUNyRCxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUNqRSxNQUFNLGVBQWUsR0FBRyxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FDbkQsOEJBQThCLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FDaEQsQ0FBQztZQUNGLE1BQU0sWUFBWSxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUNoRCw4QkFBOEIsQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUM3QyxDQUFDO1lBRUYsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQzFELGVBQWUsQ0FBQyxHQUFHLEVBQ25CLFlBQVksQ0FBQyxNQUFNLEVBQUUsQ0FDdEIsQ0FBQztZQUNGLE1BQU0scUJBQXFCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUM3RCxlQUFlLENBQUMsR0FBRyxFQUNuQixlQUFlLENBQUMsTUFBTSxFQUFFLENBQ3pCLENBQUM7WUFFRixNQUFNLFNBQVMsR0FBRyxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FDN0MsOEJBQThCLENBQUMsU0FBUyxDQUN6QyxDQUFDO1lBQ0YsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzdELE9BQU8sQ0FBQyxHQUFHLEVBQ1gsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDdkIsQ0FBQztZQUVGLE1BQU0sV0FBVyxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUMvQyw4QkFBOEIsQ0FBQyxXQUFXLENBQzNDLENBQUM7WUFDRixNQUFNLG9CQUFvQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDL0QsU0FBUyxDQUFDLEdBQUcsRUFDYixXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUFDO1lBRUYsSUFBSSwrQkFBK0IsQ0FBQztZQUNwQyxJQUFJLG9CQUFvQixFQUFFO2dCQUN4QixhQUFhO2dCQUNiLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFFdEQsK0JBQStCLEdBQUc7b0JBQ2hDLGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQ2hDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEMsT0FBTyxDQUFDLEdBQUcsRUFDWCxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUNGO29CQUNELHFCQUFxQixFQUFFLE9BQU8sQ0FBQyxFQUFFO29CQUNqQyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUNoQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFdBQVcsRUFDWCxvQkFBb0IsQ0FBQywyQkFBMkIsQ0FDakQsQ0FDRjtpQkFDRixDQUFDO2FBQ0g7WUFFRCx3REFBd0Q7WUFDeEQsSUFBSSwrQkFBK0IsQ0FBQztZQUNwQyxJQUFJLHFDQUFxQyxDQUFDO1lBQzFDLElBQUksK0JBQStCLENBQUMsb0JBQW9CLEVBQUU7Z0JBQ3hELHlHQUF5RztnQkFDekcsV0FBVztnQkFDWCxNQUFNLDRCQUE0QixHQUNoQywrQkFBK0IsQ0FBQyxvQkFBb0IsQ0FBQztnQkFDdkQsTUFBTSxRQUFRLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUNuRCxNQUFNLGVBQWUsR0FBRyxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FDbkQsOEJBQThCLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQyxlQUFlLENBQ3JFLENBQUM7Z0JBRUYsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDcEMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUUsUUFBUSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUN6RSxDQUFDO2dCQUVGLHVEQUF1RDtnQkFDdkQsTUFBTSx3QkFBd0IsR0FDNUIsQ0FBQSxvQkFBb0IsYUFBcEIsb0JBQW9CLHVCQUFwQixvQkFBb0IsQ0FBRSx3QkFBd0I7b0JBQzlDLDRCQUE0QixDQUFDLHdCQUF3QixDQUFDO2dCQUV4RCxNQUFNLGVBQWUsR0FBRyx3QkFBd0I7b0JBQzlDLENBQUMsQ0FBQyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsZUFBZSxDQUNqQyxRQUFRLEVBQ1Isd0JBQXdCLENBQ3pCO29CQUNILENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBRVAsK0JBQStCLEdBQUc7b0JBQ2hDLGVBQWU7b0JBQ2Ysa0JBQWtCLEVBQUUsT0FBTyxDQUFDLEVBQUU7b0JBQzlCLGVBQWU7aUJBQ2hCLENBQUM7Z0JBRUYscUNBQXFDLEdBQUc7b0JBQ3RDLFFBQVEsRUFBRSxlQUFlLENBQUMsRUFBRTtpQkFDN0IsQ0FBQztnQkFFRixNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDM0QsZUFBZSxFQUNmLDRCQUE0QixDQUFDLHlCQUF5QixDQUN2RCxDQUFDO2dCQUNGLHFDQUFxQyxDQUFDLG1CQUFtQixHQUFHLElBQUksQ0FBQyxTQUFTLENBQ3hFLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxFQUFFLGdCQUFnQixDQUFDLENBQ3pFLENBQUM7YUFDSDtZQUVELHNHQUFzRztZQUN0RyxtQ0FBbUM7WUFFbkMsT0FBTyxJQUFJLFVBQVUsQ0FBQztnQkFDcEIsUUFBUSxFQUFFLDhCQUE4QjtnQkFDeEMsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxhQUFhO3dCQUNiLFNBQVMsRUFBRSxPQUFPLENBQUMsRUFBRTt3QkFDckIsV0FBVyxFQUFFLFNBQVMsQ0FBQyxFQUFFO3dCQUN6QixpQkFBaUIsRUFBRSxlQUFlLENBQUMsRUFBRTt3QkFDckMsa0JBQWtCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxrQkFBa0IsQ0FBQzt3QkFDdEQscUJBQXFCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxxQkFBcUIsQ0FBQzt3QkFDNUQsa0JBQWtCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxrQkFBa0IsQ0FBQzt3QkFDdEQsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxvQkFBb0IsQ0FBQzt3QkFDMUQsMEJBQTBCLEVBQUUsK0JBQStCO3dCQUMzRCwwQkFBMEIsRUFBRSwrQkFBK0I7d0JBQzNELGdDQUFnQyxFQUFFLHFDQUFxQztxQkFDeEU7aUJBQ0Y7YUFDRixDQUFDLENBQUM7UUFDTCxDQUFDO0tBQUE7Q0FDRixDQUFBOzs7WUF0dEJBLFVBQVUsU0FBQztnQkFDVixVQUFVLEVBQUUsTUFBTTthQUNuQjs7O1lBdEpvQixNQUFNO1lBTWxCLGlCQUFpQjtZQUVqQixVQUFVO1lBTGpCLGlCQUFpQjtZQVFWLFdBQVc7WUFKWCxlQUFlO1lBbUJmLGdCQUFnQjs7QUE2SFosbUJBQW1CO0lBTi9CLGlCQUFpQixDQUFDO1FBQ2pCLFVBQVUsRUFBRSxRQUFRO0tBQ3JCLENBQUM7R0FJVyxtQkFBbUIsQ0FtdEIvQjtTQW50QlksbUJBQW1CIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgSW5qZWN0YWJsZSwgTmdab25lIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XG5pbXBvcnQgeyBKV0sgfSBmcm9tICdub2RlLWpvc2UnO1xuaW1wb3J0IHtcbiAgRW5jcnlwdGlvblNlcnZpY2UsXG4gIEpvc2VTZXJpYWxpemF0aW9uLFxufSBmcm9tICcuLi9jcnlwdG9ncmFwaHkvZW5jcnlwdGlvbi5zZXJ2aWNlJztcbmltcG9ydCB7IEtleUZhY3RvcnlTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1mYWN0b3J5LnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5R3JhcGhTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1ncmFwaC5zZXJ2aWNlJztcbmltcG9ydCB7IEtleVNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LnNlcnZpY2UnO1xuaW1wb3J0IHsgTHJDb2RlTWlzbWF0Y2hFeGNlcHRpb24gfSBmcm9tICcuLi9fY29tbW9uL2V4Y2VwdGlvbnMnO1xuaW1wb3J0IHsgUnVuT3V0c2lkZUFuZ3VsYXIgfSBmcm9tICcuLi9fY29tbW9uL3J1bi1vdXRzaWRlLWFuZ3VsYXInO1xuaW1wb3J0IHsgVXNlclNlcnZpY2UgfSBmcm9tICcuLy4uL3VzZXJzL3VzZXIuc2VydmljZSc7XG5pbXBvcnQgeyBPd25lclBsYWluRGF0YUpzb24gfSBmcm9tICcuL2NvbnRhY3QtY2FyZDIuc2VydmljZSc7XG5pbXBvcnQge1xuICBDYW5jZWxLZXlFeGNoYW5nZU11dGF0aW9uLFxuICBDb21wbGV0ZUtleUV4Y2hhbmdlT3RrTXV0YXRpb24sXG4gIEN1cnJlbnRVc2VyU2hhcmVkS2V5UXVlcnkyLFxuICBEZWNsaW5lS2V5RXhjaGFuZ2VNdXRhdGlvbixcbiAgSW5pdGlhdGVLZXlFeGNoYW5nZU90a011dGF0aW9uLFxuICBLZXlFeGNoYW5nZUZyYWdtZW50LFxuICBLZXlFeGNoYW5nZVF1ZXJ5MixcbiAgS2V5RXhjaGFuZ2VzUXVlcnkyLFxuICBLZXlFeGNoYW5nZVN0YXRlMixcbiAgS2V5RXhjaGFuZ2VUb2tlblF1ZXJ5MixcbiAgUmVzcG9uZEtleUV4Y2hhbmdlT3RrTXV0YXRpb24sXG59IGZyb20gJy4va2V5LWV4Y2hhbmdlMi5ncWwnO1xuaW1wb3J0IHsgTHJHcmFwaFFMU2VydmljZSwgTHJNdXRhdGlvbiB9IGZyb20gJy4vbHItZ3JhcGhxbCc7XG5pbXBvcnQgeyBDb250YWN0Q2FyZFNoYXJlZENpcGhlckRhdGEsIE90S2V5Q2lwaGVyQ2xlYXJKc29uMiB9IGZyb20gJy4vdHlwZXMnO1xuXG4vKipcbiAqIFRoZSBkZWNyeXB0ZWQgY29udGVudCBvZiB0aGUgb25lLXRpbWUga2V5IGNpcGhlcjtcbiAqIFdoZW4gdXNlciBzdXBwbGllcyB0aGlzIGluZm9ybWF0aW9uIHRoZSBsaWIgZG9lc24ndCBuZWVkIHRvIGRvIGFub3RoZXIgQVBJIGNhbGxcbiAqIHRvIGZldGNoIHRoZSBrZXkgZXhjaGFuZ2Ugbm9kZS4gQW5kIHNpbmNlIHRoZSB0eXBpY2FsIHVzZSBjYXNlIGlzIHRvIGRpc3BsYXlcbiAqIHNvbWUgaW5mb3JtYXRpb24gdG8gdGhlIHVzZXIsIHRoZSBrZXkgZXhjaGFuZ2Ugbm9kZSB3b3VsZCBhbHJlYWR5IGhhdmUgYmVlblxuICogZmV0Y2hlZCBhbmQgZGVjcnlwdGVkLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIERlY3J5cHRlZE90azIge1xuICBvdEtleUNpcGhlckNsZWFySnNvbjogT3RLZXlDaXBoZXJDbGVhckpzb24yO1xuICBvdEtleTogSldLLktleTsgLy8gVGhlIG9uZS10aW1lIGtleVxufVxuXG5leHBvcnQgaW50ZXJmYWNlIENvbnRhY3RDYXJkUmVjZWl2ZXJDaXBoZXJEYXRhIHtcbiAgLy8gVGhlIHJlY2VpdmVyIG9mIHRoZSBjb250YWN0IGNhcmQga2VlcHMgYSBjb3B5XG4gIC8vIG9mIHRoZSBvd25lcidzIGNvbnRhY3QgY2FyZCBpbmZvcm1hdGlvbiwgZW5jcnlwdGVkIHVzaW5nIHRoZSByZWNlaXZlcidzIGtleXMuIFNvIHRoYXQgd2hlblxuICAvLyB0aGUgb3duZXIgZGVjaWRlcyB0byB1cGRhdGUgdGhlaXIgc2hhcmVkIGNvbnRhY3QgY2FyZCBhdCBhIGxhdGVyIGRhdGUsIHRoZSByZWNlaXZlciBjYW5cbiAgLy8gY29tcGFyZSBhZ2FpbnN0IHRoZSBvcmlnaW5hbCBjb250YWN0IGNhcmQgc2VudCBkdXJpbmcga2V5IGV4Y2hhbmdlLiBUaGlzIHdheSwgdGhlIG93bmVyXG4gIC8vIGNhbid0IHVuaWxhdGVyYWxseSB1cGRhdGUgdGhlaXIgc2hhcmVkIGNvbnRhY3QgY2FyZCB3aXRob3V0IHRoZSByZWNlaXZlciBrbm93aW5nIGFib3V0IGl0LlxuICByZWNlaXZlckNpcGhlckRhdGFDbGVhckpzb246IGFueTtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBDb250YWN0Q2FyZE93bmVyUGxhaW5EYXRhIHtcbiAgLy8gQWNjZXNzaWJsZSBieSB0aGUgc2VydmVyIGFuZCB0aGUgb3duZXIuIFNlcnZlciBzaWRlIG5vdGlmaWNhdGlvbiBlbWFpbHMgbmVlZCB0byBrbm93IHNvbWVcbiAgLy8gaW5mb3JtYXRpb24gYWJvdXQgdGhlIG93bmVyLlxuICAvLyBUaGUgb3duZXIgY291bGQgZWl0aGVyIGJlIHRoZSBpbml0aWF0b3Igb3IgdGhlIHJlc3BvbmRlci5cbiAgb3duZXJQbGFpbkRhdGFKc29uOiBPd25lclBsYWluRGF0YUpzb247XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ29udGFjdENhcmRPd25lckNpcGhlckRhdGEge1xuICAvLyBPd25lciBvbmx5IGFjY2VzcyB0byB0aGlzIGRhdGFcbiAgb3duZXJDaXBoZXJEYXRhQ2xlYXJKc29uOiBhbnk7XG59XG5cbi8qKlxuICogU2VuZGluZyBjb250YWN0IGNhcmQgaW5mb3JtYXRpb24gZnJvbSB0aGUgb3duZXIgdG8gdGhlIHJlY2VpdmVyLlxuICovXG5leHBvcnQgdHlwZSBTZW5kQ29udGFjdENhcmRJbnB1dCA9IENvbnRhY3RDYXJkT3duZXJQbGFpbkRhdGEgJlxuICBDb250YWN0Q2FyZE93bmVyQ2lwaGVyRGF0YSAmXG4gIENvbnRhY3RDYXJkU2hhcmVkQ2lwaGVyRGF0YTtcblxuZXhwb3J0IGludGVyZmFjZSBJbml0aWF0ZU90a0lucHV0MiB7XG4gIC8vIE5vdGUgdGhhdCBpZiBuZWl0aGVyIGVtYWlsIG5vciByZXNwb25kZXJVc2VybmFtZSBhcmUgZ2l2ZW4sIHRoZSBvbmUtdGltZSBrZXlcbiAgLy8gY2FuIHN0aWxsIGJlIHNlbnQgdG8gdGhlIHJlc3BvbmRlciB2aWEgT09CXG4gIGVtYWlsPzogc3RyaW5nO1xuICBtZXNzYWdlPzogYW55O1xuICBjb250YWN0Q2FyZD86IFNlbmRDb250YWN0Q2FyZElucHV0O1xuICAvLyBJZiBUcnVlLCB0byB1cGdyYWRlIGFuIGVtYWlsIGludml0ZSB0byBhbiBleGlzdGluZyB1c2VyIGludml0ZSBpZiB0aGUgZW1haWxcbiAgLy8gaXMgYWxyZWFkeSBhc3NvY2lhdGVkIHdpdGggYW4gZXhpc3RpbmcgdXNlci5cbiAgdXBncmFkZT86IGJvb2xlYW47XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUmVzcG9uZE90a0lucHV0MiB7XG4gIGtleUV4Y2hhbmdlSWQ6IHN0cmluZztcbiAgdG9rZW46IHN0cmluZztcbiAgZGVjcnlwdGVkT3RrOiBEZWNyeXB0ZWRPdGsyO1xuICBtZXNzYWdlPzogYW55O1xuICAvLyBUaGUgaW5pdGlhdG9yIGlzIHRoZSBvd25lciBmbyB0aGUgaW5pdGlhdG9yQ29udGFjdENhcmQsIHRoZSByZXNwb25kZXJcbiAgLy8gaXMgdGhlIHJlY2VpdmVyLlxuICBpbml0aWF0b3JDb250YWN0Q2FyZD86IENvbnRhY3RDYXJkUmVjZWl2ZXJDaXBoZXJEYXRhO1xuICByZXNwb25kZXJDb250YWN0Q2FyZD86IFNlbmRDb250YWN0Q2FyZElucHV0O1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIENvbXBsZXRlT3RrSW5wdXQyIHtcbiAga2V5RXhjaGFuZ2VJZDogc3RyaW5nO1xuICAvLyBUaGlzIGlzIGEgcGFydCBvZiB0aGUga2V5IGV4Y2hhbmdlIGRhdGEuIEl0J3MgZW5jcnlwdGVkIHVzaW5nIHRoZSByb290IGtleVxuICBpbml0aWF0b3JSb290S2V5Q2lwaGVyOiBzdHJpbmc7XG4gIC8vIFRoaXMgaXMgYSBwYXJ0IG9mIHRoZSBrZXkgZXhjaGFuZ2UgZGF0YS4gSXQncyBlbmNyeXB0ZWQgdXNpbmcgdGhlIG9uZS10aW1lIGtleS5cbiAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlcjogc3RyaW5nO1xuICAvLyBUaGUgcmVzcG9uZGVyIGlzIHRoZSBvd25lciBmbyB0aGUgcmVzcG9uZGVyQ29udGFjdENhcmQsIHRoZSBpbml0aWF0b3JcbiAgLy8gaXMgdGhlIHJlY2VpdmVyLlxuICByZXNwb25kZXJDb250YWN0Q2FyZD86IENvbnRhY3RDYXJkUmVjZWl2ZXJDaXBoZXJEYXRhO1xuICAvLyBUaGUgaW5pdGlhdG9yIGNhbiB1cGRhdGUgdGhlIGNpcGhlciBkYXRhIHRoYXQgYXJlIG9ubHkgdmlzaWJsZSB0byB0aGVtLiBJdCBtYWtlc1xuICAvLyBsZXNzIHNlbnNlIHRvIHVwZGF0ZSB0aGUgc2hhcmVkIGRhdGEgYmVjYXVzZSB0aGUgcmVzcG9uZGVyIHdvdWxkIGhhdmUgYWxyZWFkeSBzZWVuXG4gIC8vIHRoZSBzaGFyZWQgZGF0YSBhbmQgYWNjZXB0ZWQgdGhhdCBpdCdzIGxlZ2l0LlxuICAvLyBCdXQgaW4gYW55IGNhc2UsIHRoZSBpbml0aWF0b3IgY2FuIHVwZGF0ZSB0aGUgc2hhcmVkIGNvbnRhY3QgY2FyZCBpbmZvIGF0IGFueSB0aW1lLlxuICBpbml0aWF0b3JDb250YWN0Q2FyZD86IENvbnRhY3RDYXJkT3duZXJDaXBoZXJEYXRhO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIEluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24yIHtcbiAgbm9uY2U6IHN0cmluZztcbiAgb25lVGltZVByazogb2JqZWN0OyAvLyBvbmUtdGltZSBwdWJsaWMgZW5jcnlwdGlvbiBrZXkgcmVzcG9uZGVyIHVzZSB0byBzZW5kIGRhdGEgYmFjayB0byBpbml0aWF0b3JcbiAgb3RLZXk6IG9iamVjdDsgLy8gb25lLXRpbWUgc3ltbWV0cmljIGtleSB0aGF0IG5lZWRzIHRvIGJlIHNoYXJlZCBPT0JcbiAgaW5pdGlhdG9yQ29udGFjdENhcmQ/OiBDb250YWN0Q2FyZE93bmVyQ2lwaGVyRGF0YSAmXG4gICAgQ29udGFjdENhcmRTaGFyZWRDaXBoZXJEYXRhO1xuICBpbml0aWF0b3I6IHtcbiAgICBtZXNzYWdlPzogYW55O1xuICAgIGNvbnRhY3RDYXJkPzogQ29udGFjdENhcmRTaGFyZWRDaXBoZXJEYXRhO1xuICB9O1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIEluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb24ge1xuICBub25jZTogc3RyaW5nO1xuICBzaGFyZWRLZXk6IG9iamVjdDtcbiAgbWtTaGFyZWRLZXk6IG9iamVjdDtcbiAgcmVzcG9uZGVyOiB7XG4gICAgcGJrOiBvYmplY3Q7XG4gICAgc2lnUGJrOiBvYmplY3Q7XG4gICAgbWVzc2FnZT86IGFueTtcbiAgICBjb250YWN0Q2FyZD86IENvbnRhY3RDYXJkU2hhcmVkQ2lwaGVyRGF0YSAmIHtcbiAgICAgIC8vIE5vdGUgdGhhdCB0aGlzIGlzIF9ub3RfIHRoZSBzYW1lIGtleSBhcyB0aGUgc2hhcmVkS2V5LiBUaGUgc2hhcmVkS2V5IHdyYXBzXG4gICAgICAvLyB0aGlzIGtleSBpbiB0aGUga2V5IGdyYXBoLiBCdXQgYmVjYXVzZSB0aGlzIGtleSBoYXMgbm90IGJlZW4gZW50ZXJlZCBpbnRvXG4gICAgICAvLyB0aGUga2V5IGdyYXBoIHdoZW4gdGhlIHJlc3BvbmRlciBjYWxscyB0aGUgQVBJLCB3ZSBwYXNzIHRoZSBKV0sgZGlyZWN0bHkgaGVyZS5cbiAgICAgIHNoYXJlZENpcGhlcktleTogb2JqZWN0O1xuICAgIH07XG4gIH07XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgR2V0S2V5RXhjaGFuZ2VPcHRpb25zMiB7XG4gIC8vIFRoZSBvdEtleSBhcyBhIHJhdyBzdHJpbmcuIGkuZS4ga2V5LnRvSlNPTih0cnVlKS5rXG4gIG90S2V5Sz86IHN0cmluZztcbiAgLy8gVXNlciBuZWVkIHRoZSB0b2tlbiBpZiB0aGV5IGhhdmUgbm90IHJlc3BvbmRlZCB0byB0aGUga2V5IGV4Y2hhbmdlIHlldC5cbiAgLy8gT25jZSB0aGV5J3ZlIHJlc3BvbmRlZCAoaGVuY2UgcHJvdmVuIHRoZXkgaGF2ZSB0aGUgT09CIEtleSkgdGhleSBiZWNvbWVcbiAgLy8gdGhlIFwicmVzcG9uZGVyXCIgb2YgdGhpcyBleGNoYW5nZSwgYW5kIGNhbiBhY2Nlc3MgaXQgd2hlbiBzaWduZWQgaW4uXG4gIHRva2VuPzogc3RyaW5nO1xufVxuXG5AUnVuT3V0c2lkZUFuZ3VsYXIoe1xuICBuZ1pvbmVOYW1lOiAnbmdab25lJyxcbn0pXG5ASW5qZWN0YWJsZSh7XG4gIHByb3ZpZGVkSW46ICdyb290Jyxcbn0pXG5leHBvcnQgY2xhc3MgS2V5RXhjaGFuZ2UyU2VydmljZSB7XG4gIHByaXZhdGUgcmVhZG9ubHkgQ0xJRU5UX05PTkNFX0xFTkdUSCA9IDMyO1xuXG4gIGNvbnN0cnVjdG9yKFxuICAgIHByaXZhdGUgbmdab25lOiBOZ1pvbmUsXG4gICAgcHJpdmF0ZSBrZXlGYWN0b3J5OiBLZXlGYWN0b3J5U2VydmljZSxcbiAgICBwcml2YXRlIGtleVNlcnZpY2U6IEtleVNlcnZpY2UsXG4gICAgcHJpdmF0ZSBlbmNyeXB0aW9uU2VydmljZTogRW5jcnlwdGlvblNlcnZpY2UsXG4gICAgcHJpdmF0ZSB1c2VyU2VydmljZTogVXNlclNlcnZpY2UsXG4gICAgcHJpdmF0ZSBrZXlHcmFwaDogS2V5R3JhcGhTZXJ2aWNlLFxuICAgIHByaXZhdGUgbHJHcmFwaFFMOiBMckdyYXBoUUxTZXJ2aWNlXG4gICkge31cblxuICBwcml2YXRlIGFzeW5jIGdldE90S2V5KFxuICAgIGtleUV4Y2hhbmdlOiBLZXlFeGNoYW5nZUZyYWdtZW50LFxuICAgIG90S2V5Sz86IHN0cmluZ1xuICApOiBQcm9taXNlPEpXSy5LZXk+IHtcbiAgICBpZiAob3RLZXlLKSB7XG4gICAgICByZXR1cm4gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoe1xuICAgICAgICAuLi5KU09OLnBhcnNlKGtleUV4Y2hhbmdlLm90ay5vdEtleVBhcmFtcyksXG4gICAgICAgIGs6IG90S2V5SyxcbiAgICAgIH0pO1xuICAgIH0gZWxzZSBpZiAoXG4gICAgICBrZXlFeGNoYW5nZS5vdGsuc3RhdGUgPT09ICdPVEtfSU5JVElBVEVEJyAmJlxuICAgICAgIWtleUV4Y2hhbmdlLmlzSW5pdGlhdG9yICYmXG4gICAgICBrZXlFeGNoYW5nZS5vdGsucmVzcG9uZGVyUGJrQ2lwaGVyXG4gICAgKSB7XG4gICAgICAvLyBBc3N1bWluZyBleGlzdGluZyB1c2VyIGdldHRpbmcgaW52aXRlZCB3aGVyZSBPVEsgaXMgd3JhcHBlZCBpbiByZXNwb25kZXIncyBwdWJsaWMga2V5LlxuICAgICAgY29uc3QgcHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRQeGsoKTtcbiAgICAgIGNvbnN0IGRlY3J5cHRlZENpcGhlcjogYW55ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxuICAgICAgICBwcmsuandrLFxuICAgICAgICBKU09OLnBhcnNlKGtleUV4Y2hhbmdlLm90ay5yZXNwb25kZXJQYmtDaXBoZXIpLFxuICAgICAgICB7XG4gICAgICAgICAgc2VyaWFsaXphdGlvbnM6IFtKb3NlU2VyaWFsaXphdGlvbi5DT01QQUNUXSxcbiAgICAgICAgfVxuICAgICAgKTtcbiAgICAgIGlmIChkZWNyeXB0ZWRDaXBoZXIub3RLZXkpIHtcbiAgICAgICAgcmV0dXJuIGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KGRlY3J5cHRlZENpcGhlci5vdEtleSk7XG4gICAgICB9XG4gICAgfVxuICAgIHJldHVybiBudWxsO1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBkZWNyeXB0T3RrKFxuICAgIGtleUV4Y2hhbmdlOiBLZXlFeGNoYW5nZUZyYWdtZW50LFxuICAgIG90S2V5Sz86IHN0cmluZ1xuICApOiBQcm9taXNlPEtleUV4Y2hhbmdlRnJhZ21lbnQ+IHtcbiAgICBjb25zdCBvdEtleSA9IGF3YWl0IHRoaXMuZ2V0T3RLZXkoa2V5RXhjaGFuZ2UsIG90S2V5Syk7XG5cbiAgICBsZXQgb3RrID0ga2V5RXhjaGFuZ2Uub3RrO1xuXG4gICAgaWYgKG90S2V5ICYmIG90ay5vdEtleUNpcGhlcikge1xuICAgICAgb3RrID0ge1xuICAgICAgICAuLi5vdGssXG4gICAgICAgIG90S2V5LFxuICAgICAgICBvdEtleUNpcGhlckNsZWFySnNvbjogYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxuICAgICAgICAgIG90S2V5LFxuICAgICAgICAgIGtleUV4Y2hhbmdlLm90ay5vdEtleUNpcGhlclxuICAgICAgICApLFxuICAgICAgfTtcbiAgICB9XG5cbiAgICByZXR1cm4ge1xuICAgICAgLi4ua2V5RXhjaGFuZ2UsXG4gICAgICBvdGssXG4gICAgfTtcbiAgfVxuXG4gIHByaXZhdGUgYXN5bmMgZGVjcnlwdFJlc3BvbnNlQ2lwaGVyKFxuICAgIG90S2V5OiBKV0suS2V5LFxuICAgIG90UHJrOiBKV0suS2V5LFxuICAgIGNvbnRlbnQ6IGFueVxuICApOiBQcm9taXNlPEluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb24+IHtcbiAgICAvLyBUaGUgcmVzcG9uc2UgY291bGQgYmUgd3JhcHBlZCBieSB0aGUgT3RLIGluIGFkZGl0aW9uIHRvIHRoZSBPdFBia1xuICAgIHRyeSB7XG4gICAgICBjb250ZW50ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KG90S2V5LCBjb250ZW50KTtcbiAgICB9IGNhdGNoIChlcnJvcikge1xuICAgICAgaWYgKGVycm9yLm1lc3NhZ2UgIT09ICdubyBrZXkgZm91bmQnKSB7XG4gICAgICAgIHRocm93IGVycm9yO1xuICAgICAgfVxuICAgICAgLy8gRG8gbm90aGluZyB0byBzdXBwb3J0IG9sZGVyIHZlcnNpb25zIHdoZXJlIG1lc3NhZ2UgaXMgbm90IHdyYXBwZWQgd2l0aCBvdGsuXG4gICAgfVxuXG4gICAgLy8gVGhlIFByayBpcyBzaW5nbGUtdXNlIGFuZCBvbmx5IHVzZWQgdG8gc2VuZCBpbmZvcm1hdGlvbiBmcm9tIHRoZSByZXNwb25kZXIgYmFjayB0byB0aGUgaW5pdGlhdG9yLlxuICAgIHJldHVybiBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQob3RQcmssIGNvbnRlbnQpO1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBkZWNyeXB0S2V5RXhjaGFuZ2VBc0luaXRpYXRvcihcbiAgICBrZXlFeGNoYW5nZTogS2V5RXhjaGFuZ2VGcmFnbWVudFxuICApOiBQcm9taXNlPEtleUV4Y2hhbmdlRnJhZ21lbnQ+IHtcbiAgICBjb25zdCByb290S2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRSb290S2V5KCk7XG5cbiAgICAvLyBEZWNyeXB0IHVzaW5nIHRoZSByb290IGtleSB0byBnZXQgdGhlIFBya1xuICAgIGNvbnN0IGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24gPSAoYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxuICAgICAgcm9vdEtleS5qd2ssXG4gICAgICBrZXlFeGNoYW5nZS5pbml0aWF0b3JSb290S2V5Q2lwaGVyXG4gICAgKSkgYXMgSW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbjI7XG5cbiAgICBjb25zdCBvdEtleSA9IGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxuICAgICAgaW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbi5vdEtleVxuICAgICk7XG5cbiAgICBrZXlFeGNoYW5nZSA9IHtcbiAgICAgIC4uLmtleUV4Y2hhbmdlLFxuICAgICAgaW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbixcbiAgICB9O1xuXG4gICAgbGV0IG90ayA9IGtleUV4Y2hhbmdlLm90aztcblxuICAgIGlmIChvdGsuaW5pdGlhdG9yT25lVGltZVBia0NpcGhlcikge1xuICAgICAgb3RrID0ge1xuICAgICAgICAuLi5vdGssXG4gICAgICAgIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb246IGF3YWl0IHRoaXMuZGVjcnlwdFJlc3BvbnNlQ2lwaGVyKFxuICAgICAgICAgIG90S2V5LFxuICAgICAgICAgIGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxuICAgICAgICAgICAgaW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbi5vbmVUaW1lUHJrXG4gICAgICAgICAgKSxcbiAgICAgICAgICBvdGsuaW5pdGlhdG9yT25lVGltZVBia0NpcGhlclxuICAgICAgICApLFxuICAgICAgfTtcbiAgICB9XG5cbiAgICBpZiAob3RrLm90S2V5Q2lwaGVyKSB7XG4gICAgICBvdGsub3RLZXlDaXBoZXJDbGVhckpzb24gPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXG4gICAgICAgIG90S2V5LFxuICAgICAgICBvdGsub3RLZXlDaXBoZXJcbiAgICAgICk7XG4gICAgfVxuXG4gICAgcmV0dXJuIHtcbiAgICAgIC4uLmtleUV4Y2hhbmdlLFxuICAgICAgb3RrLFxuICAgIH07XG4gIH1cblxuICBwcml2YXRlIGFzeW5jIGRlY3J5cHRLZXlFeGNoYW5nZUFzUmVzcG9uZGVyKFxuICAgIGtleUV4Y2hhbmdlOiBLZXlFeGNoYW5nZUZyYWdtZW50LFxuICAgIG90S2V5Sz86IHN0cmluZ1xuICApIHtcbiAgICByZXR1cm4gdGhpcy5kZWNyeXB0T3RrKGtleUV4Y2hhbmdlLCBvdEtleUspO1xuICB9XG5cbiAgYXN5bmMgZGVjcnlwdEtleUV4Y2hhbmdlKGtleUV4Y2hhbmdlOiBLZXlFeGNoYW5nZUZyYWdtZW50LCBvdEtleUs/OiBzdHJpbmcpIHtcbiAgICBpZiAoa2V5RXhjaGFuZ2UuaXNJbml0aWF0b3IpIHtcbiAgICAgIHJldHVybiB0aGlzLmRlY3J5cHRLZXlFeGNoYW5nZUFzSW5pdGlhdG9yKGtleUV4Y2hhbmdlKTtcbiAgICB9IGVsc2Uge1xuICAgICAgcmV0dXJuIHRoaXMuZGVjcnlwdEtleUV4Y2hhbmdlQXNSZXNwb25kZXIoa2V5RXhjaGFuZ2UsIG90S2V5Syk7XG4gICAgfVxuICB9XG5cbiAgYXN5bmMgZ2V0S2V5RXhjaGFuZ2VzKHsgc3RhdGUgfTogeyBzdGF0ZT86IEtleUV4Y2hhbmdlU3RhdGUyIH0gPSB7fSkge1xuICAgIGNvbnN0IHsga2V5RXhjaGFuZ2VzIH0gPSBhd2FpdCB0aGlzLmxyR3JhcGhRTC5xdWVyeSh7XG4gICAgICBxdWVyeTogS2V5RXhjaGFuZ2VzUXVlcnkyLFxuICAgICAgdmFyaWFibGVzOiB7XG4gICAgICAgIHN0YXRlLFxuICAgICAgfSxcbiAgICB9KTtcblxuICAgIHJldHVybiBQcm9taXNlLmFsbChcbiAgICAgIGtleUV4Y2hhbmdlcy5lZGdlcy5tYXAoKGVkZ2UpID0+IHRoaXMuZGVjcnlwdEtleUV4Y2hhbmdlKGVkZ2Uubm9kZSkpXG4gICAgKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBAcGFyYW0gaWQgSWYgdGhlIGN1cnJlbnQgdXNlciBjYW4gcmVzcG9uZGVyIHRoZSBrZXkgZXhjaGFuZ2UgaWYgdGhleSBhcmUgZWl0aGVyIHRoZSBpbml0aWF0b3Igb3IgdGhlIHJlY2VpdmVyLlxuICAgKiBAcGFyYW0gdG9rZW4gSWYgbm90IHNpZ25lZCBpbiwgb3Igbm90IHRoZSBpbml0aWF0b3Igb3IgcmVzcG9uZGVyLCAndG9rZW4nIG11c3QgYmUgZ2l2ZW4uXG4gICAqIEBwYXJhbSBvdEtleUsgSXMgdGhlIHJhdyBvbmUtdGltZSBrZXkgKHN0cmluZykuIElmIHRoZSByZXNwb25kZXIgaXMgZXhwbGljaXRseSBzcGVjaWZpZWQgYXQgdGltZSBvZiBpbml0aWF0aW9uLCB0aGVuXG4gICAqICAgaXQncyBwb3NzaWJsZSB0byBoYXZlIHRoZSBvdEtleSB3cmFwcGVkIGJ5IHRoZSBwdWJsaWMga2V5IG9mIHRoZSByZXNwb25kZXIuIEluIHdoaWNoIGNhc2UsIHRoZSBvdEtleUsgaXMgbm90IG5lZWRlZC5cbiAgICovXG4gIGFzeW5jIGdldEtleUV4Y2hhbmdlKFxuICAgIGlkOiBzdHJpbmcsXG4gICAgeyBvdEtleUssIHRva2VuIH06IEdldEtleUV4Y2hhbmdlT3B0aW9uczIgPSB7fVxuICApIHtcbiAgICBjb25zdCByZXMgPSBhd2FpdCB0aGlzLmxyR3JhcGhRTC5xdWVyeSh7XG4gICAgICBxdWVyeTogdG9rZW4gPyBLZXlFeGNoYW5nZVRva2VuUXVlcnkyIDogS2V5RXhjaGFuZ2VRdWVyeTIsXG4gICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgaWQsXG4gICAgICAgIHRva2VuLFxuICAgICAgfSxcbiAgICAgIGluY2x1ZGVLZXlHcmFwaDogIXRva2VuLCAvLyBpZiAhdG9rZW4gdGhlbiB3ZSBhcmUgcG9zdCBhdXRoLCBzbyBjYW4gZmV0Y2gga2V5R3JhcGhcbiAgICB9KTtcbiAgICByZXR1cm4gdGhpcy5kZWNyeXB0S2V5RXhjaGFuZ2UocmVzLmtleUV4Y2hhbmdlLCBvdEtleUspO1xuICB9XG5cbiAgcHVibGljIGFzeW5jIGdldEN1cnJlbnRVc2VyU2hhcmVkS2V5KGlucHV0OiB7XG4gICAgdXNlcm5hbWU/OiBzdHJpbmc7XG4gICAgdXNlcklkPzogc3RyaW5nO1xuICB9KSB7XG4gICAgcmV0dXJuIHRoaXMubHJHcmFwaFFMLnF1ZXJ5KHtcbiAgICAgIHF1ZXJ5OiBDdXJyZW50VXNlclNoYXJlZEtleVF1ZXJ5MixcbiAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICB1c2VybmFtZTogaW5wdXQudXNlcm5hbWUsXG4gICAgICAgIHVzZXJJZDogaW5wdXQudXNlcklkLFxuICAgICAgfSxcbiAgICB9KTtcbiAgfVxuXG4gIC8vIFRPRE86IGRlcHJlY2F0ZSB0aGlzXG4gIGFzeW5jIGNhbmNlbEtleUV4Y2hhbmdlKGlkOiBzdHJpbmcpIHtcbiAgICByZXR1cm4gdGhpcy5jYW5jZWxLZXlFeGNoYW5nZU11dGF0aW9uKGlkKTtcbiAgfVxuXG4gIGNhbmNlbEtleUV4Y2hhbmdlTXV0YXRpb24oaWQ6IHN0cmluZykge1xuICAgIHJldHVybiBuZXcgTHJNdXRhdGlvbih7XG4gICAgICBtdXRhdGlvbjogQ2FuY2VsS2V5RXhjaGFuZ2VNdXRhdGlvbixcbiAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICBpbnB1dDoge1xuICAgICAgICAgIGlkLFxuICAgICAgICB9LFxuICAgICAgfSxcbiAgICB9KTtcbiAgfVxuXG4gIC8vIFRPRE86IGRlcHJlY2F0ZSB0aGlzXG4gIGFzeW5jIGRlY2xpbmVLZXlFeGNoYW5nZShpZDogc3RyaW5nLCB0b2tlbjogc3RyaW5nKSB7XG4gICAgcmV0dXJuIHRoaXMuZGVjbGluZUtleUV4Y2hhbmdlTXV0YXRpb24oaWQsIHRva2VuKTtcbiAgfVxuXG4gIGRlY2xpbmVLZXlFeGNoYW5nZU11dGF0aW9uKGlkOiBzdHJpbmcsIHRva2VuOiBzdHJpbmcpIHtcbiAgICByZXR1cm4gbmV3IExyTXV0YXRpb24oe1xuICAgICAgbXV0YXRpb246IERlY2xpbmVLZXlFeGNoYW5nZU11dGF0aW9uLFxuICAgICAgdmFyaWFibGVzOiB7XG4gICAgICAgIGlucHV0OiB7XG4gICAgICAgICAgaWQsXG4gICAgICAgICAgdG9rZW4sXG4gICAgICAgIH0sXG4gICAgICB9LFxuICAgIH0pO1xuICB9XG5cbiAgYXN5bmMgaW5pdGlhdGVPdGsoe1xuICAgIG1lc3NhZ2UsXG4gICAgZW1haWwsXG4gICAgY29udGFjdENhcmQsXG4gICAgdXBncmFkZSxcbiAgfTogSW5pdGlhdGVPdGtJbnB1dDIgPSB7fSkge1xuICAgIGNvbnN0IG90S2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgIGNvbnN0IG5vbmNlID0gdGhpcy5rZXlGYWN0b3J5LnJhbmRvbVN0cmluZyh0aGlzLkNMSUVOVF9OT05DRV9MRU5HVEgpO1xuXG4gICAgLy8gTmV3IFBLQyBrZXkgZm9yIGVuY3J5cHRpb24uIFRoaXMga2V5IGlzIHVzZWQgb25seSBvbmNlIHdoZW4gdGhlIHJlc3BvbmRlciBzZW5kc1xuICAgIC8vIGJhY2sgdGhlaXIgc2lnbmluZyBwdWJsaWMga2V5LlxuICAgIGNvbnN0IGluaXRpYXRvck9uZVRpbWVQcmsgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlUGtjS2V5KCk7XG5cbiAgICAvLyBPcHRpb24gMTogTmV3IFBLQyBrZXkgZm9yIHNpZ25pbmdcbiAgICAvLyBjb25zdCBpbml0aWF0b3JTaWdQcmsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuY3JlYXRlUGtjU2lnbktleSgpO1xuXG4gICAgLy8gT3B0aW9uIDI6IFVzZSB0aGUgdXNlcidzIGdsb2JhbCBzaWduaW5nIGtleS5cbiAgICAvLyBUaGlzIGtleSBpcyB1c2VkIHRvIHByb3ZlIHRoZSBpbml0aWF0b3IncyBpZGVudGl0eS5cbiAgICBjb25zdCBpbml0aWF0b3JQcmsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFB4aygpO1xuICAgIGNvbnN0IGluaXRpYXRvclNpZ1ByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50U2lnUHhrKCk7XG5cbiAgICBsZXQgaW5pdGlhdG9yUGxhaW5EYXRhU2lnOiBzdHJpbmcgPSBudWxsO1xuXG4gICAgaWYgKGNvbnRhY3RDYXJkICYmIGNvbnRhY3RDYXJkLm93bmVyUGxhaW5EYXRhSnNvbikge1xuICAgICAgaW5pdGlhdG9yUGxhaW5EYXRhU2lnID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduVG9TdHJpbmcoXG4gICAgICAgIGluaXRpYXRvclNpZ1Byay5qd2ssXG4gICAgICAgIGNvbnRhY3RDYXJkLm93bmVyUGxhaW5EYXRhSnNvblxuICAgICAgKTtcbiAgICB9XG5cbiAgICBjb25zdCBpbml0aWF0b3IgPSB7XG4gICAgICBtZXNzYWdlLFxuICAgICAgY29udGFjdENhcmQ6IGNvbnRhY3RDYXJkICYmIHtcbiAgICAgICAgc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbjogY29udGFjdENhcmQuc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbixcbiAgICAgIH0sXG4gICAgfTtcblxuICAgIC8vIENvbnRlbnQgdG8gYmUgZW5jcnlwdGVkIHVzaW5nIHRoZSBPVEsuXG4gICAgY29uc3QgcGxhaW5PdEtleUNpcGhlcjogT3RLZXlDaXBoZXJDbGVhckpzb24yID0ge1xuICAgICAgLy8gVE9ETyBNYWtlIHN1cmUgd2UgYWxzbyBwdXQgdGhlIE9PQiBjb2RlIGluIGhlcmUgYXMgd2VsbCBzaW5jZSB0aGUgT09CIGNvZGUgaXMgdGhlXG4gICAgICAvLyBfb25seV8gaW5mb3JtYXRpb24gdGhlIEtDIHNlcnZlciBkb2VzIG5vdCBoYXZlIGFjY2VzcyB0by4gVGhlIHNlcnZlciBtYXkgaGF2ZVxuICAgICAgLy8gYWNjZXNzIHRvIE9USyBhbmQgaGVuY2UgdGhlIG5vbmNlIGhlcmUuIEl0J3MgZ29vZCB0byBoYXZlIGJvdGggdGhlIG5vbmNlIGFuZCBPT0IgY29kZVxuICAgICAgLy8gc2luY2UgdGhlIHVzZXIgbWF5IG5vdCBiZSB1c2luZyB0aGUgT09CIGNvZGUuIEFuZCBpdCdzIHNpbXBsZSB0byBhbHdheXMgaW5jbHVkZVxuICAgICAgLy8gdGhlIG5vbmNlLCBzbyB3aHkgbm90LlxuICAgICAgbm9uY2UsXG4gICAgICBpbml0aWF0b3I6IHtcbiAgICAgICAgLi4uaW5pdGlhdG9yLFxuICAgICAgICBvbmVUaW1lUGJrOiBpbml0aWF0b3JPbmVUaW1lUHJrLnRvSlNPTigpLCAvLyBvbmUtdGltZSBwdWJsaWMgZW5jcnlwdGlvbiBrZXkgcmVzcG9uZGVyIHVzZSB0byBzZW5kIGRhdGEgYmFjayB0byBpbml0aWF0b3JcbiAgICAgICAgcGJrOiBpbml0aWF0b3JQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMgZW5jcnlwdGlvbiBrZXlcbiAgICAgICAgc2lnUGJrOiBpbml0aWF0b3JTaWdQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMgc2lnbmluZyBrZXlcbiAgICAgIH0sXG4gICAgfTtcblxuICAgIGNvbnN0IG90S2V5Q2lwaGVyID0gYXdhaXQgdGhpcy5rZXlHcmFwaC5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICBvdEtleSxcbiAgICAgIHBsYWluT3RLZXlDaXBoZXJcbiAgICApO1xuXG4gICAgLy8gQ29udGVudCB0byBiZSBlbmNyeXB0ZWQgdXNpbmcgdGhlIGluaXRpYXRvcidzIHJvb3Qga2V5LlxuICAgIGNvbnN0IGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb246IEluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24yID0ge1xuICAgICAgbm9uY2UsXG4gICAgICBvbmVUaW1lUHJrOiBpbml0aWF0b3JPbmVUaW1lUHJrLnRvSlNPTih0cnVlKSxcbiAgICAgIC8vIFNob3VsZCBub3QgbmVlZCB0byBrZWVwIHRoaXMgZW5jcnlwdGVkIHNpbmNlIHdlIGFyZSB1c2luZyB0aGUgZ2xvYmFsIHNpZ25pbmcga2V5LlxuICAgICAgLy8gc2lnUHJrOiBpbml0aWF0b3JTaWdQcmsudG9KU09OKHRydWUpLFxuXG4gICAgICAvLyBTYXZlIGl0IGluIGNhc2UgdGhlIGluaXRpYXRvciB3YW50IHRvIGRlY29kZSB0aGUgb3RLZXlDaXBoZXIuXG4gICAgICAvLyBTaW5jZSB0aGUgb3RLZXkgaXMgb25seSB1c2VkIG9uY2UsIGFuZCB0aGF0IG90S2V5Q2lwaGVyIGNvbnRhaW5zIG9ubHlcbiAgICAgIC8vIHRoZSBwdWJsaWMga2V5IG9mIHRoZSBpbml0aWF0b3IsIGl0J3Mgc2FmZSBqdXN0IGxlYXZlIHRoZSBvdEtleSBzdG9yZWQgaGVyZS5cbiAgICAgIG90S2V5OiBvdEtleS50b0pTT04odHJ1ZSksXG4gICAgICAvLyBUaGVzZSBzaG91bGQgYmUgc3RvcmluZyBpbmZvcm1hdGlvbiBzdWNoIGFzIGhvdyB0aGUgZmllbGRzIG9mIHRoZSBzaGFyZWQgY29udGFjdCBjYXJkIGlzXG4gICAgICAvLyBkZXJpdmVkIGZyb20gdGhlIG1hc3RlciBjb250YWN0IGNhcmQuXG4gICAgICBpbml0aWF0b3JDb250YWN0Q2FyZDogY29udGFjdENhcmQsXG4gICAgICBpbml0aWF0b3IsXG4gICAgfTtcblxuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcbiAgICBjb25zdCBpbml0aWF0b3JSb290S2V5Q2lwaGVyID0gYXdhaXQgdGhpcy5rZXlHcmFwaC5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICByb290S2V5Lmp3ayxcbiAgICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb25cbiAgICApO1xuXG4gICAgLy8gVGhlIHJhdyBPVEtcbiAgICBjb25zdCBvdEtleUs6IHN0cmluZyA9IChvdEtleS50b0pTT04odHJ1ZSkgYXMgYW55KS5rO1xuXG4gICAgLy8gQVBJIGNhbGxcbiAgICBjb25zdCBsck11dGF0aW9uID0gbmV3IExyTXV0YXRpb24oe1xuICAgICAgbXV0YXRpb246IEluaXRpYXRlS2V5RXhjaGFuZ2VPdGtNdXRhdGlvbixcbiAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICBpbnB1dDoge1xuICAgICAgICAgIC8vIFRoZXNlIHdpbGwgYmUgc3RvcmVkIG9uIHRoZSBzZXJ2ZXJcbiAgICAgICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyLFxuICAgICAgICAgIGluaXRpYXRvclB4a0lkOiBpbml0aWF0b3JQcmsuaWQsXG4gICAgICAgICAgaW5pdGlhdG9yU2lnUHhrSWQ6IGluaXRpYXRvclNpZ1Byay5pZCxcbiAgICAgICAgICAvLyBUaGVzZSB3aWxsIGJlIHNlbnQgdG8gdGhlIHJlc3BvbmRlclxuICAgICAgICAgIG90S2V5UGFyYW1zOiBKU09OLnN0cmluZ2lmeShvdEtleS50b0pTT04oKSksXG4gICAgICAgICAgb3RLZXlDaXBoZXIsXG4gICAgICAgICAgc2VuZEVtYWlsOiBlbWFpbCAmJiB7XG4gICAgICAgICAgICBlbWFpbCxcbiAgICAgICAgICAgIHJhd090S2V5OiBvdEtleUssXG4gICAgICAgICAgfSxcbiAgICAgICAgICBjcmVhdGVUcDogdHJ1ZSxcbiAgICAgICAgICBpbml0aWF0b3JQbGFpbkRhdGFTaWcsXG4gICAgICAgICAgdXBncmFkZSxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfSk7XG5cbiAgICByZXR1cm4geyBsck11dGF0aW9uLCBvdEtleUsgfTtcbiAgfVxuXG4gIGFzeW5jIHJlc3BvbmRPdGsoe1xuICAgIGtleUV4Y2hhbmdlSWQsXG4gICAgdG9rZW4sXG4gICAgZGVjcnlwdGVkT3RrLFxuICAgIG1lc3NhZ2UsXG4gICAgaW5pdGlhdG9yQ29udGFjdENhcmQsXG4gICAgcmVzcG9uZGVyQ29udGFjdENhcmQsXG4gIH06IFJlc3BvbmRPdGtJbnB1dDIpIHtcbiAgICBjb25zdCByb290S2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRSb290S2V5KCk7XG5cbiAgICBjb25zdCBtYXN0ZXJLZXlJZCA9IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50TWFzdGVyS2V5KCkuaWQ7XG4gICAgY29uc3QgbWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRNYXN0ZXJLZXkoKTtcblxuICAgIGNvbnN0IHNoYXJlZEtleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcbiAgICBjb25zdCBta1NoYXJlZEtleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcblxuICAgIGNvbnN0IHJrV3JhcHBlZFNoYXJlZEtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgIHJvb3RLZXkuandrLFxuICAgICAgc2hhcmVkS2V5LnRvSlNPTih0cnVlKVxuICAgICk7XG4gICAgY29uc3QgbWtXcmFwcGVkTWtTaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICBtYXN0ZXJLZXkuandrLFxuICAgICAgbWtTaGFyZWRLZXkudG9KU09OKHRydWUpXG4gICAgKTtcblxuICAgIGNvbnN0IGluaXRpYXRvck9uZVRpbWVQYmsgPSBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShcbiAgICAgIGRlY3J5cHRlZE90ay5vdEtleUNpcGhlckNsZWFySnNvbi5pbml0aWF0b3Iub25lVGltZVBia1xuICAgICk7XG5cbiAgICBjb25zdCBpbml0aWF0b3JQYmsgPSBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShcbiAgICAgIGRlY3J5cHRlZE90ay5vdEtleUNpcGhlckNsZWFySnNvbi5pbml0aWF0b3IucGJrXG4gICAgKTtcbiAgICBjb25zdCBpbml0aWF0b3JTaWdQYmsgPSBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShcbiAgICAgIGRlY3J5cHRlZE90ay5vdEtleUNpcGhlckNsZWFySnNvbi5pbml0aWF0b3Iuc2lnUGJrXG4gICAgKTtcblxuICAgIC8vIE9wdGlvbiAxOiBVc2luZyBuZXcgUHJrIGZvciBlYWNoIFRQIHBhaXJcbiAgICAvLyBDcmVhdGUgYSBuZXcgcHVibGljIHNpZ25pbmcga2V5IGZvciB0aGUgcmVzcG9uZGVyLlxuICAgIC8vIGNvbnN0IHJlc3BvbmRlclNpZ1ByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5jcmVhdGVQa2NTaWduS2V5KClcbiAgICAvLyBjb25zdCBya1dyYXBwZWRSZXNwb25kZXJTaWdQcmsgPSBhd2FpdCB0aGlzLmVuY3J5cHQocm9vdEtleSwgcmVzcG9uZGVyU2lnUHJrLnRvSlNPTih0cnVlKSk7XG5cbiAgICAvLyBPcHRpb24gMjogUmVzcG9uZGVyIGFscmVhZHkgaGFzIGEgc2lnbmluZyBQcmtcbiAgICBjb25zdCByZXNwb25kZXJQcmsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFB4aygpO1xuICAgIGNvbnN0IHJlc3BvbmRlclNpZ1ByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50U2lnUHhrKCk7XG5cbiAgICBjb25zdCBzaWduZWRJbml0aWF0b3JQYmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXG4gICAgICByZXNwb25kZXJTaWdQcmsuandrLFxuICAgICAgaW5pdGlhdG9yUGJrLnRvSlNPTigpXG4gICAgKTtcbiAgICBjb25zdCBzaWduZWRJbml0aWF0b3JTaWdQYmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXG4gICAgICByZXNwb25kZXJTaWdQcmsuandrLFxuICAgICAgaW5pdGlhdG9yU2lnUGJrLnRvSlNPTigpXG4gICAgKTtcblxuICAgIGNvbnN0IGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb246IEluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb24gPSB7XG4gICAgICBub25jZTogZGVjcnlwdGVkT3RrLm90S2V5Q2lwaGVyQ2xlYXJKc29uLm5vbmNlLFxuICAgICAgc2hhcmVkS2V5OiBzaGFyZWRLZXkudG9KU09OKHRydWUpLFxuICAgICAgbWtTaGFyZWRLZXk6IG1rU2hhcmVkS2V5LnRvSlNPTih0cnVlKSxcbiAgICAgIHJlc3BvbmRlcjoge1xuICAgICAgICBwYms6IHJlc3BvbmRlclByay5qd2sudG9KU09OKCksIC8vIHB1YmxpYyBrZXlcbiAgICAgICAgc2lnUGJrOiByZXNwb25kZXJTaWdQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMga2V5XG4gICAgICAgIG1lc3NhZ2UsXG4gICAgICB9LFxuICAgIH07XG5cbiAgICBsZXQgcmVjZWl2ZWRDYXJkSW5wdXQ7XG4gICAgaWYgKGRlY3J5cHRlZE90ay5vdEtleUNpcGhlckNsZWFySnNvbi5pbml0aWF0b3IuY29udGFjdENhcmQpIHtcbiAgICAgIC8vIFNldCB0aGUgaW5mbyBhYm91dCB0aGUgaW5pdGlhdG9yIHRvIGJlIHRoZSBvbmVzIHNlbnQgYnkgdGhlIGluaXRpYXRvci4gV2UgbmVlZCB0aCByZXNwb25kZXIgdG8gZG8gdGhlIGVuY3J5cHRpb24gaGVyZVxuICAgICAgLy8gYmVjYXVzZSB0aGUgaW5pdGlhdG9yIGRvZXMgbm90IGhhdmUgdGhlIHNoYXJlZCBrZXkgeWV0LCBhbmQgd2Ugd2FudCB0aGUgcmVzcG9uZGVyIHRvIGhhdmUgYSBmdW5jdGlvbmFsIGNvbnRhY3QgY2FyZCBhZnRlclxuICAgICAgLy8gdGhpcyBleGNoYW5nZS4gVGhlIGluaXRpYXRvciBjYW4gZG91YmxlIGNoZWNrIHRoZSBjb250YWN0IGRldGFpbHMgYXJlIGNvcnJlY3QgYW5kIHNpZ24gaXQgd2hlbiBpdCBjb21wbGV0ZXMgdGhlIGV4Y2hhbmdlLlxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbiA9XG4gICAgICAgIGRlY3J5cHRlZE90ay5vdEtleUNpcGhlckNsZWFySnNvbi5pbml0aWF0b3IuY29udGFjdENhcmRcbiAgICAgICAgICAuc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbjtcblxuICAgICAgLy8gQ3JlYXRlIGtleXNcbiAgICAgIGNvbnN0IHJlY2VpdmVyS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgICAgY29uc3QgY2NTaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgICBjb25zdCBzaWdQeGsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFNpZ1B4aygpO1xuXG4gICAgICByZWNlaXZlZENhcmRJbnB1dCA9IHtcbiAgICAgICAgcmVjZWl2ZXJXcmFwcGVkS2V5OiBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICAgICAgICByb290S2V5Lmp3ayxcbiAgICAgICAgICAgIHJlY2VpdmVyS2V5LnRvSlNPTih0cnVlKVxuICAgICAgICAgIClcbiAgICAgICAgKSxcbiAgICAgICAgcmVjZWl2ZXJXcmFwcGluZ0tleUlkOiByb290S2V5LmlkLFxuICAgICAgICByZWNlaXZlckNpcGhlckRhdGE6IGluaXRpYXRvckNvbnRhY3RDYXJkXG4gICAgICAgICAgPyBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgICAgIHJlY2VpdmVyS2V5LFxuICAgICAgICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkLnJlY2VpdmVyQ2lwaGVyRGF0YUNsZWFySnNvblxuICAgICAgICAgICAgICApXG4gICAgICAgICAgICApXG4gICAgICAgICAgOiAnJyxcbiAgICAgICAgc2hhcmVkV3JhcHBlZEtleTogSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgc2hhcmVkS2V5LFxuICAgICAgICAgICAgY2NTaGFyZWRLZXkudG9KU09OKHRydWUpXG4gICAgICAgICAgKVxuICAgICAgICApLFxuICAgICAgfTtcblxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgY2NTaGFyZWRLZXksXG4gICAgICAgIHNoYXJlZENpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICk7XG4gICAgICByZWNlaXZlZENhcmRJbnB1dC5zaGFyZWRDaXBoZXJEYXRhU2lnID0gSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihzaWdQeGsuandrLCBzaGFyZWRDaXBoZXJEYXRhKVxuICAgICAgKTtcbiAgICAgIHJlY2VpdmVkQ2FyZElucHV0LnNpZ1B4a0lkID0gc2lnUHhrLmlkO1xuXG4gICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uLnJlc3BvbmRlci5jb250YWN0Q2FyZCA9IHtcbiAgICAgICAgLi4uaW5pdGlhdG9yT25lVGltZVBia0NpcGhlckNsZWFySnNvbi5yZXNwb25kZXIuY29udGFjdENhcmQsXG4gICAgICAgIHNoYXJlZENpcGhlcktleTogY2NTaGFyZWRLZXkudG9KU09OKHRydWUpLFxuICAgICAgfTtcbiAgICB9XG5cbiAgICBsZXQgcmVzcG9uZGVyQ2FyZElucHV0O1xuICAgIGlmIChyZXNwb25kZXJDb250YWN0Q2FyZCkge1xuICAgICAgLy8gQ3JlYXRlIGtleXNcbiAgICAgIGNvbnN0IG93bmVyS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgICAgY29uc3QgY2NTaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgICBjb25zdCBzaWdQeGsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFNpZ1B4aygpO1xuXG4gICAgICByZXNwb25kZXJDYXJkSW5wdXQgPSB7XG4gICAgICAgIG93bmVyV3JhcHBlZEtleTogSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgcm9vdEtleS5qd2ssXG4gICAgICAgICAgICBvd25lcktleS50b0pTT04odHJ1ZSlcbiAgICAgICAgICApXG4gICAgICAgICksXG4gICAgICAgIG93bmVyV3JhcHBpbmdLZXlJZDogcm9vdEtleS5pZCxcbiAgICAgICAgb3duZXJDaXBoZXJEYXRhOiByZXNwb25kZXJDb250YWN0Q2FyZC5vd25lckNpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICAgICA/IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICAgICAgICAgICAgb3duZXJLZXksXG4gICAgICAgICAgICAgICAgcmVzcG9uZGVyQ29udGFjdENhcmQub3duZXJDaXBoZXJEYXRhQ2xlYXJKc29uXG4gICAgICAgICAgICAgIClcbiAgICAgICAgICAgIClcbiAgICAgICAgICA6ICcnLFxuXG4gICAgICAgIHNoYXJlZFdyYXBwZWRLZXk6IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgICAgIHNoYXJlZEtleSxcbiAgICAgICAgICAgIGNjU2hhcmVkS2V5LnRvSlNPTih0cnVlKVxuICAgICAgICAgIClcbiAgICAgICAgKSxcbiAgICAgIH07XG5cbiAgICAgIGNvbnN0IHNoYXJlZENpcGhlckRhdGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICAgIGNjU2hhcmVkS2V5LFxuICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uXG4gICAgICApO1xuICAgICAgcmVzcG9uZGVyQ2FyZElucHV0LnNoYXJlZENpcGhlckRhdGFTaWcgPSBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKHNpZ1B4ay5qd2ssIHNoYXJlZENpcGhlckRhdGEpXG4gICAgICApO1xuICAgICAgcmVzcG9uZGVyQ2FyZElucHV0LnNpZ1B4a0lkID0gc2lnUHhrLmlkO1xuXG4gICAgICBpZiAocmVzcG9uZGVyQ29udGFjdENhcmQub3duZXJQbGFpbkRhdGFKc29uKSB7XG4gICAgICAgIHJlc3BvbmRlckNhcmRJbnB1dC5vd25lclBsYWluRGF0YVNpZyA9IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihcbiAgICAgICAgICAgIHJlc3BvbmRlclNpZ1Byay5qd2ssXG4gICAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5vd25lclBsYWluRGF0YUpzb25cbiAgICAgICAgICApXG4gICAgICAgICk7XG4gICAgICB9XG5cbiAgICAgIC8vIENvbnRhY3QgY2FyZCBpbmZvIHJlYWRhYmxlIGJ5IHRoZSBpbml0aWF0b3JcbiAgICAgIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb24ucmVzcG9uZGVyLmNvbnRhY3RDYXJkID0ge1xuICAgICAgICAuLi5pbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uLnJlc3BvbmRlci5jb250YWN0Q2FyZCxcbiAgICAgICAgc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbjpcbiAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uLFxuICAgICAgfTtcbiAgICB9XG5cbiAgICAvLyBFbmNyeXB0IHdpdGggb25lLXRpbWUgcHVibGljIGtleVxuICAgIGxldCBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgaW5pdGlhdG9yT25lVGltZVBiayxcbiAgICAgIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb25cbiAgICApO1xuXG4gICAgLy8gRW5jcnlwdCB3aXRoIHRoZSBvdGsgYWdhaW4gdG8ga2VlcCB1c2Ugb2YgYXN5bW1ldHJpYyBrZXlzIHRvIGEgbWluaW11bS5cbiAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgZGVjcnlwdGVkT3RrLm90S2V5LFxuICAgICAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlclxuICAgICk7XG5cbiAgICByZXR1cm4gbmV3IExyTXV0YXRpb24oe1xuICAgICAgbXV0YXRpb246IFJlc3BvbmRLZXlFeGNoYW5nZU90a011dGF0aW9uLFxuICAgICAgdmFyaWFibGVzOiB7XG4gICAgICAgIGlucHV0OiB7XG4gICAgICAgICAga2V5RXhjaGFuZ2VJZCxcbiAgICAgICAgICBrZXlFeGNoYW5nZVRva2VuOiB0b2tlbixcbiAgICAgICAgICByb290S2V5SWQ6IHJvb3RLZXkuaWQsXG4gICAgICAgICAgbWFzdGVyS2V5SWQsXG4gICAgICAgICAgLy8gVGhlc2Ugd2lsbCBiZSBzdG9yZWQgb24gdGhlIHNlcnZlclxuICAgICAgICAgIHJlc3BvbmRlclB4a0lkOiByZXNwb25kZXJQcmsuaWQsXG4gICAgICAgICAgcmVzcG9uZGVyU2lnUHhrSWQ6IHJlc3BvbmRlclNpZ1Byay5pZCxcbiAgICAgICAgICBzaWduZWRJbml0aWF0b3JQYms6IEpTT04uc3RyaW5naWZ5KHNpZ25lZEluaXRpYXRvclBiayksXG4gICAgICAgICAgc2lnbmVkSW5pdGlhdG9yU2lnUGJrOiBKU09OLnN0cmluZ2lmeShzaWduZWRJbml0aWF0b3JTaWdQYmspLFxuICAgICAgICAgIC8vIHJrV3JhcHBlZEluaXRpYXRvclNpZ1BiazogSlNPTi5zdHJpbmdpZnkocmtXcmFwcGVkSW5pdGlhdG9yU2lnUGJrKSxcblxuICAgICAgICAgIC8vIE9wdGlvbiAxOiBVc2luZyBuZXcgUHJrIGZvciBlYWNoIFRQIHBhaXJcbiAgICAgICAgICAvLyBya1dyYXBwZWRSZXNwb25kZXJTaWdQcms6IEpTT04uc3RyaW5naWZ5KHJrV3JhcHBlZFJlc3BvbmRlclNpZ1ByayksXG4gICAgICAgICAgcmtXcmFwcGVkU2hhcmVkS2V5OiBKU09OLnN0cmluZ2lmeShya1dyYXBwZWRTaGFyZWRLZXkpLFxuICAgICAgICAgIG1rV3JhcHBlZE1rU2hhcmVkS2V5OiBKU09OLnN0cmluZ2lmeShta1dyYXBwZWRNa1NoYXJlZEtleSksXG4gICAgICAgICAgLy8gVGhlc2Ugd2lsbCBiZSBzZW50IHRvIHRoZSBpbml0aWF0b3JcbiAgICAgICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyOiBKU09OLnN0cmluZ2lmeShpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyKSxcbiAgICAgICAgICBpbml0aWF0b3JDb250YWN0Q2FyZDogcmVjZWl2ZWRDYXJkSW5wdXQsXG4gICAgICAgICAgcmVzcG9uZGVyQ29udGFjdENhcmQ6IHJlc3BvbmRlckNhcmRJbnB1dCxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfSk7XG4gIH1cblxuICBhc3luYyBjb21wbGV0ZU90ayh7XG4gICAga2V5RXhjaGFuZ2VJZCxcbiAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyLFxuICAgIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIsXG4gICAgcmVzcG9uZGVyQ29udGFjdENhcmQsXG4gICAgaW5pdGlhdG9yQ29udGFjdENhcmQsXG4gIH06IENvbXBsZXRlT3RrSW5wdXQyKSB7XG4gICAgY29uc3Qgcm9vdEtleSA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50Um9vdEtleSgpO1xuICAgIGNvbnN0IG1hc3RlcktleSA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50TWFzdGVyS2V5KCk7XG5cbiAgICAvLyBEZWNyeXB0IHVzaW5nIHRoZSByb290IGtleSB0byBnZXQgdGhlIFBya1xuICAgIGNvbnN0IGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24gPSAoYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxuICAgICAgcm9vdEtleS5qd2ssXG4gICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyXG4gICAgKSkgYXMgSW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbjI7XG5cbiAgICAvLyBUaGUgUHJrIGlzIHNpbmdsZS11c2UgYW5kIG9ubHkgdXNlZCB0byBzZW5kIGluZm9ybWF0aW9uIGZyb20gdGhlIHJlc3BvbmRlciBiYWNrIHRvIHRoZSBpbml0aWF0b3IuXG4gICAgY29uc3QgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyID0gYXdhaXQgdGhpcy5kZWNyeXB0UmVzcG9uc2VDaXBoZXIoXG4gICAgICBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShpbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uLm90S2V5KSxcbiAgICAgIGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24ub25lVGltZVByayksXG4gICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyXG4gICAgKTtcblxuICAgIC8vIENoZWNrIHRoZSBub25jZSBtYXRjaCB0byBlbnN1cmUgdGhlIHJlc3BvbmRlciB3YXMgdGhlIG9uZSBob2xkaW5nIHRoZSBPVEtcbiAgICBpZiAoXG4gICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uLm5vbmNlICE9PVxuICAgICAgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLm5vbmNlXG4gICAgKSB7XG4gICAgICB0aHJvdyBuZXcgTHJDb2RlTWlzbWF0Y2hFeGNlcHRpb24oXG4gICAgICAgICdUaGUgbm9uY2UgcmV0dXJuZWQgYnkgcmVzcG9uZGVyIGRvZXMgbm90IG1hdGNoIHdpdGggdGhlIG9uZSBjcmVhdGVkIGJ5IHRoZSBpbml0aWF0b3IuJ1xuICAgICAgKTtcbiAgICB9XG5cbiAgICAvLyBPcHRpb24gMTogQXNzdW1pbmcgdGhlIHNpZ25pbmcga2V5IGlzIHVuaXF1ZSBiZXR3ZWVuIHVzZXJzLlxuICAgIC8vIGNvbnN0IGluaXRpYXRvclNpZ1ByayA9IGF3YWl0IEtGUy5hc0tleShrZS5wbGFpbkluaXRpYXRvclJvb3RLZXlDaXBoZXIuc2lnUHJrKTtcbiAgICAvLyBjb25zdCBya1dyYXBwZWRJbml0aWF0b3JTaWdQcmsgPSBhd2FpdCB0aGlzLmVuY3J5cHQocm9vdEtleSwgaW5pdGlhdG9yU2lnUHJrLnRvSlNPTih0cnVlKSk7XG5cbiAgICAvLyBPcHRpb24gMjogVXNlIHRoZSB1c2VyJ3MgZ2xvYmFsIHNpZ25pbmcga2V5LlxuICAgIC8vIEluIHRoaXMgY2FzZSB0aGUgaW5pdGlhdG9yU2lnUHJrIGlzIGFscmVhZHkgYSBwYXJ0IG9mIHRoZSBrZXkgZ3JhcGguXG4gICAgLy8gU28gdGhlcmUncyBub3RoaW5nIHRvIGRvIGhlcmUuXG5cbiAgICAvLyBQcm90ZWN0ZWQgdGhlIHNpZ25pbmcgcHVibGljIGtleSBvZiB0aGUgcmVzcG9uZGVyLlxuICAgIGNvbnN0IGluaXRpYXRvclNpZ1ByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50U2lnUHhrKCk7XG4gICAgY29uc3QgcmVzcG9uZGVyU2lnUGJrID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXG4gICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIucmVzcG9uZGVyLnNpZ1Bia1xuICAgICk7XG4gICAgY29uc3QgcmVzcG9uZGVyUGJrID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXG4gICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIucmVzcG9uZGVyLnBia1xuICAgICk7XG5cbiAgICBjb25zdCBzaWduZWRSZXNwb25kZXJQYmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXG4gICAgICBpbml0aWF0b3JTaWdQcmsuandrLFxuICAgICAgcmVzcG9uZGVyUGJrLnRvSlNPTigpXG4gICAgKTtcbiAgICBjb25zdCBzaWduZWRSZXNwb25kZXJTaWdQYmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXG4gICAgICBpbml0aWF0b3JTaWdQcmsuandrLFxuICAgICAgcmVzcG9uZGVyU2lnUGJrLnRvSlNPTigpXG4gICAgKTtcblxuICAgIGNvbnN0IHNoYXJlZEtleSA9IGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxuICAgICAgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLnNoYXJlZEtleVxuICAgICk7XG4gICAgY29uc3QgcmtXcmFwcGVkU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgcm9vdEtleS5qd2ssXG4gICAgICBzaGFyZWRLZXkudG9KU09OKHRydWUpXG4gICAgKTtcblxuICAgIGNvbnN0IG1rU2hhcmVkS2V5ID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXG4gICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIubWtTaGFyZWRLZXlcbiAgICApO1xuICAgIGNvbnN0IG1rV3JhcHBlZE1rU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgbWFzdGVyS2V5Lmp3ayxcbiAgICAgIG1rU2hhcmVkS2V5LnRvSlNPTih0cnVlKVxuICAgICk7XG5cbiAgICBsZXQgcmVzcG9uZGVyQ29udGFjdENhcmRDaXBoZXJJbnB1dDtcbiAgICBpZiAocmVzcG9uZGVyQ29udGFjdENhcmQpIHtcbiAgICAgIC8vIENyZWF0ZSBrZXlcbiAgICAgIGNvbnN0IHJlY2VpdmVyS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuXG4gICAgICByZXNwb25kZXJDb250YWN0Q2FyZENpcGhlcklucHV0ID0ge1xuICAgICAgICByZWNlaXZlcldyYXBwZWRLZXk6IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgICAgIHJvb3RLZXkuandrLFxuICAgICAgICAgICAgcmVjZWl2ZXJLZXkudG9KU09OKHRydWUpXG4gICAgICAgICAgKVxuICAgICAgICApLFxuICAgICAgICByZWNlaXZlcldyYXBwaW5nS2V5SWQ6IHJvb3RLZXkuaWQsXG4gICAgICAgIHJlY2VpdmVyQ2lwaGVyRGF0YTogSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgcmVjZWl2ZXJLZXksXG4gICAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5yZWNlaXZlckNpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICAgICApXG4gICAgICAgICksXG4gICAgICB9O1xuICAgIH1cblxuICAgIC8vIEdldCB0aGUgZGF0YSBuZWVkZWQgZnJvbSB0aGUgaW5pdGlhdG9yJ3MgY2lwaGVyIGRhdGEuXG4gICAgbGV0IGluaXRpYXRvckNvbnRhY3RDYXJkQ2lwaGVySW5wdXQ7XG4gICAgbGV0IGluaXRpYXRvckNvbnRhY3RDYXJkU2hhcmVkQ2lwaGVySW5wdXQ7XG4gICAgaWYgKGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24uaW5pdGlhdG9yQ29udGFjdENhcmQpIHtcbiAgICAgIC8vIFRoZSBpbml0aWF0b3JDb250YWN0Q2FyZCBjcmVhdGVkIGR1cmluZyB0aGUgY3JlYXRpb24gb2YgdGhlIGludml0ZSBhbmQgZW5jcnlwdGVkIHVzaW5nIHRoZSBpbml0aWF0b3Inc1xuICAgICAgLy8gcm9vdCBrZXlcbiAgICAgIGNvbnN0IGluaXRpYXRvckNvbnRhY3RDYXJkRnJvbUluaXQgPVxuICAgICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uLmluaXRpYXRvckNvbnRhY3RDYXJkO1xuICAgICAgY29uc3Qgb3duZXJLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgICBjb25zdCBzaGFyZWRDaXBoZXJLZXkgPSBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShcbiAgICAgICAgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLnJlc3BvbmRlci5jb250YWN0Q2FyZC5zaGFyZWRDaXBoZXJLZXlcbiAgICAgICk7XG5cbiAgICAgIGNvbnN0IG93bmVyV3JhcHBlZEtleSA9IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQocm9vdEtleS5qd2ssIG93bmVyS2V5LnRvSlNPTih0cnVlKSlcbiAgICAgICk7XG5cbiAgICAgIC8vIEFsbG93IHRoZSBpbml0aWF0b3JDb250YWN0Q2FyZCBwYXJhbWV0ZXIgdG8gb3ZlcnJpZGVcbiAgICAgIGNvbnN0IG93bmVyQ2lwaGVyRGF0YUNsZWFySnNvbiA9XG4gICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkPy5vd25lckNpcGhlckRhdGFDbGVhckpzb24gfHxcbiAgICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmRGcm9tSW5pdC5vd25lckNpcGhlckRhdGFDbGVhckpzb247XG5cbiAgICAgIGNvbnN0IG93bmVyQ2lwaGVyRGF0YSA9IG93bmVyQ2lwaGVyRGF0YUNsZWFySnNvblxuICAgICAgICA/IGF3YWl0IHRoaXMua2V5R3JhcGguZW5jcnlwdFRvU3RyaW5nKFxuICAgICAgICAgICAgb3duZXJLZXksXG4gICAgICAgICAgICBvd25lckNpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICAgICApXG4gICAgICAgIDogJyc7XG5cbiAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkQ2lwaGVySW5wdXQgPSB7XG4gICAgICAgIG93bmVyV3JhcHBlZEtleSxcbiAgICAgICAgb3duZXJXcmFwcGluZ0tleUlkOiByb290S2V5LmlkLFxuICAgICAgICBvd25lckNpcGhlckRhdGEsXG4gICAgICB9O1xuXG4gICAgICBpbml0aWF0b3JDb250YWN0Q2FyZFNoYXJlZENpcGhlcklucHV0ID0ge1xuICAgICAgICBzaWdQeGtJZDogaW5pdGlhdG9yU2lnUHJrLmlkLFxuICAgICAgfTtcblxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgc2hhcmVkQ2lwaGVyS2V5LFxuICAgICAgICBpbml0aWF0b3JDb250YWN0Q2FyZEZyb21Jbml0LnNoYXJlZENpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICk7XG4gICAgICBpbml0aWF0b3JDb250YWN0Q2FyZFNoYXJlZENpcGhlcklucHV0LnNoYXJlZENpcGhlckRhdGFTaWcgPSBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKGluaXRpYXRvclNpZ1Byay5qd2ssIHNoYXJlZENpcGhlckRhdGEpXG4gICAgICApO1xuICAgIH1cblxuICAgIC8vIFRPRE8gaWRlYWxseSB3ZSB1cGRhdGUgdGhlIHNoYXJlZCBkYXRhIGluIHRoZSBjb250YWN0IGNhcmQgc2VudCB0byB0aGUgcmVzcG9uZGVyIGFzIHdlbGwgc2luY2UgdGhhdFxuICAgIC8vIENDIHdhcyBjcmVhdGVkIGJ5IHRoZSByZXNwb25kZXIuXG5cbiAgICByZXR1cm4gbmV3IExyTXV0YXRpb24oe1xuICAgICAgbXV0YXRpb246IENvbXBsZXRlS2V5RXhjaGFuZ2VPdGtNdXRhdGlvbixcbiAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICBpbnB1dDoge1xuICAgICAgICAgIGtleUV4Y2hhbmdlSWQsXG4gICAgICAgICAgcm9vdEtleUlkOiByb290S2V5LmlkLFxuICAgICAgICAgIG1hc3RlcktleUlkOiBtYXN0ZXJLZXkuaWQsXG4gICAgICAgICAgaW5pdGlhdG9yU2lnUHhrSWQ6IGluaXRpYXRvclNpZ1Byay5pZCxcbiAgICAgICAgICBzaWduZWRSZXNwb25kZXJQYms6IEpTT04uc3RyaW5naWZ5KHNpZ25lZFJlc3BvbmRlclBiayksXG4gICAgICAgICAgc2lnbmVkUmVzcG9uZGVyU2lnUGJrOiBKU09OLnN0cmluZ2lmeShzaWduZWRSZXNwb25kZXJTaWdQYmspLFxuICAgICAgICAgIHJrV3JhcHBlZFNoYXJlZEtleTogSlNPTi5zdHJpbmdpZnkocmtXcmFwcGVkU2hhcmVkS2V5KSxcbiAgICAgICAgICBta1dyYXBwZWRNa1NoYXJlZEtleTogSlNPTi5zdHJpbmdpZnkobWtXcmFwcGVkTWtTaGFyZWRLZXkpLFxuICAgICAgICAgIHJlc3BvbmRlckNvbnRhY3RDYXJkQ2lwaGVyOiByZXNwb25kZXJDb250YWN0Q2FyZENpcGhlcklucHV0LFxuICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkQ2lwaGVyOiBpbml0aWF0b3JDb250YWN0Q2FyZENpcGhlcklucHV0LFxuICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkU2hhcmVkQ2lwaGVyOiBpbml0aWF0b3JDb250YWN0Q2FyZFNoYXJlZENpcGhlcklucHV0LFxuICAgICAgICB9LFxuICAgICAgfSxcbiAgICB9KTtcbiAgfVxufVxuIl19