@lifeready/core 1.0.21 → 1.0.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bundles/lifeready-core.umd.js +10612 -10527
- package/bundles/lifeready-core.umd.js.map +1 -1
- package/bundles/lifeready-core.umd.min.js +1 -15
- package/bundles/lifeready-core.umd.min.js.map +1 -1
- package/esm2015/lib/_common/ast.js +2 -1
- package/esm2015/lib/_common/deferred-promise.js +1 -1
- package/esm2015/lib/_common/exceptions.js +1 -1
- package/esm2015/lib/_common/queries.gql.js +1 -1
- package/esm2015/lib/_common/run-outside-angular.js +3 -2
- package/esm2015/lib/_common/types.js +2 -1
- package/esm2015/lib/_common/utils.js +2 -1
- package/esm2015/lib/api/lr-apollo.service.js +4 -3
- package/esm2015/lib/api/lr-graphql/index.js +1 -1
- package/esm2015/lib/api/lr-graphql/lr-graphql.service.js +9 -8
- package/esm2015/lib/api/lr-graphql/lr-merged-mutation.js +5 -6
- package/esm2015/lib/api/lr-graphql/lr-mutation-base.js +1 -1
- package/esm2015/lib/api/lr-graphql/lr-mutation.js +3 -3
- package/esm2015/lib/api/lr-graphql/lr.service.js +1 -1
- package/esm2015/lib/api/query-processor/common-processors.service.js +4 -3
- package/esm2015/lib/api/query-processor/index.js +1 -1
- package/esm2015/lib/api/query-processor/query-processor.service.js +5 -4
- package/esm2015/lib/api/query-processor/tp-password-reset-processor.service.js +8 -7
- package/esm2015/lib/api/types/graphql.types.js +2 -1
- package/esm2015/lib/api/types/index.js +1 -1
- package/esm2015/lib/api/types/lr-graphql.types.js +1 -1
- package/esm2015/lib/auth/auth.config.js +1 -1
- package/esm2015/lib/auth/auth.gql.js +1 -28
- package/esm2015/lib/auth/auth.types.js +1 -1
- package/esm2015/lib/auth/life-ready-auth.service.js +36 -32
- package/esm2015/lib/category/category-meta.service.js +1 -1
- package/esm2015/lib/category/category.gql.js +3 -2
- package/esm2015/lib/category/category.service.js +9 -8
- package/esm2015/lib/category/category.types.js +1 -1
- package/esm2015/lib/contact-card/contact-card.gql.js +79 -0
- package/esm2015/lib/contact-card/contact-card.service.js +156 -0
- package/esm2015/lib/contact-card/contact-card2.gql.js +29 -0
- package/esm2015/lib/contact-card/contact-card2.service.js +103 -0
- package/esm2015/lib/encryption/encryption.service.js +190 -0
- package/esm2015/lib/file-upload/file-upload.service.js +74 -0
- package/esm2015/lib/file-upload/file-upload.types.js +2 -0
- package/esm2015/lib/idle/idle.service.js +168 -0
- package/esm2015/lib/idle/idle.types.js +7 -0
- package/esm2015/lib/item2/item2.gql.js +127 -0
- package/esm2015/lib/item2/item2.gql.private.js +23 -0
- package/esm2015/lib/item2/item2.service.js +519 -0
- package/esm2015/lib/item2/item2.types.js +2 -0
- package/esm2015/lib/key/key-factory.service.js +237 -0
- package/esm2015/lib/key/key-graph.service.js +300 -0
- package/esm2015/lib/key/key-meta.service.js +201 -0
- package/esm2015/lib/{cryptography → key}/key.service.js +4 -4
- package/esm2015/lib/key/key.types.js +11 -0
- package/esm2015/lib/key-exchange/key-exchange.gql.js +188 -0
- package/esm2015/lib/key-exchange/key-exchange.service.js +441 -0
- package/esm2015/lib/key-exchange/key-exchange.types.js +7 -0
- package/esm2015/lib/key-exchange/key-exchange2.gql.js +171 -0
- package/esm2015/lib/key-exchange/key-exchange2.service.js +500 -0
- package/esm2015/lib/lbop/lbop.service.js +357 -0
- package/esm2015/lib/life-ready.config.js +2 -1
- package/esm2015/lib/life-ready.module.js +2 -27
- package/esm2015/lib/lock/lock.gql.js +40 -0
- package/esm2015/lib/lock/lock.service.js +64 -0
- package/esm2015/lib/message/message.gql.js +32 -0
- package/esm2015/lib/message/message.service.js +118 -0
- package/esm2015/lib/message/message.types.js +2 -0
- package/esm2015/lib/notification/notification.gql.js +1 -1
- package/esm2015/lib/notification/notification.service.js +2 -2
- package/esm2015/lib/password/password.gql.js +28 -0
- package/esm2015/lib/password/password.service.js +316 -0
- package/esm2015/lib/persist/persist.service.js +181 -0
- package/esm2015/lib/plan/plan.gql.js +1 -1
- package/esm2015/lib/plan/plan.service.js +3 -2
- package/esm2015/lib/plan/plan.types.js +1 -1
- package/esm2015/lib/profile/profile-details.service.js +215 -0
- package/esm2015/lib/profile/profile.gql.js +98 -0
- package/esm2015/lib/profile/profile.service.js +170 -0
- package/esm2015/lib/profile/profile.types.js +34 -0
- package/esm2015/lib/record/record-attachment.service.js +16 -15
- package/esm2015/lib/record/record.gql.js +1 -1
- package/esm2015/lib/record/record.service.js +8 -8
- package/esm2015/lib/record/record.types.js +1 -1
- package/esm2015/lib/record-type/record-type.service.js +1 -1
- package/esm2015/lib/record-type/record-type.types.js +1 -1
- package/esm2015/lib/register/register.service.js +173 -0
- package/esm2015/lib/scenario/scenario.constants.js +1 -1
- package/esm2015/lib/scenario/scenario.controller.js +2 -2
- package/esm2015/lib/scenario/scenario.gql.js +1 -1
- package/esm2015/lib/scenario/scenario.private.gql.js +198 -0
- package/esm2015/lib/scenario/scenario.service.js +19 -17
- package/esm2015/lib/scenario/scenario.types.js +2 -1
- package/esm2015/lib/shared-contact-card/shared-contact-card.service.js +119 -0
- package/esm2015/lib/shared-contact-card/shared-contact-card2.gql.js +41 -0
- package/esm2015/lib/shared-contact-card/shared-contact-card2.service.js +117 -0
- package/esm2015/lib/slip39/slip39.service.js +167 -0
- package/esm2015/lib/time/time.service.js +146 -0
- package/esm2015/lib/tp-assembly/tp-assembly.js +365 -0
- package/esm2015/lib/tp-assembly/tp-assembly.private.gql.js +22 -0
- package/esm2015/lib/tp-assembly/tp-assembly.types.js +2 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset-request.service.js +100 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset-user.service.js +118 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.constants.js +4 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.controller.js +34 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.gql.js +74 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.private.gql.js +165 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.private.service.js +54 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.service.js +92 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.types.js +2 -0
- package/esm2015/lib/trusted-party/trusted-party.gql.js +148 -0
- package/esm2015/lib/trusted-party/trusted-party.service.js +327 -0
- package/esm2015/lib/trusted-party/trusted-party.types.js +41 -0
- package/esm2015/lib/trusted-party/trusted-party2.gql.js +64 -0
- package/esm2015/lib/trusted-party/trusted-party2.gql.private.js +25 -0
- package/esm2015/lib/trusted-party/trusted-party2.service.js +224 -0
- package/esm2015/lib/trusted-party/trusted-party2.types.js +2 -0
- package/esm2015/lib/two-factor/two-factor.service.js +74 -0
- package/esm2015/lib/user/user.gql.js +60 -0
- package/esm2015/lib/user/user.service.js +80 -0
- package/esm2015/lib/user/user.types.js +2 -0
- package/esm2015/lib/web-crypto/web-crypto.service.js +29 -0
- package/esm2015/lifeready-core.js +15 -13
- package/esm2015/public-api.js +49 -51
- package/fesm2015/lifeready-core.js +8764 -8737
- package/fesm2015/lifeready-core.js.map +1 -1
- package/lib/_common/types.d.ts +3 -1
- package/lib/_common/utils.d.ts +2 -2
- package/lib/api/lr-apollo.service.d.ts +2 -2
- package/lib/api/lr-graphql/lr-graphql.service.d.ts +26 -8
- package/lib/api/lr-graphql/lr-merged-mutation.d.ts +22 -4
- package/lib/api/lr-graphql/lr-mutation.d.ts +1 -2
- package/lib/api/query-processor/common-processors.service.d.ts +1 -1
- package/lib/api/query-processor/query-processor.service.d.ts +1 -1
- package/lib/api/query-processor/tp-password-reset-processor.service.d.ts +2 -2
- package/lib/api/types/lr-graphql.types.d.ts +14 -3
- package/lib/auth/auth.gql.d.ts +0 -3
- package/lib/auth/auth.types.d.ts +5 -5
- package/lib/auth/life-ready-auth.service.d.ts +13 -13
- package/lib/category/category.gql.d.ts +1 -1
- package/lib/category/category.service.d.ts +3 -3
- package/lib/{api → contact-card}/contact-card.service.d.ts +9 -9
- package/lib/contact-card/contact-card2.gql.d.ts +25 -0
- package/lib/contact-card/contact-card2.service.d.ts +64 -0
- package/lib/{cryptography → encryption}/encryption.service.d.ts +10 -9
- package/lib/{api/file.service.d.ts → file-upload/file-upload.service.d.ts} +5 -8
- package/lib/file-upload/file-upload.types.d.ts +5 -0
- package/lib/{auth → idle}/idle.service.d.ts +6 -6
- package/lib/{items2 → item2}/item2.gql.d.ts +16 -16
- package/lib/{items2 → item2}/item2.service.d.ts +34 -35
- package/lib/{cryptography → key}/key-factory.service.d.ts +4 -3
- package/lib/{cryptography → key}/key-graph.service.d.ts +6 -6
- package/lib/{cryptography → key}/key-meta.service.d.ts +1 -1
- package/lib/{cryptography → key}/key.service.d.ts +2 -2
- package/lib/{cryptography/cryptography.types.d.ts → key/key.types.d.ts} +13 -17
- package/lib/{api → key-exchange}/key-exchange.service.d.ts +5 -5
- package/lib/{api → key-exchange}/key-exchange.types.d.ts +4 -4
- package/lib/{api → key-exchange}/key-exchange2.gql.d.ts +1 -1
- package/lib/{api → key-exchange}/key-exchange2.service.d.ts +82 -29
- package/lib/{auth → lbop}/lbop.service.d.ts +7 -7
- package/lib/life-ready.config.d.ts +1 -1
- package/lib/{api → lock}/lock.gql.d.ts +1 -1
- package/lib/{api → lock}/lock.service.d.ts +1 -1
- package/lib/message/message.gql.d.ts +13 -0
- package/lib/message/message.service.d.ts +36 -0
- package/lib/message/message.types.d.ts +12 -0
- package/lib/notification/notification.service.d.ts +3 -2
- package/lib/password/password.gql.d.ts +3 -0
- package/lib/{auth → password}/password.service.d.ts +9 -9
- package/lib/{api → persist}/persist.service.d.ts +3 -3
- package/lib/plan/plan.service.d.ts +3 -2
- package/lib/plan/plan.types.d.ts +2 -1
- package/lib/{users → profile}/profile-details.service.d.ts +3 -3
- package/lib/{users → profile}/profile.gql.d.ts +2 -2
- package/lib/{users → profile}/profile.service.d.ts +6 -6
- package/lib/{users → profile}/profile.types.d.ts +3 -2
- package/lib/record/record-attachment.service.d.ts +6 -6
- package/lib/record/record.service.d.ts +3 -3
- package/lib/{auth → register}/register.service.d.ts +4 -4
- package/lib/scenario/scenario.controller.d.ts +1 -1
- package/lib/scenario/scenario.service.d.ts +105 -5
- package/lib/scenario/scenario.types.d.ts +1 -1
- package/lib/{api → shared-contact-card}/shared-contact-card.service.d.ts +9 -9
- package/lib/{api → shared-contact-card}/shared-contact-card2.gql.d.ts +1 -1
- package/lib/{api → shared-contact-card}/shared-contact-card2.service.d.ts +6 -6
- package/lib/{cryptography → slip39}/slip39.service.d.ts +0 -1
- package/lib/{trusted-parties → tp-assembly}/tp-assembly.d.ts +7 -7
- package/lib/{trusted-parties → tp-assembly}/tp-assembly.types.d.ts +3 -3
- package/lib/{trusted-parties → tp-password-reset}/tp-password-reset-request.service.d.ts +5 -9
- package/lib/{trusted-parties → tp-password-reset}/tp-password-reset-user.service.d.ts +7 -13
- package/lib/{trusted-parties → tp-password-reset}/tp-password-reset.controller.d.ts +1 -1
- package/lib/tp-password-reset/tp-password-reset.gql.d.ts +63 -0
- package/lib/{trusted-parties/tp-password-reset.gql.d.ts → tp-password-reset/tp-password-reset.private.gql.d.ts} +1 -63
- package/lib/tp-password-reset/tp-password-reset.private.service.d.ts +59 -0
- package/lib/{trusted-parties → tp-password-reset}/tp-password-reset.service.d.ts +6 -89
- package/lib/tp-password-reset/tp-password-reset.types.d.ts +40 -0
- package/lib/{trusted-parties → trusted-party}/trusted-party.service.d.ts +7 -7
- package/lib/{trusted-parties → trusted-party}/trusted-party.types.d.ts +2 -3
- package/lib/{trusted-parties → trusted-party}/trusted-party2.gql.d.ts +0 -22
- package/lib/trusted-party/trusted-party2.gql.private.d.ts +23 -0
- package/lib/{trusted-parties → trusted-party}/trusted-party2.service.d.ts +11 -35
- package/lib/trusted-party/trusted-party2.types.d.ts +12 -0
- package/lib/{users → user}/user.gql.d.ts +1 -1
- package/lib/{users → user}/user.service.d.ts +1 -1
- package/lib/{users → user}/user.types.d.ts +1 -1
- package/lifeready-core.d.ts +14 -12
- package/lifeready-core.metadata.json +1 -1
- package/package.json +2 -2
- package/public-api.d.ts +48 -50
- package/esm2015/lib/api/contact-card.gql.js +0 -79
- package/esm2015/lib/api/contact-card.service.js +0 -154
- package/esm2015/lib/api/contact-card2.gql.js +0 -60
- package/esm2015/lib/api/contact-card2.service.js +0 -103
- package/esm2015/lib/api/file.service.js +0 -74
- package/esm2015/lib/api/key-exchange.gql.js +0 -188
- package/esm2015/lib/api/key-exchange.service.js +0 -442
- package/esm2015/lib/api/key-exchange.types.js +0 -7
- package/esm2015/lib/api/key-exchange2.gql.js +0 -171
- package/esm2015/lib/api/key-exchange2.service.js +0 -480
- package/esm2015/lib/api/lock.gql.js +0 -40
- package/esm2015/lib/api/lock.service.js +0 -64
- package/esm2015/lib/api/message.service.js +0 -138
- package/esm2015/lib/api/persist.service.js +0 -181
- package/esm2015/lib/api/shared-contact-card.service.js +0 -119
- package/esm2015/lib/api/shared-contact-card2.gql.js +0 -41
- package/esm2015/lib/api/shared-contact-card2.service.js +0 -117
- package/esm2015/lib/api/time.service.js +0 -146
- package/esm2015/lib/auth/idle.service.js +0 -168
- package/esm2015/lib/auth/idle.types.js +0 -7
- package/esm2015/lib/auth/lbop.service.js +0 -355
- package/esm2015/lib/auth/password.service.js +0 -315
- package/esm2015/lib/auth/register.service.js +0 -172
- package/esm2015/lib/auth/two-factor.service.js +0 -74
- package/esm2015/lib/cryptography/cryptography.types.js +0 -11
- package/esm2015/lib/cryptography/encryption.service.js +0 -189
- package/esm2015/lib/cryptography/key-factory.service.js +0 -237
- package/esm2015/lib/cryptography/key-graph.service.js +0 -299
- package/esm2015/lib/cryptography/key-meta.service.js +0 -200
- package/esm2015/lib/cryptography/slip39.service.js +0 -169
- package/esm2015/lib/cryptography/web-crypto.service.js +0 -29
- package/esm2015/lib/items2/item2.gql.js +0 -127
- package/esm2015/lib/items2/item2.gql.private.js +0 -23
- package/esm2015/lib/items2/item2.service.js +0 -516
- package/esm2015/lib/items2/item2.types.js +0 -1
- package/esm2015/lib/scenario/scenario.gql.private.js +0 -198
- package/esm2015/lib/trusted-parties/tp-assembly.gql.private.js +0 -22
- package/esm2015/lib/trusted-parties/tp-assembly.js +0 -365
- package/esm2015/lib/trusted-parties/tp-assembly.types.js +0 -1
- package/esm2015/lib/trusted-parties/tp-password-reset-request.service.js +0 -113
- package/esm2015/lib/trusted-parties/tp-password-reset-user.service.js +0 -129
- package/esm2015/lib/trusted-parties/tp-password-reset.constants.js +0 -4
- package/esm2015/lib/trusted-parties/tp-password-reset.controller.js +0 -34
- package/esm2015/lib/trusted-parties/tp-password-reset.gql.js +0 -237
- package/esm2015/lib/trusted-parties/tp-password-reset.service.js +0 -95
- package/esm2015/lib/trusted-parties/trusted-party.gql.js +0 -148
- package/esm2015/lib/trusted-parties/trusted-party.service.js +0 -326
- package/esm2015/lib/trusted-parties/trusted-party.types.js +0 -41
- package/esm2015/lib/trusted-parties/trusted-party2.gql.js +0 -87
- package/esm2015/lib/trusted-parties/trusted-party2.service.js +0 -218
- package/esm2015/lib/users/profile-details.service.js +0 -214
- package/esm2015/lib/users/profile.gql.js +0 -97
- package/esm2015/lib/users/profile.service.js +0 -169
- package/esm2015/lib/users/profile.types.js +0 -34
- package/esm2015/lib/users/user.gql.js +0 -60
- package/esm2015/lib/users/user.service.js +0 -79
- package/esm2015/lib/users/user.types.js +0 -1
- package/lib/api/contact-card2.gql.d.ts +0 -34
- package/lib/api/contact-card2.service.d.ts +0 -50
- package/lib/api/message.service.d.ts +0 -59
- /package/lib/{api → contact-card}/contact-card.gql.d.ts +0 -0
- /package/lib/{auth → idle}/idle.types.d.ts +0 -0
- /package/lib/{items2 → item2}/item2.gql.private.d.ts +0 -0
- /package/lib/{items2 → item2}/item2.types.d.ts +0 -0
- /package/lib/{api → key-exchange}/key-exchange.gql.d.ts +0 -0
- /package/lib/scenario/{scenario.gql.private.d.ts → scenario.private.gql.d.ts} +0 -0
- /package/lib/{api → time}/time.service.d.ts +0 -0
- /package/lib/{trusted-parties/tp-assembly.gql.private.d.ts → tp-assembly/tp-assembly.private.gql.d.ts} +0 -0
- /package/lib/{trusted-parties → tp-password-reset}/tp-password-reset.constants.d.ts +0 -0
- /package/lib/{trusted-parties → trusted-party}/trusted-party.gql.d.ts +0 -0
- /package/lib/{auth → two-factor}/two-factor.service.d.ts +0 -0
- /package/lib/{cryptography → web-crypto}/web-crypto.service.d.ts +0 -0
|
@@ -0,0 +1,441 @@
|
|
|
1
|
+
import { __awaiter } from "tslib";
|
|
2
|
+
/* eslint-disable @typescript-eslint/no-explicit-any */
|
|
3
|
+
import { Injectable } from '@angular/core';
|
|
4
|
+
import { LrApolloService } from '../api/lr-apollo.service';
|
|
5
|
+
import { LifeReadyAuthService } from '../auth/life-ready-auth.service';
|
|
6
|
+
import { EncryptionService, JoseSerialization, } from '../encryption/encryption.service';
|
|
7
|
+
import { KeyFactoryService as KFS } from '../key/key-factory.service';
|
|
8
|
+
import { KeyService } from '../key/key.service';
|
|
9
|
+
import { UserService } from '../user/user.service';
|
|
10
|
+
import { LrCodeMismatchException } from '../_common/exceptions';
|
|
11
|
+
import { CompleteOtkMutation, CurrentUserSharedKeyQuery, InitiateOtkMutation, KeyExchangeQuery, KeyExchangesQuery, KeyExchangeTokenQuery, RespondOtkMutation, } from './key-exchange.gql';
|
|
12
|
+
import { OtkState, } from './key-exchange.types';
|
|
13
|
+
import * as i0 from "@angular/core";
|
|
14
|
+
import * as i1 from "../key/key-factory.service";
|
|
15
|
+
import * as i2 from "../key/key.service";
|
|
16
|
+
import * as i3 from "../api/lr-apollo.service";
|
|
17
|
+
import * as i4 from "../encryption/encryption.service";
|
|
18
|
+
import * as i5 from "../auth/life-ready-auth.service";
|
|
19
|
+
import * as i6 from "../user/user.service";
|
|
20
|
+
export class KeyExchangeService {
|
|
21
|
+
constructor(keyFactory, keyService, lrApollo, encryptionService, authService, userService) {
|
|
22
|
+
this.keyFactory = keyFactory;
|
|
23
|
+
this.keyService = keyService;
|
|
24
|
+
this.lrApollo = lrApollo;
|
|
25
|
+
this.encryptionService = encryptionService;
|
|
26
|
+
this.authService = authService;
|
|
27
|
+
this.userService = userService;
|
|
28
|
+
this.CLIENT_NONCE_LENGTH = 32;
|
|
29
|
+
}
|
|
30
|
+
getKeyExchangeList(input = {}) {
|
|
31
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
32
|
+
const { keyExchanges } = yield this.lrApollo.query({
|
|
33
|
+
query: KeyExchangesQuery,
|
|
34
|
+
variables: Object.assign({}, input),
|
|
35
|
+
});
|
|
36
|
+
return keyExchanges;
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
/**
|
|
40
|
+
* @param id If the current user can responder the key exchange if they are either the initiator or the receiver.
|
|
41
|
+
* @param token If not signed in, or not the initiator or responder, 'token' must be given.
|
|
42
|
+
* @param otKeyK Is the raw one-time key (string). If the responder is explicitly specified at time of initiation, then
|
|
43
|
+
* it's possible to have the otKey wrapped by the public key of the responder. In which case, the otKeyK is not needed.
|
|
44
|
+
*/
|
|
45
|
+
getKeyExchange(id, { otKeyK, token } = {}) {
|
|
46
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
47
|
+
const { keyExchange } = yield this.lrApollo.query({
|
|
48
|
+
query: token ? KeyExchangeTokenQuery : KeyExchangeQuery,
|
|
49
|
+
variables: {
|
|
50
|
+
id,
|
|
51
|
+
token,
|
|
52
|
+
},
|
|
53
|
+
});
|
|
54
|
+
return yield this.decryptKeyExchange(keyExchange, otKeyK);
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
decryptResponseCipher(otKey, otPrk, content) {
|
|
58
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
59
|
+
// The response could be wrapped by the OtK as well as we the OtPrk
|
|
60
|
+
try {
|
|
61
|
+
content = yield this.encryptionService.decrypt(otKey, content);
|
|
62
|
+
}
|
|
63
|
+
catch (error) {
|
|
64
|
+
if (error.message !== 'no key found') {
|
|
65
|
+
throw error;
|
|
66
|
+
}
|
|
67
|
+
// Do nothing to support older versions where message is not wrapped with otk.
|
|
68
|
+
}
|
|
69
|
+
// The Prk is single-use and only used to send information from the responder back to the initiator.
|
|
70
|
+
return yield this.encryptionService.decrypt(otPrk, content);
|
|
71
|
+
});
|
|
72
|
+
}
|
|
73
|
+
decryptKeyExchange(keyExchange, otKeyK) {
|
|
74
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
75
|
+
if (keyExchange.isInitiator) {
|
|
76
|
+
const rootKey = yield this.keyService.getCurrentRootKey();
|
|
77
|
+
// Decrypt using the root key to get the Prk
|
|
78
|
+
const plainInitiatorRootKeyCipher = (yield this.encryptionService.decrypt(rootKey.jwk, keyExchange.initiatorRootKeyCipher));
|
|
79
|
+
const plainInitiatorOneTimePbkCipher = keyExchange.otk
|
|
80
|
+
.initiatorOneTimePbkCipher
|
|
81
|
+
? yield this.decryptResponseCipher(yield KFS.asKey(plainInitiatorRootKeyCipher.otKey), yield KFS.asKey(plainInitiatorRootKeyCipher.oneTimePrk), keyExchange.otk.initiatorOneTimePbkCipher)
|
|
82
|
+
: null;
|
|
83
|
+
const responder = plainInitiatorOneTimePbkCipher &&
|
|
84
|
+
plainInitiatorOneTimePbkCipher.responder;
|
|
85
|
+
const initiator = plainInitiatorRootKeyCipher && plainInitiatorRootKeyCipher.initiator;
|
|
86
|
+
return Object.assign(Object.assign({}, keyExchange), { message: responder ? responder.message : null, contactCard: responder && responder.contactCard
|
|
87
|
+
? responder.contactCard.plainSharedCipherDataJson
|
|
88
|
+
: null, myContactCard: initiator && initiator.contactCard
|
|
89
|
+
? initiator.contactCard.plainSharedCipherDataJson
|
|
90
|
+
: null, myMessage: initiator && initiator.message });
|
|
91
|
+
}
|
|
92
|
+
else {
|
|
93
|
+
const decryptedOtk = yield this.decryptOtk(keyExchange, otKeyK);
|
|
94
|
+
const initiator = decryptedOtk && decryptedOtk.plainOtKeyCipher.initiator;
|
|
95
|
+
return Object.assign(Object.assign({}, keyExchange), { decryptedOtk, message: initiator && initiator.message, contactCard: initiator &&
|
|
96
|
+
initiator.contactCard &&
|
|
97
|
+
initiator.contactCard.plainSharedCipherDataJson });
|
|
98
|
+
}
|
|
99
|
+
});
|
|
100
|
+
}
|
|
101
|
+
decryptOtk(keyExchange, otKeyK) {
|
|
102
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
103
|
+
const otKey = yield this.getOtKey(keyExchange, otKeyK);
|
|
104
|
+
return otKey && keyExchange.otk.otKeyCipher
|
|
105
|
+
? {
|
|
106
|
+
plainOtKeyCipher: yield this.encryptionService.decrypt(otKey, keyExchange.otk.otKeyCipher),
|
|
107
|
+
otKey,
|
|
108
|
+
}
|
|
109
|
+
: null;
|
|
110
|
+
});
|
|
111
|
+
}
|
|
112
|
+
getOtKey(keyExchange, otKeyK) {
|
|
113
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
114
|
+
if (otKeyK) {
|
|
115
|
+
return yield KFS.asKey(Object.assign(Object.assign({}, JSON.parse(keyExchange.otk.otKeyParams)), { k: otKeyK }));
|
|
116
|
+
}
|
|
117
|
+
else if (keyExchange.otk.state === OtkState.OTK_INITIATED &&
|
|
118
|
+
!keyExchange.isInitiator &&
|
|
119
|
+
keyExchange.otk.responderPbkCipher) {
|
|
120
|
+
// Assuming existing user getting invited where OTK is wrapped in responder's public key.
|
|
121
|
+
const prk = yield this.keyService.getCurrentPxk();
|
|
122
|
+
const decryptedCipher = yield this.encryptionService.decrypt(prk.jwk, JSON.parse(keyExchange.otk.responderPbkCipher), {
|
|
123
|
+
serializations: [JoseSerialization.COMPACT],
|
|
124
|
+
});
|
|
125
|
+
if (decryptedCipher.otKey) {
|
|
126
|
+
return yield KFS.asKey(decryptedCipher.otKey);
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
return null;
|
|
130
|
+
});
|
|
131
|
+
}
|
|
132
|
+
initiateOtk({ message, email, contactCard, upgrade, }) {
|
|
133
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
134
|
+
const otKey = yield this.keyFactory.createKey();
|
|
135
|
+
const nonce = this.keyFactory.randomString(this.CLIENT_NONCE_LENGTH);
|
|
136
|
+
const user = yield this.authService.getUser();
|
|
137
|
+
// New PKC key for encryption. This key is used only once when the responder sends
|
|
138
|
+
// back their signing public key.
|
|
139
|
+
const initiatorOneTimePrk = yield this.keyFactory.createPkcKey();
|
|
140
|
+
// Option 1: New PKC key for signing
|
|
141
|
+
// const initiatorSigPrk = await this.keyService.createPkcSignKey();
|
|
142
|
+
// Option 2: Use the user's global signing key.
|
|
143
|
+
// This key is used to prove the initiator's identity.
|
|
144
|
+
const initiatorPrk = yield this.keyService.getCurrentPxk();
|
|
145
|
+
const initiatorSigPrk = yield this.keyService.getCurrentSigPxk();
|
|
146
|
+
let initiatorPlainDataSig = null;
|
|
147
|
+
if (contactCard && contactCard.ownerPlainData) {
|
|
148
|
+
initiatorPlainDataSig = JSON.stringify(yield this.encryptionService.sign(initiatorSigPrk.jwk, contactCard.ownerPlainData));
|
|
149
|
+
}
|
|
150
|
+
const initiator = {
|
|
151
|
+
message,
|
|
152
|
+
contactCard: contactCard
|
|
153
|
+
? {
|
|
154
|
+
plainSharedCipherDataJson: contactCard.plainSharedCipherDataJson,
|
|
155
|
+
}
|
|
156
|
+
: null,
|
|
157
|
+
};
|
|
158
|
+
// Content to be encrypted using the OTK.
|
|
159
|
+
const plainOtKeyCipher = {
|
|
160
|
+
nonce,
|
|
161
|
+
initiator: Object.assign(Object.assign({}, initiator), { oneTimePbk: initiatorOneTimePrk.toJSON(), pbk: initiatorPrk.jwk.toJSON(), sigPbk: initiatorSigPrk.jwk.toJSON(), profile: {
|
|
162
|
+
username: user.username,
|
|
163
|
+
} }),
|
|
164
|
+
};
|
|
165
|
+
const otKeyCipher = yield this.encryptionService.encrypt(otKey, plainOtKeyCipher);
|
|
166
|
+
// Content to be encrypted using the initiator's root key.
|
|
167
|
+
const plainInitiatorRootKeyCipher = {
|
|
168
|
+
nonce,
|
|
169
|
+
oneTimePrk: initiatorOneTimePrk.toJSON(true),
|
|
170
|
+
// Should not need to keep this encrypted since we are using the global signing key.
|
|
171
|
+
// sigPrk: initiatorSigPrk.toJSON(true),
|
|
172
|
+
// Save it in case the initiator want to decode the otKeyCipher.
|
|
173
|
+
// Since the otKey is only used once, and that otKeyCipher contains only
|
|
174
|
+
// the public key of the initiator, it's safe just leave the otKey stored here.
|
|
175
|
+
otKey: otKey.toJSON(true),
|
|
176
|
+
// These should be storing information such as how the fields of the shared contact card is
|
|
177
|
+
// derived from the master contact card.
|
|
178
|
+
initiatorContactCard: contactCard,
|
|
179
|
+
initiator,
|
|
180
|
+
};
|
|
181
|
+
const rootKey = yield this.keyService.getCurrentRootKey();
|
|
182
|
+
const initiatorRootKeyCipher = yield this.encryptionService.encrypt(rootKey.jwk, plainInitiatorRootKeyCipher);
|
|
183
|
+
// The raw OTK
|
|
184
|
+
const otKeyK = otKey.toJSON(true).k;
|
|
185
|
+
// API call
|
|
186
|
+
const { initiateKeyExchangeOtk } = yield this.lrApollo.mutate({
|
|
187
|
+
mutation: InitiateOtkMutation,
|
|
188
|
+
variables: {
|
|
189
|
+
input: {
|
|
190
|
+
// These will be stored on the server
|
|
191
|
+
initiatorRootKeyCipher: JSON.stringify(initiatorRootKeyCipher),
|
|
192
|
+
initiatorPxkId: initiatorPrk.id,
|
|
193
|
+
initiatorSigPxkId: initiatorSigPrk.id,
|
|
194
|
+
// These will be sent to the responder
|
|
195
|
+
otKeyParams: JSON.stringify(otKey.toJSON()),
|
|
196
|
+
otKeyCipher: JSON.stringify(otKeyCipher),
|
|
197
|
+
sendEmail: email
|
|
198
|
+
? {
|
|
199
|
+
email,
|
|
200
|
+
rawOtKey: otKeyK,
|
|
201
|
+
}
|
|
202
|
+
: null,
|
|
203
|
+
createTp: true,
|
|
204
|
+
initiatorPlainDataSig,
|
|
205
|
+
upgrade,
|
|
206
|
+
},
|
|
207
|
+
},
|
|
208
|
+
});
|
|
209
|
+
return { keyExchange: initiateKeyExchangeOtk.keyExchange, otKeyK };
|
|
210
|
+
});
|
|
211
|
+
}
|
|
212
|
+
respondOtk({ id, token, decryptedOtk, message, initiatorContactCard, responderContactCard: sentContactCard, }) {
|
|
213
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
214
|
+
const user = yield this.authService.getUser();
|
|
215
|
+
const rootKey = yield this.keyService.getCurrentRootKey();
|
|
216
|
+
const masterKeyId = this.keyService.getCurrentMasterKey().id;
|
|
217
|
+
const masterKey = yield this.keyService.getCurrentMasterKey();
|
|
218
|
+
const sharedKey = yield this.keyFactory.createKey();
|
|
219
|
+
const mkSharedKey = yield this.keyFactory.createKey();
|
|
220
|
+
const rkWrappedSharedKey = yield this.encryptionService.encrypt(rootKey.jwk, sharedKey.toJSON(true));
|
|
221
|
+
const mkWrappedMkSharedKey = yield this.encryptionService.encrypt(masterKey.jwk, mkSharedKey.toJSON(true));
|
|
222
|
+
const initiatorOneTimePbk = yield KFS.asKey(decryptedOtk.plainOtKeyCipher.initiator.oneTimePbk);
|
|
223
|
+
const initiatorPbk = yield KFS.asKey(decryptedOtk.plainOtKeyCipher.initiator.pbk);
|
|
224
|
+
const initiatorSigPbk = yield KFS.asKey(decryptedOtk.plainOtKeyCipher.initiator.sigPbk);
|
|
225
|
+
// Option 1: Using new Prk for each TP pair
|
|
226
|
+
// Create a new public signing key for the responder.
|
|
227
|
+
// const responderSigPrk = await this.keyService.createPkcSignKey()
|
|
228
|
+
// const rkWrappedResponderSigPrk = await this.encrypt(rootKey, responderSigPrk.toJSON(true));
|
|
229
|
+
// Option 2: Responder already has a signing Prk
|
|
230
|
+
const responderPrk = yield this.keyService.getCurrentPxk();
|
|
231
|
+
const responderSigPrk = yield this.keyService.getCurrentSigPxk();
|
|
232
|
+
const signedInitiatorPbk = yield this.encryptionService.sign(responderSigPrk.jwk, initiatorPbk.toJSON());
|
|
233
|
+
const signedInitiatorSigPbk = yield this.encryptionService.sign(responderSigPrk.jwk, initiatorSigPbk.toJSON());
|
|
234
|
+
const plainInitiatorOneTimePbkCipher = {
|
|
235
|
+
nonce: decryptedOtk.plainOtKeyCipher.nonce,
|
|
236
|
+
sharedKey: sharedKey.toJSON(true),
|
|
237
|
+
mkSharedKey: mkSharedKey.toJSON(true),
|
|
238
|
+
responder: {
|
|
239
|
+
pbk: responderPrk.jwk.toJSON(),
|
|
240
|
+
sigPbk: responderSigPrk.jwk.toJSON(),
|
|
241
|
+
profile: {
|
|
242
|
+
username: user.username,
|
|
243
|
+
},
|
|
244
|
+
message,
|
|
245
|
+
},
|
|
246
|
+
};
|
|
247
|
+
let receivedCardInput;
|
|
248
|
+
if (decryptedOtk.plainOtKeyCipher.initiator.contactCard) {
|
|
249
|
+
// Set the info about the initiator to be the ones sent by the initiator. We need th responder to do the encryption here
|
|
250
|
+
// because the initiator does not have the shared key yet, and we want the responder to have a functional contact card after
|
|
251
|
+
// this exchange. The initiator can double check the contact details are correct and sign it when it completes the exchange.
|
|
252
|
+
const plainSharedCipherDataJson = decryptedOtk.plainOtKeyCipher.initiator.contactCard
|
|
253
|
+
.plainSharedCipherDataJson;
|
|
254
|
+
// Create keys
|
|
255
|
+
const receiverKey = yield this.keyFactory.createKey();
|
|
256
|
+
const ccSharedKey = yield this.keyFactory.createKey();
|
|
257
|
+
const sigPxk = yield this.keyService.getCurrentSigPxk();
|
|
258
|
+
receivedCardInput = {
|
|
259
|
+
receiverWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, receiverKey.toJSON(true))),
|
|
260
|
+
receiverWrappingKeyId: rootKey.id,
|
|
261
|
+
receiverCipherData: initiatorContactCard
|
|
262
|
+
? JSON.stringify(yield this.encryptionService.encrypt(receiverKey, initiatorContactCard.plainReceiverCipherDataJson))
|
|
263
|
+
: '',
|
|
264
|
+
sharedWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(sharedKey, ccSharedKey.toJSON(true))),
|
|
265
|
+
};
|
|
266
|
+
const sharedCipherData = yield this.encryptionService.encrypt(ccSharedKey, plainSharedCipherDataJson);
|
|
267
|
+
receivedCardInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(sigPxk.jwk, sharedCipherData));
|
|
268
|
+
receivedCardInput.sigPxkId = sigPxk.id;
|
|
269
|
+
plainInitiatorOneTimePbkCipher.responder.contactCard = Object.assign(Object.assign({}, plainInitiatorOneTimePbkCipher.responder.contactCard), { sharedCipherKey: ccSharedKey.toJSON(true) });
|
|
270
|
+
}
|
|
271
|
+
let sentCardInput;
|
|
272
|
+
if (sentContactCard) {
|
|
273
|
+
// Create keys
|
|
274
|
+
const ownerKey = yield this.keyFactory.createKey();
|
|
275
|
+
const ccSharedKey = yield this.keyFactory.createKey();
|
|
276
|
+
const sigPxk = yield this.keyService.getCurrentSigPxk();
|
|
277
|
+
sentCardInput = {
|
|
278
|
+
ownerWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, ownerKey.toJSON(true))),
|
|
279
|
+
ownerWrappingKeyId: rootKey.id,
|
|
280
|
+
ownerCipherData: sentContactCard.plainOwnerCipherDataJson
|
|
281
|
+
? JSON.stringify(yield this.encryptionService.encrypt(ownerKey, sentContactCard.plainOwnerCipherDataJson))
|
|
282
|
+
: '',
|
|
283
|
+
sharedWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(sharedKey, ccSharedKey.toJSON(true))),
|
|
284
|
+
};
|
|
285
|
+
const sharedCipherData = yield this.encryptionService.encrypt(ccSharedKey, sentContactCard.plainSharedCipherDataJson);
|
|
286
|
+
sentCardInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(sigPxk.jwk, sharedCipherData));
|
|
287
|
+
sentCardInput.sigPxkId = sigPxk.id;
|
|
288
|
+
if (sentContactCard.ownerPlainData) {
|
|
289
|
+
sentCardInput.ownerPlainDataSig = JSON.stringify(yield this.encryptionService.sign(responderSigPrk.jwk, sentContactCard.ownerPlainData));
|
|
290
|
+
}
|
|
291
|
+
// Contact card info readable by the initiator
|
|
292
|
+
plainInitiatorOneTimePbkCipher.responder.contactCard = Object.assign(Object.assign({}, plainInitiatorOneTimePbkCipher.responder.contactCard), { plainSharedCipherDataJson: sentContactCard.plainSharedCipherDataJson });
|
|
293
|
+
}
|
|
294
|
+
// Encrypt with one-time public key
|
|
295
|
+
let initiatorOneTimePbkCipher = yield this.encryptionService.encrypt(initiatorOneTimePbk, plainInitiatorOneTimePbkCipher);
|
|
296
|
+
// Encrypt with the otk again to keep use of asymmetric keys to a minimum.
|
|
297
|
+
initiatorOneTimePbkCipher = yield this.encryptionService.encrypt(decryptedOtk.otKey, initiatorOneTimePbkCipher);
|
|
298
|
+
const { respondKeyExchangeOtk } = yield this.lrApollo.mutate({
|
|
299
|
+
mutation: RespondOtkMutation,
|
|
300
|
+
variables: {
|
|
301
|
+
input: {
|
|
302
|
+
keyExchangeId: id,
|
|
303
|
+
keyExchangeToken: token,
|
|
304
|
+
rootKeyId: rootKey.id,
|
|
305
|
+
masterKeyId,
|
|
306
|
+
// These will be stored on the server
|
|
307
|
+
responderPxkId: responderPrk.id,
|
|
308
|
+
responderSigPxkId: responderSigPrk.id,
|
|
309
|
+
signedInitiatorPbk: JSON.stringify(signedInitiatorPbk),
|
|
310
|
+
signedInitiatorSigPbk: JSON.stringify(signedInitiatorSigPbk),
|
|
311
|
+
// rkWrappedInitiatorSigPbk: JSON.stringify(rkWrappedInitiatorSigPbk),
|
|
312
|
+
// Option 1: Using new Prk for each TP pair
|
|
313
|
+
// rkWrappedResponderSigPrk: JSON.stringify(rkWrappedResponderSigPrk),
|
|
314
|
+
rkWrappedSharedKey: JSON.stringify(rkWrappedSharedKey),
|
|
315
|
+
mkWrappedMkSharedKey: JSON.stringify(mkWrappedMkSharedKey),
|
|
316
|
+
// These will be sent to the initiator
|
|
317
|
+
initiatorOneTimePbkCipher: JSON.stringify(initiatorOneTimePbkCipher),
|
|
318
|
+
initiatorContactCard: receivedCardInput,
|
|
319
|
+
responderContactCard: sentCardInput,
|
|
320
|
+
},
|
|
321
|
+
},
|
|
322
|
+
});
|
|
323
|
+
return {
|
|
324
|
+
keyExchange: respondKeyExchangeOtk.keyExchange,
|
|
325
|
+
userSharedKey: respondKeyExchangeOtk.userSharedKey,
|
|
326
|
+
tp: respondKeyExchangeOtk.tp,
|
|
327
|
+
};
|
|
328
|
+
});
|
|
329
|
+
}
|
|
330
|
+
completeOtk(keyExchangeId, initiatorRootKeyCipher, initiatorOneTimePbkCipher, responderContactCard) {
|
|
331
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
332
|
+
const rootKey = yield this.keyService.getCurrentRootKey();
|
|
333
|
+
const masterKey = yield this.keyService.getCurrentMasterKey();
|
|
334
|
+
// Decrypt using the root key to get the Prk
|
|
335
|
+
const plainInitiatorRootKeyCipher = (yield this.encryptionService.decrypt(rootKey.jwk, initiatorRootKeyCipher));
|
|
336
|
+
// The Prk is single-use and only used to send information from the responder back to the initiator.
|
|
337
|
+
const plainInitiatorOneTimePbkCipher = yield this.decryptResponseCipher(yield KFS.asKey(plainInitiatorRootKeyCipher.otKey), yield KFS.asKey(plainInitiatorRootKeyCipher.oneTimePrk), initiatorOneTimePbkCipher);
|
|
338
|
+
// Check the nonce match to ensure the responder was the one holding the OTK
|
|
339
|
+
if (plainInitiatorRootKeyCipher.nonce !== plainInitiatorOneTimePbkCipher.nonce) {
|
|
340
|
+
throw new LrCodeMismatchException('The nonce returned by responder does not match with the one created by the initiator.');
|
|
341
|
+
}
|
|
342
|
+
// Option 1: Assuming the signing key is unique between users.
|
|
343
|
+
// const initiatorSigPrk = await KFS.asKey(ke.plainInitiatorRootKeyCipher.sigPrk);
|
|
344
|
+
// const rkWrappedInitiatorSigPrk = await this.encrypt(rootKey, initiatorSigPrk.toJSON(true));
|
|
345
|
+
// Option 2: Use the user's global signing key.
|
|
346
|
+
// In this case the initiatorSigPrk is already a part of the key graph.
|
|
347
|
+
// So there's nothing to do here.
|
|
348
|
+
// Protected the signing public key of the responder.
|
|
349
|
+
const initiatorSigPrk = yield this.keyService.getCurrentSigPxk();
|
|
350
|
+
const responderSigPbk = yield KFS.asKey(plainInitiatorOneTimePbkCipher.responder.sigPbk);
|
|
351
|
+
const responderPbk = yield KFS.asKey(plainInitiatorOneTimePbkCipher.responder.pbk);
|
|
352
|
+
const signedResponderPbk = yield this.encryptionService.sign(initiatorSigPrk.jwk, responderPbk.toJSON());
|
|
353
|
+
const signedResponderSigPbk = yield this.encryptionService.sign(initiatorSigPrk.jwk, responderSigPbk.toJSON());
|
|
354
|
+
const sharedKey = yield KFS.asKey(plainInitiatorOneTimePbkCipher.sharedKey);
|
|
355
|
+
const rkWrappedSharedKey = yield this.encryptionService.encrypt(rootKey.jwk, sharedKey.toJSON(true));
|
|
356
|
+
const mkSharedKey = yield KFS.asKey(plainInitiatorOneTimePbkCipher.mkSharedKey);
|
|
357
|
+
const mkWrappedMkSharedKey = yield this.encryptionService.encrypt(masterKey.jwk, mkSharedKey.toJSON(true));
|
|
358
|
+
let responderContactCardCipherInput;
|
|
359
|
+
if (responderContactCard) {
|
|
360
|
+
// Create key
|
|
361
|
+
const receiverKey = yield this.keyFactory.createKey();
|
|
362
|
+
responderContactCardCipherInput = {
|
|
363
|
+
receiverWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, receiverKey.toJSON(true))),
|
|
364
|
+
receiverWrappingKeyId: rootKey.id,
|
|
365
|
+
receiverCipherData: JSON.stringify(yield this.encryptionService.encrypt(receiverKey, responderContactCard)),
|
|
366
|
+
};
|
|
367
|
+
}
|
|
368
|
+
// Get the data needed from the initiator's cipher data.
|
|
369
|
+
let initiatorContactCardCipherInput;
|
|
370
|
+
let initiatorContactCardSharedCipherInput;
|
|
371
|
+
if (plainInitiatorRootKeyCipher.initiatorContactCard) {
|
|
372
|
+
const initiatorContactCard = plainInitiatorRootKeyCipher.initiatorContactCard;
|
|
373
|
+
const ownerKey = yield this.keyFactory.createKey();
|
|
374
|
+
const sharedCipherKey = yield KFS.asKey(plainInitiatorOneTimePbkCipher.responder.contactCard.sharedCipherKey);
|
|
375
|
+
const ownerWrappedKey = JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, ownerKey.toJSON(true)));
|
|
376
|
+
const ownerCipherData = initiatorContactCard.plainOwnerCipherDataJson
|
|
377
|
+
? JSON.stringify(yield this.encryptionService.encrypt(ownerKey, initiatorContactCard.plainOwnerCipherDataJson))
|
|
378
|
+
: '';
|
|
379
|
+
initiatorContactCardCipherInput = {
|
|
380
|
+
ownerWrappedKey,
|
|
381
|
+
ownerWrappingKeyId: rootKey.id,
|
|
382
|
+
ownerCipherData,
|
|
383
|
+
};
|
|
384
|
+
initiatorContactCardSharedCipherInput = {
|
|
385
|
+
sigPxkId: initiatorSigPrk.id,
|
|
386
|
+
};
|
|
387
|
+
const sharedCipherData = yield this.encryptionService.encrypt(sharedCipherKey, initiatorContactCard.plainSharedCipherDataJson);
|
|
388
|
+
initiatorContactCardSharedCipherInput.sharedCipherDataSig =
|
|
389
|
+
JSON.stringify(yield this.encryptionService.sign(initiatorSigPrk.jwk, sharedCipherData));
|
|
390
|
+
}
|
|
391
|
+
// TODO ideally we update the shared data in the contact card sent to the responder as well since that
|
|
392
|
+
// CC was created by the responder.
|
|
393
|
+
const res = yield this.lrApollo.mutate({
|
|
394
|
+
mutation: CompleteOtkMutation,
|
|
395
|
+
variables: {
|
|
396
|
+
input: {
|
|
397
|
+
keyExchangeId,
|
|
398
|
+
rootKeyId: rootKey.id,
|
|
399
|
+
masterKeyId: masterKey.id,
|
|
400
|
+
initiatorSigPxkId: initiatorSigPrk.id,
|
|
401
|
+
signedResponderPbk: JSON.stringify(signedResponderPbk),
|
|
402
|
+
signedResponderSigPbk: JSON.stringify(signedResponderSigPbk),
|
|
403
|
+
rkWrappedSharedKey: JSON.stringify(rkWrappedSharedKey),
|
|
404
|
+
mkWrappedMkSharedKey: JSON.stringify(mkWrappedMkSharedKey),
|
|
405
|
+
responderContactCardCipher: responderContactCardCipherInput,
|
|
406
|
+
initiatorContactCardCipher: initiatorContactCardCipherInput,
|
|
407
|
+
initiatorContactCardSharedCipher: initiatorContactCardSharedCipherInput,
|
|
408
|
+
},
|
|
409
|
+
},
|
|
410
|
+
});
|
|
411
|
+
return res.completeKeyExchangeOtk;
|
|
412
|
+
});
|
|
413
|
+
}
|
|
414
|
+
currentUserSharedKey(input) {
|
|
415
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
416
|
+
const { currentUserSharedKey } = yield this.lrApollo.query({
|
|
417
|
+
query: CurrentUserSharedKeyQuery,
|
|
418
|
+
variables: {
|
|
419
|
+
username: input.username,
|
|
420
|
+
userId: input.userId,
|
|
421
|
+
},
|
|
422
|
+
});
|
|
423
|
+
return currentUserSharedKey.userSharedKey;
|
|
424
|
+
});
|
|
425
|
+
}
|
|
426
|
+
}
|
|
427
|
+
KeyExchangeService.ɵprov = i0.ɵɵdefineInjectable({ factory: function KeyExchangeService_Factory() { return new KeyExchangeService(i0.ɵɵinject(i1.KeyFactoryService), i0.ɵɵinject(i2.KeyService), i0.ɵɵinject(i3.LrApolloService), i0.ɵɵinject(i4.EncryptionService), i0.ɵɵinject(i5.LifeReadyAuthService), i0.ɵɵinject(i6.UserService)); }, token: KeyExchangeService, providedIn: "root" });
|
|
428
|
+
KeyExchangeService.decorators = [
|
|
429
|
+
{ type: Injectable, args: [{
|
|
430
|
+
providedIn: 'root',
|
|
431
|
+
},] }
|
|
432
|
+
];
|
|
433
|
+
KeyExchangeService.ctorParameters = () => [
|
|
434
|
+
{ type: KFS },
|
|
435
|
+
{ type: KeyService },
|
|
436
|
+
{ type: LrApolloService },
|
|
437
|
+
{ type: EncryptionService },
|
|
438
|
+
{ type: LifeReadyAuthService },
|
|
439
|
+
{ type: UserService }
|
|
440
|
+
];
|
|
441
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LWV4Y2hhbmdlLnNlcnZpY2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9wcm9qZWN0cy9jb3JlL3NyYy9saWIva2V5LWV4Y2hhbmdlL2tleS1leGNoYW5nZS5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSx1REFBdUQ7QUFDdkQsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUUzQyxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDM0QsT0FBTyxFQUFFLG9CQUFvQixFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFDdkUsT0FBTyxFQUNMLGlCQUFpQixFQUNqQixpQkFBaUIsR0FDbEIsTUFBTSxrQ0FBa0MsQ0FBQztBQUMxQyxPQUFPLEVBQUUsaUJBQWlCLElBQUksR0FBRyxFQUFFLE1BQU0sNEJBQTRCLENBQUM7QUFDdEUsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBRWhELE9BQU8sRUFBRSxXQUFXLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUNuRCxPQUFPLEVBQUUsdUJBQXVCLEVBQUUsTUFBTSx1QkFBdUIsQ0FBQztBQUNoRSxPQUFPLEVBQ0wsbUJBQW1CLEVBQ25CLHlCQUF5QixFQUN6QixtQkFBbUIsRUFDbkIsZ0JBQWdCLEVBQ2hCLGlCQUFpQixFQUNqQixxQkFBcUIsRUFDckIsa0JBQWtCLEdBQ25CLE1BQU0sb0JBQW9CLENBQUM7QUFDNUIsT0FBTyxFQVFMLFFBQVEsR0FPVCxNQUFNLHNCQUFzQixDQUFDOzs7Ozs7OztBQUs5QixNQUFNLE9BQU8sa0JBQWtCO0lBRzdCLFlBQ1UsVUFBZSxFQUNmLFVBQXNCLEVBQ3RCLFFBQXlCLEVBQ3pCLGlCQUFvQyxFQUNwQyxXQUFpQyxFQUNqQyxXQUF3QjtRQUx4QixlQUFVLEdBQVYsVUFBVSxDQUFLO1FBQ2YsZUFBVSxHQUFWLFVBQVUsQ0FBWTtRQUN0QixhQUFRLEdBQVIsUUFBUSxDQUFpQjtRQUN6QixzQkFBaUIsR0FBakIsaUJBQWlCLENBQW1CO1FBQ3BDLGdCQUFXLEdBQVgsV0FBVyxDQUFzQjtRQUNqQyxnQkFBVyxHQUFYLFdBQVcsQ0FBYTtRQVJqQix3QkFBbUIsR0FBRyxFQUFFLENBQUM7SUFTdkMsQ0FBQztJQUVTLGtCQUFrQixDQUM3QixRQUFtQyxFQUFFOztZQUVyQyxNQUFNLEVBQUUsWUFBWSxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FHL0M7Z0JBQ0QsS0FBSyxFQUFFLGlCQUFpQjtnQkFDeEIsU0FBUyxvQkFDSixLQUFLLENBQ1Q7YUFDRixDQUFDLENBQUM7WUFDSCxPQUFPLFlBQVksQ0FBQztRQUN0QixDQUFDO0tBQUE7SUFFRDs7Ozs7T0FLRztJQUNVLGNBQWMsQ0FDekIsRUFBVSxFQUNWLEVBQUUsTUFBTSxFQUFFLEtBQUssS0FBNEIsRUFBRTs7WUFFN0MsTUFBTSxFQUFFLFdBQVcsRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBRzlDO2dCQUNELEtBQUssRUFBRSxLQUFLLENBQUMsQ0FBQyxDQUFDLHFCQUFxQixDQUFDLENBQUMsQ0FBQyxnQkFBZ0I7Z0JBQ3ZELFNBQVMsRUFBRTtvQkFDVCxFQUFFO29CQUNGLEtBQUs7aUJBQ047YUFDRixDQUFDLENBQUM7WUFDSCxPQUFPLE1BQU0sSUFBSSxDQUFDLGtCQUFrQixDQUFDLFdBQVcsRUFBRSxNQUFNLENBQUMsQ0FBQztRQUM1RCxDQUFDO0tBQUE7SUFFYSxxQkFBcUIsQ0FDakMsS0FBYyxFQUNkLEtBQWMsRUFDZCxPQUFZOztZQUVaLG1FQUFtRTtZQUNuRSxJQUFJO2dCQUNGLE9BQU8sR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsS0FBSyxFQUFFLE9BQU8sQ0FBQyxDQUFDO2FBQ2hFO1lBQUMsT0FBTyxLQUFLLEVBQUU7Z0JBQ2QsSUFBSSxLQUFLLENBQUMsT0FBTyxLQUFLLGNBQWMsRUFBRTtvQkFDcEMsTUFBTSxLQUFLLENBQUM7aUJBQ2I7Z0JBQ0QsOEVBQThFO2FBQy9FO1lBRUQsb0dBQW9HO1lBQ3BHLE9BQU8sTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxPQUFPLENBQUMsQ0FBQztRQUM5RCxDQUFDO0tBQUE7SUFFWSxrQkFBa0IsQ0FDN0IsV0FBd0IsRUFDeEIsTUFBZTs7WUFFZixJQUFJLFdBQVcsQ0FBQyxXQUFXLEVBQUU7Z0JBQzNCLE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO2dCQUMxRCw0Q0FBNEM7Z0JBQzVDLE1BQU0sMkJBQTJCLEdBQUcsQ0FBQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ3ZFLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsV0FBVyxDQUFDLHNCQUFzQixDQUNuQyxDQUEyQyxDQUFDO2dCQUU3QyxNQUFNLDhCQUE4QixHQUFHLFdBQVcsQ0FBQyxHQUFHO3FCQUNuRCx5QkFBeUI7b0JBQzFCLENBQUMsQ0FBQyxNQUFNLElBQUksQ0FBQyxxQkFBcUIsQ0FDOUIsTUFBTSxHQUFHLENBQUMsS0FBSyxDQUFDLDJCQUEyQixDQUFDLEtBQUssQ0FBQyxFQUNsRCxNQUFNLEdBQUcsQ0FBQyxLQUFLLENBQUMsMkJBQTJCLENBQUMsVUFBVSxDQUFDLEVBQ3ZELFdBQVcsQ0FBQyxHQUFHLENBQUMseUJBQXlCLENBQzFDO29CQUNILENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBRVQsTUFBTSxTQUFTLEdBQ2IsOEJBQThCO29CQUM5Qiw4QkFBOEIsQ0FBQyxTQUFTLENBQUM7Z0JBQzNDLE1BQU0sU0FBUyxHQUNiLDJCQUEyQixJQUFJLDJCQUEyQixDQUFDLFNBQVMsQ0FBQztnQkFFdkUsdUNBQ0ssV0FBVyxLQUNkLE9BQU8sRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLElBQUksRUFDN0MsV0FBVyxFQUNULFNBQVMsSUFBSSxTQUFTLENBQUMsV0FBVzt3QkFDaEMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxXQUFXLENBQUMseUJBQXlCO3dCQUNqRCxDQUFDLENBQUMsSUFBSSxFQUNWLGFBQWEsRUFDWCxTQUFTLElBQUksU0FBUyxDQUFDLFdBQVc7d0JBQ2hDLENBQUMsQ0FBQyxTQUFTLENBQUMsV0FBVyxDQUFDLHlCQUF5Qjt3QkFDakQsQ0FBQyxDQUFDLElBQUksRUFDVixTQUFTLEVBQUUsU0FBUyxJQUFJLFNBQVMsQ0FBQyxPQUFPLElBQ3pDO2FBQ0g7aUJBQU07Z0JBQ0wsTUFBTSxZQUFZLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFdBQVcsRUFBRSxNQUFNLENBQUMsQ0FBQztnQkFFaEUsTUFBTSxTQUFTLEdBQUcsWUFBWSxJQUFJLFlBQVksQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLENBQUM7Z0JBRTFFLHVDQUNLLFdBQVcsS0FDZCxZQUFZLEVBQ1osT0FBTyxFQUFFLFNBQVMsSUFBSSxTQUFTLENBQUMsT0FBTyxFQUN2QyxXQUFXLEVBQ1QsU0FBUzt3QkFDVCxTQUFTLENBQUMsV0FBVzt3QkFDckIsU0FBUyxDQUFDLFdBQVcsQ0FBQyx5QkFBeUIsSUFDakQ7YUFDSDtRQUNILENBQUM7S0FBQTtJQUVhLFVBQVUsQ0FDdEIsV0FBd0IsRUFDeEIsTUFBZTs7WUFFZixNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBRXZELE9BQU8sS0FBSyxJQUFJLFdBQVcsQ0FBQyxHQUFHLENBQUMsV0FBVztnQkFDekMsQ0FBQyxDQUFDO29CQUNFLGdCQUFnQixFQUFFLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDcEQsS0FBSyxFQUNMLFdBQVcsQ0FBQyxHQUFHLENBQUMsV0FBVyxDQUM1QjtvQkFDRCxLQUFLO2lCQUNOO2dCQUNILENBQUMsQ0FBQyxJQUFJLENBQUM7UUFDWCxDQUFDO0tBQUE7SUFFYSxRQUFRLENBQ3BCLFdBQXdCLEVBQ3hCLE1BQWU7O1lBRWYsSUFBSSxNQUFNLEVBQUU7Z0JBQ1YsT0FBTyxNQUFNLEdBQUcsQ0FBQyxLQUFLLGlDQUNqQixJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsV0FBVyxDQUFDLEtBQzFDLENBQUMsRUFBRSxNQUFNLElBQ1QsQ0FBQzthQUNKO2lCQUFNLElBQ0wsV0FBVyxDQUFDLEdBQUcsQ0FBQyxLQUFLLEtBQUssUUFBUSxDQUFDLGFBQWE7Z0JBQ2hELENBQUMsV0FBVyxDQUFDLFdBQVc7Z0JBQ3hCLFdBQVcsQ0FBQyxHQUFHLENBQUMsa0JBQWtCLEVBQ2xDO2dCQUNBLHlGQUF5RjtnQkFDekYsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsRUFBRSxDQUFDO2dCQUNsRCxNQUFNLGVBQWUsR0FBUSxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQy9ELEdBQUcsQ0FBQyxHQUFHLEVBQ1AsSUFBSSxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLGtCQUFrQixDQUFDLEVBQzlDO29CQUNFLGNBQWMsRUFBRSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQztpQkFDNUMsQ0FDRixDQUFDO2dCQUNGLElBQUksZUFBZSxDQUFDLEtBQUssRUFBRTtvQkFDekIsT0FBTyxNQUFNLEdBQUcsQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUFDLEtBQUssQ0FBQyxDQUFDO2lCQUMvQzthQUNGO1lBQ0QsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO0tBQUE7SUFFSyxXQUFXLENBQUMsRUFDaEIsT0FBTyxFQUNQLEtBQUssRUFDTCxXQUFXLEVBQ1gsT0FBTyxHQUNVOztZQUNqQixNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDaEQsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUM7WUFDckUsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsV0FBVyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBRTlDLGtGQUFrRjtZQUNsRixpQ0FBaUM7WUFDakMsTUFBTSxtQkFBbUIsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsWUFBWSxFQUFFLENBQUM7WUFFakUsb0NBQW9DO1lBQ3BDLG9FQUFvRTtZQUVwRSwrQ0FBK0M7WUFDL0Msc0RBQXNEO1lBQ3RELE1BQU0sWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUMzRCxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUVqRSxJQUFJLHFCQUFxQixHQUFXLElBQUksQ0FBQztZQUV6QyxJQUFJLFdBQVcsSUFBSSxXQUFXLENBQUMsY0FBYyxFQUFFO2dCQUM3QyxxQkFBcUIsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUNwQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQy9CLGVBQWUsQ0FBQyxHQUFHLEVBQ25CLFdBQVcsQ0FBQyxjQUFjLENBQzNCLENBQ0YsQ0FBQzthQUNIO1lBRUQsTUFBTSxTQUFTLEdBQUc7Z0JBQ2hCLE9BQU87Z0JBQ1AsV0FBVyxFQUFFLFdBQVc7b0JBQ3RCLENBQUMsQ0FBQzt3QkFDRSx5QkFBeUIsRUFBRSxXQUFXLENBQUMseUJBQXlCO3FCQUNqRTtvQkFDSCxDQUFDLENBQUMsSUFBSTthQUNULENBQUM7WUFFRix5Q0FBeUM7WUFDekMsTUFBTSxnQkFBZ0IsR0FBcUI7Z0JBQ3pDLEtBQUs7Z0JBQ0wsU0FBUyxrQ0FDSixTQUFTLEtBQ1osVUFBVSxFQUFFLG1CQUFtQixDQUFDLE1BQU0sRUFBRSxFQUN4QyxHQUFHLEVBQUUsWUFBWSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsRUFDOUIsTUFBTSxFQUFFLGVBQWUsQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLEVBQ3BDLE9BQU8sRUFBRTt3QkFDUCxRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7cUJBQ3hCLEdBQ0Y7YUFDRixDQUFDO1lBRUYsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUN0RCxLQUFLLEVBQ0wsZ0JBQWdCLENBQ2pCLENBQUM7WUFFRiwwREFBMEQ7WUFDMUQsTUFBTSwyQkFBMkIsR0FBZ0M7Z0JBQy9ELEtBQUs7Z0JBQ0wsVUFBVSxFQUFFLG1CQUFtQixDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUM7Z0JBQzVDLG9GQUFvRjtnQkFDcEYsd0NBQXdDO2dCQUV4QyxnRUFBZ0U7Z0JBQ2hFLHdFQUF3RTtnQkFDeEUsK0VBQStFO2dCQUMvRSxLQUFLLEVBQUUsS0FBSyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUM7Z0JBQ3pCLDJGQUEyRjtnQkFDM0Ysd0NBQXdDO2dCQUN4QyxvQkFBb0IsRUFBRSxXQUFXO2dCQUNqQyxTQUFTO2FBQ1YsQ0FBQztZQUVGLE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQzFELE1BQU0sc0JBQXNCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNqRSxPQUFPLENBQUMsR0FBRyxFQUNYLDJCQUEyQixDQUM1QixDQUFDO1lBRUYsY0FBYztZQUNkLE1BQU0sTUFBTSxHQUFZLEtBQUssQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFTLENBQUMsQ0FBQyxDQUFDO1lBRXJELFdBQVc7WUFDWCxNQUFNLEVBQUUsc0JBQXNCLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFNO2dCQUNqRSxRQUFRLEVBQUUsbUJBQW1CO2dCQUM3QixTQUFTLEVBQUU7b0JBQ1QsS0FBSyxFQUFFO3dCQUNMLHFDQUFxQzt3QkFDckMsc0JBQXNCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxzQkFBc0IsQ0FBQzt3QkFDOUQsY0FBYyxFQUFFLFlBQVksQ0FBQyxFQUFFO3dCQUMvQixpQkFBaUIsRUFBRSxlQUFlLENBQUMsRUFBRTt3QkFDckMsc0NBQXNDO3dCQUN0QyxXQUFXLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsTUFBTSxFQUFFLENBQUM7d0JBQzNDLFdBQVcsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQzt3QkFDeEMsU0FBUyxFQUFFLEtBQUs7NEJBQ2QsQ0FBQyxDQUFDO2dDQUNFLEtBQUs7Z0NBQ0wsUUFBUSxFQUFFLE1BQU07NkJBQ2pCOzRCQUNILENBQUMsQ0FBQyxJQUFJO3dCQUNSLFFBQVEsRUFBRSxJQUFJO3dCQUNkLHFCQUFxQjt3QkFDckIsT0FBTztxQkFDUjtpQkFDRjthQUNGLENBQUMsQ0FBQztZQUNILE9BQU8sRUFBRSxXQUFXLEVBQUUsc0JBQXNCLENBQUMsV0FBVyxFQUFFLE1BQU0sRUFBRSxDQUFDO1FBQ3JFLENBQUM7S0FBQTtJQUVLLFVBQVUsQ0FBQyxFQUNmLEVBQUUsRUFDRixLQUFLLEVBQ0wsWUFBWSxFQUNaLE9BQU8sRUFDUCxvQkFBb0IsRUFDcEIsb0JBQW9CLEVBQUUsZUFBZSxHQUNyQjs7WUFDaEIsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsV0FBVyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQzlDLE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBRTFELE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsbUJBQW1CLEVBQUUsQ0FBQyxFQUFFLENBQUM7WUFDN0QsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFFOUQsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3BELE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUV0RCxNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDN0QsT0FBTyxDQUFDLEdBQUcsRUFDWCxTQUFTLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN2QixDQUFDO1lBQ0YsTUFBTSxvQkFBb0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQy9ELFNBQVMsQ0FBQyxHQUFHLEVBQ2IsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDekIsQ0FBQztZQUVGLE1BQU0sbUJBQW1CLEdBQUcsTUFBTSxHQUFHLENBQUMsS0FBSyxDQUN6QyxZQUFZLENBQUMsZ0JBQWdCLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FDbkQsQ0FBQztZQUVGLE1BQU0sWUFBWSxHQUFHLE1BQU0sR0FBRyxDQUFDLEtBQUssQ0FDbEMsWUFBWSxDQUFDLGdCQUFnQixDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQzVDLENBQUM7WUFDRixNQUFNLGVBQWUsR0FBRyxNQUFNLEdBQUcsQ0FBQyxLQUFLLENBQ3JDLFlBQVksQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUMvQyxDQUFDO1lBRUYsMkNBQTJDO1lBQzNDLHFEQUFxRDtZQUNyRCxtRUFBbUU7WUFDbkUsOEZBQThGO1lBRTlGLGdEQUFnRDtZQUNoRCxNQUFNLFlBQVksR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDM0QsTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFFakUsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQzFELGVBQWUsQ0FBQyxHQUFHLEVBQ25CLFlBQVksQ0FBQyxNQUFNLEVBQUUsQ0FDdEIsQ0FBQztZQUNGLE1BQU0scUJBQXFCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUM3RCxlQUFlLENBQUMsR0FBRyxFQUNuQixlQUFlLENBQUMsTUFBTSxFQUFFLENBQ3pCLENBQUM7WUFFRixNQUFNLDhCQUE4QixHQUFtQztnQkFDckUsS0FBSyxFQUFFLFlBQVksQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLO2dCQUMxQyxTQUFTLEVBQUUsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUM7Z0JBQ2pDLFdBQVcsRUFBRSxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQztnQkFDckMsU0FBUyxFQUFFO29CQUNULEdBQUcsRUFBRSxZQUFZLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRTtvQkFDOUIsTUFBTSxFQUFFLGVBQWUsQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFO29CQUNwQyxPQUFPLEVBQUU7d0JBQ1AsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO3FCQUN4QjtvQkFDRCxPQUFPO2lCQUNSO2FBQ0YsQ0FBQztZQUVGLElBQUksaUJBQWlCLENBQUM7WUFDdEIsSUFBSSxZQUFZLENBQUMsZ0JBQWdCLENBQUMsU0FBUyxDQUFDLFdBQVcsRUFBRTtnQkFDdkQsd0hBQXdIO2dCQUN4SCw0SEFBNEg7Z0JBQzVILDRIQUE0SDtnQkFDNUgsTUFBTSx5QkFBeUIsR0FDN0IsWUFBWSxDQUFDLGdCQUFnQixDQUFDLFNBQVMsQ0FBQyxXQUFXO3FCQUNoRCx5QkFBeUIsQ0FBQztnQkFFL0IsY0FBYztnQkFDZCxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQ3RELE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDdEQsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGdCQUFnQixFQUFFLENBQUM7Z0JBRXhELGlCQUFpQixHQUFHO29CQUNsQixrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUNoQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDekIsQ0FDRjtvQkFDRCxxQkFBcUIsRUFBRSxPQUFPLENBQUMsRUFBRTtvQkFDakMsa0JBQWtCLEVBQUUsb0JBQW9CO3dCQUN0QyxDQUFDLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FDWixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFdBQVcsRUFDWCxvQkFBb0IsQ0FBQywyQkFBMkIsQ0FDakQsQ0FDRjt3QkFDSCxDQUFDLENBQUMsRUFBRTtvQkFDTixnQkFBZ0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUM5QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFNBQVMsRUFDVCxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUNGO2lCQUNGLENBQUM7Z0JBRUYsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNELFdBQVcsRUFDWCx5QkFBeUIsQ0FDMUIsQ0FBQztnQkFDRixpQkFBaUIsQ0FBQyxtQkFBbUIsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUNwRCxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLEdBQUcsRUFBRSxnQkFBZ0IsQ0FBQyxDQUNoRSxDQUFDO2dCQUNGLGlCQUFpQixDQUFDLFFBQVEsR0FBRyxNQUFNLENBQUMsRUFBRSxDQUFDO2dCQUV2Qyw4QkFBOEIsQ0FBQyxTQUFTLENBQUMsV0FBVyxtQ0FDL0MsOEJBQThCLENBQUMsU0FBUyxDQUFDLFdBQVcsS0FDdkQsZUFBZSxFQUFFLFdBQVcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQzFDLENBQUM7YUFDSDtZQUVELElBQUksYUFBYSxDQUFDO1lBQ2xCLElBQUksZUFBZSxFQUFFO2dCQUNuQixjQUFjO2dCQUNkLE1BQU0sUUFBUSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDbkQsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUN0RCxNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztnQkFFeEQsYUFBYSxHQUFHO29CQUNkLGVBQWUsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUM3QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsUUFBUSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDdEIsQ0FDRjtvQkFDRCxrQkFBa0IsRUFBRSxPQUFPLENBQUMsRUFBRTtvQkFDOUIsZUFBZSxFQUFFLGVBQWUsQ0FBQyx3QkFBd0I7d0JBQ3ZELENBQUMsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUNaLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEMsUUFBUSxFQUNSLGVBQWUsQ0FBQyx3QkFBd0IsQ0FDekMsQ0FDRjt3QkFDSCxDQUFDLENBQUMsRUFBRTtvQkFFTixnQkFBZ0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUM5QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFNBQVMsRUFDVCxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUNGO2lCQUNGLENBQUM7Z0JBRUYsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNELFdBQVcsRUFDWCxlQUFlLENBQUMseUJBQXlCLENBQzFDLENBQUM7Z0JBQ0YsYUFBYSxDQUFDLG1CQUFtQixHQUFHLElBQUksQ0FBQyxTQUFTLENBQ2hELE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxFQUFFLGdCQUFnQixDQUFDLENBQ2hFLENBQUM7Z0JBQ0YsYUFBYSxDQUFDLFFBQVEsR0FBRyxNQUFNLENBQUMsRUFBRSxDQUFDO2dCQUVuQyxJQUFJLGVBQWUsQ0FBQyxjQUFjLEVBQUU7b0JBQ2xDLGFBQWEsQ0FBQyxpQkFBaUIsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUM5QyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQy9CLGVBQWUsQ0FBQyxHQUFHLEVBQ25CLGVBQWUsQ0FBQyxjQUFjLENBQy9CLENBQ0YsQ0FBQztpQkFDSDtnQkFFRCw4Q0FBOEM7Z0JBQzlDLDhCQUE4QixDQUFDLFNBQVMsQ0FBQyxXQUFXLG1DQUMvQyw4QkFBOEIsQ0FBQyxTQUFTLENBQUMsV0FBVyxLQUN2RCx5QkFBeUIsRUFBRSxlQUFlLENBQUMseUJBQXlCLEdBQ3JFLENBQUM7YUFDSDtZQUVELG1DQUFtQztZQUNuQyxJQUFJLHlCQUF5QixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEUsbUJBQW1CLEVBQ25CLDhCQUE4QixDQUMvQixDQUFDO1lBRUYsMEVBQTBFO1lBQzFFLHlCQUF5QixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDOUQsWUFBWSxDQUFDLEtBQUssRUFDbEIseUJBQXlCLENBQzFCLENBQUM7WUFFRixNQUFNLEVBQUUscUJBQXFCLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFNO2dCQUNoRSxRQUFRLEVBQUUsa0JBQWtCO2dCQUM1QixTQUFTLEVBQUU7b0JBQ1QsS0FBSyxFQUFFO3dCQUNMLGFBQWEsRUFBRSxFQUFFO3dCQUNqQixnQkFBZ0IsRUFBRSxLQUFLO3dCQUN2QixTQUFTLEVBQUUsT0FBTyxDQUFDLEVBQUU7d0JBQ3JCLFdBQVc7d0JBQ1gscUNBQXFDO3dCQUNyQyxjQUFjLEVBQUUsWUFBWSxDQUFDLEVBQUU7d0JBQy9CLGlCQUFpQixFQUFFLGVBQWUsQ0FBQyxFQUFFO3dCQUNyQyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGtCQUFrQixDQUFDO3dCQUN0RCxxQkFBcUIsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLHFCQUFxQixDQUFDO3dCQUM1RCxzRUFBc0U7d0JBRXRFLDJDQUEyQzt3QkFDM0Msc0VBQXNFO3dCQUN0RSxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGtCQUFrQixDQUFDO3dCQUN0RCxvQkFBb0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLG9CQUFvQixDQUFDO3dCQUMxRCxzQ0FBc0M7d0JBQ3RDLHlCQUF5QixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMseUJBQXlCLENBQUM7d0JBQ3BFLG9CQUFvQixFQUFFLGlCQUFpQjt3QkFDdkMsb0JBQW9CLEVBQUUsYUFBYTtxQkFDcEM7aUJBQ0Y7YUFDRixDQUFDLENBQUM7WUFFSCxPQUFPO2dCQUNMLFdBQVcsRUFBRSxxQkFBcUIsQ0FBQyxXQUFXO2dCQUM5QyxhQUFhLEVBQUUscUJBQXFCLENBQUMsYUFBYTtnQkFDbEQsRUFBRSxFQUFFLHFCQUFxQixDQUFDLEVBQUU7YUFDN0IsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVLLFdBQVcsQ0FDZixhQUFxQixFQUNyQixzQkFBOEIsRUFDOUIseUJBQWlDLEVBQ2pDLG9CQUE2Qjs7WUFFN0IsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDMUQsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFFOUQsNENBQTRDO1lBQzVDLE1BQU0sMkJBQTJCLEdBQUcsQ0FBQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ3ZFLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsc0JBQXNCLENBQ3ZCLENBQTJDLENBQUM7WUFFN0Msb0dBQW9HO1lBQ3BHLE1BQU0sOEJBQThCLEdBQUcsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQ3JFLE1BQU0sR0FBRyxDQUFDLEtBQUssQ0FBQywyQkFBMkIsQ0FBQyxLQUFLLENBQUMsRUFDbEQsTUFBTSxHQUFHLENBQUMsS0FBSyxDQUFDLDJCQUEyQixDQUFDLFVBQVUsQ0FBQyxFQUN2RCx5QkFBeUIsQ0FDMUIsQ0FBQztZQUVGLDRFQUE0RTtZQUM1RSxJQUNFLDJCQUEyQixDQUFDLEtBQUssS0FBSyw4QkFBOEIsQ0FBQyxLQUFLLEVBQzFFO2dCQUNBLE1BQU0sSUFBSSx1QkFBdUIsQ0FDL0IsdUZBQXVGLENBQ3hGLENBQUM7YUFDSDtZQUVELDhEQUE4RDtZQUM5RCxrRkFBa0Y7WUFDbEYsOEZBQThGO1lBRTlGLCtDQUErQztZQUMvQyx1RUFBdUU7WUFDdkUsaUNBQWlDO1lBRWpDLHFEQUFxRDtZQUNyRCxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUNqRSxNQUFNLGVBQWUsR0FBRyxNQUFNLEdBQUcsQ0FBQyxLQUFLLENBQ3JDLDhCQUE4QixDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQ2hELENBQUM7WUFDRixNQUFNLFlBQVksR0FBRyxNQUFNLEdBQUcsQ0FBQyxLQUFLLENBQ2xDLDhCQUE4QixDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQzdDLENBQUM7WUFFRixNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FDMUQsZUFBZSxDQUFDLEdBQUcsRUFDbkIsWUFBWSxDQUFDLE1BQU0sRUFBRSxDQUN0QixDQUFDO1lBQ0YsTUFBTSxxQkFBcUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQzdELGVBQWUsQ0FBQyxHQUFHLEVBQ25CLGVBQWUsQ0FBQyxNQUFNLEVBQUUsQ0FDekIsQ0FBQztZQUVGLE1BQU0sU0FBUyxHQUFHLE1BQU0sR0FBRyxDQUFDLEtBQUssQ0FBQyw4QkFBOEIsQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUM1RSxNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDN0QsT0FBTyxDQUFDLEdBQUcsRUFDWCxTQUFTLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN2QixDQUFDO1lBRUYsTUFBTSxXQUFXLEdBQUcsTUFBTSxHQUFHLENBQUMsS0FBSyxDQUNqQyw4QkFBOEIsQ0FBQyxXQUFXLENBQzNDLENBQUM7WUFDRixNQUFNLG9CQUFvQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDL0QsU0FBUyxDQUFDLEdBQUcsRUFDYixXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUFDO1lBRUYsSUFBSSwrQkFBK0IsQ0FBQztZQUNwQyxJQUFJLG9CQUFvQixFQUFFO2dCQUN4QixhQUFhO2dCQUNiLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFFdEQsK0JBQStCLEdBQUc7b0JBQ2hDLGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQ2hDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEMsT0FBTyxDQUFDLEdBQUcsRUFDWCxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUNGO29CQUNELHFCQUFxQixFQUFFLE9BQU8sQ0FBQyxFQUFFO29CQUNqQyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUNoQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLFdBQVcsRUFDWCxvQkFBb0IsQ0FDckIsQ0FDRjtpQkFDRixDQUFDO2FBQ0g7WUFFRCx3REFBd0Q7WUFDeEQsSUFBSSwrQkFBK0IsQ0FBQztZQUNwQyxJQUFJLHFDQUFxQyxDQUFDO1lBQzFDLElBQUksMkJBQTJCLENBQUMsb0JBQW9CLEVBQUU7Z0JBQ3BELE1BQU0sb0JBQW9CLEdBQ3hCLDJCQUEyQixDQUFDLG9CQUFvQixDQUFDO2dCQUNuRCxNQUFNLFFBQVEsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQ25ELE1BQU0sZUFBZSxHQUFHLE1BQU0sR0FBRyxDQUFDLEtBQUssQ0FDckMsOEJBQThCLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQyxlQUFlLENBQ3JFLENBQUM7Z0JBRUYsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDcEMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUUsUUFBUSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUN6RSxDQUFDO2dCQUNGLE1BQU0sZUFBZSxHQUFHLG9CQUFvQixDQUFDLHdCQUF3QjtvQkFDbkUsQ0FBQyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQ1osTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxRQUFRLEVBQ1Isb0JBQW9CLENBQUMsd0JBQXdCLENBQzlDLENBQ0Y7b0JBQ0gsQ0FBQyxDQUFDLEVBQUUsQ0FBQztnQkFFUCwrQkFBK0IsR0FBRztvQkFDaEMsZUFBZTtvQkFDZixrQkFBa0IsRUFBRSxPQUFPLENBQUMsRUFBRTtvQkFDOUIsZUFBZTtpQkFDaEIsQ0FBQztnQkFFRixxQ0FBcUMsR0FBRztvQkFDdEMsUUFBUSxFQUFFLGVBQWUsQ0FBQyxFQUFFO2lCQUM3QixDQUFDO2dCQUVGLE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMzRCxlQUFlLEVBQ2Ysb0JBQW9CLENBQUMseUJBQXlCLENBQy9DLENBQUM7Z0JBQ0YscUNBQXFDLENBQUMsbUJBQW1CO29CQUN2RCxJQUFJLENBQUMsU0FBUyxDQUNaLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FDL0IsZUFBZSxDQUFDLEdBQUcsRUFDbkIsZ0JBQWdCLENBQ2pCLENBQ0YsQ0FBQzthQUNMO1lBRUQsc0dBQXNHO1lBQ3RHLG1DQUFtQztZQUVuQyxNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFNO2dCQUMxQyxRQUFRLEVBQUUsbUJBQW1CO2dCQUM3QixTQUFTLEVBQUU7b0JBQ1QsS0FBSyxFQUFFO3dCQUNMLGFBQWE7d0JBQ2IsU0FBUyxFQUFFLE9BQU8sQ0FBQyxFQUFFO3dCQUNyQixXQUFXLEVBQUUsU0FBUyxDQUFDLEVBQUU7d0JBQ3pCLGlCQUFpQixFQUFFLGVBQWUsQ0FBQyxFQUFFO3dCQUNyQyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGtCQUFrQixDQUFDO3dCQUN0RCxxQkFBcUIsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLHFCQUFxQixDQUFDO3dCQUM1RCxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGtCQUFrQixDQUFDO3dCQUN0RCxvQkFBb0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLG9CQUFvQixDQUFDO3dCQUMxRCwwQkFBMEIsRUFBRSwrQkFBK0I7d0JBQzNELDBCQUEwQixFQUFFLCtCQUErQjt3QkFDM0QsZ0NBQWdDLEVBQzlCLHFDQUFxQztxQkFDeEM7aUJBQ0Y7YUFDRixDQUFDLENBQUM7WUFDSCxPQUFPLEdBQUcsQ0FBQyxzQkFBc0IsQ0FBQztRQUNwQyxDQUFDO0tBQUE7SUFFWSxvQkFBb0IsQ0FBQyxLQUdqQzs7WUFDQyxNQUFNLEVBQUUsb0JBQW9CLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFNO2dCQUM5RCxLQUFLLEVBQUUseUJBQXlCO2dCQUNoQyxTQUFTLEVBQUU7b0JBQ1QsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO29CQUN4QixNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU07aUJBQ3JCO2FBQ0YsQ0FBQyxDQUFDO1lBQ0gsT0FBTyxvQkFBb0IsQ0FBQyxhQUFhLENBQUM7UUFDNUMsQ0FBQztLQUFBOzs7O1lBbnJCRixVQUFVLFNBQUM7Z0JBQ1YsVUFBVSxFQUFFLE1BQU07YUFDbkI7OztZQWpDNkIsR0FBRztZQUN4QixVQUFVO1lBUFYsZUFBZTtZQUd0QixpQkFBaUI7WUFGVixvQkFBb0I7WUFRcEIsV0FBVyIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIEB0eXBlc2NyaXB0LWVzbGludC9uby1leHBsaWNpdC1hbnkgKi9cbmltcG9ydCB7IEluamVjdGFibGUgfSBmcm9tICdAYW5ndWxhci9jb3JlJztcbmltcG9ydCB7IEpXSyB9IGZyb20gJ25vZGUtam9zZSc7XG5pbXBvcnQgeyBMckFwb2xsb1NlcnZpY2UgfSBmcm9tICcuLi9hcGkvbHItYXBvbGxvLnNlcnZpY2UnO1xuaW1wb3J0IHsgTGlmZVJlYWR5QXV0aFNlcnZpY2UgfSBmcm9tICcuLi9hdXRoL2xpZmUtcmVhZHktYXV0aC5zZXJ2aWNlJztcbmltcG9ydCB7XG4gIEVuY3J5cHRpb25TZXJ2aWNlLFxuICBKb3NlU2VyaWFsaXphdGlvbixcbn0gZnJvbSAnLi4vZW5jcnlwdGlvbi9lbmNyeXB0aW9uLnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5RmFjdG9yeVNlcnZpY2UgYXMgS0ZTIH0gZnJvbSAnLi4va2V5L2tleS1mYWN0b3J5LnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5U2VydmljZSB9IGZyb20gJy4uL2tleS9rZXkuc2VydmljZSc7XG5pbXBvcnQgeyBLZXlHcmFwaFJlc3BvbnNlIH0gZnJvbSAnLi4va2V5L2tleS50eXBlcyc7XG5pbXBvcnQgeyBVc2VyU2VydmljZSB9IGZyb20gJy4uL3VzZXIvdXNlci5zZXJ2aWNlJztcbmltcG9ydCB7IExyQ29kZU1pc21hdGNoRXhjZXB0aW9uIH0gZnJvbSAnLi4vX2NvbW1vbi9leGNlcHRpb25zJztcbmltcG9ydCB7XG4gIENvbXBsZXRlT3RrTXV0YXRpb24sXG4gIEN1cnJlbnRVc2VyU2hhcmVkS2V5UXVlcnksXG4gIEluaXRpYXRlT3RrTXV0YXRpb24sXG4gIEtleUV4Y2hhbmdlUXVlcnksXG4gIEtleUV4Y2hhbmdlc1F1ZXJ5LFxuICBLZXlFeGNoYW5nZVRva2VuUXVlcnksXG4gIFJlc3BvbmRPdGtNdXRhdGlvbixcbn0gZnJvbSAnLi9rZXktZXhjaGFuZ2UuZ3FsJztcbmltcG9ydCB7XG4gIENvbXBsZXRlT3RrLFxuICBEZWNyeXB0ZWRLZXlFeGNoYW5nZSxcbiAgRGVjcnlwdGVkT3RrLFxuICBHZXRLZXlFeGNoYW5nZUxpc3RPcHRpb25zLFxuICBHZXRLZXlFeGNoYW5nZU9wdGlvbnMsXG4gIEluaXRpYXRlT3RrSW5wdXQsXG4gIEtleUV4Y2hhbmdlLFxuICBPdGtTdGF0ZSxcbiAgUGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLFxuICBQbGFpbkluaXRpYXRvclJvb3RLZXlDaXBoZXIsXG4gIFBsYWluT3RLZXlDaXBoZXIsXG4gIFJlc3BvbmRPdGssXG4gIFJlc3BvbmRPdGtJbnB1dCxcbiAgVXNlclNoYXJlZEtleSxcbn0gZnJvbSAnLi9rZXktZXhjaGFuZ2UudHlwZXMnO1xuXG5ASW5qZWN0YWJsZSh7XG4gIHByb3ZpZGVkSW46ICdyb290Jyxcbn0pXG5leHBvcnQgY2xhc3MgS2V5RXhjaGFuZ2VTZXJ2aWNlIHtcbiAgcHJpdmF0ZSByZWFkb25seSBDTElFTlRfTk9OQ0VfTEVOR1RIID0gMzI7XG5cbiAgY29uc3RydWN0b3IoXG4gICAgcHJpdmF0ZSBrZXlGYWN0b3J5OiBLRlMsXG4gICAgcHJpdmF0ZSBrZXlTZXJ2aWNlOiBLZXlTZXJ2aWNlLFxuICAgIHByaXZhdGUgbHJBcG9sbG86IExyQXBvbGxvU2VydmljZSxcbiAgICBwcml2YXRlIGVuY3J5cHRpb25TZXJ2aWNlOiBFbmNyeXB0aW9uU2VydmljZSxcbiAgICBwcml2YXRlIGF1dGhTZXJ2aWNlOiBMaWZlUmVhZHlBdXRoU2VydmljZSxcbiAgICBwcml2YXRlIHVzZXJTZXJ2aWNlOiBVc2VyU2VydmljZVxuICApIHt9XG5cbiAgcHVibGljIGFzeW5jIGdldEtleUV4Y2hhbmdlTGlzdChcbiAgICBpbnB1dDogR2V0S2V5RXhjaGFuZ2VMaXN0T3B0aW9ucyA9IHt9XG4gICk6IFByb21pc2U8YW55PiB7XG4gICAgY29uc3QgeyBrZXlFeGNoYW5nZXMgfSA9IGF3YWl0IHRoaXMubHJBcG9sbG8ucXVlcnk8e1xuICAgICAga2V5RXhjaGFuZ2VzOiBhbnk7XG4gICAgICBrZXlHcmFwaDogS2V5R3JhcGhSZXNwb25zZTtcbiAgICB9Pih7XG4gICAgICBxdWVyeTogS2V5RXhjaGFuZ2VzUXVlcnksXG4gICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgLi4uaW5wdXQsXG4gICAgICB9LFxuICAgIH0pO1xuICAgIHJldHVybiBrZXlFeGNoYW5nZXM7XG4gIH1cblxuICAvKipcbiAgICogQHBhcmFtIGlkIElmIHRoZSBjdXJyZW50IHVzZXIgY2FuIHJlc3BvbmRlciB0aGUga2V5IGV4Y2hhbmdlIGlmIHRoZXkgYXJlIGVpdGhlciB0aGUgaW5pdGlhdG9yIG9yIHRoZSByZWNlaXZlci5cbiAgICogQHBhcmFtIHRva2VuIElmIG5vdCBzaWduZWQgaW4sIG9yIG5vdCB0aGUgaW5pdGlhdG9yIG9yIHJlc3BvbmRlciwgJ3Rva2VuJyBtdXN0IGJlIGdpdmVuLlxuICAgKiBAcGFyYW0gb3RLZXlLIElzIHRoZSByYXcgb25lLXRpbWUga2V5IChzdHJpbmcpLiBJZiB0aGUgcmVzcG9uZGVyIGlzIGV4cGxpY2l0bHkgc3BlY2lmaWVkIGF0IHRpbWUgb2YgaW5pdGlhdGlvbiwgdGhlblxuICAgKiAgIGl0J3MgcG9zc2libGUgdG8gaGF2ZSB0aGUgb3RLZXkgd3JhcHBlZCBieSB0aGUgcHVibGljIGtleSBvZiB0aGUgcmVzcG9uZGVyLiBJbiB3aGljaCBjYXNlLCB0aGUgb3RLZXlLIGlzIG5vdCBuZWVkZWQuXG4gICAqL1xuICBwdWJsaWMgYXN5bmMgZ2V0S2V5RXhjaGFuZ2UoXG4gICAgaWQ6IHN0cmluZyxcbiAgICB7IG90S2V5SywgdG9rZW4gfTogR2V0S2V5RXhjaGFuZ2VPcHRpb25zID0ge31cbiAgKTogUHJvbWlzZTxEZWNyeXB0ZWRLZXlFeGNoYW5nZT4ge1xuICAgIGNvbnN0IHsga2V5RXhjaGFuZ2UgfSA9IGF3YWl0IHRoaXMubHJBcG9sbG8ucXVlcnk8e1xuICAgICAga2V5RXhjaGFuZ2U6IEtleUV4Y2hhbmdlO1xuICAgICAga2V5R3JhcGg6IEtleUdyYXBoUmVzcG9uc2U7XG4gICAgfT4oe1xuICAgICAgcXVlcnk6IHRva2VuID8gS2V5RXhjaGFuZ2VUb2tlblF1ZXJ5IDogS2V5RXhjaGFuZ2VRdWVyeSxcbiAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICBpZCxcbiAgICAgICAgdG9rZW4sXG4gICAgICB9LFxuICAgIH0pO1xuICAgIHJldHVybiBhd2FpdCB0aGlzLmRlY3J5cHRLZXlFeGNoYW5nZShrZXlFeGNoYW5nZSwgb3RLZXlLKTtcbiAgfVxuXG4gIHByaXZhdGUgYXN5bmMgZGVjcnlwdFJlc3BvbnNlQ2lwaGVyKFxuICAgIG90S2V5OiBKV0suS2V5LFxuICAgIG90UHJrOiBKV0suS2V5LFxuICAgIGNvbnRlbnQ6IGFueVxuICApOiBQcm9taXNlPFBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlcj4ge1xuICAgIC8vIFRoZSByZXNwb25zZSBjb3VsZCBiZSB3cmFwcGVkIGJ5IHRoZSBPdEsgYXMgd2VsbCBhcyB3ZSB0aGUgT3RQcmtcbiAgICB0cnkge1xuICAgICAgY29udGVudCA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChvdEtleSwgY29udGVudCk7XG4gICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgIGlmIChlcnJvci5tZXNzYWdlICE9PSAnbm8ga2V5IGZvdW5kJykge1xuICAgICAgICB0aHJvdyBlcnJvcjtcbiAgICAgIH1cbiAgICAgIC8vIERvIG5vdGhpbmcgdG8gc3VwcG9ydCBvbGRlciB2ZXJzaW9ucyB3aGVyZSBtZXNzYWdlIGlzIG5vdCB3cmFwcGVkIHdpdGggb3RrLlxuICAgIH1cblxuICAgIC8vIFRoZSBQcmsgaXMgc2luZ2xlLXVzZSBhbmQgb25seSB1c2VkIHRvIHNlbmQgaW5mb3JtYXRpb24gZnJvbSB0aGUgcmVzcG9uZGVyIGJhY2sgdG8gdGhlIGluaXRpYXRvci5cbiAgICByZXR1cm4gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KG90UHJrLCBjb250ZW50KTtcbiAgfVxuXG4gIHB1YmxpYyBhc3luYyBkZWNyeXB0S2V5RXhjaGFuZ2UoXG4gICAga2V5RXhjaGFuZ2U6IEtleUV4Y2hhbmdlLFxuICAgIG90S2V5Sz86IHN0cmluZ1xuICApOiBQcm9taXNlPERlY3J5cHRlZEtleUV4Y2hhbmdlPiB7XG4gICAgaWYgKGtleUV4Y2hhbmdlLmlzSW5pdGlhdG9yKSB7XG4gICAgICBjb25zdCByb290S2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRSb290S2V5KCk7XG4gICAgICAvLyBEZWNyeXB0IHVzaW5nIHRoZSByb290IGtleSB0byBnZXQgdGhlIFBya1xuICAgICAgY29uc3QgcGxhaW5Jbml0aWF0b3JSb290S2V5Q2lwaGVyID0gKGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcbiAgICAgICAgcm9vdEtleS5qd2ssXG4gICAgICAgIGtleUV4Y2hhbmdlLmluaXRpYXRvclJvb3RLZXlDaXBoZXJcbiAgICAgICkpIGFzIHVua25vd24gYXMgUGxhaW5Jbml0aWF0b3JSb290S2V5Q2lwaGVyO1xuXG4gICAgICBjb25zdCBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIgPSBrZXlFeGNoYW5nZS5vdGtcbiAgICAgICAgLmluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJcbiAgICAgICAgPyBhd2FpdCB0aGlzLmRlY3J5cHRSZXNwb25zZUNpcGhlcihcbiAgICAgICAgICAgIGF3YWl0IEtGUy5hc0tleShwbGFpbkluaXRpYXRvclJvb3RLZXlDaXBoZXIub3RLZXkpLFxuICAgICAgICAgICAgYXdhaXQgS0ZTLmFzS2V5KHBsYWluSW5pdGlhdG9yUm9vdEtleUNpcGhlci5vbmVUaW1lUHJrKSxcbiAgICAgICAgICAgIGtleUV4Y2hhbmdlLm90ay5pbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyXG4gICAgICAgICAgKVxuICAgICAgICA6IG51bGw7XG5cbiAgICAgIGNvbnN0IHJlc3BvbmRlciA9XG4gICAgICAgIHBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlciAmJlxuICAgICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIucmVzcG9uZGVyO1xuICAgICAgY29uc3QgaW5pdGlhdG9yID1cbiAgICAgICAgcGxhaW5Jbml0aWF0b3JSb290S2V5Q2lwaGVyICYmIHBsYWluSW5pdGlhdG9yUm9vdEtleUNpcGhlci5pbml0aWF0b3I7XG5cbiAgICAgIHJldHVybiB7XG4gICAgICAgIC4uLmtleUV4Y2hhbmdlLFxuICAgICAgICBtZXNzYWdlOiByZXNwb25kZXIgPyByZXNwb25kZXIubWVzc2FnZSA6IG51bGwsXG4gICAgICAgIGNvbnRhY3RDYXJkOlxuICAgICAgICAgIHJlc3BvbmRlciAmJiByZXNwb25kZXIuY29udGFjdENhcmRcbiAgICAgICAgICAgID8gcmVzcG9uZGVyLmNvbnRhY3RDYXJkLnBsYWluU2hhcmVkQ2lwaGVyRGF0YUpzb25cbiAgICAgICAgICAgIDogbnVsbCxcbiAgICAgICAgbXlDb250YWN0Q2FyZDpcbiAgICAgICAgICBpbml0aWF0b3IgJiYgaW5pdGlhdG9yLmNvbnRhY3RDYXJkXG4gICAgICAgICAgICA/IGluaXRpYXRvci5jb250YWN0Q2FyZC5wbGFpblNoYXJlZENpcGhlckRhdGFKc29uXG4gICAgICAgICAgICA6IG51bGwsXG4gICAgICAgIG15TWVzc2FnZTogaW5pdGlhdG9yICYmIGluaXRpYXRvci5tZXNzYWdlLFxuICAgICAgfTtcbiAgICB9IGVsc2Uge1xuICAgICAgY29uc3QgZGVjcnlwdGVkT3RrID0gYXdhaXQgdGhpcy5kZWNyeXB0T3RrKGtleUV4Y2hhbmdlLCBvdEtleUspO1xuXG4gICAgICBjb25zdCBpbml0aWF0b3IgPSBkZWNyeXB0ZWRPdGsgJiYgZGVjcnlwdGVkT3RrLnBsYWluT3RLZXlDaXBoZXIuaW5pdGlhdG9yO1xuXG4gICAgICByZXR1cm4ge1xuICAgICAgICAuLi5rZXlFeGNoYW5nZSxcbiAgICAgICAgZGVjcnlwdGVkT3RrLFxuICAgICAgICBtZXNzYWdlOiBpbml0aWF0b3IgJiYgaW5pdGlhdG9yLm1lc3NhZ2UsXG4gICAgICAgIGNvbnRhY3RDYXJkOlxuICAgICAgICAgIGluaXRpYXRvciAmJlxuICAgICAgICAgIGluaXRpYXRvci5jb250YWN0Q2FyZCAmJlxuICAgICAgICAgIGluaXRpYXRvci5jb250YWN0Q2FyZC5wbGFpblNoYXJlZENpcGhlckRhdGFKc29uLFxuICAgICAgfTtcbiAgICB9XG4gIH1cblxuICBwcml2YXRlIGFzeW5jIGRlY3J5cHRPdGsoXG4gICAga2V5RXhjaGFuZ2U6IEtleUV4Y2hhbmdlLFxuICAgIG90S2V5Sz86IHN0cmluZ1xuICApOiBQcm9taXNlPERlY3J5cHRlZE90az4ge1xuICAgIGNvbnN0IG90S2V5ID0gYXdhaXQgdGhpcy5nZXRPdEtleShrZXlFeGNoYW5nZSwgb3RLZXlLKTtcblxuICAgIHJldHVybiBvdEtleSAmJiBrZXlFeGNoYW5nZS5vdGsub3RLZXlDaXBoZXJcbiAgICAgID8ge1xuICAgICAgICAgIHBsYWluT3RLZXlDaXBoZXI6IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcbiAgICAgICAgICAgIG90S2V5LFxuICAgICAgICAgICAga2V5RXhjaGFuZ2Uub3RrLm90S2V5Q2lwaGVyXG4gICAgICAgICAgKSxcbiAgICAgICAgICBvdEtleSxcbiAgICAgICAgfVxuICAgICAgOiBudWxsO1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBnZXRPdEtleShcbiAgICBrZXlFeGNoYW5nZTogS2V5RXhjaGFuZ2UsXG4gICAgb3RLZXlLPzogc3RyaW5nXG4gICk6IFByb21pc2U8SldLLktleT4ge1xuICAgIGlmIChvdEtleUspIHtcbiAgICAgIHJldHVybiBhd2FpdCBLRlMuYXNLZXkoe1xuICAgICAgICAuLi5KU09OLnBhcnNlKGtleUV4Y2hhbmdlLm90ay5vdEtleVBhcmFtcyksXG4gICAgICAgIGs6IG90S2V5SyxcbiAgICAgIH0pO1xuICAgIH0gZWxzZSBpZiAoXG4gICAgICBrZXlFeGNoYW5nZS5vdGsuc3RhdGUgPT09IE90a1N0YXRlLk9US19JTklUSUFURUQgJiZcbiAgICAgICFrZXlFeGNoYW5nZS5pc0luaXRpYXRvciAmJlxuICAgICAga2V5RXhjaGFuZ2Uub3RrLnJlc3BvbmRlclBia0NpcGhlclxuICAgICkge1xuICAgICAgLy8gQXNzdW1pbmcgZXhpc3RpbmcgdXNlciBnZXR0aW5nIGludml0ZWQgd2hlcmUgT1RLIGlzIHdyYXBwZWQgaW4gcmVzcG9uZGVyJ3MgcHVibGljIGtleS5cbiAgICAgIGNvbnN0IHByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50UHhrKCk7XG4gICAgICBjb25zdCBkZWNyeXB0ZWRDaXBoZXI6IGFueSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcbiAgICAgICAgcHJrLmp3ayxcbiAgICAgICAgSlNPTi5wYXJzZShrZXlFeGNoYW5nZS5vdGsucmVzcG9uZGVyUGJrQ2lwaGVyKSxcbiAgICAgICAge1xuICAgICAgICAgIHNlcmlhbGl6YXRpb25zOiBbSm9zZVNlcmlhbGl6YXRpb24uQ09NUEFDVF0sXG4gICAgICAgIH1cbiAgICAgICk7XG4gICAgICBpZiAoZGVjcnlwdGVkQ2lwaGVyLm90S2V5KSB7XG4gICAgICAgIHJldHVybiBhd2FpdCBLRlMuYXNLZXkoZGVjcnlwdGVkQ2lwaGVyLm90S2V5KTtcbiAgICAgIH1cbiAgICB9XG4gICAgcmV0dXJuIG51bGw7XG4gIH1cblxuICBhc3luYyBpbml0aWF0ZU90ayh7XG4gICAgbWVzc2FnZSxcbiAgICBlbWFpbCxcbiAgICBjb250YWN0Q2FyZCxcbiAgICB1cGdyYWRlLFxuICB9OiBJbml0aWF0ZU90a0lucHV0KTogUHJvbWlzZTx7IGtleUV4Y2hhbmdlOiBLZXlFeGNoYW5nZTsgb3RLZXlLOiBzdHJpbmcgfT4ge1xuICAgIGNvbnN0IG90S2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgIGNvbnN0IG5vbmNlID0gdGhpcy5rZXlGYWN0b3J5LnJhbmRvbVN0cmluZyh0aGlzLkNMSUVOVF9OT05DRV9MRU5HVEgpO1xuICAgIGNvbnN0IHVzZXIgPSBhd2FpdCB0aGlzLmF1dGhTZXJ2aWNlLmdldFVzZXIoKTtcblxuICAgIC8vIE5ldyBQS0Mga2V5IGZvciBlbmNyeXB0aW9uLiBUaGlzIGtleSBpcyB1c2VkIG9ubHkgb25jZSB3aGVuIHRoZSByZXNwb25kZXIgc2VuZHNcbiAgICAvLyBiYWNrIHRoZWlyIHNpZ25pbmcgcHVibGljIGtleS5cbiAgICBjb25zdCBpbml0aWF0b3JPbmVUaW1lUHJrID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZVBrY0tleSgpO1xuXG4gICAgLy8gT3B0aW9uIDE6IE5ldyBQS0Mga2V5IGZvciBzaWduaW5nXG4gICAgLy8gY29uc3QgaW5pdGlhdG9yU2lnUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmNyZWF0ZVBrY1NpZ25LZXkoKTtcblxuICAgIC8vIE9wdGlvbiAyOiBVc2UgdGhlIHVzZXIncyBnbG9iYWwgc2lnbmluZyBrZXkuXG4gICAgLy8gVGhpcyBrZXkgaXMgdXNlZCB0byBwcm92ZSB0aGUgaW5pdGlhdG9yJ3MgaWRlbnRpdHkuXG4gICAgY29uc3QgaW5pdGlhdG9yUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRQeGsoKTtcbiAgICBjb25zdCBpbml0aWF0b3JTaWdQcmsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFNpZ1B4aygpO1xuXG4gICAgbGV0IGluaXRpYXRvclBsYWluRGF0YVNpZzogc3RyaW5nID0gbnVsbDtcblxuICAgIGlmIChjb250YWN0Q2FyZCAmJiBjb250YWN0Q2FyZC5vd25lclBsYWluRGF0YSkge1xuICAgICAgaW5pdGlhdG9yUGxhaW5EYXRhU2lnID0gSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihcbiAgICAgICAgICBpbml0aWF0b3JTaWdQcmsuandrLFxuICAgICAgICAgIGNvbnRhY3RDYXJkLm93bmVyUGxhaW5EYXRhXG4gICAgICAgIClcbiAgICAgICk7XG4gICAgfVxuXG4gICAgY29uc3QgaW5pdGlhdG9yID0ge1xuICAgICAgbWVzc2FnZSxcbiAgICAgIGNvbnRhY3RDYXJkOiBjb250YWN0Q2FyZFxuICAgICAgICA/IHtcbiAgICAgICAgICAgIHBsYWluU2hhcmVkQ2lwaGVyRGF0YUpzb246IGNvbnRhY3RDYXJkLnBsYWluU2hhcmVkQ2lwaGVyRGF0YUpzb24sXG4gICAgICAgICAgfVxuICAgICAgICA6IG51bGwsXG4gICAgfTtcblxuICAgIC8vIENvbnRlbnQgdG8gYmUgZW5jcnlwdGVkIHVzaW5nIHRoZSBPVEsuXG4gICAgY29uc3QgcGxhaW5PdEtleUNpcGhlcjogUGxhaW5PdEtleUNpcGhlciA9IHtcbiAgICAgIG5vbmNlLFxuICAgICAgaW5pdGlhdG9yOiB7XG4gICAgICAgIC4uLmluaXRpYXRvcixcbiAgICAgICAgb25lVGltZVBiazogaW5pdGlhdG9yT25lVGltZVByay50b0pTT04oKSwgLy8gb25ldGltZSBwdWJsaWMgZW5jcnlwdGlvbiBrZXkgcmVzcG9uZGVyIHVzZSB0byBzZW5kIGRhdGEgYmFjayB0byBpbml0aWF0b3JcbiAgICAgICAgcGJrOiBpbml0aWF0b3JQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMgZW5jcnlwdGlvbiBrZXlcbiAgICAgICAgc2lnUGJrOiBpbml0aWF0b3JTaWdQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMgc2lnbmluZyBrZXlcbiAgICAgICAgcHJvZmlsZToge1xuICAgICAgICAgIHVzZXJuYW1lOiB1c2VyLnVzZXJuYW1lLFxuICAgICAgICB9LFxuICAgICAgfSxcbiAgICB9O1xuXG4gICAgY29uc3Qgb3RLZXlDaXBoZXIgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICBvdEtleSxcbiAgICAgIHBsYWluT3RLZXlDaXBoZXJcbiAgICApO1xuXG4gICAgLy8gQ29udGVudCB0byBiZSBlbmNyeXB0ZWQgdXNpbmcgdGhlIGluaXRpYXRvcidzIHJvb3Qga2V5LlxuICAgIGNvbnN0IHBsYWluSW5pdGlhdG9yUm9vdEtleUNpcGhlcjogUGxhaW5Jbml0aWF0b3JSb290S2V5Q2lwaGVyID0ge1xuICAgICAgbm9uY2UsXG4gICAgICBvbmVUaW1lUHJrOiBpbml0aWF0b3JPbmVUaW1lUHJrLnRvSlNPTih0cnVlKSxcbiAgICAgIC8vIFNob3VsZCBub3QgbmVlZCB0byBrZWVwIHRoaXMgZW5jcnlwdGVkIHNpbmNlIHdlIGFyZSB1c2luZyB0aGUgZ2xvYmFsIHNpZ25pbmcga2V5LlxuICAgICAgLy8gc2lnUHJrOiBpbml0aWF0b3JTaWdQcmsudG9KU09OKHRydWUpLFxuXG4gICAgICAvLyBTYXZlIGl0IGluIGNhc2UgdGhlIGluaXRpYXRvciB3YW50IHRvIGRlY29kZSB0aGUgb3RLZXlDaXBoZXIuXG4gICAgICAvLyBTaW5jZSB0aGUgb3RLZXkgaXMgb25seSB1c2VkIG9uY2UsIGFuZCB0aGF0IG90S2V5Q2lwaGVyIGNvbnRhaW5zIG9ubHlcbiAgICAgIC8vIHRoZSBwdWJsaWMga2V5IG9mIHRoZSBpbml0aWF0b3IsIGl0J3Mgc2FmZSBqdXN0IGxlYXZlIHRoZSBvdEtleSBzdG9yZWQgaGVyZS5cbiAgICAgIG90S2V5OiBvdEtleS50b0pTT04odHJ1ZSksXG4gICAgICAvLyBUaGVzZSBzaG91bGQgYmUgc3RvcmluZyBpbmZvcm1hdGlvbiBzdWNoIGFzIGhvdyB0aGUgZmllbGRzIG9mIHRoZSBzaGFyZWQgY29udGFjdCBjYXJkIGlzXG4gICAgICAvLyBkZXJpdmVkIGZyb20gdGhlIG1hc3RlciBjb250YWN0IGNhcmQuXG4gICAgICBpbml0aWF0b3JDb250YWN0Q2FyZDogY29udGFjdENhcmQsXG4gICAgICBpbml0aWF0b3IsXG4gICAgfTtcblxuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcbiAgICBjb25zdCBpbml0aWF0b3JSb290S2V5Q2lwaGVyID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgcm9vdEtleS5qd2ssXG4gICAgICBwbGFpbkluaXRpYXRvclJvb3RLZXlDaXBoZXJcbiAgICApO1xuXG4gICAgLy8gVGhlIHJhdyBPVEtcbiAgICBjb25zdCBvdEtleUs6IHN0cmluZyA9IChvdEtleS50b0pTT04odHJ1ZSkgYXMgYW55KS5rO1xuXG4gICAgLy8gQVBJIGNhbGxcbiAgICBjb25zdCB7IGluaXRpYXRlS2V5RXhjaGFuZ2VPdGsgfSA9IGF3YWl0IHRoaXMubHJBcG9sbG8ubXV0YXRlPGFueT4oe1xuICAgICAgbXV0YXRpb246IEluaXRpYXRlT3RrTXV0YXRpb24sXG4gICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgaW5wdXQ6IHtcbiAgICAgICAgICAvLyBUaGVzZSB3aWxsIGJlIHN0b3JlZCBvbiB0aGUgc2VydmVyXG4gICAgICAgICAgaW5pdGlhdG9yUm9vdEtleUNpcGhlcjogSlNPTi5zdHJpbmdpZnkoaW5pdGlhdG9yUm9vdEtleUNpcGhlciksXG4gICAgICAgICAgaW5pdGlhdG9yUHhrSWQ6IGluaXRpYXRvclByay5pZCxcbiAgICAgICAgICBpbml0aWF0b3JTaWdQeGtJZDogaW5pdGlhdG9yU2lnUHJrLmlkLFxuICAgICAgICAgIC8vIFRoZXNlIHdpbGwgYmUgc2VudCB0byB0aGUgcmVzcG9uZGVyXG4gICAgICAgICAgb3RLZXlQYXJhbXM6IEpTT04uc3RyaW5naWZ5KG90S2V5LnRvSlNPTigpKSxcbiAgICAgICAgICBvdEtleUNpcGhlcjogSlNPTi5zdHJpbmdpZnkob3RLZXlDaXBoZXIpLFxuICAgICAgICAgIHNlbmRFbWFpbDogZW1haWxcbiAgICAgICAgICAgID8ge1xuICAgICAgICAgICAgICAgIGVtYWlsLFxuICAgICAgICAgICAgICAgIHJhd090S2V5OiBvdEtleUssXG4gICAgICAgICAgICAgIH1cbiAgICAgICAgICAgIDogbnVsbCxcbiAgICAgICAgICBjcmVhdGVUcDogdHJ1ZSxcbiAgICAgICAgICBpbml0aWF0b3JQbGFpbkRhdGFTaWcsXG4gICAgICAgICAgdXBncmFkZSxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfSk7XG4gICAgcmV0dXJuIHsga2V5RXhjaGFuZ2U6IGluaXRpYXRlS2V5RXhjaGFuZ2VPdGsua2V5RXhjaGFuZ2UsIG90S2V5SyB9O1xuICB9XG5cbiAgYXN5bmMgcmVzcG9uZE90ayh7XG4gICAgaWQsXG4gICAgdG9rZW4sXG4gICAgZGVjcnlwdGVkT3RrLFxuICAgIG1lc3NhZ2UsXG4gICAgaW5pdGlhdG9yQ29udGFjdENhcmQsXG4gICAgcmVzcG9uZGVyQ29udGFjdENhcmQ6IHNlbnRDb250YWN0Q2FyZCxcbiAgfTogUmVzcG9uZE90a0lucHV0KTogUHJvbWlzZTxSZXNwb25kT3RrPiB7XG4gICAgY29uc3QgdXNlciA9IGF3YWl0IHRoaXMuYXV0aFNlcnZpY2UuZ2V0VXNlcigpO1xuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcblxuICAgIGNvbnN0IG1hc3RlcktleUlkID0gdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRNYXN0ZXJLZXkoKS5pZDtcbiAgICBjb25zdCBtYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudE1hc3RlcktleSgpO1xuXG4gICAgY29uc3Qgc2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgIGNvbnN0IG1rU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuXG4gICAgY29uc3QgcmtXcmFwcGVkU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgcm9vdEtleS5qd2ssXG4gICAgICBzaGFyZWRLZXkudG9KU09OKHRydWUpXG4gICAgKTtcbiAgICBjb25zdCBta1dyYXBwZWRNa1NoYXJlZEtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgIG1hc3RlcktleS5qd2ssXG4gICAgICBta1NoYXJlZEtleS50b0pTT04odHJ1ZSlcbiAgICApO1xuXG4gICAgY29uc3QgaW5pdGlhdG9yT25lVGltZVBiayA9IGF3YWl0IEtGUy5hc0tleShcbiAgICAgIGRlY3J5cHRlZE90ay5wbGFpbk90S2V5Q2lwaGVyLmluaXRpYXRvci5vbmVUaW1lUGJrXG4gICAgKTtcblxuICAgIGNvbnN0IGluaXRpYXRvclBiayA9IGF3YWl0IEtGUy5hc0tleShcbiAgICAgIGRlY3J5cHRlZE90ay5wbGFpbk90S2V5Q2lwaGVyLmluaXRpYXRvci5wYmtcbiAgICApO1xuICAgIGNvbnN0IGluaXRpYXRvclNpZ1BiayA9IGF3YWl0IEtGUy5hc0tleShcbiAgICAgIGRlY3J5cHRlZE90ay5wbGFpbk90S2V5Q2lwaGVyLmluaXRpYXRvci5zaWdQYmtcbiAgICApO1xuXG4gICAgLy8gT3B0aW9uIDE6IFVzaW5nIG5ldyBQcmsgZm9yIGVhY2ggVFAgcGFpclxuICAgIC8vIENyZWF0ZSBhIG5ldyBwdWJsaWMgc2lnbmluZyBrZXkgZm9yIHRoZSByZXNwb25kZXIuXG4gICAgLy8gY29uc3QgcmVzcG9uZGVyU2lnUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmNyZWF0ZVBrY1NpZ25LZXkoKVxuICAgIC8vIGNvbnN0IHJrV3JhcHBlZFJlc3BvbmRlclNpZ1ByayA9IGF3YWl0IHRoaXMuZW5jcnlwdChyb290S2V5LCByZXNwb25kZXJTaWdQcmsudG9KU09OKHRydWUpKTtcblxuICAgIC8vIE9wdGlvbiAyOiBSZXNwb25kZXIgYWxyZWFkeSBoYXMgYSBzaWduaW5nIFBya1xuICAgIGNvbnN0IHJlc3BvbmRlclByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50UHhrKCk7XG4gICAgY29uc3QgcmVzcG9uZGVyU2lnUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRTaWdQeGsoKTtcblxuICAgIGNvbnN0IHNpZ25lZEluaXRpYXRvclBiayA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihcbiAgICAgIHJlc3BvbmRlclNpZ1Byay5qd2ssXG4gICAgICBpbml0aWF0b3JQYmsudG9KU09OKClcbiAgICApO1xuICAgIGNvbnN0IHNpZ25lZEluaXRpYXRvclNpZ1BiayA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihcbiAgICAgIHJlc3BvbmRlclNpZ1Byay5qd2ssXG4gICAgICBpbml0aWF0b3JTaWdQYmsudG9KU09OKClcbiAgICApO1xuXG4gICAgY29uc3QgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyOiBQbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIgPSB7XG4gICAgICBub25jZTogZGVjcnlwdGVkT3RrLnBsYWluT3RLZXlDaXBoZXIubm9uY2UsXG4gICAgICBzaGFyZWRLZXk6IHNoYXJlZEtleS50b0pTT04odHJ1ZSksXG4gICAgICBta1NoYXJlZEtleTogbWtTaGFyZWRLZXkudG9KU09OKHRydWUpLFxuICAgICAgcmVzcG9uZGVyOiB7XG4gICAgICAgIHBiazogcmVzcG9uZGVyUHJrLmp3ay50b0pTT04oKSwgLy8gcHVibGljIGtleVxuICAgICAgICBzaWdQYms6IHJlc3BvbmRlclNpZ1Byay5qd2sudG9KU09OKCksIC8vIHB1YmxpYyBrZXlcbiAgICAgICAgcHJvZmlsZToge1xuICAgICAgICAgIHVzZXJuYW1lOiB1c2VyLnVzZXJuYW1lLFxuICAgICAgICB9LFxuICAgICAgICBtZXNzYWdlLFxuICAgICAgfSxcbiAgICB9O1xuXG4gICAgbGV0IHJlY2VpdmVkQ2FyZElucHV0O1xuICAgIGlmIChkZWNyeXB0ZWRPdGsucGxhaW5PdEtleUNpcGhlci5pbml0aWF0b3IuY29udGFjdENhcmQpIHtcbiAgICAgIC8vIFNldCB0aGUgaW5mbyBhYm91dCB0aGUgaW5pdGlhdG9yIHRvIGJlIHRoZSBvbmVzIHNlbnQgYnkgdGhlIGluaXRpYXRvci4gV2UgbmVlZCB0aCByZXNwb25kZXIgdG8gZG8gdGhlIGVuY3J5cHRpb24gaGVyZVxuICAgICAgLy8gYmVjYXVzZSB0aGUgaW5pdGlhdG9yIGRvZXMgbm90IGhhdmUgdGhlIHNoYXJlZCBrZXkgeWV0LCBhbmQgd2Ugd2FudCB0aGUgcmVzcG9uZGVyIHRvIGhhdmUgYSBmdW5jdGlvbmFsIGNvbnRhY3QgY2FyZCBhZnRlclxuICAgICAgLy8gdGhpcyBleGNoYW5nZS4gVGhlIGluaXRpYXRvciBjYW4gZG91YmxlIGNoZWNrIHRoZSBjb250YWN0IGRldGFpbHMgYXJlIGNvcnJlY3QgYW5kIHNpZ24gaXQgd2hlbiBpdCBjb21wbGV0ZXMgdGhlIGV4Y2hhbmdlLlxuICAgICAgY29uc3QgcGxhaW5TaGFyZWRDaXBoZXJEYXRhSnNvbiA9XG4gICAgICAgIGRlY3J5cHRlZE90ay5wbGFpbk90S2V5Q2lwaGVyLmluaXRpYXRvci5jb250YWN0Q2FyZFxuICAgICAgICAgIC5wbGFpblNoYXJlZENpcGhlckRhdGFKc29uO1xuXG4gICAgICAvLyBDcmVhdGUga2V5c1xuICAgICAgY29uc3QgcmVjZWl2ZXJLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgICBjb25zdCBjY1NoYXJlZEtleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcbiAgICAgIGNvbnN0IHNpZ1B4ayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50U2lnUHhrKCk7XG5cbiAgICAgIHJlY2VpdmVkQ2FyZElucHV0ID0ge1xuICAgICAgICByZWNlaXZlcldyYXBwZWRLZXk6IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgICAgIHJvb3RLZXkuandrLFxuICAgICAgICAgICAgcmVjZWl2ZXJLZXkudG9KU09OKHRydWUpXG4gICAgICAgICAgKVxuICAgICAgICApLFxuICAgICAgICByZWNlaXZlcldyYXBwaW5nS2V5SWQ6IHJvb3RLZXkuaWQsXG4gICAgICAgIHJlY2VpdmVyQ2lwaGVyRGF0YTogaW5pdGlhdG9yQ29udGFjdENhcmRcbiAgICAgICAgICA/IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICAgICAgICAgICAgcmVjZWl2ZXJLZXksXG4gICAgICAgICAgICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmQucGxhaW5SZWNlaXZlckNpcGhlckRhdGFKc29uXG4gICAgICAgICAgICAgIClcbiAgICAgICAgICAgIClcbiAgICAgICAgICA6ICcnLFxuICAgICAgICBzaGFyZWRXcmFwcGVkS2V5OiBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICAgICAgICBzaGFyZWRLZXksXG4gICAgICAgICAgICBjY1NoYXJlZEtleS50b0pTT04odHJ1ZSlcbiAgICAgICAgICApXG4gICAgICAgICksXG4gICAgICB9O1xuXG4gICAgICBjb25zdCBzaGFyZWRDaXBoZXJEYXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICBjY1NoYXJlZEtleSxcbiAgICAgICAgcGxhaW5TaGFyZWRDaXBoZXJEYXRhSnNvblxuICAgICAgKTtcbiAgICAgIHJlY2VpdmVkQ2FyZElucHV0LnNoYXJlZENpcGhlckRhdGFTaWcgPSBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKHNpZ1B4ay5qd2ssIHNoYXJlZENpcGhlckRhdGEpXG4gICAgICApO1xuICAgICAgcmVjZWl2ZWRDYXJkSW5wdXQuc2lnUHhrSWQgPSBzaWdQeGsuaWQ7XG5cbiAgICAgIHBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlci5yZXNwb25kZXIuY29udGFjdENhcmQgPSB7XG4gICAgICAgIC4uLnBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlci5yZXNwb25kZXIuY29udGFjdENhcmQsXG4gICAgICAgIHNoYXJlZENpcGhlcktleTogY2NTaGFyZWRLZXkudG9KU09OKHRydWUpLFxuICAgICAgfTtcbiAgICB9XG5cbiAgICBsZXQgc2VudENhcmRJbnB1dDtcbiAgICBpZiAoc2VudENvbnRhY3RDYXJkKSB7XG4gICAgICAvLyBDcmVhdGUga2V5c1xuICAgICAgY29uc3Qgb3duZXJLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgICBjb25zdCBjY1NoYXJlZEtleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcbiAgICAgIGNvbnN0IHNpZ1B4ayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50U2lnUHhrKCk7XG5cbiAgICAgIHNlbnRDYXJkSW5wdXQgPSB7XG4gICAgICAgIG93bmVyV3JhcHBlZEtleTogSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgcm9vdEtleS5qd2ssXG4gICAgICAgICAgICBvd25lcktleS50b0pTT04odHJ1ZSlcbiAgICAgICAgICApXG4gICAgICAgICksXG4gICAgICAgIG93bmVyV3JhcHBpbmdLZXlJZDogcm9vdEtleS5pZCxcbiAgICAgICAgb3duZXJDaXBoZXJEYXRhOiBzZW50Q29udGFjdENhcmQucGxhaW5Pd25lckNpcGhlckRhdGFKc29uXG4gICAgICAgICAgPyBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgICAgIG93bmVyS2V5LFxuICAgICAgICAgICAgICAgIHNlbnRDb250YWN0Q2FyZC5wbGFpbk93bmVyQ2lwaGVyRGF0YUpzb25cbiAgICAgICAgICAgICAgKVxuICAgICAgICAgICAgKVxuICAgICAgICAgIDogJycsXG5cbiAgICAgICAgc2hhcmVkV3JhcHBlZEtleTogSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgc2hhcmVkS2V5LFxuICAgICAgICAgICAgY2NTaGFyZWRLZXkudG9KU09OKHRydWUpXG4gICAgICAgICAgKVxuICAgICAgICApLFxuICAgICAgfTtcblxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgY2NTaGFyZWRLZXksXG4gICAgICAgIHNlbnRDb250YWN0Q2FyZC5wbGFpblNoYXJlZENpcGhlckRhdGFKc29uXG4gICAgICApO1xuICAgICAgc2VudENhcmRJbnB1dC5zaGFyZWRDaXBoZXJEYXRhU2lnID0gSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihzaWdQeGsuandrLCBzaGFyZWRDaXBoZXJEYXRhKVxuICAgICAgKTtcbiAgICAgIHNlbnRDYXJkSW5wdXQuc2lnUHhrSWQgPSBzaWdQeGsuaWQ7XG5cbiAgICAgIGlmIChzZW50Q29udGFjdENhcmQub3duZXJQbGFpbkRhdGEpIHtcbiAgICAgICAgc2VudENhcmRJbnB1dC5vd25lclBsYWluRGF0YVNpZyA9IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihcbiAgICAgICAgICAgIHJlc3BvbmRlclNpZ1Byay5qd2ssXG4gICAgICAgICAgICBzZW50Q29udGFjdENhcmQub3duZXJQbGFpbkRhdGFcbiAgICAgICAgICApXG4gICAgICAgICk7XG4gICAgICB9XG5cbiAgICAgIC8vIENvbnRhY3QgY2FyZCBpbmZvIHJlYWRhYmxlIGJ5IHRoZSBpbml0aWF0b3JcbiAgICAgIHBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlci5yZXNwb25kZXIuY29udGFjdENhcmQgPSB7XG4gICAgICAgIC4uLnBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlci5yZXNwb25kZXIuY29udGFjdENhcmQsXG4gICAgICAgIHBsYWluU2hhcmVkQ2lwaGVyRGF0YUpzb246IHNlbnRDb250YWN0Q2FyZC5wbGFpblNoYXJlZENpcGhlckRhdGFKc29uLFxuICAgICAgfTtcbiAgICB9XG5cbiAgICAvLyBFbmNyeXB0IHdpdGggb25lLXRpbWUgcHVibGljIGtleVxuICAgIGxldCBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgaW5pdGlhdG9yT25lVGltZVBiayxcbiAgICAgIHBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlclxuICAgICk7XG5cbiAgICAvLyBFbmNyeXB0IHdpdGggdGhlIG90ayBhZ2FpbiB0byBrZWVwIHVzZSBvZiBhc3ltbWV0cmljIGtleXMgdG8gYSBtaW5pbXVtLlxuICAgIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICBkZWNyeXB0ZWRPdGsub3RLZXksXG4gICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyXG4gICAgKTtcblxuICAgIGNvbnN0IHsgcmVzcG9uZEtleUV4Y2hhbmdlT3RrIH0gPSBhd2FpdCB0aGlzLmxyQXBvbGxvLm11dGF0ZTxhbnk+KHtcbiAgICAgIG11dGF0aW9uOiBSZXNwb25kT3RrTXV0YXRpb24sXG4gICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgaW5wdXQ6IHtcbiAgICAgICAgICBrZXlFeGNoYW5nZUlkOiBpZCxcbiAgICAgICAgICBrZXlFeGNoYW5nZVRva2VuOiB0b2tlbixcbiAgICAgICAgICByb290S2V5SWQ6IHJvb3RLZXkuaWQsXG4gICAgICAgICAgbWFzdGVyS2V5SWQsXG4gICAgICAgICAgLy8gVGhlc2Ugd2lsbCBiZSBzdG9yZWQgb24gdGhlIHNlcnZlclxuICAgICAgICAgIHJlc3BvbmRlclB4a0lkOiByZXNwb25kZXJQcmsuaWQsXG4gICAgICAgICAgcmVzcG9uZGVyU2lnUHhrSWQ6IHJlc3BvbmRlclNpZ1Byay5pZCxcbiAgICAgICAgICBzaWduZWRJbml0aWF0b3JQYms6IEpTT04uc3RyaW5naWZ5KHNpZ25lZEluaXRpYXRvclBiayksXG4gICAgICAgICAgc2lnbmVkSW5pdGlhdG9yU2lnUGJrOiBKU09OLnN0cmluZ2lmeShzaWduZWRJbml0aWF0b3JTaWdQYmspLFxuICAgICAgICAgIC8vIHJrV3JhcHBlZEluaXRpYXRvclNpZ1BiazogSlNPTi5zdHJpbmdpZnkocmtXcmFwcGVkSW5pdGlhdG9yU2lnUGJrKSxcblxuICAgICAgICAgIC8vIE9wdGlvbiAxOiBVc2luZyBuZXcgUHJrIGZvciBlYWNoIFRQIHBhaXJcbiAgICAgICAgICAvLyBya1dyYXBwZWRSZXNwb25kZXJTaWdQcms6IEpTT04uc3RyaW5naWZ5KHJrV3JhcHBlZFJlc3BvbmRlclNpZ1ByayksXG4gICAgICAgICAgcmtXcmFwcGVkU2hhcmVkS2V5OiBKU09OLnN0cmluZ2lmeShya1dyYXBwZWRTaGFyZWRLZXkpLFxuICAgICAgICAgIG1rV3JhcHBlZE1rU2hhcmVkS2V5OiBKU09OLnN0cmluZ2lmeShta1dyYXBwZWRNa1NoYXJlZEtleSksXG4gICAgICAgICAgLy8gVGhlc2Ugd2lsbCBiZSBzZW50IHRvIHRoZSBpbml0aWF0b3JcbiAgICAgICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyOiBKU09OLnN0cmluZ2lmeShpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyKSxcbiAgICAgICAgICBpbml0aWF0b3JDb250YWN0Q2FyZDogcmVjZWl2ZWRDYXJkSW5wdXQsXG4gICAgICAgICAgcmVzcG9uZGVyQ29udGFjdENhcmQ6IHNlbnRDYXJkSW5wdXQsXG4gICAgICAgIH0sXG4gICAgICB9LFxuICAgIH0pO1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIGtleUV4Y2hhbmdlOiByZXNwb25kS2V5RXhjaGFuZ2VPdGsua2V5RXhjaGFuZ2UsXG4gICAgICB1c2VyU2hhcmVkS2V5OiByZXNwb25kS2V5RXhjaGFuZ2VPdGsudXNlclNoYXJlZEtleSxcbiAgICAgIHRwOiByZXNwb25kS2V5RXhjaGFuZ2VPdGsudHAsXG4gICAgfTtcbiAgfVxuXG4gIGFzeW5jIGNvbXBsZXRlT3RrKFxuICAgIGtleUV4Y2hhbmdlSWQ6IHN0cmluZyxcbiAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyOiBzdHJpbmcsXG4gICAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlcjogc3RyaW5nLFxuICAgIHJlc3BvbmRlckNvbnRhY3RDYXJkPzogc3RyaW5nXG4gICk6IFByb21pc2U8Q29tcGxldGVPdGs+IHtcbiAgICBjb25zdCByb290S2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRSb290S2V5KCk7XG4gICAgY29uc3QgbWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRNYXN0ZXJLZXkoKTtcblxuICAgIC8vIERlY3J5cHQgdXNpbmcgdGhlIHJvb3Qga2V5IHRvIGdldCB0aGUgUHJrXG4gICAgY29uc3QgcGxhaW5Jbml0aWF0b3JSb290S2V5Q2lwaGVyID0gKGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcbiAgICAgIHJvb3RLZXkuandrLFxuICAgICAgaW5pdGlhdG9yUm9vdEtleUNpcGhlclxuICAgICkpIGFzIHVua25vd24gYXMgUGxhaW5Jbml0aWF0b3JSb290S2V5Q2lwaGVyO1xuXG4gICAgLy8gVGhlIFByayBpcyBzaW5nbGUtdXNlIGFuZCBvbmx5IHVzZWQgdG8gc2VuZCBpbmZvcm1hdGlvbiBmcm9tIHRoZSByZXNwb25kZXIgYmFjayB0byB0aGUgaW5pdGlhdG9yLlxuICAgIGNvbnN0IHBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlciA9IGF3YWl0IHRoaXMuZGVjcnlwdFJlc3BvbnNlQ2lwaGVyKFxuICAgICAgYXdhaXQgS0ZTLmFzS2V5KHBsYWluSW5pdGlhdG9yUm9vdEtleUNpcGhlci5vdEtleSksXG4gICAgICBhd2FpdCBLRlMuYXNLZXkocGxhaW5Jbml0aWF0b3JSb290S2V5Q2lwaGVyLm9uZVRpbWVQcmspLFxuICAgICAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlclxuICAgICk7XG5cbiAgICAvLyBDaGVjayB0aGUgbm9uY2UgbWF0Y2ggdG8gZW5zdXJlIHRoZSByZXNwb25kZXIgd2FzIHRoZSBvbmUgaG9sZGluZyB0aGUgT1RLXG4gICAgaWYgKFxuICAgICAgcGxhaW5Jbml0aWF0b3JSb290S2V5Q2lwaGVyLm5vbmNlICE9PSBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIubm9uY2VcbiAgICApIHtcbiAgICAgIHRocm93IG5ldyBMckNvZGVNaXNtYXRjaEV4Y2VwdGlvbihcbiAgICAgICAgJ1RoZSBub25jZSByZXR1cm5lZCBieSByZXNwb25kZXIgZG9lcyBub3QgbWF0Y2ggd2l0aCB0aGUgb25lIGNyZWF0ZWQgYnkgdGhlIGluaXRpYXRvci4nXG4gICAgICApO1xuICAgIH1cblxuICAgIC8vIE9wdGlvbiAxOiBBc3N1bWluZyB0aGUgc2lnbmluZyBrZXkgaXMgdW5pcXVlIGJldHdlZW4gdXNlcnMuXG4gICAgLy8gY29uc3QgaW5pdGlhdG9yU2lnUHJrID0gYXdhaXQgS0ZTLmFzS2V5KGtlLnBsYWluSW5pdGlhdG9yUm9vdEtleUNpcGhlci5zaWdQcmspO1xuICAgIC8vIGNvbnN0IHJrV3JhcHBlZEluaXRpYXRvclNpZ1ByayA9IGF3YWl0IHRoaXMuZW5jcnlwdChyb290S2V5LCBpbml0aWF0b3JTaWdQcmsudG9KU09OKHRydWUpKTtcblxuICAgIC8vIE9wdGlvbiAyOiBVc2UgdGhlIHVzZXIncyBnbG9iYWwgc2lnbmluZyBrZXkuXG4gICAgLy8gSW4gdGhpcyBjYXNlIHRoZSBpbml0aWF0b3JTaWdQcmsgaXMgYWxyZWFkeSBhIHBhcnQgb2YgdGhlIGtleSBncmFwaC5cbiAgICAvLyBTbyB0aGVyZSdzIG5vdGhpbmcgdG8gZG8gaGVyZS5cblxuICAgIC8vIFByb3RlY3RlZCB0aGUgc2lnbmluZyBwdWJsaWMga2V5IG9mIHRoZSByZXNwb25kZXIuXG4gICAgY29uc3QgaW5pdGlhdG9yU2lnUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRTaWdQeGsoKTtcbiAgICBjb25zdCByZXNwb25kZXJTaWdQYmsgPSBhd2FpdCBLRlMuYXNLZXkoXG4gICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIucmVzcG9uZGVyLnNpZ1Bia1xuICAgICk7XG4gICAgY29uc3QgcmVzcG9uZGVyUGJrID0gYXdhaXQgS0ZTLmFzS2V5KFxuICAgICAgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLnJlc3BvbmRlci5wYmtcbiAgICApO1xuXG4gICAgY29uc3Qgc2lnbmVkUmVzcG9uZGVyUGJrID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKFxuICAgICAgaW5pdGlhdG9yU2lnUHJrLmp3ayxcbiAgICAgIHJlc3BvbmRlclBiay50b0pTT04oKVxuICAgICk7XG4gICAgY29uc3Qgc2lnbmVkUmVzcG9uZGVyU2lnUGJrID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKFxuICAgICAgaW5pdGlhdG9yU2lnUHJrLmp3ayxcbiAgICAgIHJlc3BvbmRlclNpZ1Biay50b0pTT04oKVxuICAgICk7XG5cbiAgICBjb25zdCBzaGFyZWRLZXkgPSBhd2FpdCBLRlMuYXNLZXkocGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLnNoYXJlZEtleSk7XG4gICAgY29uc3QgcmtXcmFwcGVkU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgcm9vdEtleS5qd2ssXG4gICAgICBzaGFyZWRLZXkudG9KU09OKHRydWUpXG4gICAgKTtcblxuICAgIGNvbnN0IG1rU2hhcmVkS2V5ID0gYXdhaXQgS0ZTLmFzS2V5KFxuICAgICAgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLm1rU2hhcmVkS2V5XG4gICAgKTtcbiAgICBjb25zdCBta1dyYXBwZWRNa1NoYXJlZEtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgIG1hc3RlcktleS5qd2ssXG4gICAgICBta1NoYXJlZEtleS50b0pTT04odHJ1ZSlcbiAgICApO1xuXG4gICAgbGV0IHJlc3BvbmRlckNvbnRhY3RDYXJkQ2lwaGVySW5wdXQ7XG4gICAgaWYgKHJlc3BvbmRlckNvbnRhY3RDYXJkKSB7XG4gICAgICAvLyBDcmVhdGUga2V5XG4gICAgICBjb25zdCByZWNlaXZlcktleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcblxuICAgICAgcmVzcG9uZGVyQ29udGFjdENhcmRDaXBoZXJJbnB1dCA9IHtcbiAgICAgICAgcmVjZWl2ZXJXcmFwcGVkS2V5OiBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICAgICAgICByb290S2V5Lmp3ayxcbiAgICAgICAgICAgIHJlY2VpdmVyS2V5LnRvSlNPTih0cnVlKVxuICAgICAgICAgIClcbiAgICAgICAgKSxcbiAgICAgICAgcmVjZWl2ZXJXcmFwcGluZ0tleUlkOiByb290S2V5LmlkLFxuICAgICAgICByZWNlaXZlckNpcGhlckRhdGE6IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgICAgIHJlY2VpdmVyS2V5LFxuICAgICAgICAgICAgcmVzcG9uZGVyQ29udGFjdENhcmRcbiAgICAgICAgICApXG4gICAgICAgICksXG4gICAgICB9O1xuICAgIH1cblxuICAgIC8vIEdldCB0aGUgZGF0YSBuZWVkZWQgZnJvbSB0aGUgaW5pdGlhdG9yJ3MgY2lwaGVyIGRhdGEuXG4gICAgbGV0IGluaXRpYXRvckNvbnRhY3RDYXJkQ2lwaGVySW5wdXQ7XG4gICAgbGV0IGluaXRpYXRvckNvbnRhY3RDYXJkU2hhcmVkQ2lwaGVySW5wdXQ7XG4gICAgaWYgKHBsYWluSW5pdGlhdG9yUm9vdEtleUNpcGhlci5pbml0aWF0b3JDb250YWN0Q2FyZCkge1xuICAgICAgY29uc3QgaW5pdGlhdG9yQ29udGFjdENhcmQgPVxuICAgICAgICBwbGFpbkluaXRpYXRvclJvb3RLZXlDaXBoZXIuaW5pdGlhdG9yQ29udGFjdENhcmQ7XG4gICAgICBjb25zdCBvd25lcktleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcbiAgICAgIGNvbnN0IHNoYXJlZENpcGhlcktleSA9IGF3YWl0IEtGUy5hc0tleShcbiAgICAgICAgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLnJlc3BvbmRlci5jb250YWN0Q2FyZC5zaGFyZWRDaXBoZXJLZXlcbiAgICAgICk7XG5cbiAgICAgIGNvbnN0IG93bmVyV3JhcHBlZEtleSA9IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQocm9vdEtleS5qd2ssIG93bmVyS2V5LnRvSlNPTih0cnVlKSlcbiAgICAgICk7XG4gICAgICBjb25zdCBvd25lckNpcGhlckRhdGEgPSBpbml0aWF0b3JDb250YWN0Q2FyZC5wbGFpbk93bmVyQ2lwaGVyRGF0YUpzb25cbiAgICAgICAgPyBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgICAgICAgb3duZXJLZXksXG4gICAgICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkLnBsYWluT3duZXJDaXBoZXJEYXRhSnNvblxuICAgICAgICAgICAgKVxuICAgICAgICAgIClcbiAgICAgICAgOiAnJztcblxuICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmRDaXBoZXJJbnB1dCA9IHtcbiAgICAgICAgb3duZXJXcmFwcGVkS2V5LFxuICAgICAgICBvd25lcldyYXBwaW5nS2V5SWQ6IHJvb3RLZXkuaWQsXG4gICAgICAgIG93bmVyQ2lwaGVyRGF0YSxcbiAgICAgIH07XG5cbiAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkU2hhcmVkQ2lwaGVySW5wdXQgPSB7XG4gICAgICAgIHNpZ1B4a0lkOiBpbml0aWF0b3JTaWdQcmsuaWQsXG4gICAgICB9O1xuXG4gICAgICBjb25zdCBzaGFyZWRDaXBoZXJEYXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICBzaGFyZWRDaXBoZXJLZXksXG4gICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkLnBsYWluU2hhcmVkQ2lwaGVyRGF0YUpzb25cbiAgICAgICk7XG4gICAgICBpbml0aWF0b3JDb250YWN0Q2FyZFNoYXJlZENpcGhlcklucHV0LnNoYXJlZENpcGhlckRhdGFTaWcgPVxuICAgICAgICBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXG4gICAgICAgICAgICBpbml0aWF0b3JTaWdQcmsuandrLFxuICAgICAgICAgICAgc2hhcmVkQ2lwaGVyRGF0YVxuICAgICAgICAgIClcbiAgICAgICAgKTtcbiAgICB9XG5cbiAgICAvLyBUT0RPIGlkZWFsbHkgd2UgdXBkYXRlIHRoZSBzaGFyZWQgZGF0YSBpbiB0aGUgY29udGFjdCBjYXJkIHNlbnQgdG8gdGhlIHJlc3BvbmRlciBhcyB3ZWxsIHNpbmNlIHRoYXRcbiAgICAvLyBDQyB3YXMgY3JlYXRlZCBieSB0aGUgcmVzcG9uZGVyLlxuXG4gICAgY29uc3QgcmVzID0gYXdhaXQgdGhpcy5sckFwb2xsby5tdXRhdGU8YW55Pih7XG4gICAgICBtdXRhdGlvbjogQ29tcGxldGVPdGtNdXRhdGlvbixcbiAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICBpbnB1dDoge1xuICAgICAgICAgIGtleUV4Y2hhbmdlSWQsXG4gICAgICAgICAgcm9vdEtleUlkOiByb290S2V5LmlkLFxuICAgICAgICAgIG1hc3RlcktleUlkOiBtYXN0ZXJLZXkuaWQsXG4gICAgICAgICAgaW5pdGlhdG9yU2lnUHhrSWQ6IGluaXRpYXRvclNpZ1Byay5pZCxcbiAgICAgICAgICBzaWduZWRSZXNwb25kZXJQYms6IEpTT04uc3RyaW5naWZ5KHNpZ25lZFJlc3BvbmRlclBiayksXG4gICAgICAgICAgc2lnbmVkUmVzcG9uZGVyU2lnUGJrOiBKU09OLnN0cmluZ2lmeShzaWduZWRSZXNwb25kZXJTaWdQYmspLFxuICAgICAgICAgIHJrV3JhcHBlZFNoYXJlZEtleTogSlNPTi5zdHJpbmdpZnkocmtXcmFwcGVkU2hhcmVkS2V5KSxcbiAgICAgICAgICBta1dyYXBwZWRNa1NoYXJlZEtleTogSlNPTi5zdHJpbmdpZnkobWtXcmFwcGVkTWtTaGFyZWRLZXkpLFxuICAgICAgICAgIHJlc3BvbmRlckNvbnRhY3RDYXJkQ2lwaGVyOiByZXNwb25kZXJDb250YWN0Q2FyZENpcGhlcklucHV0LFxuICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkQ2lwaGVyOiBpbml0aWF0b3JDb250YWN0Q2FyZENpcGhlcklucHV0LFxuICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkU2hhcmVkQ2lwaGVyOlxuICAgICAgICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmRTaGFyZWRDaXBoZXJJbnB1dCxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfSk7XG4gICAgcmV0dXJuIHJlcy5jb21wbGV0ZUtleUV4Y2hhbmdlT3RrO1xuICB9XG5cbiAgcHVibGljIGFzeW5jIGN1cnJlbnRVc2VyU2hhcmVkS2V5KGlucHV0OiB7XG4gICAgdXNlcm5hbWU/OiBzdHJpbmc7XG4gICAgdXNlcklkPzogc3RyaW5nO1xuICB9KTogUHJvbWlzZTxVc2VyU2hhcmVkS2V5PiB7XG4gICAgY29uc3QgeyBjdXJyZW50VXNlclNoYXJlZEtleSB9ID0gYXdhaXQgdGhpcy5sckFwb2xsby5xdWVyeTxhbnk+KHtcbiAgICAgIHF1ZXJ5OiBDdXJyZW50VXNlclNoYXJlZEtleVF1ZXJ5LFxuICAgICAgdmFyaWFibGVzOiB7XG4gICAgICAgIHVzZXJuYW1lOiBpbnB1dC51c2VybmFtZSxcbiAgICAgICAgdXNlcklkOiBpbnB1dC51c2VySWQsXG4gICAgICB9LFxuICAgIH0pO1xuICAgIHJldHVybiBjdXJyZW50VXNlclNoYXJlZEtleS51c2VyU2hhcmVkS2V5O1xuICB9XG59XG4iXX0=
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
export var OtkState;
|
|
2
|
+
(function (OtkState) {
|
|
3
|
+
OtkState["OTK_INITIATED"] = "OTK_INITIATED";
|
|
4
|
+
OtkState["OTK_ACCEPTED"] = "OTK_ACCEPTED";
|
|
5
|
+
OtkState["OTK_COMPLETED"] = "OTK_COMPLETED";
|
|
6
|
+
})(OtkState || (OtkState = {}));
|
|
7
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LWV4Y2hhbmdlLnR5cGVzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vcHJvamVjdHMvY29yZS9zcmMvbGliL2tleS1leGNoYW5nZS9rZXktZXhjaGFuZ2UudHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBd0ZBLE1BQU0sQ0FBTixJQUFZLFFBSVg7QUFKRCxXQUFZLFFBQVE7SUFDbEIsMkNBQStCLENBQUE7SUFDL0IseUNBQTZCLENBQUE7SUFDN0IsMkNBQStCLENBQUE7QUFDakMsQ0FBQyxFQUpXLFFBQVEsS0FBUixRQUFRLFFBSW5CIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUgQHR5cGVzY3JpcHQtZXNsaW50L2Jhbi10eXBlcyAqL1xuaW1wb3J0IHsgSldLIH0gZnJvbSAnbm9kZS1qb3NlJztcbmltcG9ydCB7IEpTT05PYmplY3QsIEtleUV4Y2hhbmdlTW9kZSwgS2V5RXhjaGFuZ2VTdGF0ZSB9IGZyb20gJy4uL2FwaS90eXBlcyc7XG5pbXBvcnQgeyBBY2Nlc3NMZXZlbCB9IGZyb20gJy4uL2NhdGVnb3J5L2NhdGVnb3J5LnR5cGVzJztcbmltcG9ydCB7IEtleSB9IGZyb20gJy4uL2tleS9rZXkudHlwZXMnO1xuaW1wb3J0IHsgQ29udGFjdENhcmROYW1lLCBUcnVzdGVkUGFydHlEZXRhaWxzIH0gZnJvbSAnLi4vcHJvZmlsZS9wcm9maWxlLnR5cGVzJztcblxuLy8gV2lsbCBiZSBlbmNyeXB0ZWQgdXNpbmcgdGhlIHJvb3Qga2V5IG9mIHRoZSBpbml0aWF0b3JcbmV4cG9ydCBpbnRlcmZhY2UgUGxhaW5Jbml0aWF0b3JSb290S2V5Q2lwaGVyIHtcbiAgbm9uY2U6IHN0cmluZztcbiAgb25lVGltZVByazogb2JqZWN0OyAvLyBvbmV0aW1lIHB1YmxpYyBlbmNyeXB0aW9uIGtleSByZXNwb25kZXIgdXNlIHRvIHNlbmQgZGF0YSBiYWNrIHRvIGluaXRpYXRvclxuICBvdEtleTogb2JqZWN0O1xuICBpbml0aWF0b3JDb250YWN0Q2FyZD86IHtcbiAgICAvLyBPd25lciBvbmx5IGFjY2VzcyB0byB0aGlzIGRhdGFcbiAgICBwbGFpbk93bmVyQ2lwaGVyRGF0YUpzb246IEpTT05PYmplY3Q7XG4gICAgLy8gU2hhcmVkIHJlYWQgYWNjZXNzIGJldHdlZW4gb3duZXIgYW5kIHJlY2VpdmVyLiBPbmx5IHRoZSBvd25lciBoYXMgd3JpdGUgYWNjZXNzLlxuICAgIHBsYWluU2hhcmVkQ2lwaGVyRGF0YUpzb246IEpTT05PYmplY3Q7XG4gIH07XG4gIGluaXRpYXRvcjoge1xuICAgIG1lc3NhZ2U/OiBLZXlFeGNoYW5nZU1lc3NhZ2U7XG4gICAgY29udGFjdENhcmQ/OiB7XG4gICAgICAvLyBTaGFyZWQgcmVhZCBhY2Nlc3MgYmV0d2VlbiBvd25lciBhbmQgcmVjZWl2ZXIuIE9ubHkgdGhlIG93bmVyIGhhcyB3cml0ZSBhY2Nlc3MuXG4gICAgICBwbGFpblNoYXJlZENpcGhlckRhdGFKc29uOiBUcnVzdGVkUGFydHlEZXRhaWxzO1xuICAgIH07XG4gIH07XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgU2hhcmVkQ29udGFjdENhcmRJbnB1dCB7XG4gIHBsYWluQ2lwaGVyRGF0YUpzb24/OiBKU09OT2JqZWN0O1xuICBwbGFpblNoYXJlZENpcGhlckRhdGFKc29uPzogSlNPTk9iamVjdDtcbiAgc2hhcmVkQ2lwaGVyS2V5Pzogb2JqZWN0O1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFByZXBhcmVkUGVybWlzc2lvbnMge1xuICBjYXRlZ29yaWVzPzogeyBjYXRlZ29yeUlkOiBzdHJpbmc7IGFjY2Vzc0xldmVsOiBBY2Nlc3NMZXZlbCB9W107XG4gIHJlY29yZHM/OiB7IHJlY29yZElkOiBzdHJpbmc7IGFjY2Vzc0xldmVsOiBBY2Nlc3NMZXZlbCB9W107XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgS2V5RXhjaGFuZ2VNZXNzYWdlIHtcbiAgbmFtZT86IHN0cmluZztcbiAgZW1haWw/OiBzdHJpbmc7XG4gIG1lc3NhZ2U/OiBzdHJpbmc7XG4gIHBlcm1pc3Npb25zPzogUHJlcGFyZWRQZXJtaXNzaW9ucztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBQbGFpbk90S2V5Q2lwaGVyIHtcbiAgbm9uY2U6IHN0cmluZztcbiAgaW5pdGlhdG9yOiB7XG4gICAgb25lVGltZVBiazogb2JqZWN0OyAvLyBvbmV0aW1lIHB1YmxpYyBlbmNyeXB0aW9uIGtleSByZXNwb25kZXIgdXNlIHRvIHNlbmQgZGF0YSBiYWNrIHRvIGluaXRpYXRvclxuICAgIHBiazogb2JqZWN0OyAvLyBwdWJsaWMgZW5jcnlwdGlvbiBrZXlcbiAgICBzaWdQYms6IG9iamVjdDsgLy8gcHVibGljIHNpZ25pbmcga2V5XG4gICAgcHJvZmlsZT86IHtcbiAgICAgIHVzZXJuYW1lPzogc3RyaW5nO1xuICAgIH07XG4gICAgbWVzc2FnZT86IEtleUV4Y2hhbmdlTWVzc2FnZTtcbiAgICBjb250YWN0Q2FyZD86IHtcbiAgICAgIC8vIFNoYXJlZCByZWFkIGFjY2VzcyBiZXR3ZWVuIG93bmVyIGFuZCByZWNlaXZlci4gT25seSB0aGUgb3duZXIgaGFzIHdyaXRlIGFjY2Vzcy5cbiAgICAgIHBsYWluU2hhcmVkQ2lwaGVyRGF0YUpzb246IFRydXN0ZWRQYXJ0eURldGFpbHM7XG4gICAgfTtcbiAgfTtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBEZWNyeXB0ZWRPdGsge1xuICBwbGFpbk90S2V5Q2lwaGVyOiBQbGFpbk90S2V5Q2lwaGVyO1xuICBvdEtleTogSldLLktleTsgLy8gVGhlIG9uZS10aW1lIGtleVxufVxuXG5leHBvcnQgaW50ZXJmYWNlIFBsYWluSW5pdGlhdG9yT25lVGltZVBia0NpcGhlciB7XG4gIG5vbmNlOiBzdHJpbmc7XG4gIHNoYXJlZEtleTogb2JqZWN0O1xuICBta1NoYXJlZEtleTogb2JqZWN0O1xuICByZXNwb25kZXI6IHtcbiAgICBwYms6IG9iamVjdDtcbiAgICBzaWdQYms6IG9iamVjdDtcbiAgICBwcm9maWxlPzoge1xuICAgICAgdXNlcm5hbWU/OiBzdHJpbmc7XG4gICAgfTtcbiAgICBtZXNzYWdlPzogS2V5RXhjaGFuZ2VNZXNzYWdlO1xuICAgIGNvbnRhY3RDYXJkPzoge1xuICAgICAgcGxhaW5TaGFyZWRDaXBoZXJEYXRhSnNvbjogVHJ1c3RlZFBhcnR5RGV0YWlscztcbiAgICAgIC8vIE5vdGUgdGhhdCB0aGlzIGlzIF9ub3RfIHRoZSBzYW1lIGtleSBhcyB0aGUgc2hhcmVkS2V5LiBUaGUgc2hhcmVkS2V5IHdyYXBzXG4gICAgICAvLyB0aGlzIGtleSBpbiB0aGUga2V5IGdyYXBoLiBCdXQgYmVjYXVzZSB0aGlzIGtleSBoYXMgbm90IGJlZW4gZW50ZXJlZCBpbnRvXG4gICAgICAvLyB0aGUga2V5IGdyYXBoIHRoZW4gdGhlIHJlc3BvbmRlciBjYWxscyB0aGUgQVBJLCB3ZSBwYXNzIHRoZSBKV0sgZGlyZWN0bHkgaGVyZS5cbiAgICAgIHNoYXJlZENpcGhlcktleTogb2JqZWN0O1xuICAgIH07XG4gIH07XG59XG5cbmV4cG9ydCBlbnVtIE90a1N0YXRlIHtcbiAgT1RLX0lOSVRJQVRFRCA9ICdPVEtfSU5JVElBVEVEJyxcbiAgT1RLX0FDQ0VQVEVEID0gJ09US19BQ0NFUFRFRCcsXG4gIE9US19DT01QTEVURUQgPSAnT1RLX0NPTVBMRVRFRCcsXG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgS2V5RXhjaGFuZ2VDb250YWN0Q2FyZElucHV0IHtcbiAgLy8gQWNjZXNzaWJsZSBieSB0aGUgc2VydmVyIGFuZCBpbml0aWF0b3IuIFNlcnZlciBzaWRlIG5vdGlmaWNhdGlvbiBlbWFpbHMgbmVlZCB0byBrbm93IHNvbWVcbiAgLy8gaW5mb3JtYXRpb24gYWJvdXQgdGhlIGluaXRpYXRvci5cbiAgb3duZXJQbGFpbkRhdGE/OiB7XG4gICAgbmFtZTogQ29udGFjdENhcmROYW1lO1xuICB9O1xuICAvLyBPd25lciBvbmx5IGFjY2VzcyB0byB0aGlzIGRhdGFcbiAgcGxhaW5Pd25lckNpcGhlckRhdGFKc29uOiBKU09OT2JqZWN0O1xuICAvLyBTaGFyZWQgcmVhZCBhY2Nlc3MgYmV0d2VlbiBvd25lciBhbmQgcmVjZWl2ZXIuIE9ubHkgdGhlIG93bmVyIGhhcyB3cml0ZSBhY2Nlc3MuXG4gIHBsYWluU2hhcmVkQ2lwaGVyRGF0YUpzb246IFRydXN0ZWRQYXJ0eURldGFpbHM7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgSW5pdGlhdGVPdGtJbnB1dCB7XG4gIGVtYWlsPzogc3RyaW5nO1xuICBtZXNzYWdlPzogS2V5RXhjaGFuZ2VNZXNzYWdlO1xuICBjb250YWN0Q2FyZD86IEtleUV4Y2hhbmdlQ29udGFjdENhcmRJbnB1dDtcbiAgdXBncmFkZT86IGJvb2xlYW47XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUmVzcG9uZE90a0lucHV0IHtcbiAgaWQ6IHN0cmluZztcbiAgdG9rZW46IHN0cmluZztcbiAgZGVjcnlwdGVkT3RrOiBEZWNyeXB0ZWRPdGs7XG4gIG1lc3NhZ2U/OiBLZXlFeGNoYW5nZU1lc3NhZ2U7XG4gIGluaXRpYXRvckNvbnRhY3RDYXJkPzoge1xuICAgIHBsYWluUmVjZWl2ZXJDaXBoZXJEYXRhSnNvbjogSlNPTk9iamVjdDtcbiAgfTtcbiAgcmVzcG9uZGVyQ29udGFjdENhcmQ/OiBLZXlFeGNoYW5nZUNvbnRhY3RDYXJkSW5wdXQ7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgT3RrIHtcbiAgaWQ6IHN0cmluZztcbiAgc3RhdGU6IE90a1N0YXRlO1xuICBvdEtleVBhcmFtczogc3RyaW5nO1xuICBvdEtleUNpcGhlcjogc3RyaW5nO1xuICBzaGFyZWRLZXk6IEtleTtcbiAgbWtTaGFyZWRLZXk6IEtleTtcbiAgaW5pdGlhdG9yU2lnUHhrOiBLZXk7XG4gIHJlc3BvbmRlclNpZ1B4azogS2V5O1xuICAvLyBFbmNyeXB0ZWRcbiAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlcjogc3RyaW5nOyAvLyBzaW5nbGUgdGltZSB1c2UgcHVibGljIGtleSBjcmVhdGVkIGJ5IHRoZSBpbml0aWF0b3IuXG4gIHJlc3BvbmRlclBia0NpcGhlcj86IHN0cmluZzsgLy8gcmVzcG9uZGVyUGJrIGlzIHRoZSBsb25nIGxpdmVkIFBiayBvZiB0aGUgcmVzcG9uZGVyLlxufVxuXG5leHBvcnQgaW50ZXJmYWNlIEtleUV4Y2hhbmdlIHtcbiAgaWQ6IHN0cmluZztcbiAgc3RhdGU6IEtleUV4Y2hhbmdlU3RhdGU7XG4gIG1vZGU6IEtleUV4Y2hhbmdlTW9kZTtcbiAgY3JlYXRlZDogc3RyaW5nO1xuICBtb2RpZmllZDogc3RyaW5nO1xuICBpc0luaXRpYXRvcjogYm9vbGVhbjtcbiAgaW5pdGlhdG9yOiB7XG4gICAgaWQ6IHN0cmluZztcbiAgICB1c2VybmFtZTogc3RyaW5nO1xuICB9O1xuICByZXNwb25kZXI6IHtcbiAgICBpZDogc3RyaW5nO1xuICAgIHVzZXJuYW1lOiBzdHJpbmc7XG4gIH07XG4gIGluaXRpYXRvckFjdGlvblJlcXVpcmVkPzogYm9vbGVhbjtcbiAgcmVzcG9uZGVyQWN0aW9uUmVxdWlyZWQ/OiBib29sZWFuO1xuICByZXNwb25kZXJFbWFpbEFkZHJlc3M/OiBzdHJpbmc7XG4gIHRva2VuPzogc3RyaW5nO1xuICB0b2tlbkV4cGlyeVRpbWU/OiBzdHJpbmc7XG4gIGlzRXhwaXJlZD86IGJvb2xlYW47XG4gIG90az86IE90aztcbiAgaW5pdGlhdG9yUm9vdEtleUNpcGhlcjogc3RyaW5nO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIERlY3J5cHRlZEtleUV4Y2hhbmdlIGV4dGVuZHMgS2V5RXhjaGFuZ2Uge1xuICBkZWNyeXB0ZWRPdGs/OiBEZWNyeXB0ZWRPdGs7XG4gIG1lc3NhZ2U/OiBLZXlFeGNoYW5nZU1lc3NhZ2U7XG4gIGNvbnRhY3RDYXJkPzogVHJ1c3RlZFBhcnR5RGV0YWlscztcbiAgbXlNZXNzYWdlPzogS2V5RXhjaGFuZ2VNZXNzYWdlO1xuICBteUNvbnRhY3RDYXJkPzogVHJ1c3RlZFBhcnR5RGV0YWlscztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBHZXRLZXlFeGNoYW5nZU9wdGlvbnMge1xuICAvLyBUaGUgb3RLZXkgYXMgYSByYXcgc3RyaW5nLiBpLmUuIGtleS50b0pTT04odHJ1ZSkua1xuICBvdEtleUs/OiBzdHJpbmc7XG4gIC8vIFVzZXIgbmVlZCB0aGUgdG9rZW4gaWYgdGhleSBoYXZlIG5vdCByZXNwb25kZWQgdG8gdGhlIGtleSBleGNoYW5nZSB5ZXQuXG4gIC8vIE9uY2UgdGhleSd2ZSByZXNwb25kZWQgKGhlbmNlIHByb3ZlbiB0aGV5IGhhdmUgdGhlIE9PQiBLZXkpIHRoZXkgYmVjb21lXG4gIC8vIHRoZSBcInJlc3BvbmRlclwiIG9mIHRoaXMgZXhjaGFuZ2UsIGFuZCBjYW4gYWNjZXNzIGl0IHdoZW4gc2lnbmVkIGluLlxuICB0b2tlbj86IHN0cmluZztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBSZXNwb25kT3RrIHtcbiAga2V5RXhjaGFuZ2U6IEtleUV4Y2hhbmdlO1xuICB1c2VyU2hhcmVkS2V5OiBVc2VyU2hhcmVkS2V5O1xuICB0cDoge1xuICAgIGlkOiBzdHJpbmc7XG4gIH07XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ29tcGxldGVPdGsge1xuICBrZXlFeGNoYW5nZTogS2V5RXhjaGFuZ2U7XG4gIHVzZXJTaGFyZWRLZXk6IFVzZXJTaGFyZWRLZXk7XG4gIHRwOiB7XG4gICAgaWQ6IHN0cmluZztcbiAgfTtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBVc2VyU2hhcmVkS2V5IHtcbiAgdXNlclNpZ1ByazogS2V5O1xuICBzaGFyZWRLZXk6IEtleTtcbiAgbWtTaGFyZWRLZXk/OiBLZXk7XG4gIG1rUHhrPzogS2V5O1xuICBta1Jlc2hhcmVSZXF1ZXN0Q2lwaGVyPzogc3RyaW5nO1xuICBta1Jlc2hhcmVSZXNwb25zZUNpcGhlcj86IHN0cmluZztcbiAgbWtSZXNoYXJlUmVxdWVzdFNlbnQ/OiBib29sZWFuO1xuICBta1Jlc2hhcmVSZXNwb25zZVNlbnQ/OiBib29sZWFuO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIEdldEtleUV4Y2hhbmdlTGlzdE9wdGlvbnMge1xuICBvcmRlckJ5PzpcbiAgICB8ICdjcmVhdGVkJ1xuICAgIHwgJy1jcmVhdGVkJ1xuICAgIHwgJ21vZGlmaWVkJ1xuICAgIHwgJy1tb2RpZmllZCdcbiAgICB8ICdleHBpcnlfdGltZSdcbiAgICB8ICctZXhwaXJ5X3RpbWUnO1xuICBpc0V4cGlyZWQ/OiBib29sZWFuO1xuICBpbml0aWF0b3JBY3Rpb25SZXF1aXJlZD86IGJvb2xlYW47XG4gIHJlc3BvbmRlckFjdGlvblJlcXVpcmVkPzogYm9vbGVhbjtcbiAgaW5pdGlhdG9yPzogc3RyaW5nO1xuICByZXNwb25kZXI/OiBzdHJpbmc7XG4gIHN0YXRlPzogJ0lOX1BST0dSRVNTJyB8ICdDT01QTEVURUQnIHwgJ0RFQ0xJTkVEJyB8ICdDQU5DRUxMRUQnO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFBsYWluUmVzcG9uZGVyUGJrQ2lwaGVyIHtcbiAgb3RLZXk6IG9iamVjdDtcbn1cbiJdfQ==
|