@lifeready/core 1.0.21 → 1.0.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (277) hide show
  1. package/bundles/lifeready-core.umd.js +10612 -10527
  2. package/bundles/lifeready-core.umd.js.map +1 -1
  3. package/bundles/lifeready-core.umd.min.js +1 -15
  4. package/bundles/lifeready-core.umd.min.js.map +1 -1
  5. package/esm2015/lib/_common/ast.js +2 -1
  6. package/esm2015/lib/_common/deferred-promise.js +1 -1
  7. package/esm2015/lib/_common/exceptions.js +1 -1
  8. package/esm2015/lib/_common/queries.gql.js +1 -1
  9. package/esm2015/lib/_common/run-outside-angular.js +3 -2
  10. package/esm2015/lib/_common/types.js +2 -1
  11. package/esm2015/lib/_common/utils.js +2 -1
  12. package/esm2015/lib/api/lr-apollo.service.js +4 -3
  13. package/esm2015/lib/api/lr-graphql/index.js +1 -1
  14. package/esm2015/lib/api/lr-graphql/lr-graphql.service.js +9 -8
  15. package/esm2015/lib/api/lr-graphql/lr-merged-mutation.js +5 -6
  16. package/esm2015/lib/api/lr-graphql/lr-mutation-base.js +1 -1
  17. package/esm2015/lib/api/lr-graphql/lr-mutation.js +3 -3
  18. package/esm2015/lib/api/lr-graphql/lr.service.js +1 -1
  19. package/esm2015/lib/api/query-processor/common-processors.service.js +4 -3
  20. package/esm2015/lib/api/query-processor/index.js +1 -1
  21. package/esm2015/lib/api/query-processor/query-processor.service.js +5 -4
  22. package/esm2015/lib/api/query-processor/tp-password-reset-processor.service.js +8 -7
  23. package/esm2015/lib/api/types/graphql.types.js +2 -1
  24. package/esm2015/lib/api/types/index.js +1 -1
  25. package/esm2015/lib/api/types/lr-graphql.types.js +1 -1
  26. package/esm2015/lib/auth/auth.config.js +1 -1
  27. package/esm2015/lib/auth/auth.gql.js +1 -28
  28. package/esm2015/lib/auth/auth.types.js +1 -1
  29. package/esm2015/lib/auth/life-ready-auth.service.js +36 -32
  30. package/esm2015/lib/category/category-meta.service.js +1 -1
  31. package/esm2015/lib/category/category.gql.js +3 -2
  32. package/esm2015/lib/category/category.service.js +9 -8
  33. package/esm2015/lib/category/category.types.js +1 -1
  34. package/esm2015/lib/contact-card/contact-card.gql.js +79 -0
  35. package/esm2015/lib/contact-card/contact-card.service.js +156 -0
  36. package/esm2015/lib/contact-card/contact-card2.gql.js +29 -0
  37. package/esm2015/lib/contact-card/contact-card2.service.js +103 -0
  38. package/esm2015/lib/encryption/encryption.service.js +190 -0
  39. package/esm2015/lib/file-upload/file-upload.service.js +74 -0
  40. package/esm2015/lib/file-upload/file-upload.types.js +2 -0
  41. package/esm2015/lib/idle/idle.service.js +168 -0
  42. package/esm2015/lib/idle/idle.types.js +7 -0
  43. package/esm2015/lib/item2/item2.gql.js +127 -0
  44. package/esm2015/lib/item2/item2.gql.private.js +23 -0
  45. package/esm2015/lib/item2/item2.service.js +519 -0
  46. package/esm2015/lib/item2/item2.types.js +2 -0
  47. package/esm2015/lib/key/key-factory.service.js +237 -0
  48. package/esm2015/lib/key/key-graph.service.js +300 -0
  49. package/esm2015/lib/key/key-meta.service.js +201 -0
  50. package/esm2015/lib/{cryptography → key}/key.service.js +4 -4
  51. package/esm2015/lib/key/key.types.js +11 -0
  52. package/esm2015/lib/key-exchange/key-exchange.gql.js +188 -0
  53. package/esm2015/lib/key-exchange/key-exchange.service.js +441 -0
  54. package/esm2015/lib/key-exchange/key-exchange.types.js +7 -0
  55. package/esm2015/lib/key-exchange/key-exchange2.gql.js +171 -0
  56. package/esm2015/lib/key-exchange/key-exchange2.service.js +500 -0
  57. package/esm2015/lib/lbop/lbop.service.js +357 -0
  58. package/esm2015/lib/life-ready.config.js +2 -1
  59. package/esm2015/lib/life-ready.module.js +2 -27
  60. package/esm2015/lib/lock/lock.gql.js +40 -0
  61. package/esm2015/lib/lock/lock.service.js +64 -0
  62. package/esm2015/lib/message/message.gql.js +32 -0
  63. package/esm2015/lib/message/message.service.js +118 -0
  64. package/esm2015/lib/message/message.types.js +2 -0
  65. package/esm2015/lib/notification/notification.gql.js +1 -1
  66. package/esm2015/lib/notification/notification.service.js +2 -2
  67. package/esm2015/lib/password/password.gql.js +28 -0
  68. package/esm2015/lib/password/password.service.js +316 -0
  69. package/esm2015/lib/persist/persist.service.js +181 -0
  70. package/esm2015/lib/plan/plan.gql.js +1 -1
  71. package/esm2015/lib/plan/plan.service.js +3 -2
  72. package/esm2015/lib/plan/plan.types.js +1 -1
  73. package/esm2015/lib/profile/profile-details.service.js +215 -0
  74. package/esm2015/lib/profile/profile.gql.js +98 -0
  75. package/esm2015/lib/profile/profile.service.js +170 -0
  76. package/esm2015/lib/profile/profile.types.js +34 -0
  77. package/esm2015/lib/record/record-attachment.service.js +16 -15
  78. package/esm2015/lib/record/record.gql.js +1 -1
  79. package/esm2015/lib/record/record.service.js +8 -8
  80. package/esm2015/lib/record/record.types.js +1 -1
  81. package/esm2015/lib/record-type/record-type.service.js +1 -1
  82. package/esm2015/lib/record-type/record-type.types.js +1 -1
  83. package/esm2015/lib/register/register.service.js +173 -0
  84. package/esm2015/lib/scenario/scenario.constants.js +1 -1
  85. package/esm2015/lib/scenario/scenario.controller.js +2 -2
  86. package/esm2015/lib/scenario/scenario.gql.js +1 -1
  87. package/esm2015/lib/scenario/scenario.private.gql.js +198 -0
  88. package/esm2015/lib/scenario/scenario.service.js +19 -17
  89. package/esm2015/lib/scenario/scenario.types.js +2 -1
  90. package/esm2015/lib/shared-contact-card/shared-contact-card.service.js +119 -0
  91. package/esm2015/lib/shared-contact-card/shared-contact-card2.gql.js +41 -0
  92. package/esm2015/lib/shared-contact-card/shared-contact-card2.service.js +117 -0
  93. package/esm2015/lib/slip39/slip39.service.js +167 -0
  94. package/esm2015/lib/time/time.service.js +146 -0
  95. package/esm2015/lib/tp-assembly/tp-assembly.js +365 -0
  96. package/esm2015/lib/tp-assembly/tp-assembly.private.gql.js +22 -0
  97. package/esm2015/lib/tp-assembly/tp-assembly.types.js +2 -0
  98. package/esm2015/lib/tp-password-reset/tp-password-reset-request.service.js +100 -0
  99. package/esm2015/lib/tp-password-reset/tp-password-reset-user.service.js +118 -0
  100. package/esm2015/lib/tp-password-reset/tp-password-reset.constants.js +4 -0
  101. package/esm2015/lib/tp-password-reset/tp-password-reset.controller.js +34 -0
  102. package/esm2015/lib/tp-password-reset/tp-password-reset.gql.js +74 -0
  103. package/esm2015/lib/tp-password-reset/tp-password-reset.private.gql.js +165 -0
  104. package/esm2015/lib/tp-password-reset/tp-password-reset.private.service.js +54 -0
  105. package/esm2015/lib/tp-password-reset/tp-password-reset.service.js +92 -0
  106. package/esm2015/lib/tp-password-reset/tp-password-reset.types.js +2 -0
  107. package/esm2015/lib/trusted-party/trusted-party.gql.js +148 -0
  108. package/esm2015/lib/trusted-party/trusted-party.service.js +327 -0
  109. package/esm2015/lib/trusted-party/trusted-party.types.js +41 -0
  110. package/esm2015/lib/trusted-party/trusted-party2.gql.js +64 -0
  111. package/esm2015/lib/trusted-party/trusted-party2.gql.private.js +25 -0
  112. package/esm2015/lib/trusted-party/trusted-party2.service.js +224 -0
  113. package/esm2015/lib/trusted-party/trusted-party2.types.js +2 -0
  114. package/esm2015/lib/two-factor/two-factor.service.js +74 -0
  115. package/esm2015/lib/user/user.gql.js +60 -0
  116. package/esm2015/lib/user/user.service.js +80 -0
  117. package/esm2015/lib/user/user.types.js +2 -0
  118. package/esm2015/lib/web-crypto/web-crypto.service.js +29 -0
  119. package/esm2015/lifeready-core.js +15 -13
  120. package/esm2015/public-api.js +49 -51
  121. package/fesm2015/lifeready-core.js +8764 -8737
  122. package/fesm2015/lifeready-core.js.map +1 -1
  123. package/lib/_common/types.d.ts +3 -1
  124. package/lib/_common/utils.d.ts +2 -2
  125. package/lib/api/lr-apollo.service.d.ts +2 -2
  126. package/lib/api/lr-graphql/lr-graphql.service.d.ts +26 -8
  127. package/lib/api/lr-graphql/lr-merged-mutation.d.ts +22 -4
  128. package/lib/api/lr-graphql/lr-mutation.d.ts +1 -2
  129. package/lib/api/query-processor/common-processors.service.d.ts +1 -1
  130. package/lib/api/query-processor/query-processor.service.d.ts +1 -1
  131. package/lib/api/query-processor/tp-password-reset-processor.service.d.ts +2 -2
  132. package/lib/api/types/lr-graphql.types.d.ts +14 -3
  133. package/lib/auth/auth.gql.d.ts +0 -3
  134. package/lib/auth/auth.types.d.ts +5 -5
  135. package/lib/auth/life-ready-auth.service.d.ts +13 -13
  136. package/lib/category/category.gql.d.ts +1 -1
  137. package/lib/category/category.service.d.ts +3 -3
  138. package/lib/{api → contact-card}/contact-card.service.d.ts +9 -9
  139. package/lib/contact-card/contact-card2.gql.d.ts +25 -0
  140. package/lib/contact-card/contact-card2.service.d.ts +64 -0
  141. package/lib/{cryptography → encryption}/encryption.service.d.ts +10 -9
  142. package/lib/{api/file.service.d.ts → file-upload/file-upload.service.d.ts} +5 -8
  143. package/lib/file-upload/file-upload.types.d.ts +5 -0
  144. package/lib/{auth → idle}/idle.service.d.ts +6 -6
  145. package/lib/{items2 → item2}/item2.gql.d.ts +16 -16
  146. package/lib/{items2 → item2}/item2.service.d.ts +34 -35
  147. package/lib/{cryptography → key}/key-factory.service.d.ts +4 -3
  148. package/lib/{cryptography → key}/key-graph.service.d.ts +6 -6
  149. package/lib/{cryptography → key}/key-meta.service.d.ts +1 -1
  150. package/lib/{cryptography → key}/key.service.d.ts +2 -2
  151. package/lib/{cryptography/cryptography.types.d.ts → key/key.types.d.ts} +13 -17
  152. package/lib/{api → key-exchange}/key-exchange.service.d.ts +5 -5
  153. package/lib/{api → key-exchange}/key-exchange.types.d.ts +4 -4
  154. package/lib/{api → key-exchange}/key-exchange2.gql.d.ts +1 -1
  155. package/lib/{api → key-exchange}/key-exchange2.service.d.ts +82 -29
  156. package/lib/{auth → lbop}/lbop.service.d.ts +7 -7
  157. package/lib/life-ready.config.d.ts +1 -1
  158. package/lib/{api → lock}/lock.gql.d.ts +1 -1
  159. package/lib/{api → lock}/lock.service.d.ts +1 -1
  160. package/lib/message/message.gql.d.ts +13 -0
  161. package/lib/message/message.service.d.ts +36 -0
  162. package/lib/message/message.types.d.ts +12 -0
  163. package/lib/notification/notification.service.d.ts +3 -2
  164. package/lib/password/password.gql.d.ts +3 -0
  165. package/lib/{auth → password}/password.service.d.ts +9 -9
  166. package/lib/{api → persist}/persist.service.d.ts +3 -3
  167. package/lib/plan/plan.service.d.ts +3 -2
  168. package/lib/plan/plan.types.d.ts +2 -1
  169. package/lib/{users → profile}/profile-details.service.d.ts +3 -3
  170. package/lib/{users → profile}/profile.gql.d.ts +2 -2
  171. package/lib/{users → profile}/profile.service.d.ts +6 -6
  172. package/lib/{users → profile}/profile.types.d.ts +3 -2
  173. package/lib/record/record-attachment.service.d.ts +6 -6
  174. package/lib/record/record.service.d.ts +3 -3
  175. package/lib/{auth → register}/register.service.d.ts +4 -4
  176. package/lib/scenario/scenario.controller.d.ts +1 -1
  177. package/lib/scenario/scenario.service.d.ts +105 -5
  178. package/lib/scenario/scenario.types.d.ts +1 -1
  179. package/lib/{api → shared-contact-card}/shared-contact-card.service.d.ts +9 -9
  180. package/lib/{api → shared-contact-card}/shared-contact-card2.gql.d.ts +1 -1
  181. package/lib/{api → shared-contact-card}/shared-contact-card2.service.d.ts +6 -6
  182. package/lib/{cryptography → slip39}/slip39.service.d.ts +0 -1
  183. package/lib/{trusted-parties → tp-assembly}/tp-assembly.d.ts +7 -7
  184. package/lib/{trusted-parties → tp-assembly}/tp-assembly.types.d.ts +3 -3
  185. package/lib/{trusted-parties → tp-password-reset}/tp-password-reset-request.service.d.ts +5 -9
  186. package/lib/{trusted-parties → tp-password-reset}/tp-password-reset-user.service.d.ts +7 -13
  187. package/lib/{trusted-parties → tp-password-reset}/tp-password-reset.controller.d.ts +1 -1
  188. package/lib/tp-password-reset/tp-password-reset.gql.d.ts +63 -0
  189. package/lib/{trusted-parties/tp-password-reset.gql.d.ts → tp-password-reset/tp-password-reset.private.gql.d.ts} +1 -63
  190. package/lib/tp-password-reset/tp-password-reset.private.service.d.ts +59 -0
  191. package/lib/{trusted-parties → tp-password-reset}/tp-password-reset.service.d.ts +6 -89
  192. package/lib/tp-password-reset/tp-password-reset.types.d.ts +40 -0
  193. package/lib/{trusted-parties → trusted-party}/trusted-party.service.d.ts +7 -7
  194. package/lib/{trusted-parties → trusted-party}/trusted-party.types.d.ts +2 -3
  195. package/lib/{trusted-parties → trusted-party}/trusted-party2.gql.d.ts +0 -22
  196. package/lib/trusted-party/trusted-party2.gql.private.d.ts +23 -0
  197. package/lib/{trusted-parties → trusted-party}/trusted-party2.service.d.ts +11 -35
  198. package/lib/trusted-party/trusted-party2.types.d.ts +12 -0
  199. package/lib/{users → user}/user.gql.d.ts +1 -1
  200. package/lib/{users → user}/user.service.d.ts +1 -1
  201. package/lib/{users → user}/user.types.d.ts +1 -1
  202. package/lifeready-core.d.ts +14 -12
  203. package/lifeready-core.metadata.json +1 -1
  204. package/package.json +2 -2
  205. package/public-api.d.ts +48 -50
  206. package/esm2015/lib/api/contact-card.gql.js +0 -79
  207. package/esm2015/lib/api/contact-card.service.js +0 -154
  208. package/esm2015/lib/api/contact-card2.gql.js +0 -60
  209. package/esm2015/lib/api/contact-card2.service.js +0 -103
  210. package/esm2015/lib/api/file.service.js +0 -74
  211. package/esm2015/lib/api/key-exchange.gql.js +0 -188
  212. package/esm2015/lib/api/key-exchange.service.js +0 -442
  213. package/esm2015/lib/api/key-exchange.types.js +0 -7
  214. package/esm2015/lib/api/key-exchange2.gql.js +0 -171
  215. package/esm2015/lib/api/key-exchange2.service.js +0 -480
  216. package/esm2015/lib/api/lock.gql.js +0 -40
  217. package/esm2015/lib/api/lock.service.js +0 -64
  218. package/esm2015/lib/api/message.service.js +0 -138
  219. package/esm2015/lib/api/persist.service.js +0 -181
  220. package/esm2015/lib/api/shared-contact-card.service.js +0 -119
  221. package/esm2015/lib/api/shared-contact-card2.gql.js +0 -41
  222. package/esm2015/lib/api/shared-contact-card2.service.js +0 -117
  223. package/esm2015/lib/api/time.service.js +0 -146
  224. package/esm2015/lib/auth/idle.service.js +0 -168
  225. package/esm2015/lib/auth/idle.types.js +0 -7
  226. package/esm2015/lib/auth/lbop.service.js +0 -355
  227. package/esm2015/lib/auth/password.service.js +0 -315
  228. package/esm2015/lib/auth/register.service.js +0 -172
  229. package/esm2015/lib/auth/two-factor.service.js +0 -74
  230. package/esm2015/lib/cryptography/cryptography.types.js +0 -11
  231. package/esm2015/lib/cryptography/encryption.service.js +0 -189
  232. package/esm2015/lib/cryptography/key-factory.service.js +0 -237
  233. package/esm2015/lib/cryptography/key-graph.service.js +0 -299
  234. package/esm2015/lib/cryptography/key-meta.service.js +0 -200
  235. package/esm2015/lib/cryptography/slip39.service.js +0 -169
  236. package/esm2015/lib/cryptography/web-crypto.service.js +0 -29
  237. package/esm2015/lib/items2/item2.gql.js +0 -127
  238. package/esm2015/lib/items2/item2.gql.private.js +0 -23
  239. package/esm2015/lib/items2/item2.service.js +0 -516
  240. package/esm2015/lib/items2/item2.types.js +0 -1
  241. package/esm2015/lib/scenario/scenario.gql.private.js +0 -198
  242. package/esm2015/lib/trusted-parties/tp-assembly.gql.private.js +0 -22
  243. package/esm2015/lib/trusted-parties/tp-assembly.js +0 -365
  244. package/esm2015/lib/trusted-parties/tp-assembly.types.js +0 -1
  245. package/esm2015/lib/trusted-parties/tp-password-reset-request.service.js +0 -113
  246. package/esm2015/lib/trusted-parties/tp-password-reset-user.service.js +0 -129
  247. package/esm2015/lib/trusted-parties/tp-password-reset.constants.js +0 -4
  248. package/esm2015/lib/trusted-parties/tp-password-reset.controller.js +0 -34
  249. package/esm2015/lib/trusted-parties/tp-password-reset.gql.js +0 -237
  250. package/esm2015/lib/trusted-parties/tp-password-reset.service.js +0 -95
  251. package/esm2015/lib/trusted-parties/trusted-party.gql.js +0 -148
  252. package/esm2015/lib/trusted-parties/trusted-party.service.js +0 -326
  253. package/esm2015/lib/trusted-parties/trusted-party.types.js +0 -41
  254. package/esm2015/lib/trusted-parties/trusted-party2.gql.js +0 -87
  255. package/esm2015/lib/trusted-parties/trusted-party2.service.js +0 -218
  256. package/esm2015/lib/users/profile-details.service.js +0 -214
  257. package/esm2015/lib/users/profile.gql.js +0 -97
  258. package/esm2015/lib/users/profile.service.js +0 -169
  259. package/esm2015/lib/users/profile.types.js +0 -34
  260. package/esm2015/lib/users/user.gql.js +0 -60
  261. package/esm2015/lib/users/user.service.js +0 -79
  262. package/esm2015/lib/users/user.types.js +0 -1
  263. package/lib/api/contact-card2.gql.d.ts +0 -34
  264. package/lib/api/contact-card2.service.d.ts +0 -50
  265. package/lib/api/message.service.d.ts +0 -59
  266. /package/lib/{api → contact-card}/contact-card.gql.d.ts +0 -0
  267. /package/lib/{auth → idle}/idle.types.d.ts +0 -0
  268. /package/lib/{items2 → item2}/item2.gql.private.d.ts +0 -0
  269. /package/lib/{items2 → item2}/item2.types.d.ts +0 -0
  270. /package/lib/{api → key-exchange}/key-exchange.gql.d.ts +0 -0
  271. /package/lib/scenario/{scenario.gql.private.d.ts → scenario.private.gql.d.ts} +0 -0
  272. /package/lib/{api → time}/time.service.d.ts +0 -0
  273. /package/lib/{trusted-parties/tp-assembly.gql.private.d.ts → tp-assembly/tp-assembly.private.gql.d.ts} +0 -0
  274. /package/lib/{trusted-parties → tp-password-reset}/tp-password-reset.constants.d.ts +0 -0
  275. /package/lib/{trusted-parties → trusted-party}/trusted-party.gql.d.ts +0 -0
  276. /package/lib/{auth → two-factor}/two-factor.service.d.ts +0 -0
  277. /package/lib/{cryptography → web-crypto}/web-crypto.service.d.ts +0 -0
package/esm2015/lib/key-exchange/key-exchange2.service.js ADDED
@@ -0,0 +1,500 @@
1
+ import { __awaiter, __decorate } from "tslib";
2
+ import { Injectable, Injector, NgZone } from '@angular/core';
3
+ import { LrMutation, LrService } from '../api/lr-graphql';
4
+ import { EncryptionService, JoseSerialization, } from '../encryption/encryption.service';
5
+ import { KeyFactoryService } from '../key/key-factory.service';
6
+ import { KeyGraphService } from '../key/key-graph.service';
7
+ import { KeyService } from '../key/key.service';
8
+ import { LrCodeMismatchException } from '../_common/exceptions';
9
+ import { RunOutsideAngular } from '../_common/run-outside-angular';
10
+ import { CancelKeyExchangeMutation, CompleteKeyExchangeOtkMutation, CurrentUserSharedKeyQuery2, DeclineKeyExchangeMutation, InitiateKeyExchangeOtkMutation, KeyExchangeQuery2, KeyExchangesQuery2, KeyExchangeTokenQuery2, RespondKeyExchangeOtkMutation, } from './key-exchange2.gql';
11
+ import * as i0 from "@angular/core";
12
+ import * as i1 from "../key/key-factory.service";
13
+ import * as i2 from "../key/key.service";
14
+ import * as i3 from "../encryption/encryption.service";
15
+ import * as i4 from "../key/key-graph.service";
16
+ let KeyExchange2Service = class KeyExchange2Service extends LrService {
17
+ constructor(ngZone, injector, keyFactory, keyService, encryptionService, keyGraph) {
18
+ super(injector);
19
+ this.ngZone = ngZone;
20
+ this.injector = injector;
21
+ this.keyFactory = keyFactory;
22
+ this.keyService = keyService;
23
+ this.encryptionService = encryptionService;
24
+ this.keyGraph = keyGraph;
25
+ this.CLIENT_NONCE_LENGTH = 32;
26
+ }
27
+ getOtKey(keyExchange, otKeyK) {
28
+ return __awaiter(this, void 0, void 0, function* () {
29
+ if (otKeyK) {
30
+ return yield KeyFactoryService.asKey(Object.assign(Object.assign({}, JSON.parse(keyExchange.otk.otKeyParams)), { k: otKeyK }));
31
+ }
32
+ else if (keyExchange.otk.state === 'OTK_INITIATED' &&
33
+ !keyExchange.isInitiator &&
34
+ keyExchange.otk.responderPbkCipher) {
35
+ // Assuming existing user getting invited where OTK is wrapped in responder's public key.
36
+ const prk = yield this.keyService.getCurrentPxk();
37
+ const decryptedCipher = yield this.encryptionService.decrypt(prk.jwk, JSON.parse(keyExchange.otk.responderPbkCipher), {
38
+ serializations: [JoseSerialization.COMPACT],
39
+ });
40
+ if (decryptedCipher.otKey) {
41
+ return yield KeyFactoryService.asKey(decryptedCipher.otKey);
42
+ }
43
+ }
44
+ return null;
45
+ });
46
+ }
47
+ decryptOtk(keyExchange, otKeyK) {
48
+ return __awaiter(this, void 0, void 0, function* () {
49
+ const otKey = yield this.getOtKey(keyExchange, otKeyK);
50
+ let otk = keyExchange.otk;
51
+ if (otKey && otk.otKeyCipher) {
52
+ otk = Object.assign(Object.assign({}, otk), { otKey, otKeyCipherClearJson: yield this.encryptionService.decrypt(otKey, keyExchange.otk.otKeyCipher) });
53
+ }
54
+ return Object.assign(Object.assign({}, keyExchange), { otk });
55
+ });
56
+ }
57
+ decryptResponseCipher(otKey, otPrk, content) {
58
+ return __awaiter(this, void 0, void 0, function* () {
59
+ // The response could be wrapped by the OtK in addition to the OtPbk
60
+ try {
61
+ content = yield this.encryptionService.decrypt(otKey, content);
62
+ }
63
+ catch (error) {
64
+ if (error.message !== 'no key found') {
65
+ throw error;
66
+ }
67
+ // Do nothing to support older versions where message is not wrapped with otk.
68
+ }
69
+ // The Prk is single-use and only used to send information from the responder back to the initiator.
70
+ return yield this.encryptionService.decrypt(otPrk, content);
71
+ });
72
+ }
73
+ decryptKeyExchangeAsInitiator(keyExchange) {
74
+ return __awaiter(this, void 0, void 0, function* () {
75
+ const rootKey = yield this.keyService.getCurrentRootKey();
76
+ // Decrypt using the root key to get the Prk
77
+ const initiatorRootKeyCipherClearJson = (yield this.encryptionService.decrypt(rootKey.jwk, keyExchange.initiatorRootKeyCipher));
78
+ const otKey = yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.otKey);
79
+ keyExchange = Object.assign(Object.assign({}, keyExchange), { initiatorRootKeyCipherClearJson });
80
+ let otk = keyExchange.otk;
81
+ if (otk.initiatorOneTimePbkCipher) {
82
+ otk = Object.assign(Object.assign({}, otk), { initiatorOneTimePbkCipherClearJson: yield this.decryptResponseCipher(otKey, yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.oneTimePrk), otk.initiatorOneTimePbkCipher) });
83
+ }
84
+ if (otk.otKeyCipher) {
85
+ otk.otKeyCipherClearJson = yield this.encryptionService.decrypt(otKey, otk.otKeyCipher);
86
+ }
87
+ return Object.assign(Object.assign({}, keyExchange), { otk });
88
+ });
89
+ }
90
+ decryptKeyExchangeAsResponder(keyExchange, otKeyK) {
91
+ return __awaiter(this, void 0, void 0, function* () {
92
+ return this.decryptOtk(keyExchange, otKeyK);
93
+ });
94
+ }
95
+ decryptKeyExchange(keyExchange, otKeyK) {
96
+ return __awaiter(this, void 0, void 0, function* () {
97
+ if (keyExchange.isInitiator) {
98
+ return this.decryptKeyExchangeAsInitiator(keyExchange);
99
+ }
100
+ else {
101
+ return this.decryptKeyExchangeAsResponder(keyExchange, otKeyK);
102
+ }
103
+ });
104
+ }
105
+ getKeyExchanges({ state } = {}) {
106
+ return __awaiter(this, void 0, void 0, function* () {
107
+ const { keyExchanges } = yield this.query({
108
+ query: KeyExchangesQuery2,
109
+ variables: {
110
+ state,
111
+ },
112
+ });
113
+ return Promise.all(keyExchanges.edges.map((edge) => this.decryptKeyExchange(edge.node)));
114
+ });
115
+ }
116
+ /**
117
+ * @param id If the current user can responder the key exchange if they are either the initiator or the receiver.
118
+ * @param token If not signed in, or not the initiator or responder, 'token' must be given.
119
+ * @param otKeyK Is the raw one-time key (string). If the responder is explicitly specified at time of initiation, then
120
+ * it's possible to have the otKey wrapped by the public key of the responder. In which case, the otKeyK is not needed.
121
+ */
122
+ getKeyExchange(id, { otKeyK, token } = {}) {
123
+ return __awaiter(this, void 0, void 0, function* () {
124
+ const res = yield this.query({
125
+ query: token ? KeyExchangeTokenQuery2 : KeyExchangeQuery2,
126
+ variables: {
127
+ id,
128
+ token,
129
+ },
130
+ includeKeyGraph: !token,
131
+ });
132
+ return this.decryptKeyExchange(res.keyExchange, otKeyK);
133
+ });
134
+ }
135
+ getCurrentUserSharedKey(input) {
136
+ return __awaiter(this, void 0, void 0, function* () {
137
+ return this.query({
138
+ query: CurrentUserSharedKeyQuery2,
139
+ variables: {
140
+ username: input.username,
141
+ userId: input.userId,
142
+ },
143
+ });
144
+ });
145
+ }
146
+ // TODO: deprecate this
147
+ cancelKeyExchange(id) {
148
+ return __awaiter(this, void 0, void 0, function* () {
149
+ return this.cancelKeyExchangeMutation(id);
150
+ });
151
+ }
152
+ cancelKeyExchangeMutation(id) {
153
+ return new LrMutation({
154
+ mutation: CancelKeyExchangeMutation,
155
+ variables: {
156
+ input: {
157
+ id,
158
+ },
159
+ },
160
+ });
161
+ }
162
+ declineKeyExchangeExec(id, token) {
163
+ return this.mutate(this.declineKeyExchangeMutation(id, token));
164
+ }
165
+ // TODO: deprecate this
166
+ declineKeyExchange(id, token) {
167
+ return this.declineKeyExchangeMutation(id, token);
168
+ }
169
+ declineKeyExchangeMutation(id, token) {
170
+ return new LrMutation({
171
+ mutation: DeclineKeyExchangeMutation,
172
+ variables: {
173
+ input: {
174
+ id,
175
+ token,
176
+ },
177
+ },
178
+ });
179
+ }
180
+ initiateOtkExec(input = {}) {
181
+ return __awaiter(this, void 0, void 0, function* () {
182
+ return this.mutate((yield this.initiateOtkMutation(input)).lrMutation);
183
+ });
184
+ }
185
+ // TODO deprecate this
186
+ initiateOtk(input = {}) {
187
+ return this.initiateOtkMutation(input);
188
+ }
189
+ initiateOtkMutation({ message, email, contactCard, upgrade, } = {}) {
190
+ return __awaiter(this, void 0, void 0, function* () {
191
+ const otKey = yield this.keyFactory.createKey();
192
+ const nonce = this.keyFactory.randomString(this.CLIENT_NONCE_LENGTH);
193
+ // New PKC key for encryption. This key is used only once when the responder sends
194
+ // back their signing public key.
195
+ const initiatorOneTimePrk = yield this.keyFactory.createPkcKey();
196
+ // Option 1: New PKC key for signing
197
+ // const initiatorSigPrk = await this.keyService.createPkcSignKey();
198
+ // Option 2: Use the user's global signing key.
199
+ // This key is used to prove the initiator's identity.
200
+ const initiatorPrk = yield this.keyService.getCurrentPxk();
201
+ const initiatorSigPrk = yield this.keyService.getCurrentSigPxk();
202
+ let initiatorPlainDataSig = null;
203
+ if (contactCard && contactCard.ownerPlainDataJson) {
204
+ initiatorPlainDataSig = yield this.encryptionService.signToString(initiatorSigPrk.jwk, contactCard.ownerPlainDataJson);
205
+ }
206
+ const initiator = {
207
+ message,
208
+ contactCard: contactCard && {
209
+ sharedCipherDataClearJson: contactCard.sharedCipherDataClearJson,
210
+ },
211
+ };
212
+ // Content to be encrypted using the OTK.
213
+ const plainOtKeyCipher = {
214
+ // TODO Make sure we also put the OOB code in here as well since the OOB code is the
215
+ // _only_ information the KC server does not have access to. The server may have
216
+ // access to OTK and hence the nonce here. It's good to have both the nonce and OOB code
217
+ // since the user may not be using the OOB code. And it's simple to always include
218
+ // the nonce, so why not.
219
+ nonce,
220
+ initiator: Object.assign(Object.assign({}, initiator), { oneTimePbk: initiatorOneTimePrk.toJSON(), pbk: initiatorPrk.jwk.toJSON(), sigPbk: initiatorSigPrk.jwk.toJSON() }),
221
+ };
222
+ const otKeyCipher = yield this.keyGraph.encryptToString(otKey, plainOtKeyCipher);
223
+ // Content to be encrypted using the initiator's root key.
224
+ const initiatorRootKeyCipherClearJson = {
225
+ nonce,
226
+ oneTimePrk: initiatorOneTimePrk.toJSON(true),
227
+ // Should not need to keep this encrypted since we are using the global signing key.
228
+ // sigPrk: initiatorSigPrk.toJSON(true),
229
+ // Save it in case the initiator want to decode the otKeyCipher.
230
+ // Since the otKey is only used once, and that otKeyCipher contains only
231
+ // the public key of the initiator, it's safe just leave the otKey stored here.
232
+ otKey: otKey.toJSON(true),
233
+ // These should be storing information such as how the fields of the shared contact card is
234
+ // derived from the master contact card.
235
+ initiatorContactCard: contactCard,
236
+ initiator,
237
+ };
238
+ const rootKey = yield this.keyService.getCurrentRootKey();
239
+ const initiatorRootKeyCipher = yield this.keyGraph.encryptToString(rootKey.jwk, initiatorRootKeyCipherClearJson);
240
+ // The raw OTK
241
+ const otKeyK = otKey.toJSON(true).k;
242
+ // API call
243
+ const lrMutation = new LrMutation({
244
+ mutation: InitiateKeyExchangeOtkMutation,
245
+ variables: {
246
+ input: {
247
+ // These will be stored on the server
248
+ initiatorRootKeyCipher,
249
+ initiatorPxkId: initiatorPrk.id,
250
+ initiatorSigPxkId: initiatorSigPrk.id,
251
+ // These will be sent to the responder
252
+ otKeyParams: JSON.stringify(otKey.toJSON()),
253
+ otKeyCipher,
254
+ sendEmail: email && {
255
+ email,
256
+ rawOtKey: otKeyK,
257
+ },
258
+ createTp: true,
259
+ initiatorPlainDataSig,
260
+ upgrade,
261
+ },
262
+ },
263
+ });
264
+ return { lrMutation, otKeyK };
265
+ });
266
+ }
267
+ respondOtkExec(input) {
268
+ return this.mutate(this.respondOtkMutation(input));
269
+ }
270
+ // TODO deprecate this
271
+ respondOtk(input) {
272
+ return this.respondOtkMutation(input);
273
+ }
274
+ respondOtkMutation({ keyExchangeId, token, decryptedOtk, message, initiatorContactCard, responderContactCard, }) {
275
+ return __awaiter(this, void 0, void 0, function* () {
276
+ const rootKey = yield this.keyService.getCurrentRootKey();
277
+ const masterKeyId = this.keyService.getCurrentMasterKey().id;
278
+ const masterKey = yield this.keyService.getCurrentMasterKey();
279
+ const sharedKey = yield this.keyFactory.createKey();
280
+ const mkSharedKey = yield this.keyFactory.createKey();
281
+ const rkWrappedSharedKey = yield this.encryptionService.encrypt(rootKey.jwk, sharedKey.toJSON(true));
282
+ const mkWrappedMkSharedKey = yield this.encryptionService.encrypt(masterKey.jwk, mkSharedKey.toJSON(true));
283
+ const initiatorOneTimePbk = yield KeyFactoryService.asKey(decryptedOtk.otKeyCipherClearJson.initiator.oneTimePbk);
284
+ const initiatorPbk = yield KeyFactoryService.asKey(decryptedOtk.otKeyCipherClearJson.initiator.pbk);
285
+ const initiatorSigPbk = yield KeyFactoryService.asKey(decryptedOtk.otKeyCipherClearJson.initiator.sigPbk);
286
+ // Option 1: Using new Prk for each TP pair
287
+ // Create a new public signing key for the responder.
288
+ // const responderSigPrk = await this.keyService.createPkcSignKey()
289
+ // const rkWrappedResponderSigPrk = await this.encrypt(rootKey, responderSigPrk.toJSON(true));
290
+ // Option 2: Responder already has a signing Prk
291
+ const responderPrk = yield this.keyService.getCurrentPxk();
292
+ const responderSigPrk = yield this.keyService.getCurrentSigPxk();
293
+ const signedInitiatorPbk = yield this.encryptionService.sign(responderSigPrk.jwk, initiatorPbk.toJSON());
294
+ const signedInitiatorSigPbk = yield this.encryptionService.sign(responderSigPrk.jwk, initiatorSigPbk.toJSON());
295
+ const initiatorOneTimePbkCipherClearJson = {
296
+ nonce: decryptedOtk.otKeyCipherClearJson.nonce,
297
+ sharedKey: sharedKey.toJSON(true),
298
+ mkSharedKey: mkSharedKey.toJSON(true),
299
+ responder: {
300
+ pbk: responderPrk.jwk.toJSON(),
301
+ sigPbk: responderSigPrk.jwk.toJSON(),
302
+ message,
303
+ },
304
+ };
305
+ let receivedCardInput;
306
+ if (decryptedOtk.otKeyCipherClearJson.initiator.contactCard) {
307
+ // Set the info about the initiator to be the ones sent by the initiator. We need th responder to do the encryption here
308
+ // because the initiator does not have the shared key yet, and we want the responder to have a functional contact card after
309
+ // this exchange. The initiator can double check the contact details are correct and sign it when it completes the exchange.
310
+ const sharedCipherDataClearJson = decryptedOtk.otKeyCipherClearJson.initiator.contactCard
311
+ .sharedCipherDataClearJson;
312
+ // Create keys
313
+ const receiverKey = yield this.keyFactory.createKey();
314
+ const ccSharedKey = yield this.keyFactory.createKey();
315
+ const sigPxk = yield this.keyService.getCurrentSigPxk();
316
+ receivedCardInput = {
317
+ receiverWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, receiverKey.toJSON(true))),
318
+ receiverWrappingKeyId: rootKey.id,
319
+ receiverCipherData: initiatorContactCard
320
+ ? JSON.stringify(yield this.encryptionService.encrypt(receiverKey, initiatorContactCard.receiverCipherDataClearJson))
321
+ : '',
322
+ sharedWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(sharedKey, ccSharedKey.toJSON(true))),
323
+ };
324
+ const sharedCipherData = yield this.encryptionService.encrypt(ccSharedKey, sharedCipherDataClearJson);
325
+ receivedCardInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(sigPxk.jwk, sharedCipherData));
326
+ receivedCardInput.sigPxkId = sigPxk.id;
327
+ initiatorOneTimePbkCipherClearJson.responder.contactCard = Object.assign(Object.assign({}, initiatorOneTimePbkCipherClearJson.responder.contactCard), { sharedCipherKey: ccSharedKey.toJSON(true) });
328
+ }
329
+ let responderCardInput;
330
+ if (responderContactCard) {
331
+ // Create keys
332
+ const ownerKey = yield this.keyFactory.createKey();
333
+ const ccSharedKey = yield this.keyFactory.createKey();
334
+ const sigPxk = yield this.keyService.getCurrentSigPxk();
335
+ responderCardInput = {
336
+ ownerWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, ownerKey.toJSON(true))),
337
+ ownerWrappingKeyId: rootKey.id,
338
+ ownerCipherData: responderContactCard.ownerCipherDataClearJson
339
+ ? JSON.stringify(yield this.encryptionService.encrypt(ownerKey, responderContactCard.ownerCipherDataClearJson))
340
+ : '',
341
+ sharedWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(sharedKey, ccSharedKey.toJSON(true))),
342
+ };
343
+ const sharedCipherData = yield this.encryptionService.encrypt(ccSharedKey, responderContactCard.sharedCipherDataClearJson);
344
+ responderCardInput.sharedCipherDataSig = JSON.stringify(yield this.encryptionService.sign(sigPxk.jwk, sharedCipherData));
345
+ responderCardInput.sigPxkId = sigPxk.id;
346
+ if (responderContactCard.ownerPlainDataJson) {
347
+ responderCardInput.ownerPlainDataSig = JSON.stringify(yield this.encryptionService.sign(responderSigPrk.jwk, responderContactCard.ownerPlainDataJson));
348
+ }
349
+ // Contact card info readable by the initiator
350
+ initiatorOneTimePbkCipherClearJson.responder.contactCard = Object.assign(Object.assign({}, initiatorOneTimePbkCipherClearJson.responder.contactCard), { sharedCipherDataClearJson: responderContactCard.sharedCipherDataClearJson });
351
+ }
352
+ // Encrypt with one-time public key
353
+ let initiatorOneTimePbkCipher = yield this.encryptionService.encrypt(initiatorOneTimePbk, initiatorOneTimePbkCipherClearJson);
354
+ // Encrypt with the otk again to keep use of asymmetric keys to a minimum.
355
+ initiatorOneTimePbkCipher = yield this.encryptionService.encrypt(decryptedOtk.otKey, initiatorOneTimePbkCipher);
356
+ return new LrMutation({
357
+ mutation: RespondKeyExchangeOtkMutation,
358
+ variables: {
359
+ input: {
360
+ keyExchangeId,
361
+ keyExchangeToken: token,
362
+ rootKeyId: rootKey.id,
363
+ masterKeyId,
364
+ // These will be stored on the server
365
+ responderPxkId: responderPrk.id,
366
+ responderSigPxkId: responderSigPrk.id,
367
+ signedInitiatorPbk: JSON.stringify(signedInitiatorPbk),
368
+ signedInitiatorSigPbk: JSON.stringify(signedInitiatorSigPbk),
369
+ // rkWrappedInitiatorSigPbk: JSON.stringify(rkWrappedInitiatorSigPbk),
370
+ // Option 1: Using new Prk for each TP pair
371
+ // rkWrappedResponderSigPrk: JSON.stringify(rkWrappedResponderSigPrk),
372
+ rkWrappedSharedKey: JSON.stringify(rkWrappedSharedKey),
373
+ mkWrappedMkSharedKey: JSON.stringify(mkWrappedMkSharedKey),
374
+ // These will be sent to the initiator
375
+ initiatorOneTimePbkCipher: JSON.stringify(initiatorOneTimePbkCipher),
376
+ initiatorContactCard: receivedCardInput,
377
+ responderContactCard: responderCardInput,
378
+ },
379
+ },
380
+ });
381
+ });
382
+ }
383
+ completeOtkExec(input) {
384
+ return this.mutate(this.completeOtkMutation(input));
385
+ }
386
+ // TODO deprecate this.
387
+ completeOtk(input) {
388
+ return this.completeOtkMutation(input);
389
+ }
390
+ completeOtkMutation({ keyExchangeId, initiatorRootKeyCipher, initiatorOneTimePbkCipher, responderContactCard, initiatorContactCard, }) {
391
+ return __awaiter(this, void 0, void 0, function* () {
392
+ const rootKey = yield this.keyService.getCurrentRootKey();
393
+ const masterKey = yield this.keyService.getCurrentMasterKey();
394
+ // Decrypt using the root key to get the Prk
395
+ const initiatorRootKeyCipherClearJson = (yield this.encryptionService.decrypt(rootKey.jwk, initiatorRootKeyCipher));
396
+ // The Prk is single-use and only used to send information from the responder back to the initiator.
397
+ const plainInitiatorOneTimePbkCipher = yield this.decryptResponseCipher(yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.otKey), yield KeyFactoryService.asKey(initiatorRootKeyCipherClearJson.oneTimePrk), initiatorOneTimePbkCipher);
398
+ // Check the nonce match to ensure the responder was the one holding the OTK
399
+ if (initiatorRootKeyCipherClearJson.nonce !==
400
+ plainInitiatorOneTimePbkCipher.nonce) {
401
+ throw new LrCodeMismatchException('The nonce returned by responder does not match with the one created by the initiator.');
402
+ }
403
+ // Option 1: Assuming the signing key is unique between users.
404
+ // const initiatorSigPrk = await KFS.asKey(ke.plainInitiatorRootKeyCipher.sigPrk);
405
+ // const rkWrappedInitiatorSigPrk = await this.encrypt(rootKey, initiatorSigPrk.toJSON(true));
406
+ // Option 2: Use the user's global signing key.
407
+ // In this case the initiatorSigPrk is already a part of the key graph.
408
+ // So there's nothing to do here.
409
+ // Protected the signing public key of the responder.
410
+ const initiatorSigPrk = yield this.keyService.getCurrentSigPxk();
411
+ const responderSigPbk = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.responder.sigPbk);
412
+ const responderPbk = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.responder.pbk);
413
+ const signedResponderPbk = yield this.encryptionService.sign(initiatorSigPrk.jwk, responderPbk.toJSON());
414
+ const signedResponderSigPbk = yield this.encryptionService.sign(initiatorSigPrk.jwk, responderSigPbk.toJSON());
415
+ const sharedKey = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.sharedKey);
416
+ const rkWrappedSharedKey = yield this.encryptionService.encrypt(rootKey.jwk, sharedKey.toJSON(true));
417
+ const mkSharedKey = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.mkSharedKey);
418
+ const mkWrappedMkSharedKey = yield this.encryptionService.encrypt(masterKey.jwk, mkSharedKey.toJSON(true));
419
+ let responderContactCardCipherInput;
420
+ if (responderContactCard) {
421
+ // Create key
422
+ const receiverKey = yield this.keyFactory.createKey();
423
+ responderContactCardCipherInput = {
424
+ receiverWrappedKey: JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, receiverKey.toJSON(true))),
425
+ receiverWrappingKeyId: rootKey.id,
426
+ receiverCipherData: JSON.stringify(yield this.encryptionService.encrypt(receiverKey, responderContactCard.receiverCipherDataClearJson)),
427
+ };
428
+ }
429
+ // Get the data needed from the initiator's cipher data.
430
+ let initiatorContactCardCipherInput;
431
+ let initiatorContactCardSharedCipherInput;
432
+ if (initiatorRootKeyCipherClearJson.initiatorContactCard) {
433
+ // The initiatorContactCard created during the creation of the invite and encrypted using the initiator's
434
+ // root key
435
+ const initiatorContactCardFromInit = initiatorRootKeyCipherClearJson.initiatorContactCard;
436
+ const ownerKey = yield this.keyFactory.createKey();
437
+ const sharedCipherKey = yield KeyFactoryService.asKey(plainInitiatorOneTimePbkCipher.responder.contactCard.sharedCipherKey);
438
+ const ownerWrappedKey = JSON.stringify(yield this.encryptionService.encrypt(rootKey.jwk, ownerKey.toJSON(true)));
439
+ // Allow the initiatorContactCard parameter to override
440
+ const ownerCipherDataClearJson = (initiatorContactCard === null || initiatorContactCard === void 0 ? void 0 : initiatorContactCard.ownerCipherDataClearJson) ||
441
+ initiatorContactCardFromInit.ownerCipherDataClearJson;
442
+ const ownerCipherData = ownerCipherDataClearJson
443
+ ? yield this.keyGraph.encryptToString(ownerKey, ownerCipherDataClearJson)
444
+ : '';
445
+ initiatorContactCardCipherInput = {
446
+ ownerWrappedKey,
447
+ ownerWrappingKeyId: rootKey.id,
448
+ ownerCipherData,
449
+ };
450
+ initiatorContactCardSharedCipherInput = {
451
+ sigPxkId: initiatorSigPrk.id,
452
+ };
453
+ const sharedCipherData = yield this.encryptionService.encrypt(sharedCipherKey, initiatorContactCardFromInit.sharedCipherDataClearJson);
454
+ initiatorContactCardSharedCipherInput.sharedCipherDataSig =
455
+ JSON.stringify(yield this.encryptionService.sign(initiatorSigPrk.jwk, sharedCipherData));
456
+ }
457
+ // TODO ideally we update the shared data in the contact card sent to the responder as well since that
458
+ // CC was created by the responder.
459
+ return new LrMutation({
460
+ mutation: CompleteKeyExchangeOtkMutation,
461
+ variables: {
462
+ input: {
463
+ keyExchangeId,
464
+ rootKeyId: rootKey.id,
465
+ masterKeyId: masterKey.id,
466
+ initiatorSigPxkId: initiatorSigPrk.id,
467
+ signedResponderPbk: JSON.stringify(signedResponderPbk),
468
+ signedResponderSigPbk: JSON.stringify(signedResponderSigPbk),
469
+ rkWrappedSharedKey: JSON.stringify(rkWrappedSharedKey),
470
+ mkWrappedMkSharedKey: JSON.stringify(mkWrappedMkSharedKey),
471
+ responderContactCardCipher: responderContactCardCipherInput,
472
+ initiatorContactCardCipher: initiatorContactCardCipherInput,
473
+ initiatorContactCardSharedCipher: initiatorContactCardSharedCipherInput,
474
+ },
475
+ },
476
+ });
477
+ });
478
+ }
479
+ };
480
+ KeyExchange2Service.ɵprov = i0.ɵɵdefineInjectable({ factory: function KeyExchange2Service_Factory() { return new KeyExchange2Service(i0.ɵɵinject(i0.NgZone), i0.ɵɵinject(i0.INJECTOR), i0.ɵɵinject(i1.KeyFactoryService), i0.ɵɵinject(i2.KeyService), i0.ɵɵinject(i3.EncryptionService), i0.ɵɵinject(i4.KeyGraphService)); }, token: KeyExchange2Service, providedIn: "root" });
481
+ KeyExchange2Service.decorators = [
482
+ { type: Injectable, args: [{
483
+ providedIn: 'root',
484
+ },] }
485
+ ];
486
+ KeyExchange2Service.ctorParameters = () => [
487
+ { type: NgZone },
488
+ { type: Injector },
489
+ { type: KeyFactoryService },
490
+ { type: KeyService },
491
+ { type: EncryptionService },
492
+ { type: KeyGraphService }
493
+ ];
494
+ KeyExchange2Service = __decorate([
495
+ RunOutsideAngular({
496
+ ngZoneName: 'ngZone',
497
+ })
498
+ ], KeyExchange2Service);
499
+ export { KeyExchange2Service };
500
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LWV4Y2hhbmdlMi5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vcHJvamVjdHMvY29yZS9zcmMvbGliL2tleS1leGNoYW5nZS9rZXktZXhjaGFuZ2UyLnNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLE9BQU8sRUFBRSxVQUFVLEVBQUUsUUFBUSxFQUFFLE1BQU0sRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUU3RCxPQUFPLEVBQUUsVUFBVSxFQUFFLFNBQVMsRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBTzFELE9BQU8sRUFDTCxpQkFBaUIsRUFDakIsaUJBQWlCLEdBQ2xCLE1BQU0sa0NBQWtDLENBQUM7QUFDMUMsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sNEJBQTRCLENBQUM7QUFDL0QsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBQzNELE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxvQkFBb0IsQ0FBQztBQUNoRCxPQUFPLEVBQUUsdUJBQXVCLEVBQUUsTUFBTSx1QkFBdUIsQ0FBQztBQUNoRSxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUNuRSxPQUFPLEVBQ0wseUJBQXlCLEVBQ3pCLDhCQUE4QixFQUM5QiwwQkFBMEIsRUFDMUIsMEJBQTBCLEVBQzFCLDhCQUE4QixFQUU5QixpQkFBaUIsRUFDakIsa0JBQWtCLEVBRWxCLHNCQUFzQixFQUN0Qiw2QkFBNkIsR0FDOUIsTUFBTSxxQkFBcUIsQ0FBQzs7Ozs7O0lBNEhoQixtQkFBbUIsU0FBbkIsbUJBQW9CLFNBQVEsU0FBUztJQUdoRCxZQUNVLE1BQWMsRUFDZCxRQUFrQixFQUNsQixVQUE2QixFQUM3QixVQUFzQixFQUN0QixpQkFBb0MsRUFDcEMsUUFBeUI7UUFFakMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBUFIsV0FBTSxHQUFOLE1BQU0sQ0FBUTtRQUNkLGFBQVEsR0FBUixRQUFRLENBQVU7UUFDbEIsZUFBVSxHQUFWLFVBQVUsQ0FBbUI7UUFDN0IsZUFBVSxHQUFWLFVBQVUsQ0FBWTtRQUN0QixzQkFBaUIsR0FBakIsaUJBQWlCLENBQW1CO1FBQ3BDLGFBQVEsR0FBUixRQUFRLENBQWlCO1FBUmxCLHdCQUFtQixHQUFHLEVBQUUsQ0FBQztJQVcxQyxDQUFDO0lBRWEsUUFBUSxDQUNwQixXQUFnQyxFQUNoQyxNQUFlOztZQUVmLElBQUksTUFBTSxFQUFFO2dCQUNWLE9BQU8sTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLGlDQUMvQixJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsV0FBVyxDQUFDLEtBQzFDLENBQUMsRUFBRSxNQUFNLElBQ1QsQ0FBQzthQUNKO2lCQUFNLElBQ0wsV0FBVyxDQUFDLEdBQUcsQ0FBQyxLQUFLLEtBQUssZUFBZTtnQkFDekMsQ0FBQyxXQUFXLENBQUMsV0FBVztnQkFDeEIsV0FBVyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsRUFDbEM7Z0JBQ0EseUZBQXlGO2dCQUN6RixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBQ2xELE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDMUQsR0FBRyxDQUFDLEdBQUcsRUFDUCxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsa0JBQWtCLENBQUMsRUFDOUM7b0JBQ0UsY0FBYyxFQUFFLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDO2lCQUM1QyxDQUNGLENBQUM7Z0JBQ0YsSUFBSSxlQUFlLENBQUMsS0FBSyxFQUFFO29CQUN6QixPQUFPLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxLQUFLLENBQUMsQ0FBQztpQkFDN0Q7YUFDRjtZQUNELE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztLQUFBO0lBRWEsVUFBVSxDQUN0QixXQUFnQyxFQUNoQyxNQUFlOztZQUVmLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLEVBQUUsTUFBTSxDQUFDLENBQUM7WUFFdkQsSUFBSSxHQUFHLEdBQUcsV0FBVyxDQUFDLEdBQUcsQ0FBQztZQUUxQixJQUFJLEtBQUssSUFBSSxHQUFHLENBQUMsV0FBVyxFQUFFO2dCQUM1QixHQUFHLG1DQUNFLEdBQUcsS0FDTixLQUFLLEVBQ0wsb0JBQW9CLEVBQUUsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUN4RCxLQUFLLEVBQ0wsV0FBVyxDQUFDLEdBQUcsQ0FBQyxXQUFXLENBQzVCLEdBQ0YsQ0FBQzthQUNIO1lBRUQsdUNBQ0ssV0FBVyxLQUNkLEdBQUcsSUFDSDtRQUNKLENBQUM7S0FBQTtJQUVhLHFCQUFxQixDQUNqQyxLQUFjLEVBQ2QsS0FBYyxFQUNkLE9BQW1COztZQUVuQixvRUFBb0U7WUFDcEUsSUFBSTtnQkFDRixPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxPQUFPLENBQUMsQ0FBQzthQUNoRTtZQUFDLE9BQU8sS0FBSyxFQUFFO2dCQUNkLElBQUksS0FBSyxDQUFDLE9BQU8sS0FBSyxjQUFjLEVBQUU7b0JBQ3BDLE1BQU0sS0FBSyxDQUFDO2lCQUNiO2dCQUNELDhFQUE4RTthQUMvRTtZQUVELG9HQUFvRztZQUNwRyxPQUFPLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDOUQsQ0FBQztLQUFBO0lBRWEsNkJBQTZCLENBQ3pDLFdBQWdDOztZQUVoQyxNQUFNLE9BQU8sR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztZQUUxRCw0Q0FBNEM7WUFDNUMsTUFBTSwrQkFBK0IsR0FDbkMsQ0FBQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ25DLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsV0FBVyxDQUFDLHNCQUFzQixDQUNuQyxDQUFxQyxDQUFDO1lBRXpDLE1BQU0sS0FBSyxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUN6QywrQkFBK0IsQ0FBQyxLQUFLLENBQ3RDLENBQUM7WUFFRixXQUFXLG1DQUNOLFdBQVcsS0FDZCwrQkFBK0IsR0FDaEMsQ0FBQztZQUVGLElBQUksR0FBRyxHQUFHLFdBQVcsQ0FBQyxHQUFHLENBQUM7WUFFMUIsSUFBSSxHQUFHLENBQUMseUJBQXlCLEVBQUU7Z0JBQ2pDLEdBQUcsbUNBQ0UsR0FBRyxLQUNOLGtDQUFrQyxFQUFFLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUNsRSxLQUFLLEVBQ0wsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQzNCLCtCQUErQixDQUFDLFVBQVUsQ0FDM0MsRUFDRCxHQUFHLENBQUMseUJBQXlCLENBQzlCLEdBQ0YsQ0FBQzthQUNIO1lBRUQsSUFBSSxHQUFHLENBQUMsV0FBVyxFQUFFO2dCQUNuQixHQUFHLENBQUMsb0JBQW9CLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUM3RCxLQUFLLEVBQ0wsR0FBRyxDQUFDLFdBQVcsQ0FDaEIsQ0FBQzthQUNIO1lBRUQsdUNBQ0ssV0FBVyxLQUNkLEdBQUcsSUFDSDtRQUNKLENBQUM7S0FBQTtJQUVhLDZCQUE2QixDQUN6QyxXQUFnQyxFQUNoQyxNQUFlOztZQUVmLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQyxXQUFXLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDOUMsQ0FBQztLQUFBO0lBRUssa0JBQWtCLENBQUMsV0FBZ0MsRUFBRSxNQUFlOztZQUN4RSxJQUFJLFdBQVcsQ0FBQyxXQUFXLEVBQUU7Z0JBQzNCLE9BQU8sSUFBSSxDQUFDLDZCQUE2QixDQUFDLFdBQVcsQ0FBQyxDQUFDO2FBQ3hEO2lCQUFNO2dCQUNMLE9BQU8sSUFBSSxDQUFDLDZCQUE2QixDQUFDLFdBQVcsRUFBRSxNQUFNLENBQUMsQ0FBQzthQUNoRTtRQUNILENBQUM7S0FBQTtJQUVLLGVBQWUsQ0FBQyxFQUFFLEtBQUssS0FBb0MsRUFBRTs7WUFDakUsTUFBTSxFQUFFLFlBQVksRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLEtBQUssQ0FBQztnQkFDeEMsS0FBSyxFQUFFLGtCQUFrQjtnQkFDekIsU0FBUyxFQUFFO29CQUNULEtBQUs7aUJBQ047YUFDRixDQUFDLENBQUM7WUFFSCxPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQ2hCLFlBQVksQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQ3JFLENBQUM7UUFDSixDQUFDO0tBQUE7SUFFRDs7Ozs7T0FLRztJQUNHLGNBQWMsQ0FDbEIsRUFBVSxFQUNWLEVBQUUsTUFBTSxFQUFFLEtBQUssS0FBNkIsRUFBRTs7WUFFOUMsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsS0FBSyxDQUFDO2dCQUMzQixLQUFLLEVBQUUsS0FBSyxDQUFDLENBQUMsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDLENBQUMsaUJBQWlCO2dCQUN6RCxTQUFTLEVBQUU7b0JBQ1QsRUFBRTtvQkFDRixLQUFLO2lCQUNOO2dCQUNELGVBQWUsRUFBRSxDQUFDLEtBQUs7YUFDeEIsQ0FBQyxDQUFDO1lBQ0gsT0FBTyxJQUFJLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLFdBQVcsRUFBRSxNQUFNLENBQUMsQ0FBQztRQUMxRCxDQUFDO0tBQUE7SUFFWSx1QkFBdUIsQ0FBQyxLQUdwQzs7WUFDQyxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUM7Z0JBQ2hCLEtBQUssRUFBRSwwQkFBMEI7Z0JBQ2pDLFNBQVMsRUFBRTtvQkFDVCxRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7b0JBQ3hCLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTtpQkFDckI7YUFDRixDQUFDLENBQUM7UUFDTCxDQUFDO0tBQUE7SUFFRCx1QkFBdUI7SUFDakIsaUJBQWlCLENBQUMsRUFBVTs7WUFDaEMsT0FBTyxJQUFJLENBQUMseUJBQXlCLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDNUMsQ0FBQztLQUFBO0lBRUQseUJBQXlCLENBQUMsRUFBVTtRQUNsQyxPQUFPLElBQUksVUFBVSxDQUFDO1lBQ3BCLFFBQVEsRUFBRSx5QkFBeUI7WUFDbkMsU0FBUyxFQUFFO2dCQUNULEtBQUssRUFBRTtvQkFDTCxFQUFFO2lCQUNIO2FBQ0Y7U0FDRixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsc0JBQXNCLENBQUMsRUFBVSxFQUFFLEtBQWE7UUFDOUMsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQywwQkFBMEIsQ0FBQyxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUMsQ0FBQztJQUNqRSxDQUFDO0lBRUQsdUJBQXVCO0lBQ3ZCLGtCQUFrQixDQUFDLEVBQVUsRUFBRSxLQUFhO1FBQzFDLE9BQU8sSUFBSSxDQUFDLDBCQUEwQixDQUFDLEVBQUUsRUFBRSxLQUFLLENBQUMsQ0FBQztJQUNwRCxDQUFDO0lBRUQsMEJBQTBCLENBQUMsRUFBVSxFQUFFLEtBQWE7UUFDbEQsT0FBTyxJQUFJLFVBQVUsQ0FBQztZQUNwQixRQUFRLEVBQUUsMEJBQTBCO1lBQ3BDLFNBQVMsRUFBRTtnQkFDVCxLQUFLLEVBQUU7b0JBQ0wsRUFBRTtvQkFDRixLQUFLO2lCQUNOO2FBQ0Y7U0FDRixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUssZUFBZSxDQUFDLFFBQTJCLEVBQUU7O1lBQ2pELE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDLE1BQU0sSUFBSSxDQUFDLG1CQUFtQixDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDekUsQ0FBQztLQUFBO0lBRUQsc0JBQXNCO0lBQ3RCLFdBQVcsQ0FBQyxRQUEyQixFQUFFO1FBQ3ZDLE9BQU8sSUFBSSxDQUFDLG1CQUFtQixDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFSyxtQkFBbUIsQ0FBQyxFQUN4QixPQUFPLEVBQ1AsS0FBSyxFQUNMLFdBQVcsRUFDWCxPQUFPLE1BQ2MsRUFBRTs7WUFDdkIsTUFBTSxLQUFLLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ2hELE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1lBRXJFLGtGQUFrRjtZQUNsRixpQ0FBaUM7WUFDakMsTUFBTSxtQkFBbUIsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsWUFBWSxFQUFFLENBQUM7WUFFakUsb0NBQW9DO1lBQ3BDLG9FQUFvRTtZQUVwRSwrQ0FBK0M7WUFDL0Msc0RBQXNEO1lBQ3RELE1BQU0sWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUMzRCxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUVqRSxJQUFJLHFCQUFxQixHQUFXLElBQUksQ0FBQztZQUV6QyxJQUFJLFdBQVcsSUFBSSxXQUFXLENBQUMsa0JBQWtCLEVBQUU7Z0JBQ2pELHFCQUFxQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLFlBQVksQ0FDL0QsZUFBZSxDQUFDLEdBQUcsRUFDbkIsV0FBVyxDQUFDLGtCQUFrQixDQUMvQixDQUFDO2FBQ0g7WUFFRCxNQUFNLFNBQVMsR0FBRztnQkFDaEIsT0FBTztnQkFDUCxXQUFXLEVBQUUsV0FBVyxJQUFJO29CQUMxQix5QkFBeUIsRUFBRSxXQUFXLENBQUMseUJBQXlCO2lCQUNqRTthQUNGLENBQUM7WUFFRix5Q0FBeUM7WUFDekMsTUFBTSxnQkFBZ0IsR0FBMEI7Z0JBQzlDLG9GQUFvRjtnQkFDcEYsZ0ZBQWdGO2dCQUNoRix3RkFBd0Y7Z0JBQ3hGLGtGQUFrRjtnQkFDbEYseUJBQXlCO2dCQUN6QixLQUFLO2dCQUNMLFNBQVMsa0NBQ0osU0FBUyxLQUNaLFVBQVUsRUFBRSxtQkFBbUIsQ0FBQyxNQUFNLEVBQUUsRUFDeEMsR0FBRyxFQUFFLFlBQVksQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLEVBQzlCLE1BQU0sRUFBRSxlQUFlLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxHQUNyQzthQUNGLENBQUM7WUFFRixNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsZUFBZSxDQUNyRCxLQUFLLEVBQ0wsZ0JBQWdCLENBQ2pCLENBQUM7WUFFRiwwREFBMEQ7WUFDMUQsTUFBTSwrQkFBK0IsR0FBcUM7Z0JBQ3hFLEtBQUs7Z0JBQ0wsVUFBVSxFQUFFLG1CQUFtQixDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUM7Z0JBQzVDLG9GQUFvRjtnQkFDcEYsd0NBQXdDO2dCQUV4QyxnRUFBZ0U7Z0JBQ2hFLHdFQUF3RTtnQkFDeEUsK0VBQStFO2dCQUMvRSxLQUFLLEVBQUUsS0FBSyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUM7Z0JBQ3pCLDJGQUEyRjtnQkFDM0Ysd0NBQXdDO2dCQUN4QyxvQkFBb0IsRUFBRSxXQUFXO2dCQUNqQyxTQUFTO2FBQ1YsQ0FBQztZQUVGLE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQzFELE1BQU0sc0JBQXNCLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLGVBQWUsQ0FDaEUsT0FBTyxDQUFDLEdBQUcsRUFDWCwrQkFBK0IsQ0FDaEMsQ0FBQztZQUVGLGNBQWM7WUFDZCxNQUFNLE1BQU0sR0FBWSxLQUFLLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBZ0IsQ0FBQyxDQUFDLENBQUM7WUFFNUQsV0FBVztZQUNYLE1BQU0sVUFBVSxHQUFHLElBQUksVUFBVSxDQUFDO2dCQUNoQyxRQUFRLEVBQUUsOEJBQThCO2dCQUN4QyxTQUFTLEVBQUU7b0JBQ1QsS0FBSyxFQUFFO3dCQUNMLHFDQUFxQzt3QkFDckMsc0JBQXNCO3dCQUN0QixjQUFjLEVBQUUsWUFBWSxDQUFDLEVBQUU7d0JBQy9CLGlCQUFpQixFQUFFLGVBQWUsQ0FBQyxFQUFFO3dCQUNyQyxzQ0FBc0M7d0JBQ3RDLFdBQVcsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxNQUFNLEVBQUUsQ0FBQzt3QkFDM0MsV0FBVzt3QkFDWCxTQUFTLEVBQUUsS0FBSyxJQUFJOzRCQUNsQixLQUFLOzRCQUNMLFFBQVEsRUFBRSxNQUFNO3lCQUNqQjt3QkFDRCxRQUFRLEVBQUUsSUFBSTt3QkFDZCxxQkFBcUI7d0JBQ3JCLE9BQU87cUJBQ1I7aUJBQ0Y7YUFDRixDQUFDLENBQUM7WUFFSCxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBRSxDQUFDO1FBQ2hDLENBQUM7S0FBQTtJQUVELGNBQWMsQ0FBQyxLQUF1QjtRQUNwQyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7SUFDckQsQ0FBQztJQUVELHNCQUFzQjtJQUN0QixVQUFVLENBQUMsS0FBdUI7UUFDaEMsT0FBTyxJQUFJLENBQUMsa0JBQWtCLENBQUMsS0FBSyxDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVLLGtCQUFrQixDQUFDLEVBQ3ZCLGFBQWEsRUFDYixLQUFLLEVBQ0wsWUFBWSxFQUNaLE9BQU8sRUFDUCxvQkFBb0IsRUFDcEIsb0JBQW9CLEdBQ0g7O1lBQ2pCLE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBRTFELE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsbUJBQW1CLEVBQUUsQ0FBQyxFQUFFLENBQUM7WUFDN0QsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFFOUQsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3BELE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUV0RCxNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDN0QsT0FBTyxDQUFDLEdBQUcsRUFDWCxTQUFTLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN2QixDQUFDO1lBQ0YsTUFBTSxvQkFBb0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQy9ELFNBQVMsQ0FBQyxHQUFHLEVBQ2IsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDekIsQ0FBQztZQUVGLE1BQU0sbUJBQW1CLEdBQUcsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQ3ZELFlBQVksQ0FBQyxvQkFBb0IsQ0FBQyxTQUFTLENBQUMsVUFBVSxDQUN2RCxDQUFDO1lBRUYsTUFBTSxZQUFZLEdBQUcsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQ2hELFlBQVksQ0FBQyxvQkFBb0IsQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUNoRCxDQUFDO1lBQ0YsTUFBTSxlQUFlLEdBQUcsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQ25ELFlBQVksQ0FBQyxvQkFBb0IsQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUNuRCxDQUFDO1lBRUYsMkNBQTJDO1lBQzNDLHFEQUFxRDtZQUNyRCxtRUFBbUU7WUFDbkUsOEZBQThGO1lBRTlGLGdEQUFnRDtZQUNoRCxNQUFNLFlBQVksR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDM0QsTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFFakUsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQzFELGVBQWUsQ0FBQyxHQUFHLEVBQ25CLFlBQVksQ0FBQyxNQUFNLEVBQUUsQ0FDdEIsQ0FBQztZQUNGLE1BQU0scUJBQXFCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUM3RCxlQUFlLENBQUMsR0FBRyxFQUNuQixlQUFlLENBQUMsTUFBTSxFQUFFLENBQ3pCLENBQUM7WUFFRixNQUFNLGtDQUFrQyxHQUN0QztnQkFDRSxLQUFLLEVBQUUsWUFBWSxDQUFDLG9CQUFvQixDQUFDLEtBQUs7Z0JBQzlDLFNBQVMsRUFBRSxTQUFTLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQztnQkFDakMsV0FBVyxFQUFFLFdBQVcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDO2dCQUNyQyxTQUFTLEVBQUU7b0JBQ1QsR0FBRyxFQUFFLFlBQVksQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFO29CQUM5QixNQUFNLEVBQUUsZUFBZSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUU7b0JBQ3BDLE9BQU87aUJBQ1I7YUFDRixDQUFDO1lBRUosSUFBSSxpQkFBaUIsQ0FBQztZQUN0QixJQUFJLFlBQVksQ0FBQyxvQkFBb0IsQ0FBQyxTQUFTLENBQUMsV0FBVyxFQUFFO2dCQUMzRCx3SEFBd0g7Z0JBQ3hILDRIQUE0SDtnQkFDNUgsNEhBQTRIO2dCQUM1SCxNQUFNLHlCQUF5QixHQUM3QixZQUFZLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLFdBQVc7cUJBQ3BELHlCQUF5QixDQUFDO2dCQUUvQixjQUFjO2dCQUNkLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDdEQsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUN0RCxNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztnQkFFeEQsaUJBQWlCLEdBQUc7b0JBQ2xCLGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQ2hDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEMsT0FBTyxDQUFDLEdBQUcsRUFDWCxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUNGO29CQUNELHFCQUFxQixFQUFFLE9BQU8sQ0FBQyxFQUFFO29CQUNqQyxrQkFBa0IsRUFBRSxvQkFBb0I7d0JBQ3RDLENBQUMsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUNaLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEMsV0FBVyxFQUNYLG9CQUFvQixDQUFDLDJCQUEyQixDQUNqRCxDQUNGO3dCQUNILENBQUMsQ0FBQyxFQUFFO29CQUNOLGdCQUFnQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQzlCLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbEMsU0FBUyxFQUNULFdBQVcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ3pCLENBQ0Y7aUJBQ0YsQ0FBQztnQkFFRixNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDM0QsV0FBVyxFQUNYLHlCQUF5QixDQUMxQixDQUFDO2dCQUNGLGlCQUFpQixDQUFDLG1CQUFtQixHQUFHLElBQUksQ0FBQyxTQUFTLENBQ3BELE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxFQUFFLGdCQUFnQixDQUFDLENBQ2hFLENBQUM7Z0JBQ0YsaUJBQWlCLENBQUMsUUFBUSxHQUFHLE1BQU0sQ0FBQyxFQUFFLENBQUM7Z0JBRXZDLGtDQUFrQyxDQUFDLFNBQVMsQ0FBQyxXQUFXLG1DQUNuRCxrQ0FBa0MsQ0FBQyxTQUFTLENBQUMsV0FBVyxLQUMzRCxlQUFlLEVBQUUsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsR0FDMUMsQ0FBQzthQUNIO1lBRUQsSUFBSSxrQkFBa0IsQ0FBQztZQUN2QixJQUFJLG9CQUFvQixFQUFFO2dCQUN4QixjQUFjO2dCQUNkLE1BQU0sUUFBUSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDbkQsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUN0RCxNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztnQkFFeEQsa0JBQWtCLEdBQUc7b0JBQ25CLGVBQWUsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUM3QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsUUFBUSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDdEIsQ0FDRjtvQkFDRCxrQkFBa0IsRUFBRSxPQUFPLENBQUMsRUFBRTtvQkFDOUIsZUFBZSxFQUFFLG9CQUFvQixDQUFDLHdCQUF3Qjt3QkFDNUQsQ0FBQyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQ1osTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxRQUFRLEVBQ1Isb0JBQW9CLENBQUMsd0JBQXdCLENBQzlDLENBQ0Y7d0JBQ0gsQ0FBQyxDQUFDLEVBQUU7b0JBRU4sZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FDOUIsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxTQUFTLEVBQ1QsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDekIsQ0FDRjtpQkFDRixDQUFDO2dCQUVGLE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMzRCxXQUFXLEVBQ1gsb0JBQW9CLENBQUMseUJBQXlCLENBQy9DLENBQUM7Z0JBQ0Ysa0JBQWtCLENBQUMsbUJBQW1CLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDckQsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLEVBQUUsZ0JBQWdCLENBQUMsQ0FDaEUsQ0FBQztnQkFDRixrQkFBa0IsQ0FBQyxRQUFRLEdBQUcsTUFBTSxDQUFDLEVBQUUsQ0FBQztnQkFFeEMsSUFBSSxvQkFBb0IsQ0FBQyxrQkFBa0IsRUFBRTtvQkFDM0Msa0JBQWtCLENBQUMsaUJBQWlCLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDbkQsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUMvQixlQUFlLENBQUMsR0FBRyxFQUNuQixvQkFBb0IsQ0FBQyxrQkFBa0IsQ0FDeEMsQ0FDRixDQUFDO2lCQUNIO2dCQUVELDhDQUE4QztnQkFDOUMsa0NBQWtDLENBQUMsU0FBUyxDQUFDLFdBQVcsbUNBQ25ELGtDQUFrQyxDQUFDLFNBQVMsQ0FBQyxXQUFXLEtBQzNELHlCQUF5QixFQUN2QixvQkFBb0IsQ0FBQyx5QkFBeUIsR0FDakQsQ0FBQzthQUNIO1lBRUQsbUNBQW1DO1lBQ25DLElBQUkseUJBQXlCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsRSxtQkFBbUIsRUFDbkIsa0NBQWtDLENBQ25DLENBQUM7WUFFRiwwRUFBMEU7WUFDMUUseUJBQXlCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUM5RCxZQUFZLENBQUMsS0FBSyxFQUNsQix5QkFBeUIsQ0FDMUIsQ0FBQztZQUVGLE9BQU8sSUFBSSxVQUFVLENBQUM7Z0JBQ3BCLFFBQVEsRUFBRSw2QkFBNkI7Z0JBQ3ZDLFNBQVMsRUFBRTtvQkFDVCxLQUFLLEVBQUU7d0JBQ0wsYUFBYTt3QkFDYixnQkFBZ0IsRUFBRSxLQUFLO3dCQUN2QixTQUFTLEVBQUUsT0FBTyxDQUFDLEVBQUU7d0JBQ3JCLFdBQVc7d0JBQ1gscUNBQXFDO3dCQUNyQyxjQUFjLEVBQUUsWUFBWSxDQUFDLEVBQUU7d0JBQy9CLGlCQUFpQixFQUFFLGVBQWUsQ0FBQyxFQUFFO3dCQUNyQyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGtCQUFrQixDQUFDO3dCQUN0RCxxQkFBcUIsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLHFCQUFxQixDQUFDO3dCQUM1RCxzRUFBc0U7d0JBRXRFLDJDQUEyQzt3QkFDM0Msc0VBQXNFO3dCQUN0RSxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGtCQUFrQixDQUFDO3dCQUN0RCxvQkFBb0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLG9CQUFvQixDQUFDO3dCQUMxRCxzQ0FBc0M7d0JBQ3RDLHlCQUF5QixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMseUJBQXlCLENBQUM7d0JBQ3BFLG9CQUFvQixFQUFFLGlCQUFpQjt3QkFDdkMsb0JBQW9CLEVBQUUsa0JBQWtCO3FCQUN6QztpQkFDRjthQUNGLENBQUMsQ0FBQztRQUNMLENBQUM7S0FBQTtJQUVELGVBQWUsQ0FBQyxLQUF3QjtRQUN0QyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7SUFDdEQsQ0FBQztJQUVELHVCQUF1QjtJQUN2QixXQUFXLENBQUMsS0FBd0I7UUFDbEMsT0FBTyxJQUFJLENBQUMsbUJBQW1CLENBQUMsS0FBSyxDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVLLG1CQUFtQixDQUFDLEVBQ3hCLGFBQWEsRUFDYixzQkFBc0IsRUFDdEIseUJBQXlCLEVBQ3pCLG9CQUFvQixFQUNwQixvQkFBb0IsR0FDRjs7WUFDbEIsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDMUQsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFFOUQsNENBQTRDO1lBQzVDLE1BQU0sK0JBQStCLEdBQ25DLENBQUMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNuQyxPQUFPLENBQUMsR0FBRyxFQUNYLHNCQUFzQixDQUN2QixDQUFxQyxDQUFDO1lBRXpDLG9HQUFvRztZQUNwRyxNQUFNLDhCQUE4QixHQUFHLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUNyRSxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FBQywrQkFBK0IsQ0FBQyxLQUFLLENBQUMsRUFDcEUsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsK0JBQStCLENBQUMsVUFBVSxDQUFDLEVBQ3pFLHlCQUF5QixDQUMxQixDQUFDO1lBRUYsNEVBQTRFO1lBQzVFLElBQ0UsK0JBQStCLENBQUMsS0FBSztnQkFDckMsOEJBQThCLENBQUMsS0FBSyxFQUNwQztnQkFDQSxNQUFNLElBQUksdUJBQXVCLENBQy9CLHVGQUF1RixDQUN4RixDQUFDO2FBQ0g7WUFFRCw4REFBOEQ7WUFDOUQsa0ZBQWtGO1lBQ2xGLDhGQUE4RjtZQUU5RiwrQ0FBK0M7WUFDL0MsdUVBQXVFO1lBQ3ZFLGlDQUFpQztZQUVqQyxxREFBcUQ7WUFDckQsTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDakUsTUFBTSxlQUFlLEdBQUcsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQ25ELDhCQUE4QixDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQ2hELENBQUM7WUFDRixNQUFNLFlBQVksR0FBRyxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FDaEQsOEJBQThCLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FDN0MsQ0FBQztZQUVGLE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUMxRCxlQUFlLENBQUMsR0FBRyxFQUNuQixZQUFZLENBQUMsTUFBTSxFQUFFLENBQ3RCLENBQUM7WUFDRixNQUFNLHFCQUFxQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FDN0QsZUFBZSxDQUFDLEdBQUcsRUFDbkIsZUFBZSxDQUFDLE1BQU0sRUFBRSxDQUN6QixDQUFDO1lBRUYsTUFBTSxTQUFTLEdBQUcsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQzdDLDhCQUE4QixDQUFDLFNBQVMsQ0FDekMsQ0FBQztZQUNGLE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUM3RCxPQUFPLENBQUMsR0FBRyxFQUNYLFNBQVMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ3ZCLENBQUM7WUFFRixNQUFNLFdBQVcsR0FBRyxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FDL0MsOEJBQThCLENBQUMsV0FBVyxDQUMzQyxDQUFDO1lBQ0YsTUFBTSxvQkFBb0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQy9ELFNBQVMsQ0FBQyxHQUFHLEVBQ2IsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDekIsQ0FBQztZQUVGLElBQUksK0JBQStCLENBQUM7WUFDcEMsSUFBSSxvQkFBb0IsRUFBRTtnQkFDeEIsYUFBYTtnQkFDYixNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBRXRELCtCQUErQixHQUFHO29CQUNoQyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUNoQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2xDLE9BQU8sQ0FBQyxHQUFHLEVBQ1gsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDekIsQ0FDRjtvQkFDRCxxQkFBcUIsRUFBRSxPQUFPLENBQUMsRUFBRTtvQkFDakMsa0JBQWtCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FDaEMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNsQyxXQUFXLEVBQ1gsb0JBQW9CLENBQUMsMkJBQTJCLENBQ2pELENBQ0Y7aUJBQ0YsQ0FBQzthQUNIO1lBRUQsd0RBQXdEO1lBQ3hELElBQUksK0JBQStCLENBQUM7WUFDcEMsSUFBSSxxQ0FBcUMsQ0FBQztZQUMxQyxJQUFJLCtCQUErQixDQUFDLG9CQUFvQixFQUFFO2dCQUN4RCx5R0FBeUc7Z0JBQ3pHLFdBQVc7Z0JBQ1gsTUFBTSw0QkFBNEIsR0FDaEMsK0JBQStCLENBQUMsb0JBQW9CLENBQUM7Z0JBQ3ZELE1BQU0sUUFBUSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDbkQsTUFBTSxlQUFlLEdBQUcsTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLENBQ25ELDhCQUE4QixDQUFDLFNBQVMsQ0FBQyxXQUFXLENBQUMsZUFBZSxDQUNyRSxDQUFDO2dCQUVGLE1BQU0sZUFBZSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQ3BDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsR0FBRyxFQUFFLFFBQVEsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FDekUsQ0FBQztnQkFFRix1REFBdUQ7Z0JBQ3ZELE1BQU0sd0JBQXdCLEdBQzVCLENBQUEsb0JBQW9CLGFBQXBCLG9CQUFvQix1QkFBcEIsb0JBQW9CLENBQUUsd0JBQXdCO29CQUM5Qyw0QkFBNEIsQ0FBQyx3QkFBd0IsQ0FBQztnQkFFeEQsTUFBTSxlQUFlLEdBQUcsd0JBQXdCO29CQUM5QyxDQUFDLENBQUMsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLGVBQWUsQ0FDakMsUUFBUSxFQUNSLHdCQUF3QixDQUN6QjtvQkFDSCxDQUFDLENBQUMsRUFBRSxDQUFDO2dCQUVQLCtCQUErQixHQUFHO29CQUNoQyxlQUFlO29CQUNmLGtCQUFrQixFQUFFLE9BQU8sQ0FBQyxFQUFFO29CQUM5QixlQUFlO2lCQUNoQixDQUFDO2dCQUVGLHFDQUFxQyxHQUFHO29CQUN0QyxRQUFRLEVBQUUsZUFBZSxDQUFDLEVBQUU7aUJBQzdCLENBQUM7Z0JBRUYsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNELGVBQWUsRUFDZiw0QkFBNEIsQ0FBQyx5QkFBeUIsQ0FDdkQsQ0FBQztnQkFDRixxQ0FBcUMsQ0FBQyxtQkFBbUI7b0JBQ3ZELElBQUksQ0FBQyxTQUFTLENBQ1osTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUMvQixlQUFlLENBQUMsR0FBRyxFQUNuQixnQkFBZ0IsQ0FDakIsQ0FDRixDQUFDO2FBQ0w7WUFFRCxzR0FBc0c7WUFDdEcsbUNBQW1DO1lBRW5DLE9BQU8sSUFBSSxVQUFVLENBQUM7Z0JBQ3BCLFFBQVEsRUFBRSw4QkFBOEI7Z0JBQ3hDLFNBQVMsRUFBRTtvQkFDVCxLQUFLLEVBQUU7d0JBQ0wsYUFBYTt3QkFDYixTQUFTLEVBQUUsT0FBTyxDQUFDLEVBQUU7d0JBQ3JCLFdBQVcsRUFBRSxTQUFTLENBQUMsRUFBRTt3QkFDekIsaUJBQWlCLEVBQUUsZUFBZSxDQUFDLEVBQUU7d0JBQ3JDLGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsa0JBQWtCLENBQUM7d0JBQ3RELHFCQUFxQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMscUJBQXFCLENBQUM7d0JBQzVELGtCQUFrQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsa0JBQWtCLENBQUM7d0JBQ3RELG9CQUFvQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsb0JBQW9CLENBQUM7d0JBQzFELDBCQUEwQixFQUFFLCtCQUErQjt3QkFDM0QsMEJBQTBCLEVBQUUsK0JBQStCO3dCQUMzRCxnQ0FBZ0MsRUFDOUIscUNBQXFDO3FCQUN4QztpQkFDRjthQUNGLENBQUMsQ0FBQztRQUNMLENBQUM7S0FBQTtDQUNGLENBQUE7OztZQTl2QkEsVUFBVSxTQUFDO2dCQUNWLFVBQVUsRUFBRSxNQUFNO2FBQ25COzs7WUF6SjhCLE1BQU07WUFBaEIsUUFBUTtZQWFwQixpQkFBaUI7WUFFakIsVUFBVTtZQUxqQixpQkFBaUI7WUFJVixlQUFlOztBQTRJWCxtQkFBbUI7SUFOL0IsaUJBQWlCLENBQUM7UUFDakIsVUFBVSxFQUFFLFFBQVE7S0FDckIsQ0FBQztHQUlXLG1CQUFtQixDQTJ2Qi9CO1NBM3ZCWSxtQkFBbUIiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBJbmplY3RhYmxlLCBJbmplY3RvciwgTmdab25lIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XG5pbXBvcnQgeyBKV0sgfSBmcm9tICdub2RlLWpvc2UnO1xuaW1wb3J0IHsgTHJNdXRhdGlvbiwgTHJTZXJ2aWNlIH0gZnJvbSAnLi4vYXBpL2xyLWdyYXBocWwnO1xuaW1wb3J0IHtcbiAgQ29udGFjdENhcmRTaGFyZWRDaXBoZXJEYXRhLFxuICBKU09OT2JqZWN0LFxuICBPdEtleUNpcGhlckNsZWFySnNvbjIsXG59IGZyb20gJy4uL2FwaS90eXBlcyc7XG5pbXBvcnQgeyBPd25lclBsYWluRGF0YUpzb24gfSBmcm9tICcuLi9jb250YWN0LWNhcmQvY29udGFjdC1jYXJkMi5zZXJ2aWNlJztcbmltcG9ydCB7XG4gIEVuY3J5cHRpb25TZXJ2aWNlLFxuICBKb3NlU2VyaWFsaXphdGlvbixcbn0gZnJvbSAnLi4vZW5jcnlwdGlvbi9lbmNyeXB0aW9uLnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5RmFjdG9yeVNlcnZpY2UgfSBmcm9tICcuLi9rZXkva2V5LWZhY3Rvcnkuc2VydmljZSc7XG5pbXBvcnQgeyBLZXlHcmFwaFNlcnZpY2UgfSBmcm9tICcuLi9rZXkva2V5LWdyYXBoLnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5U2VydmljZSB9IGZyb20gJy4uL2tleS9rZXkuc2VydmljZSc7XG5pbXBvcnQgeyBMckNvZGVNaXNtYXRjaEV4Y2VwdGlvbiB9IGZyb20gJy4uL19jb21tb24vZXhjZXB0aW9ucyc7XG5pbXBvcnQgeyBSdW5PdXRzaWRlQW5ndWxhciB9IGZyb20gJy4uL19jb21tb24vcnVuLW91dHNpZGUtYW5ndWxhcic7XG5pbXBvcnQge1xuICBDYW5jZWxLZXlFeGNoYW5nZU11dGF0aW9uLFxuICBDb21wbGV0ZUtleUV4Y2hhbmdlT3RrTXV0YXRpb24sXG4gIEN1cnJlbnRVc2VyU2hhcmVkS2V5UXVlcnkyLFxuICBEZWNsaW5lS2V5RXhjaGFuZ2VNdXRhdGlvbixcbiAgSW5pdGlhdGVLZXlFeGNoYW5nZU90a011dGF0aW9uLFxuICBLZXlFeGNoYW5nZUZyYWdtZW50LFxuICBLZXlFeGNoYW5nZVF1ZXJ5MixcbiAgS2V5RXhjaGFuZ2VzUXVlcnkyLFxuICBLZXlFeGNoYW5nZVN0YXRlMixcbiAgS2V5RXhjaGFuZ2VUb2tlblF1ZXJ5MixcbiAgUmVzcG9uZEtleUV4Y2hhbmdlT3RrTXV0YXRpb24sXG59IGZyb20gJy4va2V5LWV4Y2hhbmdlMi5ncWwnO1xuXG4vKipcbiAqIFRoZSBkZWNyeXB0ZWQgY29udGVudCBvZiB0aGUgb25lLXRpbWUga2V5IGNpcGhlcjtcbiAqIFdoZW4gdXNlciBzdXBwbGllcyB0aGlzIGluZm9ybWF0aW9uIHRoZSBsaWIgZG9lc24ndCBuZWVkIHRvIGRvIGFub3RoZXIgQVBJIGNhbGxcbiAqIHRvIGZldGNoIHRoZSBrZXkgZXhjaGFuZ2Ugbm9kZS4gQW5kIHNpbmNlIHRoZSB0eXBpY2FsIHVzZSBjYXNlIGlzIHRvIGRpc3BsYXlcbiAqIHNvbWUgaW5mb3JtYXRpb24gdG8gdGhlIHVzZXIsIHRoZSBrZXkgZXhjaGFuZ2Ugbm9kZSB3b3VsZCBhbHJlYWR5IGhhdmUgYmVlblxuICogZmV0Y2hlZCBhbmQgZGVjcnlwdGVkLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIERlY3J5cHRlZE90azIge1xuICBvdEtleUNpcGhlckNsZWFySnNvbjogT3RLZXlDaXBoZXJDbGVhckpzb24yO1xuICBvdEtleTogSldLLktleTsgLy8gVGhlIG9uZS10aW1lIGtleVxufVxuXG5leHBvcnQgaW50ZXJmYWNlIENvbnRhY3RDYXJkUmVjZWl2ZXJDaXBoZXJEYXRhIHtcbiAgLy8gVGhlIHJlY2VpdmVyIG9mIHRoZSBjb250YWN0IGNhcmQga2VlcHMgYSBjb3B5XG4gIC8vIG9mIHRoZSBvd25lcidzIGNvbnRhY3QgY2FyZCBpbmZvcm1hdGlvbiwgZW5jcnlwdGVkIHVzaW5nIHRoZSByZWNlaXZlcidzIGtleXMuIFNvIHRoYXQgd2hlblxuICAvLyB0aGUgb3duZXIgZGVjaWRlcyB0byB1cGRhdGUgdGhlaXIgc2hhcmVkIGNvbnRhY3QgY2FyZCBhdCBhIGxhdGVyIGRhdGUsIHRoZSByZWNlaXZlciBjYW5cbiAgLy8gY29tcGFyZSBhZ2FpbnN0IHRoZSBvcmlnaW5hbCBjb250YWN0IGNhcmQgc2VudCBkdXJpbmcga2V5IGV4Y2hhbmdlLiBUaGlzIHdheSwgdGhlIG93bmVyXG4gIC8vIGNhbid0IHVuaWxhdGVyYWxseSB1cGRhdGUgdGhlaXIgc2hhcmVkIGNvbnRhY3QgY2FyZCB3aXRob3V0IHRoZSByZWNlaXZlciBrbm93aW5nIGFib3V0IGl0LlxuICByZWNlaXZlckNpcGhlckRhdGFDbGVhckpzb246IEpTT05PYmplY3Q7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ29udGFjdENhcmRPd25lclBsYWluRGF0YSB7XG4gIC8vIEFjY2Vzc2libGUgYnkgdGhlIHNlcnZlciBhbmQgdGhlIG93bmVyLiBTZXJ2ZXIgc2lkZSBub3RpZmljYXRpb24gZW1haWxzIG5lZWQgdG8ga25vdyBzb21lXG4gIC8vIGluZm9ybWF0aW9uIGFib3V0IHRoZSBvd25lci5cbiAgLy8gVGhlIG93bmVyIGNvdWxkIGVpdGhlciBiZSB0aGUgaW5pdGlhdG9yIG9yIHRoZSByZXNwb25kZXIuXG4gIG93bmVyUGxhaW5EYXRhSnNvbjogT3duZXJQbGFpbkRhdGFKc29uO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIENvbnRhY3RDYXJkT3duZXJDaXBoZXJEYXRhIHtcbiAgLy8gT3duZXIgb25seSBhY2Nlc3MgdG8gdGhpcyBkYXRhXG4gIG93bmVyQ2lwaGVyRGF0YUNsZWFySnNvbjogSlNPTk9iamVjdDtcbn1cblxuLyoqXG4gKiBTZW5kaW5nIGNvbnRhY3QgY2FyZCBpbmZvcm1hdGlvbiBmcm9tIHRoZSBvd25lciB0byB0aGUgcmVjZWl2ZXIuXG4gKi9cbmV4cG9ydCB0eXBlIFNlbmRDb250YWN0Q2FyZElucHV0ID0gQ29udGFjdENhcmRPd25lclBsYWluRGF0YSAmXG4gIENvbnRhY3RDYXJkT3duZXJDaXBoZXJEYXRhICZcbiAgQ29udGFjdENhcmRTaGFyZWRDaXBoZXJEYXRhO1xuXG5leHBvcnQgaW50ZXJmYWNlIEluaXRpYXRlT3RrSW5wdXQyIHtcbiAgLy8gTm90ZSB0aGF0IGlmIG5laXRoZXIgZW1haWwgbm9yIHJlc3BvbmRlclVzZXJuYW1lIGFyZSBnaXZlbiwgdGhlIG9uZS10aW1lIGtleVxuICAvLyBjYW4gc3RpbGwgYmUgc2VudCB0byB0aGUgcmVzcG9uZGVyIHZpYSBPT0JcbiAgZW1haWw/OiBzdHJpbmc7XG4gIG1lc3NhZ2U/OiBKU09OT2JqZWN0O1xuICBjb250YWN0Q2FyZD86IFNlbmRDb250YWN0Q2FyZElucHV0O1xuICAvLyBJZiBUcnVlLCB0byB1cGdyYWRlIGFuIGVtYWlsIGludml0ZSB0byBhbiBleGlzdGluZyB1c2VyIGludml0ZSBpZiB0aGUgZW1haWxcbiAgLy8gaXMgYWxyZWFkeSBhc3NvY2lhdGVkIHdpdGggYW4gZXhpc3RpbmcgdXNlci5cbiAgdXBncmFkZT86IGJvb2xlYW47XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUmVzcG9uZE90a0lucHV0MiB7XG4gIGtleUV4Y2hhbmdlSWQ6IHN0cmluZztcbiAgdG9rZW46IHN0cmluZztcbiAgZGVjcnlwdGVkT3RrOiBEZWNyeXB0ZWRPdGsyO1xuICBtZXNzYWdlPzogSlNPTk9iamVjdDtcbiAgLy8gVGhlIGluaXRpYXRvciBpcyB0aGUgb3duZXIgZm8gdGhlIGluaXRpYXRvckNvbnRhY3RDYXJkLCB0aGUgcmVzcG9uZGVyXG4gIC8vIGlzIHRoZSByZWNlaXZlci5cbiAgaW5pdGlhdG9yQ29udGFjdENhcmQ/OiBDb250YWN0Q2FyZFJlY2VpdmVyQ2lwaGVyRGF0YTtcbiAgcmVzcG9uZGVyQ29udGFjdENhcmQ/OiBTZW5kQ29udGFjdENhcmRJbnB1dDtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBDb21wbGV0ZU90a0lucHV0MiB7XG4gIGtleUV4Y2hhbmdlSWQ6IHN0cmluZztcbiAgLy8gVGhpcyBpcyBhIHBhcnQgb2YgdGhlIGtleSBleGNoYW5nZSBkYXRhLiBJdCdzIGVuY3J5cHRlZCB1c2luZyB0aGUgcm9vdCBrZXlcbiAgaW5pdGlhdG9yUm9vdEtleUNpcGhlcjogc3RyaW5nO1xuICAvLyBUaGlzIGlzIGEgcGFydCBvZiB0aGUga2V5IGV4Y2hhbmdlIGRhdGEuIEl0J3MgZW5jcnlwdGVkIHVzaW5nIHRoZSBvbmUtdGltZSBrZXkuXG4gIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXI6IHN0cmluZztcbiAgLy8gVGhlIHJlc3BvbmRlciBpcyB0aGUgb3duZXIgZm8gdGhlIHJlc3BvbmRlckNvbnRhY3RDYXJkLCB0aGUgaW5pdGlhdG9yXG4gIC8vIGlzIHRoZSByZWNlaXZlci5cbiAgcmVzcG9uZGVyQ29udGFjdENhcmQ/OiBDb250YWN0Q2FyZFJlY2VpdmVyQ2lwaGVyRGF0YTtcbiAgLy8gVGhlIGluaXRpYXRvciBjYW4gdXBkYXRlIHRoZSBjaXBoZXIgZGF0YSB0aGF0IGFyZSBvbmx5IHZpc2libGUgdG8gdGhlbS4gSXQgbWFrZXNcbiAgLy8gbGVzcyBzZW5zZSB0byB1cGRhdGUgdGhlIHNoYXJlZCBkYXRhIGJlY2F1c2UgdGhlIHJlc3BvbmRlciB3b3VsZCBoYXZlIGFscmVhZHkgc2VlblxuICAvLyB0aGUgc2hhcmVkIGRhdGEgYW5kIGFjY2VwdGVkIHRoYXQgaXQncyBsZWdpdC5cbiAgLy8gQnV0IGluIGFueSBjYXNlLCB0aGUgaW5pdGlhdG9yIGNhbiB1cGRhdGUgdGhlIHNoYXJlZCBjb250YWN0IGNhcmQgaW5mbyBhdCBhbnkgdGltZS5cbiAgaW5pdGlhdG9yQ29udGFjdENhcmQ/OiBDb250YWN0Q2FyZE93bmVyQ2lwaGVyRGF0YTtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBJbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uMiB7XG4gIG5vbmNlOiBzdHJpbmc7XG4gIG9uZVRpbWVQcms6IFJlY29yZDxzdHJpbmcsIEpTT05PYmplY3Q+OyAvLyBvbmUtdGltZSBwdWJsaWMgZW5jcnlwdGlvbiBrZXkgcmVzcG9uZGVyIHVzZSB0byBzZW5kIGRhdGEgYmFjayB0byBpbml0aWF0b3JcbiAgb3RLZXk6IFJlY29yZDxzdHJpbmcsIEpTT05PYmplY3Q+OyAvLyBvbmUtdGltZSBzeW1tZXRyaWMga2V5IHRoYXQgbmVlZHMgdG8gYmUgc2hhcmVkIE9PQlxuICBpbml0aWF0b3JDb250YWN0Q2FyZD86IENvbnRhY3RDYXJkT3duZXJDaXBoZXJEYXRhICZcbiAgICBDb250YWN0Q2FyZFNoYXJlZENpcGhlckRhdGE7XG4gIGluaXRpYXRvcjoge1xuICAgIG1lc3NhZ2U/OiBKU09OT2JqZWN0O1xuICAgIGNvbnRhY3RDYXJkPzogQ29udGFjdENhcmRTaGFyZWRDaXBoZXJEYXRhO1xuICB9O1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIEluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb24ge1xuICBub25jZTogc3RyaW5nO1xuICBzaGFyZWRLZXk6IFJlY29yZDxzdHJpbmcsIEpTT05PYmplY3Q+O1xuICBta1NoYXJlZEtleTogUmVjb3JkPHN0cmluZywgSlNPTk9iamVjdD47XG4gIHJlc3BvbmRlcjoge1xuICAgIHBiazogUmVjb3JkPHN0cmluZywgSlNPTk9iamVjdD47XG4gICAgc2lnUGJrOiBSZWNvcmQ8c3RyaW5nLCBKU09OT2JqZWN0PjtcbiAgICBtZXNzYWdlPzogSlNPTk9iamVjdDtcbiAgICBjb250YWN0Q2FyZD86IENvbnRhY3RDYXJkU2hhcmVkQ2lwaGVyRGF0YSAmIHtcbiAgICAgIC8vIE5vdGUgdGhhdCB0aGlzIGlzIF9ub3RfIHRoZSBzYW1lIGtleSBhcyB0aGUgc2hhcmVkS2V5LiBUaGUgc2hhcmVkS2V5IHdyYXBzXG4gICAgICAvLyB0aGlzIGtleSBpbiB0aGUga2V5IGdyYXBoLiBCdXQgYmVjYXVzZSB0aGlzIGtleSBoYXMgbm90IGJlZW4gZW50ZXJlZCBpbnRvXG4gICAgICAvLyB0aGUga2V5IGdyYXBoIHdoZW4gdGhlIHJlc3BvbmRlciBjYWxscyB0aGUgQVBJLCB3ZSBwYXNzIHRoZSBKV0sgZGlyZWN0bHkgaGVyZS5cbiAgICAgIHNoYXJlZENpcGhlcktleTogUmVjb3JkPHN0cmluZywgSlNPTk9iamVjdD47XG4gICAgfTtcbiAgfTtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBHZXRLZXlFeGNoYW5nZU9wdGlvbnMyIHtcbiAgLy8gVGhlIG90S2V5IGFzIGEgcmF3IHN0cmluZy4gaS5lLiBrZXkudG9KU09OKHRydWUpLmtcbiAgb3RLZXlLPzogc3RyaW5nO1xuICAvLyBVc2VyIG5lZWQgdGhlIHRva2VuIGlmIHRoZXkgaGF2ZSBub3QgcmVzcG9uZGVkIHRvIHRoZSBrZXkgZXhjaGFuZ2UgeWV0LlxuICAvLyBPbmNlIHRoZXkndmUgcmVzcG9uZGVkIChoZW5jZSBwcm92ZW4gdGhleSBoYXZlIHRoZSBPT0IgS2V5KSB0aGV5IGJlY29tZVxuICAvLyB0aGUgXCJyZXNwb25kZXJcIiBvZiB0aGlzIGV4Y2hhbmdlLCBhbmQgY2FuIGFjY2VzcyBpdCB3aGVuIHNpZ25lZCBpbi5cbiAgdG9rZW4/OiBzdHJpbmc7XG59XG5cbkBSdW5PdXRzaWRlQW5ndWxhcih7XG4gIG5nWm9uZU5hbWU6ICduZ1pvbmUnLFxufSlcbkBJbmplY3RhYmxlKHtcbiAgcHJvdmlkZWRJbjogJ3Jvb3QnLFxufSlcbmV4cG9ydCBjbGFzcyBLZXlFeGNoYW5nZTJTZXJ2aWNlIGV4dGVuZHMgTHJTZXJ2aWNlIHtcbiAgcHJpdmF0ZSByZWFkb25seSBDTElFTlRfTk9OQ0VfTEVOR1RIID0gMzI7XG5cbiAgY29uc3RydWN0b3IoXG4gICAgcHJpdmF0ZSBuZ1pvbmU6IE5nWm9uZSxcbiAgICBwcml2YXRlIGluamVjdG9yOiBJbmplY3RvcixcbiAgICBwcml2YXRlIGtleUZhY3Rvcnk6IEtleUZhY3RvcnlTZXJ2aWNlLFxuICAgIHByaXZhdGUga2V5U2VydmljZTogS2V5U2VydmljZSxcbiAgICBwcml2YXRlIGVuY3J5cHRpb25TZXJ2aWNlOiBFbmNyeXB0aW9uU2VydmljZSxcbiAgICBwcml2YXRlIGtleUdyYXBoOiBLZXlHcmFwaFNlcnZpY2VcbiAgKSB7XG4gICAgc3VwZXIoaW5qZWN0b3IpO1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBnZXRPdEtleShcbiAgICBrZXlFeGNoYW5nZTogS2V5RXhjaGFuZ2VGcmFnbWVudCxcbiAgICBvdEtleUs/OiBzdHJpbmdcbiAgKTogUHJvbWlzZTxKV0suS2V5PiB7XG4gICAgaWYgKG90S2V5Sykge1xuICAgICAgcmV0dXJuIGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KHtcbiAgICAgICAgLi4uSlNPTi5wYXJzZShrZXlFeGNoYW5nZS5vdGsub3RLZXlQYXJhbXMpLFxuICAgICAgICBrOiBvdEtleUssXG4gICAgICB9KTtcbiAgICB9IGVsc2UgaWYgKFxuICAgICAga2V5RXhjaGFuZ2Uub3RrLnN0YXRlID09PSAnT1RLX0lOSVRJQVRFRCcgJiZcbiAgICAgICFrZXlFeGNoYW5nZS5pc0luaXRpYXRvciAmJlxuICAgICAga2V5RXhjaGFuZ2Uub3RrLnJlc3BvbmRlclBia0NpcGhlclxuICAgICkge1xuICAgICAgLy8gQXNzdW1pbmcgZXhpc3RpbmcgdXNlciBnZXR0aW5nIGludml0ZWQgd2hlcmUgT1RLIGlzIHdyYXBwZWQgaW4gcmVzcG9uZGVyJ3MgcHVibGljIGtleS5cbiAgICAgIGNvbnN0IHByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50UHhrKCk7XG4gICAgICBjb25zdCBkZWNyeXB0ZWRDaXBoZXIgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXG4gICAgICAgIHByay5qd2ssXG4gICAgICAgIEpTT04ucGFyc2Uoa2V5RXhjaGFuZ2Uub3RrLnJlc3BvbmRlclBia0NpcGhlciksXG4gICAgICAgIHtcbiAgICAgICAgICBzZXJpYWxpemF0aW9uczogW0pvc2VTZXJpYWxpemF0aW9uLkNPTVBBQ1RdLFxuICAgICAgICB9XG4gICAgICApO1xuICAgICAgaWYgKGRlY3J5cHRlZENpcGhlci5vdEtleSkge1xuICAgICAgICByZXR1cm4gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoZGVjcnlwdGVkQ2lwaGVyLm90S2V5KTtcbiAgICAgIH1cbiAgICB9XG4gICAgcmV0dXJuIG51bGw7XG4gIH1cblxuICBwcml2YXRlIGFzeW5jIGRlY3J5cHRPdGsoXG4gICAga2V5RXhjaGFuZ2U6IEtleUV4Y2hhbmdlRnJhZ21lbnQsXG4gICAgb3RLZXlLPzogc3RyaW5nXG4gICk6IFByb21pc2U8S2V5RXhjaGFuZ2VGcmFnbWVudD4ge1xuICAgIGNvbnN0IG90S2V5ID0gYXdhaXQgdGhpcy5nZXRPdEtleShrZXlFeGNoYW5nZSwgb3RLZXlLKTtcblxuICAgIGxldCBvdGsgPSBrZXlFeGNoYW5nZS5vdGs7XG5cbiAgICBpZiAob3RLZXkgJiYgb3RrLm90S2V5Q2lwaGVyKSB7XG4gICAgICBvdGsgPSB7XG4gICAgICAgIC4uLm90ayxcbiAgICAgICAgb3RLZXksXG4gICAgICAgIG90S2V5Q2lwaGVyQ2xlYXJKc29uOiBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXG4gICAgICAgICAgb3RLZXksXG4gICAgICAgICAga2V5RXhjaGFuZ2Uub3RrLm90S2V5Q2lwaGVyXG4gICAgICAgICksXG4gICAgICB9O1xuICAgIH1cblxuICAgIHJldHVybiB7XG4gICAgICAuLi5rZXlFeGNoYW5nZSxcbiAgICAgIG90ayxcbiAgICB9O1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBkZWNyeXB0UmVzcG9uc2VDaXBoZXIoXG4gICAgb3RLZXk6IEpXSy5LZXksXG4gICAgb3RQcms6IEpXSy5LZXksXG4gICAgY29udGVudDogSlNPTk9iamVjdFxuICApOiBQcm9taXNlPEluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb24+IHtcbiAgICAvLyBUaGUgcmVzcG9uc2UgY291bGQgYmUgd3JhcHBlZCBieSB0aGUgT3RLIGluIGFkZGl0aW9uIHRvIHRoZSBPdFBia1xuICAgIHRyeSB7XG4gICAgICBjb250ZW50ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KG90S2V5LCBjb250ZW50KTtcbiAgICB9IGNhdGNoIChlcnJvcikge1xuICAgICAgaWYgKGVycm9yLm1lc3NhZ2UgIT09ICdubyBrZXkgZm91bmQnKSB7XG4gICAgICAgIHRocm93IGVycm9yO1xuICAgICAgfVxuICAgICAgLy8gRG8gbm90aGluZyB0byBzdXBwb3J0IG9sZGVyIHZlcnNpb25zIHdoZXJlIG1lc3NhZ2UgaXMgbm90IHdyYXBwZWQgd2l0aCBvdGsuXG4gICAgfVxuXG4gICAgLy8gVGhlIFByayBpcyBzaW5nbGUtdXNlIGFuZCBvbmx5IHVzZWQgdG8gc2VuZCBpbmZvcm1hdGlvbiBmcm9tIHRoZSByZXNwb25kZXIgYmFjayB0byB0aGUgaW5pdGlhdG9yLlxuICAgIHJldHVybiBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQob3RQcmssIGNvbnRlbnQpO1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBkZWNyeXB0S2V5RXhjaGFuZ2VBc0luaXRpYXRvcihcbiAgICBrZXlFeGNoYW5nZTogS2V5RXhjaGFuZ2VGcmFnbWVudFxuICApOiBQcm9taXNlPEtleUV4Y2hhbmdlRnJhZ21lbnQ+IHtcbiAgICBjb25zdCByb290S2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRSb290S2V5KCk7XG5cbiAgICAvLyBEZWNyeXB0IHVzaW5nIHRoZSByb290IGtleSB0byBnZXQgdGhlIFBya1xuICAgIGNvbnN0IGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24gPVxuICAgICAgKGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcbiAgICAgICAgcm9vdEtleS5qd2ssXG4gICAgICAgIGtleUV4Y2hhbmdlLmluaXRpYXRvclJvb3RLZXlDaXBoZXJcbiAgICAgICkpIGFzIEluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24yO1xuXG4gICAgY29uc3Qgb3RLZXkgPSBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShcbiAgICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24ub3RLZXlcbiAgICApO1xuXG4gICAga2V5RXhjaGFuZ2UgPSB7XG4gICAgICAuLi5rZXlFeGNoYW5nZSxcbiAgICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24sXG4gICAgfTtcblxuICAgIGxldCBvdGsgPSBrZXlFeGNoYW5nZS5vdGs7XG5cbiAgICBpZiAob3RrLmluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIpIHtcbiAgICAgIG90ayA9IHtcbiAgICAgICAgLi4ub3RrLFxuICAgICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uOiBhd2FpdCB0aGlzLmRlY3J5cHRSZXNwb25zZUNpcGhlcihcbiAgICAgICAgICBvdEtleSxcbiAgICAgICAgICBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShcbiAgICAgICAgICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24ub25lVGltZVBya1xuICAgICAgICAgICksXG4gICAgICAgICAgb3RrLmluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJcbiAgICAgICAgKSxcbiAgICAgIH07XG4gICAgfVxuXG4gICAgaWYgKG90ay5vdEtleUNpcGhlcikge1xuICAgICAgb3RrLm90S2V5Q2lwaGVyQ2xlYXJKc29uID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxuICAgICAgICBvdEtleSxcbiAgICAgICAgb3RrLm90S2V5Q2lwaGVyXG4gICAgICApO1xuICAgIH1cblxuICAgIHJldHVybiB7XG4gICAgICAuLi5rZXlFeGNoYW5nZSxcbiAgICAgIG90ayxcbiAgICB9O1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBkZWNyeXB0S2V5RXhjaGFuZ2VBc1Jlc3BvbmRlcihcbiAgICBrZXlFeGNoYW5nZTogS2V5RXhjaGFuZ2VGcmFnbWVudCxcbiAgICBvdEtleUs/OiBzdHJpbmdcbiAgKSB7XG4gICAgcmV0dXJuIHRoaXMuZGVjcnlwdE90ayhrZXlFeGNoYW5nZSwgb3RLZXlLKTtcbiAgfVxuXG4gIGFzeW5jIGRlY3J5cHRLZXlFeGNoYW5nZShrZXlFeGNoYW5nZTogS2V5RXhjaGFuZ2VGcmFnbWVudCwgb3RLZXlLPzogc3RyaW5nKSB7XG4gICAgaWYgKGtleUV4Y2hhbmdlLmlzSW5pdGlhdG9yKSB7XG4gICAgICByZXR1cm4gdGhpcy5kZWNyeXB0S2V5RXhjaGFuZ2VBc0luaXRpYXRvcihrZXlFeGNoYW5nZSk7XG4gICAgfSBlbHNlIHtcbiAgICAgIHJldHVybiB0aGlzLmRlY3J5cHRLZXlFeGNoYW5nZUFzUmVzcG9uZGVyKGtleUV4Y2hhbmdlLCBvdEtleUspO1xuICAgIH1cbiAgfVxuXG4gIGFzeW5jIGdldEtleUV4Y2hhbmdlcyh7IHN0YXRlIH06IHsgc3RhdGU/OiBLZXlFeGNoYW5nZVN0YXRlMiB9ID0ge30pIHtcbiAgICBjb25zdCB7IGtleUV4Y2hhbmdlcyB9ID0gYXdhaXQgdGhpcy5xdWVyeSh7XG4gICAgICBxdWVyeTogS2V5RXhjaGFuZ2VzUXVlcnkyLFxuICAgICAgdmFyaWFibGVzOiB7XG4gICAgICAgIHN0YXRlLFxuICAgICAgfSxcbiAgICB9KTtcblxuICAgIHJldHVybiBQcm9taXNlLmFsbChcbiAgICAgIGtleUV4Y2hhbmdlcy5lZGdlcy5tYXAoKGVkZ2UpID0+IHRoaXMuZGVjcnlwdEtleUV4Y2hhbmdlKGVkZ2Uubm9kZSkpXG4gICAgKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBAcGFyYW0gaWQgSWYgdGhlIGN1cnJlbnQgdXNlciBjYW4gcmVzcG9uZGVyIHRoZSBrZXkgZXhjaGFuZ2UgaWYgdGhleSBhcmUgZWl0aGVyIHRoZSBpbml0aWF0b3Igb3IgdGhlIHJlY2VpdmVyLlxuICAgKiBAcGFyYW0gdG9rZW4gSWYgbm90IHNpZ25lZCBpbiwgb3Igbm90IHRoZSBpbml0aWF0b3Igb3IgcmVzcG9uZGVyLCAndG9rZW4nIG11c3QgYmUgZ2l2ZW4uXG4gICAqIEBwYXJhbSBvdEtleUsgSXMgdGhlIHJhdyBvbmUtdGltZSBrZXkgKHN0cmluZykuIElmIHRoZSByZXNwb25kZXIgaXMgZXhwbGljaXRseSBzcGVjaWZpZWQgYXQgdGltZSBvZiBpbml0aWF0aW9uLCB0aGVuXG4gICAqICAgaXQncyBwb3NzaWJsZSB0byBoYXZlIHRoZSBvdEtleSB3cmFwcGVkIGJ5IHRoZSBwdWJsaWMga2V5IG9mIHRoZSByZXNwb25kZXIuIEluIHdoaWNoIGNhc2UsIHRoZSBvdEtleUsgaXMgbm90IG5lZWRlZC5cbiAgICovXG4gIGFzeW5jIGdldEtleUV4Y2hhbmdlKFxuICAgIGlkOiBzdHJpbmcsXG4gICAgeyBvdEtleUssIHRva2VuIH06IEdldEtleUV4Y2hhbmdlT3B0aW9uczIgPSB7fVxuICApIHtcbiAgICBjb25zdCByZXMgPSBhd2FpdCB0aGlzLnF1ZXJ5KHtcbiAgICAgIHF1ZXJ5OiB0b2tlbiA/IEtleUV4Y2hhbmdlVG9rZW5RdWVyeTIgOiBLZXlFeGNoYW5nZVF1ZXJ5MixcbiAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICBpZCxcbiAgICAgICAgdG9rZW4sXG4gICAgICB9LFxuICAgICAgaW5jbHVkZUtleUdyYXBoOiAhdG9rZW4sIC8vIGlmICF0b2tlbiB0aGVuIHdlIGFyZSBwb3N0IGF1dGgsIHNvIGNhbiBmZXRjaCBrZXlHcmFwaFxuICAgIH0pO1xuICAgIHJldHVybiB0aGlzLmRlY3J5cHRLZXlFeGNoYW5nZShyZXMua2V5RXhjaGFuZ2UsIG90S2V5Syk7XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgZ2V0Q3VycmVudFVzZXJTaGFyZWRLZXkoaW5wdXQ6IHtcbiAgICB1c2VybmFtZT86IHN0cmluZztcbiAgICB1c2VySWQ/OiBzdHJpbmc7XG4gIH0pIHtcbiAgICByZXR1cm4gdGhpcy5xdWVyeSh7XG4gICAgICBxdWVyeTogQ3VycmVudFVzZXJTaGFyZWRLZXlRdWVyeTIsXG4gICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgdXNlcm5hbWU6IGlucHV0LnVzZXJuYW1lLFxuICAgICAgICB1c2VySWQ6IGlucHV0LnVzZXJJZCxcbiAgICAgIH0sXG4gICAgfSk7XG4gIH1cblxuICAvLyBUT0RPOiBkZXByZWNhdGUgdGhpc1xuICBhc3luYyBjYW5jZWxLZXlFeGNoYW5nZShpZDogc3RyaW5nKSB7XG4gICAgcmV0dXJuIHRoaXMuY2FuY2VsS2V5RXhjaGFuZ2VNdXRhdGlvbihpZCk7XG4gIH1cblxuICBjYW5jZWxLZXlFeGNoYW5nZU11dGF0aW9uKGlkOiBzdHJpbmcpIHtcbiAgICByZXR1cm4gbmV3IExyTXV0YXRpb24oe1xuICAgICAgbXV0YXRpb246IENhbmNlbEtleUV4Y2hhbmdlTXV0YXRpb24sXG4gICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgaW5wdXQ6IHtcbiAgICAgICAgICBpZCxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfSk7XG4gIH1cblxuICBkZWNsaW5lS2V5RXhjaGFuZ2VFeGVjKGlkOiBzdHJpbmcsIHRva2VuOiBzdHJpbmcpIHtcbiAgICByZXR1cm4gdGhpcy5tdXRhdGUodGhpcy5kZWNsaW5lS2V5RXhjaGFuZ2VNdXRhdGlvbihpZCwgdG9rZW4pKTtcbiAgfVxuXG4gIC8vIFRPRE86IGRlcHJlY2F0ZSB0aGlzXG4gIGRlY2xpbmVLZXlFeGNoYW5nZShpZDogc3RyaW5nLCB0b2tlbjogc3RyaW5nKSB7XG4gICAgcmV0dXJuIHRoaXMuZGVjbGluZUtleUV4Y2hhbmdlTXV0YXRpb24oaWQsIHRva2VuKTtcbiAgfVxuXG4gIGRlY2xpbmVLZXlFeGNoYW5nZU11dGF0aW9uKGlkOiBzdHJpbmcsIHRva2VuOiBzdHJpbmcpIHtcbiAgICByZXR1cm4gbmV3IExyTXV0YXRpb24oe1xuICAgICAgbXV0YXRpb246IERlY2xpbmVLZXlFeGNoYW5nZU11dGF0aW9uLFxuICAgICAgdmFyaWFibGVzOiB7XG4gICAgICAgIGlucHV0OiB7XG4gICAgICAgICAgaWQsXG4gICAgICAgICAgdG9rZW4sXG4gICAgICAgIH0sXG4gICAgICB9LFxuICAgIH0pO1xuICB9XG5cbiAgYXN5bmMgaW5pdGlhdGVPdGtFeGVjKGlucHV0OiBJbml0aWF0ZU90a0lucHV0MiA9IHt9KSB7XG4gICAgcmV0dXJuIHRoaXMubXV0YXRlKChhd2FpdCB0aGlzLmluaXRpYXRlT3RrTXV0YXRpb24oaW5wdXQpKS5sck11dGF0aW9uKTtcbiAgfVxuXG4gIC8vIFRPRE8gZGVwcmVjYXRlIHRoaXNcbiAgaW5pdGlhdGVPdGsoaW5wdXQ6IEluaXRpYXRlT3RrSW5wdXQyID0ge30pIHtcbiAgICByZXR1cm4gdGhpcy5pbml0aWF0ZU90a011dGF0aW9uKGlucHV0KTtcbiAgfVxuXG4gIGFzeW5jIGluaXRpYXRlT3RrTXV0YXRpb24oe1xuICAgIG1lc3NhZ2UsXG4gICAgZW1haWwsXG4gICAgY29udGFjdENhcmQsXG4gICAgdXBncmFkZSxcbiAgfTogSW5pdGlhdGVPdGtJbnB1dDIgPSB7fSkge1xuICAgIGNvbnN0IG90S2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgIGNvbnN0IG5vbmNlID0gdGhpcy5rZXlGYWN0b3J5LnJhbmRvbVN0cmluZyh0aGlzLkNMSUVOVF9OT05DRV9MRU5HVEgpO1xuXG4gICAgLy8gTmV3IFBLQyBrZXkgZm9yIGVuY3J5cHRpb24uIFRoaXMga2V5IGlzIHVzZWQgb25seSBvbmNlIHdoZW4gdGhlIHJlc3BvbmRlciBzZW5kc1xuICAgIC8vIGJhY2sgdGhlaXIgc2lnbmluZyBwdWJsaWMga2V5LlxuICAgIGNvbnN0IGluaXRpYXRvck9uZVRpbWVQcmsgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlUGtjS2V5KCk7XG5cbiAgICAvLyBPcHRpb24gMTogTmV3IFBLQyBrZXkgZm9yIHNpZ25pbmdcbiAgICAvLyBjb25zdCBpbml0aWF0b3JTaWdQcmsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuY3JlYXRlUGtjU2lnbktleSgpO1xuXG4gICAgLy8gT3B0aW9uIDI6IFVzZSB0aGUgdXNlcidzIGdsb2JhbCBzaWduaW5nIGtleS5cbiAgICAvLyBUaGlzIGtleSBpcyB1c2VkIHRvIHByb3ZlIHRoZSBpbml0aWF0b3IncyBpZGVudGl0eS5cbiAgICBjb25zdCBpbml0aWF0b3JQcmsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFB4aygpO1xuICAgIGNvbnN0IGluaXRpYXRvclNpZ1ByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50U2lnUHhrKCk7XG5cbiAgICBsZXQgaW5pdGlhdG9yUGxhaW5EYXRhU2lnOiBzdHJpbmcgPSBudWxsO1xuXG4gICAgaWYgKGNvbnRhY3RDYXJkICYmIGNvbnRhY3RDYXJkLm93bmVyUGxhaW5EYXRhSnNvbikge1xuICAgICAgaW5pdGlhdG9yUGxhaW5EYXRhU2lnID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduVG9TdHJpbmcoXG4gICAgICAgIGluaXRpYXRvclNpZ1Byay5qd2ssXG4gICAgICAgIGNvbnRhY3RDYXJkLm93bmVyUGxhaW5EYXRhSnNvblxuICAgICAgKTtcbiAgICB9XG5cbiAgICBjb25zdCBpbml0aWF0b3IgPSB7XG4gICAgICBtZXNzYWdlLFxuICAgICAgY29udGFjdENhcmQ6IGNvbnRhY3RDYXJkICYmIHtcbiAgICAgICAgc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbjogY29udGFjdENhcmQuc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbixcbiAgICAgIH0sXG4gICAgfTtcblxuICAgIC8vIENvbnRlbnQgdG8gYmUgZW5jcnlwdGVkIHVzaW5nIHRoZSBPVEsuXG4gICAgY29uc3QgcGxhaW5PdEtleUNpcGhlcjogT3RLZXlDaXBoZXJDbGVhckpzb24yID0ge1xuICAgICAgLy8gVE9ETyBNYWtlIHN1cmUgd2UgYWxzbyBwdXQgdGhlIE9PQiBjb2RlIGluIGhlcmUgYXMgd2VsbCBzaW5jZSB0aGUgT09CIGNvZGUgaXMgdGhlXG4gICAgICAvLyBfb25seV8gaW5mb3JtYXRpb24gdGhlIEtDIHNlcnZlciBkb2VzIG5vdCBoYXZlIGFjY2VzcyB0by4gVGhlIHNlcnZlciBtYXkgaGF2ZVxuICAgICAgLy8gYWNjZXNzIHRvIE9USyBhbmQgaGVuY2UgdGhlIG5vbmNlIGhlcmUuIEl0J3MgZ29vZCB0byBoYXZlIGJvdGggdGhlIG5vbmNlIGFuZCBPT0IgY29kZVxuICAgICAgLy8gc2luY2UgdGhlIHVzZXIgbWF5IG5vdCBiZSB1c2luZyB0aGUgT09CIGNvZGUuIEFuZCBpdCdzIHNpbXBsZSB0byBhbHdheXMgaW5jbHVkZVxuICAgICAgLy8gdGhlIG5vbmNlLCBzbyB3aHkgbm90LlxuICAgICAgbm9uY2UsXG4gICAgICBpbml0aWF0b3I6IHtcbiAgICAgICAgLi4uaW5pdGlhdG9yLFxuICAgICAgICBvbmVUaW1lUGJrOiBpbml0aWF0b3JPbmVUaW1lUHJrLnRvSlNPTigpLCAvLyBvbmUtdGltZSBwdWJsaWMgZW5jcnlwdGlvbiBrZXkgcmVzcG9uZGVyIHVzZSB0byBzZW5kIGRhdGEgYmFjayB0byBpbml0aWF0b3JcbiAgICAgICAgcGJrOiBpbml0aWF0b3JQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMgZW5jcnlwdGlvbiBrZXlcbiAgICAgICAgc2lnUGJrOiBpbml0aWF0b3JTaWdQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMgc2lnbmluZyBrZXlcbiAgICAgIH0sXG4gICAgfTtcblxuICAgIGNvbnN0IG90S2V5Q2lwaGVyID0gYXdhaXQgdGhpcy5rZXlHcmFwaC5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICBvdEtleSxcbiAgICAgIHBsYWluT3RLZXlDaXBoZXJcbiAgICApO1xuXG4gICAgLy8gQ29udGVudCB0byBiZSBlbmNyeXB0ZWQgdXNpbmcgdGhlIGluaXRpYXRvcidzIHJvb3Qga2V5LlxuICAgIGNvbnN0IGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb246IEluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24yID0ge1xuICAgICAgbm9uY2UsXG4gICAgICBvbmVUaW1lUHJrOiBpbml0aWF0b3JPbmVUaW1lUHJrLnRvSlNPTih0cnVlKSxcbiAgICAgIC8vIFNob3VsZCBub3QgbmVlZCB0byBrZWVwIHRoaXMgZW5jcnlwdGVkIHNpbmNlIHdlIGFyZSB1c2luZyB0aGUgZ2xvYmFsIHNpZ25pbmcga2V5LlxuICAgICAgLy8gc2lnUHJrOiBpbml0aWF0b3JTaWdQcmsudG9KU09OKHRydWUpLFxuXG4gICAgICAvLyBTYXZlIGl0IGluIGNhc2UgdGhlIGluaXRpYXRvciB3YW50IHRvIGRlY29kZSB0aGUgb3RLZXlDaXBoZXIuXG4gICAgICAvLyBTaW5jZSB0aGUgb3RLZXkgaXMgb25seSB1c2VkIG9uY2UsIGFuZCB0aGF0IG90S2V5Q2lwaGVyIGNvbnRhaW5zIG9ubHlcbiAgICAgIC8vIHRoZSBwdWJsaWMga2V5IG9mIHRoZSBpbml0aWF0b3IsIGl0J3Mgc2FmZSBqdXN0IGxlYXZlIHRoZSBvdEtleSBzdG9yZWQgaGVyZS5cbiAgICAgIG90S2V5OiBvdEtleS50b0pTT04odHJ1ZSksXG4gICAgICAvLyBUaGVzZSBzaG91bGQgYmUgc3RvcmluZyBpbmZvcm1hdGlvbiBzdWNoIGFzIGhvdyB0aGUgZmllbGRzIG9mIHRoZSBzaGFyZWQgY29udGFjdCBjYXJkIGlzXG4gICAgICAvLyBkZXJpdmVkIGZyb20gdGhlIG1hc3RlciBjb250YWN0IGNhcmQuXG4gICAgICBpbml0aWF0b3JDb250YWN0Q2FyZDogY29udGFjdENhcmQsXG4gICAgICBpbml0aWF0b3IsXG4gICAgfTtcblxuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcbiAgICBjb25zdCBpbml0aWF0b3JSb290S2V5Q2lwaGVyID0gYXdhaXQgdGhpcy5rZXlHcmFwaC5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICByb290S2V5Lmp3ayxcbiAgICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb25cbiAgICApO1xuXG4gICAgLy8gVGhlIHJhdyBPVEtcbiAgICBjb25zdCBvdEtleUs6IHN0cmluZyA9IChvdEtleS50b0pTT04odHJ1ZSkgYXMgSlNPTk9iamVjdCkuaztcblxuICAgIC8vIEFQSSBjYWxsXG4gICAgY29uc3QgbHJNdXRhdGlvbiA9IG5ldyBMck11dGF0aW9uKHtcbiAgICAgIG11dGF0aW9uOiBJbml0aWF0ZUtleUV4Y2hhbmdlT3RrTXV0YXRpb24sXG4gICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgaW5wdXQ6IHtcbiAgICAgICAgICAvLyBUaGVzZSB3aWxsIGJlIHN0b3JlZCBvbiB0aGUgc2VydmVyXG4gICAgICAgICAgaW5pdGlhdG9yUm9vdEtleUNpcGhlcixcbiAgICAgICAgICBpbml0aWF0b3JQeGtJZDogaW5pdGlhdG9yUHJrLmlkLFxuICAgICAgICAgIGluaXRpYXRvclNpZ1B4a0lkOiBpbml0aWF0b3JTaWdQcmsuaWQsXG4gICAgICAgICAgLy8gVGhlc2Ugd2lsbCBiZSBzZW50IHRvIHRoZSByZXNwb25kZXJcbiAgICAgICAgICBvdEtleVBhcmFtczogSlNPTi5zdHJpbmdpZnkob3RLZXkudG9KU09OKCkpLFxuICAgICAgICAgIG90S2V5Q2lwaGVyLFxuICAgICAgICAgIHNlbmRFbWFpbDogZW1haWwgJiYge1xuICAgICAgICAgICAgZW1haWwsXG4gICAgICAgICAgICByYXdPdEtleTogb3RLZXlLLFxuICAgICAgICAgIH0sXG4gICAgICAgICAgY3JlYXRlVHA6IHRydWUsXG4gICAgICAgICAgaW5pdGlhdG9yUGxhaW5EYXRhU2lnLFxuICAgICAgICAgIHVwZ3JhZGUsXG4gICAgICAgIH0sXG4gICAgICB9LFxuICAgIH0pO1xuXG4gICAgcmV0dXJuIHsgbHJNdXRhdGlvbiwgb3RLZXlLIH07XG4gIH1cblxuICByZXNwb25kT3RrRXhlYyhpbnB1dDogUmVzcG9uZE90a0lucHV0Mikge1xuICAgIHJldHVybiB0aGlzLm11dGF0ZSh0aGlzLnJlc3BvbmRPdGtNdXRhdGlvbihpbnB1dCkpO1xuICB9XG5cbiAgLy8gVE9ETyBkZXByZWNhdGUgdGhpc1xuICByZXNwb25kT3RrKGlucHV0OiBSZXNwb25kT3RrSW5wdXQyKSB7XG4gICAgcmV0dXJuIHRoaXMucmVzcG9uZE90a011dGF0aW9uKGlucHV0KTtcbiAgfVxuXG4gIGFzeW5jIHJlc3BvbmRPdGtNdXRhdGlvbih7XG4gICAga2V5RXhjaGFuZ2VJZCxcbiAgICB0b2tlbixcbiAgICBkZWNyeXB0ZWRPdGssXG4gICAgbWVzc2FnZSxcbiAgICBpbml0aWF0b3JDb250YWN0Q2FyZCxcbiAgICByZXNwb25kZXJDb250YWN0Q2FyZCxcbiAgfTogUmVzcG9uZE90a0lucHV0Mikge1xuICAgIGNvbnN0IHJvb3RLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFJvb3RLZXkoKTtcblxuICAgIGNvbnN0IG1hc3RlcktleUlkID0gdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRNYXN0ZXJLZXkoKS5pZDtcbiAgICBjb25zdCBtYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudE1hc3RlcktleSgpO1xuXG4gICAgY29uc3Qgc2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgIGNvbnN0IG1rU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuXG4gICAgY29uc3QgcmtXcmFwcGVkU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgcm9vdEtleS5qd2ssXG4gICAgICBzaGFyZWRLZXkudG9KU09OKHRydWUpXG4gICAgKTtcbiAgICBjb25zdCBta1dyYXBwZWRNa1NoYXJlZEtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgIG1hc3RlcktleS5qd2ssXG4gICAgICBta1NoYXJlZEtleS50b0pTT04odHJ1ZSlcbiAgICApO1xuXG4gICAgY29uc3QgaW5pdGlhdG9yT25lVGltZVBiayA9IGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxuICAgICAgZGVjcnlwdGVkT3RrLm90S2V5Q2lwaGVyQ2xlYXJKc29uLmluaXRpYXRvci5vbmVUaW1lUGJrXG4gICAgKTtcblxuICAgIGNvbnN0IGluaXRpYXRvclBiayA9IGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxuICAgICAgZGVjcnlwdGVkT3RrLm90S2V5Q2lwaGVyQ2xlYXJKc29uLmluaXRpYXRvci5wYmtcbiAgICApO1xuICAgIGNvbnN0IGluaXRpYXRvclNpZ1BiayA9IGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxuICAgICAgZGVjcnlwdGVkT3RrLm90S2V5Q2lwaGVyQ2xlYXJKc29uLmluaXRpYXRvci5zaWdQYmtcbiAgICApO1xuXG4gICAgLy8gT3B0aW9uIDE6IFVzaW5nIG5ldyBQcmsgZm9yIGVhY2ggVFAgcGFpclxuICAgIC8vIENyZWF0ZSBhIG5ldyBwdWJsaWMgc2lnbmluZyBrZXkgZm9yIHRoZSByZXNwb25kZXIuXG4gICAgLy8gY29uc3QgcmVzcG9uZGVyU2lnUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmNyZWF0ZVBrY1NpZ25LZXkoKVxuICAgIC8vIGNvbnN0IHJrV3JhcHBlZFJlc3BvbmRlclNpZ1ByayA9IGF3YWl0IHRoaXMuZW5jcnlwdChyb290S2V5LCByZXNwb25kZXJTaWdQcmsudG9KU09OKHRydWUpKTtcblxuICAgIC8vIE9wdGlvbiAyOiBSZXNwb25kZXIgYWxyZWFkeSBoYXMgYSBzaWduaW5nIFBya1xuICAgIGNvbnN0IHJlc3BvbmRlclByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50UHhrKCk7XG4gICAgY29uc3QgcmVzcG9uZGVyU2lnUHJrID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRTaWdQeGsoKTtcblxuICAgIGNvbnN0IHNpZ25lZEluaXRpYXRvclBiayA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihcbiAgICAgIHJlc3BvbmRlclNpZ1Byay5qd2ssXG4gICAgICBpbml0aWF0b3JQYmsudG9KU09OKClcbiAgICApO1xuICAgIGNvbnN0IHNpZ25lZEluaXRpYXRvclNpZ1BiayA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihcbiAgICAgIHJlc3BvbmRlclNpZ1Byay5qd2ssXG4gICAgICBpbml0aWF0b3JTaWdQYmsudG9KU09OKClcbiAgICApO1xuXG4gICAgY29uc3QgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlckNsZWFySnNvbjogSW5pdGlhdG9yT25lVGltZVBia0NpcGhlckNsZWFySnNvbiA9XG4gICAgICB7XG4gICAgICAgIG5vbmNlOiBkZWNyeXB0ZWRPdGsub3RLZXlDaXBoZXJDbGVhckpzb24ubm9uY2UsXG4gICAgICAgIHNoYXJlZEtleTogc2hhcmVkS2V5LnRvSlNPTih0cnVlKSxcbiAgICAgICAgbWtTaGFyZWRLZXk6IG1rU2hhcmVkS2V5LnRvSlNPTih0cnVlKSxcbiAgICAgICAgcmVzcG9uZGVyOiB7XG4gICAgICAgICAgcGJrOiByZXNwb25kZXJQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMga2V5XG4gICAgICAgICAgc2lnUGJrOiByZXNwb25kZXJTaWdQcmsuandrLnRvSlNPTigpLCAvLyBwdWJsaWMga2V5XG4gICAgICAgICAgbWVzc2FnZSxcbiAgICAgICAgfSxcbiAgICAgIH07XG5cbiAgICBsZXQgcmVjZWl2ZWRDYXJkSW5wdXQ7XG4gICAgaWYgKGRlY3J5cHRlZE90ay5vdEtleUNpcGhlckNsZWFySnNvbi5pbml0aWF0b3IuY29udGFjdENhcmQpIHtcbiAgICAgIC8vIFNldCB0aGUgaW5mbyBhYm91dCB0aGUgaW5pdGlhdG9yIHRvIGJlIHRoZSBvbmVzIHNlbnQgYnkgdGhlIGluaXRpYXRvci4gV2UgbmVlZCB0aCByZXNwb25kZXIgdG8gZG8gdGhlIGVuY3J5cHRpb24gaGVyZVxuICAgICAgLy8gYmVjYXVzZSB0aGUgaW5pdGlhdG9yIGRvZXMgbm90IGhhdmUgdGhlIHNoYXJlZCBrZXkgeWV0LCBhbmQgd2Ugd2FudCB0aGUgcmVzcG9uZGVyIHRvIGhhdmUgYSBmdW5jdGlvbmFsIGNvbnRhY3QgY2FyZCBhZnRlclxuICAgICAgLy8gdGhpcyBleGNoYW5nZS4gVGhlIGluaXRpYXRvciBjYW4gZG91YmxlIGNoZWNrIHRoZSBjb250YWN0IGRldGFpbHMgYXJlIGNvcnJlY3QgYW5kIHNpZ24gaXQgd2hlbiBpdCBjb21wbGV0ZXMgdGhlIGV4Y2hhbmdlLlxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbiA9XG4gICAgICAgIGRlY3J5cHRlZE90ay5vdEtleUNpcGhlckNsZWFySnNvbi5pbml0aWF0b3IuY29udGFjdENhcmRcbiAgICAgICAgICAuc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbjtcblxuICAgICAgLy8gQ3JlYXRlIGtleXNcbiAgICAgIGNvbnN0IHJlY2VpdmVyS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgICAgY29uc3QgY2NTaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgICBjb25zdCBzaWdQeGsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFNpZ1B4aygpO1xuXG4gICAgICByZWNlaXZlZENhcmRJbnB1dCA9IHtcbiAgICAgICAgcmVjZWl2ZXJXcmFwcGVkS2V5OiBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICAgICAgICByb290S2V5Lmp3ayxcbiAgICAgICAgICAgIHJlY2VpdmVyS2V5LnRvSlNPTih0cnVlKVxuICAgICAgICAgIClcbiAgICAgICAgKSxcbiAgICAgICAgcmVjZWl2ZXJXcmFwcGluZ0tleUlkOiByb290S2V5LmlkLFxuICAgICAgICByZWNlaXZlckNpcGhlckRhdGE6IGluaXRpYXRvckNvbnRhY3RDYXJkXG4gICAgICAgICAgPyBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgICAgIHJlY2VpdmVyS2V5LFxuICAgICAgICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkLnJlY2VpdmVyQ2lwaGVyRGF0YUNsZWFySnNvblxuICAgICAgICAgICAgICApXG4gICAgICAgICAgICApXG4gICAgICAgICAgOiAnJyxcbiAgICAgICAgc2hhcmVkV3JhcHBlZEtleTogSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgc2hhcmVkS2V5LFxuICAgICAgICAgICAgY2NTaGFyZWRLZXkudG9KU09OKHRydWUpXG4gICAgICAgICAgKVxuICAgICAgICApLFxuICAgICAgfTtcblxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgY2NTaGFyZWRLZXksXG4gICAgICAgIHNoYXJlZENpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICk7XG4gICAgICByZWNlaXZlZENhcmRJbnB1dC5zaGFyZWRDaXBoZXJEYXRhU2lnID0gSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihzaWdQeGsuandrLCBzaGFyZWRDaXBoZXJEYXRhKVxuICAgICAgKTtcbiAgICAgIHJlY2VpdmVkQ2FyZElucHV0LnNpZ1B4a0lkID0gc2lnUHhrLmlkO1xuXG4gICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uLnJlc3BvbmRlci5jb250YWN0Q2FyZCA9IHtcbiAgICAgICAgLi4uaW5pdGlhdG9yT25lVGltZVBia0NpcGhlckNsZWFySnNvbi5yZXNwb25kZXIuY29udGFjdENhcmQsXG4gICAgICAgIHNoYXJlZENpcGhlcktleTogY2NTaGFyZWRLZXkudG9KU09OKHRydWUpLFxuICAgICAgfTtcbiAgICB9XG5cbiAgICBsZXQgcmVzcG9uZGVyQ2FyZElucHV0O1xuICAgIGlmIChyZXNwb25kZXJDb250YWN0Q2FyZCkge1xuICAgICAgLy8gQ3JlYXRlIGtleXNcbiAgICAgIGNvbnN0IG93bmVyS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgICAgY29uc3QgY2NTaGFyZWRLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgICBjb25zdCBzaWdQeGsgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudFNpZ1B4aygpO1xuXG4gICAgICByZXNwb25kZXJDYXJkSW5wdXQgPSB7XG4gICAgICAgIG93bmVyV3JhcHBlZEtleTogSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgcm9vdEtleS5qd2ssXG4gICAgICAgICAgICBvd25lcktleS50b0pTT04odHJ1ZSlcbiAgICAgICAgICApXG4gICAgICAgICksXG4gICAgICAgIG93bmVyV3JhcHBpbmdLZXlJZDogcm9vdEtleS5pZCxcbiAgICAgICAgb3duZXJDaXBoZXJEYXRhOiByZXNwb25kZXJDb250YWN0Q2FyZC5vd25lckNpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICAgICA/IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICAgICAgICAgICAgb3duZXJLZXksXG4gICAgICAgICAgICAgICAgcmVzcG9uZGVyQ29udGFjdENhcmQub3duZXJDaXBoZXJEYXRhQ2xlYXJKc29uXG4gICAgICAgICAgICAgIClcbiAgICAgICAgICAgIClcbiAgICAgICAgICA6ICcnLFxuXG4gICAgICAgIHNoYXJlZFdyYXBwZWRLZXk6IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgICAgIHNoYXJlZEtleSxcbiAgICAgICAgICAgIGNjU2hhcmVkS2V5LnRvSlNPTih0cnVlKVxuICAgICAgICAgIClcbiAgICAgICAgKSxcbiAgICAgIH07XG5cbiAgICAgIGNvbnN0IHNoYXJlZENpcGhlckRhdGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICAgIGNjU2hhcmVkS2V5LFxuICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uXG4gICAgICApO1xuICAgICAgcmVzcG9uZGVyQ2FyZElucHV0LnNoYXJlZENpcGhlckRhdGFTaWcgPSBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKHNpZ1B4ay5qd2ssIHNoYXJlZENpcGhlckRhdGEpXG4gICAgICApO1xuICAgICAgcmVzcG9uZGVyQ2FyZElucHV0LnNpZ1B4a0lkID0gc2lnUHhrLmlkO1xuXG4gICAgICBpZiAocmVzcG9uZGVyQ29udGFjdENhcmQub3duZXJQbGFpbkRhdGFKc29uKSB7XG4gICAgICAgIHJlc3BvbmRlckNhcmRJbnB1dC5vd25lclBsYWluRGF0YVNpZyA9IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2Uuc2lnbihcbiAgICAgICAgICAgIHJlc3BvbmRlclNpZ1Byay5qd2ssXG4gICAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5vd25lclBsYWluRGF0YUpzb25cbiAgICAgICAgICApXG4gICAgICAgICk7XG4gICAgICB9XG5cbiAgICAgIC8vIENvbnRhY3QgY2FyZCBpbmZvIHJlYWRhYmxlIGJ5IHRoZSBpbml0aWF0b3JcbiAgICAgIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb24ucmVzcG9uZGVyLmNvbnRhY3RDYXJkID0ge1xuICAgICAgICAuLi5pbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyQ2xlYXJKc29uLnJlc3BvbmRlci5jb250YWN0Q2FyZCxcbiAgICAgICAgc2hhcmVkQ2lwaGVyRGF0YUNsZWFySnNvbjpcbiAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uLFxuICAgICAgfTtcbiAgICB9XG5cbiAgICAvLyBFbmNyeXB0IHdpdGggb25lLXRpbWUgcHVibGljIGtleVxuICAgIGxldCBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgaW5pdGlhdG9yT25lVGltZVBiayxcbiAgICAgIGluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXJDbGVhckpzb25cbiAgICApO1xuXG4gICAgLy8gRW5jcnlwdCB3aXRoIHRoZSBvdGsgYWdhaW4gdG8ga2VlcCB1c2Ugb2YgYXN5bW1ldHJpYyBrZXlzIHRvIGEgbWluaW11bS5cbiAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgZGVjcnlwdGVkT3RrLm90S2V5LFxuICAgICAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlclxuICAgICk7XG5cbiAgICByZXR1cm4gbmV3IExyTXV0YXRpb24oe1xuICAgICAgbXV0YXRpb246IFJlc3BvbmRLZXlFeGNoYW5nZU90a011dGF0aW9uLFxuICAgICAgdmFyaWFibGVzOiB7XG4gICAgICAgIGlucHV0OiB7XG4gICAgICAgICAga2V5RXhjaGFuZ2VJZCxcbiAgICAgICAgICBrZXlFeGNoYW5nZVRva2VuOiB0b2tlbixcbiAgICAgICAgICByb290S2V5SWQ6IHJvb3RLZXkuaWQsXG4gICAgICAgICAgbWFzdGVyS2V5SWQsXG4gICAgICAgICAgLy8gVGhlc2Ugd2lsbCBiZSBzdG9yZWQgb24gdGhlIHNlcnZlclxuICAgICAgICAgIHJlc3BvbmRlclB4a0lkOiByZXNwb25kZXJQcmsuaWQsXG4gICAgICAgICAgcmVzcG9uZGVyU2lnUHhrSWQ6IHJlc3BvbmRlclNpZ1Byay5pZCxcbiAgICAgICAgICBzaWduZWRJbml0aWF0b3JQYms6IEpTT04uc3RyaW5naWZ5KHNpZ25lZEluaXRpYXRvclBiayksXG4gICAgICAgICAgc2lnbmVkSW5pdGlhdG9yU2lnUGJrOiBKU09OLnN0cmluZ2lmeShzaWduZWRJbml0aWF0b3JTaWdQYmspLFxuICAgICAgICAgIC8vIHJrV3JhcHBlZEluaXRpYXRvclNpZ1BiazogSlNPTi5zdHJpbmdpZnkocmtXcmFwcGVkSW5pdGlhdG9yU2lnUGJrKSxcblxuICAgICAgICAgIC8vIE9wdGlvbiAxOiBVc2luZyBuZXcgUHJrIGZvciBlYWNoIFRQIHBhaXJcbiAgICAgICAgICAvLyBya1dyYXBwZWRSZXNwb25kZXJTaWdQcms6IEpTT04uc3RyaW5naWZ5KHJrV3JhcHBlZFJlc3BvbmRlclNpZ1ByayksXG4gICAgICAgICAgcmtXcmFwcGVkU2hhcmVkS2V5OiBKU09OLnN0cmluZ2lmeShya1dyYXBwZWRTaGFyZWRLZXkpLFxuICAgICAgICAgIG1rV3JhcHBlZE1rU2hhcmVkS2V5OiBKU09OLnN0cmluZ2lmeShta1dyYXBwZWRNa1NoYXJlZEtleSksXG4gICAgICAgICAgLy8gVGhlc2Ugd2lsbCBiZSBzZW50IHRvIHRoZSBpbml0aWF0b3JcbiAgICAgICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyOiBKU09OLnN0cmluZ2lmeShpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyKSxcbiAgICAgICAgICBpbml0aWF0b3JDb250YWN0Q2FyZDogcmVjZWl2ZWRDYXJkSW5wdXQsXG4gICAgICAgICAgcmVzcG9uZGVyQ29udGFjdENhcmQ6IHJlc3BvbmRlckNhcmRJbnB1dCxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfSk7XG4gIH1cblxuICBjb21wbGV0ZU90a0V4ZWMoaW5wdXQ6IENvbXBsZXRlT3RrSW5wdXQyKSB7XG4gICAgcmV0dXJuIHRoaXMubXV0YXRlKHRoaXMuY29tcGxldGVPdGtNdXRhdGlvbihpbnB1dCkpO1xuICB9XG5cbiAgLy8gVE9ETyBkZXByZWNhdGUgdGhpcy5cbiAgY29tcGxldGVPdGsoaW5wdXQ6IENvbXBsZXRlT3RrSW5wdXQyKSB7XG4gICAgcmV0dXJuIHRoaXMuY29tcGxldGVPdGtNdXRhdGlvbihpbnB1dCk7XG4gIH1cblxuICBhc3luYyBjb21wbGV0ZU90a011dGF0aW9uKHtcbiAgICBrZXlFeGNoYW5nZUlkLFxuICAgIGluaXRpYXRvclJvb3RLZXlDaXBoZXIsXG4gICAgaW5pdGlhdG9yT25lVGltZVBia0NpcGhlcixcbiAgICByZXNwb25kZXJDb250YWN0Q2FyZCxcbiAgICBpbml0aWF0b3JDb250YWN0Q2FyZCxcbiAgfTogQ29tcGxldGVPdGtJbnB1dDIpIHtcbiAgICBjb25zdCByb290S2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRSb290S2V5KCk7XG4gICAgY29uc3QgbWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRNYXN0ZXJLZXkoKTtcblxuICAgIC8vIERlY3J5cHQgdXNpbmcgdGhlIHJvb3Qga2V5IHRvIGdldCB0aGUgUHJrXG4gICAgY29uc3QgaW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbiA9XG4gICAgICAoYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxuICAgICAgICByb290S2V5Lmp3ayxcbiAgICAgICAgaW5pdGlhdG9yUm9vdEtleUNpcGhlclxuICAgICAgKSkgYXMgSW5pdGlhdG9yUm9vdEtleUNpcGhlckNsZWFySnNvbjI7XG5cbiAgICAvLyBUaGUgUHJrIGlzIHNpbmdsZS11c2UgYW5kIG9ubHkgdXNlZCB0byBzZW5kIGluZm9ybWF0aW9uIGZyb20gdGhlIHJlc3BvbmRlciBiYWNrIHRvIHRoZSBpbml0aWF0b3IuXG4gICAgY29uc3QgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyID0gYXdhaXQgdGhpcy5kZWNyeXB0UmVzcG9uc2VDaXBoZXIoXG4gICAgICBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShpbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uLm90S2V5KSxcbiAgICAgIGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24ub25lVGltZVByayksXG4gICAgICBpbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyXG4gICAgKTtcblxuICAgIC8vIENoZWNrIHRoZSBub25jZSBtYXRjaCB0byBlbnN1cmUgdGhlIHJlc3BvbmRlciB3YXMgdGhlIG9uZSBob2xkaW5nIHRoZSBPVEtcbiAgICBpZiAoXG4gICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uLm5vbmNlICE9PVxuICAgICAgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLm5vbmNlXG4gICAgKSB7XG4gICAgICB0aHJvdyBuZXcgTHJDb2RlTWlzbWF0Y2hFeGNlcHRpb24oXG4gICAgICAgICdUaGUgbm9uY2UgcmV0dXJuZWQgYnkgcmVzcG9uZGVyIGRvZXMgbm90IG1hdGNoIHdpdGggdGhlIG9uZSBjcmVhdGVkIGJ5IHRoZSBpbml0aWF0b3IuJ1xuICAgICAgKTtcbiAgICB9XG5cbiAgICAvLyBPcHRpb24gMTogQXNzdW1pbmcgdGhlIHNpZ25pbmcga2V5IGlzIHVuaXF1ZSBiZXR3ZWVuIHVzZXJzLlxuICAgIC8vIGNvbnN0IGluaXRpYXRvclNpZ1ByayA9IGF3YWl0IEtGUy5hc0tleShrZS5wbGFpbkluaXRpYXRvclJvb3RLZXlDaXBoZXIuc2lnUHJrKTtcbiAgICAvLyBjb25zdCBya1dyYXBwZWRJbml0aWF0b3JTaWdQcmsgPSBhd2FpdCB0aGlzLmVuY3J5cHQocm9vdEtleSwgaW5pdGlhdG9yU2lnUHJrLnRvSlNPTih0cnVlKSk7XG5cbiAgICAvLyBPcHRpb24gMjogVXNlIHRoZSB1c2VyJ3MgZ2xvYmFsIHNpZ25pbmcga2V5LlxuICAgIC8vIEluIHRoaXMgY2FzZSB0aGUgaW5pdGlhdG9yU2lnUHJrIGlzIGFscmVhZHkgYSBwYXJ0IG9mIHRoZSBrZXkgZ3JhcGguXG4gICAgLy8gU28gdGhlcmUncyBub3RoaW5nIHRvIGRvIGhlcmUuXG5cbiAgICAvLyBQcm90ZWN0ZWQgdGhlIHNpZ25pbmcgcHVibGljIGtleSBvZiB0aGUgcmVzcG9uZGVyLlxuICAgIGNvbnN0IGluaXRpYXRvclNpZ1ByayA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50U2lnUHhrKCk7XG4gICAgY29uc3QgcmVzcG9uZGVyU2lnUGJrID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXG4gICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIucmVzcG9uZGVyLnNpZ1Bia1xuICAgICk7XG4gICAgY29uc3QgcmVzcG9uZGVyUGJrID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXG4gICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIucmVzcG9uZGVyLnBia1xuICAgICk7XG5cbiAgICBjb25zdCBzaWduZWRSZXNwb25kZXJQYmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXG4gICAgICBpbml0aWF0b3JTaWdQcmsuandrLFxuICAgICAgcmVzcG9uZGVyUGJrLnRvSlNPTigpXG4gICAgKTtcbiAgICBjb25zdCBzaWduZWRSZXNwb25kZXJTaWdQYmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXG4gICAgICBpbml0aWF0b3JTaWdQcmsuandrLFxuICAgICAgcmVzcG9uZGVyU2lnUGJrLnRvSlNPTigpXG4gICAgKTtcblxuICAgIGNvbnN0IHNoYXJlZEtleSA9IGF3YWl0IEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KFxuICAgICAgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLnNoYXJlZEtleVxuICAgICk7XG4gICAgY29uc3QgcmtXcmFwcGVkU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgcm9vdEtleS5qd2ssXG4gICAgICBzaGFyZWRLZXkudG9KU09OKHRydWUpXG4gICAgKTtcblxuICAgIGNvbnN0IG1rU2hhcmVkS2V5ID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkoXG4gICAgICBwbGFpbkluaXRpYXRvck9uZVRpbWVQYmtDaXBoZXIubWtTaGFyZWRLZXlcbiAgICApO1xuICAgIGNvbnN0IG1rV3JhcHBlZE1rU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgbWFzdGVyS2V5Lmp3ayxcbiAgICAgIG1rU2hhcmVkS2V5LnRvSlNPTih0cnVlKVxuICAgICk7XG5cbiAgICBsZXQgcmVzcG9uZGVyQ29udGFjdENhcmRDaXBoZXJJbnB1dDtcbiAgICBpZiAocmVzcG9uZGVyQ29udGFjdENhcmQpIHtcbiAgICAgIC8vIENyZWF0ZSBrZXlcbiAgICAgIGNvbnN0IHJlY2VpdmVyS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuXG4gICAgICByZXNwb25kZXJDb250YWN0Q2FyZENpcGhlcklucHV0ID0ge1xuICAgICAgICByZWNlaXZlcldyYXBwZWRLZXk6IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgIGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgICAgIHJvb3RLZXkuandrLFxuICAgICAgICAgICAgcmVjZWl2ZXJLZXkudG9KU09OKHRydWUpXG4gICAgICAgICAgKVxuICAgICAgICApLFxuICAgICAgICByZWNlaXZlcldyYXBwaW5nS2V5SWQ6IHJvb3RLZXkuaWQsXG4gICAgICAgIHJlY2VpdmVyQ2lwaGVyRGF0YTogSlNPTi5zdHJpbmdpZnkoXG4gICAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgICAgICAgcmVjZWl2ZXJLZXksXG4gICAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZC5yZWNlaXZlckNpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICAgICApXG4gICAgICAgICksXG4gICAgICB9O1xuICAgIH1cblxuICAgIC8vIEdldCB0aGUgZGF0YSBuZWVkZWQgZnJvbSB0aGUgaW5pdGlhdG9yJ3MgY2lwaGVyIGRhdGEuXG4gICAgbGV0IGluaXRpYXRvckNvbnRhY3RDYXJkQ2lwaGVySW5wdXQ7XG4gICAgbGV0IGluaXRpYXRvckNvbnRhY3RDYXJkU2hhcmVkQ2lwaGVySW5wdXQ7XG4gICAgaWYgKGluaXRpYXRvclJvb3RLZXlDaXBoZXJDbGVhckpzb24uaW5pdGlhdG9yQ29udGFjdENhcmQpIHtcbiAgICAgIC8vIFRoZSBpbml0aWF0b3JDb250YWN0Q2FyZCBjcmVhdGVkIGR1cmluZyB0aGUgY3JlYXRpb24gb2YgdGhlIGludml0ZSBhbmQgZW5jcnlwdGVkIHVzaW5nIHRoZSBpbml0aWF0b3Inc1xuICAgICAgLy8gcm9vdCBrZXlcbiAgICAgIGNvbnN0IGluaXRpYXRvckNvbnRhY3RDYXJkRnJvbUluaXQgPVxuICAgICAgICBpbml0aWF0b3JSb290S2V5Q2lwaGVyQ2xlYXJKc29uLmluaXRpYXRvckNvbnRhY3RDYXJkO1xuICAgICAgY29uc3Qgb3duZXJLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgICBjb25zdCBzaGFyZWRDaXBoZXJLZXkgPSBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleShcbiAgICAgICAgcGxhaW5Jbml0aWF0b3JPbmVUaW1lUGJrQ2lwaGVyLnJlc3BvbmRlci5jb250YWN0Q2FyZC5zaGFyZWRDaXBoZXJLZXlcbiAgICAgICk7XG5cbiAgICAgIGNvbnN0IG93bmVyV3JhcHBlZEtleSA9IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQocm9vdEtleS5qd2ssIG93bmVyS2V5LnRvSlNPTih0cnVlKSlcbiAgICAgICk7XG5cbiAgICAgIC8vIEFsbG93IHRoZSBpbml0aWF0b3JDb250YWN0Q2FyZCBwYXJhbWV0ZXIgdG8gb3ZlcnJpZGVcbiAgICAgIGNvbnN0IG93bmVyQ2lwaGVyRGF0YUNsZWFySnNvbiA9XG4gICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkPy5vd25lckNpcGhlckRhdGFDbGVhckpzb24gfHxcbiAgICAgICAgaW5pdGlhdG9yQ29udGFjdENhcmRGcm9tSW5pdC5vd25lckNpcGhlckRhdGFDbGVhckpzb247XG5cbiAgICAgIGNvbnN0IG93bmVyQ2lwaGVyRGF0YSA9IG93bmVyQ2lwaGVyRGF0YUNsZWFySnNvblxuICAgICAgICA/IGF3YWl0IHRoaXMua2V5R3JhcGguZW5jcnlwdFRvU3RyaW5nKFxuICAgICAgICAgICAgb3duZXJLZXksXG4gICAgICAgICAgICBvd25lckNpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICAgICApXG4gICAgICAgIDogJyc7XG5cbiAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkQ2lwaGVySW5wdXQgPSB7XG4gICAgICAgIG93bmVyV3JhcHBlZEtleSxcbiAgICAgICAgb3duZXJXcmFwcGluZ0tleUlkOiByb290S2V5LmlkLFxuICAgICAgICBvd25lckNpcGhlckRhdGEsXG4gICAgICB9O1xuXG4gICAgICBpbml0aWF0b3JDb250YWN0Q2FyZFNoYXJlZENpcGhlcklucHV0ID0ge1xuICAgICAgICBzaWdQeGtJZDogaW5pdGlhdG9yU2lnUHJrLmlkLFxuICAgICAgfTtcblxuICAgICAgY29uc3Qgc2hhcmVkQ2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgICAgc2hhcmVkQ2lwaGVyS2V5LFxuICAgICAgICBpbml0aWF0b3JDb250YWN0Q2FyZEZyb21Jbml0LnNoYXJlZENpcGhlckRhdGFDbGVhckpzb25cbiAgICAgICk7XG4gICAgICBpbml0aWF0b3JDb250YWN0Q2FyZFNoYXJlZENpcGhlcklucHV0LnNoYXJlZENpcGhlckRhdGFTaWcgPVxuICAgICAgICBKU09OLnN0cmluZ2lmeShcbiAgICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXG4gICAgICAgICAgICBpbml0aWF0b3JTaWdQcmsuandrLFxuICAgICAgICAgICAgc2hhcmVkQ2lwaGVyRGF0YVxuICAgICAgICAgIClcbiAgICAgICAgKTtcbiAgICB9XG5cbiAgICAvLyBUT0RPIGlkZWFsbHkgd2UgdXBkYXRlIHRoZSBzaGFyZWQgZGF0YSBpbiB0aGUgY29udGFjdCBjYXJkIHNlbnQgdG8gdGhlIHJlc3BvbmRlciBhcyB3ZWxsIHNpbmNlIHRoYXRcbiAgICAvLyBDQyB3YXMgY3JlYXRlZCBieSB0aGUgcmVzcG9uZGVyLlxuXG4gICAgcmV0dXJuIG5ldyBMck11dGF0aW9uKHtcbiAgICAgIG11dGF0aW9uOiBDb21wbGV0ZUtleUV4Y2hhbmdlT3RrTXV0YXRpb24sXG4gICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgaW5wdXQ6IHtcbiAgICAgICAgICBrZXlFeGNoYW5nZUlkLFxuICAgICAgICAgIHJvb3RLZXlJZDogcm9vdEtleS5pZCxcbiAgICAgICAgICBtYXN0ZXJLZXlJZDogbWFzdGVyS2V5LmlkLFxuICAgICAgICAgIGluaXRpYXRvclNpZ1B4a0lkOiBpbml0aWF0b3JTaWdQcmsuaWQsXG4gICAgICAgICAgc2lnbmVkUmVzcG9uZGVyUGJrOiBKU09OLnN0cmluZ2lmeShzaWduZWRSZXNwb25kZXJQYmspLFxuICAgICAgICAgIHNpZ25lZFJlc3BvbmRlclNpZ1BiazogSlNPTi5zdHJpbmdpZnkoc2lnbmVkUmVzcG9uZGVyU2lnUGJrKSxcbiAgICAgICAgICBya1dyYXBwZWRTaGFyZWRLZXk6IEpTT04uc3RyaW5naWZ5KHJrV3JhcHBlZFNoYXJlZEtleSksXG4gICAgICAgICAgbWtXcmFwcGVkTWtTaGFyZWRLZXk6IEpTT04uc3RyaW5naWZ5KG1rV3JhcHBlZE1rU2hhcmVkS2V5KSxcbiAgICAgICAgICByZXNwb25kZXJDb250YWN0Q2FyZENpcGhlcjogcmVzcG9uZGVyQ29udGFjdENhcmRDaXBoZXJJbnB1dCxcbiAgICAgICAgICBpbml0aWF0b3JDb250YWN0Q2FyZENpcGhlcjogaW5pdGlhdG9yQ29udGFjdENhcmRDaXBoZXJJbnB1dCxcbiAgICAgICAgICBpbml0aWF0b3JDb250YWN0Q2FyZFNoYXJlZENpcGhlcjpcbiAgICAgICAgICAgIGluaXRpYXRvckNvbnRhY3RDYXJkU2hhcmVkQ2lwaGVySW5wdXQsXG4gICAgICAgIH0sXG4gICAgICB9LFxuICAgIH0pO1xuICB9XG59XG4iXX0=