@lifeready/core 9.0.7 → 10.0.0

package/esm2015/lib/item/item.types.js

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaXRlbS50eXBlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL3Byb2plY3RzL2NvcmUvc3JjL2xpYi9pdGVtL2l0ZW0udHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IiIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEpTT05PYmplY3QsIExpbmtUeXBlRmllbGQsIExyUmVsYXlJZElucHV0IH0gZnJvbSAnLi4vYXBpL3R5cGVzJztcbmltcG9ydCB7IFNvbWVSZXF1aXJlZCB9IGZyb20gJy4uL19jb21tb24vdHlwZXMnO1xuXG5leHBvcnQgaW50ZXJmYWNlIElkS2V5UGFpciB7XG4gIGlkOiBzdHJpbmc7XG4gIGtleUlkOiBzdHJpbmc7XG59XG5cbi8vIFN1ZmZpeCBcIk9wdGlvbnNcIiBhcmUgd2hhdCdzIG5lZWQgYnkgdGhlIEtDIGNsaWVudC5cbmV4cG9ydCBpbnRlcmZhY2UgUGFyZW50RGlyZWN0b3J5T3B0aW9ucyB7XG4gIGRpcmVjdG9yeT86IElkS2V5UGFpcjtcbiAgbGlua1R5cGU/OiBMaW5rVHlwZUZpZWxkO1xuXG4gIC8vIFRoZXNlIHdpbGwgYmUgZGVwcmVjYXRlZFxuICBkaXJlY3RvcnlJZD86IExyUmVsYXlJZElucHV0O1xuICAvLyBJZiB3cmFwcGluZyBrZXkgcHJvdmlkZWQsIHRoZW4gd2UgY2FuIHRyeSBmZXRjaGluZyBpdCBmcm9tIHRoZVxuICAvLyBrZXkgZ3JhcGguIElmIG5vdCBmb3VuZCBpbiBrZXkgZ3JhcGgsIHRoZW4gZmV0Y2ggdGhlIGRpcmVjdG9yeS5cbiAgd3JhcHBpbmdLZXlJZD86IExyUmVsYXlJZElucHV0O1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFBhcmVudFJvb3REaXJlY3RvcnlJbnB1dCB7XG4gIHdyYXBwZWRLZXk6IHN0cmluZztcbiAgd3JhcHBpbmdLZXlJZDogTHJSZWxheUlkSW5wdXQ7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUGFyZW50RGlyZWN0b3J5SW5wdXQge1xuICBkaXJlY3RvcnlJZDogTHJSZWxheUlkSW5wdXQ7XG4gIHdyYXBwaW5nS2V5SWQ/OiBMclJlbGF5SWRJbnB1dDtcbiAgd3JhcHBlZEtleT86IHN0cmluZztcbiAgbGlua1R5cGU/OiBMaW5rVHlwZUZpZWxkO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIERvd25sb2FkRmlsZUNvbnRlbnRPcHRpb25zIHtcbiAgZmlsZVN0YXRlTm9kZUlkOiBMclJlbGF5SWRJbnB1dDtcbiAgZmlsZVN0YXRlS2V5SWQ/OiBMclJlbGF5SWRJbnB1dDtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBDb21tb25EaXJlY3RvcnlPcHRpb25zIHtcbiAgcGxhaW5NZXRhSnNvbj86IEpTT05PYmplY3Q7XG4gIGNpcGhlck1ldGFDbGVhckpzb24/OiBKU09OT2JqZWN0O1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIENyZWF0ZURpcmVjdG9yeU9wdGlvbnMgZXh0ZW5kcyBDb21tb25EaXJlY3RvcnlPcHRpb25zIHtcbiAgYXNSb290RGlyZWN0b3J5PzogYm9vbGVhbjtcbiAgcGFyZW50RGlyZWN0b3JpZXM/OiBQYXJlbnREaXJlY3RvcnlPcHRpb25zW107XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgVXBkYXRlRGlyZWN0b3J5T3B0aW9ucyBleHRlbmRzIENvbW1vbkRpcmVjdG9yeU9wdGlvbnMge1xuICBkaXJlY3RvcnlJZDogTHJSZWxheUlkSW5wdXQ7XG4gIGRpcmVjdG9yeUtleUlkPzogTHJSZWxheUlkSW5wdXQ7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ29tbW9uRmlsZU9wdGlvbnMge1xuICBwbGFpbk1ldGFKc29uPzogSlNPTk9iamVjdDtcbiAgY2lwaGVyTWV0YUNsZWFySnNvbj86IEpTT05PYmplY3Q7XG4gIGZpbGU/OiBGaWxlIHwgQXJyYXlCdWZmZXI7XG4gIC8vIGN1c3RvbSB1cGxvYWRlclxuICB1cGxvYWQ/OiAoY2lwaGVyRmlsZUNvbnRlbnQ6IHN0cmluZykgPT4gUHJvbWlzZTxzdHJpbmc+O1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIENyZWF0ZUZpbGVPcHRpb25zIGV4dGVuZHMgQ29tbW9uRmlsZU9wdGlvbnMge1xuICBwYXJlbnREaXJlY3RvcmllczogUGFyZW50RGlyZWN0b3J5T3B0aW9uc1tdO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFVwZGF0ZUZpbGVPcHRpb25zIGV4dGVuZHMgQ29tbW9uRmlsZU9wdGlvbnMge1xuICBmaWxlSWQ6IExyUmVsYXlJZElucHV0O1xuICBmaWxlS2V5SWQ/OiBMclJlbGF5SWRJbnB1dDtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBSZXZlcnRGaWxlT3B0aW9ucyB7XG4gIGZpbGVJZDogTHJSZWxheUlkSW5wdXQ7XG4gIHZlcnNpb25JZDogTHJSZWxheUlkSW5wdXQ7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ2hhbmdlSXRlbVBhcmVudHNPcHRpb25zIHtcbiAgcGFyZW50c1RvUmVtb3ZlPzogTHJSZWxheUlkSW5wdXRbXTtcbiAgcGFyZW50c1RvQWRkPzogUGFyZW50RGlyZWN0b3J5T3B0aW9uc1tdO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIENoYW5nZURpcmVjdG9yeVBhcmVudHNPcHRpb25zXG4gIGV4dGVuZHMgQ2hhbmdlSXRlbVBhcmVudHNPcHRpb25zIHtcbiAgZGlyZWN0b3J5PzogSWRLZXlQYWlyO1xuICAvLyBUaGVzZSB3aWxsIGJlIGRlcHJlY2F0ZWRcbiAgZGlyZWN0b3J5SWQ/OiBMclJlbGF5SWRJbnB1dDtcbiAgZGlyZWN0b3J5S2V5SWQ/OiBMclJlbGF5SWRJbnB1dDtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBDaGFuZ2VGaWxlUGFyZW50c09wdGlvbnMgZXh0ZW5kcyBDaGFuZ2VJdGVtUGFyZW50c09wdGlvbnMge1xuICBmaWxlPzogSWRLZXlQYWlyO1xuICAvLyBUaGVzZSB3aWxsIGJlIGRlcHJlY2F0ZWRcbiAgZmlsZUlkPzogTHJSZWxheUlkSW5wdXQ7XG4gIGZpbGVLZXlJZD86IExyUmVsYXlJZElucHV0O1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIEJlZ2luRGVsZXRlQ2hpbGRJdGVtTGlua3NXaW5kb3dPcHRpb25zIHtcbiAgZGlyZWN0b3J5SWQ6IExyUmVsYXlJZElucHV0O1xuICByZXF1ZXN0V2luZG93TXM6IG51bWJlcjtcbn1cblxuLy8gQ3JlYXRpbmcgZGlyZWN0b3J5IHdpdGggc3RhZ2luZyBhcyByb290IGRpcmVjdG9yeSBpcyBub3QgY3VycmVudGx5IHN1cHBvcnRlZCwgaGVuY2Ugb21pdHRpbmcgYXNSb290RGlyZWN0b3J5XG5leHBvcnQgaW50ZXJmYWNlIENyZWF0ZURpcmVjdG9yeVdpdGhTdGFnaW5nT3B0aW9uc1xuICBleHRlbmRzIE9taXQ8XG4gICAgU29tZVJlcXVpcmVkPENyZWF0ZURpcmVjdG9yeU9wdGlvbnMsICdwYXJlbnREaXJlY3Rvcmllcyc+LFxuICAgICdhc1Jvb3REaXJlY3RvcnknXG4gID4ge1xuICByZXF1ZXN0V2luZG93TXM6IG51bWJlcjtcbiAgb25DcmVhdGVkSW5TdGFnaW5nOiAoZGlyZWN0b3J5OiBJZEtleVBhaXIpID0+IFByb21pc2U8dm9pZD47XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ3JlYXRlRmlsZVdpdGhTdGFnaW5nT3B0aW9ucyBleHRlbmRzIENyZWF0ZUZpbGVPcHRpb25zIHtcbiAgcmVxdWVzdFdpbmRvd01zOiBudW1iZXI7XG4gIG9uQ3JlYXRlZEluU3RhZ2luZzogKGZpbGU6IElkS2V5UGFpcikgPT4gUHJvbWlzZTx2b2lkPjtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBTZXRGaWxlQ29uZmlkZW50aWFsT3B0aW9ucyB7XG4gIGZpbGVJZDogTHJSZWxheUlkSW5wdXQ7XG4gIGNvbmZpZGVudGlhbDogYm9vbGVhbjtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBTZXREaXJlY3RvcnlDb25maWRlbnRpYWxPcHRpb25zIHtcbiAgZGlyZWN0b3J5SWQ6IExyUmVsYXlJZElucHV0O1xuICBjb25maWRlbnRpYWw6IGJvb2xlYW47XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQXJjaGl2ZURpcmVjdG9yeU9wdGlvbnMge1xuICByZWN1cnNpdmU6IGJvb2xlYW47XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgVW5hcmNoaXZlRGlyZWN0b3J5T3B0aW9ucyB7XG4gIHJlY3Vyc2l2ZTogYm9vbGVhbjtcbn1cbiJdfQ==

package/esm2015/lib/key/key-factory.service.js

@@ -1,226 +0,0 @@
-import { __awaiter } from "tslib";
-import { Injectable } from '@angular/core';
-import { JWK } from 'node-jose';
-import { WebCryptoService } from '../web-crypto/web-crypto.service';
-import { KcBadArgumentException, KcSuspiciousOperationException, } from '../_common/exceptions';
-import * as i0 from "@angular/core";
-import * as i1 from "../web-crypto/web-crypto.service";
-export class KeyFactoryService {
-    constructor(webCryptoService) {
-        this.webCryptoService = webCryptoService;
-        // Global keys store. Otherwise, each call to asKey creates a new keyStore.
-        // <AZ> Did not seem to improve speed.
-        // public static keyStore = JWK.createKeyStore();
-        // AZ: This can't be change easily. It's basically a PassK or PassIdp rotation.
-        // todo: we should eventually increase this periodically to match with Moore's law.
-        // The iterations for each key are kept by the server as well but we assume the value
-        // from the server is not trustworthy, so need to have minimum thresholds here.
-        // If creating new keys, these minimum are used.
-        this.MIN_PASS_IDP_PBKDF_ITER = 100000;
-        this.MIN_PASS_KEY_PBKDF_ITER = 100000;
-        this.MIN_LBOP_KEY_PBKDF_ITER = 100000;
-        // These are used as the default values. They must be larger than the minimum values.
-        this.DEFAULT_PASS_IDP_PBKDF_ITER = this.MIN_PASS_IDP_PBKDF_ITER;
-        this.DEFAULT_PASS_KEY_PBKDF_ITER = this.MIN_PASS_KEY_PBKDF_ITER;
-        this.DEFAULT_LBOP_KEY_PBKDF_ITER = this.MIN_LBOP_KEY_PBKDF_ITER;
-        this.kcCrypto = this.webCryptoService.kcCrypto;
-    }
-    static asKey(key, form, extras) {
-        // <AZ> Using a single global key store did not seem to improve speed.
-        // return KeyFactoryService.keyStore.add(key, form, extras);
-        return JWK.asKey(key, form, extras);
-    }
-    randomString(digits) {
-        if (digits <= 0) {
-            throw new KcBadArgumentException('digits <= 0');
-        }
-        const validChars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
-        let array = new Uint32Array(digits);
-        this.kcCrypto.getRandomValues(array);
-        array = array.map((x) => validChars.charCodeAt(x % validChars.length));
-        return String.fromCharCode.apply(null, array);
-    }
-    randomDigitsNoZeros(digits) {
-        return this.randomChoices([1, 2, 3, 4, 5, 6, 7, 8, 9], digits).join('');
-    }
-    randomChoices(array, chooseN) {
-        if (array.length <= 1) {
-            throw new KcBadArgumentException('array.length <= 0');
-        }
-        if (chooseN <= 0) {
-            throw new KcBadArgumentException('chooseN <= 0');
-        }
-        const values = new Uint32Array(chooseN);
-        this.kcCrypto.getRandomValues(values);
-        const ret = [];
-        values.forEach((v) => ret.push(array[v % array.length]));
-        return ret;
-    }
-    createSalt() {
-        return this.randomString(16);
-    }
-    createKey() {
-        return __awaiter(this, void 0, void 0, function* () {
-            const key = yield this.kcCrypto.subtle.generateKey({
-                name: 'AES-GCM',
-                length: 256,
-            }, true, // whether the key is extractable (i.e. can be used in exportKey)
-            ['encrypt', 'decrypt'] // must be ["encrypt", "decrypt"] or ["wrapKey", "unwrapKey"]
-            );
-            const jwk = yield this.kcCrypto.subtle.exportKey('jwk', key);
-            // Removing the fields not needed by node-jose
-            delete jwk.ext;
-            delete jwk.key_ops;
-            return KeyFactoryService.asKey(jwk);
-        });
-    }
-    createSignKey() {
-        return __awaiter(this, void 0, void 0, function* () {
-            const key = yield this.kcCrypto.subtle.generateKey({
-                name: 'HMAC',
-                hash: { name: 'SHA-512' },
-            }, true, ['sign', 'verify']);
-            const jwk = yield this.kcCrypto.subtle.exportKey('jwk', key);
-            // Removing the fields not needed by node-jose
-            delete jwk.key_ops;
-            delete jwk.ext;
-            return KeyFactoryService.asKey(jwk);
-        });
-    }
-    createPkcKey() {
-        return __awaiter(this, void 0, void 0, function* () {
-            // node-jose is not using Forge properly. It should be calling the async version of
-            // pki.rsa.generateKeyPair() with a callback. Instead it calls the sync version. Webcrypto
-            // does not support sync version, so it uses the javascript implementation, which is way too slow.
-            // So we generate using webcrypto and import the key.
-            // Unfortunately Elliptical Curve is not supported by Webcrypto. So we have to settle for RSA.
-            const key = yield this.kcCrypto.subtle.generateKey({
-                name: 'RSA-OAEP',
-                modulusLength: 2048,
-                // As per suggestion: https://developer.mozilla.org/en-US/docs/Web/API/RsaHashedKeyGenParams
-                publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
-                hash: { name: 'SHA-256' },
-            }, true, // whether the key is extractable (i.e. can be used in exportKey)
-            ['encrypt', 'decrypt'] // must be ["encrypt", "decrypt"] or ["wrapKey", "unwrapKey"]
-            );
-            const jwk = yield this.kcCrypto.subtle.exportKey('jwk', key.privateKey);
-            // Removing the fields not needed by node-jose
-            delete jwk.key_ops;
-            delete jwk.ext;
-            return KeyFactoryService.asKey(jwk);
-        });
-    }
-    createPkcSignKey() {
-        return __awaiter(this, void 0, void 0, function* () {
-            const key = yield this.kcCrypto.subtle.generateKey({
-                name: 'RSASSA-PKCS1-v1_5',
-                modulusLength: 2048,
-                // As per suggestion: https://developer.mozilla.org/en-US/docs/Web/API/RsaHashedKeyGenParams
-                publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
-                hash: { name: 'SHA-256' },
-            }, true, // whether the key is extractable (i.e. can be used in exportKey)
-            ['sign', 'verify'] // can be any combination of "sign" and "verify"
-            );
-            const jwk = yield this.kcCrypto.subtle.exportKey('jwk', key.privateKey);
-            // Removing the fields not needed by node-jose
-            delete jwk.key_ops;
-            delete jwk.ext;
-            return KeyFactoryService.asKey(jwk);
-        });
-    }
-    importPassword(plainPassword) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const enc = new TextEncoder();
-            return this.kcCrypto.subtle.importKey('raw', enc.encode(plainPassword), 'PBKDF2', false, ['deriveKey']);
-        });
-    }
-    deriveKey({ password, salt, iterations, kid, }) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const passKey = yield this.kcCrypto.subtle.deriveKey({
-                name: 'PBKDF2',
-                salt: new TextEncoder().encode(salt),
-                iterations,
-                hash: 'SHA-256',
-            }, password, { name: 'AES-GCM', length: 256 }, true, ['encrypt', 'decrypt']);
-            const passKeyJson = yield this.kcCrypto.subtle.exportKey('jwk', passKey);
-            if (kid) {
-                passKeyJson.kid = kid;
-            }
-            const jwk = yield KeyFactoryService.asKey(passKeyJson);
-            return { jwk };
-        });
-    }
-    derivePassIdp(params) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (params.iterations < this.MIN_PASS_IDP_PBKDF_ITER) {
-                throw new KcSuspiciousOperationException(`The number of PassIdp key derivation iterations sent from the server (${params.iterations}) is lower than the minimum (${this.MIN_PASS_IDP_PBKDF_ITER})`);
-            }
-            return this.deriveKey(params);
-        });
-    }
-    derivePassKey(params) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (params.iterations < this.MIN_PASS_KEY_PBKDF_ITER) {
-                throw new KcSuspiciousOperationException(`The number of PassKey key derivation iterations sent from the server(${params.iterations}) is lower than the minimum(${this.MIN_PASS_KEY_PBKDF_ITER})`);
-            }
-            return this.deriveKey(params);
-        });
-    }
-    deriveLbopKey(params) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (params.iterations < this.MIN_LBOP_KEY_PBKDF_ITER) {
-                throw new KcSuspiciousOperationException(`The number of LbopKey key derivation iterations sent from the server(${params.iterations}) is lower than the minimum(${this.MIN_LBOP_KEY_PBKDF_ITER})`);
-            }
-            return this.deriveKey(params);
-        });
-    }
-    createKid() {
-        return __awaiter(this, void 0, void 0, function* () {
-            // todo: AZ: node-jose source uses node's default UUID() function for kid, so just change to use that.
-            // for now, we are just creating a new key to use it's kid.
-            // The kid is a part of the JWK system. LR backend maintains the key hierarchy separately with it's own
-            // key id. But we just use it here as a double check.
-            return (yield this.createKey()).kid;
-        });
-    }
-    createPassIdpParams() {
-        return __awaiter(this, void 0, void 0, function* () {
-            return {
-                salt: this.createSalt(),
-                iterations: this.DEFAULT_PASS_IDP_PBKDF_ITER,
-            };
-        });
-    }
-    createPassKeyParams() {
-        return __awaiter(this, void 0, void 0, function* () {
-            return {
-                salt: this.createSalt(),
-                kid: yield this.createKid(),
-                iterations: this.DEFAULT_PASS_KEY_PBKDF_ITER,
-            };
-        });
-    }
-    createLbopKeyParams() {
-        return __awaiter(this, void 0, void 0, function* () {
-            return {
-                salt: this.createSalt(),
-                // todo: AZ: node-jose source uses node's default UUID() function for kid, so just change to use that.
-                // for now, we are just creating a new key to use it's kid.
-                // The kid is a part of the JWK system. LR backend maintains the key hierarchy separately with it's own
-                // key id. But we just use it here as a double check.
-                kid: yield this.createKid(),
-                iterations: this.DEFAULT_PASS_KEY_PBKDF_ITER,
-            };
-        });
-    }
-}
-KeyFactoryService.ɵprov = i0.ɵɵdefineInjectable({ factory: function KeyFactoryService_Factory() { return new KeyFactoryService(i0.ɵɵinject(i1.WebCryptoService)); }, token: KeyFactoryService, providedIn: "root" });
-KeyFactoryService.decorators = [
-    { type: Injectable, args: [{
-                providedIn: 'root',
-            },] }
-];
-KeyFactoryService.ctorParameters = () => [
-    { type: WebCryptoService }
-];
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LWZhY3Rvcnkuc2VydmljZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL3Byb2plY3RzL2NvcmUvc3JjL2xpYi9rZXkva2V5LWZhY3Rvcnkuc2VydmljZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUMzQyxPQUFPLEVBQUUsR0FBRyxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBRWhDLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLGtDQUFrQyxDQUFDO0FBQ3BFLE9BQU8sRUFDTCxzQkFBc0IsRUFDdEIsOEJBQThCLEdBQy9CLE1BQU0sdUJBQXVCLENBQUM7OztBQWMvQixNQUFNLE9BQU8saUJBQWlCO0lBQzVCLFlBQW9CLGdCQUFrQztRQUFsQyxxQkFBZ0IsR0FBaEIsZ0JBQWdCLENBQWtCO1FBS3RELDJFQUEyRTtRQUMzRSxzQ0FBc0M7UUFDdEMsaURBQWlEO1FBRWpELCtFQUErRTtRQUMvRSxtRkFBbUY7UUFDbkYscUZBQXFGO1FBQ3JGLCtFQUErRTtRQUMvRSxnREFBZ0Q7UUFDaEMsNEJBQXVCLEdBQUcsTUFBTSxDQUFDO1FBQ2pDLDRCQUF1QixHQUFHLE1BQU0sQ0FBQztRQUNqQyw0QkFBdUIsR0FBRyxNQUFNLENBQUM7UUFFakQscUZBQXFGO1FBQ3JFLGdDQUEyQixHQUFHLElBQUksQ0FBQyx1QkFBdUIsQ0FBQztRQUMzRCxnQ0FBMkIsR0FBRyxJQUFJLENBQUMsdUJBQXVCLENBQUM7UUFDM0QsZ0NBQTJCLEdBQUcsSUFBSSxDQUFDLHVCQUF1QixDQUFDO1FBcEJ6RSxJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxRQUFRLENBQUM7SUFDakQsQ0FBQztJQXFCRCxNQUFNLENBQUMsS0FBSyxDQUNWLEdBQThELEVBQzlELElBUVMsRUFDVCxNQUFnQztRQUVoQyxzRUFBc0U7UUFDdEUsNERBQTREO1FBQzVELE9BQU8sR0FBRyxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsSUFBSSxFQUFFLE1BQU0sQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRCxZQUFZLENBQUMsTUFBYztRQUN6QixJQUFJLE1BQU0sSUFBSSxDQUFDLEVBQUU7WUFDZixNQUFNLElBQUksc0JBQXNCLENBQUMsYUFBYSxDQUFDLENBQUM7U0FDakQ7UUFDRCxNQUFNLFVBQVUsR0FDZCxnRUFBZ0UsQ0FBQztRQUNuRSxJQUFJLEtBQUssR0FBRyxJQUFJLFdBQVcsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUNwQyxJQUFJLENBQUMsUUFBUSxDQUFDLGVBQWUsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNyQyxLQUFLLEdBQUcsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQyxDQUFDLEdBQUcsVUFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7UUFDdkUsT0FBTyxNQUFNLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsS0FBSyxDQUFDLENBQUM7SUFDaEQsQ0FBQztJQUVELG1CQUFtQixDQUFDLE1BQWM7UUFDaEMsT0FBTyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxNQUFNLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDMUUsQ0FBQztJQUVELGFBQWEsQ0FBSSxLQUFVLEVBQUUsT0FBZTtRQUMxQyxJQUFJLEtBQUssQ0FBQyxNQUFNLElBQUksQ0FBQyxFQUFFO1lBQ3JCLE1BQU0sSUFBSSxzQkFBc0IsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1NBQ3ZEO1FBQ0QsSUFBSSxPQUFPLElBQUksQ0FBQyxFQUFFO1lBQ2hCLE1BQU0sSUFBSSxzQkFBc0IsQ0FBQyxjQUFjLENBQUMsQ0FBQztTQUNsRDtRQUNELE1BQU0sTUFBTSxHQUFHLElBQUksV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3hDLElBQUksQ0FBQyxRQUFRLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ3RDLE1BQU0sR0FBRyxHQUFRLEVBQUUsQ0FBQztRQUNwQixNQUFNLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUN6RCxPQUFPLEdBQUcsQ0FBQztJQUNiLENBQUM7SUFFRCxVQUFVO1FBQ1IsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFFSyxTQUFTOztZQUNiLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUNoRDtnQkFDRSxJQUFJLEVBQUUsU0FBUztnQkFDZixNQUFNLEVBQUUsR0FBRzthQUNaLEVBQ0QsSUFBSSxFQUFFLGlFQUFpRTtZQUN2RSxDQUFDLFNBQVMsRUFBRSxTQUFTLENBQUMsQ0FBQyw2REFBNkQ7YUFDckYsQ0FBQztZQUVGLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLEtBQUssRUFBRSxHQUFHLENBQUMsQ0FBQztZQUU3RCw4Q0FBOEM7WUFDOUMsT0FBTyxHQUFHLENBQUMsR0FBRyxDQUFDO1lBQ2YsT0FBTyxHQUFHLENBQUMsT0FBTyxDQUFDO1lBRW5CLE9BQU8saUJBQWlCLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ3RDLENBQUM7S0FBQTtJQUVLLGFBQWE7O1lBQ2pCLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUNoRDtnQkFDRSxJQUFJLEVBQUUsTUFBTTtnQkFDWixJQUFJLEVBQUUsRUFBRSxJQUFJLEVBQUUsU0FBUyxFQUFFO2FBQzFCLEVBQ0QsSUFBSSxFQUNKLENBQUMsTUFBTSxFQUFFLFFBQVEsQ0FBQyxDQUNuQixDQUFDO1lBRUYsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsS0FBSyxFQUFFLEdBQUcsQ0FBQyxDQUFDO1lBRTdELDhDQUE4QztZQUM5QyxPQUFPLEdBQUcsQ0FBQyxPQUFPLENBQUM7WUFDbkIsT0FBTyxHQUFHLENBQUMsR0FBRyxDQUFDO1lBRWYsT0FBTyxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDdEMsQ0FBQztLQUFBO0lBRUssWUFBWTs7WUFDaEIsbUZBQW1GO1lBQ25GLDBGQUEwRjtZQUMxRixrR0FBa0c7WUFDbEcscURBQXFEO1lBQ3JELDhGQUE4RjtZQUM5RixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FDaEQ7Z0JBQ0UsSUFBSSxFQUFFLFVBQVU7Z0JBQ2hCLGFBQWEsRUFBRSxJQUFJO2dCQUNuQiw0RkFBNEY7Z0JBQzVGLGNBQWMsRUFBRSxJQUFJLFVBQVUsQ0FBQyxDQUFDLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7Z0JBQ2xELElBQUksRUFBRSxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUU7YUFDMUIsRUFDRCxJQUFJLEVBQUUsaUVBQWlFO1lBQ3ZFLENBQUMsU0FBUyxFQUFFLFNBQVMsQ0FBQyxDQUFDLDZEQUE2RDthQUNyRixDQUFDO1lBRUYsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsS0FBSyxFQUFFLEdBQUcsQ0FBQyxVQUFVLENBQUMsQ0FBQztZQUN4RSw4Q0FBOEM7WUFDOUMsT0FBTyxHQUFHLENBQUMsT0FBTyxDQUFDO1lBQ25CLE9BQU8sR0FBRyxDQUFDLEdBQUcsQ0FBQztZQUVmLE9BQU8saUJBQWlCLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ3RDLENBQUM7S0FBQTtJQUVLLGdCQUFnQjs7WUFDcEIsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxXQUFXLENBQ2hEO2dCQUNFLElBQUksRUFBRSxtQkFBbUI7Z0JBQ3pCLGFBQWEsRUFBRSxJQUFJO2dCQUNuQiw0RkFBNEY7Z0JBQzVGLGNBQWMsRUFBRSxJQUFJLFVBQVUsQ0FBQyxDQUFDLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7Z0JBQ2xELElBQUksRUFBRSxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUU7YUFDMUIsRUFDRCxJQUFJLEVBQUUsaUVBQWlFO1lBQ3ZFLENBQUMsTUFBTSxFQUFFLFFBQVEsQ0FBQyxDQUFDLGdEQUFnRDthQUNwRSxDQUFDO1lBRUYsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsS0FBSyxFQUFFLEdBQUcsQ0FBQyxVQUFVLENBQUMsQ0FBQztZQUV4RSw4Q0FBOEM7WUFDOUMsT0FBTyxHQUFHLENBQUMsT0FBTyxDQUFDO1lBQ25CLE9BQU8sR0FBRyxDQUFDLEdBQUcsQ0FBQztZQUVmLE9BQU8saUJBQWlCLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ3RDLENBQUM7S0FBQTtJQUVLLGNBQWMsQ0FBQyxhQUFxQjs7WUFDeEMsTUFBTSxHQUFHLEdBQUcsSUFBSSxXQUFXLEVBQUUsQ0FBQztZQUM5QixPQUFPLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FDbkMsS0FBSyxFQUNMLEdBQUcsQ0FBQyxNQUFNLENBQUMsYUFBYSxDQUFDLEVBQ3pCLFFBQVEsRUFDUixLQUFLLEVBQ0wsQ0FBQyxXQUFXLENBQUMsQ0FDZCxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRUssU0FBUyxDQUFDLEVBQ2QsUUFBUSxFQUNSLElBQUksRUFDSixVQUFVLEVBQ1YsR0FBRyxHQU1KOztZQUNDLE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUNsRDtnQkFDRSxJQUFJLEVBQUUsUUFBUTtnQkFDZCxJQUFJLEVBQUUsSUFBSSxXQUFXLEVBQUUsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDO2dCQUNwQyxVQUFVO2dCQUNWLElBQUksRUFBRSxTQUFTO2FBQ2hCLEVBQ0QsUUFBUSxFQUNSLEVBQUUsSUFBSSxFQUFFLFNBQVMsRUFBRSxNQUFNLEVBQUUsR0FBRyxFQUFFLEVBQ2hDLElBQUksRUFDSixDQUFDLFNBQVMsRUFBRSxTQUFTLENBQUMsQ0FDdkIsQ0FBQztZQUVGLE1BQU0sV0FBVyxHQUFlLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUNsRSxLQUFLLEVBQ0wsT0FBTyxDQUNSLENBQUM7WUFDRixJQUFJLEdBQUcsRUFBRTtnQkFDUCxXQUFXLENBQUMsR0FBRyxHQUFHLEdBQUcsQ0FBQzthQUN2QjtZQUVELE1BQU0sR0FBRyxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1lBRXZELE9BQU8sRUFBRSxHQUFHLEVBQUUsQ0FBQztRQUNqQixDQUFDO0tBQUE7SUFFSyxhQUFhLENBQUMsTUFBMkI7O1lBQzdDLElBQUksTUFBTSxDQUFDLFVBQVUsR0FBRyxJQUFJLENBQUMsdUJBQXVCLEVBQUU7Z0JBQ3BELE1BQU0sSUFBSSw4QkFBOEIsQ0FDdEMseUVBQXlFLE1BQU0sQ0FBQyxVQUFVLGdDQUFnQyxJQUFJLENBQUMsdUJBQXVCLEdBQUcsQ0FDMUosQ0FBQzthQUNIO1lBQ0QsT0FBTyxJQUFJLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ2hDLENBQUM7S0FBQTtJQUVLLGFBQWEsQ0FBQyxNQUEyQjs7WUFDN0MsSUFBSSxNQUFNLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyx1QkFBdUIsRUFBRTtnQkFDcEQsTUFBTSxJQUFJLDhCQUE4QixDQUN0Qyx3RUFBd0UsTUFBTSxDQUFDLFVBQVUsK0JBQStCLElBQUksQ0FBQyx1QkFBdUIsR0FBRyxDQUN4SixDQUFDO2FBQ0g7WUFDRCxPQUFPLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDaEMsQ0FBQztLQUFBO0lBRUssYUFBYSxDQUFDLE1BQTJCOztZQUM3QyxJQUFJLE1BQU0sQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDLHVCQUF1QixFQUFFO2dCQUNwRCxNQUFNLElBQUksOEJBQThCLENBQ3RDLHdFQUF3RSxNQUFNLENBQUMsVUFBVSwrQkFBK0IsSUFBSSxDQUFDLHVCQUF1QixHQUFHLENBQ3hKLENBQUM7YUFDSDtZQUNELE9BQU8sSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUNoQyxDQUFDO0tBQUE7SUFFSyxTQUFTOztZQUNiLHNHQUFzRztZQUN0RywyREFBMkQ7WUFDM0QsdUdBQXVHO1lBQ3ZHLHFEQUFxRDtZQUNyRCxPQUFPLENBQUMsTUFBTSxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUM7UUFDdEMsQ0FBQztLQUFBO0lBRUssbUJBQW1COztZQUN2QixPQUFPO2dCQUNMLElBQUksRUFBRSxJQUFJLENBQUMsVUFBVSxFQUFFO2dCQUN2QixVQUFVLEVBQUUsSUFBSSxDQUFDLDJCQUEyQjthQUM3QyxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRUssbUJBQW1COztZQUN2QixPQUFPO2dCQUNMLElBQUksRUFBRSxJQUFJLENBQUMsVUFBVSxFQUFFO2dCQUN2QixHQUFHLEVBQUUsTUFBTSxJQUFJLENBQUMsU0FBUyxFQUFFO2dCQUMzQixVQUFVLEVBQUUsSUFBSSxDQUFDLDJCQUEyQjthQUM3QyxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRUssbUJBQW1COztZQUN2QixPQUFPO2dCQUNMLElBQUksRUFBRSxJQUFJLENBQUMsVUFBVSxFQUFFO2dCQUN2QixzR0FBc0c7Z0JBQ3RHLDJEQUEyRDtnQkFDM0QsdUdBQXVHO2dCQUN2RyxxREFBcUQ7Z0JBQ3JELEdBQUcsRUFBRSxNQUFNLElBQUksQ0FBQyxTQUFTLEVBQUU7Z0JBQzNCLFVBQVUsRUFBRSxJQUFJLENBQUMsMkJBQTJCO2FBQzdDLENBQUM7UUFDSixDQUFDO0tBQUE7Ozs7WUFqUkYsVUFBVSxTQUFDO2dCQUNWLFVBQVUsRUFBRSxNQUFNO2FBQ25COzs7WUFqQlEsZ0JBQWdCIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgSW5qZWN0YWJsZSB9IGZyb20gJ0Bhbmd1bGFyL2NvcmUnO1xuaW1wb3J0IHsgSldLIH0gZnJvbSAnbm9kZS1qb3NlJztcbmltcG9ydCB7IEpTT05PYmplY3QgfSBmcm9tICcuLi9hcGkvdHlwZXMnO1xuaW1wb3J0IHsgV2ViQ3J5cHRvU2VydmljZSB9IGZyb20gJy4uL3dlYi1jcnlwdG8vd2ViLWNyeXB0by5zZXJ2aWNlJztcbmltcG9ydCB7XG4gIEtjQmFkQXJndW1lbnRFeGNlcHRpb24sXG4gIEtjU3VzcGljaW91c09wZXJhdGlvbkV4Y2VwdGlvbixcbn0gZnJvbSAnLi4vX2NvbW1vbi9leGNlcHRpb25zJztcbmltcG9ydCB7XG4gIERlcml2ZUtleVJlc3VsdCxcbiAgRGVyaXZlTGJvcEtleVBhcmFtcyxcbiAgRGVyaXZlUGFzc0lkcFBhcmFtcyxcbiAgRGVyaXZlUGFzc0tleVBhcmFtcyxcbiAgTGJvcEtleVBhcmFtcyxcbiAgUGFzc0lkcFBhcmFtcyxcbiAgUGFzc0tleVBhcmFtcyxcbn0gZnJvbSAnLi9rZXkudHlwZXMnO1xuXG5ASW5qZWN0YWJsZSh7XG4gIHByb3ZpZGVkSW46ICdyb290Jyxcbn0pXG5leHBvcnQgY2xhc3MgS2V5RmFjdG9yeVNlcnZpY2Uge1xuICBjb25zdHJ1Y3Rvcihwcml2YXRlIHdlYkNyeXB0b1NlcnZpY2U6IFdlYkNyeXB0b1NlcnZpY2UpIHtcbiAgICB0aGlzLmtjQ3J5cHRvID0gdGhpcy53ZWJDcnlwdG9TZXJ2aWNlLmtjQ3J5cHRvO1xuICB9XG4gIHByaXZhdGUgcmVhZG9ubHkga2NDcnlwdG86IENyeXB0bztcbiAgcHJpdmF0ZSByZWFkb25seSBzdG9yZTogW107XG4gIC8vIEdsb2JhbCBrZXlzIHN0b3JlLiBPdGhlcndpc2UsIGVhY2ggY2FsbCB0byBhc0tleSBjcmVhdGVzIGEgbmV3IGtleVN0b3JlLlxuICAvLyA8QVo+IERpZCBub3Qgc2VlbSB0byBpbXByb3ZlIHNwZWVkLlxuICAvLyBwdWJsaWMgc3RhdGljIGtleVN0b3JlID0gSldLLmNyZWF0ZUtleVN0b3JlKCk7XG5cbiAgLy8gQVo6IFRoaXMgY2FuJ3QgYmUgY2hhbmdlIGVhc2lseS4gSXQncyBiYXNpY2FsbHkgYSBQYXNzSyBvciBQYXNzSWRwIHJvdGF0aW9uLlxuICAvLyB0b2RvOiB3ZSBzaG91bGQgZXZlbnR1YWxseSBpbmNyZWFzZSB0aGlzIHBlcmlvZGljYWxseSB0byBtYXRjaCB3aXRoIE1vb3JlJ3MgbGF3LlxuICAvLyBUaGUgaXRlcmF0aW9ucyBmb3IgZWFjaCBrZXkgYXJlIGtlcHQgYnkgdGhlIHNlcnZlciBhcyB3ZWxsIGJ1dCB3ZSBhc3N1bWUgdGhlIHZhbHVlXG4gIC8vIGZyb20gdGhlIHNlcnZlciBpcyBub3QgdHJ1c3R3b3J0aHksIHNvIG5lZWQgdG8gaGF2ZSBtaW5pbXVtIHRocmVzaG9sZHMgaGVyZS5cbiAgLy8gSWYgY3JlYXRpbmcgbmV3IGtleXMsIHRoZXNlIG1pbmltdW0gYXJlIHVzZWQuXG4gIHB1YmxpYyByZWFkb25seSBNSU5fUEFTU19JRFBfUEJLREZfSVRFUiA9IDEwMDAwMDtcbiAgcHVibGljIHJlYWRvbmx5IE1JTl9QQVNTX0tFWV9QQktERl9JVEVSID0gMTAwMDAwO1xuICBwdWJsaWMgcmVhZG9ubHkgTUlOX0xCT1BfS0VZX1BCS0RGX0lURVIgPSAxMDAwMDA7XG5cbiAgLy8gVGhlc2UgYXJlIHVzZWQgYXMgdGhlIGRlZmF1bHQgdmFsdWVzLiBUaGV5IG11c3QgYmUgbGFyZ2VyIHRoYW4gdGhlIG1pbmltdW0gdmFsdWVzLlxuICBwdWJsaWMgcmVhZG9ubHkgREVGQVVMVF9QQVNTX0lEUF9QQktERl9JVEVSID0gdGhpcy5NSU5fUEFTU19JRFBfUEJLREZfSVRFUjtcbiAgcHVibGljIHJlYWRvbmx5IERFRkFVTFRfUEFTU19LRVlfUEJLREZfSVRFUiA9IHRoaXMuTUlOX1BBU1NfS0VZX1BCS0RGX0lURVI7XG4gIHB1YmxpYyByZWFkb25seSBERUZBVUxUX0xCT1BfS0VZX1BCS0RGX0lURVIgPSB0aGlzLk1JTl9MQk9QX0tFWV9QQktERl9JVEVSO1xuXG4gIHN0YXRpYyBhc0tleShcbiAgICBrZXk6IHN0cmluZyB8IEJ1ZmZlciB8IFJlY29yZDxzdHJpbmcsIEpTT05PYmplY3Q+IHwgSldLLlJhd0tleSxcbiAgICBmb3JtPzpcbiAgICAgIHwgJ2pzb24nXG4gICAgICB8ICdwcml2YXRlJ1xuICAgICAgfCAncGtjczgnXG4gICAgICB8ICdwdWJsaWMnXG4gICAgICB8ICdzcGtpJ1xuICAgICAgfCAncGtpeCdcbiAgICAgIHwgJ3g1MDknXG4gICAgICB8ICdwZW0nLFxuICAgIGV4dHJhcz86IFJlY29yZDxzdHJpbmcsIHVua25vd24+XG4gICk6IFByb21pc2U8SldLLktleT4ge1xuICAgIC8vIDxBWj4gVXNpbmcgYSBzaW5nbGUgZ2xvYmFsIGtleSBzdG9yZSBkaWQgbm90IHNlZW0gdG8gaW1wcm92ZSBzcGVlZC5cbiAgICAvLyByZXR1cm4gS2V5RmFjdG9yeVNlcnZpY2Uua2V5U3RvcmUuYWRkKGtleSwgZm9ybSwgZXh0cmFzKTtcbiAgICByZXR1cm4gSldLLmFzS2V5KGtleSwgZm9ybSwgZXh0cmFzKTtcbiAgfVxuXG4gIHJhbmRvbVN0cmluZyhkaWdpdHM6IG51bWJlcik6IHN0cmluZyB7XG4gICAgaWYgKGRpZ2l0cyA8PSAwKSB7XG4gICAgICB0aHJvdyBuZXcgS2NCYWRBcmd1bWVudEV4Y2VwdGlvbignZGlnaXRzIDw9IDAnKTtcbiAgICB9XG4gICAgY29uc3QgdmFsaWRDaGFycyA9XG4gICAgICAnQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODknO1xuICAgIGxldCBhcnJheSA9IG5ldyBVaW50MzJBcnJheShkaWdpdHMpO1xuICAgIHRoaXMua2NDcnlwdG8uZ2V0UmFuZG9tVmFsdWVzKGFycmF5KTtcbiAgICBhcnJheSA9IGFycmF5Lm1hcCgoeCkgPT4gdmFsaWRDaGFycy5jaGFyQ29kZUF0KHggJSB2YWxpZENoYXJzLmxlbmd0aCkpO1xuICAgIHJldHVybiBTdHJpbmcuZnJvbUNoYXJDb2RlLmFwcGx5KG51bGwsIGFycmF5KTtcbiAgfVxuXG4gIHJhbmRvbURpZ2l0c05vWmVyb3MoZGlnaXRzOiBudW1iZXIpOiBzdHJpbmcge1xuICAgIHJldHVybiB0aGlzLnJhbmRvbUNob2ljZXMoWzEsIDIsIDMsIDQsIDUsIDYsIDcsIDgsIDldLCBkaWdpdHMpLmpvaW4oJycpO1xuICB9XG5cbiAgcmFuZG9tQ2hvaWNlczxUPihhcnJheTogVFtdLCBjaG9vc2VOOiBudW1iZXIpOiBUW10ge1xuICAgIGlmIChhcnJheS5sZW5ndGggPD0gMSkge1xuICAgICAgdGhyb3cgbmV3IEtjQmFkQXJndW1lbnRFeGNlcHRpb24oJ2FycmF5Lmxlbmd0aCA8PSAwJyk7XG4gICAgfVxuICAgIGlmIChjaG9vc2VOIDw9IDApIHtcbiAgICAgIHRocm93IG5ldyBLY0JhZEFyZ3VtZW50RXhjZXB0aW9uKCdjaG9vc2VOIDw9IDAnKTtcbiAgICB9XG4gICAgY29uc3QgdmFsdWVzID0gbmV3IFVpbnQzMkFycmF5KGNob29zZU4pO1xuICAgIHRoaXMua2NDcnlwdG8uZ2V0UmFuZG9tVmFsdWVzKHZhbHVlcyk7XG4gICAgY29uc3QgcmV0OiBUW10gPSBbXTtcbiAgICB2YWx1ZXMuZm9yRWFjaCgodikgPT4gcmV0LnB1c2goYXJyYXlbdiAlIGFycmF5Lmxlbmd0aF0pKTtcbiAgICByZXR1cm4gcmV0O1xuICB9XG5cbiAgY3JlYXRlU2FsdCgpOiBzdHJpbmcge1xuICAgIHJldHVybiB0aGlzLnJhbmRvbVN0cmluZygxNik7XG4gIH1cblxuICBhc3luYyBjcmVhdGVLZXkoKTogUHJvbWlzZTxKV0suS2V5PiB7XG4gICAgY29uc3Qga2V5ID0gYXdhaXQgdGhpcy5rY0NyeXB0by5zdWJ0bGUuZ2VuZXJhdGVLZXkoXG4gICAgICB7XG4gICAgICAgIG5hbWU6ICdBRVMtR0NNJyxcbiAgICAgICAgbGVuZ3RoOiAyNTYsIC8vIGNhbiBiZSAgMTI4LCAxOTIsIG9yIDI1NlxuICAgICAgfSxcbiAgICAgIHRydWUsIC8vIHdoZXRoZXIgdGhlIGtleSBpcyBleHRyYWN0YWJsZSAoaS5lLiBjYW4gYmUgdXNlZCBpbiBleHBvcnRLZXkpXG4gICAgICBbJ2VuY3J5cHQnLCAnZGVjcnlwdCddIC8vIG11c3QgYmUgW1wiZW5jcnlwdFwiLCBcImRlY3J5cHRcIl0gb3IgW1wid3JhcEtleVwiLCBcInVud3JhcEtleVwiXVxuICAgICk7XG5cbiAgICBjb25zdCBqd2sgPSBhd2FpdCB0aGlzLmtjQ3J5cHRvLnN1YnRsZS5leHBvcnRLZXkoJ2p3aycsIGtleSk7XG5cbiAgICAvLyBSZW1vdmluZyB0aGUgZmllbGRzIG5vdCBuZWVkZWQgYnkgbm9kZS1qb3NlXG4gICAgZGVsZXRlIGp3ay5leHQ7XG4gICAgZGVsZXRlIGp3ay5rZXlfb3BzO1xuXG4gICAgcmV0dXJuIEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KGp3ayk7XG4gIH1cblxuICBhc3luYyBjcmVhdGVTaWduS2V5KCk6IFByb21pc2U8SldLLktleT4ge1xuICAgIGNvbnN0IGtleSA9IGF3YWl0IHRoaXMua2NDcnlwdG8uc3VidGxlLmdlbmVyYXRlS2V5KFxuICAgICAge1xuICAgICAgICBuYW1lOiAnSE1BQycsXG4gICAgICAgIGhhc2g6IHsgbmFtZTogJ1NIQS01MTInIH0sXG4gICAgICB9LFxuICAgICAgdHJ1ZSxcbiAgICAgIFsnc2lnbicsICd2ZXJpZnknXVxuICAgICk7XG5cbiAgICBjb25zdCBqd2sgPSBhd2FpdCB0aGlzLmtjQ3J5cHRvLnN1YnRsZS5leHBvcnRLZXkoJ2p3aycsIGtleSk7XG5cbiAgICAvLyBSZW1vdmluZyB0aGUgZmllbGRzIG5vdCBuZWVkZWQgYnkgbm9kZS1qb3NlXG4gICAgZGVsZXRlIGp3ay5rZXlfb3BzO1xuICAgIGRlbGV0ZSBqd2suZXh0O1xuXG4gICAgcmV0dXJuIEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KGp3ayk7XG4gIH1cblxuICBhc3luYyBjcmVhdGVQa2NLZXkoKTogUHJvbWlzZTxKV0suS2V5PiB7XG4gICAgLy8gbm9kZS1qb3NlIGlzIG5vdCB1c2luZyBGb3JnZSBwcm9wZXJseS4gSXQgc2hvdWxkIGJlIGNhbGxpbmcgdGhlIGFzeW5jIHZlcnNpb24gb2ZcbiAgICAvLyBwa2kucnNhLmdlbmVyYXRlS2V5UGFpcigpIHdpdGggYSBjYWxsYmFjay4gSW5zdGVhZCBpdCBjYWxscyB0aGUgc3luYyB2ZXJzaW9uLiBXZWJjcnlwdG9cbiAgICAvLyBkb2VzIG5vdCBzdXBwb3J0IHN5bmMgdmVyc2lvbiwgc28gaXQgdXNlcyB0aGUgamF2YXNjcmlwdCBpbXBsZW1lbnRhdGlvbiwgd2hpY2ggaXMgd2F5IHRvbyBzbG93LlxuICAgIC8vIFNvIHdlIGdlbmVyYXRlIHVzaW5nIHdlYmNyeXB0byBhbmQgaW1wb3J0IHRoZSBrZXkuXG4gICAgLy8gVW5mb3J0dW5hdGVseSBFbGxpcHRpY2FsIEN1cnZlIGlzIG5vdCBzdXBwb3J0ZWQgYnkgV2ViY3J5cHRvLiBTbyB3ZSBoYXZlIHRvIHNldHRsZSBmb3IgUlNBLlxuICAgIGNvbnN0IGtleSA9IGF3YWl0IHRoaXMua2NDcnlwdG8uc3VidGxlLmdlbmVyYXRlS2V5KFxuICAgICAge1xuICAgICAgICBuYW1lOiAnUlNBLU9BRVAnLFxuICAgICAgICBtb2R1bHVzTGVuZ3RoOiAyMDQ4LCAvLyBjYW4gYmUgMTAyNCwgMjA0OCwgMzA3MiwgNDA5NiAuLi4gMTYzODRcbiAgICAgICAgLy8gQXMgcGVyIHN1Z2dlc3Rpb246IGh0dHBzOi8vZGV2ZWxvcGVyLm1vemlsbGEub3JnL2VuLVVTL2RvY3MvV2ViL0FQSS9Sc2FIYXNoZWRLZXlHZW5QYXJhbXNcbiAgICAgICAgcHVibGljRXhwb25lbnQ6IG5ldyBVaW50OEFycmF5KFsweDAxLCAweDAwLCAweDAxXSksXG4gICAgICAgIGhhc2g6IHsgbmFtZTogJ1NIQS0yNTYnIH0sIC8vIGNhbiBiZSBcIlNIQS0xXCIsIFwiU0hBLTI1NlwiLCBcIlNIQS0zODRcIiwgb3IgXCJTSEEtNTEyXCJcbiAgICAgIH0sXG4gICAgICB0cnVlLCAvLyB3aGV0aGVyIHRoZSBrZXkgaXMgZXh0cmFjdGFibGUgKGkuZS4gY2FuIGJlIHVzZWQgaW4gZXhwb3J0S2V5KVxuICAgICAgWydlbmNyeXB0JywgJ2RlY3J5cHQnXSAvLyBtdXN0IGJlIFtcImVuY3J5cHRcIiwgXCJkZWNyeXB0XCJdIG9yIFtcIndyYXBLZXlcIiwgXCJ1bndyYXBLZXlcIl1cbiAgICApO1xuXG4gICAgY29uc3QgandrID0gYXdhaXQgdGhpcy5rY0NyeXB0by5zdWJ0bGUuZXhwb3J0S2V5KCdqd2snLCBrZXkucHJpdmF0ZUtleSk7XG4gICAgLy8gUmVtb3ZpbmcgdGhlIGZpZWxkcyBub3QgbmVlZGVkIGJ5IG5vZGUtam9zZVxuICAgIGRlbGV0ZSBqd2sua2V5X29wcztcbiAgICBkZWxldGUgandrLmV4dDtcblxuICAgIHJldHVybiBLZXlGYWN0b3J5U2VydmljZS5hc0tleShqd2spO1xuICB9XG5cbiAgYXN5bmMgY3JlYXRlUGtjU2lnbktleSgpOiBQcm9taXNlPEpXSy5LZXk+IHtcbiAgICBjb25zdCBrZXkgPSBhd2FpdCB0aGlzLmtjQ3J5cHRvLnN1YnRsZS5nZW5lcmF0ZUtleShcbiAgICAgIHtcbiAgICAgICAgbmFtZTogJ1JTQVNTQS1QS0NTMS12MV81JyxcbiAgICAgICAgbW9kdWx1c0xlbmd0aDogMjA0OCwgLy8gY2FuIGJlIDEwMjQsIDIwNDgsIG9yIDQwOTZcbiAgICAgICAgLy8gQXMgcGVyIHN1Z2dlc3Rpb246IGh0dHBzOi8vZGV2ZWxvcGVyLm1vemlsbGEub3JnL2VuLVVTL2RvY3MvV2ViL0FQSS9Sc2FIYXNoZWRLZXlHZW5QYXJhbXNcbiAgICAgICAgcHVibGljRXhwb25lbnQ6IG5ldyBVaW50OEFycmF5KFsweDAxLCAweDAwLCAweDAxXSksXG4gICAgICAgIGhhc2g6IHsgbmFtZTogJ1NIQS0yNTYnIH0sIC8vIGNhbiBiZSBcIlNIQS0xXCIsIFwiU0hBLTI1NlwiLCBcIlNIQS0zODRcIiwgb3IgXCJTSEEtNTEyXCJcbiAgICAgIH0sXG4gICAgICB0cnVlLCAvLyB3aGV0aGVyIHRoZSBrZXkgaXMgZXh0cmFjdGFibGUgKGkuZS4gY2FuIGJlIHVzZWQgaW4gZXhwb3J0S2V5KVxuICAgICAgWydzaWduJywgJ3ZlcmlmeSddIC8vIGNhbiBiZSBhbnkgY29tYmluYXRpb24gb2YgXCJzaWduXCIgYW5kIFwidmVyaWZ5XCJcbiAgICApO1xuXG4gICAgY29uc3QgandrID0gYXdhaXQgdGhpcy5rY0NyeXB0by5zdWJ0bGUuZXhwb3J0S2V5KCdqd2snLCBrZXkucHJpdmF0ZUtleSk7XG5cbiAgICAvLyBSZW1vdmluZyB0aGUgZmllbGRzIG5vdCBuZWVkZWQgYnkgbm9kZS1qb3NlXG4gICAgZGVsZXRlIGp3ay5rZXlfb3BzO1xuICAgIGRlbGV0ZSBqd2suZXh0O1xuXG4gICAgcmV0dXJuIEtleUZhY3RvcnlTZXJ2aWNlLmFzS2V5KGp3ayk7XG4gIH1cblxuICBhc3luYyBpbXBvcnRQYXNzd29yZChwbGFpblBhc3N3b3JkOiBzdHJpbmcpOiBQcm9taXNlPENyeXB0b0tleT4ge1xuICAgIGNvbnN0IGVuYyA9IG5ldyBUZXh0RW5jb2RlcigpO1xuICAgIHJldHVybiB0aGlzLmtjQ3J5cHRvLnN1YnRsZS5pbXBvcnRLZXkoXG4gICAgICAncmF3JyxcbiAgICAgIGVuYy5lbmNvZGUocGxhaW5QYXNzd29yZCksXG4gICAgICAnUEJLREYyJyxcbiAgICAgIGZhbHNlLFxuICAgICAgWydkZXJpdmVLZXknXVxuICAgICk7XG4gIH1cblxuICBhc3luYyBkZXJpdmVLZXkoe1xuICAgIHBhc3N3b3JkLFxuICAgIHNhbHQsXG4gICAgaXRlcmF0aW9ucyxcbiAgICBraWQsXG4gIH06IHtcbiAgICBwYXNzd29yZDogQ3J5cHRvS2V5O1xuICAgIHNhbHQ6IHN0cmluZztcbiAgICBpdGVyYXRpb25zOiBudW1iZXI7XG4gICAga2lkPzogc3RyaW5nO1xuICB9KTogUHJvbWlzZTxEZXJpdmVLZXlSZXN1bHQ+IHtcbiAgICBjb25zdCBwYXNzS2V5ID0gYXdhaXQgdGhpcy5rY0NyeXB0by5zdWJ0bGUuZGVyaXZlS2V5KFxuICAgICAge1xuICAgICAgICBuYW1lOiAnUEJLREYyJyxcbiAgICAgICAgc2FsdDogbmV3IFRleHRFbmNvZGVyKCkuZW5jb2RlKHNhbHQpLFxuICAgICAgICBpdGVyYXRpb25zLFxuICAgICAgICBoYXNoOiAnU0hBLTI1NicsXG4gICAgICB9LFxuICAgICAgcGFzc3dvcmQsXG4gICAgICB7IG5hbWU6ICdBRVMtR0NNJywgbGVuZ3RoOiAyNTYgfSxcbiAgICAgIHRydWUsXG4gICAgICBbJ2VuY3J5cHQnLCAnZGVjcnlwdCddXG4gICAgKTtcblxuICAgIGNvbnN0IHBhc3NLZXlKc29uOiBKU09OT2JqZWN0ID0gYXdhaXQgdGhpcy5rY0NyeXB0by5zdWJ0bGUuZXhwb3J0S2V5KFxuICAgICAgJ2p3aycsXG4gICAgICBwYXNzS2V5XG4gICAgKTtcbiAgICBpZiAoa2lkKSB7XG4gICAgICBwYXNzS2V5SnNvbi5raWQgPSBraWQ7XG4gICAgfVxuXG4gICAgY29uc3QgandrID0gYXdhaXQgS2V5RmFjdG9yeVNlcnZpY2UuYXNLZXkocGFzc0tleUpzb24pO1xuXG4gICAgcmV0dXJuIHsgandrIH07XG4gIH1cblxuICBhc3luYyBkZXJpdmVQYXNzSWRwKHBhcmFtczogRGVyaXZlUGFzc0lkcFBhcmFtcyk6IFByb21pc2U8RGVyaXZlS2V5UmVzdWx0PiB7XG4gICAgaWYgKHBhcmFtcy5pdGVyYXRpb25zIDwgdGhpcy5NSU5fUEFTU19JRFBfUEJLREZfSVRFUikge1xuICAgICAgdGhyb3cgbmV3IEtjU3VzcGljaW91c09wZXJhdGlvbkV4Y2VwdGlvbihcbiAgICAgICAgYFRoZSBudW1iZXIgb2YgUGFzc0lkcCBrZXkgZGVyaXZhdGlvbiBpdGVyYXRpb25zIHNlbnQgZnJvbSB0aGUgc2VydmVyICgke3BhcmFtcy5pdGVyYXRpb25zfSkgaXMgbG93ZXIgdGhhbiB0aGUgbWluaW11bSAoJHt0aGlzLk1JTl9QQVNTX0lEUF9QQktERl9JVEVSfSlgXG4gICAgICApO1xuICAgIH1cbiAgICByZXR1cm4gdGhpcy5kZXJpdmVLZXkocGFyYW1zKTtcbiAgfVxuXG4gIGFzeW5jIGRlcml2ZVBhc3NLZXkocGFyYW1zOiBEZXJpdmVQYXNzS2V5UGFyYW1zKTogUHJvbWlzZTxEZXJpdmVLZXlSZXN1bHQ+IHtcbiAgICBpZiAocGFyYW1zLml0ZXJhdGlvbnMgPCB0aGlzLk1JTl9QQVNTX0tFWV9QQktERl9JVEVSKSB7XG4gICAgICB0aHJvdyBuZXcgS2NTdXNwaWNpb3VzT3BlcmF0aW9uRXhjZXB0aW9uKFxuICAgICAgICBgVGhlIG51bWJlciBvZiBQYXNzS2V5IGtleSBkZXJpdmF0aW9uIGl0ZXJhdGlvbnMgc2VudCBmcm9tIHRoZSBzZXJ2ZXIoJHtwYXJhbXMuaXRlcmF0aW9uc30pIGlzIGxvd2VyIHRoYW4gdGhlIG1pbmltdW0oJHt0aGlzLk1JTl9QQVNTX0tFWV9QQktERl9JVEVSfSlgXG4gICAgICApO1xuICAgIH1cbiAgICByZXR1cm4gdGhpcy5kZXJpdmVLZXkocGFyYW1zKTtcbiAgfVxuXG4gIGFzeW5jIGRlcml2ZUxib3BLZXkocGFyYW1zOiBEZXJpdmVMYm9wS2V5UGFyYW1zKTogUHJvbWlzZTxEZXJpdmVLZXlSZXN1bHQ+IHtcbiAgICBpZiAocGFyYW1zLml0ZXJhdGlvbnMgPCB0aGlzLk1JTl9MQk9QX0tFWV9QQktERl9JVEVSKSB7XG4gICAgICB0aHJvdyBuZXcgS2NTdXNwaWNpb3VzT3BlcmF0aW9uRXhjZXB0aW9uKFxuICAgICAgICBgVGhlIG51bWJlciBvZiBMYm9wS2V5IGtleSBkZXJpdmF0aW9uIGl0ZXJhdGlvbnMgc2VudCBmcm9tIHRoZSBzZXJ2ZXIoJHtwYXJhbXMuaXRlcmF0aW9uc30pIGlzIGxvd2VyIHRoYW4gdGhlIG1pbmltdW0oJHt0aGlzLk1JTl9MQk9QX0tFWV9QQktERl9JVEVSfSlgXG4gICAgICApO1xuICAgIH1cbiAgICByZXR1cm4gdGhpcy5kZXJpdmVLZXkocGFyYW1zKTtcbiAgfVxuXG4gIGFzeW5jIGNyZWF0ZUtpZCgpOiBQcm9taXNlPHN0cmluZz4ge1xuICAgIC8vIHRvZG86IEFaOiBub2RlLWpvc2Ugc291cmNlIHVzZXMgbm9kZSdzIGRlZmF1bHQgVVVJRCgpIGZ1bmN0aW9uIGZvciBraWQsIHNvIGp1c3QgY2hhbmdlIHRvIHVzZSB0aGF0LlxuICAgIC8vIGZvciBub3csIHdlIGFyZSBqdXN0IGNyZWF0aW5nIGEgbmV3IGtleSB0byB1c2UgaXQncyBraWQuXG4gICAgLy8gVGhlIGtpZCBpcyBhIHBhcnQgb2YgdGhlIEpXSyBzeXN0ZW0uIExSIGJhY2tlbmQgbWFpbnRhaW5zIHRoZSBrZXkgaGllcmFyY2h5IHNlcGFyYXRlbHkgd2l0aCBpdCdzIG93blxuICAgIC8vIGtleSBpZC4gQnV0IHdlIGp1c3QgdXNlIGl0IGhlcmUgYXMgYSBkb3VibGUgY2hlY2suXG4gICAgcmV0dXJuIChhd2FpdCB0aGlzLmNyZWF0ZUtleSgpKS5raWQ7XG4gIH1cblxuICBhc3luYyBjcmVhdGVQYXNzSWRwUGFyYW1zKCk6IFByb21pc2U8UGFzc0lkcFBhcmFtcz4ge1xuICAgIHJldHVybiB7XG4gICAgICBzYWx0OiB0aGlzLmNyZWF0ZVNhbHQoKSxcbiAgICAgIGl0ZXJhdGlvbnM6IHRoaXMuREVGQVVMVF9QQVNTX0lEUF9QQktERl9JVEVSLFxuICAgIH07XG4gIH1cblxuICBhc3luYyBjcmVhdGVQYXNzS2V5UGFyYW1zKCk6IFByb21pc2U8UGFzc0tleVBhcmFtcz4ge1xuICAgIHJldHVybiB7XG4gICAgICBzYWx0OiB0aGlzLmNyZWF0ZVNhbHQoKSxcbiAgICAgIGtpZDogYXdhaXQgdGhpcy5jcmVhdGVLaWQoKSxcbiAgICAgIGl0ZXJhdGlvbnM6IHRoaXMuREVGQVVMVF9QQVNTX0tFWV9QQktERl9JVEVSLFxuICAgIH07XG4gIH1cblxuICBhc3luYyBjcmVhdGVMYm9wS2V5UGFyYW1zKCk6IFByb21pc2U8TGJvcEtleVBhcmFtcz4ge1xuICAgIHJldHVybiB7XG4gICAgICBzYWx0OiB0aGlzLmNyZWF0ZVNhbHQoKSxcbiAgICAgIC8vIHRvZG86IEFaOiBub2RlLWpvc2Ugc291cmNlIHVzZXMgbm9kZSdzIGRlZmF1bHQgVVVJRCgpIGZ1bmN0aW9uIGZvciBraWQsIHNvIGp1c3QgY2hhbmdlIHRvIHVzZSB0aGF0LlxuICAgICAgLy8gZm9yIG5vdywgd2UgYXJlIGp1c3QgY3JlYXRpbmcgYSBuZXcga2V5IHRvIHVzZSBpdCdzIGtpZC5cbiAgICAgIC8vIFRoZSBraWQgaXMgYSBwYXJ0IG9mIHRoZSBKV0sgc3lzdGVtLiBMUiBiYWNrZW5kIG1haW50YWlucyB0aGUga2V5IGhpZXJhcmNoeSBzZXBhcmF0ZWx5IHdpdGggaXQncyBvd25cbiAgICAgIC8vIGtleSBpZC4gQnV0IHdlIGp1c3QgdXNlIGl0IGhlcmUgYXMgYSBkb3VibGUgY2hlY2suXG4gICAgICBraWQ6IGF3YWl0IHRoaXMuY3JlYXRlS2lkKCksXG4gICAgICBpdGVyYXRpb25zOiB0aGlzLkRFRkFVTFRfUEFTU19LRVlfUEJLREZfSVRFUixcbiAgICB9O1xuICB9XG59XG4iXX0=

package/esm2015/lib/key/key-graph.service.js

@@ -1,314 +0,0 @@
-import { __awaiter } from "tslib";
-/* eslint-disable @typescript-eslint/no-explicit-any */
-import { Injectable } from '@angular/core';
-import graphlib, { Graph } from '@dagrejs/graphlib';
-import { asJwk, EncryptionService, isSymmetricKey, } from '../encryption/encryption.service';
-import { lodash } from '../_common';
-import { KcBadArgumentException, KcBadLogicException, KcBadStateException, KcEncryptionException, KcNotFoundException, } from '../_common/exceptions';
-import { KeyFactoryService, KeyFactoryService as KFS, } from './key-factory.service';
-import { KeyService } from './key.service';
-import { KeyGraphEdgeType, KeyGraphNodeType, PayloadType, } from './key.types';
-import * as i0 from "@angular/core";
-import * as i1 from "../encryption/encryption.service";
-import * as i2 from "./key.service";
-import * as i3 from "./key-factory.service";
-export class KeyGraphService {
-    // private keyCache: {
-    //   [id: string]: Key;
-    // };
-    constructor(encryptionService, keyService, keyFactory) {
-        this.encryptionService = encryptionService;
-        this.keyService = keyService;
-        this.keyFactory = keyFactory;
-        this.purgeKeys();
-    }
-    purgeKeys() {
-        this.graph = new Graph();
-        // this.keyCache = null;
-    }
-    populateKeys(userKey) {
-        return __awaiter(this, void 0, void 0, function* () {
-            this.keyService.setKeys({
-                passKey: userKey.passKey,
-                masterKey: yield this.keyService.loadMasterKey(userKey.masterKey.id),
-                rootKey: yield this.unwrapKey(userKey.masterKey.id, userKey.rootKey.id),
-                pxk: yield this.unwrapKey(userKey.masterKey.id, userKey.pxk.id),
-                sigPxk: yield this.unwrapKey(userKey.masterKey.id, userKey.sigPxk.id),
-            });
-        });
-    }
-    hasKey(keyId) {
-        return !!this.graph.node(keyId);
-    }
-    getNode(id, type) {
-        const node = this.graph.node(id);
-        if (!node) {
-            throw new KcNotFoundException(`Key graphs does not contain key id: ${id}`);
-        }
-        if (node.type !== type) {
-            throw new KcBadStateException(`Key with id ${id} is not of type ${type}`);
-        }
-        return node.data;
-    }
-    key(id) {
-        return this.getNode(id, KeyGraphNodeType.Key);
-    }
-    passKey(id) {
-        return this.getNode(id, KeyGraphNodeType.PassKey);
-    }
-    addKeys(src) {
-        // Keys
-        if (src.keys) {
-            // What key graph returns can not be customized. So keys are essentially immutable.
-            // Therefore, if a key exists, there's no reason to update it.
-            for (const key of src.keys) {
-                // Note using Relay global id allows us to not worry about clashing node id
-                if (this.graph.hasNode(key.id)) {
-                    continue;
-                }
-                const node = {
-                    type: KeyGraphNodeType.Key,
-                    data: lodash.cloneDeep(key),
-                };
-                this.graph.setNode(key.id, node);
-            }
-        }
-        // KeyLinks
-        if (src.keyLinks) {
-            for (const keyLink of src.keyLinks) {
-                if (this.graph.hasEdge(keyLink.wrappingKeyId, keyLink.keyId)) {
-                    continue;
-                }
-                const edge = {
-                    type: KeyGraphEdgeType.KeyLink,
-                    data: lodash.cloneDeep(keyLink),
-                };
-                // Edge goes from wrapping key to wrapped key.
-                this.graph.setEdge(keyLink.wrappingKeyId, keyLink.keyId, edge);
-            }
-        }
-        // PassKeyLinks
-        if (src.passKeyLinks) {
-            for (const passKeyLink of src.passKeyLinks) {
-                if (this.graph.hasEdge(passKeyLink.passKeyId, passKeyLink.keyId)) {
-                    continue;
-                }
-                const edge = {
-                    type: KeyGraphEdgeType.PassKeyLink,
-                    data: lodash.cloneDeep(passKeyLink),
-                };
-                // Edge goes from wrapping key to wrapped key.
-                this.graph.setEdge(passKeyLink.passKeyId, passKeyLink.keyId, edge);
-            }
-        }
-        // The graph is the single source of truth. These are lazily calculated.
-        // this.keyCache = null;
-    }
-    tracePath(distances, keyId) {
-        // The node label is the same as the id of the key nodes.
-        const ret = [];
-        let node = keyId;
-        if (!distances[node].predecessor) {
-            return null;
-        }
-        while (distances[node].predecessor) {
-            const child = distances[node].predecessor;
-            ret.push(this.graph.edge(child, node));
-            node = child;
-        }
-        // After reverse, the first element is the passkey
-        ret.reverse();
-        return ret;
-    }
-    getPath(knownKeyId, keyId) {
-        if (!knownKeyId || typeof knownKeyId !== 'string') {
-            throw new KcEncryptionException(`Param knownKeyId wrong format: ${knownKeyId}`);
-        }
-        if (!keyId || typeof keyId !== 'string') {
-            throw new KcEncryptionException(`Param keyId wrong format: ${keyId}`);
-        }
-        // => { A: { distance: 0 },
-        //      B: { distance: 6, predecessor: 'C' },
-        //      C: { distance: 4, predecessor: 'A' },
-        //      D: { distance: 2, predecessor: 'A' },
-        //      E: { distance: 8, predecessor: 'F' },
-        //      F: { distance: 4, predecessor: 'D' } }
-        const distances = graphlib.alg.dijkstra(this.graph, knownKeyId);
-        // Trace path from keyId to knownKeyId
-        return this.tracePath(distances, keyId);
-    }
-    getJwkKey(keyOrId, getKeyIdCallback) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return (yield this.getKey(keyOrId, getKeyIdCallback)).jwk;
-        });
-    }
-    // We assume that when a keyId is fetched, the key graph
-    // for the key is also returned and merged into the client-side
-    // key graph. By insisting a keyId is returned instead of the
-    // actual key we ensure key-graph is consistent.
-    getKey(keyOrId, getKeyIdCallback) {
-        return __awaiter(this, void 0, void 0, function* () {
-            let keyId = typeof keyOrId === 'string' ? keyOrId : keyOrId === null || keyOrId === void 0 ? void 0 : keyOrId.id;
-            if (!this.hasKey(keyId) && getKeyIdCallback) {
-                const keyIdFromCallback = yield getKeyIdCallback();
-                if (keyId != null && keyId != keyIdFromCallback) {
-                    throw new KcBadLogicException('Requested keyId is not in the key cache, so an API request was made to populate the key cache.' +
-                        'But the key returned by the API does NOT match the requested keyId.' +
-                        'This is a programming logic error.');
-                }
-                keyId = keyIdFromCallback;
-            }
-            // else, continue and let it fail.
-            const key = this.key(keyId);
-            if (key.jwk) {
-                return key;
-            }
-            else {
-                return this.unwrapKey(this.keyService.currentMasterKey.id, keyId);
-            }
-        });
-    }
-    _unwrapLink(wrappingKey, link, dstKey) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const wrappedKey = JSON.parse(link.data.wrappedKey);
-            // Signatures of keys contain the key itself. This way we only need
-            // to access the KeyLinks to decrypt/verify keys.
-            let nextRawKey;
-            if (wrappedKey.signatures) {
-                nextRawKey = yield this.encryptionService.verify(wrappingKey, wrappedKey);
-            }
-            else {
-                nextRawKey = yield this.encryptionService.decrypt(wrappingKey, wrappedKey);
-            }
-            // Handle nested keys. i.e. Enc{K1}{K2}{K3}(raw key 4), where:
-            //   K1: link.wrappingKey
-            //   K2: link.nestedWrappingKey[0]
-            //   K3: link.nestedWrappingKey[1]
-            if (link.type == KeyGraphEdgeType.KeyLink) {
-                const data = link.data;
-                if (data.nestedWrappingKeyIds) {
-                    for (const nestedWrappingKeyId of data.nestedWrappingKeyIds) {
-                        const key = yield this.getKey(nestedWrappingKeyId);
-                        nextRawKey = yield this.encryptionService.decrypt(key.jwk, nextRawKey);
-                    }
-                }
-            }
-            dstKey.jwk = yield KFS.asKey(nextRawKey);
-            dstKey.task = null;
-        });
-    }
-    _unwrap(key, path) {
-        return __awaiter(this, void 0, void 0, function* () {
-            for (const link of path) {
-                const dstKey = this.key(link.data.keyId);
-                if (dstKey.jwk) {
-                    key = dstKey.jwk;
-                    continue;
-                }
-                if (!dstKey.task) {
-                    dstKey.task = this._unwrapLink(key, link, dstKey);
-                }
-                yield dstKey.task;
-                key = dstKey.jwk;
-            }
-            return key;
-        });
-    }
-    unwrapWithPassKey(passKeyId, passKey, keyId) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Get path of the directory key.
-            const path = this.getPath(passKeyId, keyId);
-            return {
-                id: keyId,
-                jwk: yield this._unwrap(passKey, path),
-            };
-        });
-    }
-    unwrapKey(masterKeyId, keyId) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // The first key should be a masterKey
-            const masterKey = yield this.keyService.loadMasterKey(masterKeyId);
-            if (masterKeyId === keyId) {
-                return masterKey;
-            }
-            // Get path of the directory key.
-            const path = this.getPath(masterKey.id, keyId);
-            return {
-                id: keyId,
-                jwk: yield this._unwrap(masterKey.jwk, path),
-            };
-        });
-    }
-    decryptFromString(keyOrId, cipherData, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (cipherData) {
-                const key = yield this.getJwkKey(keyOrId);
-                return (yield this.encryptionService.decrypt(key, JSON.parse(cipherData), options));
-            }
-            return null;
-        });
-    }
-    decryptFile(keyId, file) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const key = yield this.getJwkKey(keyId);
-            return (yield this.encryptionService.decrypt(key, file, {
-                payloadType: PayloadType.UINT_8_ARRAY,
-            }));
-        });
-    }
-    // TODO rename this to encrypt() and use as the most common usecase
-    encryptToString(key, content) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Empty string should be encrypted since you want to clear the field.
-            // Null is not encrypted because it's not valid JSON in the old JSON spec. Use
-            // empty string instead. It'll function as a logic false as well.
-            // Note that passing in empty string means it'll be encrypted which verifies
-            // it's integrity. But we still want to have a way to set the DB field
-            // to NULL, so we explicitly return null when content == null. A null
-            // variable in graphql mutation on KC server clears the field to NULL.
-            if (content == null) {
-                return null;
-            }
-            const jwk = asJwk(key) || (yield this.getJwkKey(key));
-            return this.encryptionService.encryptToString(jwk, content);
-        });
-    }
-    // Wraps a symmetric encryption key.
-    // Throws exception if wrapping public keys.
-    wrapKey(wrappingKey, key) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (!isSymmetricKey(key)) {
-                throw new KcBadArgumentException('Only allowing wrapping of symmetric keys.');
-            }
-            return this.encryptToString(wrappingKey, key.toJSON(true));
-        });
-    }
-    // TODO
-    // async wrapPublicKey<T>();
-    // async wrapPrivateKey<T>();
-    encryptWithNewKey(wrappingKeyId, cipherClearJson) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const key = yield this.keyFactory.createKey();
-            const wrappedKey = yield this.encryptToString(wrappingKeyId, key.toJSON(true));
-            const cipher = yield this.encryptToString(key, cipherClearJson);
-            return {
-                key,
-                wrappingKeyId,
-                wrappedKey,
-                cipher,
-            };
-        });
-    }
-}
-KeyGraphService.ɵprov = i0.ɵɵdefineInjectable({ factory: function KeyGraphService_Factory() { return new KeyGraphService(i0.ɵɵinject(i1.EncryptionService), i0.ɵɵinject(i2.KeyService), i0.ɵɵinject(i3.KeyFactoryService)); }, token: KeyGraphService, providedIn: "root" });
-KeyGraphService.decorators = [
-    { type: Injectable, args: [{
-                providedIn: 'root',
-            },] }
-];
-KeyGraphService.ctorParameters = () => [
-    { type: EncryptionService },
-    { type: KeyService },
-    { type: KeyFactoryService }
-];
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LWdyYXBoLnNlcnZpY2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9wcm9qZWN0cy9jb3JlL3NyYy9saWIva2V5L2tleS1ncmFwaC5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSx1REFBdUQ7QUFDdkQsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUMzQyxPQUFPLFFBQVEsRUFBRSxFQUFFLEtBQUssRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBR3BELE9BQU8sRUFDTCxLQUFLLEVBRUwsaUJBQWlCLEVBQ2pCLGNBQWMsR0FDZixNQUFNLGtDQUFrQyxDQUFDO0FBQzFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxZQUFZLENBQUM7QUFDcEMsT0FBTyxFQUNMLHNCQUFzQixFQUN0QixtQkFBbUIsRUFDbkIsbUJBQW1CLEVBQ25CLHFCQUFxQixFQUNyQixtQkFBbUIsR0FDcEIsTUFBTSx1QkFBdUIsQ0FBQztBQUMvQixPQUFPLEVBQ0wsaUJBQWlCLEVBQ2pCLGlCQUFpQixJQUFJLEdBQUcsR0FDekIsTUFBTSx1QkFBdUIsQ0FBQztBQUMvQixPQUFPLEVBQUUsVUFBVSxFQUFZLE1BQU0sZUFBZSxDQUFDO0FBQ3JELE9BQU8sRUFHTCxnQkFBZ0IsRUFFaEIsZ0JBQWdCLEVBSWhCLFdBQVcsR0FDWixNQUFNLGFBQWEsQ0FBQzs7Ozs7QUFTckIsTUFBTSxPQUFPLGVBQWU7SUFFMUIsc0JBQXNCO0lBQ3RCLHVCQUF1QjtJQUN2QixLQUFLO0lBRUwsWUFDVSxpQkFBb0MsRUFDcEMsVUFBc0IsRUFDdEIsVUFBNkI7UUFGN0Isc0JBQWlCLEdBQWpCLGlCQUFpQixDQUFtQjtRQUNwQyxlQUFVLEdBQVYsVUFBVSxDQUFZO1FBQ3RCLGVBQVUsR0FBVixVQUFVLENBQW1CO1FBRXJDLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztJQUNuQixDQUFDO0lBRUQsU0FBUztRQUNQLElBQUksQ0FBQyxLQUFLLEdBQUcsSUFBSSxLQUFLLEVBQUUsQ0FBQztRQUN6Qix3QkFBd0I7SUFDMUIsQ0FBQztJQUVLLFlBQVksQ0FBQyxPQUFpQjs7WUFDbEMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUM7Z0JBQ3RCLE9BQU8sRUFBRSxPQUFPLENBQUMsT0FBTztnQkFDeEIsU0FBUyxFQUFFLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7Z0JBQ3BFLE9BQU8sRUFBRSxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLEVBQUUsT0FBTyxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7Z0JBQ3ZFLEdBQUcsRUFBRSxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLEVBQUUsT0FBTyxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7Z0JBQy9ELE1BQU0sRUFBRSxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLEVBQUUsT0FBTyxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUM7YUFDdEUsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztLQUFBO0lBRUQsTUFBTSxDQUFDLEtBQWE7UUFDbEIsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVPLE9BQU8sQ0FBQyxFQUFFLEVBQUUsSUFBSTtRQUN0QixNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUNqQyxJQUFJLENBQUMsSUFBSSxFQUFFO1lBQ1QsTUFBTSxJQUFJLG1CQUFtQixDQUMzQix1Q0FBdUMsRUFBRSxFQUFFLENBQzVDLENBQUM7U0FDSDtRQUNELElBQUksSUFBSSxDQUFDLElBQUksS0FBSyxJQUFJLEVBQUU7WUFDdEIsTUFBTSxJQUFJLG1CQUFtQixDQUFDLGVBQWUsRUFBRSxtQkFBbUIsSUFBSSxFQUFFLENBQUMsQ0FBQztTQUMzRTtRQUNELE9BQU8sSUFBSSxDQUFDLElBQUksQ0FBQztJQUNuQixDQUFDO0lBRUQsR0FBRyxDQUFDLEVBQUU7UUFDSixPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsRUFBRSxFQUFFLGdCQUFnQixDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ2hELENBQUM7SUFFRCxPQUFPLENBQUMsRUFBRTtRQUNSLE9BQU8sSUFBSSxDQUFDLE9BQU8sQ0FBQyxFQUFFLEVBQUUsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDcEQsQ0FBQztJQUVELE9BQU8sQ0FBQyxHQUFxQjtRQUMzQixPQUFPO1FBQ1AsSUFBSSxHQUFHLENBQUMsSUFBSSxFQUFFO1lBQ1osbUZBQW1GO1lBQ25GLDhEQUE4RDtZQUM5RCxLQUFLLE1BQU0sR0FBRyxJQUFJLEdBQUcsQ0FBQyxJQUFJLEVBQUU7Z0JBQzFCLDJFQUEyRTtnQkFDM0UsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEVBQUU7b0JBQzlCLFNBQVM7aUJBQ1Y7Z0JBRUQsTUFBTSxJQUFJLEdBQWlCO29CQUN6QixJQUFJLEVBQUUsZ0JBQWdCLENBQUMsR0FBRztvQkFDMUIsSUFBSSxFQUFFLE1BQU0sQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFDO2lCQUM1QixDQUFDO2dCQUVGLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxFQUFFLEVBQUUsSUFBSSxDQUFDLENBQUM7YUFDbEM7U0FDRjtRQUVELFdBQVc7UUFDWCxJQUFJLEdBQUcsQ0FBQyxRQUFRLEVBQUU7WUFDaEIsS0FBSyxNQUFNLE9BQU8sSUFBSSxHQUFHLENBQUMsUUFBUSxFQUFFO2dCQUNsQyxJQUFJLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxhQUFhLEVBQUUsT0FBTyxDQUFDLEtBQUssQ0FBQyxFQUFFO29CQUM1RCxTQUFTO2lCQUNWO2dCQUVELE1BQU0sSUFBSSxHQUFpQjtvQkFDekIsSUFBSSxFQUFFLGdCQUFnQixDQUFDLE9BQU87b0JBQzlCLElBQUksRUFBRSxNQUFNLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQztpQkFDaEMsQ0FBQztnQkFDRiw4Q0FBOEM7Z0JBQzlDLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxhQUFhLEVBQUUsT0FBTyxDQUFDLEtBQUssRUFBRSxJQUFJLENBQUMsQ0FBQzthQUNoRTtTQUNGO1FBRUQsZUFBZTtRQUNmLElBQUksR0FBRyxDQUFDLFlBQVksRUFBRTtZQUNwQixLQUFLLE1BQU0sV0FBVyxJQUFJLEdBQUcsQ0FBQyxZQUFZLEVBQUU7Z0JBQzFDLElBQUksSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLFNBQVMsRUFBRSxXQUFXLENBQUMsS0FBSyxDQUFDLEVBQUU7b0JBQ2hFLFNBQVM7aUJBQ1Y7Z0JBRUQsTUFBTSxJQUFJLEdBQWlCO29CQUN6QixJQUFJLEVBQUUsZ0JBQWdCLENBQUMsV0FBVztvQkFDbEMsSUFBSSxFQUFFLE1BQU0sQ0FBQyxTQUFTLENBQUMsV0FBVyxDQUFDO2lCQUNwQyxDQUFDO2dCQUNGLDhDQUE4QztnQkFDOUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLFNBQVMsRUFBRSxXQUFXLENBQUMsS0FBSyxFQUFFLElBQUksQ0FBQyxDQUFDO2FBQ3BFO1NBQ0Y7UUFFRCx3RUFBd0U7UUFDeEUsd0JBQXdCO0lBQzFCLENBQUM7SUFFRCxTQUFTLENBQUMsU0FBUyxFQUFFLEtBQWE7UUFDaEMseURBQXlEO1FBQ3pELE1BQU0sR0FBRyxHQUFtQixFQUFFLENBQUM7UUFDL0IsSUFBSSxJQUFJLEdBQUcsS0FBSyxDQUFDO1FBQ2pCLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUMsV0FBVyxFQUFFO1lBQ2hDLE9BQU8sSUFBSSxDQUFDO1NBQ2I7UUFFRCxPQUFPLFNBQVMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxXQUFXLEVBQUU7WUFDbEMsTUFBTSxLQUFLLEdBQUcsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDLFdBQVcsQ0FBQztZQUMxQyxHQUFHLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxJQUFJLENBQUMsQ0FBQyxDQUFDO1lBQ3ZDLElBQUksR0FBRyxLQUFLLENBQUM7U0FDZDtRQUVELGtEQUFrRDtRQUNsRCxHQUFHLENBQUMsT0FBTyxFQUFFLENBQUM7UUFFZCxPQUFPLEdBQUcsQ0FBQztJQUNiLENBQUM7SUFFRCxPQUFPLENBQUMsVUFBa0IsRUFBRSxLQUFhO1FBQ3ZDLElBQUksQ0FBQyxVQUFVLElBQUksT0FBTyxVQUFVLEtBQUssUUFBUSxFQUFFO1lBQ2pELE1BQU0sSUFBSSxxQkFBcUIsQ0FDN0Isa0NBQWtDLFVBQVUsRUFBRSxDQUMvQyxDQUFDO1NBQ0g7UUFDRCxJQUFJLENBQUMsS0FBSyxJQUFJLE9BQU8sS0FBSyxLQUFLLFFBQVEsRUFBRTtZQUN2QyxNQUFNLElBQUkscUJBQXFCLENBQUMsNkJBQTZCLEtBQUssRUFBRSxDQUFDLENBQUM7U0FDdkU7UUFFRCwyQkFBMkI7UUFDM0IsNkNBQTZDO1FBQzdDLDZDQUE2QztRQUM3Qyw2Q0FBNkM7UUFDN0MsNkNBQTZDO1FBQzdDLDhDQUE4QztRQUM5QyxNQUFNLFNBQVMsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsS0FBSyxFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBRWhFLHNDQUFzQztRQUN0QyxPQUFPLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUyxFQUFFLEtBQUssQ0FBQyxDQUFDO0lBQzFDLENBQUM7SUFFSyxTQUFTLENBQ2IsT0FBcUIsRUFDckIsZ0JBQWlEOztZQUVqRCxPQUFPLENBQUMsTUFBTSxJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8sRUFBRSxnQkFBZ0IsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDO1FBQzVELENBQUM7S0FBQTtJQUVELHdEQUF3RDtJQUN4RCwrREFBK0Q7SUFDL0QsNkRBQTZEO0lBQzdELGdEQUFnRDtJQUMxQyxNQUFNLENBQ1YsT0FBcUIsRUFDckIsZ0JBQWlEOztZQUVqRCxJQUFJLEtBQUssR0FBRyxPQUFPLE9BQU8sS0FBSyxRQUFRLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsT0FBTyxhQUFQLE9BQU8sdUJBQVAsT0FBTyxDQUFFLEVBQUUsQ0FBQztZQUVoRSxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsSUFBSSxnQkFBZ0IsRUFBRTtnQkFDM0MsTUFBTSxpQkFBaUIsR0FBRyxNQUFNLGdCQUFnQixFQUFFLENBQUM7Z0JBRW5ELElBQUksS0FBSyxJQUFJLElBQUksSUFBSSxLQUFLLElBQUksaUJBQWlCLEVBQUU7b0JBQy9DLE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsZ0dBQWdHO3dCQUM5RixxRUFBcUU7d0JBQ3JFLG9DQUFvQyxDQUN2QyxDQUFDO2lCQUNIO2dCQUVELEtBQUssR0FBRyxpQkFBaUIsQ0FBQzthQUMzQjtZQUNELGtDQUFrQztZQUVsQyxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxDQUFDO1lBQzVCLElBQUksR0FBRyxDQUFDLEdBQUcsRUFBRTtnQkFDWCxPQUFPLEdBQUcsQ0FBQzthQUNaO2lCQUFNO2dCQUNMLE9BQU8sSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLGdCQUFnQixDQUFDLEVBQUUsRUFBRSxLQUFLLENBQUMsQ0FBQzthQUNuRTtRQUNILENBQUM7S0FBQTtJQUVhLFdBQVcsQ0FDdkIsV0FBb0IsRUFDcEIsSUFBa0IsRUFDbEIsTUFBZ0I7O1lBRWhCLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztZQUVwRCxtRUFBbUU7WUFDbkUsaURBQWlEO1lBQ2pELElBQUksVUFBVSxDQUFDO1lBQ2YsSUFBSSxVQUFVLENBQUMsVUFBVSxFQUFFO2dCQUN6QixVQUFVLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsTUFBTSxDQUFDLFdBQVcsRUFBRSxVQUFVLENBQUMsQ0FBQzthQUMzRTtpQkFBTTtnQkFDTCxVQUFVLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMvQyxXQUFXLEVBQ1gsVUFBVSxDQUNYLENBQUM7YUFDSDtZQUVELDhEQUE4RDtZQUM5RCx5QkFBeUI7WUFDekIsa0NBQWtDO1lBQ2xDLGtDQUFrQztZQUNsQyxJQUFJLElBQUksQ0FBQyxJQUFJLElBQUksZ0JBQWdCLENBQUMsT0FBTyxFQUFFO2dCQUN6QyxNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsSUFBZSxDQUFDO2dCQUNsQyxJQUFJLElBQUksQ0FBQyxvQkFBb0IsRUFBRTtvQkFDN0IsS0FBSyxNQUFNLG1CQUFtQixJQUFJLElBQUksQ0FBQyxvQkFBb0IsRUFBRTt3QkFDM0QsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsTUFBTSxDQUFDLG1CQUFtQixDQUFDLENBQUM7d0JBQ25ELFVBQVUsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQy9DLEdBQUcsQ0FBQyxHQUFHLEVBQ1AsVUFBVSxDQUNYLENBQUM7cUJBQ0g7aUJBQ0Y7YUFDRjtZQUVELE1BQU0sQ0FBQyxHQUFHLEdBQUcsTUFBTSxHQUFHLENBQUMsS0FBSyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1lBQ3pDLE1BQU0sQ0FBQyxJQUFJLEdBQUcsSUFBSSxDQUFDO1FBQ3JCLENBQUM7S0FBQTtJQUVhLE9BQU8sQ0FBQyxHQUFZLEVBQUUsSUFBb0I7O1lBQ3RELEtBQUssTUFBTSxJQUFJLElBQUksSUFBSSxFQUFFO2dCQUN2QixNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQ3pDLElBQUksTUFBTSxDQUFDLEdBQUcsRUFBRTtvQkFDZCxHQUFHLEdBQUcsTUFBTSxDQUFDLEdBQUcsQ0FBQztvQkFDakIsU0FBUztpQkFDVjtnQkFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRTtvQkFDaEIsTUFBTSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLEdBQUcsRUFBRSxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUM7aUJBQ25EO2dCQUVELE1BQU0sTUFBTSxDQUFDLElBQUksQ0FBQztnQkFDbEIsR0FBRyxHQUFHLE1BQU0sQ0FBQyxHQUFHLENBQUM7YUFDbEI7WUFFRCxPQUFPLEdBQUcsQ0FBQztRQUNiLENBQUM7S0FBQTtJQUVZLGlCQUFpQixDQUM1QixTQUFpQixFQUNqQixPQUFnQixFQUNoQixLQUFhOztZQUViLGlDQUFpQztZQUNqQyxNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVMsRUFBRSxLQUFLLENBQUMsQ0FBQztZQUU1QyxPQUFPO2dCQUNMLEVBQUUsRUFBRSxLQUFLO2dCQUNULEdBQUcsRUFBRSxNQUFNLElBQUksQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLElBQUksQ0FBQzthQUN2QyxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRUssU0FBUyxDQUFDLFdBQW1CLEVBQUUsS0FBYTs7WUFDaEQsc0NBQXNDO1lBQ3RDLE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLENBQUMsV0FBVyxDQUFDLENBQUM7WUFFbkUsSUFBSSxXQUFXLEtBQUssS0FBSyxFQUFFO2dCQUN6QixPQUFPLFNBQVMsQ0FBQzthQUNsQjtZQUVELGlDQUFpQztZQUNqQyxNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUM7WUFFL0MsT0FBTztnQkFDTCxFQUFFLEVBQUUsS0FBSztnQkFDVCxHQUFHLEVBQUUsTUFBTSxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQUUsSUFBSSxDQUFDO2FBQzdDLENBQUM7UUFDSixDQUFDO0tBQUE7SUFFSyxpQkFBaUIsQ0FDckIsT0FBcUIsRUFDckIsVUFBa0IsRUFDbEIsT0FBd0I7O1lBRXhCLElBQUksVUFBVSxFQUFFO2dCQUNkLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFDMUMsT0FBTyxDQUFDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDMUMsR0FBRyxFQUNILElBQUksQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFDLEVBQ3RCLE9BQU8sQ0FDUixDQUFRLENBQUM7YUFDWDtZQUNELE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztLQUFBO0lBRUssV0FBVyxDQUFDLEtBQWEsRUFBRSxJQUFTOztZQUN4QyxNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDeEMsT0FBTyxDQUFDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUUsSUFBSSxFQUFFO2dCQUN0RCxXQUFXLEVBQUUsV0FBVyxDQUFDLFlBQVk7YUFDdEMsQ0FBQyxDQUFRLENBQUM7UUFDYixDQUFDO0tBQUE7SUFFRCxtRUFBbUU7SUFDN0QsZUFBZSxDQUNuQixHQUEyQixFQUMzQixPQUFZOztZQUVaLHNFQUFzRTtZQUN0RSw4RUFBOEU7WUFDOUUsaUVBQWlFO1lBQ2pFLDRFQUE0RTtZQUM1RSxzRUFBc0U7WUFDdEUscUVBQXFFO1lBQ3JFLHNFQUFzRTtZQUN0RSxJQUFJLE9BQU8sSUFBSSxJQUFJLEVBQUU7Z0JBQ25CLE9BQU8sSUFBSSxDQUFDO2FBQ2I7WUFFRCxNQUFNLEdBQUcsR0FBRyxLQUFLLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsR0FBbUIsQ0FBQyxDQUFDLENBQUM7WUFDdEUsT0FBTyxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUFDLEdBQUcsRUFBRSxPQUFPLENBQUMsQ0FBQztRQUM5RCxDQUFDO0tBQUE7SUFFRCxvQ0FBb0M7SUFDcEMsNENBQTRDO0lBQ3RDLE9BQU8sQ0FDWCxXQUFtQyxFQUNuQyxHQUFZOztZQUVaLElBQUksQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLEVBQUU7Z0JBQ3hCLE1BQU0sSUFBSSxzQkFBc0IsQ0FDOUIsMkNBQTJDLENBQzVDLENBQUM7YUFDSDtZQUVELE9BQU8sSUFBSSxDQUFDLGVBQWUsQ0FBQyxXQUFXLEVBQUUsR0FBRyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1FBQzdELENBQUM7S0FBQTtJQUVELE9BQU87SUFDUCw0QkFBNEI7SUFDNUIsNkJBQTZCO0lBRXZCLGlCQUFpQixDQUFDLGFBQXFCLEVBQUUsZUFBMkI7O1lBQ3hFLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUM5QyxNQUFNLFVBQVUsR0FBRyxNQUFNLElBQUksQ0FBQyxlQUFlLENBQzNDLGFBQWEsRUFDYixHQUFHLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUNqQixDQUFDO1lBQ0YsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsRUFBRSxlQUFlLENBQUMsQ0FBQztZQUVoRSxPQUFPO2dCQUNMLEdBQUc7Z0JBQ0gsYUFBYTtnQkFDYixVQUFVO2dCQUNWLE1BQU07YUFDUCxDQUFDO1FBQ0osQ0FBQztLQUFBOzs7O1lBeldGLFVBQVUsU0FBQztnQkFDVixVQUFVLEVBQUUsTUFBTTthQUNuQjs7O1lBbENDLGlCQUFpQjtZQWVWLFVBQVU7WUFIakIsaUJBQWlCIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUgQHR5cGVzY3JpcHQtZXNsaW50L25vLWV4cGxpY2l0LWFueSAqL1xuaW1wb3J0IHsgSW5qZWN0YWJsZSB9IGZyb20gJ0Bhbmd1bGFyL2NvcmUnO1xuaW1wb3J0IGdyYXBobGliLCB7IEdyYXBoIH0gZnJvbSAnQGRhZ3JlanMvZ3JhcGhsaWInO1xuaW1wb3J0IHsgSldLIH0gZnJvbSAnbm9kZS1qb3NlJztcbmltcG9ydCB7IEpTT05PYmplY3QgfSBmcm9tICcuLi9hcGkvdHlwZXMnO1xuaW1wb3J0IHtcbiAgYXNKd2ssXG4gIERlY3J5cHRPcHRpb25zLFxuICBFbmNyeXB0aW9uU2VydmljZSxcbiAgaXNTeW1tZXRyaWNLZXksXG59IGZyb20gJy4uL2VuY3J5cHRpb24vZW5jcnlwdGlvbi5zZXJ2aWNlJztcbmltcG9ydCB7IGxvZGFzaCB9IGZyb20gJy4uL19jb21tb24nO1xuaW1wb3J0IHtcbiAgS2NCYWRBcmd1bWVudEV4Y2VwdGlvbixcbiAgS2NCYWRMb2dpY0V4Y2VwdGlvbixcbiAgS2NCYWRTdGF0ZUV4Y2VwdGlvbixcbiAgS2NFbmNyeXB0aW9uRXhjZXB0aW9uLFxuICBLY05vdEZvdW5kRXhjZXB0aW9uLFxufSBmcm9tICcuLi9fY29tbW9uL2V4Y2VwdGlvbnMnO1xuaW1wb3J0IHtcbiAgS2V5RmFjdG9yeVNlcnZpY2UsXG4gIEtleUZhY3RvcnlTZXJ2aWNlIGFzIEtGUyxcbn0gZnJvbSAnLi9rZXktZmFjdG9yeS5zZXJ2aWNlJztcbmltcG9ydCB7IEtleVNlcnZpY2UsIFVzZXJLZXlzIH0gZnJvbSAnLi9rZXkuc2VydmljZSc7XG5pbXBvcnQge1xuICBLZXksXG4gIEtleUdyYXBoRWRnZSxcbiAgS2V5R3JhcGhFZGdlVHlwZSxcbiAgS2V5R3JhcGhOb2RlLFxuICBLZXlHcmFwaE5vZGVUeXBlLFxuICBLZXlHcmFwaFJlc3BvbnNlLFxuICBLZXlMaW5rLFxuICBQYXNzS2V5LFxuICBQYXlsb2FkVHlwZSxcbn0gZnJvbSAnLi9rZXkudHlwZXMnO1xuXG5leHBvcnQgaW50ZXJmYWNlIEdyYXBoS2V5IGV4dGVuZHMgS2V5IHtcbiAgdGFzaz86IFByb21pc2U8YW55Pjtcbn1cblxuQEluamVjdGFibGUoe1xuICBwcm92aWRlZEluOiAncm9vdCcsXG59KVxuZXhwb3J0IGNsYXNzIEtleUdyYXBoU2VydmljZSB7XG4gIHByaXZhdGUgZ3JhcGg6IEdyYXBoO1xuICAvLyBwcml2YXRlIGtleUNhY2hlOiB7XG4gIC8vICAgW2lkOiBzdHJpbmddOiBLZXk7XG4gIC8vIH07XG5cbiAgY29uc3RydWN0b3IoXG4gICAgcHJpdmF0ZSBlbmNyeXB0aW9uU2VydmljZTogRW5jcnlwdGlvblNlcnZpY2UsXG4gICAgcHJpdmF0ZSBrZXlTZXJ2aWNlOiBLZXlTZXJ2aWNlLFxuICAgIHByaXZhdGUga2V5RmFjdG9yeTogS2V5RmFjdG9yeVNlcnZpY2VcbiAgKSB7XG4gICAgdGhpcy5wdXJnZUtleXMoKTtcbiAgfVxuXG4gIHB1cmdlS2V5cygpIHtcbiAgICB0aGlzLmdyYXBoID0gbmV3IEdyYXBoKCk7XG4gICAgLy8gdGhpcy5rZXlDYWNoZSA9IG51bGw7XG4gIH1cblxuICBhc3luYyBwb3B1bGF0ZUtleXModXNlcktleTogVXNlcktleXMpIHtcbiAgICB0aGlzLmtleVNlcnZpY2Uuc2V0S2V5cyh7XG4gICAgICBwYXNzS2V5OiB1c2VyS2V5LnBhc3NLZXksXG4gICAgICBtYXN0ZXJLZXk6IGF3YWl0IHRoaXMua2V5U2VydmljZS5sb2FkTWFzdGVyS2V5KHVzZXJLZXkubWFzdGVyS2V5LmlkKSxcbiAgICAgIHJvb3RLZXk6IGF3YWl0IHRoaXMudW53cmFwS2V5KHVzZXJLZXkubWFzdGVyS2V5LmlkLCB1c2VyS2V5LnJvb3RLZXkuaWQpLFxuICAgICAgcHhrOiBhd2FpdCB0aGlzLnVud3JhcEtleSh1c2VyS2V5Lm1hc3RlcktleS5pZCwgdXNlcktleS5weGsuaWQpLFxuICAgICAgc2lnUHhrOiBhd2FpdCB0aGlzLnVud3JhcEtleSh1c2VyS2V5Lm1hc3RlcktleS5pZCwgdXNlcktleS5zaWdQeGsuaWQpLFxuICAgIH0pO1xuICB9XG5cbiAgaGFzS2V5KGtleUlkOiBzdHJpbmcpIHtcbiAgICByZXR1cm4gISF0aGlzLmdyYXBoLm5vZGUoa2V5SWQpO1xuICB9XG5cbiAgcHJpdmF0ZSBnZXROb2RlKGlkLCB0eXBlKTogR3JhcGhLZXkgfCBQYXNzS2V5IHtcbiAgICBjb25zdCBub2RlID0gdGhpcy5ncmFwaC5ub2RlKGlkKTtcbiAgICBpZiAoIW5vZGUpIHtcbiAgICAgIHRocm93IG5ldyBLY05vdEZvdW5kRXhjZXB0aW9uKFxuICAgICAgICBgS2V5IGdyYXBocyBkb2VzIG5vdCBjb250YWluIGtleSBpZDogJHtpZH1gXG4gICAgICApO1xuICAgIH1cbiAgICBpZiAobm9kZS50eXBlICE9PSB0eXBlKSB7XG4gICAgICB0aHJvdyBuZXcgS2NCYWRTdGF0ZUV4Y2VwdGlvbihgS2V5IHdpdGggaWQgJHtpZH0gaXMgbm90IG9mIHR5cGUgJHt0eXBlfWApO1xuICAgIH1cbiAgICByZXR1cm4gbm9kZS5kYXRhO1xuICB9XG5cbiAga2V5KGlkKTogR3JhcGhLZXkge1xuICAgIHJldHVybiB0aGlzLmdldE5vZGUoaWQsIEtleUdyYXBoTm9kZVR5cGUuS2V5KTtcbiAgfVxuXG4gIHBhc3NLZXkoaWQpOiBQYXNzS2V5IHtcbiAgICByZXR1cm4gdGhpcy5nZXROb2RlKGlkLCBLZXlHcmFwaE5vZGVUeXBlLlBhc3NLZXkpO1xuICB9XG5cbiAgYWRkS2V5cyhzcmM6IEtleUdyYXBoUmVzcG9uc2UpIHtcbiAgICAvLyBLZXlzXG4gICAgaWYgKHNyYy5rZXlzKSB7XG4gICAgICAvLyBXaGF0IGtleSBncmFwaCByZXR1cm5zIGNhbiBub3QgYmUgY3VzdG9taXplZC4gU28ga2V5cyBhcmUgZXNzZW50aWFsbHkgaW1tdXRhYmxlLlxuICAgICAgLy8gVGhlcmVmb3JlLCBpZiBhIGtleSBleGlzdHMsIHRoZXJlJ3Mgbm8gcmVhc29uIHRvIHVwZGF0ZSBpdC5cbiAgICAgIGZvciAoY29uc3Qga2V5IG9mIHNyYy5rZXlzKSB7XG4gICAgICAgIC8vIE5vdGUgdXNpbmcgUmVsYXkgZ2xvYmFsIGlkIGFsbG93cyB1cyB0byBub3Qgd29ycnkgYWJvdXQgY2xhc2hpbmcgbm9kZSBpZFxuICAgICAgICBpZiAodGhpcy5ncmFwaC5oYXNOb2RlKGtleS5pZCkpIHtcbiAgICAgICAgICBjb250aW51ZTtcbiAgICAgICAgfVxuXG4gICAgICAgIGNvbnN0IG5vZGU6IEtleUdyYXBoTm9kZSA9IHtcbiAgICAgICAgICB0eXBlOiBLZXlHcmFwaE5vZGVUeXBlLktleSxcbiAgICAgICAgICBkYXRhOiBsb2Rhc2guY2xvbmVEZWVwKGtleSksXG4gICAgICAgIH07XG5cbiAgICAgICAgdGhpcy5ncmFwaC5zZXROb2RlKGtleS5pZCwgbm9kZSk7XG4gICAgICB9XG4gICAgfVxuXG4gICAgLy8gS2V5TGlua3NcbiAgICBpZiAoc3JjLmtleUxpbmtzKSB7XG4gICAgICBmb3IgKGNvbnN0IGtleUxpbmsgb2Ygc3JjLmtleUxpbmtzKSB7XG4gICAgICAgIGlmICh0aGlzLmdyYXBoLmhhc0VkZ2Uoa2V5TGluay53cmFwcGluZ0tleUlkLCBrZXlMaW5rLmtleUlkKSkge1xuICAgICAgICAgIGNvbnRpbnVlO1xuICAgICAgICB9XG5cbiAgICAgICAgY29uc3QgZWRnZTogS2V5R3JhcGhFZGdlID0ge1xuICAgICAgICAgIHR5cGU6IEtleUdyYXBoRWRnZVR5cGUuS2V5TGluayxcbiAgICAgICAgICBkYXRhOiBsb2Rhc2guY2xvbmVEZWVwKGtleUxpbmspLFxuICAgICAgICB9O1xuICAgICAgICAvLyBFZGdlIGdvZXMgZnJvbSB3cmFwcGluZyBrZXkgdG8gd3JhcHBlZCBrZXkuXG4gICAgICAgIHRoaXMuZ3JhcGguc2V0RWRnZShrZXlMaW5rLndyYXBwaW5nS2V5SWQsIGtleUxpbmsua2V5SWQsIGVkZ2UpO1xuICAgICAgfVxuICAgIH1cblxuICAgIC8vIFBhc3NLZXlMaW5rc1xuICAgIGlmIChzcmMucGFzc0tleUxpbmtzKSB7XG4gICAgICBmb3IgKGNvbnN0IHBhc3NLZXlMaW5rIG9mIHNyYy5wYXNzS2V5TGlua3MpIHtcbiAgICAgICAgaWYgKHRoaXMuZ3JhcGguaGFzRWRnZShwYXNzS2V5TGluay5wYXNzS2V5SWQsIHBhc3NLZXlMaW5rLmtleUlkKSkge1xuICAgICAgICAgIGNvbnRpbnVlO1xuICAgICAgICB9XG5cbiAgICAgICAgY29uc3QgZWRnZTogS2V5R3JhcGhFZGdlID0ge1xuICAgICAgICAgIHR5cGU6IEtleUdyYXBoRWRnZVR5cGUuUGFzc0tleUxpbmssXG4gICAgICAgICAgZGF0YTogbG9kYXNoLmNsb25lRGVlcChwYXNzS2V5TGluayksXG4gICAgICAgIH07XG4gICAgICAgIC8vIEVkZ2UgZ29lcyBmcm9tIHdyYXBwaW5nIGtleSB0byB3cmFwcGVkIGtleS5cbiAgICAgICAgdGhpcy5ncmFwaC5zZXRFZGdlKHBhc3NLZXlMaW5rLnBhc3NLZXlJZCwgcGFzc0tleUxpbmsua2V5SWQsIGVkZ2UpO1xuICAgICAgfVxuICAgIH1cblxuICAgIC8vIFRoZSBncmFwaCBpcyB0aGUgc2luZ2xlIHNvdXJjZSBvZiB0cnV0aC4gVGhlc2UgYXJlIGxhemlseSBjYWxjdWxhdGVkLlxuICAgIC8vIHRoaXMua2V5Q2FjaGUgPSBudWxsO1xuICB9XG5cbiAgdHJhY2VQYXRoKGRpc3RhbmNlcywga2V5SWQ6IHN0cmluZyk6IEtleUdyYXBoRWRnZVtdIHtcbiAgICAvLyBUaGUgbm9kZSBsYWJlbCBpcyB0aGUgc2FtZSBhcyB0aGUgaWQgb2YgdGhlIGtleSBub2Rlcy5cbiAgICBjb25zdCByZXQ6IEtleUdyYXBoRWRnZVtdID0gW107XG4gICAgbGV0IG5vZGUgPSBrZXlJZDtcbiAgICBpZiAoIWRpc3RhbmNlc1tub2RlXS5wcmVkZWNlc3Nvcikge1xuICAgICAgcmV0dXJuIG51bGw7XG4gICAgfVxuXG4gICAgd2hpbGUgKGRpc3RhbmNlc1tub2RlXS5wcmVkZWNlc3Nvcikge1xuICAgICAgY29uc3QgY2hpbGQgPSBkaXN0YW5jZXNbbm9kZV0ucHJlZGVjZXNzb3I7XG4gICAgICByZXQucHVzaCh0aGlzLmdyYXBoLmVkZ2UoY2hpbGQsIG5vZGUpKTtcbiAgICAgIG5vZGUgPSBjaGlsZDtcbiAgICB9XG5cbiAgICAvLyBBZnRlciByZXZlcnNlLCB0aGUgZmlyc3QgZWxlbWVudCBpcyB0aGUgcGFzc2tleVxuICAgIHJldC5yZXZlcnNlKCk7XG5cbiAgICByZXR1cm4gcmV0O1xuICB9XG5cbiAgZ2V0UGF0aChrbm93bktleUlkOiBzdHJpbmcsIGtleUlkOiBzdHJpbmcpOiBLZXlHcmFwaEVkZ2VbXSB7XG4gICAgaWYgKCFrbm93bktleUlkIHx8IHR5cGVvZiBrbm93bktleUlkICE9PSAnc3RyaW5nJykge1xuICAgICAgdGhyb3cgbmV3IEtjRW5jcnlwdGlvbkV4Y2VwdGlvbihcbiAgICAgICAgYFBhcmFtIGtub3duS2V5SWQgd3JvbmcgZm9ybWF0OiAke2tub3duS2V5SWR9YFxuICAgICAgKTtcbiAgICB9XG4gICAgaWYgKCFrZXlJZCB8fCB0eXBlb2Yga2V5SWQgIT09ICdzdHJpbmcnKSB7XG4gICAgICB0aHJvdyBuZXcgS2NFbmNyeXB0aW9uRXhjZXB0aW9uKGBQYXJhbSBrZXlJZCB3cm9uZyBmb3JtYXQ6ICR7a2V5SWR9YCk7XG4gICAgfVxuXG4gICAgLy8gPT4geyBBOiB7IGRpc3RhbmNlOiAwIH0sXG4gICAgLy8gICAgICBCOiB7IGRpc3RhbmNlOiA2LCBwcmVkZWNlc3NvcjogJ0MnIH0sXG4gICAgLy8gICAgICBDOiB7IGRpc3RhbmNlOiA0LCBwcmVkZWNlc3NvcjogJ0EnIH0sXG4gICAgLy8gICAgICBEOiB7IGRpc3RhbmNlOiAyLCBwcmVkZWNlc3NvcjogJ0EnIH0sXG4gICAgLy8gICAgICBFOiB7IGRpc3RhbmNlOiA4LCBwcmVkZWNlc3NvcjogJ0YnIH0sXG4gICAgLy8gICAgICBGOiB7IGRpc3RhbmNlOiA0LCBwcmVkZWNlc3NvcjogJ0QnIH0gfVxuICAgIGNvbnN0IGRpc3RhbmNlcyA9IGdyYXBobGliLmFsZy5kaWprc3RyYSh0aGlzLmdyYXBoLCBrbm93bktleUlkKTtcblxuICAgIC8vIFRyYWNlIHBhdGggZnJvbSBrZXlJZCB0byBrbm93bktleUlkXG4gICAgcmV0dXJuIHRoaXMudHJhY2VQYXRoKGRpc3RhbmNlcywga2V5SWQpO1xuICB9XG5cbiAgYXN5bmMgZ2V0SndrS2V5KFxuICAgIGtleU9ySWQ6IHN0cmluZyB8IEtleSxcbiAgICBnZXRLZXlJZENhbGxiYWNrPzogKCkgPT4gUHJvbWlzZTxzdHJpbmc+IHwgc3RyaW5nXG4gICk6IFByb21pc2U8SldLLktleT4ge1xuICAgIHJldHVybiAoYXdhaXQgdGhpcy5nZXRLZXkoa2V5T3JJZCwgZ2V0S2V5SWRDYWxsYmFjaykpLmp3aztcbiAgfVxuXG4gIC8vIFdlIGFzc3VtZSB0aGF0IHdoZW4gYSBrZXlJZCBpcyBmZXRjaGVkLCB0aGUga2V5IGdyYXBoXG4gIC8vIGZvciB0aGUga2V5IGlzIGFsc28gcmV0dXJuZWQgYW5kIG1lcmdlZCBpbnRvIHRoZSBjbGllbnQtc2lkZVxuICAvLyBrZXkgZ3JhcGguIEJ5IGluc2lzdGluZyBhIGtleUlkIGlzIHJldHVybmVkIGluc3RlYWQgb2YgdGhlXG4gIC8vIGFjdHVhbCBrZXkgd2UgZW5zdXJlIGtleS1ncmFwaCBpcyBjb25zaXN0ZW50LlxuICBhc3luYyBnZXRLZXkoXG4gICAga2V5T3JJZDogc3RyaW5nIHwgS2V5LFxuICAgIGdldEtleUlkQ2FsbGJhY2s/OiAoKSA9PiBQcm9taXNlPHN0cmluZz4gfCBzdHJpbmdcbiAgKTogUHJvbWlzZTxLZXk+IHtcbiAgICBsZXQga2V5SWQgPSB0eXBlb2Yga2V5T3JJZCA9PT0gJ3N0cmluZycgPyBrZXlPcklkIDoga2V5T3JJZD8uaWQ7XG5cbiAgICBpZiAoIXRoaXMuaGFzS2V5KGtleUlkKSAmJiBnZXRLZXlJZENhbGxiYWNrKSB7XG4gICAgICBjb25zdCBrZXlJZEZyb21DYWxsYmFjayA9IGF3YWl0IGdldEtleUlkQ2FsbGJhY2soKTtcblxuICAgICAgaWYgKGtleUlkICE9IG51bGwgJiYga2V5SWQgIT0ga2V5SWRGcm9tQ2FsbGJhY2spIHtcbiAgICAgICAgdGhyb3cgbmV3IEtjQmFkTG9naWNFeGNlcHRpb24oXG4gICAgICAgICAgJ1JlcXVlc3RlZCBrZXlJZCBpcyBub3QgaW4gdGhlIGtleSBjYWNoZSwgc28gYW4gQVBJIHJlcXVlc3Qgd2FzIG1hZGUgdG8gcG9wdWxhdGUgdGhlIGtleSBjYWNoZS4nICtcbiAgICAgICAgICAgICdCdXQgdGhlIGtleSByZXR1cm5lZCBieSB0aGUgQVBJIGRvZXMgTk9UIG1hdGNoIHRoZSByZXF1ZXN0ZWQga2V5SWQuJyArXG4gICAgICAgICAgICAnVGhpcyBpcyBhIHByb2dyYW1taW5nIGxvZ2ljIGVycm9yLidcbiAgICAgICAgKTtcbiAgICAgIH1cblxuICAgICAga2V5SWQgPSBrZXlJZEZyb21DYWxsYmFjaztcbiAgICB9XG4gICAgLy8gZWxzZSwgY29udGludWUgYW5kIGxldCBpdCBmYWlsLlxuXG4gICAgY29uc3Qga2V5ID0gdGhpcy5rZXkoa2V5SWQpO1xuICAgIGlmIChrZXkuandrKSB7XG4gICAgICByZXR1cm4ga2V5O1xuICAgIH0gZWxzZSB7XG4gICAgICByZXR1cm4gdGhpcy51bndyYXBLZXkodGhpcy5rZXlTZXJ2aWNlLmN1cnJlbnRNYXN0ZXJLZXkuaWQsIGtleUlkKTtcbiAgICB9XG4gIH1cblxuICBwcml2YXRlIGFzeW5jIF91bndyYXBMaW5rKFxuICAgIHdyYXBwaW5nS2V5OiBKV0suS2V5LFxuICAgIGxpbms6IEtleUdyYXBoRWRnZSxcbiAgICBkc3RLZXk6IEdyYXBoS2V5XG4gICkge1xuICAgIGNvbnN0IHdyYXBwZWRLZXkgPSBKU09OLnBhcnNlKGxpbmsuZGF0YS53cmFwcGVkS2V5KTtcblxuICAgIC8vIFNpZ25hdHVyZXMgb2Yga2V5cyBjb250YWluIHRoZSBrZXkgaXRzZWxmLiBUaGlzIHdheSB3ZSBvbmx5IG5lZWRcbiAgICAvLyB0byBhY2Nlc3MgdGhlIEtleUxpbmtzIHRvIGRlY3J5cHQvdmVyaWZ5IGtleXMuXG4gICAgbGV0IG5leHRSYXdLZXk7XG4gICAgaWYgKHdyYXBwZWRLZXkuc2lnbmF0dXJlcykge1xuICAgICAgbmV4dFJhd0tleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UudmVyaWZ5KHdyYXBwaW5nS2V5LCB3cmFwcGVkS2V5KTtcbiAgICB9IGVsc2Uge1xuICAgICAgbmV4dFJhd0tleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcbiAgICAgICAgd3JhcHBpbmdLZXksXG4gICAgICAgIHdyYXBwZWRLZXlcbiAgICAgICk7XG4gICAgfVxuXG4gICAgLy8gSGFuZGxlIG5lc3RlZCBrZXlzLiBpLmUuIEVuY3tLMX17SzJ9e0szfShyYXcga2V5IDQpLCB3aGVyZTpcbiAgICAvLyAgIEsxOiBsaW5rLndyYXBwaW5nS2V5XG4gICAgLy8gICBLMjogbGluay5uZXN0ZWRXcmFwcGluZ0tleVswXVxuICAgIC8vICAgSzM6IGxpbmsubmVzdGVkV3JhcHBpbmdLZXlbMV1cbiAgICBpZiAobGluay50eXBlID09IEtleUdyYXBoRWRnZVR5cGUuS2V5TGluaykge1xuICAgICAgY29uc3QgZGF0YSA9IGxpbmsuZGF0YSBhcyBLZXlMaW5rO1xuICAgICAgaWYgKGRhdGEubmVzdGVkV3JhcHBpbmdLZXlJZHMpIHtcbiAgICAgICAgZm9yIChjb25zdCBuZXN0ZWRXcmFwcGluZ0tleUlkIG9mIGRhdGEubmVzdGVkV3JhcHBpbmdLZXlJZHMpIHtcbiAgICAgICAgICBjb25zdCBrZXkgPSBhd2FpdCB0aGlzLmdldEtleShuZXN0ZWRXcmFwcGluZ0tleUlkKTtcbiAgICAgICAgICBuZXh0UmF3S2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxuICAgICAgICAgICAga2V5Lmp3ayxcbiAgICAgICAgICAgIG5leHRSYXdLZXlcbiAgICAgICAgICApO1xuICAgICAgICB9XG4gICAgICB9XG4gICAgfVxuXG4gICAgZHN0S2V5Lmp3ayA9IGF3YWl0IEtGUy5hc0tleShuZXh0UmF3S2V5KTtcbiAgICBkc3RLZXkudGFzayA9IG51bGw7XG4gIH1cblxuICBwcml2YXRlIGFzeW5jIF91bndyYXAoa2V5OiBKV0suS2V5LCBwYXRoOiBLZXlHcmFwaEVkZ2VbXSk6IFByb21pc2U8SldLLktleT4ge1xuICAgIGZvciAoY29uc3QgbGluayBvZiBwYXRoKSB7XG4gICAgICBjb25zdCBkc3RLZXkgPSB0aGlzLmtleShsaW5rLmRhdGEua2V5SWQpO1xuICAgICAgaWYgKGRzdEtleS5qd2spIHtcbiAgICAgICAga2V5ID0gZHN0S2V5Lmp3aztcbiAgICAgICAgY29udGludWU7XG4gICAgICB9XG5cbiAgICAgIGlmICghZHN0S2V5LnRhc2spIHtcbiAgICAgICAgZHN0S2V5LnRhc2sgPSB0aGlzLl91bndyYXBMaW5rKGtleSwgbGluaywgZHN0S2V5KTtcbiAgICAgIH1cblxuICAgICAgYXdhaXQgZHN0S2V5LnRhc2s7XG4gICAgICBrZXkgPSBkc3RLZXkuandrO1xuICAgIH1cblxuICAgIHJldHVybiBrZXk7XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgdW53cmFwV2l0aFBhc3NLZXkoXG4gICAgcGFzc0tleUlkOiBzdHJpbmcsXG4gICAgcGFzc0tleTogSldLLktleSxcbiAgICBrZXlJZDogc3RyaW5nXG4gICk6IFByb21pc2U8S2V5PiB7XG4gICAgLy8gR2V0IHBhdGggb2YgdGhlIGRpcmVjdG9yeSBrZXkuXG4gICAgY29uc3QgcGF0aCA9IHRoaXMuZ2V0UGF0aChwYXNzS2V5SWQsIGtleUlkKTtcblxuICAgIHJldHVybiB7XG4gICAgICBpZDoga2V5SWQsXG4gICAgICBqd2s6IGF3YWl0IHRoaXMuX3Vud3JhcChwYXNzS2V5LCBwYXRoKSxcbiAgICB9O1xuICB9XG5cbiAgYXN5bmMgdW53cmFwS2V5KG1hc3RlcktleUlkOiBzdHJpbmcsIGtleUlkOiBzdHJpbmcpOiBQcm9taXNlPEtleT4ge1xuICAgIC8vIFRoZSBmaXJzdCBrZXkgc2hvdWxkIGJlIGEgbWFzdGVyS2V5XG4gICAgY29uc3QgbWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmxvYWRNYXN0ZXJLZXkobWFzdGVyS2V5SWQpO1xuXG4gICAgaWYgKG1hc3RlcktleUlkID09PSBrZXlJZCkge1xuICAgICAgcmV0dXJuIG1hc3RlcktleTtcbiAgICB9XG5cbiAgICAvLyBHZXQgcGF0aCBvZiB0aGUgZGlyZWN0b3J5IGtleS5cbiAgICBjb25zdCBwYXRoID0gdGhpcy5nZXRQYXRoKG1hc3RlcktleS5pZCwga2V5SWQpO1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIGlkOiBrZXlJZCxcbiAgICAgIGp3azogYXdhaXQgdGhpcy5fdW53cmFwKG1hc3RlcktleS5qd2ssIHBhdGgpLFxuICAgIH07XG4gIH1cblxuICBhc3luYyBkZWNyeXB0RnJvbVN0cmluZzxUPihcbiAgICBrZXlPcklkOiBzdHJpbmcgfCBLZXksXG4gICAgY2lwaGVyRGF0YTogc3RyaW5nLFxuICAgIG9wdGlvbnM/OiBEZWNyeXB0T3B0aW9uc1xuICApOiBQcm9taXNlPFQ+IHtcbiAgICBpZiAoY2lwaGVyRGF0YSkge1xuICAgICAgY29uc3Qga2V5ID0gYXdhaXQgdGhpcy5nZXRKd2tLZXkoa2V5T3JJZCk7XG4gICAgICByZXR1cm4gKGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcbiAgICAgICAga2V5LFxuICAgICAgICBKU09OLnBhcnNlKGNpcGhlckRhdGEpLFxuICAgICAgICBvcHRpb25zXG4gICAgICApKSBhcyBhbnk7XG4gICAgfVxuICAgIHJldHVybiBudWxsO1xuICB9XG5cbiAgYXN5bmMgZGVjcnlwdEZpbGUoa2V5SWQ6IHN0cmluZywgZmlsZTogYW55KTogUHJvbWlzZTxhbnk+IHtcbiAgICBjb25zdCBrZXkgPSBhd2FpdCB0aGlzLmdldEp3a0tleShrZXlJZCk7XG4gICAgcmV0dXJuIChhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoa2V5LCBmaWxlLCB7XG4gICAgICBwYXlsb2FkVHlwZTogUGF5bG9hZFR5cGUuVUlOVF84X0FSUkFZLFxuICAgIH0pKSBhcyBhbnk7XG4gIH1cblxuICAvLyBUT0RPIHJlbmFtZSB0aGlzIHRvIGVuY3J5cHQoKSBhbmQgdXNlIGFzIHRoZSBtb3N0IGNvbW1vbiB1c2VjYXNlXG4gIGFzeW5jIGVuY3J5cHRUb1N0cmluZyhcbiAgICBrZXk6IHN0cmluZyB8IEtleSB8IEpXSy5LZXksXG4gICAgY29udGVudDogYW55XG4gICk6IFByb21pc2U8c3RyaW5nPiB7XG4gICAgLy8gRW1wdHkgc3RyaW5nIHNob3VsZCBiZSBlbmNyeXB0ZWQgc2luY2UgeW91IHdhbnQgdG8gY2xlYXIgdGhlIGZpZWxkLlxuICAgIC8vIE51bGwgaXMgbm90IGVuY3J5cHRlZCBiZWNhdXNlIGl0J3Mgbm90IHZhbGlkIEpTT04gaW4gdGhlIG9sZCBKU09OIHNwZWMuIFVzZVxuICAgIC8vIGVtcHR5IHN0cmluZyBpbnN0ZWFkLiBJdCdsbCBmdW5jdGlvbiBhcyBhIGxvZ2ljIGZhbHNlIGFzIHdlbGwuXG4gICAgLy8gTm90ZSB0aGF0IHBhc3NpbmcgaW4gZW1wdHkgc3RyaW5nIG1lYW5zIGl0J2xsIGJlIGVuY3J5cHRlZCB3aGljaCB2ZXJpZmllc1xuICAgIC8vIGl0J3MgaW50ZWdyaXR5LiBCdXQgd2Ugc3RpbGwgd2FudCB0byBoYXZlIGEgd2F5IHRvIHNldCB0aGUgREIgZmllbGRcbiAgICAvLyB0byBOVUxMLCBzbyB3ZSBleHBsaWNpdGx5IHJldHVybiBudWxsIHdoZW4gY29udGVudCA9PSBudWxsLiBBIG51bGxcbiAgICAvLyB2YXJpYWJsZSBpbiBncmFwaHFsIG11dGF0aW9uIG9uIEtDIHNlcnZlciBjbGVhcnMgdGhlIGZpZWxkIHRvIE5VTEwuXG4gICAgaWYgKGNvbnRlbnQgPT0gbnVsbCkge1xuICAgICAgcmV0dXJuIG51bGw7XG4gICAgfVxuXG4gICAgY29uc3QgandrID0gYXNKd2soa2V5KSB8fCAoYXdhaXQgdGhpcy5nZXRKd2tLZXkoa2V5IGFzIHN0cmluZyB8IEtleSkpO1xuICAgIHJldHVybiB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhqd2ssIGNvbnRlbnQpO1xuICB9XG5cbiAgLy8gV3JhcHMgYSBzeW1tZXRyaWMgZW5jcnlwdGlvbiBrZXkuXG4gIC8vIFRocm93cyBleGNlcHRpb24gaWYgd3JhcHBpbmcgcHVibGljIGtleXMuXG4gIGFzeW5jIHdyYXBLZXkoXG4gICAgd3JhcHBpbmdLZXk6IHN0cmluZyB8IEtleSB8IEpXSy5LZXksXG4gICAga2V5OiBKV0suS2V5XG4gICk6IFByb21pc2U8c3RyaW5nPiB7XG4gICAgaWYgKCFpc1N5bW1ldHJpY0tleShrZXkpKSB7XG4gICAgICB0aHJvdyBuZXcgS2NCYWRBcmd1bWVudEV4Y2VwdGlvbihcbiAgICAgICAgJ09ubHkgYWxsb3dpbmcgd3JhcHBpbmcgb2Ygc3ltbWV0cmljIGtleXMuJ1xuICAgICAgKTtcbiAgICB9XG5cbiAgICByZXR1cm4gdGhpcy5lbmNyeXB0VG9TdHJpbmcod3JhcHBpbmdLZXksIGtleS50b0pTT04odHJ1ZSkpO1xuICB9XG5cbiAgLy8gVE9ET1xuICAvLyBhc3luYyB3cmFwUHVibGljS2V5PFQ+KCk7XG4gIC8vIGFzeW5jIHdyYXBQcml2YXRlS2V5PFQ+KCk7XG5cbiAgYXN5bmMgZW5jcnlwdFdpdGhOZXdLZXkod3JhcHBpbmdLZXlJZDogc3RyaW5nLCBjaXBoZXJDbGVhckpzb246IEpTT05PYmplY3QpIHtcbiAgICBjb25zdCBrZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgY29uc3Qgd3JhcHBlZEtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdFRvU3RyaW5nKFxuICAgICAgd3JhcHBpbmdLZXlJZCxcbiAgICAgIGtleS50b0pTT04odHJ1ZSlcbiAgICApO1xuICAgIGNvbnN0IGNpcGhlciA9IGF3YWl0IHRoaXMuZW5jcnlwdFRvU3RyaW5nKGtleSwgY2lwaGVyQ2xlYXJKc29uKTtcblxuICAgIHJldHVybiB7XG4gICAgICBrZXksXG4gICAgICB3cmFwcGluZ0tleUlkLFxuICAgICAgd3JhcHBlZEtleSxcbiAgICAgIGNpcGhlcixcbiAgICB9O1xuICB9XG59XG4iXX0=