@limrun/ui 0.9.0-rc.1 → 0.9.0-rc.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (26) hide show
  1. package/dist/core/device-install/apple/client.d.ts +1 -0
  2. package/dist/core/device-install/apple/provisioning.d.ts +42 -31
  3. package/dist/core/device-install/apple/relay.d.ts +5 -9
  4. package/dist/core/device-install/storage/browser-storage.d.ts +18 -0
  5. package/dist/device-install/index.cjs +1 -9
  6. package/dist/device-install/index.js +75 -210
  7. package/dist/device-install/react.cjs +1 -1
  8. package/dist/device-install/react.js +1 -1
  9. package/dist/device-install-dialog-CSwQgbBm.js +2 -0
  10. package/dist/device-install-dialog-nThj775b.mjs +395 -0
  11. package/dist/hooks/use-device-install.d.ts +18 -3
  12. package/dist/index.cjs +1 -1
  13. package/dist/index.js +3 -3
  14. package/dist/use-device-install-C1uVac59.mjs +13541 -0
  15. package/dist/use-device-install-Ca4jcVKU.js +31 -0
  16. package/package.json +1 -1
  17. package/src/components/device-install/device-install-dialog.tsx +82 -13
  18. package/src/core/device-install/apple/client.ts +92 -4
  19. package/src/core/device-install/apple/provisioning.ts +67 -24
  20. package/src/core/device-install/apple/relay.ts +121 -205
  21. package/src/core/device-install/storage/browser-storage.ts +14 -1
  22. package/src/hooks/use-device-install.ts +583 -38
  23. package/dist/device-install-dialog-CTwVViYY.js +0 -2
  24. package/dist/device-install-dialog-zzKJu7SM.mjs +0 -328
  25. package/dist/use-device-install-CgrOKKyi.mjs +0 -13042
  26. package/dist/use-device-install-DDKRf6IL.js +0 -23
package/dist/use-device-install-Ca4jcVKU.js ADDED
@@ -0,0 +1,31 @@
1
+ "use strict";const le=require("react");var Ss=Object.defineProperty,bs=(t,e)=>{for(var r in e)Ss(t,r,{get:e[r],enumerable:!0})},Ot=self.crypto,tr={};bs(tr,{Hash:()=>va,bigintFromBytes:()=>rr,bitLength:()=>_n,byteLength:()=>Dn,bytesFromBigint:()=>je,concatBytes:()=>at,constantTimeCompare:()=>Un,fromHex:()=>sa,hash:()=>Qe,hashInterleave:()=>Pn,modPow:()=>Ut,randomBytes:()=>na,toHex:()=>Ct,xorBytes:()=>Ln});function _n(t){return t.toString(2).length}function Dn(t){return(_n(t)+7)/8|0}function rr(t){let e=0n;for(let r of t.values())e=(e<<8n)+BigInt(r);return e}function je(t){let e=new Uint8Array(Dn(t));for(let r=e.length-1;t>0;r--,t>>=8n)e[r]=Number(t&0xffn);return e}function na(t){if(t<1)throw new RangeError("numBytes must be >= 1");let e=new Uint8Array(t);return Ot.getRandomValues(e),e}function ia(t,e){if(e<1n)throw new RangeError("n must be > 0");let r=t%e;return r<0n?r+e:r}function Ts(t,e){if(t<1n||e<1n)throw new RangeError("a and b must be > 0");let r=0n,i=1n,p=1n,y=0n;for(;t!==0n;){let c=e/t,a=e%t,v=r-p*c,l=i-y*c;e=t,t=a,r=p,i=y,p=v,y=l}return{g:e,x:r,y:i}}function As(t,e){let r=Ts(ia(t,e),e);if(r.g!==1n)throw new RangeError;return ia(r.x,e)}function Ut(t,e,r){if(r<1n)throw new RangeError("n must be > 0");if(r===1n)return 0n;if(t=ia(t,r),e<0n)return As(Ut(t,e>=0?e:-e,r),r);let i=1n;for(;e>0;)e%2n===1n&&(i=i*t%r),e=e/2n,t=t**2n%r;return i}function at(...t){let e=0;for(let p of t)e+=p.byteLength;let r=new Uint8Array(e),i=0;for(let p of t)r.set(p,i),i+=p.byteLength;return r}function Ln(t,e){if(t.length!==e.length)throw new Error("xorBytes: buffers must be same length");let r=t.length,i=new Uint8Array(r);for(let p=0;p<r;p++)i[p]=t[p]^e[p];return i}function Ct(t){return[...t].map(e=>e.toString(16).padStart(2,"0")).join("")}function sa(t){return Uint8Array.from(t.match(/.{2}/g)?.map(e=>parseInt(e,16))??[])}function Un(t,e){if(t.length!==e.length)return!1;let r=t.length,i=0;for(let p=0;p<r;p++)i|=t[p]^e[p];return i===0}var va=(t=>(t[t.SHA1=3]="SHA1",t[t.SHA256=5]="SHA256",t[t.SHA384=6]="SHA384",t[t.SHA512=7]="SHA512",t))(va||{});function Qe(t,e){switch(t){case 3:return Ot.subtle.digest("SHA-1",e);case 5:return Ot.subtle.digest("SHA-256",e);case 6:return Ot.subtle.digest("SHA-384",e);case 7:return Ot.subtle.digest("SHA-512",e)}}async function Pn(t,e){let r=new Uint8Array(e,0,e.byteLength);for(var i=0;i<r.length;i++)if(r[i]!==0){(e.byteLength-i)%2===1&&i++,r=new Uint8Array(e,i,e.byteLength-i);break}let p=r.length/2,y=new Uint8Array(p),c=new Uint8Array(p);for(let S=0;S<r.length;S++)y[S]=r[S*2],c[S]=r[S*2+1];let a=new Uint8Array(await Qe(t,y)),v=new Uint8Array(await Qe(t,c)),l=new Uint8Array(a.byteLength*2);for(let S=0;S<a.byteLength;S++)l[S*2]=a[S],l[S*2+1]=v[S];return l}var kn=(t=>(t[t.RFC2945=0]="RFC2945",t[t.SRPTools=1]="SRPTools",t[t.GoSRP=2]="GoSRP",t[t.GSA=3]="GSA",t))(kn||{}),Is=new Map([[1024,{g:2n,N:0xeeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3n,n:128}],[1536,{g:2n,N:0x9def3cafb939277ab1f12a8617a47bbbdba51df499ac4c80beeea9614b19cc4d5f4f5f556e27cbde51c6a94be4607a291558903ba0d0f84380b655bb9a22e8dcdf028a7cec67f0d08134b1c8b97989149b609e0be3bab63d47548381dbc5b1fc764e3f4b53dd9da1158bfd3e2b9c8cf56edf019539349627db2fd53d24b7c48665772e437d6c7f8ce442734af7ccb7ae837c264ae3a9beb87f8a2fe9b8b5292e5a021fff5e91479e8ce7a28c2442c6f315180f93499a234dcf76e3fed135f9bbn,n:192}],[2048,{g:2n,N:0xac6bdb41324a9a9bf166de5e1389582faf72b6651987ee07fc3192943db56050a37329cbb4a099ed8193e0757767a13dd52312ab4b03310dcd7f48a9da04fd50e8083969edb767b0cf6095179a163ab3661a05fbd5faaae82918a9962f0b93b855f97993ec975eeaa80d740adbf4ff747359d041d5c33ea71d281e446b14773bca97b43a23fb801676bd207a436c6481f1d2b9078717461a5b9d32e688f87748544523b524b0d57d5ea77a2775d2ecfa032cfbdbf52fb3786160279004e57ae6af874e7303ce53299ccc041c7bc308d82a5698f3a8d0c38271ae35f8e9dbfbb694b5c803d89f7ae435de236d525f54759b65e372fcd68ef20fa7111f9e4aff73n,n:256}],[3072,{g:5n,N:0xffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a93ad2caffffffffffffffffn,n:384}],[4096,{g:5n,N:0xffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a92108011a723c12a787e6d788719a10bdba5b2699c327186af4e23c1a946834b6150bda2583e9ca2ad44ce8dbbbc2db04de8ef92e8efc141fbecaa6287c59474e6bc05d99b2964fa090c3a2233ba186515be7ed1f612970cee2d7afb81bdd762170481cd0069127d5b05aa993b4ea988d8fddc186ffb7dc90a6c08f4df435c934063199ffffffffffffffffn,n:512}],[6144,{g:5n,N:0xffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a92108011a723c12a787e6d788719a10bdba5b2699c327186af4e23c1a946834b6150bda2583e9ca2ad44ce8dbbbc2db04de8ef92e8efc141fbecaa6287c59474e6bc05d99b2964fa090c3a2233ba186515be7ed1f612970cee2d7afb81bdd762170481cd0069127d5b05aa993b4ea988d8fddc186ffb7dc90a6c08f4df435c93402849236c3fab4d27c7026c1d4dcb2602646dec9751e763dba37bdf8ff9406ad9e530ee5db382f413001aeb06a53ed9027d831179727b0865a8918da3edbebcf9b14ed44ce6cbaced4bb1bdb7f1447e6cc254b332051512bd7af426fb8f401378cd2bf5983ca01c64b92ecf032ea15d1721d03f482d7ce6e74fef6d55e702f46980c82b5a84031900b1c9e59e7c97fbec7e8f323a97a7e36cc88be0f1d45b7ff585ac54bd407b22b4154aacc8f6d7ebf48e1d814cc5ed20f8037e0a79715eef29be32806a1d58bb7c5da76f550aa3d8a1fbff0eb19ccb1a313d55cda56c9ec2ef29632387fe8d76e3c0468043e8f663f4860ee12bf2d5b0b7474d6e694f91e6dcc4024ffffffffffffffffn,n:768}],[8192,{g:19n,N:0xffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aaac42dad33170d04507a33a85521abdf1cba64ecfb850458dbef0a8aea71575d060c7db3970f85a6e1e4c7abf5ae8cdb0933d71e8c94e04a25619dcee3d2261ad2ee6bf12ffa06d98a0864d87602733ec86a64521f2b18177b200cbbe117577a615d6c770988c0bad946e208e24fa074e5ab3143db5bfce0fd108e4b82d120a92108011a723c12a787e6d788719a10bdba5b2699c327186af4e23c1a946834b6150bda2583e9ca2ad44ce8dbbbc2db04de8ef92e8efc141fbecaa6287c59474e6bc05d99b2964fa090c3a2233ba186515be7ed1f612970cee2d7afb81bdd762170481cd0069127d5b05aa993b4ea988d8fddc186ffb7dc90a6c08f4df435c93402849236c3fab4d27c7026c1d4dcb2602646dec9751e763dba37bdf8ff9406ad9e530ee5db382f413001aeb06a53ed9027d831179727b0865a8918da3edbebcf9b14ed44ce6cbaced4bb1bdb7f1447e6cc254b332051512bd7af426fb8f401378cd2bf5983ca01c64b92ecf032ea15d1721d03f482d7ce6e74fef6d55e702f46980c82b5a84031900b1c9e59e7c97fbec7e8f323a97a7e36cc88be0f1d45b7ff585ac54bd407b22b4154aacc8f6d7ebf48e1d814cc5ed20f8037e0a79715eef29be32806a1d58bb7c5da76f550aa3d8a1fbff0eb19ccb1a313d55cda56c9ec2ef29632387fe8d76e3c0468043e8f663f4860ee12bf2d5b0b7474d6e694f91e6dbe115974a3926f12fee5e438777cb6a932df8cd8bec4d073b931ba3bc832b68d9dd300741fa7bf8afc47ed2576f6936ba424663aab639c5ae4f5683423b4742bf1c978238f16cbe39d652de3fdb8befc848ad922222e04a4037c0713eb57a81a23f0c73473fc646cea306b4bcbc8862f8385ddfa9d4b7fa2c087e879683303ed5bdd3a062b3cf5b3a278a66d2a13f83f44f82ddf310ee074ab6a364597e899a0255dc164f31cc50846851df9ab48195ded7ea1b1d510bd7ee74d73faf36bc31ecfa268359046f4eb879f924009438b481c6cd7889a002ed5ee382bc9190da6fc026e479558e4475677e9aa9e3050e2765694dfc81f56e880b96e7160c980dd98edd3dfffffffffffffffffn,n:1024}]]);function Bs(t=0){t===0&&(t=2048);let e=Is.get(t);if(!e)throw new Error(`Invalid prime field size ${t}`);return e}function Zt(t,e){let r=je(t);if(r.length>=e)return r;let i=e-r.length,p=new Uint8Array(e);for(let y=0;y<i;y++)p[y]=0;return p.set(r,i),p}var ws=class{constructor(t,e,r=0){this.m=t,this.h=e,this.pf=Bs(r)}pf;async hashInt(t){return rr(new Uint8Array(await Qe(this.h,t)))}async verifier(t,e,r){let i=this.m===2?new Uint8Array(await Qe(this.h,t)):t,p=this.m===2?new Uint8Array(await Qe(this.h,e)):e,y=this.pf;r||(r=na(y.n));let c=this.m===2?await this.hashInt(at(i,p,r)):await this.hashInt(at(r,new Uint8Array(await Qe(this.h,at(i,new Uint8Array([58]),p))))),a=Ut(y.g,c,y.N);return new Ns({i,s:r,v:je(a),h:this.h,pf:y})}async newClient(t,e,r){let i=this.pf;return r||(r=rr(na(i.n))),new Rs({s:this,i:this.m===2?new Uint8Array(await Qe(this.h,t)):t,p:this.m===2?new Uint8Array(await Qe(this.h,e)):e,a:r,A:Ut(i.g,r,i.N),k:await this.hashInt(at(je(i.N),Zt(i.g,Number(i.n))))})}},Ns=class{i;s;v;h;pf;constructor(t){this.i=t.i,this.s=t.s,this.v=t.v,this.h=t.h,this.pf=t.pf}encode(){let t=Ct(this.i),e=[this.pf.n.toString(10),this.pf.N.toString(16),this.pf.g.toString(16),this.h.toString(10),t,Ct(this.s),Ct(this.v)].join(":");return[t,e]}},Rs=class{s;i;p;a;A;k;_K;_M;get K(){return this._K}get M(){return this._M}constructor(t){this.s=t.s,this.i=t.i,this.p=t.p,this.a=t.a,this.A=t.A,this.k=t.k,this._K=new Uint8Array,this._M=new Uint8Array}credentials(){return[Ct(this.i),Ct(je(this.A))].join(":")}parseServerCredentials(t){let e=t.split(":");if(!e[0]||!e[1])throw new Error("Invalid server public key");let r=sa(e[0]),i=sa(e[1]);return[r,i]}async generate(t,e){let r=rr(e),i=this.s.pf;if(r%i.N===0n)throw new Error("Invalid server public key");let p=await this.s.hashInt(at(Zt(this.A,i.n),Zt(r,i.n)));if(p===0n)throw new Error("Invalid server public key");let y=this.s.m===2?await this.s.hashInt(at(this.i,this.p,t)):await this.s.hashInt(at(t,new Uint8Array(await Qe(this.s.h,at(this.s.m==3?new Uint8Array([]):this.i,new Uint8Array([58]),this.p))))),c=Ut(i.g,y,i.N)*this.k,a=r-c,v=this.a+p*y,l=Ut(a,v,i.N);return this._K=this.s.m===0?new Uint8Array(await Pn(this.s.h,je(l))):new Uint8Array(await Qe(this.s.h,je(l))),this.s.m===2?this._M=new Uint8Array(await Qe(this.s.h,at(this._K,je(this.A),je(r),this.i,t,je(i.N),je(i.g)))):this._M=new Uint8Array(await Qe(this.s.h,at(Ln(new Uint8Array(await Qe(this.s.h,je(i.N))),new Uint8Array(await Qe(this.s.h,this.s.m==3?Zt(i.g,i.n):je(i.g)))),new Uint8Array(await Qe(this.s.h,this.i)),t,je(this.A),je(r),this._K))),Ct(this._M)}async generateM2(){if(!this.M)throw new Error("M not generated");return new Uint8Array(await Qe(this.s.h,at(je(this.A),this._M,this._K)))}async serverOk(t){let e=new TextEncoder,r=e.encode(Ct(new Uint8Array(await Qe(this.s.h,at(this._K,this.M))))),i=e.encode(t);return Un(r,i)}};const Vn=new ws(kn.GSA,va.SHA256,2048);class On{constructor(e){this.accountName=e}srpClient;async init(){if(this.srpClient)throw new Error("SRP client is already initialized.");return this.srpClient=await Vn.newClient(oa(this.accountName),new Uint8Array),{accountName:this.accountName,protocols:["s2k","s2k_fo"],a:pr(tr.bytesFromBigint(this.srpClient.A))}}async complete(e,r){if(!this.srpClient)throw new Error("SRP client is not initialized.");if(r.protocol!=="s2k"&&r.protocol!=="s2k_fo")throw new Error(`Unsupported Apple SRP protocol ${r.protocol}.`);const i=La(r.salt),p=La(r.b),y=await _s(r.protocol,e,i,r.iteration);this.srpClient.p=y,await this.srpClient.generate(i,p);const c=await this.srpClient.generateM2();return{accountName:this.accountName,c:r.c,m1:pr(this.srpClient._M),m2:pr(c)}}}async function _s(t,e,r,i){let p=new Uint8Array(await tr.hash(Vn.h,hr(oa(e))));t==="s2k_fo"&&(p=oa(tr.toHex(p)));const y=await crypto.subtle.importKey("raw",hr(p),{name:"PBKDF2"},!1,["deriveBits"]),c=await crypto.subtle.deriveBits({name:"PBKDF2",hash:{name:"SHA-256"},iterations:i,salt:hr(r)},y,256);return new Uint8Array(c)}function oa(t){return new TextEncoder().encode(t)}function pr(t){let e="";for(const r of t)e+=String.fromCharCode(r);return btoa(e)}function La(t){const e=atob(t),r=new Uint8Array(e.length);for(let i=0;i<e.length;i+=1)r[i]=e.charCodeAt(i);return r}function hr(t){const e=new Uint8Array(t.byteLength);return e.set(t),e.buffer}async function Fn(t,e){const r=await fetch(yt(t,"/apple/auth/session",e),{method:"POST",headers:Wn(e)});if(!r.ok)throw new Error(`Apple relay session failed: HTTP ${r.status} ${await r.text()}`);return await r.json()}async function ca(t,e,r){const i=await fetch(yt(t,"/apple/auth/session/delete",r),{method:"POST",headers:St(r),body:JSON.stringify({appleSessionId:e})});if(!i.ok)throw new Error(`Apple relay session delete failed: HTTP ${i.status} ${await i.text()}`)}async function Kn(t,e,r,i){return $n(t,"/apple/auth/srp/init",e,r,i)}async function Mn(t,e,r,i){return $n(t,"/apple/auth/srp/complete",e,r,i)}async function qn(t,e,r){const i=await fetch(yt(t,"/apple/auth/2fa/trigger",r),{method:"POST",headers:St(r),body:JSON.stringify({appleSessionId:e})});if(!i.ok)throw new Error(`Apple 2FA trigger failed: HTTP ${i.status} ${await i.text()}`);return await i.json()}async function Hn(t,e,r,i="sms",p){const y=await fetch(yt(t,"/apple/auth/2fa/phone/trigger",p),{method:"POST",headers:St(p),body:JSON.stringify({appleSessionId:e,phoneNumberId:r,mode:i})});if(!y.ok)throw new Error(`Apple phone 2FA trigger failed: HTTP ${y.status} ${await y.text()}`);return await y.json()}async function Gn(t,e,r,i){const p=await fetch(yt(t,"/apple/auth/2fa",i),{method:"POST",headers:St(i),body:JSON.stringify({appleSessionId:e,code:r})});if(!p.ok)throw new Error(`Apple 2FA proxy failed: HTTP ${p.status} ${await p.text()}`);return await p.json()}async function zn(t,e,r,i,p="sms",y){const c=await fetch(yt(t,"/apple/auth/2fa/phone",y),{method:"POST",headers:St(y),body:JSON.stringify({appleSessionId:e,phoneNumberId:r,mode:p,code:i})});if(!c.ok)throw new Error(`Apple phone 2FA proxy failed: HTTP ${c.status} ${await c.text()}`);return await c.json()}async function Qn(t,e,r){const i=await fetch(yt(t,"/apple/auth/finalize",r),{method:"POST",headers:St(r),body:JSON.stringify({appleSessionId:e})});if(!i.ok)throw new Error(`Apple session finalization failed: HTTP ${i.status} ${await i.text()}`);return await i.json()}async function nt(t,e,r,i){const p=await fetch(yt(t,"/apple/provisioning",i),{method:"POST",headers:St(i),body:JSON.stringify({appleSessionId:e,...r})});if(!p.ok)throw new Error(`Apple provisioning proxy failed: HTTP ${p.status} ${await p.text()}`);return Yn(await p.json())}async function $n(t,e,r,i,p){const y=await fetch(yt(t,e,p),{method:"POST",headers:St(p),body:JSON.stringify({appleSessionId:r,payload:i})});if(!y.ok)throw new Error(`Apple proxy ${e} failed: HTTP ${y.status} ${await y.text()}`);return Yn(await y.json())}function Yn(t){if(t.body!==void 0||!t.rawBody)return t;try{return{...t,body:JSON.parse(t.rawBody)}}catch{return t}}function yt(t,e,r){const i=t.replace(/\/$/,""),p=e.startsWith("/")?e:`/${e}`,y=new URL(`${i}${p}`);return r&&y.searchParams.set("token",r),y}function St(t){return{"Content-Type":"application/json",...Wn(t)}}function Wn(t){return t?{Authorization:`Bearer ${t}`}:{}}async function jn({limbuildApiUrl:t,accountName:e,password:r,token:i}){const{appleSessionId:p}=await Fn(t,i);try{const y=new On(e),c=await Kn(t,p,await y.init(),i);if(c.status<200||c.status>=300)throw new Error(`Apple SRP init failed: HTTP ${c.status} ${c.rawBody??""}`.trim());if(!c.body)throw new Error("Apple SRP init response did not include a body.");const a=await y.complete(r,c.body),v=await Mn(t,p,{...a,rememberMe:!1,trustTokens:[]},i),l=v.status===409;let S,L={type:"trustedDevice"};if(l){S=await qn(t,p,i);const b=Ds(S.body);if(b&&(L={type:"phone",phoneNumberId:b.id,mode:b.pushMode??"sms"}),S.status===412){if(!b)throw new Error("Apple requested phone verification but did not include a trusted phone number.");S=await Hn(t,p,b.id,b.pushMode??"sms",i)}if(S.status<200||S.status>=300)throw new Error(`Apple two-factor challenge failed: HTTP ${S.status} ${S.rawBody??""}`.trim())}else if(v.status<200||v.status>=300)throw new Error(`Apple SRP complete failed: HTTP ${v.status} ${v.rawBody??""}`.trim());return{appleSessionId:p,completeResponse:v,twoFactorChallengeResponse:S,requiresTwoFactor:l,finishTwoFactor:async b=>{const f=L.type==="phone"?await zn(t,p,L.phoneNumberId,b,L.mode,i):await Gn(t,p,b,i);if(f.status<200||f.status>=300)throw new Error(`Apple two-factor code failed: HTTP ${f.status} ${f.rawBody??""}`.trim());return f},finalize:async()=>Qn(t,p,i),close:()=>ca(t,p,i)}}catch(y){throw await ca(t,p,i).catch(()=>{}),y}}function Ds(t){if(!ua(t))return;const e=ua(t.phoneNumberVerification)?t.phoneNumberVerification:void 0,r=yr(e?.trustedPhoneNumber)??yr(t.trustedPhoneNumber)??yr(t.phoneNumber);if(!r)return;const i=r.id;if(typeof i!="number")return;const p=typeof r.pushMode=="string"?r.pushMode:typeof t.mode=="string"?t.mode:void 0;return{id:i,pushMode:p}}function yr(t){return ua(t)?t:void 0}function ua(t){return typeof t=="object"&&t!==null&&!Array.isArray(t)}var Ls=typeof globalThis<"u"?globalThis:typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{};function Us(t){return t&&t.__esModule&&Object.prototype.hasOwnProperty.call(t,"default")?t.default:t}function Ps(t){if(Object.prototype.hasOwnProperty.call(t,"__esModule"))return t;var e=t.default;if(typeof e=="function"){var r=function i(){var p=!1;try{p=this instanceof i}catch{}return p?Reflect.construct(e,arguments,this.constructor):e.apply(this,arguments)};r.prototype=e.prototype}else r={};return Object.defineProperty(r,"__esModule",{value:!0}),Object.keys(t).forEach(function(i){var p=Object.getOwnPropertyDescriptor(t,i);Object.defineProperty(r,i,p.get?p:{enumerable:!0,get:function(){return t[i]}})}),r}var vr,Ua;function ye(){return Ua||(Ua=1,vr={options:{usePureJavaScript:!1}}),vr}var gr={exports:{}},mr,Pa;function ks(){if(Pa)return mr;Pa=1;var t={};mr=t;var e={};t.encode=function(i,p,y){if(typeof p!="string")throw new TypeError('"alphabet" must be a string.');if(y!==void 0&&typeof y!="number")throw new TypeError('"maxline" must be a number.');var c="";if(!(i instanceof Uint8Array))c=r(i,p);else{var a=0,v=p.length,l=p.charAt(0),S=[0];for(a=0;a<i.length;++a){for(var L=0,b=i[a];L<S.length;++L)b+=S[L]<<8,S[L]=b%v,b=b/v|0;for(;b>0;)S.push(b%v),b=b/v|0}for(a=0;i[a]===0&&a<i.length-1;++a)c+=l;for(a=S.length-1;a>=0;--a)c+=p[S[a]]}if(y){var f=new RegExp(".{1,"+y+"}","g");c=c.match(f).join(`\r
2
+ `)}return c},t.decode=function(i,p){if(typeof i!="string")throw new TypeError('"input" must be a string.');if(typeof p!="string")throw new TypeError('"alphabet" must be a string.');var y=e[p];if(!y){y=e[p]=[];for(var c=0;c<p.length;++c)y[p.charCodeAt(c)]=c}i=i.replace(/\s/g,"");for(var a=p.length,v=p.charAt(0),l=[0],c=0;c<i.length;c++){var S=y[i.charCodeAt(c)];if(S===void 0)return;for(var L=0,b=S;L<l.length;++L)b+=l[L]*a,l[L]=b&255,b>>=8;for(;b>0;)l.push(b&255),b>>=8}for(var f=0;i[f]===v&&f<i.length-1;++f)l.push(0);return typeof Buffer<"u"?Buffer.from(l.reverse()):new Uint8Array(l.reverse())};function r(i,p){var y=0,c=p.length,a=p.charAt(0),v=[0];for(y=0;y<i.length();++y){for(var l=0,S=i.at(y);l<v.length;++l)S+=v[l]<<8,v[l]=S%c,S=S/c|0;for(;S>0;)v.push(S%c),S=S/c|0}var L="";for(y=0;i.at(y)===0&&y<i.length()-1;++y)L+=a;for(y=v.length-1;y>=0;--y)L+=p[v[y]];return L}return mr}var ka;function me(){if(ka)return gr.exports;ka=1;var t=ye(),e=ks(),r=gr.exports=t.util=t.util||{};(function(){if(typeof process<"u"&&process.nextTick&&!process.browser){r.nextTick=process.nextTick,typeof setImmediate=="function"?r.setImmediate=setImmediate:r.setImmediate=r.nextTick;return}if(typeof setImmediate=="function"){r.setImmediate=function(){return setImmediate.apply(void 0,arguments)},r.nextTick=function(s){return setImmediate(s)};return}if(r.setImmediate=function(s){setTimeout(s,0)},typeof window<"u"&&typeof window.postMessage=="function"){let s=function(n){if(n.source===window&&n.data===o){n.stopPropagation();var B=h.slice();h.length=0,B.forEach(function(U){U()})}};var o="forge.setImmediate",h=[];r.setImmediate=function(n){h.push(n),h.length===1&&window.postMessage(o,"*")},window.addEventListener("message",s,!0)}if(typeof MutationObserver<"u"){var g=Date.now(),I=!0,_=document.createElement("div"),h=[];new MutationObserver(function(){var n=h.slice();h.length=0,n.forEach(function(B){B()})}).observe(_,{attributes:!0});var d=r.setImmediate;r.setImmediate=function(n){Date.now()-g>15?(g=Date.now(),d(n)):(h.push(n),h.length===1&&_.setAttribute("a",I=!I))}}r.nextTick=r.setImmediate})(),r.isNodejs=typeof process<"u"&&process.versions&&process.versions.node,r.globalScope=(function(){return r.isNodejs?Ls:typeof self>"u"?window:self})(),r.isArray=Array.isArray||function(o){return Object.prototype.toString.call(o)==="[object Array]"},r.isArrayBuffer=function(o){return typeof ArrayBuffer<"u"&&o instanceof ArrayBuffer},r.isArrayBufferView=function(o){return o&&r.isArrayBuffer(o.buffer)&&o.byteLength!==void 0};function i(o){if(!(o===8||o===16||o===24||o===32))throw new Error("Only 8, 16, 24, or 32 bits supported: "+o)}r.ByteBuffer=p;function p(o){if(this.data="",this.read=0,typeof o=="string")this.data=o;else if(r.isArrayBuffer(o)||r.isArrayBufferView(o))if(typeof Buffer<"u"&&o instanceof Buffer)this.data=o.toString("binary");else{var h=new Uint8Array(o);try{this.data=String.fromCharCode.apply(null,h)}catch{for(var g=0;g<h.length;++g)this.putByte(h[g])}}else(o instanceof p||typeof o=="object"&&typeof o.data=="string"&&typeof o.read=="number")&&(this.data=o.data,this.read=o.read);this._constructedStringLength=0}r.ByteStringBuffer=p;var y=4096;r.ByteStringBuffer.prototype._optimizeConstructedString=function(o){this._constructedStringLength+=o,this._constructedStringLength>y&&(this.data.substr(0,1),this._constructedStringLength=0)},r.ByteStringBuffer.prototype.length=function(){return this.data.length-this.read},r.ByteStringBuffer.prototype.isEmpty=function(){return this.length()<=0},r.ByteStringBuffer.prototype.putByte=function(o){return this.putBytes(String.fromCharCode(o))},r.ByteStringBuffer.prototype.fillWithByte=function(o,h){o=String.fromCharCode(o);for(var g=this.data;h>0;)h&1&&(g+=o),h>>>=1,h>0&&(o+=o);return this.data=g,this._optimizeConstructedString(h),this},r.ByteStringBuffer.prototype.putBytes=function(o){return this.data+=o,this._optimizeConstructedString(o.length),this},r.ByteStringBuffer.prototype.putString=function(o){return this.putBytes(r.encodeUtf8(o))},r.ByteStringBuffer.prototype.putInt16=function(o){return this.putBytes(String.fromCharCode(o>>8&255)+String.fromCharCode(o&255))},r.ByteStringBuffer.prototype.putInt24=function(o){return this.putBytes(String.fromCharCode(o>>16&255)+String.fromCharCode(o>>8&255)+String.fromCharCode(o&255))},r.ByteStringBuffer.prototype.putInt32=function(o){return this.putBytes(String.fromCharCode(o>>24&255)+String.fromCharCode(o>>16&255)+String.fromCharCode(o>>8&255)+String.fromCharCode(o&255))},r.ByteStringBuffer.prototype.putInt16Le=function(o){return this.putBytes(String.fromCharCode(o&255)+String.fromCharCode(o>>8&255))},r.ByteStringBuffer.prototype.putInt24Le=function(o){return this.putBytes(String.fromCharCode(o&255)+String.fromCharCode(o>>8&255)+String.fromCharCode(o>>16&255))},r.ByteStringBuffer.prototype.putInt32Le=function(o){return this.putBytes(String.fromCharCode(o&255)+String.fromCharCode(o>>8&255)+String.fromCharCode(o>>16&255)+String.fromCharCode(o>>24&255))},r.ByteStringBuffer.prototype.putInt=function(o,h){i(h);var g="";do h-=8,g+=String.fromCharCode(o>>h&255);while(h>0);return this.putBytes(g)},r.ByteStringBuffer.prototype.putSignedInt=function(o,h){return o<0&&(o+=2<<h-1),this.putInt(o,h)},r.ByteStringBuffer.prototype.putBuffer=function(o){return this.putBytes(o.getBytes())},r.ByteStringBuffer.prototype.getByte=function(){return this.data.charCodeAt(this.read++)},r.ByteStringBuffer.prototype.getInt16=function(){var o=this.data.charCodeAt(this.read)<<8^this.data.charCodeAt(this.read+1);return this.read+=2,o},r.ByteStringBuffer.prototype.getInt24=function(){var o=this.data.charCodeAt(this.read)<<16^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2);return this.read+=3,o},r.ByteStringBuffer.prototype.getInt32=function(){var o=this.data.charCodeAt(this.read)<<24^this.data.charCodeAt(this.read+1)<<16^this.data.charCodeAt(this.read+2)<<8^this.data.charCodeAt(this.read+3);return this.read+=4,o},r.ByteStringBuffer.prototype.getInt16Le=function(){var o=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8;return this.read+=2,o},r.ByteStringBuffer.prototype.getInt24Le=function(){var o=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2)<<16;return this.read+=3,o},r.ByteStringBuffer.prototype.getInt32Le=function(){var o=this.data.charCodeAt(this.read)^this.data.charCodeAt(this.read+1)<<8^this.data.charCodeAt(this.read+2)<<16^this.data.charCodeAt(this.read+3)<<24;return this.read+=4,o},r.ByteStringBuffer.prototype.getInt=function(o){i(o);var h=0;do h=(h<<8)+this.data.charCodeAt(this.read++),o-=8;while(o>0);return h},r.ByteStringBuffer.prototype.getSignedInt=function(o){var h=this.getInt(o),g=2<<o-2;return h>=g&&(h-=g<<1),h},r.ByteStringBuffer.prototype.getBytes=function(o){var h;return o?(o=Math.min(this.length(),o),h=this.data.slice(this.read,this.read+o),this.read+=o):o===0?h="":(h=this.read===0?this.data:this.data.slice(this.read),this.clear()),h},r.ByteStringBuffer.prototype.bytes=function(o){return typeof o>"u"?this.data.slice(this.read):this.data.slice(this.read,this.read+o)},r.ByteStringBuffer.prototype.at=function(o){return this.data.charCodeAt(this.read+o)},r.ByteStringBuffer.prototype.setAt=function(o,h){return this.data=this.data.substr(0,this.read+o)+String.fromCharCode(h)+this.data.substr(this.read+o+1),this},r.ByteStringBuffer.prototype.last=function(){return this.data.charCodeAt(this.data.length-1)},r.ByteStringBuffer.prototype.copy=function(){var o=r.createBuffer(this.data);return o.read=this.read,o},r.ByteStringBuffer.prototype.compact=function(){return this.read>0&&(this.data=this.data.slice(this.read),this.read=0),this},r.ByteStringBuffer.prototype.clear=function(){return this.data="",this.read=0,this},r.ByteStringBuffer.prototype.truncate=function(o){var h=Math.max(0,this.length()-o);return this.data=this.data.substr(this.read,h),this.read=0,this},r.ByteStringBuffer.prototype.toHex=function(){for(var o="",h=this.read;h<this.data.length;++h){var g=this.data.charCodeAt(h);g<16&&(o+="0"),o+=g.toString(16)}return o},r.ByteStringBuffer.prototype.toString=function(){return r.decodeUtf8(this.bytes())};function c(o,h){h=h||{},this.read=h.readOffset||0,this.growSize=h.growSize||1024;var g=r.isArrayBuffer(o),I=r.isArrayBufferView(o);if(g||I){g?this.data=new DataView(o):this.data=new DataView(o.buffer,o.byteOffset,o.byteLength),this.write="writeOffset"in h?h.writeOffset:this.data.byteLength;return}this.data=new DataView(new ArrayBuffer(0)),this.write=0,o!=null&&this.putBytes(o),"writeOffset"in h&&(this.write=h.writeOffset)}r.DataBuffer=c,r.DataBuffer.prototype.length=function(){return this.write-this.read},r.DataBuffer.prototype.isEmpty=function(){return this.length()<=0},r.DataBuffer.prototype.accommodate=function(o,h){if(this.length()>=o)return this;h=Math.max(h||this.growSize,o);var g=new Uint8Array(this.data.buffer,this.data.byteOffset,this.data.byteLength),I=new Uint8Array(this.length()+h);return I.set(g),this.data=new DataView(I.buffer),this},r.DataBuffer.prototype.putByte=function(o){return this.accommodate(1),this.data.setUint8(this.write++,o),this},r.DataBuffer.prototype.fillWithByte=function(o,h){this.accommodate(h);for(var g=0;g<h;++g)this.data.setUint8(o);return this},r.DataBuffer.prototype.putBytes=function(o,h){if(r.isArrayBufferView(o)){var g=new Uint8Array(o.buffer,o.byteOffset,o.byteLength),I=g.byteLength-g.byteOffset;this.accommodate(I);var _=new Uint8Array(this.data.buffer,this.write);return _.set(g),this.write+=I,this}if(r.isArrayBuffer(o)){var g=new Uint8Array(o);this.accommodate(g.byteLength);var _=new Uint8Array(this.data.buffer);return _.set(g,this.write),this.write+=g.byteLength,this}if(o instanceof r.DataBuffer||typeof o=="object"&&typeof o.read=="number"&&typeof o.write=="number"&&r.isArrayBufferView(o.data)){var g=new Uint8Array(o.data.byteLength,o.read,o.length());this.accommodate(g.byteLength);var _=new Uint8Array(o.data.byteLength,this.write);return _.set(g),this.write+=g.byteLength,this}if(o instanceof r.ByteStringBuffer&&(o=o.data,h="binary"),h=h||"binary",typeof o=="string"){var d;if(h==="hex")return this.accommodate(Math.ceil(o.length/2)),d=new Uint8Array(this.data.buffer,this.write),this.write+=r.binary.hex.decode(o,d,this.write),this;if(h==="base64")return this.accommodate(Math.ceil(o.length/4)*3),d=new Uint8Array(this.data.buffer,this.write),this.write+=r.binary.base64.decode(o,d,this.write),this;if(h==="utf8"&&(o=r.encodeUtf8(o),h="binary"),h==="binary"||h==="raw")return this.accommodate(o.length),d=new Uint8Array(this.data.buffer,this.write),this.write+=r.binary.raw.decode(d),this;if(h==="utf16")return this.accommodate(o.length*2),d=new Uint16Array(this.data.buffer,this.write),this.write+=r.text.utf16.encode(d),this;throw new Error("Invalid encoding: "+h)}throw Error("Invalid parameter: "+o)},r.DataBuffer.prototype.putBuffer=function(o){return this.putBytes(o),o.clear(),this},r.DataBuffer.prototype.putString=function(o){return this.putBytes(o,"utf16")},r.DataBuffer.prototype.putInt16=function(o){return this.accommodate(2),this.data.setInt16(this.write,o),this.write+=2,this},r.DataBuffer.prototype.putInt24=function(o){return this.accommodate(3),this.data.setInt16(this.write,o>>8&65535),this.data.setInt8(this.write,o>>16&255),this.write+=3,this},r.DataBuffer.prototype.putInt32=function(o){return this.accommodate(4),this.data.setInt32(this.write,o),this.write+=4,this},r.DataBuffer.prototype.putInt16Le=function(o){return this.accommodate(2),this.data.setInt16(this.write,o,!0),this.write+=2,this},r.DataBuffer.prototype.putInt24Le=function(o){return this.accommodate(3),this.data.setInt8(this.write,o>>16&255),this.data.setInt16(this.write,o>>8&65535,!0),this.write+=3,this},r.DataBuffer.prototype.putInt32Le=function(o){return this.accommodate(4),this.data.setInt32(this.write,o,!0),this.write+=4,this},r.DataBuffer.prototype.putInt=function(o,h){i(h),this.accommodate(h/8);do h-=8,this.data.setInt8(this.write++,o>>h&255);while(h>0);return this},r.DataBuffer.prototype.putSignedInt=function(o,h){return i(h),this.accommodate(h/8),o<0&&(o+=2<<h-1),this.putInt(o,h)},r.DataBuffer.prototype.getByte=function(){return this.data.getInt8(this.read++)},r.DataBuffer.prototype.getInt16=function(){var o=this.data.getInt16(this.read);return this.read+=2,o},r.DataBuffer.prototype.getInt24=function(){var o=this.data.getInt16(this.read)<<8^this.data.getInt8(this.read+2);return this.read+=3,o},r.DataBuffer.prototype.getInt32=function(){var o=this.data.getInt32(this.read);return this.read+=4,o},r.DataBuffer.prototype.getInt16Le=function(){var o=this.data.getInt16(this.read,!0);return this.read+=2,o},r.DataBuffer.prototype.getInt24Le=function(){var o=this.data.getInt8(this.read)^this.data.getInt16(this.read+1,!0)<<8;return this.read+=3,o},r.DataBuffer.prototype.getInt32Le=function(){var o=this.data.getInt32(this.read,!0);return this.read+=4,o},r.DataBuffer.prototype.getInt=function(o){i(o);var h=0;do h=(h<<8)+this.data.getInt8(this.read++),o-=8;while(o>0);return h},r.DataBuffer.prototype.getSignedInt=function(o){var h=this.getInt(o),g=2<<o-2;return h>=g&&(h-=g<<1),h},r.DataBuffer.prototype.getBytes=function(o){var h;return o?(o=Math.min(this.length(),o),h=this.data.slice(this.read,this.read+o),this.read+=o):o===0?h="":(h=this.read===0?this.data:this.data.slice(this.read),this.clear()),h},r.DataBuffer.prototype.bytes=function(o){return typeof o>"u"?this.data.slice(this.read):this.data.slice(this.read,this.read+o)},r.DataBuffer.prototype.at=function(o){return this.data.getUint8(this.read+o)},r.DataBuffer.prototype.setAt=function(o,h){return this.data.setUint8(o,h),this},r.DataBuffer.prototype.last=function(){return this.data.getUint8(this.write-1)},r.DataBuffer.prototype.copy=function(){return new r.DataBuffer(this)},r.DataBuffer.prototype.compact=function(){if(this.read>0){var o=new Uint8Array(this.data.buffer,this.read),h=new Uint8Array(o.byteLength);h.set(o),this.data=new DataView(h),this.write-=this.read,this.read=0}return this},r.DataBuffer.prototype.clear=function(){return this.data=new DataView(new ArrayBuffer(0)),this.read=this.write=0,this},r.DataBuffer.prototype.truncate=function(o){return this.write=Math.max(0,this.length()-o),this.read=Math.min(this.read,this.write),this},r.DataBuffer.prototype.toHex=function(){for(var o="",h=this.read;h<this.data.byteLength;++h){var g=this.data.getUint8(h);g<16&&(o+="0"),o+=g.toString(16)}return o},r.DataBuffer.prototype.toString=function(o){var h=new Uint8Array(this.data,this.read,this.length());if(o=o||"utf8",o==="binary"||o==="raw")return r.binary.raw.encode(h);if(o==="hex")return r.binary.hex.encode(h);if(o==="base64")return r.binary.base64.encode(h);if(o==="utf8")return r.text.utf8.decode(h);if(o==="utf16")return r.text.utf16.decode(h);throw new Error("Invalid encoding: "+o)},r.createBuffer=function(o,h){return h=h||"raw",o!==void 0&&h==="utf8"&&(o=r.encodeUtf8(o)),new r.ByteBuffer(o)},r.fillString=function(o,h){for(var g="";h>0;)h&1&&(g+=o),h>>>=1,h>0&&(o+=o);return g},r.xorBytes=function(o,h,g){for(var I="",_="",d="",s=0,n=0;g>0;--g,++s)_=o.charCodeAt(s)^h.charCodeAt(s),n>=10&&(I+=d,d="",n=0),d+=String.fromCharCode(_),++n;return I+=d,I},r.hexToBytes=function(o){var h="",g=0;for(o.length&!0&&(g=1,h+=String.fromCharCode(parseInt(o[0],16)));g<o.length;g+=2)h+=String.fromCharCode(parseInt(o.substr(g,2),16));return h},r.bytesToHex=function(o){return r.createBuffer(o).toHex()},r.int32ToBytes=function(o){return String.fromCharCode(o>>24&255)+String.fromCharCode(o>>16&255)+String.fromCharCode(o>>8&255)+String.fromCharCode(o&255)};var a="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",v=[62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,64,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51],l="123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";r.encode64=function(o,h){for(var g="",I="",_,d,s,n=0;n<o.length;)_=o.charCodeAt(n++),d=o.charCodeAt(n++),s=o.charCodeAt(n++),g+=a.charAt(_>>2),g+=a.charAt((_&3)<<4|d>>4),isNaN(d)?g+="==":(g+=a.charAt((d&15)<<2|s>>6),g+=isNaN(s)?"=":a.charAt(s&63)),h&&g.length>h&&(I+=g.substr(0,h)+`\r
3
+ `,g=g.substr(h));return I+=g,I},r.decode64=function(o){o=o.replace(/[^A-Za-z0-9\+\/\=]/g,"");for(var h="",g,I,_,d,s=0;s<o.length;)g=v[o.charCodeAt(s++)-43],I=v[o.charCodeAt(s++)-43],_=v[o.charCodeAt(s++)-43],d=v[o.charCodeAt(s++)-43],h+=String.fromCharCode(g<<2|I>>4),_!==64&&(h+=String.fromCharCode((I&15)<<4|_>>2),d!==64&&(h+=String.fromCharCode((_&3)<<6|d)));return h},r.encodeUtf8=function(o){return unescape(encodeURIComponent(o))},r.decodeUtf8=function(o){return decodeURIComponent(escape(o))},r.binary={raw:{},hex:{},base64:{},base58:{},baseN:{encode:e.encode,decode:e.decode}},r.binary.raw.encode=function(o){return String.fromCharCode.apply(null,o)},r.binary.raw.decode=function(o,h,g){var I=h;I||(I=new Uint8Array(o.length)),g=g||0;for(var _=g,d=0;d<o.length;++d)I[_++]=o.charCodeAt(d);return h?_-g:I},r.binary.hex.encode=r.bytesToHex,r.binary.hex.decode=function(o,h,g){var I=h;I||(I=new Uint8Array(Math.ceil(o.length/2))),g=g||0;var _=0,d=g;for(o.length&1&&(_=1,I[d++]=parseInt(o[0],16));_<o.length;_+=2)I[d++]=parseInt(o.substr(_,2),16);return h?d-g:I},r.binary.base64.encode=function(o,h){for(var g="",I="",_,d,s,n=0;n<o.byteLength;)_=o[n++],d=o[n++],s=o[n++],g+=a.charAt(_>>2),g+=a.charAt((_&3)<<4|d>>4),isNaN(d)?g+="==":(g+=a.charAt((d&15)<<2|s>>6),g+=isNaN(s)?"=":a.charAt(s&63)),h&&g.length>h&&(I+=g.substr(0,h)+`\r
4
+ `,g=g.substr(h));return I+=g,I},r.binary.base64.decode=function(o,h,g){var I=h;I||(I=new Uint8Array(Math.ceil(o.length/4)*3)),o=o.replace(/[^A-Za-z0-9\+\/\=]/g,""),g=g||0;for(var _,d,s,n,B=0,U=g;B<o.length;)_=v[o.charCodeAt(B++)-43],d=v[o.charCodeAt(B++)-43],s=v[o.charCodeAt(B++)-43],n=v[o.charCodeAt(B++)-43],I[U++]=_<<2|d>>4,s!==64&&(I[U++]=(d&15)<<4|s>>2,n!==64&&(I[U++]=(s&3)<<6|n));return h?U-g:I.subarray(0,U)},r.binary.base58.encode=function(o,h){return r.binary.baseN.encode(o,l,h)},r.binary.base58.decode=function(o,h){return r.binary.baseN.decode(o,l,h)},r.text={utf8:{},utf16:{}},r.text.utf8.encode=function(o,h,g){o=r.encodeUtf8(o);var I=h;I||(I=new Uint8Array(o.length)),g=g||0;for(var _=g,d=0;d<o.length;++d)I[_++]=o.charCodeAt(d);return h?_-g:I},r.text.utf8.decode=function(o){return r.decodeUtf8(String.fromCharCode.apply(null,o))},r.text.utf16.encode=function(o,h,g){var I=h;I||(I=new Uint8Array(o.length*2));var _=new Uint16Array(I.buffer);g=g||0;for(var d=g,s=g,n=0;n<o.length;++n)_[s++]=o.charCodeAt(n),d+=2;return h?d-g:I},r.text.utf16.decode=function(o){return String.fromCharCode.apply(null,new Uint16Array(o.buffer))},r.deflate=function(o,h,g){if(h=r.decode64(o.deflate(r.encode64(h)).rval),g){var I=2,_=h.charCodeAt(1);_&32&&(I=6),h=h.substring(I,h.length-4)}return h},r.inflate=function(o,h,g){var I=o.inflate(r.encode64(h)).rval;return I===null?null:r.decode64(I)};var S=function(o,h,g){if(!o)throw new Error("WebStorage not available.");var I;if(g===null?I=o.removeItem(h):(g=r.encode64(JSON.stringify(g)),I=o.setItem(h,g)),typeof I<"u"&&I.rval!==!0){var _=new Error(I.error.message);throw _.id=I.error.id,_.name=I.error.name,_}},L=function(o,h){if(!o)throw new Error("WebStorage not available.");var g=o.getItem(h);if(o.init)if(g.rval===null){if(g.error){var I=new Error(g.error.message);throw I.id=g.error.id,I.name=g.error.name,I}g=null}else g=g.rval;return g!==null&&(g=JSON.parse(r.decode64(g))),g},b=function(o,h,g,I){var _=L(o,h);_===null&&(_={}),_[g]=I,S(o,h,_)},f=function(o,h,g){var I=L(o,h);return I!==null&&(I=g in I?I[g]:null),I},m=function(o,h,g){var I=L(o,h);if(I!==null&&g in I){delete I[g];var _=!0;for(var d in I){_=!1;break}_&&(I=null),S(o,h,I)}},E=function(o,h){S(o,h,null)},C=function(o,h,g){var I=null;typeof g>"u"&&(g=["web","flash"]);var _,d=!1,s=null;for(var n in g){_=g[n];try{if(_==="flash"||_==="both"){if(h[0]===null)throw new Error("Flash local storage not available.");I=o.apply(this,h),d=_==="flash"}(_==="web"||_==="both")&&(h[0]=localStorage,I=o.apply(this,h),d=!0)}catch(B){s=B}if(d)break}if(!d)throw s;return I};return r.setItem=function(o,h,g,I,_){C(b,arguments,_)},r.getItem=function(o,h,g,I){return C(f,arguments,I)},r.removeItem=function(o,h,g,I){C(m,arguments,I)},r.clearItems=function(o,h,g){C(E,arguments,g)},r.isEmpty=function(o){for(var h in o)if(o.hasOwnProperty(h))return!1;return!0},r.format=function(o){for(var h=/%./g,g,I,_=0,d=[],s=0;g=h.exec(o);){I=o.substring(s,h.lastIndex-2),I.length>0&&d.push(I),s=h.lastIndex;var n=g[0][1];switch(n){case"s":case"o":_<arguments.length?d.push(arguments[_+++1]):d.push("<?>");break;case"%":d.push("%");break;default:d.push("<%"+n+"?>")}}return d.push(o.substring(s)),d.join("")},r.formatNumber=function(o,h,g,I){var _=o,d=isNaN(h=Math.abs(h))?2:h,s=g===void 0?",":g,n=I===void 0?".":I,B=_<0?"-":"",U=parseInt(_=Math.abs(+_||0).toFixed(d),10)+"",O=U.length>3?U.length%3:0;return B+(O?U.substr(0,O)+n:"")+U.substr(O).replace(/(\d{3})(?=\d)/g,"$1"+n)+(d?s+Math.abs(_-U).toFixed(d).slice(2):"")},r.formatSize=function(o){return o>=1073741824?o=r.formatNumber(o/1073741824,2,".","")+" GiB":o>=1048576?o=r.formatNumber(o/1048576,2,".","")+" MiB":o>=1024?o=r.formatNumber(o/1024,0)+" KiB":o=r.formatNumber(o,0)+" bytes",o},r.bytesFromIP=function(o){return o.indexOf(".")!==-1?r.bytesFromIPv4(o):o.indexOf(":")!==-1?r.bytesFromIPv6(o):null},r.bytesFromIPv4=function(o){if(o=o.split("."),o.length!==4)return null;for(var h=r.createBuffer(),g=0;g<o.length;++g){var I=parseInt(o[g],10);if(isNaN(I))return null;h.putByte(I)}return h.getBytes()},r.bytesFromIPv6=function(o){var h=0;o=o.split(":").filter(function(s){return s.length===0&&++h,!0});for(var g=(8-o.length+h)*2,I=r.createBuffer(),_=0;_<8;++_){if(!o[_]||o[_].length===0){I.fillWithByte(0,g),g=0;continue}var d=r.hexToBytes(o[_]);d.length<2&&I.putByte(0),I.putBytes(d)}return I.getBytes()},r.bytesToIP=function(o){return o.length===4?r.bytesToIPv4(o):o.length===16?r.bytesToIPv6(o):null},r.bytesToIPv4=function(o){if(o.length!==4)return null;for(var h=[],g=0;g<o.length;++g)h.push(o.charCodeAt(g));return h.join(".")},r.bytesToIPv6=function(o){if(o.length!==16)return null;for(var h=[],g=[],I=0,_=0;_<o.length;_+=2){for(var d=r.bytesToHex(o[_]+o[_+1]);d[0]==="0"&&d!=="0";)d=d.substr(1);if(d==="0"){var s=g[g.length-1],n=h.length;!s||n!==s.end+1?g.push({start:n,end:n}):(s.end=n,s.end-s.start>g[I].end-g[I].start&&(I=g.length-1))}h.push(d)}if(g.length>0){var B=g[I];B.end-B.start>0&&(h.splice(B.start,B.end-B.start+1,""),B.start===0&&h.unshift(""),B.end===7&&h.push(""))}return h.join(":")},r.estimateCores=function(o,h){if(typeof o=="function"&&(h=o,o={}),o=o||{},"cores"in r&&!o.update)return h(null,r.cores);if(typeof navigator<"u"&&"hardwareConcurrency"in navigator&&navigator.hardwareConcurrency>0)return r.cores=navigator.hardwareConcurrency,h(null,r.cores);if(typeof Worker>"u")return r.cores=1,h(null,r.cores);if(typeof Blob>"u")return r.cores=2,h(null,r.cores);var g=URL.createObjectURL(new Blob(["(",(function(){self.addEventListener("message",function(s){var n=Date.now(),B=n+4;self.postMessage({st:n,et:B})})}).toString(),")()"],{type:"application/javascript"}));I([],5,16);function I(s,n,B){if(n===0){var U=Math.floor(s.reduce(function(O,P){return O+P},0)/s.length);return r.cores=Math.max(1,U),URL.revokeObjectURL(g),h(null,r.cores)}_(B,function(O,P){s.push(d(B,P)),I(s,n-1,B)})}function _(s,n){for(var B=[],U=[],O=0;O<s;++O){var P=new Worker(g);P.addEventListener("message",function(F){if(U.push(F.data),U.length===s){for(var q=0;q<s;++q)B[q].terminate();n(null,U)}}),B.push(P)}for(var O=0;O<s;++O)B[O].postMessage(O)}function d(s,n){for(var B=[],U=0;U<s;++U)for(var O=n[U],P=B[U]=[],F=0;F<s;++F)if(U!==F){var q=n[F];(O.st>q.st&&O.st<q.et||q.st>O.st&&q.st<O.et)&&P.push(F)}return B.reduce(function(M,H){return Math.max(M,H.length)},0)}},gr.exports}var Cr,Va;function ga(){if(Va)return Cr;Va=1;var t=ye();me(),Cr=t.cipher=t.cipher||{},t.cipher.algorithms=t.cipher.algorithms||{},t.cipher.createCipher=function(r,i){var p=r;if(typeof p=="string"&&(p=t.cipher.getAlgorithm(p),p&&(p=p())),!p)throw new Error("Unsupported algorithm: "+r);return new t.cipher.BlockCipher({algorithm:p,key:i,decrypt:!1})},t.cipher.createDecipher=function(r,i){var p=r;if(typeof p=="string"&&(p=t.cipher.getAlgorithm(p),p&&(p=p())),!p)throw new Error("Unsupported algorithm: "+r);return new t.cipher.BlockCipher({algorithm:p,key:i,decrypt:!0})},t.cipher.registerAlgorithm=function(r,i){r=r.toUpperCase(),t.cipher.algorithms[r]=i},t.cipher.getAlgorithm=function(r){return r=r.toUpperCase(),r in t.cipher.algorithms?t.cipher.algorithms[r]:null};var e=t.cipher.BlockCipher=function(r){this.algorithm=r.algorithm,this.mode=this.algorithm.mode,this.blockSize=this.mode.blockSize,this._finish=!1,this._input=null,this.output=null,this._op=r.decrypt?this.mode.decrypt:this.mode.encrypt,this._decrypt=r.decrypt,this.algorithm.initialize(r)};return e.prototype.start=function(r){r=r||{};var i={};for(var p in r)i[p]=r[p];i.decrypt=this._decrypt,this._finish=!1,this._input=t.util.createBuffer(),this.output=r.output||t.util.createBuffer(),this.mode.start(i)},e.prototype.update=function(r){for(r&&this._input.putBuffer(r);!this._op.call(this.mode,this._input,this.output,this._finish)&&!this._finish;);this._input.compact()},e.prototype.finish=function(r){r&&(this.mode.name==="ECB"||this.mode.name==="CBC")&&(this.mode.pad=function(p){return r(this.blockSize,p,!1)},this.mode.unpad=function(p){return r(this.blockSize,p,!0)});var i={};return i.decrypt=this._decrypt,i.overflow=this._input.length()%this.blockSize,!(!this._decrypt&&this.mode.pad&&!this.mode.pad(this._input,i)||(this._finish=!0,this.update(),this._decrypt&&this.mode.unpad&&!this.mode.unpad(this.output,i))||this.mode.afterFinish&&!this.mode.afterFinish(this.output,i))},Cr}var Er={exports:{}},Oa;function Xn(){if(Oa)return Er.exports;Oa=1;var t=ye();me(),t.cipher=t.cipher||{};var e=Er.exports=t.cipher.modes=t.cipher.modes||{};e.ecb=function(y){y=y||{},this.name="ECB",this.cipher=y.cipher,this.blockSize=y.blockSize||16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints)},e.ecb.prototype.start=function(y){},e.ecb.prototype.encrypt=function(y,c,a){if(y.length()<this.blockSize&&!(a&&y.length()>0))return!0;for(var v=0;v<this._ints;++v)this._inBlock[v]=y.getInt32();this.cipher.encrypt(this._inBlock,this._outBlock);for(var v=0;v<this._ints;++v)c.putInt32(this._outBlock[v])},e.ecb.prototype.decrypt=function(y,c,a){if(y.length()<this.blockSize&&!(a&&y.length()>0))return!0;for(var v=0;v<this._ints;++v)this._inBlock[v]=y.getInt32();this.cipher.decrypt(this._inBlock,this._outBlock);for(var v=0;v<this._ints;++v)c.putInt32(this._outBlock[v])},e.ecb.prototype.pad=function(y,c){var a=y.length()===this.blockSize?this.blockSize:this.blockSize-y.length();return y.fillWithByte(a,a),!0},e.ecb.prototype.unpad=function(y,c){if(c.overflow>0)return!1;var a=y.length(),v=y.at(a-1);return v>this.blockSize<<2?!1:(y.truncate(v),!0)},e.cbc=function(y){y=y||{},this.name="CBC",this.cipher=y.cipher,this.blockSize=y.blockSize||16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints)},e.cbc.prototype.start=function(y){if(y.iv===null){if(!this._prev)throw new Error("Invalid IV parameter.");this._iv=this._prev.slice(0)}else if("iv"in y)this._iv=r(y.iv,this.blockSize),this._prev=this._iv.slice(0);else throw new Error("Invalid IV parameter.")},e.cbc.prototype.encrypt=function(y,c,a){if(y.length()<this.blockSize&&!(a&&y.length()>0))return!0;for(var v=0;v<this._ints;++v)this._inBlock[v]=this._prev[v]^y.getInt32();this.cipher.encrypt(this._inBlock,this._outBlock);for(var v=0;v<this._ints;++v)c.putInt32(this._outBlock[v]);this._prev=this._outBlock},e.cbc.prototype.decrypt=function(y,c,a){if(y.length()<this.blockSize&&!(a&&y.length()>0))return!0;for(var v=0;v<this._ints;++v)this._inBlock[v]=y.getInt32();this.cipher.decrypt(this._inBlock,this._outBlock);for(var v=0;v<this._ints;++v)c.putInt32(this._prev[v]^this._outBlock[v]);this._prev=this._inBlock.slice(0)},e.cbc.prototype.pad=function(y,c){var a=y.length()===this.blockSize?this.blockSize:this.blockSize-y.length();return y.fillWithByte(a,a),!0},e.cbc.prototype.unpad=function(y,c){if(c.overflow>0)return!1;var a=y.length(),v=y.at(a-1);return v>this.blockSize<<2?!1:(y.truncate(v),!0)},e.cfb=function(y){y=y||{},this.name="CFB",this.cipher=y.cipher,this.blockSize=y.blockSize||16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialBlock=new Array(this._ints),this._partialOutput=t.util.createBuffer(),this._partialBytes=0},e.cfb.prototype.start=function(y){if(!("iv"in y))throw new Error("Invalid IV parameter.");this._iv=r(y.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},e.cfb.prototype.encrypt=function(y,c,a){var v=y.length();if(v===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&v>=this.blockSize){for(var l=0;l<this._ints;++l)this._inBlock[l]=y.getInt32()^this._outBlock[l],c.putInt32(this._inBlock[l]);return}var S=(this.blockSize-v)%this.blockSize;S>0&&(S=this.blockSize-S),this._partialOutput.clear();for(var l=0;l<this._ints;++l)this._partialBlock[l]=y.getInt32()^this._outBlock[l],this._partialOutput.putInt32(this._partialBlock[l]);if(S>0)y.read-=this.blockSize;else for(var l=0;l<this._ints;++l)this._inBlock[l]=this._partialBlock[l];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),S>0&&!a)return c.putBytes(this._partialOutput.getBytes(S-this._partialBytes)),this._partialBytes=S,!0;c.putBytes(this._partialOutput.getBytes(v-this._partialBytes)),this._partialBytes=0},e.cfb.prototype.decrypt=function(y,c,a){var v=y.length();if(v===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&v>=this.blockSize){for(var l=0;l<this._ints;++l)this._inBlock[l]=y.getInt32(),c.putInt32(this._inBlock[l]^this._outBlock[l]);return}var S=(this.blockSize-v)%this.blockSize;S>0&&(S=this.blockSize-S),this._partialOutput.clear();for(var l=0;l<this._ints;++l)this._partialBlock[l]=y.getInt32(),this._partialOutput.putInt32(this._partialBlock[l]^this._outBlock[l]);if(S>0)y.read-=this.blockSize;else for(var l=0;l<this._ints;++l)this._inBlock[l]=this._partialBlock[l];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),S>0&&!a)return c.putBytes(this._partialOutput.getBytes(S-this._partialBytes)),this._partialBytes=S,!0;c.putBytes(this._partialOutput.getBytes(v-this._partialBytes)),this._partialBytes=0},e.ofb=function(y){y=y||{},this.name="OFB",this.cipher=y.cipher,this.blockSize=y.blockSize||16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialOutput=t.util.createBuffer(),this._partialBytes=0},e.ofb.prototype.start=function(y){if(!("iv"in y))throw new Error("Invalid IV parameter.");this._iv=r(y.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},e.ofb.prototype.encrypt=function(y,c,a){var v=y.length();if(y.length()===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&v>=this.blockSize){for(var l=0;l<this._ints;++l)c.putInt32(y.getInt32()^this._outBlock[l]),this._inBlock[l]=this._outBlock[l];return}var S=(this.blockSize-v)%this.blockSize;S>0&&(S=this.blockSize-S),this._partialOutput.clear();for(var l=0;l<this._ints;++l)this._partialOutput.putInt32(y.getInt32()^this._outBlock[l]);if(S>0)y.read-=this.blockSize;else for(var l=0;l<this._ints;++l)this._inBlock[l]=this._outBlock[l];if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),S>0&&!a)return c.putBytes(this._partialOutput.getBytes(S-this._partialBytes)),this._partialBytes=S,!0;c.putBytes(this._partialOutput.getBytes(v-this._partialBytes)),this._partialBytes=0},e.ofb.prototype.decrypt=e.ofb.prototype.encrypt,e.ctr=function(y){y=y||{},this.name="CTR",this.cipher=y.cipher,this.blockSize=y.blockSize||16,this._ints=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._ints),this._partialOutput=t.util.createBuffer(),this._partialBytes=0},e.ctr.prototype.start=function(y){if(!("iv"in y))throw new Error("Invalid IV parameter.");this._iv=r(y.iv,this.blockSize),this._inBlock=this._iv.slice(0),this._partialBytes=0},e.ctr.prototype.encrypt=function(y,c,a){var v=y.length();if(v===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&v>=this.blockSize)for(var l=0;l<this._ints;++l)c.putInt32(y.getInt32()^this._outBlock[l]);else{var S=(this.blockSize-v)%this.blockSize;S>0&&(S=this.blockSize-S),this._partialOutput.clear();for(var l=0;l<this._ints;++l)this._partialOutput.putInt32(y.getInt32()^this._outBlock[l]);if(S>0&&(y.read-=this.blockSize),this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),S>0&&!a)return c.putBytes(this._partialOutput.getBytes(S-this._partialBytes)),this._partialBytes=S,!0;c.putBytes(this._partialOutput.getBytes(v-this._partialBytes)),this._partialBytes=0}i(this._inBlock)},e.ctr.prototype.decrypt=e.ctr.prototype.encrypt,e.gcm=function(y){y=y||{},this.name="GCM",this.cipher=y.cipher,this.blockSize=y.blockSize||16,this._ints=this.blockSize/4,this._inBlock=new Array(this._ints),this._outBlock=new Array(this._ints),this._partialOutput=t.util.createBuffer(),this._partialBytes=0,this._R=3774873600},e.gcm.prototype.start=function(y){if(!("iv"in y))throw new Error("Invalid IV parameter.");var c=t.util.createBuffer(y.iv);this._cipherLength=0;var a;if("additionalData"in y?a=t.util.createBuffer(y.additionalData):a=t.util.createBuffer(),"tagLength"in y?this._tagLength=y.tagLength:this._tagLength=128,this._tag=null,y.decrypt&&(this._tag=t.util.createBuffer(y.tag).getBytes(),this._tag.length!==this._tagLength/8))throw new Error("Authentication tag does not match tag length.");this._hashBlock=new Array(this._ints),this.tag=null,this._hashSubkey=new Array(this._ints),this.cipher.encrypt([0,0,0,0],this._hashSubkey),this.componentBits=4,this._m=this.generateHashTable(this._hashSubkey,this.componentBits);var v=c.length();if(v===12)this._j0=[c.getInt32(),c.getInt32(),c.getInt32(),1];else{for(this._j0=[0,0,0,0];c.length()>0;)this._j0=this.ghash(this._hashSubkey,this._j0,[c.getInt32(),c.getInt32(),c.getInt32(),c.getInt32()]);this._j0=this.ghash(this._hashSubkey,this._j0,[0,0].concat(p(v*8)))}this._inBlock=this._j0.slice(0),i(this._inBlock),this._partialBytes=0,a=t.util.createBuffer(a),this._aDataLength=p(a.length()*8);var l=a.length()%this.blockSize;for(l&&a.fillWithByte(0,this.blockSize-l),this._s=[0,0,0,0];a.length()>0;)this._s=this.ghash(this._hashSubkey,this._s,[a.getInt32(),a.getInt32(),a.getInt32(),a.getInt32()])},e.gcm.prototype.encrypt=function(y,c,a){var v=y.length();if(v===0)return!0;if(this.cipher.encrypt(this._inBlock,this._outBlock),this._partialBytes===0&&v>=this.blockSize){for(var l=0;l<this._ints;++l)c.putInt32(this._outBlock[l]^=y.getInt32());this._cipherLength+=this.blockSize}else{var S=(this.blockSize-v)%this.blockSize;S>0&&(S=this.blockSize-S),this._partialOutput.clear();for(var l=0;l<this._ints;++l)this._partialOutput.putInt32(y.getInt32()^this._outBlock[l]);if(S<=0||a){if(a){var L=v%this.blockSize;this._cipherLength+=L,this._partialOutput.truncate(this.blockSize-L)}else this._cipherLength+=this.blockSize;for(var l=0;l<this._ints;++l)this._outBlock[l]=this._partialOutput.getInt32();this._partialOutput.read-=this.blockSize}if(this._partialBytes>0&&this._partialOutput.getBytes(this._partialBytes),S>0&&!a)return y.read-=this.blockSize,c.putBytes(this._partialOutput.getBytes(S-this._partialBytes)),this._partialBytes=S,!0;c.putBytes(this._partialOutput.getBytes(v-this._partialBytes)),this._partialBytes=0}this._s=this.ghash(this._hashSubkey,this._s,this._outBlock),i(this._inBlock)},e.gcm.prototype.decrypt=function(y,c,a){var v=y.length();if(v<this.blockSize&&!(a&&v>0))return!0;this.cipher.encrypt(this._inBlock,this._outBlock),i(this._inBlock),this._hashBlock[0]=y.getInt32(),this._hashBlock[1]=y.getInt32(),this._hashBlock[2]=y.getInt32(),this._hashBlock[3]=y.getInt32(),this._s=this.ghash(this._hashSubkey,this._s,this._hashBlock);for(var l=0;l<this._ints;++l)c.putInt32(this._outBlock[l]^this._hashBlock[l]);v<this.blockSize?this._cipherLength+=v%this.blockSize:this._cipherLength+=this.blockSize},e.gcm.prototype.afterFinish=function(y,c){var a=!0;c.decrypt&&c.overflow&&y.truncate(this.blockSize-c.overflow),this.tag=t.util.createBuffer();var v=this._aDataLength.concat(p(this._cipherLength*8));this._s=this.ghash(this._hashSubkey,this._s,v);var l=[];this.cipher.encrypt(this._j0,l);for(var S=0;S<this._ints;++S)this.tag.putInt32(this._s[S]^l[S]);return this.tag.truncate(this.tag.length()%(this._tagLength/8)),c.decrypt&&this.tag.bytes()!==this._tag&&(a=!1),a},e.gcm.prototype.multiply=function(y,c){for(var a=[0,0,0,0],v=c.slice(0),l=0;l<128;++l){var S=y[l/32|0]&1<<31-l%32;S&&(a[0]^=v[0],a[1]^=v[1],a[2]^=v[2],a[3]^=v[3]),this.pow(v,v)}return a},e.gcm.prototype.pow=function(y,c){for(var a=y[3]&1,v=3;v>0;--v)c[v]=y[v]>>>1|(y[v-1]&1)<<31;c[0]=y[0]>>>1,a&&(c[0]^=this._R)},e.gcm.prototype.tableMultiply=function(y){for(var c=[0,0,0,0],a=0;a<32;++a){var v=a/8|0,l=y[v]>>>(7-a%8)*4&15,S=this._m[a][l];c[0]^=S[0],c[1]^=S[1],c[2]^=S[2],c[3]^=S[3]}return c},e.gcm.prototype.ghash=function(y,c,a){return c[0]^=a[0],c[1]^=a[1],c[2]^=a[2],c[3]^=a[3],this.tableMultiply(c)},e.gcm.prototype.generateHashTable=function(y,c){for(var a=8/c,v=4*a,l=16*a,S=new Array(l),L=0;L<l;++L){var b=[0,0,0,0],f=L/v|0,m=(v-1-L%v)*c;b[f]=1<<c-1<<m,S[L]=this.generateSubHashTable(this.multiply(b,y),c)}return S},e.gcm.prototype.generateSubHashTable=function(y,c){var a=1<<c,v=a>>>1,l=new Array(a);l[v]=y.slice(0);for(var S=v>>>1;S>0;)this.pow(l[2*S],l[S]=[]),S>>=1;for(S=2;S<v;){for(var L=1;L<S;++L){var b=l[S],f=l[L];l[S+L]=[b[0]^f[0],b[1]^f[1],b[2]^f[2],b[3]^f[3]]}S*=2}for(l[0]=[0,0,0,0],S=v+1;S<a;++S){var m=l[S^v];l[S]=[y[0]^m[0],y[1]^m[1],y[2]^m[2],y[3]^m[3]]}return l};function r(y,c){if(typeof y=="string"&&(y=t.util.createBuffer(y)),t.util.isArray(y)&&y.length>4){var a=y;y=t.util.createBuffer();for(var v=0;v<a.length;++v)y.putByte(a[v])}if(y.length()<c)throw new Error("Invalid IV length; got "+y.length()+" bytes and expected "+c+" bytes.");if(!t.util.isArray(y)){for(var l=[],S=c/4,v=0;v<S;++v)l.push(y.getInt32());y=l}return y}function i(y){y[y.length-1]=y[y.length-1]+1&4294967295}function p(y){return[y/4294967296|0,y&4294967295]}return Er.exports}var xr,Fa;function wt(){if(Fa)return xr;Fa=1;var t=ye();ga(),Xn(),me(),xr=t.aes=t.aes||{},t.aes.startEncrypting=function(f,m,E,C){var o=b({key:f,output:E,decrypt:!1,mode:C});return o.start(m),o},t.aes.createEncryptionCipher=function(f,m){return b({key:f,output:null,decrypt:!1,mode:m})},t.aes.startDecrypting=function(f,m,E,C){var o=b({key:f,output:E,decrypt:!0,mode:C});return o.start(m),o},t.aes.createDecryptionCipher=function(f,m){return b({key:f,output:null,decrypt:!0,mode:m})},t.aes.Algorithm=function(f,m){r||l();var E=this;E.name=f,E.mode=new m({blockSize:16,cipher:{encrypt:function(C,o){return L(E._w,C,o,!1)},decrypt:function(C,o){return L(E._w,C,o,!0)}}}),E._init=!1},t.aes.Algorithm.prototype.initialize=function(f){if(!this._init){var m=f.key,E;if(typeof m=="string"&&(m.length===16||m.length===24||m.length===32))m=t.util.createBuffer(m);else if(t.util.isArray(m)&&(m.length===16||m.length===24||m.length===32)){E=m,m=t.util.createBuffer();for(var C=0;C<E.length;++C)m.putByte(E[C])}if(!t.util.isArray(m)){E=m,m=[];var o=E.length();if(o===16||o===24||o===32){o=o>>>2;for(var C=0;C<o;++C)m.push(E.getInt32())}}if(!t.util.isArray(m)||!(m.length===4||m.length===6||m.length===8))throw new Error("Invalid key parameter.");var h=this.mode.name,g=["CFB","OFB","CTR","GCM"].indexOf(h)!==-1;this._w=S(m,f.decrypt&&!g),this._init=!0}},t.aes._expandKey=function(f,m){return r||l(),S(f,m)},t.aes._updateBlock=L,e("AES-ECB",t.cipher.modes.ecb),e("AES-CBC",t.cipher.modes.cbc),e("AES-CFB",t.cipher.modes.cfb),e("AES-OFB",t.cipher.modes.ofb),e("AES-CTR",t.cipher.modes.ctr),e("AES-GCM",t.cipher.modes.gcm);function e(f,m){var E=function(){return new t.aes.Algorithm(f,m)};t.cipher.registerAlgorithm(f,E)}var r=!1,i=4,p,y,c,a,v;function l(){r=!0,c=[0,1,2,4,8,16,32,64,128,27,54];for(var f=new Array(256),m=0;m<128;++m)f[m]=m<<1,f[m+128]=m+128<<1^283;p=new Array(256),y=new Array(256),a=new Array(4),v=new Array(4);for(var m=0;m<4;++m)a[m]=new Array(256),v[m]=new Array(256);for(var E=0,C=0,o,h,g,I,_,d,s,m=0;m<256;++m){I=C^C<<1^C<<2^C<<3^C<<4,I=I>>8^I&255^99,p[E]=I,y[I]=E,_=f[I],o=f[E],h=f[o],g=f[h],d=_<<24^I<<16^I<<8^(I^_),s=(o^h^g)<<24^(E^g)<<16^(E^h^g)<<8^(E^o^g);for(var n=0;n<4;++n)a[n][E]=d,v[n][I]=s,d=d<<24|d>>>8,s=s<<24|s>>>8;E===0?E=C=1:(E=o^f[f[f[o^g]]],C^=f[f[C]])}}function S(f,m){for(var E=f.slice(0),C,o=1,h=E.length,g=h+6+1,I=i*g,_=h;_<I;++_)C=E[_-1],_%h===0?(C=p[C>>>16&255]<<24^p[C>>>8&255]<<16^p[C&255]<<8^p[C>>>24]^c[o]<<24,o++):h>6&&_%h===4&&(C=p[C>>>24]<<24^p[C>>>16&255]<<16^p[C>>>8&255]<<8^p[C&255]),E[_]=E[_-h]^C;if(m){var d,s=v[0],n=v[1],B=v[2],U=v[3],O=E.slice(0);I=E.length;for(var _=0,P=I-i;_<I;_+=i,P-=i)if(_===0||_===I-i)O[_]=E[P],O[_+1]=E[P+3],O[_+2]=E[P+2],O[_+3]=E[P+1];else for(var F=0;F<i;++F)d=E[P+F],O[_+(3&-F)]=s[p[d>>>24]]^n[p[d>>>16&255]]^B[p[d>>>8&255]]^U[p[d&255]];E=O}return E}function L(f,m,E,C){var o=f.length/4-1,h,g,I,_,d;C?(h=v[0],g=v[1],I=v[2],_=v[3],d=y):(h=a[0],g=a[1],I=a[2],_=a[3],d=p);var s,n,B,U,O,P,F;s=m[0]^f[0],n=m[C?3:1]^f[1],B=m[2]^f[2],U=m[C?1:3]^f[3];for(var q=3,M=1;M<o;++M)O=h[s>>>24]^g[n>>>16&255]^I[B>>>8&255]^_[U&255]^f[++q],P=h[n>>>24]^g[B>>>16&255]^I[U>>>8&255]^_[s&255]^f[++q],F=h[B>>>24]^g[U>>>16&255]^I[s>>>8&255]^_[n&255]^f[++q],U=h[U>>>24]^g[s>>>16&255]^I[n>>>8&255]^_[B&255]^f[++q],s=O,n=P,B=F;E[0]=d[s>>>24]<<24^d[n>>>16&255]<<16^d[B>>>8&255]<<8^d[U&255]^f[++q],E[C?3:1]=d[n>>>24]<<24^d[B>>>16&255]<<16^d[U>>>8&255]<<8^d[s&255]^f[++q],E[2]=d[B>>>24]<<24^d[U>>>16&255]<<16^d[s>>>8&255]<<8^d[n&255]^f[++q],E[C?1:3]=d[U>>>24]<<24^d[s>>>16&255]<<16^d[n>>>8&255]<<8^d[B&255]^f[++q]}function b(f){f=f||{};var m=(f.mode||"CBC").toUpperCase(),E="AES-"+m,C;f.decrypt?C=t.cipher.createDecipher(E,f.key):C=t.cipher.createCipher(E,f.key);var o=C.start;return C.start=function(h,g){var I=null;g instanceof t.util.ByteBuffer&&(I=g,g={}),g=g||{},g.output=I,g.iv=h,o.call(C,g)},C}return xr}var Sr={exports:{}},br={exports:{}},Tr={exports:{}},Ka;function Nt(){if(Ka)return Tr.exports;Ka=1;var t=ye();t.pki=t.pki||{};var e=Tr.exports=t.pki.oids=t.oids=t.oids||{};function r(p,y){e[p]=y,e[y]=p}function i(p,y){e[p]=y}return r("1.2.840.113549.1.1.1","rsaEncryption"),r("1.2.840.113549.1.1.4","md5WithRSAEncryption"),r("1.2.840.113549.1.1.5","sha1WithRSAEncryption"),r("1.2.840.113549.1.1.7","RSAES-OAEP"),r("1.2.840.113549.1.1.8","mgf1"),r("1.2.840.113549.1.1.9","pSpecified"),r("1.2.840.113549.1.1.10","RSASSA-PSS"),r("1.2.840.113549.1.1.11","sha256WithRSAEncryption"),r("1.2.840.113549.1.1.12","sha384WithRSAEncryption"),r("1.2.840.113549.1.1.13","sha512WithRSAEncryption"),r("1.3.101.112","EdDSA25519"),r("1.2.840.10040.4.3","dsa-with-sha1"),r("1.3.14.3.2.7","desCBC"),r("1.3.14.3.2.26","sha1"),r("1.3.14.3.2.29","sha1WithRSASignature"),r("2.16.840.1.101.3.4.2.1","sha256"),r("2.16.840.1.101.3.4.2.2","sha384"),r("2.16.840.1.101.3.4.2.3","sha512"),r("2.16.840.1.101.3.4.2.4","sha224"),r("2.16.840.1.101.3.4.2.5","sha512-224"),r("2.16.840.1.101.3.4.2.6","sha512-256"),r("1.2.840.113549.2.2","md2"),r("1.2.840.113549.2.5","md5"),r("1.2.840.113549.1.7.1","data"),r("1.2.840.113549.1.7.2","signedData"),r("1.2.840.113549.1.7.3","envelopedData"),r("1.2.840.113549.1.7.4","signedAndEnvelopedData"),r("1.2.840.113549.1.7.5","digestedData"),r("1.2.840.113549.1.7.6","encryptedData"),r("1.2.840.113549.1.9.1","emailAddress"),r("1.2.840.113549.1.9.2","unstructuredName"),r("1.2.840.113549.1.9.3","contentType"),r("1.2.840.113549.1.9.4","messageDigest"),r("1.2.840.113549.1.9.5","signingTime"),r("1.2.840.113549.1.9.6","counterSignature"),r("1.2.840.113549.1.9.7","challengePassword"),r("1.2.840.113549.1.9.8","unstructuredAddress"),r("1.2.840.113549.1.9.14","extensionRequest"),r("1.2.840.113549.1.9.20","friendlyName"),r("1.2.840.113549.1.9.21","localKeyId"),r("1.2.840.113549.1.9.22.1","x509Certificate"),r("1.2.840.113549.1.12.10.1.1","keyBag"),r("1.2.840.113549.1.12.10.1.2","pkcs8ShroudedKeyBag"),r("1.2.840.113549.1.12.10.1.3","certBag"),r("1.2.840.113549.1.12.10.1.4","crlBag"),r("1.2.840.113549.1.12.10.1.5","secretBag"),r("1.2.840.113549.1.12.10.1.6","safeContentsBag"),r("1.2.840.113549.1.5.13","pkcs5PBES2"),r("1.2.840.113549.1.5.12","pkcs5PBKDF2"),r("1.2.840.113549.1.12.1.1","pbeWithSHAAnd128BitRC4"),r("1.2.840.113549.1.12.1.2","pbeWithSHAAnd40BitRC4"),r("1.2.840.113549.1.12.1.3","pbeWithSHAAnd3-KeyTripleDES-CBC"),r("1.2.840.113549.1.12.1.4","pbeWithSHAAnd2-KeyTripleDES-CBC"),r("1.2.840.113549.1.12.1.5","pbeWithSHAAnd128BitRC2-CBC"),r("1.2.840.113549.1.12.1.6","pbewithSHAAnd40BitRC2-CBC"),r("1.2.840.113549.2.7","hmacWithSHA1"),r("1.2.840.113549.2.8","hmacWithSHA224"),r("1.2.840.113549.2.9","hmacWithSHA256"),r("1.2.840.113549.2.10","hmacWithSHA384"),r("1.2.840.113549.2.11","hmacWithSHA512"),r("1.2.840.113549.3.7","des-EDE3-CBC"),r("2.16.840.1.101.3.4.1.2","aes128-CBC"),r("2.16.840.1.101.3.4.1.22","aes192-CBC"),r("2.16.840.1.101.3.4.1.42","aes256-CBC"),r("2.5.4.3","commonName"),r("2.5.4.4","surname"),r("2.5.4.5","serialNumber"),r("2.5.4.6","countryName"),r("2.5.4.7","localityName"),r("2.5.4.8","stateOrProvinceName"),r("2.5.4.9","streetAddress"),r("2.5.4.10","organizationName"),r("2.5.4.11","organizationalUnitName"),r("2.5.4.12","title"),r("2.5.4.13","description"),r("2.5.4.15","businessCategory"),r("2.5.4.17","postalCode"),r("2.5.4.42","givenName"),r("2.5.4.65","pseudonym"),r("1.3.6.1.4.1.311.60.2.1.2","jurisdictionOfIncorporationStateOrProvinceName"),r("1.3.6.1.4.1.311.60.2.1.3","jurisdictionOfIncorporationCountryName"),r("2.16.840.1.113730.1.1","nsCertType"),r("2.16.840.1.113730.1.13","nsComment"),i("2.5.29.1","authorityKeyIdentifier"),i("2.5.29.2","keyAttributes"),i("2.5.29.3","certificatePolicies"),i("2.5.29.4","keyUsageRestriction"),i("2.5.29.5","policyMapping"),i("2.5.29.6","subtreesConstraint"),i("2.5.29.7","subjectAltName"),i("2.5.29.8","issuerAltName"),i("2.5.29.9","subjectDirectoryAttributes"),i("2.5.29.10","basicConstraints"),i("2.5.29.11","nameConstraints"),i("2.5.29.12","policyConstraints"),i("2.5.29.13","basicConstraints"),r("2.5.29.14","subjectKeyIdentifier"),r("2.5.29.15","keyUsage"),i("2.5.29.16","privateKeyUsagePeriod"),r("2.5.29.17","subjectAltName"),r("2.5.29.18","issuerAltName"),r("2.5.29.19","basicConstraints"),i("2.5.29.20","cRLNumber"),i("2.5.29.21","cRLReason"),i("2.5.29.22","expirationDate"),i("2.5.29.23","instructionCode"),i("2.5.29.24","invalidityDate"),i("2.5.29.25","cRLDistributionPoints"),i("2.5.29.26","issuingDistributionPoint"),i("2.5.29.27","deltaCRLIndicator"),i("2.5.29.28","issuingDistributionPoint"),i("2.5.29.29","certificateIssuer"),i("2.5.29.30","nameConstraints"),r("2.5.29.31","cRLDistributionPoints"),r("2.5.29.32","certificatePolicies"),i("2.5.29.33","policyMappings"),i("2.5.29.34","policyConstraints"),r("2.5.29.35","authorityKeyIdentifier"),i("2.5.29.36","policyConstraints"),r("2.5.29.37","extKeyUsage"),i("2.5.29.46","freshestCRL"),i("2.5.29.54","inhibitAnyPolicy"),r("1.3.6.1.4.1.11129.2.4.2","timestampList"),r("1.3.6.1.5.5.7.1.1","authorityInfoAccess"),r("1.3.6.1.5.5.7.3.1","serverAuth"),r("1.3.6.1.5.5.7.3.2","clientAuth"),r("1.3.6.1.5.5.7.3.3","codeSigning"),r("1.3.6.1.5.5.7.3.4","emailProtection"),r("1.3.6.1.5.5.7.3.8","timeStamping"),Tr.exports}var Ma;function dt(){if(Ma)return br.exports;Ma=1;var t=ye();me(),Nt();var e=br.exports=t.asn1=t.asn1||{};e.Class={UNIVERSAL:0,APPLICATION:64,CONTEXT_SPECIFIC:128,PRIVATE:192},e.Type={NONE:0,BOOLEAN:1,INTEGER:2,BITSTRING:3,OCTETSTRING:4,NULL:5,OID:6,ODESC:7,EXTERNAL:8,REAL:9,ENUMERATED:10,EMBEDDED:11,UTF8:12,ROID:13,SEQUENCE:16,SET:17,PRINTABLESTRING:19,IA5STRING:22,UTCTIME:23,GENERALIZEDTIME:24,BMPSTRING:30},e.maxDepth=256,e.create=function(c,a,v,l,S){if(t.util.isArray(l)){for(var L=[],b=0;b<l.length;++b)l[b]!==void 0&&L.push(l[b]);l=L}var f={tagClass:c,type:a,constructed:v,composed:v||t.util.isArray(l),value:l};return S&&"bitStringContents"in S&&(f.bitStringContents=S.bitStringContents,f.original=e.copy(f)),f},e.copy=function(c,a){var v;if(t.util.isArray(c)){v=[];for(var l=0;l<c.length;++l)v.push(e.copy(c[l],a));return v}return typeof c=="string"?c:(v={tagClass:c.tagClass,type:c.type,constructed:c.constructed,composed:c.composed,value:e.copy(c.value,a)},a&&!a.excludeBitStringContents&&(v.bitStringContents=c.bitStringContents),v)},e.equals=function(c,a,v){if(t.util.isArray(c)){if(!t.util.isArray(a)||c.length!==a.length)return!1;for(var l=0;l<c.length;++l)if(!e.equals(c[l],a[l]))return!1;return!0}if(typeof c!=typeof a)return!1;if(typeof c=="string")return c===a;var S=c.tagClass===a.tagClass&&c.type===a.type&&c.constructed===a.constructed&&c.composed===a.composed&&e.equals(c.value,a.value);return v&&v.includeBitStringContents&&(S=S&&c.bitStringContents===a.bitStringContents),S},e.getBerValueLength=function(c){var a=c.getByte();if(a!==128){var v,l=a&128;return l?v=c.getInt((a&127)<<3):v=a,v}};function r(c,a,v){if(v>a){var l=new Error("Too few bytes to parse DER.");throw l.available=c.length(),l.remaining=a,l.requested=v,l}}var i=function(c,a){var v=c.getByte();if(a--,v!==128){var l,S=v&128;if(!S)l=v;else{var L=v&127;r(c,a,L),l=c.getInt(L<<3)}if(l<0)throw new Error("Negative length: "+l);return l}};e.fromDer=function(c,a){a===void 0&&(a={strict:!0,parseAllBytes:!0,decodeBitStrings:!0}),typeof a=="boolean"&&(a={strict:a,parseAllBytes:!0,decodeBitStrings:!0}),"strict"in a||(a.strict=!0),"parseAllBytes"in a||(a.parseAllBytes=!0),"decodeBitStrings"in a||(a.decodeBitStrings=!0),"maxDepth"in a||(a.maxDepth=e.maxDepth),typeof c=="string"&&(c=t.util.createBuffer(c));var v=c.length(),l=p(c,c.length(),0,a);if(a.parseAllBytes&&c.length()!==0){var S=new Error("Unparsed DER bytes remain after ASN.1 parsing.");throw S.byteCount=v,S.remaining=c.length(),S}return l};function p(c,a,v,l){if(v>=l.maxDepth)throw new Error("ASN.1 parsing error: Max depth exceeded.");var S;r(c,a,2);var L=c.getByte();a--;var b=L&192,f=L&31;S=c.length();var m=i(c,a);if(a-=S-c.length(),m!==void 0&&m>a){if(l.strict){var E=new Error("Too few bytes to read ASN.1 value.");throw E.available=c.length(),E.remaining=a,E.requested=m,E}m=a}var C,o,h=(L&32)===32;if(h)if(C=[],m===void 0)for(;;){if(r(c,a,2),c.bytes(2)==="\0\0"){c.getBytes(2),a-=2;break}S=c.length(),C.push(p(c,a,v+1,l)),a-=S-c.length()}else for(;m>0;)S=c.length(),C.push(p(c,m,v+1,l)),a-=S-c.length(),m-=S-c.length();if(C===void 0&&b===e.Class.UNIVERSAL&&f===e.Type.BITSTRING&&(o=c.bytes(m)),C===void 0&&l.decodeBitStrings&&b===e.Class.UNIVERSAL&&f===e.Type.BITSTRING&&m>1){var g=c.read,I=a,_=0;if(f===e.Type.BITSTRING&&(r(c,a,1),_=c.getByte(),a--),_===0)try{S=c.length();var d={strict:!0,decodeBitStrings:!0},s=p(c,a,v+1,d),n=S-c.length();a-=n,f==e.Type.BITSTRING&&n++;var B=s.tagClass;n===m&&(B===e.Class.UNIVERSAL||B===e.Class.CONTEXT_SPECIFIC)&&(C=[s])}catch{}C===void 0&&(c.read=g,a=I)}if(C===void 0){if(m===void 0){if(l.strict)throw new Error("Non-constructed ASN.1 object of indefinite length.");m=a}if(f===e.Type.BMPSTRING)for(C="";m>0;m-=2)r(c,a,2),C+=String.fromCharCode(c.getInt16()),a-=2;else C=c.getBytes(m),a-=m}var U=o===void 0?null:{bitStringContents:o};return e.create(b,f,h,C,U)}e.toDer=function(c){var a=t.util.createBuffer(),v=c.tagClass|c.type,l=t.util.createBuffer(),S=!1;if("bitStringContents"in c&&(S=!0,c.original&&(S=e.equals(c,c.original))),S)l.putBytes(c.bitStringContents);else if(c.composed){c.constructed?v|=32:l.putByte(0);for(var L=0;L<c.value.length;++L)c.value[L]!==void 0&&l.putBuffer(e.toDer(c.value[L]))}else if(c.type===e.Type.BMPSTRING)for(var L=0;L<c.value.length;++L)l.putInt16(c.value.charCodeAt(L));else c.type===e.Type.INTEGER&&c.value.length>1&&(c.value.charCodeAt(0)===0&&(c.value.charCodeAt(1)&128)===0||c.value.charCodeAt(0)===255&&(c.value.charCodeAt(1)&128)===128)?l.putBytes(c.value.substr(1)):l.putBytes(c.value);if(a.putByte(v),l.length()<=127)a.putByte(l.length()&127);else{var b=l.length(),f="";do f+=String.fromCharCode(b&255),b=b>>>8;while(b>0);a.putByte(f.length|128);for(var L=f.length-1;L>=0;--L)a.putByte(f.charCodeAt(L))}return a.putBuffer(l),a},e.oidToDer=function(c){var a=c.split("."),v=t.util.createBuffer();v.putByte(40*parseInt(a[0],10)+parseInt(a[1],10));for(var l,S,L,b,f=2;f<a.length;++f){if(l=!0,S=[],L=parseInt(a[f],10),L>4294967295)throw new Error("OID value too large; max is 32-bits.");do b=L&127,L=L>>>7,l||(b|=128),S.push(b),l=!1;while(L>0);for(var m=S.length-1;m>=0;--m)v.putByte(S[m])}return v},e.derToOid=function(c){var a;typeof c=="string"&&(c=t.util.createBuffer(c));var v=c.getByte();a=Math.floor(v/40)+"."+v%40;for(var l=0;c.length()>0;){if(l>70368744177663)throw new Error("OID value too large; max is 53-bits.");v=c.getByte(),l=l*128,v&128?l+=v&127:(a+="."+(l+v),l=0)}return a},e.utcTimeToDate=function(c){var a=new Date,v=parseInt(c.substr(0,2),10);v=v>=50?1900+v:2e3+v;var l=parseInt(c.substr(2,2),10)-1,S=parseInt(c.substr(4,2),10),L=parseInt(c.substr(6,2),10),b=parseInt(c.substr(8,2),10),f=0;if(c.length>11){var m=c.charAt(10),E=10;m!=="+"&&m!=="-"&&(f=parseInt(c.substr(10,2),10),E+=2)}if(a.setUTCFullYear(v,l,S),a.setUTCHours(L,b,f,0),E&&(m=c.charAt(E),m==="+"||m==="-")){var C=parseInt(c.substr(E+1,2),10),o=parseInt(c.substr(E+4,2),10),h=C*60+o;h*=6e4,m==="+"?a.setTime(+a-h):a.setTime(+a+h)}return a},e.generalizedTimeToDate=function(c){var a=new Date,v=parseInt(c.substr(0,4),10),l=parseInt(c.substr(4,2),10)-1,S=parseInt(c.substr(6,2),10),L=parseInt(c.substr(8,2),10),b=parseInt(c.substr(10,2),10),f=parseInt(c.substr(12,2),10),m=0,E=0,C=!1;c.charAt(c.length-1)==="Z"&&(C=!0);var o=c.length-5,h=c.charAt(o);if(h==="+"||h==="-"){var g=parseInt(c.substr(o+1,2),10),I=parseInt(c.substr(o+4,2),10);E=g*60+I,E*=6e4,h==="+"&&(E*=-1),C=!0}return c.charAt(14)==="."&&(m=parseFloat(c.substr(14),10)*1e3),C?(a.setUTCFullYear(v,l,S),a.setUTCHours(L,b,f,m),a.setTime(+a+E)):(a.setFullYear(v,l,S),a.setHours(L,b,f,m)),a},e.dateToUtcTime=function(c){if(typeof c=="string")return c;var a="",v=[];v.push((""+c.getUTCFullYear()).substr(2)),v.push(""+(c.getUTCMonth()+1)),v.push(""+c.getUTCDate()),v.push(""+c.getUTCHours()),v.push(""+c.getUTCMinutes()),v.push(""+c.getUTCSeconds());for(var l=0;l<v.length;++l)v[l].length<2&&(a+="0"),a+=v[l];return a+="Z",a},e.dateToGeneralizedTime=function(c){if(typeof c=="string")return c;var a="",v=[];v.push(""+c.getUTCFullYear()),v.push(""+(c.getUTCMonth()+1)),v.push(""+c.getUTCDate()),v.push(""+c.getUTCHours()),v.push(""+c.getUTCMinutes()),v.push(""+c.getUTCSeconds());for(var l=0;l<v.length;++l)v[l].length<2&&(a+="0"),a+=v[l];return a+="Z",a},e.integerToDer=function(c){var a=t.util.createBuffer();if(c>=-128&&c<128)return a.putSignedInt(c,8);if(c>=-32768&&c<32768)return a.putSignedInt(c,16);if(c>=-8388608&&c<8388608)return a.putSignedInt(c,24);if(c>=-2147483648&&c<2147483648)return a.putSignedInt(c,32);var v=new Error("Integer too large; max is 32-bits.");throw v.integer=c,v},e.derToInteger=function(c){typeof c=="string"&&(c=t.util.createBuffer(c));var a=c.length()*8;if(a>32)throw new Error("Integer too large; max is 32-bits.");return c.getSignedInt(a)},e.validate=function(c,a,v,l){var S=!1;if((c.tagClass===a.tagClass||typeof a.tagClass>"u")&&(c.type===a.type||typeof a.type>"u"))if(c.constructed===a.constructed||typeof a.constructed>"u"){if(S=!0,a.value&&t.util.isArray(a.value))for(var L=0,b=0;S&&b<a.value.length;++b){var f=a.value[b];S=!!f.optional;var m=c.value[L];if(!m){f.optional||(S=!1,l&&l.push("["+a.name+'] Missing required element. Expected tag class "'+f.tagClass+'", type "'+f.type+'"'));continue}var E=typeof f.tagClass<"u"&&typeof f.type<"u";if(E&&(m.tagClass!==f.tagClass||m.type!==f.type))if(f.optional){S=!0;continue}else{S=!1,l&&l.push("["+a.name+"] Tag mismatch. Expected ("+f.tagClass+","+f.type+"), got ("+m.tagClass+","+m.type+")");break}var C=e.validate(m,f,v,l);if(C)++L,S=!0;else if(f.optional)S=!0;else{S=!1;break}}if(S&&v&&(a.capture&&(v[a.capture]=c.value),a.captureAsn1&&(v[a.captureAsn1]=c),a.captureBitStringContents&&"bitStringContents"in c&&(v[a.captureBitStringContents]=c.bitStringContents),a.captureBitStringValue&&"bitStringContents"in c))if(c.bitStringContents.length<2)v[a.captureBitStringValue]="";else{var o=c.bitStringContents.charCodeAt(0);if(o!==0)throw new Error("captureBitStringValue only supported for zero unused bits");v[a.captureBitStringValue]=c.bitStringContents.slice(1)}}else l&&l.push("["+a.name+'] Expected constructed "'+a.constructed+'", got "'+c.constructed+'"');else l&&(c.tagClass!==a.tagClass&&l.push("["+a.name+'] Expected tag class "'+a.tagClass+'", got "'+c.tagClass+'"'),c.type!==a.type&&l.push("["+a.name+'] Expected type "'+a.type+'", got "'+c.type+'"'));return S};var y=/[^\\u0000-\\u00ff]/;return e.prettyPrint=function(c,a,v){var l="";a=a||0,v=v||2,a>0&&(l+=`
5
+ `);for(var S="",L=0;L<a*v;++L)S+=" ";switch(l+=S+"Tag: ",c.tagClass){case e.Class.UNIVERSAL:l+="Universal:";break;case e.Class.APPLICATION:l+="Application:";break;case e.Class.CONTEXT_SPECIFIC:l+="Context-Specific:";break;case e.Class.PRIVATE:l+="Private:";break}if(c.tagClass===e.Class.UNIVERSAL)switch(l+=c.type,c.type){case e.Type.NONE:l+=" (None)";break;case e.Type.BOOLEAN:l+=" (Boolean)";break;case e.Type.INTEGER:l+=" (Integer)";break;case e.Type.BITSTRING:l+=" (Bit string)";break;case e.Type.OCTETSTRING:l+=" (Octet string)";break;case e.Type.NULL:l+=" (Null)";break;case e.Type.OID:l+=" (Object Identifier)";break;case e.Type.ODESC:l+=" (Object Descriptor)";break;case e.Type.EXTERNAL:l+=" (External or Instance of)";break;case e.Type.REAL:l+=" (Real)";break;case e.Type.ENUMERATED:l+=" (Enumerated)";break;case e.Type.EMBEDDED:l+=" (Embedded PDV)";break;case e.Type.UTF8:l+=" (UTF8)";break;case e.Type.ROID:l+=" (Relative Object Identifier)";break;case e.Type.SEQUENCE:l+=" (Sequence)";break;case e.Type.SET:l+=" (Set)";break;case e.Type.PRINTABLESTRING:l+=" (Printable String)";break;case e.Type.IA5String:l+=" (IA5String (ASCII))";break;case e.Type.UTCTIME:l+=" (UTC time)";break;case e.Type.GENERALIZEDTIME:l+=" (Generalized time)";break;case e.Type.BMPSTRING:l+=" (BMP String)";break}else l+=c.type;if(l+=`
6
+ `,l+=S+"Constructed: "+c.constructed+`
7
+ `,c.composed){for(var b=0,f="",L=0;L<c.value.length;++L)c.value[L]!==void 0&&(b+=1,f+=e.prettyPrint(c.value[L],a+1,v),L+1<c.value.length&&(f+=","));l+=S+"Sub values: "+b+f}else{if(l+=S+"Value: ",c.type===e.Type.OID){var m=e.derToOid(c.value);l+=m,t.pki&&t.pki.oids&&m in t.pki.oids&&(l+=" ("+t.pki.oids[m]+") ")}if(c.type===e.Type.INTEGER)try{l+=e.derToInteger(c.value)}catch{l+="0x"+t.util.bytesToHex(c.value)}else if(c.type===e.Type.BITSTRING){if(c.value.length>1?l+="0x"+t.util.bytesToHex(c.value.slice(1)):l+="(none)",c.value.length>0){var E=c.value.charCodeAt(0);E==1?l+=" (1 unused bit shown)":E>1&&(l+=" ("+E+" unused bits shown)")}}else if(c.type===e.Type.OCTETSTRING)y.test(c.value)||(l+="("+c.value+") "),l+="0x"+t.util.bytesToHex(c.value);else if(c.type===e.Type.UTF8)try{l+=t.util.decodeUtf8(c.value)}catch(C){if(C.message==="URI malformed")l+="0x"+t.util.bytesToHex(c.value)+" (malformed UTF8)";else throw C}else c.type===e.Type.PRINTABLESTRING||c.type===e.Type.IA5String?l+=c.value:y.test(c.value)?l+="0x"+t.util.bytesToHex(c.value):c.value.length===0?l+="[null]":l+=c.value}return l},br.exports}var Ar={exports:{}},Ir,qa;function vt(){if(qa)return Ir;qa=1;var t=ye();return Ir=t.md=t.md||{},t.md.algorithms=t.md.algorithms||{},Ir}var Ha;function qt(){if(Ha)return Ar.exports;Ha=1;var t=ye();vt(),me();var e=Ar.exports=t.hmac=t.hmac||{};return e.create=function(){var r=null,i=null,p=null,y=null,c={};return c.start=function(a,v){if(a!==null)if(typeof a=="string")if(a=a.toLowerCase(),a in t.md.algorithms)i=t.md.algorithms[a].create();else throw new Error('Unknown hash algorithm "'+a+'"');else i=a;if(v===null)v=r;else{if(typeof v=="string")v=t.util.createBuffer(v);else if(t.util.isArray(v)){var l=v;v=t.util.createBuffer();for(var S=0;S<l.length;++S)v.putByte(l[S])}var L=v.length();L>i.blockLength&&(i.start(),i.update(v.bytes()),v=i.digest()),p=t.util.createBuffer(),y=t.util.createBuffer(),L=v.length();for(var S=0;S<L;++S){var l=v.at(S);p.putByte(54^l),y.putByte(92^l)}if(L<i.blockLength)for(var l=i.blockLength-L,S=0;S<l;++S)p.putByte(54),y.putByte(92);r=v,p=p.bytes(),y=y.bytes()}i.start(),i.update(p)},c.update=function(a){i.update(a)},c.getMac=function(){var a=i.digest().bytes();return i.start(),i.update(y),i.update(a),i.digest()},c.digest=c.getMac,c},Ar.exports}var Br={exports:{}},Ga;function ma(){if(Ga)return Br.exports;Ga=1;var t=ye();vt(),me();var e=Br.exports=t.md5=t.md5||{};t.md.md5=t.md.algorithms.md5=e,e.create=function(){c||a();var l=null,S=t.util.createBuffer(),L=new Array(16),b={algorithm:"md5",blockLength:64,digestLength:16,messageLength:0,fullMessageLength:null,messageLengthSize:8};return b.start=function(){b.messageLength=0,b.fullMessageLength=b.messageLength64=[];for(var f=b.messageLengthSize/4,m=0;m<f;++m)b.fullMessageLength.push(0);return S=t.util.createBuffer(),l={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878},b},b.start(),b.update=function(f,m){m==="utf8"&&(f=t.util.encodeUtf8(f));var E=f.length;b.messageLength+=E,E=[E/4294967296>>>0,E>>>0];for(var C=b.fullMessageLength.length-1;C>=0;--C)b.fullMessageLength[C]+=E[1],E[1]=E[0]+(b.fullMessageLength[C]/4294967296>>>0),b.fullMessageLength[C]=b.fullMessageLength[C]>>>0,E[0]=E[1]/4294967296>>>0;return S.putBytes(f),v(l,L,S),(S.read>2048||S.length()===0)&&S.compact(),b},b.digest=function(){var f=t.util.createBuffer();f.putBytes(S.bytes());var m=b.fullMessageLength[b.fullMessageLength.length-1]+b.messageLengthSize,E=m&b.blockLength-1;f.putBytes(r.substr(0,b.blockLength-E));for(var C,o=0,h=b.fullMessageLength.length-1;h>=0;--h)C=b.fullMessageLength[h]*8+o,o=C/4294967296>>>0,f.putInt32Le(C>>>0);var g={h0:l.h0,h1:l.h1,h2:l.h2,h3:l.h3};v(g,L,f);var I=t.util.createBuffer();return I.putInt32Le(g.h0),I.putInt32Le(g.h1),I.putInt32Le(g.h2),I.putInt32Le(g.h3),I},b};var r=null,i=null,p=null,y=null,c=!1;function a(){r="€",r+=t.util.fillString("\0",64),i=[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,1,6,11,0,5,10,15,4,9,14,3,8,13,2,7,12,5,8,11,14,1,4,7,10,13,0,3,6,9,12,15,2,0,7,14,5,12,3,10,1,8,15,6,13,4,11,2,9],p=[7,12,17,22,7,12,17,22,7,12,17,22,7,12,17,22,5,9,14,20,5,9,14,20,5,9,14,20,5,9,14,20,4,11,16,23,4,11,16,23,4,11,16,23,4,11,16,23,6,10,15,21,6,10,15,21,6,10,15,21,6,10,15,21],y=new Array(64);for(var l=0;l<64;++l)y[l]=Math.floor(Math.abs(Math.sin(l+1))*4294967296);c=!0}function v(l,S,L){for(var b,f,m,E,C,o,h,g,I=L.length();I>=64;){for(f=l.h0,m=l.h1,E=l.h2,C=l.h3,g=0;g<16;++g)S[g]=L.getInt32Le(),o=C^m&(E^C),b=f+o+y[g]+S[g],h=p[g],f=C,C=E,E=m,m+=b<<h|b>>>32-h;for(;g<32;++g)o=E^C&(m^E),b=f+o+y[g]+S[i[g]],h=p[g],f=C,C=E,E=m,m+=b<<h|b>>>32-h;for(;g<48;++g)o=m^E^C,b=f+o+y[g]+S[i[g]],h=p[g],f=C,C=E,E=m,m+=b<<h|b>>>32-h;for(;g<64;++g)o=E^(m|~C),b=f+o+y[g]+S[i[g]],h=p[g],f=C,C=E,E=m,m+=b<<h|b>>>32-h;l.h0=l.h0+f|0,l.h1=l.h1+m|0,l.h2=l.h2+E|0,l.h3=l.h3+C|0,I-=64}}return Br.exports}var wr={exports:{}},za;function Pt(){if(za)return wr.exports;za=1;var t=ye();me();var e=wr.exports=t.pem=t.pem||{};e.encode=function(p,y){y=y||{};var c="-----BEGIN "+p.type+`-----\r
8
+ `,a;if(p.procType&&(a={name:"Proc-Type",values:[String(p.procType.version),p.procType.type]},c+=r(a)),p.contentDomain&&(a={name:"Content-Domain",values:[p.contentDomain]},c+=r(a)),p.dekInfo&&(a={name:"DEK-Info",values:[p.dekInfo.algorithm]},p.dekInfo.parameters&&a.values.push(p.dekInfo.parameters),c+=r(a)),p.headers)for(var v=0;v<p.headers.length;++v)c+=r(p.headers[v]);return p.procType&&(c+=`\r
9
+ `),c+=t.util.encode64(p.body,y.maxline||64)+`\r
10
+ `,c+="-----END "+p.type+`-----\r
11
+ `,c},e.decode=function(p){for(var y=[],c=/\s*-----BEGIN ([A-Z0-9- ]+)-----\r?\n?([\x21-\x7e\s]+?(?:\r?\n\r?\n))?([:A-Za-z0-9+\/=\s]+?)-----END \1-----/g,a=/([\x21-\x7e]+):\s*([\x21-\x7e\s^:]+)/,v=/\r?\n/,l;l=c.exec(p),!!l;){var S=l[1];S==="NEW CERTIFICATE REQUEST"&&(S="CERTIFICATE REQUEST");var L={type:S,procType:null,contentDomain:null,dekInfo:null,headers:[],body:t.util.decode64(l[3])};if(y.push(L),!!l[2]){for(var b=l[2].split(v),f=0;l&&f<b.length;){for(var m=b[f].replace(/\s+$/,""),E=f+1;E<b.length;++E){var C=b[E];if(!/\s/.test(C[0]))break;m+=C,f=E}if(l=m.match(a),l){for(var o={name:l[1],values:[]},h=l[2].split(","),g=0;g<h.length;++g)o.values.push(i(h[g]));if(L.procType)if(!L.contentDomain&&o.name==="Content-Domain")L.contentDomain=h[0]||"";else if(!L.dekInfo&&o.name==="DEK-Info"){if(o.values.length===0)throw new Error('Invalid PEM formatted message. The "DEK-Info" header must have at least one subfield.');L.dekInfo={algorithm:h[0],parameters:h[1]||null}}else L.headers.push(o);else{if(o.name!=="Proc-Type")throw new Error('Invalid PEM formatted message. The first encapsulated header must be "Proc-Type".');if(o.values.length!==2)throw new Error('Invalid PEM formatted message. The "Proc-Type" header must have two subfields.');L.procType={version:h[0],type:h[1]}}}++f}if(L.procType==="ENCRYPTED"&&!L.dekInfo)throw new Error('Invalid PEM formatted message. The "DEK-Info" header must be present if "Proc-Type" is "ENCRYPTED".')}}if(y.length===0)throw new Error("Invalid PEM formatted message.");return y};function r(p){for(var y=p.name+": ",c=[],a=function(b,f){return" "+f},v=0;v<p.values.length;++v)c.push(p.values[v].replace(/^(\S+\r\n)/,a));y+=c.join(",")+`\r
12
+ `;for(var l=0,S=-1,v=0;v<y.length;++v,++l)if(l>65&&S!==-1){var L=y[S];L===","?(++S,y=y.substr(0,S)+`\r
13
+ `+y.substr(S)):y=y.substr(0,S)+`\r
14
+ `+L+y.substr(S+1),l=v-S-1,S=-1,++v}else(y[v]===" "||y[v]===" "||y[v]===",")&&(S=v);return y}function i(p){return p.replace(/^\s+/,"")}return wr.exports}var Nr={exports:{}},Rr,Qa;function or(){if(Qa)return Rr;Qa=1;var t=ye();ga(),Xn(),me(),Rr=t.des=t.des||{},t.des.startEncrypting=function(f,m,E,C){var o=b({key:f,output:E,decrypt:!1,mode:C||(m===null?"ECB":"CBC")});return o.start(m),o},t.des.createEncryptionCipher=function(f,m){return b({key:f,output:null,decrypt:!1,mode:m})},t.des.startDecrypting=function(f,m,E,C){var o=b({key:f,output:E,decrypt:!0,mode:C||(m===null?"ECB":"CBC")});return o.start(m),o},t.des.createDecryptionCipher=function(f,m){return b({key:f,output:null,decrypt:!0,mode:m})},t.des.Algorithm=function(f,m){var E=this;E.name=f,E.mode=new m({blockSize:8,cipher:{encrypt:function(C,o){return L(E._keys,C,o,!1)},decrypt:function(C,o){return L(E._keys,C,o,!0)}}}),E._init=!1},t.des.Algorithm.prototype.initialize=function(f){if(!this._init){var m=t.util.createBuffer(f.key);if(this.name.indexOf("3DES")===0&&m.length()!==24)throw new Error("Invalid Triple-DES key size: "+m.length()*8);this._keys=S(m),this._init=!0}},e("DES-ECB",t.cipher.modes.ecb),e("DES-CBC",t.cipher.modes.cbc),e("DES-CFB",t.cipher.modes.cfb),e("DES-OFB",t.cipher.modes.ofb),e("DES-CTR",t.cipher.modes.ctr),e("3DES-ECB",t.cipher.modes.ecb),e("3DES-CBC",t.cipher.modes.cbc),e("3DES-CFB",t.cipher.modes.cfb),e("3DES-OFB",t.cipher.modes.ofb),e("3DES-CTR",t.cipher.modes.ctr);function e(f,m){var E=function(){return new t.des.Algorithm(f,m)};t.cipher.registerAlgorithm(f,E)}var r=[16843776,0,65536,16843780,16842756,66564,4,65536,1024,16843776,16843780,1024,16778244,16842756,16777216,4,1028,16778240,16778240,66560,66560,16842752,16842752,16778244,65540,16777220,16777220,65540,0,1028,66564,16777216,65536,16843780,4,16842752,16843776,16777216,16777216,1024,16842756,65536,66560,16777220,1024,4,16778244,66564,16843780,65540,16842752,16778244,16777220,1028,66564,16843776,1028,16778240,16778240,0,65540,66560,0,16842756],i=[-2146402272,-2147450880,32768,1081376,1048576,32,-2146435040,-2147450848,-2147483616,-2146402272,-2146402304,-2147483648,-2147450880,1048576,32,-2146435040,1081344,1048608,-2147450848,0,-2147483648,32768,1081376,-2146435072,1048608,-2147483616,0,1081344,32800,-2146402304,-2146435072,32800,0,1081376,-2146435040,1048576,-2147450848,-2146435072,-2146402304,32768,-2146435072,-2147450880,32,-2146402272,1081376,32,32768,-2147483648,32800,-2146402304,1048576,-2147483616,1048608,-2147450848,-2147483616,1048608,1081344,0,-2147450880,32800,-2147483648,-2146435040,-2146402272,1081344],p=[520,134349312,0,134348808,134218240,0,131592,134218240,131080,134217736,134217736,131072,134349320,131080,134348800,520,134217728,8,134349312,512,131584,134348800,134348808,131592,134218248,131584,131072,134218248,8,134349320,512,134217728,134349312,134217728,131080,520,131072,134349312,134218240,0,512,131080,134349320,134218240,134217736,512,0,134348808,134218248,131072,134217728,134349320,8,131592,131584,134217736,134348800,134218248,520,134348800,131592,8,134348808,131584],y=[8396801,8321,8321,128,8396928,8388737,8388609,8193,0,8396800,8396800,8396929,129,0,8388736,8388609,1,8192,8388608,8396801,128,8388608,8193,8320,8388737,1,8320,8388736,8192,8396928,8396929,129,8388736,8388609,8396800,8396929,129,0,0,8396800,8320,8388736,8388737,1,8396801,8321,8321,128,8396929,129,1,8192,8388609,8193,8396928,8388737,8193,8320,8388608,8396801,128,8388608,8192,8396928],c=[256,34078976,34078720,1107296512,524288,256,1073741824,34078720,1074266368,524288,33554688,1074266368,1107296512,1107820544,524544,1073741824,33554432,1074266112,1074266112,0,1073742080,1107820800,1107820800,33554688,1107820544,1073742080,0,1107296256,34078976,33554432,1107296256,524544,524288,1107296512,256,33554432,1073741824,34078720,1107296512,1074266368,33554688,1073741824,1107820544,34078976,1074266368,256,33554432,1107820544,1107820800,524544,1107296256,1107820800,34078720,0,1074266112,1107296256,524544,33554688,1073742080,524288,0,1074266112,34078976,1073742080],a=[536870928,541065216,16384,541081616,541065216,16,541081616,4194304,536887296,4210704,4194304,536870928,4194320,536887296,536870912,16400,0,4194320,536887312,16384,4210688,536887312,16,541065232,541065232,0,4210704,541081600,16400,4210688,541081600,536870912,536887296,16,541065232,4210688,541081616,4194304,16400,536870928,4194304,536887296,536870912,16400,536870928,541081616,4210688,541065216,4210704,541081600,0,541065232,16,16384,541065216,4210704,16384,4194320,536887312,0,541081600,536870912,4194320,536887312],v=[2097152,69206018,67110914,0,2048,67110914,2099202,69208064,69208066,2097152,0,67108866,2,67108864,69206018,2050,67110912,2099202,2097154,67110912,67108866,69206016,69208064,2097154,69206016,2048,2050,69208066,2099200,2,67108864,2099200,67108864,2099200,2097152,67110914,67110914,69206018,69206018,2,2097154,67108864,67110912,2097152,69208064,2050,2099202,69208064,2050,67108866,69208066,69206016,2099200,0,2,69208066,0,2099202,69206016,2048,67108866,67110912,2048,2097154],l=[268439616,4096,262144,268701760,268435456,268439616,64,268435456,262208,268697600,268701760,266240,268701696,266304,4096,64,268697600,268435520,268439552,4160,266240,262208,268697664,268701696,4160,0,0,268697664,268435520,268439552,266304,262144,266304,262144,268701696,4096,64,268697664,4096,266304,268439552,64,268435520,268697600,268697664,268435456,262144,268439616,0,268701760,262208,268435520,268697600,268439552,268439616,0,268701760,266240,266240,4160,4160,262208,268435456,268701696];function S(f){for(var m=[0,4,536870912,536870916,65536,65540,536936448,536936452,512,516,536871424,536871428,66048,66052,536936960,536936964],E=[0,1,1048576,1048577,67108864,67108865,68157440,68157441,256,257,1048832,1048833,67109120,67109121,68157696,68157697],C=[0,8,2048,2056,16777216,16777224,16779264,16779272,0,8,2048,2056,16777216,16777224,16779264,16779272],o=[0,2097152,134217728,136314880,8192,2105344,134225920,136323072,131072,2228224,134348800,136445952,139264,2236416,134356992,136454144],h=[0,262144,16,262160,0,262144,16,262160,4096,266240,4112,266256,4096,266240,4112,266256],g=[0,1024,32,1056,0,1024,32,1056,33554432,33555456,33554464,33555488,33554432,33555456,33554464,33555488],I=[0,268435456,524288,268959744,2,268435458,524290,268959746,0,268435456,524288,268959744,2,268435458,524290,268959746],_=[0,65536,2048,67584,536870912,536936448,536872960,536938496,131072,196608,133120,198656,537001984,537067520,537004032,537069568],d=[0,262144,0,262144,2,262146,2,262146,33554432,33816576,33554432,33816576,33554434,33816578,33554434,33816578],s=[0,268435456,8,268435464,0,268435456,8,268435464,1024,268436480,1032,268436488,1024,268436480,1032,268436488],n=[0,32,0,32,1048576,1048608,1048576,1048608,8192,8224,8192,8224,1056768,1056800,1056768,1056800],B=[0,16777216,512,16777728,2097152,18874368,2097664,18874880,67108864,83886080,67109376,83886592,69206016,85983232,69206528,85983744],U=[0,4096,134217728,134221824,524288,528384,134742016,134746112,16,4112,134217744,134221840,524304,528400,134742032,134746128],O=[0,4,256,260,0,4,256,260,1,5,257,261,1,5,257,261],P=f.length()>8?3:1,F=[],q=[0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0],M=0,H,Q=0;Q<P;Q++){var j=f.getInt32(),J=f.getInt32();H=(j>>>4^J)&252645135,J^=H,j^=H<<4,H=(J>>>-16^j)&65535,j^=H,J^=H<<-16,H=(j>>>2^J)&858993459,J^=H,j^=H<<2,H=(J>>>-16^j)&65535,j^=H,J^=H<<-16,H=(j>>>1^J)&1431655765,J^=H,j^=H<<1,H=(J>>>8^j)&16711935,j^=H,J^=H<<8,H=(j>>>1^J)&1431655765,J^=H,j^=H<<1,H=j<<8|J>>>20&240,j=J<<24|J<<8&16711680|J>>>8&65280|J>>>24&240,J=H;for(var ce=0;ce<q.length;++ce){q[ce]?(j=j<<2|j>>>26,J=J<<2|J>>>26):(j=j<<1|j>>>27,J=J<<1|J>>>27),j&=-15,J&=-15;var se=m[j>>>28]|E[j>>>24&15]|C[j>>>20&15]|o[j>>>16&15]|h[j>>>12&15]|g[j>>>8&15]|I[j>>>4&15],ge=_[J>>>28]|d[J>>>24&15]|s[J>>>20&15]|n[J>>>16&15]|B[J>>>12&15]|U[J>>>8&15]|O[J>>>4&15];H=(ge>>>16^se)&65535,F[M++]=se^H,F[M++]=ge^H<<16}}return F}function L(f,m,E,C){var o=f.length===32?3:9,h;o===3?h=C?[30,-2,-2]:[0,32,2]:h=C?[94,62,-2,32,64,2,30,-2,-2]:[0,32,2,62,30,-2,64,96,2];var g,I=m[0],_=m[1];g=(I>>>4^_)&252645135,_^=g,I^=g<<4,g=(I>>>16^_)&65535,_^=g,I^=g<<16,g=(_>>>2^I)&858993459,I^=g,_^=g<<2,g=(_>>>8^I)&16711935,I^=g,_^=g<<8,g=(I>>>1^_)&1431655765,_^=g,I^=g<<1,I=I<<1|I>>>31,_=_<<1|_>>>31;for(var d=0;d<o;d+=3){for(var s=h[d+1],n=h[d+2],B=h[d];B!=s;B+=n){var U=_^f[B],O=(_>>>4|_<<28)^f[B+1];g=I,I=_,_=g^(i[U>>>24&63]|y[U>>>16&63]|a[U>>>8&63]|l[U&63]|r[O>>>24&63]|p[O>>>16&63]|c[O>>>8&63]|v[O&63])}g=I,I=_,_=g}I=I>>>1|I<<31,_=_>>>1|_<<31,g=(I>>>1^_)&1431655765,_^=g,I^=g<<1,g=(_>>>8^I)&16711935,I^=g,_^=g<<8,g=(_>>>2^I)&858993459,I^=g,_^=g<<2,g=(I>>>16^_)&65535,_^=g,I^=g<<16,g=(I>>>4^_)&252645135,_^=g,I^=g<<4,E[0]=I,E[1]=_}function b(f){f=f||{};var m=(f.mode||"CBC").toUpperCase(),E="DES-"+m,C;f.decrypt?C=t.cipher.createDecipher(E,f.key):C=t.cipher.createCipher(E,f.key);var o=C.start;return C.start=function(h,g){var I=null;g instanceof t.util.ByteBuffer&&(I=g,g={}),g=g||{},g.output=I,g.iv=h,o.call(C,g)},C}return Rr}const Vs={},Os=Object.freeze(Object.defineProperty({__proto__:null,default:Vs},Symbol.toStringTag,{value:"Module"})),Ca=Ps(Os);var _r,$a;function Ea(){if($a)return _r;$a=1;var t=ye();qt(),vt(),me();var e=t.pkcs5=t.pkcs5||{},r;return t.util.isNodejs&&!t.options.usePureJavaScript&&(r=Ca),_r=t.pbkdf2=e.pbkdf2=function(i,p,y,c,a,v){if(typeof a=="function"&&(v=a,a=null),t.util.isNodejs&&!t.options.usePureJavaScript&&r.pbkdf2&&(a===null||typeof a!="object")&&(r.pbkdf2Sync.length>4||!a||a==="sha1"))return typeof a!="string"&&(a="sha1"),i=Buffer.from(i,"binary"),p=Buffer.from(p,"binary"),v?r.pbkdf2Sync.length===4?r.pbkdf2(i,p,y,c,function(d,s){if(d)return v(d);v(null,s.toString("binary"))}):r.pbkdf2(i,p,y,c,a,function(d,s){if(d)return v(d);v(null,s.toString("binary"))}):r.pbkdf2Sync.length===4?r.pbkdf2Sync(i,p,y,c).toString("binary"):r.pbkdf2Sync(i,p,y,c,a).toString("binary");if((typeof a>"u"||a===null)&&(a="sha1"),typeof a=="string"){if(!(a in t.md.algorithms))throw new Error("Unknown hash algorithm: "+a);a=t.md[a].create()}var l=a.digestLength;if(c>4294967295*l){var S=new Error("Derived key is too long.");if(v)return v(S);throw S}var L=Math.ceil(c/l),b=c-(L-1)*l,f=t.hmac.create();f.start(a,i);var m="",E,C,o;if(!v){for(var h=1;h<=L;++h){f.start(null,null),f.update(p),f.update(t.util.int32ToBytes(h)),E=o=f.digest().getBytes();for(var g=2;g<=y;++g)f.start(null,null),f.update(o),C=f.digest().getBytes(),E=t.util.xorBytes(E,C,l),o=C;m+=h<L?E:E.substr(0,b)}return m}var h=1,g;function I(){if(h>L)return v(null,m);f.start(null,null),f.update(p),f.update(t.util.int32ToBytes(h)),E=o=f.digest().getBytes(),g=2,_()}function _(){if(g<=y)return f.start(null,null),f.update(o),C=f.digest().getBytes(),E=t.util.xorBytes(E,C,l),o=C,++g,t.util.setImmediate(_);m+=h<L?E:E.substr(0,b),++h,I()}I()},_r}var Wt={exports:{}},Dr={exports:{}},Ya;function Zn(){if(Ya)return Dr.exports;Ya=1;var t=ye();vt(),me();var e=Dr.exports=t.sha256=t.sha256||{};t.md.sha256=t.md.algorithms.sha256=e,e.create=function(){i||y();var a=null,v=t.util.createBuffer(),l=new Array(64),S={algorithm:"sha256",blockLength:64,digestLength:32,messageLength:0,fullMessageLength:null,messageLengthSize:8};return S.start=function(){S.messageLength=0,S.fullMessageLength=S.messageLength64=[];for(var L=S.messageLengthSize/4,b=0;b<L;++b)S.fullMessageLength.push(0);return v=t.util.createBuffer(),a={h0:1779033703,h1:3144134277,h2:1013904242,h3:2773480762,h4:1359893119,h5:2600822924,h6:528734635,h7:1541459225},S},S.start(),S.update=function(L,b){b==="utf8"&&(L=t.util.encodeUtf8(L));var f=L.length;S.messageLength+=f,f=[f/4294967296>>>0,f>>>0];for(var m=S.fullMessageLength.length-1;m>=0;--m)S.fullMessageLength[m]+=f[1],f[1]=f[0]+(S.fullMessageLength[m]/4294967296>>>0),S.fullMessageLength[m]=S.fullMessageLength[m]>>>0,f[0]=f[1]/4294967296>>>0;return v.putBytes(L),c(a,l,v),(v.read>2048||v.length()===0)&&v.compact(),S},S.digest=function(){var L=t.util.createBuffer();L.putBytes(v.bytes());var b=S.fullMessageLength[S.fullMessageLength.length-1]+S.messageLengthSize,f=b&S.blockLength-1;L.putBytes(r.substr(0,S.blockLength-f));for(var m,E,C=S.fullMessageLength[0]*8,o=0;o<S.fullMessageLength.length-1;++o)m=S.fullMessageLength[o+1]*8,E=m/4294967296>>>0,C+=E,L.putInt32(C>>>0),C=m>>>0;L.putInt32(C);var h={h0:a.h0,h1:a.h1,h2:a.h2,h3:a.h3,h4:a.h4,h5:a.h5,h6:a.h6,h7:a.h7};c(h,l,L);var g=t.util.createBuffer();return g.putInt32(h.h0),g.putInt32(h.h1),g.putInt32(h.h2),g.putInt32(h.h3),g.putInt32(h.h4),g.putInt32(h.h5),g.putInt32(h.h6),g.putInt32(h.h7),g},S};var r=null,i=!1,p=null;function y(){r="€",r+=t.util.fillString("\0",64),p=[1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298],i=!0}function c(a,v,l){for(var S,L,b,f,m,E,C,o,h,g,I,_,d,s,n,B=l.length();B>=64;){for(C=0;C<16;++C)v[C]=l.getInt32();for(;C<64;++C)S=v[C-2],S=(S>>>17|S<<15)^(S>>>19|S<<13)^S>>>10,L=v[C-15],L=(L>>>7|L<<25)^(L>>>18|L<<14)^L>>>3,v[C]=S+v[C-7]+L+v[C-16]|0;for(o=a.h0,h=a.h1,g=a.h2,I=a.h3,_=a.h4,d=a.h5,s=a.h6,n=a.h7,C=0;C<64;++C)f=(_>>>6|_<<26)^(_>>>11|_<<21)^(_>>>25|_<<7),m=s^_&(d^s),b=(o>>>2|o<<30)^(o>>>13|o<<19)^(o>>>22|o<<10),E=o&h|g&(o^h),S=n+f+m+p[C]+v[C],L=b+E,n=s,s=d,d=_,_=I+S>>>0,I=g,g=h,h=o,o=S+L>>>0;a.h0=a.h0+o|0,a.h1=a.h1+h|0,a.h2=a.h2+g|0,a.h3=a.h3+I|0,a.h4=a.h4+_|0,a.h5=a.h5+d|0,a.h6=a.h6+s|0,a.h7=a.h7+n|0,B-=64}}return Dr.exports}var Lr={exports:{}},Wa;function Jn(){if(Wa)return Lr.exports;Wa=1;var t=ye();me();var e=null;t.util.isNodejs&&!t.options.usePureJavaScript&&!process.versions["node-webkit"]&&(e=Ca);var r=Lr.exports=t.prng=t.prng||{};return r.create=function(i){for(var p={plugin:i,key:null,seed:null,time:null,reseeds:0,generated:0,keyBytes:""},y=i.md,c=new Array(32),a=0;a<32;++a)c[a]=y.create();p.pools=c,p.pool=0,p.generate=function(b,f){if(!f)return p.generateSync(b);var m=p.plugin.cipher,E=p.plugin.increment,C=p.plugin.formatKey,o=p.plugin.formatSeed,h=t.util.createBuffer();p.key=null,g();function g(I){if(I)return f(I);if(h.length()>=b)return f(null,h.getBytes(b));if(p.generated>1048575&&(p.key=null),p.key===null)return t.util.nextTick(function(){v(g)});var _=m(p.key,p.seed);p.generated+=_.length,h.putBytes(_),p.key=C(m(p.key,E(p.seed))),p.seed=o(m(p.key,p.seed)),t.util.setImmediate(g)}},p.generateSync=function(b){var f=p.plugin.cipher,m=p.plugin.increment,E=p.plugin.formatKey,C=p.plugin.formatSeed;p.key=null;for(var o=t.util.createBuffer();o.length()<b;){p.generated>1048575&&(p.key=null),p.key===null&&l();var h=f(p.key,p.seed);p.generated+=h.length,o.putBytes(h),p.key=E(f(p.key,m(p.seed))),p.seed=C(f(p.key,p.seed))}return o.getBytes(b)};function v(b){if(p.pools[0].messageLength>=32)return S(),b();var f=32-p.pools[0].messageLength<<5;p.seedFile(f,function(m,E){if(m)return b(m);p.collect(E),S(),b()})}function l(){if(p.pools[0].messageLength>=32)return S();var b=32-p.pools[0].messageLength<<5;p.collect(p.seedFileSync(b)),S()}function S(){p.reseeds=p.reseeds===4294967295?0:p.reseeds+1;var b=p.plugin.md.create();b.update(p.keyBytes);for(var f=1,m=0;m<32;++m)p.reseeds%f===0&&(b.update(p.pools[m].digest().getBytes()),p.pools[m].start()),f=f<<1;p.keyBytes=b.digest().getBytes(),b.start(),b.update(p.keyBytes);var E=b.digest().getBytes();p.key=p.plugin.formatKey(p.keyBytes),p.seed=p.plugin.formatSeed(E),p.generated=0}function L(b){var f=null,m=t.util.globalScope,E=m.crypto||m.msCrypto;E&&E.getRandomValues&&(f=function(n){return E.getRandomValues(n)});var C=t.util.createBuffer();if(f)for(;C.length()<b;){var o=Math.max(1,Math.min(b-C.length(),65536)/4),h=new Uint32Array(Math.floor(o));try{f(h);for(var g=0;g<h.length;++g)C.putInt32(h[g])}catch(n){if(!(typeof QuotaExceededError<"u"&&n instanceof QuotaExceededError))throw n}}if(C.length()<b)for(var I,_,d,s=Math.floor(Math.random()*65536);C.length()<b;){_=16807*(s&65535),I=16807*(s>>16),_+=(I&32767)<<16,_+=I>>15,_=(_&2147483647)+(_>>31),s=_&4294967295;for(var g=0;g<3;++g)d=s>>>(g<<3),d^=Math.floor(Math.random()*256),C.putByte(d&255)}return C.getBytes(b)}return e?(p.seedFile=function(b,f){e.randomBytes(b,function(m,E){if(m)return f(m);f(null,E.toString())})},p.seedFileSync=function(b){return e.randomBytes(b).toString()}):(p.seedFile=function(b,f){try{f(null,L(b))}catch(m){f(m)}},p.seedFileSync=L),p.collect=function(b){for(var f=b.length,m=0;m<f;++m)p.pools[p.pool].update(b.substr(m,1)),p.pool=p.pool===31?0:p.pool+1},p.collectInt=function(b,f){for(var m="",E=0;E<f;E+=8)m+=String.fromCharCode(b>>E&255);p.collect(m)},p.registerWorker=function(b){if(b===self)p.seedFile=function(m,E){function C(o){var h=o.data;h.forge&&h.forge.prng&&(self.removeEventListener("message",C),E(h.forge.prng.err,h.forge.prng.bytes))}self.addEventListener("message",C),self.postMessage({forge:{prng:{needed:m}}})};else{var f=function(m){var E=m.data;E.forge&&E.forge.prng&&p.seedFile(E.forge.prng.needed,function(C,o){b.postMessage({forge:{prng:{err:C,bytes:o}}})})};b.addEventListener("message",f)}},p},Lr.exports}var ja;function ut(){if(ja)return Wt.exports;ja=1;var t=ye();return wt(),Zn(),Jn(),me(),(function(){if(t.random&&t.random.getBytes){Wt.exports=t.random;return}(function(e){var r={},i=new Array(4),p=t.util.createBuffer();r.formatKey=function(b){var f=t.util.createBuffer(b);return b=new Array(4),b[0]=f.getInt32(),b[1]=f.getInt32(),b[2]=f.getInt32(),b[3]=f.getInt32(),t.aes._expandKey(b,!1)},r.formatSeed=function(b){var f=t.util.createBuffer(b);return b=new Array(4),b[0]=f.getInt32(),b[1]=f.getInt32(),b[2]=f.getInt32(),b[3]=f.getInt32(),b},r.cipher=function(b,f){return t.aes._updateBlock(b,f,i,!1),p.putInt32(i[0]),p.putInt32(i[1]),p.putInt32(i[2]),p.putInt32(i[3]),p.getBytes()},r.increment=function(b){return++b[3],b},r.md=t.md.sha256;function y(){var b=t.prng.create(r);return b.getBytes=function(f,m){return b.generate(f,m)},b.getBytesSync=function(f){return b.generate(f)},b}var c=y(),a=null,v=t.util.globalScope,l=v.crypto||v.msCrypto;if(l&&l.getRandomValues&&(a=function(b){return l.getRandomValues(b)}),t.options.usePureJavaScript||!t.util.isNodejs&&!a){if(c.collectInt(+new Date,32),typeof navigator<"u"){var S="";for(var L in navigator)try{typeof navigator[L]=="string"&&(S+=navigator[L])}catch{}c.collect(S),S=null}e&&(e().mousemove(function(b){c.collectInt(b.clientX,16),c.collectInt(b.clientY,16)}),e().keypress(function(b){c.collectInt(b.charCode,8)}))}if(!t.random)t.random=c;else for(var L in c)t.random[L]=c[L];t.random.createInstance=y,Wt.exports=t.random})(typeof jQuery<"u"?jQuery:null)})(),Wt.exports}var Ur,Xa;function ei(){if(Xa)return Ur;Xa=1;var t=ye();me();var e=[217,120,249,196,25,221,181,237,40,233,253,121,74,160,216,157,198,126,55,131,43,118,83,142,98,76,100,136,68,139,251,162,23,154,89,245,135,179,79,19,97,69,109,141,9,129,125,50,189,143,64,235,134,183,123,11,240,149,33,34,92,107,78,130,84,214,101,147,206,96,178,28,115,86,192,20,167,140,241,220,18,117,202,31,59,190,228,209,66,61,212,48,163,60,182,38,111,191,14,218,70,105,7,87,39,242,29,155,188,148,67,3,248,17,199,246,144,239,62,231,6,195,213,47,200,102,30,215,8,232,234,222,128,82,238,247,132,170,114,172,53,77,106,42,150,26,210,113,90,21,73,116,75,159,208,94,4,24,164,236,194,224,65,110,15,81,203,204,36,145,175,80,161,244,112,57,153,124,58,133,35,184,180,122,252,2,54,91,37,85,151,49,45,93,250,152,227,138,146,174,5,223,41,16,103,108,186,201,211,0,230,207,225,158,168,44,99,22,1,63,88,226,137,169,13,56,52,27,171,51,255,176,187,72,12,95,185,177,205,46,197,243,219,71,229,165,156,119,10,166,32,104,254,127,193,173],r=[1,2,3,5],i=function(c,a){return c<<a&65535|(c&65535)>>16-a},p=function(c,a){return(c&65535)>>a|c<<16-a&65535};Ur=t.rc2=t.rc2||{},t.rc2.expandKey=function(c,a){typeof c=="string"&&(c=t.util.createBuffer(c)),a=a||128;var v=c,l=c.length(),S=a,L=Math.ceil(S/8),b=255>>(S&7),f;for(f=l;f<128;f++)v.putByte(e[v.at(f-1)+v.at(f-l)&255]);for(v.setAt(128-L,e[v.at(128-L)&b]),f=127-L;f>=0;f--)v.setAt(f,e[v.at(f+1)^v.at(f+L)]);return v};var y=function(c,a,v){var l=!1,S=null,L=null,b=null,f,m,E,C,o=[];for(c=t.rc2.expandKey(c,a),E=0;E<64;E++)o.push(c.getInt16Le());v?(f=function(I){for(E=0;E<4;E++)I[E]+=o[C]+(I[(E+3)%4]&I[(E+2)%4])+(~I[(E+3)%4]&I[(E+1)%4]),I[E]=i(I[E],r[E]),C++},m=function(I){for(E=0;E<4;E++)I[E]+=o[I[(E+3)%4]&63]}):(f=function(I){for(E=3;E>=0;E--)I[E]=p(I[E],r[E]),I[E]-=o[C]+(I[(E+3)%4]&I[(E+2)%4])+(~I[(E+3)%4]&I[(E+1)%4]),C--},m=function(I){for(E=3;E>=0;E--)I[E]-=o[I[(E+3)%4]&63]});var h=function(I){var _=[];for(E=0;E<4;E++){var d=S.getInt16Le();b!==null&&(v?d^=b.getInt16Le():b.putInt16Le(d)),_.push(d&65535)}C=v?0:63;for(var s=0;s<I.length;s++)for(var n=0;n<I[s][0];n++)I[s][1](_);for(E=0;E<4;E++)b!==null&&(v?b.putInt16Le(_[E]):_[E]^=b.getInt16Le()),L.putInt16Le(_[E])},g=null;return g={start:function(I,_){I&&typeof I=="string"&&(I=t.util.createBuffer(I)),l=!1,S=t.util.createBuffer(),L=_||new t.util.createBuffer,b=I,g.output=L},update:function(I){for(l||S.putBuffer(I);S.length()>=8;)h([[5,f],[1,m],[6,f],[1,m],[5,f]])},finish:function(I){var _=!0;if(v)if(I)_=I(8,S,!v);else{var d=S.length()===8?8:8-S.length();S.fillWithByte(d,d)}if(_&&(l=!0,g.update()),!v&&(_=S.length()===0,_))if(I)_=I(8,L,!v);else{var s=L.length(),n=L.at(s-1);n>s?_=!1:L.truncate(n)}return _}},g};return t.rc2.startEncrypting=function(c,a,v){var l=t.rc2.createEncryptionCipher(c,128);return l.start(a,v),l},t.rc2.createEncryptionCipher=function(c,a){return y(c,a,!0)},t.rc2.startDecrypting=function(c,a,v){var l=t.rc2.createDecryptionCipher(c,128);return l.start(a,v),l},t.rc2.createDecryptionCipher=function(c,a){return y(c,a,!1)},Ur}var Pr,Za;function cr(){if(Za)return Pr;Za=1;var t=ye();Pr=t.jsbn=t.jsbn||{};var e;function r(A,w,k){this.data=[],A!=null&&(typeof A=="number"?this.fromNumber(A,w,k):w==null&&typeof A!="string"?this.fromString(A,256):this.fromString(A,w))}t.jsbn.BigInteger=r;function i(){return new r(null)}function p(A,w,k,K,$,Y){for(;--Y>=0;){var ie=w*this.data[A++]+k.data[K]+$;$=Math.floor(ie/67108864),k.data[K++]=ie&67108863}return $}function y(A,w,k,K,$,Y){for(var ie=w&32767,te=w>>15;--Y>=0;){var Ee=this.data[A]&32767,ze=this.data[A++]>>15,it=te*Ee+ze*ie;Ee=ie*Ee+((it&32767)<<15)+k.data[K]+($&1073741823),$=(Ee>>>30)+(it>>>15)+te*ze+($>>>30),k.data[K++]=Ee&1073741823}return $}function c(A,w,k,K,$,Y){for(var ie=w&16383,te=w>>14;--Y>=0;){var Ee=this.data[A]&16383,ze=this.data[A++]>>14,it=te*Ee+ze*ie;Ee=ie*Ee+((it&16383)<<14)+k.data[K]+$,$=(Ee>>28)+(it>>14)+te*ze,k.data[K++]=Ee&268435455}return $}typeof navigator>"u"?(r.prototype.am=c,e=28):navigator.appName=="Microsoft Internet Explorer"?(r.prototype.am=y,e=30):navigator.appName!="Netscape"?(r.prototype.am=p,e=26):(r.prototype.am=c,e=28),r.prototype.DB=e,r.prototype.DM=(1<<e)-1,r.prototype.DV=1<<e;var a=52;r.prototype.FV=Math.pow(2,a),r.prototype.F1=a-e,r.prototype.F2=2*e-a;var v="0123456789abcdefghijklmnopqrstuvwxyz",l=new Array,S,L;for(S=48,L=0;L<=9;++L)l[S++]=L;for(S=97,L=10;L<36;++L)l[S++]=L;for(S=65,L=10;L<36;++L)l[S++]=L;function b(A){return v.charAt(A)}function f(A,w){var k=l[A.charCodeAt(w)];return k??-1}function m(A){for(var w=this.t-1;w>=0;--w)A.data[w]=this.data[w];A.t=this.t,A.s=this.s}function E(A){this.t=1,this.s=A<0?-1:0,A>0?this.data[0]=A:A<-1?this.data[0]=A+this.DV:this.t=0}function C(A){var w=i();return w.fromInt(A),w}function o(A,w){var k;if(w==16)k=4;else if(w==8)k=3;else if(w==256)k=8;else if(w==2)k=1;else if(w==32)k=5;else if(w==4)k=2;else{this.fromRadix(A,w);return}this.t=0,this.s=0;for(var K=A.length,$=!1,Y=0;--K>=0;){var ie=k==8?A[K]&255:f(A,K);if(ie<0){A.charAt(K)=="-"&&($=!0);continue}$=!1,Y==0?this.data[this.t++]=ie:Y+k>this.DB?(this.data[this.t-1]|=(ie&(1<<this.DB-Y)-1)<<Y,this.data[this.t++]=ie>>this.DB-Y):this.data[this.t-1]|=ie<<Y,Y+=k,Y>=this.DB&&(Y-=this.DB)}k==8&&(A[0]&128)!=0&&(this.s=-1,Y>0&&(this.data[this.t-1]|=(1<<this.DB-Y)-1<<Y)),this.clamp(),$&&r.ZERO.subTo(this,this)}function h(){for(var A=this.s&this.DM;this.t>0&&this.data[this.t-1]==A;)--this.t}function g(A){if(this.s<0)return"-"+this.negate().toString(A);var w;if(A==16)w=4;else if(A==8)w=3;else if(A==2)w=1;else if(A==32)w=5;else if(A==4)w=2;else return this.toRadix(A);var k=(1<<w)-1,K,$=!1,Y="",ie=this.t,te=this.DB-ie*this.DB%w;if(ie-- >0)for(te<this.DB&&(K=this.data[ie]>>te)>0&&($=!0,Y=b(K));ie>=0;)te<w?(K=(this.data[ie]&(1<<te)-1)<<w-te,K|=this.data[--ie]>>(te+=this.DB-w)):(K=this.data[ie]>>(te-=w)&k,te<=0&&(te+=this.DB,--ie)),K>0&&($=!0),$&&(Y+=b(K));return $?Y:"0"}function I(){var A=i();return r.ZERO.subTo(this,A),A}function _(){return this.s<0?this.negate():this}function d(A){var w=this.s-A.s;if(w!=0)return w;var k=this.t;if(w=k-A.t,w!=0)return this.s<0?-w:w;for(;--k>=0;)if((w=this.data[k]-A.data[k])!=0)return w;return 0}function s(A){var w=1,k;return(k=A>>>16)!=0&&(A=k,w+=16),(k=A>>8)!=0&&(A=k,w+=8),(k=A>>4)!=0&&(A=k,w+=4),(k=A>>2)!=0&&(A=k,w+=2),(k=A>>1)!=0&&(A=k,w+=1),w}function n(){return this.t<=0?0:this.DB*(this.t-1)+s(this.data[this.t-1]^this.s&this.DM)}function B(A,w){var k;for(k=this.t-1;k>=0;--k)w.data[k+A]=this.data[k];for(k=A-1;k>=0;--k)w.data[k]=0;w.t=this.t+A,w.s=this.s}function U(A,w){for(var k=A;k<this.t;++k)w.data[k-A]=this.data[k];w.t=Math.max(this.t-A,0),w.s=this.s}function O(A,w){var k=A%this.DB,K=this.DB-k,$=(1<<K)-1,Y=Math.floor(A/this.DB),ie=this.s<<k&this.DM,te;for(te=this.t-1;te>=0;--te)w.data[te+Y+1]=this.data[te]>>K|ie,ie=(this.data[te]&$)<<k;for(te=Y-1;te>=0;--te)w.data[te]=0;w.data[Y]=ie,w.t=this.t+Y+1,w.s=this.s,w.clamp()}function P(A,w){w.s=this.s;var k=Math.floor(A/this.DB);if(k>=this.t){w.t=0;return}var K=A%this.DB,$=this.DB-K,Y=(1<<K)-1;w.data[0]=this.data[k]>>K;for(var ie=k+1;ie<this.t;++ie)w.data[ie-k-1]|=(this.data[ie]&Y)<<$,w.data[ie-k]=this.data[ie]>>K;K>0&&(w.data[this.t-k-1]|=(this.s&Y)<<$),w.t=this.t-k,w.clamp()}function F(A,w){for(var k=0,K=0,$=Math.min(A.t,this.t);k<$;)K+=this.data[k]-A.data[k],w.data[k++]=K&this.DM,K>>=this.DB;if(A.t<this.t){for(K-=A.s;k<this.t;)K+=this.data[k],w.data[k++]=K&this.DM,K>>=this.DB;K+=this.s}else{for(K+=this.s;k<A.t;)K-=A.data[k],w.data[k++]=K&this.DM,K>>=this.DB;K-=A.s}w.s=K<0?-1:0,K<-1?w.data[k++]=this.DV+K:K>0&&(w.data[k++]=K),w.t=k,w.clamp()}function q(A,w){var k=this.abs(),K=A.abs(),$=k.t;for(w.t=$+K.t;--$>=0;)w.data[$]=0;for($=0;$<K.t;++$)w.data[$+k.t]=k.am(0,K.data[$],w,$,0,k.t);w.s=0,w.clamp(),this.s!=A.s&&r.ZERO.subTo(w,w)}function M(A){for(var w=this.abs(),k=A.t=2*w.t;--k>=0;)A.data[k]=0;for(k=0;k<w.t-1;++k){var K=w.am(k,w.data[k],A,2*k,0,1);(A.data[k+w.t]+=w.am(k+1,2*w.data[k],A,2*k+1,K,w.t-k-1))>=w.DV&&(A.data[k+w.t]-=w.DV,A.data[k+w.t+1]=1)}A.t>0&&(A.data[A.t-1]+=w.am(k,w.data[k],A,2*k,0,1)),A.s=0,A.clamp()}function H(A,w,k){var K=A.abs();if(!(K.t<=0)){var $=this.abs();if($.t<K.t){w?.fromInt(0),k!=null&&this.copyTo(k);return}k==null&&(k=i());var Y=i(),ie=this.s,te=A.s,Ee=this.DB-s(K.data[K.t-1]);Ee>0?(K.lShiftTo(Ee,Y),$.lShiftTo(Ee,k)):(K.copyTo(Y),$.copyTo(k));var ze=Y.t,it=Y.data[ze-1];if(it!=0){var rt=it*(1<<this.F1)+(ze>1?Y.data[ze-2]>>this.F2:0),pt=this.FV/rt,$t=(1<<this.F1)/rt,ot=1<<this.F2,ct=k.t,Yt=ct-ze,mt=w??i();for(Y.dlShiftTo(Yt,mt),k.compareTo(mt)>=0&&(k.data[k.t++]=1,k.subTo(mt,k)),r.ONE.dlShiftTo(ze,mt),mt.subTo(Y,Y);Y.t<ze;)Y.data[Y.t++]=0;for(;--Yt>=0;){var dr=k.data[--ct]==it?this.DM:Math.floor(k.data[ct]*pt+(k.data[ct-1]+ot)*$t);if((k.data[ct]+=Y.am(0,dr,k,Yt,0,ze))<dr)for(Y.dlShiftTo(Yt,mt),k.subTo(mt,k);k.data[ct]<--dr;)k.subTo(mt,k)}w!=null&&(k.drShiftTo(ze,w),ie!=te&&r.ZERO.subTo(w,w)),k.t=ze,k.clamp(),Ee>0&&k.rShiftTo(Ee,k),ie<0&&r.ZERO.subTo(k,k)}}}function Q(A){var w=i();return this.abs().divRemTo(A,null,w),this.s<0&&w.compareTo(r.ZERO)>0&&A.subTo(w,w),w}function j(A){this.m=A}function J(A){return A.s<0||A.compareTo(this.m)>=0?A.mod(this.m):A}function ce(A){return A}function se(A){A.divRemTo(this.m,null,A)}function ge(A,w,k){A.multiplyTo(w,k),this.reduce(k)}function de(A,w){A.squareTo(w),this.reduce(w)}j.prototype.convert=J,j.prototype.revert=ce,j.prototype.reduce=se,j.prototype.mulTo=ge,j.prototype.sqrTo=de;function he(){if(this.t<1)return 0;var A=this.data[0];if((A&1)==0)return 0;var w=A&3;return w=w*(2-(A&15)*w)&15,w=w*(2-(A&255)*w)&255,w=w*(2-((A&65535)*w&65535))&65535,w=w*(2-A*w%this.DV)%this.DV,w>0?this.DV-w:-w}function X(A){this.m=A,this.mp=A.invDigit(),this.mpl=this.mp&32767,this.mph=this.mp>>15,this.um=(1<<A.DB-15)-1,this.mt2=2*A.t}function W(A){var w=i();return A.abs().dlShiftTo(this.m.t,w),w.divRemTo(this.m,null,w),A.s<0&&w.compareTo(r.ZERO)>0&&this.m.subTo(w,w),w}function $e(A){var w=i();return A.copyTo(w),this.reduce(w),w}function we(A){for(;A.t<=this.mt2;)A.data[A.t++]=0;for(var w=0;w<this.m.t;++w){var k=A.data[w]&32767,K=k*this.mpl+((k*this.mph+(A.data[w]>>15)*this.mpl&this.um)<<15)&A.DM;for(k=w+this.m.t,A.data[k]+=this.m.am(0,K,A,w,0,this.m.t);A.data[k]>=A.DV;)A.data[k]-=A.DV,A.data[++k]++}A.clamp(),A.drShiftTo(this.m.t,A),A.compareTo(this.m)>=0&&A.subTo(this.m,A)}function x(A,w){A.squareTo(w),this.reduce(w)}function D(A,w,k){A.multiplyTo(w,k),this.reduce(k)}X.prototype.convert=W,X.prototype.revert=$e,X.prototype.reduce=we,X.prototype.mulTo=D,X.prototype.sqrTo=x;function R(){return(this.t>0?this.data[0]&1:this.s)==0}function T(A,w){if(A>4294967295||A<1)return r.ONE;var k=i(),K=i(),$=w.convert(this),Y=s(A)-1;for($.copyTo(k);--Y>=0;)if(w.sqrTo(k,K),(A&1<<Y)>0)w.mulTo(K,$,k);else{var ie=k;k=K,K=ie}return w.revert(k)}function u(A,w){var k;return A<256||w.isEven()?k=new j(w):k=new X(w),this.exp(A,k)}r.prototype.copyTo=m,r.prototype.fromInt=E,r.prototype.fromString=o,r.prototype.clamp=h,r.prototype.dlShiftTo=B,r.prototype.drShiftTo=U,r.prototype.lShiftTo=O,r.prototype.rShiftTo=P,r.prototype.subTo=F,r.prototype.multiplyTo=q,r.prototype.squareTo=M,r.prototype.divRemTo=H,r.prototype.invDigit=he,r.prototype.isEven=R,r.prototype.exp=T,r.prototype.toString=g,r.prototype.negate=I,r.prototype.abs=_,r.prototype.compareTo=d,r.prototype.bitLength=n,r.prototype.mod=Q,r.prototype.modPowInt=u,r.ZERO=C(0),r.ONE=C(1);function N(){var A=i();return this.copyTo(A),A}function V(){if(this.s<0){if(this.t==1)return this.data[0]-this.DV;if(this.t==0)return-1}else{if(this.t==1)return this.data[0];if(this.t==0)return 0}return(this.data[1]&(1<<32-this.DB)-1)<<this.DB|this.data[0]}function G(){return this.t==0?this.s:this.data[0]<<24>>24}function ne(){return this.t==0?this.s:this.data[0]<<16>>16}function Z(A){return Math.floor(Math.LN2*this.DB/Math.log(A))}function z(){return this.s<0?-1:this.t<=0||this.t==1&&this.data[0]<=0?0:1}function ee(A){if(A==null&&(A=10),this.signum()==0||A<2||A>36)return"0";var w=this.chunkSize(A),k=Math.pow(A,w),K=C(k),$=i(),Y=i(),ie="";for(this.divRemTo(K,$,Y);$.signum()>0;)ie=(k+Y.intValue()).toString(A).substr(1)+ie,$.divRemTo(K,$,Y);return Y.intValue().toString(A)+ie}function fe(A,w){this.fromInt(0),w==null&&(w=10);for(var k=this.chunkSize(w),K=Math.pow(w,k),$=!1,Y=0,ie=0,te=0;te<A.length;++te){var Ee=f(A,te);if(Ee<0){A.charAt(te)=="-"&&this.signum()==0&&($=!0);continue}ie=w*ie+Ee,++Y>=k&&(this.dMultiply(K),this.dAddOffset(ie,0),Y=0,ie=0)}Y>0&&(this.dMultiply(Math.pow(w,Y)),this.dAddOffset(ie,0)),$&&r.ZERO.subTo(this,this)}function ve(A,w,k){if(typeof w=="number")if(A<2)this.fromInt(1);else for(this.fromNumber(A,k),this.testBit(A-1)||this.bitwiseTo(r.ONE.shiftLeft(A-1),Ce,this),this.isEven()&&this.dAddOffset(1,0);!this.isProbablePrime(w);)this.dAddOffset(2,0),this.bitLength()>A&&this.subTo(r.ONE.shiftLeft(A-1),this);else{var K=new Array,$=A&7;K.length=(A>>3)+1,w.nextBytes(K),$>0?K[0]&=(1<<$)-1:K[0]=0,this.fromString(K,256)}}function pe(){var A=this.t,w=new Array;w[0]=this.s;var k=this.DB-A*this.DB%8,K,$=0;if(A-- >0)for(k<this.DB&&(K=this.data[A]>>k)!=(this.s&this.DM)>>k&&(w[$++]=K|this.s<<this.DB-k);A>=0;)k<8?(K=(this.data[A]&(1<<k)-1)<<8-k,K|=this.data[--A]>>(k+=this.DB-8)):(K=this.data[A]>>(k-=8)&255,k<=0&&(k+=this.DB,--A)),(K&128)!=0&&(K|=-256),$==0&&(this.s&128)!=(K&128)&&++$,($>0||K!=this.s)&&(w[$++]=K);return w}function be(A){return this.compareTo(A)==0}function Ne(A){return this.compareTo(A)<0?this:A}function Ae(A){return this.compareTo(A)>0?this:A}function Te(A,w,k){var K,$,Y=Math.min(A.t,this.t);for(K=0;K<Y;++K)k.data[K]=w(this.data[K],A.data[K]);if(A.t<this.t){for($=A.s&this.DM,K=Y;K<this.t;++K)k.data[K]=w(this.data[K],$);k.t=this.t}else{for($=this.s&this.DM,K=Y;K<A.t;++K)k.data[K]=w($,A.data[K]);k.t=A.t}k.s=w(this.s,A.s),k.clamp()}function Se(A,w){return A&w}function xe(A){var w=i();return this.bitwiseTo(A,Se,w),w}function Ce(A,w){return A|w}function re(A){var w=i();return this.bitwiseTo(A,Ce,w),w}function ae(A,w){return A^w}function oe(A){var w=i();return this.bitwiseTo(A,ae,w),w}function ue(A,w){return A&~w}function Ie(A){var w=i();return this.bitwiseTo(A,ue,w),w}function Xe(){for(var A=i(),w=0;w<this.t;++w)A.data[w]=this.DM&~this.data[w];return A.t=this.t,A.s=~this.s,A}function Ye(A){var w=i();return A<0?this.rShiftTo(-A,w):this.lShiftTo(A,w),w}function Ze(A){var w=i();return A<0?this.lShiftTo(-A,w):this.rShiftTo(A,w),w}function tt(A){if(A==0)return-1;var w=0;return(A&65535)==0&&(A>>=16,w+=16),(A&255)==0&&(A>>=8,w+=8),(A&15)==0&&(A>>=4,w+=4),(A&3)==0&&(A>>=2,w+=2),(A&1)==0&&++w,w}function Je(){for(var A=0;A<this.t;++A)if(this.data[A]!=0)return A*this.DB+tt(this.data[A]);return this.s<0?this.t*this.DB:-1}function gt(A){for(var w=0;A!=0;)A&=A-1,++w;return w}function Tt(){for(var A=0,w=this.s&this.DM,k=0;k<this.t;++k)A+=gt(this.data[k]^w);return A}function Rt(A){var w=Math.floor(A/this.DB);return w>=this.t?this.s!=0:(this.data[w]&1<<A%this.DB)!=0}function kt(A,w){var k=r.ONE.shiftLeft(A);return this.bitwiseTo(k,w,k),k}function Qt(A){return this.changeBit(A,Ce)}function _e(A){return this.changeBit(A,ue)}function De(A){return this.changeBit(A,ae)}function Le(A,w){for(var k=0,K=0,$=Math.min(A.t,this.t);k<$;)K+=this.data[k]+A.data[k],w.data[k++]=K&this.DM,K>>=this.DB;if(A.t<this.t){for(K+=A.s;k<this.t;)K+=this.data[k],w.data[k++]=K&this.DM,K>>=this.DB;K+=this.s}else{for(K+=this.s;k<A.t;)K+=A.data[k],w.data[k++]=K&this.DM,K>>=this.DB;K+=A.s}w.s=K<0?-1:0,K>0?w.data[k++]=K:K<-1&&(w.data[k++]=this.DV+K),w.t=k,w.clamp()}function Ue(A){var w=i();return this.addTo(A,w),w}function Pe(A){var w=i();return this.subTo(A,w),w}function ke(A){var w=i();return this.multiplyTo(A,w),w}function Ve(){var A=i();return this.squareTo(A),A}function Oe(A){var w=i();return this.divRemTo(A,w,null),w}function Fe(A){var w=i();return this.divRemTo(A,null,w),w}function Ke(A){var w=i(),k=i();return this.divRemTo(A,w,k),new Array(w,k)}function Me(A){this.data[this.t]=this.am(0,A-1,this,0,0,this.t),++this.t,this.clamp()}function qe(A,w){if(A!=0){for(;this.t<=w;)this.data[this.t++]=0;for(this.data[w]+=A;this.data[w]>=this.DV;)this.data[w]-=this.DV,++w>=this.t&&(this.data[this.t++]=0),++this.data[w]}}function Be(){}function Re(A){return A}function He(A,w,k){A.multiplyTo(w,k)}function Ge(A,w){A.squareTo(w)}Be.prototype.convert=Re,Be.prototype.revert=Re,Be.prototype.mulTo=He,Be.prototype.sqrTo=Ge;function ss(A){return this.exp(A,new Be)}function os(A,w,k){var K=Math.min(this.t+A.t,w);for(k.s=0,k.t=K;K>0;)k.data[--K]=0;var $;for($=k.t-this.t;K<$;++K)k.data[K+this.t]=this.am(0,A.data[K],k,K,0,this.t);for($=Math.min(A.t,w);K<$;++K)this.am(0,A.data[K],k,K,0,w-K);k.clamp()}function cs(A,w,k){--w;var K=k.t=this.t+A.t-w;for(k.s=0;--K>=0;)k.data[K]=0;for(K=Math.max(w-this.t,0);K<A.t;++K)k.data[this.t+K-w]=this.am(w-K,A.data[K],k,0,0,this.t+K-w);k.clamp(),k.drShiftTo(1,k)}function _t(A){this.r2=i(),this.q3=i(),r.ONE.dlShiftTo(2*A.t,this.r2),this.mu=this.r2.divide(A),this.m=A}function us(A){if(A.s<0||A.t>2*this.m.t)return A.mod(this.m);if(A.compareTo(this.m)<0)return A;var w=i();return A.copyTo(w),this.reduce(w),w}function fs(A){return A}function ls(A){for(A.drShiftTo(this.m.t-1,this.r2),A.t>this.m.t+1&&(A.t=this.m.t+1,A.clamp()),this.mu.multiplyUpperTo(this.r2,this.m.t+1,this.q3),this.m.multiplyLowerTo(this.q3,this.m.t+1,this.r2);A.compareTo(this.r2)<0;)A.dAddOffset(1,this.m.t+1);for(A.subTo(this.r2,A);A.compareTo(this.m)>=0;)A.subTo(this.m,A)}function ds(A,w){A.squareTo(w),this.reduce(w)}function ps(A,w,k){A.multiplyTo(w,k),this.reduce(k)}_t.prototype.convert=us,_t.prototype.revert=fs,_t.prototype.reduce=ls,_t.prototype.mulTo=ps,_t.prototype.sqrTo=ds;function hs(A,w){var k=A.bitLength(),K,$=C(1),Y;if(k<=0)return $;k<18?K=1:k<48?K=3:k<144?K=4:k<768?K=5:K=6,k<8?Y=new j(w):w.isEven()?Y=new _t(w):Y=new X(w);var ie=new Array,te=3,Ee=K-1,ze=(1<<K)-1;if(ie[1]=Y.convert(this),K>1){var it=i();for(Y.sqrTo(ie[1],it);te<=ze;)ie[te]=i(),Y.mulTo(it,ie[te-2],ie[te]),te+=2}var rt=A.t-1,pt,$t=!0,ot=i(),ct;for(k=s(A.data[rt])-1;rt>=0;){for(k>=Ee?pt=A.data[rt]>>k-Ee&ze:(pt=(A.data[rt]&(1<<k+1)-1)<<Ee-k,rt>0&&(pt|=A.data[rt-1]>>this.DB+k-Ee)),te=K;(pt&1)==0;)pt>>=1,--te;if((k-=te)<0&&(k+=this.DB,--rt),$t)ie[pt].copyTo($),$t=!1;else{for(;te>1;)Y.sqrTo($,ot),Y.sqrTo(ot,$),te-=2;te>0?Y.sqrTo($,ot):(ct=$,$=ot,ot=ct),Y.mulTo(ot,ie[pt],$)}for(;rt>=0&&(A.data[rt]&1<<k)==0;)Y.sqrTo($,ot),ct=$,$=ot,ot=ct,--k<0&&(k=this.DB-1,--rt)}return Y.revert($)}function ys(A){var w=this.s<0?this.negate():this.clone(),k=A.s<0?A.negate():A.clone();if(w.compareTo(k)<0){var K=w;w=k,k=K}var $=w.getLowestSetBit(),Y=k.getLowestSetBit();if(Y<0)return w;for($<Y&&(Y=$),Y>0&&(w.rShiftTo(Y,w),k.rShiftTo(Y,k));w.signum()>0;)($=w.getLowestSetBit())>0&&w.rShiftTo($,w),($=k.getLowestSetBit())>0&&k.rShiftTo($,k),w.compareTo(k)>=0?(w.subTo(k,w),w.rShiftTo(1,w)):(k.subTo(w,k),k.rShiftTo(1,k));return Y>0&&k.lShiftTo(Y,k),k}function vs(A){if(A<=0)return 0;var w=this.DV%A,k=this.s<0?A-1:0;if(this.t>0)if(w==0)k=this.data[0]%A;else for(var K=this.t-1;K>=0;--K)k=(w*k+this.data[K])%A;return k}function gs(A){if(this.signum()==0)return r.ZERO;var w=A.isEven();if(this.isEven()&&w||A.signum()==0)return r.ZERO;for(var k=A.clone(),K=this.clone(),$=C(1),Y=C(0),ie=C(0),te=C(1);k.signum()!=0;){for(;k.isEven();)k.rShiftTo(1,k),w?((!$.isEven()||!Y.isEven())&&($.addTo(this,$),Y.subTo(A,Y)),$.rShiftTo(1,$)):Y.isEven()||Y.subTo(A,Y),Y.rShiftTo(1,Y);for(;K.isEven();)K.rShiftTo(1,K),w?((!ie.isEven()||!te.isEven())&&(ie.addTo(this,ie),te.subTo(A,te)),ie.rShiftTo(1,ie)):te.isEven()||te.subTo(A,te),te.rShiftTo(1,te);k.compareTo(K)>=0?(k.subTo(K,k),w&&$.subTo(ie,$),Y.subTo(te,Y)):(K.subTo(k,K),w&&ie.subTo($,ie),te.subTo(Y,te))}if(K.compareTo(r.ONE)!=0)return r.ZERO;if(te.compareTo(A)>=0)return te.subtract(A);if(te.signum()<0)te.addTo(A,te);else return te;return te.signum()<0?te.add(A):te}var st=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997],ms=(1<<26)/st[st.length-1];function Cs(A){var w,k=this.abs();if(k.t==1&&k.data[0]<=st[st.length-1]){for(w=0;w<st.length;++w)if(k.data[0]==st[w])return!0;return!1}if(k.isEven())return!1;for(w=1;w<st.length;){for(var K=st[w],$=w+1;$<st.length&&K<ms;)K*=st[$++];for(K=k.modInt(K);w<$;)if(K%st[w++]==0)return!1}return k.millerRabin(A)}function Es(A){var w=this.subtract(r.ONE),k=w.getLowestSetBit();if(k<=0)return!1;for(var K=w.shiftRight(k),$=xs(),Y,ie=0;ie<A;++ie){do Y=new r(this.bitLength(),$);while(Y.compareTo(r.ONE)<=0||Y.compareTo(w)>=0);var te=Y.modPow(K,this);if(te.compareTo(r.ONE)!=0&&te.compareTo(w)!=0){for(var Ee=1;Ee++<k&&te.compareTo(w)!=0;)if(te=te.modPowInt(2,this),te.compareTo(r.ONE)==0)return!1;if(te.compareTo(w)!=0)return!1}}return!0}function xs(){return{nextBytes:function(A){for(var w=0;w<A.length;++w)A[w]=Math.floor(Math.random()*256)}}}return r.prototype.chunkSize=Z,r.prototype.toRadix=ee,r.prototype.fromRadix=fe,r.prototype.fromNumber=ve,r.prototype.bitwiseTo=Te,r.prototype.changeBit=kt,r.prototype.addTo=Le,r.prototype.dMultiply=Me,r.prototype.dAddOffset=qe,r.prototype.multiplyLowerTo=os,r.prototype.multiplyUpperTo=cs,r.prototype.modInt=vs,r.prototype.millerRabin=Es,r.prototype.clone=N,r.prototype.intValue=V,r.prototype.byteValue=G,r.prototype.shortValue=ne,r.prototype.signum=z,r.prototype.toByteArray=pe,r.prototype.equals=be,r.prototype.min=Ne,r.prototype.max=Ae,r.prototype.and=xe,r.prototype.or=re,r.prototype.xor=oe,r.prototype.andNot=Ie,r.prototype.not=Xe,r.prototype.shiftLeft=Ye,r.prototype.shiftRight=Ze,r.prototype.getLowestSetBit=Je,r.prototype.bitCount=Tt,r.prototype.testBit=Rt,r.prototype.setBit=Qt,r.prototype.clearBit=_e,r.prototype.flipBit=De,r.prototype.add=Ue,r.prototype.subtract=Pe,r.prototype.multiply=ke,r.prototype.divide=Oe,r.prototype.remainder=Fe,r.prototype.divideAndRemainder=Ke,r.prototype.modPow=hs,r.prototype.modInverse=gs,r.prototype.pow=ss,r.prototype.gcd=ys,r.prototype.isProbablePrime=Cs,r.prototype.square=Ve,Pr}var kr={exports:{}},Vr={exports:{}},Ja;function Ht(){if(Ja)return Vr.exports;Ja=1;var t=ye();vt(),me();var e=Vr.exports=t.sha1=t.sha1||{};t.md.sha1=t.md.algorithms.sha1=e,e.create=function(){i||p();var c=null,a=t.util.createBuffer(),v=new Array(80),l={algorithm:"sha1",blockLength:64,digestLength:20,messageLength:0,fullMessageLength:null,messageLengthSize:8};return l.start=function(){l.messageLength=0,l.fullMessageLength=l.messageLength64=[];for(var S=l.messageLengthSize/4,L=0;L<S;++L)l.fullMessageLength.push(0);return a=t.util.createBuffer(),c={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878,h4:3285377520},l},l.start(),l.update=function(S,L){L==="utf8"&&(S=t.util.encodeUtf8(S));var b=S.length;l.messageLength+=b,b=[b/4294967296>>>0,b>>>0];for(var f=l.fullMessageLength.length-1;f>=0;--f)l.fullMessageLength[f]+=b[1],b[1]=b[0]+(l.fullMessageLength[f]/4294967296>>>0),l.fullMessageLength[f]=l.fullMessageLength[f]>>>0,b[0]=b[1]/4294967296>>>0;return a.putBytes(S),y(c,v,a),(a.read>2048||a.length()===0)&&a.compact(),l},l.digest=function(){var S=t.util.createBuffer();S.putBytes(a.bytes());var L=l.fullMessageLength[l.fullMessageLength.length-1]+l.messageLengthSize,b=L&l.blockLength-1;S.putBytes(r.substr(0,l.blockLength-b));for(var f,m,E=l.fullMessageLength[0]*8,C=0;C<l.fullMessageLength.length-1;++C)f=l.fullMessageLength[C+1]*8,m=f/4294967296>>>0,E+=m,S.putInt32(E>>>0),E=f>>>0;S.putInt32(E);var o={h0:c.h0,h1:c.h1,h2:c.h2,h3:c.h3,h4:c.h4};y(o,v,S);var h=t.util.createBuffer();return h.putInt32(o.h0),h.putInt32(o.h1),h.putInt32(o.h2),h.putInt32(o.h3),h.putInt32(o.h4),h},l};var r=null,i=!1;function p(){r="€",r+=t.util.fillString("\0",64),i=!0}function y(c,a,v){for(var l,S,L,b,f,m,E,C,o=v.length();o>=64;){for(S=c.h0,L=c.h1,b=c.h2,f=c.h3,m=c.h4,C=0;C<16;++C)l=v.getInt32(),a[C]=l,E=f^L&(b^f),l=(S<<5|S>>>27)+E+m+1518500249+l,m=f,f=b,b=(L<<30|L>>>2)>>>0,L=S,S=l;for(;C<20;++C)l=a[C-3]^a[C-8]^a[C-14]^a[C-16],l=l<<1|l>>>31,a[C]=l,E=f^L&(b^f),l=(S<<5|S>>>27)+E+m+1518500249+l,m=f,f=b,b=(L<<30|L>>>2)>>>0,L=S,S=l;for(;C<32;++C)l=a[C-3]^a[C-8]^a[C-14]^a[C-16],l=l<<1|l>>>31,a[C]=l,E=L^b^f,l=(S<<5|S>>>27)+E+m+1859775393+l,m=f,f=b,b=(L<<30|L>>>2)>>>0,L=S,S=l;for(;C<40;++C)l=a[C-6]^a[C-16]^a[C-28]^a[C-32],l=l<<2|l>>>30,a[C]=l,E=L^b^f,l=(S<<5|S>>>27)+E+m+1859775393+l,m=f,f=b,b=(L<<30|L>>>2)>>>0,L=S,S=l;for(;C<60;++C)l=a[C-6]^a[C-16]^a[C-28]^a[C-32],l=l<<2|l>>>30,a[C]=l,E=L&b|f&(L^b),l=(S<<5|S>>>27)+E+m+2400959708+l,m=f,f=b,b=(L<<30|L>>>2)>>>0,L=S,S=l;for(;C<80;++C)l=a[C-6]^a[C-16]^a[C-28]^a[C-32],l=l<<2|l>>>30,a[C]=l,E=L^b^f,l=(S<<5|S>>>27)+E+m+3395469782+l,m=f,f=b,b=(L<<30|L>>>2)>>>0,L=S,S=l;c.h0=c.h0+S|0,c.h1=c.h1+L|0,c.h2=c.h2+b|0,c.h3=c.h3+f|0,c.h4=c.h4+m|0,o-=64}}return Vr.exports}var en;function ti(){if(en)return kr.exports;en=1;var t=ye();me(),ut(),Ht();var e=kr.exports=t.pkcs1=t.pkcs1||{};e.encode_rsa_oaep=function(i,p,y){var c,a,v,l;typeof y=="string"?(c=y,a=arguments[3]||void 0,v=arguments[4]||void 0):y&&(c=y.label||void 0,a=y.seed||void 0,v=y.md||void 0,y.mgf1&&y.mgf1.md&&(l=y.mgf1.md)),v?v.start():v=t.md.sha1.create(),l||(l=v);var S=Math.ceil(i.n.bitLength()/8),L=S-2*v.digestLength-2;if(p.length>L){var b=new Error("RSAES-OAEP input message length is too long.");throw b.length=p.length,b.maxLength=L,b}c||(c=""),v.update(c,"raw");for(var f=v.digest(),m="",E=L-p.length,C=0;C<E;C++)m+="\0";var o=f.getBytes()+m+""+p;if(!a)a=t.random.getBytes(v.digestLength);else if(a.length!==v.digestLength){var b=new Error("Invalid RSAES-OAEP seed. The seed length must match the digest length.");throw b.seedLength=a.length,b.digestLength=v.digestLength,b}var h=r(a,S-v.digestLength-1,l),g=t.util.xorBytes(o,h,o.length),I=r(g,v.digestLength,l),_=t.util.xorBytes(a,I,a.length);return"\0"+_+g},e.decode_rsa_oaep=function(i,p,y){var c,a,v;typeof y=="string"?(c=y,a=arguments[3]||void 0):y&&(c=y.label||void 0,a=y.md||void 0,y.mgf1&&y.mgf1.md&&(v=y.mgf1.md));var l=Math.ceil(i.n.bitLength()/8);if(p.length!==l){var g=new Error("RSAES-OAEP encoded message length is invalid.");throw g.length=p.length,g.expectedLength=l,g}if(a===void 0?a=t.md.sha1.create():a.start(),v||(v=a),l<2*a.digestLength+2)throw new Error("RSAES-OAEP key is too short for the hash function.");c||(c=""),a.update(c,"raw");for(var S=a.digest().getBytes(),L=p.charAt(0),b=p.substring(1,a.digestLength+1),f=p.substring(1+a.digestLength),m=r(f,a.digestLength,v),E=t.util.xorBytes(b,m,b.length),C=r(E,l-a.digestLength-1,v),o=t.util.xorBytes(f,C,f.length),h=o.substring(0,a.digestLength),g=L!=="\0",I=0;I<a.digestLength;++I)g|=S.charAt(I)!==h.charAt(I);for(var _=1,d=a.digestLength,s=a.digestLength;s<o.length;s++){var n=o.charCodeAt(s),B=n&1^1,U=_?65534:0;g|=n&U,_=_&B,d+=_}if(g||o.charCodeAt(d)!==1)throw new Error("Invalid RSAES-OAEP padding.");return o.substring(d+1)};function r(i,p,y){y||(y=t.md.sha1.create());for(var c="",a=Math.ceil(p/y.digestLength),v=0;v<a;++v){var l=String.fromCharCode(v>>24&255,v>>16&255,v>>8&255,v&255);y.start(),y.update(i+l),c+=y.digest().getBytes()}return c.substring(0,p)}return kr.exports}var jt={exports:{}},tn;function ri(){if(tn)return jt.exports;tn=1;var t=ye();return me(),cr(),ut(),(function(){if(t.prime){jt.exports=t.prime;return}var e=jt.exports=t.prime=t.prime||{},r=t.jsbn.BigInteger,i=[6,4,2,4,2,4,6,2],p=new r(null);p.fromInt(30);var y=function(b,f){return b|f};e.generateProbablePrime=function(b,f,m){typeof f=="function"&&(m=f,f={}),f=f||{};var E=f.algorithm||"PRIMEINC";typeof E=="string"&&(E={name:E}),E.options=E.options||{};var C=f.prng||t.random,o={nextBytes:function(h){for(var g=C.getBytesSync(h.length),I=0;I<h.length;++I)h[I]=g.charCodeAt(I)}};if(E.name==="PRIMEINC")return c(b,o,E.options,m);throw new Error("Invalid prime generation algorithm: "+E.name)};function c(b,f,m,E){return"workers"in m?l(b,f,m,E):a(b,f,m,E)}function a(b,f,m,E){var C=S(b,f),o=0,h=L(C.bitLength());"millerRabinTests"in m&&(h=m.millerRabinTests);var g=10;"maxBlockTime"in m&&(g=m.maxBlockTime),v(C,b,f,o,h,g,E)}function v(b,f,m,E,C,o,h){var g=+new Date;do{if(b.bitLength()>f&&(b=S(f,m)),b.isProbablePrime(C))return h(null,b);b.dAddOffset(i[E++%8],0)}while(o<0||+new Date-g<o);t.util.setImmediate(function(){v(b,f,m,E,C,o,h)})}function l(b,f,m,E){if(typeof Worker>"u")return a(b,f,m,E);var C=S(b,f),o=m.workers,h=m.workLoad||100,g=h*30/8,I=m.workerScript||"forge/prime.worker.js";if(o===-1)return t.util.estimateCores(function(d,s){d&&(s=2),o=s-1,_()});_();function _(){o=Math.max(1,o);for(var d=[],s=0;s<o;++s)d[s]=new Worker(I);for(var s=0;s<o;++s)d[s].addEventListener("message",B);var n=!1;function B(U){if(!n){var O=U.data;if(O.found){for(var P=0;P<d.length;++P)d[P].terminate();return n=!0,E(null,new r(O.prime,16))}C.bitLength()>b&&(C=S(b,f));var F=C.toString(16);U.target.postMessage({hex:F,workLoad:h}),C.dAddOffset(g,0)}}}}function S(b,f){var m=new r(b,f),E=b-1;return m.testBit(E)||m.bitwiseTo(r.ONE.shiftLeft(E),y,m),m.dAddOffset(31-m.mod(p).byteValue(),0),m}function L(b){return b<=100?27:b<=150?18:b<=200?15:b<=250?12:b<=300?9:b<=350?8:b<=400?7:b<=500?6:b<=600?5:b<=800?4:b<=1250?3:2}})(),jt.exports}var Or,rn;function ur(){if(rn)return Or;rn=1;var t=ye();if(dt(),cr(),Nt(),ti(),ri(),ut(),me(),typeof e>"u")var e=t.jsbn.BigInteger;var r=t.util.isNodejs?Ca:null,i=t.asn1,p=t.util;t.pki=t.pki||{},Or=t.pki.rsa=t.rsa=t.rsa||{};var y=t.pki,c=[6,4,2,4,2,4,6,2],a={name:"PrivateKeyInfo",tagClass:i.Class.UNIVERSAL,type:i.Type.SEQUENCE,constructed:!0,value:[{name:"PrivateKeyInfo.version",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"PrivateKeyInfo.privateKeyAlgorithm",tagClass:i.Class.UNIVERSAL,type:i.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:i.Class.UNIVERSAL,type:i.Type.OID,constructed:!1,capture:"privateKeyOid"}]},{name:"PrivateKeyInfo",tagClass:i.Class.UNIVERSAL,type:i.Type.OCTETSTRING,constructed:!1,capture:"privateKey"}]},v={name:"RSAPrivateKey",tagClass:i.Class.UNIVERSAL,type:i.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPrivateKey.version",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"RSAPrivateKey.modulus",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyModulus"},{name:"RSAPrivateKey.publicExponent",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyPublicExponent"},{name:"RSAPrivateKey.privateExponent",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyPrivateExponent"},{name:"RSAPrivateKey.prime1",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyPrime1"},{name:"RSAPrivateKey.prime2",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyPrime2"},{name:"RSAPrivateKey.exponent1",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyExponent1"},{name:"RSAPrivateKey.exponent2",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyExponent2"},{name:"RSAPrivateKey.coefficient",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"privateKeyCoefficient"}]},l={name:"RSAPublicKey",tagClass:i.Class.UNIVERSAL,type:i.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPublicKey.modulus",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"publicKeyModulus"},{name:"RSAPublicKey.exponent",tagClass:i.Class.UNIVERSAL,type:i.Type.INTEGER,constructed:!1,capture:"publicKeyExponent"}]},S=t.pki.rsa.publicKeyValidator={name:"SubjectPublicKeyInfo",tagClass:i.Class.UNIVERSAL,type:i.Type.SEQUENCE,constructed:!0,captureAsn1:"subjectPublicKeyInfo",value:[{name:"SubjectPublicKeyInfo.AlgorithmIdentifier",tagClass:i.Class.UNIVERSAL,type:i.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:i.Class.UNIVERSAL,type:i.Type.OID,constructed:!1,capture:"publicKeyOid"}]},{name:"SubjectPublicKeyInfo.subjectPublicKey",tagClass:i.Class.UNIVERSAL,type:i.Type.BITSTRING,constructed:!1,value:[{name:"SubjectPublicKeyInfo.subjectPublicKey.RSAPublicKey",tagClass:i.Class.UNIVERSAL,type:i.Type.SEQUENCE,constructed:!0,optional:!0,captureAsn1:"rsaPublicKey"}]}]},L={name:"DigestInfo",tagClass:i.Class.UNIVERSAL,type:i.Type.SEQUENCE,constructed:!0,value:[{name:"DigestInfo.DigestAlgorithm",tagClass:i.Class.UNIVERSAL,type:i.Type.SEQUENCE,constructed:!0,value:[{name:"DigestInfo.DigestAlgorithm.algorithmIdentifier",tagClass:i.Class.UNIVERSAL,type:i.Type.OID,constructed:!1,capture:"algorithmIdentifier"},{name:"DigestInfo.DigestAlgorithm.parameters",tagClass:i.Class.UNIVERSAL,type:i.Type.NULL,capture:"parameters",optional:!0,constructed:!1}]},{name:"DigestInfo.digest",tagClass:i.Class.UNIVERSAL,type:i.Type.OCTETSTRING,constructed:!1,capture:"digest"}]},b=function(s){var n;if(s.algorithm in y.oids)n=y.oids[s.algorithm];else{var B=new Error("Unknown message digest algorithm.");throw B.algorithm=s.algorithm,B}var U=i.oidToDer(n).getBytes(),O=i.create(i.Class.UNIVERSAL,i.Type.SEQUENCE,!0,[]),P=i.create(i.Class.UNIVERSAL,i.Type.SEQUENCE,!0,[]);P.value.push(i.create(i.Class.UNIVERSAL,i.Type.OID,!1,U)),P.value.push(i.create(i.Class.UNIVERSAL,i.Type.NULL,!1,""));var F=i.create(i.Class.UNIVERSAL,i.Type.OCTETSTRING,!1,s.digest().getBytes());return O.value.push(P),O.value.push(F),i.toDer(O).getBytes()},f=function(s,n,B){if(B)return s.modPow(n.e,n.n);if(!n.p||!n.q)return s.modPow(n.d,n.n);n.dP||(n.dP=n.d.mod(n.p.subtract(e.ONE))),n.dQ||(n.dQ=n.d.mod(n.q.subtract(e.ONE))),n.qInv||(n.qInv=n.q.modInverse(n.p));var U;do U=new e(t.util.bytesToHex(t.random.getBytes(n.n.bitLength()/8)),16);while(U.compareTo(n.n)>=0||!U.gcd(n.n).equals(e.ONE));s=s.multiply(U.modPow(n.e,n.n)).mod(n.n);for(var O=s.mod(n.p).modPow(n.dP,n.p),P=s.mod(n.q).modPow(n.dQ,n.q);O.compareTo(P)<0;)O=O.add(n.p);var F=O.subtract(P).multiply(n.qInv).mod(n.p).multiply(n.q).add(P);return F=F.multiply(U.modInverse(n.n)).mod(n.n),F};y.rsa.encrypt=function(s,n,B){var U=B,O,P=Math.ceil(n.n.bitLength()/8);B!==!1&&B!==!0?(U=B===2,O=m(s,n,B)):(O=t.util.createBuffer(),O.putBytes(s));for(var F=new e(O.toHex(),16),q=f(F,n,U),M=q.toString(16),H=t.util.createBuffer(),Q=P-Math.ceil(M.length/2);Q>0;)H.putByte(0),--Q;return H.putBytes(t.util.hexToBytes(M)),H.getBytes()},y.rsa.decrypt=function(s,n,B,U){var O=Math.ceil(n.n.bitLength()/8);if(s.length!==O){var P=new Error("Encrypted message length is invalid.");throw P.length=s.length,P.expected=O,P}var F=new e(t.util.createBuffer(s).toHex(),16);if(F.compareTo(n.n)>=0)throw new Error("Encrypted message is invalid.");for(var q=f(F,n,B),M=q.toString(16),H=t.util.createBuffer(),Q=O-Math.ceil(M.length/2);Q>0;)H.putByte(0),--Q;return H.putBytes(t.util.hexToBytes(M)),U!==!1?E(H.getBytes(),n,B):H.getBytes()},y.rsa.createKeyPairGenerationState=function(s,n,B){typeof s=="string"&&(s=parseInt(s,10)),s=s||2048,B=B||{};var U=B.prng||t.random,O={nextBytes:function(q){for(var M=U.getBytesSync(q.length),H=0;H<q.length;++H)q[H]=M.charCodeAt(H)}},P=B.algorithm||"PRIMEINC",F;if(P==="PRIMEINC")F={algorithm:P,state:0,bits:s,rng:O,eInt:n||65537,e:new e(null),p:null,q:null,qBits:s>>1,pBits:s-(s>>1),pqState:0,num:null,keys:null},F.e.fromInt(F.eInt);else throw new Error("Invalid key generation algorithm: "+P);return F},y.rsa.stepKeyPairGenerationState=function(s,n){"algorithm"in s||(s.algorithm="PRIMEINC");var B=new e(null);B.fromInt(30);for(var U=0,O=function(j,J){return j|J},P=+new Date,F,q=0;s.keys===null&&(n<=0||q<n);){if(s.state===0){var M=s.p===null?s.pBits:s.qBits,H=M-1;s.pqState===0?(s.num=new e(M,s.rng),s.num.testBit(H)||s.num.bitwiseTo(e.ONE.shiftLeft(H),O,s.num),s.num.dAddOffset(31-s.num.mod(B).byteValue(),0),U=0,++s.pqState):s.pqState===1?s.num.bitLength()>M?s.pqState=0:s.num.isProbablePrime(h(s.num.bitLength()))?++s.pqState:s.num.dAddOffset(c[U++%8],0):s.pqState===2?s.pqState=s.num.subtract(e.ONE).gcd(s.e).compareTo(e.ONE)===0?3:0:s.pqState===3&&(s.pqState=0,s.p===null?s.p=s.num:s.q=s.num,s.p!==null&&s.q!==null&&++s.state,s.num=null)}else if(s.state===1)s.p.compareTo(s.q)<0&&(s.num=s.p,s.p=s.q,s.q=s.num),++s.state;else if(s.state===2)s.p1=s.p.subtract(e.ONE),s.q1=s.q.subtract(e.ONE),s.phi=s.p1.multiply(s.q1),++s.state;else if(s.state===3)s.phi.gcd(s.e).compareTo(e.ONE)===0?++s.state:(s.p=null,s.q=null,s.state=0);else if(s.state===4)s.n=s.p.multiply(s.q),s.n.bitLength()===s.bits?++s.state:(s.q=null,s.state=0);else if(s.state===5){var Q=s.e.modInverse(s.phi);s.keys={privateKey:y.rsa.setPrivateKey(s.n,s.e,Q,s.p,s.q,Q.mod(s.p1),Q.mod(s.q1),s.q.modInverse(s.p)),publicKey:y.rsa.setPublicKey(s.n,s.e)}}F=+new Date,q+=F-P,P=F}return s.keys!==null},y.rsa.generateKeyPair=function(s,n,B,U){if(arguments.length===1?typeof s=="object"?(B=s,s=void 0):typeof s=="function"&&(U=s,s=void 0):arguments.length===2?typeof s=="number"?typeof n=="function"?(U=n,n=void 0):typeof n!="number"&&(B=n,n=void 0):(B=s,U=n,s=void 0,n=void 0):arguments.length===3&&(typeof n=="number"?typeof B=="function"&&(U=B,B=void 0):(U=B,B=n,n=void 0)),B=B||{},s===void 0&&(s=B.bits||2048),n===void 0&&(n=B.e||65537),!t.options.usePureJavaScript&&!B.prng&&s>=256&&s<=16384&&(n===65537||n===3)){if(U){if(g("generateKeyPair"))return r.generateKeyPair("rsa",{modulusLength:s,publicExponent:n,publicKeyEncoding:{type:"spki",format:"pem"},privateKeyEncoding:{type:"pkcs8",format:"pem"}},function(q,M,H){if(q)return U(q);U(null,{privateKey:y.privateKeyFromPem(H),publicKey:y.publicKeyFromPem(M)})});if(I("generateKey")&&I("exportKey"))return p.globalScope.crypto.subtle.generateKey({name:"RSASSA-PKCS1-v1_5",modulusLength:s,publicExponent:d(n),hash:{name:"SHA-256"}},!0,["sign","verify"]).then(function(q){return p.globalScope.crypto.subtle.exportKey("pkcs8",q.privateKey)}).then(void 0,function(q){U(q)}).then(function(q){if(q){var M=y.privateKeyFromAsn1(i.fromDer(t.util.createBuffer(q)));U(null,{privateKey:M,publicKey:y.setRsaPublicKey(M.n,M.e)})}});if(_("generateKey")&&_("exportKey")){var O=p.globalScope.msCrypto.subtle.generateKey({name:"RSASSA-PKCS1-v1_5",modulusLength:s,publicExponent:d(n),hash:{name:"SHA-256"}},!0,["sign","verify"]);O.oncomplete=function(q){var M=q.target.result,H=p.globalScope.msCrypto.subtle.exportKey("pkcs8",M.privateKey);H.oncomplete=function(Q){var j=Q.target.result,J=y.privateKeyFromAsn1(i.fromDer(t.util.createBuffer(j)));U(null,{privateKey:J,publicKey:y.setRsaPublicKey(J.n,J.e)})},H.onerror=function(Q){U(Q)}},O.onerror=function(q){U(q)};return}}else if(g("generateKeyPairSync")){var P=r.generateKeyPairSync("rsa",{modulusLength:s,publicExponent:n,publicKeyEncoding:{type:"spki",format:"pem"},privateKeyEncoding:{type:"pkcs8",format:"pem"}});return{privateKey:y.privateKeyFromPem(P.privateKey),publicKey:y.publicKeyFromPem(P.publicKey)}}}var F=y.rsa.createKeyPairGenerationState(s,n,B);if(!U)return y.rsa.stepKeyPairGenerationState(F,0),F.keys;C(F,B,U)},y.setRsaPublicKey=y.rsa.setPublicKey=function(s,n){var B={n:s,e:n};return B.encrypt=function(U,O,P){if(typeof O=="string"?O=O.toUpperCase():O===void 0&&(O="RSAES-PKCS1-V1_5"),O==="RSAES-PKCS1-V1_5")O={encode:function(q,M,H){return m(q,M,2).getBytes()}};else if(O==="RSA-OAEP"||O==="RSAES-OAEP")O={encode:function(q,M){return t.pkcs1.encode_rsa_oaep(M,q,P)}};else if(["RAW","NONE","NULL",null].indexOf(O)!==-1)O={encode:function(q){return q}};else if(typeof O=="string")throw new Error('Unsupported encryption scheme: "'+O+'".');var F=O.encode(U,B,!0);return y.rsa.encrypt(F,B,!0)},B.verify=function(U,O,P,F){typeof P=="string"?P=P.toUpperCase():P===void 0&&(P="RSASSA-PKCS1-V1_5"),F===void 0&&(F={_parseAllDigestBytes:!0,_skipPaddingChecks:!1}),"_parseAllDigestBytes"in F||(F._parseAllDigestBytes=!0),"_skipPaddingChecks"in F||(F._skipPaddingChecks=!1),P==="RSASSA-PKCS1-V1_5"?P={verify:function(M,H){H=E(H,B,!0,void 0,F);var Q=i.fromDer(H,{parseAllBytes:F._parseAllDigestBytes}),j={},J=[];if(!i.validate(Q,L,j,J)||Q.value.length!==2){var ce=new Error("ASN.1 object does not contain a valid RSASSA-PKCS1-v1_5 DigestInfo value.");throw ce.errors=J,ce}var se=i.derToOid(j.algorithmIdentifier);if(!(se===t.oids.md2||se===t.oids.md5||se===t.oids.sha1||se===t.oids.sha224||se===t.oids.sha256||se===t.oids.sha384||se===t.oids.sha512||se===t.oids["sha512-224"]||se===t.oids["sha512-256"])){var ce=new Error("Unknown RSASSA-PKCS1-v1_5 DigestAlgorithm identifier.");throw ce.oid=se,ce}if((se===t.oids.md2||se===t.oids.md5)&&!("parameters"in j))throw new Error("ASN.1 object does not contain a valid RSASSA-PKCS1-v1_5 DigestInfo value. Missing algorithm identifier NULL parameters.");return M===j.digest}}:(P==="NONE"||P==="NULL"||P===null)&&(P={verify:function(M,H){return H=E(H,B,!0,void 0,F),M===H}});var q=y.rsa.decrypt(O,B,!0,!1);return P.verify(U,q,B.n.bitLength())},B},y.setRsaPrivateKey=y.rsa.setPrivateKey=function(s,n,B,U,O,P,F,q){var M={n:s,e:n,d:B,p:U,q:O,dP:P,dQ:F,qInv:q};return M.decrypt=function(H,Q,j){typeof Q=="string"?Q=Q.toUpperCase():Q===void 0&&(Q="RSAES-PKCS1-V1_5");var J=y.rsa.decrypt(H,M,!1,!1);if(Q==="RSAES-PKCS1-V1_5")Q={decode:E};else if(Q==="RSA-OAEP"||Q==="RSAES-OAEP")Q={decode:function(ce,se){return t.pkcs1.decode_rsa_oaep(se,ce,j)}};else if(["RAW","NONE","NULL",null].indexOf(Q)!==-1)Q={decode:function(ce){return ce}};else throw new Error('Unsupported encryption scheme: "'+Q+'".');return Q.decode(J,M,!1)},M.sign=function(H,Q){var j=!1;typeof Q=="string"&&(Q=Q.toUpperCase()),Q===void 0||Q==="RSASSA-PKCS1-V1_5"?(Q={encode:b},j=1):(Q==="NONE"||Q==="NULL"||Q===null)&&(Q={encode:function(){return H}},j=1);var J=Q.encode(H,M.n.bitLength());return y.rsa.encrypt(J,M,j)},M},y.wrapRsaPrivateKey=function(s){return i.create(i.Class.UNIVERSAL,i.Type.SEQUENCE,!0,[i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,i.integerToDer(0).getBytes()),i.create(i.Class.UNIVERSAL,i.Type.SEQUENCE,!0,[i.create(i.Class.UNIVERSAL,i.Type.OID,!1,i.oidToDer(y.oids.rsaEncryption).getBytes()),i.create(i.Class.UNIVERSAL,i.Type.NULL,!1,"")]),i.create(i.Class.UNIVERSAL,i.Type.OCTETSTRING,!1,i.toDer(s).getBytes())])},y.privateKeyFromAsn1=function(s){var n={},B=[];if(i.validate(s,a,n,B)&&(s=i.fromDer(t.util.createBuffer(n.privateKey))),n={},B=[],!i.validate(s,v,n,B)){var U=new Error("Cannot read private key. ASN.1 object does not contain an RSAPrivateKey.");throw U.errors=B,U}var O,P,F,q,M,H,Q,j;return O=t.util.createBuffer(n.privateKeyModulus).toHex(),P=t.util.createBuffer(n.privateKeyPublicExponent).toHex(),F=t.util.createBuffer(n.privateKeyPrivateExponent).toHex(),q=t.util.createBuffer(n.privateKeyPrime1).toHex(),M=t.util.createBuffer(n.privateKeyPrime2).toHex(),H=t.util.createBuffer(n.privateKeyExponent1).toHex(),Q=t.util.createBuffer(n.privateKeyExponent2).toHex(),j=t.util.createBuffer(n.privateKeyCoefficient).toHex(),y.setRsaPrivateKey(new e(O,16),new e(P,16),new e(F,16),new e(q,16),new e(M,16),new e(H,16),new e(Q,16),new e(j,16))},y.privateKeyToAsn1=y.privateKeyToRSAPrivateKey=function(s){return i.create(i.Class.UNIVERSAL,i.Type.SEQUENCE,!0,[i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,i.integerToDer(0).getBytes()),i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.n)),i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.e)),i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.d)),i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.p)),i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.q)),i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.dP)),i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.dQ)),i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.qInv))])},y.publicKeyFromAsn1=function(s){var n={},B=[];if(i.validate(s,S,n,B)){var U=i.derToOid(n.publicKeyOid);if(U!==y.oids.rsaEncryption){var O=new Error("Cannot read public key. Unknown OID.");throw O.oid=U,O}s=n.rsaPublicKey}if(B=[],!i.validate(s,l,n,B)){var O=new Error("Cannot read public key. ASN.1 object does not contain an RSAPublicKey.");throw O.errors=B,O}var P=t.util.createBuffer(n.publicKeyModulus).toHex(),F=t.util.createBuffer(n.publicKeyExponent).toHex();return y.setRsaPublicKey(new e(P,16),new e(F,16))},y.publicKeyToAsn1=y.publicKeyToSubjectPublicKeyInfo=function(s){return i.create(i.Class.UNIVERSAL,i.Type.SEQUENCE,!0,[i.create(i.Class.UNIVERSAL,i.Type.SEQUENCE,!0,[i.create(i.Class.UNIVERSAL,i.Type.OID,!1,i.oidToDer(y.oids.rsaEncryption).getBytes()),i.create(i.Class.UNIVERSAL,i.Type.NULL,!1,"")]),i.create(i.Class.UNIVERSAL,i.Type.BITSTRING,!1,[y.publicKeyToRSAPublicKey(s)])])},y.publicKeyToRSAPublicKey=function(s){return i.create(i.Class.UNIVERSAL,i.Type.SEQUENCE,!0,[i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.n)),i.create(i.Class.UNIVERSAL,i.Type.INTEGER,!1,o(s.e))])};function m(s,n,B){var U=t.util.createBuffer(),O=Math.ceil(n.n.bitLength()/8);if(s.length>O-11){var P=new Error("Message is too long for PKCS#1 v1.5 padding.");throw P.length=s.length,P.max=O-11,P}U.putByte(0),U.putByte(B);var F=O-3-s.length,q;if(B===0||B===1){q=B===0?0:255;for(var M=0;M<F;++M)U.putByte(q)}else for(;F>0;){for(var H=0,Q=t.random.getBytes(F),M=0;M<F;++M)q=Q.charCodeAt(M),q===0?++H:U.putByte(q);F=H}return U.putByte(0),U.putBytes(s),U}function E(s,n,B,U,O){var P=Math.ceil(n.n.bitLength()/8),F=t.util.createBuffer(s),q=F.getByte(),M=F.getByte();if(q!==0||B&&M!==0&&M!==1||!B&&M!==2||B&&M===0&&typeof U>"u")throw new Error("Encryption block is invalid.");var H=0;if(M===0){H=P-3-U;for(var Q=0;Q<H;++Q)if(F.getByte()!==0)throw new Error("Encryption block is invalid.")}else if(M===1){for(H=0;F.length()>1;){if(F.getByte()!==255){--F.read;break}++H}if(H<8&&!(O&&O._skipPaddingChecks))throw new Error("Encryption block is invalid.")}else if(M===2){for(H=0;F.length()>1;){if(F.getByte()===0){--F.read;break}++H}if(H<8&&!(O&&O._skipPaddingChecks))throw new Error("Encryption block is invalid.")}var j=F.getByte();if(j!==0||H!==P-3-F.length())throw new Error("Encryption block is invalid.");return F.getBytes()}function C(s,n,B){typeof n=="function"&&(B=n,n={}),n=n||{};var U={algorithm:{name:n.algorithm||"PRIMEINC",options:{workers:n.workers||2,workLoad:n.workLoad||100,workerScript:n.workerScript}}};"prng"in n&&(U.prng=n.prng),O();function O(){P(s.pBits,function(q,M){if(q)return B(q);if(s.p=M,s.q!==null)return F(q,s.q);P(s.qBits,F)})}function P(q,M){t.prime.generateProbablePrime(q,U,M)}function F(q,M){if(q)return B(q);if(s.q=M,s.p.compareTo(s.q)<0){var H=s.p;s.p=s.q,s.q=H}if(s.p.subtract(e.ONE).gcd(s.e).compareTo(e.ONE)!==0){s.p=null,O();return}if(s.q.subtract(e.ONE).gcd(s.e).compareTo(e.ONE)!==0){s.q=null,P(s.qBits,F);return}if(s.p1=s.p.subtract(e.ONE),s.q1=s.q.subtract(e.ONE),s.phi=s.p1.multiply(s.q1),s.phi.gcd(s.e).compareTo(e.ONE)!==0){s.p=s.q=null,O();return}if(s.n=s.p.multiply(s.q),s.n.bitLength()!==s.bits){s.q=null,P(s.qBits,F);return}var Q=s.e.modInverse(s.phi);s.keys={privateKey:y.rsa.setPrivateKey(s.n,s.e,Q,s.p,s.q,Q.mod(s.p1),Q.mod(s.q1),s.q.modInverse(s.p)),publicKey:y.rsa.setPublicKey(s.n,s.e)},B(null,s.keys)}}function o(s){var n=s.toString(16);n[0]>="8"&&(n="00"+n);var B=t.util.hexToBytes(n);return B.length>1&&(B.charCodeAt(0)===0&&(B.charCodeAt(1)&128)===0||B.charCodeAt(0)===255&&(B.charCodeAt(1)&128)===128)?B.substr(1):B}function h(s){return s<=100?27:s<=150?18:s<=200?15:s<=250?12:s<=300?9:s<=350?8:s<=400?7:s<=500?6:s<=600?5:s<=800?4:s<=1250?3:2}function g(s){return t.util.isNodejs&&typeof r[s]=="function"}function I(s){return typeof p.globalScope<"u"&&typeof p.globalScope.crypto=="object"&&typeof p.globalScope.crypto.subtle=="object"&&typeof p.globalScope.crypto.subtle[s]=="function"}function _(s){return typeof p.globalScope<"u"&&typeof p.globalScope.msCrypto=="object"&&typeof p.globalScope.msCrypto.subtle=="object"&&typeof p.globalScope.msCrypto.subtle[s]=="function"}function d(s){for(var n=t.util.hexToBytes(s.toString(16)),B=new Uint8Array(n.length),U=0;U<n.length;++U)B[U]=n.charCodeAt(U);return B}return Or}var Fr,an;function ai(){if(an)return Fr;an=1;var t=ye();if(wt(),dt(),or(),vt(),Nt(),Ea(),Pt(),ut(),ei(),ur(),me(),typeof e>"u")var e=t.jsbn.BigInteger;var r=t.asn1,i=t.pki=t.pki||{};Fr=i.pbe=t.pbe=t.pbe||{};var p=i.oids,y={name:"EncryptedPrivateKeyInfo",tagClass:r.Class.UNIVERSAL,type:r.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedPrivateKeyInfo.encryptionAlgorithm",tagClass:r.Class.UNIVERSAL,type:r.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:r.Class.UNIVERSAL,type:r.Type.OID,constructed:!1,capture:"encryptionOid"},{name:"AlgorithmIdentifier.parameters",tagClass:r.Class.UNIVERSAL,type:r.Type.SEQUENCE,constructed:!0,captureAsn1:"encryptionParams"}]},{name:"EncryptedPrivateKeyInfo.encryptedData",tagClass:r.Class.UNIVERSAL,type:r.Type.OCTETSTRING,constructed:!1,capture:"encryptedData"}]},c={name:"PBES2Algorithms",tagClass:r.Class.UNIVERSAL,type:r.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.keyDerivationFunc",tagClass:r.Class.UNIVERSAL,type:r.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.keyDerivationFunc.oid",tagClass:r.Class.UNIVERSAL,type:r.Type.OID,constructed:!1,capture:"kdfOid"},{name:"PBES2Algorithms.params",tagClass:r.Class.UNIVERSAL,type:r.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.params.salt",tagClass:r.Class.UNIVERSAL,type:r.Type.OCTETSTRING,constructed:!1,capture:"kdfSalt"},{name:"PBES2Algorithms.params.iterationCount",tagClass:r.Class.UNIVERSAL,type:r.Type.INTEGER,constructed:!1,capture:"kdfIterationCount"},{name:"PBES2Algorithms.params.keyLength",tagClass:r.Class.UNIVERSAL,type:r.Type.INTEGER,constructed:!1,optional:!0,capture:"keyLength"},{name:"PBES2Algorithms.params.prf",tagClass:r.Class.UNIVERSAL,type:r.Type.SEQUENCE,constructed:!0,optional:!0,value:[{name:"PBES2Algorithms.params.prf.algorithm",tagClass:r.Class.UNIVERSAL,type:r.Type.OID,constructed:!1,capture:"prfOid"}]}]}]},{name:"PBES2Algorithms.encryptionScheme",tagClass:r.Class.UNIVERSAL,type:r.Type.SEQUENCE,constructed:!0,value:[{name:"PBES2Algorithms.encryptionScheme.oid",tagClass:r.Class.UNIVERSAL,type:r.Type.OID,constructed:!1,capture:"encOid"},{name:"PBES2Algorithms.encryptionScheme.iv",tagClass:r.Class.UNIVERSAL,type:r.Type.OCTETSTRING,constructed:!1,capture:"encIv"}]}]},a={name:"pkcs-12PbeParams",tagClass:r.Class.UNIVERSAL,type:r.Type.SEQUENCE,constructed:!0,value:[{name:"pkcs-12PbeParams.salt",tagClass:r.Class.UNIVERSAL,type:r.Type.OCTETSTRING,constructed:!1,capture:"salt"},{name:"pkcs-12PbeParams.iterations",tagClass:r.Class.UNIVERSAL,type:r.Type.INTEGER,constructed:!1,capture:"iterations"}]};i.encryptPrivateKeyInfo=function(b,f,m){m=m||{},m.saltSize=m.saltSize||8,m.count=m.count||2048,m.algorithm=m.algorithm||"aes128",m.prfAlgorithm=m.prfAlgorithm||"sha1";var E=t.random.getBytesSync(m.saltSize),C=m.count,o=r.integerToDer(C),h,g,I;if(m.algorithm.indexOf("aes")===0||m.algorithm==="des"){var _,d,s;switch(m.algorithm){case"aes128":h=16,_=16,d=p["aes128-CBC"],s=t.aes.createEncryptionCipher;break;case"aes192":h=24,_=16,d=p["aes192-CBC"],s=t.aes.createEncryptionCipher;break;case"aes256":h=32,_=16,d=p["aes256-CBC"],s=t.aes.createEncryptionCipher;break;case"des":h=8,_=8,d=p.desCBC,s=t.des.createEncryptionCipher;break;default:var n=new Error("Cannot encrypt private key. Unknown encryption algorithm.");throw n.algorithm=m.algorithm,n}var B="hmacWith"+m.prfAlgorithm.toUpperCase(),U=S(B),O=t.pkcs5.pbkdf2(f,E,C,h,U),P=t.random.getBytesSync(_),F=s(O);F.start(P),F.update(r.toDer(b)),F.finish(),I=F.output.getBytes();var q=L(E,o,h,B);g=r.create(r.Class.UNIVERSAL,r.Type.SEQUENCE,!0,[r.create(r.Class.UNIVERSAL,r.Type.OID,!1,r.oidToDer(p.pkcs5PBES2).getBytes()),r.create(r.Class.UNIVERSAL,r.Type.SEQUENCE,!0,[r.create(r.Class.UNIVERSAL,r.Type.SEQUENCE,!0,[r.create(r.Class.UNIVERSAL,r.Type.OID,!1,r.oidToDer(p.pkcs5PBKDF2).getBytes()),q]),r.create(r.Class.UNIVERSAL,r.Type.SEQUENCE,!0,[r.create(r.Class.UNIVERSAL,r.Type.OID,!1,r.oidToDer(d).getBytes()),r.create(r.Class.UNIVERSAL,r.Type.OCTETSTRING,!1,P)])])])}else if(m.algorithm==="3des"){h=24;var M=new t.util.ByteBuffer(E),O=i.pbe.generatePkcs12Key(f,M,1,C,h),P=i.pbe.generatePkcs12Key(f,M,2,C,h),F=t.des.createEncryptionCipher(O);F.start(P),F.update(r.toDer(b)),F.finish(),I=F.output.getBytes(),g=r.create(r.Class.UNIVERSAL,r.Type.SEQUENCE,!0,[r.create(r.Class.UNIVERSAL,r.Type.OID,!1,r.oidToDer(p["pbeWithSHAAnd3-KeyTripleDES-CBC"]).getBytes()),r.create(r.Class.UNIVERSAL,r.Type.SEQUENCE,!0,[r.create(r.Class.UNIVERSAL,r.Type.OCTETSTRING,!1,E),r.create(r.Class.UNIVERSAL,r.Type.INTEGER,!1,o.getBytes())])])}else{var n=new Error("Cannot encrypt private key. Unknown encryption algorithm.");throw n.algorithm=m.algorithm,n}var H=r.create(r.Class.UNIVERSAL,r.Type.SEQUENCE,!0,[g,r.create(r.Class.UNIVERSAL,r.Type.OCTETSTRING,!1,I)]);return H},i.decryptPrivateKeyInfo=function(b,f){var m=null,E={},C=[];if(!r.validate(b,y,E,C)){var o=new Error("Cannot read encrypted private key. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw o.errors=C,o}var h=r.derToOid(E.encryptionOid),g=i.pbe.getCipher(h,E.encryptionParams,f),I=t.util.createBuffer(E.encryptedData);return g.update(I),g.finish()&&(m=r.fromDer(g.output)),m},i.encryptedPrivateKeyToPem=function(b,f){var m={type:"ENCRYPTED PRIVATE KEY",body:r.toDer(b).getBytes()};return t.pem.encode(m,{maxline:f})},i.encryptedPrivateKeyFromPem=function(b){var f=t.pem.decode(b)[0];if(f.type!=="ENCRYPTED PRIVATE KEY"){var m=new Error('Could not convert encrypted private key from PEM; PEM header type is "ENCRYPTED PRIVATE KEY".');throw m.headerType=f.type,m}if(f.procType&&f.procType.type==="ENCRYPTED")throw new Error("Could not convert encrypted private key from PEM; PEM is encrypted.");return r.fromDer(f.body)},i.encryptRsaPrivateKey=function(b,f,m){if(m=m||{},!m.legacy){var E=i.wrapRsaPrivateKey(i.privateKeyToAsn1(b));return E=i.encryptPrivateKeyInfo(E,f,m),i.encryptedPrivateKeyToPem(E)}var C,o,h,g;switch(m.algorithm){case"aes128":C="AES-128-CBC",h=16,o=t.random.getBytesSync(16),g=t.aes.createEncryptionCipher;break;case"aes192":C="AES-192-CBC",h=24,o=t.random.getBytesSync(16),g=t.aes.createEncryptionCipher;break;case"aes256":C="AES-256-CBC",h=32,o=t.random.getBytesSync(16),g=t.aes.createEncryptionCipher;break;case"3des":C="DES-EDE3-CBC",h=24,o=t.random.getBytesSync(8),g=t.des.createEncryptionCipher;break;case"des":C="DES-CBC",h=8,o=t.random.getBytesSync(8),g=t.des.createEncryptionCipher;break;default:var I=new Error('Could not encrypt RSA private key; unsupported encryption algorithm "'+m.algorithm+'".');throw I.algorithm=m.algorithm,I}var _=t.pbe.opensslDeriveBytes(f,o.substr(0,8),h),d=g(_);d.start(o),d.update(r.toDer(i.privateKeyToAsn1(b))),d.finish();var s={type:"RSA PRIVATE KEY",procType:{version:"4",type:"ENCRYPTED"},dekInfo:{algorithm:C,parameters:t.util.bytesToHex(o).toUpperCase()},body:d.output.getBytes()};return t.pem.encode(s)},i.decryptRsaPrivateKey=function(b,f){var m=null,E=t.pem.decode(b)[0];if(E.type!=="ENCRYPTED PRIVATE KEY"&&E.type!=="PRIVATE KEY"&&E.type!=="RSA PRIVATE KEY"){var C=new Error('Could not convert private key from PEM; PEM header type is not "ENCRYPTED PRIVATE KEY", "PRIVATE KEY", or "RSA PRIVATE KEY".');throw C.headerType=C,C}if(E.procType&&E.procType.type==="ENCRYPTED"){var o,h;switch(E.dekInfo.algorithm){case"DES-CBC":o=8,h=t.des.createDecryptionCipher;break;case"DES-EDE3-CBC":o=24,h=t.des.createDecryptionCipher;break;case"AES-128-CBC":o=16,h=t.aes.createDecryptionCipher;break;case"AES-192-CBC":o=24,h=t.aes.createDecryptionCipher;break;case"AES-256-CBC":o=32,h=t.aes.createDecryptionCipher;break;case"RC2-40-CBC":o=5,h=function(s){return t.rc2.createDecryptionCipher(s,40)};break;case"RC2-64-CBC":o=8,h=function(s){return t.rc2.createDecryptionCipher(s,64)};break;case"RC2-128-CBC":o=16,h=function(s){return t.rc2.createDecryptionCipher(s,128)};break;default:var C=new Error('Could not decrypt private key; unsupported encryption algorithm "'+E.dekInfo.algorithm+'".');throw C.algorithm=E.dekInfo.algorithm,C}var g=t.util.hexToBytes(E.dekInfo.parameters),I=t.pbe.opensslDeriveBytes(f,g.substr(0,8),o),_=h(I);if(_.start(g),_.update(t.util.createBuffer(E.body)),_.finish())m=_.output.getBytes();else return m}else m=E.body;return E.type==="ENCRYPTED PRIVATE KEY"?m=i.decryptPrivateKeyInfo(r.fromDer(m),f):m=r.fromDer(m),m!==null&&(m=i.privateKeyFromAsn1(m)),m},i.pbe.generatePkcs12Key=function(b,f,m,E,C,o){var h,g;if(typeof o>"u"||o===null){if(!("sha1"in t.md))throw new Error('"sha1" hash algorithm unavailable.');o=t.md.sha1.create()}var I=o.digestLength,_=o.blockLength,d=new t.util.ByteBuffer,s=new t.util.ByteBuffer;if(b!=null){for(g=0;g<b.length;g++)s.putInt16(b.charCodeAt(g));s.putInt16(0)}var n=s.length(),B=f.length(),U=new t.util.ByteBuffer;U.fillWithByte(m,_);var O=_*Math.ceil(B/_),P=new t.util.ByteBuffer;for(g=0;g<O;g++)P.putByte(f.at(g%B));var F=_*Math.ceil(n/_),q=new t.util.ByteBuffer;for(g=0;g<F;g++)q.putByte(s.at(g%n));var M=P;M.putBuffer(q);for(var H=Math.ceil(C/I),Q=1;Q<=H;Q++){var j=new t.util.ByteBuffer;j.putBytes(U.bytes()),j.putBytes(M.bytes());for(var J=0;J<E;J++)o.start(),o.update(j.getBytes()),j=o.digest();var ce=new t.util.ByteBuffer;for(g=0;g<_;g++)ce.putByte(j.at(g%I));var se=Math.ceil(B/_)+Math.ceil(n/_),ge=new t.util.ByteBuffer;for(h=0;h<se;h++){var de=new t.util.ByteBuffer(M.getBytes(_)),he=511;for(g=ce.length()-1;g>=0;g--)he=he>>8,he+=ce.at(g)+de.at(g),de.setAt(g,he&255);ge.putBuffer(de)}M=ge,d.putBuffer(j)}return d.truncate(d.length()-C),d},i.pbe.getCipher=function(b,f,m){switch(b){case i.oids.pkcs5PBES2:return i.pbe.getCipherForPBES2(b,f,m);case i.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:case i.oids["pbewithSHAAnd40BitRC2-CBC"]:return i.pbe.getCipherForPKCS12PBE(b,f,m);default:var E=new Error("Cannot read encrypted PBE data block. Unsupported OID.");throw E.oid=b,E.supportedOids=["pkcs5PBES2","pbeWithSHAAnd3-KeyTripleDES-CBC","pbewithSHAAnd40BitRC2-CBC"],E}},i.pbe.getCipherForPBES2=function(b,f,m){var E={},C=[];if(!r.validate(f,c,E,C)){var o=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw o.errors=C,o}if(b=r.derToOid(E.kdfOid),b!==i.oids.pkcs5PBKDF2){var o=new Error("Cannot read encrypted private key. Unsupported key derivation function OID.");throw o.oid=b,o.supportedOids=["pkcs5PBKDF2"],o}if(b=r.derToOid(E.encOid),b!==i.oids["aes128-CBC"]&&b!==i.oids["aes192-CBC"]&&b!==i.oids["aes256-CBC"]&&b!==i.oids["des-EDE3-CBC"]&&b!==i.oids.desCBC){var o=new Error("Cannot read encrypted private key. Unsupported encryption scheme OID.");throw o.oid=b,o.supportedOids=["aes128-CBC","aes192-CBC","aes256-CBC","des-EDE3-CBC","desCBC"],o}var h=E.kdfSalt,g=t.util.createBuffer(E.kdfIterationCount);g=g.getInt(g.length()<<3);var I,_;switch(i.oids[b]){case"aes128-CBC":I=16,_=t.aes.createDecryptionCipher;break;case"aes192-CBC":I=24,_=t.aes.createDecryptionCipher;break;case"aes256-CBC":I=32,_=t.aes.createDecryptionCipher;break;case"des-EDE3-CBC":I=24,_=t.des.createDecryptionCipher;break;case"desCBC":I=8,_=t.des.createDecryptionCipher;break}var d=l(E.prfOid),s=t.pkcs5.pbkdf2(m,h,g,I,d),n=E.encIv,B=_(s);return B.start(n),B},i.pbe.getCipherForPKCS12PBE=function(b,f,m){var E={},C=[];if(!r.validate(f,a,E,C)){var o=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw o.errors=C,o}var h=t.util.createBuffer(E.salt),g=t.util.createBuffer(E.iterations);g=g.getInt(g.length()<<3);var I,_,d;switch(b){case i.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:I=24,_=8,d=t.des.startDecrypting;break;case i.oids["pbewithSHAAnd40BitRC2-CBC"]:I=5,_=8,d=function(O,P){var F=t.rc2.createDecryptionCipher(O,40);return F.start(P,null),F};break;default:var o=new Error("Cannot read PKCS #12 PBE data block. Unsupported OID.");throw o.oid=b,o}var s=l(E.prfOid),n=i.pbe.generatePkcs12Key(m,h,1,g,I,s);s.start();var B=i.pbe.generatePkcs12Key(m,h,2,g,_,s);return d(n,B)},i.pbe.opensslDeriveBytes=function(b,f,m,E){if(typeof E>"u"||E===null){if(!("md5"in t.md))throw new Error('"md5" hash algorithm unavailable.');E=t.md.md5.create()}f===null&&(f="");for(var C=[v(E,b+f)],o=16,h=1;o<m;++h,o+=16)C.push(v(E,C[h-1]+b+f));return C.join("").substr(0,m)};function v(b,f){return b.start().update(f).digest().getBytes()}function l(b){var f;if(!b)f="hmacWithSHA1";else if(f=i.oids[r.derToOid(b)],!f){var m=new Error("Unsupported PRF OID.");throw m.oid=b,m.supported=["hmacWithSHA1","hmacWithSHA224","hmacWithSHA256","hmacWithSHA384","hmacWithSHA512"],m}return S(f)}function S(b){var f=t.md;switch(b){case"hmacWithSHA224":f=t.md.sha512;case"hmacWithSHA1":case"hmacWithSHA256":case"hmacWithSHA384":case"hmacWithSHA512":b=b.substr(8).toLowerCase();break;default:var m=new Error("Unsupported PRF algorithm.");throw m.algorithm=b,m.supported=["hmacWithSHA1","hmacWithSHA224","hmacWithSHA256","hmacWithSHA384","hmacWithSHA512"],m}if(!f||!(b in f))throw new Error("Unknown hash algorithm: "+b);return f[b].create()}function L(b,f,m,E){var C=r.create(r.Class.UNIVERSAL,r.Type.SEQUENCE,!0,[r.create(r.Class.UNIVERSAL,r.Type.OCTETSTRING,!1,b),r.create(r.Class.UNIVERSAL,r.Type.INTEGER,!1,f.getBytes())]);return E!=="hmacWithSHA1"&&C.value.push(r.create(r.Class.UNIVERSAL,r.Type.INTEGER,!1,t.util.hexToBytes(m.toString(16))),r.create(r.Class.UNIVERSAL,r.Type.SEQUENCE,!0,[r.create(r.Class.UNIVERSAL,r.Type.OID,!1,r.oidToDer(i.oids[E]).getBytes()),r.create(r.Class.UNIVERSAL,r.Type.NULL,!1,"")])),C}return Fr}var Kr={exports:{}},Mr={exports:{}},nn;function ni(){if(nn)return Mr.exports;nn=1;var t=ye();dt(),me();var e=t.asn1,r=Mr.exports=t.pkcs7asn1=t.pkcs7asn1||{};t.pkcs7=t.pkcs7||{},t.pkcs7.asn1=r;var i={name:"ContentInfo",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"ContentInfo.ContentType",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"contentType"},{name:"ContentInfo.content",tagClass:e.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,captureAsn1:"content"}]};r.contentInfoValidator=i;var p={name:"EncryptedContentInfo",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedContentInfo.contentType",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"contentType"},{name:"EncryptedContentInfo.contentEncryptionAlgorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedContentInfo.contentEncryptionAlgorithm.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"encAlgorithm"},{name:"EncryptedContentInfo.contentEncryptionAlgorithm.parameter",tagClass:e.Class.UNIVERSAL,captureAsn1:"encParameter"}]},{name:"EncryptedContentInfo.encryptedContent",tagClass:e.Class.CONTEXT_SPECIFIC,type:0,capture:"encryptedContent",captureAsn1:"encryptedContentAsn1"}]};r.envelopedDataValidator={name:"EnvelopedData",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"EnvelopedData.Version",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"version"},{name:"EnvelopedData.RecipientInfos",tagClass:e.Class.UNIVERSAL,type:e.Type.SET,constructed:!0,captureAsn1:"recipientInfos"}].concat(p)},r.encryptedDataValidator={name:"EncryptedData",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"EncryptedData.Version",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"version"}].concat(p)};var y={name:"SignerInfo",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.version",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1},{name:"SignerInfo.issuerAndSerialNumber",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.issuerAndSerialNumber.issuer",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,captureAsn1:"issuer"},{name:"SignerInfo.issuerAndSerialNumber.serialNumber",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"serial"}]},{name:"SignerInfo.digestAlgorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"SignerInfo.digestAlgorithm.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"digestAlgorithm"},{name:"SignerInfo.digestAlgorithm.parameter",tagClass:e.Class.UNIVERSAL,constructed:!1,captureAsn1:"digestParameter",optional:!0}]},{name:"SignerInfo.authenticatedAttributes",tagClass:e.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,capture:"authenticatedAttributes"},{name:"SignerInfo.digestEncryptionAlgorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,capture:"signatureAlgorithm"},{name:"SignerInfo.encryptedDigest",tagClass:e.Class.UNIVERSAL,type:e.Type.OCTETSTRING,constructed:!1,capture:"signature"},{name:"SignerInfo.unauthenticatedAttributes",tagClass:e.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,optional:!0,capture:"unauthenticatedAttributes"}]};return r.signedDataValidator={name:"SignedData",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"SignedData.Version",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"version"},{name:"SignedData.DigestAlgorithms",tagClass:e.Class.UNIVERSAL,type:e.Type.SET,constructed:!0,captureAsn1:"digestAlgorithms"},i,{name:"SignedData.Certificates",tagClass:e.Class.CONTEXT_SPECIFIC,type:0,optional:!0,captureAsn1:"certificates"},{name:"SignedData.CertificateRevocationLists",tagClass:e.Class.CONTEXT_SPECIFIC,type:1,optional:!0,captureAsn1:"crls"},{name:"SignedData.SignerInfos",tagClass:e.Class.UNIVERSAL,type:e.Type.SET,capture:"signerInfos",optional:!0,value:[y]}]},r.recipientInfoValidator={name:"RecipientInfo",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.version",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"version"},{name:"RecipientInfo.issuerAndSerial",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.issuerAndSerial.issuer",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,captureAsn1:"issuer"},{name:"RecipientInfo.issuerAndSerial.serialNumber",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"serial"}]},{name:"RecipientInfo.keyEncryptionAlgorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"RecipientInfo.keyEncryptionAlgorithm.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"encAlgorithm"},{name:"RecipientInfo.keyEncryptionAlgorithm.parameter",tagClass:e.Class.UNIVERSAL,constructed:!1,captureAsn1:"encParameter",optional:!0}]},{name:"RecipientInfo.encryptedKey",tagClass:e.Class.UNIVERSAL,type:e.Type.OCTETSTRING,constructed:!1,capture:"encKey"}]},Mr.exports}var qr={exports:{}},Hr={exports:{}},sn;function ii(){if(sn)return Hr.exports;sn=1;var t=ye();me(),t.mgf=t.mgf||{};var e=Hr.exports=t.mgf.mgf1=t.mgf1=t.mgf1||{};return e.create=function(r){var i={generate:function(p,y){for(var c=new t.util.ByteBuffer,a=Math.ceil(y/r.digestLength),v=0;v<a;v++){var l=new t.util.ByteBuffer;l.putInt32(v),r.start(),r.update(p+l.getBytes()),c.putBuffer(r.digest())}return c.truncate(c.length()-y),c.getBytes()}};return i},Hr.exports}var Gr,on;function Fs(){if(on)return Gr;on=1;var t=ye();return ii(),Gr=t.mgf=t.mgf||{},t.mgf.mgf1=t.mgf1,Gr}var zr={exports:{}},cn;function xa(){if(cn)return zr.exports;cn=1;var t=ye();ut(),me();var e=zr.exports=t.pss=t.pss||{};return e.create=function(r){arguments.length===3&&(r={md:arguments[0],mgf:arguments[1],saltLength:arguments[2]});var i=r.md,p=r.mgf,y=i.digestLength,c=r.salt||null;typeof c=="string"&&(c=t.util.createBuffer(c));var a;if("saltLength"in r)a=r.saltLength;else if(c!==null)a=c.length();else throw new Error("Salt length not specified or specific salt not given.");if(c!==null&&c.length()!==a)throw new Error("Given salt length does not match length of given salt.");var v=r.prng||t.random,l={};return l.encode=function(S,L){var b,f=L-1,m=Math.ceil(f/8),E=S.digest().getBytes();if(m<y+a+2)throw new Error("Message is too long to encrypt.");var C;c===null?C=v.getBytesSync(a):C=c.bytes();var o=new t.util.ByteBuffer;o.fillWithByte(0,8),o.putBytes(E),o.putBytes(C),i.start(),i.update(o.getBytes());var h=i.digest().getBytes(),g=new t.util.ByteBuffer;g.fillWithByte(0,m-a-y-2),g.putByte(1),g.putBytes(C);var I=g.getBytes(),_=m-y-1,d=p.generate(h,_),s="";for(b=0;b<_;b++)s+=String.fromCharCode(I.charCodeAt(b)^d.charCodeAt(b));var n=65280>>8*m-f&255;return s=String.fromCharCode(s.charCodeAt(0)&~n)+s.substr(1),s+h+"¼"},l.verify=function(S,L,b){var f,m=b-1,E=Math.ceil(m/8);if(L=L.substr(-E),E<y+a+2)throw new Error("Inconsistent parameters to PSS signature verification.");if(L.charCodeAt(E-1)!==188)throw new Error("Encoded message does not end in 0xBC.");var C=E-y-1,o=L.substr(0,C),h=L.substr(C,y),g=65280>>8*E-m&255;if((o.charCodeAt(0)&g)!==0)throw new Error("Bits beyond keysize not zero as expected.");var I=p.generate(h,C),_="";for(f=0;f<C;f++)_+=String.fromCharCode(o.charCodeAt(f)^I.charCodeAt(f));_=String.fromCharCode(_.charCodeAt(0)&~g)+_.substr(1);var d=E-y-a-2;for(f=0;f<d;f++)if(_.charCodeAt(f)!==0)throw new Error("Leftmost octets not zero as expected");if(_.charCodeAt(d)!==1)throw new Error("Inconsistent PSS signature, 0x01 marker not found");var s=_.substr(-a),n=new t.util.ByteBuffer;n.fillWithByte(0,8),n.putBytes(S),n.putBytes(s),i.start(),i.update(n.getBytes());var B=i.digest().getBytes();return h===B},l},zr.exports}var un;function Sa(){if(un)return qr.exports;un=1;var t=ye();wt(),dt(),or(),vt(),Fs(),Nt(),Pt(),xa(),ur(),me();var e=t.asn1,r=qr.exports=t.pki=t.pki||{},i=r.oids,p={};p.CN=i.commonName,p.commonName="CN",p.C=i.countryName,p.countryName="C",p.L=i.localityName,p.localityName="L",p.ST=i.stateOrProvinceName,p.stateOrProvinceName="ST",p.O=i.organizationName,p.organizationName="O",p.OU=i.organizationalUnitName,p.organizationalUnitName="OU",p.E=i.emailAddress,p.emailAddress="E";var y=t.pki.rsa.publicKeyValidator,c={name:"Certificate",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,captureAsn1:"tbsCertificate",value:[{name:"Certificate.TBSCertificate.version",tagClass:e.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.version.integer",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"certVersion"}]},{name:"Certificate.TBSCertificate.serialNumber",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"certSerialNumber"},{name:"Certificate.TBSCertificate.signature",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate.signature.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"certinfoSignatureOid"},{name:"Certificate.TBSCertificate.signature.parameters",tagClass:e.Class.UNIVERSAL,optional:!0,captureAsn1:"certinfoSignatureParams"}]},{name:"Certificate.TBSCertificate.issuer",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,captureAsn1:"certIssuer"},{name:"Certificate.TBSCertificate.validity",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.TBSCertificate.validity.notBefore (utc)",tagClass:e.Class.UNIVERSAL,type:e.Type.UTCTIME,constructed:!1,optional:!0,capture:"certValidity1UTCTime"},{name:"Certificate.TBSCertificate.validity.notBefore (generalized)",tagClass:e.Class.UNIVERSAL,type:e.Type.GENERALIZEDTIME,constructed:!1,optional:!0,capture:"certValidity2GeneralizedTime"},{name:"Certificate.TBSCertificate.validity.notAfter (utc)",tagClass:e.Class.UNIVERSAL,type:e.Type.UTCTIME,constructed:!1,optional:!0,capture:"certValidity3UTCTime"},{name:"Certificate.TBSCertificate.validity.notAfter (generalized)",tagClass:e.Class.UNIVERSAL,type:e.Type.GENERALIZEDTIME,constructed:!1,optional:!0,capture:"certValidity4GeneralizedTime"}]},{name:"Certificate.TBSCertificate.subject",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,captureAsn1:"certSubject"},y,{name:"Certificate.TBSCertificate.issuerUniqueID",tagClass:e.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.issuerUniqueID.id",tagClass:e.Class.UNIVERSAL,type:e.Type.BITSTRING,constructed:!1,captureBitStringValue:"certIssuerUniqueId"}]},{name:"Certificate.TBSCertificate.subjectUniqueID",tagClass:e.Class.CONTEXT_SPECIFIC,type:2,constructed:!0,optional:!0,value:[{name:"Certificate.TBSCertificate.subjectUniqueID.id",tagClass:e.Class.UNIVERSAL,type:e.Type.BITSTRING,constructed:!1,captureBitStringValue:"certSubjectUniqueId"}]},{name:"Certificate.TBSCertificate.extensions",tagClass:e.Class.CONTEXT_SPECIFIC,type:3,constructed:!0,captureAsn1:"certExtensions",optional:!0}]},{name:"Certificate.signatureAlgorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"Certificate.signatureAlgorithm.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"certSignatureOid"},{name:"Certificate.TBSCertificate.signature.parameters",tagClass:e.Class.UNIVERSAL,optional:!0,captureAsn1:"certSignatureParams"}]},{name:"Certificate.signatureValue",tagClass:e.Class.UNIVERSAL,type:e.Type.BITSTRING,constructed:!1,captureBitStringValue:"certSignature"}]},a={name:"rsapss",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"rsapss.hashAlgorithm",tagClass:e.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,value:[{name:"rsapss.hashAlgorithm.AlgorithmIdentifier",tagClass:e.Class.UNIVERSAL,type:e.Class.SEQUENCE,constructed:!0,optional:!0,value:[{name:"rsapss.hashAlgorithm.AlgorithmIdentifier.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"hashOid"}]}]},{name:"rsapss.maskGenAlgorithm",tagClass:e.Class.CONTEXT_SPECIFIC,type:1,constructed:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier",tagClass:e.Class.UNIVERSAL,type:e.Class.SEQUENCE,constructed:!0,optional:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"maskGenOid"},{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.params",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"rsapss.maskGenAlgorithm.AlgorithmIdentifier.params.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"maskGenHashOid"}]}]}]},{name:"rsapss.saltLength",tagClass:e.Class.CONTEXT_SPECIFIC,type:2,optional:!0,value:[{name:"rsapss.saltLength.saltLength",tagClass:e.Class.UNIVERSAL,type:e.Class.INTEGER,constructed:!1,capture:"saltLength"}]},{name:"rsapss.trailerField",tagClass:e.Class.CONTEXT_SPECIFIC,type:3,optional:!0,value:[{name:"rsapss.trailer.trailer",tagClass:e.Class.UNIVERSAL,type:e.Class.INTEGER,constructed:!1,capture:"trailer"}]}]},v={name:"CertificationRequestInfo",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,captureAsn1:"certificationRequestInfo",value:[{name:"CertificationRequestInfo.integer",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"certificationRequestInfoVersion"},{name:"CertificationRequestInfo.subject",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,captureAsn1:"certificationRequestInfoSubject"},y,{name:"CertificationRequestInfo.attributes",tagClass:e.Class.CONTEXT_SPECIFIC,type:0,constructed:!0,optional:!0,capture:"certificationRequestInfoAttributes",value:[{name:"CertificationRequestInfo.attributes",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"CertificationRequestInfo.attributes.type",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1},{name:"CertificationRequestInfo.attributes.value",tagClass:e.Class.UNIVERSAL,type:e.Type.SET,constructed:!0}]}]}]},l={name:"CertificationRequest",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,captureAsn1:"csr",value:[v,{name:"CertificationRequest.signatureAlgorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"CertificationRequest.signatureAlgorithm.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"csrSignatureOid"},{name:"CertificationRequest.signatureAlgorithm.parameters",tagClass:e.Class.UNIVERSAL,optional:!0,captureAsn1:"csrSignatureParams"}]},{name:"CertificationRequest.signature",tagClass:e.Class.UNIVERSAL,type:e.Type.BITSTRING,constructed:!1,captureBitStringValue:"csrSignature"}]};r.RDNAttributesAsArray=function(d,s){for(var n=[],B,U,O,P=0;P<d.value.length;++P){B=d.value[P];for(var F=0;F<B.value.length;++F)O={},U=B.value[F],O.type=e.derToOid(U.value[0].value),O.value=U.value[1].value,O.valueTagClass=U.value[1].type,O.type in i&&(O.name=i[O.type],O.name in p&&(O.shortName=p[O.name])),s&&(s.update(O.type),s.update(O.value)),n.push(O)}return n},r.CRIAttributesAsArray=function(d){for(var s=[],n=0;n<d.length;++n)for(var B=d[n],U=e.derToOid(B.value[0].value),O=B.value[1].value,P=0;P<O.length;++P){var F={};if(F.type=U,F.value=O[P].value,F.valueTagClass=O[P].type,F.type in i&&(F.name=i[F.type],F.name in p&&(F.shortName=p[F.name])),F.type===i.extensionRequest){F.extensions=[];for(var q=0;q<F.value.length;++q)F.extensions.push(r.certificateExtensionFromAsn1(F.value[q]))}s.push(F)}return s};function S(d,s){typeof s=="string"&&(s={shortName:s});for(var n=null,B,U=0;n===null&&U<d.attributes.length;++U)B=d.attributes[U],(s.type&&s.type===B.type||s.name&&s.name===B.name||s.shortName&&s.shortName===B.shortName)&&(n=B);return n}var L=function(d,s,n){var B={};if(d!==i["RSASSA-PSS"])return B;n&&(B={hash:{algorithmOid:i.sha1},mgf:{algorithmOid:i.mgf1,hash:{algorithmOid:i.sha1}},saltLength:20});var U={},O=[];if(!e.validate(s,a,U,O)){var P=new Error("Cannot read RSASSA-PSS parameter block.");throw P.errors=O,P}return U.hashOid!==void 0&&(B.hash=B.hash||{},B.hash.algorithmOid=e.derToOid(U.hashOid)),U.maskGenOid!==void 0&&(B.mgf=B.mgf||{},B.mgf.algorithmOid=e.derToOid(U.maskGenOid),B.mgf.hash=B.mgf.hash||{},B.mgf.hash.algorithmOid=e.derToOid(U.maskGenHashOid)),U.saltLength!==void 0&&(B.saltLength=U.saltLength.charCodeAt(0)),B},b=function(d){switch(i[d.signatureOid]){case"sha1WithRSAEncryption":case"sha1WithRSASignature":return t.md.sha1.create();case"md5WithRSAEncryption":return t.md.md5.create();case"sha256WithRSAEncryption":return t.md.sha256.create();case"sha384WithRSAEncryption":return t.md.sha384.create();case"sha512WithRSAEncryption":return t.md.sha512.create();case"RSASSA-PSS":return t.md.sha256.create();default:var s=new Error("Could not compute "+d.type+" digest. Unknown signature OID.");throw s.signatureOid=d.signatureOid,s}},f=function(d){var s=d.certificate,n;switch(s.signatureOid){case i.sha1WithRSAEncryption:case i.sha1WithRSASignature:break;case i["RSASSA-PSS"]:var B,U;if(B=i[s.signatureParameters.mgf.hash.algorithmOid],B===void 0||t.md[B]===void 0){var O=new Error("Unsupported MGF hash function.");throw O.oid=s.signatureParameters.mgf.hash.algorithmOid,O.name=B,O}if(U=i[s.signatureParameters.mgf.algorithmOid],U===void 0||t.mgf[U]===void 0){var O=new Error("Unsupported MGF function.");throw O.oid=s.signatureParameters.mgf.algorithmOid,O.name=U,O}if(U=t.mgf[U].create(t.md[B].create()),B=i[s.signatureParameters.hash.algorithmOid],B===void 0||t.md[B]===void 0){var O=new Error("Unsupported RSASSA-PSS hash function.");throw O.oid=s.signatureParameters.hash.algorithmOid,O.name=B,O}n=t.pss.create(t.md[B].create(),U,s.signatureParameters.saltLength);break}return s.publicKey.verify(d.md.digest().getBytes(),d.signature,n)};r.certificateFromPem=function(d,s,n){var B=t.pem.decode(d)[0];if(B.type!=="CERTIFICATE"&&B.type!=="X509 CERTIFICATE"&&B.type!=="TRUSTED CERTIFICATE"){var U=new Error('Could not convert certificate from PEM; PEM header type is not "CERTIFICATE", "X509 CERTIFICATE", or "TRUSTED CERTIFICATE".');throw U.headerType=B.type,U}if(B.procType&&B.procType.type==="ENCRYPTED")throw new Error("Could not convert certificate from PEM; PEM is encrypted.");var O=e.fromDer(B.body,n);return r.certificateFromAsn1(O,s)},r.certificateToPem=function(d,s){var n={type:"CERTIFICATE",body:e.toDer(r.certificateToAsn1(d)).getBytes()};return t.pem.encode(n,{maxline:s})},r.publicKeyFromPem=function(d){var s=t.pem.decode(d)[0];if(s.type!=="PUBLIC KEY"&&s.type!=="RSA PUBLIC KEY"){var n=new Error('Could not convert public key from PEM; PEM header type is not "PUBLIC KEY" or "RSA PUBLIC KEY".');throw n.headerType=s.type,n}if(s.procType&&s.procType.type==="ENCRYPTED")throw new Error("Could not convert public key from PEM; PEM is encrypted.");var B=e.fromDer(s.body);return r.publicKeyFromAsn1(B)},r.publicKeyToPem=function(d,s){var n={type:"PUBLIC KEY",body:e.toDer(r.publicKeyToAsn1(d)).getBytes()};return t.pem.encode(n,{maxline:s})},r.publicKeyToRSAPublicKeyPem=function(d,s){var n={type:"RSA PUBLIC KEY",body:e.toDer(r.publicKeyToRSAPublicKey(d)).getBytes()};return t.pem.encode(n,{maxline:s})},r.getPublicKeyFingerprint=function(d,s){s=s||{};var n=s.md||t.md.sha1.create(),B=s.type||"RSAPublicKey",U;switch(B){case"RSAPublicKey":U=e.toDer(r.publicKeyToRSAPublicKey(d)).getBytes();break;case"SubjectPublicKeyInfo":U=e.toDer(r.publicKeyToAsn1(d)).getBytes();break;default:throw new Error('Unknown fingerprint type "'+s.type+'".')}n.start(),n.update(U);var O=n.digest();if(s.encoding==="hex"){var P=O.toHex();return s.delimiter?P.match(/.{2}/g).join(s.delimiter):P}else{if(s.encoding==="binary")return O.getBytes();if(s.encoding)throw new Error('Unknown encoding "'+s.encoding+'".')}return O},r.certificationRequestFromPem=function(d,s,n){var B=t.pem.decode(d)[0];if(B.type!=="CERTIFICATE REQUEST"){var U=new Error('Could not convert certification request from PEM; PEM header type is not "CERTIFICATE REQUEST".');throw U.headerType=B.type,U}if(B.procType&&B.procType.type==="ENCRYPTED")throw new Error("Could not convert certification request from PEM; PEM is encrypted.");var O=e.fromDer(B.body,n);return r.certificationRequestFromAsn1(O,s)},r.certificationRequestToPem=function(d,s){var n={type:"CERTIFICATE REQUEST",body:e.toDer(r.certificationRequestToAsn1(d)).getBytes()};return t.pem.encode(n,{maxline:s})},r.createCertificate=function(){var d={};return d.version=2,d.serialNumber="00",d.signatureOid=null,d.signature=null,d.siginfo={},d.siginfo.algorithmOid=null,d.validity={},d.validity.notBefore=new Date,d.validity.notAfter=new Date,d.issuer={},d.issuer.getField=function(s){return S(d.issuer,s)},d.issuer.addField=function(s){E([s]),d.issuer.attributes.push(s)},d.issuer.attributes=[],d.issuer.hash=null,d.subject={},d.subject.getField=function(s){return S(d.subject,s)},d.subject.addField=function(s){E([s]),d.subject.attributes.push(s)},d.subject.attributes=[],d.subject.hash=null,d.extensions=[],d.publicKey=null,d.md=null,d.setSubject=function(s,n){E(s),d.subject.attributes=s,delete d.subject.uniqueId,n&&(d.subject.uniqueId=n),d.subject.hash=null},d.setIssuer=function(s,n){E(s),d.issuer.attributes=s,delete d.issuer.uniqueId,n&&(d.issuer.uniqueId=n),d.issuer.hash=null},d.setExtensions=function(s){for(var n=0;n<s.length;++n)C(s[n],{cert:d});d.extensions=s},d.getExtension=function(s){typeof s=="string"&&(s={name:s});for(var n=null,B,U=0;n===null&&U<d.extensions.length;++U)B=d.extensions[U],(s.id&&B.id===s.id||s.name&&B.name===s.name)&&(n=B);return n},d.sign=function(s,n){d.md=n||t.md.sha1.create();var B=i[d.md.algorithm+"WithRSAEncryption"];if(!B){var U=new Error("Could not compute certificate digest. Unknown message digest algorithm OID.");throw U.algorithm=d.md.algorithm,U}d.signatureOid=d.siginfo.algorithmOid=B,d.tbsCertificate=r.getTBSCertificate(d);var O=e.toDer(d.tbsCertificate);d.md.update(O.getBytes()),d.signature=s.sign(d.md)},d.verify=function(s){var n=!1;if(!d.issued(s)){var B=s.issuer,U=d.subject,O=new Error("The parent certificate did not issue the given child certificate; the child certificate's issuer does not match the parent's subject.");throw O.expectedIssuer=U.attributes,O.actualIssuer=B.attributes,O}var P=s.md;if(P===null){P=b({signatureOid:s.signatureOid,type:"certificate"});var F=s.tbsCertificate||r.getTBSCertificate(s),q=e.toDer(F);P.update(q.getBytes())}return P!==null&&(n=f({certificate:d,md:P,signature:s.signature})),n},d.isIssuer=function(s){var n=!1,B=d.issuer,U=s.subject;if(B.hash&&U.hash)n=B.hash===U.hash;else if(B.attributes.length===U.attributes.length){n=!0;for(var O,P,F=0;n&&F<B.attributes.length;++F)O=B.attributes[F],P=U.attributes[F],(O.type!==P.type||O.value!==P.value)&&(n=!1)}return n},d.issued=function(s){return s.isIssuer(d)},d.generateSubjectKeyIdentifier=function(){return r.getPublicKeyFingerprint(d.publicKey,{type:"RSAPublicKey"})},d.verifySubjectKeyIdentifier=function(){for(var s=i.subjectKeyIdentifier,n=0;n<d.extensions.length;++n){var B=d.extensions[n];if(B.id===s){var U=d.generateSubjectKeyIdentifier().getBytes();return t.util.hexToBytes(B.subjectKeyIdentifier)===U}}return!1},d},r.certificateFromAsn1=function(d,s){var n={},B=[];if(!e.validate(d,c,n,B)){var U=new Error("Cannot read X.509 certificate. ASN.1 object is not an X509v3 Certificate.");throw U.errors=B,U}var O=e.derToOid(n.publicKeyOid);if(O!==r.oids.rsaEncryption)throw new Error("Cannot read public key. OID is not RSA.");var P=r.createCertificate();P.version=n.certVersion?n.certVersion.charCodeAt(0):0;var F=t.util.createBuffer(n.certSerialNumber);P.serialNumber=F.toHex(),P.signatureOid=t.asn1.derToOid(n.certSignatureOid),P.signatureParameters=L(P.signatureOid,n.certSignatureParams,!0),P.siginfo.algorithmOid=t.asn1.derToOid(n.certinfoSignatureOid),P.siginfo.parameters=L(P.siginfo.algorithmOid,n.certinfoSignatureParams,!1),P.signature=n.certSignature;var q=[];if(n.certValidity1UTCTime!==void 0&&q.push(e.utcTimeToDate(n.certValidity1UTCTime)),n.certValidity2GeneralizedTime!==void 0&&q.push(e.generalizedTimeToDate(n.certValidity2GeneralizedTime)),n.certValidity3UTCTime!==void 0&&q.push(e.utcTimeToDate(n.certValidity3UTCTime)),n.certValidity4GeneralizedTime!==void 0&&q.push(e.generalizedTimeToDate(n.certValidity4GeneralizedTime)),q.length>2)throw new Error("Cannot read notBefore/notAfter validity times; more than two times were provided in the certificate.");if(q.length<2)throw new Error("Cannot read notBefore/notAfter validity times; they were not provided as either UTCTime or GeneralizedTime.");if(P.validity.notBefore=q[0],P.validity.notAfter=q[1],P.tbsCertificate=n.tbsCertificate,s){P.md=b({signatureOid:P.signatureOid,type:"certificate"});var M=e.toDer(P.tbsCertificate);P.md.update(M.getBytes())}var H=t.md.sha1.create(),Q=e.toDer(n.certIssuer);H.update(Q.getBytes()),P.issuer.getField=function(ce){return S(P.issuer,ce)},P.issuer.addField=function(ce){E([ce]),P.issuer.attributes.push(ce)},P.issuer.attributes=r.RDNAttributesAsArray(n.certIssuer),n.certIssuerUniqueId&&(P.issuer.uniqueId=n.certIssuerUniqueId),P.issuer.hash=H.digest().toHex();var j=t.md.sha1.create(),J=e.toDer(n.certSubject);return j.update(J.getBytes()),P.subject.getField=function(ce){return S(P.subject,ce)},P.subject.addField=function(ce){E([ce]),P.subject.attributes.push(ce)},P.subject.attributes=r.RDNAttributesAsArray(n.certSubject),n.certSubjectUniqueId&&(P.subject.uniqueId=n.certSubjectUniqueId),P.subject.hash=j.digest().toHex(),n.certExtensions?P.extensions=r.certificateExtensionsFromAsn1(n.certExtensions):P.extensions=[],P.publicKey=r.publicKeyFromAsn1(n.subjectPublicKeyInfo),P},r.certificateExtensionsFromAsn1=function(d){for(var s=[],n=0;n<d.value.length;++n)for(var B=d.value[n],U=0;U<B.value.length;++U)s.push(r.certificateExtensionFromAsn1(B.value[U]));return s},r.certificateExtensionFromAsn1=function(d){var s={};if(s.id=e.derToOid(d.value[0].value),s.critical=!1,d.value[1].type===e.Type.BOOLEAN?(s.critical=d.value[1].value.charCodeAt(0)!==0,s.value=d.value[2].value):s.value=d.value[1].value,s.id in i){if(s.name=i[s.id],s.name==="keyUsage"){var n=e.fromDer(s.value),B=0,U=0;n.value.length>1&&(B=n.value.charCodeAt(1),U=n.value.length>2?n.value.charCodeAt(2):0),s.digitalSignature=(B&128)===128,s.nonRepudiation=(B&64)===64,s.keyEncipherment=(B&32)===32,s.dataEncipherment=(B&16)===16,s.keyAgreement=(B&8)===8,s.keyCertSign=(B&4)===4,s.cRLSign=(B&2)===2,s.encipherOnly=(B&1)===1,s.decipherOnly=(U&128)===128}else if(s.name==="basicConstraints"){var n=e.fromDer(s.value);n.value.length>0&&n.value[0].type===e.Type.BOOLEAN?s.cA=n.value[0].value.charCodeAt(0)!==0:s.cA=!1;var O=null;n.value.length>0&&n.value[0].type===e.Type.INTEGER?O=n.value[0].value:n.value.length>1&&(O=n.value[1].value),O!==null&&(s.pathLenConstraint=e.derToInteger(O))}else if(s.name==="extKeyUsage")for(var n=e.fromDer(s.value),P=0;P<n.value.length;++P){var F=e.derToOid(n.value[P].value);F in i?s[i[F]]=!0:s[F]=!0}else if(s.name==="nsCertType"){var n=e.fromDer(s.value),B=0;n.value.length>1&&(B=n.value.charCodeAt(1)),s.client=(B&128)===128,s.server=(B&64)===64,s.email=(B&32)===32,s.objsign=(B&16)===16,s.reserved=(B&8)===8,s.sslCA=(B&4)===4,s.emailCA=(B&2)===2,s.objCA=(B&1)===1}else if(s.name==="subjectAltName"||s.name==="issuerAltName"){s.altNames=[];for(var q,n=e.fromDer(s.value),M=0;M<n.value.length;++M){q=n.value[M];var H={type:q.type,value:q.value};switch(s.altNames.push(H),q.type){case 1:case 2:case 6:break;case 7:H.ip=t.util.bytesToIP(q.value);break;case 8:H.oid=e.derToOid(q.value);break}}}else if(s.name==="subjectKeyIdentifier"){var n=e.fromDer(s.value);s.subjectKeyIdentifier=t.util.bytesToHex(n.value)}}return s},r.certificationRequestFromAsn1=function(d,s){var n={},B=[];if(!e.validate(d,l,n,B)){var U=new Error("Cannot read PKCS#10 certificate request. ASN.1 object is not a PKCS#10 CertificationRequest.");throw U.errors=B,U}var O=e.derToOid(n.publicKeyOid);if(O!==r.oids.rsaEncryption)throw new Error("Cannot read public key. OID is not RSA.");var P=r.createCertificationRequest();if(P.version=n.csrVersion?n.csrVersion.charCodeAt(0):0,P.signatureOid=t.asn1.derToOid(n.csrSignatureOid),P.signatureParameters=L(P.signatureOid,n.csrSignatureParams,!0),P.siginfo.algorithmOid=t.asn1.derToOid(n.csrSignatureOid),P.siginfo.parameters=L(P.siginfo.algorithmOid,n.csrSignatureParams,!1),P.signature=n.csrSignature,P.certificationRequestInfo=n.certificationRequestInfo,s){P.md=b({signatureOid:P.signatureOid,type:"certification request"});var F=e.toDer(P.certificationRequestInfo);P.md.update(F.getBytes())}var q=t.md.sha1.create();return P.subject.getField=function(M){return S(P.subject,M)},P.subject.addField=function(M){E([M]),P.subject.attributes.push(M)},P.subject.attributes=r.RDNAttributesAsArray(n.certificationRequestInfoSubject,q),P.subject.hash=q.digest().toHex(),P.publicKey=r.publicKeyFromAsn1(n.subjectPublicKeyInfo),P.getAttribute=function(M){return S(P,M)},P.addAttribute=function(M){E([M]),P.attributes.push(M)},P.attributes=r.CRIAttributesAsArray(n.certificationRequestInfoAttributes||[]),P},r.createCertificationRequest=function(){var d={};return d.version=0,d.signatureOid=null,d.signature=null,d.siginfo={},d.siginfo.algorithmOid=null,d.subject={},d.subject.getField=function(s){return S(d.subject,s)},d.subject.addField=function(s){E([s]),d.subject.attributes.push(s)},d.subject.attributes=[],d.subject.hash=null,d.publicKey=null,d.attributes=[],d.getAttribute=function(s){return S(d,s)},d.addAttribute=function(s){E([s]),d.attributes.push(s)},d.md=null,d.setSubject=function(s){E(s),d.subject.attributes=s,d.subject.hash=null},d.setAttributes=function(s){E(s),d.attributes=s},d.sign=function(s,n){d.md=n||t.md.sha1.create();var B=i[d.md.algorithm+"WithRSAEncryption"];if(!B){var U=new Error("Could not compute certification request digest. Unknown message digest algorithm OID.");throw U.algorithm=d.md.algorithm,U}d.signatureOid=d.siginfo.algorithmOid=B,d.certificationRequestInfo=r.getCertificationRequestInfo(d);var O=e.toDer(d.certificationRequestInfo);d.md.update(O.getBytes()),d.signature=s.sign(d.md)},d.verify=function(){var s=!1,n=d.md;if(n===null){n=b({signatureOid:d.signatureOid,type:"certification request"});var B=d.certificationRequestInfo||r.getCertificationRequestInfo(d),U=e.toDer(B);n.update(U.getBytes())}return n!==null&&(s=f({certificate:d,md:n,signature:d.signature})),s},d};function m(d){for(var s=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[]),n,B,U=d.attributes,O=0;O<U.length;++O){n=U[O];var P=n.value,F=e.Type.PRINTABLESTRING;"valueTagClass"in n&&(F=n.valueTagClass,F===e.Type.UTF8&&(P=t.util.encodeUtf8(P))),B=e.create(e.Class.UNIVERSAL,e.Type.SET,!0,[e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(n.type).getBytes()),e.create(e.Class.UNIVERSAL,F,!1,P)])]),s.value.push(B)}return s}function E(d){for(var s,n=0;n<d.length;++n){if(s=d[n],typeof s.name>"u"&&(s.type&&s.type in r.oids?s.name=r.oids[s.type]:s.shortName&&s.shortName in p&&(s.name=r.oids[p[s.shortName]])),typeof s.type>"u")if(s.name&&s.name in r.oids)s.type=r.oids[s.name];else{var B=new Error("Attribute type not specified.");throw B.attribute=s,B}if(typeof s.shortName>"u"&&s.name&&s.name in p&&(s.shortName=p[s.name]),s.type===i.extensionRequest&&(s.valueConstructed=!0,s.valueTagClass=e.Type.SEQUENCE,!s.value&&s.extensions)){s.value=[];for(var U=0;U<s.extensions.length;++U)s.value.push(r.certificateExtensionToAsn1(C(s.extensions[U])))}if(typeof s.value>"u"){var B=new Error("Attribute value not specified.");throw B.attribute=s,B}}}function C(d,s){if(s=s||{},typeof d.name>"u"&&d.id&&d.id in r.oids&&(d.name=r.oids[d.id]),typeof d.id>"u")if(d.name&&d.name in r.oids)d.id=r.oids[d.name];else{var n=new Error("Extension ID not specified.");throw n.extension=d,n}if(typeof d.value<"u")return d;if(d.name==="keyUsage"){var B=0,U=0,O=0;d.digitalSignature&&(U|=128,B=7),d.nonRepudiation&&(U|=64,B=6),d.keyEncipherment&&(U|=32,B=5),d.dataEncipherment&&(U|=16,B=4),d.keyAgreement&&(U|=8,B=3),d.keyCertSign&&(U|=4,B=2),d.cRLSign&&(U|=2,B=1),d.encipherOnly&&(U|=1,B=0),d.decipherOnly&&(O|=128,B=7);var P=String.fromCharCode(B);O!==0?P+=String.fromCharCode(U)+String.fromCharCode(O):U!==0&&(P+=String.fromCharCode(U)),d.value=e.create(e.Class.UNIVERSAL,e.Type.BITSTRING,!1,P)}else if(d.name==="basicConstraints")d.value=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[]),d.cA&&d.value.value.push(e.create(e.Class.UNIVERSAL,e.Type.BOOLEAN,!1,"ÿ")),"pathLenConstraint"in d&&d.value.value.push(e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(d.pathLenConstraint).getBytes()));else if(d.name==="extKeyUsage"){d.value=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[]);var F=d.value.value;for(var q in d)d[q]===!0&&(q in i?F.push(e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(i[q]).getBytes())):q.indexOf(".")!==-1&&F.push(e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(q).getBytes())))}else if(d.name==="nsCertType"){var B=0,U=0;d.client&&(U|=128,B=7),d.server&&(U|=64,B=6),d.email&&(U|=32,B=5),d.objsign&&(U|=16,B=4),d.reserved&&(U|=8,B=3),d.sslCA&&(U|=4,B=2),d.emailCA&&(U|=2,B=1),d.objCA&&(U|=1,B=0);var P=String.fromCharCode(B);U!==0&&(P+=String.fromCharCode(U)),d.value=e.create(e.Class.UNIVERSAL,e.Type.BITSTRING,!1,P)}else if(d.name==="subjectAltName"||d.name==="issuerAltName"){d.value=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[]);for(var M,H=0;H<d.altNames.length;++H){M=d.altNames[H];var P=M.value;if(M.type===7&&M.ip){if(P=t.util.bytesFromIP(M.ip),P===null){var n=new Error('Extension "ip" value is not a valid IPv4 or IPv6 address.');throw n.extension=d,n}}else M.type===8&&(M.oid?P=e.oidToDer(e.oidToDer(M.oid)):P=e.oidToDer(P));d.value.value.push(e.create(e.Class.CONTEXT_SPECIFIC,M.type,!1,P))}}else if(d.name==="nsComment"&&s.cert){if(!/^[\x00-\x7F]*$/.test(d.comment)||d.comment.length<1||d.comment.length>128)throw new Error('Invalid "nsComment" content.');d.value=e.create(e.Class.UNIVERSAL,e.Type.IA5STRING,!1,d.comment)}else if(d.name==="subjectKeyIdentifier"&&s.cert){var Q=s.cert.generateSubjectKeyIdentifier();d.subjectKeyIdentifier=Q.toHex(),d.value=e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,Q.getBytes())}else if(d.name==="authorityKeyIdentifier"&&s.cert){d.value=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[]);var F=d.value.value;if(d.keyIdentifier){var j=d.keyIdentifier===!0?s.cert.generateSubjectKeyIdentifier().getBytes():d.keyIdentifier;F.push(e.create(e.Class.CONTEXT_SPECIFIC,0,!1,j))}if(d.authorityCertIssuer){var J=[e.create(e.Class.CONTEXT_SPECIFIC,4,!0,[m(d.authorityCertIssuer===!0?s.cert.issuer:d.authorityCertIssuer)])];F.push(e.create(e.Class.CONTEXT_SPECIFIC,1,!0,J))}if(d.serialNumber){var ce=t.util.hexToBytes(d.serialNumber===!0?s.cert.serialNumber:d.serialNumber);F.push(e.create(e.Class.CONTEXT_SPECIFIC,2,!1,ce))}}else if(d.name==="cRLDistributionPoints"){d.value=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[]);for(var F=d.value.value,se=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[]),ge=e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[]),M,H=0;H<d.altNames.length;++H){M=d.altNames[H];var P=M.value;if(M.type===7&&M.ip){if(P=t.util.bytesFromIP(M.ip),P===null){var n=new Error('Extension "ip" value is not a valid IPv4 or IPv6 address.');throw n.extension=d,n}}else M.type===8&&(M.oid?P=e.oidToDer(e.oidToDer(M.oid)):P=e.oidToDer(P));ge.value.push(e.create(e.Class.CONTEXT_SPECIFIC,M.type,!1,P))}se.value.push(e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[ge])),F.push(se)}if(typeof d.value>"u"){var n=new Error("Extension value not specified.");throw n.extension=d,n}return d}function o(d,s){switch(d){case i["RSASSA-PSS"]:var n=[];return s.hash.algorithmOid!==void 0&&n.push(e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(s.hash.algorithmOid).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.NULL,!1,"")])])),s.mgf.algorithmOid!==void 0&&n.push(e.create(e.Class.CONTEXT_SPECIFIC,1,!0,[e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(s.mgf.algorithmOid).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(s.mgf.hash.algorithmOid).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.NULL,!1,"")])])])),s.saltLength!==void 0&&n.push(e.create(e.Class.CONTEXT_SPECIFIC,2,!0,[e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(s.saltLength).getBytes())])),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,n);default:return e.create(e.Class.UNIVERSAL,e.Type.NULL,!1,"")}}function h(d){var s=e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[]);if(d.attributes.length===0)return s;for(var n=d.attributes,B=0;B<n.length;++B){var U=n[B],O=U.value,P=e.Type.UTF8;"valueTagClass"in U&&(P=U.valueTagClass),P===e.Type.UTF8&&(O=t.util.encodeUtf8(O));var F=!1;"valueConstructed"in U&&(F=U.valueConstructed);var q=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(U.type).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SET,!0,[e.create(e.Class.UNIVERSAL,P,F,O)])]);s.value.push(q)}return s}var g=new Date("1950-01-01T00:00:00Z"),I=new Date("2050-01-01T00:00:00Z");function _(d){return d>=g&&d<I?e.create(e.Class.UNIVERSAL,e.Type.UTCTIME,!1,e.dateToUtcTime(d)):e.create(e.Class.UNIVERSAL,e.Type.GENERALIZEDTIME,!1,e.dateToGeneralizedTime(d))}return r.getTBSCertificate=function(d){var s=_(d.validity.notBefore),n=_(d.validity.notAfter),B=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(d.version).getBytes())]),e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,t.util.hexToBytes(d.serialNumber)),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(d.siginfo.algorithmOid).getBytes()),o(d.siginfo.algorithmOid,d.siginfo.parameters)]),m(d.issuer),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[s,n]),m(d.subject),r.publicKeyToAsn1(d.publicKey)]);return d.issuer.uniqueId&&B.value.push(e.create(e.Class.CONTEXT_SPECIFIC,1,!0,[e.create(e.Class.UNIVERSAL,e.Type.BITSTRING,!1,"\0"+d.issuer.uniqueId)])),d.subject.uniqueId&&B.value.push(e.create(e.Class.CONTEXT_SPECIFIC,2,!0,[e.create(e.Class.UNIVERSAL,e.Type.BITSTRING,!1,"\0"+d.subject.uniqueId)])),d.extensions.length>0&&B.value.push(r.certificateExtensionsToAsn1(d.extensions)),B},r.getCertificationRequestInfo=function(d){var s=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(d.version).getBytes()),m(d.subject),r.publicKeyToAsn1(d.publicKey),h(d)]);return s},r.distinguishedNameToAsn1=function(d){return m(d)},r.certificateToAsn1=function(d){var s=d.tbsCertificate||r.getTBSCertificate(d);return e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[s,e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(d.signatureOid).getBytes()),o(d.signatureOid,d.signatureParameters)]),e.create(e.Class.UNIVERSAL,e.Type.BITSTRING,!1,"\0"+d.signature)])},r.certificateExtensionsToAsn1=function(d){var s=e.create(e.Class.CONTEXT_SPECIFIC,3,!0,[]),n=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[]);s.value.push(n);for(var B=0;B<d.length;++B)n.value.push(r.certificateExtensionToAsn1(d[B]));return s},r.certificateExtensionToAsn1=function(d){var s=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[]);s.value.push(e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(d.id).getBytes())),d.critical&&s.value.push(e.create(e.Class.UNIVERSAL,e.Type.BOOLEAN,!1,"ÿ"));var n=d.value;return typeof d.value!="string"&&(n=e.toDer(n).getBytes()),s.value.push(e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,n)),s},r.certificationRequestToAsn1=function(d){var s=d.certificationRequestInfo||r.getCertificationRequestInfo(d);return e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[s,e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(d.signatureOid).getBytes()),o(d.signatureOid,d.signatureParameters)]),e.create(e.Class.UNIVERSAL,e.Type.BITSTRING,!1,"\0"+d.signature)])},r.createCaStore=function(d){var s={certs:{}};s.getIssuer=function(P){var F=n(P.issuer);return F},s.addCertificate=function(P){if(typeof P=="string"&&(P=t.pki.certificateFromPem(P)),B(P.subject),!s.hasCertificate(P))if(P.subject.hash in s.certs){var F=s.certs[P.subject.hash];t.util.isArray(F)||(F=[F]),F.push(P),s.certs[P.subject.hash]=F}else s.certs[P.subject.hash]=P},s.hasCertificate=function(P){typeof P=="string"&&(P=t.pki.certificateFromPem(P));var F=n(P.subject);if(!F)return!1;t.util.isArray(F)||(F=[F]);for(var q=e.toDer(r.certificateToAsn1(P)).getBytes(),M=0;M<F.length;++M){var H=e.toDer(r.certificateToAsn1(F[M])).getBytes();if(q===H)return!0}return!1},s.listAllCertificates=function(){var P=[];for(var F in s.certs)if(s.certs.hasOwnProperty(F)){var q=s.certs[F];if(!t.util.isArray(q))P.push(q);else for(var M=0;M<q.length;++M)P.push(q[M])}return P},s.removeCertificate=function(P){var F;if(typeof P=="string"&&(P=t.pki.certificateFromPem(P)),B(P.subject),!s.hasCertificate(P))return null;var q=n(P.subject);if(!t.util.isArray(q))return F=s.certs[P.subject.hash],delete s.certs[P.subject.hash],F;for(var M=e.toDer(r.certificateToAsn1(P)).getBytes(),H=0;H<q.length;++H){var Q=e.toDer(r.certificateToAsn1(q[H])).getBytes();M===Q&&(F=q[H],q.splice(H,1))}return q.length===0&&delete s.certs[P.subject.hash],F};function n(P){return B(P),s.certs[P.hash]||null}function B(P){if(!P.hash){var F=t.md.sha1.create();P.attributes=r.RDNAttributesAsArray(m(P),F),P.hash=F.digest().toHex()}}if(d)for(var U=0;U<d.length;++U){var O=d[U];s.addCertificate(O)}return s},r.certificateError={bad_certificate:"forge.pki.BadCertificate",unsupported_certificate:"forge.pki.UnsupportedCertificate",certificate_revoked:"forge.pki.CertificateRevoked",certificate_expired:"forge.pki.CertificateExpired",certificate_unknown:"forge.pki.CertificateUnknown",unknown_ca:"forge.pki.UnknownCertificateAuthority"},r.verifyCertificateChain=function(d,s,n){typeof n=="function"&&(n={verify:n}),n=n||{},s=s.slice(0);var B=s.slice(0),U=n.validityCheckDate;typeof U>"u"&&(U=new Date);var O=!0,P=null,F=0;do{var q=s.shift(),M=null,H=!1;if(U&&(U<q.validity.notBefore||U>q.validity.notAfter)&&(P={message:"Certificate is not valid yet or has expired.",error:r.certificateError.certificate_expired,notBefore:q.validity.notBefore,notAfter:q.validity.notAfter,now:U}),P===null){if(M=s[0]||d.getIssuer(q),M===null&&q.isIssuer(q)&&(H=!0,M=q),M){var Q=M;t.util.isArray(Q)||(Q=[Q]);for(var j=!1;!j&&Q.length>0;){M=Q.shift();try{j=M.verify(q)}catch{}}j||(P={message:"Certificate signature is invalid.",error:r.certificateError.bad_certificate})}P===null&&(!M||H)&&!d.hasCertificate(q)&&(P={message:"Certificate is not trusted.",error:r.certificateError.unknown_ca})}if(P===null&&M&&!q.isIssuer(M)&&(P={message:"Certificate issuer is invalid.",error:r.certificateError.bad_certificate}),P===null)for(var J={keyUsage:!0,basicConstraints:!0},ce=0;P===null&&ce<q.extensions.length;++ce){var se=q.extensions[ce];se.critical&&!(se.name in J)&&(P={message:"Certificate has an unsupported critical extension.",error:r.certificateError.unsupported_certificate})}if(P===null&&(!O||s.length===0&&(!M||H))){var ge=q.getExtension("basicConstraints"),de=q.getExtension("keyUsage");if(de!==null&&(!de.keyCertSign||ge===null)&&(P={message:"Certificate keyUsage or basicConstraints conflict or indicate that the certificate is not a CA. If the certificate is the only one in the chain or isn't the first then the certificate must be a valid CA.",error:r.certificateError.bad_certificate}),P===null&&ge===null&&(P={message:"Certificate is missing basicConstraints extension and cannot be used as a CA.",error:r.certificateError.bad_certificate}),P===null&&ge!==null&&!ge.cA&&(P={message:"Certificate basicConstraints indicates the certificate is not a CA.",error:r.certificateError.bad_certificate}),P===null&&de!==null&&"pathLenConstraint"in ge){var he=F-1;he>ge.pathLenConstraint&&(P={message:"Certificate basicConstraints pathLenConstraint violated.",error:r.certificateError.bad_certificate})}}var X=P===null?!0:P.error,W=n.verify?n.verify(X,F,B):X;if(W===!0)P=null;else throw X===!0&&(P={message:"The application rejected the certificate.",error:r.certificateError.bad_certificate}),(W||W===0)&&(typeof W=="object"&&!t.util.isArray(W)?(W.message&&(P.message=W.message),W.error&&(P.error=W.error)):typeof W=="string"&&(P.error=W)),P;O=!1,++F}while(s.length>0);return!0},qr.exports}var fn;function si(){if(fn)return Kr.exports;fn=1;var t=ye();dt(),qt(),Nt(),ni(),ai(),ut(),ur(),Ht(),me(),Sa();var e=t.asn1,r=t.pki,i=Kr.exports=t.pkcs12=t.pkcs12||{},p={name:"ContentInfo",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"ContentInfo.contentType",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"contentType"},{name:"ContentInfo.content",tagClass:e.Class.CONTEXT_SPECIFIC,constructed:!0,captureAsn1:"content"}]},y={name:"PFX",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.version",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"version"},p,{name:"PFX.macData",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,optional:!0,captureAsn1:"mac",value:[{name:"PFX.macData.mac",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.macData.mac.digestAlgorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"PFX.macData.mac.digestAlgorithm.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"macAlgorithm"},{name:"PFX.macData.mac.digestAlgorithm.parameters",optional:!0,tagClass:e.Class.UNIVERSAL,captureAsn1:"macAlgorithmParameters"}]},{name:"PFX.macData.mac.digest",tagClass:e.Class.UNIVERSAL,type:e.Type.OCTETSTRING,constructed:!1,capture:"macDigest"}]},{name:"PFX.macData.macSalt",tagClass:e.Class.UNIVERSAL,type:e.Type.OCTETSTRING,constructed:!1,capture:"macSalt"},{name:"PFX.macData.iterations",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,optional:!0,capture:"macIterations"}]}]},c={name:"SafeBag",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"SafeBag.bagId",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"bagId"},{name:"SafeBag.bagValue",tagClass:e.Class.CONTEXT_SPECIFIC,constructed:!0,captureAsn1:"bagValue"},{name:"SafeBag.bagAttributes",tagClass:e.Class.UNIVERSAL,type:e.Type.SET,constructed:!0,optional:!0,capture:"bagAttributes"}]},a={name:"Attribute",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"Attribute.attrId",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"oid"},{name:"Attribute.attrValues",tagClass:e.Class.UNIVERSAL,type:e.Type.SET,constructed:!0,capture:"values"}]},v={name:"CertBag",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"CertBag.certId",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"certId"},{name:"CertBag.certValue",tagClass:e.Class.CONTEXT_SPECIFIC,constructed:!0,value:[{name:"CertBag.certValue[0]",tagClass:e.Class.UNIVERSAL,type:e.Class.OCTETSTRING,constructed:!1,capture:"cert"}]}]};function l(E,C,o,h){for(var g=[],I=0;I<E.length;I++)for(var _=0;_<E[I].safeBags.length;_++){var d=E[I].safeBags[_];if(!(h!==void 0&&d.type!==h)){if(C===null){g.push(d);continue}d.attributes[C]!==void 0&&d.attributes[C].indexOf(o)>=0&&g.push(d)}}return g}i.pkcs12FromAsn1=function(E,C,o){typeof C=="string"?(o=C,C=!0):C===void 0&&(C=!0);var h={},g=[];if(!e.validate(E,y,h,g)){var I=new Error("Cannot read PKCS#12 PFX. ASN.1 object is not an PKCS#12 PFX.");throw I.errors=I,I}var _={version:h.version.charCodeAt(0),safeContents:[],getBags:function(M){var H={},Q;return"localKeyId"in M?Q=M.localKeyId:"localKeyIdHex"in M&&(Q=t.util.hexToBytes(M.localKeyIdHex)),Q===void 0&&!("friendlyName"in M)&&"bagType"in M&&(H[M.bagType]=l(_.safeContents,null,null,M.bagType)),Q!==void 0&&(H.localKeyId=l(_.safeContents,"localKeyId",Q,M.bagType)),"friendlyName"in M&&(H.friendlyName=l(_.safeContents,"friendlyName",M.friendlyName,M.bagType)),H},getBagsByFriendlyName:function(M,H){return l(_.safeContents,"friendlyName",M,H)},getBagsByLocalKeyId:function(M,H){return l(_.safeContents,"localKeyId",M,H)}};if(h.version.charCodeAt(0)!==3){var I=new Error("PKCS#12 PFX of version other than 3 not supported.");throw I.version=h.version.charCodeAt(0),I}if(e.derToOid(h.contentType)!==r.oids.data){var I=new Error("Only PKCS#12 PFX in password integrity mode supported.");throw I.oid=e.derToOid(h.contentType),I}var d=h.content.value[0];if(d.tagClass!==e.Class.UNIVERSAL||d.type!==e.Type.OCTETSTRING)throw new Error("PKCS#12 authSafe content data is not an OCTET STRING.");if(d=S(d),h.mac){var s=null,n=0,B=e.derToOid(h.macAlgorithm);switch(B){case r.oids.sha1:s=t.md.sha1.create(),n=20;break;case r.oids.sha256:s=t.md.sha256.create(),n=32;break;case r.oids.sha384:s=t.md.sha384.create(),n=48;break;case r.oids.sha512:s=t.md.sha512.create(),n=64;break;case r.oids.md5:s=t.md.md5.create(),n=16;break}if(s===null)throw new Error("PKCS#12 uses unsupported MAC algorithm: "+B);var U=new t.util.ByteBuffer(h.macSalt),O="macIterations"in h?parseInt(t.util.bytesToHex(h.macIterations),16):1,P=i.generateKey(o,U,3,O,n,s),F=t.hmac.create();F.start(s,P),F.update(d.value);var q=F.getMac();if(q.getBytes()!==h.macDigest)throw new Error("PKCS#12 MAC could not be verified. Invalid password?")}else if(Array.isArray(E.value)&&E.value.length>2)throw new Error("Invalid PKCS#12. macData field present but MAC was not validated.");return L(_,d.value,C,o),_};function S(E){if(E.composed||E.constructed){for(var C=t.util.createBuffer(),o=0;o<E.value.length;++o)C.putBytes(E.value[o].value);E.composed=E.constructed=!1,E.value=C.getBytes()}return E}function L(E,C,o,h){if(C=e.fromDer(C,o),C.tagClass!==e.Class.UNIVERSAL||C.type!==e.Type.SEQUENCE||C.constructed!==!0)throw new Error("PKCS#12 AuthenticatedSafe expected to be a SEQUENCE OF ContentInfo");for(var g=0;g<C.value.length;g++){var I=C.value[g],_={},d=[];if(!e.validate(I,p,_,d)){var s=new Error("Cannot read ContentInfo.");throw s.errors=d,s}var n={encrypted:!1},B=null,U=_.content.value[0];switch(e.derToOid(_.contentType)){case r.oids.data:if(U.tagClass!==e.Class.UNIVERSAL||U.type!==e.Type.OCTETSTRING)throw new Error("PKCS#12 SafeContents Data is not an OCTET STRING.");B=S(U).value;break;case r.oids.encryptedData:B=b(U,h),n.encrypted=!0;break;default:var s=new Error("Unsupported PKCS#12 contentType.");throw s.contentType=e.derToOid(_.contentType),s}n.safeBags=f(B,o,h),E.safeContents.push(n)}}function b(E,C){var o={},h=[];if(!e.validate(E,t.pkcs7.asn1.encryptedDataValidator,o,h)){var g=new Error("Cannot read EncryptedContentInfo.");throw g.errors=h,g}var I=e.derToOid(o.contentType);if(I!==r.oids.data){var g=new Error("PKCS#12 EncryptedContentInfo ContentType is not Data.");throw g.oid=I,g}I=e.derToOid(o.encAlgorithm);var _=r.pbe.getCipher(I,o.encParameter,C),d=S(o.encryptedContentAsn1),s=t.util.createBuffer(d.value);if(_.update(s),!_.finish())throw new Error("Failed to decrypt PKCS#12 SafeContents.");return _.output.getBytes()}function f(E,C,o){if(!C&&E.length===0)return[];if(E=e.fromDer(E,C),E.tagClass!==e.Class.UNIVERSAL||E.type!==e.Type.SEQUENCE||E.constructed!==!0)throw new Error("PKCS#12 SafeContents expected to be a SEQUENCE OF SafeBag.");for(var h=[],g=0;g<E.value.length;g++){var I=E.value[g],_={},d=[];if(!e.validate(I,c,_,d)){var s=new Error("Cannot read SafeBag.");throw s.errors=d,s}var n={type:e.derToOid(_.bagId),attributes:m(_.bagAttributes)};h.push(n);var B,U,O=_.bagValue.value[0];switch(n.type){case r.oids.pkcs8ShroudedKeyBag:if(O=r.decryptPrivateKeyInfo(O,o),O===null)throw new Error("Unable to decrypt PKCS#8 ShroudedKeyBag, wrong password?");case r.oids.keyBag:try{n.key=r.privateKeyFromAsn1(O)}catch{n.key=null,n.asn1=O}continue;case r.oids.certBag:B=v,U=function(){if(e.derToOid(_.certId)!==r.oids.x509Certificate){var F=new Error("Unsupported certificate type, only X.509 supported.");throw F.oid=e.derToOid(_.certId),F}var q=e.fromDer(_.cert,C);try{n.cert=r.certificateFromAsn1(q,!0)}catch{n.cert=null,n.asn1=q}};break;default:var s=new Error("Unsupported PKCS#12 SafeBag type.");throw s.oid=n.type,s}if(B!==void 0&&!e.validate(O,B,_,d)){var s=new Error("Cannot read PKCS#12 "+B.name);throw s.errors=d,s}U()}return h}function m(E){var C={};if(E!==void 0)for(var o=0;o<E.length;++o){var h={},g=[];if(!e.validate(E[o],a,h,g)){var I=new Error("Cannot read PKCS#12 BagAttribute.");throw I.errors=g,I}var _=e.derToOid(h.oid);if(r.oids[_]!==void 0){C[r.oids[_]]=[];for(var d=0;d<h.values.length;++d)C[r.oids[_]].push(h.values[d].value)}}return C}return i.toPkcs12Asn1=function(E,C,o,h){h=h||{},h.saltSize=h.saltSize||8,h.count=h.count||2048,h.algorithm=h.algorithm||h.encAlgorithm||"aes128","useMac"in h||(h.useMac=!0),"localKeyId"in h||(h.localKeyId=null),"generateLocalKeyId"in h||(h.generateLocalKeyId=!0);var g=h.localKeyId,I;if(g!==null)g=t.util.hexToBytes(g);else if(h.generateLocalKeyId)if(C){var _=t.util.isArray(C)?C[0]:C;typeof _=="string"&&(_=r.certificateFromPem(_));var d=t.md.sha1.create();d.update(e.toDer(r.certificateToAsn1(_)).getBytes()),g=d.digest().getBytes()}else g=t.random.getBytes(20);var s=[];g!==null&&s.push(e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.localKeyId).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SET,!0,[e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,g)])])),"friendlyName"in h&&s.push(e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.friendlyName).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SET,!0,[e.create(e.Class.UNIVERSAL,e.Type.BMPSTRING,!1,h.friendlyName)])])),s.length>0&&(I=e.create(e.Class.UNIVERSAL,e.Type.SET,!0,s));var n=[],B=[];C!==null&&(t.util.isArray(C)?B=C:B=[C]);for(var U=[],O=0;O<B.length;++O){C=B[O],typeof C=="string"&&(C=r.certificateFromPem(C));var P=O===0?I:void 0,F=r.certificateToAsn1(C),q=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.certBag).getBytes()),e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.x509Certificate).getBytes()),e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,e.toDer(F).getBytes())])])]),P]);U.push(q)}if(U.length>0){var M=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,U),H=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.data).getBytes()),e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,e.toDer(M).getBytes())])]);n.push(H)}var Q=null;if(E!==null){var j=r.wrapRsaPrivateKey(r.privateKeyToAsn1(E));o===null?Q=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.keyBag).getBytes()),e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[j]),I]):Q=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.pkcs8ShroudedKeyBag).getBytes()),e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[r.encryptPrivateKeyInfo(j,o,h)]),I]);var J=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[Q]),ce=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.data).getBytes()),e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,e.toDer(J).getBytes())])]);n.push(ce)}var se=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,n),ge;if(h.useMac){var d=t.md.sha1.create(),de=new t.util.ByteBuffer(t.random.getBytes(h.saltSize)),he=h.count,E=i.generateKey(o,de,3,he,20),X=t.hmac.create();X.start(d,E),X.update(e.toDer(se).getBytes());var W=X.getMac();ge=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.sha1).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.NULL,!1,"")]),e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,W.getBytes())]),e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,de.getBytes()),e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(he).getBytes())])}return e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(3).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(r.oids.data).getBytes()),e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,e.toDer(se).getBytes())])]),ge])},i.generateKey=t.pbe.generatePkcs12Key,Kr.exports}var ln;function oi(){if(ln)return Nr.exports;ln=1;var t=ye();dt(),Nt(),ai(),Pt(),Ea(),si(),xa(),ur(),me(),Sa();var e=t.asn1,r=Nr.exports=t.pki=t.pki||{};return r.pemToDer=function(i){var p=t.pem.decode(i)[0];if(p.procType&&p.procType.type==="ENCRYPTED")throw new Error("Could not convert PEM to DER; PEM is encrypted.");return t.util.createBuffer(p.body)},r.privateKeyFromPem=function(i){var p=t.pem.decode(i)[0];if(p.type!=="PRIVATE KEY"&&p.type!=="RSA PRIVATE KEY"){var y=new Error('Could not convert private key from PEM; PEM header type is not "PRIVATE KEY" or "RSA PRIVATE KEY".');throw y.headerType=p.type,y}if(p.procType&&p.procType.type==="ENCRYPTED")throw new Error("Could not convert private key from PEM; PEM is encrypted.");var c=e.fromDer(p.body);return r.privateKeyFromAsn1(c)},r.privateKeyToPem=function(i,p){var y={type:"RSA PRIVATE KEY",body:e.toDer(r.privateKeyToAsn1(i)).getBytes()};return t.pem.encode(y,{maxline:p})},r.privateKeyInfoToPem=function(i,p){var y={type:"PRIVATE KEY",body:e.toDer(i).getBytes()};return t.pem.encode(y,{maxline:p})},Nr.exports}var Qr,dn;function ci(){if(dn)return Qr;dn=1;var t=ye();dt(),qt(),ma(),Pt(),oi(),ut(),Ht(),me();var e=function(x,D,R,T){var u=t.util.createBuffer(),N=x.length>>1,V=N+(x.length&1),G=x.substr(0,V),ne=x.substr(N,V),Z=t.util.createBuffer(),z=t.hmac.create();R=D+R;var ee=Math.ceil(T/16),fe=Math.ceil(T/20);z.start("MD5",G);var ve=t.util.createBuffer();Z.putBytes(R);for(var pe=0;pe<ee;++pe)z.start(null,null),z.update(Z.getBytes()),Z.putBuffer(z.digest()),z.start(null,null),z.update(Z.bytes()+R),ve.putBuffer(z.digest());z.start("SHA1",ne);var be=t.util.createBuffer();Z.clear(),Z.putBytes(R);for(var pe=0;pe<fe;++pe)z.start(null,null),z.update(Z.getBytes()),Z.putBuffer(z.digest()),z.start(null,null),z.update(Z.bytes()+R),be.putBuffer(z.digest());return u.putBytes(t.util.xorBytes(ve.getBytes(),be.getBytes(),T)),u},r=function(x,D,R){var T=t.hmac.create();T.start("SHA1",x);var u=t.util.createBuffer();return u.putInt32(D[0]),u.putInt32(D[1]),u.putByte(R.type),u.putByte(R.version.major),u.putByte(R.version.minor),u.putInt16(R.length),u.putBytes(R.fragment.bytes()),T.update(u.getBytes()),T.digest().getBytes()},i=function(x,D,R){var T=!1;try{var u=x.deflate(D.fragment.getBytes());D.fragment=t.util.createBuffer(u),D.length=u.length,T=!0}catch{}return T},p=function(x,D,R){var T=!1;try{var u=x.inflate(D.fragment.getBytes());D.fragment=t.util.createBuffer(u),D.length=u.length,T=!0}catch{}return T},y=function(x,D){var R=0;switch(D){case 1:R=x.getByte();break;case 2:R=x.getInt16();break;case 3:R=x.getInt24();break;case 4:R=x.getInt32();break}return t.util.createBuffer(x.getBytes(R))},c=function(x,D,R){x.putInt(R.length(),D<<3),x.putBuffer(R)},a={};a.Versions={TLS_1_0:{major:3,minor:1},TLS_1_1:{major:3,minor:2},TLS_1_2:{major:3,minor:3}},a.SupportedVersions=[a.Versions.TLS_1_1,a.Versions.TLS_1_0],a.Version=a.SupportedVersions[0],a.MaxFragment=15360,a.ConnectionEnd={server:0,client:1},a.PRFAlgorithm={tls_prf_sha256:0},a.BulkCipherAlgorithm={none:null,rc4:0,des3:1,aes:2},a.CipherType={stream:0,block:1,aead:2},a.MACAlgorithm={none:null,hmac_md5:0,hmac_sha1:1,hmac_sha256:2,hmac_sha384:3,hmac_sha512:4},a.CompressionMethod={none:0,deflate:1},a.ContentType={change_cipher_spec:20,alert:21,handshake:22,application_data:23,heartbeat:24},a.HandshakeType={hello_request:0,client_hello:1,server_hello:2,certificate:11,server_key_exchange:12,certificate_request:13,server_hello_done:14,certificate_verify:15,client_key_exchange:16,finished:20},a.Alert={},a.Alert.Level={warning:1,fatal:2},a.Alert.Description={close_notify:0,unexpected_message:10,bad_record_mac:20,decryption_failed:21,record_overflow:22,decompression_failure:30,handshake_failure:40,bad_certificate:42,unsupported_certificate:43,certificate_revoked:44,certificate_expired:45,certificate_unknown:46,illegal_parameter:47,unknown_ca:48,access_denied:49,decode_error:50,decrypt_error:51,export_restriction:60,protocol_version:70,insufficient_security:71,internal_error:80,user_canceled:90,no_renegotiation:100},a.HeartbeatMessageType={heartbeat_request:1,heartbeat_response:2},a.CipherSuites={},a.getCipherSuite=function(x){var D=null;for(var R in a.CipherSuites){var T=a.CipherSuites[R];if(T.id[0]===x.charCodeAt(0)&&T.id[1]===x.charCodeAt(1)){D=T;break}}return D},a.handleUnexpected=function(x,D){var R=!x.open&&x.entity===a.ConnectionEnd.client;R||x.error(x,{message:"Unexpected message. Received TLS record out of order.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.unexpected_message}})},a.handleHelloRequest=function(x,D,R){!x.handshaking&&x.handshakes>0&&(a.queue(x,a.createAlert(x,{level:a.Alert.Level.warning,description:a.Alert.Description.no_renegotiation})),a.flush(x)),x.process()},a.parseHelloMessage=function(x,D,R){var T=null,u=x.entity===a.ConnectionEnd.client;if(R<38)x.error(x,{message:u?"Invalid ServerHello message. Message too short.":"Invalid ClientHello message. Message too short.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}});else{var N=D.fragment,V=N.length();if(T={version:{major:N.getByte(),minor:N.getByte()},random:t.util.createBuffer(N.getBytes(32)),session_id:y(N,1),extensions:[]},u?(T.cipher_suite=N.getBytes(2),T.compression_method=N.getByte()):(T.cipher_suites=y(N,2),T.compression_methods=y(N,1)),V=R-(V-N.length()),V>0){for(var G=y(N,2);G.length()>0;)T.extensions.push({type:[G.getByte(),G.getByte()],data:y(G,2)});if(!u)for(var ne=0;ne<T.extensions.length;++ne){var Z=T.extensions[ne];if(Z.type[0]===0&&Z.type[1]===0)for(var z=y(Z.data,2);z.length()>0;){var ee=z.getByte();if(ee!==0)break;x.session.extensions.server_name.serverNameList.push(y(z,2).getBytes())}}}if(x.session.version&&(T.version.major!==x.session.version.major||T.version.minor!==x.session.version.minor))return x.error(x,{message:"TLS version change is disallowed during renegotiation.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.protocol_version}});if(u)x.session.cipherSuite=a.getCipherSuite(T.cipher_suite);else for(var fe=t.util.createBuffer(T.cipher_suites.bytes());fe.length()>0&&(x.session.cipherSuite=a.getCipherSuite(fe.getBytes(2)),x.session.cipherSuite===null););if(x.session.cipherSuite===null)return x.error(x,{message:"No cipher suites in common.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.handshake_failure},cipherSuite:t.util.bytesToHex(T.cipher_suite)});u?x.session.compressionMethod=T.compression_method:x.session.compressionMethod=a.CompressionMethod.none}return T},a.createSecurityParameters=function(x,D){var R=x.entity===a.ConnectionEnd.client,T=D.random.bytes(),u=R?x.session.sp.client_random:T,N=R?T:a.createRandom().getBytes();x.session.sp={entity:x.entity,prf_algorithm:a.PRFAlgorithm.tls_prf_sha256,bulk_cipher_algorithm:null,cipher_type:null,enc_key_length:null,block_length:null,fixed_iv_length:null,record_iv_length:null,mac_algorithm:null,mac_length:null,mac_key_length:null,compression_algorithm:x.session.compressionMethod,pre_master_secret:null,master_secret:null,client_random:u,server_random:N}},a.handleServerHello=function(x,D,R){var T=a.parseHelloMessage(x,D,R);if(!x.fail){if(T.version.minor<=x.version.minor)x.version.minor=T.version.minor;else return x.error(x,{message:"Incompatible TLS version.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.protocol_version}});x.session.version=x.version;var u=T.session_id.bytes();u.length>0&&u===x.session.id?(x.expect=f,x.session.resuming=!0,x.session.sp.server_random=T.random.bytes()):(x.expect=l,x.session.resuming=!1,a.createSecurityParameters(x,T)),x.session.id=u,x.process()}},a.handleClientHello=function(x,D,R){var T=a.parseHelloMessage(x,D,R);if(!x.fail){var u=T.session_id.bytes(),N=null;if(x.sessionCache&&(N=x.sessionCache.getSession(u),N===null?u="":(N.version.major!==T.version.major||N.version.minor>T.version.minor)&&(N=null,u="")),u.length===0&&(u=t.random.getBytes(32)),x.session.id=u,x.session.clientHelloVersion=T.version,x.session.sp={},N)x.version=x.session.version=N.version,x.session.sp=N.sp;else{for(var V,G=1;G<a.SupportedVersions.length&&(V=a.SupportedVersions[G],!(V.minor<=T.version.minor));++G);x.version={major:V.major,minor:V.minor},x.session.version=x.version}N!==null?(x.expect=_,x.session.resuming=!0,x.session.sp.client_random=T.random.bytes()):(x.expect=x.verifyClient!==!1?h:g,x.session.resuming=!1,a.createSecurityParameters(x,T)),x.open=!0,a.queue(x,a.createRecord(x,{type:a.ContentType.handshake,data:a.createServerHello(x)})),x.session.resuming?(a.queue(x,a.createRecord(x,{type:a.ContentType.change_cipher_spec,data:a.createChangeCipherSpec()})),x.state.pending=a.createConnectionState(x),x.state.current.write=x.state.pending.write,a.queue(x,a.createRecord(x,{type:a.ContentType.handshake,data:a.createFinished(x)}))):(a.queue(x,a.createRecord(x,{type:a.ContentType.handshake,data:a.createCertificate(x)})),x.fail||(a.queue(x,a.createRecord(x,{type:a.ContentType.handshake,data:a.createServerKeyExchange(x)})),x.verifyClient!==!1&&a.queue(x,a.createRecord(x,{type:a.ContentType.handshake,data:a.createCertificateRequest(x)})),a.queue(x,a.createRecord(x,{type:a.ContentType.handshake,data:a.createServerHelloDone(x)})))),a.flush(x),x.process()}},a.handleCertificate=function(x,D,R){if(R<3)return x.error(x,{message:"Invalid Certificate message. Message too short.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}});var T=D.fragment,u={certificate_list:y(T,3)},N,V,G=[];try{for(;u.certificate_list.length()>0;)N=y(u.certificate_list,3),V=t.asn1.fromDer(N),N=t.pki.certificateFromAsn1(V,!0),G.push(N)}catch(Z){return x.error(x,{message:"Could not parse certificate list.",cause:Z,send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.bad_certificate}})}var ne=x.entity===a.ConnectionEnd.client;(ne||x.verifyClient===!0)&&G.length===0?x.error(x,{message:ne?"No server certificate provided.":"No client certificate provided.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}}):G.length===0?x.expect=ne?S:g:(ne?x.session.serverCertificate=G[0]:x.session.clientCertificate=G[0],a.verifyCertificateChain(x,G)&&(x.expect=ne?S:g)),x.process()},a.handleServerKeyExchange=function(x,D,R){if(R>0)return x.error(x,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.unsupported_certificate}});x.expect=L,x.process()},a.handleClientKeyExchange=function(x,D,R){if(R<48)return x.error(x,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.unsupported_certificate}});var T=D.fragment,u={enc_pre_master_secret:y(T,2).getBytes()},N=null;if(x.getPrivateKey)try{N=x.getPrivateKey(x,x.session.serverCertificate),N=t.pki.privateKeyFromPem(N)}catch(ne){x.error(x,{message:"Could not get private key.",cause:ne,send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}})}if(N===null)return x.error(x,{message:"No private key set.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}});try{var V=x.session.sp;V.pre_master_secret=N.decrypt(u.enc_pre_master_secret);var G=x.session.clientHelloVersion;if(G.major!==V.pre_master_secret.charCodeAt(0)||G.minor!==V.pre_master_secret.charCodeAt(1))throw new Error("TLS version rollback attack detected.")}catch{V.pre_master_secret=t.random.getBytes(48)}x.expect=_,x.session.clientCertificate!==null&&(x.expect=I),x.process()},a.handleCertificateRequest=function(x,D,R){if(R<3)return x.error(x,{message:"Invalid CertificateRequest. Message too short.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}});var T=D.fragment,u={certificate_types:y(T,1),certificate_authorities:y(T,2)};x.session.certificateRequest=u,x.expect=b,x.process()},a.handleCertificateVerify=function(x,D,R){if(R<2)return x.error(x,{message:"Invalid CertificateVerify. Message too short.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}});var T=D.fragment;T.read-=4;var u=T.bytes();T.read+=4;var N={signature:y(T,2).getBytes()},V=t.util.createBuffer();V.putBuffer(x.session.md5.digest()),V.putBuffer(x.session.sha1.digest()),V=V.getBytes();try{var G=x.session.clientCertificate;if(!G.publicKey.verify(V,N.signature,"NONE"))throw new Error("CertificateVerify signature does not match.");x.session.md5.update(u),x.session.sha1.update(u)}catch{return x.error(x,{message:"Bad signature in CertificateVerify.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.handshake_failure}})}x.expect=_,x.process()},a.handleServerHelloDone=function(x,D,R){if(R>0)return x.error(x,{message:"Invalid ServerHelloDone message. Invalid length.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.record_overflow}});if(x.serverCertificate===null){var T={message:"No server certificate provided. Not enough security.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.insufficient_security}},u=0,N=x.verify(x,T.alert.description,u,[]);if(N!==!0)return(N||N===0)&&(typeof N=="object"&&!t.util.isArray(N)?(N.message&&(T.message=N.message),N.alert&&(T.alert.description=N.alert)):typeof N=="number"&&(T.alert.description=N)),x.error(x,T)}x.session.certificateRequest!==null&&(D=a.createRecord(x,{type:a.ContentType.handshake,data:a.createCertificate(x)}),a.queue(x,D)),D=a.createRecord(x,{type:a.ContentType.handshake,data:a.createClientKeyExchange(x)}),a.queue(x,D),x.expect=C;var V=function(G,ne){G.session.certificateRequest!==null&&G.session.clientCertificate!==null&&a.queue(G,a.createRecord(G,{type:a.ContentType.handshake,data:a.createCertificateVerify(G,ne)})),a.queue(G,a.createRecord(G,{type:a.ContentType.change_cipher_spec,data:a.createChangeCipherSpec()})),G.state.pending=a.createConnectionState(G),G.state.current.write=G.state.pending.write,a.queue(G,a.createRecord(G,{type:a.ContentType.handshake,data:a.createFinished(G)})),G.expect=f,a.flush(G),G.process()};if(x.session.certificateRequest===null||x.session.clientCertificate===null)return V(x,null);a.getClientSignature(x,V)},a.handleChangeCipherSpec=function(x,D){if(D.fragment.getByte()!==1)return x.error(x,{message:"Invalid ChangeCipherSpec message received.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}});var R=x.entity===a.ConnectionEnd.client;(x.session.resuming&&R||!x.session.resuming&&!R)&&(x.state.pending=a.createConnectionState(x)),x.state.current.read=x.state.pending.read,(!x.session.resuming&&R||x.session.resuming&&!R)&&(x.state.pending=null),x.expect=R?m:d,x.process()},a.handleFinished=function(x,D,R){var T=D.fragment;T.read-=4;var u=T.bytes();T.read+=4;var N=D.fragment.getBytes();T=t.util.createBuffer(),T.putBuffer(x.session.md5.digest()),T.putBuffer(x.session.sha1.digest());var V=x.entity===a.ConnectionEnd.client,G=V?"server finished":"client finished",ne=x.session.sp,Z=12,z=e;if(T=z(ne.master_secret,G,T.getBytes(),Z),T.getBytes()!==N)return x.error(x,{message:"Invalid verify_data in Finished message.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.decrypt_error}});x.session.md5.update(u),x.session.sha1.update(u),(x.session.resuming&&V||!x.session.resuming&&!V)&&(a.queue(x,a.createRecord(x,{type:a.ContentType.change_cipher_spec,data:a.createChangeCipherSpec()})),x.state.current.write=x.state.pending.write,x.state.pending=null,a.queue(x,a.createRecord(x,{type:a.ContentType.handshake,data:a.createFinished(x)}))),x.expect=V?E:s,x.handshaking=!1,++x.handshakes,x.peerCertificate=V?x.session.serverCertificate:x.session.clientCertificate,a.flush(x),x.isConnected=!0,x.connected(x),x.process()},a.handleAlert=function(x,D){var R=D.fragment,T={level:R.getByte(),description:R.getByte()},u;switch(T.description){case a.Alert.Description.close_notify:u="Connection closed.";break;case a.Alert.Description.unexpected_message:u="Unexpected message.";break;case a.Alert.Description.bad_record_mac:u="Bad record MAC.";break;case a.Alert.Description.decryption_failed:u="Decryption failed.";break;case a.Alert.Description.record_overflow:u="Record overflow.";break;case a.Alert.Description.decompression_failure:u="Decompression failed.";break;case a.Alert.Description.handshake_failure:u="Handshake failure.";break;case a.Alert.Description.bad_certificate:u="Bad certificate.";break;case a.Alert.Description.unsupported_certificate:u="Unsupported certificate.";break;case a.Alert.Description.certificate_revoked:u="Certificate revoked.";break;case a.Alert.Description.certificate_expired:u="Certificate expired.";break;case a.Alert.Description.certificate_unknown:u="Certificate unknown.";break;case a.Alert.Description.illegal_parameter:u="Illegal parameter.";break;case a.Alert.Description.unknown_ca:u="Unknown certificate authority.";break;case a.Alert.Description.access_denied:u="Access denied.";break;case a.Alert.Description.decode_error:u="Decode error.";break;case a.Alert.Description.decrypt_error:u="Decrypt error.";break;case a.Alert.Description.export_restriction:u="Export restriction.";break;case a.Alert.Description.protocol_version:u="Unsupported protocol version.";break;case a.Alert.Description.insufficient_security:u="Insufficient security.";break;case a.Alert.Description.internal_error:u="Internal error.";break;case a.Alert.Description.user_canceled:u="User canceled.";break;case a.Alert.Description.no_renegotiation:u="Renegotiation not supported.";break;default:u="Unknown error.";break}if(T.description===a.Alert.Description.close_notify)return x.close();x.error(x,{message:u,send:!1,origin:x.entity===a.ConnectionEnd.client?"server":"client",alert:T}),x.process()},a.handleHandshake=function(x,D){var R=D.fragment,T=R.getByte(),u=R.getInt24();if(u>R.length())return x.fragmented=D,D.fragment=t.util.createBuffer(),R.read-=4,x.process();x.fragmented=null,R.read-=4;var N=R.bytes(u+4);R.read+=4,T in ge[x.entity][x.expect]?(x.entity===a.ConnectionEnd.server&&!x.open&&!x.fail&&(x.handshaking=!0,x.session={version:null,extensions:{server_name:{serverNameList:[]}},cipherSuite:null,compressionMethod:null,serverCertificate:null,clientCertificate:null,md5:t.md.md5.create(),sha1:t.md.sha1.create()}),T!==a.HandshakeType.hello_request&&T!==a.HandshakeType.certificate_verify&&T!==a.HandshakeType.finished&&(x.session.md5.update(N),x.session.sha1.update(N)),ge[x.entity][x.expect][T](x,D,u)):a.handleUnexpected(x,D)},a.handleApplicationData=function(x,D){x.data.putBuffer(D.fragment),x.dataReady(x),x.process()},a.handleHeartbeat=function(x,D){var R=D.fragment,T=R.getByte(),u=R.getInt16(),N=R.getBytes(u);if(T===a.HeartbeatMessageType.heartbeat_request){if(x.handshaking||u>N.length)return x.process();a.queue(x,a.createRecord(x,{type:a.ContentType.heartbeat,data:a.createHeartbeat(a.HeartbeatMessageType.heartbeat_response,N)})),a.flush(x)}else if(T===a.HeartbeatMessageType.heartbeat_response){if(N!==x.expectedHeartbeatPayload)return x.process();x.heartbeatReceived&&x.heartbeatReceived(x,t.util.createBuffer(N))}x.process()};var v=0,l=1,S=2,L=3,b=4,f=5,m=6,E=7,C=8,o=0,h=1,g=2,I=3,_=4,d=5,s=6,n=a.handleUnexpected,B=a.handleChangeCipherSpec,U=a.handleAlert,O=a.handleHandshake,P=a.handleApplicationData,F=a.handleHeartbeat,q=[];q[a.ConnectionEnd.client]=[[n,U,O,n,F],[n,U,O,n,F],[n,U,O,n,F],[n,U,O,n,F],[n,U,O,n,F],[B,U,n,n,F],[n,U,O,n,F],[n,U,O,P,F],[n,U,O,n,F]],q[a.ConnectionEnd.server]=[[n,U,O,n,F],[n,U,O,n,F],[n,U,O,n,F],[n,U,O,n,F],[B,U,n,n,F],[n,U,O,n,F],[n,U,O,P,F],[n,U,O,n,F]];var M=a.handleHelloRequest,H=a.handleServerHello,Q=a.handleCertificate,j=a.handleServerKeyExchange,J=a.handleCertificateRequest,ce=a.handleServerHelloDone,se=a.handleFinished,ge=[];ge[a.ConnectionEnd.client]=[[n,n,H,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n],[M,n,n,n,n,n,n,n,n,n,n,Q,j,J,ce,n,n,n,n,n,n],[M,n,n,n,n,n,n,n,n,n,n,n,j,J,ce,n,n,n,n,n,n],[M,n,n,n,n,n,n,n,n,n,n,n,n,J,ce,n,n,n,n,n,n],[M,n,n,n,n,n,n,n,n,n,n,n,n,n,ce,n,n,n,n,n,n],[M,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n],[M,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,se],[M,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n],[M,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n]];var de=a.handleClientHello,he=a.handleClientKeyExchange,X=a.handleCertificateVerify;ge[a.ConnectionEnd.server]=[[n,de,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n],[n,n,n,n,n,n,n,n,n,n,n,Q,n,n,n,n,n,n,n,n,n],[n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,he,n,n,n,n],[n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,X,n,n,n,n,n],[n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n],[n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,se],[n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n],[n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n,n]],a.generateKeys=function(x,D){var R=e,T=D.client_random+D.server_random;x.session.resuming||(D.master_secret=R(D.pre_master_secret,"master secret",T,48).bytes(),D.pre_master_secret=null),T=D.server_random+D.client_random;var u=2*D.mac_key_length+2*D.enc_key_length,N=x.version.major===a.Versions.TLS_1_0.major&&x.version.minor===a.Versions.TLS_1_0.minor;N&&(u+=2*D.fixed_iv_length);var V=R(D.master_secret,"key expansion",T,u),G={client_write_MAC_key:V.getBytes(D.mac_key_length),server_write_MAC_key:V.getBytes(D.mac_key_length),client_write_key:V.getBytes(D.enc_key_length),server_write_key:V.getBytes(D.enc_key_length)};return N&&(G.client_write_IV=V.getBytes(D.fixed_iv_length),G.server_write_IV=V.getBytes(D.fixed_iv_length)),G},a.createConnectionState=function(x){var D=x.entity===a.ConnectionEnd.client,R=function(){var N={sequenceNumber:[0,0],macKey:null,macLength:0,macFunction:null,cipherState:null,cipherFunction:function(V){return!0},compressionState:null,compressFunction:function(V){return!0},updateSequenceNumber:function(){N.sequenceNumber[1]===4294967295?(N.sequenceNumber[1]=0,++N.sequenceNumber[0]):++N.sequenceNumber[1]}};return N},T={read:R(),write:R()};if(T.read.update=function(N,V){return T.read.cipherFunction(V,T.read)?T.read.compressFunction(N,V,T.read)||N.error(N,{message:"Could not decompress record.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.decompression_failure}}):N.error(N,{message:"Could not decrypt record or bad MAC.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.bad_record_mac}}),!N.fail},T.write.update=function(N,V){return T.write.compressFunction(N,V,T.write)?T.write.cipherFunction(V,T.write)||N.error(N,{message:"Could not encrypt record.",send:!1,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}}):N.error(N,{message:"Could not compress record.",send:!1,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}}),!N.fail},x.session){var u=x.session.sp;switch(x.session.cipherSuite.initSecurityParameters(u),u.keys=a.generateKeys(x,u),T.read.macKey=D?u.keys.server_write_MAC_key:u.keys.client_write_MAC_key,T.write.macKey=D?u.keys.client_write_MAC_key:u.keys.server_write_MAC_key,x.session.cipherSuite.initConnectionState(T,x,u),u.compression_algorithm){case a.CompressionMethod.none:break;case a.CompressionMethod.deflate:T.read.compressFunction=p,T.write.compressFunction=i;break;default:throw new Error("Unsupported compression algorithm.")}}return T},a.createRandom=function(){var x=new Date,D=+x+x.getTimezoneOffset()*6e4,R=t.util.createBuffer();return R.putInt32(D),R.putBytes(t.random.getBytes(28)),R},a.createRecord=function(x,D){if(!D.data)return null;var R={type:D.type,version:{major:x.version.major,minor:x.version.minor},length:D.data.length(),fragment:D.data};return R},a.createAlert=function(x,D){var R=t.util.createBuffer();return R.putByte(D.level),R.putByte(D.description),a.createRecord(x,{type:a.ContentType.alert,data:R})},a.createClientHello=function(x){x.session.clientHelloVersion={major:x.version.major,minor:x.version.minor};for(var D=t.util.createBuffer(),R=0;R<x.cipherSuites.length;++R){var T=x.cipherSuites[R];D.putByte(T.id[0]),D.putByte(T.id[1])}var u=D.length(),N=t.util.createBuffer();N.putByte(a.CompressionMethod.none);var V=N.length(),G=t.util.createBuffer();if(x.virtualHost){var ne=t.util.createBuffer();ne.putByte(0),ne.putByte(0);var Z=t.util.createBuffer();Z.putByte(0),c(Z,2,t.util.createBuffer(x.virtualHost));var z=t.util.createBuffer();c(z,2,Z),c(ne,2,z),G.putBuffer(ne)}var ee=G.length();ee>0&&(ee+=2);var fe=x.session.id,ve=fe.length+1+2+4+28+2+u+1+V+ee,pe=t.util.createBuffer();return pe.putByte(a.HandshakeType.client_hello),pe.putInt24(ve),pe.putByte(x.version.major),pe.putByte(x.version.minor),pe.putBytes(x.session.sp.client_random),c(pe,1,t.util.createBuffer(fe)),c(pe,2,D),c(pe,1,N),ee>0&&c(pe,2,G),pe},a.createServerHello=function(x){var D=x.session.id,R=D.length+1+2+4+28+2+1,T=t.util.createBuffer();return T.putByte(a.HandshakeType.server_hello),T.putInt24(R),T.putByte(x.version.major),T.putByte(x.version.minor),T.putBytes(x.session.sp.server_random),c(T,1,t.util.createBuffer(D)),T.putByte(x.session.cipherSuite.id[0]),T.putByte(x.session.cipherSuite.id[1]),T.putByte(x.session.compressionMethod),T},a.createCertificate=function(x){var D=x.entity===a.ConnectionEnd.client,R=null;if(x.getCertificate){var T;D?T=x.session.certificateRequest:T=x.session.extensions.server_name.serverNameList,R=x.getCertificate(x,T)}var u=t.util.createBuffer();if(R!==null)try{t.util.isArray(R)||(R=[R]);for(var N=null,V=0;V<R.length;++V){var G=t.pem.decode(R[V])[0];if(G.type!=="CERTIFICATE"&&G.type!=="X509 CERTIFICATE"&&G.type!=="TRUSTED CERTIFICATE"){var ne=new Error('Could not convert certificate from PEM; PEM header type is not "CERTIFICATE", "X509 CERTIFICATE", or "TRUSTED CERTIFICATE".');throw ne.headerType=G.type,ne}if(G.procType&&G.procType.type==="ENCRYPTED")throw new Error("Could not convert certificate from PEM; PEM is encrypted.");var Z=t.util.createBuffer(G.body);N===null&&(N=t.asn1.fromDer(Z.bytes(),!1));var z=t.util.createBuffer();c(z,3,Z),u.putBuffer(z)}R=t.pki.certificateFromAsn1(N),D?x.session.clientCertificate=R:x.session.serverCertificate=R}catch(ve){return x.error(x,{message:"Could not send certificate list.",cause:ve,send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.bad_certificate}})}var ee=3+u.length(),fe=t.util.createBuffer();return fe.putByte(a.HandshakeType.certificate),fe.putInt24(ee),c(fe,3,u),fe},a.createClientKeyExchange=function(x){var D=t.util.createBuffer();D.putByte(x.session.clientHelloVersion.major),D.putByte(x.session.clientHelloVersion.minor),D.putBytes(t.random.getBytes(46));var R=x.session.sp;R.pre_master_secret=D.getBytes();var T=x.session.serverCertificate.publicKey;D=T.encrypt(R.pre_master_secret);var u=D.length+2,N=t.util.createBuffer();return N.putByte(a.HandshakeType.client_key_exchange),N.putInt24(u),N.putInt16(D.length),N.putBytes(D),N},a.createServerKeyExchange=function(x){var D=t.util.createBuffer();return D},a.getClientSignature=function(x,D){var R=t.util.createBuffer();R.putBuffer(x.session.md5.digest()),R.putBuffer(x.session.sha1.digest()),R=R.getBytes(),x.getSignature=x.getSignature||function(T,u,N){var V=null;if(T.getPrivateKey)try{V=T.getPrivateKey(T,T.session.clientCertificate),V=t.pki.privateKeyFromPem(V)}catch(G){T.error(T,{message:"Could not get private key.",cause:G,send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}})}V===null?T.error(T,{message:"No private key set.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}}):u=V.sign(u,null),N(T,u)},x.getSignature(x,R,D)},a.createCertificateVerify=function(x,D){var R=D.length+2,T=t.util.createBuffer();return T.putByte(a.HandshakeType.certificate_verify),T.putInt24(R),T.putInt16(D.length),T.putBytes(D),T},a.createCertificateRequest=function(x){var D=t.util.createBuffer();D.putByte(1);var R=t.util.createBuffer();for(var T in x.caStore.certs){var u=x.caStore.certs[T],N=t.pki.distinguishedNameToAsn1(u.subject),V=t.asn1.toDer(N);R.putInt16(V.length()),R.putBuffer(V)}var G=1+D.length()+2+R.length(),ne=t.util.createBuffer();return ne.putByte(a.HandshakeType.certificate_request),ne.putInt24(G),c(ne,1,D),c(ne,2,R),ne},a.createServerHelloDone=function(x){var D=t.util.createBuffer();return D.putByte(a.HandshakeType.server_hello_done),D.putInt24(0),D},a.createChangeCipherSpec=function(){var x=t.util.createBuffer();return x.putByte(1),x},a.createFinished=function(x){var D=t.util.createBuffer();D.putBuffer(x.session.md5.digest()),D.putBuffer(x.session.sha1.digest());var R=x.entity===a.ConnectionEnd.client,T=x.session.sp,u=12,N=e,V=R?"client finished":"server finished";D=N(T.master_secret,V,D.getBytes(),u);var G=t.util.createBuffer();return G.putByte(a.HandshakeType.finished),G.putInt24(D.length()),G.putBuffer(D),G},a.createHeartbeat=function(x,D,R){typeof R>"u"&&(R=D.length);var T=t.util.createBuffer();T.putByte(x),T.putInt16(R),T.putBytes(D);var u=T.length(),N=Math.max(16,u-R-3);return T.putBytes(t.random.getBytes(N)),T},a.queue=function(x,D){if(D&&!(D.fragment.length()===0&&(D.type===a.ContentType.handshake||D.type===a.ContentType.alert||D.type===a.ContentType.change_cipher_spec))){if(D.type===a.ContentType.handshake){var R=D.fragment.bytes();x.session.md5.update(R),x.session.sha1.update(R),R=null}var T;if(D.fragment.length()<=a.MaxFragment)T=[D];else{T=[];for(var u=D.fragment.bytes();u.length>a.MaxFragment;)T.push(a.createRecord(x,{type:D.type,data:t.util.createBuffer(u.slice(0,a.MaxFragment))})),u=u.slice(a.MaxFragment);u.length>0&&T.push(a.createRecord(x,{type:D.type,data:t.util.createBuffer(u)}))}for(var N=0;N<T.length&&!x.fail;++N){var V=T[N],G=x.state.current.write;G.update(x,V)&&x.records.push(V)}}},a.flush=function(x){for(var D=0;D<x.records.length;++D){var R=x.records[D];x.tlsData.putByte(R.type),x.tlsData.putByte(R.version.major),x.tlsData.putByte(R.version.minor),x.tlsData.putInt16(R.fragment.length()),x.tlsData.putBuffer(x.records[D].fragment)}return x.records=[],x.tlsDataReady(x)};var W=function(x){switch(x){case!0:return!0;case t.pki.certificateError.bad_certificate:return a.Alert.Description.bad_certificate;case t.pki.certificateError.unsupported_certificate:return a.Alert.Description.unsupported_certificate;case t.pki.certificateError.certificate_revoked:return a.Alert.Description.certificate_revoked;case t.pki.certificateError.certificate_expired:return a.Alert.Description.certificate_expired;case t.pki.certificateError.certificate_unknown:return a.Alert.Description.certificate_unknown;case t.pki.certificateError.unknown_ca:return a.Alert.Description.unknown_ca;default:return a.Alert.Description.bad_certificate}},$e=function(x){switch(x){case!0:return!0;case a.Alert.Description.bad_certificate:return t.pki.certificateError.bad_certificate;case a.Alert.Description.unsupported_certificate:return t.pki.certificateError.unsupported_certificate;case a.Alert.Description.certificate_revoked:return t.pki.certificateError.certificate_revoked;case a.Alert.Description.certificate_expired:return t.pki.certificateError.certificate_expired;case a.Alert.Description.certificate_unknown:return t.pki.certificateError.certificate_unknown;case a.Alert.Description.unknown_ca:return t.pki.certificateError.unknown_ca;default:return t.pki.certificateError.bad_certificate}};a.verifyCertificateChain=function(x,D){try{var R={};for(var T in x.verifyOptions)R[T]=x.verifyOptions[T];R.verify=function(N,V,G){var ne=W(N),Z=x.verify(x,N,V,G);if(Z!==!0){if(typeof Z=="object"&&!t.util.isArray(Z)){var z=new Error("The application rejected the certificate.");throw z.send=!0,z.alert={level:a.Alert.Level.fatal,description:a.Alert.Description.bad_certificate},Z.message&&(z.message=Z.message),Z.alert&&(z.alert.description=Z.alert),z}Z!==N&&(Z=$e(Z))}return Z},t.pki.verifyCertificateChain(x.caStore,D,R)}catch(N){var u=N;(typeof u!="object"||t.util.isArray(u))&&(u={send:!0,alert:{level:a.Alert.Level.fatal,description:W(N)}}),"send"in u||(u.send=!0),"alert"in u||(u.alert={level:a.Alert.Level.fatal,description:W(u.error)}),x.error(x,u)}return!x.fail},a.createSessionCache=function(x,D){var R=null;if(x&&x.getSession&&x.setSession&&x.order)R=x;else{R={},R.cache=x||{},R.capacity=Math.max(D||100,1),R.order=[];for(var T in x)R.order.length<=D?R.order.push(T):delete x[T];R.getSession=function(u){var N=null,V=null;if(u?V=t.util.bytesToHex(u):R.order.length>0&&(V=R.order[0]),V!==null&&V in R.cache){N=R.cache[V],delete R.cache[V];for(var G in R.order)if(R.order[G]===V){R.order.splice(G,1);break}}return N},R.setSession=function(u,N){if(R.order.length===R.capacity){var V=R.order.shift();delete R.cache[V]}var V=t.util.bytesToHex(u);R.order.push(V),R.cache[V]=N}}return R},a.createConnection=function(x){var D=null;x.caStore?t.util.isArray(x.caStore)?D=t.pki.createCaStore(x.caStore):D=x.caStore:D=t.pki.createCaStore();var R=x.cipherSuites||null;if(R===null){R=[];for(var T in a.CipherSuites)R.push(a.CipherSuites[T])}var u=x.server?a.ConnectionEnd.server:a.ConnectionEnd.client,N=x.sessionCache?a.createSessionCache(x.sessionCache):null,V={version:{major:a.Version.major,minor:a.Version.minor},entity:u,sessionId:x.sessionId,caStore:D,sessionCache:N,cipherSuites:R,connected:x.connected,virtualHost:x.virtualHost||null,verifyClient:x.verifyClient||!1,verify:x.verify||function(z,ee,fe,ve){return ee},verifyOptions:x.verifyOptions||{},getCertificate:x.getCertificate||null,getPrivateKey:x.getPrivateKey||null,getSignature:x.getSignature||null,input:t.util.createBuffer(),tlsData:t.util.createBuffer(),data:t.util.createBuffer(),tlsDataReady:x.tlsDataReady,dataReady:x.dataReady,heartbeatReceived:x.heartbeatReceived,closed:x.closed,error:function(z,ee){ee.origin=ee.origin||(z.entity===a.ConnectionEnd.client?"client":"server"),ee.send&&(a.queue(z,a.createAlert(z,ee.alert)),a.flush(z));var fe=ee.fatal!==!1;fe&&(z.fail=!0),x.error(z,ee),fe&&z.close(!1)},deflate:x.deflate||null,inflate:x.inflate||null};V.reset=function(z){V.version={major:a.Version.major,minor:a.Version.minor},V.record=null,V.session=null,V.peerCertificate=null,V.state={pending:null,current:null},V.expect=V.entity===a.ConnectionEnd.client?v:o,V.fragmented=null,V.records=[],V.open=!1,V.handshakes=0,V.handshaking=!1,V.isConnected=!1,V.fail=!(z||typeof z>"u"),V.input.clear(),V.tlsData.clear(),V.data.clear(),V.state.current=a.createConnectionState(V)},V.reset();var G=function(z,ee){var fe=ee.type-a.ContentType.change_cipher_spec,ve=q[z.entity][z.expect];fe in ve?ve[fe](z,ee):a.handleUnexpected(z,ee)},ne=function(z){var ee=0,fe=z.input,ve=fe.length();if(ve<5)ee=5-ve;else{z.record={type:fe.getByte(),version:{major:fe.getByte(),minor:fe.getByte()},length:fe.getInt16(),fragment:t.util.createBuffer(),ready:!1};var pe=z.record.version.major===z.version.major;pe&&z.session&&z.session.version&&(pe=z.record.version.minor===z.version.minor),pe||z.error(z,{message:"Incompatible TLS version.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.protocol_version}})}return ee},Z=function(z){var ee=0,fe=z.input,ve=fe.length();if(ve<z.record.length)ee=z.record.length-ve;else{z.record.fragment.putBytes(fe.getBytes(z.record.length)),fe.compact();var pe=z.state.current.read;pe.update(z,z.record)&&(z.fragmented!==null&&(z.fragmented.type===z.record.type?(z.fragmented.fragment.putBuffer(z.record.fragment),z.record=z.fragmented):z.error(z,{message:"Invalid fragmented record.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.unexpected_message}})),z.record.ready=!0)}return ee};return V.handshake=function(z){if(V.entity!==a.ConnectionEnd.client)V.error(V,{message:"Cannot initiate handshake as a server.",fatal:!1});else if(V.handshaking)V.error(V,{message:"Handshake already in progress.",fatal:!1});else{V.fail&&!V.open&&V.handshakes===0&&(V.fail=!1),V.handshaking=!0,z=z||"";var ee=null;z.length>0&&(V.sessionCache&&(ee=V.sessionCache.getSession(z)),ee===null&&(z="")),z.length===0&&V.sessionCache&&(ee=V.sessionCache.getSession(),ee!==null&&(z=ee.id)),V.session={id:z,version:null,cipherSuite:null,compressionMethod:null,serverCertificate:null,certificateRequest:null,clientCertificate:null,sp:{},md5:t.md.md5.create(),sha1:t.md.sha1.create()},ee&&(V.version=ee.version,V.session.sp=ee.sp),V.session.sp.client_random=a.createRandom().getBytes(),V.open=!0,a.queue(V,a.createRecord(V,{type:a.ContentType.handshake,data:a.createClientHello(V)})),a.flush(V)}},V.process=function(z){var ee=0;return z&&V.input.putBytes(z),V.fail||(V.record!==null&&V.record.ready&&V.record.fragment.isEmpty()&&(V.record=null),V.record===null&&(ee=ne(V)),!V.fail&&V.record!==null&&!V.record.ready&&(ee=Z(V)),!V.fail&&V.record!==null&&V.record.ready&&G(V,V.record)),ee},V.prepare=function(z){return a.queue(V,a.createRecord(V,{type:a.ContentType.application_data,data:t.util.createBuffer(z)})),a.flush(V)},V.prepareHeartbeatRequest=function(z,ee){return z instanceof t.util.ByteBuffer&&(z=z.bytes()),typeof ee>"u"&&(ee=z.length),V.expectedHeartbeatPayload=z,a.queue(V,a.createRecord(V,{type:a.ContentType.heartbeat,data:a.createHeartbeat(a.HeartbeatMessageType.heartbeat_request,z,ee)})),a.flush(V)},V.close=function(z){if(!V.fail&&V.sessionCache&&V.session){var ee={id:V.session.id,version:V.session.version,sp:V.session.sp};ee.sp.keys=null,V.sessionCache.setSession(ee.id,ee)}V.open&&(V.open=!1,V.input.clear(),(V.isConnected||V.handshaking)&&(V.isConnected=V.handshaking=!1,a.queue(V,a.createAlert(V,{level:a.Alert.Level.warning,description:a.Alert.Description.close_notify})),a.flush(V)),V.closed(V)),V.reset(z)},V},Qr=t.tls=t.tls||{};for(var we in a)typeof a[we]!="function"&&(t.tls[we]=a[we]);return t.tls.prf_tls1=e,t.tls.hmac_sha1=r,t.tls.createSessionCache=a.createSessionCache,t.tls.createConnection=a.createConnection,Qr}var pn;function Ks(){if(pn)return Sr.exports;pn=1;var t=ye();wt(),ci();var e=Sr.exports=t.tls;e.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA={id:[0,47],name:"TLS_RSA_WITH_AES_128_CBC_SHA",initSecurityParameters:function(v){v.bulk_cipher_algorithm=e.BulkCipherAlgorithm.aes,v.cipher_type=e.CipherType.block,v.enc_key_length=16,v.block_length=16,v.fixed_iv_length=16,v.record_iv_length=16,v.mac_algorithm=e.MACAlgorithm.hmac_sha1,v.mac_length=20,v.mac_key_length=20},initConnectionState:r},e.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA={id:[0,53],name:"TLS_RSA_WITH_AES_256_CBC_SHA",initSecurityParameters:function(v){v.bulk_cipher_algorithm=e.BulkCipherAlgorithm.aes,v.cipher_type=e.CipherType.block,v.enc_key_length=32,v.block_length=16,v.fixed_iv_length=16,v.record_iv_length=16,v.mac_algorithm=e.MACAlgorithm.hmac_sha1,v.mac_length=20,v.mac_key_length=20},initConnectionState:r};function r(v,l,S){var L=l.entity===t.tls.ConnectionEnd.client;v.read.cipherState={init:!1,cipher:t.cipher.createDecipher("AES-CBC",L?S.keys.server_write_key:S.keys.client_write_key),iv:L?S.keys.server_write_IV:S.keys.client_write_IV},v.write.cipherState={init:!1,cipher:t.cipher.createCipher("AES-CBC",L?S.keys.client_write_key:S.keys.server_write_key),iv:L?S.keys.client_write_IV:S.keys.server_write_IV},v.read.cipherFunction=c,v.write.cipherFunction=i,v.read.macLength=v.write.macLength=S.mac_length,v.read.macFunction=v.write.macFunction=e.hmac_sha1}function i(v,l){var S=!1,L=l.macFunction(l.macKey,l.sequenceNumber,v);v.fragment.putBytes(L),l.updateSequenceNumber();var b;v.version.minor===e.Versions.TLS_1_0.minor?b=l.cipherState.init?null:l.cipherState.iv:b=t.random.getBytesSync(16),l.cipherState.init=!0;var f=l.cipherState.cipher;return f.start({iv:b}),v.version.minor>=e.Versions.TLS_1_1.minor&&f.output.putBytes(b),f.update(v.fragment),f.finish(p)&&(v.fragment=f.output,v.length=v.fragment.length(),S=!0),S}function p(v,l,S){if(!S){var L=v-l.length()%v;l.fillWithByte(L-1,L)}return!0}function y(v,l,S){var L=!0;if(S){for(var b=l.length(),f=l.last(),m=b-1-f;m<b-1;++m)L=L&&l.at(m)==f;L&&l.truncate(f+1)}return L}function c(v,l){var S=!1,L;v.version.minor===e.Versions.TLS_1_0.minor?L=l.cipherState.init?null:l.cipherState.iv:L=v.fragment.getBytes(16),l.cipherState.init=!0;var b=l.cipherState.cipher;b.start({iv:L}),b.update(v.fragment),S=b.finish(y);var f=l.macLength,m=t.random.getBytesSync(f),E=b.output.length();E>=f?(v.fragment=b.output.getBytes(E-f),m=b.output.getBytes(f)):v.fragment=b.output.getBytes(),v.fragment=t.util.createBuffer(v.fragment),v.length=v.fragment.length();var C=l.macFunction(l.macKey,l.sequenceNumber,v);return l.updateSequenceNumber(),S=a(l.macKey,m,C)&&S,S}function a(v,l,S){var L=t.hmac.create();return L.start("SHA1",v),L.update(l),l=L.digest().getBytes(),L.start(null,null),L.update(S),S=L.digest().getBytes(),l===S}return Sr.exports}var $r={exports:{}},hn;function ui(){if(hn)return $r.exports;hn=1;var t=ye();vt(),me();var e=$r.exports=t.sha512=t.sha512||{};t.md.sha512=t.md.algorithms.sha512=e;var r=t.sha384=t.sha512.sha384=t.sha512.sha384||{};r.create=function(){return e.create("SHA-384")},t.md.sha384=t.md.algorithms.sha384=r,t.sha512.sha256=t.sha512.sha256||{create:function(){return e.create("SHA-512/256")}},t.md["sha512/256"]=t.md.algorithms["sha512/256"]=t.sha512.sha256,t.sha512.sha224=t.sha512.sha224||{create:function(){return e.create("SHA-512/224")}},t.md["sha512/224"]=t.md.algorithms["sha512/224"]=t.sha512.sha224,e.create=function(l){if(p||a(),typeof l>"u"&&(l="SHA-512"),!(l in c))throw new Error("Invalid SHA-512 algorithm: "+l);for(var S=c[l],L=null,b=t.util.createBuffer(),f=new Array(80),m=0;m<80;++m)f[m]=new Array(2);var E=64;switch(l){case"SHA-384":E=48;break;case"SHA-512/256":E=32;break;case"SHA-512/224":E=28;break}var C={algorithm:l.replace("-","").toLowerCase(),blockLength:128,digestLength:E,messageLength:0,fullMessageLength:null,messageLengthSize:16};return C.start=function(){C.messageLength=0,C.fullMessageLength=C.messageLength128=[];for(var o=C.messageLengthSize/4,h=0;h<o;++h)C.fullMessageLength.push(0);b=t.util.createBuffer(),L=new Array(S.length);for(var h=0;h<S.length;++h)L[h]=S[h].slice(0);return C},C.start(),C.update=function(o,h){h==="utf8"&&(o=t.util.encodeUtf8(o));var g=o.length;C.messageLength+=g,g=[g/4294967296>>>0,g>>>0];for(var I=C.fullMessageLength.length-1;I>=0;--I)C.fullMessageLength[I]+=g[1],g[1]=g[0]+(C.fullMessageLength[I]/4294967296>>>0),C.fullMessageLength[I]=C.fullMessageLength[I]>>>0,g[0]=g[1]/4294967296>>>0;return b.putBytes(o),v(L,f,b),(b.read>2048||b.length()===0)&&b.compact(),C},C.digest=function(){var o=t.util.createBuffer();o.putBytes(b.bytes());var h=C.fullMessageLength[C.fullMessageLength.length-1]+C.messageLengthSize,g=h&C.blockLength-1;o.putBytes(i.substr(0,C.blockLength-g));for(var I,_,d=C.fullMessageLength[0]*8,s=0;s<C.fullMessageLength.length-1;++s)I=C.fullMessageLength[s+1]*8,_=I/4294967296>>>0,d+=_,o.putInt32(d>>>0),d=I>>>0;o.putInt32(d);for(var n=new Array(L.length),s=0;s<L.length;++s)n[s]=L[s].slice(0);v(n,f,o);var B=t.util.createBuffer(),U;l==="SHA-512"?U=n.length:l==="SHA-384"?U=n.length-2:U=n.length-4;for(var s=0;s<U;++s)B.putInt32(n[s][0]),(s!==U-1||l!=="SHA-512/224")&&B.putInt32(n[s][1]);return B},C};var i=null,p=!1,y=null,c=null;function a(){i="€",i+=t.util.fillString("\0",128),y=[[1116352408,3609767458],[1899447441,602891725],[3049323471,3964484399],[3921009573,2173295548],[961987163,4081628472],[1508970993,3053834265],[2453635748,2937671579],[2870763221,3664609560],[3624381080,2734883394],[310598401,1164996542],[607225278,1323610764],[1426881987,3590304994],[1925078388,4068182383],[2162078206,991336113],[2614888103,633803317],[3248222580,3479774868],[3835390401,2666613458],[4022224774,944711139],[264347078,2341262773],[604807628,2007800933],[770255983,1495990901],[1249150122,1856431235],[1555081692,3175218132],[1996064986,2198950837],[2554220882,3999719339],[2821834349,766784016],[2952996808,2566594879],[3210313671,3203337956],[3336571891,1034457026],[3584528711,2466948901],[113926993,3758326383],[338241895,168717936],[666307205,1188179964],[773529912,1546045734],[1294757372,1522805485],[1396182291,2643833823],[1695183700,2343527390],[1986661051,1014477480],[2177026350,1206759142],[2456956037,344077627],[2730485921,1290863460],[2820302411,3158454273],[3259730800,3505952657],[3345764771,106217008],[3516065817,3606008344],[3600352804,1432725776],[4094571909,1467031594],[275423344,851169720],[430227734,3100823752],[506948616,1363258195],[659060556,3750685593],[883997877,3785050280],[958139571,3318307427],[1322822218,3812723403],[1537002063,2003034995],[1747873779,3602036899],[1955562222,1575990012],[2024104815,1125592928],[2227730452,2716904306],[2361852424,442776044],[2428436474,593698344],[2756734187,3733110249],[3204031479,2999351573],[3329325298,3815920427],[3391569614,3928383900],[3515267271,566280711],[3940187606,3454069534],[4118630271,4000239992],[116418474,1914138554],[174292421,2731055270],[289380356,3203993006],[460393269,320620315],[685471733,587496836],[852142971,1086792851],[1017036298,365543100],[1126000580,2618297676],[1288033470,3409855158],[1501505948,4234509866],[1607167915,987167468],[1816402316,1246189591]],c={},c["SHA-512"]=[[1779033703,4089235720],[3144134277,2227873595],[1013904242,4271175723],[2773480762,1595750129],[1359893119,2917565137],[2600822924,725511199],[528734635,4215389547],[1541459225,327033209]],c["SHA-384"]=[[3418070365,3238371032],[1654270250,914150663],[2438529370,812702999],[355462360,4144912697],[1731405415,4290775857],[2394180231,1750603025],[3675008525,1694076839],[1203062813,3204075428]],c["SHA-512/256"]=[[573645204,4230739756],[2673172387,3360449730],[596883563,1867755857],[2520282905,1497426621],[2519219938,2827943907],[3193839141,1401305490],[721525244,746961066],[246885852,2177182882]],c["SHA-512/224"]=[[2352822216,424955298],[1944164710,2312950998],[502970286,855612546],[1738396948,1479516111],[258812777,2077511080],[2011393907,79989058],[1067287976,1780299464],[286451373,2446758561]],p=!0}function v(l,S,L){for(var b,f,m,E,C,o,h,g,I,_,d,s,n,B,U,O,P,F,q,M,H,Q,j,J,ce,se,ge,de,he,X,W,$e,we,x,D,R=L.length();R>=128;){for(he=0;he<16;++he)S[he][0]=L.getInt32()>>>0,S[he][1]=L.getInt32()>>>0;for(;he<80;++he)$e=S[he-2],X=$e[0],W=$e[1],b=((X>>>19|W<<13)^(W>>>29|X<<3)^X>>>6)>>>0,f=((X<<13|W>>>19)^(W<<3|X>>>29)^(X<<26|W>>>6))>>>0,x=S[he-15],X=x[0],W=x[1],m=((X>>>1|W<<31)^(X>>>8|W<<24)^X>>>7)>>>0,E=((X<<31|W>>>1)^(X<<24|W>>>8)^(X<<25|W>>>7))>>>0,we=S[he-7],D=S[he-16],W=f+we[1]+E+D[1],S[he][0]=b+we[0]+m+D[0]+(W/4294967296>>>0)>>>0,S[he][1]=W>>>0;for(n=l[0][0],B=l[0][1],U=l[1][0],O=l[1][1],P=l[2][0],F=l[2][1],q=l[3][0],M=l[3][1],H=l[4][0],Q=l[4][1],j=l[5][0],J=l[5][1],ce=l[6][0],se=l[6][1],ge=l[7][0],de=l[7][1],he=0;he<80;++he)h=((H>>>14|Q<<18)^(H>>>18|Q<<14)^(Q>>>9|H<<23))>>>0,g=((H<<18|Q>>>14)^(H<<14|Q>>>18)^(Q<<23|H>>>9))>>>0,I=(ce^H&(j^ce))>>>0,_=(se^Q&(J^se))>>>0,C=((n>>>28|B<<4)^(B>>>2|n<<30)^(B>>>7|n<<25))>>>0,o=((n<<4|B>>>28)^(B<<30|n>>>2)^(B<<25|n>>>7))>>>0,d=(n&U|P&(n^U))>>>0,s=(B&O|F&(B^O))>>>0,W=de+g+_+y[he][1]+S[he][1],b=ge+h+I+y[he][0]+S[he][0]+(W/4294967296>>>0)>>>0,f=W>>>0,W=o+s,m=C+d+(W/4294967296>>>0)>>>0,E=W>>>0,ge=ce,de=se,ce=j,se=J,j=H,J=Q,W=M+f,H=q+b+(W/4294967296>>>0)>>>0,Q=W>>>0,q=P,M=F,P=U,F=O,U=n,O=B,W=f+E,n=b+m+(W/4294967296>>>0)>>>0,B=W>>>0;W=l[0][1]+B,l[0][0]=l[0][0]+n+(W/4294967296>>>0)>>>0,l[0][1]=W>>>0,W=l[1][1]+O,l[1][0]=l[1][0]+U+(W/4294967296>>>0)>>>0,l[1][1]=W>>>0,W=l[2][1]+F,l[2][0]=l[2][0]+P+(W/4294967296>>>0)>>>0,l[2][1]=W>>>0,W=l[3][1]+M,l[3][0]=l[3][0]+q+(W/4294967296>>>0)>>>0,l[3][1]=W>>>0,W=l[4][1]+Q,l[4][0]=l[4][0]+H+(W/4294967296>>>0)>>>0,l[4][1]=W>>>0,W=l[5][1]+J,l[5][0]=l[5][0]+j+(W/4294967296>>>0)>>>0,l[5][1]=W>>>0,W=l[6][1]+se,l[6][0]=l[6][0]+ce+(W/4294967296>>>0)>>>0,l[6][1]=W>>>0,W=l[7][1]+de,l[7][0]=l[7][0]+ge+(W/4294967296>>>0)>>>0,l[7][1]=W>>>0,R-=128}}return $r.exports}var Xt={},yn;function Ms(){if(yn)return Xt;yn=1;var t=ye();dt();var e=t.asn1;return Xt.privateKeyValidator={name:"PrivateKeyInfo",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"PrivateKeyInfo.version",tagClass:e.Class.UNIVERSAL,type:e.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"PrivateKeyInfo.privateKeyAlgorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"privateKeyOid"}]},{name:"PrivateKeyInfo",tagClass:e.Class.UNIVERSAL,type:e.Type.OCTETSTRING,constructed:!1,capture:"privateKey"}]},Xt.publicKeyValidator={name:"SubjectPublicKeyInfo",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,captureAsn1:"subjectPublicKeyInfo",value:[{name:"SubjectPublicKeyInfo.AlgorithmIdentifier",tagClass:e.Class.UNIVERSAL,type:e.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:e.Class.UNIVERSAL,type:e.Type.OID,constructed:!1,capture:"publicKeyOid"}]},{tagClass:e.Class.UNIVERSAL,type:e.Type.BITSTRING,constructed:!1,composed:!0,captureBitStringValue:"ed25519PublicKey"}]},Xt}var Yr,vn;function qs(){if(vn)return Yr;vn=1;var t=ye();cr(),ut(),ui(),me();var e=Ms(),r=e.publicKeyValidator,i=e.privateKeyValidator;if(typeof p>"u")var p=t.jsbn.BigInteger;var y=t.util.ByteBuffer,c=typeof Buffer>"u"?Uint8Array:Buffer;t.pki=t.pki||{},Yr=t.pki.ed25519=t.ed25519=t.ed25519||{};var a=t.ed25519;a.constants={},a.constants.PUBLIC_KEY_BYTE_LENGTH=32,a.constants.PRIVATE_KEY_BYTE_LENGTH=64,a.constants.SEED_BYTE_LENGTH=32,a.constants.SIGN_BYTE_LENGTH=64,a.constants.HASH_BYTE_LENGTH=64,a.generateKeyPair=function(D){D=D||{};var R=D.seed;if(R===void 0)R=t.random.getBytesSync(a.constants.SEED_BYTE_LENGTH);else if(typeof R=="string"){if(R.length!==a.constants.SEED_BYTE_LENGTH)throw new TypeError('"seed" must be '+a.constants.SEED_BYTE_LENGTH+" bytes in length.")}else if(!(R instanceof Uint8Array))throw new TypeError('"seed" must be a node.js Buffer, Uint8Array, or a binary string.');R=v({message:R,encoding:"binary"});for(var T=new c(a.constants.PUBLIC_KEY_BYTE_LENGTH),u=new c(a.constants.PRIVATE_KEY_BYTE_LENGTH),N=0;N<32;++N)u[N]=R[N];return h(T,u),{publicKey:T,privateKey:u}},a.privateKeyFromAsn1=function(D){var R={},T=[],u=t.asn1.validate(D,i,R,T);if(!u){var N=new Error("Invalid Key.");throw N.errors=T,N}var V=t.asn1.derToOid(R.privateKeyOid),G=t.oids.EdDSA25519;if(V!==G)throw new Error('Invalid OID "'+V+'"; OID must be "'+G+'".');var ne=R.privateKey,Z=v({message:t.asn1.fromDer(ne).value,encoding:"binary"});return{privateKeyBytes:Z}},a.publicKeyFromAsn1=function(D){var R={},T=[],u=t.asn1.validate(D,r,R,T);if(!u){var N=new Error("Invalid Key.");throw N.errors=T,N}var V=t.asn1.derToOid(R.publicKeyOid),G=t.oids.EdDSA25519;if(V!==G)throw new Error('Invalid OID "'+V+'"; OID must be "'+G+'".');var ne=R.ed25519PublicKey;if(ne.length!==a.constants.PUBLIC_KEY_BYTE_LENGTH)throw new Error("Key length is invalid.");return v({message:ne,encoding:"binary"})},a.publicKeyFromPrivateKey=function(D){D=D||{};var R=v({message:D.privateKey,encoding:"binary"});if(R.length!==a.constants.PRIVATE_KEY_BYTE_LENGTH)throw new TypeError('"options.privateKey" must have a byte length of '+a.constants.PRIVATE_KEY_BYTE_LENGTH);for(var T=new c(a.constants.PUBLIC_KEY_BYTE_LENGTH),u=0;u<T.length;++u)T[u]=R[32+u];return T},a.sign=function(D){D=D||{};var R=v(D),T=v({message:D.privateKey,encoding:"binary"});if(T.length===a.constants.SEED_BYTE_LENGTH){var u=a.generateKeyPair({seed:T});T=u.privateKey}else if(T.length!==a.constants.PRIVATE_KEY_BYTE_LENGTH)throw new TypeError('"options.privateKey" must have a byte length of '+a.constants.SEED_BYTE_LENGTH+" or "+a.constants.PRIVATE_KEY_BYTE_LENGTH);var N=new c(a.constants.SIGN_BYTE_LENGTH+R.length);g(N,R,R.length,T);for(var V=new c(a.constants.SIGN_BYTE_LENGTH),G=0;G<V.length;++G)V[G]=N[G];return V},a.verify=function(D){D=D||{};var R=v(D);if(D.signature===void 0)throw new TypeError('"options.signature" must be a node.js Buffer, a Uint8Array, a forge ByteBuffer, or a binary string.');var T=v({message:D.signature,encoding:"binary"});if(T.length!==a.constants.SIGN_BYTE_LENGTH)throw new TypeError('"options.signature" must have a byte length of '+a.constants.SIGN_BYTE_LENGTH);var u=v({message:D.publicKey,encoding:"binary"});if(u.length!==a.constants.PUBLIC_KEY_BYTE_LENGTH)throw new TypeError('"options.publicKey" must have a byte length of '+a.constants.PUBLIC_KEY_BYTE_LENGTH);var N=new c(a.constants.SIGN_BYTE_LENGTH+R.length),V=new c(a.constants.SIGN_BYTE_LENGTH+R.length),G;for(G=0;G<a.constants.SIGN_BYTE_LENGTH;++G)N[G]=T[G];for(G=0;G<R.length;++G)N[G+a.constants.SIGN_BYTE_LENGTH]=R[G];return I(V,N,N.length,u)>=0};function v(D){var R=D.message;if(R instanceof Uint8Array||R instanceof c)return R;var T=D.encoding;if(R===void 0)if(D.md)R=D.md.digest().getBytes(),T="binary";else throw new TypeError('"options.message" or "options.md" not specified.');if(typeof R=="string"&&!T)throw new TypeError('"options.encoding" must be "binary" or "utf8".');if(typeof R=="string"){if(typeof Buffer<"u")return Buffer.from(R,T);R=new y(R,T)}else if(!(R instanceof y))throw new TypeError('"options.message" must be a node.js Buffer, a Uint8Array, a forge ByteBuffer, or a string with "options.encoding" specifying its encoding.');for(var u=new c(R.length()),N=0;N<u.length;++N)u[N]=R.at(N);return u}var l=X(),S=X([1]),L=X([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),b=X([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),f=X([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),m=X([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),E=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]),C=X([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function o(D,R){var T=t.md.sha512.create(),u=new y(D);T.update(u.getBytes(R),"binary");var N=T.digest().getBytes();if(typeof Buffer<"u")return Buffer.from(N,"binary");for(var V=new c(a.constants.HASH_BYTE_LENGTH),G=0;G<64;++G)V[G]=N.charCodeAt(G);return V}function h(D,R){var T=[X(),X(),X(),X()],u,N=o(R,32);for(N[0]&=248,N[31]&=127,N[31]|=64,ce(T,N),U(D,T),u=0;u<32;++u)R[u+32]=D[u];return 0}function g(D,R,T,u){var N,V,G=new Float64Array(64),ne=[X(),X(),X(),X()],Z=o(u,32);Z[0]&=248,Z[31]&=127,Z[31]|=64;var z=T+64;for(N=0;N<T;++N)D[64+N]=R[N];for(N=0;N<32;++N)D[32+N]=Z[32+N];var ee=o(D.subarray(32),T+32);for(s(ee),ce(ne,ee),U(D,ne),N=32;N<64;++N)D[N]=u[N];var fe=o(D,T+64);for(s(fe),N=32;N<64;++N)G[N]=0;for(N=0;N<32;++N)G[N]=ee[N];for(N=0;N<32;++N)for(V=0;V<32;V++)G[N+V]+=fe[N]*Z[V];return d(D.subarray(32),G),z}function I(D,R,T,u){var N,V,G=new c(32),ne=[X(),X(),X(),X()],Z=[X(),X(),X(),X()];if(V=-1,T<64||P(Z,u)||!_(R,32))return-1;for(N=0;N<T;++N)D[N]=R[N];for(N=0;N<32;++N)D[N+32]=u[N];var z=o(D,T);if(s(z),J(ne,Z,z),ce(Z,R.subarray(32)),n(ne,Z),U(G,ne),T-=64,H(R,0,G,0)){for(N=0;N<T;++N)D[N]=0;return-1}for(N=0;N<T;++N)D[N]=R[N+64];return V=T,V}function _(D,R){var T;for(T=31;T>=0;--T){if(D[R+T]<E[T])return!0;if(D[R+T]>E[T])return!1}return!1}function d(D,R){var T,u,N,V;for(u=63;u>=32;--u){for(T=0,N=u-32,V=u-12;N<V;++N)R[N]+=T-16*R[u]*E[N-(u-32)],T=R[N]+128>>8,R[N]-=T*256;R[N]+=T,R[u]=0}for(T=0,N=0;N<32;++N)R[N]+=T-(R[31]>>4)*E[N],T=R[N]>>8,R[N]&=255;for(N=0;N<32;++N)R[N]-=T*E[N];for(u=0;u<32;++u)R[u+1]+=R[u]>>8,D[u]=R[u]&255}function s(D){for(var R=new Float64Array(64),T=0;T<64;++T)R[T]=D[T],D[T]=0;d(D,R)}function n(D,R){var T=X(),u=X(),N=X(),V=X(),G=X(),ne=X(),Z=X(),z=X(),ee=X();$e(T,D[1],D[0]),$e(ee,R[1],R[0]),x(T,T,ee),W(u,D[0],D[1]),W(ee,R[0],R[1]),x(u,u,ee),x(N,D[3],R[3]),x(N,N,b),x(V,D[2],R[2]),W(V,V,V),$e(G,u,T),$e(ne,V,N),W(Z,V,N),W(z,u,T),x(D[0],G,ne),x(D[1],z,Z),x(D[2],Z,ne),x(D[3],G,z)}function B(D,R,T){for(var u=0;u<4;++u)he(D[u],R[u],T)}function U(D,R){var T=X(),u=X(),N=X();ge(N,R[2]),x(T,R[0],N),x(u,R[1],N),O(D,u),D[31]^=j(T)<<7}function O(D,R){var T,u,N,V=X(),G=X();for(T=0;T<16;++T)G[T]=R[T];for(de(G),de(G),de(G),u=0;u<2;++u){for(V[0]=G[0]-65517,T=1;T<15;++T)V[T]=G[T]-65535-(V[T-1]>>16&1),V[T-1]&=65535;V[15]=G[15]-32767-(V[14]>>16&1),N=V[15]>>16&1,V[14]&=65535,he(G,V,1-N)}for(T=0;T<16;T++)D[2*T]=G[T]&255,D[2*T+1]=G[T]>>8}function P(D,R){var T=X(),u=X(),N=X(),V=X(),G=X(),ne=X(),Z=X();return se(D[2],S),F(D[1],R),we(N,D[1]),x(V,N,L),$e(N,N,D[2]),W(V,D[2],V),we(G,V),we(ne,G),x(Z,ne,G),x(T,Z,N),x(T,T,V),q(T,T),x(T,T,N),x(T,T,V),x(T,T,V),x(D[0],T,V),we(u,D[0]),x(u,u,V),M(u,N)&&x(D[0],D[0],C),we(u,D[0]),x(u,u,V),M(u,N)?-1:(j(D[0])===R[31]>>7&&$e(D[0],l,D[0]),x(D[3],D[0],D[1]),0)}function F(D,R){var T;for(T=0;T<16;++T)D[T]=R[2*T]+(R[2*T+1]<<8);D[15]&=32767}function q(D,R){var T=X(),u;for(u=0;u<16;++u)T[u]=R[u];for(u=250;u>=0;--u)we(T,T),u!==1&&x(T,T,R);for(u=0;u<16;++u)D[u]=T[u]}function M(D,R){var T=new c(32),u=new c(32);return O(T,D),O(u,R),H(T,0,u,0)}function H(D,R,T,u){return Q(D,R,T,u,32)}function Q(D,R,T,u,N){var V,G=0;for(V=0;V<N;++V)G|=D[R+V]^T[u+V];return(1&G-1>>>8)-1}function j(D){var R=new c(32);return O(R,D),R[0]&1}function J(D,R,T){var u,N;for(se(D[0],l),se(D[1],S),se(D[2],S),se(D[3],l),N=255;N>=0;--N)u=T[N/8|0]>>(N&7)&1,B(D,R,u),n(R,D),n(D,D),B(D,R,u)}function ce(D,R){var T=[X(),X(),X(),X()];se(T[0],f),se(T[1],m),se(T[2],S),x(T[3],f,m),J(D,T,R)}function se(D,R){var T;for(T=0;T<16;T++)D[T]=R[T]|0}function ge(D,R){var T=X(),u;for(u=0;u<16;++u)T[u]=R[u];for(u=253;u>=0;--u)we(T,T),u!==2&&u!==4&&x(T,T,R);for(u=0;u<16;++u)D[u]=T[u]}function de(D){var R,T,u=1;for(R=0;R<16;++R)T=D[R]+u+65535,u=Math.floor(T/65536),D[R]=T-u*65536;D[0]+=u-1+37*(u-1)}function he(D,R,T){for(var u,N=~(T-1),V=0;V<16;++V)u=N&(D[V]^R[V]),D[V]^=u,R[V]^=u}function X(D){var R,T=new Float64Array(16);if(D)for(R=0;R<D.length;++R)T[R]=D[R];return T}function W(D,R,T){for(var u=0;u<16;++u)D[u]=R[u]+T[u]}function $e(D,R,T){for(var u=0;u<16;++u)D[u]=R[u]-T[u]}function we(D,R){x(D,R,R)}function x(D,R,T){var u,N,V=0,G=0,ne=0,Z=0,z=0,ee=0,fe=0,ve=0,pe=0,be=0,Ne=0,Ae=0,Te=0,Se=0,xe=0,Ce=0,re=0,ae=0,oe=0,ue=0,Ie=0,Xe=0,Ye=0,Ze=0,tt=0,Je=0,gt=0,Tt=0,Rt=0,kt=0,Qt=0,_e=T[0],De=T[1],Le=T[2],Ue=T[3],Pe=T[4],ke=T[5],Ve=T[6],Oe=T[7],Fe=T[8],Ke=T[9],Me=T[10],qe=T[11],Be=T[12],Re=T[13],He=T[14],Ge=T[15];u=R[0],V+=u*_e,G+=u*De,ne+=u*Le,Z+=u*Ue,z+=u*Pe,ee+=u*ke,fe+=u*Ve,ve+=u*Oe,pe+=u*Fe,be+=u*Ke,Ne+=u*Me,Ae+=u*qe,Te+=u*Be,Se+=u*Re,xe+=u*He,Ce+=u*Ge,u=R[1],G+=u*_e,ne+=u*De,Z+=u*Le,z+=u*Ue,ee+=u*Pe,fe+=u*ke,ve+=u*Ve,pe+=u*Oe,be+=u*Fe,Ne+=u*Ke,Ae+=u*Me,Te+=u*qe,Se+=u*Be,xe+=u*Re,Ce+=u*He,re+=u*Ge,u=R[2],ne+=u*_e,Z+=u*De,z+=u*Le,ee+=u*Ue,fe+=u*Pe,ve+=u*ke,pe+=u*Ve,be+=u*Oe,Ne+=u*Fe,Ae+=u*Ke,Te+=u*Me,Se+=u*qe,xe+=u*Be,Ce+=u*Re,re+=u*He,ae+=u*Ge,u=R[3],Z+=u*_e,z+=u*De,ee+=u*Le,fe+=u*Ue,ve+=u*Pe,pe+=u*ke,be+=u*Ve,Ne+=u*Oe,Ae+=u*Fe,Te+=u*Ke,Se+=u*Me,xe+=u*qe,Ce+=u*Be,re+=u*Re,ae+=u*He,oe+=u*Ge,u=R[4],z+=u*_e,ee+=u*De,fe+=u*Le,ve+=u*Ue,pe+=u*Pe,be+=u*ke,Ne+=u*Ve,Ae+=u*Oe,Te+=u*Fe,Se+=u*Ke,xe+=u*Me,Ce+=u*qe,re+=u*Be,ae+=u*Re,oe+=u*He,ue+=u*Ge,u=R[5],ee+=u*_e,fe+=u*De,ve+=u*Le,pe+=u*Ue,be+=u*Pe,Ne+=u*ke,Ae+=u*Ve,Te+=u*Oe,Se+=u*Fe,xe+=u*Ke,Ce+=u*Me,re+=u*qe,ae+=u*Be,oe+=u*Re,ue+=u*He,Ie+=u*Ge,u=R[6],fe+=u*_e,ve+=u*De,pe+=u*Le,be+=u*Ue,Ne+=u*Pe,Ae+=u*ke,Te+=u*Ve,Se+=u*Oe,xe+=u*Fe,Ce+=u*Ke,re+=u*Me,ae+=u*qe,oe+=u*Be,ue+=u*Re,Ie+=u*He,Xe+=u*Ge,u=R[7],ve+=u*_e,pe+=u*De,be+=u*Le,Ne+=u*Ue,Ae+=u*Pe,Te+=u*ke,Se+=u*Ve,xe+=u*Oe,Ce+=u*Fe,re+=u*Ke,ae+=u*Me,oe+=u*qe,ue+=u*Be,Ie+=u*Re,Xe+=u*He,Ye+=u*Ge,u=R[8],pe+=u*_e,be+=u*De,Ne+=u*Le,Ae+=u*Ue,Te+=u*Pe,Se+=u*ke,xe+=u*Ve,Ce+=u*Oe,re+=u*Fe,ae+=u*Ke,oe+=u*Me,ue+=u*qe,Ie+=u*Be,Xe+=u*Re,Ye+=u*He,Ze+=u*Ge,u=R[9],be+=u*_e,Ne+=u*De,Ae+=u*Le,Te+=u*Ue,Se+=u*Pe,xe+=u*ke,Ce+=u*Ve,re+=u*Oe,ae+=u*Fe,oe+=u*Ke,ue+=u*Me,Ie+=u*qe,Xe+=u*Be,Ye+=u*Re,Ze+=u*He,tt+=u*Ge,u=R[10],Ne+=u*_e,Ae+=u*De,Te+=u*Le,Se+=u*Ue,xe+=u*Pe,Ce+=u*ke,re+=u*Ve,ae+=u*Oe,oe+=u*Fe,ue+=u*Ke,Ie+=u*Me,Xe+=u*qe,Ye+=u*Be,Ze+=u*Re,tt+=u*He,Je+=u*Ge,u=R[11],Ae+=u*_e,Te+=u*De,Se+=u*Le,xe+=u*Ue,Ce+=u*Pe,re+=u*ke,ae+=u*Ve,oe+=u*Oe,ue+=u*Fe,Ie+=u*Ke,Xe+=u*Me,Ye+=u*qe,Ze+=u*Be,tt+=u*Re,Je+=u*He,gt+=u*Ge,u=R[12],Te+=u*_e,Se+=u*De,xe+=u*Le,Ce+=u*Ue,re+=u*Pe,ae+=u*ke,oe+=u*Ve,ue+=u*Oe,Ie+=u*Fe,Xe+=u*Ke,Ye+=u*Me,Ze+=u*qe,tt+=u*Be,Je+=u*Re,gt+=u*He,Tt+=u*Ge,u=R[13],Se+=u*_e,xe+=u*De,Ce+=u*Le,re+=u*Ue,ae+=u*Pe,oe+=u*ke,ue+=u*Ve,Ie+=u*Oe,Xe+=u*Fe,Ye+=u*Ke,Ze+=u*Me,tt+=u*qe,Je+=u*Be,gt+=u*Re,Tt+=u*He,Rt+=u*Ge,u=R[14],xe+=u*_e,Ce+=u*De,re+=u*Le,ae+=u*Ue,oe+=u*Pe,ue+=u*ke,Ie+=u*Ve,Xe+=u*Oe,Ye+=u*Fe,Ze+=u*Ke,tt+=u*Me,Je+=u*qe,gt+=u*Be,Tt+=u*Re,Rt+=u*He,kt+=u*Ge,u=R[15],Ce+=u*_e,re+=u*De,ae+=u*Le,oe+=u*Ue,ue+=u*Pe,Ie+=u*ke,Xe+=u*Ve,Ye+=u*Oe,Ze+=u*Fe,tt+=u*Ke,Je+=u*Me,gt+=u*qe,Tt+=u*Be,Rt+=u*Re,kt+=u*He,Qt+=u*Ge,V+=38*re,G+=38*ae,ne+=38*oe,Z+=38*ue,z+=38*Ie,ee+=38*Xe,fe+=38*Ye,ve+=38*Ze,pe+=38*tt,be+=38*Je,Ne+=38*gt,Ae+=38*Tt,Te+=38*Rt,Se+=38*kt,xe+=38*Qt,N=1,u=V+N+65535,N=Math.floor(u/65536),V=u-N*65536,u=G+N+65535,N=Math.floor(u/65536),G=u-N*65536,u=ne+N+65535,N=Math.floor(u/65536),ne=u-N*65536,u=Z+N+65535,N=Math.floor(u/65536),Z=u-N*65536,u=z+N+65535,N=Math.floor(u/65536),z=u-N*65536,u=ee+N+65535,N=Math.floor(u/65536),ee=u-N*65536,u=fe+N+65535,N=Math.floor(u/65536),fe=u-N*65536,u=ve+N+65535,N=Math.floor(u/65536),ve=u-N*65536,u=pe+N+65535,N=Math.floor(u/65536),pe=u-N*65536,u=be+N+65535,N=Math.floor(u/65536),be=u-N*65536,u=Ne+N+65535,N=Math.floor(u/65536),Ne=u-N*65536,u=Ae+N+65535,N=Math.floor(u/65536),Ae=u-N*65536,u=Te+N+65535,N=Math.floor(u/65536),Te=u-N*65536,u=Se+N+65535,N=Math.floor(u/65536),Se=u-N*65536,u=xe+N+65535,N=Math.floor(u/65536),xe=u-N*65536,u=Ce+N+65535,N=Math.floor(u/65536),Ce=u-N*65536,V+=N-1+37*(N-1),N=1,u=V+N+65535,N=Math.floor(u/65536),V=u-N*65536,u=G+N+65535,N=Math.floor(u/65536),G=u-N*65536,u=ne+N+65535,N=Math.floor(u/65536),ne=u-N*65536,u=Z+N+65535,N=Math.floor(u/65536),Z=u-N*65536,u=z+N+65535,N=Math.floor(u/65536),z=u-N*65536,u=ee+N+65535,N=Math.floor(u/65536),ee=u-N*65536,u=fe+N+65535,N=Math.floor(u/65536),fe=u-N*65536,u=ve+N+65535,N=Math.floor(u/65536),ve=u-N*65536,u=pe+N+65535,N=Math.floor(u/65536),pe=u-N*65536,u=be+N+65535,N=Math.floor(u/65536),be=u-N*65536,u=Ne+N+65535,N=Math.floor(u/65536),Ne=u-N*65536,u=Ae+N+65535,N=Math.floor(u/65536),Ae=u-N*65536,u=Te+N+65535,N=Math.floor(u/65536),Te=u-N*65536,u=Se+N+65535,N=Math.floor(u/65536),Se=u-N*65536,u=xe+N+65535,N=Math.floor(u/65536),xe=u-N*65536,u=Ce+N+65535,N=Math.floor(u/65536),Ce=u-N*65536,V+=N-1+37*(N-1),D[0]=V,D[1]=G,D[2]=ne,D[3]=Z,D[4]=z,D[5]=ee,D[6]=fe,D[7]=ve,D[8]=pe,D[9]=be,D[10]=Ne,D[11]=Ae,D[12]=Te,D[13]=Se,D[14]=xe,D[15]=Ce}return Yr}var Wr,gn;function Hs(){if(gn)return Wr;gn=1;var t=ye();me(),ut(),cr(),Wr=t.kem=t.kem||{};var e=t.jsbn.BigInteger;t.kem.rsa={},t.kem.rsa.create=function(i,p){p=p||{};var y=p.prng||t.random,c={};return c.encrypt=function(a,v){var l=Math.ceil(a.n.bitLength()/8),S;do S=new e(t.util.bytesToHex(y.getBytesSync(l)),16).mod(a.n);while(S.compareTo(e.ONE)<=0);S=t.util.hexToBytes(S.toString(16));var L=l-S.length;L>0&&(S=t.util.fillString("\0",L)+S);var b=a.encrypt(S,"NONE"),f=i.generate(S,v);return{encapsulation:b,key:f}},c.decrypt=function(a,v,l){var S=a.decrypt(v,"NONE");return i.generate(S,l)},c},t.kem.kdf1=function(i,p){r(this,i,0,p||i.digestLength)},t.kem.kdf2=function(i,p){r(this,i,1,p||i.digestLength)};function r(i,p,y,c){i.generate=function(a,v){for(var l=new t.util.ByteBuffer,S=Math.ceil(v/c)+y,L=new t.util.ByteBuffer,b=y;b<S;++b){L.putInt32(b),p.start(),p.update(a+L.getBytes());var f=p.digest();l.putBytes(f.getBytes(c))}return l.truncate(l.length()-v),l.getBytes()}}return Wr}var jr,mn;function Gs(){if(mn)return jr;mn=1;var t=ye();me(),jr=t.log=t.log||{},t.log.levels=["none","error","warning","info","debug","verbose","max"];var e={},r=[],i=null;t.log.LEVEL_LOCKED=2,t.log.NO_LEVEL_CHECK=4,t.log.INTERPOLATE=8;for(var p=0;p<t.log.levels.length;++p){var y=t.log.levels[p];e[y]={index:p,name:y.toUpperCase()}}t.log.logMessage=function(b){for(var f=e[b.level].index,m=0;m<r.length;++m){var E=r[m];if(E.flags&t.log.NO_LEVEL_CHECK)E.f(b);else{var C=e[E.level].index;f<=C&&E.f(E,b)}}},t.log.prepareStandard=function(b){"standard"in b||(b.standard=e[b.level].name+" ["+b.category+"] "+b.message)},t.log.prepareFull=function(b){if(!("full"in b)){var f=[b.message];f=f.concat([]),b.full=t.util.format.apply(this,f)}},t.log.prepareStandardFull=function(b){"standardFull"in b||(t.log.prepareStandard(b),b.standardFull=b.standard)};for(var c=["error","warning","info","debug","verbose"],p=0;p<c.length;++p)(function(f){t.log[f]=function(m,E){var C=Array.prototype.slice.call(arguments).slice(2),o={timestamp:new Date,level:f,category:m,message:E,arguments:C};t.log.logMessage(o)}})(c[p]);if(t.log.makeLogger=function(b){var f={flags:0,f:b};return t.log.setLevel(f,"none"),f},t.log.setLevel=function(b,f){var m=!1;if(b&&!(b.flags&t.log.LEVEL_LOCKED))for(var E=0;E<t.log.levels.length;++E){var C=t.log.levels[E];if(f==C){b.level=f,m=!0;break}}return m},t.log.lock=function(b,f){typeof f>"u"||f?b.flags|=t.log.LEVEL_LOCKED:b.flags&=~t.log.LEVEL_LOCKED},t.log.addLogger=function(b){r.push(b)},typeof console<"u"&&"log"in console){var a;if(console.error&&console.warn&&console.info&&console.debug){var v={error:console.error,warning:console.warn,info:console.info,debug:console.debug,verbose:console.debug},l=function(b,f){t.log.prepareStandard(f);var m=v[f.level],E=[f.standard];E=E.concat(f.arguments.slice()),m.apply(console,E)};a=t.log.makeLogger(l)}else{var l=function(f,m){t.log.prepareStandardFull(m),console.log(m.standardFull)};a=t.log.makeLogger(l)}t.log.setLevel(a,"debug"),t.log.addLogger(a),i=a}else console={log:function(){}};if(i!==null&&typeof window<"u"&&window.location){var S=new URL(window.location.href).searchParams;if(S.has("console.level")&&t.log.setLevel(i,S.get("console.level").slice(-1)[0]),S.has("console.lock")){var L=S.get("console.lock").slice(-1)[0];L=="true"&&t.log.lock(i)}}return t.log.consoleLogger=i,jr}var Xr,Cn;function zs(){return Cn||(Cn=1,Xr=vt(),ma(),Ht(),Zn(),ui()),Xr}var Zr={exports:{}},En;function Qs(){if(En)return Zr.exports;En=1;var t=ye();wt(),dt(),or(),Nt(),Pt(),ni(),ut(),me(),Sa();var e=t.asn1,r=Zr.exports=t.pkcs7=t.pkcs7||{};r.messageFromPem=function(f){var m=t.pem.decode(f)[0];if(m.type!=="PKCS7"){var E=new Error('Could not convert PKCS#7 message from PEM; PEM header type is not "PKCS#7".');throw E.headerType=m.type,E}if(m.procType&&m.procType.type==="ENCRYPTED")throw new Error("Could not convert PKCS#7 message from PEM; PEM is encrypted.");var C=e.fromDer(m.body);return r.messageFromAsn1(C)},r.messageToPem=function(f,m){var E={type:"PKCS7",body:e.toDer(f.toAsn1()).getBytes()};return t.pem.encode(E,{maxline:m})},r.messageFromAsn1=function(f){var m={},E=[];if(!e.validate(f,r.asn1.contentInfoValidator,m,E)){var C=new Error("Cannot read PKCS#7 message. ASN.1 object is not an PKCS#7 ContentInfo.");throw C.errors=E,C}var o=e.derToOid(m.contentType),h;switch(o){case t.pki.oids.envelopedData:h=r.createEnvelopedData();break;case t.pki.oids.encryptedData:h=r.createEncryptedData();break;case t.pki.oids.signedData:h=r.createSignedData();break;default:throw new Error("Cannot read PKCS#7 message. ContentType with OID "+o+" is not (yet) supported.")}return h.fromAsn1(m.content.value[0]),h},r.createSignedData=function(){var f=null;return f={type:t.pki.oids.signedData,version:1,certificates:[],crls:[],signers:[],digestAlgorithmIdentifiers:[],contentInfo:null,signerInfos:[],fromAsn1:function(C){if(L(f,C,r.asn1.signedDataValidator),f.certificates=[],f.crls=[],f.digestAlgorithmIdentifiers=[],f.contentInfo=null,f.signerInfos=[],f.rawCapture.certificates)for(var o=f.rawCapture.certificates.value,h=0;h<o.length;++h)f.certificates.push(t.pki.certificateFromAsn1(o[h]))},toAsn1:function(){f.contentInfo||f.sign();for(var C=[],o=0;o<f.certificates.length;++o)C.push(t.pki.certificateToAsn1(f.certificates[o]));var h=[],g=e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(f.version).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SET,!0,f.digestAlgorithmIdentifiers),f.contentInfo])]);return C.length>0&&g.value[0].value.push(e.create(e.Class.CONTEXT_SPECIFIC,0,!0,C)),h.length>0&&g.value[0].value.push(e.create(e.Class.CONTEXT_SPECIFIC,1,!0,h)),g.value[0].value.push(e.create(e.Class.UNIVERSAL,e.Type.SET,!0,f.signerInfos)),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(f.type).getBytes()),g])},addSigner:function(C){var o=C.issuer,h=C.serialNumber;if(C.certificate){var g=C.certificate;typeof g=="string"&&(g=t.pki.certificateFromPem(g)),o=g.issuer.attributes,h=g.serialNumber}var I=C.key;if(!I)throw new Error("Could not add PKCS#7 signer; no private key specified.");typeof I=="string"&&(I=t.pki.privateKeyFromPem(I));var _=C.digestAlgorithm||t.pki.oids.sha1;switch(_){case t.pki.oids.sha1:case t.pki.oids.sha256:case t.pki.oids.sha384:case t.pki.oids.sha512:case t.pki.oids.md5:break;default:throw new Error("Could not add PKCS#7 signer; unknown message digest algorithm: "+_)}var d=C.authenticatedAttributes||[];if(d.length>0){for(var s=!1,n=!1,B=0;B<d.length;++B){var U=d[B];if(!s&&U.type===t.pki.oids.contentType){if(s=!0,n)break;continue}if(!n&&U.type===t.pki.oids.messageDigest){if(n=!0,s)break;continue}}if(!s||!n)throw new Error("Invalid signer.authenticatedAttributes. If signer.authenticatedAttributes is specified, then it must contain at least two attributes, PKCS #9 content-type and PKCS #9 message-digest.")}f.signers.push({key:I,version:1,issuer:o,serialNumber:h,digestAlgorithm:_,signatureAlgorithm:t.pki.oids.rsaEncryption,signature:null,authenticatedAttributes:d,unauthenticatedAttributes:[]})},sign:function(C){if(C=C||{},(typeof f.content!="object"||f.contentInfo===null)&&(f.contentInfo=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(t.pki.oids.data).getBytes())]),"content"in f)){var o;f.content instanceof t.util.ByteBuffer?o=f.content.bytes():typeof f.content=="string"&&(o=t.util.encodeUtf8(f.content)),C.detached?f.detachedContent=e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,o):f.contentInfo.value.push(e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,o)]))}if(f.signers.length!==0){var h=m();E(h)}},verify:function(){throw new Error("PKCS#7 signature verification not yet implemented.")},addCertificate:function(C){typeof C=="string"&&(C=t.pki.certificateFromPem(C)),f.certificates.push(C)},addCertificateRevokationList:function(C){throw new Error("PKCS#7 CRL support not yet implemented.")}},f;function m(){for(var C={},o=0;o<f.signers.length;++o){var h=f.signers[o],g=h.digestAlgorithm;g in C||(C[g]=t.md[t.pki.oids[g]].create()),h.authenticatedAttributes.length===0?h.md=C[g]:h.md=t.md[t.pki.oids[g]].create()}f.digestAlgorithmIdentifiers=[];for(var g in C)f.digestAlgorithmIdentifiers.push(e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(g).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.NULL,!1,"")]));return C}function E(C){var o;if(f.detachedContent?o=f.detachedContent:(o=f.contentInfo.value[1],o=o.value[0]),!o)throw new Error("Could not sign PKCS#7 message; there is no content to sign.");var h=e.derToOid(f.contentInfo.value[0].value),g=e.toDer(o);g.getByte(),e.getBerValueLength(g),g=g.getBytes();for(var I in C)C[I].start().update(g);for(var _=new Date,d=0;d<f.signers.length;++d){var s=f.signers[d];if(s.authenticatedAttributes.length===0){if(h!==t.pki.oids.data)throw new Error("Invalid signer; authenticatedAttributes must be present when the ContentInfo content type is not PKCS#7 Data.")}else{s.authenticatedAttributesAsn1=e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[]);for(var n=e.create(e.Class.UNIVERSAL,e.Type.SET,!0,[]),B=0;B<s.authenticatedAttributes.length;++B){var U=s.authenticatedAttributes[B];U.type===t.pki.oids.messageDigest?U.value=C[s.digestAlgorithm].digest():U.type===t.pki.oids.signingTime&&(U.value||(U.value=_)),n.value.push(l(U)),s.authenticatedAttributesAsn1.value.push(l(U))}g=e.toDer(n).getBytes(),s.md.start().update(g)}s.signature=s.key.sign(s.md,"RSASSA-PKCS1-V1_5")}f.signerInfos=v(f.signers)}},r.createEncryptedData=function(){var f=null;return f={type:t.pki.oids.encryptedData,version:0,encryptedContent:{algorithm:t.pki.oids["aes256-CBC"]},fromAsn1:function(m){L(f,m,r.asn1.encryptedDataValidator)},decrypt:function(m){m!==void 0&&(f.encryptedContent.key=m),b(f)}},f},r.createEnvelopedData=function(){var f=null;return f={type:t.pki.oids.envelopedData,version:0,recipients:[],encryptedContent:{algorithm:t.pki.oids["aes256-CBC"]},fromAsn1:function(m){var E=L(f,m,r.asn1.envelopedDataValidator);f.recipients=y(E.recipientInfos.value)},toAsn1:function(){return e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(f.type).getBytes()),e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(f.version).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SET,!0,c(f.recipients)),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,S(f.encryptedContent))])])])},findRecipient:function(m){for(var E=m.issuer.attributes,C=0;C<f.recipients.length;++C){var o=f.recipients[C],h=o.issuer;if(o.serialNumber===m.serialNumber&&h.length===E.length){for(var g=!0,I=0;I<E.length;++I)if(h[I].type!==E[I].type||h[I].value!==E[I].value){g=!1;break}if(g)return o}}return null},decrypt:function(m,E){if(f.encryptedContent.key===void 0&&m!==void 0&&E!==void 0)switch(m.encryptedContent.algorithm){case t.pki.oids.rsaEncryption:case t.pki.oids.desCBC:var C=E.decrypt(m.encryptedContent.content);f.encryptedContent.key=t.util.createBuffer(C);break;default:throw new Error("Unsupported asymmetric cipher, OID "+m.encryptedContent.algorithm)}b(f)},addRecipient:function(m){f.recipients.push({version:0,issuer:m.issuer.attributes,serialNumber:m.serialNumber,encryptedContent:{algorithm:t.pki.oids.rsaEncryption,key:m.publicKey}})},encrypt:function(m,E){if(f.encryptedContent.content===void 0){E=E||f.encryptedContent.algorithm,m=m||f.encryptedContent.key;var C,o,h;switch(E){case t.pki.oids["aes128-CBC"]:C=16,o=16,h=t.aes.createEncryptionCipher;break;case t.pki.oids["aes192-CBC"]:C=24,o=16,h=t.aes.createEncryptionCipher;break;case t.pki.oids["aes256-CBC"]:C=32,o=16,h=t.aes.createEncryptionCipher;break;case t.pki.oids["des-EDE3-CBC"]:C=24,o=8,h=t.des.createEncryptionCipher;break;default:throw new Error("Unsupported symmetric cipher, OID "+E)}if(m===void 0)m=t.util.createBuffer(t.random.getBytes(C));else if(m.length()!=C)throw new Error("Symmetric key has wrong length; got "+m.length()+" bytes, expected "+C+".");f.encryptedContent.algorithm=E,f.encryptedContent.key=m,f.encryptedContent.parameter=t.util.createBuffer(t.random.getBytes(o));var g=h(m);if(g.start(f.encryptedContent.parameter.copy()),g.update(f.content),!g.finish())throw new Error("Symmetric encryption failed.");f.encryptedContent.content=g.output}for(var I=0;I<f.recipients.length;++I){var _=f.recipients[I];if(_.encryptedContent.content===void 0)switch(_.encryptedContent.algorithm){case t.pki.oids.rsaEncryption:_.encryptedContent.content=_.encryptedContent.key.encrypt(f.encryptedContent.key.data);break;default:throw new Error("Unsupported asymmetric cipher, OID "+_.encryptedContent.algorithm)}}}},f};function i(f){var m={},E=[];if(!e.validate(f,r.asn1.recipientInfoValidator,m,E)){var C=new Error("Cannot read PKCS#7 RecipientInfo. ASN.1 object is not an PKCS#7 RecipientInfo.");throw C.errors=E,C}return{version:m.version.charCodeAt(0),issuer:t.pki.RDNAttributesAsArray(m.issuer),serialNumber:t.util.createBuffer(m.serial).toHex(),encryptedContent:{algorithm:e.derToOid(m.encAlgorithm),parameter:m.encParameter?m.encParameter.value:void 0,content:m.encKey}}}function p(f){return e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(f.version).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[t.pki.distinguishedNameToAsn1({attributes:f.issuer}),e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,t.util.hexToBytes(f.serialNumber))]),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(f.encryptedContent.algorithm).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.NULL,!1,"")]),e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,f.encryptedContent.content)])}function y(f){for(var m=[],E=0;E<f.length;++E)m.push(i(f[E]));return m}function c(f){for(var m=[],E=0;E<f.length;++E)m.push(p(f[E]));return m}function a(f){var m=e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,e.integerToDer(f.version).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[t.pki.distinguishedNameToAsn1({attributes:f.issuer}),e.create(e.Class.UNIVERSAL,e.Type.INTEGER,!1,t.util.hexToBytes(f.serialNumber))]),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(f.digestAlgorithm).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.NULL,!1,"")])]);if(f.authenticatedAttributesAsn1&&m.value.push(f.authenticatedAttributesAsn1),m.value.push(e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(f.signatureAlgorithm).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.NULL,!1,"")])),m.value.push(e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,f.signature)),f.unauthenticatedAttributes.length>0){for(var E=e.create(e.Class.CONTEXT_SPECIFIC,1,!0,[]),C=0;C<f.unauthenticatedAttributes.length;++C){var o=f.unauthenticatedAttributes[C];E.values.push(l(o))}m.value.push(E)}return m}function v(f){for(var m=[],E=0;E<f.length;++E)m.push(a(f[E]));return m}function l(f){var m;if(f.type===t.pki.oids.contentType)m=e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(f.value).getBytes());else if(f.type===t.pki.oids.messageDigest)m=e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,f.value.bytes());else if(f.type===t.pki.oids.signingTime){var E=new Date("1950-01-01T00:00:00Z"),C=new Date("2050-01-01T00:00:00Z"),o=f.value;if(typeof o=="string"){var h=Date.parse(o);isNaN(h)?o.length===13?o=e.utcTimeToDate(o):o=e.generalizedTimeToDate(o):o=new Date(h)}o>=E&&o<C?m=e.create(e.Class.UNIVERSAL,e.Type.UTCTIME,!1,e.dateToUtcTime(o)):m=e.create(e.Class.UNIVERSAL,e.Type.GENERALIZEDTIME,!1,e.dateToGeneralizedTime(o))}return e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(f.type).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SET,!0,[m])])}function S(f){return[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(t.pki.oids.data).getBytes()),e.create(e.Class.UNIVERSAL,e.Type.SEQUENCE,!0,[e.create(e.Class.UNIVERSAL,e.Type.OID,!1,e.oidToDer(f.algorithm).getBytes()),f.parameter?e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,f.parameter.getBytes()):void 0]),e.create(e.Class.CONTEXT_SPECIFIC,0,!0,[e.create(e.Class.UNIVERSAL,e.Type.OCTETSTRING,!1,f.content.getBytes())])]}function L(f,m,E){var C={},o=[];if(!e.validate(m,E,C,o)){var h=new Error("Cannot read PKCS#7 message. ASN.1 object is not a supported PKCS#7 message.");throw h.errors=h,h}var g=e.derToOid(C.contentType);if(g!==t.pki.oids.data)throw new Error("Unsupported PKCS#7 message. Only wrapped ContentType Data supported.");if(C.encryptedContent){var I="";if(t.util.isArray(C.encryptedContent))for(var _=0;_<C.encryptedContent.length;++_){if(C.encryptedContent[_].type!==e.Type.OCTETSTRING)throw new Error("Malformed PKCS#7 message, expecting encrypted content constructed of only OCTET STRING objects.");I+=C.encryptedContent[_].value}else I=C.encryptedContent;f.encryptedContent={algorithm:e.derToOid(C.encAlgorithm),parameter:t.util.createBuffer(C.encParameter.value),content:t.util.createBuffer(I)}}if(C.content){var I="";if(t.util.isArray(C.content))for(var _=0;_<C.content.length;++_){if(C.content[_].type!==e.Type.OCTETSTRING)throw new Error("Malformed PKCS#7 message, expecting content constructed of only OCTET STRING objects.");I+=C.content[_].value}else I=C.content;f.content=t.util.createBuffer(I)}return f.version=C.version.charCodeAt(0),f.rawCapture=C,C}function b(f){if(f.encryptedContent.key===void 0)throw new Error("Symmetric key not available.");if(f.content===void 0){var m;switch(f.encryptedContent.algorithm){case t.pki.oids["aes128-CBC"]:case t.pki.oids["aes192-CBC"]:case t.pki.oids["aes256-CBC"]:m=t.aes.createDecryptionCipher(f.encryptedContent.key);break;case t.pki.oids.desCBC:case t.pki.oids["des-EDE3-CBC"]:m=t.des.createDecryptionCipher(f.encryptedContent.key);break;default:throw new Error("Unsupported symmetric cipher, OID "+f.encryptedContent.algorithm)}if(m.start(f.encryptedContent.parameter),m.update(f.encryptedContent.content),!m.finish())throw new Error("Symmetric decryption failed.");f.content=m.output}}return Zr.exports}var Jr={exports:{}},xn;function $s(){if(xn)return Jr.exports;xn=1;var t=ye();wt(),qt(),ma(),Ht(),me();var e=Jr.exports=t.ssh=t.ssh||{};e.privateKeyToPutty=function(y,c,a){a=a||"",c=c||"";var v="ssh-rsa",l=c===""?"none":"aes256-cbc",S="PuTTY-User-Key-File-2: "+v+`\r
15
+ `;S+="Encryption: "+l+`\r
16
+ `,S+="Comment: "+a+`\r
17
+ `;var L=t.util.createBuffer();i(L,v),r(L,y.e),r(L,y.n);var b=t.util.encode64(L.bytes(),64),f=Math.floor(b.length/66)+1;S+="Public-Lines: "+f+`\r
18
+ `,S+=b;var m=t.util.createBuffer();r(m,y.d),r(m,y.p),r(m,y.q),r(m,y.qInv);var E;if(!c)E=t.util.encode64(m.bytes(),64);else{var C=m.length()+16-1;C-=C%16;var o=p(m.bytes());o.truncate(o.length()-C+m.length()),m.putBuffer(o);var h=t.util.createBuffer();h.putBuffer(p("\0\0\0\0",c)),h.putBuffer(p("\0\0\0",c));var g=t.aes.createEncryptionCipher(h.truncate(8),"CBC");g.start(t.util.createBuffer().fillWithByte(0,16)),g.update(m.copy()),g.finish();var I=g.output;I.truncate(16),E=t.util.encode64(I.bytes(),64)}f=Math.floor(E.length/66)+1,S+=`\r
19
+ Private-Lines: `+f+`\r
20
+ `,S+=E;var _=p("putty-private-key-file-mac-key",c),d=t.util.createBuffer();i(d,v),i(d,l),i(d,a),d.putInt32(L.length()),d.putBuffer(L),d.putInt32(m.length()),d.putBuffer(m);var s=t.hmac.create();return s.start("sha1",_),s.update(d.bytes()),S+=`\r
21
+ Private-MAC: `+s.digest().toHex()+`\r
22
+ `,S},e.publicKeyToOpenSSH=function(y,c){var a="ssh-rsa";c=c||"";var v=t.util.createBuffer();return i(v,a),r(v,y.e),r(v,y.n),a+" "+t.util.encode64(v.bytes())+" "+c},e.privateKeyToOpenSSH=function(y,c){return c?t.pki.encryptRsaPrivateKey(y,c,{legacy:!0,algorithm:"aes128"}):t.pki.privateKeyToPem(y)},e.getPublicKeyFingerprint=function(y,c){c=c||{};var a=c.md||t.md.md5.create(),v="ssh-rsa",l=t.util.createBuffer();i(l,v),r(l,y.e),r(l,y.n),a.start(),a.update(l.getBytes());var S=a.digest();if(c.encoding==="hex"){var L=S.toHex();return c.delimiter?L.match(/.{2}/g).join(c.delimiter):L}else{if(c.encoding==="binary")return S.getBytes();if(c.encoding)throw new Error('Unknown encoding "'+c.encoding+'".')}return S};function r(y,c){var a=c.toString(16);a[0]>="8"&&(a="00"+a);var v=t.util.hexToBytes(a);y.putInt32(v.length),y.putBytes(v)}function i(y,c){y.putInt32(c.length),y.putString(c)}function p(){for(var y=t.md.sha1.create(),c=arguments.length,a=0;a<c;++a)y.update(arguments[a]);return y.digest()}return Jr.exports}var ea,Sn;function Ys(){return Sn||(Sn=1,ea=ye(),wt(),Ks(),dt(),ga(),or(),qs(),qt(),Hs(),Gs(),zs(),ii(),Ea(),Pt(),ti(),si(),Qs(),oi(),ri(),Jn(),xa(),ut(),ei(),$s(),ci(),me()),ea}var Ws=Ys();const At=Us(Ws),js={name:"RSASSA-PKCS1-v1_5",modulusLength:2048,publicExponent:new Uint8Array([1,0,1]),hash:"SHA-256"};async function fi(t){if(!crypto.subtle)throw new Error("WebCrypto is not available in this browser.");const e=await crypto.subtle.generateKey(js,!0,["sign","verify"]),r=new Uint8Array(await crypto.subtle.exportKey("spki",e.publicKey)),i=Kt(eo(0),Xs(t),r,Js(0,new Uint8Array)),p=new Uint8Array(await crypto.subtle.sign("RSASSA-PKCS1-v1_5",e.privateKey,fo(i))),y=Kt(i,Kt(di("1.2.840.113549.1.1.11"),to()),no(p)),c=new Uint8Array(await crypto.subtle.exportKey("pkcs8",e.privateKey));return{privateKey:e.privateKey,privateKeyPKCS8Base64:Jt(c),publicKeySPKIBase64:Jt(r),csrPEM:so("CERTIFICATE REQUEST",y),csrBase64:Jt(y)}}function li(t){if(!t.certificateBase64&&!t.certificatePEM)throw new Error("certificateBase64 or certificatePEM is required.");const e=At.pki.privateKeyFromPem(oo("PRIVATE KEY",t.privateKeyPKCS8Base64)),r=t.certificatePEM?At.pki.certificateFromPem(t.certificatePEM):At.pki.certificateFromAsn1(At.asn1.fromDer(At.util.createBuffer(uo(t.certificateBase64)))),i=At.pkcs12.toPkcs12Asn1(e,[r],t.password,{algorithm:"3des",friendlyName:t.friendlyName}),p=At.asn1.toDer(i).getBytes();return co(p)}function Xs(t){const e=[bn("2.5.4.3",ro(t.commonName))];return t.emailAddress&&e.push(bn("1.2.840.113549.1.9.1",ao(t.emailAddress))),Kt(...e)}function bn(t,e){return Zs(Kt(di(t),e))}function Kt(...t){return bt(48,fr(...t))}function Zs(...t){return bt(49,fr(...t))}function Js(t,e){return bt(160+t,e)}function eo(t){return bt(2,new Uint8Array([t]))}function to(){return new Uint8Array([5,0])}function ro(t){return bt(12,new TextEncoder().encode(t))}function ao(t){return bt(22,new TextEncoder().encode(t))}function no(t){return bt(3,fr(new Uint8Array([0]),t))}function di(t){const e=t.split(".").map(i=>parseInt(i,10));if(e.length<2||e.some(i=>!Number.isFinite(i)))throw new Error(`Invalid OID: ${t}`);const r=[e[0]*40+e[1]];for(const i of e.slice(2)){const p=[i&127];let y=i>>7;for(;y>0;)p.unshift(y&127|128),y>>=7;r.push(...p)}return bt(6,new Uint8Array(r))}function bt(t,e){return fr(new Uint8Array([t]),io(e.byteLength),e)}function io(t){if(t<128)return new Uint8Array([t]);const e=[];let r=t;for(;r>0;)e.unshift(r&255),r>>=8;return new Uint8Array([128|e.length,...e])}function fr(...t){const e=t.reduce((p,y)=>p+y.byteLength,0),r=new Uint8Array(e);let i=0;for(const p of t)r.set(p,i),i+=p.byteLength;return r}function so(t,e){const i=Jt(e).match(/.{1,64}/g)??[];return`-----BEGIN ${t}-----
23
+ ${i.join(`
24
+ `)}
25
+ -----END ${t}-----
26
+ `}function oo(t,e){const r=e.match(/.{1,64}/g)??[];return`-----BEGIN ${t}-----
27
+ ${r.join(`
28
+ `)}
29
+ -----END ${t}-----
30
+ `}function Jt(t){let e="";for(const r of t)e+=String.fromCharCode(r);return btoa(e)}function co(t){return btoa(t)}function uo(t){return atob(t)}function fo(t){const e=new Uint8Array(t.byteLength);return e.set(t),e.buffer}const pi="limbuild-device-pairing",hi=1,Lt="pairRecords",ba="limbuild-device-signing",Ta=1,ht="signingAssets";function Et(t){return(t??"").replace(/-/g,"").replace(/[^a-fA-F0-9]/g,"")}function xt(t){return(t??"").trim()}async function yi(t){const e=Et(t);if(!e)return;const r=await Gt(pi,hi,Lt,"udid");return zt(r.transaction(Lt,"readonly").objectStore(Lt).get(e))}async function vi(t,e={}){const r=Et(t.udid);if(!r)throw new Error("Cannot store pair record without a UDID.");const i={...t,udid:r,productName:e.productName,updatedAt:new Date().toISOString()},p=await Gt(pi,hi,Lt,"udid");return await zt(p.transaction(Lt,"readwrite").objectStore(Lt).put(i)),i}async function gi({deviceUDID:t,bundleID:e}){const r=xt(e);if(!r)return;const i=Et(t),p=await Tn(la("bundle",r));if(p)return p;if(i){const c=await Tn(la(i,r));if(c)return c}return(await mi(r))[0]}async function fa(){return(await Si()).sort((e,r)=>new Date(r.updatedAt).getTime()-new Date(e.updatedAt).getTime())[0]}async function Aa(t){const e=xt(t.bundleID);if(!e)throw new Error("Cannot store signing assets without a bundle ID.");const r=Et(t.deviceUDID),i=la("bundle",e),p={...t,id:i,deviceUDID:r||void 0,bundleID:e,updatedAt:new Date().toISOString()},y=await Gt(ba,Ta,ht,"id");return await zt(y.transaction(ht,"readwrite").objectStore(ht).put(p)),p}async function mi(t){const e=xt(t);return e?(await Si()).filter(i=>i.bundleID===e):[]}function ar(t,e){const r=Et(e);return!!r&&t.provisionedDevices.some(i=>Et(i)===r)}function Ci(t,e){const r=xt(e),i=xt(t.bundleID);if(!r||!i)return!1;if(i===r||i==="*")return!0;if(!i.endsWith(".*"))return!1;const p=i.slice(0,-1);return r.startsWith(p)}async function Ei(t){return Ia(new Uint8Array(await t.arrayBuffer()))}function xi(t){const e=atob(t),r=new Uint8Array(e.length);for(let i=0;i<e.length;i+=1)r[i]=e.charCodeAt(i);return Ia(r)}function Ia(t){const e=new TextDecoder("latin1").decode(t),r=e.indexOf("<?xml"),i=e.indexOf("</plist>");if(r<0||i<r)throw new Error("Provisioning profile plist not found.");const p=e.slice(r,i+8),y=new DOMParser().parseFromString(p,"application/xml");if(y.querySelector("parsererror"))throw new Error("Provisioning profile plist could not be parsed.");const c=y.querySelector("plist > dict");if(!c)throw new Error("Provisioning profile plist dictionary not found.");const a=Ba(c);if(!In(a))throw new Error("Provisioning profile plist has an unexpected shape.");const v=In(a.Entitlements)?a.Entitlements:{},l=Vt(v["application-identifier"]),S=lo(l);return{name:Vt(a.Name),uuid:Vt(a.UUID),teamID:Vt(v["com.apple.developer.team-identifier"])??An(a.TeamIdentifier)[0],applicationIdentifier:l,bundleID:S,provisionedDevices:An(a.ProvisionedDevices),expirationDate:Vt(a.ExpirationDate)}}async function Tn(t){if(!t)return;const e=await Gt(ba,Ta,ht,"id");return zt(e.transaction(ht,"readonly").objectStore(ht).get(t))}async function Si(){const t=await Gt(ba,Ta,ht,"id");return zt(t.transaction(ht,"readonly").objectStore(ht).getAll())}function la(t,e){return`${t}:${e}`}function lo(t){if(!t)return;const e=t.indexOf(".");return e>=0?t.slice(e+1):void 0}function Ba(t){switch(t.tagName){case"dict":return po(t);case"array":return Array.from(t.children).map(Ba);case"string":case"date":return t.textContent??"";default:return t.textContent??""}}function po(t){const e={},r=Array.from(t.children);for(let i=0;i<r.length;i+=2){const p=r[i],y=r[i+1];!p||p.tagName!=="key"||!y||(e[p.textContent??""]=Ba(y))}return e}function Vt(t){return typeof t=="string"&&t?t:void 0}function An(t){return Array.isArray(t)?t.filter(e=>typeof e=="string"):[]}function In(t){return typeof t=="object"&&t!==null&&!Array.isArray(t)}function Gt(t,e,r,i){return new Promise((p,y)=>{const c=indexedDB.open(t,e);c.onupgradeneeded=()=>{const a=c.result;a.objectStoreNames.contains(r)||a.createObjectStore(r,{keyPath:i})},c.onsuccess=()=>p(c.result),c.onerror=()=>y(c.error??new Error("Open IndexedDB failed"))})}function zt(t){return new Promise((e,r)=>{t.onsuccess=()=>e(t.result),t.onerror=()=>r(t.error??new Error("IndexedDB request failed"))})}function bi(){return{method:"POST",path:"/account/listTeams.action",payload:{}}}function wa({bundleID:t,teamID:e=""}){return lr("/account/ios/identifiers/listAppIds.action",e,{sort:"name=asc"})}function Ti({deviceUDID:t,teamID:e=""}){return lr("/account/ios/device/listDevices.action",e,{sort:"name=asc",includeRemovedDevices:!1})}function Ai(t=""){return lr("/account/ios/certificate/listCertRequests.action",t,{sort:"name=asc",types:"83Q87W3TGH,5QPB9NHCEI"})}function Ii({bundleID:t,teamID:e=""}){return lr("/account/ios/profile/listProvisioningProfiles.action",e,{search:t,sort:"name=asc"})}function Bi({deviceUDID:t,teamID:e="",name:r="Limrun iPhone"}){return{method:"POST",path:"/account/ios/device/addDevices.action",payload:{teamId:e,deviceNames:r,deviceNumbers:Et(t),deviceClasses:"iphone",register:"single"}}}function wi({bundleID:t,teamID:e="",name:r}){return{method:"POST",path:"/account/ios/identifiers/addAppId.action",payload:{teamId:e,name:r??t,identifier:t,type:"explicit"}}}function Ni({csrPEM:t,teamID:e=""}){return{method:"POST",path:"/account/ios/certificate/submitCertificateRequest.action",payload:{teamId:e,type:"83Q87W3TGH",csrContent:t}}}function Ri(t,e=""){return{method:"GET",path:"/account/ios/certificate/downloadCertificateContent.action",payload:{teamId:e,certificateId:t,type:"83Q87W3TGH"}}}function _i({bundleID:t,teamID:e="",appIDID:r,certificateID:i,deviceIDs:p,name:y}){return{method:"POST",path:"/account/ios/profile/createProvisioningProfile.action",payload:{teamId:e,provisioningProfileName:y??`Limrun ${t}`,certificateIds:[i],appIdId:r,deviceIds:p,distributionType:"limited",subPlatform:"ios"}}}function Di(t,e=""){return{method:"GET",path:"/account/ios/profile/downloadProfileContent",payload:{teamId:e,provisioningProfileId:t}}}async function da({bundleID:t,deviceUDID:e,teamID:r}){const i=await gi({bundleID:t,deviceUDID:e});if(!(!i||!Ui(i,{bundleID:t,deviceUDID:e,teamID:r})))return i}async function Li(t){return Aa({...t,certificateFileName:t.certificateID?`${t.certificateID}.p12`:"apple-development.p12",profileFileName:t.profile.uuid?`${t.profile.uuid}.mobileprovision`:"apple-development.mobileprovision"})}function Ui(t,{bundleID:e,deviceUDID:r,teamID:i}){return!Ci(t.profile,e)||i&&t.teamID&&t.teamID!==i||r&&!ar(t.profile,r)||t.profile.expirationDate&&new Date(t.profile.expirationDate).getTime()<=Date.now()?!1:xt(t.bundleID)===xt(e)}function ho(t){const e=t;return e?.teams?.[0]??e?.provider??e?.availableProviders?.[0]}function yo(t){const e=t,r=[...e?.teams??[],...e?.provider?[e.provider]:[],...e?.availableProviders??[]],i=new Set;for(const p of r)for(const y of[p.teamId,p.providerId,p.publicProviderId])y!==void 0&&y!==""&&i.add(String(y));return[...i]}function lr(t,e,r={}){const i={pageNumber:1,pageSize:200,...r};return e&&(i.teamId=e),{method:"POST",path:t,payload:i}}async function Pi(t,e){const r=new URL(`${t}/info`);e&&r.searchParams.set("token",e);const i=await fetch(r.toString(),{headers:e?{Authorization:`Bearer ${e}`}:void 0});if(!i.ok){const p=await i.text();throw new Error(`Info request failed: HTTP ${i.status} ${p}`)}return await i.json()}async function ki({limbuildApiUrl:t,token:e,certificateP12Base64:r,certificatePassword:i,provisioningProfileBase64:p}){const y=new URL(`${t}/exec`);e&&y.searchParams.set("token",e);const c=await fetch(y.toString(),{method:"POST",headers:{"Content-Type":"application/json",...e?{Authorization:`Bearer ${e}`}:{}},body:JSON.stringify({command:"xcodebuild",xcodebuild:{sdk:"iphoneos"},signing:{certificateP12Base64:r,certificatePassword:i,provisioningProfileBase64:p}})});if(!c.ok){const a=await c.text();throw new Error(`Build request failed: HTTP ${c.status} ${a}`)}return await c.json()}function Vi({limbuildApiUrl:t,execId:e,token:r,onLine:i,onStatus:p,onError:y}){const c=new URL(`${t}/exec/${e}/events`);r&&c.searchParams.set("token",r);const a=new EventSource(c.toString());return p("running"),a.addEventListener("command",v=>i({type:"command",data:v.data})),a.addEventListener("stdout",v=>i({type:"stdout",data:v.data})),a.addEventListener("stderr",v=>i({type:"stderr",data:v.data})),a.addEventListener("exitCode",v=>{const l=parseInt(v.data,10);p(l===0?"succeeded":l<0?"cancelled":"failed"),a.close()}),a.onerror=()=>{a.close(),y?.(new Error("Build log stream closed before completion."))},()=>a.close()}const Na=1,Bt=16,We={DeviceHello:1,OpenStream:2,OpenResult:3,StreamData:4,StreamClose:5,InstallProgress:6,Error:7,Ping:8,Pong:9,StartPairing:10,StartInstall:11,PairRecordReady:12};function Oi(t){const e=new Uint8Array(Bt+t.payload.byteLength),r=new DataView(e.buffer);return r.setUint8(0,Na),r.setUint8(1,t.type),r.setUint8(2,0),r.setUint8(3,0),r.setUint32(4,t.requestId),r.setUint32(8,t.streamId),r.setUint32(12,t.payload.byteLength),e.set(t.payload,Bt),e}function Fi(t){if(t.byteLength<Bt)throw new Error(`Relay frame too short: ${t.byteLength}`);const e=new DataView(t.buffer,t.byteOffset,t.byteLength),r=e.getUint8(0);if(r!==Na)throw new Error(`Unsupported relay protocol version ${r}`);const i=e.getUint32(12);if(t.byteLength!==Bt+i)throw new Error(`Relay frame length mismatch: got ${t.byteLength}, expected ${Bt+i}`);return{type:e.getUint8(1),requestId:e.getUint32(4),streamId:e.getUint32(8),payload:t.slice(Bt)}}function It(t){return new TextEncoder().encode(JSON.stringify(t))}function er(t){return JSON.parse(new TextDecoder().decode(t))}async function Ki(){if(!navigator.usb)throw new Error("WebUSB is not available in this browser.");return navigator.usb.requestDevice({filters:[{vendorId:1452}]})}function Mi(t){const e=[],r=t.configuration?.configurationValue,i=t.configurations.find(p=>p.configurationValue===r);i&&e.push(...Bn(i));for(const p of t.configurations)p.configurationValue!==r&&e.push(...Bn(p));return e}function Bn(t){const e=[];for(const r of t.interfaces)for(const i of r.alternates)i.interfaceClass===255&&i.interfaceSubclass===254&&i.interfaceProtocol===2&&e.push({configurationValue:t.configurationValue,interfaceNumber:r.interfaceNumber,alternateSetting:i.alternateSetting,endpoints:i.endpoints});return e}async function qi(t,e){t.opened||await t.open(),(!t.configuration||t.configuration.configurationValue!==e.configurationValue)&&await t.selectConfiguration(e.configurationValue),await t.claimInterface(e.interfaceNumber),e.alternateSetting!==0&&await t.selectAlternateInterface(e.interfaceNumber,e.alternateSetting)}function Hi(t){const e=t.endpoints.find(i=>i.direction==="out"&&i.type==="bulk"),r=t.endpoints.find(i=>i.direction==="in"&&i.type==="bulk");if(!e||!r)throw new Error("Could not find usbmux bulk endpoints.");return{outEndpoint:e,inEndpoint:r}}async function Ra(t,e,r){const i=await t.transferOut(e.endpointNumber,r);if(i.status!=="ok")throw new Error(`USB transferOut failed: ${i.status}`);r.byteLength%e.packetSize===0&&await t.transferOut(e.endpointNumber,new Uint8Array)}async function Gi(t,e,r=16384){const i=await t.transferIn(e.endpointNumber,r);if(i.status!=="ok"||!i.data)throw new Error(`USB transferIn failed: ${i.status}`);return new Uint8Array(i.data.buffer,i.data.byteOffset,i.data.byteLength)}const zi=0,vo=2,Qi=6,go=4277009102,pa=2,mo=4,Ft=16,Co=49152;async function $i(t,e){const{inEndpoint:r,outEndpoint:i}=Hi(e),p=new Uint8Array(12),y=new DataView(p.buffer);y.setUint32(0,2),y.setUint32(4,0),y.setUint32(8,0),await Ra(t,i,Ji(zi,p));const c=await Zi(t,r,1),a=new DataView(c.payload.buffer,c.payload.byteOffset).getUint32(0),v={device:t,candidate:e,inEndpoint:r,outEndpoint:i,muxVersion:a,txSeq:0,rxSeq:65535,nextSport:Co,streams:new Map,writeChain:Promise.resolve(),closed:!1};return a>=2&&await Xi(v,vo,new Uint8Array([7])),Eo(v),v}async function Yi(t,e){if(t.closed)throw new Error("usbmux session is closed.");let r,i;const p={session:t,sport:t.nextSport++,dport:e,seq:0,ack:0,queue:[],waiters:[],opened:new Promise((y,c)=>{r=y,i=c}),resolveOpened:r,rejectOpened:i};return t.streams.set(ha(e,p.sport),p),await nr(p,pa,new Uint8Array),await p.opened,p}async function Wi(t,e){if(t.session.closed)throw new Error("usbmux session is closed.");await nr(t,Ft,e),t.seq+=e.byteLength}async function ji(t){if(t.queue.length>0)return t.queue.shift();if(t.error)throw t.error;return new Promise(e=>{t.waiters.push(e)})}function _a(t){t.closed=!0;for(const e of t.streams.values())for(e.error=new Error("usbmux session closed"),e.rejectOpened(e.error);e.waiters.length>0;)e.waiters.shift()(new Uint8Array);t.streams.clear()}async function nr(t,e,r){const i=new Uint8Array(20+r.byteLength),p=new DataView(i.buffer);p.setUint16(0,t.sport),p.setUint16(2,t.dport),p.setUint32(4,t.seq),p.setUint32(8,t.ack),p.setUint8(12,80),p.setUint8(13,e),p.setUint16(14,512),i.set(r,20),await Xi(t.session,Qi,i)}async function Xi(t,e,r){if(t.closed)throw new Error("usbmux session is closed.");return t.writeChain=t.writeChain.then(async()=>{if(t.closed)return;const i=t.muxVersion>=2?xo(e,r,t.txSeq++,t.rxSeq):Ji(e,r);await Ra(t.device,t.outEndpoint,i)}),t.writeChain}async function Eo(t){try{for(;;){if(t.closed)return;const e=await Zi(t.device,t.inEndpoint,t.muxVersion);if(t.closed)return;if(e.rxSeq!==void 0&&(t.rxSeq=e.rxSeq),e.protocol!==Qi)continue;const r=bo(e.payload),i=t.streams.get(ha(r.sport,r.dport));if(i){if(r.flags&mo){for(i.error=new Error(`Device reset stream ${i.dport}`),i.rejectOpened(i.error);i.waiters.length>0;)i.waiters.shift()(new Uint8Array);t.streams.delete(ha(i.dport,i.sport));continue}if((r.flags&(pa|Ft))===(pa|Ft)){i.seq+=1,i.ack=r.seq+1,await nr(i,Ft,new Uint8Array),i.resolveOpened();continue}r.payload.byteLength!==0&&(i.ack=r.seq+r.payload.byteLength,await nr(i,Ft,new Uint8Array),i.waiters.length>0?i.waiters.shift()(r.payload):i.queue.push(r.payload))}}}catch{t.closed||_a(t)}}async function Zi(t,e,r){for(;;){const i=await Gi(t,e),p=So(i,r);if(!(r===1&&p.protocol!==zi))return p}}function Ji(t,e){const r=new Uint8Array(8+e.byteLength),i=new DataView(r.buffer);return i.setUint32(0,t),i.setUint32(4,r.byteLength),r.set(e,8),r}function xo(t,e,r,i){const p=new Uint8Array(16+e.byteLength),y=new DataView(p.buffer);return y.setUint32(0,t),y.setUint32(4,p.byteLength),y.setUint32(8,go),y.setUint16(12,r),y.setUint16(14,i),p.set(e,16),p}function So(t,e){const r=new DataView(t.buffer,t.byteOffset,t.byteLength),i=r.getUint32(0),p=r.getUint32(4),y=e>=2?16:8;return{protocol:i,length:p,rxSeq:e>=2?r.getUint16(14):void 0,payload:t.slice(y,p)}}function bo(t){const e=new DataView(t.buffer,t.byteOffset,t.byteLength),r=(e.getUint8(12)>>4)*4;return{sport:e.getUint16(0),dport:e.getUint16(2),seq:e.getUint32(4),ack:e.getUint32(8),flags:e.getUint8(13),payload:t.slice(r)}}function ha(t,e){return`${t}:${e}`}class es{constructor(e,r,i,p){this.webSocketUrl=e,this.session=r,this.deviceHello=i,this.log=p}socket;streams=new Map;frameQueue=Promise.resolve();closed=!1;pairRecordWaiter;async connect(){const e=new WebSocket(this.webSocketUrl);e.binaryType="arraybuffer",this.socket=e,e.onclose=()=>{this.closed=!0,this.log("Relay socket closed"),this.pairRecordWaiter&&(this.pairRecordWaiter.reject(new Error("Relay socket closed")),this.pairRecordWaiter=void 0)},await new Promise((r,i)=>{e.onopen=()=>r(),e.onerror=()=>i(new Error("WebSocket connection failed"))}),e.onmessage=r=>{const i=r.data instanceof ArrayBuffer?new Uint8Array(r.data):new Uint8Array;this.enqueueFrame(i)},await this.send({type:We.DeviceHello,requestId:0,streamId:0,payload:It(this.deviceHello)}),this.log("Connected WebSocket relay")}async startPairing(){const e=new Promise((r,i)=>{this.pairRecordWaiter={resolve:r,reject:i}});return await this.send({type:We.StartPairing,requestId:0,streamId:0,payload:It({})}),this.log("Pairing requested"),e}async startInstall(e){await this.send({type:We.StartInstall,requestId:0,streamId:0,payload:It(e)}),this.log("Installation requested")}close(){this.closed=!0,this.socket?.close()}enqueueFrame(e){this.frameQueue=this.frameQueue.then(()=>this.handleFrame(Fi(e))).catch(r=>{this.log("Relay frame handling failed",r instanceof Error?r.message:String(r))})}async handleFrame(e){switch(e.type){case We.OpenStream:await this.handleOpenStream(e.requestId,e.streamId,er(e.payload).port);break;case We.StreamData:{const r=this.streams.get(e.streamId);if(!r)throw new Error(`Unknown stream ${e.streamId}`);await Wi(r,e.payload);break}case We.StreamClose:this.streams.delete(e.streamId);break;case We.InstallProgress:this.log(Ao(er(e.payload).message));break;case We.Error:this.handleError(e.payload);break;case We.PairRecordReady:this.handlePairRecordReady(er(e.payload));break;case We.Ping:await this.send({type:We.Pong,requestId:e.requestId,streamId:0,payload:new Uint8Array});break}}handleError(e){const r=To(e);this.log("Server error",r),this.pairRecordWaiter&&(this.pairRecordWaiter.reject(new Error(r)),this.pairRecordWaiter=void 0)}handlePairRecordReady(e){this.log("Pair record received",e.udid),this.pairRecordWaiter?.resolve(e),this.pairRecordWaiter=void 0}async handleOpenStream(e,r,i){try{const p=await Yi(this.session,i);this.streams.set(r,p),await this.send({type:We.OpenResult,requestId:e,streamId:r,payload:It({ok:!0})}),this.log(`Opened device stream ${r} to port ${i}`),this.pumpDeviceToServer(r,p)}catch(p){this.log(`Open device stream ${r} failed`,p instanceof Error?p.message:String(p)),await this.send({type:We.OpenResult,requestId:e,streamId:r,payload:It({ok:!1,error:p instanceof Error?p.message:String(p)})})}}async pumpDeviceToServer(e,r){try{for(;;){const i=await ji(r);if(this.closed)return;await this.send({type:We.StreamData,requestId:0,streamId:e,payload:i})}}catch(i){this.log(`Device stream ${e} closed`,i instanceof Error?i.message:String(i)),await this.send({type:We.StreamClose,requestId:0,streamId:e,payload:It({reason:i instanceof Error?i.message:String(i)})})}}async send(e){if(!this.closed){if(!this.socket||this.socket.readyState!==WebSocket.OPEN){this.closed=!0;return}this.socket.send(Oi(e))}}}function To(t){const e=new TextDecoder().decode(t);try{const r=JSON.parse(e);return wn(r.error??e)}catch{return wn(e)}}function wn(t){return t.replace(/libimobiledevice/g,"").trim()}function Ao(t){const e="install status: ";if(!t.startsWith(e))return t;const r=t.slice(e.length),p=new DOMParser().parseFromString(r,"application/xml").querySelector("plist > dict");if(!p)return t;const y=Io(p),c=y.Status??"Unknown";return`Install progress: ${y.PercentComplete?`${y.PercentComplete}% `:""}${c}`}function Io(t){const e={},r=Array.from(t.children);for(let i=0;i<r.length;i+=2){const p=r[i],y=r[i+1];!p||p.tagName!=="key"||!y||(e[p.textContent??""]=y.textContent??"")}return e}async function ts({log:t}){t("Selecting USB device");const e=await Ki(),r=wo(e);return t("Selected USB device",`${e.manufacturerName??""} ${e.productName??""} ${e.serialNumber??""}`.trim()),r}async function rs({limbuildApiUrl:t,token:e,log:r,target:i}){const p=Da(t,e);let y;try{y=await ns(p,i,r);const c=await y.startPairing();return{relay:y,pairRecord:c,target:i}}catch(c){throw y?.close(),c}}async function as({limbuildApiUrl:t,token:e,log:r,target:i,pairRecord:p}){const y=Da(t,e);let c;try{return c=await ns(y,i,r),await c.startInstall(p),c}catch(a){throw c?.close(),a}}async function Dt(t,e){if(t){if(t.session&&(_a(t.session),t.session=void 0),t.claimedInterfaceNumber!==void 0)try{await t.device.releaseInterface(t.claimedInterfaceNumber),e?.("Released usbmux interface")}catch(r){e?.("USB interface release failed",ya(r))}finally{t.claimedInterfaceNumber=void 0}if(t.device.opened)try{await t.device.close(),e?.("Closed USB device")}catch(r){e?.("USB device close failed",ya(r))}}}async function ns(t,e,r){await Bo(e,r);const i=new es(t,e.session,e.hello,r);return await i.connect(),i}async function Bo(t,e){if(!t.session)try{t.candidate=await No(t,e),t.session=await $i(t.device,t.candidate),e("Created usbmux session")}catch(r){throw await Dt(t,e),r}}function wo(t){return{device:t,candidate:Ro(t),hello:{serialNumber:t.serialNumber,productName:t.productName,manufacturerName:t.manufacturerName,productId:t.productId,vendorId:t.vendorId}}}async function No(t,e){const r=is(t.device);if(r.length===0)throw new Error("No Apple usbmux interface found.");let i;for(const p of r)for(const y of[1,2])try{return t.device.opened||await t.device.open(),e("Claiming usbmux interface",`configuration ${p.configurationValue}, interface ${p.interfaceNumber}, alternate ${p.alternateSetting}, attempt ${y}`),await qi(t.device,p),t.claimedInterfaceNumber=p.interfaceNumber,e("Claimed usbmux interface",`configuration ${p.configurationValue}, interface ${p.interfaceNumber}`),p}catch(c){i=c,e("USB interface claim failed",`configuration ${p.configurationValue}, interface ${p.interfaceNumber}: ${ya(c)}`),await _o(t),await Do(250)}throw i instanceof Error?i:new Error("Unable to claim any Apple usbmux interface.")}function Ro(t){const e=is(t)[0];if(!e)throw new Error("No Apple usbmux interface found.");return e}function is(t){const e=Mi(t),r=t.configuration?.configurationValue;return[...e.filter(i=>i.configurationValue===r),...e.filter(i=>i.configurationValue!==r)]}function Da(t,e){const r=new URL(t);return r.protocol=r.protocol==="https:"?"wss:":"ws:",r.pathname=`${r.pathname.replace(/\/$/,"")}/device/ws`,e&&r.searchParams.set("token",e),r.toString()}function ya(t){return t instanceof Error?t.message:String(t)}async function _o(t){if(t.claimedInterfaceNumber!==void 0){try{await t.device.releaseInterface(t.claimedInterfaceNumber)}catch{}t.claimedInterfaceNumber=void 0}if(t.device.opened)try{await t.device.close()}catch{}}function Do(t){return new Promise(e=>setTimeout(e,t))}const Lo={build:"idle",usb:"idle",pair:"idle",install:"idle"};function Uo({apiUrl:t,token:e}){const[r,i]=le.useState("build"),[p,y]=le.useState(Lo),[c,a]=le.useState(),[v,l]=le.useState(),[S,L]=le.useState(),[b,f]=le.useState(["Ready. Start a signed device build, allow USB access, pair this browser, then install."]),[m,E]=le.useState([]),[C,o]=le.useState("idle"),[h,g]=le.useState("idle"),[I,_]=le.useState([]),[d,s]=le.useState([]),[n,B]=le.useState([]),[U,O]=le.useState([]),[P,F]=le.useState(),[q,M]=le.useState(),[H,Q]=le.useState(""),[j,J]=le.useState(!1),[ce,se]=le.useState(),[ge,de]=le.useState(),[he,X]=le.useState(!1),[W,$e]=le.useState({}),we=le.useRef(void 0),x=le.useRef(void 0),D=le.useRef(void 0),R=le.useRef(void 0),T=le.useCallback((re,ae)=>{const oe=ae?`${re}
31
+ ${ae}`:re;f(ue=>[oe,...ue].slice(0,100))},[]),u=le.useCallback((re,ae)=>{y(oe=>({...oe,[re]:ae}))},[]),N=le.useCallback(re=>{$e(ae=>({...ae,...re})),L(void 0)},[]),V=le.useCallback(()=>sr(I.find(re=>ir(re)===q)),[I,q]),ne=!!(c?.hello.serialNumber?d.find(re=>Mt(re.deviceNumber)===Mt(c.hello.serialNumber)):void 0)?.deviceId;le.useEffect(()=>{x.current=c},[c]);const Z=le.useCallback(async()=>{we.current?.close(),we.current=void 0,await Dt(x.current,T)},[T]);le.useEffect(()=>()=>{D.current?.(),R.current?.close(),R.current=void 0,Z()},[Z]);const z=le.useCallback(async()=>{const re=H.trim(),ae=re?void 0:t?await Po(t,e).catch(()=>{}):void 0,oe=re||ae?.lastBuildConfig?.bundleId;if(oe){const Je=await da({bundleID:oe,deviceUDID:c?.hello.serialNumber,teamID:q});if(Je)return g("using-cached-profile"),T("Using cached Apple signing profile",Je.bundleID),L(Je),Je}const ue=await fa();if(ue)return T("Using stored signing assets",ue.bundleID),L(ue),ue;if(!W.certificateFile||!W.provisioningProfileFile||!W.certificatePassword)throw new Error("Upload a certificate, provisioning profile, and certificate password.");T("Preparing signing assets");const[Ie,Xe,Ye]=await Promise.all([Rn(W.certificateFile),Rn(W.provisioningProfileFile),Ei(W.provisioningProfileFile)]);if(c?.hello.serialNumber&&!ar(Ye,c.hello.serialNumber))throw new Error("Provisioning profile does not include the selected iPhone.");const Ze=Ye.bundleID??Ye.applicationIdentifier??W.provisioningProfileFile.name,tt=await Aa({deviceUDID:c?.hello.serialNumber,bundleID:Ze,certificateP12Base64:Ie,certificateFileName:W.certificateFile.name,certificatePassword:W.certificatePassword,provisioningProfileBase64:Xe,profileFileName:W.provisioningProfileFile.name,profile:Ye});return L(tt),T("Signing assets stored locally",Ze),tt},[t,H,T,q,c?.hello.serialNumber,W,e]),ee=le.useCallback(async({accountName:re,password:ae})=>{if(t){se("build"),de(void 0),g("authenticating");try{await R.current?.close().catch(()=>{});const oe=await jn({limbuildApiUrl:t,token:e,accountName:re,password:ae});if(R.current=oe,!oe.requiresTwoFactor){const ue=await oe.finalize().catch(()=>{}),Ie=await Nn(t,oe.appleSessionId,e,_,M,ue?.body);await ta(t,oe.appleSessionId,e,Ie,B,Q),await ra(t,oe.appleSessionId,e,Ie,F,T)}g(oe.requiresTwoFactor?"two-factor-required":"authenticated"),T(oe.requiresTwoFactor?"Apple ID requires two-factor authentication":"Apple ID authenticated",re)}catch(oe){const ue=ft(oe);de(ue),g("error"),T("Apple ID authentication failed",ue)}finally{se(void 0)}}},[t,T,e]),fe=le.useCallback(async re=>{const ae=R.current;if(!ae)throw new Error("Start Apple ID login before submitting a two-factor code.");se("build"),de(void 0);try{if(await ae.finishTwoFactor(re),t){const oe=await ae.finalize().catch(()=>{}),ue=await Nn(t,ae.appleSessionId,e,_,M,oe?.body);await ta(t,ae.appleSessionId,e,ue,B,Q),await ra(t,ae.appleSessionId,e,ue,F,T)}g("authenticated"),T("Apple ID two-factor authentication accepted")}catch(oe){const ue=ft(oe);de(ue),g("error"),T("Apple ID two-factor authentication failed",ue)}finally{se(void 0)}},[t,T,e]),ve=le.useCallback(()=>{R.current?.close(),R.current=void 0,_([]),s([]),B([]),O([]),F(void 0),M(void 0),g("idle"),T("Apple ID login state cleared")},[T]),pe=le.useCallback(re=>{M(re),B([]),s([]),O([]),F(void 0),Q(""),L(void 0);const ae=R.current;if(!t||!ae||!re)return;const oe=sr(I.find(ue=>ir(ue)===re));oe&&(async()=>{try{await ta(t,ae.appleSessionId,e,oe,B,Q),await ra(t,ae.appleSessionId,e,oe,F,T),x.current?.hello.serialNumber&&await aa({apiUrl:t,token:e,appleSessionId:ae.appleSessionId,teamID:oe,connectedUDID:x.current.hello.serialNumber,setAppleDevices:s,setSelectedAppleDeviceIDs:O,log:T})}catch(ue){const Ie=ft(ue);de(Ie),T("Apple team refresh failed",Ie)}})()},[t,I,T,e]),be=le.useCallback(async()=>{const re=V();if(!(!t||!R.current||!c?.hello.serialNumber||!re)){se("build"),de(void 0);try{const ae=Mt(c.hello.serialNumber),oe=await nt(t,R.current.appleSessionId,Bi({deviceUDID:ae,teamID:re,name:c.hello.productName??"Limrun iPhone"}),e);lt(oe.body,"Apple device registration"),await aa({apiUrl:t,token:e,appleSessionId:R.current.appleSessionId,teamID:re,connectedUDID:c.hello.serialNumber,setAppleDevices:s,setSelectedAppleDeviceIDs:O,log:T}),T("Connected iPhone registered with Apple Developer",ae)}catch(ae){const oe=ft(ae);de(oe),T("Apple device registration failed",oe)}finally{se(void 0)}}},[t,T,V,c?.hello.productName,c?.hello.serialNumber,e]),Ne=le.useCallback(async()=>{if(!t||!R.current||!c?.hello.serialNumber)return;const re=H.trim();if(!re)throw new Error("Enter a bundle ID before preparing signing assets.");if(!q)throw new Error("Select an Apple Developer team before preparing signing assets.");const ae=V();if(!ae)throw new Error("Selected Apple team does not include a Developer Portal team ID.");if(U.length===0)throw new Error("Select at least one Apple Developer device before preparing signing assets.");if(!W.certificatePassword)throw new Error("Enter a .p12 password before preparing signing assets.");se("build"),de(void 0),g("preparing-assets");try{const oe=await da({bundleID:re,deviceUDID:c.hello.serialNumber,teamID:ae});if(oe){L(oe),g("assets-ready"),T("Using cached Apple signing assets",re);return}const ue=await Vo({apiUrl:t,token:e,appleSessionId:R.current.appleSessionId,teamID:ae,bundleID:re,deviceUDID:c.hello.serialNumber,deviceIDs:U,certificatePassword:W.certificatePassword});L(ue),g("assets-ready"),T("Apple signing assets stored locally",`${re} for ${c.hello.serialNumber}`)}catch(oe){const ue=ft(oe);de(ue),g("error"),T("Apple signing asset preparation failed",ue)}finally{se(void 0)}},[t,H,I,T,q,U,V,c?.hello.productName,c?.hello.serialNumber,W.certificatePassword,e]),Ae=le.useCallback(async()=>{if(t){se("build"),de(void 0),i("build"),u("build","active"),J(!0),E([]),o("queued"),D.current?.();try{const re=await z();T("Starting signed device build");const ae=await ki({limbuildApiUrl:t,token:e,certificateP12Base64:re.certificateP12Base64,certificatePassword:re.certificatePassword,provisioningProfileBase64:re.provisioningProfileBase64});if(!ae.execId)throw new Error("Build request did not return an exec ID.");T("Signed device build started",ae.execId),D.current=Vi({limbuildApiUrl:t,execId:ae.execId,token:e,onLine:oe=>E(ue=>[...ue,oe]),onStatus:oe=>{o(oe),oe==="succeeded"?(u("build","complete"),i(x.current?v?"install":"pair":"usb")):(oe==="failed"||oe==="cancelled")&&u("build","error")},onError:oe=>{const ue=ft(oe);de(ue),T("Build log stream failed",ue)}})}catch(re){const ae=ft(re);de(ae),o("failed"),u("build","error"),T("Signed device build failed",ae)}finally{se(void 0)}}},[t,T,v,z,u,e]),Te=le.useCallback(async()=>{se("usb"),de(void 0),i("usb"),u("usb","active");try{await Z();const re=await ts({log:T});a(re),X(!1);const ae=await yi(re.hello.serialNumber);l(ae);const oe=await fa();if(oe){if(!ar(oe.profile,re.hello.serialNumber))throw new Error("Stored provisioning profile does not include the selected iPhone.");L(oe)}if(t&&R.current){const ue=V();ue&&await aa({apiUrl:t,token:e,appleSessionId:R.current.appleSessionId,teamID:ue,connectedUDID:re.hello.serialNumber,setAppleDevices:s,setSelectedAppleDeviceIDs:O,log:T})}u("usb","complete"),i(ae?"install":"pair"),T(ae?"Pair record found":"No pair record found",re.hello.serialNumber)}catch(re){const ae=ft(re);de(ae),u("usb","error"),T("USB access failed",ae)}finally{se(void 0)}},[t,Z,T,V,u,e]),Se=le.useCallback(async()=>{if(!(!t||!c)){se("pair"),de(void 0),X(!1),i("pair"),u("pair","active");try{await Z();const re=await rs({limbuildApiUrl:t,token:e,log:T,target:c}),ae=await vi(re.pairRecord,{productName:c.hello.productName});re.relay.close(),await Dt(c,T),l(ae),X(!1),u("pair","complete"),i("install"),T("Device paired","The pair record was stored locally in this browser.")}catch(re){await Dt(c,T);const ae=ft(re);X(!0),de("Unlock the iPhone, tap Trust, then confirm the pair record."),u("pair","error"),T("Device pairing failed",ae)}finally{se(void 0)}}},[t,Z,T,c,u,e]),xe=le.useCallback(async()=>{if(!(!t||!c||!v)){se("install"),de(void 0),i("install"),u("install","active");try{await Z(),we.current=await as({limbuildApiUrl:t,token:e,log:T,target:c,pairRecord:v}),u("install","complete"),T("Device install started","Installation will continue through the connected iPhone.")}catch(re){await Dt(c,T);const ae=ft(re);de(ae),u("install","error"),T("Device install relay failed",ae)}finally{se(void 0)}}},[t,Z,T,v,c,u,e]),Ce=le.useCallback(()=>{Z(),T("Device relay stopped")},[Z,T]);return{currentStep:r,stepStatuses:p,device:c?.hello,hasPairRecord:!!v,hasSigningAssets:!!S,pairConfirmationRequired:he,logs:b,buildLogs:m,buildStatus:C,appleSigningStatus:h,appleTeams:I,appleDevices:d,appleAppIDs:n,applePortalSummary:P,selectedAppleTeamID:q,selectedAppleDeviceIDs:U,connectedAppleDeviceRegistered:ne,appleBundleID:H,buildLogPanelOpen:j,busyAction:ce,error:ge,canBuild:!!t&&!ce&&!!S,canPrepareAppleSigningAssets:!!t&&!ce&&!!R.current&&!!c&&!!H.trim()&&!!V()&&U.length>0&&!!W.certificatePassword,canRequestUSBAccess:!ce&&h==="authenticated"&&!!H.trim(),canPairBrowser:!!t&&!ce&&!!c,canInstall:!!t&&!ce&&!!c&&!!v,setSigningFiles:N,setAppleBundleID:Q,setSelectedAppleDeviceIDs:O,setBuildLogPanelOpen:J,startAppleIDLogin:ee,submitAppleTwoFactorCode:fe,setSelectedAppleTeamID:pe,clearAppleIDLogin:ve,registerConnectedAppleDevice:be,prepareAppleSigningAssets:Ne,startDeviceBuild:Ae,requestUSBAccess:Te,pairBrowser:Se,startInstallation:xe,stopRelay:Ce}}async function Po(t,e){return Pi(t,e)}async function Nn(t,e,r,i,p,y){const c=await nt(t,e,bi(),r);lt(c.body,"Apple Developer team list");const a=ko([...c.body?.teams??[]]);i(a);const v=a.find(S=>sr(S)),l=ir(v??a[0]);if(l&&p(l),a.length===0)throw new Error("Apple Developer account did not return any teams or providers.");return a.map(sr).find(S=>!!S)}function ko(t){const e=new Set,r=[];for(const i of t){const y=ir(i)??i.name??JSON.stringify(i);e.has(y)||(e.add(y),r.push(i))}return r}async function ta(t,e,r,i,p,y){if(!i)return;const c=await nt(t,e,wa({bundleID:"",teamID:i}),r);lt(c.body,"Apple bundle ID list");const a=c.body?.appIds??[];p(a);const v=Fo(a[0]);v&&y(v)}async function ra(t,e,r,i,p,y){const[c,a]=await Promise.all([nt(t,e,Ai(i??""),r),nt(t,e,Ii({bundleID:"",teamID:i??""}),r)]);lt(c.body,"Apple Developer certificate list"),lt(a.body,"Apple Developer profile list");const v={certificateCount:c.body?.certRequests?.length??0,profileCount:a.body?.provisioningProfiles?.length??0};p(v),y("Apple Developer resources fetched",`${v.certificateCount} certificates, ${v.profileCount} provisioning profiles`)}async function aa({apiUrl:t,token:e,appleSessionId:r,teamID:i,connectedUDID:p,setAppleDevices:y,setSelectedAppleDeviceIDs:c,log:a}){const v=await nt(t,r,Ti({deviceUDID:p??"",teamID:i}),e);lt(v.body,"Apple device list");const l=v.body?.devices??[];y(l);const S=l.find(L=>Mt(L.deviceNumber)===Mt(p));S?.deviceId?(c([S.deviceId]),a("Connected iPhone found in Apple Developer devices",S.name??S.deviceNumber)):(c([]),a("Connected iPhone is not registered with Apple Developer",p))}async function Vo({apiUrl:t,token:e,appleSessionId:r,teamID:i,bundleID:p,deviceUDID:y,certificatePassword:c,deviceIDs:a}){const v=y.replace(/-/g,"").replace(/[^a-fA-F0-9]/g,""),l=await fi({commonName:`Limrun ${p}`}),S=await Oo({apiUrl:t,token:e,appleSessionId:r,teamID:i,bundleID:p}),L=await nt(t,r,Ni({csrPEM:l.csrPEM,teamID:i}),e);lt(L.body,"Apple Development certificate creation");const b=et(L.body?.certRequest,"certificateId")??et(L.body?.certRequest,"certRequestId")??et(L.body,"certificateId")??et(L.body,"certRequestId");if(!b)throw new Error("Apple certificate creation did not return a certificate ID.");const f=await nt(t,r,Ri(b,i),e);if(f.status<200||f.status>=300||!f.rawBodyBase64)throw new Error(`Apple certificate download failed: HTTP ${f.status}`);const m=li({privateKeyPKCS8Base64:l.privateKeyPKCS8Base64,certificateBase64:f.rawBodyBase64,password:c,friendlyName:`Apple Development ${p}`}),E=`Limrun ${p}`,C=await nt(t,r,_i({bundleID:p,teamID:i,appIDID:S,certificateID:b,deviceIDs:a,name:E}),e);lt(C.body,"Apple provisioning profile creation");const o=et(C.body?.provisioningProfile,"provisioningProfileId")??et(C.body,"provisioningProfileId");if(!o)throw new Error("Apple provisioning profile creation did not return a profile ID.");const h=await nt(t,r,Di(o,i),e);if(h.status<200||h.status>=300||!h.rawBodyBase64)throw new Error(`Apple provisioning profile download failed: HTTP ${h.status}`);const g=h.rawBodyBase64,I=xi(g);return Li({bundleID:p,deviceUDID:v,teamID:i,certificateID:b,certificateP12Base64:m,certificatePassword:c,provisioningProfileBase64:g,profile:I})}async function Oo({apiUrl:t,token:e,appleSessionId:r,teamID:i,bundleID:p}){const y=await nt(t,r,wa({bundleID:p,teamID:i}),e);lt(y.body,"Apple bundle ID lookup");const c=y.body?.appIds?.find(S=>et(S,"identifier")===p||et(S,"bundleId")===p),a=et(c,"appIdId")??et(c,"appId");if(a)return a;const v=await nt(t,r,wi({bundleID:p,teamID:i,name:p}),e);lt(v.body,"Apple bundle ID creation");const l=et(v.body?.appId,"appIdId")??et(v.body?.appId,"appId")??et(v.body,"appIdId")??et(v.body,"appId");if(!l)throw new Error("Apple bundle ID creation did not return an App ID.");return l}function lt(t,e){if(!t)throw new Error(`${e} returned an empty response.`);if(t.resultCode!==void 0&&t.resultCode!==0)throw new Error(`${e} failed: ${t.userString??t.resultString??t.resultCode}`)}function et(t,e){const r=t?.[e];if(typeof r=="string")return r;if(typeof r=="number"||typeof r=="boolean")return String(r)}function Mt(t){return(t??"").replace(/-/g,"").replace(/[^a-fA-F0-9]/g,"").toUpperCase()}function ir(t){const e=t?.teamId??t?.providerId??t?.publicProviderId;return e===void 0||e===""?void 0:String(e)}function sr(t){return t?.teamId&&t.teamId!==""?t.teamId:void 0}function Fo(t){return t?.identifier||t?.bundleId||void 0}async function Rn(t){const e=await t.arrayBuffer();let r="";const i=new Uint8Array(e);for(const p of i)r+=String.fromCharCode(p);return btoa(r)}function ft(t){return t instanceof Error?t.message:String(t)}exports.AppleGsaSrpClient=On;exports.RELAY_HEADER_BYTES=Bt;exports.RELAY_PROTOCOL_VERSION=Na;exports.RelayClient=es;exports.RelayMessageType=We;exports.claimUsbmux=qi;exports.closeDeviceRelayTarget=Dt;exports.closeUsbmuxSession=_a;exports.createAppleRelaySession=Fn;exports.createBundleIDRequest=wi;exports.createDevelopmentProfileRequest=_i;exports.createUsbmuxSession=$i;exports.decodeFrame=Fi;exports.decodeJson=er;exports.deleteAppleRelaySession=ca;exports.deviceRelayWebSocketUrl=Da;exports.downloadCertificateRequest=Ri;exports.downloadProfileRequest=Di;exports.encodeFrame=Oi;exports.encodeJson=It;exports.exportAppleCertificateP12=li;exports.fetchAppleAccountSession=Qn;exports.fetchLimbuildInfo=Pi;exports.findBundleIDRequest=wa;exports.findDevelopmentCertificatesRequest=Ai;exports.findDevelopmentProfilesRequest=Ii;exports.findDeviceRequest=Ti;exports.findSigningAssetsForBundle=mi;exports.findUsbmuxCandidates=Mi;exports.generateAppleSigningKeyAndCSR=fi;exports.getBulkEndpoints=Hi;exports.getLatestSigningAssets=fa;exports.getPairRecord=yi;exports.getReusableAppleSigningAssets=da;exports.getSigningAssets=gi;exports.listTeamsRequest=bi;exports.normalizeBundleID=xt;exports.normalizeUDID=Et;exports.openStream=Yi;exports.parseProvisioningProfile=Ei;exports.parseProvisioningProfileBase64=xi;exports.parseProvisioningProfileBytes=Ia;exports.profileContainsDevice=ar;exports.profileMatchesBundleID=Ci;exports.proxyPhoneTwoFactorCode=zn;exports.proxyProvisioningRequest=nt;exports.proxySrpComplete=Mn;exports.proxySrpInit=Kn;exports.proxyTwoFactorCode=Gn;exports.putAppleGeneratedSigningAssets=Li;exports.putPairRecord=vi;exports.putSigningAssets=Aa;exports.receiveStreamData=ji;exports.registerDeviceRequest=Bi;exports.requestAppleDevice=Ki;exports.requestUSBAccess=ts;exports.selectDeveloperPortalTeam=ho;exports.sendStreamData=Wi;exports.startBrowserOwnedAppleIDLogin=jn;exports.startInstallRelay=as;exports.startPairingRelay=rs;exports.startSignedDeviceBuild=ki;exports.storedSigningAssetsReusable=Ui;exports.submitDevelopmentCSRRequest=Ni;exports.teamIDCandidates=yo;exports.transferIn=Gi;exports.transferOutWithZlp=Ra;exports.triggerPhoneTwoFactor=Hn;exports.triggerTrustedDeviceTwoFactor=qn;exports.useDeviceInstall=Uo;exports.watchBuildLogEvents=Vi;