@naylence/advanced-security 0.3.4 → 0.3.5-test.0

package/dist/esm/naylence/fame/security/cert/util.js

@@ -1,15 +1,58 @@
 import { AsnConvert } from "@peculiar/asn1-schema";
-import { Certificate } from "@peculiar/asn1-x509";
+import { Certificate, NameConstraints, SubjectAlternativeName, id_ce_nameConstraints, id_ce_subjectAltName, } from "@peculiar/asn1-x509";
+import { sha256 } from "@noble/hashes/sha256";
+import { sha512 } from "@noble/hashes/sha2.js";
+import { etc as edEtc, verify as ed25519Verify } from "@noble/ed25519";
 import { getLogger } from "@naylence/runtime";
 const logger = getLogger("naylence.fame.security.cert.util");
-/**
- * Temporary TypeScript port of validate_jwk_x5c_certificate.
- *
- * NOTE: The full certificate chain validation logic from the Python runtime
- * is still being ported. This implementation performs lightweight structure
- * checks and defers deep X.509 validation until the remaining modules are
- * available.
- */
+const CACHE_LIMIT = 512;
+const OID_ED25519 = "1.3.101.112";
+const textEncoder = new TextEncoder();
+const trustCache = new Map();
+export function publicKeyFromX5c(x5c, options = {}) {
+    if (!Array.isArray(x5c) || x5c.length === 0) {
+        throw new Error("Empty certificate chain");
+    }
+    const callId = generateCallId();
+    const enforceNameConstraints = options.enforceNameConstraints ?? true;
+    const trustStorePem = normalizeTrustStoreOption(options.trustStorePem ?? null);
+    const returnCertificate = options.returnCertificate ?? false;
+    const { parsed, chainBytes } = parseCertificateChain(x5c);
+    logger.debug("public_key_from_x5c_called", {
+        call_id: callId,
+        x5c_count: parsed.length,
+        enforce_name_constraints: enforceNameConstraints,
+        has_trust_store: Boolean(trustStorePem),
+        return_cert: returnCertificate,
+    });
+    let cacheKey = null;
+    if (!returnCertificate) {
+        cacheKey = buildCacheKey(chainBytes, trustStorePem, enforceNameConstraints);
+        const cached = getCachedPublicKey(cacheKey);
+        if (cached) {
+            logger.debug("certificate_cache_hit", {
+                call_id: callId,
+                cache_key: cacheKey,
+            });
+            return cached;
+        }
+        logger.debug("certificate_cache_miss", {
+            call_id: callId,
+            cache_key: cacheKey,
+        });
+    }
+    const validation = validateCertificateChain(parsed, enforceNameConstraints, trustStorePem);
+    if (cacheKey) {
+        setCachedPublicKey(cacheKey, validation.publicKey, validation.notAfter);
+    }
+    if (returnCertificate) {
+        return {
+            publicKey: validation.publicKey.slice(),
+            certificate: validation.certificate,
+        };
+    }
+    return validation.publicKey.slice();
+}
 export function validateJwkX5cCertificate(options) {
     const { jwk, trustStorePem = null, enforceNameConstraints = true, strict = true, } = options;
     if (!jwk || typeof jwk !== "object") {
@@ -32,85 +75,442 @@ export function validateJwkX5cCertificate(options) {
         }
         return { isValid: false, error };
     }
-    // Until full validation is available we only log that certificate validation
-    // was requested. This preserves the call sites and allows adding the full
-    // chain validation later without changing behaviour.
-    logger.debug("validate_jwk_x5c_certificate_placeholder", {
-        enforce_name_constraints: enforceNameConstraints,
-        has_trust_store: Boolean(trustStorePem),
-        chain_length: x5c.length,
+    try {
+        publicKeyFromX5c(x5c, {
+            trustStorePem,
+            enforceNameConstraints,
+        });
+        return { isValid: true };
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error ?? "unknown");
+        const normalized = `Certificate validation failed: ${message}`;
+        if (strict) {
+            throw new Error(normalized);
+        }
+        return { isValid: false, error: normalized };
+    }
+}
+function validateCertificateChain(parsed, enforceNameConstraints, trustStorePem) {
+    const leaf = parsed[0];
+    const nowMs = Date.now();
+    const notBefore = leaf.certificate.tbsCertificate.validity.notBefore.getTime();
+    const notAfter = leaf.certificate.tbsCertificate.validity.notAfter.getTime();
+    const notBeforeMs = notBefore.getTime();
+    const notAfterMs = notAfter.getTime();
+    if (nowMs < notBeforeMs || nowMs > notAfterMs) {
+        throw new Error(`Certificate is not currently valid (notBefore: ${notBefore.toISOString()}, notAfter: ${notAfter.toISOString()}, now: ${new Date(nowMs).toISOString()})`);
+    }
+    const issuers = parsed.slice(1);
+    if (enforceNameConstraints && issuers.length > 0) {
+        const leafUris = extractUrisFromCert(leaf.certificate);
+        validateNameConstraints(issuers, leafUris);
+    }
+    if (trustStorePem) {
+        validateTrustAnchor(parsed, trustStorePem);
+    }
+    validateChainContinuity(parsed);
+    const publicKey = leaf.subjectPublicKey.slice();
+    return {
+        publicKey,
+        certificate: leaf.certificate,
+        notAfter,
+    };
+}
+function parseCertificateChain(x5c) {
+    const parsed = [];
+    const derChunks = [];
+    for (let index = 0; index < x5c.length; index += 1) {
+        const entry = x5c[index];
+        if (typeof entry !== "string" || entry.trim().length === 0) {
+            throw new Error(`Invalid certificate at index ${index}`);
+        }
+        let der;
+        try {
+            der = decodeBase64(entry);
+        }
+        catch (error) {
+            const reason = error instanceof Error ? error.message : String(error);
+            throw new Error(`Failed to decode certificate at index ${index}: ${reason}`);
+        }
+        let certificate;
+        try {
+            certificate = AsnConvert.parse(der, Certificate);
+        }
+        catch (error) {
+            const reason = error instanceof Error ? error.message : String(error);
+            throw new Error(`Failed to parse certificate at index ${index}: ${reason}`);
+        }
+        parsed.push(createParsedCertificate(certificate, der));
+        derChunks.push(der);
+    }
+    return { parsed, chainBytes: concatBytes(derChunks) };
+}
+function createParsedCertificate(certificate, raw) {
+    return {
+        raw,
+        certificate,
+        serialNumber: toHex(new Uint8Array(certificate.tbsCertificate.serialNumber)).toUpperCase(),
+        subjectName: serializeName(certificate.tbsCertificate.subject),
+        issuerName: serializeName(certificate.tbsCertificate.issuer),
+        subjectPublicKey: new Uint8Array(certificate.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey).slice(),
+    };
+}
+function extractUrisFromCert(cert) {
+    const extension = findExtension(cert, id_ce_subjectAltName);
+    if (!extension) {
+        return [];
+    }
+    const subjectAlternativeName = AsnConvert.parse(extension.extnValue.buffer, SubjectAlternativeName);
+    const uris = [];
+    for (const generalName of subjectAlternativeName) {
+        if (generalName.uniformResourceIdentifier) {
+            uris.push(generalName.uniformResourceIdentifier);
+        }
+    }
+    return uris;
+}
+function validateNameConstraints(issuers, leafUris) {
+    for (const issuer of issuers) {
+        const extension = findExtension(issuer.certificate, id_ce_nameConstraints);
+        if (!extension) {
+            continue;
+        }
+        const constraints = AsnConvert.parse(extension.extnValue.buffer, NameConstraints);
+        if (!constraints.permittedSubtrees) {
+            continue;
+        }
+        const permittedUris = collectPermittedUris(Array.from(constraints.permittedSubtrees));
+        if (permittedUris.length === 0) {
+            continue;
+        }
+        for (const uri of leafUris) {
+            const allowed = permittedUris.some((prefix) => uri.startsWith(prefix));
+            if (!allowed) {
+                throw new Error(`URI '${uri}' violates name constraints - not in permitted subtrees: ${permittedUris.join(", ")}`);
+            }
+        }
+    }
+}
+function collectPermittedUris(subtrees) {
+    const uris = [];
+    for (const subtree of subtrees) {
+        if (subtree.base.uniformResourceIdentifier &&
+            subtree.base.uniformResourceIdentifier.length > 0) {
+            uris.push(subtree.base.uniformResourceIdentifier);
+        }
+    }
+    return uris;
+}
+function validateTrustAnchor(chain, trustStorePem) {
+    const trustedCerts = parseTrustStore(trustStorePem);
+    if (trustedCerts.length === 0) {
+        throw new Error("No valid certificates found in trust store");
+    }
+    logger.debug("trust_anchor_validation_start", {
+        chain_length: chain.length,
+        trust_store_cert_count: trustedCerts.length,
     });
-    return { isValid: true };
-}
-/**
- * Extract public key from X.509 certificate chain.
- *
- * Parses the leaf certificate from an x5c array and extracts the raw public key bytes.
- * For Ed25519 certificates, this returns the 32-byte public key.
- *
- * @param x5c - Array of base64-encoded DER certificates (leaf first)
- * @param options - Validation options
- * @returns The raw public key bytes from the leaf certificate
- * @throws Error if certificate parsing or validation fails
- */
-export function publicKeyFromX5c(x5c, options = {}) {
-    if (!x5c || x5c.length === 0) {
-        throw new Error("Empty certificate chain");
+    const chainInfo = chain.map((cert, index) => `[${index}] ${cert.subjectName} (Serial: ${cert.serialNumber})`);
+    const trustedInfo = trustedCerts.map((cert, index) => `[${index}] ${cert.subjectName} (Serial: ${cert.serialNumber})`);
+    logger.debug("certificate_chain_validation", {
+        chain_certificates: chainInfo,
+        trust_store_certificates: trustedInfo,
+    });
+    // Strategy 1: direct trust (exact certificate match)
+    for (let i = 0; i < chain.length; i += 1) {
+        const cert = chain[i];
+        const match = trustedCerts.find((trusted) => trusted.serialNumber === cert.serialNumber &&
+            namesEqual(trusted.certificate.tbsCertificate.subject, cert.certificate.tbsCertificate.subject));
+        if (match) {
+            logger.debug("certificate_chain_trust_validation_passed", {
+                matching_serial: match.serialNumber,
+                validation_strategy: `direct_trust_cert_${i}`,
+            });
+            return;
+        }
     }
-    // Decode leaf certificate
-    const certB64 = x5c[0];
-    if (typeof certB64 !== "string") {
-        throw new Error("Invalid certificate in x5c array - must be base64 string");
+    const leaf = chain[0];
+    // Strategy 2: leaf issuer in trust store
+    for (const trusted of trustedCerts) {
+        if (namesEqual(trusted.certificate.tbsCertificate.subject, leaf.certificate.tbsCertificate.issuer) &&
+            trusted.serialNumber !== leaf.serialNumber) {
+            verifyCertificateSignature(leaf.certificate, trusted.certificate);
+            logger.debug("certificate_chain_trust_validation_passed", {
+                matching_serial: trusted.serialNumber,
+                validation_strategy: "leaf_issuer_trust",
+            });
+            return;
+        }
     }
-    let derBytes;
-    try {
-        derBytes = Buffer.from(certB64, "base64");
+    // Strategy 3: any intermediate issuer in trust store
+    for (let index = 1; index < chain.length; index += 1) {
+        const intermediate = chain[index];
+        for (const trusted of trustedCerts) {
+            if (namesEqual(trusted.certificate.tbsCertificate.subject, intermediate.certificate.tbsCertificate.issuer) &&
+                trusted.serialNumber !== intermediate.serialNumber) {
+                verifyCertificateSignature(intermediate.certificate, trusted.certificate);
+                logger.debug("certificate_chain_trust_validation_passed", {
+                    matching_serial: trusted.serialNumber,
+                    validation_strategy: `intermediate_issuer_trust_cert_${index}`,
+                });
+                return;
+            }
+        }
     }
-    catch (error) {
-        throw new Error(`Failed to decode base64 certificate: ${error instanceof Error ? error.message : String(error)}`);
+    logger.warning("certificate_chain_trust_validation_failed", {
+        leaf_subject: leaf.subjectName,
+        leaf_issuer: leaf.issuerName,
+        leaf_serial: leaf.serialNumber,
+        trusted_certificates: trustedInfo,
+        chain_certificates: chainInfo,
+        reason: "no_matching_trust_anchor",
+    });
+    throw new Error("Certificate chain is not rooted in a trusted anchor");
+}
+function parseTrustStore(trustStorePem) {
+    const normalized = normalizePem(trustStorePem);
+    const blocks = extractPemBlocks(normalized);
+    const parsed = [];
+    for (const block of blocks) {
+        try {
+            const der = decodeBase64(block);
+            const certificate = AsnConvert.parse(der, Certificate);
+            parsed.push(createParsedCertificate(certificate, der));
+        }
+        catch (error) {
+            const reason = error instanceof Error ? error.message : String(error);
+            logger.debug("trust_store_certificate_parse_failed", { reason });
+        }
     }
-    // Parse DER-encoded certificate
-    let cert;
-    try {
-        cert = AsnConvert.parse(derBytes, Certificate);
+    return parsed;
+}
+function extractPemBlocks(pem) {
+    const blocks = [];
+    const regex = /-----BEGIN CERTIFICATE-----([\s\S]*?)-----END CERTIFICATE-----/gu;
+    let match;
+    // eslint-disable-next-line no-cond-assign
+    while ((match = regex.exec(pem)) !== null) {
+        const body = match[1] ?? "";
+        blocks.push(body.replace(/\s+/gu, ""));
     }
-    catch (error) {
-        throw new Error(`Failed to parse X.509 certificate: ${error instanceof Error ? error.message : String(error)}`);
-    }
-    // Basic temporal validity check
-    const now = Date.now(); // milliseconds since epoch
-    const notBefore = cert.tbsCertificate.validity.notBefore;
-    const notAfter = cert.tbsCertificate.validity.notAfter;
-    // Time from ASN.1 has getTime() method returning Date object
-    const notBeforeDate = notBefore.getTime();
-    const notAfterDate = notAfter.getTime();
-    const notBeforeMs = notBeforeDate instanceof Date
-        ? notBeforeDate.getTime()
-        : Number(notBeforeDate);
-    const notAfterMs = notAfterDate instanceof Date
-        ? notAfterDate.getTime()
-        : Number(notAfterDate);
-    if (now < notBeforeMs || now > notAfterMs) {
-        throw new Error(`Certificate is not currently valid (notBefore: ${new Date(notBeforeMs).toISOString()}, notAfter: ${new Date(notAfterMs).toISOString()}, now: ${new Date(now).toISOString()})`);
-    }
-    // TODO: Implement name constraints validation when enforceNameConstraints is true
-    if (options.enforceNameConstraints) {
-        logger.debug("name_constraints_validation_not_implemented", {
-            enforcement_requested: true,
-        });
+    return blocks;
+}
+function validateChainContinuity(chain) {
+    if (chain.length <= 1) {
+        return;
     }
-    // TODO: Implement trust store validation when trustStorePem is provided
-    if (options.trustStorePem) {
-        logger.debug("trust_store_validation_not_implemented", {
-            has_trust_store: true,
-        });
+    logger.debug("validating_chain_continuity", { chain_length: chain.length });
+    for (let index = 0; index < chain.length - 1; index += 1) {
+        const cert = chain[index];
+        const issuer = chain[index + 1];
+        if (!namesEqual(cert.certificate.tbsCertificate.issuer, issuer.certificate.tbsCertificate.subject)) {
+            logger.warning("certificate_chain_continuity_failed", {
+                cert_index: index,
+                cert_subject: cert.subjectName,
+                cert_issuer: cert.issuerName,
+                expected_issuer_subject: issuer.subjectName,
+                reason: "issuer_name_mismatch",
+            });
+            throw new Error(`Certificate chain continuity broken: certificate at index ${index} issuer does not match next certificate subject`);
+        }
+        try {
+            verifyCertificateSignature(cert.certificate, issuer.certificate);
+            logger.debug("chain_continuity_verification_success", {
+                cert_index: index,
+                cert_serial: cert.serialNumber,
+                issuer_serial: issuer.serialNumber,
+            });
+        }
+        catch (error) {
+            const reason = error instanceof Error ? error.message : String(error);
+            logger.warning("certificate_chain_continuity_failed", {
+                cert_index: index,
+                cert_subject: cert.subjectName,
+                issuer_subject: issuer.subjectName,
+                cert_serial: cert.serialNumber,
+                issuer_serial: issuer.serialNumber,
+                error: reason,
+                reason: "signature_verification_failed",
+            });
+            throw new Error(`Certificate chain continuity broken: certificate at index ${index} was not signed by certificate at index ${index + 1}: ${reason}`);
+        }
+    }
+    logger.debug("chain_continuity_validation_passed", {
+        chain_length: chain.length,
+    });
+}
+function verifyCertificateSignature(certificate, issuer) {
+    ensureEd25519Support();
+    const signatureAlgorithm = certificate.signatureAlgorithm.algorithm;
+    const issuerAlgorithm = issuer.tbsCertificate.subjectPublicKeyInfo.algorithm.algorithm;
+    if (signatureAlgorithm !== OID_ED25519 || issuerAlgorithm !== OID_ED25519) {
+        throw new Error(`Unsupported signature algorithm (certificate: ${signatureAlgorithm}, issuer: ${issuerAlgorithm})`);
+    }
+    const signatureBytes = new Uint8Array(certificate.signatureValue);
+    const tbsBytes = new Uint8Array(AsnConvert.serialize(certificate.tbsCertificate));
+    const issuerKey = new Uint8Array(issuer.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey);
+    if (issuerKey.length !== 32) {
+        throw new Error("Issuer Ed25519 public key must be 32 bytes");
+    }
+    const valid = ed25519Verify(signatureBytes, tbsBytes, issuerKey);
+    if (!valid) {
+        throw new Error("Certificate signature verification failed");
+    }
+}
+function ensureEd25519Support() {
+    const etcPatch = edEtc;
+    if (!etcPatch.sha512) {
+        etcPatch.sha512 = (message) => sha512(message);
+    }
+    if (!etcPatch.sha512Sync) {
+        etcPatch.sha512Sync = (...messages) => {
+            if (messages.length === 1) {
+                return sha512(messages[0]);
+            }
+            const combined = edEtc.concatBytes(...messages);
+            return sha512(combined);
+        };
+    }
+}
+function findExtension(certificate, oid) {
+    const extensions = certificate.tbsCertificate.extensions;
+    if (!extensions) {
+        return null;
+    }
+    for (const extension of extensions) {
+        if (extension.extnID === oid) {
+            return extension;
+        }
+    }
+    return null;
+}
+function namesEqual(a, b) {
+    const left = new Uint8Array(AsnConvert.serialize(a));
+    const right = new Uint8Array(AsnConvert.serialize(b));
+    if (left.length !== right.length) {
+        return false;
     }
-    // Extract public key from leaf certificate
-    const publicKeyInfo = cert.tbsCertificate.subjectPublicKeyInfo;
-    // For Ed25519, the subjectPublicKey is a BIT STRING containing the raw 32-byte public key
-    // The BIT STRING is stored as an ArrayBuffer
-    const publicKeyBitString = publicKeyInfo.subjectPublicKey;
-    // Convert ArrayBuffer to Uint8Array
-    return new Uint8Array(publicKeyBitString);
+    for (let i = 0; i < left.length; i += 1) {
+        if (left[i] !== right[i]) {
+            return false;
+        }
+    }
+    return true;
+}
+function serializeName(name) {
+    const rdns = Array.from(name);
+    return rdns
+        .map((rdn) => Array.from(rdn)
+        .map((attr) => `${oidToLabel(attr.type)}=${attr.value.toString()}`)
+        .join("+"))
+        .join(",");
+}
+function oidToLabel(oid) {
+    switch (oid) {
+        case "2.5.4.3":
+            return "CN";
+        case "2.5.4.6":
+            return "C";
+        case "2.5.4.7":
+            return "L";
+        case "2.5.4.8":
+            return "ST";
+        case "2.5.4.10":
+            return "O";
+        case "2.5.4.11":
+            return "OU";
+        default:
+            return oid;
+    }
+}
+function concatBytes(chunks) {
+    const totalLength = chunks.reduce((sum, chunk) => sum + chunk.length, 0);
+    const result = new Uint8Array(totalLength);
+    let offset = 0;
+    for (const chunk of chunks) {
+        result.set(chunk, offset);
+        offset += chunk.length;
+    }
+    return result;
+}
+function decodeBase64(input) {
+    if (typeof Buffer !== "undefined") {
+        const normalized = input.replace(/\s+/gu, "");
+        return new Uint8Array(Buffer.from(normalized, "base64"));
+    }
+    if (typeof atob === "function") {
+        const normalized = input.replace(/\s+/gu, "");
+        const binary = atob(normalized);
+        const bytes = new Uint8Array(binary.length);
+        for (let i = 0; i < binary.length; i += 1) {
+            bytes[i] = binary.charCodeAt(i);
+        }
+        return bytes;
+    }
+    throw new Error("No base64 decoder available in this environment");
+}
+function toHex(data) {
+    return Array.from(data)
+        .map((byte) => byte.toString(16).padStart(2, "0"))
+        .join("");
+}
+function buildCacheKey(chainBytes, trustStorePem, enforceNameConstraints) {
+    const chainHash = toHex(sha256(chainBytes));
+    const trustHash = trustStorePem
+        ? toHex(sha256(textEncoder.encode(trustStorePem)))
+        : "no-trust";
+    const constraintFlag = enforceNameConstraints ? "nc1" : "nc0";
+    return `${chainHash}|${trustHash}|${constraintFlag}`;
+}
+function getCachedPublicKey(cacheKey) {
+    const entry = trustCache.get(cacheKey);
+    if (!entry) {
+        return null;
+    }
+    if (Date.now() > entry.expiresAt) {
+        trustCache.delete(cacheKey);
+        logger.debug("certificate_cache_expired", { cache_key: cacheKey });
+        return null;
+    }
+    return entry.value.slice();
+}
+function setCachedPublicKey(cacheKey, value, notAfter) {
+    while (trustCache.size >= CACHE_LIMIT) {
+        const firstKey = trustCache.keys().next().value;
+        if (firstKey === undefined) {
+            break;
+        }
+        trustCache.delete(firstKey);
+        logger.debug("certificate_cache_evicted", { cache_key: firstKey });
+    }
+    trustCache.set(cacheKey, {
+        value: value.slice(),
+        expiresAt: notAfter.getTime(),
+    });
+    logger.debug("certificate_cache_stored", {
+        cache_key: cacheKey,
+        expires_at: notAfter.toISOString(),
+        cache_size: trustCache.size,
+    });
+}
+function normalizeTrustStoreOption(value) {
+    if (!value) {
+        return null;
+    }
+    const trimmed = value.trim();
+    if (trimmed.length === 0) {
+        return null;
+    }
+    if (!trimmed.includes("-----BEGIN CERTIFICATE-----")) {
+        throw new Error("trustStorePem must contain PEM-encoded certificates when provided");
+    }
+    return normalizePem(trimmed);
+}
+function normalizePem(pem) {
+    return pem.replace(/\r/gu, "").trim();
+}
+function generateCallId() {
+    return Math.random().toString(36).slice(2, 10);
 }
 //# sourceMappingURL=util.js.map

package/dist/esm/naylence/fame/security/cert/util.js.map

@@ -1 +1 @@
-{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9C,MAAM,MAAM,GAAG,SAAS,CAAC,kCAAkC,CAAC,CAAC;AAc7D;;;;;;;GAOG;AACH,MAAM,UAAU,yBAAyB,CACvC,OAAyC;IAEzC,MAAM,EACJ,GAAG,EACH,aAAa,GAAG,IAAI,EACpB,sBAAsB,GAAG,IAAI,EAC7B,MAAM,GAAG,IAAI,GACd,GAAG,OAAO,CAAC;IAEZ,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,oBAAoB,CAAC;QACnC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,GAAG,GAAI,GAAyB,CAAC,GAAG,CAAC;IAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,IACE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QACnB,GAAG,CAAC,MAAM,KAAK,CAAC;QAChB,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,EAC9C,CAAC;QACD,MAAM,KAAK,GAAG,0BAA0B,CAAC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACnC,CAAC;IAED,6EAA6E;IAC7E,0EAA0E;IAC1E,qDAAqD;IACrD,MAAM,CAAC,KAAK,CAAC,0CAA0C,EAAE;QACvD,wBAAwB,EAAE,sBAAsB;QAChD,eAAe,EAAE,OAAO,CAAC,aAAa,CAAC;QACvC,YAAY,EAAE,GAAG,CAAC,MAAM;KACzB,CAAC,CAAC;IAEH,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,gBAAgB,CAC9B,GAAa,EACb,UAGI,EAAE;IAEN,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,0BAA0B;IAC1B,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;IAC9E,CAAC;IAED,IAAI,QAAgB,CAAC;IACrB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC5C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,wCAAwC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACjG,CAAC;IACJ,CAAC;IAED,gCAAgC;IAChC,IAAI,IAAiB,CAAC;IACtB,IAAI,CAAC;QACH,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,sCAAsC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAC/F,CAAC;IACJ,CAAC;IAED,gCAAgC;IAChC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,2BAA2B;IACnD,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,SAAS,CAAC;IACzD,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC;IAEvD,6DAA6D;IAC7D,MAAM,aAAa,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC;IAC1C,MAAM,YAAY,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IACxC,MAAM,WAAW,GACf,aAAa,YAAY,IAAI;QAC3B,CAAC,CAAC,aAAa,CAAC,OAAO,EAAE;QACzB,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAC5B,MAAM,UAAU,GACd,YAAY,YAAY,IAAI;QAC1B,CAAC,CAAC,YAAY,CAAC,OAAO,EAAE;QACxB,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAE3B,IAAI,GAAG,GAAG,WAAW,IAAI,GAAG,GAAG,UAAU,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CACb,kDAAkD,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,eAAe,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,GAAG,CAC/K,CAAC;IACJ,CAAC;IAED,kFAAkF;IAClF,IAAI,OAAO,CAAC,sBAAsB,EAAE,CAAC;QACnC,MAAM,CAAC,KAAK,CAAC,6CAA6C,EAAE;YAC1D,qBAAqB,EAAE,IAAI;SAC5B,CAAC,CAAC;IACL,CAAC;IAED,wEAAwE;IACxE,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QAC1B,MAAM,CAAC,KAAK,CAAC,wCAAwC,EAAE;YACrD,eAAe,EAAE,IAAI;SACtB,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,aAAa,GAAG,IAAI,CAAC,cAAc,CAAC,oBAAoB,CAAC;IAE/D,0FAA0F;IAC1F,6CAA6C;IAC7C,MAAM,kBAAkB,GAAG,aAAa,CAAC,gBAAgB,CAAC;IAE1D,oCAAoC;IACpC,OAAO,IAAI,UAAU,CAAC,kBAAkB,CAAC,CAAC;AAC5C,CAAC"}
+{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EACL,WAAW,EAGX,eAAe,EACf,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,GAErB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,GAAG,IAAI,KAAK,EAAE,MAAM,IAAI,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACvE,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9C,MAAM,MAAM,GAAG,SAAS,CAAC,kCAAkC,CAAC,CAAC;AAE7D,MAAM,WAAW,GAAG,GAAG,CAAC;AACxB,MAAM,WAAW,GAAG,aAAa,CAAC;AAClC,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;AAgBtC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAsB,CAAC;AA4BjD,MAAM,UAAU,gBAAgB,CAC9B,GAAa,EACb,UAAmC,EAAE;IAErC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAChC,MAAM,sBAAsB,GAAG,OAAO,CAAC,sBAAsB,IAAI,IAAI,CAAC;IACtE,MAAM,aAAa,GAAG,yBAAyB,CAC7C,OAAO,CAAC,aAAa,IAAI,IAAI,CAC9B,CAAC;IACF,MAAM,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,IAAI,KAAK,CAAC;IAE7D,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;IAE1D,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE;QACzC,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,MAAM,CAAC,MAAM;QACxB,wBAAwB,EAAE,sBAAsB;QAChD,eAAe,EAAE,OAAO,CAAC,aAAa,CAAC;QACvC,WAAW,EAAE,iBAAiB;KAC/B,CAAC,CAAC;IAEH,IAAI,QAAQ,GAAkB,IAAI,CAAC;IACnC,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,QAAQ,GAAG,aAAa,CAAC,UAAU,EAAE,aAAa,EAAE,sBAAsB,CAAC,CAAC;QAC5E,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QAC5C,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE;gBACpC,OAAO,EAAE,MAAM;gBACf,SAAS,EAAE,QAAQ;aACpB,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE;YACrC,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,UAAU,GAAG,wBAAwB,CACzC,MAAM,EACN,sBAAsB,EACtB,aAAa,CACd,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,kBAAkB,CAAC,QAAQ,EAAE,UAAU,CAAC,SAAS,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC1E,CAAC;IAED,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO;YACL,SAAS,EAAE,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE;YACvC,WAAW,EAAE,UAAU,CAAC,WAAW;SACpC,CAAC;IACJ,CAAC;IAED,OAAO,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,OAAyC;IAEzC,MAAM,EACJ,GAAG,EACH,aAAa,GAAG,IAAI,EACpB,sBAAsB,GAAG,IAAI,EAC7B,MAAM,GAAG,IAAI,GACd,GAAG,OAAO,CAAC;IAEZ,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,oBAAoB,CAAC;QACnC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,GAAG,GAAI,GAAyB,CAAC,GAAG,CAAC;IAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,IACE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QACnB,GAAG,CAAC,MAAM,KAAK,CAAC;QAChB,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,EAC9C,CAAC;QACD,MAAM,KAAK,GAAG,0BAA0B,CAAC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACnC,CAAC;IAED,IAAI,CAAC;QACH,gBAAgB,CAAC,GAAe,EAAE;YAChC,aAAa;YACb,sBAAsB;SACvB,CAAC,CAAC;QACH,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GACX,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,SAAS,CAAC,CAAC;QACtE,MAAM,UAAU,GAAG,kCAAkC,OAAO,EAAE,CAAC;QAC/D,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC;QAC9B,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;IAC/C,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB,CAC/B,MAA2B,EAC3B,sBAA+B,EAC/B,aAA4B;IAM5B,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAE,CAAC;IACxB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,MAAM,SAAS,GACb,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;IAC7E,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC;IACxC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IAEtC,IAAI,KAAK,GAAG,WAAW,IAAI,KAAK,GAAG,UAAU,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CACb,kDAAkD,SAAS,CAAC,WAAW,EAAE,eAAe,QAAQ,CAAC,WAAW,EAAE,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,GAAG,CACzJ,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,sBAAsB,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjD,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACvD,uBAAuB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,aAAa,EAAE,CAAC;QAClB,mBAAmB,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IAC7C,CAAC;IAED,uBAAuB,CAAC,MAAM,CAAC,CAAC;IAEhC,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;IAChD,OAAO;QACL,SAAS;QACT,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAS,qBAAqB,CAAC,GAAa;IAI1C,MAAM,MAAM,GAAwB,EAAE,CAAC;IACvC,MAAM,SAAS,GAAiB,EAAE,CAAC;IAEnC,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,GAAG,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACnD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;QACzB,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3D,MAAM,IAAI,KAAK,CAAC,gCAAgC,KAAK,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,GAAe,CAAC;QACpB,IAAI,CAAC;YACH,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QAC5B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,IAAI,KAAK,CACb,yCAAyC,KAAK,KAAK,MAAM,EAAE,CAC5D,CAAC;QACJ,CAAC;QAED,IAAI,WAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,WAAW,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QACnD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,IAAI,KAAK,CACb,wCAAwC,KAAK,KAAK,MAAM,EAAE,CAC3D,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;QACvD,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACtB,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC;AACxD,CAAC;AAED,SAAS,uBAAuB,CAC9B,WAAwB,EACxB,GAAe;IAEf,OAAO;QACL,GAAG;QACH,WAAW;QACX,YAAY,EAAE,KAAK,CACjB,IAAI,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC,YAAY,CAAC,CACxD,CAAC,WAAW,EAAE;QACf,WAAW,EAAE,aAAa,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,CAAC;QAC9D,UAAU,EAAE,aAAa,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,CAAC;QAC5D,gBAAgB,EAAE,IAAI,UAAU,CAC9B,WAAW,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CACjE,CAAC,KAAK,EAAE;KACV,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAAC,IAAiB;IAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IAC5D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,sBAAsB,GAAG,UAAU,CAAC,KAAK,CAC7C,SAAS,CAAC,SAAS,CAAC,MAAM,EAC1B,sBAAsB,CACvB,CAAC;IAEF,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,WAAW,IAAI,sBAAsB,EAAE,CAAC;QACjD,IAAI,WAAW,CAAC,yBAAyB,EAAE,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,yBAAyB,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,uBAAuB,CAC9B,OAA4B,EAC5B,QAAkB;IAElB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,WAAW,EAAE,qBAAqB,CAAC,CAAC;QAC3E,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,SAAS;QACX,CAAC;QAED,MAAM,WAAW,GAAG,UAAU,CAAC,KAAK,CAClC,SAAS,CAAC,SAAS,CAAC,MAAM,EAC1B,eAAe,CAChB,CAAC;QACF,IAAI,CAAC,WAAW,CAAC,iBAAiB,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QAED,MAAM,aAAa,GAAG,oBAAoB,CACxC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAC1C,CAAC;QACF,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;YACvE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CACb,QAAQ,GAAG,4DAA4D,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAClG,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAkC;IAC9D,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IACE,OAAO,CAAC,IAAI,CAAC,yBAAyB;YACtC,OAAO,CAAC,IAAI,CAAC,yBAAyB,CAAC,MAAM,GAAG,CAAC,EACjD,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,CAC1B,KAA0B,EAC1B,aAAqB;IAErB,MAAM,YAAY,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;IACpD,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE;QAC5C,YAAY,EAAE,KAAK,CAAC,MAAM;QAC1B,sBAAsB,EAAE,YAAY,CAAC,MAAM;KAC5C,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CACzB,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CACd,IAAI,KAAK,KAAK,IAAI,CAAC,WAAW,aAAa,IAAI,CAAC,YAAY,GAAG,CAClE,CAAC;IACF,MAAM,WAAW,GAAG,YAAY,CAAC,GAAG,CAClC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CACd,IAAI,KAAK,KAAK,IAAI,CAAC,WAAW,aAAa,IAAI,CAAC,YAAY,GAAG,CAClE,CAAC;IAEF,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE;QAC3C,kBAAkB,EAAE,SAAS;QAC7B,wBAAwB,EAAE,WAAW;KACtC,CAAC,CAAC;IAEH,qDAAqD;IACrD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAC7B,CAAC,OAAO,EAAE,EAAE,CACV,OAAO,CAAC,YAAY,KAAK,IAAI,CAAC,YAAY;YAC1C,UAAU,CACR,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,EAC1C,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,CACxC,CACJ,CAAC;QACF,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;gBACxD,eAAe,EAAE,KAAK,CAAC,YAAY;gBACnC,mBAAmB,EAAE,qBAAqB,CAAC,EAAE;aAC9C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;IACH,CAAC;IAED,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;IAEvB,yCAAyC;IACzC,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,IACE,UAAU,CACR,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,EAC1C,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,CACvC;YACD,OAAO,CAAC,YAAY,KAAK,IAAI,CAAC,YAAY,EAC1C,CAAC;YACD,0BAA0B,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;YAClE,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;gBACxD,eAAe,EAAE,OAAO,CAAC,YAAY;gBACrC,mBAAmB,EAAE,mBAAmB;aACzC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;IACH,CAAC;IAED,qDAAqD;IACrD,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACrD,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAE,CAAC;QACnC,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;YACnC,IACE,UAAU,CACR,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,EAC1C,YAAY,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,CAC/C;gBACD,OAAO,CAAC,YAAY,KAAK,YAAY,CAAC,YAAY,EAClD,CAAC;gBACD,0BAA0B,CACxB,YAAY,CAAC,WAAW,EACxB,OAAO,CAAC,WAAW,CACpB,CAAC;gBACF,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;oBACxD,eAAe,EAAE,OAAO,CAAC,YAAY;oBACrC,mBAAmB,EAAE,kCAAkC,KAAK,EAAE;iBAC/D,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,CAAC,OAAO,CAAC,2CAA2C,EAAE;QAC1D,YAAY,EAAE,IAAI,CAAC,WAAW;QAC9B,WAAW,EAAE,IAAI,CAAC,UAAU;QAC5B,WAAW,EAAE,IAAI,CAAC,YAAY;QAC9B,oBAAoB,EAAE,WAAW;QACjC,kBAAkB,EAAE,SAAS;QAC7B,MAAM,EAAE,0BAA0B;KACnC,CAAC,CAAC;IAEH,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,eAAe,CAAC,aAAqB;IAC5C,MAAM,UAAU,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC5C,MAAM,MAAM,GAAwB,EAAE,CAAC;IAEvC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;YAChC,MAAM,WAAW,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;YACvD,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;QACzD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,CAAC,KAAK,CAAC,sCAAsC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,KAAK,GACT,kEAAkE,CAAC;IACrE,IAAI,KAA6B,CAAC;IAElC,0CAA0C;IAC1C,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC1C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,uBAAuB,CAAC,KAA0B;IACzD,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACtB,OAAO;IACT,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IAE5E,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACzD,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,GAAG,CAAC,CAAE,CAAC;QAEjC,IACE,CAAC,UAAU,CACT,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,EACtC,MAAM,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,CAC1C,EACD,CAAC;YACD,MAAM,CAAC,OAAO,CAAC,qCAAqC,EAAE;gBACpD,UAAU,EAAE,KAAK;gBACjB,YAAY,EAAE,IAAI,CAAC,WAAW;gBAC9B,WAAW,EAAE,IAAI,CAAC,UAAU;gBAC5B,uBAAuB,EAAE,MAAM,CAAC,WAAW;gBAC3C,MAAM,EAAE,sBAAsB;aAC/B,CAAC,CAAC;YACH,MAAM,IAAI,KAAK,CACb,6DAA6D,KAAK,iDAAiD,CACpH,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,0BAA0B,CAAC,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;YACjE,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;gBACpD,UAAU,EAAE,KAAK;gBACjB,WAAW,EAAE,IAAI,CAAC,YAAY;gBAC9B,aAAa,EAAE,MAAM,CAAC,YAAY;aACnC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,CAAC,OAAO,CAAC,qCAAqC,EAAE;gBACpD,UAAU,EAAE,KAAK;gBACjB,YAAY,EAAE,IAAI,CAAC,WAAW;gBAC9B,cAAc,EAAE,MAAM,CAAC,WAAW;gBAClC,WAAW,EAAE,IAAI,CAAC,YAAY;gBAC9B,aAAa,EAAE,MAAM,CAAC,YAAY;gBAClC,KAAK,EAAE,MAAM;gBACb,MAAM,EAAE,+BAA+B;aACxC,CAAC,CAAC;YACH,MAAM,IAAI,KAAK,CACb,6DAA6D,KAAK,2CAA2C,KAAK,GAAG,CAAC,KAAK,MAAM,EAAE,CACpI,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;QACjD,YAAY,EAAE,KAAK,CAAC,MAAM;KAC3B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,0BAA0B,CACjC,WAAwB,EACxB,MAAmB;IAEnB,oBAAoB,EAAE,CAAC;IAEvB,MAAM,kBAAkB,GAAG,WAAW,CAAC,kBAAkB,CAAC,SAAS,CAAC;IACpE,MAAM,eAAe,GACnB,MAAM,CAAC,cAAc,CAAC,oBAAoB,CAAC,SAAS,CAAC,SAAS,CAAC;IAEjE,IAAI,kBAAkB,KAAK,WAAW,IAAI,eAAe,KAAK,WAAW,EAAE,CAAC;QAC1E,MAAM,IAAI,KAAK,CACb,iDAAiD,kBAAkB,aAAa,eAAe,GAAG,CACnG,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IAClE,MAAM,QAAQ,GAAG,IAAI,UAAU,CAC7B,UAAU,CAAC,SAAS,CAAC,WAAW,CAAC,cAAc,CAAC,CACjD,CAAC;IACF,MAAM,SAAS,GAAG,IAAI,UAAU,CAC9B,MAAM,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CAC5D,CAAC;IAEF,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,KAAK,GAAG,aAAa,CAAC,cAAc,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IACjE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB;IAC3B,MAAM,QAAQ,GAAG,KAGhB,CAAC;IAEF,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QACrB,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAmB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;QACzB,QAAQ,CAAC,UAAU,GAAG,CAAC,GAAG,QAAsB,EAAc,EAAE;YAC9D,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAE,CAAC,CAAC;YAC9B,CAAC;YACD,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC;YAChD,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1B,CAAC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CACpB,WAAwB,EACxB,GAAW;IAEX,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC,UAAU,CAAC;IACzD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,IAAI,SAAS,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,CAAO,EAAE,CAAO;IAClC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IACrD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IAEtD,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAAE,CAAC;QACjC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACxC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;YACzB,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CAAC,IAAU;IAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9B,OAAO,IAAI;SACR,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACX,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;SACZ,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE,CAAC;SAClE,IAAI,CAAC,GAAG,CAAC,CACb;SACA,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,SAAS;YACZ,OAAO,IAAI,CAAC;QACd,KAAK,SAAS;YACZ,OAAO,GAAG,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,GAAG,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,IAAI,CAAC;QACd,KAAK,UAAU;YACb,OAAO,GAAG,CAAC;QACb,KAAK,UAAU;YACb,OAAO,IAAI,CAAC;QACd;YACE,OAAO,GAAG,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,MAAoB;IACvC,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACzE,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC;IAC3C,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC;IACzB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,YAAY,CAAC,KAAa;IACjC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC9C,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;QAChC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1C,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,KAAK,CAAC,IAAgB;IAC7B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;SACpB,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACjD,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CACpB,UAAsB,EACtB,aAA4B,EAC5B,sBAA+B;IAE/B,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,aAAa;QAC7B,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;QAClD,CAAC,CAAC,UAAU,CAAC;IACf,MAAM,cAAc,GAAG,sBAAsB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;IAC9D,OAAO,GAAG,SAAS,IAAI,SAAS,IAAI,cAAc,EAAE,CAAC;AACvD,CAAC;AAED,SAAS,kBAAkB,CAAC,QAAgB;IAC1C,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACvC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;QACjC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC5B,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;QACnE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;AAC7B,CAAC;AAED,SAAS,kBAAkB,CACzB,QAAgB,EAChB,KAAiB,EACjB,QAAc;IAEd,OAAO,UAAU,CAAC,IAAI,IAAI,WAAW,EAAE,CAAC;QACtC,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QAChD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM;QACR,CAAC;QACD,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC5B,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE;QACvB,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE;QACpB,SAAS,EAAE,QAAQ,CAAC,OAAO,EAAE;KAC9B,CAAC,CAAC;IAEH,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;QACvC,SAAS,EAAE,QAAQ;QACnB,UAAU,EAAE,QAAQ,CAAC,WAAW,EAAE;QAClC,UAAU,EAAE,UAAU,CAAC,IAAI;KAC5B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,yBAAyB,CAAC,KAAoB;IACrD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,6BAA6B,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CACb,mEAAmE,CACpE,CAAC;IACJ,CAAC;IAED,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,YAAY,CAAC,GAAW;IAC/B,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,cAAc;IACrB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACjD,CAAC"}