terraconstructs 0.0.8

package/lib/aws/encryption/key.js

@@ -0,0 +1,586 @@
+"use strict";
+var _a;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Key = exports.KeyUsage = exports.KeySpec = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+// https://github.com/aws/aws-cdk/blob/2.170.0/packages/aws-cdk-lib/aws-kms/lib/key.ts
+const provider_aws_1 = require("@cdktf/provider-aws");
+const cdktf_1 = require("cdktf");
+const arn_1 = require("../arn");
+const aws_construct_1 = require("../aws-construct");
+const aws_stack_1 = require("../aws-stack");
+const alias_1 = require("./alias");
+const iam = require("../iam");
+const perms = require("./private/perms");
+class KeyBase extends aws_construct_1.AwsConstructBase {
+    get keyOutputs() {
+        return {
+            keyArn: this.keyArn,
+            keyId: this.keyId,
+        };
+    }
+    get outputs() {
+        return this.keyOutputs;
+    }
+    constructor(scope, id, props = {}) {
+        super(scope, id, props);
+        /**
+         * Collection of aliases added to the key
+         *
+         * Tracked to determine whether or not the aliasName should be added to the end of its ID
+         */
+        this.aliases = [];
+        this.node.addValidation({
+            validate: () => this.policy?.validateForResourcePolicy() ?? [],
+        });
+    }
+    /**
+     * Defines a new alias for the key.
+     */
+    addAlias(aliasName) {
+        const aliasId = this.aliases.length > 0 ? `Alias${aliasName}` : "Alias";
+        const alias = new alias_1.Alias(this, aliasId, { aliasName, targetKey: this });
+        this.aliases.push(alias);
+        return alias;
+    }
+    /**
+     * Adds a statement to the KMS key resource policy.
+     * @param statement The policy statement to add
+     * @param allowNoOp If this is set to `false` and there is no policy
+     * defined (i.e. external key), the operation will fail. Otherwise, it will
+     * no-op.
+     */
+    addToResourcePolicy(statement, allowNoOp = true) {
+        const stack = aws_stack_1.AwsStack.ofAwsConstruct(this);
+        if (!this.policy) {
+            if (allowNoOp) {
+                return { statementAdded: false };
+            }
+            throw new Error(`Unable to add statement to IAM resource policy for KMS key: ${JSON.stringify(stack.resolve(this.keyArn))}`);
+        }
+        this.policy.addStatements(statement);
+        return { statementAdded: true, policyDependable: this.policy };
+    }
+    /**
+     * Grant the indicated permissions on this key to the given principal
+     *
+     * This modifies both the principal's policy as well as the resource policy,
+     * since the default CloudFormation setup for KMS keys is that the policy
+     * must not be empty and so default grants won't work.
+     */
+    grant(grantee, ...actions) {
+        // KMS verifies whether the principals included in its key policy actually exist.
+        // This is a problem if the stack the grantee is part of depends on the key stack
+        // (as it won't exist before the key policy is attempted to be created).
+        // In that case, make the account the resource policy principal
+        const granteeStackDependsOnKeyStack = this.granteeStackDependsOnKeyStack(grantee);
+        const principal = granteeStackDependsOnKeyStack
+            ? new iam.AccountPrincipal(granteeStackDependsOnKeyStack)
+            : grantee.grantPrincipal;
+        const crossAccountAccess = this.isGranteeFromAnotherAccount(grantee);
+        const crossRegionAccess = this.isGranteeFromAnotherRegion(grantee);
+        const crossEnvironment = crossAccountAccess || crossRegionAccess;
+        const grantOptions = {
+            grantee,
+            actions,
+            resource: this,
+            resourceArns: [this.keyArn],
+            resourceSelfArns: crossEnvironment ? undefined : ["*"],
+        };
+        if (this.trustAccountIdentities && !crossEnvironment) {
+            return iam.Grant.addToPrincipalOrResource(grantOptions);
+        }
+        else {
+            return iam.Grant.addToPrincipalAndResource({
+                ...grantOptions,
+                // if the key is used in a cross-environment matter,
+                // we can't access the Key ARN (they don't have physical names),
+                // so fall back to using '*'. ToDo we need to make this better... somehow
+                resourceArns: crossEnvironment ? ["*"] : [this.keyArn],
+                resourcePolicyPrincipal: principal,
+            });
+        }
+    }
+    /**
+     * Grant decryption permissions using this key to the given principal
+     */
+    grantDecrypt(grantee) {
+        return this.grant(grantee, ...perms.DECRYPT_ACTIONS);
+    }
+    /**
+     * Grant encryption permissions using this key to the given principal
+     */
+    grantEncrypt(grantee) {
+        return this.grant(grantee, ...perms.ENCRYPT_ACTIONS);
+    }
+    /**
+     * Grant encryption and decryption permissions using this key to the given principal
+     */
+    grantEncryptDecrypt(grantee) {
+        return this.grant(grantee, ...[...perms.DECRYPT_ACTIONS, ...perms.ENCRYPT_ACTIONS]);
+    }
+    /**
+     * Grant permissions to generating MACs to the given principal
+     */
+    grantGenerateMac(grantee) {
+        return this.grant(grantee, ...perms.GENERATE_HMAC_ACTIONS);
+    }
+    /**
+     * Grant permissions to verifying MACs to the given principal
+     */
+    grantVerifyMac(grantee) {
+        return this.grant(grantee, ...perms.VERIFY_HMAC_ACTIONS);
+    }
+    /**
+     * Checks whether the grantee belongs to a stack that will be deployed
+     * after the stack containing this key.
+     *
+     * @param grantee the grantee to give permissions to
+     * @returns the account ID of the grantee stack if its stack does depend on this stack,
+     *   undefined otherwise
+     */
+    granteeStackDependsOnKeyStack(grantee) {
+        const grantPrincipal = grantee.grantPrincipal;
+        // this logic should only apply to newly created
+        // (= not imported) resources
+        if (!iam.principalIsOwnedResource(grantPrincipal)) {
+            return undefined;
+        }
+        const keyStack = aws_stack_1.AwsStack.ofAwsConstruct(this);
+        const granteeStack = aws_stack_1.AwsStack.ofAwsConstruct(grantPrincipal);
+        if (keyStack === granteeStack) {
+            return undefined;
+        }
+        // TODO: Find test case without cross stack reference cyclic dependencies...
+        return granteeStack.dependencies.includes(keyStack)
+            ? granteeStack.account
+            : undefined;
+    }
+    isGranteeFromAnotherRegion(grantee) {
+        if (!iam.principalIsOwnedResource(grantee.grantPrincipal)) {
+            return false;
+        }
+        const keyStack = aws_stack_1.AwsStack.ofAwsConstruct(this);
+        const identityStack = aws_stack_1.AwsStack.ofAwsConstruct(grantee.grantPrincipal);
+        // if two compared stacks have the same region, this should return 'false' since it's from the
+        // same region; if two stacks have different region, then compare env.region
+        return (keyStack.region !== identityStack.region &&
+            this.env.region !== identityStack.region);
+    }
+    isGranteeFromAnotherAccount(grantee) {
+        if (!iam.principalIsOwnedResource(grantee.grantPrincipal)) {
+            return false;
+        }
+        const keyStack = aws_stack_1.AwsStack.ofAwsConstruct(this);
+        const identityStack = aws_stack_1.AwsStack.ofAwsConstruct(grantee.grantPrincipal);
+        // if two compared stacks have the same account, this should return 'false' since it's from the
+        // same account; if two stacks have different account, then compare env.account
+        return (keyStack.account !== identityStack.account &&
+            this.env.account !== identityStack.account);
+    }
+}
+/**
+ * The key spec, represents the cryptographic configuration of keys.
+ */
+var KeySpec;
+(function (KeySpec) {
+    /**
+     * The default key spec.
+     *
+     * Valid usage: ENCRYPT_DECRYPT
+     */
+    KeySpec["SYMMETRIC_DEFAULT"] = "SYMMETRIC_DEFAULT";
+    /**
+     * RSA with 2048 bits of key.
+     *
+     * Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
+     */
+    KeySpec["RSA_2048"] = "RSA_2048";
+    /**
+     * RSA with 3072 bits of key.
+     *
+     * Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
+     */
+    KeySpec["RSA_3072"] = "RSA_3072";
+    /**
+     * RSA with 4096 bits of key.
+     *
+     * Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
+     */
+    KeySpec["RSA_4096"] = "RSA_4096";
+    /**
+     * NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and
+     * SHA-256 for the message digest.
+     *
+     * Valid usage: SIGN_VERIFY
+     */
+    KeySpec["ECC_NIST_P256"] = "ECC_NIST_P256";
+    /**
+     * NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and
+     * SHA-384 for the message digest.
+     *
+     * Valid usage: SIGN_VERIFY
+     */
+    KeySpec["ECC_NIST_P384"] = "ECC_NIST_P384";
+    /**
+     * NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and
+     * SHA-512 for the message digest.
+     *
+     * Valid usage: SIGN_VERIFY
+     */
+    KeySpec["ECC_NIST_P521"] = "ECC_NIST_P521";
+    /**
+     * Standards for Efficient Cryptography 2, Section 2.4.1, ECDSA signature on the Koblitz curve.
+     *
+     * Valid usage: SIGN_VERIFY
+     */
+    KeySpec["ECC_SECG_P256K1"] = "ECC_SECG_P256K1";
+    /**
+     * Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA224.
+     *
+     * Valid usage: GENERATE_VERIFY_MAC
+     */
+    KeySpec["HMAC_224"] = "HMAC_224";
+    /**
+     * Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA256.
+     *
+     * Valid usage: GENERATE_VERIFY_MAC
+     */
+    KeySpec["HMAC_256"] = "HMAC_256";
+    /**
+     * Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA384.
+     *
+     * Valid usage: GENERATE_VERIFY_MAC
+     */
+    KeySpec["HMAC_384"] = "HMAC_384";
+    /**
+     * Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA512.
+     *
+     * Valid usage: GENERATE_VERIFY_MAC
+     */
+    KeySpec["HMAC_512"] = "HMAC_512";
+    /**
+     * Elliptic curve key spec available only in China Regions.
+     *
+     * Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
+     */
+    KeySpec["SM2"] = "SM2";
+})(KeySpec || (exports.KeySpec = KeySpec = {}));
+/**
+ * The key usage, represents the cryptographic operations of keys.
+ */
+var KeyUsage;
+(function (KeyUsage) {
+    /**
+     * Encryption and decryption.
+     */
+    KeyUsage["ENCRYPT_DECRYPT"] = "ENCRYPT_DECRYPT";
+    /**
+     * Signing and verification
+     */
+    KeyUsage["SIGN_VERIFY"] = "SIGN_VERIFY";
+    /**
+     * Generating and verifying MACs
+     */
+    KeyUsage["GENERATE_VERIFY_MAC"] = "GENERATE_VERIFY_MAC";
+    /**
+     * Deriving shared secrets
+     */
+    KeyUsage["KEY_AGREEMENT"] = "KEY_AGREEMENT";
+})(KeyUsage || (exports.KeyUsage = KeyUsage = {}));
+/**
+ * Defines a KMS key.
+ *
+ * @resource aws_kms_key
+ */
+class Key extends KeyBase {
+    /**
+     * Import an externally defined KMS Key using its ARN.
+     *
+     * @param scope  the construct that will "own" the imported key.
+     * @param id     the id of the imported key in the construct tree.
+     * @param keyArn the ARN of an existing KMS key.
+     */
+    static fromKeyArn(scope, id, keyArn) {
+        class Import extends KeyBase {
+            constructor(keyId, props = {}) {
+                super(scope, id, props);
+                this.keyArn = keyArn;
+                this.policy = undefined;
+                // defaulting true: if we are importing the key the key policy is
+                // undefined and impossible to change here; this means updating identity
+                // policies is really the only option
+                this.trustAccountIdentities = true;
+                this.keyId = keyId;
+            }
+        }
+        const keyResourceName = aws_stack_1.AwsStack.ofAwsConstruct(scope).splitArn(keyArn, arn_1.ArnFormat.SLASH_RESOURCE_NAME).resourceName;
+        if (!keyResourceName) {
+            throw new Error(`KMS key ARN must be in the format 'arn:<partition>:kms:<region>:<account>:key/<keyId>', got: '${keyArn}'`);
+        }
+        return new Import(keyResourceName, {
+            environmentFromArn: keyArn,
+        });
+    }
+    /**
+     * Create a mutable `IKey` based on a low-level `KmsKey`.
+     * This method is different than `fromKeyArn()` because the `IKey`
+     * returned from this method is mutable;
+     * meaning, calling any mutating methods on it,
+     * like `IKey.addToResourcePolicy()`,
+     * will actually be reflected in the resulting template,
+     * as opposed to the object returned from `fromKeyArn()`,
+     * on which calling those methods would have no effect.
+     */
+    static fromTfKey(tfKey) {
+        // use a "weird" id that has a higher chance of being unique
+        const id = "@FromTfKey";
+        // if fromTfKey() was already called on this tfKey,
+        // return the same L2
+        // (as different L2s would conflict, because of the mutation of the keyPolicy property of the L1 below)
+        const existing = tfKey.node.tryFindChild(id);
+        if (existing) {
+            return existing;
+        }
+        let keyPolicy;
+        if (cdktf_1.Token.isUnresolved(tfKey.policyInput)) {
+            // find first PolicyDocument in the scope who's json token points to the key policy
+            keyPolicy = aws_stack_1.AwsStack.of(tfKey)
+                .node.findAll()
+                .filter((c) => c instanceof iam.PolicyDocument && c.json === tfKey.policyInput)[0];
+            if (!keyPolicy) {
+                throw new Error("Could not resolve the passed aws_kms_key policy attribute to a PolicyDocument resource json attribute. " +
+                    "This makes it impossible to create a mutable IKey from that Policy. " +
+                    "You have to use fromKeyArn instead, passing it the ARN attribute property of the low-level CfnKey");
+            }
+        }
+        else {
+            try {
+                const policyInputObj = JSON.parse(tfKey.policyInput ?? "");
+                // create new PolicyDocument from the json string
+                keyPolicy = iam.PolicyDocument.fromJson(tfKey, "Policy", policyInputObj);
+            }
+            catch {
+                // If PolicyDocument.fromJson() throws an exception.
+                // In that case, because we would have to effectively make the returned IKey immutable,
+                // throw an exception suggesting to use the other importing methods instead.
+                // We might make this parsing logic smarter later,
+                // but let's start by erroring out.
+                throw new Error("Could not parse the PolicyDocument of the passed aws_kms_key resource. " +
+                    "This makes it impossible to create a mutable IKey from that Policy. " +
+                    "You have to use fromKeyArn instead, passing it the ARN attribute property of the low-level CfnKey");
+            }
+        }
+        // re-ensure key policy points to the nested L2 PolicyDocument
+        tfKey.policy = keyPolicy.json;
+        return new (class extends KeyBase {
+            constructor() {
+                super(...arguments);
+                this.keyArn = tfKey.arn;
+                this.keyId = tfKey.id;
+                this.policy = keyPolicy;
+                this.trustAccountIdentities = false;
+            }
+        })(tfKey, id);
+    }
+    /**
+     * Import an existing Key by querying the AWS environment this stack is deployed to.
+     *
+     * This function only needs to be used to use Keys not defined in your CDKTF
+     * application. If you are looking to share a Key between stacks, you can
+     * pass the `Key` object between stacks and use it as normal. In addition,
+     * it's not necessary to use this method if an interface accepts an `IKey`.
+     * In this case, `Alias.fromAliasName()` can be used which returns an alias
+     * that extends `IKey`.
+     *
+     * Calling this method will lead to a lookup when the CLI is executed.
+     * You can therefore not use any values that will only be available at
+     * Terraform execution time (i.e., Tokens).
+     */
+    static fromLookup(scope, id, options) {
+        class Import extends KeyBase {
+            constructor(keyId) {
+                super(scope, id);
+                this.policy = undefined;
+                // defaulting true: if we are importing the key the key policy is
+                // undefined and impossible to change here; this means updating identity
+                // policies is really the only option
+                this.trustAccountIdentities = true;
+                this.dataSource = new provider_aws_1.dataAwsKmsKey.DataAwsKmsKey(this, "Resource", {
+                    keyId,
+                });
+                this.keyId = keyId;
+                this.keyArn = this.dataSource.arn;
+            }
+        }
+        if (cdktf_1.Token.isUnresolved(options.aliasName)) {
+            throw new Error("All arguments to Key.fromLookup() must be concrete (no Tokens)");
+        }
+        return new Import(options.aliasName);
+    }
+    constructor(scope, id, props = {}) {
+        super(scope, id, props);
+        const denyLists = {
+            [KeyUsage.ENCRYPT_DECRYPT]: [
+                KeySpec.ECC_NIST_P256,
+                KeySpec.ECC_NIST_P384,
+                KeySpec.ECC_NIST_P521,
+                KeySpec.ECC_SECG_P256K1,
+                KeySpec.HMAC_224,
+                KeySpec.HMAC_256,
+                KeySpec.HMAC_384,
+                KeySpec.HMAC_512,
+            ],
+            [KeyUsage.SIGN_VERIFY]: [
+                KeySpec.SYMMETRIC_DEFAULT,
+                KeySpec.HMAC_224,
+                KeySpec.HMAC_256,
+                KeySpec.HMAC_384,
+                KeySpec.HMAC_512,
+            ],
+            [KeyUsage.GENERATE_VERIFY_MAC]: [
+                KeySpec.RSA_2048,
+                KeySpec.RSA_3072,
+                KeySpec.RSA_4096,
+                KeySpec.ECC_NIST_P256,
+                KeySpec.ECC_NIST_P384,
+                KeySpec.ECC_NIST_P521,
+                KeySpec.ECC_SECG_P256K1,
+                KeySpec.SYMMETRIC_DEFAULT,
+                KeySpec.SM2,
+            ],
+            [KeyUsage.KEY_AGREEMENT]: [
+                KeySpec.SYMMETRIC_DEFAULT,
+                KeySpec.RSA_2048,
+                KeySpec.RSA_3072,
+                KeySpec.RSA_4096,
+                KeySpec.ECC_SECG_P256K1,
+                KeySpec.HMAC_224,
+                KeySpec.HMAC_256,
+                KeySpec.HMAC_384,
+                KeySpec.HMAC_512,
+            ],
+        };
+        const keySpec = props.keySpec ?? KeySpec.SYMMETRIC_DEFAULT;
+        const keyUsage = props.keyUsage ?? KeyUsage.ENCRYPT_DECRYPT;
+        if (denyLists[keyUsage].includes(keySpec)) {
+            throw new Error(`key spec '${keySpec}' is not valid with usage '${keyUsage}'`);
+        }
+        if (keySpec.startsWith("HMAC") && props.enableKeyRotation) {
+            throw new Error("key rotation cannot be enabled on HMAC keys");
+        }
+        if (keySpec !== KeySpec.SYMMETRIC_DEFAULT && props.enableKeyRotation) {
+            throw new Error("key rotation cannot be enabled on asymmetric keys");
+        }
+        this.enableKeyRotation = props.enableKeyRotation;
+        if (props.rotationPeriod) {
+            if (props.enableKeyRotation === false) {
+                throw new Error("'rotationPeriod' cannot be specified when 'enableKeyRotation' is disabled");
+            }
+            if (props.rotationPeriod.toDays() < 90 ||
+                props.rotationPeriod.toDays() > 2560) {
+                throw new Error(`'rotationPeriod' value must between 90 and 2650 days. Received: ${props.rotationPeriod.toDays()}`);
+            }
+            // If rotationPeriod is specified, enableKeyRotation is set to true by default
+            if (props.enableKeyRotation === undefined) {
+                this.enableKeyRotation = true;
+            }
+        }
+        this.policy = props.policy ?? new iam.PolicyDocument(this, "Policy");
+        this.trustAccountIdentities = props.trustAccountIdentities ?? true;
+        if (this.trustAccountIdentities) {
+            // Set the default key policy if one hasn't been provided by the user.
+            if (!props.policy) {
+                this.addDefaultAdminPolicy();
+            }
+        }
+        else {
+            this.addLegacyAdminPolicy();
+        }
+        let pendingWindowInDays;
+        if (props.pendingWindow) {
+            pendingWindowInDays = props.pendingWindow.toDays();
+            if (pendingWindowInDays < 7 || pendingWindowInDays > 30) {
+                throw new Error(`'pendingWindow' value must between 7 and 30 days. Received: ${pendingWindowInDays}`);
+            }
+        }
+        this.resource = new provider_aws_1.kmsKey.KmsKey(this, "Resource", {
+            description: props.description,
+            enableKeyRotation: this.enableKeyRotation,
+            rotationPeriodInDays: props.rotationPeriod?.toDays(),
+            isEnabled: props.enabled,
+            customerMasterKeySpec: props.keySpec,
+            keyUsage: props.keyUsage,
+            policy: this.policy.json,
+            multiRegion: props.multiRegion,
+            deletionWindowInDays: pendingWindowInDays,
+        });
+        this.keyArn = this.resource.arn;
+        this.keyId = this.resource.id;
+        (props.admins ?? []).forEach((p) => this.grantAdmin(p));
+        if (props.alias !== undefined) {
+            this.addAlias(props.alias);
+        }
+    }
+    /**
+     * Grant admins permissions using this key to the given principal
+     *
+     * Key administrators have permissions to manage the key (e.g., change permissions, revoke), but do not have permissions
+     * to use the key in cryptographic operations (e.g., encrypt, decrypt).
+     */
+    grantAdmin(grantee) {
+        return this.grant(grantee, ...perms.ADMIN_ACTIONS);
+    }
+    /**
+     * Adds the default key policy to the key. This policy gives the AWS account (root user) full access to the CMK,
+     * which reduces the risk of the CMK becoming unmanageable and enables IAM policies to allow access to the CMK.
+     * This is the same policy that is default when creating a Key via the KMS API or Console.
+     * @see https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default
+     */
+    addDefaultAdminPolicy() {
+        this.addToResourcePolicy(new iam.PolicyStatement({
+            resources: ["*"],
+            actions: ["kms:*"],
+            principals: [new iam.AccountRootPrincipal()],
+        }));
+    }
+    /**
+     * Grants the account admin privileges -- not full account access -- plus the GenerateDataKey action.
+     * The GenerateDataKey action was added for interop with S3 in https://github.com/aws/aws-cdk/issues/3458.
+     *
+     * This policy is discouraged.
+     *
+     * @link https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default
+     * @deprecated
+     */
+    addLegacyAdminPolicy() {
+        // This is equivalent to `[...perms.ADMIN_ACTIONS, 'kms:GenerateDataKey']`,
+        // but keeping this explicit ordering for backwards-compatibility (changing the ordering causes resource updates)
+        const actions = [
+            "kms:Create*",
+            "kms:Describe*",
+            "kms:Enable*",
+            "kms:List*",
+            "kms:Put*",
+            "kms:Update*",
+            "kms:Revoke*",
+            "kms:Disable*",
+            "kms:Get*",
+            "kms:Delete*",
+            "kms:ScheduleKeyDeletion",
+            "kms:CancelKeyDeletion",
+            "kms:GenerateDataKey",
+            "kms:TagResource",
+            "kms:UntagResource",
+        ];
+        this.addToResourcePolicy(new iam.PolicyStatement({
+            resources: ["*"],
+            actions,
+            principals: [new iam.AccountRootPrincipal()],
+        }));
+    }
+}
+exports.Key = Key;
+_a = JSII_RTTI_SYMBOL_1;
+Key[_a] = { fqn: "terraconstructs.aws.encryption.Key", version: "0.0.8" };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2F3cy9lbmNyeXB0aW9uL2tleS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLHNGQUFzRjtBQUV0RixzREFBNEQ7QUFDNUQsaUNBQThCO0FBRTlCLGdDQUFtQztBQUNuQyxvREFJMEI7QUFDMUIsNENBQXdDO0FBQ3hDLG1DQUFnQztBQUVoQyw4QkFBOEI7QUFDOUIseUNBQXlDO0FBNkZ6QyxNQUFlLE9BQVEsU0FBUSxnQ0FBZ0I7SUF3QjdDLElBQVcsVUFBVTtRQUNuQixPQUFPO1lBQ0wsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO1lBQ25CLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSztTQUNsQixDQUFDO0lBQ0osQ0FBQztJQUNELElBQVcsT0FBTztRQUNoQixPQUFPLElBQUksQ0FBQyxVQUFVLENBQUM7SUFDekIsQ0FBQztJQVNELFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsUUFBMkIsRUFBRTtRQUNyRSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRSxLQUFLLENBQUMsQ0FBQztRQVIxQjs7OztXQUlHO1FBQ2MsWUFBTyxHQUFZLEVBQUUsQ0FBQztRQUtyQyxJQUFJLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQztZQUN0QixRQUFRLEVBQUUsR0FBRyxFQUFFLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSx5QkFBeUIsRUFBRSxJQUFJLEVBQUU7U0FDL0QsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOztPQUVHO0lBQ0ksUUFBUSxDQUFDLFNBQWlCO1FBQy9CLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsUUFBUSxTQUFTLEVBQUUsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDO1FBRXhFLE1BQU0sS0FBSyxHQUFHLElBQUksYUFBSyxDQUFDLElBQUksRUFBRSxPQUFPLEVBQUUsRUFBRSxTQUFTLEVBQUUsU0FBUyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7UUFDdkUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7UUFFekIsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksbUJBQW1CLENBQ3hCLFNBQThCLEVBQzlCLFNBQVMsR0FBRyxJQUFJO1FBRWhCLE1BQU0sS0FBSyxHQUFHLG9CQUFRLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBRTVDLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDakIsSUFBSSxTQUFTLEVBQUUsQ0FBQztnQkFDZCxPQUFPLEVBQUUsY0FBYyxFQUFFLEtBQUssRUFBRSxDQUFDO1lBQ25DLENBQUM7WUFDRCxNQUFNLElBQUksS0FBSyxDQUNiLCtEQUErRCxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDLEVBQUUsQ0FDNUcsQ0FBQztRQUNKLENBQUM7UUFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLGFBQWEsQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUNyQyxPQUFPLEVBQUUsY0FBYyxFQUFFLElBQUksRUFBRSxnQkFBZ0IsRUFBRSxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7SUFDakUsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLEtBQUssQ0FBQyxPQUF1QixFQUFFLEdBQUcsT0FBaUI7UUFDeEQsaUZBQWlGO1FBQ2pGLGlGQUFpRjtRQUNqRix3RUFBd0U7UUFDeEUsK0RBQStEO1FBQy9ELE1BQU0sNkJBQTZCLEdBQ2pDLElBQUksQ0FBQyw2QkFBNkIsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM5QyxNQUFNLFNBQVMsR0FBRyw2QkFBNkI7WUFDN0MsQ0FBQyxDQUFDLElBQUksR0FBRyxDQUFDLGdCQUFnQixDQUFDLDZCQUE2QixDQUFDO1lBQ3pELENBQUMsQ0FBQyxPQUFPLENBQUMsY0FBYyxDQUFDO1FBRTNCLE1BQU0sa0JBQWtCLEdBQUcsSUFBSSxDQUFDLDJCQUEyQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3JFLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxDQUFDLDBCQUEwQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ25FLE1BQU0sZ0JBQWdCLEdBQUcsa0JBQWtCLElBQUksaUJBQWlCLENBQUM7UUFDakUsTUFBTSxZQUFZLEdBQWlDO1lBQ2pELE9BQU87WUFDUCxPQUFPO1lBQ1AsUUFBUSxFQUFFLElBQUk7WUFDZCxZQUFZLEVBQUUsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDO1lBQzNCLGdCQUFnQixFQUFFLGdCQUFnQixDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDO1NBQ3ZELENBQUM7UUFDRixJQUFJLElBQUksQ0FBQyxzQkFBc0IsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDckQsT0FBTyxHQUFHLENBQUMsS0FBSyxDQUFDLHdCQUF3QixDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQzFELENBQUM7YUFBTSxDQUFDO1lBQ04sT0FBTyxHQUFHLENBQUMsS0FBSyxDQUFDLHlCQUF5QixDQUFDO2dCQUN6QyxHQUFHLFlBQVk7Z0JBQ2Ysb0RBQW9EO2dCQUNwRCxnRUFBZ0U7Z0JBQ2hFLHlFQUF5RTtnQkFDekUsWUFBWSxFQUFFLGdCQUFnQixDQUFDLENBQUMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUM7Z0JBQ3RELHVCQUF1QixFQUFFLFNBQVM7YUFDbkMsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNJLFlBQVksQ0FBQyxPQUF1QjtRQUN6QyxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxFQUFFLEdBQUcsS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ3ZELENBQUM7SUFFRDs7T0FFRztJQUNJLFlBQVksQ0FBQyxPQUF1QjtRQUN6QyxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxFQUFFLEdBQUcsS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ3ZELENBQUM7SUFFRDs7T0FFRztJQUNJLG1CQUFtQixDQUFDLE9BQXVCO1FBQ2hELE9BQU8sSUFBSSxDQUFDLEtBQUssQ0FDZixPQUFPLEVBQ1AsR0FBRyxDQUFDLEdBQUcsS0FBSyxDQUFDLGVBQWUsRUFBRSxHQUFHLEtBQUssQ0FBQyxlQUFlLENBQUMsQ0FDeEQsQ0FBQztJQUNKLENBQUM7SUFFRDs7T0FFRztJQUNJLGdCQUFnQixDQUFDLE9BQXVCO1FBQzdDLE9BQU8sSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLEVBQUUsR0FBRyxLQUFLLENBQUMscUJBQXFCLENBQUMsQ0FBQztJQUM3RCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxjQUFjLENBQUMsT0FBdUI7UUFDM0MsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxHQUFHLEtBQUssQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQzNELENBQUM7SUFFRDs7Ozs7OztPQU9HO0lBQ0ssNkJBQTZCLENBQ25DLE9BQXVCO1FBRXZCLE1BQU0sY0FBYyxHQUFHLE9BQU8sQ0FBQyxjQUFjLENBQUM7UUFDOUMsZ0RBQWdEO1FBQ2hELDZCQUE2QjtRQUM3QixJQUFJLENBQUMsR0FBRyxDQUFDLHdCQUF3QixDQUFDLGNBQWMsQ0FBQyxFQUFFLENBQUM7WUFDbEQsT0FBTyxTQUFTLENBQUM7UUFDbkIsQ0FBQztRQUNELE1BQU0sUUFBUSxHQUFHLG9CQUFRLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQy9DLE1BQU0sWUFBWSxHQUFHLG9CQUFRLENBQUMsY0FBYyxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBQzdELElBQUksUUFBUSxLQUFLLFlBQVksRUFBRSxDQUFDO1lBQzlCLE9BQU8sU0FBUyxDQUFDO1FBQ25CLENBQUM7UUFFRCw0RUFBNEU7UUFDNUUsT0FBTyxZQUFZLENBQUMsWUFBWSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUM7WUFDakQsQ0FBQyxDQUFDLFlBQVksQ0FBQyxPQUFPO1lBQ3RCLENBQUMsQ0FBQyxTQUFTLENBQUM7SUFDaEIsQ0FBQztJQUVPLDBCQUEwQixDQUFDLE9BQXVCO1FBQ3hELElBQUksQ0FBQyxHQUFHLENBQUMsd0JBQXdCLENBQUMsT0FBTyxDQUFDLGNBQWMsQ0FBQyxFQUFFLENBQUM7WUFDMUQsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBQ0QsTUFBTSxRQUFRLEdBQUcsb0JBQVEsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDL0MsTUFBTSxhQUFhLEdBQUcsb0JBQVEsQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBRXRFLDhGQUE4RjtRQUM5Riw0RUFBNEU7UUFDNUUsT0FBTyxDQUNMLFFBQVEsQ0FBQyxNQUFNLEtBQUssYUFBYSxDQUFDLE1BQU07WUFDeEMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEtBQUssYUFBYSxDQUFDLE1BQU0sQ0FDekMsQ0FBQztJQUNKLENBQUM7SUFFTywyQkFBMkIsQ0FBQyxPQUF1QjtRQUN6RCxJQUFJLENBQUMsR0FBRyxDQUFDLHdCQUF3QixDQUFDLE9BQU8sQ0FBQyxjQUFjLENBQUMsRUFBRSxDQUFDO1lBQzFELE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztRQUNELE1BQU0sUUFBUSxHQUFHLG9CQUFRLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQy9DLE1BQU0sYUFBYSxHQUFHLG9CQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBQyxjQUFjLENBQUMsQ0FBQztRQUV0RSwrRkFBK0Y7UUFDL0YsK0VBQStFO1FBQy9FLE9BQU8sQ0FDTCxRQUFRLENBQUMsT0FBTyxLQUFLLGFBQWEsQ0FBQyxPQUFPO1lBQzFDLElBQUksQ0FBQyxHQUFHLENBQUMsT0FBTyxLQUFLLGFBQWEsQ0FBQyxPQUFPLENBQzNDLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUFFRDs7R0FFRztBQUNILElBQVksT0E4Rlg7QUE5RkQsV0FBWSxPQUFPO0lBQ2pCOzs7O09BSUc7SUFDSCxrREFBdUMsQ0FBQTtJQUV2Qzs7OztPQUlHO0lBQ0gsZ0NBQXFCLENBQUE7SUFFckI7Ozs7T0FJRztJQUNILGdDQUFxQixDQUFBO0lBRXJCOzs7O09BSUc7SUFDSCxnQ0FBcUIsQ0FBQTtJQUVyQjs7Ozs7T0FLRztJQUNILDBDQUErQixDQUFBO0lBRS9COzs7OztPQUtHO0lBQ0gsMENBQStCLENBQUE7SUFFL0I7Ozs7O09BS0c7SUFDSCwwQ0FBK0IsQ0FBQTtJQUUvQjs7OztPQUlHO0lBQ0gsOENBQW1DLENBQUE7SUFFbkM7Ozs7T0FJRztJQUNILGdDQUFxQixDQUFBO0lBRXJCOzs7O09BSUc7SUFDSCxnQ0FBcUIsQ0FBQTtJQUVyQjs7OztPQUlHO0lBQ0gsZ0NBQXFCLENBQUE7SUFFckI7Ozs7T0FJRztJQUNILGdDQUFxQixDQUFBO0lBRXJCOzs7O09BSUc7SUFDSCxzQkFBVyxDQUFBO0FBQ2IsQ0FBQyxFQTlGVyxPQUFPLHVCQUFQLE9BQU8sUUE4RmxCO0FBRUQ7O0dBRUc7QUFDSCxJQUFZLFFBb0JYO0FBcEJELFdBQVksUUFBUTtJQUNsQjs7T0FFRztJQUNILCtDQUFtQyxDQUFBO0lBRW5DOztPQUVHO0lBQ0gsdUNBQTJCLENBQUE7SUFFM0I7O09BRUc7SUFDSCx1REFBMkMsQ0FBQTtJQUUzQzs7T0FFRztJQUNILDJDQUErQixDQUFBO0FBQ2pDLENBQUMsRUFwQlcsUUFBUSx3QkFBUixRQUFRLFFBb0JuQjtBQW9JRDs7OztHQUlHO0FBQ0gsTUFBYSxHQUFJLFNBQVEsT0FBTztJQUM5Qjs7Ozs7O09BTUc7SUFDSSxNQUFNLENBQUMsVUFBVSxDQUFDLEtBQWdCLEVBQUUsRUFBVSxFQUFFLE1BQWM7UUFDbkUsTUFBTSxNQUFPLFNBQVEsT0FBTztZQVMxQixZQUFZLEtBQWEsRUFBRSxRQUEyQixFQUFFO2dCQUN0RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRSxLQUFLLENBQUMsQ0FBQztnQkFUVixXQUFNLEdBQUcsTUFBTSxDQUFDO2dCQUViLFdBQU0sR0FBb0MsU0FBUyxDQUFDO2dCQUN2RSxpRUFBaUU7Z0JBQ2pFLHdFQUF3RTtnQkFDeEUscUNBQXFDO2dCQUNsQiwyQkFBc0IsR0FBWSxJQUFJLENBQUM7Z0JBS3hELElBQUksQ0FBQyxLQUFLLEdBQUcsS0FBSyxDQUFDO1lBQ3JCLENBQUM7U0FDRjtRQUVELE1BQU0sZUFBZSxHQUFHLG9CQUFRLENBQUMsY0FBYyxDQUFDLEtBQUssQ0FBQyxDQUFDLFFBQVEsQ0FDN0QsTUFBTSxFQUNOLGVBQVMsQ0FBQyxtQkFBbUIsQ0FDOUIsQ0FBQyxZQUFZLENBQUM7UUFDZixJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7WUFDckIsTUFBTSxJQUFJLEtBQUssQ0FDYixpR0FBaUcsTUFBTSxHQUFHLENBQzNHLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxJQUFJLE1BQU0sQ0FBQyxlQUFlLEVBQUU7WUFDakMsa0JBQWtCLEVBQUUsTUFBTTtTQUMzQixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksTUFBTSxDQUFDLFNBQVMsQ0FBQyxLQUFvQjtRQUMxQyw0REFBNEQ7UUFDNUQsTUFBTSxFQUFFLEdBQUcsWUFBWSxDQUFDO1FBRXhCLG1EQUFtRDtRQUNuRCxxQkFBcUI7UUFDckIsdUdBQXVHO1FBQ3ZHLE1BQU0sUUFBUSxHQUFHLEtBQUssQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQzdDLElBQUksUUFBUSxFQUFFLENBQUM7WUFDYixPQUFhLFFBQVEsQ0FBQztRQUN4QixDQUFDO1FBRUQsSUFBSSxTQUE2QixDQUFDO1FBQ2xDLElBQUksYUFBSyxDQUFDLFlBQVksQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQztZQUMxQyxtRkFBbUY7WUFDbkYsU0FBUyxHQUFHLG9CQUFRLENBQUMsRUFBRSxDQUFDLEtBQUssQ0FBQztpQkFDM0IsSUFBSSxDQUFDLE9BQU8sRUFBRTtpQkFDZCxNQUFNLENBQ0wsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUNKLENBQUMsWUFBWSxHQUFHLENBQUMsY0FBYyxJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssS0FBSyxDQUFDLFdBQVcsQ0FDbEUsQ0FBQyxDQUFDLENBQXVCLENBQUM7WUFDN0IsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUNmLE1BQU0sSUFBSSxLQUFLLENBQ2IseUdBQXlHO29CQUN2RyxzRUFBc0U7b0JBQ3RFLG1HQUFtRyxDQUN0RyxDQUFDO1lBQ0osQ0FBQztRQUNILENBQUM7YUFBTSxDQUFDO1lBQ04sSUFBSSxDQUFDO2dCQUNILE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLFdBQVcsSUFBSSxFQUFFLENBQUMsQ0FBQztnQkFDM0QsaURBQWlEO2dCQUNqRCxTQUFTLEdBQUcsR0FBRyxDQUFDLGNBQWMsQ0FBQyxRQUFRLENBQ3JDLEtBQUssRUFDTCxRQUFRLEVBQ1IsY0FBYyxDQUNmLENBQUM7WUFDSixDQUFDO1lBQUMsTUFBTSxDQUFDO2dCQUNQLG9EQUFvRDtnQkFDcEQsdUZBQXVGO2dCQUN2Riw0RUFBNEU7Z0JBQzVFLGtEQUFrRDtnQkFDbEQsbUNBQW1DO2dCQUNuQyxNQUFNLElBQUksS0FBSyxDQUNiLHlFQUF5RTtvQkFDdkUsc0VBQXNFO29CQUN0RSxtR0FBbUcsQ0FDdEcsQ0FBQztZQUNKLENBQUM7UUFDSCxDQUFDO1FBRUQsOERBQThEO1FBQzlELEtBQUssQ0FBQyxNQUFNLEdBQUcsU0FBUyxDQUFDLElBQUksQ0FBQztRQUU5QixPQUFPLElBQUksQ0FBQyxLQUFNLFNBQVEsT0FBTztZQUFyQjs7Z0JBQ00sV0FBTSxHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUM7Z0JBQ25CLFVBQUssR0FBRyxLQUFLLENBQUMsRUFBRSxDQUFDO2dCQUNkLFdBQU0sR0FBRyxTQUFTLENBQUM7Z0JBQ25CLDJCQUFzQixHQUFHLEtBQUssQ0FBQztZQUNwRCxDQUFDO1NBQUEsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztJQUNoQixDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLE1BQU0sQ0FBQyxVQUFVLENBQ3RCLEtBQWdCLEVBQ2hCLEVBQVUsRUFDVixPQUF5QjtRQUV6QixNQUFNLE1BQU8sU0FBUSxPQUFPO1lBVTFCLFlBQVksS0FBYTtnQkFDdkIsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztnQkFQQSxXQUFNLEdBQW9DLFNBQVMsQ0FBQztnQkFDdkUsaUVBQWlFO2dCQUNqRSx3RUFBd0U7Z0JBQ3hFLHFDQUFxQztnQkFDbEIsMkJBQXNCLEdBQVksSUFBSSxDQUFDO2dCQUl4RCxJQUFJLENBQUMsVUFBVSxHQUFHLElBQUksNEJBQWEsQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLFVBQVUsRUFBRTtvQkFDbEUsS0FBSztpQkFDTixDQUFDLENBQUM7Z0JBQ0gsSUFBSSxDQUFDLEtBQUssR0FBRyxLQUFLLENBQUM7Z0JBQ25CLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUM7WUFDcEMsQ0FBQztTQUNGO1FBQ0QsSUFBSSxhQUFLLENBQUMsWUFBWSxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO1lBQzFDLE1BQU0sSUFBSSxLQUFLLENBQ2IsZ0VBQWdFLENBQ2pFLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxJQUFJLE1BQU0sQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUM7SUFDdkMsQ0FBQztJQVVELFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsUUFBa0IsRUFBRTtRQUM1RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRSxLQUFLLENBQUMsQ0FBQztRQUV4QixNQUFNLFNBQVMsR0FBRztZQUNoQixDQUFDLFFBQVEsQ0FBQyxlQUFlLENBQUMsRUFBRTtnQkFDMUIsT0FBTyxDQUFDLGFBQWE7Z0JBQ3JCLE9BQU8sQ0FBQyxhQUFhO2dCQUNyQixPQUFPLENBQUMsYUFBYTtnQkFDckIsT0FBTyxDQUFDLGVBQWU7Z0JBQ3ZCLE9BQU8sQ0FBQyxRQUFRO2dCQUNoQixPQUFPLENBQUMsUUFBUTtnQkFDaEIsT0FBTyxDQUFDLFFBQVE7Z0JBQ2hCLE9BQU8sQ0FBQyxRQUFRO2FBQ2pCO1lBQ0QsQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLEVBQUU7Z0JBQ3RCLE9BQU8sQ0FBQyxpQkFBaUI7Z0JBQ3pCLE9BQU8sQ0FBQyxRQUFRO2dCQUNoQixPQUFPLENBQUMsUUFBUTtnQkFDaEIsT0FBTyxDQUFDLFFBQVE7Z0JBQ2hCLE9BQU8sQ0FBQyxRQUFRO2FBQ2pCO1lBQ0QsQ0FBQyxRQUFRLENBQUMsbUJBQW1CLENBQUMsRUFBRTtnQkFDOUIsT0FBTyxDQUFDLFFBQVE7Z0JBQ2hCLE9BQU8sQ0FBQyxRQUFRO2dCQUNoQixPQUFPLENBQUMsUUFBUTtnQkFDaEIsT0FBTyxDQUFDLGFBQWE7Z0JBQ3JCLE9BQU8sQ0FBQyxhQUFhO2dCQUNyQixPQUFPLENBQUMsYUFBYTtnQkFDckIsT0FBTyxDQUFDLGVBQWU7Z0JBQ3ZCLE9BQU8sQ0FBQyxpQkFBaUI7Z0JBQ3pCLE9BQU8sQ0FBQyxHQUFHO2FBQ1o7WUFDRCxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUMsRUFBRTtnQkFDeEIsT0FBTyxDQUFDLGlCQUFpQjtnQkFDekIsT0FBTyxDQUFDLFFBQVE7Z0JBQ2hCLE9BQU8sQ0FBQyxRQUFRO2dCQUNoQixPQUFPLENBQUMsUUFBUTtnQkFDaEIsT0FBTyxDQUFDLGVBQWU7Z0JBQ3ZCLE9BQU8sQ0FBQyxRQUFRO2dCQUNoQixPQUFPLENBQUMsUUFBUTtnQkFDaEIsT0FBTyxDQUFDLFFBQVE7Z0JBQ2hCLE9BQU8sQ0FBQyxRQUFRO2FBQ2pCO1NBQ0YsQ0FBQztRQUNGLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLElBQUksT0FBTyxDQUFDLGlCQUFpQixDQUFDO1FBQzNELE1BQU0sUUFBUSxHQUFHLEtBQUssQ0FBQyxRQUFRLElBQUksUUFBUSxDQUFDLGVBQWUsQ0FBQztRQUM1RCxJQUFJLFNBQVMsQ0FBQyxRQUFRLENBQUMsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztZQUMxQyxNQUFNLElBQUksS0FBSyxDQUNiLGFBQWEsT0FBTyw4QkFBOEIsUUFBUSxHQUFHLENBQzlELENBQUM7UUFDSixDQUFDO1FBRUQsSUFBSSxPQUFPLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEtBQUssQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQzFELE1BQU0sSUFBSSxLQUFLLENBQUMsNkNBQTZDLENBQUMsQ0FBQztRQUNqRSxDQUFDO1FBRUQsSUFBSSxPQUFPLEtBQUssT0FBTyxDQUFDLGlCQUFpQixJQUFJLEtBQUssQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQ3JFLE1BQU0sSUFBSSxLQUFLLENBQUMsbURBQW1ELENBQUMsQ0FBQztRQUN2RSxDQUFDO1FBRUQsSUFBSSxDQUFDLGlCQUFpQixHQUFHLEtBQUssQ0FBQyxpQkFBaUIsQ0FBQztRQUVqRCxJQUFJLEtBQUssQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUN6QixJQUFJLEtBQUssQ0FBQyxpQkFBaUIsS0FBSyxLQUFLLEVBQUUsQ0FBQztnQkFDdEMsTUFBTSxJQUFJLEtBQUssQ0FDYiwyRUFBMkUsQ0FDNUUsQ0FBQztZQUNKLENBQUM7WUFDRCxJQUNFLEtBQUssQ0FBQyxjQUFjLENBQUMsTUFBTSxFQUFFLEdBQUcsRUFBRTtnQkFDbEMsS0FBSyxDQUFDLGNBQWMsQ0FBQyxNQUFNLEVBQUUsR0FBRyxJQUFJLEVBQ3BDLENBQUM7Z0JBQ0QsTUFBTSxJQUFJLEtBQUssQ0FDYixtRUFBbUUsS0FBSyxDQUFDLGNBQWMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUNuRyxDQUFDO1lBQ0osQ0FBQztZQUNELDhFQUE4RTtZQUM5RSxJQUFJLEtBQUssQ0FBQyxpQkFBaUIsS0FBSyxTQUFTLEVBQUUsQ0FBQztnQkFDMUMsSUFBSSxDQUFDLGlCQUFpQixHQUFHLElBQUksQ0FBQztZQUNoQyxDQUFDO1FBQ0gsQ0FBQztRQUVELElBQUksQ0FBQyxNQUFNLEdBQUcsS0FBSyxDQUFDLE1BQU0sSUFBSSxJQUFJLEdBQUcsQ0FBQyxjQUFjLENBQUMsSUFBSSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQ3JFLElBQUksQ0FBQyxzQkFBc0IsR0FBRyxLQUFLLENBQUMsc0JBQXNCLElBQUksSUFBSSxDQUFDO1FBQ25FLElBQUksSUFBSSxDQUFDLHNCQUFzQixFQUFFLENBQUM7WUFDaEMsc0VBQXNFO1lBQ3RFLElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTSxFQUFFLENBQUM7Z0JBQ2xCLElBQUksQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO1lBQy9CLENBQUM7UUFDSCxDQUFDO2FBQU0sQ0FBQztZQUNOLElBQUksQ0FBQyxvQkFBb0IsRUFBRSxDQUFDO1FBQzlCLENBQUM7UUFFRCxJQUFJLG1CQUFtQixDQUFDO1FBQ3hCLElBQUksS0FBSyxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQ3hCLG1CQUFtQixHQUFHLEtBQUssQ0FBQyxhQUFhLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDbkQsSUFBSSxtQkFBbUIsR0FBRyxDQUFDLElBQUksbUJBQW1CLEdBQUcsRUFBRSxFQUFFLENBQUM7Z0JBQ3hELE1BQU0sSUFBSSxLQUFLLENBQ2IsK0RBQStELG1CQUFtQixFQUFFLENBQ3JGLENBQUM7WUFDSixDQUFDO1FBQ0gsQ0FBQztRQUVELElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSxxQkFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEVBQUUsVUFBVSxFQUFFO1lBQ2xELFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixpQkFBaUIsRUFBRSxJQUFJLENBQUMsaUJBQWlCO1lBQ3pDLG9CQUFvQixFQUFFLEtBQUssQ0FBQyxjQUFjLEVBQUUsTUFBTSxFQUFFO1lBQ3BELFNBQVMsRUFBRSxLQUFLLENBQUMsT0FBTztZQUN4QixxQkFBcUIsRUFBRSxLQUFLLENBQUMsT0FBTztZQUNwQyxRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7WUFDeEIsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSTtZQUN4QixXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7WUFDOUIsb0JBQW9CLEVBQUUsbUJBQW1CO1NBQzFDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUM7UUFDaEMsSUFBSSxDQUFDLEtBQUssR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztRQUU5QixDQUFDLEtBQUssQ0FBQyxNQUFNLElBQUksRUFBRSxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFeEQsSUFBSSxLQUFLLENBQUMsS0FBSyxLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQzlCLElBQUksQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQzdCLENBQUM7SUFDSCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSSxVQUFVLENBQUMsT0FBdUI7UUFDdkMsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxHQUFHLEtBQUssQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNyRCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSyxxQkFBcUI7UUFDM0IsSUFBSSxDQUFDLG1CQUFtQixDQUN0QixJQUFJLEdBQUcsQ0FBQyxlQUFlLENBQUM7WUFDdEIsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO1lBQ2hCLE9BQU8sRUFBRSxDQUFDLE9BQU8sQ0FBQztZQUNsQixVQUFVLEVBQUUsQ0FBQyxJQUFJLEdBQUcsQ0FBQyxvQkFBb0IsRUFBRSxDQUFDO1NBQzdDLENBQUMsQ0FDSCxDQUFDO0lBQ0osQ0FBQztJQUVEOzs7Ozs7OztPQVFHO0lBQ0ssb0JBQW9CO1FBQzFCLDJFQUEyRTtRQUMzRSxpSEFBaUg7UUFDakgsTUFBTSxPQUFPLEdBQUc7WUFDZCxhQUFhO1lBQ2IsZUFBZTtZQUNmLGFBQWE7WUFDYixXQUFXO1lBQ1gsVUFBVTtZQUNWLGFBQWE7WUFDYixhQUFhO1lBQ2IsY0FBYztZQUNkLFVBQVU7WUFDVixhQUFhO1lBQ2IseUJBQXlCO1lBQ3pCLHVCQUF1QjtZQUN2QixxQkFBcUI7WUFDckIsaUJBQWlCO1lBQ2pCLG1CQUFtQjtTQUNwQixDQUFDO1FBRUYsSUFBSSxDQUFDLG1CQUFtQixDQUN0QixJQUFJLEdBQUcsQ0FBQyxlQUFlLENBQUM7WUFDdEIsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO1lBQ2hCLE9BQU87WUFDUCxVQUFVLEVBQUUsQ0FBQyxJQUFJLEdBQUcsQ0FBQyxvQkFBb0IsRUFBRSxDQUFDO1NBQzdDLENBQUMsQ0FDSCxDQUFDO0lBQ0osQ0FBQzs7QUFuV0gsa0JBb1dDIiwic291cmNlc0NvbnRlbnQiOlsiLy8gaHR0cHM6Ly9naXRodWIuY29tL2F3cy9hd3MtY2RrL2Jsb2IvMi4xNzAuMC9wYWNrYWdlcy9hd3MtY2RrLWxpYi9hd3Mta21zL2xpYi9rZXkudHNcblxuaW1wb3J0IHsga21zS2V5LCBkYXRhQXdzS21zS2V5IH0gZnJvbSBcIkBjZGt0Zi9wcm92aWRlci1hd3NcIjtcbmltcG9ydCB7IFRva2VuIH0gZnJvbSBcImNka3RmXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgQXJuRm9ybWF0IH0gZnJvbSBcIi4uL2FyblwiO1xuaW1wb3J0IHtcbiAgSUF3c0NvbnN0cnVjdCxcbiAgQXdzQ29uc3RydWN0QmFzZSxcbiAgQXdzQ29uc3RydWN0UHJvcHMsXG59IGZyb20gXCIuLi9hd3MtY29uc3RydWN0XCI7XG5pbXBvcnQgeyBBd3NTdGFjayB9IGZyb20gXCIuLi9hd3Mtc3RhY2tcIjtcbmltcG9ydCB7IEFsaWFzIH0gZnJvbSBcIi4vYWxpYXNcIjtcbmltcG9ydCB7IEtleUxvb2t1cE9wdGlvbnMgfSBmcm9tIFwiLi9rZXktbG9va3VwXCI7XG5pbXBvcnQgKiBhcyBpYW0gZnJvbSBcIi4uL2lhbVwiO1xuaW1wb3J0ICogYXMgcGVybXMgZnJvbSBcIi4vcHJpdmF0ZS9wZXJtc1wiO1xuaW1wb3J0IHsgRHVyYXRpb24gfSBmcm9tIFwiLi4vLi4vZHVyYXRpb25cIjtcblxuLyoqXG4gKiBPdXRwdXRzIHdoaWNoIG1heSBiZSByZWdpc3RlcmVkIGZvciBvdXRwdXQgdmlhIHRoZSBHcmlkLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIEtleU91dHB1dHMge1xuICAvKipcbiAgICogVGhlIEFSTiBvZiB0aGUga2V5LlxuICAgKlxuICAgKiBAYXR0cmlidXRlXG4gICAqL1xuICByZWFkb25seSBrZXlBcm46IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIElEIG9mIHRoZSBrZXlcbiAgICogKHRoZSBwYXJ0IHRoYXQgbG9va3Mgc29tZXRoaW5nIGxpa2U6IDEyMzRhYmNkLTEyYWItMzRjZC01NmVmLTEyMzQ1Njc4OTBhYikuXG4gICAqXG4gICAqIEBhdHRyaWJ1dGVcbiAgICovXG4gIHJlYWRvbmx5IGtleUlkOiBzdHJpbmc7XG59XG5cbi8qKlxuICogQSBLTVMgS2V5LCBlaXRoZXIgbWFuYWdlZCBieSB0aGlzIENESyBhcHAsIG9yIGltcG9ydGVkLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIElLZXkgZXh0ZW5kcyBJQXdzQ29uc3RydWN0IHtcbiAgLyoqIFN0cm9uZ2x5IHR5cGVkIG91dHB1dHMgKi9cbiAgcmVhZG9ubHkga2V5T3V0cHV0czogS2V5T3V0cHV0cztcblxuICAvKipcbiAgICogVGhlIEFSTiBvZiB0aGUga2V5LlxuICAgKlxuICAgKiBAYXR0cmlidXRlXG4gICAqL1xuICByZWFkb25seSBrZXlBcm46IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIElEIG9mIHRoZSBrZXlcbiAgICogKHRoZSBwYXJ0IHRoYXQgbG9va3Mgc29tZXRoaW5nIGxpa2U6IDEyMzRhYmNkLTEyYWItMzRjZC01NmVmLTEyMzQ1Njc4OTBhYikuXG4gICAqXG4gICAqIEBhdHRyaWJ1dGVcbiAgICovXG4gIHJlYWRvbmx5IGtleUlkOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIERlZmluZXMgYSBuZXcgYWxpYXMgZm9yIHRoZSBrZXkuXG4gICAqL1xuICBhZGRBbGlhcyhhbGlhczogc3RyaW5nKTogQWxpYXM7XG5cbiAgLyoqXG4gICAqIEFkZHMgYSBzdGF0ZW1lbnQgdG8gdGhlIEtNUyBrZXkgcmVzb3VyY2UgcG9saWN5LlxuICAgKiBAcGFyYW0gc3RhdGVtZW50IFRoZSBwb2xpY3kgc3RhdGVtZW50IHRvIGFkZFxuICAgKiBAcGFyYW0gYWxsb3dOb09wIElmIHRoaXMgaXMgc2V0IHRvIGBmYWxzZWAgYW5kIHRoZXJlIGlzIG5vIHBvbGljeVxuICAgKiBkZWZpbmVkIChpLmUuIGV4dGVybmFsIGtleSksIHRoZSBvcGVyYXRpb24gd2lsbCBmYWlsLiBPdGhlcndpc2UsIGl0IHdpbGxcbiAgICogbm8tb3AuXG4gICAqL1xuICBhZGRUb1Jlc291cmNlUG9saWN5KFxuICAgIHN0YXRlbWVudDogaWFtLlBvbGljeVN0YXRlbWVudCxcbiAgICBhbGxvd05vT3A/OiBib29sZWFuLFxuICApOiBpYW0uQWRkVG9SZXNvdXJjZVBvbGljeVJlc3VsdDtcblxuICAvKipcbiAgICogR3JhbnQgdGhlIGluZGljYXRlZCBwZXJtaXNzaW9ucyBvbiB0aGlzIGtleSB0byB0aGUgZ2l2ZW4gcHJpbmNpcGFsXG4gICAqL1xuICBncmFudChncmFudGVlOiBpYW0uSUdyYW50YWJsZSwgLi4uYWN0aW9uczogc3RyaW5nW10pOiBpYW0uR3JhbnQ7XG5cbiAgLyoqXG4gICAqIEdyYW50IGRlY3J5cHRpb24gcGVybWlzc2lvbnMgdXNpbmcgdGhpcyBrZXkgdG8gdGhlIGdpdmVuIHByaW5jaXBhbFxuICAgKi9cbiAgZ3JhbnREZWNyeXB0KGdyYW50ZWU6IGlhbS5JR3JhbnRhYmxlKTogaWFtLkdyYW50O1xuXG4gIC8qKlxuICAgKiBHcmFudCBlbmNyeXB0aW9uIHBlcm1pc3Npb25zIHVzaW5nIHRoaXMga2V5IHRvIHRoZSBnaXZlbiBwcmluY2lwYWxcbiAgICovXG4gIGdyYW50RW5jcnlwdChncmFudGVlOiBpYW0uSUdyYW50YWJsZSk6IGlhbS5HcmFudDtcblxuICAvKipcbiAgICogR3JhbnQgZW5jcnlwdGlvbiBhbmQgZGVjcnlwdGlvbiBwZXJtaXNzaW9ucyB1c2luZyB0aGlzIGtleSB0byB0aGUgZ2l2ZW4gcHJpbmNpcGFsXG4gICAqL1xuICBncmFudEVuY3J5cHREZWNyeXB0KGdyYW50ZWU6IGlhbS5JR3JhbnRhYmxlKTogaWFtLkdyYW50O1xuXG4gIC8qKlxuICAgKiBHcmFudCBwZXJtaXNzaW9ucyB0byBnZW5lcmF0aW5nIE1BQ3MgdG8gdGhlIGdpdmVuIHByaW5jaXBhbFxuICAgKi9cbiAgZ3JhbnRHZW5lcmF0ZU1hYyhncmFudGVlOiBpYW0uSUdyYW50YWJsZSk6IGlhbS5HcmFudDtcblxuICAvKipcbiAgICogR3JhbnQgcGVybWlzc2lvbnMgdG8gdmVyaWZ5aW5nIE1BQ3MgdG8gdGhlIGdpdmVuIHByaW5jaXBhbFxuICAgKi9cbiAgZ3JhbnRWZXJpZnlNYWMoZ3JhbnRlZTogaWFtLklHcmFudGFibGUpOiBpYW0uR3JhbnQ7XG59XG5cbmFic3RyYWN0IGNsYXNzIEtleUJhc2UgZXh0ZW5kcyBBd3NDb25zdHJ1Y3RCYXNlIGltcGxlbWVudHMgSUtleSB7XG4gIC8qKlxuICAgKiBUaGUgQVJOIG9mIHRoZSBrZXkuXG4gICAqL1xuICBwdWJsaWMgYWJzdHJhY3QgcmVhZG9ubHkga2V5QXJuOiBzdHJpbmc7XG5cbiAgcHVibGljIGFic3RyYWN0IHJlYWRvbmx5IGtleUlkOiBzdHJpbmc7XG4gIC8qKlxuICAgKiBPcHRpb25hbCBwb2xpY3kgZG9jdW1lbnQgdGhhdCByZXByZXNlbnRzIHRoZSByZXNvdXJjZSBwb2xpY3kgb2YgdGhpcyBrZXkuXG4gICAqXG4gICAqIElmIHNwZWNpZmllZCwgYWRkVG9SZXNvdXJjZVBvbGljeSBjYW4gYmUgdXNlZCB0byBlZGl0IHRoaXMgcG9saWN5LlxuICAgKiBPdGhlcndpc2UgdGhpcyBtZXRob2Qgd2lsbCBuby1vcC5cbiAgICovXG4gIHByb3RlY3RlZCBhYnN0cmFjdCByZWFkb25seSBwb2xpY3k/OiBpYW0uUG9saWN5RG9jdW1lbnQ7XG5cbiAgLyoqXG4gICAqIE9wdGlvbmFsIHByb3BlcnR5IHRvIGNvbnRyb2wgdHJ1c3RpbmcgYWNjb3VudCBpZGVudGl0aWVzLlxuICAgKlxuICAgKiBJZiBzcGVjaWZpZWQsIGdyYW50cyB3aWxsIGRlZmF1bHQgaWRlbnRpdHkgcG9saWNpZXMgaW5zdGVhZCBvZiB0byBib3RoXG4gICAqIHJlc291cmNlIGFuZCBpZGVudGl0eSBwb2xpY2llcy4gVGhpcyBtYXRjaGVzIHRoZSBkZWZhdWx0IGJlaGF2aW9yIHdoZW4gY3JlYXRpbmdcbiAgICogS01TIGtleXMgdmlhIHRoZSBBUEkgb3IgY29uc29sZS5cbiAgICovXG4gIHByb3RlY3RlZCBhYnN0cmFjdCByZWFkb25seSB0cnVzdEFjY291bnRJZGVudGl0aWVzOiBib29sZWFuO1xuXG4gIHB1YmxpYyBnZXQga2V5T3V0cHV0cygpOiBLZXlPdXRwdXRzIHtcbiAgICByZXR1cm4ge1xuICAgICAga2V5QXJuOiB0aGlzLmtleUFybixcbiAgICAgIGtleUlkOiB0aGlzLmtleUlkLFxuICAgIH07XG4gIH1cbiAgcHVibGljIGdldCBvdXRwdXRzKCk6IFJlY29yZDxzdHJpbmcsIGFueT4ge1xuICAgIHJldHVybiB0aGlzLmtleU91dHB1dHM7XG4gIH1cblxuICAvKipcbiAgICogQ29sbGVjdGlvbiBvZiBhbGlhc2VzIGFkZGVkIHRvIHRoZSBrZXlcbiAgICpcbiAgICogVHJhY2tlZCB0byBkZXRlcm1pbmUgd2hldGhlciBvciBub3QgdGhlIGFsaWFzTmFtZSBzaG91bGQgYmUgYWRkZWQgdG8gdGhlIGVuZCBvZiBpdHMgSURcbiAgICovXG4gIHByaXZhdGUgcmVhZG9ubHkgYWxpYXNlczogQWxpYXNbXSA9IFtdO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBBd3NDb25zdHJ1Y3RQcm9wcyA9IHt9KSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCBwcm9wcyk7XG5cbiAgICB0aGlzLm5vZGUuYWRkVmFsaWRhdGlvbih7XG4gICAgICB2YWxpZGF0ZTogKCkgPT4gdGhpcy5wb2xpY3k/LnZhbGlkYXRlRm9yUmVzb3VyY2VQb2xpY3koKSA/PyBbXSxcbiAgICB9KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBEZWZpbmVzIGEgbmV3IGFsaWFzIGZvciB0aGUga2V5LlxuICAgKi9cbiAgcHVibGljIGFkZEFsaWFzKGFsaWFzTmFtZTogc3RyaW5nKTogQWxpYXMge1xuICAgIGNvbnN0IGFsaWFzSWQgPSB0aGlzLmFsaWFzZXMubGVuZ3RoID4gMCA/IGBBbGlhcyR7YWxpYXNOYW1lfWAgOiBcIkFsaWFzXCI7XG5cbiAgICBjb25zdCBhbGlhcyA9IG5ldyBBbGlhcyh0aGlzLCBhbGlhc0lkLCB7IGFsaWFzTmFtZSwgdGFyZ2V0S2V5OiB0aGlzIH0pO1xuICAgIHRoaXMuYWxpYXNlcy5wdXNoKGFsaWFzKTtcblxuICAgIHJldHVybiBhbGlhcztcbiAgfVxuXG4gIC8qKlxuICAgKiBBZGRzIGEgc3RhdGVtZW50IHRvIHRoZSBLTVMga2V5IHJlc291cmNlIHBvbGljeS5cbiAgICogQHBhcmFtIHN0YXRlbWVudCBUaGUgcG9saWN5IHN0YXRlbWVudCB0byBhZGRcbiAgICogQHBhcmFtIGFsbG93Tm9PcCBJZiB0aGlzIGlzIHNldCB0byBgZmFsc2VgIGFuZCB0aGVyZSBpcyBubyBwb2xpY3lcbiAgICogZGVmaW5lZCAoaS5lLiBleHRlcm5hbCBrZXkpLCB0aGUgb3BlcmF0aW9uIHdpbGwgZmFpbC4gT3RoZXJ3aXNlLCBpdCB3aWxsXG4gICAqIG5vLW9wLlxuICAgKi9cbiAgcHVibGljIGFkZFRvUmVzb3VyY2VQb2xpY3koXG4gICAgc3RhdGVtZW50OiBpYW0uUG9saWN5U3RhdGVtZW50LFxuICAgIGFsbG93Tm9PcCA9IHRydWUsXG4gICk6IGlhbS5BZGRUb1Jlc291cmNlUG9saWN5UmVzdWx0IHtcbiAgICBjb25zdCBzdGFjayA9IEF3c1N0YWNrLm9mQXdzQ29uc3RydWN0KHRoaXMpO1xuXG4gICAgaWYgKCF0aGlzLnBvbGljeSkge1xuICAgICAgaWYgKGFsbG93Tm9PcCkge1xuICAgICAgICByZXR1cm4geyBzdGF0ZW1lbnRBZGRlZDogZmFsc2UgfTtcbiAgICAgIH1cbiAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgYFVuYWJsZSB0byBhZGQgc3RhdGVtZW50IHRvIElBTSByZXNvdXJjZSBwb2xpY3kgZm9yIEtNUyBrZXk6ICR7SlNPTi5zdHJpbmdpZnkoc3RhY2sucmVzb2x2ZSh0aGlzLmtleUFybikpfWAsXG4gICAgICApO1xuICAgIH1cblxuICAgIHRoaXMucG9saWN5LmFkZFN0YXRlbWVudHMoc3RhdGVtZW50KTtcbiAgICByZXR1cm4geyBzdGF0ZW1lbnRBZGRlZDogdHJ1ZSwgcG9saWN5RGVwZW5kYWJsZTogdGhpcy5wb2xpY3kgfTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudCB0aGUgaW5kaWNhdGVkIHBlcm1pc3Npb25zIG9uIHRoaXMga2V5IHRvIHRoZSBnaXZlbiBwcmluY2lwYWxcbiAgICpcbiAgICogVGhpcyBtb2RpZmllcyBib3RoIHRoZSBwcmluY2lwYWwncyBwb2xpY3kgYXMgd2VsbCBhcyB0aGUgcmVzb3VyY2UgcG9saWN5LFxuICAgKiBzaW5jZSB0aGUgZGVmYXVsdCBDbG91ZEZvcm1hdGlvbiBzZXR1cCBmb3IgS01TIGtleXMgaXMgdGhhdCB0aGUgcG9saWN5XG4gICAqIG11c3Qgbm90IGJlIGVtcHR5IGFuZCBzbyBkZWZhdWx0IGdyYW50cyB3b24ndCB3b3JrLlxuICAgKi9cbiAgcHVibGljIGdyYW50KGdyYW50ZWU6IGlhbS5JR3JhbnRhYmxlLCAuLi5hY3Rpb25zOiBzdHJpbmdbXSk6IGlhbS5HcmFudCB7XG4gICAgLy8gS01TIHZlcmlmaWVzIHdoZXRoZXIgdGhlIHByaW5jaXBhbHMgaW5jbHVkZWQgaW4gaXRzIGtleSBwb2xpY3kgYWN0dWFsbHkgZXhpc3QuXG4gICAgLy8gVGhpcyBpcyBhIHByb2JsZW0gaWYgdGhlIHN0YWNrIHRoZSBncmFudGVlIGlzIHBhcnQgb2YgZGVwZW5kcyBvbiB0aGUga2V5IHN0YWNrXG4gICAgLy8gKGFzIGl0IHdvbid0IGV4aXN0IGJlZm9yZSB0aGUga2V5IHBvbGljeSBpcyBhdHRlbXB0ZWQgdG8gYmUgY3JlYXRlZCkuXG4gICAgLy8gSW4gdGhhdCBjYXNlLCBtYWtlIHRoZSBhY2NvdW50IHRoZSByZXNvdXJjZSBwb2xpY3kgcHJpbmNpcGFsXG4gICAgY29uc3QgZ3JhbnRlZVN0YWNrRGVwZW5kc09uS2V5U3RhY2sgPVxuICAgICAgdGhpcy5ncmFudGVlU3RhY2tEZXBlbmRzT25LZXlTdGFjayhncmFudGVlKTtcbiAgICBjb25zdCBwcmluY2lwYWwgPSBncmFudGVlU3RhY2tEZXBlbmRzT25LZXlTdGFja1xuICAgICAgPyBuZXcgaWFtLkFjY291bnRQcmluY2lwYWwoZ3JhbnRlZVN0YWNrRGVwZW5kc09uS2V5U3RhY2spXG4gICAgICA6IGdyYW50ZWUuZ3JhbnRQcmluY2lwYWw7XG5cbiAgICBjb25zdCBjcm9zc0FjY291bnRBY2Nlc3MgPSB0aGlzLmlzR3JhbnRlZUZyb21Bbm90aGVyQWNjb3VudChncmFudGVlKTtcbiAgICBjb25zdCBjcm9zc1JlZ2lvbkFjY2VzcyA9IHRoaXMuaXNHcmFudGVlRnJvbUFub3RoZXJSZWdpb24oZ3JhbnRlZSk7XG4gICAgY29uc3QgY3Jvc3NFbnZpcm9ubWVudCA9IGNyb3NzQWNjb3VudEFjY2VzcyB8fCBjcm9zc1JlZ2lvbkFjY2VzcztcbiAgICBjb25zdCBncmFudE9wdGlvbnM6IGlhbS5HcmFudFdpdGhSZXNvdXJjZU9wdGlvbnMgPSB7XG4gICAgICBncmFudGVlLFxuICAgICAgYWN0aW9ucyxcbiAgICAgIHJlc291cmNlOiB0aGlzLFxuICAgICAgcmVzb3VyY2VBcm5zOiBbdGhpcy5rZXlBcm5dLFxuICAgICAgcmVzb3VyY2VTZWxmQXJuczogY3Jvc3NFbnZpcm9ubWVudCA/IHVuZGVmaW5lZCA6IFtcIipcIl0sXG4gICAgfTtcbiAgICBpZiAodGhpcy50cnVzdEFjY291bnRJZGVudGl0aWVzICYmICFjcm9zc0Vudmlyb25tZW50KSB7XG4gICAgICByZXR1cm4gaWFtLkdyYW50LmFkZFRvUHJpbmNpcGFsT3JSZXNvdXJjZShncmFudE9wdGlvbnMpO1xuICAgIH0gZWxzZSB7XG4gICAgICByZXR1cm4gaWFtLkdyYW50LmFkZFRvUHJpbmNpcGFsQW5kUmVzb3VyY2Uoe1xuICAgICAgICAuLi5ncmFudE9wdGlvbnMsXG4gICAgICAgIC8vIGlmIHRoZSBrZXkgaXMgdXNlZCBpbiBhIGNyb3NzLWVudmlyb25tZW50IG1hdHRlcixcbiAgICAgICAgLy8gd2UgY2FuJ3QgYWNjZXNzIHRoZSBLZXkgQVJOICh0aGV5IGRvbid0IGhhdmUgcGh5c2ljYWwgbmFtZXMpLFxuICAgICAgICAvLyBzbyBmYWxsIGJhY2sgdG8gdXNpbmcgJyonLiBUb0RvIHdlIG5lZWQgdG8gbWFrZSB0aGlzIGJldHRlci4uLiBzb21laG93XG4gICAgICAgIHJlc291cmNlQXJuczogY3Jvc3NFbnZpcm9ubWVudCA/IFtcIipcIl0gOiBbdGhpcy5rZXlBcm5dLFxuICAgICAgICByZXNvdXJjZVBvbGljeVByaW5jaXBhbDogcHJpbmNpcGFsLFxuICAgICAgfSk7XG4gICAgfVxuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50IGRlY3J5cHRpb24gcGVybWlzc2lvbnMgdXNpbmcgdGhpcyBrZXkgdG8gdGhlIGdpdmVuIHByaW5jaXBhbFxuICAgKi9cbiAgcHVibGljIGdyYW50RGVjcnlwdChncmFudGVlOiBpYW0uSUdyYW50YWJsZSk6IGlhbS5HcmFudCB7XG4gICAgcmV0dXJuIHRoaXMuZ3JhbnQoZ3JhbnRlZSwgLi4ucGVybXMuREVDUllQVF9BQ1RJT05TKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudCBlbmNyeXB0aW9uIHBlcm1pc3Npb25zIHVzaW5nIHRoaXMga2V5IHRvIHRoZSBnaXZlbiBwcmluY2lwYWxcbiAgICovXG4gIHB1YmxpYyBncmFudEVuY3J5cHQoZ3JhbnRlZTogaWFtLklHcmFudGFibGUpOiBpYW0uR3JhbnQge1xuICAgIHJldHVybiB0aGlzLmdyYW50KGdyYW50ZWUsIC4uLnBlcm1zLkVOQ1JZUFRfQUNUSU9OUyk7XG4gIH1cblxuICAvKipcbiAgICogR3JhbnQgZW5jcnlwdGlvbiBhbmQgZGVjcnlwdGlvbiBwZXJtaXNzaW9ucyB1c2luZyB0aGlzIGtleSB0byB0aGUgZ2l2ZW4gcHJpbmNpcGFsXG4gICAqL1xuICBwdWJsaWMgZ3JhbnRFbmNyeXB0RGVjcnlwdChncmFudGVlOiBpYW0uSUdyYW50YWJsZSk6IGlhbS5HcmFudCB7XG4gICAgcmV0dXJuIHRoaXMuZ3JhbnQoXG4gICAgICBncmFudGVlLFxuICAgICAgLi4uWy4uLnBlcm1zLkRFQ1JZUFRfQUNUSU9OUywgLi4ucGVybXMuRU5DUllQVF9BQ1RJT05TXSxcbiAgICApO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50IHBlcm1pc3Npb25zIHRvIGdlbmVyYXRpbmcgTUFDcyB0byB0aGUgZ2l2ZW4gcHJpbmNpcGFsXG4gICAqL1xuICBwdWJsaWMgZ3JhbnRHZW5lcmF0ZU1hYyhncmFudGVlOiBpYW0uSUdyYW50YWJsZSk6IGlhbS5HcmFudCB7XG4gICAgcmV0dXJuIHRoaXMuZ3JhbnQoZ3JhbnRlZSwgLi4ucGVybXMuR0VORVJBVEVfSE1BQ19BQ1RJT05TKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudCBwZXJtaXNzaW9ucyB0byB2ZXJpZnlpbmcgTUFDcyB0byB0aGUgZ2l2ZW4gcHJpbmNpcGFsXG4gICAqL1xuICBwdWJsaWMgZ3JhbnRWZXJpZnlNYWMoZ3JhbnRlZTogaWFtLklHcmFudGFibGUpOiBpYW0uR3JhbnQge1xuICAgIHJldHVybiB0aGlzLmdyYW50KGdyYW50ZWUsIC4uLnBlcm1zLlZFUklGWV9ITUFDX0FDVElPTlMpO1xuICB9XG5cbiAgLyoqXG4gICAqIENoZWNrcyB3aGV0aGVyIHRoZSBncmFudGVlIGJlbG9uZ3MgdG8gYSBzdGFjayB0aGF0IHdpbGwgYmUgZGVwbG95ZWRcbiAgICogYWZ0ZXIgdGhlIHN0YWNrIGNvbnRhaW5pbmcgdGhpcyBrZXkuXG4gICAqXG4gICAqIEBwYXJhbSBncmFudGVlIHRoZSBncmFudGVlIHRvIGdpdmUgcGVybWlzc2lvbnMgdG9cbiAgICogQHJldHVybnMgdGhlIGFjY291bnQgSUQgb2YgdGhlIGdyYW50ZWUgc3RhY2sgaWYgaXRzIHN0YWNrIGRvZXMgZGVwZW5kIG9uIHRoaXMgc3RhY2ssXG4gICAqICAgdW5kZWZpbmVkIG90aGVyd2lzZVxuICAgKi9cbiAgcHJpdmF0ZSBncmFudGVlU3RhY2tEZXBlbmRzT25LZXlTdGFjayhcbiAgICBncmFudGVlOiBpYW0uSUdyYW50YWJsZSxcbiAgKTogc3RyaW5nIHwgdW5kZWZpbmVkIHtcbiAgICBjb25zdCBncmFudFByaW5jaXBhbCA9IGdyYW50ZWUuZ3JhbnRQcmluY2lwYWw7XG4gICAgLy8gdGhpcyBsb2dpYyBzaG91bGQgb25seSBhcHBseSB0byBuZXdseSBjcmVhdGVkXG4gICAgLy8gKD0gbm90IGltcG9ydGVkKSByZXNvdXJjZXNcbiAgICBpZiAoIWlhbS5wcmluY2lwYWxJc093bmVkUmVzb3VyY2UoZ3JhbnRQcmluY2lwYWwpKSB7XG4gICAgICByZXR1cm4gdW5kZWZpbmVkO1xuICAgIH1cbiAgICBjb25zdCBrZXlTdGFjayA9IEF3c1N0YWNrLm9mQXdzQ29uc3RydWN0KHRoaXMpO1xuICAgIGNvbnN0IGdyYW50ZWVTdGFjayA9IEF3c1N0YWNrLm9mQXdzQ29uc3RydWN0KGdyYW50UHJpbmNpcGFsKTtcbiAgICBpZiAoa2V5U3RhY2sgPT09IGdyYW50ZWVTdGFjaykge1xuICAgICAgcmV0dXJuIHVuZGVmaW5lZDtcbiAgICB9XG5cbiAgICAvLyBUT0RPOiBGaW5kIHRlc3QgY2FzZSB3aXRob3V0IGNyb3NzIHN0YWNrIHJlZmVyZW5jZSBjeWNsaWMgZGVwZW5kZW5jaWVzLi4uXG4gICAgcmV0dXJuIGdyYW50ZWVTdGFjay5kZXBlbmRlbmNpZXMuaW5jbHVkZXMoa2V5U3RhY2spXG4gICAgICA/IGdyYW50ZWVTdGFjay5hY2NvdW50XG4gICAgICA6IHVuZGVmaW5lZDtcbiAgfVxuXG4gIHByaXZhdGUgaXNHcmFudGVlRnJvbUFub3RoZXJSZWdpb24oZ3JhbnRlZTogaWFtLklHcmFudGFibGUpOiBib29sZWFuIHtcbiAgICBpZiAoIWlhbS5wcmluY2lwYWxJc093bmVkUmVzb3VyY2UoZ3JhbnRlZS5ncmFudFByaW5jaXBhbCkpIHtcbiAgICAgIHJldHVybiBmYWxzZTtcbiAgICB9XG4gICAgY29uc3Qga2V5U3RhY2sgPSBBd3NTdGFjay5vZkF3c0NvbnN0cnVjdCh0aGlzKTtcbiAgICBjb25zdCBpZGVudGl0eVN0YWNrID0gQXdzU3RhY2sub2ZBd3NDb25zdHJ1Y3QoZ3JhbnRlZS5ncmFudFByaW5jaXBhbCk7XG5cbiAgICAvLyBpZiB0d28gY29tcGFyZWQgc3RhY2tzIGhhdmUgdGhlIHNhbWUgcmVnaW9uLCB0aGlzIHNob3VsZCByZXR1cm4gJ2ZhbHNlJyBzaW5jZSBpdCdzIGZyb20gdGhlXG4gICAgLy8gc2FtZSByZWdpb247IGlmIHR3byBzdGFja3MgaGF2ZSBkaWZmZXJlbnQgcmVnaW9uLCB0aGVuIGNvbXBhcmUgZW52LnJlZ2lvblxuICAgIHJldHVybiAoXG4gICAgICBrZXlTdGFjay5yZWdpb24gIT09IGlkZW50aXR5U3RhY2sucmVnaW9uICYmXG4gICAgICB0aGlzLmVudi5yZWdpb24gIT09IGlkZW50aXR5U3RhY2sucmVnaW9uXG4gICAgKTtcbiAgfVxuXG4gIHByaXZhdGUgaXNHcmFudGVlRnJvbUFub3RoZXJBY2NvdW50KGdyYW50ZWU6IGlhbS5JR3JhbnRhYmxlKTogYm9vbGVhbiB7XG4gICAgaWYgKCFpYW0ucHJpbmNpcGFsSXNPd25lZFJlc291cmNlKGdyYW50ZWUuZ3JhbnRQcmluY2lwYWwpKSB7XG4gICAgICByZXR1cm4gZmFsc2U7XG4gICAgfVxuICAgIGNvbnN0IGtleVN0YWNrID0gQXdzU3RhY2sub2ZBd3NDb25zdHJ1Y3QodGhpcyk7XG4gICAgY29uc3QgaWRlbnRpdHlTdGFjayA9IEF3c1N0YWNrLm9mQXdzQ29uc3RydWN0KGdyYW50ZWUuZ3JhbnRQcmluY2lwYWwpO1xuXG4gICAgLy8gaWYgdHdvIGNvbXBhcmVkIHN0YWNrcyBoYXZlIHRoZSBzYW1lIGFjY291bnQsIHRoaXMgc2hvdWxkIHJldHVybiAnZmFsc2UnIHNpbmNlIGl0J3MgZnJvbSB0aGVcbiAgICAvLyBzYW1lIGFjY291bnQ7IGlmIHR3byBzdGFja3MgaGF2ZSBkaWZmZXJlbnQgYWNjb3VudCwgdGhlbiBjb21wYXJlIGVudi5hY2NvdW50XG4gICAgcmV0dXJuIChcbiAgICAgIGtleVN0YWNrLmFjY291bnQgIT09IGlkZW50aXR5U3RhY2suYWNjb3VudCAmJlxuICAgICAgdGhpcy5lbnYuYWNjb3VudCAhPT0gaWRlbnRpdHlTdGFjay5hY2NvdW50XG4gICAgKTtcbiAgfVxufVxuXG4vKipcbiAqIFRoZSBrZXkgc3BlYywgcmVwcmVzZW50cyB0aGUgY3J5cHRvZ3JhcGhpYyBjb25maWd1cmF0aW9uIG9mIGtleXMuXG4gKi9cbmV4cG9ydCBlbnVtIEtleVNwZWMge1xuICAvKipcbiAgICogVGhlIGRlZmF1bHQga2V5IHNwZWMuXG4gICAqXG4gICAqIFZhbGlkIHVzYWdlOiBFTkNSWVBUX0RFQ1JZUFRcbiAgICovXG4gIFNZTU1FVFJJQ19ERUZBVUxUID0gXCJTWU1NRVRSSUNfREVGQVVMVFwiLFxuXG4gIC8qKlxuICAgKiBSU0Egd2l0aCAyMDQ4IGJpdHMgb2Yga2V5LlxuICAgKlxuICAgKiBWYWxpZCB1c2FnZTogRU5DUllQVF9ERUNSWVBUIGFuZCBTSUdOX1ZFUklGWVxuICAgKi9cbiAgUlNBXzIwNDggPSBcIlJTQV8yMDQ4XCIsXG5cbiAgLyoqXG4gICAqIFJTQSB3aXRoIDMwNzIgYml0cyBvZiBrZXkuXG4gICAqXG4gICAqIFZhbGlkIHVzYWdlOiBFTkNSWVBUX0RFQ1JZUFQgYW5kIFNJR05fVkVSSUZZXG4gICAqL1xuICBSU0FfMzA3MiA9IFwiUlNBXzMwNzJcIixcblxuICAvKipcbiAgICogUlNBIHdpdGggNDA5NiBiaXRzIG9mIGtleS5cbiAgICpcbiAgICogVmFsaWQgdXNhZ2U6IEVOQ1JZUFRfREVDUllQVCBhbmQgU0lHTl9WRVJJRllcbiAgICovXG4gIFJTQV80MDk2ID0gXCJSU0FfNDA5NlwiLFxuXG4gIC8qKlxuICAgKiBOSVNUIEZJUFMgMTg2LTQsIFNlY3Rpb24gNi40LCBFQ0RTQSBzaWduYXR1cmUgdXNpbmcgdGhlIGN1cnZlIHNwZWNpZmllZCBieSB0aGUga2V5IGFuZFxuICAgKiBTSEEtMjU2IGZvciB0aGUgbWVzc2FnZSBkaWdlc3QuXG4gICAqXG4gICAqIFZhbGlkIHVzYWdlOiBTSUdOX1ZFUklGWVxuICAgKi9cbiAgRUNDX05JU1RfUDI1NiA9IFwiRUNDX05JU1RfUDI1NlwiLFxuXG4gIC8qKlxuICAgKiBOSVNUIEZJUFMgMTg2LTQsIFNlY3Rpb24gNi40LCBFQ0RTQSBzaWduYXR1cmUgdXNpbmcgdGhlIGN1cnZlIHNwZWNpZmllZCBieSB0aGUga2V5IGFuZFxuICAgKiBTSEEtMzg0IGZvciB0aGUgbWVzc2FnZSBkaWdlc3QuXG4gICAqXG4gICAqIFZhbGlkIHVzYWdlOiBTSUdOX1ZFUklGWVxuICAgKi9cbiAgRUNDX05JU1RfUDM4NCA9IFwiRUNDX05JU1RfUDM4NFwiLFxuXG4gIC8qKlxuICAgKiBOSVNUIEZJUFMgMTg2LTQsIFNlY3Rpb24gNi40LCBFQ0RTQSBzaWduYXR1cmUgdXNpbmcgdGhlIGN1cnZlIHNwZWNpZmllZCBieSB0aGUga2V5IGFuZFxuICAgKiBTSEEtNTEyIGZvciB0aGUgbWVzc2FnZSBkaWdlc3QuXG4gICAqXG4gICAqIFZhbGlkIHVzYWdlOiBTSUdOX1ZFUklGWVxuICAgKi9cbiAgRUNDX05JU1RfUDUyMSA9IFwiRUNDX05JU1RfUDUyMVwiLFxuXG4gIC8qKlxuICAgKiBTdGFuZGFyZHMgZm9yIEVmZmljaWVudCBDcnlwdG9ncmFwaHkgMiwgU2VjdGlvbiAyLjQuMSwgRUNEU0Egc2lnbmF0dXJlIG9uIHRoZSBLb2JsaXR6IGN1cnZlLlxuICAgKlxuICAgKiBWYWxpZCB1c2FnZTogU0lHTl9WRVJJRllcbiAgICovXG4gIEVDQ19TRUNHX1AyNTZLMSA9IFwiRUNDX1NFQ0dfUDI1NksxXCIsXG5cbiAgLyoqXG4gICAqIEhhc2gtQmFzZWQgTWVzc2FnZSBBdXRoZW50aWNhdGlvbiBDb2RlIGFzIGRlZmluZWQgaW4gUkZDIDIxMDQgdXNpbmcgdGhlIG1lc3NhZ2UgZGlnZXN0IGZ1bmN0aW9uIFNIQTIyNC5cbiAgICpcbiAgICogVmFsaWQgdXNhZ2U6IEdFTkVSQVRFX1ZFUklGWV9NQUNcbiAgICovXG4gIEhNQUNfMjI0ID0gXCJITUFDXzIyNFwiLFxuXG4gIC8qKlxuICAgKiBIYXNoLUJhc2VkIE1lc3NhZ2UgQXV0aGVudGljYXRpb24gQ29kZSBhcyBkZWZpbmVkIGluIFJGQyAyMTA0IHVzaW5nIHRoZSBtZXNzYWdlIGRpZ2VzdCBmdW5jdGlvbiBTSEEyNTYuXG4gICAqXG4gICAqIFZhbGlkIHVzYWdlOiBHRU5FUkFURV9WRVJJRllfTUFDXG4gICAqL1xuICBITUFDXzI1NiA9IFwiSE1BQ18yNTZcIixcblxuICAvKipcbiAgICogSGFzaC1CYXNlZCBNZXNzYWdlIEF1dGhlbnRpY2F0aW9uIENvZGUgYXMgZGVmaW5lZCBpbiBSRkMgMjEwNCB1c2luZyB0aGUgbWVzc2FnZSBkaWdlc3QgZnVuY3Rpb24gU0hBMzg0LlxuICAgKlxuICAgKiBWYWxpZCB1c2FnZTogR0VORVJBVEVfVkVSSUZZX01BQ1xuICAgKi9cbiAgSE1BQ18zODQgPSBcIkhNQUNfMzg0XCIsXG5cbiAgLyoqXG4gICAqIEhhc2gtQmFzZWQgTWVzc2FnZSBBdXRoZW50aWNhdGlvbiBDb2RlIGFzIGRlZmluZWQgaW4gUkZDIDIxMDQgdXNpbmcgdGhlIG1lc3NhZ2UgZGlnZXN0IGZ1bmN0aW9uIFNIQTUxMi5cbiAgICpcbiAgICogVmFsaWQgdXNhZ2U6IEdFTkVSQVRFX1ZFUklGWV9NQUNcbiAgICovXG4gIEhNQUNfNTEyID0gXCJITUFDXzUxMlwiLFxuXG4gIC8qKlxuICAgKiBFbGxpcHRpYyBjdXJ2ZSBrZXkgc3BlYyBhdmFpbGFibGUgb25seSBpbiBDaGluYSBSZWdpb25zLlxuICAgKlxuICAgKiBWYWxpZCB1c2FnZTogRU5DUllQVF9ERUNSWVBUIGFuZCBTSUdOX1ZFUklGWVxuICAgKi9cbiAgU00yID0gXCJTTTJcIixcbn1cblxuLyoqXG4gKiBUaGUga2V5IHVzYWdlLCByZXByZXNlbnRzIHRoZSBjcnlwdG9ncmFwaGljIG9wZXJhdGlvbnMgb2Yga2V5cy5cbiAqL1xuZXhwb3J0IGVudW0gS2V5VXNhZ2Uge1xuICAvKipcbiAgICogRW5jcnlwdGlvbiBhbmQgZGVjcnlwdGlvbi5cbiAgICovXG4gIEVOQ1JZUFRfREVDUllQVCA9IFwiRU5DUllQVF9ERUNSWVBUXCIsXG5cbiAgLyoqXG4gICAqIFNpZ25pbmcgYW5kIHZlcmlmaWNhdGlvblxuICAgKi9cbiAgU0lHTl9WRVJJRlkgPSBcIlNJR05fVkVSSUZZXCIsXG5cbiAgLyoqXG4gICAqIEdlbmVyYXRpbmcgYW5kIHZlcmlmeWluZyBNQUNzXG4gICAqL1xuICBHRU5FUkFURV9WRVJJRllfTUFDID0gXCJHRU5FUkFURV9WRVJJRllfTUFDXCIsXG5cbiAgLyoqXG4gICAqIERlcml2aW5nIHNoYXJlZCBzZWNyZXRzXG4gICAqL1xuICBLRVlfQUdSRUVNRU5UID0gXCJLRVlfQUdSRUVNRU5UXCIsXG59XG5cbi8qKlxuICogQ29uc3RydWN0aW9uIHByb3BlcnRpZXMgZm9yIGEgS01TIEtleSBvYmplY3RcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBLZXlQcm9wcyBleHRlbmRzIEF3c0NvbnN0cnVjdFByb3BzIHtcbiAgLyoqXG4gICAqIEEgZGVzY3JpcHRpb24gb2YgdGhlIGtleS4gVXNlIGEgZGVzY3JpcHRpb24gdGhhdCBoZWxwcyB5b3VyIHVzZXJzIGRlY2lkZVxuICAgKiB3aGV0aGVyIHRoZSBrZXkgaXMgYXBwcm9wcmlhdGUgZm9yIGEgcGFydGljdWxhciB0YXNrLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIE5vIGRlc2NyaXB0aW9uLlxuICAgKi9cbiAgcmVhZG9ubHkgZGVzY3JpcHRpb24/OiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIEluaXRpYWwgYWxpYXMgdG8gYWRkIHRvIHRoZSBrZXlcbiAgICpcbiAgICogTW9yZSBhbGlhc2VzIGNhbiBiZSBhZGRlZCBsYXRlciBieSBjYWxsaW5nIGBhZGRBbGlhc2AuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gTm8gYWxpYXMgaXMgYWRkZWQgZm9yIHRoZSBrZXkuXG4gICAqL1xuICByZWFkb25seSBhbGlhcz86IHN0cmluZztcblxuICAvKipcbiAgICogSW5kaWNhdGVzIHdoZXRoZXIgQVdTIEtNUyByb3RhdGVzIHRoZSBrZXkuXG4gICAqXG4gICAqIEBkZWZhdWx0IGZhbHNlXG4gICAqL1xuICByZWFkb25seSBlbmFibGVLZXlSb3RhdGlvbj86IGJvb2xlYW47XG5cbiAgLyoqXG4gICAqIFRoZSBwZXJpb2QgYmV0d2VlbiBlYWNoIGF1dG9tYXRpYyByb3RhdGlvbi5cbiAgICpcbiAgICogQGRlZmF1bHQgLSBzZXQgYnkgQ0ZOIHRvIDM2NSBkYXlzLlxuICAgKi9cbiAgcmVhZG9ubHkgcm90YXRpb25QZXJpb2Q/OiBEdXJhdGlvbjtcblxuICAvKipcbiAgICogSW5kaWNhdGVzIHdoZXRoZXIgdGhlIGtleSBpcyBhdmFpbGFibGUgZm9yIHVzZS5cbiAgICpcbiAgICogQGRlZmF1bHQgLSBLZXkgaXMgZW5hYmxlZC5cbiAgICovXG4gIHJlYWRvbmx5IGVuYWJsZWQ/OiBib29sZWFuO1xuXG4gIC8qKlxuICAgKiBUaGUgY3J5cHRvZ3JhcGhpYyBjb25maWd1cmF0aW9uIG9mIHRoZSBrZXkuIFRoZSB2YWxpZCB2YWx1ZSBkZXBlbmRzIG9uIHVzYWdlIG9mIHRoZSBrZXkuXG4gICAqXG4gICAqIElNUE9SVEFOVDogSWYgeW91IGNoYW5nZSB0aGlzIHByb3BlcnR5IG9mIGFuIGV4aXN0aW5nIGtleSwgdGhlIGV4aXN0aW5nIGtleSBpcyBzY2hlZHVsZWQgZm9yIGRlbGV0aW9uXG4gICAqIGFuZCBhIG5ldyBrZXkgaXMgY3JlYXRlZCB3aXRoIHRoZSBzcGVjaWZpZWQgdmFsdWUuXG4gICAqXG4gICAqIEBkZWZhdWx0IEtleVNwZWMuU1lNTUVUUklDX0RFRkFVTFRcbiAgICovXG4gIHJlYWRvbmx5IGtleVNwZWM/OiBLZXlTcGVjO1xuXG4gIC8qKlxuICAgKiBUaGUgY3J5cHRvZ3JhcGhpYyBvcGVyYXRpb25zIGZvciB3aGljaCB0aGUga2V5IGNhbiBiZSB1c2VkLlxuICAgKlxuICAgKiBJTVBPUlRBTlQ6IElmIHlvdSBjaGFuZ2UgdGhpcyBwcm9wZXJ0eSBvZiBhbiBleGlzdGluZyBrZXksIHRoZSBleGlzdGluZyBrZXkgaXMgc2NoZWR1bGVkIGZvciBkZWxldGlvblxuICAgKiBhbmQgYSBuZXcga2V5IGlzIGNyZWF0ZWQgd2l0aCB0aGUgc3BlY2lmaWVkIHZhbHVlLlxuICAgKlxuICAgKiBAZGVmYXVsdCBLZXlVc2FnZS5FTkNSWVBUX0RFQ1JZUFRcbiAgICovXG4gIHJlYWRvbmx5IGtleVVzYWdlPzogS2V5VXNhZ2U7XG5cbiAgLyoqXG4gICAqIENyZWF0ZXMgYSBtdWx0aS1SZWdpb24gcHJpbWFyeSBrZXkgdGhhdCB5b3UgY2FuIHJlcGxpY2F0ZSBpbiBvdGhlciBBV1MgUmVnaW9ucy5cbiAgICpcbiAgICogWW91IGNhbid0IGNoYW5nZSB0aGUgYG11bHRpUmVnaW9uYCB2YWx1ZSBhZnRlciB0aGUgS01TIGtleSBpcyBjcmVhdGVkLlxuICAgKlxuICAgKiBJTVBPUlRBTlQ6IElmIHlvdSBjaGFuZ2UgdGhlIHZhbHVlIG9mIHRoZSBgbXVsdGlSZWdpb25gIHByb3BlcnR5IG9uIGFuIGV4aXN0aW5nIEtNUyBrZXksIHRoZSB1cGRhdGUgcmVxdWVzdCBmYWlscyxcbiAgICogcmVnYXJkbGVzcyBvZiB0aGUgdmFsdWUgb2YgdGhlIFVwZGF0ZVJlcGxhY2VQb2xpY3kgYXR0cmlidXRlLlxuICAgKiBUaGlzIHByZXZlbnRzIHlvdSBmcm9tIGFjY2lkZW50YWxseSBkZWxldGluZyBhIEtNUyBrZXkgYnkgY2hhbmdpbmcgYW4gaW1tdXRhYmxlIHByb3BlcnR5IHZhbHVlLlxuICAgKlxuICAgKiBAZGVmYXVsdCBmYWxzZVxuICAgKiBAc2VlIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9rbXMvbGF0ZXN0L2RldmVsb3Blcmd1aWRlL211bHRpLXJlZ2lvbi1rZXlzLW92ZXJ2aWV3Lmh0bWxcbiAgICovXG4gIHJlYWRvbmx5IG11bHRpUmVnaW9uPzogYm9vbGVhbjtcblxuICAvKipcbiAgICogQ3VzdG9tIHBvbGljeSBkb2N1bWVudCB0byBhdHRhY2ggdG8gdGhlIEtNUyBrZXkuXG4gICAqXG4gICAqIE5PVEUgLSBJZiB0aGUgYEBhd3MtY2RrL2F3cy1rbXM6ZGVmYXVsdEtleVBvbGljaWVzYCBmZWF0dXJlIGZsYWcgaXMgc2V0ICh0aGUgZGVmYXVsdCBmb3IgbmV3IHByb2plY3RzKSxcbiAgICogdGhpcyBwb2xpY3kgd2lsbCAqb3ZlcnJpZGUqIHRoZSBkZWZhdWx0IGtleSBwb2xpY3kgYW5kIGJlY29tZSB0aGUgb25seSBrZXkgcG9saWN5IGZvciB0aGUga2V5LiBJZiB0aGVcbiAgICogZmVhdHVyZSBmbGFnIGlzIG5vdCBzZXQsIHRoaXMgcG9saWN5IHdpbGwgYmUgYXBwZW5kZWQgdG8gdGhlIGRlZmF1bHQga2V5IHBvbGljeS5cbiAgICpcbiAgICogQGRlZmF1bHQgLSBBIHBvbGljeSBkb2N1bWVudCB3aXRoIHBlcm1pc3Npb25zIGZvciB0aGUgYWNjb3VudCByb290IHRvXG4gICAqIGFkbWluaXN0ZXIgdGhlIGtleSB3aWxsIGJlIGNyZWF0ZWQuXG4gICAqL1xuICByZWFkb25seSBwb2xpY3k/OiBpYW0uUG9saWN5RG9jdW1lbnQ7XG5cbiAgLyoqXG4gICAqIEEgbGlzdCBvZiBwcmluY2lwYWxzIHRvIGFkZCBhcyBrZXkgYWRtaW5pc3RyYXRvcnMgdG8gdGhlIGtleSBwb2xpY3kuXG4gICAqXG4gICAqIEtleSBhZG1pbmlzdHJhdG9ycyBoYXZlIHBlcm1pc3Npb25zIHRvIG1hbmFnZSB0aGUga2V5IChlLmcuLCBjaGFuZ2UgcGVybWlzc2lvbnMsIHJldm9rZSksIGJ1dCBkbyBub3QgaGF2ZSBwZXJtaXNzaW9uc1xuICAgKiB0byB1c2UgdGhlIGtleSBpbiBjcnlwdG9ncmFwaGljIG9wZXJhdGlvbnMgKGUuZy4sIGVuY3J5cHQsIGRlY3J5cHQpLlxuICAgKlxuICAgKiBUaGVzZSBwcmluY2lwYWxzIHdpbGwgYmUgYWRkZWQgdG8gdGhlIGRlZmF1bHQga2V5IHBvbGljeSAoaWYgbm9uZSBzcGVjaWZpZWQpLCBvciB0byB0aGUgc3BlY2lmaWVkIHBvbGljeSAoaWYgcHJvdmlkZWQpLlxuICAgKlxuICAgKiBAZGVmYXVsdCBbXVxuICAgKi9cbiAgcmVhZG9ubHkgYWRtaW5zPzogaWFtLklQcmluY2lwYWxbXTtcblxuICAvKipcbiAgICogV2hldGhlciB0aGUga2V5IHVzYWdlIGNhbiBiZSBncmFudGVkIGJ5IElBTSBwb2xpY2llc1xuICAgKlxuICAgKiBTZXR0aW5nIHRoaXMgdG8gdHJ1ZSBhZGRzIGEgZGVmYXVsdCBzdGF0ZW1lbnQgd2hpY2ggZGVsZWdhdGVzIGtleVxuICAgKiBhY2Nlc3MgY29udHJvbCBjb21wbGV0ZWx5IHRvIHRoZSBpZGVudGl0eSdzIElBTSBwb2xpY3kgKHNpbWlsYXJcbiAgICogdG8gaG93IGl0IHdvcmtzIGZvciBvdGhlciBBV1MgcmVzb3VyY2VzKS4gVGhpcyBtYXRjaGVzIHRoZSBkZWZhdWx0IGJlaGF2aW9yXG4gICAqIHdoZW4gY3JlYXRpbmcgS01TIGtleXMgdmlhIHRoZSBBUEkgb3IgY29uc29sZS5cbiAgICpcbiAgICogQGRlZmF1bHQgLSB0cnVlXG4gICAqIEBzZWUgaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL2ttcy9sYXRlc3QvZGV2ZWxvcGVyZ3VpZGUva2V5LXBvbGljaWVzLmh0bWwja2V5LXBvbGljeS1kZWZhdWx0LWFsbG93LXJvb3QtZW5hYmxlLWlhbVxuICAgKi9cbiAgcmVhZG9ubHkgdHJ1c3RBY2NvdW50SWRlbnRpdGllcz86IGJvb2xlYW47XG5cbiAgLyoqXG4gICAqIFNwZWNpZmllcyB0aGUgbnVtYmVyIG9mIGRheXMgaW4gdGhlIHdhaXRpbmcgcGVyaW9kIGJlZm9yZVxuICAgKiBBV1MgS01TIGRlbGV0ZXMgYSBDTUsgdGhhdCBoYXMgYmVlbiByZW1vdmVkIGZyb20gYSBDbG91ZEZvcm1hdGlvbiBzdGFjay5cbiAgICpcbiAgICogV2hlbiB5b3UgcmVtb3ZlIGEgY3VzdG9tZXIgbWFzdGVyIGtleSAoQ01LKSBmcm9tIGEgQ2xvdWRGb3JtYXRpb24gc3RhY2ssIEFXUyBLTVMgc2NoZWR1bGVzIHRoZSBDTUsgZm9yIGRlbGV0aW9uXG4gICAqIGFuZCBzdGFydHMgdGhlIG1hbmRhdG9yeSB3YWl0aW5nIHBlcmlvZC4gVGhlIFBlbmRpbmdXaW5kb3dJbkRheXMgcHJvcGVydHkgZGV0ZXJtaW5lcyB0aGUgbGVuZ3RoIG9mIHdhaXRpbmcgcGVyaW9kLlxuICAgKiBEdXJpbmcgdGhlIHdhaXRpbmcgcGVyaW9kLCB0aGUga2V5IHN0YXRlIG9mIENNSyBpcyBQZW5kaW5nIERlbGV0aW9uLCB3aGljaCBwcmV2ZW50cyB0aGUgQ01LIGZyb20gYmVpbmcgdXNlZCBpblxuICAgKiBjcnlwdG9ncmFwaGljIG9wZXJhdGlvbnMuIFdoZW4gdGhlIHdhaXRpbmcgcGVyaW9kIGV4cGlyZXMsIEFXUyBLTVMgcGVybWFuZW50bHkgZGVsZXRlcyB0aGUgQ01LLlxuICAgKlxuICAgKiBFbnRlciBhIHZhbHVlIGJldHdlZW4gNyBhbmQgMzAgZGF5cy5cbiAgICpcbiAgICogQHNlZSBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTQ2xvdWRGb3JtYXRpb24vbGF0ZXN0L1VzZXJHdWlkZS9hd3MtcmVzb3VyY2Uta21zLWtleS5odG1sI2Nmbi1rbXMta2V5LXBlbmRpbmd3aW5kb3dpbmRheXNcbiAgICogQGRlZmF1bHQgLSAzMCBkYXlzXG4gICAqL1xuICByZWFkb25seSBwZW5kaW5nV2luZG93PzogRHVyYXRpb247XG59XG5cbi8qKlxuICogRGVmaW5lcyBhIEtNUyBrZXkuXG4gKlxuICogQHJlc291cmNlIGF3c19rbXNfa2V5XG4gKi9cbmV4cG9ydCBjbGFzcyBLZXkgZXh0ZW5kcyBLZXlCYXNlIHtcbiAgLyoqXG4gICAqIEltcG9ydCBhbiBleHRlcm5hbGx5IGRlZmluZWQgS01TIEtleSB1c2luZyBpdHMgQVJOLlxuICAgKlxuICAgKiBAcGFyYW0gc2NvcGUgIHRoZSBjb25zdHJ1Y3QgdGhhdCB3aWxsIFwib3duXCIgdGhlIGltcG9ydGVkIGtleS5cbiAgICogQHBhcmFtIGlkICAgICB0aGUgaWQgb2YgdGhlIGltcG9ydGVkIGtleSBpbiB0aGUgY29uc3RydWN0IHRyZWUuXG4gICAqIEBwYXJhbSBrZXlBcm4gdGhlIEFSTiBvZiBhbiBleGlzdGluZyBLTVMga2V5LlxuICAgKi9cbiAgcHVibGljIHN0YXRpYyBmcm9tS2V5QXJuKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIGtleUFybjogc3RyaW5nKTogSUtleSB7XG4gICAgY2xhc3MgSW1wb3J0IGV4dGVuZHMgS2V5QmFzZSB7XG4gICAgICBwdWJsaWMgcmVhZG9ubHkga2V5QXJuID0ga2V5QXJuO1xuICAgICAgcHVibGljIHJlYWRvbmx5IGtleUlkOiBzdHJpbmc7XG4gICAgICBwcm90ZWN0ZWQgcmVhZG9ubHkgcG9saWN5PzogaWFtLlBvbGljeURvY3VtZW50IHwgdW5kZWZpbmVkID0gdW5kZWZpbmVkO1xuICAgICAgLy8gZGVmYXVsdGluZyB0cnVlOiBpZiB3ZSBhcmUgaW1wb3J0aW5nIHRoZSBrZXkgdGhlIGtleSBwb2xpY3kgaXNcbiAgICAgIC8vIHVuZGVmaW5lZCBhbmQgaW1wb3NzaWJsZSB0byBjaGFuZ2UgaGVyZTsgdGhpcyBtZWFucyB1cGRhdGluZyBpZGVudGl0eVxuICAgICAgLy8gcG9saWNpZXMgaXMgcmVhbGx5IHRoZSBvbmx5IG9wdGlvblxuICAgICAgcHJvdGVjdGVkIHJlYWRvbmx5IHRydXN0QWNjb3VudElkZW50aXRpZXM6IGJvb2xlYW4gPSB0cnVlO1xuXG4gICAgICBjb25zdHJ1Y3RvcihrZXlJZDogc3RyaW5nLCBwcm9wczogQXdzQ29uc3RydWN0UHJvcHMgPSB7fSkge1xuICAgICAgICBzdXBlcihzY29wZSwgaWQsIHByb3BzKTtcblxuICAgICAgICB0aGlzLmtleUlkID0ga2V5SWQ7XG4gICAgICB9XG4gICAgfVxuXG4gICAgY29uc3Qga2V5UmVzb3VyY2VOYW1lID0gQXdzU3RhY2sub2ZBd3NDb25zdHJ1Y3Qoc2NvcGUpLnNwbGl0QXJuKFxuICAgICAga2V5QXJuLFxuICAgICAgQXJuRm9ybWF0LlNMQVNIX1JFU09VUkNFX05BTUUsXG4gICAgKS5yZXNvdXJjZU5hbWU7XG4gICAgaWYgKCFrZXlSZXNvdXJjZU5hbWUpIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgYEtNUyBrZXkgQVJOIG11c3QgYmUgaW4gdGhlIGZvcm1hdCAnYXJuOjxwYXJ0aXRpb24+Omttczo8cmVnaW9uPjo8YWNjb3VudD46a2V5LzxrZXlJZD4nLCBnb3Q6ICcke2tleUFybn0nYCxcbiAgICAgICk7XG4gICAgfVxuXG4gICAgcmV0dXJuIG5ldyBJbXBvcnQoa2V5UmVzb3VyY2VOYW1lLCB7XG4gICAgICBlbnZpcm9ubWVudEZyb21Bcm46IGtleUFybixcbiAgICB9KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBDcmVhdGUgYSBtdXRhYmxlIGBJS2V5YCBiYXNlZCBvbiBhIGxvdy1sZXZlbCBgS21zS2V5YC5cbiAgICogVGhpcyBtZXRob2QgaXMgZGlmZmVyZW50IHRoYW4gYGZyb21LZXlBcm4oKWAgYmVjYXVzZSB0aGUgYElLZXlgXG4gICAqIHJldHVybmVkIGZyb20gdGhpcyBtZXRob2QgaXMgbXV0YWJsZTtcbiAgICogbWVhbmluZywgY2FsbGluZyBhbnkgbXV0YXRpbmcgbWV0aG9kcyBvbiBpdCxcbiAgICogbGlrZSBgSUtleS5hZGRUb1Jlc291cmNlUG9saWN5KClgLFxuICAgKiB3aWxsIGFjdHVhbGx5IGJlIHJlZmxlY3RlZCBpbiB0aGUgcmVzdWx0aW5nIHRlbXBsYXRlLFxuICAgKiBhcyBvcHBvc2VkIHRvIHRoZSBvYmplY3QgcmV0dXJuZWQgZnJvbSBgZnJvbUtleUFybigpYCxcbiAgICogb24gd2hpY2ggY2FsbGluZyB0aG9zZSBtZXRob2RzIHdvdWxkIGhhdmUgbm8gZWZmZWN0LlxuICAgKi9cbiAgcHVibGljIHN0YXRpYyBmcm9tVGZLZXkodGZLZXk6IGttc0tleS5LbXNLZXkpOiBJS2V5IHtcbiAgICAvLyB1c2UgYSBcIndlaXJkXCIgaWQgdGhhdCBoYXMgYSBoaWdoZXIgY2hhbmNlIG9mIGJlaW5nIHVuaXF1ZVxuICAgIGNvbnN0IGlkID0gXCJARnJvbVRmS2V5XCI7XG5cbiAgICAvLyBpZiBmcm9tVGZLZXkoKSB3YXMgYWxyZWFkeSBjYWxsZWQgb24gdGhpcyB0ZktleSxcbiAgICAvLyByZXR1cm4gdGhlIHNhbWUgTDJcbiAgICAvLyAoYXMgZGlmZmVyZW50IEwycyB3b3VsZCBjb25mbGljdCwgYmVjYXVzZSBvZiB0aGUgbXV0YXRpb24gb2YgdGhlIGtleVBvbGljeSBwcm9wZXJ0eSBvZiB0aGUgTDEgYmVsb3cpXG4gICAgY29uc3QgZXhpc3RpbmcgPSB0ZktleS5ub2RlLnRyeUZpbmRDaGlsZChpZCk7XG4gICAgaWYgKGV4aXN0aW5nKSB7XG4gICAgICByZXR1cm4gPElLZXk+ZXhpc3Rpbmc7XG4gICAgfVxuXG4gICAgbGV0IGtleVBvbGljeTogaWFtLlBvbGljeURvY3VtZW50O1xuICAgIGlmIChUb2tlbi5pc1VucmVzb2x2ZWQodGZLZXkucG9saWN5SW5wdXQpKSB7XG4gICAgICAvLyBmaW5kIGZpcnN0IFBvbGljeURvY3VtZW50IGluIHRoZSBzY29wZSB3aG8ncyBqc29uIHRva2VuIHBvaW50cyB0byB0aGUga2V5IHBvbGljeVxuICAgICAga2V5UG9saWN5ID0gQXdzU3RhY2sub2YodGZLZXkpXG4gICAgICAgIC5ub2RlLmZpbmRBbGwoKVxuICAgICAgICAuZmlsdGVyKFxuICAgICAgICAgIChjKSA9PlxuICAgICAgICAgICAgYyBpbnN0YW5jZW9mIGlhbS5Qb2xpY3lEb2N1bWVudCAmJiBjLmpzb24gPT09IHRmS2V5LnBvbGljeUlucHV0LFxuICAgICAgICApWzBdIGFzIGlhbS5Qb2xpY3lEb2N1bWVudDtcbiAgICAgIGlmICgha2V5UG9saWN5KSB7XG4gICAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgICBcIkNvdWxkIG5vdCByZXNvbHZlIHRoZSBwYXNzZWQgYXdzX2ttc19rZXkgcG9saWN5IGF0dHJpYnV0ZSB0byBhIFBvbGljeURvY3VtZW50IHJlc291cmNlIGpzb24gYXR0cmlidXRlLiBcIiArXG4gICAgICAgICAgICBcIlRoaXMgbWFrZXMgaXQgaW1wb3NzaWJsZSB0byBjcmVhdGUgYSBtdXRhYmxlIElLZXkgZnJvbSB0aGF0IFBvbGljeS4gXCIgK1xuICAgICAgICAgICAgXCJZb3UgaGF2ZSB0byB1c2UgZnJvbUtleUFybiBpbnN0ZWFkLCBwYXNzaW5nIGl0IHRoZSBBUk4gYXR0cmlidXRlIHByb3BlcnR5IG9mIHRoZSBsb3ctbGV2ZWwgQ2ZuS2V5XCIsXG4gICAgICAgICk7XG4gICAgICB9XG4gICAgfSBlbHNlIHtcbiAgICAgIHRyeSB7XG4gICAgICAgIGNvbnN0IHBvbGljeUlucHV0T2JqID0gSlNPTi5wYXJzZSh0ZktleS5wb2xpY3lJbnB1dCA/PyBcIlwiKTtcbiAgICAgICAgLy8gY3JlYXRlIG5ldyBQb2xpY3lEb2N1bWVudCBmcm9tIHRoZSBqc29uIHN0cmluZ1xuICAgICAgICBrZXlQb2xpY3kgPSBpYW0uUG9saWN5RG9jdW1lbnQuZnJvbUpzb24oXG4gICAgICAgICAgdGZLZXksXG4gICAgICAgICAgXCJQb2xpY3lcIixcbiAgICAgICAgICBwb2xpY3lJbnB1dE9iaixcbiAgICAgICAgKTtcbiAgICAgIH0gY2F0Y2gge1xuICAgICAgICAvLyBJZiBQb2xpY3lEb2N1bWVudC5mcm9tSnNvbigpIHRocm93cyBhbiBleGNlcHRpb24uXG4gICAgICAgIC8vIEluIHRoYXQgY2FzZSwgYmVjYXVzZSB3ZSB3b3VsZCBoYXZlIHRvIGVmZmVjdGl2ZWx5IG1ha2UgdGhlIHJldHVybmVkIElLZXkgaW1tdXRhYmxlLFxuICAgICAgICAvLyB0aHJvdyBhbiBleGNlcHRpb24gc3VnZ2VzdGluZyB0byB1c2UgdGhlIG90aGVyIGltcG9ydGluZyBtZXRob2RzIGluc3RlYWQuXG4gICAgICAgIC8vIFdlIG1pZ2h0IG1ha2UgdGhpcyBwYXJzaW5nIGxvZ2ljIHNtYXJ0ZXIgbGF0ZXIsXG4gICAgICAgIC8vIGJ1dCBsZXQncyBzdGFydCBieSBlcnJvcmluZyBvdXQuXG4gICAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgICBcIkNvdWxkIG5vdCBwYXJzZSB0aGUgUG9saWN5RG9jdW1lbnQgb2YgdGhlIHBhc3NlZCBhd3Nfa21zX2tleSByZXNvdXJjZS4gXCIgK1xuICAgICAgICAgICAgXCJUaGlzIG1ha2VzIGl0IGltcG9zc2libGUgdG8gY3JlYXRlIGEgbXV0YWJsZSBJS2V5IGZyb20gdGhhdCBQb2xpY3kuIFwiICtcbiAgICAgICAgICAgIFwiWW91IGhhdmUgdG8gdXNlIGZyb21LZXlBcm4gaW5zdGVhZCwgcGFzc2luZyBpdCB0aGUgQVJOIGF0dHJpYnV0ZSBwcm9wZXJ0eSBvZiB0aGUgbG93LWxldmVsIENmbktleVwiLFxuICAgICAgICApO1xuICAgICAgfVxuICAgIH1cblxuICAgIC8vIHJlLWVuc3VyZSBrZXkgcG9saWN5IHBvaW50cyB0byB0aGUgbmVzdGVkIEwyIFBvbGljeURvY3VtZW50XG4gICAgdGZLZXkucG9saWN5ID0ga2V5UG9saWN5Lmpzb247XG5cbiAgICByZXR1cm4gbmV3IChjbGFzcyBleHRlbmRzIEtleUJhc2Uge1xuICAgICAgcHVibGljIHJlYWRvbmx5IGtleUFybiA9IHRmS2V5LmFybjtcbiAgICAgIHB1YmxpYyByZWFkb25seSBrZXlJZCA9IHRmS2V5LmlkO1xuICAgICAgcHJvdGVjdGVkIHJlYWRvbmx5IHBvbGljeSA9IGtleVBvbGljeTtcbiAgICAgIHByb3RlY3RlZCByZWFkb25seSB0cnVzdEFjY291bnRJZGVudGl0aWVzID0gZmFsc2U7XG4gICAgfSkodGZLZXksIGlkKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBJbXBvcnQgYW4gZXhpc3RpbmcgS2V5IGJ5IHF1ZXJ5aW5nIHRoZSBBV1MgZW52aXJvbm1lbnQgdGhpcyBzdGFjayBpcyBkZXBsb3llZCB0by5cbiAgICpcbiAgICogVGhpcyBmdW5jdGlvbiBvbmx5IG5lZWRzIHRvIGJlIHVzZWQgdG8gdXNlIEtleXMgbm90IGRlZmluZWQgaW4geW91ciBDREtURlxuICAgKiBhcHBsaWNhdGlvbi4gSWYgeW91IGFyZSBsb29raW5nIHRvIHNoYXJlIGEgS2V5IGJldHdlZW4gc3RhY2tzLCB5b3UgY2FuXG4gICAqIHBhc3MgdGhlIGBLZXlgIG9iamVjdCBiZXR3ZWVuIHN0YWNrcyBhbmQgdXNlIGl0IGFzIG5vcm1hbC4gSW4gYWRkaXRpb24sXG4gICAqIGl0J3Mgbm90IG5lY2Vzc2FyeSB0byB1c2UgdGhpcyBtZXRob2QgaWYgYW4gaW50ZXJmYWNlIGFjY2VwdHMgYW4gYElLZXlgLlxuICAgKiBJbiB0aGlzIGNhc2UsIGBBbGlhcy5mcm9tQWxpYXNOYW1lKClgIGNhbiBiZSB1c2VkIHdoaWNoIHJldHVybnMgYW4gYWxpYXNcbiAgICogdGhhdCBleHRlbmRzIGBJS2V5YC5cbiAgICpcbiAgICogQ2FsbGluZyB0aGlzIG1ldGhvZCB3aWxsIGxlYWQgdG8gYSBsb29rdXAgd2hlbiB0aGUgQ0xJIGlzIGV4ZWN1dGVkLlxuICAgKiBZb3UgY2FuIHRoZXJlZm9yZSBub3QgdXNlIGFueSB2YWx1ZXMgdGhhdCB3aWxsIG9ubHkgYmUgYXZhaWxhYmxlIGF0XG4gICAqIFRlcnJhZm9ybSBleGVjdXRpb24gdGltZSAoaS5lLiwgVG9rZW5zKS5cbiAgICovXG4gIHB1YmxpYyBzdGF0aWMgZnJvbUxvb2t1cChcbiAgICBzY29wZTogQ29uc3RydWN0LFxuICAgIGlkOiBzdHJpbmcsXG4gICAgb3B0aW9uczogS2V5TG9va3VwT3B0aW9ucyxcbiAgKTogSUtleSB7XG4gICAgY2xhc3MgSW1wb3J0IGV4dGVuZHMgS2V5QmFzZSB7XG4gICAgICBwdWJsaWMgcmVhZG9ubHkga2V5QXJuOiBzdHJpbmc7XG4gICAgICBwdWJsaWMgcmVhZG9ubHkga2V5SWQ6IHN0cmluZztcbiAgICAgIHB1YmxpYyByZWFkb25seSBkYXRhU291cmNlOiBkYXRhQXdzS21zS2V5LkRhdGFBd3NLbXNLZXk7XG4gICAgICBwcm90ZWN0ZWQgcmVhZG9ubHkgcG9saWN5PzogaWFtLlBvbGljeURvY3VtZW50IHwgdW5kZWZpbmVkID0gdW5kZWZpbmVkO1xuICAgICAgLy8gZGVmYXVsdGluZyB0cnVlOiBpZiB3ZSBhcmUgaW1wb3J0aW5nIHRoZSBrZXkgdGhlIGtleSBwb2xpY3kgaXNcbiAgICAgIC8vIHVuZGVmaW5lZCBhbmQgaW1wb3NzaWJsZSB0byBjaGFuZ2UgaGVyZTsgdGhpcyBtZWFucyB1cGRhdGluZyBpZGVudGl0eVxuICAgICAgLy8gcG9saWNpZXMgaXMgcmVhbGx5IHRoZSBvbmx5IG9wdGlvblxuICAgICAgcHJvdGVjdGVkIHJlYWRvbmx5IHRydXN0QWNjb3VudElkZW50aXRpZXM6IGJvb2xlYW4gPSB0cnVlO1xuXG4gICAgICBjb25zdHJ1Y3RvcihrZXlJZDogc3RyaW5nKSB7XG4gICAgICAgIHN1cGVyKHNjb3BlLCBpZCk7XG4gICAgICAgIHRoaXMuZGF0YVNvdXJjZSA9IG5ldyBkYXRhQXdzS21zS2V5LkRhdGFBd3NLbXNLZXkodGhpcywgXCJSZXNvdXJjZVwiLCB7XG4gICAgICAgICAga2V5SWQsXG4gICAgICAgIH0pO1xuICAgICAgICB0aGlzLmtleUlkID0ga2V5SWQ7XG4gICAgICAgIHRoaXMua2V5QXJuID0gdGhpcy5kYXRhU291cmNlLmFybjtcbiAgICAgIH1cbiAgICB9XG4gICAgaWYgKFRva2VuLmlzVW5yZXNvbHZlZChvcHRpb25zLmFsaWFzTmFtZSkpIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgXCJBbGwgYXJndW1lbnRzIHRvIEtleS5mcm9tTG9va3VwKCkgbXVzdCBiZSBjb25jcmV0ZSAobm8gVG9rZW5zKVwiLFxuICAgICAgKTtcbiAgICB9XG5cbiAgICByZXR1cm4gbmV3IEltcG9ydChvcHRpb25zLmFsaWFzTmFtZSk7XG4gIH1cblxuICBwdWJsaWMgcmVhZG9ubHkga2V5QXJuOiBzdHJpbmc7XG4gIHB1YmxpYyByZWFkb25seSBrZXlJZDogc3RyaW5nO1xuICBwdWJsaWMgcmVhZG9ubHkgcmVzb3VyY2U6IGttc0tleS5LbXNLZXk7XG5cbiAgcHJvdGVjdGVkIHJlYWRvbmx5IHBvbGljeT86IGlhbS5Qb2xpY3lEb2N1bWVudDtcbiAgcHJvdGVjdGVkIHJlYWRvbmx5IHRydXN0QWNjb3VudElkZW50aXRpZXM6IGJvb2xlYW47XG4gIHByaXZhdGUgcmVhZG9ubHkgZW5hYmxlS2V5Um90YXRpb24/OiBib29sZWFuO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBLZXlQcm9wcyA9IHt9KSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCBwcm9wcyk7XG5cbiAgICBjb25zdCBkZW55TGlzdHMgPSB7XG4gICAgICBbS2V5VXNhZ2UuRU5DUllQVF9ERUNSWVBUXTogW1xuICAgICAgICBLZXlTcGVjLkVDQ19OSVNUX1AyNTYsXG4gICAgICAgIEtleVNwZWMuRUNDX05JU1RfUDM4NCxcbiAgICAgICAgS2V5U3BlYy5FQ0NfTklTVF9QNTIxLFxuICAgICAgICBLZXlTcGVjLkVDQ19TRUNHX1AyNTZLMSxcbiAgICAgICAgS2V5U3BlYy5ITUFDXzIyNCxcbiAgICAgICAgS2V5U3BlYy5ITUFDXzI1NixcbiAgICAgICAgS2V5U3BlYy5ITUFDXzM4NCxcbiAgICAgICAgS2V5U3BlYy5ITUFDXzUxMixcbiAgICAgIF0sXG4gICAgICBbS2V5VXNhZ2UuU0lHTl9WRVJJRlldOiBbXG4gICAgICAgIEtleVNwZWMuU1lNTUVUUklDX0RFRkFVTFQsXG4gICAgICAgIEtleVNwZWMuSE1BQ18yMjQsXG4gICAgICAgIEtleVNwZWMuSE1BQ18yNTYsXG4gICAgICAgIEtleVNwZWMuSE1BQ18zODQsXG4gICAgICAgIEtleVNwZWMuSE1BQ181MTIsXG4gICAgICBdLFxuICAgICAgW0tleVVzYWdlLkdFTkVSQVRFX1ZFUklGWV9NQUNdOiBbXG4gICAgICAgIEtleVNwZWMuUlNBXzIwNDgsXG4gICAgICAgIEtleVNwZWMuUlNBXzMwNzIsXG4gICAgICAgIEtleVNwZWMuUlNBXzQwOTYsXG4gICAgICAgIEtleVNwZWMuRUNDX05JU1RfUDI1NixcbiAgICAgICAgS2V5U3BlYy5FQ0NfTklTVF9QMzg0LFxuICAgICAgICBLZXlTcGVjLkVDQ19OSVNUX1A1MjEsXG4gICAgICAgIEtleVNwZWMuRUNDX1NFQ0dfUDI1NksxLFxuICAgICAgICBLZXlTcGVjLlNZTU1FVFJJQ19ERUZBVUxULFxuICAgICAgICBLZXlTcGVjLlNNMixcbiAgICAgIF0sXG4gICAgICBbS2V5VXNhZ2UuS0VZX0FHUkVFTUVOVF06IFtcbiAgICAgICAgS2V5U3BlYy5TWU1NRVRSSUNfREVGQVVMVCxcbiAgICAgICAgS2V5U3BlYy5SU0FfMjA0OCxcbiAgICAgICAgS2V5U3BlYy5SU0FfMzA3MixcbiAgICAgICAgS2V5U3BlYy5SU0FfNDA5NixcbiAgICAgICAgS2V5U3BlYy5FQ0NfU0VDR19QMjU2SzEsXG4gICAgICAgIEtleVNwZWMuSE1BQ18yMjQsXG4gICAgICAgIEtleVNwZWMuSE1BQ18yNTYsXG4gICAgICAgIEtleVNwZWMuSE1BQ18zODQsXG4gICAgICAgIEtleVNwZWMuSE1BQ181MTIsXG4gICAgICBdLFxuICAgIH07XG4gICAgY29uc3Qga2V5U3BlYyA9IHByb3BzLmtleVNwZWMgPz8gS2V5U3BlYy5TWU1NRVRSSUNfREVGQVVMVDtcbiAgICBjb25zdCBrZXlVc2FnZSA9IHByb3BzLmtleVVzYWdlID8/IEtleVVzYWdlLkVOQ1JZUFRfREVDUllQVDtcbiAgICBpZiAoZGVueUxpc3RzW2tleVVzYWdlXS5pbmNsdWRlcyhrZXlTcGVjKSkge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKFxuICAgICAgICBga2V5IHNwZWMgJyR7a2V5U3BlY30nIGlzIG5vdCB2YWxpZCB3aXRoIHVzYWdlICcke2tleVVzYWdlfSdgLFxuICAgICAgKTtcbiAgICB9XG5cbiAgICBpZiAoa2V5U3BlYy5zdGFydHNXaXRoKFwiSE1BQ1wiKSAmJiBwcm9wcy5lbmFibGVLZXlSb3RhdGlvbikge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKFwia2V5IHJvdGF0aW9uIGNhbm5vdCBiZSBlbmFibGVkIG9uIEhNQUMga2V5c1wiKTtcbiAgICB9XG5cbiAgICBpZiAoa2V5U3BlYyAhPT0gS2V5U3BlYy5TWU1NRVRSSUNfREVGQVVMVCAmJiBwcm9wcy5lbmFibGVLZXlSb3RhdGlvbikge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKFwia2V5IHJvdGF0aW9uIGNhbm5vdCBiZSBlbmFibGVkIG9uIGFzeW1tZXRyaWMga2V5c1wiKTtcbiAgICB9XG5cbiAgICB0aGlzLmVuYWJsZUtleVJvdGF0aW9uID0gcHJvcHMuZW5hYmxlS2V5Um90YXRpb247XG5cbiAgICBpZiAocHJvcHMucm90YXRpb25QZXJpb2QpIHtcbiAgICAgIGlmIChwcm9wcy5lbmFibGVLZXlSb3RhdGlvbiA9PT0gZmFsc2UpIHtcbiAgICAgICAgdGhyb3cgbmV3IEVycm9yKFxuICAgICAgICAgIFwiJ3JvdGF0aW9uUGVyaW9kJyBjYW5ub3QgYmUgc3BlY2lmaWVkIHdoZW4gJ2VuYWJsZUtleVJvdGF0aW9uJyBpcyBkaXNhYmxlZFwiLFxuICAgICAgICApO1xuICAgICAgfVxuICAgICAgaWYgKFxuICAgICAgICBwcm9wcy5yb3RhdGlvblBlcmlvZC50b0RheXMoKSA8IDkwIHx8XG4gICAgICAgIHByb3BzLnJvdGF0aW9uUGVyaW9kLnRvRGF5cygpID4gMjU2MFxuICAgICAgKSB7XG4gICAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgICBgJ3JvdGF0aW9uUGVyaW9kJyB2YWx1ZSBtdXN0IGJldHdlZW4gOTAgYW5kIDI2NTAgZGF5cy4gUmVjZWl2ZWQ6ICR7cHJvcHMucm90YXRpb25QZXJpb2QudG9EYXlzKCl9YCxcbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICAgIC8vIElmIHJvdGF0aW9uUGVyaW9kIGlzIHNwZWNpZmllZCwgZW5hYmxlS2V5Um90YXRpb24gaXMgc2V0IHRvIHRydWUgYnkgZGVmYXVsdFxuICAgICAgaWYgKHByb3BzLmVuYWJsZUtleVJvdGF0aW9uID09PSB1bmRlZmluZWQpIHtcbiAgICAgICAgdGhpcy5lbmFibGVLZXlSb3RhdGlvbiA9IHRydWU7XG4gICAgICB9XG4gICAgfVxuXG4gICAgdGhpcy5wb2xpY3kgPSBwcm9wcy5wb2xpY3kgPz8gbmV3IGlhbS5Qb2xpY3lEb2N1bWVudCh0aGlzLCBcIlBvbGljeVwiKTtcbiAgICB0aGlzLnRydXN0QWNjb3VudElkZW50aXRpZXMgPSBwcm9wcy50cnVzdEFjY291bnRJZGVudGl0aWVzID8/IHRydWU7XG4gICAgaWYgKHRoaXMudHJ1c3RBY2NvdW50SWRlbnRpdGllcykge1xuICAgICAgLy8gU2V0IHRoZSBkZWZhdWx0IGtleSBwb2xpY3kgaWYgb25lIGhhc24ndCBiZWVuIHByb3ZpZGVkIGJ5IHRoZSB1c2VyLlxuICAgICAgaWYgKCFwcm9wcy5wb2xpY3kpIHtcbiAgICAgICAgdGhpcy5hZGREZWZhdWx0QWRtaW5Qb2xpY3koKTtcbiAgICAgIH1cbiAgICB9IGVsc2Uge1xuICAgICAgdGhpcy5hZGRMZWdhY3lBZG1pblBvbGljeSgpO1xuICAgIH1cblxuICAgIGxldCBwZW5kaW5nV2luZG93SW5EYXlzO1xuICAgIGlmIChwcm9wcy5wZW5kaW5nV2luZG93KSB7XG4gICAgICBwZW5kaW5nV2luZG93SW5EYXlzID0gcHJvcHMucGVuZGluZ1dpbmRvdy50b0RheXMoKTtcbiAgICAgIGlmIChwZW5kaW5nV2luZG93SW5EYXlzIDwgNyB8fCBwZW5kaW5nV2luZG93SW5EYXlzID4gMzApIHtcbiAgICAgICAgdGhyb3cgbmV3IEVycm9yKFxuICAgICAgICAgIGAncGVuZGluZ1dpbmRvdycgdmFsdWUgbXVzdCBiZXR3ZWVuIDcgYW5kIDMwIGRheXMuIFJlY2VpdmVkOiAke3BlbmRpbmdXaW5kb3dJbkRheXN9YCxcbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICB9XG5cbiAgICB0aGlzLnJlc291cmNlID0gbmV3IGttc0tleS5LbXNLZXkodGhpcywgXCJSZXNvdXJjZVwiLCB7XG4gICAgICBkZXNjcmlwdGlvbjogcHJvcHMuZGVzY3JpcHRpb24sXG4gICAgICBlbmFibGVLZXlSb3RhdGlvbjogdGhpcy5lbmFibGVLZXlSb3RhdGlvbixcbiAgICAgIHJvdGF0aW9uUGVyaW9kSW5EYXlzOiBwcm9wcy5yb3RhdGlvblBlcmlvZD8udG9EYXlzKCksXG4gICAgICBpc0VuYWJsZWQ6IHByb3BzLmVuYWJsZWQsXG4gICAgICBjdXN0b21lck1hc3RlcktleVNwZWM6IHByb3BzLmtleVNwZWMsXG4gICAgICBrZXlVc2FnZTogcHJvcHMua2V5VXNhZ2UsXG4gICAgICBwb2xpY3k6IHRoaXMucG9saWN5Lmpzb24sXG4gICAgICBtdWx0aVJlZ2lvbjogcHJvcHMubXVsdGlSZWdpb24sXG4gICAgICBkZWxldGlvbldpbmRvd0luRGF5czogcGVuZGluZ1dpbmRvd0luRGF5cyxcbiAgICB9KTtcblxuICAgIHRoaXMua2V5QXJuID0gdGhpcy5yZXNvdXJjZS5hcm47XG4gICAgdGhpcy5rZXlJZCA9IHRoaXMucmVzb3VyY2UuaWQ7XG5cbiAgICAocHJvcHMuYWRtaW5zID8/IFtdKS5mb3JFYWNoKChwKSA9PiB0aGlzLmdyYW50QWRtaW4ocCkpO1xuXG4gICAgaWYgKHByb3BzLmFsaWFzICE9PSB1bmRlZmluZWQpIHtcbiAgICAgIHRoaXMuYWRkQWxpYXMocHJvcHMuYWxpYXMpO1xuICAgIH1cbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudCBhZG1pbnMgcGVybWlzc2lvbnMgdXNpbmcgdGhpcyBrZXkgdG8gdGhlIGdpdmVuIHByaW5jaXBhbFxuICAgKlxuICAgKiBLZXkgYWRtaW5pc3RyYXRvcnMgaGF2ZSBwZXJtaXNzaW9ucyB0byBtYW5hZ2UgdGhlIGtleSAoZS5nLiwgY2hhbmdlIHBlcm1pc3Npb25zLCByZXZva2UpLCBidXQgZG8gbm90IGhhdmUgcGVybWlzc2lvbnNcbiAgICogdG8gdXNlIHRoZSBrZXkgaW4gY3J5cHRvZ3JhcGhpYyBvcGVyYXRpb25zIChlLmcuLCBlbmNyeXB0LCBkZWNyeXB0KS5cbiAgICovXG4gIHB1YmxpYyBncmFudEFkbWluKGdyYW50ZWU6IGlhbS5JR3JhbnRhYmxlKTogaWFtLkdyYW50IHtcbiAgICByZXR1cm4gdGhpcy5ncmFudChncmFudGVlLCAuLi5wZXJtcy5BRE1JTl9BQ1RJT05TKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBBZGRzIHRoZSBkZWZhdWx0IGtleSBwb2xpY3kgdG8gdGhlIGtleS4gVGhpcyBwb2xpY3kgZ2l2ZXMgdGhlIEFXUyBhY2NvdW50IChyb290IHVzZXIpIGZ1bGwgYWNjZXNzIHRvIHRoZSBDTUssXG4gICAqIHdoaWNoIHJlZHVjZXMgdGhlIHJpc2sgb2YgdGhlIENNSyBiZWNvbWluZyB1bm1hbmFnZWFibGUgYW5kIGVuYWJsZXMgSUFNIHBvbGljaWVzIHRvIGFsbG93IGFjY2VzcyB0byB0aGUgQ01LLlxuICAgKiBUaGlzIGlzIHRoZSBzYW1lIHBvbGljeSB0aGF0IGlzIGRlZmF1bHQgd2hlbiBjcmVhdGluZyBhIEtleSB2aWEgdGhlIEtNUyBBUEkgb3IgQ29uc29sZS5cbiAgICogQHNlZSBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20va21zL2xhdGVzdC9kZXZlbG9wZXJndWlkZS9rZXktcG9saWNpZXMuaHRtbCNrZXktcG9saWN5LWRlZmF1bHRcbiAgICovXG4gIHByaXZhdGUgYWRkRGVmYXVsdEFkbWluUG9saWN5KCkge1xuICAgIHRoaXMuYWRkVG9SZXNvdXJjZVBvbGljeShcbiAgICAgIG5ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdLFxuICAgICAgICBhY3Rpb25zOiBbXCJrbXM6KlwiXSxcbiAgICAgICAgcHJpbmNpcGFsczogW25ldyBpYW0uQWNjb3VudFJvb3RQcmluY2lwYWwoKV0sXG4gICAgICB9KSxcbiAgICApO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyB0aGUgYWNjb3VudCBhZG1pbiBwcml2aWxlZ2VzIC0tIG5vdCBmdWxsIGFjY291bnQgYWNjZXNzIC0tIHBsdXMgdGhlIEdlbmVyYXRlRGF0YUtleSBhY3Rpb24uXG4gICAqIFRoZSBHZW5lcmF0ZURhdGFLZXkgYWN0aW9uIHdhcyBhZGRlZCBmb3IgaW50ZXJvcCB3aXRoIFMzIGluIGh0dHBzOi8vZ2l0aHViLmNvbS9hd3MvYXdzLWNkay9pc3N1ZXMvMzQ1OC5cbiAgICpcbiAgICogVGhpcyBwb2xpY3kgaXMgZGlzY291cmFnZWQuXG4gICAqXG4gICAqIEBsaW5rIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9rbXMvbGF0ZXN0L2RldmVsb3Blcmd1aWRlL2tleS1wb2xpY2llcy5odG1sI2tleS1wb2xpY3ktZGVmYXVsdFxuICAgKiBAZGVwcmVjYXRlZFxuICAgKi9cbiAgcHJpdmF0ZSBhZGRMZWdhY3lBZG1pblBvbGljeSgpIHtcbiAgICAvLyBUaGlzIGlzIGVxdWl2YWxlbnQgdG8gYFsuLi5wZXJtcy5BRE1JTl9BQ1RJT05TLCAna21zOkdlbmVyYXRlRGF0YUtleSddYCxcbiAgICAvLyBidXQga2VlcGluZyB0aGlzIGV4cGxpY2l0IG9yZGVyaW5nIGZvciBiYWNrd2FyZHMtY29tcGF0aWJpbGl0eSAoY2hhbmdpbmcgdGhlIG9yZGVyaW5nIGNhdXNlcyByZXNvdXJjZSB1cGRhdGVzKVxuICAgIGNvbnN0IGFjdGlvbnMgPSBbXG4gICAgICBcImttczpDcmVhdGUqXCIsXG4gICAgICBcImttczpEZXNjcmliZSpcIixcbiAgICAgIFwia21zOkVuYWJsZSpcIixcbiAgICAgIFwia21zOkxpc3QqXCIsXG4gICAgICBcImttczpQdXQqXCIsXG4gICAgICBcImttczpVcGRhdGUqXCIsXG4gICAgICBcImttczpSZXZva2UqXCIsXG4gICAgICBcImttczpEaXNhYmxlKlwiLFxuICAgICAgXCJrbXM6R2V0KlwiLFxuICAgICAgXCJrbXM6RGVsZXRlKlwiLFxuICAgICAgXCJrbXM6U2NoZWR1bGVLZXlEZWxldGlvblwiLFxuICAgICAgXCJrbXM6Q2FuY2VsS2V5RGVsZXRpb25cIixcbiAgICAgIFwia21zOkdlbmVyYXRlRGF0YUtleVwiLFxuICAgICAgXCJrbXM6VGFnUmVzb3VyY2VcIixcbiAgICAgIFwia21zOlVudGFnUmVzb3VyY2VcIixcbiAgICBdO1xuXG4gICAgdGhpcy5hZGRUb1Jlc291cmNlUG9saWN5KFxuICAgICAgbmV3IGlhbS5Qb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICByZXNvdXJjZXM6IFtcIipcIl0sXG4gICAgICAgIGFjdGlvbnMsXG4gICAgICAgIHByaW5jaXBhbHM6IFtuZXcgaWFtLkFjY291bnRSb290UHJpbmNpcGFsKCldLFxuICAgICAgfSksXG4gICAgKTtcbiAgfVxufVxuIl19