cdk-ec2-key-pair
Version:
CDK Construct for managing EC2 key pairs
243 lines • 40.3 kB
JavaScript
;
var _a;
Object.defineProperty(exports, "__esModule", { value: true });
exports.KeyPair = exports.PublicKeyFormat = exports.LogLevel = exports.KeyType = void 0;
const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
const aws_cdk_lib_1 = require("aws-cdk-lib");
const aws_ec2_1 = require("aws-cdk-lib/aws-ec2");
const path = require("path");
const types_1 = require("./types");
var types_2 = require("./types");
Object.defineProperty(exports, "KeyType", { enumerable: true, get: function () { return types_2.KeyType; } });
Object.defineProperty(exports, "LogLevel", { enumerable: true, get: function () { return types_2.LogLevel; } });
Object.defineProperty(exports, "PublicKeyFormat", { enumerable: true, get: function () { return types_2.PublicKeyFormat; } });
const resourceType = 'Custom::EC2-Key-Pair';
const ID = `CFN::Resource::${resourceType}`;
const createdByTag = 'CreatedByCfnCustomResource';
const cleanID = ID.replace(/:+/g, '-');
const lambdaTimeout = 3; // minutes
/**
* An EC2 Key Pair
*/
class KeyPair extends aws_cdk_lib_1.Resource {
get keyPairRef() {
return {
keyName: this.keyPairName,
};
}
/**
* Defines a new EC2 Key Pair. The private key will be stored in AWS Secrets Manager
*/
constructor(scope, id, props) {
super(scope, id);
/**
* The public key.
*
* Only filled, when `exposePublicKey = true`
*/
this.publicKeyValue = '';
/**
* Name of the Key Pair
*/
this.keyPairName = '';
/**
* ID of the Key Pair
*/
this.keyPairID = '';
/**
* Fingerprint of the Key Pair
*/
this.keyPairFingerprint = '';
this.prefix = '';
if (props.removeKeySecretsAfterDays &&
(props.removeKeySecretsAfterDays < 0 ||
(props.removeKeySecretsAfterDays > 0 &&
props.removeKeySecretsAfterDays < 7) ||
props.removeKeySecretsAfterDays > 30)) {
aws_cdk_lib_1.Annotations.of(this).addError(`Parameter removeKeySecretsAfterDays must be 0 or between 7 and 30. Got ${props.removeKeySecretsAfterDays}`);
}
if (props.publicKey?.length &&
props.publicKeyFormat !== undefined &&
props.publicKeyFormat !== types_1.PublicKeyFormat.OPENSSH) {
aws_cdk_lib_1.Annotations.of(this).addError('When importing a key, the format has to be of type OpenSSH');
}
if (props.keyType == types_1.KeyType.ED25519 &&
props.publicKeyFormat == types_1.PublicKeyFormat.PKCS1) {
aws_cdk_lib_1.Annotations.of(this).addError('The public key format PKCS1 is not supported for key type ED25519');
}
const stack = aws_cdk_lib_1.Stack.of(this).stackName;
if (props.legacyLambdaName) {
this.prefix = props.resourcePrefix ?? stack;
if (this.prefix.length + cleanID.length > 62) {
// Cloudformation limits names to 63 characters.
aws_cdk_lib_1.Annotations.of(this).addError(`Cloudformation limits names to 63 characters.
Prefix ${this.prefix} is too long to be used as a prefix for your roleName. Define parameter resourcePrefix?:`);
}
}
this.lambdaFunction = this.ensureLambda(props.legacyLambdaName ?? false);
this.tags = new aws_cdk_lib_1.TagManager(aws_cdk_lib_1.TagType.MAP, 'Custom::EC2-Key-Pair');
this.tags.setTag(createdByTag, ID);
this.keyType = props.keyType ?? types_1.KeyType.RSA;
this.publicKeyFormat = props.publicKeyFormat ?? types_1.PublicKeyFormat.SSH;
const kmsPrivate = props.kmsPrivateKey ?? props.kms;
const kmsPublic = props.kmsPublicKey ?? props.kms;
const lambdaProperties = {
/* eslint-disable @typescript-eslint/naming-convention */
Name: props.keyPairName,
Description: props.description ?? '',
KmsPrivate: kmsPrivate?.keyArn ?? 'alias/aws/secretsmanager',
KmsPublic: kmsPublic?.keyArn ?? 'alias/aws/secretsmanager',
PublicKey: props.publicKey ?? '',
StorePublicKey: props.storePublicKey ? 'true' : 'false',
ExposePublicKey: props.exposePublicKey ? 'true' : 'false',
KeyType: this.keyType,
PublicKeyFormat: props.publicKeyFormat ?? types_1.PublicKeyFormat.SSH,
RemoveKeySecretsAfterDays: props.removeKeySecretsAfterDays ?? 0,
SecretPrefix: props.secretPrefix ?? 'ec2-ssh-key/',
StackName: stack,
Tags: aws_cdk_lib_1.Lazy.any({
produce: () => this.tags.renderTags(),
}),
LogLevel: props.logLevel,
/* eslint-enable @typescript-eslint/naming-convention */
};
const key = new aws_cdk_lib_1.CustomResource(this, `EC2-Key-Pair-${props.keyPairName}`, {
serviceToken: this.lambdaFunction.functionArn,
resourceType: resourceType,
properties: lambdaProperties,
});
this.privateKeySecret = aws_cdk_lib_1.aws_secretsmanager.Secret.fromSecretCompleteArn(this, 'PrivateKeySecret', key.getAttString('PrivateKeyARN'));
if (props.storePublicKey) {
this.publicKeySecret = aws_cdk_lib_1.aws_secretsmanager.Secret.fromSecretCompleteArn(this, 'PublicKeySecret', key.getAttString('PublicKeyARN'));
}
if (typeof props.kms !== 'undefined') {
props.kms.grantEncryptDecrypt(this.lambdaFunction.role);
key.node.addDependency(props.kms);
key.node.addDependency(this.lambdaFunction.role);
}
if (typeof props.kmsPrivateKey !== 'undefined') {
props.kmsPrivateKey.grantEncryptDecrypt(this.lambdaFunction.role);
key.node.addDependency(props.kmsPrivateKey);
key.node.addDependency(this.lambdaFunction.role);
}
if (typeof props.kmsPublicKey !== 'undefined') {
props.kmsPublicKey.grantEncryptDecrypt(this.lambdaFunction.role);
key.node.addDependency(props.kmsPublicKey);
key.node.addDependency(this.lambdaFunction.role);
}
this.publicKeyValue = key.getAttString('PublicKeyValue');
this.keyPairName = key.getAttString('KeyPairName');
this.keyPairID = key.getAttString('KeyPairID');
this.keyPairFingerprint = key.getAttString('KeyPairFingerprint');
}
ensureLambda(legacyLambdaName) {
const stack = aws_cdk_lib_1.Stack.of(this);
const constructName = legacyLambdaName
? 'EC2-Key-Name-Manager-Lambda' // this name was not intentional but we keep it for legacy resources
: 'EC2-Key-Pair-Manager-Lambda';
const existing = stack.node.tryFindChild(constructName);
if (existing) {
return existing;
}
const resources = [`arn:${stack.partition}:ec2:*:*:key-pair/*`];
const statements = [
new aws_cdk_lib_1.aws_iam.PolicyStatement({
actions: ['ec2:DescribeKeyPairs'],
resources: ['*'],
}),
new aws_cdk_lib_1.aws_iam.PolicyStatement({
actions: ['ec2:CreateKeyPair', 'ec2:CreateTags', 'ec2:ImportKeyPair'],
conditions: {
/* eslint-disable @typescript-eslint/naming-convention */
StringLike: {
'aws:RequestTag/CreatedByCfnCustomResource': ID,
},
/* eslint-enable @typescript-eslint/naming-convention */
},
resources,
}),
new aws_cdk_lib_1.aws_iam.PolicyStatement({
// allow delete/update, only if createdByTag is set
actions: ['ec2:CreateTags', 'ec2:DeleteKeyPair', 'ec2:DeleteTags'],
conditions: {
/* eslint-disable @typescript-eslint/naming-convention */
StringLike: {
'ec2:ResourceTag/CreatedByCfnCustomResource': ID,
},
/* eslint-enable @typescript-eslint/naming-convention */
},
resources,
}),
new aws_cdk_lib_1.aws_iam.PolicyStatement({
// we need this to check if a secret exists before attempting to delete it
actions: ['secretsmanager:ListSecrets'],
resources: ['*'],
}),
new aws_cdk_lib_1.aws_iam.PolicyStatement({
actions: ['secretsmanager:CreateSecret', 'secretsmanager:TagResource'],
conditions: {
/* eslint-disable @typescript-eslint/naming-convention */
StringLike: {
'aws:RequestTag/CreatedByCfnCustomResource': ID,
},
/* eslint-enable @typescript-eslint/naming-convention */
},
resources: ['*'],
}),
new aws_cdk_lib_1.aws_iam.PolicyStatement({
// allow delete/update, only if createdByTag is set
actions: [
'secretsmanager:DeleteResourcePolicy',
'secretsmanager:DeleteSecret',
'secretsmanager:DescribeSecret',
'secretsmanager:GetResourcePolicy',
'secretsmanager:GetSecretValue',
'secretsmanager:ListSecretVersionIds',
'secretsmanager:PutResourcePolicy',
'secretsmanager:PutSecretValue',
'secretsmanager:RestoreSecret',
'secretsmanager:UntagResource',
'secretsmanager:UpdateSecret',
'secretsmanager:UpdateSecretVersionStage',
],
conditions: {
/* eslint-disable @typescript-eslint/naming-convention */
StringLike: {
'secretsmanager:ResourceTag/CreatedByCfnCustomResource': ID,
},
/* eslint-enable @typescript-eslint/naming-convention */
},
resources: ['*'],
}),
];
const fn = new aws_cdk_lib_1.aws_lambda.Function(stack, constructName, {
functionName: legacyLambdaName ? `${this.prefix}-${cleanID}` : undefined,
description: 'Custom CFN resource: Manage EC2 Key Pairs',
runtime: aws_cdk_lib_1.aws_lambda.Runtime.NODEJS_22_X,
handler: 'index.handler',
code: aws_cdk_lib_1.aws_lambda.Code.fromAsset(path.join(__dirname, '../lambda/code.zip')),
timeout: aws_cdk_lib_1.Duration.minutes(lambdaTimeout),
});
statements.forEach((statement) => {
fn.role?.addToPrincipalPolicy(statement);
});
return fn;
}
/**
* Used internally to determine whether the key pair is compatible with an OS type.
*
* @internal
*/
_isOsCompatible(osType) {
switch (this.keyType) {
case types_1.KeyType.ED25519:
return osType !== aws_ec2_1.OperatingSystemType.WINDOWS;
default:
return true;
}
}
}
exports.KeyPair = KeyPair;
_a = JSII_RTTI_SYMBOL_1;
KeyPair[_a] = { fqn: "cdk-ec2-key-pair.KeyPair", version: "5.0.0" };
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLDZDQWVxQjtBQUNyQixpREFJNkI7QUFFN0IsNkJBQTZCO0FBQzdCLG1DQUtpQjtBQUNqQixpQ0FBNkQ7QUFBcEQsZ0dBQUEsT0FBTyxPQUFBO0FBQUUsaUdBQUEsUUFBUSxPQUFBO0FBQUUsd0dBQUEsZUFBZSxPQUFBO0FBRTNDLE1BQU0sWUFBWSxHQUFHLHNCQUFzQixDQUFDO0FBQzVDLE1BQU0sRUFBRSxHQUFHLGtCQUFrQixZQUFZLEVBQUUsQ0FBQztBQUM1QyxNQUFNLFlBQVksR0FBRyw0QkFBNEIsQ0FBQztBQUNsRCxNQUFNLE9BQU8sR0FBRyxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxHQUFHLENBQUMsQ0FBQztBQUN2QyxNQUFNLGFBQWEsR0FBRyxDQUFDLENBQUMsQ0FBQyxVQUFVO0FBcUluQzs7R0FFRztBQUNILE1BQWEsT0FBUSxTQUFRLHNCQUFRO0lBd0RuQyxJQUFXLFVBQVU7UUFDbkIsT0FBTztZQUNMLE9BQU8sRUFBRSxJQUFJLENBQUMsV0FBVztTQUMxQixDQUFDO0lBQ0osQ0FBQztJQUVEOztPQUVHO0lBQ0gsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFtQjtRQUMzRCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBNURuQjs7OztXQUlHO1FBQ2EsbUJBQWMsR0FBVyxFQUFFLENBQUM7UUFFNUM7O1dBRUc7UUFDYSxnQkFBVyxHQUFXLEVBQUUsQ0FBQztRQUV6Qzs7V0FFRztRQUNhLGNBQVMsR0FBVyxFQUFFLENBQUM7UUFFdkM7O1dBRUc7UUFDYSx1QkFBa0IsR0FBVyxFQUFFLENBQUM7UUE0QmhDLFdBQU0sR0FBVyxFQUFFLENBQUM7UUFjbEMsSUFDRSxLQUFLLENBQUMseUJBQXlCO1lBQy9CLENBQUMsS0FBSyxDQUFDLHlCQUF5QixHQUFHLENBQUM7Z0JBQ2xDLENBQUMsS0FBSyxDQUFDLHlCQUF5QixHQUFHLENBQUM7b0JBQ2xDLEtBQUssQ0FBQyx5QkFBeUIsR0FBRyxDQUFDLENBQUM7Z0JBQ3RDLEtBQUssQ0FBQyx5QkFBeUIsR0FBRyxFQUFFLENBQUMsRUFDdkMsQ0FBQztZQUNELHlCQUFXLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FDM0IsMEVBQTBFLEtBQUssQ0FBQyx5QkFBeUIsRUFBRSxDQUM1RyxDQUFDO1FBQ0osQ0FBQztRQUVELElBQ0UsS0FBSyxDQUFDLFNBQVMsRUFBRSxNQUFNO1lBQ3ZCLEtBQUssQ0FBQyxlQUFlLEtBQUssU0FBUztZQUNuQyxLQUFLLENBQUMsZUFBZSxLQUFLLHVCQUFlLENBQUMsT0FBTyxFQUNqRCxDQUFDO1lBQ0QseUJBQVcsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsUUFBUSxDQUMzQiw0REFBNEQsQ0FDN0QsQ0FBQztRQUNKLENBQUM7UUFFRCxJQUNFLEtBQUssQ0FBQyxPQUFPLElBQUksZUFBTyxDQUFDLE9BQU87WUFDaEMsS0FBSyxDQUFDLGVBQWUsSUFBSSx1QkFBZSxDQUFDLEtBQUssRUFDOUMsQ0FBQztZQUNELHlCQUFXLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FDM0IsbUVBQW1FLENBQ3BFLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxLQUFLLEdBQUcsbUJBQUssQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsU0FBUyxDQUFDO1FBRXZDLElBQUksS0FBSyxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDM0IsSUFBSSxDQUFDLE1BQU0sR0FBRyxLQUFLLENBQUMsY0FBYyxJQUFJLEtBQUssQ0FBQztZQUM1QyxJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxHQUFHLE9BQU8sQ0FBQyxNQUFNLEdBQUcsRUFBRSxFQUFFLENBQUM7Z0JBQzdDLGdEQUFnRDtnQkFDaEQseUJBQVcsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsUUFBUSxDQUMzQjtvQkFDVSxJQUFJLENBQUMsTUFBTSwwRkFBMEYsQ0FDaEgsQ0FBQztZQUNKLENBQUM7UUFDSCxDQUFDO1FBQ0QsSUFBSSxDQUFDLGNBQWMsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsSUFBSSxLQUFLLENBQUMsQ0FBQztRQUV6RSxJQUFJLENBQUMsSUFBSSxHQUFHLElBQUksd0JBQVUsQ0FBQyxxQkFBTyxDQUFDLEdBQUcsRUFBRSxzQkFBc0IsQ0FBQyxDQUFDO1FBQ2hFLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLFlBQVksRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVuQyxJQUFJLENBQUMsT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLElBQUksZUFBTyxDQUFDLEdBQUcsQ0FBQztRQUM1QyxJQUFJLENBQUMsZUFBZSxHQUFHLEtBQUssQ0FBQyxlQUFlLElBQUksdUJBQWUsQ0FBQyxHQUFHLENBQUM7UUFFcEUsTUFBTSxVQUFVLEdBQUcsS0FBSyxDQUFDLGFBQWEsSUFBSSxLQUFLLENBQUMsR0FBRyxDQUFDO1FBQ3BELE1BQU0sU0FBUyxHQUFHLEtBQUssQ0FBQyxZQUFZLElBQUksS0FBSyxDQUFDLEdBQUcsQ0FBQztRQUVsRCxNQUFNLGdCQUFnQixHQUF1QjtZQUMzQyx5REFBeUQ7WUFDekQsSUFBSSxFQUFFLEtBQUssQ0FBQyxXQUFXO1lBQ3ZCLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVyxJQUFJLEVBQUU7WUFDcEMsVUFBVSxFQUFFLFVBQVUsRUFBRSxNQUFNLElBQUksMEJBQTBCO1lBQzVELFNBQVMsRUFBRSxTQUFTLEVBQUUsTUFBTSxJQUFJLDBCQUEwQjtZQUMxRCxTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVMsSUFBSSxFQUFFO1lBQ2hDLGNBQWMsRUFBRSxLQUFLLENBQUMsY0FBYyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLE9BQU87WUFDdkQsZUFBZSxFQUFFLEtBQUssQ0FBQyxlQUFlLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsT0FBTztZQUN6RCxPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDckIsZUFBZSxFQUFFLEtBQUssQ0FBQyxlQUFlLElBQUksdUJBQWUsQ0FBQyxHQUFHO1lBQzdELHlCQUF5QixFQUFFLEtBQUssQ0FBQyx5QkFBeUIsSUFBSSxDQUFDO1lBQy9ELFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWSxJQUFJLGNBQWM7WUFDbEQsU0FBUyxFQUFFLEtBQUs7WUFDaEIsSUFBSSxFQUFFLGtCQUFJLENBQUMsR0FBRyxDQUFDO2dCQUNiLE9BQU8sRUFBRSxHQUFHLEVBQUUsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBNEI7YUFDaEUsQ0FBc0M7WUFDdkMsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1lBQ3hCLHdEQUF3RDtTQUN6RCxDQUFDO1FBRUYsTUFBTSxHQUFHLEdBQUcsSUFBSSw0QkFBYyxDQUFDLElBQUksRUFBRSxnQkFBZ0IsS0FBSyxDQUFDLFdBQVcsRUFBRSxFQUFFO1lBQ3hFLFlBQVksRUFBRSxJQUFJLENBQUMsY0FBYyxDQUFDLFdBQVc7WUFDN0MsWUFBWSxFQUFFLFlBQVk7WUFDMUIsVUFBVSxFQUFFLGdCQUFnQjtTQUM3QixDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsZ0JBQWdCLEdBQUcsZ0NBQWtCLENBQUMsTUFBTSxDQUFDLHFCQUFxQixDQUNyRSxJQUFJLEVBQ0osa0JBQWtCLEVBQ2xCLEdBQUcsQ0FBQyxZQUFZLENBQUMsZUFBZSxDQUFDLENBQ2xDLENBQUM7UUFFRixJQUFJLEtBQUssQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUN6QixJQUFJLENBQUMsZUFBZSxHQUFHLGdDQUFrQixDQUFDLE1BQU0sQ0FBQyxxQkFBcUIsQ0FDcEUsSUFBSSxFQUNKLGlCQUFpQixFQUNqQixHQUFHLENBQUMsWUFBWSxDQUFDLGNBQWMsQ0FBQyxDQUNqQyxDQUFDO1FBQ0osQ0FBQztRQUVELElBQUksT0FBTyxLQUFLLENBQUMsR0FBRyxLQUFLLFdBQVcsRUFBRSxDQUFDO1lBQ3JDLEtBQUssQ0FBQyxHQUFHLENBQUMsbUJBQW1CLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxJQUFLLENBQUMsQ0FBQztZQUN6RCxHQUFHLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDbEMsR0FBRyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxJQUFLLENBQUMsQ0FBQztRQUNwRCxDQUFDO1FBRUQsSUFBSSxPQUFPLEtBQUssQ0FBQyxhQUFhLEtBQUssV0FBVyxFQUFFLENBQUM7WUFDL0MsS0FBSyxDQUFDLGFBQWEsQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLENBQUMsY0FBYyxDQUFDLElBQUssQ0FBQyxDQUFDO1lBQ25FLEdBQUcsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FBQyxhQUFhLENBQUMsQ0FBQztZQUM1QyxHQUFHLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsY0FBYyxDQUFDLElBQUssQ0FBQyxDQUFDO1FBQ3BELENBQUM7UUFFRCxJQUFJLE9BQU8sS0FBSyxDQUFDLFlBQVksS0FBSyxXQUFXLEVBQUUsQ0FBQztZQUM5QyxLQUFLLENBQUMsWUFBWSxDQUFDLG1CQUFtQixDQUFDLElBQUksQ0FBQyxjQUFjLENBQUMsSUFBSyxDQUFDLENBQUM7WUFDbEUsR0FBRyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQzNDLEdBQUcsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxjQUFjLENBQUMsSUFBSyxDQUFDLENBQUM7UUFDcEQsQ0FBQztRQUVELElBQUksQ0FBQyxjQUFjLEdBQUcsR0FBRyxDQUFDLFlBQVksQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1FBQ3pELElBQUksQ0FBQyxXQUFXLEdBQUcsR0FBRyxDQUFDLFlBQVksQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUNuRCxJQUFJLENBQUMsU0FBUyxHQUFHLEdBQUcsQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDL0MsSUFBSSxDQUFDLGtCQUFrQixHQUFHLEdBQUcsQ0FBQyxZQUFZLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUNuRSxDQUFDO0lBRU8sWUFBWSxDQUFDLGdCQUF5QjtRQUM1QyxNQUFNLEtBQUssR0FBRyxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUM3QixNQUFNLGFBQWEsR0FBRyxnQkFBZ0I7WUFDcEMsQ0FBQyxDQUFDLDZCQUE2QixDQUFDLG9FQUFvRTtZQUNwRyxDQUFDLENBQUMsNkJBQTZCLENBQUM7UUFDbEMsTUFBTSxRQUFRLEdBQUcsS0FBSyxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsYUFBYSxDQUFDLENBQUM7UUFDeEQsSUFBSSxRQUFRLEVBQUUsQ0FBQztZQUNiLE9BQU8sUUFBK0IsQ0FBQztRQUN6QyxDQUFDO1FBRUQsTUFBTSxTQUFTLEdBQUcsQ0FBQyxPQUFPLEtBQUssQ0FBQyxTQUFTLHFCQUFxQixDQUFDLENBQUM7UUFFaEUsTUFBTSxVQUFVLEdBQUc7WUFDakIsSUFBSSxxQkFBTyxDQUFDLGVBQWUsQ0FBQztnQkFDMUIsT0FBTyxFQUFFLENBQUMsc0JBQXNCLENBQUM7Z0JBQ2pDLFNBQVMsRUFBRSxDQUFDLEdBQUcsQ0FBQzthQUNqQixDQUFDO1lBQ0YsSUFBSSxxQkFBTyxDQUFDLGVBQWUsQ0FBQztnQkFDMUIsT0FBTyxFQUFFLENBQUMsbUJBQW1CLEVBQUUsZ0JBQWdCLEVBQUUsbUJBQW1CLENBQUM7Z0JBQ3JFLFVBQVUsRUFBRTtvQkFDVix5REFBeUQ7b0JBQ3pELFVBQVUsRUFBRTt3QkFDViwyQ0FBMkMsRUFBRSxFQUFFO3FCQUNoRDtvQkFDRCx3REFBd0Q7aUJBQ3pEO2dCQUNELFNBQVM7YUFDVixDQUFDO1lBQ0YsSUFBSSxxQkFBTyxDQUFDLGVBQWUsQ0FBQztnQkFDMUIsbURBQW1EO2dCQUNuRCxPQUFPLEVBQUUsQ0FBQyxnQkFBZ0IsRUFBRSxtQkFBbUIsRUFBRSxnQkFBZ0IsQ0FBQztnQkFDbEUsVUFBVSxFQUFFO29CQUNWLHlEQUF5RDtvQkFDekQsVUFBVSxFQUFFO3dCQUNWLDRDQUE0QyxFQUFFLEVBQUU7cUJBQ2pEO29CQUNELHdEQUF3RDtpQkFDekQ7Z0JBQ0QsU0FBUzthQUNWLENBQUM7WUFFRixJQUFJLHFCQUFPLENBQUMsZUFBZSxDQUFDO2dCQUMxQiwwRUFBMEU7Z0JBQzFFLE9BQU8sRUFBRSxDQUFDLDRCQUE0QixDQUFDO2dCQUN2QyxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7YUFDakIsQ0FBQztZQUNGLElBQUkscUJBQU8sQ0FBQyxlQUFlLENBQUM7Z0JBQzFCLE9BQU8sRUFBRSxDQUFDLDZCQUE2QixFQUFFLDRCQUE0QixDQUFDO2dCQUN0RSxVQUFVLEVBQUU7b0JBQ1YseURBQXlEO29CQUN6RCxVQUFVLEVBQUU7d0JBQ1YsMkNBQTJDLEVBQUUsRUFBRTtxQkFDaEQ7b0JBQ0Qsd0RBQXdEO2lCQUN6RDtnQkFDRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7YUFDakIsQ0FBQztZQUNGLElBQUkscUJBQU8sQ0FBQyxlQUFlLENBQUM7Z0JBQzFCLG1EQUFtRDtnQkFDbkQsT0FBTyxFQUFFO29CQUNQLHFDQUFxQztvQkFDckMsNkJBQTZCO29CQUM3QiwrQkFBK0I7b0JBQy9CLGtDQUFrQztvQkFDbEMsK0JBQStCO29CQUMvQixxQ0FBcUM7b0JBQ3JDLGtDQUFrQztvQkFDbEMsK0JBQStCO29CQUMvQiw4QkFBOEI7b0JBQzlCLDhCQUE4QjtvQkFDOUIsNkJBQTZCO29CQUM3Qix5Q0FBeUM7aUJBQzFDO2dCQUNELFVBQVUsRUFBRTtvQkFDVix5REFBeUQ7b0JBQ3pELFVBQVUsRUFBRTt3QkFDVix1REFBdUQsRUFBRSxFQUFFO3FCQUM1RDtvQkFDRCx3REFBd0Q7aUJBQ3pEO2dCQUNELFNBQVMsRUFBRSxDQUFDLEdBQUcsQ0FBQzthQUNqQixDQUFDO1NBQ0gsQ0FBQztRQUVGLE1BQU0sRUFBRSxHQUFHLElBQUksd0JBQVUsQ0FBQyxRQUFRLENBQUMsS0FBSyxFQUFFLGFBQWEsRUFBRTtZQUN2RCxZQUFZLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLEdBQUcsSUFBSSxDQUFDLE1BQU0sSUFBSSxPQUFPLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUztZQUN4RSxXQUFXLEVBQUUsMkNBQTJDO1lBQ3hELE9BQU8sRUFBRSx3QkFBVSxDQUFDLE9BQU8sQ0FBQyxXQUFXO1lBQ3ZDLE9BQU8sRUFBRSxlQUFlO1lBQ3hCLElBQUksRUFBRSx3QkFBVSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQzdCLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFFLG9CQUFvQixDQUFDLENBQzNDO1lBQ0QsT0FBTyxFQUFFLHNCQUFRLENBQUMsT0FBTyxDQUFDLGFBQWEsQ0FBQztTQUN6QyxDQUFDLENBQUM7UUFDSCxVQUFVLENBQUMsT0FBTyxDQUFDLENBQUMsU0FBUyxFQUFFLEVBQUU7WUFDL0IsRUFBRSxDQUFDLElBQUksRUFBRSxvQkFBb0IsQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUMzQyxDQUFDLENBQUMsQ0FBQztRQUVILE9BQU8sRUFBRSxDQUFDO0lBQ1osQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxlQUFlLENBQUMsTUFBMkI7UUFDaEQsUUFBUSxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDckIsS0FBSyxlQUFPLENBQUMsT0FBTztnQkFDbEIsT0FBTyxNQUFNLEtBQUssNkJBQW1CLENBQUMsT0FBTyxDQUFDO1lBQ2hEO2dCQUNFLE9BQU8sSUFBSSxDQUFDO1FBQ2hCLENBQUM7SUFDSCxDQUFDOztBQTVTSCwwQkE2U0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQge1xuICBBbm5vdGF0aW9ucyxcbiAgQ3VzdG9tUmVzb3VyY2UsXG4gIER1cmF0aW9uLFxuICBJVGFnZ2FibGUsXG4gIExhenksXG4gIFJlc291cmNlLFxuICBSZXNvdXJjZVByb3BzLFxuICBTdGFjayxcbiAgVGFnTWFuYWdlcixcbiAgVGFnVHlwZSxcbiAgYXdzX2lhbSxcbiAgYXdzX2ttcyxcbiAgYXdzX2xhbWJkYSxcbiAgYXdzX3NlY3JldHNtYW5hZ2VyLFxufSBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQge1xuICBJS2V5UGFpcixcbiAgS2V5UGFpclJlZmVyZW5jZSxcbiAgT3BlcmF0aW5nU3lzdGVtVHlwZSxcbn0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWVjMic7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcbmltcG9ydCAqIGFzIHBhdGggZnJvbSAncGF0aCc7XG5pbXBvcnQge1xuICBLZXlUeXBlLFxuICBMb2dMZXZlbCxcbiAgUHVibGljS2V5Rm9ybWF0LFxuICBSZXNvdXJjZVByb3BlcnRpZXMsXG59IGZyb20gJy4vdHlwZXMnO1xuZXhwb3J0IHsgS2V5VHlwZSwgTG9nTGV2ZWwsIFB1YmxpY0tleUZvcm1hdCB9IGZyb20gJy4vdHlwZXMnO1xuXG5jb25zdCByZXNvdXJjZVR5cGUgPSAnQ3VzdG9tOjpFQzItS2V5LVBhaXInO1xuY29uc3QgSUQgPSBgQ0ZOOjpSZXNvdXJjZTo6JHtyZXNvdXJjZVR5cGV9YDtcbmNvbnN0IGNyZWF0ZWRCeVRhZyA9ICdDcmVhdGVkQnlDZm5DdXN0b21SZXNvdXJjZSc7XG5jb25zdCBjbGVhbklEID0gSUQucmVwbGFjZSgvOisvZywgJy0nKTtcbmNvbnN0IGxhbWJkYVRpbWVvdXQgPSAzOyAvLyBtaW51dGVzXG5cbi8qKlxuICogRGVmaW5pdGlvbiBvZiBFQzIgS2V5IFBhaXJcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBLZXlQYWlyUHJvcHMgZXh0ZW5kcyBSZXNvdXJjZVByb3BzIHtcbiAgLyoqXG4gICAqIE5hbWUgb2YgdGhlIEtleSBQYWlyXG4gICAqXG4gICAqIEluIEFXUyBTZWNyZXRzIE1hbmFnZXIgdGhlIGtleSB3aWxsIGJlIHByZWZpeGVkIHdpdGggYGVjMi1zc2gta2V5L2AuXG4gICAqXG4gICAqIFRoZSBuYW1lIGNhbiBiZSB1cCB0byAyNTUgY2hhcmFjdGVycyBsb25nLiBWYWxpZCBjaGFyYWN0ZXJzIGluY2x1ZGUgXywgLSwgYS16LCBBLVosIGFuZCAwLTkuXG4gICAqL1xuICByZWFkb25seSBrZXlQYWlyTmFtZTogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBUaGUgZGVzY3JpcHRpb24gZm9yIHRoZSBrZXkgaW4gQVdTIFNlY3JldHMgTWFuYWdlclxuICAgKiBAZGVmYXVsdCAtICcnXG4gICAqL1xuICByZWFkb25seSBkZXNjcmlwdGlvbj86IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIEtNUyBrZXkgdXNlZCB0byBlbmNyeXB0IHRoZSBTZWNyZXRzIE1hbmFnZXIgc2VjcmV0cyB3aXRoXG4gICAqXG4gICAqIFRoaXMgbmVlZHMgdG8gYmUgYSBrZXkgY3JlYXRlZCBpbiB0aGUgc2FtZSBzdGFjay4gWW91IGNhbm5vdCB1c2UgYSBrZXkgaW1wb3J0ZWQgdmlhIEFSTiwgYmVjYXVzZSB0aGUga2V5cyBhY2Nlc3MgcG9saWN5IHdpbGwgbmVlZCB0byBiZSBtb2RpZmllZC5cbiAgICpcbiAgICogQGRlZmF1bHQgLSBgYWxpYXMvYXdzL3NlY3JldHNtYW5hZ2VyYFxuICAgKi9cbiAgcmVhZG9ubHkga21zPzogYXdzX2ttcy5LZXk7XG5cbiAgLyoqXG4gICAqIFRoZSBLTVMga2V5IHRvIHVzZSB0byBlbmNyeXB0IHRoZSBwcml2YXRlIGtleSB3aXRoXG4gICAqXG4gICAqIFRoaXMgbmVlZHMgdG8gYmUgYSBrZXkgY3JlYXRlZCBpbiB0aGUgc2FtZSBzdGFjay4gWW91IGNhbm5vdCB1c2UgYSBrZXkgaW1wb3J0ZWQgdmlhIEFSTiwgYmVjYXVzZSB0aGUga2V5cyBhY2Nlc3MgcG9saWN5IHdpbGwgbmVlZCB0byBiZSBtb2RpZmllZC5cbiAgICpcbiAgICogSWYgbm8gdmFsdWUgaXMgcHJvdmlkZWQsIHRoZSBwcm9wZXJ0eSBga21zYCB3aWxsIGJlIHVzZWQgaW5zdGVhZC5cbiAgICpcbiAgICogQGRlZmF1bHQgLSBgdGhpcy5rbXNgXG4gICAqL1xuICByZWFkb25seSBrbXNQcml2YXRlS2V5PzogYXdzX2ttcy5LZXk7XG5cbiAgLyoqXG4gICAqIFRoZSBLTVMga2V5IHRvIHVzZSB0byBlbmNyeXB0IHRoZSBwdWJsaWMga2V5IHdpdGhcbiAgICpcbiAgICogVGhpcyBuZWVkcyB0byBiZSBhIGtleSBjcmVhdGVkIGluIHRoZSBzYW1lIHN0YWNrLiBZb3UgY2Fubm90IHVzZSBhIGtleSBpbXBvcnRlZCB2aWEgQVJOLCBiZWNhdXNlIHRoZSBrZXlzIGFjY2VzcyBwb2xpY3kgd2lsbCBuZWVkIHRvIGJlIG1vZGlmaWVkLlxuICAgKlxuICAgKiBJZiBubyB2YWx1ZSBpcyBwcm92aWRlZCwgdGhlIHByb3BlcnR5IGBrbXNgIHdpbGwgYmUgdXNlZCBpbnN0ZWFkLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIGB0aGlzLmttc2BcbiAgICovXG4gIHJlYWRvbmx5IGttc1B1YmxpY0tleT86IGF3c19rbXMuS2V5O1xuXG4gIC8qKlxuICAgKiBJbXBvcnQgYSBwdWJsaWMga2V5IGluc3RlYWQgb2YgY3JlYXRpbmcgaXRcbiAgICpcbiAgICogSWYgbm8gcHVibGljIGtleSBpcyBwcm92aWRlZCwgYSBuZXcga2V5IHBhaXIgd2lsbCBiZSBjcmVhdGVkLlxuICAgKi9cbiAgcmVhZG9ubHkgcHVibGljS2V5Pzogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBTdG9yZSB0aGUgcHVibGljIGtleSBhcyBhIHNlY3JldFxuICAgKlxuICAgKiBAZGVmYXVsdCAtIGZhbHNlXG4gICAqL1xuICByZWFkb25seSBzdG9yZVB1YmxpY0tleT86IGJvb2xlYW47XG5cbiAgLyoqXG4gICAqIEV4cG9zZSB0aGUgcHVibGljIGtleSBhcyBwcm9wZXJ0eSBgcHVibGljS2V5VmFsdWVgXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gZmFsc2VcbiAgICovXG4gIHJlYWRvbmx5IGV4cG9zZVB1YmxpY0tleT86IGJvb2xlYW47XG5cbiAgLyoqXG4gICAqIFRoZSB0eXBlIG9mIGtleSBwYWlyXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gUlNBXG4gICAqL1xuICByZWFkb25seSBrZXlUeXBlPzogS2V5VHlwZTtcblxuICAvKipcbiAgICogRm9ybWF0IGZvciBwdWJsaWMga2V5LlxuICAgKlxuICAgKiBSZWxldmFudCBvbmx5IGlmIHRoZSBwdWJsaWMga2V5IGlzIHN0b3JlZCBhbmQvb3IgZXhwb3NlZC5cbiAgICpcbiAgICogQGRlZmF1bHQgLSBTU0hcbiAgICovXG4gIHJlYWRvbmx5IHB1YmxpY0tleUZvcm1hdD86IFB1YmxpY0tleUZvcm1hdDtcblxuICAvKipcbiAgICogV2hlbiB0aGUgcmVzb3VyY2UgaXMgZGVzdHJveWVkLCBhZnRlciBob3cgbWFueSBkYXlzIHRoZSBwcml2YXRlIGFuZCBwdWJsaWMga2V5IGluIHRoZSBBV1MgU2VjcmV0cyBNYW5hZ2VyIHNob3VsZCBiZSBkZWxldGVkLlxuICAgKlxuICAgKiBWYWxpZCB2YWx1ZXMgYXJlIDAgYW5kIDcgdG8gMzBcbiAgICpcbiAgICogQGRlZmF1bHQgMFxuICAgKi9cbiAgcmVhZG9ubHkgcmVtb3ZlS2V5U2VjcmV0c0FmdGVyRGF5cz86IG51bWJlcjtcblxuICAvKipcbiAgICogUHJlZml4IGZvciB0aGUgc2VjcmV0IGluIEFXUyBTZWNyZXRzIE1hbmFnZXIuXG4gICAqXG4gICAqIEBkZWZhdWx0IGBlYzItc3NoLWtleS9gXG4gICAqL1xuICByZWFkb25seSBzZWNyZXRQcmVmaXg/OiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIEEgcHJlZml4IGZvciBhbGwgcmVzb3VyY2UgbmFtZXMuXG4gICAqXG4gICAqIEJ5IGRlZmF1bHQgYWxsIHJlc291cmNlcyBhcmUgcHJlZml4ZWQgd2l0aCB0aGUgc3RhY2sgbmFtZSB0byBhdm9pZCBjb2xsaXNpb25zIHdpdGggb3RoZXIgc3RhY2tzLiBUaGlzIG1pZ2h0IGNhdXNlIHByb2JsZW1zIHdoZW4geW91IHdvcmsgd2l0aCBsb25nIHN0YWNrIG5hbWVzIGFuZCBjYW4gYmUgb3ZlcnJpZGRlbiB0aHJvdWdoIHRoaXMgcGFyYW1ldGVyLlxuICAgKlxuICAgKiBAZGVmYXVsdCBOYW1lIG9mIHRoZSBzdGFja1xuICAgKi9cbiAgcmVhZG9ubHkgcmVzb3VyY2VQcmVmaXg/OiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIFdoZXRoZXIgdG8gdXNlIHRoZSBsZWdhY3kgbmFtZSBmb3IgdGhlIExhbWJkYSBmdW5jdGlvbiwgd2hpY2ggYmFja3MgdGhlIGN1c3RvbSByZXNvdXJjZS5cbiAgICpcbiAgICogU3RhcnRpbmcgd2l0aCB2NCBvZiB0aGlzIHBhY2thZ2UsIHRoZSBMYW1iZGEgZnVuY3Rpb24gYnkgZGVmYXVsdCBoYXMgbm8gbG9uZ2VyIGEgZml4ZWQgbmFtZS5cbiAgICpcbiAgICogSWYgeW91IG1pZ3JhdGUgZnJvbSB2MyB0byB2NCwgeW91IG5lZWQgdG8gc2V0IHRoaXMgdG8gYHRydWVgIGFzIENsb3VkRm9ybWF0aW9uIGRvZXMgbm90IGFsbG93IHRvIGNoYW5nZSB0aGUgbmFtZSBvZiB0aGUgTGFtYmRhIGZ1bmN0aW9uIHVzZWQgYnkgY3VzdG9tIHJlc291cmNlLlxuICAgKlxuICAgKiBAZGVmYXVsdCBmYWxzZVxuICAgKi9cbiAgcmVhZG9ubHkgbGVnYWN5TGFtYmRhTmFtZT86IGJvb2xlYW47XG5cbiAgLyoqXG4gICAqIFRoZSBsb2cgbGV2ZWwgb2YgdGhlIExhbWJkYSBmdW5jdGlvblxuICAgKlxuICAgKiBAZGVmYXVsdCBMb2dMZXZlbC53YXJuXG4gICAqL1xuICByZWFkb25seSBsb2dMZXZlbD86IExvZ0xldmVsO1xufVxuXG4vKipcbiAqIEFuIEVDMiBLZXkgUGFpclxuICovXG5leHBvcnQgY2xhc3MgS2V5UGFpciBleHRlbmRzIFJlc291cmNlIGltcGxlbWVudHMgSVRhZ2dhYmxlLCBJS2V5UGFpciB7XG4gIC8qKlxuICAgKiBUaGUgbGFtYmRhIGZ1bmN0aW9uIHRoYXQgaXMgY3JlYXRlZFxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGxhbWJkYUZ1bmN0aW9uOiBhd3NfbGFtYmRhLklGdW5jdGlvbjtcblxuICAvKipcbiAgICogVGhlIHB1YmxpYyBrZXkuXG4gICAqXG4gICAqIE9ubHkgZmlsbGVkLCB3aGVuIGBleHBvc2VQdWJsaWNLZXkgPSB0cnVlYFxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IHB1YmxpY0tleVZhbHVlOiBzdHJpbmcgPSAnJztcblxuICAvKipcbiAgICogTmFtZSBvZiB0aGUgS2V5IFBhaXJcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBrZXlQYWlyTmFtZTogc3RyaW5nID0gJyc7XG5cbiAgLyoqXG4gICAqIElEIG9mIHRoZSBLZXkgUGFpclxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGtleVBhaXJJRDogc3RyaW5nID0gJyc7XG5cbiAgLyoqXG4gICAqIEZpbmdlcnByaW50IG9mIHRoZSBLZXkgUGFpclxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGtleVBhaXJGaW5nZXJwcmludDogc3RyaW5nID0gJyc7XG5cbiAgLyoqXG4gICAqIEZvcm1hdCBvZiB0aGUgcHVibGljIGtleVxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IHB1YmxpY0tleUZvcm1hdDogUHVibGljS2V5Rm9ybWF0O1xuXG4gIC8qKlxuICAgKiBUaGUgcHJpdmF0ZSBrZXkgc2VjcmV0IGluIEFXUyBTZWNyZXRzIE1hbmFnZXJcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBwcml2YXRlS2V5U2VjcmV0OiBhd3Nfc2VjcmV0c21hbmFnZXIuSVNlY3JldDtcbiAgLyoqXG4gICAqIFRoZSBwdWJsaWMga2V5IHNlY3JldCBpbiBBV1MgU2VjcmV0cyBNYW5hZ2VyXG4gICAqXG4gICAqIE9ubHkgYXZhaWxhYmxlIHdoZW4gYHN0b3JlUHVibGljS2V5YCBpcyBzZXQgdG8gYHRydWVgLlxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IHB1YmxpY0tleVNlY3JldD86IGF3c19zZWNyZXRzbWFuYWdlci5JU2VjcmV0O1xuXG4gIC8qKlxuICAgKiBUeXBlIG9mIHRoZSBLZXkgUGFpclxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGtleVR5cGU6IEtleVR5cGU7XG5cbiAgLyoqXG4gICAqIFJlc291cmNlIHRhZ3NcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSB0YWdzOiBUYWdNYW5hZ2VyO1xuXG4gIHB1YmxpYyByZWFkb25seSBwcmVmaXg6IHN0cmluZyA9ICcnO1xuXG4gIHB1YmxpYyBnZXQga2V5UGFpclJlZigpOiBLZXlQYWlyUmVmZXJlbmNlIHtcbiAgICByZXR1cm4ge1xuICAgICAga2V5TmFtZTogdGhpcy5rZXlQYWlyTmFtZSxcbiAgICB9O1xuICB9XG5cbiAgLyoqXG4gICAqIERlZmluZXMgYSBuZXcgRUMyIEtleSBQYWlyLiBUaGUgcHJpdmF0ZSBrZXkgd2lsbCBiZSBzdG9yZWQgaW4gQVdTIFNlY3JldHMgTWFuYWdlclxuICAgKi9cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IEtleVBhaXJQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICBpZiAoXG4gICAgICBwcm9wcy5yZW1vdmVLZXlTZWNyZXRzQWZ0ZXJEYXlzICYmXG4gICAgICAocHJvcHMucmVtb3ZlS2V5U2VjcmV0c0FmdGVyRGF5cyA8IDAgfHxcbiAgICAgICAgKHByb3BzLnJlbW92ZUtleVNlY3JldHNBZnRlckRheXMgPiAwICYmXG4gICAgICAgICAgcHJvcHMucmVtb3ZlS2V5U2VjcmV0c0FmdGVyRGF5cyA8IDcpIHx8XG4gICAgICAgIHByb3BzLnJlbW92ZUtleVNlY3JldHNBZnRlckRheXMgPiAzMClcbiAgICApIHtcbiAgICAgIEFubm90YXRpb25zLm9mKHRoaXMpLmFkZEVycm9yKFxuICAgICAgICBgUGFyYW1ldGVyIHJlbW92ZUtleVNlY3JldHNBZnRlckRheXMgbXVzdCBiZSAwIG9yIGJldHdlZW4gNyBhbmQgMzAuIEdvdCAke3Byb3BzLnJlbW92ZUtleVNlY3JldHNBZnRlckRheXN9YCxcbiAgICAgICk7XG4gICAgfVxuXG4gICAgaWYgKFxuICAgICAgcHJvcHMucHVibGljS2V5Py5sZW5ndGggJiZcbiAgICAgIHByb3BzLnB1YmxpY0tleUZvcm1hdCAhPT0gdW5kZWZpbmVkICYmXG4gICAgICBwcm9wcy5wdWJsaWNLZXlGb3JtYXQgIT09IFB1YmxpY0tleUZvcm1hdC5PUEVOU1NIXG4gICAgKSB7XG4gICAgICBBbm5vdGF0aW9ucy5vZih0aGlzKS5hZGRFcnJvcihcbiAgICAgICAgJ1doZW4gaW1wb3J0aW5nIGEga2V5LCB0aGUgZm9ybWF0IGhhcyB0byBiZSBvZiB0eXBlIE9wZW5TU0gnLFxuICAgICAgKTtcbiAgICB9XG5cbiAgICBpZiAoXG4gICAgICBwcm9wcy5rZXlUeXBlID09IEtleVR5cGUuRUQyNTUxOSAmJlxuICAgICAgcHJvcHMucHVibGljS2V5Rm9ybWF0ID09IFB1YmxpY0tleUZvcm1hdC5QS0NTMVxuICAgICkge1xuICAgICAgQW5ub3RhdGlvbnMub2YodGhpcykuYWRkRXJyb3IoXG4gICAgICAgICdUaGUgcHVibGljIGtleSBmb3JtYXQgUEtDUzEgaXMgbm90IHN1cHBvcnRlZCBmb3Iga2V5IHR5cGUgRUQyNTUxOScsXG4gICAgICApO1xuICAgIH1cblxuICAgIGNvbnN0IHN0YWNrID0gU3RhY2sub2YodGhpcykuc3RhY2tOYW1lO1xuXG4gICAgaWYgKHByb3BzLmxlZ2FjeUxhbWJkYU5hbWUpIHtcbiAgICAgIHRoaXMucHJlZml4ID0gcHJvcHMucmVzb3VyY2VQcmVmaXggPz8gc3RhY2s7XG4gICAgICBpZiAodGhpcy5wcmVmaXgubGVuZ3RoICsgY2xlYW5JRC5sZW5ndGggPiA2Mikge1xuICAgICAgICAvLyBDbG91ZGZvcm1hdGlvbiBsaW1pdHMgbmFtZXMgdG8gNjMgY2hhcmFjdGVycy5cbiAgICAgICAgQW5ub3RhdGlvbnMub2YodGhpcykuYWRkRXJyb3IoXG4gICAgICAgICAgYENsb3VkZm9ybWF0aW9uIGxpbWl0cyBuYW1lcyB0byA2MyBjaGFyYWN0ZXJzLlxuICAgICAgICAgICBQcmVmaXggJHt0aGlzLnByZWZpeH0gaXMgdG9vIGxvbmcgdG8gYmUgdXNlZCBhcyBhIHByZWZpeCBmb3IgeW91ciByb2xlTmFtZS4gRGVmaW5lIHBhcmFtZXRlciByZXNvdXJjZVByZWZpeD86YCxcbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICB9XG4gICAgdGhpcy5sYW1iZGFGdW5jdGlvbiA9IHRoaXMuZW5zdXJlTGFtYmRhKHByb3BzLmxlZ2FjeUxhbWJkYU5hbWUgPz8gZmFsc2UpO1xuXG4gICAgdGhpcy50YWdzID0gbmV3IFRhZ01hbmFnZXIoVGFnVHlwZS5NQVAsICdDdXN0b206OkVDMi1LZXktUGFpcicpO1xuICAgIHRoaXMudGFncy5zZXRUYWcoY3JlYXRlZEJ5VGFnLCBJRCk7XG5cbiAgICB0aGlzLmtleVR5cGUgPSBwcm9wcy5rZXlUeXBlID8/IEtleVR5cGUuUlNBO1xuICAgIHRoaXMucHVibGljS2V5Rm9ybWF0ID0gcHJvcHMucHVibGljS2V5Rm9ybWF0ID8/IFB1YmxpY0tleUZvcm1hdC5TU0g7XG5cbiAgICBjb25zdCBrbXNQcml2YXRlID0gcHJvcHMua21zUHJpdmF0ZUtleSA/PyBwcm9wcy5rbXM7XG4gICAgY29uc3Qga21zUHVibGljID0gcHJvcHMua21zUHVibGljS2V5ID8/IHByb3BzLmttcztcblxuICAgIGNvbnN0IGxhbWJkYVByb3BlcnRpZXM6IFJlc291cmNlUHJvcGVydGllcyA9IHtcbiAgICAgIC8qIGVzbGludC1kaXNhYmxlIEB0eXBlc2NyaXB0LWVzbGludC9uYW1pbmctY29udmVudGlvbiAqL1xuICAgICAgTmFtZTogcHJvcHMua2V5UGFpck5hbWUsXG4gICAgICBEZXNjcmlwdGlvbjogcHJvcHMuZGVzY3JpcHRpb24gPz8gJycsXG4gICAgICBLbXNQcml2YXRlOiBrbXNQcml2YXRlPy5rZXlBcm4gPz8gJ2FsaWFzL2F3cy9zZWNyZXRzbWFuYWdlcicsXG4gICAgICBLbXNQdWJsaWM6IGttc1B1YmxpYz8ua2V5QXJuID8/ICdhbGlhcy9hd3Mvc2VjcmV0c21hbmFnZXInLFxuICAgICAgUHVibGljS2V5OiBwcm9wcy5wdWJsaWNLZXkgPz8gJycsXG4gICAgICBTdG9yZVB1YmxpY0tleTogcHJvcHMuc3RvcmVQdWJsaWNLZXkgPyAndHJ1ZScgOiAnZmFsc2UnLFxuICAgICAgRXhwb3NlUHVibGljS2V5OiBwcm9wcy5leHBvc2VQdWJsaWNLZXkgPyAndHJ1ZScgOiAnZmFsc2UnLFxuICAgICAgS2V5VHlwZTogdGhpcy5rZXlUeXBlLFxuICAgICAgUHVibGljS2V5Rm9ybWF0OiBwcm9wcy5wdWJsaWNLZXlGb3JtYXQgPz8gUHVibGljS2V5Rm9ybWF0LlNTSCxcbiAgICAgIFJlbW92ZUtleVNlY3JldHNBZnRlckRheXM6IHByb3BzLnJlbW92ZUtleVNlY3JldHNBZnRlckRheXMgPz8gMCxcbiAgICAgIFNlY3JldFByZWZpeDogcHJvcHMuc2VjcmV0UHJlZml4ID8/ICdlYzItc3NoLWtleS8nLFxuICAgICAgU3RhY2tOYW1lOiBzdGFjayxcbiAgICAgIFRhZ3M6IExhenkuYW55KHtcbiAgICAgICAgcHJvZHVjZTogKCkgPT4gdGhpcy50YWdzLnJlbmRlclRhZ3MoKSBhcyBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+LFxuICAgICAgfSkgYXMgdW5rbm93biBhcyBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+LFxuICAgICAgTG9nTGV2ZWw6IHByb3BzLmxvZ0xldmVsLFxuICAgICAgLyogZXNsaW50LWVuYWJsZSBAdHlwZXNjcmlwdC1lc2xpbnQvbmFtaW5nLWNvbnZlbnRpb24gKi9cbiAgICB9O1xuXG4gICAgY29uc3Qga2V5ID0gbmV3IEN1c3RvbVJlc291cmNlKHRoaXMsIGBFQzItS2V5LVBhaXItJHtwcm9wcy5rZXlQYWlyTmFtZX1gLCB7XG4gICAgICBzZXJ2aWNlVG9rZW46IHRoaXMubGFtYmRhRnVuY3Rpb24uZnVuY3Rpb25Bcm4sXG4gICAgICByZXNvdXJjZVR5cGU6IHJlc291cmNlVHlwZSxcbiAgICAgIHByb3BlcnRpZXM6IGxhbWJkYVByb3BlcnRpZXMsXG4gICAgfSk7XG5cbiAgICB0aGlzLnByaXZhdGVLZXlTZWNyZXQgPSBhd3Nfc2VjcmV0c21hbmFnZXIuU2VjcmV0LmZyb21TZWNyZXRDb21wbGV0ZUFybihcbiAgICAgIHRoaXMsXG4gICAgICAnUHJpdmF0ZUtleVNlY3JldCcsXG4gICAgICBrZXkuZ2V0QXR0U3RyaW5nKCdQcml2YXRlS2V5QVJOJyksXG4gICAgKTtcblxuICAgIGlmIChwcm9wcy5zdG9yZVB1YmxpY0tleSkge1xuICAgICAgdGhpcy5wdWJsaWNLZXlTZWNyZXQgPSBhd3Nfc2VjcmV0c21hbmFnZXIuU2VjcmV0LmZyb21TZWNyZXRDb21wbGV0ZUFybihcbiAgICAgICAgdGhpcyxcbiAgICAgICAgJ1B1YmxpY0tleVNlY3JldCcsXG4gICAgICAgIGtleS5nZXRBdHRTdHJpbmcoJ1B1YmxpY0tleUFSTicpLFxuICAgICAgKTtcbiAgICB9XG5cbiAgICBpZiAodHlwZW9mIHByb3BzLmttcyAhPT0gJ3VuZGVmaW5lZCcpIHtcbiAgICAgIHByb3BzLmttcy5ncmFudEVuY3J5cHREZWNyeXB0KHRoaXMubGFtYmRhRnVuY3Rpb24ucm9sZSEpO1xuICAgICAga2V5Lm5vZGUuYWRkRGVwZW5kZW5jeShwcm9wcy5rbXMpO1xuICAgICAga2V5Lm5vZGUuYWRkRGVwZW5kZW5jeSh0aGlzLmxhbWJkYUZ1bmN0aW9uLnJvbGUhKTtcbiAgICB9XG5cbiAgICBpZiAodHlwZW9mIHByb3BzLmttc1ByaXZhdGVLZXkgIT09ICd1bmRlZmluZWQnKSB7XG4gICAgICBwcm9wcy5rbXNQcml2YXRlS2V5LmdyYW50RW5jcnlwdERlY3J5cHQodGhpcy5sYW1iZGFGdW5jdGlvbi5yb2xlISk7XG4gICAgICBrZXkubm9kZS5hZGREZXBlbmRlbmN5KHByb3BzLmttc1ByaXZhdGVLZXkpO1xuICAgICAga2V5Lm5vZGUuYWRkRGVwZW5kZW5jeSh0aGlzLmxhbWJkYUZ1bmN0aW9uLnJvbGUhKTtcbiAgICB9XG5cbiAgICBpZiAodHlwZW9mIHByb3BzLmttc1B1YmxpY0tleSAhPT0gJ3VuZGVmaW5lZCcpIHtcbiAgICAgIHByb3BzLmttc1B1YmxpY0tleS5ncmFudEVuY3J5cHREZWNyeXB0KHRoaXMubGFtYmRhRnVuY3Rpb24ucm9sZSEpO1xuICAgICAga2V5Lm5vZGUuYWRkRGVwZW5kZW5jeShwcm9wcy5rbXNQdWJsaWNLZXkpO1xuICAgICAga2V5Lm5vZGUuYWRkRGVwZW5kZW5jeSh0aGlzLmxhbWJkYUZ1bmN0aW9uLnJvbGUhKTtcbiAgICB9XG5cbiAgICB0aGlzLnB1YmxpY0tleVZhbHVlID0ga2V5LmdldEF0dFN0cmluZygnUHVibGljS2V5VmFsdWUnKTtcbiAgICB0aGlzLmtleVBhaXJOYW1lID0ga2V5LmdldEF0dFN0cmluZygnS2V5UGFpck5hbWUnKTtcbiAgICB0aGlzLmtleVBhaXJJRCA9IGtleS5nZXRBdHRTdHJpbmcoJ0tleVBhaXJJRCcpO1xuICAgIHRoaXMua2V5UGFpckZpbmdlcnByaW50ID0ga2V5LmdldEF0dFN0cmluZygnS2V5UGFpckZpbmdlcnByaW50Jyk7XG4gIH1cblxuICBwcml2YXRlIGVuc3VyZUxhbWJkYShsZWdhY3lMYW1iZGFOYW1lOiBib29sZWFuKTogYXdzX2xhbWJkYS5GdW5jdGlvbiB7XG4gICAgY29uc3Qgc3RhY2sgPSBTdGFjay5vZih0aGlzKTtcbiAgICBjb25zdCBjb25zdHJ1Y3ROYW1lID0gbGVnYWN5TGFtYmRhTmFtZVxuICAgICAgPyAnRUMyLUtleS1OYW1lLU1hbmFnZXItTGFtYmRhJyAvLyB0aGlzIG5hbWUgd2FzIG5vdCBpbnRlbnRpb25hbCBidXQgd2Uga2VlcCBpdCBmb3IgbGVnYWN5IHJlc291cmNlc1xuICAgICAgOiAnRUMyLUtleS1QYWlyLU1hbmFnZXItTGFtYmRhJztcbiAgICBjb25zdCBleGlzdGluZyA9IHN0YWNrLm5vZGUudHJ5RmluZENoaWxkKGNvbnN0cnVjdE5hbWUpO1xuICAgIGlmIChleGlzdGluZykge1xuICAgICAgcmV0dXJuIGV4aXN0aW5nIGFzIGF3c19sYW1iZGEuRnVuY3Rpb247XG4gICAgfVxuXG4gICAgY29uc3QgcmVzb3VyY2VzID0gW2Bhcm46JHtzdGFjay5wYXJ0aXRpb259OmVjMjoqOio6a2V5LXBhaXIvKmBdO1xuXG4gICAgY29uc3Qgc3RhdGVtZW50cyA9IFtcbiAgICAgIG5ldyBhd3NfaWFtLlBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIGFjdGlvbnM6IFsnZWMyOkRlc2NyaWJlS2V5UGFpcnMnXSxcbiAgICAgICAgcmVzb3VyY2VzOiBbJyonXSxcbiAgICAgIH0pLFxuICAgICAgbmV3IGF3c19pYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgYWN0aW9uczogWydlYzI6Q3JlYXRlS2V5UGFpcicsICdlYzI6Q3JlYXRlVGFncycsICdlYzI6SW1wb3J0S2V5UGFpciddLFxuICAgICAgICBjb25kaXRpb25zOiB7XG4gICAgICAgICAgLyogZXNsaW50LWRpc2FibGUgQHR5cGVzY3JpcHQtZXNsaW50L25hbWluZy1jb252ZW50aW9uICovXG4gICAgICAgICAgU3RyaW5nTGlrZToge1xuICAgICAgICAgICAgJ2F3czpSZXF1ZXN0VGFnL0NyZWF0ZWRCeUNmbkN1c3RvbVJlc291cmNlJzogSUQsXG4gICAgICAgICAgfSxcbiAgICAgICAgICAvKiBlc2xpbnQtZW5hYmxlIEB0eXBlc2NyaXB0LWVzbGludC9uYW1pbmctY29udmVudGlvbiAqL1xuICAgICAgICB9LFxuICAgICAgICByZXNvdXJjZXMsXG4gICAgICB9KSxcbiAgICAgIG5ldyBhd3NfaWFtLlBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIC8vIGFsbG93IGRlbGV0ZS91cGRhdGUsIG9ubHkgaWYgY3JlYXRlZEJ5VGFnIGlzIHNldFxuICAgICAgICBhY3Rpb25zOiBbJ2VjMjpDcmVhdGVUYWdzJywgJ2VjMjpEZWxldGVLZXlQYWlyJywgJ2VjMjpEZWxldGVUYWdzJ10sXG4gICAgICAgIGNvbmRpdGlvbnM6IHtcbiAgICAgICAgICAvKiBlc2xpbnQtZGlzYWJsZSBAdHlwZXNjcmlwdC1lc2xpbnQvbmFtaW5nLWNvbnZlbnRpb24gKi9cbiAgICAgICAgICBTdHJpbmdMaWtlOiB7XG4gICAgICAgICAgICAnZWMyOlJlc291cmNlVGFnL0NyZWF0ZWRCeUNmbkN1c3RvbVJlc291cmNlJzogSUQsXG4gICAgICAgICAgfSxcbiAgICAgICAgICAvKiBlc2xpbnQtZW5hYmxlIEB0eXBlc2NyaXB0LWVzbGludC9uYW1pbmctY29udmVudGlvbiAqL1xuICAgICAgICB9LFxuICAgICAgICByZXNvdXJjZXMsXG4gICAgICB9KSxcblxuICAgICAgbmV3IGF3c19pYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgLy8gd2UgbmVlZCB0aGlzIHRvIGNoZWNrIGlmIGEgc2VjcmV0IGV4aXN0cyBiZWZvcmUgYXR0ZW1wdGluZyB0byBkZWxldGUgaXRcbiAgICAgICAgYWN0aW9uczogWydzZWNyZXRzbWFuYWdlcjpMaXN0U2VjcmV0cyddLFxuICAgICAgICByZXNvdXJjZXM6IFsnKiddLFxuICAgICAgfSksXG4gICAgICBuZXcgYXdzX2lhbS5Qb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICBhY3Rpb25zOiBbJ3NlY3JldHNtYW5hZ2VyOkNyZWF0ZVNlY3JldCcsICdzZWNyZXRzbWFuYWdlcjpUYWdSZXNvdXJjZSddLFxuICAgICAgICBjb25kaXRpb25zOiB7XG4gICAgICAgICAgLyogZXNsaW50LWRpc2FibGUgQHR5cGVzY3JpcHQtZXNsaW50L25hbWluZy1jb252ZW50aW9uICovXG4gICAgICAgICAgU3RyaW5nTGlrZToge1xuICAgICAgICAgICAgJ2F3czpSZXF1ZXN0VGFnL0NyZWF0ZWRCeUNmbkN1c3RvbVJlc291cmNlJzogSUQsXG4gICAgICAgICAgfSxcbiAgICAgICAgICAvKiBlc2xpbnQtZW5hYmxlIEB0eXBlc2NyaXB0LWVzbGludC9uYW1pbmctY29udmVudGlvbiAqL1xuICAgICAgICB9LFxuICAgICAgICByZXNvdXJjZXM6IFsnKiddLFxuICAgICAgfSksXG4gICAgICBuZXcgYXdzX2lhbS5Qb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICAvLyBhbGxvdyBkZWxldGUvdXBkYXRlLCBvbmx5IGlmIGNyZWF0ZWRCeVRhZyBpcyBzZXRcbiAgICAgICAgYWN0aW9uczogW1xuICAgICAgICAgICdzZWNyZXRzbWFuYWdlcjpEZWxldGVSZXNvdXJjZVBvbGljeScsXG4gICAgICAgICAgJ3NlY3JldHNtYW5hZ2VyOkRlbGV0ZVNlY3JldCcsXG4gICAgICAgICAgJ3NlY3JldHNtYW5hZ2VyOkRlc2NyaWJlU2VjcmV0JyxcbiAgICAgICAgICAnc2VjcmV0c21hbmFnZXI6R2V0UmVzb3VyY2VQb2xpY3knLFxuICAgICAgICAgICdzZWNyZXRzbWFuYWdlcjpHZXRTZWNyZXRWYWx1ZScsXG4gICAgICAgICAgJ3NlY3JldHNtYW5hZ2VyOkxpc3RTZWNyZXRWZXJzaW9uSWRzJyxcbiAgICAgICAgICAnc2VjcmV0c21hbmFnZXI6UHV0UmVzb3VyY2VQb2xpY3knLFxuICAgICAgICAgICdzZWNyZXRzbWFuYWdlcjpQdXRTZWNyZXRWYWx1ZScsXG4gICAgICAgICAgJ3NlY3JldHNtYW5hZ2VyOlJlc3RvcmVTZWNyZXQnLFxuICAgICAgICAgICdzZWNyZXRzbWFuYWdlcjpVbnRhZ1Jlc291cmNlJyxcbiAgICAgICAgICAnc2VjcmV0c21hbmFnZXI6VXBkYXRlU2VjcmV0JyxcbiAgICAgICAgICAnc2VjcmV0c21hbmFnZXI6VXBkYXRlU2VjcmV0VmVyc2lvblN0YWdlJyxcbiAgICAgICAgXSxcbiAgICAgICAgY29uZGl0aW9uczoge1xuICAgICAgICAgIC8qIGVzbGludC1kaXNhYmxlIEB0eXBlc2NyaXB0LWVzbGludC9uYW1pbmctY29udmVudGlvbiAqL1xuICAgICAgICAgIFN0cmluZ0xpa2U6IHtcbiAgICAgICAgICAgICdzZWNyZXRzbWFuYWdlcjpSZXNvdXJjZVRhZy9DcmVhdGVkQnlDZm5DdXN0b21SZXNvdXJjZSc6IElELFxuICAgICAgICAgIH0sXG4gICAgICAgICAgLyogZXNsaW50LWVuYWJsZSBAdHlwZXNjcmlwdC1lc2xpbnQvbmFtaW5nLWNvbnZlbnRpb24gKi9cbiAgICAgICAgfSxcbiAgICAgICAgcmVzb3VyY2VzOiBbJyonXSxcbiAgICAgIH0pLFxuICAgIF07XG5cbiAgICBjb25zdCBmbiA9IG5ldyBhd3NfbGFtYmRhLkZ1bmN0aW9uKHN0YWNrLCBjb25zdHJ1Y3ROYW1lLCB7XG4gICAgICBmdW5jdGlvbk5hbWU6IGxlZ2FjeUxhbWJkYU5hbWUgPyBgJHt0aGlzLnByZWZpeH0tJHtjbGVhbklEfWAgOiB1bmRlZmluZWQsXG4gICAgICBkZXNjcmlwdGlvbjogJ0N1c3RvbSBDRk4gcmVzb3VyY2U6IE1hbmFnZSBFQzIgS2V5IFBhaXJzJyxcbiAgICAgIHJ1bnRpbWU6IGF3c19sYW1iZGEuUnVudGltZS5OT0RFSlNfMjJfWCxcbiAgICAgIGhhbmRsZXI6ICdpbmRleC5oYW5kbGVyJyxcbiAgICAgIGNvZGU6IGF3c19sYW1iZGEuQ29kZS5mcm9tQXNzZXQoXG4gICAgICAgIHBhdGguam9pbihfX2Rpcm5hbWUsICcuLi9sYW1iZGEvY29kZS56aXAnKSxcbiAgICAgICksXG4gICAgICB0aW1lb3V0OiBEdXJhdGlvbi5taW51dGVzKGxhbWJkYVRpbWVvdXQpLFxuICAgIH0pO1xuICAgIHN0YXRlbWVudHMuZm9yRWFjaCgoc3RhdGVtZW50KSA9PiB7XG4gICAgICBmbi5yb2xlPy5hZGRUb1ByaW5jaXBhbFBvbGljeShzdGF0ZW1lbnQpO1xuICAgIH0pO1xuXG4gICAgcmV0dXJuIGZuO1xuICB9XG5cbiAgLyoqXG4gICAqIFVzZWQgaW50ZXJuYWxseSB0byBkZXRlcm1pbmUgd2hldGhlciB0aGUga2V5IHBhaXIgaXMgY29tcGF0aWJsZSB3aXRoIGFuIE9TIHR5cGUuXG4gICAqXG4gICAqIEBpbnRlcm5hbFxuICAgKi9cbiAgcHVibGljIF9pc09zQ29tcGF0aWJsZShvc1R5cGU6IE9wZXJhdGluZ1N5c3RlbVR5cGUpOiBib29sZWFuIHtcbiAgICBzd2l0Y2ggKHRoaXMua2V5VHlwZSkge1xuICAgICAgY2FzZSBLZXlUeXBlLkVEMjU1MTk6XG4gICAgICAgIHJldHVybiBvc1R5cGUgIT09IE9wZXJhdGluZ1N5c3RlbVR5cGUuV0lORE9XUztcbiAgICAgIGRlZmF1bHQ6XG4gICAgICAgIHJldHVybiB0cnVlO1xuICAgIH1cbiAgfVxufVxuIl19