node_modules/tedious/lib/always-encrypted/aead-aes-256-cbc-hmac-algorithm.js

"use strict";

Object.defineProperty(exports, "__esModule", {
  value: true
});
exports.algorithmName = exports.AeadAes256CbcHmac256Algorithm = void 0;
var _types = require("./types");
var _crypto = require("crypto");
var _aeadAes256CbcHmacEncryptionKey = require("./aead-aes-256-cbc-hmac-encryption-key");
// This code is based on the `mssql-jdbc` library published under the conditions of MIT license.
// Copyright (c) 2019 Microsoft Corporation

const algorithmName = exports.algorithmName = 'AEAD_AES_256_CBC_HMAC_SHA256';
const algorithmVersion = 0x1;
const blockSizeInBytes = 16;
class AeadAes256CbcHmac256Algorithm {
  constructor(columnEncryptionKey, encryptionType) {
    this.keySizeInBytes = _aeadAes256CbcHmacEncryptionKey.keySize / 8;
    this.version = Buffer.from([algorithmVersion]);
    this.versionSize = Buffer.from([1]);
    this.minimumCipherTextLengthInBytesNoAuthenticationTag = 1 + blockSizeInBytes + blockSizeInBytes;
    this.minimumCipherTextLengthInBytesWithAuthenticationTag = this.minimumCipherTextLengthInBytesNoAuthenticationTag + this.keySizeInBytes;
    this.columnEncryptionkey = columnEncryptionKey;
    this.isDeterministic = encryptionType === _types.SQLServerEncryptionType.Deterministic;
  }
  encryptData(plaintText) {
    let iv;
    if (this.isDeterministic === true) {
      const hmacIv = (0, _crypto.createHmac)('sha256', this.columnEncryptionkey.getIvKey());
      hmacIv.update(plaintText);
      iv = hmacIv.digest().slice(0, blockSizeInBytes);
    } else {
      iv = (0, _crypto.randomBytes)(blockSizeInBytes);
    }
    const encryptCipher = (0, _crypto.createCipheriv)('aes-256-cbc', this.columnEncryptionkey.getEncryptionKey(), iv);
    const encryptedBuffer = Buffer.concat([encryptCipher.update(plaintText), encryptCipher.final()]);
    const authenticationTag = this._prepareAuthenticationTag(iv, encryptedBuffer, 0, encryptedBuffer.length);
    return Buffer.concat([Buffer.from([algorithmVersion]), authenticationTag, iv, encryptedBuffer]);
  }
  decryptData(cipherText) {
    const iv = Buffer.alloc(blockSizeInBytes);
    const minimumCiperTextLength = this.minimumCipherTextLengthInBytesWithAuthenticationTag;
    if (cipherText.length < minimumCiperTextLength) {
      throw new Error(`Specified ciphertext has an invalid size of ${cipherText.length} bytes, which is below the minimum ${minimumCiperTextLength} bytes required for decryption.`);
    }
    let startIndex = 0;
    if (cipherText[0] !== algorithmVersion) {
      throw new Error(`The specified ciphertext's encryption algorithm version ${Buffer.from([cipherText[0]]).toString('hex')} does not match the expected encryption algorithm version ${algorithmVersion}.`);
    }
    startIndex += 1;
    let authenticationTagOffset = 0;
    authenticationTagOffset = startIndex;
    startIndex += this.keySizeInBytes;
    cipherText.copy(iv, 0, startIndex, startIndex + iv.length);
    startIndex += iv.length;
    const cipherTextOffset = startIndex;
    const cipherTextCount = cipherText.length - startIndex;
    const authenticationTag = this._prepareAuthenticationTag(iv, cipherText, cipherTextOffset, cipherTextCount);
    if (0 !== authenticationTag.compare(cipherText, authenticationTagOffset, Math.min(authenticationTagOffset + cipherTextCount, authenticationTagOffset + authenticationTag.length), 0, Math.min(cipherTextCount, authenticationTag.length))) {
      throw new Error('Specified ciphertext has an invalid authentication tag.');
    }
    let plainText;
    const decipher = (0, _crypto.createDecipheriv)('aes-256-cbc', this.columnEncryptionkey.getEncryptionKey(), iv);
    try {
      plainText = decipher.update(cipherText.slice(cipherTextOffset, cipherTextOffset + cipherTextCount));
      plainText = Buffer.concat([plainText, decipher.final()]);
    } catch (error) {
      throw new Error(`Internal error while decryption: ${error.message}`);
    }
    return plainText;
  }
  _prepareAuthenticationTag(iv, cipherText, offset, length) {
    const hmac = (0, _crypto.createHmac)('sha256', this.columnEncryptionkey.getMacKey());
    hmac.update(this.version);
    hmac.update(iv);
    hmac.update(cipherText.slice(offset, offset + length));
    hmac.update(this.versionSize);
    return hmac.digest();
  }
}
exports.AeadAes256CbcHmac256Algorithm = AeadAes256CbcHmac256Algorithm;
//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJuYW1lcyI6WyJfdHlwZXMiLCJyZXF1aXJlIiwiX2NyeXB0byIsIl9hZWFkQWVzMjU2Q2JjSG1hY0VuY3J5cHRpb25LZXkiLCJhbGdvcml0aG1OYW1lIiwiZXhwb3J0cyIsImFsZ29yaXRobVZlcnNpb24iLCJibG9ja1NpemVJbkJ5dGVzIiwiQWVhZEFlczI1NkNiY0htYWMyNTZBbGdvcml0aG0iLCJjb25zdHJ1Y3RvciIsImNvbHVtbkVuY3J5cHRpb25LZXkiLCJlbmNyeXB0aW9uVHlwZSIsImtleVNpemVJbkJ5dGVzIiwia2V5U2l6ZSIsInZlcnNpb24iLCJCdWZmZXIiLCJmcm9tIiwidmVyc2lvblNpemUiLCJtaW5pbXVtQ2lwaGVyVGV4dExlbmd0aEluQnl0ZXNOb0F1dGhlbnRpY2F0aW9uVGFnIiwibWluaW11bUNpcGhlclRleHRMZW5ndGhJbkJ5dGVzV2l0aEF1dGhlbnRpY2F0aW9uVGFnIiwiY29sdW1uRW5jcnlwdGlvbmtleSIsImlzRGV0ZXJtaW5pc3RpYyIsIlNRTFNlcnZlckVuY3J5cHRpb25UeXBlIiwiRGV0ZXJtaW5pc3RpYyIsImVuY3J5cHREYXRhIiwicGxhaW50VGV4dCIsIml2IiwiaG1hY0l2IiwiY3JlYXRlSG1hYyIsImdldEl2S2V5IiwidXBkYXRlIiwiZGlnZXN0Iiwic2xpY2UiLCJyYW5kb21CeXRlcyIsImVuY3J5cHRDaXBoZXIiLCJjcmVhdGVDaXBoZXJpdiIsImdldEVuY3J5cHRpb25LZXkiLCJlbmNyeXB0ZWRCdWZmZXIiLCJjb25jYXQiLCJmaW5hbCIsImF1dGhlbnRpY2F0aW9uVGFnIiwiX3ByZXBhcmVBdXRoZW50aWNhdGlvblRhZyIsImxlbmd0aCIsImRlY3J5cHREYXRhIiwiY2lwaGVyVGV4dCIsImFsbG9jIiwibWluaW11bUNpcGVyVGV4dExlbmd0aCIsIkVycm9yIiwic3RhcnRJbmRleCIsInRvU3RyaW5nIiwiYXV0aGVudGljYXRpb25UYWdPZmZzZXQiLCJjb3B5IiwiY2lwaGVyVGV4dE9mZnNldCIsImNpcGhlclRleHRDb3VudCIsImNvbXBhcmUiLCJNYXRoIiwibWluIiwicGxhaW5UZXh0IiwiZGVjaXBoZXIiLCJjcmVhdGVEZWNpcGhlcml2IiwiZXJyb3IiLCJtZXNzYWdlIiwib2Zmc2V0IiwiaG1hYyIsImdldE1hY0tleSJdLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9hbHdheXMtZW5jcnlwdGVkL2FlYWQtYWVzLTI1Ni1jYmMtaG1hYy1hbGdvcml0aG0udHMiXSwic291cmNlc0NvbnRlbnQiOlsiLy8gVGhpcyBjb2RlIGlzIGJhc2VkIG9uIHRoZSBgbXNzcWwtamRiY2AgbGlicmFyeSBwdWJsaXNoZWQgdW5kZXIgdGhlIGNvbmRpdGlvbnMgb2YgTUlUIGxpY2Vuc2UuXG4vLyBDb3B5cmlnaHQgKGMpIDIwMTkgTWljcm9zb2Z0IENvcnBvcmF0aW9uXG5cbmltcG9ydCB7IHR5cGUgRW5jcnlwdGlvbkFsZ29yaXRobSwgU1FMU2VydmVyRW5jcnlwdGlvblR5cGUgfSBmcm9tICcuL3R5cGVzJztcbmltcG9ydCB7IGNyZWF0ZUhtYWMsIHJhbmRvbUJ5dGVzLCBjcmVhdGVDaXBoZXJpdiwgY3JlYXRlRGVjaXBoZXJpdiB9IGZyb20gJ2NyeXB0byc7XG5pbXBvcnQgeyBBZWFkQWVzMjU2Q2JjSG1hYzI1NkVuY3J5cHRpb25LZXksIGtleVNpemUgfSBmcm9tICcuL2FlYWQtYWVzLTI1Ni1jYmMtaG1hYy1lbmNyeXB0aW9uLWtleSc7XG5cbmV4cG9ydCBjb25zdCBhbGdvcml0aG1OYW1lID0gJ0FFQURfQUVTXzI1Nl9DQkNfSE1BQ19TSEEyNTYnO1xuY29uc3QgYWxnb3JpdGhtVmVyc2lvbiA9IDB4MTtcbmNvbnN0IGJsb2NrU2l6ZUluQnl0ZXMgPSAxNjtcblxuZXhwb3J0IGNsYXNzIEFlYWRBZXMyNTZDYmNIbWFjMjU2QWxnb3JpdGhtIGltcGxlbWVudHMgRW5jcnlwdGlvbkFsZ29yaXRobSB7XG4gIGRlY2xhcmUgcHJpdmF0ZSBjb2x1bW5FbmNyeXB0aW9ua2V5OiBBZWFkQWVzMjU2Q2JjSG1hYzI1NkVuY3J5cHRpb25LZXk7XG4gIGRlY2xhcmUgcHJpdmF0ZSBpc0RldGVybWluaXN0aWM6IGJvb2xlYW47XG4gIGRlY2xhcmUgcHJpdmF0ZSBrZXlTaXplSW5CeXRlczogbnVtYmVyO1xuICBkZWNsYXJlIHByaXZhdGUgdmVyc2lvbjogQnVmZmVyO1xuICBkZWNsYXJlIHByaXZhdGUgdmVyc2lvblNpemU6IEJ1ZmZlcjtcbiAgZGVjbGFyZSBwcml2YXRlIG1pbmltdW1DaXBoZXJUZXh0TGVuZ3RoSW5CeXRlc05vQXV0aGVudGljYXRpb25UYWc6IG51bWJlcjtcbiAgZGVjbGFyZSBwcml2YXRlIG1pbmltdW1DaXBoZXJUZXh0TGVuZ3RoSW5CeXRlc1dpdGhBdXRoZW50aWNhdGlvblRhZzogbnVtYmVyO1xuXG4gIGNvbnN0cnVjdG9yKGNvbHVtbkVuY3J5cHRpb25LZXk6IEFlYWRBZXMyNTZDYmNIbWFjMjU2RW5jcnlwdGlvbktleSwgZW5jcnlwdGlvblR5cGU6IFNRTFNlcnZlckVuY3J5cHRpb25UeXBlKSB7XG4gICAgdGhpcy5rZXlTaXplSW5CeXRlcyA9IGtleVNpemUgLyA4O1xuICAgIHRoaXMudmVyc2lvbiA9IEJ1ZmZlci5mcm9tKFthbGdvcml0aG1WZXJzaW9uXSk7XG4gICAgdGhpcy52ZXJzaW9uU2l6ZSA9IEJ1ZmZlci5mcm9tKFsxXSk7XG4gICAgdGhpcy5taW5pbXVtQ2lwaGVyVGV4dExlbmd0aEluQnl0ZXNOb0F1dGhlbnRpY2F0aW9uVGFnID0gMSArIGJsb2NrU2l6ZUluQnl0ZXMgKyBibG9ja1NpemVJbkJ5dGVzO1xuICAgIHRoaXMubWluaW11bUNpcGhlclRleHRMZW5ndGhJbkJ5dGVzV2l0aEF1dGhlbnRpY2F0aW9uVGFnID0gdGhpcy5taW5pbXVtQ2lwaGVyVGV4dExlbmd0aEluQnl0ZXNOb0F1dGhlbnRpY2F0aW9uVGFnICsgdGhpcy5rZXlTaXplSW5CeXRlcztcbiAgICB0aGlzLmNvbHVtbkVuY3J5cHRpb25rZXkgPSBjb2x1bW5FbmNyeXB0aW9uS2V5O1xuXG4gICAgdGhpcy5pc0RldGVybWluaXN0aWMgPSBlbmNyeXB0aW9uVHlwZSA9PT0gU1FMU2VydmVyRW5jcnlwdGlvblR5cGUuRGV0ZXJtaW5pc3RpYztcbiAgfVxuXG4gIGVuY3J5cHREYXRhKHBsYWludFRleHQ6IEJ1ZmZlcik6IEJ1ZmZlciB7XG4gICAgbGV0IGl2OiBCdWZmZXI7XG5cbiAgICBpZiAodGhpcy5pc0RldGVybWluaXN0aWMgPT09IHRydWUpIHtcbiAgICAgIGNvbnN0IGhtYWNJdiA9IGNyZWF0ZUhtYWMoJ3NoYTI1NicsIHRoaXMuY29sdW1uRW5jcnlwdGlvbmtleS5nZXRJdktleSgpKTtcbiAgICAgIGhtYWNJdi51cGRhdGUocGxhaW50VGV4dCk7XG4gICAgICBpdiA9IGhtYWNJdi5kaWdlc3QoKS5zbGljZSgwLCB
Commit iniziale 2025-02-18 22:59:07 +00:00			`"use strict";`

			`Object.defineProperty(exports, "__esModule", {`
			`value: true`
			`});`
			`exports.algorithmName = exports.AeadAes256CbcHmac256Algorithm = void 0;`
			`var _types = require("./types");`
			`var _crypto = require("crypto");`
			`var _aeadAes256CbcHmacEncryptionKey = require("./aead-aes-256-cbc-hmac-encryption-key");`
			// This code is based on the `mssql-jdbc` library published under the conditions of MIT license.
			`// Copyright (c) 2019 Microsoft Corporation`

			`const algorithmName = exports.algorithmName = 'AEAD_AES_256_CBC_HMAC_SHA256';`
			`const algorithmVersion = 0x1;`
			`const blockSizeInBytes = 16;`
			`class AeadAes256CbcHmac256Algorithm {`
			`constructor(columnEncryptionKey, encryptionType) {`
			`this.keySizeInBytes = _aeadAes256CbcHmacEncryptionKey.keySize / 8;`
			`this.version = Buffer.from([algorithmVersion]);`
			`this.versionSize = Buffer.from([1]);`
			`this.minimumCipherTextLengthInBytesNoAuthenticationTag = 1 + blockSizeInBytes + blockSizeInBytes;`
			`this.minimumCipherTextLengthInBytesWithAuthenticationTag = this.minimumCipherTextLengthInBytesNoAuthenticationTag + this.keySizeInBytes;`
			`this.columnEncryptionkey = columnEncryptionKey;`
			`this.isDeterministic = encryptionType === _types.SQLServerEncryptionType.Deterministic;`
			`}`
			`encryptData(plaintText) {`
			`let iv;`
			`if (this.isDeterministic === true) {`
			`const hmacIv = (0, _crypto.createHmac)('sha256', this.columnEncryptionkey.getIvKey());`
			`hmacIv.update(plaintText);`
			`iv = hmacIv.digest().slice(0, blockSizeInBytes);`
			`} else {`
			`iv = (0, _crypto.randomBytes)(blockSizeInBytes);`
			`}`
			`const encryptCipher = (0, _crypto.createCipheriv)('aes-256-cbc', this.columnEncryptionkey.getEncryptionKey(), iv);`
			`const encryptedBuffer = Buffer.concat([encryptCipher.update(plaintText), encryptCipher.final()]);`
			`const authenticationTag = this._prepareAuthenticationTag(iv, encryptedBuffer, 0, encryptedBuffer.length);`
			`return Buffer.concat([Buffer.from([algorithmVersion]), authenticationTag, iv, encryptedBuffer]);`
			`}`
			`decryptData(cipherText) {`
			`const iv = Buffer.alloc(blockSizeInBytes);`
			`const minimumCiperTextLength = this.minimumCipherTextLengthInBytesWithAuthenticationTag;`
			`if (cipherText.length < minimumCiperTextLength) {`
			throw new Error(`Specified ciphertext has an invalid size of ${cipherText.length} bytes, which is below the minimum ${minimumCiperTextLength} bytes required for decryption.`);
			`}`
			`let startIndex = 0;`
			`if (cipherText[0] !== algorithmVersion) {`
			throw new Error(`The specified ciphertext's encryption algorithm version ${Buffer.from([cipherText[0]]).toString('hex')} does not match the expected encryption algorithm version ${algorithmVersion}.`);
			`}`
			`startIndex += 1;`
			`let authenticationTagOffset = 0;`
			`authenticationTagOffset = startIndex;`
			`startIndex += this.keySizeInBytes;`
			`cipherText.copy(iv, 0, startIndex, startIndex + iv.length);`
			`startIndex += iv.length;`
			`const cipherTextOffset = startIndex;`
			`const cipherTextCount = cipherText.length - startIndex;`
			`const authenticationTag = this._prepareAuthenticationTag(iv, cipherText, cipherTextOffset, cipherTextCount);`
			`if (0 !== authenticationTag.compare(cipherText, authenticationTagOffset, Math.min(authenticationTagOffset + cipherTextCount, authenticationTagOffset + authenticationTag.length), 0, Math.min(cipherTextCount, authenticationTag.length))) {`
			`throw new Error('Specified ciphertext has an invalid authentication tag.');`
			`}`
			`let plainText;`
			`const decipher = (0, _crypto.createDecipheriv)('aes-256-cbc', this.columnEncryptionkey.getEncryptionKey(), iv);`
			`try {`
			`plainText = decipher.update(cipherText.slice(cipherTextOffset, cipherTextOffset + cipherTextCount));`
			`plainText = Buffer.concat([plainText, decipher.final()]);`
			`} catch (error) {`
			throw new Error(`Internal error while decryption: ${error.message}`);
			`}`
			`return plainText;`
			`}`
			`_prepareAuthenticationTag(iv, cipherText, offset, length) {`
			`const hmac = (0, _crypto.createHmac)('sha256', this.columnEncryptionkey.getMacKey());`
			`hmac.update(this.version);`
			`hmac.update(iv);`
			`hmac.update(cipherText.slice(offset, offset + length));`
			`hmac.update(this.versionSize);`
			`return hmac.digest();`
			`}`
			`}`
			`exports.AeadAes256CbcHmac256Algorithm = AeadAes256CbcHmac256Algorithm;`
			//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJuYW1lcyI6WyJfdHlwZXMiLCJyZXF1aXJlIiwiX2NyeXB0byIsIl9hZWFkQWVzMjU2Q2JjSG1hY0VuY3J5cHRpb25LZXkiLCJhbGdvcml0aG1OYW1lIiwiZXhwb3J0cyIsImFsZ29yaXRobVZlcnNpb24iLCJibG9ja1NpemVJbkJ5dGVzIiwiQWVhZEFlczI1NkNiY0htYWMyNTZBbGdvcml0aG0iLCJjb25zdHJ1Y3RvciIsImNvbHVtbkVuY3J5cHRpb25LZXkiLCJlbmNyeXB0aW9uVHlwZSIsImtleVNpemVJbkJ5dGVzIiwia2V5U2l6ZSIsInZlcnNpb24iLCJCdWZmZXIiLCJmcm9tIiwidmVyc2lvblNpemUiLCJtaW5pbXVtQ2lwaGVyVGV4dExlbmd0aEluQnl0ZXNOb0F1dGhlbnRpY2F0aW9uVGFnIiwibWluaW11bUNpcGhlclRleHRMZW5ndGhJbkJ5dGVzV2l0aEF1dGhlbnRpY2F0aW9uVGFnIiwiY29sdW1uRW5jcnlwdGlvbmtleSIsImlzRGV0ZXJtaW5pc3RpYyIsIlNRTFNlcnZlckVuY3J5cHRpb25UeXBlIiwiRGV0ZXJtaW5pc3RpYyIsImVuY3J5cHREYXRhIiwicGxhaW50VGV4dCIsIml2IiwiaG1hY0l2IiwiY3JlYXRlSG1hYyIsImdldEl2S2V5IiwidXBkYXRlIiwiZGlnZXN0Iiwic2xpY2UiLCJyYW5kb21CeXRlcyIsImVuY3J5cHRDaXBoZXIiLCJjcmVhdGVDaXBoZXJpdiIsImdldEVuY3J5cHRpb25LZXkiLCJlbmNyeXB0ZWRCdWZmZXIiLCJjb25jYXQiLCJmaW5hbCIsImF1dGhlbnRpY2F0aW9uVGFnIiwiX3ByZXBhcmVBdXRoZW50aWNhdGlvblRhZyIsImxlbmd0aCIsImRlY3J5cHREYXRhIiwiY2lwaGVyVGV4dCIsImFsbG9jIiwibWluaW11bUNpcGVyVGV4dExlbmd0aCIsIkVycm9yIiwic3RhcnRJbmRleCIsInRvU3RyaW5nIiwiYXV0aGVudGljYXRpb25UYWdPZmZzZXQiLCJjb3B5IiwiY2lwaGVyVGV4dE9mZnNldCIsImNpcGhlclRleHRDb3VudCIsImNvbXBhcmUiLCJNYXRoIiwibWluIiwicGxhaW5UZXh0IiwiZGVjaXBoZXIiLCJjcmVhdGVEZWNpcGhlcml2IiwiZXJyb3IiLCJtZXNzYWdlIiwib2Zmc2V0IiwiaG1hYyIsImdldE1hY0tleSJdLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9hbHdheXMtZW5jcnlwdGVkL2FlYWQtYWVzLTI1Ni1jYmMtaG1hYy1hbGdvcml0aG0udHMiXSwic291cmNlc0NvbnRlbnQiOlsiLy8gVGhpcyBjb2RlIGlzIGJhc2VkIG9uIHRoZSBgbXNzcWwtamRiY2AgbGlicmFyeSBwdWJsaXNoZWQgdW5kZXIgdGhlIGNvbmRpdGlvbnMgb2YgTUlUIGxpY2Vuc2UuXG4vLyBDb3B5cmlnaHQgKGMpIDIwMTkgTWljcm9zb2Z0IENvcnBvcmF0aW9uXG5cbmltcG9ydCB7IHR5cGUgRW5jcnlwdGlvbkFsZ29yaXRobSwgU1FMU2VydmVyRW5jcnlwdGlvblR5cGUgfSBmcm9tICcuL3R5cGVzJztcbmltcG9ydCB7IGNyZWF0ZUhtYWMsIHJhbmRvbUJ5dGVzLCBjcmVhdGVDaXBoZXJpdiwgY3JlYXRlRGVjaXBoZXJpdiB9IGZyb20gJ2NyeXB0byc7XG5pbXBvcnQgeyBBZWFkQWVzMjU2Q2JjSG1hYzI1NkVuY3J5cHRpb25LZXksIGtleVNpemUgfSBmcm9tICcuL2FlYWQtYWVzLTI1Ni1jYmMtaG1hYy1lbmNyeXB0aW9uLWtleSc7XG5cbmV4cG9ydCBjb25zdCBhbGdvcml0aG1OYW1lID0gJ0FFQURfQUVTXzI1Nl9DQkNfSE1BQ19TSEEyNTYnO1xuY29uc3QgYWxnb3JpdGhtVmVyc2lvbiA9IDB4MTtcbmNvbnN0IGJsb2NrU2l6ZUluQnl0ZXMgPSAxNjtcblxuZXhwb3J0IGNsYXNzIEFlYWRBZXMyNTZDYmNIbWFjMjU2QWxnb3JpdGhtIGltcGxlbWVudHMgRW5jcnlwdGlvbkFsZ29yaXRobSB7XG4gIGRlY2xhcmUgcHJpdmF0ZSBjb2x1bW5FbmNyeXB0aW9ua2V5OiBBZWFkQWVzMjU2Q2JjSG1hYzI1NkVuY3J5cHRpb25LZXk7XG4gIGRlY2xhcmUgcHJpdmF0ZSBpc0RldGVybWluaXN0aWM6IGJvb2xlYW47XG4gIGRlY2xhcmUgcHJpdmF0ZSBrZXlTaXplSW5CeXRlczogbnVtYmVyO1xuICBkZWNsYXJlIHByaXZhdGUgdmVyc2lvbjogQnVmZmVyO1xuICBkZWNsYXJlIHByaXZhdGUgdmVyc2lvblNpemU6IEJ1ZmZlcjtcbiAgZGVjbGFyZSBwcml2YXRlIG1pbmltdW1DaXBoZXJUZXh0TGVuZ3RoSW5CeXRlc05vQXV0aGVudGljYXRpb25UYWc6IG51bWJlcjtcbiAgZGVjbGFyZSBwcml2YXRlIG1pbmltdW1DaXBoZXJUZXh0TGVuZ3RoSW5CeXRlc1dpdGhBdXRoZW50aWNhdGlvblRhZzogbnVtYmVyO1xuXG4gIGNvbnN0cnVjdG9yKGNvbHVtbkVuY3J5cHRpb25LZXk6IEFlYWRBZXMyNTZDYmNIbWFjMjU2RW5jcnlwdGlvbktleSwgZW5jcnlwdGlvblR5cGU6IFNRTFNlcnZlckVuY3J5cHRpb25UeXBlKSB7XG4gICAgdGhpcy5rZXlTaXplSW5CeXRlcyA9IGtleVNpemUgLyA4O1xuICAgIHRoaXMudmVyc2lvbiA9IEJ1ZmZlci5mcm9tKFthbGdvcml0aG1WZXJzaW9uXSk7XG4gICAgdGhpcy52ZXJzaW9uU2l6ZSA9IEJ1ZmZlci5mcm9tKFsxXSk7XG4gICAgdGhpcy5taW5pbXVtQ2lwaGVyVGV4dExlbmd0aEluQnl0ZXNOb0F1dGhlbnRpY2F0aW9uVGFnID0gMSArIGJsb2NrU2l6ZUluQnl0ZXMgKyBibG9ja1NpemVJbkJ5dGVzO1xuICAgIHRoaXMubWluaW11bUNpcGhlclRleHRMZW5ndGhJbkJ5dGVzV2l0aEF1dGhlbnRpY2F0aW9uVGFnID0gdGhpcy5taW5pbXVtQ2lwaGVyVGV4dExlbmd0aEluQnl0ZXNOb0F1dGhlbnRpY2F0aW9uVGFnICsgdGhpcy5rZXlTaXplSW5CeXRlcztcbiAgICB0aGlzLmNvbHVtbkVuY3J5cHRpb25rZXkgPSBjb2x1bW5FbmNyeXB0aW9uS2V5O1xuXG4gICAgdGhpcy5pc0RldGVybWluaXN0aWMgPSBlbmNyeXB0aW9uVHlwZSA9PT0gU1FMU2VydmVyRW5jcnlwdGlvblR5cGUuRGV0ZXJtaW5pc3RpYztcbiAgfVxuXG4gIGVuY3J5cHREYXRhKHBsYWludFRleHQ6IEJ1ZmZlcik6IEJ1ZmZlciB7XG4gICAgbGV0IGl2OiBCdWZmZXI7XG5cbiAgICBpZiAodGhpcy5pc0RldGVybWluaXN0aWMgPT09IHRydWUpIHtcbiAgICAgIGNvbnN0IGhtYWNJdiA9IGNyZWF0ZUhtYWMoJ3NoYTI1NicsIHRoaXMuY29sdW1uRW5jcnlwdGlvbmtleS5nZXRJdktleSgpKTtcbiAgICAgIGhtYWNJdi51cGRhdGUocGxhaW50VGV4dCk7XG4gICAgICBpdiA9IGhtYWNJdi5kaWdlc3QoKS5zbGljZSgwLCB