PHP WebShell

• .. (вверх)
• [DIR] ..
• [FILE] explainTransaction.d.ts
• [FILE] explainTransaction.d.ts.map
• [FILE] explainTransaction.js
• [FILE] index.d.ts
• [FILE] index.d.ts.map
• [FILE] index.js
• [FILE] parseOutput.d.ts
• [FILE] parseOutput.d.ts.map
• [FILE] parseOutput.js
• [FILE] parseTransaction.d.ts
• [FILE] parseTransaction.d.ts.map
• [FILE] parseTransaction.js
• [FILE] signTransaction.d.ts
• [FILE] signTransaction.d.ts.map
• [FILE] signTransaction.js
• [FILE] verifyTransaction.d.ts
• [FILE] verifyTransaction.d.ts.map
• [FILE] verifyTransaction.js

Просмотр файла: verifyTransaction.js

"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    var desc = Object.getOwnPropertyDescriptor(m, k);
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
    Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
    o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
    var ownKeys = function(o) {
        ownKeys = Object.getOwnPropertyNames || function (o) {
            var ar = [];
            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
            return ar;
        };
        return ownKeys(o);
    };
    return function (mod) {
        if (mod && mod.__esModule) return mod;
        var result = {};
        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
        __setModuleDefault(result, mod);
        return result;
    };
})();
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.verifyTransaction = verifyTransaction;
const debug_1 = __importDefault(require("debug"));
const lodash_1 = __importDefault(require("lodash"));
const bignumber_js_1 = __importDefault(require("bignumber.js"));
const utxolib = __importStar(require("@bitgo/utxo-lib"));
const verifyKey_1 = require("../../verifyKey");
const fetchInputs_1 = require("../fetchInputs");
const debug = (0, debug_1.default)('bitgo:abstract-utxo:verifyTransaction');
/**
 * Get the maximum percentage limit for pay-as-you-go outputs
 *
 * @protected
 */
function getPayGoLimit(allowPaygoOutput) {
    // allowing paygo outputs needs to be the default behavior, so only disallow paygo outputs if the
    // relevant verification option is both set and false
    if (!lodash_1.default.isNil(allowPaygoOutput) && !allowPaygoOutput) {
        return 0;
    }
    // 150 basis points is the absolute permitted maximum if paygo outputs are allowed
    return 0.015;
}
async function verifyTransaction(coin, bitgo, params) {
    const { txParams, txPrebuild, wallet, verification = {}, reqId } = params;
    if (!lodash_1.default.isUndefined(verification.disableNetworking) && !lodash_1.default.isBoolean(verification.disableNetworking)) {
        throw new Error('verification.disableNetworking must be a boolean');
    }
    const isPsbt = txPrebuild.txHex && utxolib.bitgo.isPsbt(txPrebuild.txHex);
    if (isPsbt && txPrebuild.txInfo?.unspents) {
        throw new Error('should not have unspents in txInfo for psbt');
    }
    const disableNetworking = !!verification.disableNetworking;
    const parsedTransaction = await coin.parseTransaction({
        txParams,
        txPrebuild,
        wallet,
        verification,
        reqId,
    });
    const keychains = parsedTransaction.keychains;
    // verify that the claimed user public key corresponds to the wallet's user private key
    let userPublicKeyVerified = false;
    try {
        // verify the user public key matches the private key - this will throw if there is no match
        userPublicKeyVerified = (0, verifyKey_1.verifyUserPublicKey)(bitgo, { userKeychain: keychains.user, disableNetworking, txParams });
    }
    catch (e) {
        debug('failed to verify user public key!', e);
    }
    // let's verify these keychains
    const keySignatures = parsedTransaction.keySignatures;
    if (!lodash_1.default.isEmpty(keySignatures)) {
        const verify = (key, pub) => {
            if (!keychains.user || !keychains.user.pub) {
                throw new Error('missing user keychain');
            }
            return (0, verifyKey_1.verifyKeySignature)({
                userKeychain: keychains.user,
                keychainToVerify: key,
                keySignature: pub,
            });
        };
        const isBackupKeySignatureValid = verify(keychains.backup, keySignatures.backupPub);
        const isBitgoKeySignatureValid = verify(keychains.bitgo, keySignatures.bitgoPub);
        if (!isBackupKeySignatureValid || !isBitgoKeySignatureValid) {
            throw new Error('secondary public key signatures invalid');
        }
        debug('successfully verified backup and bitgo key signatures');
    }
    else if (!disableNetworking) {
        // these keys were obtained online and their signatures were not verified
        // this could be dangerous
        console.log('unsigned keys obtained online are being used for address verification');
    }
    if (parsedTransaction.needsCustomChangeKeySignatureVerification) {
        if (!keychains.user || !userPublicKeyVerified) {
            throw new Error('transaction requires verification of user public key, but it was unable to be verified');
        }
        const customChangeKeySignaturesVerified = (0, verifyKey_1.verifyCustomChangeKeySignatures)(parsedTransaction, keychains.user);
        if (!customChangeKeySignaturesVerified) {
            throw new Error('transaction requires verification of custom change key signatures, but they were unable to be verified');
        }
        debug('successfully verified user public key and custom change key signatures');
    }
    const missingOutputs = parsedTransaction.missingOutputs;
    if (missingOutputs.length !== 0) {
        // there are some outputs in the recipients list that have not made it into the actual transaction
        throw new Error('expected outputs missing in transaction prebuild');
    }
    const intendedExternalSpend = parsedTransaction.explicitExternalSpendAmount;
    // this is a limit we impose for the total value that is amended to the transaction beyond what was originally intended
    const payAsYouGoLimit = new bignumber_js_1.default(getPayGoLimit(verification.allowPaygoOutput)).multipliedBy(intendedExternalSpend.toString());
    /*
    Some explanation for why we're doing what we're doing:
    Some customers will have an output to BitGo's PAYGo wallet added to their transaction, and we need to account for
    it here. To protect someone tampering with the output to make it send more than it should to BitGo, we define a
    threshold for the output's value above which we'll throw an error, because the paygo output should never be that
    high.
     */
    // make sure that all the extra addresses are change addresses
    // get all the additional external outputs the server added and calculate their values
    const nonChangeAmount = new bignumber_js_1.default(parsedTransaction.implicitExternalSpendAmount.toString());
    debug('Intended spend is %s, Non-change amount is %s, paygo limit is %s', intendedExternalSpend.toString(), nonChangeAmount.toString(), payAsYouGoLimit.toString());
    // There are two instances where we will get into this point here
    if (nonChangeAmount.gt(payAsYouGoLimit)) {
        if (isPsbt && parsedTransaction.customChange) {
            // In the case that we have a custom change address on a wallet and we are building the transaction
            // with a PSBT, we do not have the metadata to verify the address from the custom change wallet, nor
            // can we fetch that information from the other wallet because we may not have the credentials. Therefore,
            // we will not throw an error here, but we will log a warning.
            debug(`cannot verify some of the addresses because it belongs to a separate wallet`);
        }
        else {
            // the additional external outputs can only be BitGo's pay-as-you-go fee, but we cannot verify the wallet address
            // there are some addresses that are outside the scope of intended recipients that are not change addresses
            throw new Error('prebuild attempts to spend to unintended external recipients');
        }
    }
    const allOutputs = parsedTransaction.outputs;
    if (!txPrebuild.txHex) {
        throw new Error(`txPrebuild.txHex not set`);
    }
    const inputs = isPsbt
        ? (0, fetchInputs_1.getPsbtTxInputs)(txPrebuild.txHex, coin.network).map((v) => ({
            ...v,
            value: utxolib.bitgo.toTNumber(v.value, coin.amountType),
        }))
        : await (0, fetchInputs_1.getTxInputs)({ txPrebuild, bitgo, coin, disableNetworking, reqId });
    // coins (doge) that can exceed number limits (and thus will use bigint) will have the `valueString` field
    const inputAmount = inputs.reduce((sum, i) => sum + BigInt(coin.amountType === 'bigint' ? i.valueString : i.value), BigInt(0));
    const outputAmount = allOutputs.reduce((sum, o) => sum + BigInt(o.amount), BigInt(0));
    const fee = inputAmount - outputAmount;
    if (fee < 0) {
        throw new Error(`attempting to spend ${outputAmount} satoshis, which exceeds the input amount (${inputAmount} satoshis) by ${-fee}`);
    }
    return true;
}
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidmVyaWZ5VHJhbnNhY3Rpb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvdHJhbnNhY3Rpb24vZml4ZWRTY3JpcHQvdmVyaWZ5VHJhbnNhY3Rpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUEyQkEsOENBZ0pDO0FBM0tELGtEQUErQjtBQUMvQixvREFBdUI7QUFDdkIsZ0VBQXFDO0FBRXJDLHlEQUEyQztBQUczQywrQ0FBMkc7QUFDM0csZ0RBQThEO0FBRTlELE1BQU0sS0FBSyxHQUFHLElBQUEsZUFBVSxFQUFDLHVDQUF1QyxDQUFDLENBQUM7QUFFbEU7Ozs7R0FJRztBQUNILFNBQVMsYUFBYSxDQUFDLGdCQUEwQjtJQUMvQyxpR0FBaUc7SUFDakcscURBQXFEO0lBQ3JELElBQUksQ0FBQyxnQkFBQyxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztRQUNwRCxPQUFPLENBQUMsQ0FBQztJQUNYLENBQUM7SUFDRCxrRkFBa0Y7SUFDbEYsT0FBTyxLQUFLLENBQUM7QUFDZixDQUFDO0FBRU0sS0FBSyxVQUFVLGlCQUFpQixDQUNyQyxJQUFzQixFQUN0QixLQUFnQixFQUNoQixNQUF5QztJQUV6QyxNQUFNLEVBQUUsUUFBUSxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsWUFBWSxHQUFHLEVBQUUsRUFBRSxLQUFLLEVBQUUsR0FBRyxNQUFNLENBQUM7SUFFMUUsSUFBSSxDQUFDLGdCQUFDLENBQUMsV0FBVyxDQUFDLFlBQVksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsZ0JBQUMsQ0FBQyxTQUFTLENBQUMsWUFBWSxDQUFDLGlCQUFpQixDQUFDLEVBQUUsQ0FBQztRQUNuRyxNQUFNLElBQUksS0FBSyxDQUFDLGtEQUFrRCxDQUFDLENBQUM7SUFDdEUsQ0FBQztJQUNELE1BQU0sTUFBTSxHQUFHLFVBQVUsQ0FBQyxLQUFLLElBQUksT0FBTyxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQzFFLElBQUksTUFBTSxJQUFJLFVBQVUsQ0FBQyxNQUFNLEVBQUUsUUFBUSxFQUFFLENBQUM7UUFDMUMsTUFBTSxJQUFJLEtBQUssQ0FBQyw2Q0FBNkMsQ0FBQyxDQUFDO0lBQ2pFLENBQUM7SUFDRCxNQUFNLGlCQUFpQixHQUFHLENBQUMsQ0FBQyxZQUFZLENBQUMsaUJBQWlCLENBQUM7SUFDM0QsTUFBTSxpQkFBaUIsR0FBK0IsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLENBQVU7UUFDekYsUUFBUTtRQUNSLFVBQVU7UUFDVixNQUFNO1FBQ04sWUFBWTtRQUNaLEtBQUs7S0FDTixDQUFDLENBQUM7SUFFSCxNQUFNLFNBQVMsR0FBRyxpQkFBaUIsQ0FBQyxTQUFTLENBQUM7SUFFOUMsdUZBQXVGO0lBQ3ZGLElBQUkscUJBQXFCLEdBQUcsS0FBSyxDQUFDO0lBQ2xDLElBQUksQ0FBQztRQUNILDRGQUE0RjtRQUM1RixxQkFBcUIsR0FBRyxJQUFBLCtCQUFtQixFQUFDLEtBQUssRUFBRSxFQUFFLFlBQVksRUFBRSxTQUFTLENBQUMsSUFBSSxFQUFFLGlCQUFpQixFQUFFLFFBQVEsRUFBRSxDQUFDLENBQUM7SUFDcEgsQ0FBQztJQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7UUFDWCxLQUFLLENBQUMsbUNBQW1DLEVBQUUsQ0FBQyxDQUFDLENBQUM7SUFDaEQsQ0FBQztJQUVELCtCQUErQjtJQUMvQixNQUFNLGFBQWEsR0FBRyxpQkFBaUIsQ0FBQyxhQUFhLENBQUM7SUFDdEQsSUFBSSxDQUFDLGdCQUFDLENBQUMsT0FBTyxDQUFDLGFBQWEsQ0FBQyxFQUFFLENBQUM7UUFDOUIsTUFBTSxNQUFNLEdBQUcsQ0FBQyxHQUFHLEVBQUUsR0FBRyxFQUFFLEVBQUU7WUFDMUIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO2dCQUMzQyxNQUFNLElBQUksS0FBSyxDQUFDLHVCQUF1QixDQUFDLENBQUM7WUFDM0MsQ0FBQztZQUNELE9BQU8sSUFBQSw4QkFBa0IsRUFBQztnQkFDeEIsWUFBWSxFQUFFLFNBQVMsQ0FBQyxJQUF1QjtnQkFDL0MsZ0JBQWdCLEVBQUUsR0FBRztnQkFDckIsWUFBWSxFQUFFLEdBQUc7YUFDbEIsQ0FBQyxDQUFDO1FBQ0wsQ0FBQyxDQUFDO1FBQ0YsTUFBTSx5QkFBeUIsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDLE1BQU0sRUFBRSxhQUFhLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDcEYsTUFBTSx3QkFBd0IsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDLEtBQUssRUFBRSxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDakYsSUFBSSxDQUFDLHlCQUF5QixJQUFJLENBQUMsd0JBQXdCLEVBQUUsQ0FBQztZQUM1RCxNQUFNLElBQUksS0FBSyxDQUFDLHlDQUF5QyxDQUFDLENBQUM7UUFDN0QsQ0FBQztRQUNELEtBQUssQ0FBQyx1REFBdUQsQ0FBQyxDQUFDO0lBQ2pFLENBQUM7U0FBTSxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztRQUM5Qix5RUFBeUU7UUFDekUsMEJBQTBCO1FBQzFCLE9BQU8sQ0FBQyxHQUFHLENBQUMsdUVBQXVFLENBQUMsQ0FBQztJQUN2RixDQUFDO0lBRUQsSUFBSSxpQkFBaUIsQ0FBQyx5Q0FBeUMsRUFBRSxDQUFDO1FBQ2hFLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxJQUFJLENBQUMscUJBQXFCLEVBQUUsQ0FBQztZQUM5QyxNQUFNLElBQUksS0FBSyxDQUFDLHdGQUF3RixDQUFDLENBQUM7UUFDNUcsQ0FBQztRQUNELE1BQU0saUNBQWlDLEdBQUcsSUFBQSwyQ0FBK0IsRUFBQyxpQkFBaUIsRUFBRSxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDN0csSUFBSSxDQUFDLGlDQUFpQyxFQUFFLENBQUM7WUFDdkMsTUFBTSxJQUFJLEtBQUssQ0FDYix3R0FBd0csQ0FDekcsQ0FBQztRQUNKLENBQUM7UUFDRCxLQUFLLENBQUMsd0VBQXdFLENBQUMsQ0FBQztJQUNsRixDQUFDO0lBRUQsTUFBTSxjQUFjLEdBQUcsaUJBQWlCLENBQUMsY0FBYyxDQUFDO0lBQ3hELElBQUksY0FBYyxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQztRQUNoQyxrR0FBa0c7UUFDbEcsTUFBTSxJQUFJLEtBQUssQ0FBQyxrREFBa0QsQ0FBQyxDQUFDO0lBQ3RFLENBQUM7SUFFRCxNQUFNLHFCQUFxQixHQUFHLGlCQUFpQixDQUFDLDJCQUEyQixDQUFDO0lBRTVFLHVIQUF1SDtJQUN2SCxNQUFNLGVBQWUsR0FBRyxJQUFJLHNCQUFTLENBQUMsYUFBYSxDQUFDLFlBQVksQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLENBQUMsWUFBWSxDQUM5RixxQkFBcUIsQ0FBQyxRQUFRLEVBQUUsQ0FDakMsQ0FBQztJQUVGOzs7Ozs7T0FNRztJQUVILDhEQUE4RDtJQUM5RCxzRkFBc0Y7SUFDdEYsTUFBTSxlQUFlLEdBQUcsSUFBSSxzQkFBUyxDQUFDLGlCQUFpQixDQUFDLDJCQUEyQixDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7SUFFaEcsS0FBSyxDQUNILGtFQUFrRSxFQUNsRSxxQkFBcUIsQ0FBQyxRQUFRLEVBQUUsRUFDaEMsZUFBZSxDQUFDLFFBQVEsRUFBRSxFQUMxQixlQUFlLENBQUMsUUFBUSxFQUFFLENBQzNCLENBQUM7SUFFRixpRUFBaUU7SUFDakUsSUFBSSxlQUFlLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQyxFQUFFLENBQUM7UUFDeEMsSUFBSSxNQUFNLElBQUksaUJBQWlCLENBQUMsWUFBWSxFQUFFLENBQUM7WUFDN0MsbUdBQW1HO1lBQ25HLG9HQUFvRztZQUNwRywwR0FBMEc7WUFDMUcsOERBQThEO1lBQzlELEtBQUssQ0FBQyw2RUFBNkUsQ0FBQyxDQUFDO1FBQ3ZGLENBQUM7YUFBTSxDQUFDO1lBQ04saUhBQWlIO1lBQ2pILDJHQUEyRztZQUMzRyxNQUFNLElBQUksS0FBSyxDQUFDLDhEQUE4RCxDQUFDLENBQUM7UUFDbEYsQ0FBQztJQUNILENBQUM7SUFFRCxNQUFNLFVBQVUsR0FBRyxpQkFBaUIsQ0FBQyxPQUFPLENBQUM7SUFDN0MsSUFBSSxDQUFDLFVBQVUsQ0FBQyxLQUFLLEVBQUUsQ0FBQztRQUN0QixNQUFNLElBQUksS0FBSyxDQUFDLDBCQUEwQixDQUFDLENBQUM7SUFDOUMsQ0FBQztJQUNELE1BQU0sTUFBTSxHQUFHLE1BQU07UUFDbkIsQ0FBQyxDQUFDLElBQUEsNkJBQWUsRUFBQyxVQUFVLENBQUMsS0FBSyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7WUFDMUQsR0FBRyxDQUFDO1lBQ0osS0FBSyxFQUFFLE9BQU8sQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxLQUFLLEVBQUUsSUFBSSxDQUFDLFVBQVUsQ0FBQztTQUN6RCxDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsTUFBTSxJQUFBLHlCQUFXLEVBQUMsRUFBRSxVQUFVLEVBQUUsS0FBSyxFQUFFLElBQUksRUFBRSxpQkFBaUIsRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO0lBQzdFLDBHQUEwRztJQUMxRyxNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUMvQixDQUFDLEdBQVcsRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDLEdBQUcsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLFVBQVUsS0FBSyxRQUFRLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsRUFDeEYsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUNWLENBQUM7SUFDRixNQUFNLFlBQVksR0FBRyxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUMsR0FBVyxFQUFFLENBQVMsRUFBRSxFQUFFLENBQUMsR0FBRyxHQUFHLE1BQU0sQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLEVBQUUsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDdEcsTUFBTSxHQUFHLEdBQUcsV0FBVyxHQUFHLFlBQVksQ0FBQztJQUV2QyxJQUFJLEdBQUcsR0FBRyxDQUFDLEVBQUUsQ0FBQztRQUNaLE1BQU0sSUFBSSxLQUFLLENBQ2IsdUJBQXVCLFlBQVksOENBQThDLFdBQVcsaUJBQWlCLENBQUMsR0FBRyxFQUFFLENBQ3BILENBQUM7SUFDSixDQUFDO0lBRUQsT0FBTyxJQUFJLENBQUM7QUFDZCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IGJ1aWxkRGVidWcgZnJvbSAnZGVidWcnO1xuaW1wb3J0IF8gZnJvbSAnbG9kYXNoJztcbmltcG9ydCBCaWdOdW1iZXIgZnJvbSAnYmlnbnVtYmVyLmpzJztcbmltcG9ydCB7IEJpdEdvQmFzZSB9IGZyb20gJ0BiaXRnby9zZGstY29yZSc7XG5pbXBvcnQgKiBhcyB1dHhvbGliIGZyb20gJ0BiaXRnby91dHhvLWxpYic7XG5cbmltcG9ydCB7IEFic3RyYWN0VXR4b0NvaW4sIE91dHB1dCwgUGFyc2VkVHJhbnNhY3Rpb24sIFZlcmlmeVRyYW5zYWN0aW9uT3B0aW9ucyB9IGZyb20gJy4uLy4uL2Fic3RyYWN0VXR4b0NvaW4nO1xuaW1wb3J0IHsgdmVyaWZ5Q3VzdG9tQ2hhbmdlS2V5U2lnbmF0dXJlcywgdmVyaWZ5S2V5U2lnbmF0dXJlLCB2ZXJpZnlVc2VyUHVibGljS2V5IH0gZnJvbSAnLi4vLi4vdmVyaWZ5S2V5JztcbmltcG9ydCB7IGdldFBzYnRUeElucHV0cywgZ2V0VHhJbnB1dHMgfSBmcm9tICcuLi9mZXRjaElucHV0cyc7XG5cbmNvbnN0IGRlYnVnID0gYnVpbGREZWJ1ZygnYml0Z286YWJzdHJhY3QtdXR4bzp2ZXJpZnlUcmFuc2FjdGlvbicpO1xuXG4vKipcbiAqIEdldCB0aGUgbWF4aW11bSBwZXJjZW50YWdlIGxpbWl0IGZvciBwYXktYXMteW91LWdvIG91dHB1dHNcbiAqXG4gKiBAcHJvdGVjdGVkXG4gKi9cbmZ1bmN0aW9uIGdldFBheUdvTGltaXQoYWxsb3dQYXlnb091dHB1dD86IGJvb2xlYW4pOiBudW1iZXIge1xuICAvLyBhbGxvd2luZyBwYXlnbyBvdXRwdXRzIG5lZWRzIHRvIGJlIHRoZSBkZWZhdWx0IGJlaGF2aW9yLCBzbyBvbmx5IGRpc2FsbG93IHBheWdvIG91dHB1dHMgaWYgdGhlXG4gIC8vIHJlbGV2YW50IHZlcmlmaWNhdGlvbiBvcHRpb24gaXMgYm90aCBzZXQgYW5kIGZhbHNlXG4gIGlmICghXy5pc05pbChhbGxvd1BheWdvT3V0cHV0KSAmJiAhYWxsb3dQYXlnb091dHB1dCkge1xuICAgIHJldHVybiAwO1xuICB9XG4gIC8vIDE1MCBiYXNpcyBwb2ludHMgaXMgdGhlIGFic29sdXRlIHBlcm1pdHRlZCBtYXhpbXVtIGlmIHBheWdvIG91dHB1dHMgYXJlIGFsbG93ZWRcbiAgcmV0dXJuIDAuMDE1O1xufVxuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gdmVyaWZ5VHJhbnNhY3Rpb248VE51bWJlciBleHRlbmRzIGJpZ2ludCB8IG51bWJlcj4oXG4gIGNvaW46IEFic3RyYWN0VXR4b0NvaW4sXG4gIGJpdGdvOiBCaXRHb0Jhc2UsXG4gIHBhcmFtczogVmVyaWZ5VHJhbnNhY3Rpb25PcHRpb25zPFROdW1iZXI+XG4pOiBQcm9taXNlPGJvb2xlYW4+IHtcbiAgY29uc3QgeyB0eFBhcmFtcywgdHhQcmVidWlsZCwgd2FsbGV0LCB2ZXJpZmljYXRpb24gPSB7fSwgcmVxSWQgfSA9IHBhcmFtcztcblxuICBpZiAoIV8uaXNVbmRlZmluZWQodmVyaWZpY2F0aW9uLmRpc2FibGVOZXR3b3JraW5nKSAmJiAhXy5pc0Jvb2xlYW4odmVyaWZpY2F0aW9uLmRpc2FibGVOZXR3b3JraW5nKSkge1xuICAgIHRocm93IG5ldyBFcnJvcigndmVyaWZpY2F0aW9uLmRpc2FibGVOZXR3b3JraW5nIG11c3QgYmUgYSBib29sZWFuJyk7XG4gIH1cbiAgY29uc3QgaXNQc2J0ID0gdHhQcmVidWlsZC50eEhleCAmJiB1dHhvbGliLmJpdGdvLmlzUHNidCh0eFByZWJ1aWxkLnR4SGV4KTtcbiAgaWYgKGlzUHNidCAmJiB0eFByZWJ1aWxkLnR4SW5mbz8udW5zcGVudHMpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoJ3Nob3VsZCBub3QgaGF2ZSB1bnNwZW50cyBpbiB0eEluZm8gZm9yIHBzYnQnKTtcbiAgfVxuICBjb25zdCBkaXNhYmxlTmV0d29ya2luZyA9ICEhdmVyaWZpY2F0aW9uLmRpc2FibGVOZXR3b3JraW5nO1xuICBjb25zdCBwYXJzZWRUcmFuc2FjdGlvbjogUGFyc2VkVHJhbnNhY3Rpb248VE51bWJlcj4gPSBhd2FpdCBjb2luLnBhcnNlVHJhbnNhY3Rpb248VE51bWJlcj4oe1xuICAgIHR4UGFyYW1zLFxuICAgIHR4UHJlYnVpbGQsXG4gICAgd2FsbGV0LFxuICAgIHZlcmlmaWNhdGlvbixcbiAgICByZXFJZCxcbiAgfSk7XG5cbiAgY29uc3Qga2V5Y2hhaW5zID0gcGFyc2VkVHJhbnNhY3Rpb24ua2V5Y2hhaW5zO1xuXG4gIC8vIHZlcmlmeSB0aGF0IHRoZSBjbGFpbWVkIHVzZXIgcHVibGljIGtleSBjb3JyZXNwb25kcyB0byB0aGUgd2FsbGV0J3MgdXNlciBwcml2YXRlIGtleVxuICBsZXQgdXNlclB1YmxpY0tleVZlcmlmaWVkID0gZmFsc2U7XG4gIHRyeSB7XG4gICAgLy8gdmVyaWZ5IHRoZSB1c2VyIHB1YmxpYyBrZXkgbWF0Y2hlcyB0aGUgcHJpdmF0ZSBrZXkgLSB0aGlzIHdpbGwgdGhyb3cgaWYgdGhlcmUgaXMgbm8gbWF0Y2hcbiAgICB1c2VyUHVibGljS2V5VmVyaWZpZWQgPSB2ZXJpZnlVc2VyUHVibGljS2V5KGJpdGdvLCB7IHVzZXJLZXljaGFpbjoga2V5Y2hhaW5zLnVzZXIsIGRpc2FibGVOZXR3b3JraW5nLCB0eFBhcmFtcyB9KTtcbiAgfSBjYXRjaCAoZSkge1xuICAgIGRlYnVnKCdmYWlsZWQgdG8gdmVyaWZ5IHVzZXIgcHVibGljIGtleSEnLCBlKTtcbiAgfVxuXG4gIC8vIGxldCdzIHZlcmlmeSB0aGVzZSBrZXljaGFpbnNcbiAgY29uc3Qga2V5U2lnbmF0dXJlcyA9IHBhcnNlZFRyYW5zYWN0aW9uLmtleVNpZ25hdHVyZXM7XG4gIGlmICghXy5pc0VtcHR5KGtleVNpZ25hdHVyZXMpKSB7XG4gICAgY29uc3QgdmVyaWZ5ID0gKGtleSwgcHViKSA9PiB7XG4gICAgICBpZiAoIWtleWNoYWlucy51c2VyIHx8ICFrZXljaGFpbnMudXNlci5wdWIpIHtcbiAgICAgICAgdGhyb3cgbmV3IEVycm9yKCdtaXNzaW5nIHVzZXIga2V5Y2hhaW4nKTtcbiAgICAgIH1cbiAgICAgIHJldHVybiB2ZXJpZnlLZXlTaWduYXR1cmUoe1xuICAgICAgICB1c2VyS2V5Y2hhaW46IGtleWNoYWlucy51c2VyIGFzIHsgcHViOiBzdHJpbmcgfSxcbiAgICAgICAga2V5Y2hhaW5Ub1ZlcmlmeToga2V5LFxuICAgICAgICBrZXlTaWduYXR1cmU6IHB1YixcbiAgICAgIH0pO1xuICAgIH07XG4gICAgY29uc3QgaXNCYWNrdXBLZXlTaWduYXR1cmVWYWxpZCA9IHZlcmlmeShrZXljaGFpbnMuYmFja3VwLCBrZXlTaWduYXR1cmVzLmJhY2t1cFB1Yik7XG4gICAgY29uc3QgaXNCaXRnb0tleVNpZ25hdHVyZVZhbGlkID0gdmVyaWZ5KGtleWNoYWlucy5iaXRnbywga2V5U2lnbmF0dXJlcy5iaXRnb1B1Yik7XG4gICAgaWYgKCFpc0JhY2t1cEtleVNpZ25hdHVyZVZhbGlkIHx8ICFpc0JpdGdvS2V5U2lnbmF0dXJlVmFsaWQpIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcignc2Vjb25kYXJ5IHB1YmxpYyBrZXkgc2lnbmF0dXJlcyBpbnZhbGlkJyk7XG4gICAgfVxuICAgIGRlYnVnKCdzdWNjZXNzZnVsbHkgdmVyaWZpZWQgYmFja3VwIGFuZCBiaXRnbyBrZXkgc2lnbmF0dXJlcycpO1xuICB9IGVsc2UgaWYgKCFkaXNhYmxlTmV0d29ya2luZykge1xuICAgIC8vIHRoZXNlIGtleXMgd2VyZSBvYnRhaW5lZCBvbmxpbmUgYW5kIHRoZWlyIHNpZ25hdHVyZXMgd2VyZSBub3QgdmVyaWZpZWRcbiAgICAvLyB0aGlzIGNvdWxkIGJlIGRhbmdlcm91c1xuICAgIGNvbnNvbGUubG9nKCd1bnNpZ25lZCBrZXlzIG9idGFpbmVkIG9ubGluZSBhcmUgYmVpbmcgdXNlZCBmb3IgYWRkcmVzcyB2ZXJpZmljYXRpb24nKTtcbiAgfVxuXG4gIGlmIChwYXJzZWRUcmFuc2FjdGlvbi5uZWVkc0N1c3RvbUNoYW5nZUtleVNpZ25hdHVyZVZlcmlmaWNhdGlvbikge1xuICAgIGlmICgha2V5Y2hhaW5zLnVzZXIgfHwgIXVzZXJQdWJsaWNLZXlWZXJpZmllZCkge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKCd0cmFuc2FjdGlvbiByZXF1aXJlcyB2ZXJpZmljYXRpb24gb2YgdXNlciBwdWJsaWMga2V5LCBidXQgaXQgd2FzIHVuYWJsZSB0byBiZSB2ZXJpZmllZCcpO1xuICAgIH1cbiAgICBjb25zdCBjdXN0b21DaGFuZ2VLZXlTaWduYXR1cmVzVmVyaWZpZWQgPSB2ZXJpZnlDdXN0b21DaGFuZ2VLZXlTaWduYXR1cmVzKHBhcnNlZFRyYW5zYWN0aW9uLCBrZXljaGFpbnMudXNlcik7XG4gICAgaWYgKCFjdXN0b21DaGFuZ2VLZXlTaWduYXR1cmVzVmVyaWZpZWQpIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgJ3RyYW5zYWN0aW9uIHJlcXVpcmVzIHZlcmlmaWNhdGlvbiBvZiBjdXN0b20gY2hhbmdlIGtleSBzaWduYXR1cmVzLCBidXQgdGhleSB3ZXJlIHVuYWJsZSB0byBiZSB2ZXJpZmllZCdcbiAgICAgICk7XG4gICAgfVxuICAgIGRlYnVnKCdzdWNjZXNzZnVsbHkgdmVyaWZpZWQgdXNlciBwdWJsaWMga2V5IGFuZCBjdXN0b20gY2hhbmdlIGtleSBzaWduYXR1cmVzJyk7XG4gIH1cblxuICBjb25zdCBtaXNzaW5nT3V0cHV0cyA9IHBhcnNlZFRyYW5zYWN0aW9uLm1pc3NpbmdPdXRwdXRzO1xuICBpZiAobWlzc2luZ091dHB1dHMubGVuZ3RoICE9PSAwKSB7XG4gICAgLy8gdGhlcmUgYXJlIHNvbWUgb3V0cHV0cyBpbiB0aGUgcmVjaXBpZW50cyBsaXN0IHRoYXQgaGF2ZSBub3QgbWFkZSBpdCBpbnRvIHRoZSBhY3R1YWwgdHJhbnNhY3Rpb25cbiAgICB0aHJvdyBuZXcgRXJyb3IoJ2V4cGVjdGVkIG91dHB1dHMgbWlzc2luZyBpbiB0cmFuc2FjdGlvbiBwcmVidWlsZCcpO1xuICB9XG5cbiAgY29uc3QgaW50ZW5kZWRFeHRlcm5hbFNwZW5kID0gcGFyc2VkVHJhbnNhY3Rpb24uZXhwbGljaXRFeHRlcm5hbFNwZW5kQW1vdW50O1xuXG4gIC8vIHRoaXMgaXMgYSBsaW1pdCB3ZSBpbXBvc2UgZm9yIHRoZSB0b3RhbCB2YWx1ZSB0aGF0IGlzIGFtZW5kZWQgdG8gdGhlIHRyYW5zYWN0aW9uIGJleW9uZCB3aGF0IHdhcyBvcmlnaW5hbGx5IGludGVuZGVkXG4gIGNvbnN0IHBheUFzWW91R29MaW1pdCA9IG5ldyBCaWdOdW1iZXIoZ2V0UGF5R29MaW1pdCh2ZXJpZmljYXRpb24uYWxsb3dQYXlnb091dHB1dCkpLm11bHRpcGxpZWRCeShcbiAgICBpbnRlbmRlZEV4dGVybmFsU3BlbmQudG9TdHJpbmcoKVxuICApO1xuXG4gIC8qXG4gIFNvbWUgZXhwbGFuYXRpb24gZm9yIHdoeSB3ZSdyZSBkb2luZyB3aGF0IHdlJ3JlIGRvaW5nOlxuICBTb21lIGN1c3RvbWVycyB3aWxsIGhhdmUgYW4gb3V0cHV0IHRvIEJpdEdvJ3MgUEFZR28gd2FsbGV0IGFkZGVkIHRvIHRoZWlyIHRyYW5zYWN0aW9uLCBhbmQgd2UgbmVlZCB0byBhY2NvdW50IGZvclxuICBpdCBoZXJlLiBUbyBwcm90ZWN0IHNvbWVvbmUgdGFtcGVyaW5nIHdpdGggdGhlIG91dHB1dCB0byBtYWtlIGl0IHNlbmQgbW9yZSB0aGFuIGl0IHNob3VsZCB0byBCaXRHbywgd2UgZGVmaW5lIGFcbiAgdGhyZXNob2xkIGZvciB0aGUgb3V0cHV0J3MgdmFsdWUgYWJvdmUgd2hpY2ggd2UnbGwgdGhyb3cgYW4gZXJyb3IsIGJlY2F1c2UgdGhlIHBheWdvIG91dHB1dCBzaG91bGQgbmV2ZXIgYmUgdGhhdFxuICBoaWdoLlxuICAgKi9cblxuICAvLyBtYWtlIHN1cmUgdGhhdCBhbGwgdGhlIGV4dHJhIGFkZHJlc3NlcyBhcmUgY2hhbmdlIGFkZHJlc3Nlc1xuICAvLyBnZXQgYWxsIHRoZSBhZGRpdGlvbmFsIGV4dGVybmFsIG91dHB1dHMgdGhlIHNlcnZlciBhZGRlZCBhbmQgY2FsY3VsYXRlIHRoZWlyIHZhbHVlc1xuICBjb25zdCBub25DaGFuZ2VBbW91bnQgPSBuZXcgQmlnTnVtYmVyKHBhcnNlZFRyYW5zYWN0aW9uLmltcGxpY2l0RXh0ZXJuYWxTcGVuZEFtb3VudC50b1N0cmluZygpKTtcblxuICBkZWJ1ZyhcbiAgICAnSW50ZW5kZWQgc3BlbmQgaXMgJXMsIE5vbi1jaGFuZ2UgYW1vdW50IGlzICVzLCBwYXlnbyBsaW1pdCBpcyAlcycsXG4gICAgaW50ZW5kZWRFeHRlcm5hbFNwZW5kLnRvU3RyaW5nKCksXG4gICAgbm9uQ2hhbmdlQW1vdW50LnRvU3RyaW5nKCksXG4gICAgcGF5QXNZb3VHb0xpbWl0LnRvU3RyaW5nKClcbiAgKTtcblxuICAvLyBUaGVyZSBhcmUgdHdvIGluc3RhbmNlcyB3aGVyZSB3ZSB3aWxsIGdldCBpbnRvIHRoaXMgcG9pbnQgaGVyZVxuICBpZiAobm9uQ2hhbmdlQW1vdW50Lmd0KHBheUFzWW91R29MaW1pdCkpIHtcbiAgICBpZiAoaXNQc2J0ICYmIHBhcnNlZFRyYW5zYWN0aW9uLmN1c3RvbUNoYW5nZSkge1xuICAgICAgLy8gSW4gdGhlIGNhc2UgdGhhdCB3ZSBoYXZlIGEgY3VzdG9tIGNoYW5nZSBhZGRyZXNzIG9uIGEgd2FsbGV0IGFuZCB3ZSBhcmUgYnVpbGRpbmcgdGhlIHRyYW5zYWN0aW9uXG4gICAgICAvLyB3aXRoIGEgUFNCVCwgd2UgZG8gbm90IGhhdmUgdGhlIG1ldGFkYXRhIHRvIHZlcmlmeSB0aGUgYWRkcmVzcyBmcm9tIHRoZSBjdXN0b20gY2hhbmdlIHdhbGxldCwgbm9yXG4gICAgICAvLyBjYW4gd2UgZmV0Y2ggdGhhdCBpbmZvcm1hdGlvbiBmcm9tIHRoZSBvdGhlciB3YWxsZXQgYmVjYXVzZSB3ZSBtYXkgbm90IGhhdmUgdGhlIGNyZWRlbnRpYWxzLiBUaGVyZWZvcmUsXG4gICAgICAvLyB3ZSB3aWxsIG5vdCB0aHJvdyBhbiBlcnJvciBoZXJlLCBidXQgd2Ugd2lsbCBsb2cgYSB3YXJuaW5nLlxuICAgICAgZGVidWcoYGNhbm5vdCB2ZXJpZnkgc29tZSBvZiB0aGUgYWRkcmVzc2VzIGJlY2F1c2UgaXQgYmVsb25ncyB0byBhIHNlcGFyYXRlIHdhbGxldGApO1xuICAgIH0gZWxzZSB7XG4gICAgICAvLyB0aGUgYWRkaXRpb25hbCBleHRlcm5hbCBvdXRwdXRzIGNhbiBvbmx5IGJlIEJpdEdvJ3MgcGF5LWFzLXlvdS1nbyBmZWUsIGJ1dCB3ZSBjYW5ub3QgdmVyaWZ5IHRoZSB3YWxsZXQgYWRkcmVzc1xuICAgICAgLy8gdGhlcmUgYXJlIHNvbWUgYWRkcmVzc2VzIHRoYXQgYXJlIG91dHNpZGUgdGhlIHNjb3BlIG9mIGludGVuZGVkIHJlY2lwaWVudHMgdGhhdCBhcmUgbm90IGNoYW5nZSBhZGRyZXNzZXNcbiAgICAgIHRocm93IG5ldyBFcnJvcigncHJlYnVpbGQgYXR0ZW1wdHMgdG8gc3BlbmQgdG8gdW5pbnRlbmRlZCBleHRlcm5hbCByZWNpcGllbnRzJyk7XG4gICAgfVxuICB9XG5cbiAgY29uc3QgYWxsT3V0cHV0cyA9IHBhcnNlZFRyYW5zYWN0aW9uLm91dHB1dHM7XG4gIGlmICghdHhQcmVidWlsZC50eEhleCkge1xuICAgIHRocm93IG5ldyBFcnJvcihgdHhQcmVidWlsZC50eEhleCBub3Qgc2V0YCk7XG4gIH1cbiAgY29uc3QgaW5wdXRzID0gaXNQc2J0XG4gICAgPyBnZXRQc2J0VHhJbnB1dHModHhQcmVidWlsZC50eEhleCwgY29pbi5uZXR3b3JrKS5tYXAoKHYpID0+ICh7XG4gICAgICAgIC4uLnYsXG4gICAgICAgIHZhbHVlOiB1dHhvbGliLmJpdGdvLnRvVE51bWJlcih2LnZhbHVlLCBjb2luLmFtb3VudFR5cGUpLFxuICAgICAgfSkpXG4gICAgOiBhd2FpdCBnZXRUeElucHV0cyh7IHR4UHJlYnVpbGQsIGJpdGdvLCBjb2luLCBkaXNhYmxlTmV0d29ya2luZywgcmVxSWQgfSk7XG4gIC8vIGNvaW5zIChkb2dlKSB0aGF0IGNhbiBleGNlZWQgbnVtYmVyIGxpbWl0cyAoYW5kIHRodXMgd2lsbCB1c2UgYmlnaW50KSB3aWxsIGhhdmUgdGhlIGB2YWx1ZVN0cmluZ2AgZmllbGRcbiAgY29uc3QgaW5wdXRBbW91bnQgPSBpbnB1dHMucmVkdWNlKFxuICAgIChzdW06IGJpZ2ludCwgaSkgPT4gc3VtICsgQmlnSW50KGNvaW4uYW1vdW50VHlwZSA9PT0gJ2JpZ2ludCcgPyBpLnZhbHVlU3RyaW5nIDogaS52YWx1ZSksXG4gICAgQmlnSW50KDApXG4gICk7XG4gIGNvbnN0IG91dHB1dEFtb3VudCA9IGFsbE91dHB1dHMucmVkdWNlKChzdW06IGJpZ2ludCwgbzogT3V0cHV0KSA9PiBzdW0gKyBCaWdJbnQoby5hbW91bnQpLCBCaWdJbnQoMCkpO1xuICBjb25zdCBmZWUgPSBpbnB1dEFtb3VudCAtIG91dHB1dEFtb3VudDtcblxuICBpZiAoZmVlIDwgMCkge1xuICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgIGBhdHRlbXB0aW5nIHRvIHNwZW5kICR7b3V0cHV0QW1vdW50fSBzYXRvc2hpcywgd2hpY2ggZXhjZWVkcyB0aGUgaW5wdXQgYW1vdW50ICgke2lucHV0QW1vdW50fSBzYXRvc2hpcykgYnkgJHstZmVlfWBcbiAgICApO1xuICB9XG5cbiAgcmV0dXJuIHRydWU7XG59XG4iXX0=

Выполнить команду