From 477b2d9bebc161e69d4f6a143577f63c861a7739 Mon Sep 17 00:00:00 2001
From: "Jonny.Chang" <jonny6015@icloud.com>
Date: Fri, 5 Apr 2024 18:40:38 +0800
Subject: [PATCH 1/3] 1.update deps and ver; 2.update example checkout version;
 3. add ZH README.md and superlink

---
 .github/workflows/ssh-example-test.yml |   2 +-
 .node-version                          |   2 +-
 README-zh.md                           |  48 ++++++
 readme.md => README_.md                |   2 +
 action.yml                             |   2 +-
 package-lock.json                      | 210 +++----------------------
 package.json                           |   4 +-
 7 files changed, 75 insertions(+), 195 deletions(-)
 create mode 100644 README-zh.md
 rename readme.md => README_.md (96%)

diff --git a/.github/workflows/ssh-example-test.yml b/.github/workflows/ssh-example-test.yml
index eebbf1b0..79ec74f2 100644
--- a/.github/workflows/ssh-example-test.yml
+++ b/.github/workflows/ssh-example-test.yml
@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: ls -a via OPEN SSH Private Key
         uses: ./
diff --git a/.node-version b/.node-version
index 0ff38047..bc78e9f2 100644
--- a/.node-version
+++ b/.node-version
@@ -1 +1 @@
-16.16.0
\ No newline at end of file
+20.12.1
diff --git a/README-zh.md b/README-zh.md
new file mode 100644
index 00000000..f42a861f
--- /dev/null
+++ b/README-zh.md
@@ -0,0 +1,48 @@
+```markdown
+# GitHub Action SSH
+
+简单的 GitHub Action，用于使用 SSH 在远程服务器上运行命令。这与最新的 [GitHub Actions](https://github.com/features/actions) 兼容。
+
+## ✨ 示例用法
+
+**使用 OpenSSH 加密私钥的示例**
+
+- name: ls -a 通过 ssh
+  uses: garygrossgarten/github-action-ssh@release
+  with:
+    command: ls -a
+    host: ${{ secrets.HOST }}
+    username: garygrossgarten
+    passphrase: ${{ secrets.PASSPHRASE }}
+    privateKey: ${{ secrets.PRIVATE_KEY}}
+
+🔐 在这里设置您的机密: `https://github.com/USERNAME/REPO/settings/secrets`。
+
+查看 [工作流示例](.github/workflows/ssh-example-workflow.yml)，了解 GitHub Actions 中一个简约的 yaml 工作流。
+
+**结果**
+
+![示例 ssh 工作流的结果](result.png)
+
+## 选项
+
+- **host** - _字符串_ - 服务器的主机名或 IP 地址。**默认:** `'localhost'`
+
+- **port** - _整数_ - 服务器的端口号。**默认:** `22`
+
+- **username** - _字符串_ - 用于认证的用户名。**默认:** (无)
+
+- **password** - _字符串_ - 用于基于密码的用户认证的密码。**默认:** (无)
+
+- **privateKey** - _混合类型_ - 包含用于基于密钥或基于主机的用户认证的私钥的 _Buffer_ 或 _字符串_（OpenSSH 格式）。**默认:** (无)
+
+- **passphrase** - _字符串_ - 对于加密的私钥，用于解密的密码。**默认:** (无)
+
+- **tryKeyboard** - _布尔值_ - 如果主要的用户认证方法失败，则尝试键盘交互式用户认证。**默认:** `false`
+
+## 开发
+
+---
+
+这个东西是用 Typescript 和 [ssh2](https://github.com/mscdex/ssh2)（通过 [node-ssh](https://github.com/steelbrain/node-ssh)）构建的。 🚀
+```
\ No newline at end of file
diff --git a/readme.md b/README_.md
similarity index 96%
rename from readme.md
rename to README_.md
index 79561076..1250048f 100644
--- a/readme.md
+++ b/README_.md
@@ -2,6 +2,8 @@
 
 Simple GitHub Action to run a command on a remote server using SSH. This is working with the latest [GitHub Actions](https://github.com/features/actions).
 
+See the [中文文档](README-zh.md) for Chinese readme.
+
 ## ✨ Example Usage
 
 **Example using OpenSSH encrypted private key**
diff --git a/action.yml b/action.yml
index 79248433..79734a64 100644
--- a/action.yml
+++ b/action.yml
@@ -29,7 +29,7 @@ inputs:
     description: "Try keyboard-interactive user authentication if primary user authentication method fails."
     required: false
 runs:
-  using: "node16"
+  using: "node20"
   main: "dist/index.js"
 branding:
   color: "purple"
diff --git a/package-lock.json b/package-lock.json
index 793b6f7f..839bb0d4 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@garygrossgarten/github-action-ssh",
-  "version": "0.6.4",
-  "lockfileVersion": 2,
+  "version": "0.7.0",
+  "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@garygrossgarten/github-action-ssh",
-      "version": "0.6.4",
+      "version": "0.7.0",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.10.0",
@@ -16,7 +16,7 @@
         "github-action-ssh": "dist/index.js"
       },
       "devDependencies": {
-        "@types/node": "^16.11.6",
+        "@types/node": "^20.12.1",
         "@types/ssh2": "^1.11.6",
         "@types/ssh2-streams": "^0.1.9",
         "@vercel/ncc": "^0.34.0",
@@ -42,10 +42,13 @@
       }
     },
     "node_modules/@types/node": {
-      "version": "16.11.65",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.65.tgz",
-      "integrity": "sha512-Vfz7wGMOr4jbQGiQHVJm8VjeQwM9Ya7mHe9LtQ264/Epf5n1KiZShOFqk++nBzw6a/ubgYdB9Od7P+MH/LjoWw==",
-      "dev": true
+      "version": "20.12.4",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.4.tgz",
+      "integrity": "sha512-E+Fa9z3wSQpzgYQdYmme5X3OTuejnnTx88A6p6vkkJosR3KBz+HpE3kqNm98VE6cfLFcISx7zW7MsJkH6KwbTw==",
+      "dev": true,
+      "dependencies": {
+        "undici-types": "~5.26.4"
+      }
     },
     "node_modules/@types/ssh2": {
       "version": "1.11.6",
@@ -200,9 +203,9 @@
       }
     },
     "node_modules/semver": {
-      "version": "6.3.0",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz",
-      "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==",
+      "version": "6.3.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
+      "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==",
       "bin": {
         "semver": "bin/semver.js"
       }
@@ -255,6 +258,12 @@
         "node": ">=4.2.0"
       }
     },
+    "node_modules/undici-types": {
+      "version": "5.26.5",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
+      "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
+      "dev": true
+    },
     "node_modules/uuid": {
       "version": "8.3.2",
       "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
@@ -263,184 +272,5 @@
         "uuid": "dist/bin/uuid"
       }
     }
-  },
-  "dependencies": {
-    "@actions/core": {
-      "version": "1.10.0",
-      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz",
-      "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==",
-      "requires": {
-        "@actions/http-client": "^2.0.1",
-        "uuid": "^8.3.2"
-      }
-    },
-    "@actions/http-client": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.0.1.tgz",
-      "integrity": "sha512-PIXiMVtz6VvyaRsGY268qvj57hXQEpsYogYOu2nrQhlf+XCGmZstmuZBbAybUl1nQGnvS1k1eEsQ69ZoD7xlSw==",
-      "requires": {
-        "tunnel": "^0.0.6"
-      }
-    },
-    "@types/node": {
-      "version": "16.11.65",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.65.tgz",
-      "integrity": "sha512-Vfz7wGMOr4jbQGiQHVJm8VjeQwM9Ya7mHe9LtQ264/Epf5n1KiZShOFqk++nBzw6a/ubgYdB9Od7P+MH/LjoWw==",
-      "dev": true
-    },
-    "@types/ssh2": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@types/ssh2/-/ssh2-1.11.6.tgz",
-      "integrity": "sha512-8Mf6bhzYYBLEB/G6COux7DS/F5bCWwojv/qFo2yH/e4cLzAavJnxvFXrYW59iKfXdhG6OmzJcXDasgOb/s0rxw==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/ssh2-streams": {
-      "version": "0.1.9",
-      "resolved": "https://registry.npmjs.org/@types/ssh2-streams/-/ssh2-streams-0.1.9.tgz",
-      "integrity": "sha512-I2J9jKqfmvXLR5GomDiCoHrEJ58hAOmFrekfFqmCFd+A6gaEStvWnPykoWUwld1PNg4G5ag1LwdA+Lz1doRJqg==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@vercel/ncc": {
-      "version": "0.34.0",
-      "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.34.0.tgz",
-      "integrity": "sha512-G9h5ZLBJ/V57Ou9vz5hI8pda/YQX5HQszCs3AmIus3XzsmRn/0Ptic5otD3xVST8QLKk7AMk7AqpsyQGN7MZ9A==",
-      "dev": true
-    },
-    "asn1": {
-      "version": "0.2.6",
-      "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz",
-      "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==",
-      "requires": {
-        "safer-buffer": "~2.1.0"
-      }
-    },
-    "bcrypt-pbkdf": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz",
-      "integrity": "sha512-qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w==",
-      "requires": {
-        "tweetnacl": "^0.14.3"
-      }
-    },
-    "buildcheck": {
-      "version": "0.0.3",
-      "resolved": "https://registry.npmjs.org/buildcheck/-/buildcheck-0.0.3.tgz",
-      "integrity": "sha512-pziaA+p/wdVImfcbsZLNF32EiWyujlQLwolMqUQE8xpKNOH7KmZQaY8sXN7DGOEzPAElo9QTaeNRfGnf3iOJbA==",
-      "optional": true
-    },
-    "cpu-features": {
-      "version": "0.0.4",
-      "resolved": "https://registry.npmjs.org/cpu-features/-/cpu-features-0.0.4.tgz",
-      "integrity": "sha512-fKiZ/zp1mUwQbnzb9IghXtHtDoTMtNeb8oYGx6kX2SYfhnG0HNdBEBIzB9b5KlXu5DQPhfy3mInbBxFcgwAr3A==",
-      "optional": true,
-      "requires": {
-        "buildcheck": "0.0.3",
-        "nan": "^2.15.0"
-      }
-    },
-    "is-stream": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz",
-      "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg=="
-    },
-    "make-dir": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz",
-      "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==",
-      "requires": {
-        "semver": "^6.0.0"
-      }
-    },
-    "nan": {
-      "version": "2.17.0",
-      "resolved": "https://registry.npmjs.org/nan/-/nan-2.17.0.tgz",
-      "integrity": "sha512-2ZTgtl0nJsO0KQCjEpxcIr5D+Yv90plTitZt9JBfQvVJDS5seMl3FOvsh3+9CoYWXf/1l5OaZzzF6nDm4cagaQ==",
-      "optional": true
-    },
-    "node-ssh": {
-      "version": "13.0.0",
-      "resolved": "https://registry.npmjs.org/node-ssh/-/node-ssh-13.0.0.tgz",
-      "integrity": "sha512-8yfPvuB8z1M5rXFR8Z1Tl0a0M43N64VjZfjXRwOGCcImFphuXhMPniPksf1FkVj9djKbpHvLUMIVS399H9yCSQ==",
-      "requires": {
-        "is-stream": "^2.0.0",
-        "make-dir": "^3.1.0",
-        "sb-promise-queue": "^2.1.0",
-        "sb-scandir": "^3.1.0",
-        "shell-escape": "^0.2.0",
-        "ssh2": "^1.5.0"
-      }
-    },
-    "prettier": {
-      "version": "2.7.1",
-      "resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz",
-      "integrity": "sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g==",
-      "dev": true
-    },
-    "safer-buffer": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
-      "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
-    },
-    "sb-promise-queue": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/sb-promise-queue/-/sb-promise-queue-2.1.0.tgz",
-      "integrity": "sha512-zwq4YuP1FQFkGx2Q7GIkZYZ6PqWpV+bg0nIO1sJhWOyGyhqbj0MsTvK6lCFo5TQwX5pZr6SCQ75e8PCDCuNvkg=="
-    },
-    "sb-scandir": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/sb-scandir/-/sb-scandir-3.1.0.tgz",
-      "integrity": "sha512-70BVm2xz9jn94zSQdpvYrEG101/UV9TVGcfWr9T5iob3QhCK4lYXeculfBqPGFv3XTeKgx4dpWyYIDeZUqo4kg==",
-      "requires": {
-        "sb-promise-queue": "^2.1.0"
-      }
-    },
-    "semver": {
-      "version": "6.3.0",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz",
-      "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw=="
-    },
-    "shell-escape": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/shell-escape/-/shell-escape-0.2.0.tgz",
-      "integrity": "sha1-aP0CXrBJC09WegJ/C/IkgLX4QTM="
-    },
-    "ssh2": {
-      "version": "1.11.0",
-      "resolved": "https://registry.npmjs.org/ssh2/-/ssh2-1.11.0.tgz",
-      "integrity": "sha512-nfg0wZWGSsfUe/IBJkXVll3PEZ//YH2guww+mP88gTpuSU4FtZN7zu9JoeTGOyCNx2dTDtT9fOpWwlzyj4uOOw==",
-      "requires": {
-        "asn1": "^0.2.4",
-        "bcrypt-pbkdf": "^1.0.2",
-        "cpu-features": "~0.0.4",
-        "nan": "^2.16.0"
-      }
-    },
-    "tunnel": {
-      "version": "0.0.6",
-      "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz",
-      "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg=="
-    },
-    "tweetnacl": {
-      "version": "0.14.5",
-      "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz",
-      "integrity": "sha512-KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA=="
-    },
-    "typescript": {
-      "version": "4.8.4",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.4.tgz",
-      "integrity": "sha512-QCh+85mCy+h0IGff8r5XWzOVSbBO+KfeYrMQh7NJ58QujwcE22u+NUSmUxqF+un70P9GXKxa2HCNiTTMJknyjQ==",
-      "dev": true
-    },
-    "uuid": {
-      "version": "8.3.2",
-      "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
-      "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg=="
-    }
   }
 }
diff --git a/package.json b/package.json
index 87032c4c..b36468cb 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@garygrossgarten/github-action-ssh",
-  "version": "0.7.0",
+  "version": "0.8.0",
   "description": "Run commands on a remote server via SSH.",
   "repository": {
     "type": "git",
@@ -31,7 +31,7 @@
     "node-ssh": "^13.0.0"
   },
   "devDependencies": {
-    "@types/node": "^16.11.6",
+    "@types/node": "^20.12.1",
     "@types/ssh2": "^1.11.6",
     "@types/ssh2-streams": "^0.1.9",
     "@vercel/ncc": "^0.34.0",

From 66ced916fac958df0fa0b787bcce043bb89a5d9b Mon Sep 17 00:00:00 2001
From: "Jonny.Chang" <jonny6015@icloud.com>
Date: Fri, 5 Apr 2024 18:50:26 +0800
Subject: [PATCH 2/3] update README

---
 README_.md => README.md | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename README_.md => README.md (100%)

diff --git a/README_.md b/README.md
similarity index 100%
rename from README_.md
rename to README.md

From 4e816082f87a223f33f3e3174d496531660b53cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gary=20Gro=C3=9Fgarten?=
 <8986373+garygrossgarten@users.noreply.github.com>
Date: Thu, 11 Jul 2024 18:49:01 +0200
Subject: [PATCH 3/3] update package-lock.json and pack

---
 dist/build/Release/cpufeatures.node           | Bin 56717 -> 55056 bytes
 dist/index.js                                 |  95 +++++++++++++-----
 dist/index.js.map                             |   2 +-
 .../crypto/build/Release/sshcrypto.node       | Bin 121259 -> 114208 bytes
 package-lock.json                             |   4 +-
 5 files changed, 74 insertions(+), 27 deletions(-)

diff --git a/dist/build/Release/cpufeatures.node b/dist/build/Release/cpufeatures.node
index dbc9809bdb4b55dfd51a86e553bb3ade9abd9137..ce235518db6783a34d66a5813133b2b17d8b07a8 100755
GIT binary patch
delta 4230
zcmbVPYgAO%6+U+^15^z11_5P2q9}@r$V-q>P=i&YVAZ59fgn~QA`;ZPtQqQRjjq&&
z@lYF<bx8~+&LqAHu{Bx+vAzOGP?0W(4r(eSQBizAD^9<C=S;k?R{r#?+4Fth-shZq
z9{Zj-v*UzZa!4*2DlwyfzWb8NOev2YZMei(mgGJs!6ueUHk@PZOmaVvXcI-kd4R`B
zN$!D3Ht%*Dut2_DO7cD+yi0_aw1ykC0o<Z-t#s5pk~D6<{6F%Txf4)BU(J{sa6Yh0
z3w@5UBhVU{AB>%6Y&M{zj<Hy0#$3SXlOH8am<$Z(YaN2L<zF$Dz}qFy*Z}ybeQ`tS
zgJ;DttGDku@~@k^iVczQ>0q{rpf`=H!l@7D^i1X!hhTY+-jO?K$I4P-ET5zuH?j+Z
zqCt*^5z?Tj41<wwyo!NqDvjEv@jP#Gpy7eUO236YmYLa`6*qY?=Jg%4Z@IIv1K0z<
zWdt*}%YNo6XbX_)x07G?GT)MY%(rD<^L2`$-XY)@j?8$vfj!h|*g}i!X>OOj&3ob3
zTdh$R@G|hHXx}I?e{|$y*0AC<nH76n6an_!`o%sT9G$fEI6Q}8G`wR#tVKz1L4wiV
zf*$t-u}lwE)q!3*GFV)P%#5an9cj7s2Mar8cKqVK9ci5n;FH+jtwAi#2iw-H(f9I`
z(J4|cmtq2>GCnLOJnYZtOee9ZAldhOtn@-=y%~!!$6T1Ld*3-xf1F7k9y+UaGS7>N
zk~Z*<Vtl2y`0<z#uP#DEnozkDt0Mjk+>%X;=4%dtwgA()6ziEagA^ixz>bXSxRtCY
z+9K<F7elAOl=)S>oL>TbG{15ORz*A#Mo)?Zs-L2Trl&;HQwD{R!c(k_?~IKf_JP&v
z`-HL5)xd6GE$|_*6?lbr#s<U<K?CK{Ctp6=2|il(Of9QI;*_vzKcj>U!O}O4Lu(qA
z#1rFuH7^)n6c=K+0OvIgtLg&M7%kWb+TD}T7T`UgEp0rJHeN^@Z}Uwh#*D{+eVbBD
zk6%wVJzYHAWKEWg)pABN`LAJ^7(wZGKpnku)w1ys($t!)`MM`Vi~5de=QP69x5?Sm
zCu@w|vc~*GmdrGWdNib2>~dyRmSpZ9A7ZG1OG)cmTUvhxO=*1!Xd9oexzx^4ryN{a
zYw&I08?eii`ZPBh*DYnPzUE-$-)`v1607<M`9*c!fkyi(dmSvGciK)ktuAb%70Icr
zdhs|TzYrg&-;97Vf@EeS-c3D&=YZ3T)VJw1%ybrJJk!*ZF$1flQC7*`84sMI3#Q6H
zRq=Ji{>k5%5^e~Z=C+n{-1+xz3xf6!S!-hSu6ikxSd3aY-@LrLruF24)B76^Bu=|t
zjLA87W%M{7)&KgZ`oTogW{7^g3a0f?pY7;>C=k=)BN9d$D5)|NkyP|fCmM0Cm1J8I
zjhfKnG#cmx?6n&n#WX?93U^fTK`QR5;vOpQqvHN5KHSC)N~a;Jz(^Gzqv8=N9;xEd
zDju)mQ&oJriqBN>*?PmvnaxuL(o}qriodDi%T)X=6<?v^Z>xB|iWl1WL}p+|Chn7s
zU9(P`+-RxA^3KPvQ7>LKhC=))c!=QL;Mi5g-vz!^@O$7#1*g}vQSiIq4+Osh9)P{3
zKHI@F3_{$1*d;g}N%+}ODz$(|;K!93&>8Sh@FwseBn$a3gQp8#2fkDAi{PgPKL>tS
za60-T9Bge3)e!52_y_oI!M_AQFZkcUy9KWTkHm{X4?YT>F8CpEOj7ZG23{fj2f&XD
zz8|~}JgYE!C0m!jDu2xe9+R{um@YPYv?a6OXNdn;cxTcm-X%Fmb(QY=2T6u%alfe(
z*dp+bz%GH$1v*c)b>$^cCvdF5Sb-@5=L=jaaHYT^8yZ-#aQs2whXN}E9uas_;01wK
z1zH5!XV@dO11?`w+yvSbV>m)pC6KXrQK2nX<p-UUglkRf_{wsv%aEPbZoVG+jEt0=
z6<O=@iqh8Q=ge7?ot2lv7I1yFpC?1?&E<LX*RutM7o-x#3K{=P^-#{MEyE(S3UV`Y
z^NVr{^Rx0MMlM{Vw4AZJplIWa_5481aK5Ex48L9D&nH~=cPL?nuknL5LwR3KEZ=k{
zkRQH0ikwUMZ_b<;R8&-iL#{A$s-BlLhB<<+ROm3iz1FMpRPAmJZhjKR!rnvHGnpO9
z!&l4ObPv@x$4D;RR3GW$CbPD+a7|?1{6_uoRa>YoYPCq8YrCYu+vKz4c#8CL1*wap
zC}W<Ej18BHS&PtR&=k*{VvBz-bf~ySk8?u&XN+|e+u{kNdE%u2Ln_#En^XBN8=xzo
zSK!wqaB#^Asz9TOz?c2jPN^8G(i9JcwZN#5o;M&)?I%PlVFSaPuXG?BN(1WPa|)o?
zJ5a}|1AB^44$%PYn(9;gE*KSidv%=J+m;en@1eNQQwMc?+QlG)eTAtRRkN=!tvJ=P
zYl_ojwh=)gm^UC!?d>~4J4Eg6n(9;gvoI>8(LSVK1?s@Qg|wyAK`3{>6g0^0O>pAz
zmqrHL7l(EO7rq~NhZcu)8~^R4_Y7rV_`HBqDY)48)6Q6Ob$sCfT{=K7z{#twzj1*6
zw7)hmOMeG*a_HYd*Z{q9fHn=#bdswF@WTM@j@Ra8d<<i${Tz&C+cfIf%0Z#IzRoYF
z)+R(AGIn`D<8KGVagSnSVG*$LunDk<F#5AM2^IyT|GJd<F)%vg;`rveq(t1gSt{)R
z?m^P=Da{F$`|GDluk<_PcvqtzKUU*b`KV!!B;&~9A2cqjbpATufu~>b=QCUNj#nG;
zXKpb58jqaf_!xswN_N4z6**Z&>k4z;iO65GJcqqedRD(Ub$oB?tns;r-rsX<Yv%PK
zZE=G}|MizWA4lwMUcm3Q>h*0OHw9g~?X@~J<w~4O^_^%_)6H#B74uwf9ZYH1eZBRo
zO>NJ*8$;gJz6cNh(~TY1T$kLBy120<DrjHJiS*XJ=g#oeZJE0J=f4Tn1rEONl{RbZ
z=zxIW8g0R^99^Gfte<;+%k$nJ{!5jTUnwkfJY}+&zL}mdF0Z$~q%Z6f^Q2chuYUMD
w&%3vC57+8{k>nAQK6hEpm!m$t|HnM*=AIg#{GV$!{@Z8OC+|LuDaR!L2Vm4NJOBUy

literal 56717
zcmeHQ4RlmRmags&kO*SbhTz{29rWlb-RUIcXOOW&rvm{DF$tJub)GNXFG)kEyXl`m
z#9gx^jySC6Bxltfe|84vtRrciGvJ0<**`Ptac~%2aUEqw$4$_2GKy|I{=pn$_Pg)Z
zOI~*pIG{W3IeQ;e-+QZW-MaPFt$JO>spdca_}=Gpgs=%bxkzUrwa*aZ_HI2(oCo<Z
zSVd{_H#b4Ze!N*3Qicg(Cel!pq_#ClobhDa3okM9KbvV#lI>DgCpn_qDk@4MnQBRl
zXJy-KzuG9e!RUq{*=jFW+C$&<$FQfgYvGs{M^3iAXO<ay?b05}R(oQSe}P0Y9*VRX
z)h5}y>KdcqPFZfsQp~iCOhrjWwuB-<B@}6m>T>3IJR$9^lm<x7@Xs_XDUItelA=^s
zHB~9TwRMfg=z68XG}M7&N@P19Nm1IOmSLUN9_i|j*QhTgLBoBKDS#?UN0d4lN-C|X
zNMMq^e6OKQu}Tlg<d6B}nT({F{j?NzOWrGKmTc`OX(&oqRT5ntEzz(NOU9*NvM!Ns
zgC|V&r#sWHS;$;yl<1#|5>%7wM20aA6Y_Ak!JFervbCQRng&PxBwa;WQ(L#%UtMd?
z)d8bicqNtcT@rK(XBpDE!X@ZQ5pe^?_~wI>-Dc22(5;|@nApwF3b6+=#lZqfKNn&>
zX#4XhKU0X=;Omj-DV2%*FGsTC05Rj)`b#0?)Xm7h01~zH{?k2&@`g(KzxVkgKYY7-
zU91>+g-Avp(5hpO&Kp>LX8$vkjmI8%n(x#<vPHg&0w;Q76Yf+Z?hc1qC<U&((&cdl
zyTI!D6&8I*aN#8V#;!zC>u@cXRmiHi42jy!1ujIdkTT&!55Z6Q^{)xBOm~EG`C$YY
z0Y-okU<4QeMt~7u1Q-EEfDvE>7y(9r5nu!u0Y-okU<4QeMt~7u1Q-EEfDvE>7y(9r
z5nu!u0Y-okU<4QeMt~7u1Q-EEfDvE>7=f=Efw9|chmI-szE7@q^nJ88r*CxIjJ{Ey
zt@lHRNPl1xcmE#gBk=P?_e)M8oJS!S?6UX119}YkgI^cDLyiUMpF$o4CH*1FcR15W
z9P`s}IttRirZVX50o^xK^gj85_@K}(ng$)`riUE!(hniuJ2qB22>t=^pP>FrphKu{
z7u^jG(S6QAnJ+#Y+qWP58)IVy)W+yGKm4wS|GvIs%JM$+r+2`iyfXGQ^~-_$9F(I^
z+h+ESqKx|WFQ~s4iTd>f=#XFJFD!KY%501L{1|24b433z+8<U#<?a{mYG{A{$MIo@
z*ni-?yBdaH0AC`WfZRK_P*hU=^{Yhlb2Td~L!ziW4|w4&h4Z;rR_O8-u!DOZ&gXt)
z$hDAjNq*aq?}VH~a_h><+POvLeN=ACOMeRcc3Z*0K~NiP5<bI<w=(Y{aqc^AZ{KR$
z?485*+@06h#OAGgcieyd-oLw_?AXMPhWnt4Yb2!$9R=?W3ehCS{;L8wmmgSFxHET|
zcmK+<E#(EXL~ph|;NN>d+H8l-+P(MQKV;84X!>!p?!!Rk4son(c$W8g?x^ygyYs|8
z&FY)Od;Hzm-u>iPVDFCet6+oh{d4Hh`0kn|`iV#X(t`ntp@Q_KkOx86gHFWIJjBra
z^hzp&-a^n}WuUShZ4aW24UktLU0flGtYe6F^)cL)Bl?M7f<*0J4Qg#O7c#Y337XyJ
zl~jf{?V#;;^wZ`&o>wJ$e_$6M+<DHO_g_Ksnd129wi?8kAF)=A81(fa_VgIc&GSCq
zgE&1C^&_COL7xWA1APtj6(Q~(^Vtr4a=jh(9f(oPKZg;c=RoHnkBC|ObO!P$W^bAy
z`o$l{^q8fX0In}BhAoQO9OzI#DPCy)yo>xnP#f}%{>@AO7I_9QdJz|TJ<>l29+RN|
zLr|-YCn1xK5m2MvxtQBdjLW?A5xq?G?gt&+R*io6fCJ{C&%odX<o^nN#TBZ%-vQlK
zVb}fs7%@8Luw#zqKz|16VSa9#)i(<4K6KdAA3JPm^5I3)qdu?C75zq^oavt;kLEu0
z{Sojqo>hpghrmCBq_0c28SB!cy6%GX&p-{|3(|L+Jal$}*W&^FPVleJq;{NGm*%Jc
z3Gxvg%YyX9u>XC?h@<|85DTQ!2^sbKO&$2ta1Zi^a*XwabdDgl-o!eGtC$U!BF#ja
z1;1}4J>9nGC7#wL>fc82v@VWrTLDaJfQ=t9Row@y^q4aHeFWG~Wp}E2L0}z*-CqFz
zF$cw)4YuvT8!`8^(APw#@E-4;yZl)0h;l4<uXk&1RsMAg{bDn%TbEya;C!MXu`7->
z>5QEFyf+VEJ()LBb!@ZVk9p}5P+E7$Kf-D~<PIc?$!?lEr(o9^t2*`<x?N`)chbh~
z624x@z^ae1+GW4ymC<cJ^kq44ssctv%#Ch)67xv(;-at~YeNeRdYhE(i@F=u!Vb-?
zJr~-Wg?-^G#P?YEn1!#m@I@9r-@=bvFk$CK3%|$0_gMItg|D~pMHW8a!jGJ9v2Wq`
zSoj_bAG7fF7QV>B=Ue!Z^DOo){2mM6W8q^KzTUzYNxmM}8CM}51Rmm7fWJiY)!_Y-
zuLA!a$$u04Udb;7kGZec#a&0|e@h-$u$?6~BOmuHof{?Z2LG>;zY4q^_ZO*M+;Mb1
zC3)O`bdE^=>);pRLMG`Hg7-@v@#fqv`SZc=m3#sCUrV082NfdNsqWd}+a*62{9Tft
z4Sv7m={^5D$>XA?a}hqME?jZ`JNQFq8EfLmiYNOh4(oG;9+RYV9COw$^*;fBujD@j
z|0sAh9%vV-$fihiOGLDW)wYCa(~`dWb+vRS+vRd6;sJLHE@|W1w<{13fmo_lQ<JH<
zmJoH?77<Y+N~j|i);hFEQcZ@U5yexCyUt-(yXaKIDb1A#-K<@HMd8)U3Tx|{lxwS+
z3opB@@Dk%9d0{ddEeuB^ZI@tp^gFH>5`)J|(N95l=Sx8;h2&*g;sGh{v)XX)6oWU-
z^Lphp1)R+YFanGKBftnS0*nA7zz8q`i~u9R2rvSS03*N%FanGKBftnS0*nA7zz8q`
zi~u9R2rvSS03*N%FanGKBftnS0*nA7zz8q`i~u9R2rvSS03*N%FanGKBftnS0*nA7
zzz8q`i~u9R2rvTwYY3SCul<Y5j3!=}bXd}lBo+9<2zus7x<JxJk`_sNwWKR0ZIbjR
zNyCzEm2|tLJ(4~s>268;B^{9Tmy#ZqH1`_AFZ0tW<w8l{l6q$OjV2@MDyesr{*!OZ
zb3>M0OA)h-03*N%FanGKBftnS0*nA7zz8q`i~u9R2rvSS03*N%FanGKBftnS0*nA7
zzz8q`i~u9R2rvSS03*N%FanGKBftnS0*nA7zz8q`i~u9R2rvSS03*N%FanGKBftnS
z0*nA7zz8q`jKG(Uz}Xk)Uw4VP>Ab2&UqjV(LY(bYlnudfeW$oCe!#Zt*qD55J?EgL
zT5DBP;bcQ9qOFMr)UYNtiym*VD;!i3$yAHd5{d-1xabjLS~Ic-aq&&BvO-H%sqsL2
zS!s=?CR1@O;g6&`>eLPmCgQo%YOGhoDP1KWD$0hs;?4?>XQdhmhPB2(G^TlqeQ_An
zj4XeBU87PFiX^poL=BhMCZb`K`8%kM1ydXFdGt!-x};h-wQ9A;-$})nPg7iM6c<et
zm#%Hus0ETuT1Si=@p$UAEwzzEQjG*OKU`g+Lt6{3+!uw{Ta$jjpPHzc)<&_XQA^g!
z9@d1kaL^Y`MUwsyRr5|;tpqJ+b~K}TPgzYW5=e%k5z|-c$jS+elT<t&jH+4hgx#q>
zftAUg)z@@3tcH8VMW%6|8V<LpflalM)+nL1L=OwNXlb>vR3WiSA%)7uP+LTgGw6hn
z;i&|`iDWz#NJit!wRW{L6pd4DPibQ)sQFu4X`H%Zn!lc!uJoBr>%-AJ?tgKSKM_!4
zYD-v#oF0W`dM4`Xk#^Hbw5JNW_K7;{D?G(bQ9UyJ9kFDW5mm8qg)$?kJZ0H|pm%g4
zq{cy_$k>`)y|}0`9NmHe%!nl;jJj>v+LH%~jP97M2cIls0wgVgUDxQ*2WQ-|#w7}w
z>9Lq;OvXczHhrSh#G@VSlC2e)VOzgCK%+(u8M^wQ>Cyka2|MO=_7tIqzEnJ}VT$OJ
zch?k3<r7NgG}Lu>Pv}<ow;GGeWF)YFq7!>8y5<5@vP7;x)Rj7|Q;RofYH)2N+|?LU
z1DY|8#_IHhtiBox+<03ODBb>mO<%9;8j~f8;_(!>sEJSjOEJM!t3%=mw5xF?8COHe
zL~THy8kLwgSiBMPl;K~Z#nl9sLp@4gw9zuJsELFYPb%?bgnDt<$m~!Po8nmcDQl2C
zi$sH((h&`&!kQA-+Cm9{fkNZ4VPO`tgxw>qDh)+KNm`^Q!cc}Qnimh-guP^i7J(Z{
zttPCtB{11M#erB#X_apU&ywudgm}QF4`Tf~n*CT9O6t_ebV~!ZY_1Jrm(3xLZWIpj
zOc)<WH%oVqZai$;J!8Z+=Og=DHslS@5MnNv*DDQ$88e0Wnyp(5OL-?`D!*Z=QT|&g
zd#^U+g|kqe2Rq${?2__`l$Syd8b$i&&Mf&}$gRRAcKoC^KnmoO3m@Sny1JO1E5ss;
zTm^Z%QKWyiWyud`$xmg;WPcITVQGWpI(%4VYQMV7P<R>jseMyE3w^b=zavX_oRL|+
zB}*R5l6TC`)c-t7CjZFa-FCwtlF47IO#Yg`>$7l<;jbxsAzS@5?Tr}bbiB!)RVI68
zJTysrrfk+nw*HVz^{q11H{)lstZ&L@{UkAXh){j2O!dup`&8C9<=Qi+?$2AgwF!Gx
zne3VI+JpKuo~8^|$M^EA`lkF6^e@90oAFHgLHdvn4a-@O&G?|7ks{fQ--MLS@wgi@
zia!U@pFQ}r%Fi3J9Bm<nvdS-nvQ@t-OWu$rC$i+dS@MxA*@c#oHSS*|OTOHZSzezd
z|5cWJUzYq*mV7)*K0hbZ{)R01fh>7{mi$JR?7;eF?a$IId7U9c#dv<8%iZJhBS!i7
zc<jrPe`d(zc)glcUJkSLlUv_Fq9v4;O^Olvxi0$YEiY0P(sCppQZ<qvsRn5U(n_RS
zq*X|(k=7txi&TfS7O5Ty+ZoY-)QHrCL`(NNq_3jwLV@?8@x|lR-&s`k)L)UPb>cVg
ziS}R9lo>m(sWyUW?R58HQ&pYxb$BWzeeX480qwfXg45e?O;daNoz^rJCVw@=H`R$R
zLR0UtOk1bByPCHCWN-eD?W?5cC*4t<P;a{6DV|~%B@LbW{wcHKv^%FvwaNIKVJaOc
zIpw{Q*}!RUlB9uYc1PKzQ*Mi-()b=_ayPLbGL=qsBSiJ4-T_g`m$UVOCH>GVbMFIb
zeA6@aZfDZb7YwZ__Ka_b6l`P6U5tSMZB$A^9kKEnl};VHYV}of(nR<B4Gd3q>QS6=
z>;cI*JZdb{&pmv!wJy#)_|V6}^kPkMiFu}B9;aL%S7R|P?#HGI8>i{^RM@po?5WV{
z(|onL0?}~L<$+H+lCgNG6T3iiaZS10S_=0%Y(^9AHZ|VmuEu^jj1#`NyDgM#Pqi!t
zh&Z2GoJh30E!)wA8@Mkvfp@p0LgAp><#H$D0k@z-O6-qafxwq$x<LzT*hIUdEgM})
zHQuHr$$|0qsadntD0S{M-sbQge<Nyyl7avVYaKYhP^tThr&tL^!mjp=4y_5b#0fK>
z8fe!NIy{Tpx?*lmnG1i5+@VMyoC<1sfxEK;wKLo3P`g?*rL;tvmhhSV0D7lC?803Y
zi-kitgn;)6cXI$I2`+@4TR&-uBomf_uE!y1Yc$@Ga9^ti);2b~=+u-lEIN(VtH+BI
z!A<T|B0k=|z?E0JJ3VgWP~<CUSdr&3f6AtnKoX~x6c2xLoN;&*Zi~h-J3HL1m}yF=
z^(*otgySeW<#KPqil&hCl{ga7wq#8#{KJWUaGjW#x0p&N{;r-mHDMEdp;hw#-Mhy6
zHaNu<Zn62z!@%wfzp^avDC{bY=Z|m984$uwTUm3j>_i^+$@VLR9h-1F{s<95YDS`G
zt`M))7uv^<ij3T8KfU86mRF36UVdU}V%34A6@B*|{M+9QMDO^U?|*cWc2(EYTOU08
z_{%qa_UZcVKfd*`$D5<i{-Jds=hZ`pHrdxU&ltO<|CXC?|INScTzThJkDRRhj$4~%
z{k3~oJ@4$}t<QY>vCsao`giHaZA*JsUHaxdgP-2`a`7jL_iudg7iZP)EP4B_vi0Bk
zmRhjjM;l*z?5+L%b4&KcYfonXi<bZ7(%SD<KDX)69Yx<BTYJVbb@Z0t!24qdMQOvE
z@Bcov=Nn(t{>kdU<K4F*|BZ{D?Qhabciz7Ju{pPX=bpdZdO_vt+3!8oI{(R`oe$5y
n{U3h#?#pGi+b%tN=HdHm9xeIWdA|AU{yF!%fA3p##?Su;K(DlK

diff --git a/dist/index.js b/dist/index.js
index 514257c5..fef1a847 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -3517,8 +3517,11 @@ var MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER ||
 // Max safe segment length for coercion.
 var MAX_SAFE_COMPONENT_LENGTH = 16
 
+var MAX_SAFE_BUILD_LENGTH = MAX_LENGTH - 6
+
 // The actual regexps go on exports.re
 var re = exports.re = []
+var safeRe = exports.safeRe = []
 var src = exports.src = []
 var t = exports.tokens = {}
 var R = 0
@@ -3527,6 +3530,31 @@ function tok (n) {
   t[n] = R++
 }
 
+var LETTERDASHNUMBER = '[a-zA-Z0-9-]'
+
+// Replace some greedy regex tokens to prevent regex dos issues. These regex are
+// used internally via the safeRe object since all inputs in this library get
+// normalized first to trim and collapse all extra whitespace. The original
+// regexes are exported for userland consumption and lower level usage. A
+// future breaking change could export the safer regex only with a note that
+// all input should have extra whitespace removed.
+var safeRegexReplacements = [
+  ['\\s', 1],
+  ['\\d', MAX_LENGTH],
+  [LETTERDASHNUMBER, MAX_SAFE_BUILD_LENGTH],
+]
+
+function makeSafeRe (value) {
+  for (var i = 0; i < safeRegexReplacements.length; i++) {
+    var token = safeRegexReplacements[i][0]
+    var max = safeRegexReplacements[i][1]
+    value = value
+      .split(token + '*').join(token + '{0,' + max + '}')
+      .split(token + '+').join(token + '{1,' + max + '}')
+  }
+  return value
+}
+
 // The following Regular Expressions can be used for tokenizing,
 // validating, and parsing SemVer version strings.
 
@@ -3536,14 +3564,14 @@ function tok (n) {
 tok('NUMERICIDENTIFIER')
 src[t.NUMERICIDENTIFIER] = '0|[1-9]\\d*'
 tok('NUMERICIDENTIFIERLOOSE')
-src[t.NUMERICIDENTIFIERLOOSE] = '[0-9]+'
+src[t.NUMERICIDENTIFIERLOOSE] = '\\d+'
 
 // ## Non-numeric Identifier
 // Zero or more digits, followed by a letter or hyphen, and then zero or
 // more letters, digits, or hyphens.
 
 tok('NONNUMERICIDENTIFIER')
-src[t.NONNUMERICIDENTIFIER] = '\\d*[a-zA-Z-][a-zA-Z0-9-]*'
+src[t.NONNUMERICIDENTIFIER] = '\\d*[a-zA-Z-]' + LETTERDASHNUMBER + '*'
 
 // ## Main Version
 // Three dot-separated numeric identifiers.
@@ -3585,7 +3613,7 @@ src[t.PRERELEASELOOSE] = '(?:-?(' + src[t.PRERELEASEIDENTIFIERLOOSE] +
 // Any combination of digits, letters, or hyphens.
 
 tok('BUILDIDENTIFIER')
-src[t.BUILDIDENTIFIER] = '[0-9A-Za-z-]+'
+src[t.BUILDIDENTIFIER] = LETTERDASHNUMBER + '+'
 
 // ## Build Metadata
 // Plus sign, followed by one or more period-separated build metadata
@@ -3665,6 +3693,7 @@ src[t.COERCE] = '(^|[^\\d])' +
               '(?:$|[^\\d])'
 tok('COERCERTL')
 re[t.COERCERTL] = new RegExp(src[t.COERCE], 'g')
+safeRe[t.COERCERTL] = new RegExp(makeSafeRe(src[t.COERCE]), 'g')
 
 // Tilde ranges.
 // Meaning is "reasonably at or greater than"
@@ -3674,6 +3703,7 @@ src[t.LONETILDE] = '(?:~>?)'
 tok('TILDETRIM')
 src[t.TILDETRIM] = '(\\s*)' + src[t.LONETILDE] + '\\s+'
 re[t.TILDETRIM] = new RegExp(src[t.TILDETRIM], 'g')
+safeRe[t.TILDETRIM] = new RegExp(makeSafeRe(src[t.TILDETRIM]), 'g')
 var tildeTrimReplace = '$1~'
 
 tok('TILDE')
@@ -3689,6 +3719,7 @@ src[t.LONECARET] = '(?:\\^)'
 tok('CARETTRIM')
 src[t.CARETTRIM] = '(\\s*)' + src[t.LONECARET] + '\\s+'
 re[t.CARETTRIM] = new RegExp(src[t.CARETTRIM], 'g')
+safeRe[t.CARETTRIM] = new RegExp(makeSafeRe(src[t.CARETTRIM]), 'g')
 var caretTrimReplace = '$1^'
 
 tok('CARET')
@@ -3710,6 +3741,7 @@ src[t.COMPARATORTRIM] = '(\\s*)' + src[t.GTLT] +
 
 // this one has to use the /g flag
 re[t.COMPARATORTRIM] = new RegExp(src[t.COMPARATORTRIM], 'g')
+safeRe[t.COMPARATORTRIM] = new RegExp(makeSafeRe(src[t.COMPARATORTRIM]), 'g')
 var comparatorTrimReplace = '$1$2$3'
 
 // Something like `1.2.3 - 1.2.4`
@@ -3738,6 +3770,14 @@ for (var i = 0; i < R; i++) {
   debug(i, src[i])
   if (!re[i]) {
     re[i] = new RegExp(src[i])
+
+    // Replace all greedy whitespace to prevent regex dos issues. These regex are
+    // used internally via the safeRe object since all inputs in this library get
+    // normalized first to trim and collapse all extra whitespace. The original
+    // regexes are exported for userland consumption and lower level usage. A
+    // future breaking change could export the safer regex only with a note that
+    // all input should have extra whitespace removed.
+    safeRe[i] = new RegExp(makeSafeRe(src[i]))
   }
 }
 
@@ -3762,7 +3802,7 @@ function parse (version, options) {
     return null
   }
 
-  var r = options.loose ? re[t.LOOSE] : re[t.FULL]
+  var r = options.loose ? safeRe[t.LOOSE] : safeRe[t.FULL]
   if (!r.test(version)) {
     return null
   }
@@ -3817,7 +3857,7 @@ function SemVer (version, options) {
   this.options = options
   this.loose = !!options.loose
 
-  var m = version.trim().match(options.loose ? re[t.LOOSE] : re[t.FULL])
+  var m = version.trim().match(options.loose ? safeRe[t.LOOSE] : safeRe[t.FULL])
 
   if (!m) {
     throw new TypeError('Invalid Version: ' + version)
@@ -4262,6 +4302,7 @@ function Comparator (comp, options) {
     return new Comparator(comp, options)
   }
 
+  comp = comp.trim().split(/\s+/).join(' ')
   debug('comparator', comp, options)
   this.options = options
   this.loose = !!options.loose
@@ -4278,7 +4319,7 @@ function Comparator (comp, options) {
 
 var ANY = {}
 Comparator.prototype.parse = function (comp) {
-  var r = this.options.loose ? re[t.COMPARATORLOOSE] : re[t.COMPARATOR]
+  var r = this.options.loose ? safeRe[t.COMPARATORLOOSE] : safeRe[t.COMPARATOR]
   var m = comp.match(r)
 
   if (!m) {
@@ -4402,9 +4443,16 @@ function Range (range, options) {
   this.loose = !!options.loose
   this.includePrerelease = !!options.includePrerelease
 
-  // First, split based on boolean or ||
+  // First reduce all whitespace as much as possible so we do not have to rely
+  // on potentially slow regexes like \s*. This is then stored and used for
+  // future error messages as well.
   this.raw = range
-  this.set = range.split(/\s*\|\|\s*/).map(function (range) {
+    .trim()
+    .split(/\s+/)
+    .join(' ')
+
+  // First, split based on boolean or ||
+  this.set = this.raw.split('||').map(function (range) {
     return this.parseRange(range.trim())
   }, this).filter(function (c) {
     // throw out any that are not relevant for whatever reason
@@ -4412,7 +4460,7 @@ function Range (range, options) {
   })
 
   if (!this.set.length) {
-    throw new TypeError('Invalid SemVer Range: ' + range)
+    throw new TypeError('Invalid SemVer Range: ' + this.raw)
   }
 
   this.format()
@@ -4431,20 +4479,19 @@ Range.prototype.toString = function () {
 
 Range.prototype.parseRange = function (range) {
   var loose = this.options.loose
-  range = range.trim()
   // `1.2.3 - 1.2.4` => `>=1.2.3 <=1.2.4`
-  var hr = loose ? re[t.HYPHENRANGELOOSE] : re[t.HYPHENRANGE]
+  var hr = loose ? safeRe[t.HYPHENRANGELOOSE] : safeRe[t.HYPHENRANGE]
   range = range.replace(hr, hyphenReplace)
   debug('hyphen replace', range)
   // `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5`
-  range = range.replace(re[t.COMPARATORTRIM], comparatorTrimReplace)
-  debug('comparator trim', range, re[t.COMPARATORTRIM])
+  range = range.replace(safeRe[t.COMPARATORTRIM], comparatorTrimReplace)
+  debug('comparator trim', range, safeRe[t.COMPARATORTRIM])
 
   // `~ 1.2.3` => `~1.2.3`
-  range = range.replace(re[t.TILDETRIM], tildeTrimReplace)
+  range = range.replace(safeRe[t.TILDETRIM], tildeTrimReplace)
 
   // `^ 1.2.3` => `^1.2.3`
-  range = range.replace(re[t.CARETTRIM], caretTrimReplace)
+  range = range.replace(safeRe[t.CARETTRIM], caretTrimReplace)
 
   // normalize spaces
   range = range.split(/\s+/).join(' ')
@@ -4452,7 +4499,7 @@ Range.prototype.parseRange = function (range) {
   // At this point, the range is completely trimmed and
   // ready to be split into comparators.
 
-  var compRe = loose ? re[t.COMPARATORLOOSE] : re[t.COMPARATOR]
+  var compRe = loose ? safeRe[t.COMPARATORLOOSE] : safeRe[t.COMPARATOR]
   var set = range.split(' ').map(function (comp) {
     return parseComparator(comp, this.options)
   }, this).join(' ').split(/\s+/)
@@ -4552,7 +4599,7 @@ function replaceTildes (comp, options) {
 }
 
 function replaceTilde (comp, options) {
-  var r = options.loose ? re[t.TILDELOOSE] : re[t.TILDE]
+  var r = options.loose ? safeRe[t.TILDELOOSE] : safeRe[t.TILDE]
   return comp.replace(r, function (_, M, m, p, pr) {
     debug('tilde', comp, _, M, m, p, pr)
     var ret
@@ -4593,7 +4640,7 @@ function replaceCarets (comp, options) {
 
 function replaceCaret (comp, options) {
   debug('caret', comp, options)
-  var r = options.loose ? re[t.CARETLOOSE] : re[t.CARET]
+  var r = options.loose ? safeRe[t.CARETLOOSE] : safeRe[t.CARET]
   return comp.replace(r, function (_, M, m, p, pr) {
     debug('caret', comp, _, M, m, p, pr)
     var ret
@@ -4652,7 +4699,7 @@ function replaceXRanges (comp, options) {
 
 function replaceXRange (comp, options) {
   comp = comp.trim()
-  var r = options.loose ? re[t.XRANGELOOSE] : re[t.XRANGE]
+  var r = options.loose ? safeRe[t.XRANGELOOSE] : safeRe[t.XRANGE]
   return comp.replace(r, function (ret, gtlt, M, m, p, pr) {
     debug('xRange', comp, ret, gtlt, M, m, p, pr)
     var xM = isX(M)
@@ -4727,7 +4774,7 @@ function replaceXRange (comp, options) {
 function replaceStars (comp, options) {
   debug('replaceStars', comp, options)
   // Looseness is ignored here.  star is always as loose as it gets!
-  return comp.trim().replace(re[t.STAR], '')
+  return comp.trim().replace(safeRe[t.STAR], '')
 }
 
 // This function is passed to string.replace(re[t.HYPHENRANGE])
@@ -5053,7 +5100,7 @@ function coerce (version, options) {
 
   var match = null
   if (!options.rtl) {
-    match = version.match(re[t.COERCE])
+    match = version.match(safeRe[t.COERCE])
   } else {
     // Find the right-most coercible string that does not share
     // a terminus with a more left-ward coercible string.
@@ -5064,17 +5111,17 @@ function coerce (version, options) {
     // Stop when we get a match that ends at the string end, since no
     // coercible string can be more right-ward without the same terminus.
     var next
-    while ((next = re[t.COERCERTL].exec(version)) &&
+    while ((next = safeRe[t.COERCERTL].exec(version)) &&
       (!match || match.index + match[0].length !== version.length)
     ) {
       if (!match ||
           next.index + next[0].length !== match.index + match[0].length) {
         match = next
       }
-      re[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length
+      safeRe[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length
     }
     // leave it in a clean state
-    re[t.COERCERTL].lastIndex = -1
+    safeRe[t.COERCERTL].lastIndex = -1
   }
 
   if (match === null) {
diff --git a/dist/index.js.map b/dist/index.js.map
index 0af3f58d..e65737ac 100644
--- a/dist/index.js.map
+++ b/dist/index.js.map
@@ -1 +1 @@
-{"version":3,"file":"index.js","mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACTA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC3FA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC/UA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1RA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5lBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;AC5DA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACrQA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACnCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5TA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3iBA;AACA;AACA;AACA;AACA;;;;;;;;;ACJA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3JA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC3jDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtSA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuKA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkDA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACzNA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC79DA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5hEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvxHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACjkDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7rCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtyDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC18CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AClHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC9PA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACt1CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC/UA;;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvQA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACn1EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC9EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACPA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACPA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1GA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC7EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACpCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;ACpBA;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACjoBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;;;;;;;AC5KA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AC7BA;AACA;;;;AEDA;AACA;AACA;AACA","sources":["../webpack://@garygrossgarten/github-action-ssh/./lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./lib/keyboard.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/command.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/core.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/file-command.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/oidc-utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/path-utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/summary.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/http-client/lib/auth.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/http-client/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/http-client/lib/proxy.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/errors.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/reader.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/types.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/writer.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/bcrypt-pbkdf/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/cpu-features/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/is-stream/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/make-dir/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/safer-buffer/safer.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/semver/semver.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/shell-escape/shell-escape.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/Channel.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/agent.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/client.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/http-agents.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/Protocol.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/SFTP.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/constants.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/crypto.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/crypto/poly1305.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/handlers.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/handlers.misc.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/kex.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/keyParser.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/node-fs-compat.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/zlib.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/server.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/tunnel/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/tunnel/lib/tunnel.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/tweetnacl/nacl-fast.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/md5.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/nil.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/parse.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/regex.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/rng.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/sha1.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/stringify.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v1.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v3.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v35.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v4.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v5.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/validate.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/version.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/cpu-features/build/Release/cpufeatures.node","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/crypto/build/Release/sshcrypto.node","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"assert\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"buffer\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"child_process\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"crypto\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"dns\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"events\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"fs\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"http\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"https\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"net\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"os\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"path\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"stream\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"tls\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"util\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"zlib\"","../webpack://@garygrossgarten/github-action-ssh/./node_modules/node-ssh/lib/cjs/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/sb-promise-queue/lib/cjs/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/sb-scandir/lib/cjs/index.js","../webpack://@garygrossgarten/github-action-ssh/webpack/bootstrap","../webpack://@garygrossgarten/github-action-ssh/webpack/runtime/compat","../webpack://@garygrossgarten/github-action-ssh/webpack/before-startup","../webpack://@garygrossgarten/github-action-ssh/webpack/startup","../webpack://@garygrossgarten/github-action-ssh/webpack/after-startup"],"sourcesContent":["\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    var desc = Object.getOwnPropertyDescriptor(m, k);\n    if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n      desc = { enumerable: true, get: function() { return m[k]; } };\n    }\n    Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nconst core = __importStar(require(\"@actions/core\"));\nconst node_ssh_1 = require(\"node-ssh\");\nconst keyboard_1 = require(\"./keyboard\");\nfunction run() {\n    return __awaiter(this, void 0, void 0, function* () {\n        const command = core.getInput('command');\n        const host = core.getInput('host') || 'localhost';\n        const username = core.getInput('username');\n        const port = +core.getInput('port') || 22;\n        const privateKey = core.getInput('privateKey');\n        const password = core.getInput('password');\n        const passphrase = core.getInput('passphrase');\n        const tryKeyboard = !!core.getInput('tryKeyboard');\n        try {\n            const ssh = yield connect(host, username, port, privateKey, password, passphrase, tryKeyboard);\n            yield executeCommand(ssh, command);\n            ssh.dispose();\n        }\n        catch (err) {\n            core.setFailed(err);\n        }\n    });\n}\nfunction connect(host = 'localhost', username, port = 22, privateKey, password, passphrase, tryKeyboard) {\n    return __awaiter(this, void 0, void 0, function* () {\n        const ssh = new node_ssh_1.NodeSSH();\n        console.log(`Establishing a SSH connection to ${host}.`);\n        try {\n            const config = {\n                host: host,\n                port: port,\n                username: username,\n                password: password,\n                passphrase: passphrase,\n                tryKeyboard: tryKeyboard,\n                onKeyboardInteractive: tryKeyboard ? (0, keyboard_1.keyboardFunction)(password) : null\n            };\n            if (privateKey) {\n                console.log('using provided private key');\n                config.privateKey = privateKey;\n            }\n            yield ssh.connect(config);\n            console.log(`🤝 Connected to ${host}.`);\n        }\n        catch (err) {\n            console.error(`⚠️ The GitHub Action couldn't connect to ${host}.`, err);\n            core.setFailed(err.message);\n        }\n        return ssh;\n    });\n}\nfunction executeCommand(ssh, command) {\n    var _a;\n    return __awaiter(this, void 0, void 0, function* () {\n        console.log(`Executing command: ${command}`);\n        try {\n            const { code } = yield ssh.exec(command, [], {\n                stream: 'both',\n                onStdout(chunk) {\n                    console.log(chunk.toString('utf8'));\n                },\n                onStderr(chunk) {\n                    console.log(chunk.toString('utf8'));\n                }\n            });\n            if (code > 0) {\n                throw Error(`Command exited with code ${code}`);\n            }\n            console.log('✅ SSH Action finished.');\n            if (ssh.isConnected()) {\n                ssh.dispose();\n            }\n        }\n        catch (err) {\n            console.error(`⚠️ An error happened executing command ${command}.`, (_a = err === null || err === void 0 ? void 0 : err.message) !== null && _a !== void 0 ? _a : err);\n            core.setFailed(err.message);\n            process.abort();\n        }\n    });\n}\nprocess.on('uncaughtException', (err) => {\n    if (err['code'] !== 'ECONNRESET')\n        throw err;\n});\nrun();\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.keyboardFunction = void 0;\nconst keyboardFunction = password => (name, instructions, instructionsLang, prompts, finish) => {\n    if (prompts.length > 0 &&\n        prompts[0].prompt.toLowerCase().includes(\"password\")) {\n        finish([password]);\n    }\n};\nexports.keyboardFunction = keyboardFunction;\n","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.issue = exports.issueCommand = void 0;\nconst os = __importStar(require(\"os\"));\nconst utils_1 = require(\"./utils\");\n/**\n * Commands\n *\n * Command Format:\n *   ::name key=value,key=value::message\n *\n * Examples:\n *   ::warning::This is the message\n *   ::set-env name=MY_VAR::some value\n */\nfunction issueCommand(command, properties, message) {\n    const cmd = new Command(command, properties, message);\n    process.stdout.write(cmd.toString() + os.EOL);\n}\nexports.issueCommand = issueCommand;\nfunction issue(name, message = '') {\n    issueCommand(name, {}, message);\n}\nexports.issue = issue;\nconst CMD_STRING = '::';\nclass Command {\n    constructor(command, properties, message) {\n        if (!command) {\n            command = 'missing.command';\n        }\n        this.command = command;\n        this.properties = properties;\n        this.message = message;\n    }\n    toString() {\n        let cmdStr = CMD_STRING + this.command;\n        if (this.properties && Object.keys(this.properties).length > 0) {\n            cmdStr += ' ';\n            let first = true;\n            for (const key in this.properties) {\n                if (this.properties.hasOwnProperty(key)) {\n                    const val = this.properties[key];\n                    if (val) {\n                        if (first) {\n                            first = false;\n                        }\n                        else {\n                            cmdStr += ',';\n                        }\n                        cmdStr += `${key}=${escapeProperty(val)}`;\n                    }\n                }\n            }\n        }\n        cmdStr += `${CMD_STRING}${escapeData(this.message)}`;\n        return cmdStr;\n    }\n}\nfunction escapeData(s) {\n    return utils_1.toCommandValue(s)\n        .replace(/%/g, '%25')\n        .replace(/\\r/g, '%0D')\n        .replace(/\\n/g, '%0A');\n}\nfunction escapeProperty(s) {\n    return utils_1.toCommandValue(s)\n        .replace(/%/g, '%25')\n        .replace(/\\r/g, '%0D')\n        .replace(/\\n/g, '%0A')\n        .replace(/:/g, '%3A')\n        .replace(/,/g, '%2C');\n}\n//# sourceMappingURL=command.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.getIDToken = exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0;\nconst command_1 = require(\"./command\");\nconst file_command_1 = require(\"./file-command\");\nconst utils_1 = require(\"./utils\");\nconst os = __importStar(require(\"os\"));\nconst path = __importStar(require(\"path\"));\nconst oidc_utils_1 = require(\"./oidc-utils\");\n/**\n * The code to exit an action\n */\nvar ExitCode;\n(function (ExitCode) {\n    /**\n     * A code indicating that the action was successful\n     */\n    ExitCode[ExitCode[\"Success\"] = 0] = \"Success\";\n    /**\n     * A code indicating that the action was a failure\n     */\n    ExitCode[ExitCode[\"Failure\"] = 1] = \"Failure\";\n})(ExitCode = exports.ExitCode || (exports.ExitCode = {}));\n//-----------------------------------------------------------------------\n// Variables\n//-----------------------------------------------------------------------\n/**\n * Sets env variable for this action and future actions in the job\n * @param name the name of the variable to set\n * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction exportVariable(name, val) {\n    const convertedVal = utils_1.toCommandValue(val);\n    process.env[name] = convertedVal;\n    const filePath = process.env['GITHUB_ENV'] || '';\n    if (filePath) {\n        return file_command_1.issueFileCommand('ENV', file_command_1.prepareKeyValueMessage(name, val));\n    }\n    command_1.issueCommand('set-env', { name }, convertedVal);\n}\nexports.exportVariable = exportVariable;\n/**\n * Registers a secret which will get masked from logs\n * @param secret value of the secret\n */\nfunction setSecret(secret) {\n    command_1.issueCommand('add-mask', {}, secret);\n}\nexports.setSecret = setSecret;\n/**\n * Prepends inputPath to the PATH (for this action and future actions)\n * @param inputPath\n */\nfunction addPath(inputPath) {\n    const filePath = process.env['GITHUB_PATH'] || '';\n    if (filePath) {\n        file_command_1.issueFileCommand('PATH', inputPath);\n    }\n    else {\n        command_1.issueCommand('add-path', {}, inputPath);\n    }\n    process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`;\n}\nexports.addPath = addPath;\n/**\n * Gets the value of an input.\n * Unless trimWhitespace is set to false in InputOptions, the value is also trimmed.\n * Returns an empty string if the value is not defined.\n *\n * @param     name     name of the input to get\n * @param     options  optional. See InputOptions.\n * @returns   string\n */\nfunction getInput(name, options) {\n    const val = process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] || '';\n    if (options && options.required && !val) {\n        throw new Error(`Input required and not supplied: ${name}`);\n    }\n    if (options && options.trimWhitespace === false) {\n        return val;\n    }\n    return val.trim();\n}\nexports.getInput = getInput;\n/**\n * Gets the values of an multiline input.  Each value is also trimmed.\n *\n * @param     name     name of the input to get\n * @param     options  optional. See InputOptions.\n * @returns   string[]\n *\n */\nfunction getMultilineInput(name, options) {\n    const inputs = getInput(name, options)\n        .split('\\n')\n        .filter(x => x !== '');\n    if (options && options.trimWhitespace === false) {\n        return inputs;\n    }\n    return inputs.map(input => input.trim());\n}\nexports.getMultilineInput = getMultilineInput;\n/**\n * Gets the input value of the boolean type in the YAML 1.2 \"core schema\" specification.\n * Support boolean input list: `true | True | TRUE | false | False | FALSE` .\n * The return value is also in boolean type.\n * ref: https://yaml.org/spec/1.2/spec.html#id2804923\n *\n * @param     name     name of the input to get\n * @param     options  optional. See InputOptions.\n * @returns   boolean\n */\nfunction getBooleanInput(name, options) {\n    const trueValue = ['true', 'True', 'TRUE'];\n    const falseValue = ['false', 'False', 'FALSE'];\n    const val = getInput(name, options);\n    if (trueValue.includes(val))\n        return true;\n    if (falseValue.includes(val))\n        return false;\n    throw new TypeError(`Input does not meet YAML 1.2 \"Core Schema\" specification: ${name}\\n` +\n        `Support boolean input list: \\`true | True | TRUE | false | False | FALSE\\``);\n}\nexports.getBooleanInput = getBooleanInput;\n/**\n * Sets the value of an output.\n *\n * @param     name     name of the output to set\n * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction setOutput(name, value) {\n    const filePath = process.env['GITHUB_OUTPUT'] || '';\n    if (filePath) {\n        return file_command_1.issueFileCommand('OUTPUT', file_command_1.prepareKeyValueMessage(name, value));\n    }\n    process.stdout.write(os.EOL);\n    command_1.issueCommand('set-output', { name }, utils_1.toCommandValue(value));\n}\nexports.setOutput = setOutput;\n/**\n * Enables or disables the echoing of commands into stdout for the rest of the step.\n * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set.\n *\n */\nfunction setCommandEcho(enabled) {\n    command_1.issue('echo', enabled ? 'on' : 'off');\n}\nexports.setCommandEcho = setCommandEcho;\n//-----------------------------------------------------------------------\n// Results\n//-----------------------------------------------------------------------\n/**\n * Sets the action status to failed.\n * When the action exits it will be with an exit code of 1\n * @param message add error issue message\n */\nfunction setFailed(message) {\n    process.exitCode = ExitCode.Failure;\n    error(message);\n}\nexports.setFailed = setFailed;\n//-----------------------------------------------------------------------\n// Logging Commands\n//-----------------------------------------------------------------------\n/**\n * Gets whether Actions Step Debug is on or not\n */\nfunction isDebug() {\n    return process.env['RUNNER_DEBUG'] === '1';\n}\nexports.isDebug = isDebug;\n/**\n * Writes debug message to user log\n * @param message debug message\n */\nfunction debug(message) {\n    command_1.issueCommand('debug', {}, message);\n}\nexports.debug = debug;\n/**\n * Adds an error issue\n * @param message error issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction error(message, properties = {}) {\n    command_1.issueCommand('error', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message);\n}\nexports.error = error;\n/**\n * Adds a warning issue\n * @param message warning issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction warning(message, properties = {}) {\n    command_1.issueCommand('warning', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message);\n}\nexports.warning = warning;\n/**\n * Adds a notice issue\n * @param message notice issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction notice(message, properties = {}) {\n    command_1.issueCommand('notice', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message);\n}\nexports.notice = notice;\n/**\n * Writes info to log with console.log.\n * @param message info message\n */\nfunction info(message) {\n    process.stdout.write(message + os.EOL);\n}\nexports.info = info;\n/**\n * Begin an output group.\n *\n * Output until the next `groupEnd` will be foldable in this group\n *\n * @param name The name of the output group\n */\nfunction startGroup(name) {\n    command_1.issue('group', name);\n}\nexports.startGroup = startGroup;\n/**\n * End an output group.\n */\nfunction endGroup() {\n    command_1.issue('endgroup');\n}\nexports.endGroup = endGroup;\n/**\n * Wrap an asynchronous function call in a group.\n *\n * Returns the same type as the function itself.\n *\n * @param name The name of the group\n * @param fn The function to wrap in the group\n */\nfunction group(name, fn) {\n    return __awaiter(this, void 0, void 0, function* () {\n        startGroup(name);\n        let result;\n        try {\n            result = yield fn();\n        }\n        finally {\n            endGroup();\n        }\n        return result;\n    });\n}\nexports.group = group;\n//-----------------------------------------------------------------------\n// Wrapper action state\n//-----------------------------------------------------------------------\n/**\n * Saves state for current action, the state can only be retrieved by this action's post job execution.\n *\n * @param     name     name of the state to store\n * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction saveState(name, value) {\n    const filePath = process.env['GITHUB_STATE'] || '';\n    if (filePath) {\n        return file_command_1.issueFileCommand('STATE', file_command_1.prepareKeyValueMessage(name, value));\n    }\n    command_1.issueCommand('save-state', { name }, utils_1.toCommandValue(value));\n}\nexports.saveState = saveState;\n/**\n * Gets the value of an state set by this action's main execution.\n *\n * @param     name     name of the state to get\n * @returns   string\n */\nfunction getState(name) {\n    return process.env[`STATE_${name}`] || '';\n}\nexports.getState = getState;\nfunction getIDToken(aud) {\n    return __awaiter(this, void 0, void 0, function* () {\n        return yield oidc_utils_1.OidcClient.getIDToken(aud);\n    });\n}\nexports.getIDToken = getIDToken;\n/**\n * Summary exports\n */\nvar summary_1 = require(\"./summary\");\nObject.defineProperty(exports, \"summary\", { enumerable: true, get: function () { return summary_1.summary; } });\n/**\n * @deprecated use core.summary\n */\nvar summary_2 = require(\"./summary\");\nObject.defineProperty(exports, \"markdownSummary\", { enumerable: true, get: function () { return summary_2.markdownSummary; } });\n/**\n * Path exports\n */\nvar path_utils_1 = require(\"./path-utils\");\nObject.defineProperty(exports, \"toPosixPath\", { enumerable: true, get: function () { return path_utils_1.toPosixPath; } });\nObject.defineProperty(exports, \"toWin32Path\", { enumerable: true, get: function () { return path_utils_1.toWin32Path; } });\nObject.defineProperty(exports, \"toPlatformPath\", { enumerable: true, get: function () { return path_utils_1.toPlatformPath; } });\n//# sourceMappingURL=core.js.map","\"use strict\";\n// For internal use, subject to change.\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.prepareKeyValueMessage = exports.issueFileCommand = void 0;\n// We use any as a valid input type\n/* eslint-disable @typescript-eslint/no-explicit-any */\nconst fs = __importStar(require(\"fs\"));\nconst os = __importStar(require(\"os\"));\nconst uuid_1 = require(\"uuid\");\nconst utils_1 = require(\"./utils\");\nfunction issueFileCommand(command, message) {\n    const filePath = process.env[`GITHUB_${command}`];\n    if (!filePath) {\n        throw new Error(`Unable to find environment variable for file command ${command}`);\n    }\n    if (!fs.existsSync(filePath)) {\n        throw new Error(`Missing file at path: ${filePath}`);\n    }\n    fs.appendFileSync(filePath, `${utils_1.toCommandValue(message)}${os.EOL}`, {\n        encoding: 'utf8'\n    });\n}\nexports.issueFileCommand = issueFileCommand;\nfunction prepareKeyValueMessage(key, value) {\n    const delimiter = `ghadelimiter_${uuid_1.v4()}`;\n    const convertedValue = utils_1.toCommandValue(value);\n    // These should realistically never happen, but just in case someone finds a\n    // way to exploit uuid generation let's not allow keys or values that contain\n    // the delimiter.\n    if (key.includes(delimiter)) {\n        throw new Error(`Unexpected input: name should not contain the delimiter \"${delimiter}\"`);\n    }\n    if (convertedValue.includes(delimiter)) {\n        throw new Error(`Unexpected input: value should not contain the delimiter \"${delimiter}\"`);\n    }\n    return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`;\n}\nexports.prepareKeyValueMessage = prepareKeyValueMessage;\n//# sourceMappingURL=file-command.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.OidcClient = void 0;\nconst http_client_1 = require(\"@actions/http-client\");\nconst auth_1 = require(\"@actions/http-client/lib/auth\");\nconst core_1 = require(\"./core\");\nclass OidcClient {\n    static createHttpClient(allowRetry = true, maxRetry = 10) {\n        const requestOptions = {\n            allowRetries: allowRetry,\n            maxRetries: maxRetry\n        };\n        return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions);\n    }\n    static getRequestToken() {\n        const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'];\n        if (!token) {\n            throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable');\n        }\n        return token;\n    }\n    static getIDTokenUrl() {\n        const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL'];\n        if (!runtimeUrl) {\n            throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable');\n        }\n        return runtimeUrl;\n    }\n    static getCall(id_token_url) {\n        var _a;\n        return __awaiter(this, void 0, void 0, function* () {\n            const httpclient = OidcClient.createHttpClient();\n            const res = yield httpclient\n                .getJson(id_token_url)\n                .catch(error => {\n                throw new Error(`Failed to get ID Token. \\n \n        Error Code : ${error.statusCode}\\n \n        Error Message: ${error.result.message}`);\n            });\n            const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value;\n            if (!id_token) {\n                throw new Error('Response json body do not have ID Token field');\n            }\n            return id_token;\n        });\n    }\n    static getIDToken(audience) {\n        return __awaiter(this, void 0, void 0, function* () {\n            try {\n                // New ID Token is requested from action service\n                let id_token_url = OidcClient.getIDTokenUrl();\n                if (audience) {\n                    const encodedAudience = encodeURIComponent(audience);\n                    id_token_url = `${id_token_url}&audience=${encodedAudience}`;\n                }\n                core_1.debug(`ID token url is ${id_token_url}`);\n                const id_token = yield OidcClient.getCall(id_token_url);\n                core_1.setSecret(id_token);\n                return id_token;\n            }\n            catch (error) {\n                throw new Error(`Error message: ${error.message}`);\n            }\n        });\n    }\n}\nexports.OidcClient = OidcClient;\n//# sourceMappingURL=oidc-utils.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = void 0;\nconst path = __importStar(require(\"path\"));\n/**\n * toPosixPath converts the given path to the posix form. On Windows, \\\\ will be\n * replaced with /.\n *\n * @param pth. Path to transform.\n * @return string Posix path.\n */\nfunction toPosixPath(pth) {\n    return pth.replace(/[\\\\]/g, '/');\n}\nexports.toPosixPath = toPosixPath;\n/**\n * toWin32Path converts the given path to the win32 form. On Linux, / will be\n * replaced with \\\\.\n *\n * @param pth. Path to transform.\n * @return string Win32 path.\n */\nfunction toWin32Path(pth) {\n    return pth.replace(/[/]/g, '\\\\');\n}\nexports.toWin32Path = toWin32Path;\n/**\n * toPlatformPath converts the given path to a platform-specific path. It does\n * this by replacing instances of / and \\ with the platform-specific path\n * separator.\n *\n * @param pth The path to platformize.\n * @return string The platform-specific path.\n */\nfunction toPlatformPath(pth) {\n    return pth.replace(/[/\\\\]/g, path.sep);\n}\nexports.toPlatformPath = toPlatformPath;\n//# sourceMappingURL=path-utils.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.summary = exports.markdownSummary = exports.SUMMARY_DOCS_URL = exports.SUMMARY_ENV_VAR = void 0;\nconst os_1 = require(\"os\");\nconst fs_1 = require(\"fs\");\nconst { access, appendFile, writeFile } = fs_1.promises;\nexports.SUMMARY_ENV_VAR = 'GITHUB_STEP_SUMMARY';\nexports.SUMMARY_DOCS_URL = 'https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary';\nclass Summary {\n    constructor() {\n        this._buffer = '';\n    }\n    /**\n     * Finds the summary file path from the environment, rejects if env var is not found or file does not exist\n     * Also checks r/w permissions.\n     *\n     * @returns step summary file path\n     */\n    filePath() {\n        return __awaiter(this, void 0, void 0, function* () {\n            if (this._filePath) {\n                return this._filePath;\n            }\n            const pathFromEnv = process.env[exports.SUMMARY_ENV_VAR];\n            if (!pathFromEnv) {\n                throw new Error(`Unable to find environment variable for $${exports.SUMMARY_ENV_VAR}. Check if your runtime environment supports job summaries.`);\n            }\n            try {\n                yield access(pathFromEnv, fs_1.constants.R_OK | fs_1.constants.W_OK);\n            }\n            catch (_a) {\n                throw new Error(`Unable to access summary file: '${pathFromEnv}'. Check if the file has correct read/write permissions.`);\n            }\n            this._filePath = pathFromEnv;\n            return this._filePath;\n        });\n    }\n    /**\n     * Wraps content in an HTML tag, adding any HTML attributes\n     *\n     * @param {string} tag HTML tag to wrap\n     * @param {string | null} content content within the tag\n     * @param {[attribute: string]: string} attrs key-value list of HTML attributes to add\n     *\n     * @returns {string} content wrapped in HTML element\n     */\n    wrap(tag, content, attrs = {}) {\n        const htmlAttrs = Object.entries(attrs)\n            .map(([key, value]) => ` ${key}=\"${value}\"`)\n            .join('');\n        if (!content) {\n            return `<${tag}${htmlAttrs}>`;\n        }\n        return `<${tag}${htmlAttrs}>${content}</${tag}>`;\n    }\n    /**\n     * Writes text in the buffer to the summary buffer file and empties buffer. Will append by default.\n     *\n     * @param {SummaryWriteOptions} [options] (optional) options for write operation\n     *\n     * @returns {Promise<Summary>} summary instance\n     */\n    write(options) {\n        return __awaiter(this, void 0, void 0, function* () {\n            const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite);\n            const filePath = yield this.filePath();\n            const writeFunc = overwrite ? writeFile : appendFile;\n            yield writeFunc(filePath, this._buffer, { encoding: 'utf8' });\n            return this.emptyBuffer();\n        });\n    }\n    /**\n     * Clears the summary buffer and wipes the summary file\n     *\n     * @returns {Summary} summary instance\n     */\n    clear() {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.emptyBuffer().write({ overwrite: true });\n        });\n    }\n    /**\n     * Returns the current summary buffer as a string\n     *\n     * @returns {string} string of summary buffer\n     */\n    stringify() {\n        return this._buffer;\n    }\n    /**\n     * If the summary buffer is empty\n     *\n     * @returns {boolen} true if the buffer is empty\n     */\n    isEmptyBuffer() {\n        return this._buffer.length === 0;\n    }\n    /**\n     * Resets the summary buffer without writing to summary file\n     *\n     * @returns {Summary} summary instance\n     */\n    emptyBuffer() {\n        this._buffer = '';\n        return this;\n    }\n    /**\n     * Adds raw text to the summary buffer\n     *\n     * @param {string} text content to add\n     * @param {boolean} [addEOL=false] (optional) append an EOL to the raw text (default: false)\n     *\n     * @returns {Summary} summary instance\n     */\n    addRaw(text, addEOL = false) {\n        this._buffer += text;\n        return addEOL ? this.addEOL() : this;\n    }\n    /**\n     * Adds the operating system-specific end-of-line marker to the buffer\n     *\n     * @returns {Summary} summary instance\n     */\n    addEOL() {\n        return this.addRaw(os_1.EOL);\n    }\n    /**\n     * Adds an HTML codeblock to the summary buffer\n     *\n     * @param {string} code content to render within fenced code block\n     * @param {string} lang (optional) language to syntax highlight code\n     *\n     * @returns {Summary} summary instance\n     */\n    addCodeBlock(code, lang) {\n        const attrs = Object.assign({}, (lang && { lang }));\n        const element = this.wrap('pre', this.wrap('code', code), attrs);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML list to the summary buffer\n     *\n     * @param {string[]} items list of items to render\n     * @param {boolean} [ordered=false] (optional) if the rendered list should be ordered or not (default: false)\n     *\n     * @returns {Summary} summary instance\n     */\n    addList(items, ordered = false) {\n        const tag = ordered ? 'ol' : 'ul';\n        const listItems = items.map(item => this.wrap('li', item)).join('');\n        const element = this.wrap(tag, listItems);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML table to the summary buffer\n     *\n     * @param {SummaryTableCell[]} rows table rows\n     *\n     * @returns {Summary} summary instance\n     */\n    addTable(rows) {\n        const tableBody = rows\n            .map(row => {\n            const cells = row\n                .map(cell => {\n                if (typeof cell === 'string') {\n                    return this.wrap('td', cell);\n                }\n                const { header, data, colspan, rowspan } = cell;\n                const tag = header ? 'th' : 'td';\n                const attrs = Object.assign(Object.assign({}, (colspan && { colspan })), (rowspan && { rowspan }));\n                return this.wrap(tag, data, attrs);\n            })\n                .join('');\n            return this.wrap('tr', cells);\n        })\n            .join('');\n        const element = this.wrap('table', tableBody);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds a collapsable HTML details element to the summary buffer\n     *\n     * @param {string} label text for the closed state\n     * @param {string} content collapsable content\n     *\n     * @returns {Summary} summary instance\n     */\n    addDetails(label, content) {\n        const element = this.wrap('details', this.wrap('summary', label) + content);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML image tag to the summary buffer\n     *\n     * @param {string} src path to the image you to embed\n     * @param {string} alt text description of the image\n     * @param {SummaryImageOptions} options (optional) addition image attributes\n     *\n     * @returns {Summary} summary instance\n     */\n    addImage(src, alt, options) {\n        const { width, height } = options || {};\n        const attrs = Object.assign(Object.assign({}, (width && { width })), (height && { height }));\n        const element = this.wrap('img', null, Object.assign({ src, alt }, attrs));\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML section heading element\n     *\n     * @param {string} text heading text\n     * @param {number | string} [level=1] (optional) the heading level, default: 1\n     *\n     * @returns {Summary} summary instance\n     */\n    addHeading(text, level) {\n        const tag = `h${level}`;\n        const allowedTag = ['h1', 'h2', 'h3', 'h4', 'h5', 'h6'].includes(tag)\n            ? tag\n            : 'h1';\n        const element = this.wrap(allowedTag, text);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML thematic break (<hr>) to the summary buffer\n     *\n     * @returns {Summary} summary instance\n     */\n    addSeparator() {\n        const element = this.wrap('hr', null);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML line break (<br>) to the summary buffer\n     *\n     * @returns {Summary} summary instance\n     */\n    addBreak() {\n        const element = this.wrap('br', null);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML blockquote to the summary buffer\n     *\n     * @param {string} text quote text\n     * @param {string} cite (optional) citation url\n     *\n     * @returns {Summary} summary instance\n     */\n    addQuote(text, cite) {\n        const attrs = Object.assign({}, (cite && { cite }));\n        const element = this.wrap('blockquote', text, attrs);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML anchor tag to the summary buffer\n     *\n     * @param {string} text link text/content\n     * @param {string} href hyperlink\n     *\n     * @returns {Summary} summary instance\n     */\n    addLink(text, href) {\n        const element = this.wrap('a', text, { href });\n        return this.addRaw(element).addEOL();\n    }\n}\nconst _summary = new Summary();\n/**\n * @deprecated use `core.summary`\n */\nexports.markdownSummary = _summary;\nexports.summary = _summary;\n//# sourceMappingURL=summary.js.map","\"use strict\";\n// We use any as a valid input type\n/* eslint-disable @typescript-eslint/no-explicit-any */\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.toCommandProperties = exports.toCommandValue = void 0;\n/**\n * Sanitizes an input into a string so it can be passed into issueCommand safely\n * @param input input to sanitize into a string\n */\nfunction toCommandValue(input) {\n    if (input === null || input === undefined) {\n        return '';\n    }\n    else if (typeof input === 'string' || input instanceof String) {\n        return input;\n    }\n    return JSON.stringify(input);\n}\nexports.toCommandValue = toCommandValue;\n/**\n *\n * @param annotationProperties\n * @returns The command properties to send with the actual annotation command\n * See IssueCommandProperties: https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionCommandManager.cs#L646\n */\nfunction toCommandProperties(annotationProperties) {\n    if (!Object.keys(annotationProperties).length) {\n        return {};\n    }\n    return {\n        title: annotationProperties.title,\n        file: annotationProperties.file,\n        line: annotationProperties.startLine,\n        endLine: annotationProperties.endLine,\n        col: annotationProperties.startColumn,\n        endColumn: annotationProperties.endColumn\n    };\n}\nexports.toCommandProperties = toCommandProperties;\n//# sourceMappingURL=utils.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.PersonalAccessTokenCredentialHandler = exports.BearerCredentialHandler = exports.BasicCredentialHandler = void 0;\nclass BasicCredentialHandler {\n    constructor(username, password) {\n        this.username = username;\n        this.password = password;\n    }\n    prepareRequest(options) {\n        if (!options.headers) {\n            throw Error('The request has no headers');\n        }\n        options.headers['Authorization'] = `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`;\n    }\n    // This handler cannot handle 401\n    canHandleAuthentication() {\n        return false;\n    }\n    handleAuthentication() {\n        return __awaiter(this, void 0, void 0, function* () {\n            throw new Error('not implemented');\n        });\n    }\n}\nexports.BasicCredentialHandler = BasicCredentialHandler;\nclass BearerCredentialHandler {\n    constructor(token) {\n        this.token = token;\n    }\n    // currently implements pre-authorization\n    // TODO: support preAuth = false where it hooks on 401\n    prepareRequest(options) {\n        if (!options.headers) {\n            throw Error('The request has no headers');\n        }\n        options.headers['Authorization'] = `Bearer ${this.token}`;\n    }\n    // This handler cannot handle 401\n    canHandleAuthentication() {\n        return false;\n    }\n    handleAuthentication() {\n        return __awaiter(this, void 0, void 0, function* () {\n            throw new Error('not implemented');\n        });\n    }\n}\nexports.BearerCredentialHandler = BearerCredentialHandler;\nclass PersonalAccessTokenCredentialHandler {\n    constructor(token) {\n        this.token = token;\n    }\n    // currently implements pre-authorization\n    // TODO: support preAuth = false where it hooks on 401\n    prepareRequest(options) {\n        if (!options.headers) {\n            throw Error('The request has no headers');\n        }\n        options.headers['Authorization'] = `Basic ${Buffer.from(`PAT:${this.token}`).toString('base64')}`;\n    }\n    // This handler cannot handle 401\n    canHandleAuthentication() {\n        return false;\n    }\n    handleAuthentication() {\n        return __awaiter(this, void 0, void 0, function* () {\n            throw new Error('not implemented');\n        });\n    }\n}\nexports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHandler;\n//# sourceMappingURL=auth.js.map","\"use strict\";\n/* eslint-disable @typescript-eslint/no-explicit-any */\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.HttpClient = exports.isHttps = exports.HttpClientResponse = exports.HttpClientError = exports.getProxyUrl = exports.MediaTypes = exports.Headers = exports.HttpCodes = void 0;\nconst http = __importStar(require(\"http\"));\nconst https = __importStar(require(\"https\"));\nconst pm = __importStar(require(\"./proxy\"));\nconst tunnel = __importStar(require(\"tunnel\"));\nvar HttpCodes;\n(function (HttpCodes) {\n    HttpCodes[HttpCodes[\"OK\"] = 200] = \"OK\";\n    HttpCodes[HttpCodes[\"MultipleChoices\"] = 300] = \"MultipleChoices\";\n    HttpCodes[HttpCodes[\"MovedPermanently\"] = 301] = \"MovedPermanently\";\n    HttpCodes[HttpCodes[\"ResourceMoved\"] = 302] = \"ResourceMoved\";\n    HttpCodes[HttpCodes[\"SeeOther\"] = 303] = \"SeeOther\";\n    HttpCodes[HttpCodes[\"NotModified\"] = 304] = \"NotModified\";\n    HttpCodes[HttpCodes[\"UseProxy\"] = 305] = \"UseProxy\";\n    HttpCodes[HttpCodes[\"SwitchProxy\"] = 306] = \"SwitchProxy\";\n    HttpCodes[HttpCodes[\"TemporaryRedirect\"] = 307] = \"TemporaryRedirect\";\n    HttpCodes[HttpCodes[\"PermanentRedirect\"] = 308] = \"PermanentRedirect\";\n    HttpCodes[HttpCodes[\"BadRequest\"] = 400] = \"BadRequest\";\n    HttpCodes[HttpCodes[\"Unauthorized\"] = 401] = \"Unauthorized\";\n    HttpCodes[HttpCodes[\"PaymentRequired\"] = 402] = \"PaymentRequired\";\n    HttpCodes[HttpCodes[\"Forbidden\"] = 403] = \"Forbidden\";\n    HttpCodes[HttpCodes[\"NotFound\"] = 404] = \"NotFound\";\n    HttpCodes[HttpCodes[\"MethodNotAllowed\"] = 405] = \"MethodNotAllowed\";\n    HttpCodes[HttpCodes[\"NotAcceptable\"] = 406] = \"NotAcceptable\";\n    HttpCodes[HttpCodes[\"ProxyAuthenticationRequired\"] = 407] = \"ProxyAuthenticationRequired\";\n    HttpCodes[HttpCodes[\"RequestTimeout\"] = 408] = \"RequestTimeout\";\n    HttpCodes[HttpCodes[\"Conflict\"] = 409] = \"Conflict\";\n    HttpCodes[HttpCodes[\"Gone\"] = 410] = \"Gone\";\n    HttpCodes[HttpCodes[\"TooManyRequests\"] = 429] = \"TooManyRequests\";\n    HttpCodes[HttpCodes[\"InternalServerError\"] = 500] = \"InternalServerError\";\n    HttpCodes[HttpCodes[\"NotImplemented\"] = 501] = \"NotImplemented\";\n    HttpCodes[HttpCodes[\"BadGateway\"] = 502] = \"BadGateway\";\n    HttpCodes[HttpCodes[\"ServiceUnavailable\"] = 503] = \"ServiceUnavailable\";\n    HttpCodes[HttpCodes[\"GatewayTimeout\"] = 504] = \"GatewayTimeout\";\n})(HttpCodes = exports.HttpCodes || (exports.HttpCodes = {}));\nvar Headers;\n(function (Headers) {\n    Headers[\"Accept\"] = \"accept\";\n    Headers[\"ContentType\"] = \"content-type\";\n})(Headers = exports.Headers || (exports.Headers = {}));\nvar MediaTypes;\n(function (MediaTypes) {\n    MediaTypes[\"ApplicationJson\"] = \"application/json\";\n})(MediaTypes = exports.MediaTypes || (exports.MediaTypes = {}));\n/**\n * Returns the proxy URL, depending upon the supplied url and proxy environment variables.\n * @param serverUrl  The server URL where the request will be sent. For example, https://api.github.com\n */\nfunction getProxyUrl(serverUrl) {\n    const proxyUrl = pm.getProxyUrl(new URL(serverUrl));\n    return proxyUrl ? proxyUrl.href : '';\n}\nexports.getProxyUrl = getProxyUrl;\nconst HttpRedirectCodes = [\n    HttpCodes.MovedPermanently,\n    HttpCodes.ResourceMoved,\n    HttpCodes.SeeOther,\n    HttpCodes.TemporaryRedirect,\n    HttpCodes.PermanentRedirect\n];\nconst HttpResponseRetryCodes = [\n    HttpCodes.BadGateway,\n    HttpCodes.ServiceUnavailable,\n    HttpCodes.GatewayTimeout\n];\nconst RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD'];\nconst ExponentialBackoffCeiling = 10;\nconst ExponentialBackoffTimeSlice = 5;\nclass HttpClientError extends Error {\n    constructor(message, statusCode) {\n        super(message);\n        this.name = 'HttpClientError';\n        this.statusCode = statusCode;\n        Object.setPrototypeOf(this, HttpClientError.prototype);\n    }\n}\nexports.HttpClientError = HttpClientError;\nclass HttpClientResponse {\n    constructor(message) {\n        this.message = message;\n    }\n    readBody() {\n        return __awaiter(this, void 0, void 0, function* () {\n            return new Promise((resolve) => __awaiter(this, void 0, void 0, function* () {\n                let output = Buffer.alloc(0);\n                this.message.on('data', (chunk) => {\n                    output = Buffer.concat([output, chunk]);\n                });\n                this.message.on('end', () => {\n                    resolve(output.toString());\n                });\n            }));\n        });\n    }\n}\nexports.HttpClientResponse = HttpClientResponse;\nfunction isHttps(requestUrl) {\n    const parsedUrl = new URL(requestUrl);\n    return parsedUrl.protocol === 'https:';\n}\nexports.isHttps = isHttps;\nclass HttpClient {\n    constructor(userAgent, handlers, requestOptions) {\n        this._ignoreSslError = false;\n        this._allowRedirects = true;\n        this._allowRedirectDowngrade = false;\n        this._maxRedirects = 50;\n        this._allowRetries = false;\n        this._maxRetries = 1;\n        this._keepAlive = false;\n        this._disposed = false;\n        this.userAgent = userAgent;\n        this.handlers = handlers || [];\n        this.requestOptions = requestOptions;\n        if (requestOptions) {\n            if (requestOptions.ignoreSslError != null) {\n                this._ignoreSslError = requestOptions.ignoreSslError;\n            }\n            this._socketTimeout = requestOptions.socketTimeout;\n            if (requestOptions.allowRedirects != null) {\n                this._allowRedirects = requestOptions.allowRedirects;\n            }\n            if (requestOptions.allowRedirectDowngrade != null) {\n                this._allowRedirectDowngrade = requestOptions.allowRedirectDowngrade;\n            }\n            if (requestOptions.maxRedirects != null) {\n                this._maxRedirects = Math.max(requestOptions.maxRedirects, 0);\n            }\n            if (requestOptions.keepAlive != null) {\n                this._keepAlive = requestOptions.keepAlive;\n            }\n            if (requestOptions.allowRetries != null) {\n                this._allowRetries = requestOptions.allowRetries;\n            }\n            if (requestOptions.maxRetries != null) {\n                this._maxRetries = requestOptions.maxRetries;\n            }\n        }\n    }\n    options(requestUrl, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('OPTIONS', requestUrl, null, additionalHeaders || {});\n        });\n    }\n    get(requestUrl, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('GET', requestUrl, null, additionalHeaders || {});\n        });\n    }\n    del(requestUrl, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('DELETE', requestUrl, null, additionalHeaders || {});\n        });\n    }\n    post(requestUrl, data, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('POST', requestUrl, data, additionalHeaders || {});\n        });\n    }\n    patch(requestUrl, data, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('PATCH', requestUrl, data, additionalHeaders || {});\n        });\n    }\n    put(requestUrl, data, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('PUT', requestUrl, data, additionalHeaders || {});\n        });\n    }\n    head(requestUrl, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('HEAD', requestUrl, null, additionalHeaders || {});\n        });\n    }\n    sendStream(verb, requestUrl, stream, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request(verb, requestUrl, stream, additionalHeaders);\n        });\n    }\n    /**\n     * Gets a typed object from an endpoint\n     * Be aware that not found returns a null.  Other errors (4xx, 5xx) reject the promise\n     */\n    getJson(requestUrl, additionalHeaders = {}) {\n        return __awaiter(this, void 0, void 0, function* () {\n            additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n            const res = yield this.get(requestUrl, additionalHeaders);\n            return this._processResponse(res, this.requestOptions);\n        });\n    }\n    postJson(requestUrl, obj, additionalHeaders = {}) {\n        return __awaiter(this, void 0, void 0, function* () {\n            const data = JSON.stringify(obj, null, 2);\n            additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n            additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson);\n            const res = yield this.post(requestUrl, data, additionalHeaders);\n            return this._processResponse(res, this.requestOptions);\n        });\n    }\n    putJson(requestUrl, obj, additionalHeaders = {}) {\n        return __awaiter(this, void 0, void 0, function* () {\n            const data = JSON.stringify(obj, null, 2);\n            additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n            additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson);\n            const res = yield this.put(requestUrl, data, additionalHeaders);\n            return this._processResponse(res, this.requestOptions);\n        });\n    }\n    patchJson(requestUrl, obj, additionalHeaders = {}) {\n        return __awaiter(this, void 0, void 0, function* () {\n            const data = JSON.stringify(obj, null, 2);\n            additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n            additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson);\n            const res = yield this.patch(requestUrl, data, additionalHeaders);\n            return this._processResponse(res, this.requestOptions);\n        });\n    }\n    /**\n     * Makes a raw http request.\n     * All other methods such as get, post, patch, and request ultimately call this.\n     * Prefer get, del, post and patch\n     */\n    request(verb, requestUrl, data, headers) {\n        return __awaiter(this, void 0, void 0, function* () {\n            if (this._disposed) {\n                throw new Error('Client has already been disposed.');\n            }\n            const parsedUrl = new URL(requestUrl);\n            let info = this._prepareRequest(verb, parsedUrl, headers);\n            // Only perform retries on reads since writes may not be idempotent.\n            const maxTries = this._allowRetries && RetryableHttpVerbs.includes(verb)\n                ? this._maxRetries + 1\n                : 1;\n            let numTries = 0;\n            let response;\n            do {\n                response = yield this.requestRaw(info, data);\n                // Check if it's an authentication challenge\n                if (response &&\n                    response.message &&\n                    response.message.statusCode === HttpCodes.Unauthorized) {\n                    let authenticationHandler;\n                    for (const handler of this.handlers) {\n                        if (handler.canHandleAuthentication(response)) {\n                            authenticationHandler = handler;\n                            break;\n                        }\n                    }\n                    if (authenticationHandler) {\n                        return authenticationHandler.handleAuthentication(this, info, data);\n                    }\n                    else {\n                        // We have received an unauthorized response but have no handlers to handle it.\n                        // Let the response return to the caller.\n                        return response;\n                    }\n                }\n                let redirectsRemaining = this._maxRedirects;\n                while (response.message.statusCode &&\n                    HttpRedirectCodes.includes(response.message.statusCode) &&\n                    this._allowRedirects &&\n                    redirectsRemaining > 0) {\n                    const redirectUrl = response.message.headers['location'];\n                    if (!redirectUrl) {\n                        // if there's no location to redirect to, we won't\n                        break;\n                    }\n                    const parsedRedirectUrl = new URL(redirectUrl);\n                    if (parsedUrl.protocol === 'https:' &&\n                        parsedUrl.protocol !== parsedRedirectUrl.protocol &&\n                        !this._allowRedirectDowngrade) {\n                        throw new Error('Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.');\n                    }\n                    // we need to finish reading the response before reassigning response\n                    // which will leak the open socket.\n                    yield response.readBody();\n                    // strip authorization header if redirected to a different hostname\n                    if (parsedRedirectUrl.hostname !== parsedUrl.hostname) {\n                        for (const header in headers) {\n                            // header names are case insensitive\n                            if (header.toLowerCase() === 'authorization') {\n                                delete headers[header];\n                            }\n                        }\n                    }\n                    // let's make the request with the new redirectUrl\n                    info = this._prepareRequest(verb, parsedRedirectUrl, headers);\n                    response = yield this.requestRaw(info, data);\n                    redirectsRemaining--;\n                }\n                if (!response.message.statusCode ||\n                    !HttpResponseRetryCodes.includes(response.message.statusCode)) {\n                    // If not a retry code, return immediately instead of retrying\n                    return response;\n                }\n                numTries += 1;\n                if (numTries < maxTries) {\n                    yield response.readBody();\n                    yield this._performExponentialBackoff(numTries);\n                }\n            } while (numTries < maxTries);\n            return response;\n        });\n    }\n    /**\n     * Needs to be called if keepAlive is set to true in request options.\n     */\n    dispose() {\n        if (this._agent) {\n            this._agent.destroy();\n        }\n        this._disposed = true;\n    }\n    /**\n     * Raw request.\n     * @param info\n     * @param data\n     */\n    requestRaw(info, data) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return new Promise((resolve, reject) => {\n                function callbackForResult(err, res) {\n                    if (err) {\n                        reject(err);\n                    }\n                    else if (!res) {\n                        // If `err` is not passed, then `res` must be passed.\n                        reject(new Error('Unknown error'));\n                    }\n                    else {\n                        resolve(res);\n                    }\n                }\n                this.requestRawWithCallback(info, data, callbackForResult);\n            });\n        });\n    }\n    /**\n     * Raw request with callback.\n     * @param info\n     * @param data\n     * @param onResult\n     */\n    requestRawWithCallback(info, data, onResult) {\n        if (typeof data === 'string') {\n            if (!info.options.headers) {\n                info.options.headers = {};\n            }\n            info.options.headers['Content-Length'] = Buffer.byteLength(data, 'utf8');\n        }\n        let callbackCalled = false;\n        function handleResult(err, res) {\n            if (!callbackCalled) {\n                callbackCalled = true;\n                onResult(err, res);\n            }\n        }\n        const req = info.httpModule.request(info.options, (msg) => {\n            const res = new HttpClientResponse(msg);\n            handleResult(undefined, res);\n        });\n        let socket;\n        req.on('socket', sock => {\n            socket = sock;\n        });\n        // If we ever get disconnected, we want the socket to timeout eventually\n        req.setTimeout(this._socketTimeout || 3 * 60000, () => {\n            if (socket) {\n                socket.end();\n            }\n            handleResult(new Error(`Request timeout: ${info.options.path}`));\n        });\n        req.on('error', function (err) {\n            // err has statusCode property\n            // res should have headers\n            handleResult(err);\n        });\n        if (data && typeof data === 'string') {\n            req.write(data, 'utf8');\n        }\n        if (data && typeof data !== 'string') {\n            data.on('close', function () {\n                req.end();\n            });\n            data.pipe(req);\n        }\n        else {\n            req.end();\n        }\n    }\n    /**\n     * Gets an http agent. This function is useful when you need an http agent that handles\n     * routing through a proxy server - depending upon the url and proxy environment variables.\n     * @param serverUrl  The server URL where the request will be sent. For example, https://api.github.com\n     */\n    getAgent(serverUrl) {\n        const parsedUrl = new URL(serverUrl);\n        return this._getAgent(parsedUrl);\n    }\n    _prepareRequest(method, requestUrl, headers) {\n        const info = {};\n        info.parsedUrl = requestUrl;\n        const usingSsl = info.parsedUrl.protocol === 'https:';\n        info.httpModule = usingSsl ? https : http;\n        const defaultPort = usingSsl ? 443 : 80;\n        info.options = {};\n        info.options.host = info.parsedUrl.hostname;\n        info.options.port = info.parsedUrl.port\n            ? parseInt(info.parsedUrl.port)\n            : defaultPort;\n        info.options.path =\n            (info.parsedUrl.pathname || '') + (info.parsedUrl.search || '');\n        info.options.method = method;\n        info.options.headers = this._mergeHeaders(headers);\n        if (this.userAgent != null) {\n            info.options.headers['user-agent'] = this.userAgent;\n        }\n        info.options.agent = this._getAgent(info.parsedUrl);\n        // gives handlers an opportunity to participate\n        if (this.handlers) {\n            for (const handler of this.handlers) {\n                handler.prepareRequest(info.options);\n            }\n        }\n        return info;\n    }\n    _mergeHeaders(headers) {\n        if (this.requestOptions && this.requestOptions.headers) {\n            return Object.assign({}, lowercaseKeys(this.requestOptions.headers), lowercaseKeys(headers || {}));\n        }\n        return lowercaseKeys(headers || {});\n    }\n    _getExistingOrDefaultHeader(additionalHeaders, header, _default) {\n        let clientHeader;\n        if (this.requestOptions && this.requestOptions.headers) {\n            clientHeader = lowercaseKeys(this.requestOptions.headers)[header];\n        }\n        return additionalHeaders[header] || clientHeader || _default;\n    }\n    _getAgent(parsedUrl) {\n        let agent;\n        const proxyUrl = pm.getProxyUrl(parsedUrl);\n        const useProxy = proxyUrl && proxyUrl.hostname;\n        if (this._keepAlive && useProxy) {\n            agent = this._proxyAgent;\n        }\n        if (this._keepAlive && !useProxy) {\n            agent = this._agent;\n        }\n        // if agent is already assigned use that agent.\n        if (agent) {\n            return agent;\n        }\n        const usingSsl = parsedUrl.protocol === 'https:';\n        let maxSockets = 100;\n        if (this.requestOptions) {\n            maxSockets = this.requestOptions.maxSockets || http.globalAgent.maxSockets;\n        }\n        // This is `useProxy` again, but we need to check `proxyURl` directly for TypeScripts's flow analysis.\n        if (proxyUrl && proxyUrl.hostname) {\n            const agentOptions = {\n                maxSockets,\n                keepAlive: this._keepAlive,\n                proxy: Object.assign(Object.assign({}, ((proxyUrl.username || proxyUrl.password) && {\n                    proxyAuth: `${proxyUrl.username}:${proxyUrl.password}`\n                })), { host: proxyUrl.hostname, port: proxyUrl.port })\n            };\n            let tunnelAgent;\n            const overHttps = proxyUrl.protocol === 'https:';\n            if (usingSsl) {\n                tunnelAgent = overHttps ? tunnel.httpsOverHttps : tunnel.httpsOverHttp;\n            }\n            else {\n                tunnelAgent = overHttps ? tunnel.httpOverHttps : tunnel.httpOverHttp;\n            }\n            agent = tunnelAgent(agentOptions);\n            this._proxyAgent = agent;\n        }\n        // if reusing agent across request and tunneling agent isn't assigned create a new agent\n        if (this._keepAlive && !agent) {\n            const options = { keepAlive: this._keepAlive, maxSockets };\n            agent = usingSsl ? new https.Agent(options) : new http.Agent(options);\n            this._agent = agent;\n        }\n        // if not using private agent and tunnel agent isn't setup then use global agent\n        if (!agent) {\n            agent = usingSsl ? https.globalAgent : http.globalAgent;\n        }\n        if (usingSsl && this._ignoreSslError) {\n            // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process\n            // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options\n            // we have to cast it to any and change it directly\n            agent.options = Object.assign(agent.options || {}, {\n                rejectUnauthorized: false\n            });\n        }\n        return agent;\n    }\n    _performExponentialBackoff(retryNumber) {\n        return __awaiter(this, void 0, void 0, function* () {\n            retryNumber = Math.min(ExponentialBackoffCeiling, retryNumber);\n            const ms = ExponentialBackoffTimeSlice * Math.pow(2, retryNumber);\n            return new Promise(resolve => setTimeout(() => resolve(), ms));\n        });\n    }\n    _processResponse(res, options) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () {\n                const statusCode = res.message.statusCode || 0;\n                const response = {\n                    statusCode,\n                    result: null,\n                    headers: {}\n                };\n                // not found leads to null obj returned\n                if (statusCode === HttpCodes.NotFound) {\n                    resolve(response);\n                }\n                // get the result from the body\n                function dateTimeDeserializer(key, value) {\n                    if (typeof value === 'string') {\n                        const a = new Date(value);\n                        if (!isNaN(a.valueOf())) {\n                            return a;\n                        }\n                    }\n                    return value;\n                }\n                let obj;\n                let contents;\n                try {\n                    contents = yield res.readBody();\n                    if (contents && contents.length > 0) {\n                        if (options && options.deserializeDates) {\n                            obj = JSON.parse(contents, dateTimeDeserializer);\n                        }\n                        else {\n                            obj = JSON.parse(contents);\n                        }\n                        response.result = obj;\n                    }\n                    response.headers = res.message.headers;\n                }\n                catch (err) {\n                    // Invalid resource (contents not json);  leaving result obj null\n                }\n                // note that 3xx redirects are handled by the http layer.\n                if (statusCode > 299) {\n                    let msg;\n                    // if exception/error in body, attempt to get better error\n                    if (obj && obj.message) {\n                        msg = obj.message;\n                    }\n                    else if (contents && contents.length > 0) {\n                        // it may be the case that the exception is in the body message as string\n                        msg = contents;\n                    }\n                    else {\n                        msg = `Failed request: (${statusCode})`;\n                    }\n                    const err = new HttpClientError(msg, statusCode);\n                    err.result = response.result;\n                    reject(err);\n                }\n                else {\n                    resolve(response);\n                }\n            }));\n        });\n    }\n}\nexports.HttpClient = HttpClient;\nconst lowercaseKeys = (obj) => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {});\n//# sourceMappingURL=index.js.map","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.checkBypass = exports.getProxyUrl = void 0;\nfunction getProxyUrl(reqUrl) {\n    const usingSsl = reqUrl.protocol === 'https:';\n    if (checkBypass(reqUrl)) {\n        return undefined;\n    }\n    const proxyVar = (() => {\n        if (usingSsl) {\n            return process.env['https_proxy'] || process.env['HTTPS_PROXY'];\n        }\n        else {\n            return process.env['http_proxy'] || process.env['HTTP_PROXY'];\n        }\n    })();\n    if (proxyVar) {\n        return new URL(proxyVar);\n    }\n    else {\n        return undefined;\n    }\n}\nexports.getProxyUrl = getProxyUrl;\nfunction checkBypass(reqUrl) {\n    if (!reqUrl.hostname) {\n        return false;\n    }\n    const noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || '';\n    if (!noProxy) {\n        return false;\n    }\n    // Determine the request port\n    let reqPort;\n    if (reqUrl.port) {\n        reqPort = Number(reqUrl.port);\n    }\n    else if (reqUrl.protocol === 'http:') {\n        reqPort = 80;\n    }\n    else if (reqUrl.protocol === 'https:') {\n        reqPort = 443;\n    }\n    // Format the request hostname and hostname with port\n    const upperReqHosts = [reqUrl.hostname.toUpperCase()];\n    if (typeof reqPort === 'number') {\n        upperReqHosts.push(`${upperReqHosts[0]}:${reqPort}`);\n    }\n    // Compare request host against noproxy\n    for (const upperNoProxyItem of noProxy\n        .split(',')\n        .map(x => x.trim().toUpperCase())\n        .filter(x => x)) {\n        if (upperReqHosts.some(x => x === upperNoProxyItem)) {\n            return true;\n        }\n    }\n    return false;\n}\nexports.checkBypass = checkBypass;\n//# sourceMappingURL=proxy.js.map","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\n\nmodule.exports = {\n\n  newInvalidAsn1Error: function (msg) {\n    var e = new Error();\n    e.name = 'InvalidAsn1Error';\n    e.message = msg || '';\n    return e;\n  }\n\n};\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\nvar errors = require('./errors');\nvar types = require('./types');\n\nvar Reader = require('./reader');\nvar Writer = require('./writer');\n\n\n// --- Exports\n\nmodule.exports = {\n\n  Reader: Reader,\n\n  Writer: Writer\n\n};\n\nfor (var t in types) {\n  if (types.hasOwnProperty(t))\n    module.exports[t] = types[t];\n}\nfor (var e in errors) {\n  if (errors.hasOwnProperty(e))\n    module.exports[e] = errors[e];\n}\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\nvar assert = require('assert');\nvar Buffer = require('safer-buffer').Buffer;\n\nvar ASN1 = require('./types');\nvar errors = require('./errors');\n\n\n// --- Globals\n\nvar newInvalidAsn1Error = errors.newInvalidAsn1Error;\n\n\n\n// --- API\n\nfunction Reader(data) {\n  if (!data || !Buffer.isBuffer(data))\n    throw new TypeError('data must be a node Buffer');\n\n  this._buf = data;\n  this._size = data.length;\n\n  // These hold the \"current\" state\n  this._len = 0;\n  this._offset = 0;\n}\n\nObject.defineProperty(Reader.prototype, 'length', {\n  enumerable: true,\n  get: function () { return (this._len); }\n});\n\nObject.defineProperty(Reader.prototype, 'offset', {\n  enumerable: true,\n  get: function () { return (this._offset); }\n});\n\nObject.defineProperty(Reader.prototype, 'remain', {\n  get: function () { return (this._size - this._offset); }\n});\n\nObject.defineProperty(Reader.prototype, 'buffer', {\n  get: function () { return (this._buf.slice(this._offset)); }\n});\n\n\n/**\n * Reads a single byte and advances offset; you can pass in `true` to make this\n * a \"peek\" operation (i.e., get the byte, but don't advance the offset).\n *\n * @param {Boolean} peek true means don't move offset.\n * @return {Number} the next byte, null if not enough data.\n */\nReader.prototype.readByte = function (peek) {\n  if (this._size - this._offset < 1)\n    return null;\n\n  var b = this._buf[this._offset] & 0xff;\n\n  if (!peek)\n    this._offset += 1;\n\n  return b;\n};\n\n\nReader.prototype.peek = function () {\n  return this.readByte(true);\n};\n\n\n/**\n * Reads a (potentially) variable length off the BER buffer.  This call is\n * not really meant to be called directly, as callers have to manipulate\n * the internal buffer afterwards.\n *\n * As a result of this call, you can call `Reader.length`, until the\n * next thing called that does a readLength.\n *\n * @return {Number} the amount of offset to advance the buffer.\n * @throws {InvalidAsn1Error} on bad ASN.1\n */\nReader.prototype.readLength = function (offset) {\n  if (offset === undefined)\n    offset = this._offset;\n\n  if (offset >= this._size)\n    return null;\n\n  var lenB = this._buf[offset++] & 0xff;\n  if (lenB === null)\n    return null;\n\n  if ((lenB & 0x80) === 0x80) {\n    lenB &= 0x7f;\n\n    if (lenB === 0)\n      throw newInvalidAsn1Error('Indefinite length not supported');\n\n    if (lenB > 4)\n      throw newInvalidAsn1Error('encoding too long');\n\n    if (this._size - offset < lenB)\n      return null;\n\n    this._len = 0;\n    for (var i = 0; i < lenB; i++)\n      this._len = (this._len << 8) + (this._buf[offset++] & 0xff);\n\n  } else {\n    // Wasn't a variable length\n    this._len = lenB;\n  }\n\n  return offset;\n};\n\n\n/**\n * Parses the next sequence in this BER buffer.\n *\n * To get the length of the sequence, call `Reader.length`.\n *\n * @return {Number} the sequence's tag.\n */\nReader.prototype.readSequence = function (tag) {\n  var seq = this.peek();\n  if (seq === null)\n    return null;\n  if (tag !== undefined && tag !== seq)\n    throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n                              ': got 0x' + seq.toString(16));\n\n  var o = this.readLength(this._offset + 1); // stored in `length`\n  if (o === null)\n    return null;\n\n  this._offset = o;\n  return seq;\n};\n\n\nReader.prototype.readInt = function () {\n  return this._readTag(ASN1.Integer);\n};\n\n\nReader.prototype.readBoolean = function () {\n  return (this._readTag(ASN1.Boolean) === 0 ? false : true);\n};\n\n\nReader.prototype.readEnumeration = function () {\n  return this._readTag(ASN1.Enumeration);\n};\n\n\nReader.prototype.readString = function (tag, retbuf) {\n  if (!tag)\n    tag = ASN1.OctetString;\n\n  var b = this.peek();\n  if (b === null)\n    return null;\n\n  if (b !== tag)\n    throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n                              ': got 0x' + b.toString(16));\n\n  var o = this.readLength(this._offset + 1); // stored in `length`\n\n  if (o === null)\n    return null;\n\n  if (this.length > this._size - o)\n    return null;\n\n  this._offset = o;\n\n  if (this.length === 0)\n    return retbuf ? Buffer.alloc(0) : '';\n\n  var str = this._buf.slice(this._offset, this._offset + this.length);\n  this._offset += this.length;\n\n  return retbuf ? str : str.toString('utf8');\n};\n\nReader.prototype.readOID = function (tag) {\n  if (!tag)\n    tag = ASN1.OID;\n\n  var b = this.readString(tag, true);\n  if (b === null)\n    return null;\n\n  var values = [];\n  var value = 0;\n\n  for (var i = 0; i < b.length; i++) {\n    var byte = b[i] & 0xff;\n\n    value <<= 7;\n    value += byte & 0x7f;\n    if ((byte & 0x80) === 0) {\n      values.push(value);\n      value = 0;\n    }\n  }\n\n  value = values.shift();\n  values.unshift(value % 40);\n  values.unshift((value / 40) >> 0);\n\n  return values.join('.');\n};\n\n\nReader.prototype._readTag = function (tag) {\n  assert.ok(tag !== undefined);\n\n  var b = this.peek();\n\n  if (b === null)\n    return null;\n\n  if (b !== tag)\n    throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n                              ': got 0x' + b.toString(16));\n\n  var o = this.readLength(this._offset + 1); // stored in `length`\n  if (o === null)\n    return null;\n\n  if (this.length > 4)\n    throw newInvalidAsn1Error('Integer too long: ' + this.length);\n\n  if (this.length > this._size - o)\n    return null;\n  this._offset = o;\n\n  var fb = this._buf[this._offset];\n  var value = 0;\n\n  for (var i = 0; i < this.length; i++) {\n    value <<= 8;\n    value |= (this._buf[this._offset++] & 0xff);\n  }\n\n  if ((fb & 0x80) === 0x80 && i !== 4)\n    value -= (1 << (i * 8));\n\n  return value >> 0;\n};\n\n\n\n// --- Exported API\n\nmodule.exports = Reader;\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\n\nmodule.exports = {\n  EOC: 0,\n  Boolean: 1,\n  Integer: 2,\n  BitString: 3,\n  OctetString: 4,\n  Null: 5,\n  OID: 6,\n  ObjectDescriptor: 7,\n  External: 8,\n  Real: 9, // float\n  Enumeration: 10,\n  PDV: 11,\n  Utf8String: 12,\n  RelativeOID: 13,\n  Sequence: 16,\n  Set: 17,\n  NumericString: 18,\n  PrintableString: 19,\n  T61String: 20,\n  VideotexString: 21,\n  IA5String: 22,\n  UTCTime: 23,\n  GeneralizedTime: 24,\n  GraphicString: 25,\n  VisibleString: 26,\n  GeneralString: 28,\n  UniversalString: 29,\n  CharacterString: 30,\n  BMPString: 31,\n  Constructor: 32,\n  Context: 128\n};\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\nvar assert = require('assert');\nvar Buffer = require('safer-buffer').Buffer;\nvar ASN1 = require('./types');\nvar errors = require('./errors');\n\n\n// --- Globals\n\nvar newInvalidAsn1Error = errors.newInvalidAsn1Error;\n\nvar DEFAULT_OPTS = {\n  size: 1024,\n  growthFactor: 8\n};\n\n\n// --- Helpers\n\nfunction merge(from, to) {\n  assert.ok(from);\n  assert.equal(typeof (from), 'object');\n  assert.ok(to);\n  assert.equal(typeof (to), 'object');\n\n  var keys = Object.getOwnPropertyNames(from);\n  keys.forEach(function (key) {\n    if (to[key])\n      return;\n\n    var value = Object.getOwnPropertyDescriptor(from, key);\n    Object.defineProperty(to, key, value);\n  });\n\n  return to;\n}\n\n\n\n// --- API\n\nfunction Writer(options) {\n  options = merge(DEFAULT_OPTS, options || {});\n\n  this._buf = Buffer.alloc(options.size || 1024);\n  this._size = this._buf.length;\n  this._offset = 0;\n  this._options = options;\n\n  // A list of offsets in the buffer where we need to insert\n  // sequence tag/len pairs.\n  this._seq = [];\n}\n\nObject.defineProperty(Writer.prototype, 'buffer', {\n  get: function () {\n    if (this._seq.length)\n      throw newInvalidAsn1Error(this._seq.length + ' unended sequence(s)');\n\n    return (this._buf.slice(0, this._offset));\n  }\n});\n\nWriter.prototype.writeByte = function (b) {\n  if (typeof (b) !== 'number')\n    throw new TypeError('argument must be a Number');\n\n  this._ensure(1);\n  this._buf[this._offset++] = b;\n};\n\n\nWriter.prototype.writeInt = function (i, tag) {\n  if (typeof (i) !== 'number')\n    throw new TypeError('argument must be a Number');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.Integer;\n\n  var sz = 4;\n\n  while ((((i & 0xff800000) === 0) || ((i & 0xff800000) === 0xff800000 >> 0)) &&\n        (sz > 1)) {\n    sz--;\n    i <<= 8;\n  }\n\n  if (sz > 4)\n    throw newInvalidAsn1Error('BER ints cannot be > 0xffffffff');\n\n  this._ensure(2 + sz);\n  this._buf[this._offset++] = tag;\n  this._buf[this._offset++] = sz;\n\n  while (sz-- > 0) {\n    this._buf[this._offset++] = ((i & 0xff000000) >>> 24);\n    i <<= 8;\n  }\n\n};\n\n\nWriter.prototype.writeNull = function () {\n  this.writeByte(ASN1.Null);\n  this.writeByte(0x00);\n};\n\n\nWriter.prototype.writeEnumeration = function (i, tag) {\n  if (typeof (i) !== 'number')\n    throw new TypeError('argument must be a Number');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.Enumeration;\n\n  return this.writeInt(i, tag);\n};\n\n\nWriter.prototype.writeBoolean = function (b, tag) {\n  if (typeof (b) !== 'boolean')\n    throw new TypeError('argument must be a Boolean');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.Boolean;\n\n  this._ensure(3);\n  this._buf[this._offset++] = tag;\n  this._buf[this._offset++] = 0x01;\n  this._buf[this._offset++] = b ? 0xff : 0x00;\n};\n\n\nWriter.prototype.writeString = function (s, tag) {\n  if (typeof (s) !== 'string')\n    throw new TypeError('argument must be a string (was: ' + typeof (s) + ')');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.OctetString;\n\n  var len = Buffer.byteLength(s);\n  this.writeByte(tag);\n  this.writeLength(len);\n  if (len) {\n    this._ensure(len);\n    this._buf.write(s, this._offset);\n    this._offset += len;\n  }\n};\n\n\nWriter.prototype.writeBuffer = function (buf, tag) {\n  if (typeof (tag) !== 'number')\n    throw new TypeError('tag must be a number');\n  if (!Buffer.isBuffer(buf))\n    throw new TypeError('argument must be a buffer');\n\n  this.writeByte(tag);\n  this.writeLength(buf.length);\n  this._ensure(buf.length);\n  buf.copy(this._buf, this._offset, 0, buf.length);\n  this._offset += buf.length;\n};\n\n\nWriter.prototype.writeStringArray = function (strings) {\n  if ((!strings instanceof Array))\n    throw new TypeError('argument must be an Array[String]');\n\n  var self = this;\n  strings.forEach(function (s) {\n    self.writeString(s);\n  });\n};\n\n// This is really to solve DER cases, but whatever for now\nWriter.prototype.writeOID = function (s, tag) {\n  if (typeof (s) !== 'string')\n    throw new TypeError('argument must be a string');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.OID;\n\n  if (!/^([0-9]+\\.){3,}[0-9]+$/.test(s))\n    throw new Error('argument is not a valid OID string');\n\n  function encodeOctet(bytes, octet) {\n    if (octet < 128) {\n        bytes.push(octet);\n    } else if (octet < 16384) {\n        bytes.push((octet >>> 7) | 0x80);\n        bytes.push(octet & 0x7F);\n    } else if (octet < 2097152) {\n      bytes.push((octet >>> 14) | 0x80);\n      bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n      bytes.push(octet & 0x7F);\n    } else if (octet < 268435456) {\n      bytes.push((octet >>> 21) | 0x80);\n      bytes.push(((octet >>> 14) | 0x80) & 0xFF);\n      bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n      bytes.push(octet & 0x7F);\n    } else {\n      bytes.push(((octet >>> 28) | 0x80) & 0xFF);\n      bytes.push(((octet >>> 21) | 0x80) & 0xFF);\n      bytes.push(((octet >>> 14) | 0x80) & 0xFF);\n      bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n      bytes.push(octet & 0x7F);\n    }\n  }\n\n  var tmp = s.split('.');\n  var bytes = [];\n  bytes.push(parseInt(tmp[0], 10) * 40 + parseInt(tmp[1], 10));\n  tmp.slice(2).forEach(function (b) {\n    encodeOctet(bytes, parseInt(b, 10));\n  });\n\n  var self = this;\n  this._ensure(2 + bytes.length);\n  this.writeByte(tag);\n  this.writeLength(bytes.length);\n  bytes.forEach(function (b) {\n    self.writeByte(b);\n  });\n};\n\n\nWriter.prototype.writeLength = function (len) {\n  if (typeof (len) !== 'number')\n    throw new TypeError('argument must be a Number');\n\n  this._ensure(4);\n\n  if (len <= 0x7f) {\n    this._buf[this._offset++] = len;\n  } else if (len <= 0xff) {\n    this._buf[this._offset++] = 0x81;\n    this._buf[this._offset++] = len;\n  } else if (len <= 0xffff) {\n    this._buf[this._offset++] = 0x82;\n    this._buf[this._offset++] = len >> 8;\n    this._buf[this._offset++] = len;\n  } else if (len <= 0xffffff) {\n    this._buf[this._offset++] = 0x83;\n    this._buf[this._offset++] = len >> 16;\n    this._buf[this._offset++] = len >> 8;\n    this._buf[this._offset++] = len;\n  } else {\n    throw newInvalidAsn1Error('Length too long (> 4 bytes)');\n  }\n};\n\nWriter.prototype.startSequence = function (tag) {\n  if (typeof (tag) !== 'number')\n    tag = ASN1.Sequence | ASN1.Constructor;\n\n  this.writeByte(tag);\n  this._seq.push(this._offset);\n  this._ensure(3);\n  this._offset += 3;\n};\n\n\nWriter.prototype.endSequence = function () {\n  var seq = this._seq.pop();\n  var start = seq + 3;\n  var len = this._offset - start;\n\n  if (len <= 0x7f) {\n    this._shift(start, len, -2);\n    this._buf[seq] = len;\n  } else if (len <= 0xff) {\n    this._shift(start, len, -1);\n    this._buf[seq] = 0x81;\n    this._buf[seq + 1] = len;\n  } else if (len <= 0xffff) {\n    this._buf[seq] = 0x82;\n    this._buf[seq + 1] = len >> 8;\n    this._buf[seq + 2] = len;\n  } else if (len <= 0xffffff) {\n    this._shift(start, len, 1);\n    this._buf[seq] = 0x83;\n    this._buf[seq + 1] = len >> 16;\n    this._buf[seq + 2] = len >> 8;\n    this._buf[seq + 3] = len;\n  } else {\n    throw newInvalidAsn1Error('Sequence too long');\n  }\n};\n\n\nWriter.prototype._shift = function (start, len, shift) {\n  assert.ok(start !== undefined);\n  assert.ok(len !== undefined);\n  assert.ok(shift);\n\n  this._buf.copy(this._buf, start + shift, start, start + len);\n  this._offset += shift;\n};\n\nWriter.prototype._ensure = function (len) {\n  assert.ok(len);\n\n  if (this._size - this._offset < len) {\n    var sz = this._size * this._options.growthFactor;\n    if (sz - this._offset < len)\n      sz += len;\n\n    var buf = Buffer.alloc(sz);\n\n    this._buf.copy(buf, 0, 0, this._offset);\n    this._buf = buf;\n    this._size = sz;\n  }\n};\n\n\n\n// --- Exported API\n\nmodule.exports = Writer;\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\n// If you have no idea what ASN.1 or BER is, see this:\n// ftp://ftp.rsa.com/pub/pkcs/ascii/layman.asc\n\nvar Ber = require('./ber/index');\n\n\n\n// --- Exported API\n\nmodule.exports = {\n\n  Ber: Ber,\n\n  BerReader: Ber.Reader,\n\n  BerWriter: Ber.Writer\n\n};\n","'use strict';\n\nvar crypto_hash_sha512 = require('tweetnacl').lowlevel.crypto_hash;\n\n/*\n * This file is a 1:1 port from the OpenBSD blowfish.c and bcrypt_pbkdf.c. As a\n * result, it retains the original copyright and license. The two files are\n * under slightly different (but compatible) licenses, and are here combined in\n * one file.\n *\n * Credit for the actual porting work goes to:\n *  Devi Mandiri <me@devi.web.id>\n */\n\n/*\n * The Blowfish portions are under the following license:\n *\n * Blowfish block cipher for OpenBSD\n * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>\n * All rights reserved.\n *\n * Implementation advice by David Mazieres <dm@lcs.mit.edu>.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n *    notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n *    notice, this list of conditions and the following disclaimer in the\n *    documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n *    derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n */\n\n/*\n * The bcrypt_pbkdf portions are under the following license:\n *\n * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>\n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n/*\n * Performance improvements (Javascript-specific):\n *\n * Copyright 2016, Joyent Inc\n * Author: Alex Wilson <alex.wilson@joyent.com>\n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n// Ported from OpenBSD bcrypt_pbkdf.c v1.9\n\nvar BLF_J = 0;\n\nvar Blowfish = function() {\n  this.S = [\n    new Uint32Array([\n      0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7,\n      0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99,\n      0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16,\n      0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e,\n      0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee,\n      0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013,\n      0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef,\n      0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e,\n      0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60,\n      0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440,\n      0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce,\n      0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a,\n      0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e,\n      0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677,\n      0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193,\n      0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032,\n      0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88,\n      0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239,\n      0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e,\n      0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0,\n      0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3,\n      0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98,\n      0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88,\n      0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe,\n      0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6,\n      0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d,\n      0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b,\n      0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7,\n      0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba,\n      0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463,\n      0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f,\n      0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09,\n      0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3,\n      0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb,\n      0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279,\n      0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8,\n      0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab,\n      0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82,\n      0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db,\n      0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573,\n      0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0,\n      0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b,\n      0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790,\n      0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8,\n      0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4,\n      0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0,\n      0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7,\n      0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c,\n      0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad,\n      0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1,\n      0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299,\n      0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9,\n      0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477,\n      0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf,\n      0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49,\n      0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af,\n      0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa,\n      0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5,\n      0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41,\n      0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915,\n      0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400,\n      0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915,\n      0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664,\n      0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a]),\n    new Uint32Array([\n      0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623,\n      0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266,\n      0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1,\n      0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e,\n      0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6,\n      0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1,\n      0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e,\n      0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1,\n      0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737,\n      0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8,\n      0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff,\n      0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd,\n      0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701,\n      0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7,\n      0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41,\n      0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331,\n      0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf,\n      0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af,\n      0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e,\n      0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87,\n      0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c,\n      0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2,\n      0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16,\n      0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd,\n      0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b,\n      0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509,\n      0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e,\n      0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3,\n      0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f,\n      0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a,\n      0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4,\n      0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960,\n      0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66,\n      0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28,\n      0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802,\n      0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84,\n      0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510,\n      0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf,\n      0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14,\n      0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e,\n      0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50,\n      0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7,\n      0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8,\n      0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281,\n      0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99,\n      0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696,\n      0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128,\n      0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73,\n      0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0,\n      0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0,\n      0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105,\n      0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250,\n      0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3,\n      0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285,\n      0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00,\n      0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061,\n      0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb,\n      0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e,\n      0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735,\n      0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc,\n      0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9,\n      0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340,\n      0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20,\n      0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7]),\n    new Uint32Array([\n      0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934,\n      0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068,\n      0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af,\n      0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840,\n      0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45,\n      0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504,\n      0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a,\n      0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb,\n      0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee,\n      0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6,\n      0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42,\n      0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b,\n      0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2,\n      0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb,\n      0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527,\n      0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b,\n      0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33,\n      0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c,\n      0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3,\n      0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc,\n      0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17,\n      0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564,\n      0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b,\n      0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115,\n      0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922,\n      0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728,\n      0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0,\n      0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e,\n      0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37,\n      0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d,\n      0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804,\n      0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b,\n      0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3,\n      0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb,\n      0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d,\n      0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c,\n      0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350,\n      0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9,\n      0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a,\n      0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe,\n      0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d,\n      0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc,\n      0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f,\n      0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61,\n      0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2,\n      0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9,\n      0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2,\n      0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c,\n      0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e,\n      0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633,\n      0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10,\n      0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169,\n      0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52,\n      0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027,\n      0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5,\n      0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62,\n      0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634,\n      0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76,\n      0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24,\n      0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc,\n      0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4,\n      0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c,\n      0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837,\n      0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0]),\n    new Uint32Array([\n      0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b,\n      0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe,\n      0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b,\n      0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4,\n      0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8,\n      0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6,\n      0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304,\n      0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22,\n      0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4,\n      0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6,\n      0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9,\n      0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59,\n      0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593,\n      0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51,\n      0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28,\n      0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c,\n      0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b,\n      0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28,\n      0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c,\n      0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd,\n      0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a,\n      0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319,\n      0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb,\n      0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f,\n      0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991,\n      0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32,\n      0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680,\n      0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166,\n      0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae,\n      0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb,\n      0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5,\n      0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47,\n      0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370,\n      0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d,\n      0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84,\n      0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048,\n      0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8,\n      0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd,\n      0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9,\n      0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7,\n      0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38,\n      0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f,\n      0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c,\n      0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525,\n      0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1,\n      0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442,\n      0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964,\n      0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e,\n      0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8,\n      0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d,\n      0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f,\n      0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299,\n      0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02,\n      0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc,\n      0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614,\n      0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a,\n      0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6,\n      0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b,\n      0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0,\n      0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060,\n      0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e,\n      0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9,\n      0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f,\n      0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6])\n    ];\n  this.P = new Uint32Array([\n    0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344,\n    0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89,\n    0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c,\n    0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917,\n    0x9216d5d9, 0x8979fb1b]);\n};\n\nfunction F(S, x8, i) {\n  return (((S[0][x8[i+3]] +\n            S[1][x8[i+2]]) ^\n            S[2][x8[i+1]]) +\n            S[3][x8[i]]);\n};\n\nBlowfish.prototype.encipher = function(x, x8) {\n  if (x8 === undefined) {\n    x8 = new Uint8Array(x.buffer);\n    if (x.byteOffset !== 0)\n      x8 = x8.subarray(x.byteOffset);\n  }\n  x[0] ^= this.P[0];\n  for (var i = 1; i < 16; i += 2) {\n    x[1] ^= F(this.S, x8, 0) ^ this.P[i];\n    x[0] ^= F(this.S, x8, 4) ^ this.P[i+1];\n  }\n  var t = x[0];\n  x[0] = x[1] ^ this.P[17];\n  x[1] = t;\n};\n\nBlowfish.prototype.decipher = function(x) {\n  var x8 = new Uint8Array(x.buffer);\n  if (x.byteOffset !== 0)\n    x8 = x8.subarray(x.byteOffset);\n  x[0] ^= this.P[17];\n  for (var i = 16; i > 0; i -= 2) {\n    x[1] ^= F(this.S, x8, 0) ^ this.P[i];\n    x[0] ^= F(this.S, x8, 4) ^ this.P[i-1];\n  }\n  var t = x[0];\n  x[0] = x[1] ^ this.P[0];\n  x[1] = t;\n};\n\nfunction stream2word(data, databytes){\n  var i, temp = 0;\n  for (i = 0; i < 4; i++, BLF_J++) {\n    if (BLF_J >= databytes) BLF_J = 0;\n    temp = (temp << 8) | data[BLF_J];\n  }\n  return temp;\n};\n\nBlowfish.prototype.expand0state = function(key, keybytes) {\n  var d = new Uint32Array(2), i, k;\n  var d8 = new Uint8Array(d.buffer);\n\n  for (i = 0, BLF_J = 0; i < 18; i++) {\n    this.P[i] ^= stream2word(key, keybytes);\n  }\n  BLF_J = 0;\n\n  for (i = 0; i < 18; i += 2) {\n    this.encipher(d, d8);\n    this.P[i]   = d[0];\n    this.P[i+1] = d[1];\n  }\n\n  for (i = 0; i < 4; i++) {\n    for (k = 0; k < 256; k += 2) {\n      this.encipher(d, d8);\n      this.S[i][k]   = d[0];\n      this.S[i][k+1] = d[1];\n    }\n  }\n};\n\nBlowfish.prototype.expandstate = function(data, databytes, key, keybytes) {\n  var d = new Uint32Array(2), i, k;\n\n  for (i = 0, BLF_J = 0; i < 18; i++) {\n    this.P[i] ^= stream2word(key, keybytes);\n  }\n\n  for (i = 0, BLF_J = 0; i < 18; i += 2) {\n    d[0] ^= stream2word(data, databytes);\n    d[1] ^= stream2word(data, databytes);\n    this.encipher(d);\n    this.P[i]   = d[0];\n    this.P[i+1] = d[1];\n  }\n\n  for (i = 0; i < 4; i++) {\n    for (k = 0; k < 256; k += 2) {\n      d[0] ^= stream2word(data, databytes);\n      d[1] ^= stream2word(data, databytes);\n      this.encipher(d);\n      this.S[i][k]   = d[0];\n      this.S[i][k+1] = d[1];\n    }\n  }\n  BLF_J = 0;\n};\n\nBlowfish.prototype.enc = function(data, blocks) {\n  for (var i = 0; i < blocks; i++) {\n    this.encipher(data.subarray(i*2));\n  }\n};\n\nBlowfish.prototype.dec = function(data, blocks) {\n  for (var i = 0; i < blocks; i++) {\n    this.decipher(data.subarray(i*2));\n  }\n};\n\nvar BCRYPT_BLOCKS = 8,\n    BCRYPT_HASHSIZE = 32;\n\nfunction bcrypt_hash(sha2pass, sha2salt, out) {\n  var state = new Blowfish(),\n      cdata = new Uint32Array(BCRYPT_BLOCKS), i,\n      ciphertext = new Uint8Array([79,120,121,99,104,114,111,109,97,116,105,\n            99,66,108,111,119,102,105,115,104,83,119,97,116,68,121,110,97,109,\n            105,116,101]); //\"OxychromaticBlowfishSwatDynamite\"\n\n  state.expandstate(sha2salt, 64, sha2pass, 64);\n  for (i = 0; i < 64; i++) {\n    state.expand0state(sha2salt, 64);\n    state.expand0state(sha2pass, 64);\n  }\n\n  for (i = 0; i < BCRYPT_BLOCKS; i++)\n    cdata[i] = stream2word(ciphertext, ciphertext.byteLength);\n  for (i = 0; i < 64; i++)\n    state.enc(cdata, cdata.byteLength / 8);\n\n  for (i = 0; i < BCRYPT_BLOCKS; i++) {\n    out[4*i+3] = cdata[i] >>> 24;\n    out[4*i+2] = cdata[i] >>> 16;\n    out[4*i+1] = cdata[i] >>> 8;\n    out[4*i+0] = cdata[i];\n  }\n};\n\nfunction bcrypt_pbkdf(pass, passlen, salt, saltlen, key, keylen, rounds) {\n  var sha2pass = new Uint8Array(64),\n      sha2salt = new Uint8Array(64),\n      out = new Uint8Array(BCRYPT_HASHSIZE),\n      tmpout = new Uint8Array(BCRYPT_HASHSIZE),\n      countsalt = new Uint8Array(saltlen+4),\n      i, j, amt, stride, dest, count,\n      origkeylen = keylen;\n\n  if (rounds < 1)\n    return -1;\n  if (passlen === 0 || saltlen === 0 || keylen === 0 ||\n      keylen > (out.byteLength * out.byteLength) || saltlen > (1<<20))\n    return -1;\n\n  stride = Math.floor((keylen + out.byteLength - 1) / out.byteLength);\n  amt = Math.floor((keylen + stride - 1) / stride);\n\n  for (i = 0; i < saltlen; i++)\n    countsalt[i] = salt[i];\n\n  crypto_hash_sha512(sha2pass, pass, passlen);\n\n  for (count = 1; keylen > 0; count++) {\n    countsalt[saltlen+0] = count >>> 24;\n    countsalt[saltlen+1] = count >>> 16;\n    countsalt[saltlen+2] = count >>>  8;\n    countsalt[saltlen+3] = count;\n\n    crypto_hash_sha512(sha2salt, countsalt, saltlen + 4);\n    bcrypt_hash(sha2pass, sha2salt, tmpout);\n    for (i = out.byteLength; i--;)\n      out[i] = tmpout[i];\n\n    for (i = 1; i < rounds; i++) {\n      crypto_hash_sha512(sha2salt, tmpout, tmpout.byteLength);\n      bcrypt_hash(sha2pass, sha2salt, tmpout);\n      for (j = 0; j < out.byteLength; j++)\n        out[j] ^= tmpout[j];\n    }\n\n    amt = Math.min(amt, keylen);\n    for (i = 0; i < amt; i++) {\n      dest = i * stride + (count - 1);\n      if (dest >= origkeylen)\n        break;\n      key[dest] = out[i];\n    }\n    keylen -= i;\n  }\n\n  return 0;\n};\n\nmodule.exports = {\n      BLOCKS: BCRYPT_BLOCKS,\n      HASHSIZE: BCRYPT_HASHSIZE,\n      hash: bcrypt_hash,\n      pbkdf: bcrypt_pbkdf\n};\n","'use strict';\n\nconst binding = require('../build/Release/cpufeatures.node');\n\nmodule.exports = binding.getCPUInfo;\n","'use strict';\n\nconst isStream = stream =>\n\tstream !== null &&\n\ttypeof stream === 'object' &&\n\ttypeof stream.pipe === 'function';\n\nisStream.writable = stream =>\n\tisStream(stream) &&\n\tstream.writable !== false &&\n\ttypeof stream._write === 'function' &&\n\ttypeof stream._writableState === 'object';\n\nisStream.readable = stream =>\n\tisStream(stream) &&\n\tstream.readable !== false &&\n\ttypeof stream._read === 'function' &&\n\ttypeof stream._readableState === 'object';\n\nisStream.duplex = stream =>\n\tisStream.writable(stream) &&\n\tisStream.readable(stream);\n\nisStream.transform = stream =>\n\tisStream.duplex(stream) &&\n\ttypeof stream._transform === 'function';\n\nmodule.exports = isStream;\n","'use strict';\nconst fs = require('fs');\nconst path = require('path');\nconst {promisify} = require('util');\nconst semver = require('semver');\n\nconst useNativeRecursiveOption = semver.satisfies(process.version, '>=10.12.0');\n\n// https://github.com/nodejs/node/issues/8987\n// https://github.com/libuv/libuv/pull/1088\nconst checkPath = pth => {\n\tif (process.platform === 'win32') {\n\t\tconst pathHasInvalidWinCharacters = /[<>:\"|?*]/.test(pth.replace(path.parse(pth).root, ''));\n\n\t\tif (pathHasInvalidWinCharacters) {\n\t\t\tconst error = new Error(`Path contains invalid characters: ${pth}`);\n\t\t\terror.code = 'EINVAL';\n\t\t\tthrow error;\n\t\t}\n\t}\n};\n\nconst processOptions = options => {\n\t// https://github.com/sindresorhus/make-dir/issues/18\n\tconst defaults = {\n\t\tmode: 0o777,\n\t\tfs\n\t};\n\n\treturn {\n\t\t...defaults,\n\t\t...options\n\t};\n};\n\nconst permissionError = pth => {\n\t// This replicates the exception of `fs.mkdir` with native the\n\t// `recusive` option when run on an invalid drive under Windows.\n\tconst error = new Error(`operation not permitted, mkdir '${pth}'`);\n\terror.code = 'EPERM';\n\terror.errno = -4048;\n\terror.path = pth;\n\terror.syscall = 'mkdir';\n\treturn error;\n};\n\nconst makeDir = async (input, options) => {\n\tcheckPath(input);\n\toptions = processOptions(options);\n\n\tconst mkdir = promisify(options.fs.mkdir);\n\tconst stat = promisify(options.fs.stat);\n\n\tif (useNativeRecursiveOption && options.fs.mkdir === fs.mkdir) {\n\t\tconst pth = path.resolve(input);\n\n\t\tawait mkdir(pth, {\n\t\t\tmode: options.mode,\n\t\t\trecursive: true\n\t\t});\n\n\t\treturn pth;\n\t}\n\n\tconst make = async pth => {\n\t\ttry {\n\t\t\tawait mkdir(pth, options.mode);\n\n\t\t\treturn pth;\n\t\t} catch (error) {\n\t\t\tif (error.code === 'EPERM') {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\tif (error.code === 'ENOENT') {\n\t\t\t\tif (path.dirname(pth) === pth) {\n\t\t\t\t\tthrow permissionError(pth);\n\t\t\t\t}\n\n\t\t\t\tif (error.message.includes('null bytes')) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\n\t\t\t\tawait make(path.dirname(pth));\n\n\t\t\t\treturn make(pth);\n\t\t\t}\n\n\t\t\ttry {\n\t\t\t\tconst stats = await stat(pth);\n\t\t\t\tif (!stats.isDirectory()) {\n\t\t\t\t\tthrow new Error('The path is not a directory');\n\t\t\t\t}\n\t\t\t} catch (_) {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\treturn pth;\n\t\t}\n\t};\n\n\treturn make(path.resolve(input));\n};\n\nmodule.exports = makeDir;\n\nmodule.exports.sync = (input, options) => {\n\tcheckPath(input);\n\toptions = processOptions(options);\n\n\tif (useNativeRecursiveOption && options.fs.mkdirSync === fs.mkdirSync) {\n\t\tconst pth = path.resolve(input);\n\n\t\tfs.mkdirSync(pth, {\n\t\t\tmode: options.mode,\n\t\t\trecursive: true\n\t\t});\n\n\t\treturn pth;\n\t}\n\n\tconst make = pth => {\n\t\ttry {\n\t\t\toptions.fs.mkdirSync(pth, options.mode);\n\t\t} catch (error) {\n\t\t\tif (error.code === 'EPERM') {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\tif (error.code === 'ENOENT') {\n\t\t\t\tif (path.dirname(pth) === pth) {\n\t\t\t\t\tthrow permissionError(pth);\n\t\t\t\t}\n\n\t\t\t\tif (error.message.includes('null bytes')) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\n\t\t\t\tmake(path.dirname(pth));\n\t\t\t\treturn make(pth);\n\t\t\t}\n\n\t\t\ttry {\n\t\t\t\tif (!options.fs.statSync(pth).isDirectory()) {\n\t\t\t\t\tthrow new Error('The path is not a directory');\n\t\t\t\t}\n\t\t\t} catch (_) {\n\t\t\t\tthrow error;\n\t\t\t}\n\t\t}\n\n\t\treturn pth;\n\t};\n\n\treturn make(path.resolve(input));\n};\n","/* eslint-disable node/no-deprecated-api */\n\n'use strict'\n\nvar buffer = require('buffer')\nvar Buffer = buffer.Buffer\n\nvar safer = {}\n\nvar key\n\nfor (key in buffer) {\n  if (!buffer.hasOwnProperty(key)) continue\n  if (key === 'SlowBuffer' || key === 'Buffer') continue\n  safer[key] = buffer[key]\n}\n\nvar Safer = safer.Buffer = {}\nfor (key in Buffer) {\n  if (!Buffer.hasOwnProperty(key)) continue\n  if (key === 'allocUnsafe' || key === 'allocUnsafeSlow') continue\n  Safer[key] = Buffer[key]\n}\n\nsafer.Buffer.prototype = Buffer.prototype\n\nif (!Safer.from || Safer.from === Uint8Array.from) {\n  Safer.from = function (value, encodingOrOffset, length) {\n    if (typeof value === 'number') {\n      throw new TypeError('The \"value\" argument must not be of type number. Received type ' + typeof value)\n    }\n    if (value && typeof value.length === 'undefined') {\n      throw new TypeError('The first argument must be one of type string, Buffer, ArrayBuffer, Array, or Array-like Object. Received type ' + typeof value)\n    }\n    return Buffer(value, encodingOrOffset, length)\n  }\n}\n\nif (!Safer.alloc) {\n  Safer.alloc = function (size, fill, encoding) {\n    if (typeof size !== 'number') {\n      throw new TypeError('The \"size\" argument must be of type number. Received type ' + typeof size)\n    }\n    if (size < 0 || size >= 2 * (1 << 30)) {\n      throw new RangeError('The value \"' + size + '\" is invalid for option \"size\"')\n    }\n    var buf = Buffer(size)\n    if (!fill || fill.length === 0) {\n      buf.fill(0)\n    } else if (typeof encoding === 'string') {\n      buf.fill(fill, encoding)\n    } else {\n      buf.fill(fill)\n    }\n    return buf\n  }\n}\n\nif (!safer.kStringMaxLength) {\n  try {\n    safer.kStringMaxLength = process.binding('buffer').kStringMaxLength\n  } catch (e) {\n    // we can't determine kStringMaxLength in environments where process.binding\n    // is unsupported, so let's not set it\n  }\n}\n\nif (!safer.constants) {\n  safer.constants = {\n    MAX_LENGTH: safer.kMaxLength\n  }\n  if (safer.kStringMaxLength) {\n    safer.constants.MAX_STRING_LENGTH = safer.kStringMaxLength\n  }\n}\n\nmodule.exports = safer\n","exports = module.exports = SemVer\n\nvar debug\n/* istanbul ignore next */\nif (typeof process === 'object' &&\n    process.env &&\n    process.env.NODE_DEBUG &&\n    /\\bsemver\\b/i.test(process.env.NODE_DEBUG)) {\n  debug = function () {\n    var args = Array.prototype.slice.call(arguments, 0)\n    args.unshift('SEMVER')\n    console.log.apply(console, args)\n  }\n} else {\n  debug = function () {}\n}\n\n// Note: this is the semver.org version of the spec that it implements\n// Not necessarily the package version of this code.\nexports.SEMVER_SPEC_VERSION = '2.0.0'\n\nvar MAX_LENGTH = 256\nvar MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER ||\n  /* istanbul ignore next */ 9007199254740991\n\n// Max safe segment length for coercion.\nvar MAX_SAFE_COMPONENT_LENGTH = 16\n\n// The actual regexps go on exports.re\nvar re = exports.re = []\nvar src = exports.src = []\nvar t = exports.tokens = {}\nvar R = 0\n\nfunction tok (n) {\n  t[n] = R++\n}\n\n// The following Regular Expressions can be used for tokenizing,\n// validating, and parsing SemVer version strings.\n\n// ## Numeric Identifier\n// A single `0`, or a non-zero digit followed by zero or more digits.\n\ntok('NUMERICIDENTIFIER')\nsrc[t.NUMERICIDENTIFIER] = '0|[1-9]\\\\d*'\ntok('NUMERICIDENTIFIERLOOSE')\nsrc[t.NUMERICIDENTIFIERLOOSE] = '[0-9]+'\n\n// ## Non-numeric Identifier\n// Zero or more digits, followed by a letter or hyphen, and then zero or\n// more letters, digits, or hyphens.\n\ntok('NONNUMERICIDENTIFIER')\nsrc[t.NONNUMERICIDENTIFIER] = '\\\\d*[a-zA-Z-][a-zA-Z0-9-]*'\n\n// ## Main Version\n// Three dot-separated numeric identifiers.\n\ntok('MAINVERSION')\nsrc[t.MAINVERSION] = '(' + src[t.NUMERICIDENTIFIER] + ')\\\\.' +\n                   '(' + src[t.NUMERICIDENTIFIER] + ')\\\\.' +\n                   '(' + src[t.NUMERICIDENTIFIER] + ')'\n\ntok('MAINVERSIONLOOSE')\nsrc[t.MAINVERSIONLOOSE] = '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')\\\\.' +\n                        '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')\\\\.' +\n                        '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')'\n\n// ## Pre-release Version Identifier\n// A numeric identifier, or a non-numeric identifier.\n\ntok('PRERELEASEIDENTIFIER')\nsrc[t.PRERELEASEIDENTIFIER] = '(?:' + src[t.NUMERICIDENTIFIER] +\n                            '|' + src[t.NONNUMERICIDENTIFIER] + ')'\n\ntok('PRERELEASEIDENTIFIERLOOSE')\nsrc[t.PRERELEASEIDENTIFIERLOOSE] = '(?:' + src[t.NUMERICIDENTIFIERLOOSE] +\n                                 '|' + src[t.NONNUMERICIDENTIFIER] + ')'\n\n// ## Pre-release Version\n// Hyphen, followed by one or more dot-separated pre-release version\n// identifiers.\n\ntok('PRERELEASE')\nsrc[t.PRERELEASE] = '(?:-(' + src[t.PRERELEASEIDENTIFIER] +\n                  '(?:\\\\.' + src[t.PRERELEASEIDENTIFIER] + ')*))'\n\ntok('PRERELEASELOOSE')\nsrc[t.PRERELEASELOOSE] = '(?:-?(' + src[t.PRERELEASEIDENTIFIERLOOSE] +\n                       '(?:\\\\.' + src[t.PRERELEASEIDENTIFIERLOOSE] + ')*))'\n\n// ## Build Metadata Identifier\n// Any combination of digits, letters, or hyphens.\n\ntok('BUILDIDENTIFIER')\nsrc[t.BUILDIDENTIFIER] = '[0-9A-Za-z-]+'\n\n// ## Build Metadata\n// Plus sign, followed by one or more period-separated build metadata\n// identifiers.\n\ntok('BUILD')\nsrc[t.BUILD] = '(?:\\\\+(' + src[t.BUILDIDENTIFIER] +\n             '(?:\\\\.' + src[t.BUILDIDENTIFIER] + ')*))'\n\n// ## Full Version String\n// A main version, followed optionally by a pre-release version and\n// build metadata.\n\n// Note that the only major, minor, patch, and pre-release sections of\n// the version string are capturing groups.  The build metadata is not a\n// capturing group, because it should not ever be used in version\n// comparison.\n\ntok('FULL')\ntok('FULLPLAIN')\nsrc[t.FULLPLAIN] = 'v?' + src[t.MAINVERSION] +\n                  src[t.PRERELEASE] + '?' +\n                  src[t.BUILD] + '?'\n\nsrc[t.FULL] = '^' + src[t.FULLPLAIN] + '$'\n\n// like full, but allows v1.2.3 and =1.2.3, which people do sometimes.\n// also, 1.0.0alpha1 (prerelease without the hyphen) which is pretty\n// common in the npm registry.\ntok('LOOSEPLAIN')\nsrc[t.LOOSEPLAIN] = '[v=\\\\s]*' + src[t.MAINVERSIONLOOSE] +\n                  src[t.PRERELEASELOOSE] + '?' +\n                  src[t.BUILD] + '?'\n\ntok('LOOSE')\nsrc[t.LOOSE] = '^' + src[t.LOOSEPLAIN] + '$'\n\ntok('GTLT')\nsrc[t.GTLT] = '((?:<|>)?=?)'\n\n// Something like \"2.*\" or \"1.2.x\".\n// Note that \"x.x\" is a valid xRange identifer, meaning \"any version\"\n// Only the first item is strictly required.\ntok('XRANGEIDENTIFIERLOOSE')\nsrc[t.XRANGEIDENTIFIERLOOSE] = src[t.NUMERICIDENTIFIERLOOSE] + '|x|X|\\\\*'\ntok('XRANGEIDENTIFIER')\nsrc[t.XRANGEIDENTIFIER] = src[t.NUMERICIDENTIFIER] + '|x|X|\\\\*'\n\ntok('XRANGEPLAIN')\nsrc[t.XRANGEPLAIN] = '[v=\\\\s]*(' + src[t.XRANGEIDENTIFIER] + ')' +\n                   '(?:\\\\.(' + src[t.XRANGEIDENTIFIER] + ')' +\n                   '(?:\\\\.(' + src[t.XRANGEIDENTIFIER] + ')' +\n                   '(?:' + src[t.PRERELEASE] + ')?' +\n                   src[t.BUILD] + '?' +\n                   ')?)?'\n\ntok('XRANGEPLAINLOOSE')\nsrc[t.XRANGEPLAINLOOSE] = '[v=\\\\s]*(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n                        '(?:\\\\.(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n                        '(?:\\\\.(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n                        '(?:' + src[t.PRERELEASELOOSE] + ')?' +\n                        src[t.BUILD] + '?' +\n                        ')?)?'\n\ntok('XRANGE')\nsrc[t.XRANGE] = '^' + src[t.GTLT] + '\\\\s*' + src[t.XRANGEPLAIN] + '$'\ntok('XRANGELOOSE')\nsrc[t.XRANGELOOSE] = '^' + src[t.GTLT] + '\\\\s*' + src[t.XRANGEPLAINLOOSE] + '$'\n\n// Coercion.\n// Extract anything that could conceivably be a part of a valid semver\ntok('COERCE')\nsrc[t.COERCE] = '(^|[^\\\\d])' +\n              '(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '})' +\n              '(?:\\\\.(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' +\n              '(?:\\\\.(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' +\n              '(?:$|[^\\\\d])'\ntok('COERCERTL')\nre[t.COERCERTL] = new RegExp(src[t.COERCE], 'g')\n\n// Tilde ranges.\n// Meaning is \"reasonably at or greater than\"\ntok('LONETILDE')\nsrc[t.LONETILDE] = '(?:~>?)'\n\ntok('TILDETRIM')\nsrc[t.TILDETRIM] = '(\\\\s*)' + src[t.LONETILDE] + '\\\\s+'\nre[t.TILDETRIM] = new RegExp(src[t.TILDETRIM], 'g')\nvar tildeTrimReplace = '$1~'\n\ntok('TILDE')\nsrc[t.TILDE] = '^' + src[t.LONETILDE] + src[t.XRANGEPLAIN] + '$'\ntok('TILDELOOSE')\nsrc[t.TILDELOOSE] = '^' + src[t.LONETILDE] + src[t.XRANGEPLAINLOOSE] + '$'\n\n// Caret ranges.\n// Meaning is \"at least and backwards compatible with\"\ntok('LONECARET')\nsrc[t.LONECARET] = '(?:\\\\^)'\n\ntok('CARETTRIM')\nsrc[t.CARETTRIM] = '(\\\\s*)' + src[t.LONECARET] + '\\\\s+'\nre[t.CARETTRIM] = new RegExp(src[t.CARETTRIM], 'g')\nvar caretTrimReplace = '$1^'\n\ntok('CARET')\nsrc[t.CARET] = '^' + src[t.LONECARET] + src[t.XRANGEPLAIN] + '$'\ntok('CARETLOOSE')\nsrc[t.CARETLOOSE] = '^' + src[t.LONECARET] + src[t.XRANGEPLAINLOOSE] + '$'\n\n// A simple gt/lt/eq thing, or just \"\" to indicate \"any version\"\ntok('COMPARATORLOOSE')\nsrc[t.COMPARATORLOOSE] = '^' + src[t.GTLT] + '\\\\s*(' + src[t.LOOSEPLAIN] + ')$|^$'\ntok('COMPARATOR')\nsrc[t.COMPARATOR] = '^' + src[t.GTLT] + '\\\\s*(' + src[t.FULLPLAIN] + ')$|^$'\n\n// An expression to strip any whitespace between the gtlt and the thing\n// it modifies, so that `> 1.2.3` ==> `>1.2.3`\ntok('COMPARATORTRIM')\nsrc[t.COMPARATORTRIM] = '(\\\\s*)' + src[t.GTLT] +\n                      '\\\\s*(' + src[t.LOOSEPLAIN] + '|' + src[t.XRANGEPLAIN] + ')'\n\n// this one has to use the /g flag\nre[t.COMPARATORTRIM] = new RegExp(src[t.COMPARATORTRIM], 'g')\nvar comparatorTrimReplace = '$1$2$3'\n\n// Something like `1.2.3 - 1.2.4`\n// Note that these all use the loose form, because they'll be\n// checked against either the strict or loose comparator form\n// later.\ntok('HYPHENRANGE')\nsrc[t.HYPHENRANGE] = '^\\\\s*(' + src[t.XRANGEPLAIN] + ')' +\n                   '\\\\s+-\\\\s+' +\n                   '(' + src[t.XRANGEPLAIN] + ')' +\n                   '\\\\s*$'\n\ntok('HYPHENRANGELOOSE')\nsrc[t.HYPHENRANGELOOSE] = '^\\\\s*(' + src[t.XRANGEPLAINLOOSE] + ')' +\n                        '\\\\s+-\\\\s+' +\n                        '(' + src[t.XRANGEPLAINLOOSE] + ')' +\n                        '\\\\s*$'\n\n// Star ranges basically just allow anything at all.\ntok('STAR')\nsrc[t.STAR] = '(<|>)?=?\\\\s*\\\\*'\n\n// Compile to actual regexp objects.\n// All are flag-free, unless they were created above with a flag.\nfor (var i = 0; i < R; i++) {\n  debug(i, src[i])\n  if (!re[i]) {\n    re[i] = new RegExp(src[i])\n  }\n}\n\nexports.parse = parse\nfunction parse (version, options) {\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n\n  if (version instanceof SemVer) {\n    return version\n  }\n\n  if (typeof version !== 'string') {\n    return null\n  }\n\n  if (version.length > MAX_LENGTH) {\n    return null\n  }\n\n  var r = options.loose ? re[t.LOOSE] : re[t.FULL]\n  if (!r.test(version)) {\n    return null\n  }\n\n  try {\n    return new SemVer(version, options)\n  } catch (er) {\n    return null\n  }\n}\n\nexports.valid = valid\nfunction valid (version, options) {\n  var v = parse(version, options)\n  return v ? v.version : null\n}\n\nexports.clean = clean\nfunction clean (version, options) {\n  var s = parse(version.trim().replace(/^[=v]+/, ''), options)\n  return s ? s.version : null\n}\n\nexports.SemVer = SemVer\n\nfunction SemVer (version, options) {\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n  if (version instanceof SemVer) {\n    if (version.loose === options.loose) {\n      return version\n    } else {\n      version = version.version\n    }\n  } else if (typeof version !== 'string') {\n    throw new TypeError('Invalid Version: ' + version)\n  }\n\n  if (version.length > MAX_LENGTH) {\n    throw new TypeError('version is longer than ' + MAX_LENGTH + ' characters')\n  }\n\n  if (!(this instanceof SemVer)) {\n    return new SemVer(version, options)\n  }\n\n  debug('SemVer', version, options)\n  this.options = options\n  this.loose = !!options.loose\n\n  var m = version.trim().match(options.loose ? re[t.LOOSE] : re[t.FULL])\n\n  if (!m) {\n    throw new TypeError('Invalid Version: ' + version)\n  }\n\n  this.raw = version\n\n  // these are actually numbers\n  this.major = +m[1]\n  this.minor = +m[2]\n  this.patch = +m[3]\n\n  if (this.major > MAX_SAFE_INTEGER || this.major < 0) {\n    throw new TypeError('Invalid major version')\n  }\n\n  if (this.minor > MAX_SAFE_INTEGER || this.minor < 0) {\n    throw new TypeError('Invalid minor version')\n  }\n\n  if (this.patch > MAX_SAFE_INTEGER || this.patch < 0) {\n    throw new TypeError('Invalid patch version')\n  }\n\n  // numberify any prerelease numeric ids\n  if (!m[4]) {\n    this.prerelease = []\n  } else {\n    this.prerelease = m[4].split('.').map(function (id) {\n      if (/^[0-9]+$/.test(id)) {\n        var num = +id\n        if (num >= 0 && num < MAX_SAFE_INTEGER) {\n          return num\n        }\n      }\n      return id\n    })\n  }\n\n  this.build = m[5] ? m[5].split('.') : []\n  this.format()\n}\n\nSemVer.prototype.format = function () {\n  this.version = this.major + '.' + this.minor + '.' + this.patch\n  if (this.prerelease.length) {\n    this.version += '-' + this.prerelease.join('.')\n  }\n  return this.version\n}\n\nSemVer.prototype.toString = function () {\n  return this.version\n}\n\nSemVer.prototype.compare = function (other) {\n  debug('SemVer.compare', this.version, this.options, other)\n  if (!(other instanceof SemVer)) {\n    other = new SemVer(other, this.options)\n  }\n\n  return this.compareMain(other) || this.comparePre(other)\n}\n\nSemVer.prototype.compareMain = function (other) {\n  if (!(other instanceof SemVer)) {\n    other = new SemVer(other, this.options)\n  }\n\n  return compareIdentifiers(this.major, other.major) ||\n         compareIdentifiers(this.minor, other.minor) ||\n         compareIdentifiers(this.patch, other.patch)\n}\n\nSemVer.prototype.comparePre = function (other) {\n  if (!(other instanceof SemVer)) {\n    other = new SemVer(other, this.options)\n  }\n\n  // NOT having a prerelease is > having one\n  if (this.prerelease.length && !other.prerelease.length) {\n    return -1\n  } else if (!this.prerelease.length && other.prerelease.length) {\n    return 1\n  } else if (!this.prerelease.length && !other.prerelease.length) {\n    return 0\n  }\n\n  var i = 0\n  do {\n    var a = this.prerelease[i]\n    var b = other.prerelease[i]\n    debug('prerelease compare', i, a, b)\n    if (a === undefined && b === undefined) {\n      return 0\n    } else if (b === undefined) {\n      return 1\n    } else if (a === undefined) {\n      return -1\n    } else if (a === b) {\n      continue\n    } else {\n      return compareIdentifiers(a, b)\n    }\n  } while (++i)\n}\n\nSemVer.prototype.compareBuild = function (other) {\n  if (!(other instanceof SemVer)) {\n    other = new SemVer(other, this.options)\n  }\n\n  var i = 0\n  do {\n    var a = this.build[i]\n    var b = other.build[i]\n    debug('prerelease compare', i, a, b)\n    if (a === undefined && b === undefined) {\n      return 0\n    } else if (b === undefined) {\n      return 1\n    } else if (a === undefined) {\n      return -1\n    } else if (a === b) {\n      continue\n    } else {\n      return compareIdentifiers(a, b)\n    }\n  } while (++i)\n}\n\n// preminor will bump the version up to the next minor release, and immediately\n// down to pre-release. premajor and prepatch work the same way.\nSemVer.prototype.inc = function (release, identifier) {\n  switch (release) {\n    case 'premajor':\n      this.prerelease.length = 0\n      this.patch = 0\n      this.minor = 0\n      this.major++\n      this.inc('pre', identifier)\n      break\n    case 'preminor':\n      this.prerelease.length = 0\n      this.patch = 0\n      this.minor++\n      this.inc('pre', identifier)\n      break\n    case 'prepatch':\n      // If this is already a prerelease, it will bump to the next version\n      // drop any prereleases that might already exist, since they are not\n      // relevant at this point.\n      this.prerelease.length = 0\n      this.inc('patch', identifier)\n      this.inc('pre', identifier)\n      break\n    // If the input is a non-prerelease version, this acts the same as\n    // prepatch.\n    case 'prerelease':\n      if (this.prerelease.length === 0) {\n        this.inc('patch', identifier)\n      }\n      this.inc('pre', identifier)\n      break\n\n    case 'major':\n      // If this is a pre-major version, bump up to the same major version.\n      // Otherwise increment major.\n      // 1.0.0-5 bumps to 1.0.0\n      // 1.1.0 bumps to 2.0.0\n      if (this.minor !== 0 ||\n          this.patch !== 0 ||\n          this.prerelease.length === 0) {\n        this.major++\n      }\n      this.minor = 0\n      this.patch = 0\n      this.prerelease = []\n      break\n    case 'minor':\n      // If this is a pre-minor version, bump up to the same minor version.\n      // Otherwise increment minor.\n      // 1.2.0-5 bumps to 1.2.0\n      // 1.2.1 bumps to 1.3.0\n      if (this.patch !== 0 || this.prerelease.length === 0) {\n        this.minor++\n      }\n      this.patch = 0\n      this.prerelease = []\n      break\n    case 'patch':\n      // If this is not a pre-release version, it will increment the patch.\n      // If it is a pre-release it will bump up to the same patch version.\n      // 1.2.0-5 patches to 1.2.0\n      // 1.2.0 patches to 1.2.1\n      if (this.prerelease.length === 0) {\n        this.patch++\n      }\n      this.prerelease = []\n      break\n    // This probably shouldn't be used publicly.\n    // 1.0.0 \"pre\" would become 1.0.0-0 which is the wrong direction.\n    case 'pre':\n      if (this.prerelease.length === 0) {\n        this.prerelease = [0]\n      } else {\n        var i = this.prerelease.length\n        while (--i >= 0) {\n          if (typeof this.prerelease[i] === 'number') {\n            this.prerelease[i]++\n            i = -2\n          }\n        }\n        if (i === -1) {\n          // didn't increment anything\n          this.prerelease.push(0)\n        }\n      }\n      if (identifier) {\n        // 1.2.0-beta.1 bumps to 1.2.0-beta.2,\n        // 1.2.0-beta.fooblz or 1.2.0-beta bumps to 1.2.0-beta.0\n        if (this.prerelease[0] === identifier) {\n          if (isNaN(this.prerelease[1])) {\n            this.prerelease = [identifier, 0]\n          }\n        } else {\n          this.prerelease = [identifier, 0]\n        }\n      }\n      break\n\n    default:\n      throw new Error('invalid increment argument: ' + release)\n  }\n  this.format()\n  this.raw = this.version\n  return this\n}\n\nexports.inc = inc\nfunction inc (version, release, loose, identifier) {\n  if (typeof (loose) === 'string') {\n    identifier = loose\n    loose = undefined\n  }\n\n  try {\n    return new SemVer(version, loose).inc(release, identifier).version\n  } catch (er) {\n    return null\n  }\n}\n\nexports.diff = diff\nfunction diff (version1, version2) {\n  if (eq(version1, version2)) {\n    return null\n  } else {\n    var v1 = parse(version1)\n    var v2 = parse(version2)\n    var prefix = ''\n    if (v1.prerelease.length || v2.prerelease.length) {\n      prefix = 'pre'\n      var defaultResult = 'prerelease'\n    }\n    for (var key in v1) {\n      if (key === 'major' || key === 'minor' || key === 'patch') {\n        if (v1[key] !== v2[key]) {\n          return prefix + key\n        }\n      }\n    }\n    return defaultResult // may be undefined\n  }\n}\n\nexports.compareIdentifiers = compareIdentifiers\n\nvar numeric = /^[0-9]+$/\nfunction compareIdentifiers (a, b) {\n  var anum = numeric.test(a)\n  var bnum = numeric.test(b)\n\n  if (anum && bnum) {\n    a = +a\n    b = +b\n  }\n\n  return a === b ? 0\n    : (anum && !bnum) ? -1\n    : (bnum && !anum) ? 1\n    : a < b ? -1\n    : 1\n}\n\nexports.rcompareIdentifiers = rcompareIdentifiers\nfunction rcompareIdentifiers (a, b) {\n  return compareIdentifiers(b, a)\n}\n\nexports.major = major\nfunction major (a, loose) {\n  return new SemVer(a, loose).major\n}\n\nexports.minor = minor\nfunction minor (a, loose) {\n  return new SemVer(a, loose).minor\n}\n\nexports.patch = patch\nfunction patch (a, loose) {\n  return new SemVer(a, loose).patch\n}\n\nexports.compare = compare\nfunction compare (a, b, loose) {\n  return new SemVer(a, loose).compare(new SemVer(b, loose))\n}\n\nexports.compareLoose = compareLoose\nfunction compareLoose (a, b) {\n  return compare(a, b, true)\n}\n\nexports.compareBuild = compareBuild\nfunction compareBuild (a, b, loose) {\n  var versionA = new SemVer(a, loose)\n  var versionB = new SemVer(b, loose)\n  return versionA.compare(versionB) || versionA.compareBuild(versionB)\n}\n\nexports.rcompare = rcompare\nfunction rcompare (a, b, loose) {\n  return compare(b, a, loose)\n}\n\nexports.sort = sort\nfunction sort (list, loose) {\n  return list.sort(function (a, b) {\n    return exports.compareBuild(a, b, loose)\n  })\n}\n\nexports.rsort = rsort\nfunction rsort (list, loose) {\n  return list.sort(function (a, b) {\n    return exports.compareBuild(b, a, loose)\n  })\n}\n\nexports.gt = gt\nfunction gt (a, b, loose) {\n  return compare(a, b, loose) > 0\n}\n\nexports.lt = lt\nfunction lt (a, b, loose) {\n  return compare(a, b, loose) < 0\n}\n\nexports.eq = eq\nfunction eq (a, b, loose) {\n  return compare(a, b, loose) === 0\n}\n\nexports.neq = neq\nfunction neq (a, b, loose) {\n  return compare(a, b, loose) !== 0\n}\n\nexports.gte = gte\nfunction gte (a, b, loose) {\n  return compare(a, b, loose) >= 0\n}\n\nexports.lte = lte\nfunction lte (a, b, loose) {\n  return compare(a, b, loose) <= 0\n}\n\nexports.cmp = cmp\nfunction cmp (a, op, b, loose) {\n  switch (op) {\n    case '===':\n      if (typeof a === 'object')\n        a = a.version\n      if (typeof b === 'object')\n        b = b.version\n      return a === b\n\n    case '!==':\n      if (typeof a === 'object')\n        a = a.version\n      if (typeof b === 'object')\n        b = b.version\n      return a !== b\n\n    case '':\n    case '=':\n    case '==':\n      return eq(a, b, loose)\n\n    case '!=':\n      return neq(a, b, loose)\n\n    case '>':\n      return gt(a, b, loose)\n\n    case '>=':\n      return gte(a, b, loose)\n\n    case '<':\n      return lt(a, b, loose)\n\n    case '<=':\n      return lte(a, b, loose)\n\n    default:\n      throw new TypeError('Invalid operator: ' + op)\n  }\n}\n\nexports.Comparator = Comparator\nfunction Comparator (comp, options) {\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n\n  if (comp instanceof Comparator) {\n    if (comp.loose === !!options.loose) {\n      return comp\n    } else {\n      comp = comp.value\n    }\n  }\n\n  if (!(this instanceof Comparator)) {\n    return new Comparator(comp, options)\n  }\n\n  debug('comparator', comp, options)\n  this.options = options\n  this.loose = !!options.loose\n  this.parse(comp)\n\n  if (this.semver === ANY) {\n    this.value = ''\n  } else {\n    this.value = this.operator + this.semver.version\n  }\n\n  debug('comp', this)\n}\n\nvar ANY = {}\nComparator.prototype.parse = function (comp) {\n  var r = this.options.loose ? re[t.COMPARATORLOOSE] : re[t.COMPARATOR]\n  var m = comp.match(r)\n\n  if (!m) {\n    throw new TypeError('Invalid comparator: ' + comp)\n  }\n\n  this.operator = m[1] !== undefined ? m[1] : ''\n  if (this.operator === '=') {\n    this.operator = ''\n  }\n\n  // if it literally is just '>' or '' then allow anything.\n  if (!m[2]) {\n    this.semver = ANY\n  } else {\n    this.semver = new SemVer(m[2], this.options.loose)\n  }\n}\n\nComparator.prototype.toString = function () {\n  return this.value\n}\n\nComparator.prototype.test = function (version) {\n  debug('Comparator.test', version, this.options.loose)\n\n  if (this.semver === ANY || version === ANY) {\n    return true\n  }\n\n  if (typeof version === 'string') {\n    try {\n      version = new SemVer(version, this.options)\n    } catch (er) {\n      return false\n    }\n  }\n\n  return cmp(version, this.operator, this.semver, this.options)\n}\n\nComparator.prototype.intersects = function (comp, options) {\n  if (!(comp instanceof Comparator)) {\n    throw new TypeError('a Comparator is required')\n  }\n\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n\n  var rangeTmp\n\n  if (this.operator === '') {\n    if (this.value === '') {\n      return true\n    }\n    rangeTmp = new Range(comp.value, options)\n    return satisfies(this.value, rangeTmp, options)\n  } else if (comp.operator === '') {\n    if (comp.value === '') {\n      return true\n    }\n    rangeTmp = new Range(this.value, options)\n    return satisfies(comp.semver, rangeTmp, options)\n  }\n\n  var sameDirectionIncreasing =\n    (this.operator === '>=' || this.operator === '>') &&\n    (comp.operator === '>=' || comp.operator === '>')\n  var sameDirectionDecreasing =\n    (this.operator === '<=' || this.operator === '<') &&\n    (comp.operator === '<=' || comp.operator === '<')\n  var sameSemVer = this.semver.version === comp.semver.version\n  var differentDirectionsInclusive =\n    (this.operator === '>=' || this.operator === '<=') &&\n    (comp.operator === '>=' || comp.operator === '<=')\n  var oppositeDirectionsLessThan =\n    cmp(this.semver, '<', comp.semver, options) &&\n    ((this.operator === '>=' || this.operator === '>') &&\n    (comp.operator === '<=' || comp.operator === '<'))\n  var oppositeDirectionsGreaterThan =\n    cmp(this.semver, '>', comp.semver, options) &&\n    ((this.operator === '<=' || this.operator === '<') &&\n    (comp.operator === '>=' || comp.operator === '>'))\n\n  return sameDirectionIncreasing || sameDirectionDecreasing ||\n    (sameSemVer && differentDirectionsInclusive) ||\n    oppositeDirectionsLessThan || oppositeDirectionsGreaterThan\n}\n\nexports.Range = Range\nfunction Range (range, options) {\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n\n  if (range instanceof Range) {\n    if (range.loose === !!options.loose &&\n        range.includePrerelease === !!options.includePrerelease) {\n      return range\n    } else {\n      return new Range(range.raw, options)\n    }\n  }\n\n  if (range instanceof Comparator) {\n    return new Range(range.value, options)\n  }\n\n  if (!(this instanceof Range)) {\n    return new Range(range, options)\n  }\n\n  this.options = options\n  this.loose = !!options.loose\n  this.includePrerelease = !!options.includePrerelease\n\n  // First, split based on boolean or ||\n  this.raw = range\n  this.set = range.split(/\\s*\\|\\|\\s*/).map(function (range) {\n    return this.parseRange(range.trim())\n  }, this).filter(function (c) {\n    // throw out any that are not relevant for whatever reason\n    return c.length\n  })\n\n  if (!this.set.length) {\n    throw new TypeError('Invalid SemVer Range: ' + range)\n  }\n\n  this.format()\n}\n\nRange.prototype.format = function () {\n  this.range = this.set.map(function (comps) {\n    return comps.join(' ').trim()\n  }).join('||').trim()\n  return this.range\n}\n\nRange.prototype.toString = function () {\n  return this.range\n}\n\nRange.prototype.parseRange = function (range) {\n  var loose = this.options.loose\n  range = range.trim()\n  // `1.2.3 - 1.2.4` => `>=1.2.3 <=1.2.4`\n  var hr = loose ? re[t.HYPHENRANGELOOSE] : re[t.HYPHENRANGE]\n  range = range.replace(hr, hyphenReplace)\n  debug('hyphen replace', range)\n  // `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5`\n  range = range.replace(re[t.COMPARATORTRIM], comparatorTrimReplace)\n  debug('comparator trim', range, re[t.COMPARATORTRIM])\n\n  // `~ 1.2.3` => `~1.2.3`\n  range = range.replace(re[t.TILDETRIM], tildeTrimReplace)\n\n  // `^ 1.2.3` => `^1.2.3`\n  range = range.replace(re[t.CARETTRIM], caretTrimReplace)\n\n  // normalize spaces\n  range = range.split(/\\s+/).join(' ')\n\n  // At this point, the range is completely trimmed and\n  // ready to be split into comparators.\n\n  var compRe = loose ? re[t.COMPARATORLOOSE] : re[t.COMPARATOR]\n  var set = range.split(' ').map(function (comp) {\n    return parseComparator(comp, this.options)\n  }, this).join(' ').split(/\\s+/)\n  if (this.options.loose) {\n    // in loose mode, throw out any that are not valid comparators\n    set = set.filter(function (comp) {\n      return !!comp.match(compRe)\n    })\n  }\n  set = set.map(function (comp) {\n    return new Comparator(comp, this.options)\n  }, this)\n\n  return set\n}\n\nRange.prototype.intersects = function (range, options) {\n  if (!(range instanceof Range)) {\n    throw new TypeError('a Range is required')\n  }\n\n  return this.set.some(function (thisComparators) {\n    return (\n      isSatisfiable(thisComparators, options) &&\n      range.set.some(function (rangeComparators) {\n        return (\n          isSatisfiable(rangeComparators, options) &&\n          thisComparators.every(function (thisComparator) {\n            return rangeComparators.every(function (rangeComparator) {\n              return thisComparator.intersects(rangeComparator, options)\n            })\n          })\n        )\n      })\n    )\n  })\n}\n\n// take a set of comparators and determine whether there\n// exists a version which can satisfy it\nfunction isSatisfiable (comparators, options) {\n  var result = true\n  var remainingComparators = comparators.slice()\n  var testComparator = remainingComparators.pop()\n\n  while (result && remainingComparators.length) {\n    result = remainingComparators.every(function (otherComparator) {\n      return testComparator.intersects(otherComparator, options)\n    })\n\n    testComparator = remainingComparators.pop()\n  }\n\n  return result\n}\n\n// Mostly just for testing and legacy API reasons\nexports.toComparators = toComparators\nfunction toComparators (range, options) {\n  return new Range(range, options).set.map(function (comp) {\n    return comp.map(function (c) {\n      return c.value\n    }).join(' ').trim().split(' ')\n  })\n}\n\n// comprised of xranges, tildes, stars, and gtlt's at this point.\n// already replaced the hyphen ranges\n// turn into a set of JUST comparators.\nfunction parseComparator (comp, options) {\n  debug('comp', comp, options)\n  comp = replaceCarets(comp, options)\n  debug('caret', comp)\n  comp = replaceTildes(comp, options)\n  debug('tildes', comp)\n  comp = replaceXRanges(comp, options)\n  debug('xrange', comp)\n  comp = replaceStars(comp, options)\n  debug('stars', comp)\n  return comp\n}\n\nfunction isX (id) {\n  return !id || id.toLowerCase() === 'x' || id === '*'\n}\n\n// ~, ~> --> * (any, kinda silly)\n// ~2, ~2.x, ~2.x.x, ~>2, ~>2.x ~>2.x.x --> >=2.0.0 <3.0.0\n// ~2.0, ~2.0.x, ~>2.0, ~>2.0.x --> >=2.0.0 <2.1.0\n// ~1.2, ~1.2.x, ~>1.2, ~>1.2.x --> >=1.2.0 <1.3.0\n// ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0\n// ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0\nfunction replaceTildes (comp, options) {\n  return comp.trim().split(/\\s+/).map(function (comp) {\n    return replaceTilde(comp, options)\n  }).join(' ')\n}\n\nfunction replaceTilde (comp, options) {\n  var r = options.loose ? re[t.TILDELOOSE] : re[t.TILDE]\n  return comp.replace(r, function (_, M, m, p, pr) {\n    debug('tilde', comp, _, M, m, p, pr)\n    var ret\n\n    if (isX(M)) {\n      ret = ''\n    } else if (isX(m)) {\n      ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'\n    } else if (isX(p)) {\n      // ~1.2 == >=1.2.0 <1.3.0\n      ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'\n    } else if (pr) {\n      debug('replaceTilde pr', pr)\n      ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n            ' <' + M + '.' + (+m + 1) + '.0'\n    } else {\n      // ~1.2.3 == >=1.2.3 <1.3.0\n      ret = '>=' + M + '.' + m + '.' + p +\n            ' <' + M + '.' + (+m + 1) + '.0'\n    }\n\n    debug('tilde return', ret)\n    return ret\n  })\n}\n\n// ^ --> * (any, kinda silly)\n// ^2, ^2.x, ^2.x.x --> >=2.0.0 <3.0.0\n// ^2.0, ^2.0.x --> >=2.0.0 <3.0.0\n// ^1.2, ^1.2.x --> >=1.2.0 <2.0.0\n// ^1.2.3 --> >=1.2.3 <2.0.0\n// ^1.2.0 --> >=1.2.0 <2.0.0\nfunction replaceCarets (comp, options) {\n  return comp.trim().split(/\\s+/).map(function (comp) {\n    return replaceCaret(comp, options)\n  }).join(' ')\n}\n\nfunction replaceCaret (comp, options) {\n  debug('caret', comp, options)\n  var r = options.loose ? re[t.CARETLOOSE] : re[t.CARET]\n  return comp.replace(r, function (_, M, m, p, pr) {\n    debug('caret', comp, _, M, m, p, pr)\n    var ret\n\n    if (isX(M)) {\n      ret = ''\n    } else if (isX(m)) {\n      ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'\n    } else if (isX(p)) {\n      if (M === '0') {\n        ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'\n      } else {\n        ret = '>=' + M + '.' + m + '.0 <' + (+M + 1) + '.0.0'\n      }\n    } else if (pr) {\n      debug('replaceCaret pr', pr)\n      if (M === '0') {\n        if (m === '0') {\n          ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n                ' <' + M + '.' + m + '.' + (+p + 1)\n        } else {\n          ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n                ' <' + M + '.' + (+m + 1) + '.0'\n        }\n      } else {\n        ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n              ' <' + (+M + 1) + '.0.0'\n      }\n    } else {\n      debug('no pr')\n      if (M === '0') {\n        if (m === '0') {\n          ret = '>=' + M + '.' + m + '.' + p +\n                ' <' + M + '.' + m + '.' + (+p + 1)\n        } else {\n          ret = '>=' + M + '.' + m + '.' + p +\n                ' <' + M + '.' + (+m + 1) + '.0'\n        }\n      } else {\n        ret = '>=' + M + '.' + m + '.' + p +\n              ' <' + (+M + 1) + '.0.0'\n      }\n    }\n\n    debug('caret return', ret)\n    return ret\n  })\n}\n\nfunction replaceXRanges (comp, options) {\n  debug('replaceXRanges', comp, options)\n  return comp.split(/\\s+/).map(function (comp) {\n    return replaceXRange(comp, options)\n  }).join(' ')\n}\n\nfunction replaceXRange (comp, options) {\n  comp = comp.trim()\n  var r = options.loose ? re[t.XRANGELOOSE] : re[t.XRANGE]\n  return comp.replace(r, function (ret, gtlt, M, m, p, pr) {\n    debug('xRange', comp, ret, gtlt, M, m, p, pr)\n    var xM = isX(M)\n    var xm = xM || isX(m)\n    var xp = xm || isX(p)\n    var anyX = xp\n\n    if (gtlt === '=' && anyX) {\n      gtlt = ''\n    }\n\n    // if we're including prereleases in the match, then we need\n    // to fix this to -0, the lowest possible prerelease value\n    pr = options.includePrerelease ? '-0' : ''\n\n    if (xM) {\n      if (gtlt === '>' || gtlt === '<') {\n        // nothing is allowed\n        ret = '<0.0.0-0'\n      } else {\n        // nothing is forbidden\n        ret = '*'\n      }\n    } else if (gtlt && anyX) {\n      // we know patch is an x, because we have any x at all.\n      // replace X with 0\n      if (xm) {\n        m = 0\n      }\n      p = 0\n\n      if (gtlt === '>') {\n        // >1 => >=2.0.0\n        // >1.2 => >=1.3.0\n        // >1.2.3 => >= 1.2.4\n        gtlt = '>='\n        if (xm) {\n          M = +M + 1\n          m = 0\n          p = 0\n        } else {\n          m = +m + 1\n          p = 0\n        }\n      } else if (gtlt === '<=') {\n        // <=0.7.x is actually <0.8.0, since any 0.7.x should\n        // pass.  Similarly, <=7.x is actually <8.0.0, etc.\n        gtlt = '<'\n        if (xm) {\n          M = +M + 1\n        } else {\n          m = +m + 1\n        }\n      }\n\n      ret = gtlt + M + '.' + m + '.' + p + pr\n    } else if (xm) {\n      ret = '>=' + M + '.0.0' + pr + ' <' + (+M + 1) + '.0.0' + pr\n    } else if (xp) {\n      ret = '>=' + M + '.' + m + '.0' + pr +\n        ' <' + M + '.' + (+m + 1) + '.0' + pr\n    }\n\n    debug('xRange return', ret)\n\n    return ret\n  })\n}\n\n// Because * is AND-ed with everything else in the comparator,\n// and '' means \"any version\", just remove the *s entirely.\nfunction replaceStars (comp, options) {\n  debug('replaceStars', comp, options)\n  // Looseness is ignored here.  star is always as loose as it gets!\n  return comp.trim().replace(re[t.STAR], '')\n}\n\n// This function is passed to string.replace(re[t.HYPHENRANGE])\n// M, m, patch, prerelease, build\n// 1.2 - 3.4.5 => >=1.2.0 <=3.4.5\n// 1.2.3 - 3.4 => >=1.2.0 <3.5.0 Any 3.4.x will do\n// 1.2 - 3.4 => >=1.2.0 <3.5.0\nfunction hyphenReplace ($0,\n  from, fM, fm, fp, fpr, fb,\n  to, tM, tm, tp, tpr, tb) {\n  if (isX(fM)) {\n    from = ''\n  } else if (isX(fm)) {\n    from = '>=' + fM + '.0.0'\n  } else if (isX(fp)) {\n    from = '>=' + fM + '.' + fm + '.0'\n  } else {\n    from = '>=' + from\n  }\n\n  if (isX(tM)) {\n    to = ''\n  } else if (isX(tm)) {\n    to = '<' + (+tM + 1) + '.0.0'\n  } else if (isX(tp)) {\n    to = '<' + tM + '.' + (+tm + 1) + '.0'\n  } else if (tpr) {\n    to = '<=' + tM + '.' + tm + '.' + tp + '-' + tpr\n  } else {\n    to = '<=' + to\n  }\n\n  return (from + ' ' + to).trim()\n}\n\n// if ANY of the sets match ALL of its comparators, then pass\nRange.prototype.test = function (version) {\n  if (!version) {\n    return false\n  }\n\n  if (typeof version === 'string') {\n    try {\n      version = new SemVer(version, this.options)\n    } catch (er) {\n      return false\n    }\n  }\n\n  for (var i = 0; i < this.set.length; i++) {\n    if (testSet(this.set[i], version, this.options)) {\n      return true\n    }\n  }\n  return false\n}\n\nfunction testSet (set, version, options) {\n  for (var i = 0; i < set.length; i++) {\n    if (!set[i].test(version)) {\n      return false\n    }\n  }\n\n  if (version.prerelease.length && !options.includePrerelease) {\n    // Find the set of versions that are allowed to have prereleases\n    // For example, ^1.2.3-pr.1 desugars to >=1.2.3-pr.1 <2.0.0\n    // That should allow `1.2.3-pr.2` to pass.\n    // However, `1.2.4-alpha.notready` should NOT be allowed,\n    // even though it's within the range set by the comparators.\n    for (i = 0; i < set.length; i++) {\n      debug(set[i].semver)\n      if (set[i].semver === ANY) {\n        continue\n      }\n\n      if (set[i].semver.prerelease.length > 0) {\n        var allowed = set[i].semver\n        if (allowed.major === version.major &&\n            allowed.minor === version.minor &&\n            allowed.patch === version.patch) {\n          return true\n        }\n      }\n    }\n\n    // Version has a -pre, but it's not one of the ones we like.\n    return false\n  }\n\n  return true\n}\n\nexports.satisfies = satisfies\nfunction satisfies (version, range, options) {\n  try {\n    range = new Range(range, options)\n  } catch (er) {\n    return false\n  }\n  return range.test(version)\n}\n\nexports.maxSatisfying = maxSatisfying\nfunction maxSatisfying (versions, range, options) {\n  var max = null\n  var maxSV = null\n  try {\n    var rangeObj = new Range(range, options)\n  } catch (er) {\n    return null\n  }\n  versions.forEach(function (v) {\n    if (rangeObj.test(v)) {\n      // satisfies(v, range, options)\n      if (!max || maxSV.compare(v) === -1) {\n        // compare(max, v, true)\n        max = v\n        maxSV = new SemVer(max, options)\n      }\n    }\n  })\n  return max\n}\n\nexports.minSatisfying = minSatisfying\nfunction minSatisfying (versions, range, options) {\n  var min = null\n  var minSV = null\n  try {\n    var rangeObj = new Range(range, options)\n  } catch (er) {\n    return null\n  }\n  versions.forEach(function (v) {\n    if (rangeObj.test(v)) {\n      // satisfies(v, range, options)\n      if (!min || minSV.compare(v) === 1) {\n        // compare(min, v, true)\n        min = v\n        minSV = new SemVer(min, options)\n      }\n    }\n  })\n  return min\n}\n\nexports.minVersion = minVersion\nfunction minVersion (range, loose) {\n  range = new Range(range, loose)\n\n  var minver = new SemVer('0.0.0')\n  if (range.test(minver)) {\n    return minver\n  }\n\n  minver = new SemVer('0.0.0-0')\n  if (range.test(minver)) {\n    return minver\n  }\n\n  minver = null\n  for (var i = 0; i < range.set.length; ++i) {\n    var comparators = range.set[i]\n\n    comparators.forEach(function (comparator) {\n      // Clone to avoid manipulating the comparator's semver object.\n      var compver = new SemVer(comparator.semver.version)\n      switch (comparator.operator) {\n        case '>':\n          if (compver.prerelease.length === 0) {\n            compver.patch++\n          } else {\n            compver.prerelease.push(0)\n          }\n          compver.raw = compver.format()\n          /* fallthrough */\n        case '':\n        case '>=':\n          if (!minver || gt(minver, compver)) {\n            minver = compver\n          }\n          break\n        case '<':\n        case '<=':\n          /* Ignore maximum versions */\n          break\n        /* istanbul ignore next */\n        default:\n          throw new Error('Unexpected operation: ' + comparator.operator)\n      }\n    })\n  }\n\n  if (minver && range.test(minver)) {\n    return minver\n  }\n\n  return null\n}\n\nexports.validRange = validRange\nfunction validRange (range, options) {\n  try {\n    // Return '*' instead of '' so that truthiness works.\n    // This will throw if it's invalid anyway\n    return new Range(range, options).range || '*'\n  } catch (er) {\n    return null\n  }\n}\n\n// Determine if version is less than all the versions possible in the range\nexports.ltr = ltr\nfunction ltr (version, range, options) {\n  return outside(version, range, '<', options)\n}\n\n// Determine if version is greater than all the versions possible in the range.\nexports.gtr = gtr\nfunction gtr (version, range, options) {\n  return outside(version, range, '>', options)\n}\n\nexports.outside = outside\nfunction outside (version, range, hilo, options) {\n  version = new SemVer(version, options)\n  range = new Range(range, options)\n\n  var gtfn, ltefn, ltfn, comp, ecomp\n  switch (hilo) {\n    case '>':\n      gtfn = gt\n      ltefn = lte\n      ltfn = lt\n      comp = '>'\n      ecomp = '>='\n      break\n    case '<':\n      gtfn = lt\n      ltefn = gte\n      ltfn = gt\n      comp = '<'\n      ecomp = '<='\n      break\n    default:\n      throw new TypeError('Must provide a hilo val of \"<\" or \">\"')\n  }\n\n  // If it satisifes the range it is not outside\n  if (satisfies(version, range, options)) {\n    return false\n  }\n\n  // From now on, variable terms are as if we're in \"gtr\" mode.\n  // but note that everything is flipped for the \"ltr\" function.\n\n  for (var i = 0; i < range.set.length; ++i) {\n    var comparators = range.set[i]\n\n    var high = null\n    var low = null\n\n    comparators.forEach(function (comparator) {\n      if (comparator.semver === ANY) {\n        comparator = new Comparator('>=0.0.0')\n      }\n      high = high || comparator\n      low = low || comparator\n      if (gtfn(comparator.semver, high.semver, options)) {\n        high = comparator\n      } else if (ltfn(comparator.semver, low.semver, options)) {\n        low = comparator\n      }\n    })\n\n    // If the edge version comparator has a operator then our version\n    // isn't outside it\n    if (high.operator === comp || high.operator === ecomp) {\n      return false\n    }\n\n    // If the lowest version comparator has an operator and our version\n    // is less than it then it isn't higher than the range\n    if ((!low.operator || low.operator === comp) &&\n        ltefn(version, low.semver)) {\n      return false\n    } else if (low.operator === ecomp && ltfn(version, low.semver)) {\n      return false\n    }\n  }\n  return true\n}\n\nexports.prerelease = prerelease\nfunction prerelease (version, options) {\n  var parsed = parse(version, options)\n  return (parsed && parsed.prerelease.length) ? parsed.prerelease : null\n}\n\nexports.intersects = intersects\nfunction intersects (r1, r2, options) {\n  r1 = new Range(r1, options)\n  r2 = new Range(r2, options)\n  return r1.intersects(r2)\n}\n\nexports.coerce = coerce\nfunction coerce (version, options) {\n  if (version instanceof SemVer) {\n    return version\n  }\n\n  if (typeof version === 'number') {\n    version = String(version)\n  }\n\n  if (typeof version !== 'string') {\n    return null\n  }\n\n  options = options || {}\n\n  var match = null\n  if (!options.rtl) {\n    match = version.match(re[t.COERCE])\n  } else {\n    // Find the right-most coercible string that does not share\n    // a terminus with a more left-ward coercible string.\n    // Eg, '1.2.3.4' wants to coerce '2.3.4', not '3.4' or '4'\n    //\n    // Walk through the string checking with a /g regexp\n    // Manually set the index so as to pick up overlapping matches.\n    // Stop when we get a match that ends at the string end, since no\n    // coercible string can be more right-ward without the same terminus.\n    var next\n    while ((next = re[t.COERCERTL].exec(version)) &&\n      (!match || match.index + match[0].length !== version.length)\n    ) {\n      if (!match ||\n          next.index + next[0].length !== match.index + match[0].length) {\n        match = next\n      }\n      re[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length\n    }\n    // leave it in a clean state\n    re[t.COERCERTL].lastIndex = -1\n  }\n\n  if (match === null) {\n    return null\n  }\n\n  return parse(match[2] +\n    '.' + (match[3] || '0') +\n    '.' + (match[4] || '0'), options)\n}\n","module.exports = shellescape;\n\n// return a shell compatible format\nfunction shellescape(a) {\n  var ret = [];\n\n  a.forEach(function(s) {\n    if (!/^[A-Za-z0-9_\\/-]+$/.test(s)) {\n      s = \"'\"+s.replace(/'/g,\"'\\\\''\")+\"'\";\n      s = s.replace(/^(?:'')+/g, '') // unduplicate single-quote at the beginning\n        .replace(/\\\\'''/g, \"\\\\'\" ); // remove non-escaped single-quote if there are enclosed between 2 escaped\n    }\n    ret.push(s);\n  });\n\n  return ret.join(' ');\n}\n","'use strict';\n\nconst {\n  Duplex: DuplexStream,\n  Readable: ReadableStream,\n  Writable: WritableStream,\n} = require('stream');\n\nconst {\n  CHANNEL_EXTENDED_DATATYPE: { STDERR },\n} = require('./protocol/constants.js');\nconst { bufferSlice } = require('./protocol/utils.js');\n\nconst PACKET_SIZE = 32 * 1024;\nconst MAX_WINDOW = 2 * 1024 * 1024;\nconst WINDOW_THRESHOLD = MAX_WINDOW / 2;\n\nclass ClientStderr extends ReadableStream {\n  constructor(channel, streamOpts) {\n    super(streamOpts);\n\n    this._channel = channel;\n  }\n  _read(n) {\n    if (this._channel._waitChanDrain) {\n      this._channel._waitChanDrain = false;\n      if (this._channel.incoming.window <= WINDOW_THRESHOLD)\n        windowAdjust(this._channel);\n    }\n  }\n}\n\nclass ServerStderr extends WritableStream {\n  constructor(channel) {\n    super({ highWaterMark: MAX_WINDOW });\n\n    this._channel = channel;\n  }\n\n  _write(data, encoding, cb) {\n    const channel = this._channel;\n    const protocol = channel._client._protocol;\n    const outgoing = channel.outgoing;\n    const packetSize = outgoing.packetSize;\n    const id = outgoing.id;\n    let window = outgoing.window;\n    const len = data.length;\n    let p = 0;\n\n    if (outgoing.state !== 'open')\n      return;\n\n    while (len - p > 0 && window > 0) {\n      let sliceLen = len - p;\n      if (sliceLen > window)\n        sliceLen = window;\n      if (sliceLen > packetSize)\n        sliceLen = packetSize;\n\n      if (p === 0 && sliceLen === len)\n        protocol.channelExtData(id, data, STDERR);\n      else\n        protocol.channelExtData(id, bufferSlice(data, p, p + sliceLen), STDERR);\n\n      p += sliceLen;\n      window -= sliceLen;\n    }\n\n    outgoing.window = window;\n\n    if (len - p > 0) {\n      if (window === 0)\n        channel._waitWindow = true;\n      if (p > 0)\n        channel._chunkErr = bufferSlice(data, p, len);\n      else\n        channel._chunkErr = data;\n      channel._chunkcbErr = cb;\n      return;\n    }\n\n    cb();\n  }\n}\n\nclass Channel extends DuplexStream {\n  constructor(client, info, opts) {\n    const streamOpts = {\n      highWaterMark: MAX_WINDOW,\n      allowHalfOpen: (!opts || (opts && opts.allowHalfOpen !== false)),\n      emitClose: false,\n    };\n    super(streamOpts);\n    this.allowHalfOpen = streamOpts.allowHalfOpen;\n\n    const server = !!(opts && opts.server);\n\n    this.server = server;\n    this.type = info.type;\n    this.subtype = undefined;\n\n    /*\n      incoming and outgoing contain these properties:\n      {\n        id: undefined,\n        window: undefined,\n        packetSize: undefined,\n        state: 'closed'\n      }\n    */\n    this.incoming = info.incoming;\n    this.outgoing = info.outgoing;\n    this._callbacks = [];\n\n    this._client = client;\n    this._hasX11 = false;\n    this._exit = {\n      code: undefined,\n      signal: undefined,\n      dump: undefined,\n      desc: undefined,\n    };\n\n    this.stdin = this.stdout = this;\n\n    if (server)\n      this.stderr = new ServerStderr(this);\n    else\n      this.stderr = new ClientStderr(this, streamOpts);\n\n    // Outgoing data\n    this._waitWindow = false; // SSH-level backpressure\n\n    // Incoming data\n    this._waitChanDrain = false; // Channel Readable side backpressure\n\n    this._chunk = undefined;\n    this._chunkcb = undefined;\n    this._chunkErr = undefined;\n    this._chunkcbErr = undefined;\n\n    this.on('finish', onFinish)\n        .on('prefinish', onFinish); // For node v0.11+\n\n    this.on('end', onEnd).on('close', onEnd);\n  }\n\n  _read(n) {\n    if (this._waitChanDrain) {\n      this._waitChanDrain = false;\n      if (this.incoming.window <= WINDOW_THRESHOLD)\n        windowAdjust(this);\n    }\n  }\n\n  _write(data, encoding, cb) {\n    const protocol = this._client._protocol;\n    const outgoing = this.outgoing;\n    const packetSize = outgoing.packetSize;\n    const id = outgoing.id;\n    let window = outgoing.window;\n    const len = data.length;\n    let p = 0;\n\n    if (outgoing.state !== 'open')\n      return;\n\n    while (len - p > 0 && window > 0) {\n      let sliceLen = len - p;\n      if (sliceLen > window)\n        sliceLen = window;\n      if (sliceLen > packetSize)\n        sliceLen = packetSize;\n\n      if (p === 0 && sliceLen === len)\n        protocol.channelData(id, data);\n      else\n        protocol.channelData(id, bufferSlice(data, p, p + sliceLen));\n\n      p += sliceLen;\n      window -= sliceLen;\n    }\n\n    outgoing.window = window;\n\n    if (len - p > 0) {\n      if (window === 0)\n        this._waitWindow = true;\n      if (p > 0)\n        this._chunk = bufferSlice(data, p, len);\n      else\n        this._chunk = data;\n      this._chunkcb = cb;\n      return;\n    }\n\n    cb();\n  }\n\n  eof() {\n    if (this.outgoing.state === 'open') {\n      this.outgoing.state = 'eof';\n      this._client._protocol.channelEOF(this.outgoing.id);\n    }\n  }\n\n  close() {\n    if (this.outgoing.state === 'open' || this.outgoing.state === 'eof') {\n      this.outgoing.state = 'closing';\n      this._client._protocol.channelClose(this.outgoing.id);\n    }\n  }\n\n  destroy() {\n    this.end();\n    this.close();\n    return this;\n  }\n\n  // Session type-specific methods =============================================\n  setWindow(rows, cols, height, width) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (this.type === 'session'\n        && (this.subtype === 'shell' || this.subtype === 'exec')\n        && this.writable\n        && this.outgoing.state === 'open') {\n      this._client._protocol.windowChange(this.outgoing.id,\n                                          rows,\n                                          cols,\n                                          height,\n                                          width);\n    }\n  }\n\n  signal(signalName) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (this.type === 'session'\n        && this.writable\n        && this.outgoing.state === 'open') {\n      this._client._protocol.signal(this.outgoing.id, signalName);\n    }\n  }\n\n  exit(statusOrSignal, coreDumped, msg) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (this.type === 'session'\n        && this.writable\n        && this.outgoing.state === 'open') {\n      if (typeof statusOrSignal === 'number') {\n        this._client._protocol.exitStatus(this.outgoing.id, statusOrSignal);\n      } else {\n        this._client._protocol.exitSignal(this.outgoing.id,\n                                          statusOrSignal,\n                                          coreDumped,\n                                          msg);\n      }\n    }\n  }\n\n}\n\nfunction onFinish() {\n  this.eof();\n  if (this.server || !this.allowHalfOpen)\n    this.close();\n  this.writable = false;\n}\n\nfunction onEnd() {\n  this.readable = false;\n}\n\nfunction windowAdjust(self) {\n  if (self.outgoing.state === 'closed')\n    return;\n  const amt = MAX_WINDOW - self.incoming.window;\n  if (amt <= 0)\n    return;\n  self.incoming.window += amt;\n  self._client._protocol.channelWindowAdjust(self.outgoing.id, amt);\n}\n\nmodule.exports = {\n  Channel,\n  MAX_WINDOW,\n  PACKET_SIZE,\n  windowAdjust,\n  WINDOW_THRESHOLD,\n};\n",null,"// TODO:\n//    * add `.connected` or similar property to allow immediate connection\n//      status checking\n//    * add/improve debug output during user authentication phase\n'use strict';\n\nconst {\n  createHash,\n  getHashes,\n  randomFillSync,\n} = require('crypto');\nconst { Socket } = require('net');\nconst { lookup: dnsLookup } = require('dns');\nconst EventEmitter = require('events');\nconst HASHES = getHashes();\n\nconst {\n  COMPAT,\n  CHANNEL_EXTENDED_DATATYPE: { STDERR },\n  CHANNEL_OPEN_FAILURE,\n  DEFAULT_CIPHER,\n  DEFAULT_COMPRESSION,\n  DEFAULT_KEX,\n  DEFAULT_MAC,\n  DEFAULT_SERVER_HOST_KEY,\n  DISCONNECT_REASON,\n  DISCONNECT_REASON_BY_VALUE,\n  SUPPORTED_CIPHER,\n  SUPPORTED_COMPRESSION,\n  SUPPORTED_KEX,\n  SUPPORTED_MAC,\n  SUPPORTED_SERVER_HOST_KEY,\n} = require('./protocol/constants.js');\nconst { init: cryptoInit } = require('./protocol/crypto.js');\nconst Protocol = require('./protocol/Protocol.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst { SFTP } = require('./protocol/SFTP.js');\nconst {\n  bufferCopy,\n  makeBufferParser,\n  makeError,\n  readUInt32BE,\n  sigSSHToASN1,\n  writeUInt32BE,\n} = require('./protocol/utils.js');\n\nconst { AgentContext, createAgent, isAgent } = require('./agent.js');\nconst {\n  Channel,\n  MAX_WINDOW,\n  PACKET_SIZE,\n  windowAdjust,\n  WINDOW_THRESHOLD,\n} = require('./Channel.js');\nconst {\n  ChannelManager,\n  generateAlgorithmList,\n  isWritable,\n  onChannelOpenFailure,\n  onCHANNEL_CLOSE,\n} = require('./utils.js');\n\nconst bufferParser = makeBufferParser();\nconst sigParser = makeBufferParser();\nconst RE_OPENSSH = /^OpenSSH_(?:(?![0-4])\\d)|(?:\\d{2,})/;\nconst noop = (err) => {};\n\nclass Client extends EventEmitter {\n  constructor() {\n    super();\n\n    this.config = {\n      host: undefined,\n      port: undefined,\n      localAddress: undefined,\n      localPort: undefined,\n      forceIPv4: undefined,\n      forceIPv6: undefined,\n      keepaliveCountMax: undefined,\n      keepaliveInterval: undefined,\n      readyTimeout: undefined,\n      ident: undefined,\n\n      username: undefined,\n      password: undefined,\n      privateKey: undefined,\n      tryKeyboard: undefined,\n      agent: undefined,\n      allowAgentFwd: undefined,\n      authHandler: undefined,\n\n      hostHashAlgo: undefined,\n      hostHashCb: undefined,\n      strictVendor: undefined,\n      debug: undefined\n    };\n\n    this._agent = undefined;\n    this._readyTimeout = undefined;\n    this._chanMgr = undefined;\n    this._callbacks = undefined;\n    this._forwarding = undefined;\n    this._forwardingUnix = undefined;\n    this._acceptX11 = undefined;\n    this._agentFwdEnabled = undefined;\n    this._remoteVer = undefined;\n\n    this._protocol = undefined;\n    this._sock = undefined;\n    this._resetKA = undefined;\n  }\n\n  connect(cfg) {\n    if (this._sock && isWritable(this._sock)) {\n      this.once('close', () => {\n        this.connect(cfg);\n      });\n      this.end();\n      return this;\n    }\n\n    this.config.host = cfg.hostname || cfg.host || 'localhost';\n    this.config.port = cfg.port || 22;\n    this.config.localAddress = (typeof cfg.localAddress === 'string'\n                                ? cfg.localAddress\n                                : undefined);\n    this.config.localPort = (typeof cfg.localPort === 'string'\n                             || typeof cfg.localPort === 'number'\n                             ? cfg.localPort\n                             : undefined);\n    this.config.forceIPv4 = cfg.forceIPv4 || false;\n    this.config.forceIPv6 = cfg.forceIPv6 || false;\n    this.config.keepaliveCountMax = (typeof cfg.keepaliveCountMax === 'number'\n                                     && cfg.keepaliveCountMax >= 0\n                                     ? cfg.keepaliveCountMax\n                                     : 3);\n    this.config.keepaliveInterval = (typeof cfg.keepaliveInterval === 'number'\n                                     && cfg.keepaliveInterval > 0\n                                     ? cfg.keepaliveInterval\n                                     : 0);\n    this.config.readyTimeout = (typeof cfg.readyTimeout === 'number'\n                                && cfg.readyTimeout >= 0\n                                ? cfg.readyTimeout\n                                : 20000);\n    this.config.ident = (typeof cfg.ident === 'string'\n                         || Buffer.isBuffer(cfg.ident)\n                         ? cfg.ident\n                         : undefined);\n\n    const algorithms = {\n      kex: undefined,\n      serverHostKey: undefined,\n      cs: {\n        cipher: undefined,\n        mac: undefined,\n        compress: undefined,\n        lang: [],\n      },\n      sc: undefined,\n    };\n    let allOfferDefaults = true;\n    if (typeof cfg.algorithms === 'object' && cfg.algorithms !== null) {\n      algorithms.kex = generateAlgorithmList(cfg.algorithms.kex,\n                                             DEFAULT_KEX,\n                                             SUPPORTED_KEX);\n      if (algorithms.kex !== DEFAULT_KEX)\n        allOfferDefaults = false;\n\n      algorithms.serverHostKey =\n        generateAlgorithmList(cfg.algorithms.serverHostKey,\n                              DEFAULT_SERVER_HOST_KEY,\n                              SUPPORTED_SERVER_HOST_KEY);\n      if (algorithms.serverHostKey !== DEFAULT_SERVER_HOST_KEY)\n        allOfferDefaults = false;\n\n      algorithms.cs.cipher = generateAlgorithmList(cfg.algorithms.cipher,\n                                                   DEFAULT_CIPHER,\n                                                   SUPPORTED_CIPHER);\n      if (algorithms.cs.cipher !== DEFAULT_CIPHER)\n        allOfferDefaults = false;\n\n      algorithms.cs.mac = generateAlgorithmList(cfg.algorithms.hmac,\n                                                DEFAULT_MAC,\n                                                SUPPORTED_MAC);\n      if (algorithms.cs.mac !== DEFAULT_MAC)\n        allOfferDefaults = false;\n\n      algorithms.cs.compress = generateAlgorithmList(cfg.algorithms.compress,\n                                                     DEFAULT_COMPRESSION,\n                                                     SUPPORTED_COMPRESSION);\n      if (algorithms.cs.compress !== DEFAULT_COMPRESSION)\n        allOfferDefaults = false;\n\n      if (!allOfferDefaults)\n        algorithms.sc = algorithms.cs;\n    }\n\n    if (typeof cfg.username === 'string')\n      this.config.username = cfg.username;\n    else if (typeof cfg.user === 'string')\n      this.config.username = cfg.user;\n    else\n      throw new Error('Invalid username');\n\n    this.config.password = (typeof cfg.password === 'string'\n                            ? cfg.password\n                            : undefined);\n    this.config.privateKey = (typeof cfg.privateKey === 'string'\n                              || Buffer.isBuffer(cfg.privateKey)\n                              ? cfg.privateKey\n                              : undefined);\n    this.config.localHostname = (typeof cfg.localHostname === 'string'\n                                 ? cfg.localHostname\n                                 : undefined);\n    this.config.localUsername = (typeof cfg.localUsername === 'string'\n                                 ? cfg.localUsername\n                                 : undefined);\n    this.config.tryKeyboard = (cfg.tryKeyboard === true);\n    if (typeof cfg.agent === 'string' && cfg.agent.length)\n      this.config.agent = createAgent(cfg.agent);\n    else if (isAgent(cfg.agent))\n      this.config.agent = cfg.agent;\n    else\n      this.config.agent = undefined;\n    this.config.allowAgentFwd = (cfg.agentForward === true\n                                 && this.config.agent !== undefined);\n    let authHandler = this.config.authHandler = (\n      typeof cfg.authHandler === 'function'\n      || Array.isArray(cfg.authHandler)\n      ? cfg.authHandler\n      : undefined\n    );\n\n    this.config.strictVendor = (typeof cfg.strictVendor === 'boolean'\n                                ? cfg.strictVendor\n                                : true);\n\n    const debug = this.config.debug = (typeof cfg.debug === 'function'\n                                       ? cfg.debug\n                                       : undefined);\n\n    if (cfg.agentForward === true && !this.config.allowAgentFwd) {\n      throw new Error(\n        'You must set a valid agent path to allow agent forwarding'\n      );\n    }\n\n    let callbacks = this._callbacks = [];\n    this._chanMgr = new ChannelManager(this);\n    this._forwarding = {};\n    this._forwardingUnix = {};\n    this._acceptX11 = 0;\n    this._agentFwdEnabled = false;\n    this._agent = (this.config.agent ? this.config.agent : undefined);\n    this._remoteVer = undefined;\n    let privateKey;\n\n    if (this.config.privateKey) {\n      privateKey = parseKey(this.config.privateKey, cfg.passphrase);\n      if (privateKey instanceof Error)\n        throw new Error(`Cannot parse privateKey: ${privateKey.message}`);\n      if (Array.isArray(privateKey)) {\n        // OpenSSH's newer format only stores 1 key for now\n        privateKey = privateKey[0];\n      }\n      if (privateKey.getPrivatePEM() === null) {\n        throw new Error(\n          'privateKey value does not contain a (valid) private key'\n        );\n      }\n    }\n\n    let hostVerifier;\n    if (typeof cfg.hostVerifier === 'function') {\n      const hashCb = cfg.hostVerifier;\n      let hasher;\n      if (HASHES.indexOf(cfg.hostHash) !== -1) {\n        // Default to old behavior of hashing on user's behalf\n        hasher = createHash(cfg.hostHash);\n      }\n      hostVerifier = (key, verify) => {\n        if (hasher) {\n          hasher.update(key);\n          key = hasher.digest('hex');\n        }\n        const ret = hashCb(key, verify);\n        if (ret !== undefined)\n          verify(ret);\n      };\n    }\n\n    const sock = this._sock = (cfg.sock || new Socket());\n    let ready = false;\n    let sawHeader = false;\n    if (this._protocol)\n      this._protocol.cleanup();\n    const DEBUG_HANDLER = (!debug ? undefined : (p, display, msg) => {\n      debug(`Debug output from server: ${JSON.stringify(msg)}`);\n    });\n    const proto = this._protocol = new Protocol({\n      ident: this.config.ident,\n      offer: (allOfferDefaults ? undefined : algorithms),\n      onWrite: (data) => {\n        if (isWritable(sock))\n          sock.write(data);\n      },\n      onError: (err) => {\n        if (err.level === 'handshake')\n          clearTimeout(this._readyTimeout);\n        if (!proto._destruct)\n          sock.removeAllListeners('data');\n        this.emit('error', err);\n        try {\n          sock.end();\n        } catch {}\n      },\n      onHeader: (header) => {\n        sawHeader = true;\n        this._remoteVer = header.versions.software;\n        if (header.greeting)\n          this.emit('greeting', header.greeting);\n      },\n      onHandshakeComplete: (negotiated) => {\n        this.emit('handshake', negotiated);\n        if (!ready) {\n          ready = true;\n          proto.service('ssh-userauth');\n        }\n      },\n      debug,\n      hostVerifier,\n      messageHandlers: {\n        DEBUG: DEBUG_HANDLER,\n        DISCONNECT: (p, reason, desc) => {\n          if (reason !== DISCONNECT_REASON.BY_APPLICATION) {\n            if (!desc) {\n              desc = DISCONNECT_REASON_BY_VALUE[reason];\n              if (desc === undefined)\n                desc = `Unexpected disconnection reason: ${reason}`;\n            }\n            const err = new Error(desc);\n            err.code = reason;\n            this.emit('error', err);\n          }\n          sock.end();\n        },\n        SERVICE_ACCEPT: (p, name) => {\n          if (name === 'ssh-userauth')\n            tryNextAuth();\n        },\n        USERAUTH_BANNER: (p, msg) => {\n          this.emit('banner', msg);\n        },\n        USERAUTH_SUCCESS: (p) => {\n          // Start keepalive mechanism\n          resetKA();\n\n          clearTimeout(this._readyTimeout);\n\n          this.emit('ready');\n        },\n        USERAUTH_FAILURE: (p, authMethods, partialSuccess) => {\n          if (curAuth.type === 'agent') {\n            const pos = curAuth.agentCtx.pos();\n            debug && debug(`Client: Agent key #${pos + 1} failed`);\n            return tryNextAgentKey();\n          }\n\n          debug && debug(`Client: ${curAuth.type} auth failed`);\n\n          curPartial = partialSuccess;\n          curAuthsLeft = authMethods;\n          tryNextAuth();\n        },\n        USERAUTH_PASSWD_CHANGEREQ: (p, prompt) => {\n          if (curAuth.type === 'password') {\n            // TODO: support a `changePrompt()` on `curAuth` that defaults to\n            // emitting 'change password' as before\n            this.emit('change password', prompt, (newPassword) => {\n              proto.authPassword(\n                this.config.username,\n                this.config.password,\n                newPassword\n              );\n            });\n          }\n        },\n        USERAUTH_PK_OK: (p) => {\n          if (curAuth.type === 'agent') {\n            const key = curAuth.agentCtx.currentKey();\n            proto.authPK(curAuth.username, key, (buf, cb) => {\n              curAuth.agentCtx.sign(key, buf, {}, (err, signed) => {\n                if (err) {\n                  err.level = 'agent';\n                  this.emit('error', err);\n                } else {\n                  return cb(signed);\n                }\n\n                tryNextAgentKey();\n              });\n            });\n          } else if (curAuth.type === 'publickey') {\n            proto.authPK(curAuth.username, curAuth.key, (buf, cb) => {\n              const signature = curAuth.key.sign(buf);\n              if (signature instanceof Error) {\n                signature.message =\n                  `Error signing data with key: ${signature.message}`;\n                signature.level = 'client-authentication';\n                this.emit('error', signature);\n                return tryNextAuth();\n              }\n              cb(signature);\n            });\n          }\n        },\n        USERAUTH_INFO_REQUEST: (p, name, instructions, prompts) => {\n          if (curAuth.type === 'keyboard-interactive') {\n            const nprompts = (Array.isArray(prompts) ? prompts.length : 0);\n            if (nprompts === 0) {\n              debug && debug(\n                'Client: Sending automatic USERAUTH_INFO_RESPONSE'\n              );\n              proto.authInfoRes();\n              return;\n            }\n            // We sent a keyboard-interactive user authentication request and\n            // now the server is sending us the prompts we need to present to\n            // the user\n            curAuth.prompt(\n              name,\n              instructions,\n              '',\n              prompts,\n              (answers) => {\n                proto.authInfoRes(answers);\n              }\n            );\n          }\n        },\n        REQUEST_SUCCESS: (p, data) => {\n          if (callbacks.length)\n            callbacks.shift()(false, data);\n        },\n        REQUEST_FAILURE: (p) => {\n          if (callbacks.length)\n            callbacks.shift()(true);\n        },\n        GLOBAL_REQUEST: (p, name, wantReply, data) => {\n          switch (name) {\n            case 'hostkeys-00@openssh.com':\n              // Automatically verify keys before passing to end user\n              hostKeysProve(this, data, (err, keys) => {\n                if (err)\n                  return;\n                this.emit('hostkeys', keys);\n              });\n              if (wantReply)\n                proto.requestSuccess();\n              break;\n            default:\n              // Auto-reject all other global requests, this can be especially\n              // useful if the server is sending us dummy keepalive global\n              // requests\n              if (wantReply)\n                proto.requestFailure();\n          }\n        },\n        CHANNEL_OPEN: (p, info) => {\n          // Handle incoming requests from server, typically a forwarded TCP or\n          // X11 connection\n          onCHANNEL_OPEN(this, info);\n        },\n        CHANNEL_OPEN_CONFIRMATION: (p, info) => {\n          const channel = this._chanMgr.get(info.recipient);\n          if (typeof channel !== 'function')\n            return;\n\n          const isSFTP = (channel.type === 'sftp');\n          const type = (isSFTP ? 'session' : channel.type);\n          const chanInfo = {\n            type,\n            incoming: {\n              id: info.recipient,\n              window: MAX_WINDOW,\n              packetSize: PACKET_SIZE,\n              state: 'open'\n            },\n            outgoing: {\n              id: info.sender,\n              window: info.window,\n              packetSize: info.packetSize,\n              state: 'open'\n            }\n          };\n          const instance = (\n            isSFTP\n            ? new SFTP(this, chanInfo, { debug })\n            : new Channel(this, chanInfo)\n          );\n          this._chanMgr.update(info.recipient, instance);\n          channel(undefined, instance);\n        },\n        CHANNEL_OPEN_FAILURE: (p, recipient, reason, description) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'function')\n            return;\n\n          const info = { reason, description };\n          onChannelOpenFailure(this, recipient, info, channel);\n        },\n        CHANNEL_DATA: (p, recipient, data) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          // The remote party should not be sending us data if there is no\n          // window space available ...\n          // TODO: raise error on data with not enough window?\n          if (channel.incoming.window === 0)\n            return;\n\n          channel.incoming.window -= data.length;\n\n          if (channel.push(data) === false) {\n            channel._waitChanDrain = true;\n            return;\n          }\n\n          if (channel.incoming.window <= WINDOW_THRESHOLD)\n            windowAdjust(channel);\n        },\n        CHANNEL_EXTENDED_DATA: (p, recipient, data, type) => {\n          if (type !== STDERR)\n            return;\n\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          // The remote party should not be sending us data if there is no\n          // window space available ...\n          // TODO: raise error on data with not enough window?\n          if (channel.incoming.window === 0)\n            return;\n\n          channel.incoming.window -= data.length;\n\n          if (!channel.stderr.push(data)) {\n            channel._waitChanDrain = true;\n            return;\n          }\n\n          if (channel.incoming.window <= WINDOW_THRESHOLD)\n            windowAdjust(channel);\n        },\n        CHANNEL_WINDOW_ADJUST: (p, recipient, amount) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          // The other side is allowing us to send `amount` more bytes of data\n          channel.outgoing.window += amount;\n\n          if (channel._waitWindow) {\n            channel._waitWindow = false;\n\n            if (channel._chunk) {\n              channel._write(channel._chunk, null, channel._chunkcb);\n            } else if (channel._chunkcb) {\n              channel._chunkcb();\n            } else if (channel._chunkErr) {\n              channel.stderr._write(channel._chunkErr,\n                                    null,\n                                    channel._chunkcbErr);\n            } else if (channel._chunkcbErr) {\n              channel._chunkcbErr();\n            }\n          }\n        },\n        CHANNEL_SUCCESS: (p, recipient) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          this._resetKA();\n\n          if (channel._callbacks.length)\n            channel._callbacks.shift()(false);\n        },\n        CHANNEL_FAILURE: (p, recipient) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          this._resetKA();\n\n          if (channel._callbacks.length)\n            channel._callbacks.shift()(true);\n        },\n        CHANNEL_REQUEST: (p, recipient, type, wantReply, data) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          const exit = channel._exit;\n          if (exit.code !== undefined)\n            return;\n          switch (type) {\n            case 'exit-status':\n              channel.emit('exit', exit.code = data);\n              return;\n            case 'exit-signal':\n              channel.emit('exit',\n                           exit.code = null,\n                           exit.signal = `SIG${data.signal}`,\n                           exit.dump = data.coreDumped,\n                           exit.desc = data.errorMessage);\n              return;\n          }\n\n          // Keepalive request? OpenSSH will send one as a channel request if\n          // there is a channel open\n\n          if (wantReply)\n            p.channelFailure(channel.outgoing.id);\n        },\n        CHANNEL_EOF: (p, recipient) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.incoming.state !== 'open')\n            return;\n          channel.incoming.state = 'eof';\n\n          if (channel.readable)\n            channel.push(null);\n          if (channel.stderr.readable)\n            channel.stderr.push(null);\n        },\n        CHANNEL_CLOSE: (p, recipient) => {\n          onCHANNEL_CLOSE(this, recipient, this._chanMgr.get(recipient));\n        },\n      },\n    });\n\n    sock.pause();\n\n    // TODO: check keepalive implementation\n    // Keepalive-related\n    const kainterval = this.config.keepaliveInterval;\n    const kacountmax = this.config.keepaliveCountMax;\n    let kacount = 0;\n    let katimer;\n    const sendKA = () => {\n      if (++kacount > kacountmax) {\n        clearInterval(katimer);\n        if (sock.readable) {\n          const err = new Error('Keepalive timeout');\n          err.level = 'client-timeout';\n          this.emit('error', err);\n          sock.destroy();\n        }\n        return;\n      }\n      if (isWritable(sock)) {\n        // Append dummy callback to keep correct callback order\n        callbacks.push(resetKA);\n        proto.ping();\n      } else {\n        clearInterval(katimer);\n      }\n    };\n    function resetKA() {\n      if (kainterval > 0) {\n        kacount = 0;\n        clearInterval(katimer);\n        if (isWritable(sock))\n          katimer = setInterval(sendKA, kainterval);\n      }\n    }\n    this._resetKA = resetKA;\n\n    const onDone = (() => {\n      let called = false;\n      return () => {\n        if (called)\n          return;\n        called = true;\n        if (wasConnected && !sawHeader) {\n          const err =\n            makeError('Connection lost before handshake', 'protocol', true);\n          this.emit('error', err);\n        }\n      };\n    })();\n    const onConnect = (() => {\n      let called = false;\n      return () => {\n        if (called)\n          return;\n        called = true;\n\n        wasConnected = true;\n        debug && debug('Socket connected');\n        this.emit('connect');\n\n        cryptoInit.then(() => {\n          proto.start();\n          sock.on('data', (data) => {\n            try {\n              proto.parse(data, 0, data.length);\n            } catch (ex) {\n              this.emit('error', ex);\n              try {\n                if (isWritable(sock))\n                  sock.end();\n              } catch {}\n            }\n          });\n\n          // Drain stderr if we are connection hopping using an exec stream\n          if (sock.stderr && typeof sock.stderr.resume === 'function')\n            sock.stderr.resume();\n\n          sock.resume();\n        }).catch((err) => {\n          this.emit('error', err);\n          try {\n            if (isWritable(sock))\n              sock.end();\n          } catch {}\n        });\n      };\n    })();\n    let wasConnected = false;\n    sock.on('connect', onConnect)\n        .on('timeout', () => {\n      this.emit('timeout');\n    }).on('error', (err) => {\n      debug && debug(`Socket error: ${err.message}`);\n      clearTimeout(this._readyTimeout);\n      err.level = 'client-socket';\n      this.emit('error', err);\n    }).on('end', () => {\n      debug && debug('Socket ended');\n      onDone();\n      proto.cleanup();\n      clearTimeout(this._readyTimeout);\n      clearInterval(katimer);\n      this.emit('end');\n    }).on('close', () => {\n      debug && debug('Socket closed');\n      onDone();\n      proto.cleanup();\n      clearTimeout(this._readyTimeout);\n      clearInterval(katimer);\n      this.emit('close');\n\n      // Notify outstanding channel requests of disconnection ...\n      const callbacks_ = callbacks;\n      callbacks = this._callbacks = [];\n      const err = new Error('No response from server');\n      for (let i = 0; i < callbacks_.length; ++i)\n        callbacks_[i](err);\n\n      // Simulate error for any channels waiting to be opened\n      this._chanMgr.cleanup(err);\n    });\n\n    // Begin authentication handling ===========================================\n    let curAuth;\n    let curPartial = null;\n    let curAuthsLeft = null;\n    const authsAllowed = ['none'];\n    if (this.config.password !== undefined)\n      authsAllowed.push('password');\n    if (privateKey !== undefined)\n      authsAllowed.push('publickey');\n    if (this._agent !== undefined)\n      authsAllowed.push('agent');\n    if (this.config.tryKeyboard)\n      authsAllowed.push('keyboard-interactive');\n    if (privateKey !== undefined\n        && this.config.localHostname !== undefined\n        && this.config.localUsername !== undefined) {\n      authsAllowed.push('hostbased');\n    }\n\n    if (Array.isArray(authHandler))\n      authHandler = makeSimpleAuthHandler(authHandler);\n    else if (typeof authHandler !== 'function')\n      authHandler = makeSimpleAuthHandler(authsAllowed);\n\n    let hasSentAuth = false;\n    const doNextAuth = (nextAuth) => {\n      if (hasSentAuth)\n        return;\n      hasSentAuth = true;\n\n      if (nextAuth === false) {\n        const err = new Error('All configured authentication methods failed');\n        err.level = 'client-authentication';\n        this.emit('error', err);\n        this.end();\n        return;\n      }\n\n      if (typeof nextAuth === 'string') {\n        // Remain backwards compatible with original `authHandler()` usage,\n        // which only supported passing names of next method to try using data\n        // from the `connect()` config object\n\n        const type = nextAuth;\n        if (authsAllowed.indexOf(type) === -1)\n          return skipAuth(`Authentication method not allowed: ${type}`);\n\n        const username = this.config.username;\n        switch (type) {\n          case 'password':\n            nextAuth = { type, username, password: this.config.password };\n            break;\n          case 'publickey':\n            nextAuth = { type, username, key: privateKey };\n            break;\n          case 'hostbased':\n            nextAuth = {\n              type,\n              username,\n              key: privateKey,\n              localHostname: this.config.localHostname,\n              localUsername: this.config.localUsername,\n            };\n            break;\n          case 'agent':\n            nextAuth = {\n              type,\n              username,\n              agentCtx: new AgentContext(this._agent),\n            };\n            break;\n          case 'keyboard-interactive':\n            nextAuth = {\n              type,\n              username,\n              prompt: (...args) => this.emit('keyboard-interactive', ...args),\n            };\n            break;\n          case 'none':\n            nextAuth = { type, username };\n            break;\n          default:\n            return skipAuth(\n              `Skipping unsupported authentication method: ${nextAuth}`\n            );\n        }\n      } else if (typeof nextAuth !== 'object' || nextAuth === null) {\n        return skipAuth(\n          `Skipping invalid authentication attempt: ${nextAuth}`\n        );\n      } else {\n        const username = nextAuth.username;\n        if (typeof username !== 'string') {\n          return skipAuth(\n            `Skipping invalid authentication attempt: ${nextAuth}`\n          );\n        }\n        const type = nextAuth.type;\n        switch (type) {\n          case 'password': {\n            const { password } = nextAuth;\n            if (typeof password !== 'string' && !Buffer.isBuffer(password))\n              return skipAuth('Skipping invalid password auth attempt');\n            nextAuth = { type, username, password };\n            break;\n          }\n          case 'publickey': {\n            const key = parseKey(nextAuth.key, nextAuth.passphrase);\n            if (key instanceof Error)\n              return skipAuth('Skipping invalid key auth attempt');\n            if (!key.isPrivateKey())\n              return skipAuth('Skipping non-private key');\n            nextAuth = { type, username, key };\n            break;\n          }\n          case 'hostbased': {\n            const { localHostname, localUsername } = nextAuth;\n            const key = parseKey(nextAuth.key, nextAuth.passphrase);\n            if (key instanceof Error\n                || typeof localHostname !== 'string'\n                || typeof localUsername !== 'string') {\n              return skipAuth('Skipping invalid hostbased auth attempt');\n            }\n            if (!key.isPrivateKey())\n              return skipAuth('Skipping non-private key');\n            nextAuth = { type, username, key, localHostname, localUsername };\n            break;\n          }\n          case 'agent': {\n            let agent = nextAuth.agent;\n            if (typeof agent === 'string' && agent.length) {\n              agent = createAgent(agent);\n            } else if (!isAgent(agent)) {\n              return skipAuth(\n                `Skipping invalid agent: ${nextAuth.agent}`\n              );\n            }\n            nextAuth = { type, username, agentCtx: new AgentContext(agent) };\n            break;\n          }\n          case 'keyboard-interactive': {\n            const { prompt } = nextAuth;\n            if (typeof prompt !== 'function') {\n              return skipAuth(\n                'Skipping invalid keyboard-interactive auth attempt'\n              );\n            }\n            nextAuth = { type, username, prompt };\n            break;\n          }\n          case 'none':\n            nextAuth = { type, username };\n            break;\n          default:\n            return skipAuth(\n              `Skipping unsupported authentication method: ${nextAuth}`\n            );\n        }\n      }\n      curAuth = nextAuth;\n\n      // Begin authentication method's process\n      try {\n        const username = curAuth.username;\n        switch (curAuth.type) {\n          case 'password':\n            proto.authPassword(username, curAuth.password);\n            break;\n          case 'publickey':\n            proto.authPK(username, curAuth.key);\n            break;\n          case 'hostbased':\n            proto.authHostbased(username,\n                                curAuth.key,\n                                curAuth.localHostname,\n                                curAuth.localUsername,\n                                (buf, cb) => {\n              const signature = curAuth.key.sign(buf);\n              if (signature instanceof Error) {\n                signature.message =\n                  `Error while signing with key: ${signature.message}`;\n                signature.level = 'client-authentication';\n                this.emit('error', signature);\n                return tryNextAuth();\n              }\n\n              cb(signature);\n            });\n            break;\n          case 'agent':\n            curAuth.agentCtx.init((err) => {\n              if (err) {\n                err.level = 'agent';\n                this.emit('error', err);\n                return tryNextAuth();\n              }\n              tryNextAgentKey();\n            });\n            break;\n          case 'keyboard-interactive':\n            proto.authKeyboard(username);\n            break;\n          case 'none':\n            proto.authNone(username);\n            break;\n        }\n      } finally {\n        hasSentAuth = false;\n      }\n    };\n\n    function skipAuth(msg) {\n      debug && debug(msg);\n      process.nextTick(tryNextAuth);\n    }\n\n    function tryNextAuth() {\n      hasSentAuth = false;\n      const auth = authHandler(curAuthsLeft, curPartial, doNextAuth);\n      if (hasSentAuth || auth === undefined)\n        return;\n      doNextAuth(auth);\n    }\n\n    const tryNextAgentKey = () => {\n      if (curAuth.type === 'agent') {\n        const key = curAuth.agentCtx.nextKey();\n        if (key === false) {\n          debug && debug('Agent: No more keys left to try');\n          debug && debug('Client: agent auth failed');\n          tryNextAuth();\n        } else {\n          const pos = curAuth.agentCtx.pos();\n          debug && debug(`Agent: Trying key #${pos + 1}`);\n          proto.authPK(curAuth.username, key);\n        }\n      }\n    };\n\n    const startTimeout = () => {\n      if (this.config.readyTimeout > 0) {\n        this._readyTimeout = setTimeout(() => {\n          const err = new Error('Timed out while waiting for handshake');\n          err.level = 'client-timeout';\n          this.emit('error', err);\n          sock.destroy();\n        }, this.config.readyTimeout);\n      }\n    };\n\n    if (!cfg.sock) {\n      let host = this.config.host;\n      const forceIPv4 = this.config.forceIPv4;\n      const forceIPv6 = this.config.forceIPv6;\n\n      debug && debug(`Client: Trying ${host} on port ${this.config.port} ...`);\n\n      const doConnect = () => {\n        startTimeout();\n        sock.connect({\n          host,\n          port: this.config.port,\n          localAddress: this.config.localAddress,\n          localPort: this.config.localPort\n        });\n        sock.setNoDelay(true);\n        sock.setMaxListeners(0);\n        sock.setTimeout(typeof cfg.timeout === 'number' ? cfg.timeout : 0);\n      };\n\n      if ((!forceIPv4 && !forceIPv6) || (forceIPv4 && forceIPv6)) {\n        doConnect();\n      } else {\n        dnsLookup(host, (forceIPv4 ? 4 : 6), (err, address, family) => {\n          if (err) {\n            const type = (forceIPv4 ? 'IPv4' : 'IPv6');\n            const error = new Error(\n              `Error while looking up ${type} address for '${host}': ${err}`\n            );\n            clearTimeout(this._readyTimeout);\n            error.level = 'client-dns';\n            this.emit('error', error);\n            this.emit('close');\n            return;\n          }\n          host = address;\n          doConnect();\n        });\n      }\n    } else {\n      // Custom socket passed in\n      startTimeout();\n      if (typeof sock.connecting === 'boolean') {\n        // net.Socket\n\n        if (!sock.connecting) {\n          // Already connected\n          onConnect();\n        }\n      } else {\n        // Assume socket/stream is already \"connected\"\n        onConnect();\n      }\n    }\n\n    return this;\n  }\n\n  end() {\n    if (this._sock && isWritable(this._sock)) {\n      this._protocol.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n      this._sock.end();\n    }\n    return this;\n  }\n\n  destroy() {\n    this._sock && isWritable(this._sock) && this._sock.destroy();\n    return this;\n  }\n\n  exec(cmd, opts, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    if (typeof opts === 'function') {\n      cb = opts;\n      opts = {};\n    }\n\n    const extraOpts = { allowHalfOpen: (opts.allowHalfOpen !== false) };\n\n    openChannel(this, 'session', extraOpts, (err, chan) => {\n      if (err) {\n        cb(err);\n        return;\n      }\n\n      const todo = [];\n\n      function reqCb(err) {\n        if (err) {\n          chan.close();\n          cb(err);\n          return;\n        }\n        if (todo.length)\n          todo.shift()();\n      }\n\n      if (this.config.allowAgentFwd === true\n          || (opts\n              && opts.agentForward === true\n              && this._agent !== undefined)) {\n        todo.push(() => reqAgentFwd(chan, reqCb));\n      }\n\n      if (typeof opts === 'object' && opts !== null) {\n        if (typeof opts.env === 'object' && opts.env !== null)\n          reqEnv(chan, opts.env);\n        if ((typeof opts.pty === 'object' && opts.pty !== null)\n            || opts.pty === true) {\n          todo.push(() => reqPty(chan, opts.pty, reqCb));\n        }\n        if ((typeof opts.x11 === 'object' && opts.x11 !== null)\n            || opts.x11 === 'number'\n            || opts.x11 === true) {\n          todo.push(() => reqX11(chan, opts.x11, reqCb));\n        }\n      }\n\n      todo.push(() => reqExec(chan, cmd, opts, cb));\n      todo.shift()();\n    });\n\n    return this;\n  }\n\n  shell(wndopts, opts, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    if (typeof wndopts === 'function') {\n      cb = wndopts;\n      wndopts = opts = undefined;\n    } else if (typeof opts === 'function') {\n      cb = opts;\n      opts = undefined;\n    }\n    if (wndopts && (wndopts.x11 !== undefined || wndopts.env !== undefined)) {\n      opts = wndopts;\n      wndopts = undefined;\n    }\n\n    openChannel(this, 'session', (err, chan) => {\n      if (err) {\n        cb(err);\n        return;\n      }\n\n      const todo = [];\n\n      function reqCb(err) {\n        if (err) {\n          chan.close();\n          cb(err);\n          return;\n        }\n        if (todo.length)\n          todo.shift()();\n      }\n\n      if (this.config.allowAgentFwd === true\n          || (opts\n              && opts.agentForward === true\n              && this._agent !== undefined)) {\n        todo.push(() => reqAgentFwd(chan, reqCb));\n      }\n\n      if (wndopts !== false)\n        todo.push(() => reqPty(chan, wndopts, reqCb));\n\n      if (typeof opts === 'object' && opts !== null) {\n        if (typeof opts.env === 'object' && opts.env !== null)\n          reqEnv(chan, opts.env);\n        if ((typeof opts.x11 === 'object' && opts.x11 !== null)\n            || opts.x11 === 'number'\n            || opts.x11 === true) {\n          todo.push(() => reqX11(chan, opts.x11, reqCb));\n        }\n      }\n\n      todo.push(() => reqShell(chan, cb));\n      todo.shift()();\n    });\n\n    return this;\n  }\n\n  subsys(name, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    openChannel(this, 'session', (err, chan) => {\n      if (err) {\n        cb(err);\n        return;\n      }\n\n      reqSubsystem(chan, name, (err, stream) => {\n        if (err) {\n          cb(err);\n          return;\n        }\n\n        cb(undefined, stream);\n      });\n    });\n\n    return this;\n  }\n\n  forwardIn(bindAddr, bindPort, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    // Send a request for the server to start forwarding TCP connections to us\n    // on a particular address and port\n\n    const wantReply = (typeof cb === 'function');\n\n    if (wantReply) {\n      this._callbacks.push((had_err, data) => {\n        if (had_err) {\n          cb(had_err !== true\n             ? had_err\n             : new Error(`Unable to bind to ${bindAddr}:${bindPort}`));\n          return;\n        }\n\n        let realPort = bindPort;\n        if (bindPort === 0 && data && data.length >= 4) {\n          realPort = readUInt32BE(data, 0);\n          if (!(this._protocol._compatFlags & COMPAT.DYN_RPORT_BUG))\n            bindPort = realPort;\n        }\n\n        this._forwarding[`${bindAddr}:${bindPort}`] = realPort;\n\n        cb(undefined, realPort);\n      });\n    }\n\n    this._protocol.tcpipForward(bindAddr, bindPort, wantReply);\n\n    return this;\n  }\n\n  unforwardIn(bindAddr, bindPort, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    // Send a request to stop forwarding us new connections for a particular\n    // address and port\n\n    const wantReply = (typeof cb === 'function');\n\n    if (wantReply) {\n      this._callbacks.push((had_err) => {\n        if (had_err) {\n          cb(had_err !== true\n             ? had_err\n             : new Error(`Unable to unbind from ${bindAddr}:${bindPort}`));\n          return;\n        }\n\n        delete this._forwarding[`${bindAddr}:${bindPort}`];\n\n        cb();\n      });\n    }\n\n    this._protocol.cancelTcpipForward(bindAddr, bindPort, wantReply);\n\n    return this;\n  }\n\n  forwardOut(srcIP, srcPort, dstIP, dstPort, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    // Send a request to forward a TCP connection to the server\n\n    const cfg = {\n      srcIP: srcIP,\n      srcPort: srcPort,\n      dstIP: dstIP,\n      dstPort: dstPort\n    };\n\n    if (typeof cb !== 'function')\n      cb = noop;\n\n    openChannel(this, 'direct-tcpip', cfg, cb);\n\n    return this;\n  }\n\n  openssh_noMoreSessions(cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    const wantReply = (typeof cb === 'function');\n\n    if (!this.config.strictVendor\n        || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n      if (wantReply) {\n        this._callbacks.push((had_err) => {\n          if (had_err) {\n            cb(had_err !== true\n               ? had_err\n               : new Error('Unable to disable future sessions'));\n            return;\n          }\n\n          cb();\n        });\n      }\n\n      this._protocol.openssh_noMoreSessions(wantReply);\n      return this;\n    }\n\n    if (!wantReply)\n      return this;\n\n    process.nextTick(\n      cb,\n      new Error(\n        'strictVendor enabled and server is not OpenSSH or compatible version'\n      )\n    );\n\n    return this;\n  }\n\n  openssh_forwardInStreamLocal(socketPath, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    const wantReply = (typeof cb === 'function');\n\n    if (!this.config.strictVendor\n        || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n      if (wantReply) {\n        this._callbacks.push((had_err) => {\n          if (had_err) {\n            cb(had_err !== true\n               ? had_err\n               : new Error(`Unable to bind to ${socketPath}`));\n            return;\n          }\n          this._forwardingUnix[socketPath] = true;\n          cb();\n        });\n      }\n\n      this._protocol.openssh_streamLocalForward(socketPath, wantReply);\n      return this;\n    }\n\n    if (!wantReply)\n      return this;\n\n    process.nextTick(\n      cb,\n      new Error(\n        'strictVendor enabled and server is not OpenSSH or compatible version'\n      )\n    );\n\n    return this;\n  }\n\n  openssh_unforwardInStreamLocal(socketPath, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    const wantReply = (typeof cb === 'function');\n\n    if (!this.config.strictVendor\n        || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n      if (wantReply) {\n        this._callbacks.push((had_err) => {\n          if (had_err) {\n            cb(had_err !== true\n               ? had_err\n               : new Error(`Unable to unbind from ${socketPath}`));\n            return;\n          }\n          delete this._forwardingUnix[socketPath];\n          cb();\n        });\n      }\n\n      this._protocol.openssh_cancelStreamLocalForward(socketPath, wantReply);\n      return this;\n    }\n\n    if (!wantReply)\n      return this;\n\n    process.nextTick(\n      cb,\n      new Error(\n        'strictVendor enabled and server is not OpenSSH or compatible version'\n      )\n    );\n\n    return this;\n  }\n\n  openssh_forwardOutStreamLocal(socketPath, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    if (typeof cb !== 'function')\n      cb = noop;\n\n    if (!this.config.strictVendor\n        || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n      openChannel(this, 'direct-streamlocal@openssh.com', { socketPath }, cb);\n      return this;\n    }\n    process.nextTick(\n      cb,\n      new Error(\n        'strictVendor enabled and server is not OpenSSH or compatible version'\n      )\n    );\n\n    return this;\n  }\n\n  sftp(cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    openChannel(this, 'sftp', (err, sftp) => {\n      if (err) {\n        cb(err);\n        return;\n      }\n\n      reqSubsystem(sftp, 'sftp', (err, sftp_) => {\n        if (err) {\n          cb(err);\n          return;\n        }\n\n        function removeListeners() {\n          sftp.removeListener('ready', onReady);\n          sftp.removeListener('error', onError);\n          sftp.removeListener('exit', onExit);\n          sftp.removeListener('close', onExit);\n        }\n\n        function onReady() {\n          // TODO: do not remove exit/close in case remote end closes the\n          // channel abruptly and we need to notify outstanding callbacks\n          removeListeners();\n          cb(undefined, sftp);\n        }\n\n        function onError(err) {\n          removeListeners();\n          cb(err);\n        }\n\n        function onExit(code, signal) {\n          removeListeners();\n          let msg;\n          if (typeof code === 'number')\n            msg = `Received exit code ${code} while establishing SFTP session`;\n          else if (signal !== undefined)\n            msg = `Received signal ${signal} while establishing SFTP session`;\n          else\n            msg = 'Received unexpected SFTP session termination';\n          const err = new Error(msg);\n          err.code = code;\n          err.signal = signal;\n          cb(err);\n        }\n\n        sftp.on('ready', onReady)\n            .on('error', onError)\n            .on('exit', onExit)\n            .on('close', onExit);\n\n        sftp._init();\n      });\n    });\n\n    return this;\n  }\n}\n\nfunction openChannel(self, type, opts, cb) {\n  // Ask the server to open a channel for some purpose\n  // (e.g. session (sftp, exec, shell), or forwarding a TCP connection\n  const initWindow = MAX_WINDOW;\n  const maxPacket = PACKET_SIZE;\n\n  if (typeof opts === 'function') {\n    cb = opts;\n    opts = {};\n  }\n\n  const wrapper = (err, stream) => {\n    cb(err, stream);\n  };\n  wrapper.type = type;\n\n  const localChan = self._chanMgr.add(wrapper);\n\n  if (localChan === -1) {\n    cb(new Error('No free channels available'));\n    return;\n  }\n\n  switch (type) {\n    case 'session':\n    case 'sftp':\n      self._protocol.session(localChan, initWindow, maxPacket);\n      break;\n    case 'direct-tcpip':\n      self._protocol.directTcpip(localChan, initWindow, maxPacket, opts);\n      break;\n    case 'direct-streamlocal@openssh.com':\n      self._protocol.openssh_directStreamLocal(\n        localChan, initWindow, maxPacket, opts\n      );\n      break;\n    default:\n      throw new Error(`Unsupported channel type: ${type}`);\n  }\n}\n\nfunction reqX11(chan, screen, cb) {\n  // Asks server to start sending us X11 connections\n  const cfg = {\n    single: false,\n    protocol: 'MIT-MAGIC-COOKIE-1',\n    cookie: undefined,\n    screen: 0\n  };\n\n  if (typeof screen === 'function') {\n    cb = screen;\n  } else if (typeof screen === 'object' && screen !== null) {\n    if (typeof screen.single === 'boolean')\n      cfg.single = screen.single;\n    if (typeof screen.screen === 'number')\n      cfg.screen = screen.screen;\n    if (typeof screen.protocol === 'string')\n      cfg.protocol = screen.protocol;\n    if (typeof screen.cookie === 'string')\n      cfg.cookie = screen.cookie;\n    else if (Buffer.isBuffer(screen.cookie))\n      cfg.cookie = screen.cookie.hexSlice(0, screen.cookie.length);\n  }\n  if (cfg.cookie === undefined)\n    cfg.cookie = randomCookie();\n\n  const wantReply = (typeof cb === 'function');\n\n  if (chan.outgoing.state !== 'open') {\n    if (wantReply)\n      cb(new Error('Channel is not open'));\n    return;\n  }\n\n  if (wantReply) {\n    chan._callbacks.push((had_err) => {\n      if (had_err) {\n        cb(had_err !== true ? had_err : new Error('Unable to request X11'));\n        return;\n      }\n\n      chan._hasX11 = true;\n      ++chan._client._acceptX11;\n      chan.once('close', () => {\n        if (chan._client._acceptX11)\n          --chan._client._acceptX11;\n      });\n\n      cb();\n    });\n  }\n\n  chan._client._protocol.x11Forward(chan.outgoing.id, cfg, wantReply);\n}\n\nfunction reqPty(chan, opts, cb) {\n  let rows = 24;\n  let cols = 80;\n  let width = 640;\n  let height = 480;\n  let term = 'vt100';\n  let modes = null;\n\n  if (typeof opts === 'function') {\n    cb = opts;\n  } else if (typeof opts === 'object' && opts !== null) {\n    if (typeof opts.rows === 'number')\n      rows = opts.rows;\n    if (typeof opts.cols === 'number')\n      cols = opts.cols;\n    if (typeof opts.width === 'number')\n      width = opts.width;\n    if (typeof opts.height === 'number')\n      height = opts.height;\n    if (typeof opts.term === 'string')\n      term = opts.term;\n    if (typeof opts.modes === 'object')\n      modes = opts.modes;\n  }\n\n  const wantReply = (typeof cb === 'function');\n\n  if (chan.outgoing.state !== 'open') {\n    if (wantReply)\n      cb(new Error('Channel is not open'));\n    return;\n  }\n\n  if (wantReply) {\n    chan._callbacks.push((had_err) => {\n      if (had_err) {\n        cb(had_err !== true\n           ? had_err\n           : new Error('Unable to request a pseudo-terminal'));\n        return;\n      }\n      cb();\n    });\n  }\n\n  chan._client._protocol.pty(chan.outgoing.id,\n                             rows,\n                             cols,\n                             height,\n                             width,\n                             term,\n                             modes,\n                             wantReply);\n}\n\nfunction reqAgentFwd(chan, cb) {\n  const wantReply = (typeof cb === 'function');\n\n  if (chan.outgoing.state !== 'open') {\n    wantReply && cb(new Error('Channel is not open'));\n    return;\n  }\n  if (chan._client._agentFwdEnabled) {\n    wantReply && cb(false);\n    return;\n  }\n\n  chan._client._agentFwdEnabled = true;\n\n  chan._callbacks.push((had_err) => {\n    if (had_err) {\n      chan._client._agentFwdEnabled = false;\n      if (wantReply) {\n        cb(had_err !== true\n           ? had_err\n           : new Error('Unable to request agent forwarding'));\n      }\n      return;\n    }\n\n    if (wantReply)\n      cb();\n  });\n\n  chan._client._protocol.openssh_agentForward(chan.outgoing.id, true);\n}\n\nfunction reqShell(chan, cb) {\n  if (chan.outgoing.state !== 'open') {\n    cb(new Error('Channel is not open'));\n    return;\n  }\n\n  chan._callbacks.push((had_err) => {\n    if (had_err) {\n      cb(had_err !== true ? had_err : new Error('Unable to open shell'));\n      return;\n    }\n    chan.subtype = 'shell';\n    cb(undefined, chan);\n  });\n\n  chan._client._protocol.shell(chan.outgoing.id, true);\n}\n\nfunction reqExec(chan, cmd, opts, cb) {\n  if (chan.outgoing.state !== 'open') {\n    cb(new Error('Channel is not open'));\n    return;\n  }\n\n  chan._callbacks.push((had_err) => {\n    if (had_err) {\n      cb(had_err !== true ? had_err : new Error('Unable to exec'));\n      return;\n    }\n    chan.subtype = 'exec';\n    chan.allowHalfOpen = (opts.allowHalfOpen !== false);\n    cb(undefined, chan);\n  });\n\n  chan._client._protocol.exec(chan.outgoing.id, cmd, true);\n}\n\nfunction reqEnv(chan, env) {\n  if (chan.outgoing.state !== 'open')\n    return;\n\n  const keys = Object.keys(env || {});\n\n  for (let i = 0; i < keys.length; ++i) {\n    const key = keys[i];\n    const val = env[key];\n    chan._client._protocol.env(chan.outgoing.id, key, val, false);\n  }\n}\n\nfunction reqSubsystem(chan, name, cb) {\n  if (chan.outgoing.state !== 'open') {\n    cb(new Error('Channel is not open'));\n    return;\n  }\n\n  chan._callbacks.push((had_err) => {\n    if (had_err) {\n      cb(had_err !== true\n         ? had_err\n         : new Error(`Unable to start subsystem: ${name}`));\n      return;\n    }\n    chan.subtype = 'subsystem';\n    cb(undefined, chan);\n  });\n\n  chan._client._protocol.subsystem(chan.outgoing.id, name, true);\n}\n\n// TODO: inline implementation into single call site\nfunction onCHANNEL_OPEN(self, info) {\n  // The server is trying to open a channel with us, this is usually when\n  // we asked the server to forward us connections on some port and now they\n  // are asking us to accept/deny an incoming connection on their side\n\n  let localChan = -1;\n  let reason;\n\n  const accept = () => {\n    const chanInfo = {\n      type: info.type,\n      incoming: {\n        id: localChan,\n        window: MAX_WINDOW,\n        packetSize: PACKET_SIZE,\n        state: 'open'\n      },\n      outgoing: {\n        id: info.sender,\n        window: info.window,\n        packetSize: info.packetSize,\n        state: 'open'\n      }\n    };\n    const stream = new Channel(self, chanInfo);\n    self._chanMgr.update(localChan, stream);\n\n    self._protocol.channelOpenConfirm(info.sender,\n                                      localChan,\n                                      MAX_WINDOW,\n                                      PACKET_SIZE);\n    return stream;\n  };\n  const reject = () => {\n    if (reason === undefined) {\n      if (localChan === -1)\n        reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n      else\n        reason = CHANNEL_OPEN_FAILURE.CONNECT_FAILED;\n    }\n\n    if (localChan !== -1)\n      self._chanMgr.remove(localChan);\n\n    self._protocol.channelOpenFail(info.sender, reason, '');\n  };\n  const reserveChannel = () => {\n    localChan = self._chanMgr.add();\n\n    if (localChan === -1) {\n      reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n      if (self.config.debug) {\n        self.config.debug(\n          'Client: Automatic rejection of incoming channel open: '\n            + 'no channels available'\n        );\n      }\n    }\n\n    return (localChan !== -1);\n  };\n\n  const data = info.data;\n  switch (info.type) {\n    case 'forwarded-tcpip': {\n      const val = self._forwarding[`${data.destIP}:${data.destPort}`];\n      if (val !== undefined && reserveChannel()) {\n        if (data.destPort === 0)\n          data.destPort = val;\n        self.emit('tcp connection', data, accept, reject);\n        return;\n      }\n      break;\n    }\n    case 'forwarded-streamlocal@openssh.com':\n      if (self._forwardingUnix[data.socketPath] !== undefined\n          && reserveChannel()) {\n        self.emit('unix connection', data, accept, reject);\n        return;\n      }\n      break;\n    case 'auth-agent@openssh.com':\n      if (self._agentFwdEnabled\n          && typeof self._agent.getStream === 'function'\n          && reserveChannel()) {\n        self._agent.getStream((err, stream) => {\n          if (err)\n            return reject();\n\n          const upstream = accept();\n          upstream.pipe(stream).pipe(upstream);\n        });\n        return;\n      }\n      break;\n    case 'x11':\n      if (self._acceptX11 !== 0 && reserveChannel()) {\n        self.emit('x11', data, accept, reject);\n        return;\n      }\n      break;\n    default:\n      // Automatically reject any unsupported channel open requests\n      reason = CHANNEL_OPEN_FAILURE.UNKNOWN_CHANNEL_TYPE;\n      if (self.config.debug) {\n        self.config.debug(\n          'Client: Automatic rejection of unsupported incoming channel open '\n            + `type: ${info.type}`\n        );\n      }\n  }\n\n  if (reason === undefined) {\n    reason = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n    if (self.config.debug) {\n       self.config.debug(\n        'Client: Automatic rejection of unexpected incoming channel open for: '\n          + info.type\n      );\n    }\n  }\n\n  reject();\n}\n\nconst randomCookie = (() => {\n  const buffer = Buffer.allocUnsafe(16);\n  return () => {\n    randomFillSync(buffer, 0, 16);\n    return buffer.hexSlice(0, 16);\n  };\n})();\n\nfunction makeSimpleAuthHandler(authList) {\n  if (!Array.isArray(authList))\n    throw new Error('authList must be an array');\n\n  let a = 0;\n  return (authsLeft, partialSuccess, cb) => {\n    if (a === authList.length)\n      return false;\n    return authList[a++];\n  };\n}\n\nfunction hostKeysProve(client, keys_, cb) {\n  if (!client._sock || !isWritable(client._sock))\n    return;\n\n  if (typeof cb !== 'function')\n    cb = noop;\n\n  if (!Array.isArray(keys_))\n    throw new TypeError('Invalid keys argument type');\n\n  const keys = [];\n  for (const key of keys_) {\n    const parsed = parseKey(key);\n    if (parsed instanceof Error)\n      throw parsed;\n    keys.push(parsed);\n  }\n\n  if (!client.config.strictVendor\n      || (client.config.strictVendor && RE_OPENSSH.test(client._remoteVer))) {\n    client._callbacks.push((had_err, data) => {\n      if (had_err) {\n        cb(had_err !== true\n           ? had_err\n           : new Error('Server failed to prove supplied keys'));\n        return;\n      }\n\n      // TODO: move all of this parsing/verifying logic out of the client?\n      const ret = [];\n      let keyIdx = 0;\n      bufferParser.init(data, 0);\n      while (bufferParser.avail()) {\n        if (keyIdx === keys.length)\n          break;\n        const key = keys[keyIdx++];\n        const keyPublic = key.getPublicSSH();\n\n        const sigEntry = bufferParser.readString();\n        sigParser.init(sigEntry, 0);\n        const type = sigParser.readString(true);\n        let value = sigParser.readString();\n\n        let algo;\n        if (type !== key.type) {\n          if (key.type === 'ssh-rsa') {\n            switch (type) {\n              case 'rsa-sha2-256':\n                algo = 'sha256';\n                break;\n              case 'rsa-sha2-512':\n                algo = 'sha512';\n                break;\n              default:\n                continue;\n            }\n          } else {\n            continue;\n          }\n        }\n\n        const sessionID = client._protocol._kex.sessionID;\n        const verifyData = Buffer.allocUnsafe(\n          4 + 29 + 4 + sessionID.length + 4 + keyPublic.length\n        );\n        let p = 0;\n        writeUInt32BE(verifyData, 29, p);\n        verifyData.utf8Write('hostkeys-prove-00@openssh.com', p += 4, 29);\n        writeUInt32BE(verifyData, sessionID.length, p += 29);\n        bufferCopy(sessionID, verifyData, 0, sessionID.length, p += 4);\n        writeUInt32BE(verifyData, keyPublic.length, p += sessionID.length);\n        bufferCopy(keyPublic, verifyData, 0, keyPublic.length, p += 4);\n\n        if (!(value = sigSSHToASN1(value, type)))\n          continue;\n        if (key.verify(verifyData, value, algo) === true)\n          ret.push(key);\n      }\n      sigParser.clear();\n      bufferParser.clear();\n\n      cb(null, ret);\n    });\n\n    client._protocol.openssh_hostKeysProve(keys);\n    return;\n  }\n\n  process.nextTick(\n    cb,\n    new Error(\n      'strictVendor enabled and server is not OpenSSH or compatible version'\n    )\n  );\n}\n\nmodule.exports = Client;\n","'use strict';\n\nconst { Agent: HttpAgent } = require('http');\nconst { Agent: HttpsAgent } = require('https');\nconst { connect: tlsConnect } = require('tls');\n\nlet Client;\n\nfor (const ctor of [HttpAgent, HttpsAgent]) {\n  class SSHAgent extends ctor {\n    constructor(connectCfg, agentOptions) {\n      super(agentOptions);\n\n      this._connectCfg = connectCfg;\n      this._defaultSrcIP = (agentOptions && agentOptions.srcIP) || 'localhost';\n    }\n\n    createConnection(options, cb) {\n      const srcIP = (options && options.localAddress) || this._defaultSrcIP;\n      const srcPort = (options && options.localPort) || 0;\n      const dstIP = options.host;\n      const dstPort = options.port;\n\n      if (Client === undefined)\n        Client = require('./client.js');\n\n      const client = new Client();\n      let triedForward = false;\n      client.on('ready', () => {\n        client.forwardOut(srcIP, srcPort, dstIP, dstPort, (err, stream) => {\n          triedForward = true;\n          if (err) {\n            client.end();\n            return cb(err);\n          }\n          stream.once('close', () => client.end());\n          cb(null, decorateStream(stream, ctor, options));\n        });\n      }).on('error', cb).on('close', () => {\n        if (!triedForward)\n          cb(new Error('Unexpected connection close'));\n      }).connect(this._connectCfg);\n    }\n  }\n\n  exports[ctor === HttpAgent ? 'SSHTTPAgent' : 'SSHTTPSAgent'] = SSHAgent;\n}\n\nfunction noop() {}\n\nfunction decorateStream(stream, ctor, options) {\n  if (ctor === HttpAgent) {\n    // HTTP\n    stream.setKeepAlive = noop;\n    stream.setNoDelay = noop;\n    stream.setTimeout = noop;\n    stream.ref = noop;\n    stream.unref = noop;\n    stream.destroySoon = stream.destroy;\n    return stream;\n  }\n\n  // HTTPS\n  options.socket = stream;\n  const wrapped = tlsConnect(options);\n\n  // This is a workaround for a regression in node v12.16.3+\n  // https://github.com/nodejs/node/issues/35904\n  const onClose = (() => {\n    let called = false;\n    return () => {\n      if (called)\n        return;\n      called = true;\n      if (stream.isPaused())\n        stream.resume();\n    };\n  })();\n  // 'end' listener is needed because 'close' is not emitted in some scenarios\n  // in node v12.x for some unknown reason\n  wrapped.on('end', onClose).on('close', onClose);\n\n  return wrapped;\n}\n","'use strict';\n\nconst {\n  AgentProtocol,\n  BaseAgent,\n  createAgent,\n  CygwinAgent,\n  OpenSSHAgent,\n  PageantAgent,\n} = require('./agent.js');\nconst {\n  SSHTTPAgent: HTTPAgent,\n  SSHTTPSAgent: HTTPSAgent,\n} = require('./http-agents.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst {\n  flagsToString,\n  OPEN_MODE,\n  STATUS_CODE,\n  stringToFlags,\n} = require('./protocol/SFTP.js');\n\nmodule.exports = {\n  AgentProtocol,\n  BaseAgent,\n  createAgent,\n  Client: require('./client.js'),\n  CygwinAgent,\n  HTTPAgent,\n  HTTPSAgent,\n  OpenSSHAgent,\n  PageantAgent,\n  Server: require('./server.js'),\n  utils: {\n    parseKey,\n    sftp: {\n      flagsToString,\n      OPEN_MODE,\n      STATUS_CODE,\n      stringToFlags,\n    },\n  },\n};\n","/*\n  TODO:\n    * Replace `buffer._pos` usage in keyParser.js and elsewhere\n    * Utilize optional \"writev\" support when writing packets from\n      cipher.encrypt()\n    * Built-in support for automatic re-keying, on by default\n    * Revisit receiving unexpected/unknown packets\n      * Error (fatal or otherwise) or ignore or pass on to user (in some or all\n        cases)?\n      * Including server/client check for single directional packet types?\n      * Check packets for validity or bail as early as possible?\n    * Automatic re-key every 2**31 packets after the last key exchange (sent or\n      received), as suggested by RFC4344. OpenSSH currently does this.\n    * Automatic re-key every so many blocks depending on cipher. RFC4344:\n         Because of a birthday property of block ciphers and some modes of\n         operation, implementations must be careful not to encrypt too many\n         blocks with the same encryption key.\n\n         Let L be the block length (in bits) of an SSH encryption method's\n         block cipher (e.g., 128 for AES).  If L is at least 128, then, after\n         rekeying, an SSH implementation SHOULD NOT encrypt more than 2**(L/4)\n         blocks before rekeying again.  If L is at least 128, then SSH\n         implementations should also attempt to force a rekey before receiving\n         more than 2**(L/4) blocks.  If L is less than 128 (which is the case\n         for older ciphers such as 3DES, Blowfish, CAST-128, and IDEA), then,\n         although it may be too expensive to rekey every 2**(L/4) blocks, it\n         is still advisable for SSH implementations to follow the original\n         recommendation in [RFC4253]: rekey at least once for every gigabyte\n         of transmitted data.\n\n         Note that if L is less than or equal to 128, then the recommendation\n         in this subsection supersedes the recommendation in Section 3.1.  If\n         an SSH implementation uses a block cipher with a larger block size\n         (e.g., Rijndael with 256-bit blocks), then the recommendations in\n         Section 3.1 may supersede the recommendations in this subsection\n         (depending on the lengths of the packets).\n*/\n\n'use strict';\n\nconst { inspect } = require('util');\n\nconst { bindingAvailable, NullCipher, NullDecipher } = require('./crypto.js');\nconst {\n  COMPAT_CHECKS,\n  DISCONNECT_REASON,\n  MESSAGE,\n  SIGNALS,\n  TERMINAL_MODE,\n} = require('./constants.js');\nconst {\n  DEFAULT_KEXINIT,\n  KexInit,\n  kexinit,\n  onKEXPayload,\n} = require('./kex.js');\nconst {\n  parseKey,\n} = require('./keyParser.js');\nconst MESSAGE_HANDLERS = require('./handlers.js');\nconst {\n  bufferCopy,\n  bufferFill,\n  bufferSlice,\n  convertSignature,\n  sendPacket,\n  writeUInt32BE,\n} = require('./utils.js');\nconst {\n  PacketReader,\n  PacketWriter,\n  ZlibPacketReader,\n  ZlibPacketWriter,\n} = require('./zlib.js');\n\nconst MODULE_VER = require('../../package.json').version;\n\nconst VALID_DISCONNECT_REASONS = new Map(\n  Object.values(DISCONNECT_REASON).map((n) => [n, 1])\n);\nconst IDENT_RAW = Buffer.from(`SSH-2.0-ssh2js${MODULE_VER}`);\nconst IDENT = Buffer.from(`${IDENT_RAW}\\r\\n`);\nconst MAX_LINE_LEN = 8192;\nconst MAX_LINES = 1024;\nconst PING_PAYLOAD = Buffer.from([\n  MESSAGE.GLOBAL_REQUEST,\n  // \"keepalive@openssh.com\"\n  0, 0, 0, 21,\n    107, 101, 101, 112, 97, 108, 105, 118, 101, 64, 111, 112, 101, 110, 115,\n    115, 104, 46, 99, 111, 109,\n  // Request a reply\n  1,\n]);\nconst NO_TERMINAL_MODES_BUFFER = Buffer.from([ TERMINAL_MODE.TTY_OP_END ]);\n\nfunction noop() {}\n\n/*\n  Inbound:\n    * kexinit payload (needed only until exchange hash is generated)\n    * raw ident\n    * rekey packet queue\n    * expected packet (implemented as separate _parse() function?)\n  Outbound:\n    * kexinit payload (needed only until exchange hash is generated)\n    * rekey packet queue\n    * kex secret (needed only until NEWKEYS)\n    * exchange hash (needed only until NEWKEYS)\n    * session ID (set to exchange hash from initial handshake)\n*/\nclass Protocol {\n  constructor(config) {\n    const onWrite = config.onWrite;\n    if (typeof onWrite !== 'function')\n      throw new Error('Missing onWrite function');\n    this._onWrite = (data) => { onWrite(data); };\n\n    const onError = config.onError;\n    if (typeof onError !== 'function')\n      throw new Error('Missing onError function');\n    this._onError = (err) => { onError(err); };\n\n    const debug = config.debug;\n    this._debug = (typeof debug === 'function'\n                   ? (msg) => { debug(msg); }\n                   : undefined);\n\n    const onHeader = config.onHeader;\n    this._onHeader = (typeof onHeader === 'function'\n                      ? (...args) => { onHeader(...args); }\n                      : noop);\n\n    const onPacket = config.onPacket;\n    this._onPacket = (typeof onPacket === 'function'\n                      ? () => { onPacket(); }\n                      : noop);\n\n    let onHandshakeComplete = config.onHandshakeComplete;\n    if (typeof onHandshakeComplete !== 'function')\n      onHandshakeComplete = noop;\n    this._onHandshakeComplete = (...args) => {\n      this._debug && this._debug('Handshake completed');\n\n      // Process packets queued during a rekey where necessary\n      const oldQueue = this._queue;\n      if (oldQueue) {\n        this._queue = undefined;\n        this._debug && this._debug(\n          `Draining outbound queue (${oldQueue.length}) ...`\n        );\n        for (let i = 0; i < oldQueue.length; ++i) {\n          const data = oldQueue[i];\n          // data === payload only\n\n          // XXX: hacky\n          let finalized = this._packetRW.write.finalize(data);\n          if (finalized === data) {\n            const packet = this._cipher.allocPacket(data.length);\n            packet.set(data, 5);\n            finalized = packet;\n          }\n\n          sendPacket(this, finalized);\n        }\n        this._debug && this._debug('... finished draining outbound queue');\n      }\n\n      onHandshakeComplete(...args);\n    };\n    this._queue = undefined;\n\n    const messageHandlers = config.messageHandlers;\n    if (typeof messageHandlers === 'object' && messageHandlers !== null)\n      this._handlers = messageHandlers;\n    else\n      this._handlers = {};\n\n    this._onPayload = onPayload.bind(this);\n\n    this._server = !!config.server;\n    this._banner = undefined;\n    let greeting;\n    if (this._server) {\n      if (typeof config.hostKeys !== 'object' || config.hostKeys === null)\n        throw new Error('Missing server host key(s)');\n      this._hostKeys = config.hostKeys;\n\n      // Greeting displayed before the ssh identification string is sent, this\n      // is usually ignored by most clients\n      if (typeof config.greeting === 'string' && config.greeting.length) {\n        greeting = (config.greeting.slice(-2) === '\\r\\n'\n                    ? config.greeting\n                    : `${config.greeting}\\r\\n`);\n      }\n\n      // Banner shown after the handshake completes, but before user\n      // authentication begins\n      if (typeof config.banner === 'string' && config.banner.length) {\n        this._banner = (config.banner.slice(-2) === '\\r\\n'\n                        ? config.banner\n                        : `${config.banner}\\r\\n`);\n      }\n    } else {\n      this._hostKeys = undefined;\n    }\n\n    let offer = config.offer;\n    if (typeof offer !== 'object' || offer === null)\n      offer = DEFAULT_KEXINIT;\n    else if (offer.constructor !== KexInit)\n      offer = new KexInit(offer);\n    this._kex = undefined;\n    this._kexinit = undefined;\n    this._offer = offer;\n    this._cipher = new NullCipher(0, this._onWrite);\n    this._decipher = undefined;\n    this._skipNextInboundPacket = false;\n    this._packetRW = {\n      read: new PacketReader(),\n      write: new PacketWriter(this),\n    };\n    this._hostVerifier = (!this._server\n                           && typeof config.hostVerifier === 'function'\n                          ? config.hostVerifier\n                          : undefined);\n\n    this._parse = parseHeader;\n    this._buffer = undefined;\n    this._authsQueue = [];\n    this._authenticated = false;\n    this._remoteIdentRaw = undefined;\n    let sentIdent;\n    if (typeof config.ident === 'string') {\n      this._identRaw = Buffer.from(`SSH-2.0-${config.ident}`);\n\n      sentIdent = Buffer.allocUnsafe(this._identRaw.length + 2);\n      sentIdent.set(this._identRaw, 0);\n      sentIdent[sentIdent.length - 2] = 13; // '\\r'\n      sentIdent[sentIdent.length - 1] = 10; // '\\n'\n    } else if (Buffer.isBuffer(config.ident)) {\n      const fullIdent = Buffer.allocUnsafe(8 + config.ident.length);\n      fullIdent.latin1Write('SSH-2.0-', 0, 8);\n      fullIdent.set(config.ident, 8);\n      this._identRaw = fullIdent;\n\n      sentIdent = Buffer.allocUnsafe(fullIdent.length + 2);\n      sentIdent.set(fullIdent, 0);\n      sentIdent[sentIdent.length - 2] = 13; // '\\r'\n      sentIdent[sentIdent.length - 1] = 10; // '\\n'\n    } else {\n      this._identRaw = IDENT_RAW;\n      sentIdent = IDENT;\n    }\n    this._compatFlags = 0;\n\n    if (this._debug) {\n      if (bindingAvailable)\n        this._debug('Custom crypto binding available');\n      else\n        this._debug('Custom crypto binding not available');\n    }\n\n    this._debug && this._debug(\n      `Local ident: ${inspect(this._identRaw.toString())}`\n    );\n    this.start = () => {\n      this.start = undefined;\n      if (greeting)\n        this._onWrite(greeting);\n      this._onWrite(sentIdent);\n    };\n  }\n  _destruct(reason) {\n    this._packetRW.read.cleanup();\n    this._packetRW.write.cleanup();\n    this._cipher && this._cipher.free();\n    this._decipher && this._decipher.free();\n    if (typeof reason !== 'string' || reason.length === 0)\n      reason = 'fatal error';\n    this.parse = () => {\n      throw new Error(`Instance unusable after ${reason}`);\n    };\n    this._onWrite = () => {\n      throw new Error(`Instance unusable after ${reason}`);\n    };\n    this._destruct = undefined;\n  }\n  cleanup() {\n    this._destruct && this._destruct();\n  }\n  parse(chunk, i, len) {\n    while (i < len)\n      i = this._parse(chunk, i, len);\n  }\n\n  // Protocol message API\n\n  // ===========================================================================\n  // Common/Shared =============================================================\n  // ===========================================================================\n\n  // Global\n  // ------\n  disconnect(reason) {\n    const pktLen = 1 + 4 + 4 + 4;\n    // We don't use _packetRW.write.* here because we need to make sure that\n    // we always get a full packet allocated because this message can be sent\n    // at any time -- even during a key exchange\n    let p = this._packetRW.write.allocStartKEX;\n    const packet = this._packetRW.write.alloc(pktLen, true);\n    const end = p + pktLen;\n\n    if (!VALID_DISCONNECT_REASONS.has(reason))\n      reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n\n    packet[p] = MESSAGE.DISCONNECT;\n    writeUInt32BE(packet, reason, ++p);\n    packet.fill(0, p += 4, end);\n\n    this._debug && this._debug(`Outbound: Sending DISCONNECT (${reason})`);\n    sendPacket(this, this._packetRW.write.finalize(packet, true), true);\n  }\n  ping() {\n    const p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(PING_PAYLOAD.length);\n\n    packet.set(PING_PAYLOAD, p);\n\n    this._debug && this._debug(\n      'Outbound: Sending ping (GLOBAL_REQUEST: keepalive@openssh.com)'\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  rekey() {\n    if (this._kexinit === undefined) {\n      this._debug && this._debug('Outbound: Initiated explicit rekey');\n      this._queue = [];\n      kexinit(this);\n    } else {\n      this._debug && this._debug('Outbound: Ignoring rekey during handshake');\n    }\n  }\n\n  // 'ssh-connection' service-specific\n  // ---------------------------------\n  requestSuccess(data) {\n    let p = this._packetRW.write.allocStart;\n    let packet;\n    if (Buffer.isBuffer(data)) {\n      packet = this._packetRW.write.alloc(1 + data.length);\n\n      packet[p] = MESSAGE.REQUEST_SUCCESS;\n\n      packet.set(data, ++p);\n    } else {\n      packet = this._packetRW.write.alloc(1);\n\n      packet[p] = MESSAGE.REQUEST_SUCCESS;\n    }\n\n    this._debug && this._debug('Outbound: Sending REQUEST_SUCCESS');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  requestFailure() {\n    const p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1);\n\n    packet[p] = MESSAGE.REQUEST_FAILURE;\n\n    this._debug && this._debug('Outbound: Sending REQUEST_FAILURE');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelSuccess(chan) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_SUCCESS;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    this._debug && this._debug(`Outbound: Sending CHANNEL_SUCCESS (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelFailure(chan) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_FAILURE;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    this._debug && this._debug(`Outbound: Sending CHANNEL_FAILURE (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelEOF(chan) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_EOF;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    this._debug && this._debug(`Outbound: Sending CHANNEL_EOF (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelClose(chan) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_CLOSE;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    this._debug && this._debug(`Outbound: Sending CHANNEL_CLOSE (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelWindowAdjust(chan, amount) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_WINDOW_ADJUST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, amount, p += 4);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_WINDOW_ADJUST (r:${chan}, ${amount})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelData(chan, data) {\n    const isBuffer = Buffer.isBuffer(data);\n    const dataLen = (isBuffer ? data.length : Buffer.byteLength(data));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + dataLen);\n\n    packet[p] = MESSAGE.CHANNEL_DATA;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, dataLen, p += 4);\n\n    if (isBuffer)\n      packet.set(data, p += 4);\n    else\n      packet.utf8Write(data, p += 4, dataLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_DATA (r:${chan}, ${dataLen})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelExtData(chan, data, type) {\n    const isBuffer = Buffer.isBuffer(data);\n    const dataLen = (isBuffer ? data.length : Buffer.byteLength(data));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + dataLen);\n\n    packet[p] = MESSAGE.CHANNEL_EXTENDED_DATA;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, type, p += 4);\n\n    writeUInt32BE(packet, dataLen, p += 4);\n\n    if (isBuffer)\n      packet.set(data, p += 4);\n    else\n      packet.utf8Write(data, p += 4, dataLen);\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_EXTENDED_DATA (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelOpenConfirm(remote, local, initWindow, maxPacket) {\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_OPEN_CONFIRMATION;\n\n    writeUInt32BE(packet, remote, ++p);\n\n    writeUInt32BE(packet, local, p += 4);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN_CONFIRMATION (r:${remote}, l:${local})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelOpenFail(remote, reason, desc) {\n    if (typeof desc !== 'string')\n      desc = '';\n\n    const descLen = Buffer.byteLength(desc);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + descLen + 4);\n\n    packet[p] = MESSAGE.CHANNEL_OPEN_FAILURE;\n\n    writeUInt32BE(packet, remote, ++p);\n\n    writeUInt32BE(packet, reason, p += 4);\n\n    writeUInt32BE(packet, descLen, p += 4);\n\n    p += 4;\n    if (descLen) {\n      packet.utf8Write(desc, p, descLen);\n      p += descLen;\n    }\n\n    writeUInt32BE(packet, 0, p); // Empty language tag\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_OPEN_FAILURE (r:${remote})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n\n  // ===========================================================================\n  // Client-specific ===========================================================\n  // ===========================================================================\n\n  // Global\n  // ------\n  service(name) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const nameLen = Buffer.byteLength(name);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + nameLen);\n\n    packet[p] = MESSAGE.SERVICE_REQUEST;\n\n    writeUInt32BE(packet, nameLen, ++p);\n    packet.utf8Write(name, p += 4, nameLen);\n\n    this._debug && this._debug(`Outbound: Sending SERVICE_REQUEST (${name})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n\n  // 'ssh-userauth' service-specific\n  // -------------------------------\n  authPassword(username, password, newPassword) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const userLen = Buffer.byteLength(username);\n    const passLen = Buffer.byteLength(password);\n    const newPassLen = (newPassword ? Buffer.byteLength(newPassword) : 0);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + userLen + 4 + 14 + 4 + 8 + 1 + 4 + passLen\n        + (newPassword ? 4 + newPassLen : 0)\n    );\n\n    packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(packet, userLen, ++p);\n    packet.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(packet, 14, p += userLen);\n    packet.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(packet, 8, p += 14);\n    packet.utf8Write('password', p += 4, 8);\n\n    packet[p += 8] = (newPassword ? 1 : 0);\n\n    writeUInt32BE(packet, passLen, ++p);\n    if (Buffer.isBuffer(password))\n      bufferCopy(password, packet, 0, passLen, p += 4);\n    else\n      packet.utf8Write(password, p += 4, passLen);\n\n    if (newPassword) {\n      writeUInt32BE(packet, newPassLen, p += passLen);\n      if (Buffer.isBuffer(newPassword))\n        bufferCopy(newPassword, packet, 0, newPassLen, p += 4);\n      else\n        packet.utf8Write(newPassword, p += 4, newPassLen);\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (changed password)'\n      );\n    } else {\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (password)'\n      );\n    }\n\n    this._authsQueue.push('password');\n\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authPK(username, pubKey, cbSign) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    pubKey = parseKey(pubKey);\n    if (pubKey instanceof Error)\n      throw new Error('Invalid key');\n\n    const keyType = pubKey.type;\n    pubKey = pubKey.getPublicSSH();\n\n    const userLen = Buffer.byteLength(username);\n    const algoLen = Buffer.byteLength(keyType);\n    const pubKeyLen = pubKey.length;\n    const sessionID = this._kex.sessionID;\n    const sesLen = sessionID.length;\n    const payloadLen =\n      (cbSign ? 4 + sesLen : 0)\n        + 1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen;\n    let packet;\n    let p;\n    if (cbSign) {\n      packet = Buffer.allocUnsafe(payloadLen);\n      p = 0;\n      writeUInt32BE(packet, sesLen, p);\n      packet.set(sessionID, p += 4);\n      p += sesLen;\n    } else {\n      packet = this._packetRW.write.alloc(payloadLen);\n      p = this._packetRW.write.allocStart;\n    }\n\n    packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(packet, userLen, ++p);\n    packet.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(packet, 14, p += userLen);\n    packet.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(packet, 9, p += 14);\n    packet.utf8Write('publickey', p += 4, 9);\n\n    packet[p += 9] = (cbSign ? 1 : 0);\n\n    writeUInt32BE(packet, algoLen, ++p);\n    packet.utf8Write(keyType, p += 4, algoLen);\n\n    writeUInt32BE(packet, pubKeyLen, p += algoLen);\n    packet.set(pubKey, p += 4);\n\n    if (!cbSign) {\n      this._authsQueue.push('publickey');\n\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (publickey -- check)'\n      );\n      sendPacket(this, this._packetRW.write.finalize(packet));\n      return;\n    }\n\n    cbSign(packet, (signature) => {\n      signature = convertSignature(signature, keyType);\n      if (signature === false)\n        throw new Error('Error while converting handshake signature');\n\n      const sigLen = signature.length;\n      p = this._packetRW.write.allocStart;\n      packet = this._packetRW.write.alloc(\n        1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen + 4\n          + 4 + algoLen + 4 + sigLen\n      );\n\n      // TODO: simply copy from original \"packet\" to new `packet` to avoid\n      // having to write each individual field a second time?\n      packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n      writeUInt32BE(packet, userLen, ++p);\n      packet.utf8Write(username, p += 4, userLen);\n\n      writeUInt32BE(packet, 14, p += userLen);\n      packet.utf8Write('ssh-connection', p += 4, 14);\n\n      writeUInt32BE(packet, 9, p += 14);\n      packet.utf8Write('publickey', p += 4, 9);\n\n      packet[p += 9] = 1;\n\n      writeUInt32BE(packet, algoLen, ++p);\n      packet.utf8Write(keyType, p += 4, algoLen);\n\n      writeUInt32BE(packet, pubKeyLen, p += algoLen);\n      packet.set(pubKey, p += 4);\n\n      writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += pubKeyLen);\n\n      writeUInt32BE(packet, algoLen, p += 4);\n      packet.utf8Write(keyType, p += 4, algoLen);\n\n      writeUInt32BE(packet, sigLen, p += algoLen);\n      packet.set(signature, p += 4);\n\n      // Servers shouldn't send packet type 60 in response to signed publickey\n      // attempts, but if they do, interpret as type 60.\n      this._authsQueue.push('publickey');\n\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (publickey)'\n      );\n      sendPacket(this, this._packetRW.write.finalize(packet));\n    });\n  }\n  authHostbased(username, pubKey, hostname, userlocal, cbSign) {\n    // TODO: Make DRY by sharing similar code with authPK()\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    pubKey = parseKey(pubKey);\n    if (pubKey instanceof Error)\n      throw new Error('Invalid key');\n\n    const keyType = pubKey.type;\n    pubKey = pubKey.getPublicSSH();\n\n    const userLen = Buffer.byteLength(username);\n    const algoLen = Buffer.byteLength(keyType);\n    const pubKeyLen = pubKey.length;\n    const sessionID = this._kex.sessionID;\n    const sesLen = sessionID.length;\n    const hostnameLen = Buffer.byteLength(hostname);\n    const userlocalLen = Buffer.byteLength(userlocal);\n    const data = Buffer.allocUnsafe(\n      4 + sesLen + 1 + 4 + userLen + 4 + 14 + 4 + 9 + 4 + algoLen\n        + 4 + pubKeyLen + 4 + hostnameLen + 4 + userlocalLen\n    );\n    let p = 0;\n\n    writeUInt32BE(data, sesLen, p);\n    data.set(sessionID, p += 4);\n\n    data[p += sesLen] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(data, userLen, ++p);\n    data.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(data, 14, p += userLen);\n    data.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(data, 9, p += 14);\n    data.utf8Write('hostbased', p += 4, 9);\n\n    writeUInt32BE(data, algoLen, p += 9);\n    data.utf8Write(keyType, p += 4, algoLen);\n\n    writeUInt32BE(data, pubKeyLen, p += algoLen);\n    data.set(pubKey, p += 4);\n\n    writeUInt32BE(data, hostnameLen, p += pubKeyLen);\n    data.utf8Write(hostname, p += 4, hostnameLen);\n\n    writeUInt32BE(data, userlocalLen, p += hostnameLen);\n    data.utf8Write(userlocal, p += 4, userlocalLen);\n\n    cbSign(data, (signature) => {\n      signature = convertSignature(signature, keyType);\n      if (!signature)\n        throw new Error('Error while converting handshake signature');\n\n      const sigLen = signature.length;\n      const reqDataLen = (data.length - sesLen - 4);\n      p = this._packetRW.write.allocStart;\n      const packet = this._packetRW.write.alloc(\n        reqDataLen + 4 + 4 + algoLen + 4 + sigLen\n      );\n\n      bufferCopy(data, packet, 4 + sesLen, data.length, p);\n\n      writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += reqDataLen);\n      writeUInt32BE(packet, algoLen, p += 4);\n      packet.utf8Write(keyType, p += 4, algoLen);\n      writeUInt32BE(packet, sigLen, p += algoLen);\n      packet.set(signature, p += 4);\n\n      this._authsQueue.push('hostbased');\n\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (hostbased)'\n      );\n      sendPacket(this, this._packetRW.write.finalize(packet));\n    });\n  }\n  authKeyboard(username) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const userLen = Buffer.byteLength(username);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + userLen + 4 + 14 + 4 + 20 + 4 + 4\n    );\n\n    packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(packet, userLen, ++p);\n    packet.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(packet, 14, p += userLen);\n    packet.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(packet, 20, p += 14);\n    packet.utf8Write('keyboard-interactive', p += 4, 20);\n\n    writeUInt32BE(packet, 0, p += 20);\n\n    writeUInt32BE(packet, 0, p += 4);\n\n    this._authsQueue.push('keyboard-interactive');\n\n    this._debug && this._debug(\n      'Outbound: Sending USERAUTH_REQUEST (keyboard-interactive)'\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authNone(username) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const userLen = Buffer.byteLength(username);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + userLen + 4 + 14 + 4 + 4);\n\n    packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(packet, userLen, ++p);\n    packet.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(packet, 14, p += userLen);\n    packet.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(packet, 4, p += 14);\n    packet.utf8Write('none', p += 4, 4);\n\n    this._authsQueue.push('none');\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_REQUEST (none)');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authInfoRes(responses) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    let responsesTotalLen = 0;\n    let responseLens;\n\n    if (responses) {\n      responseLens = new Array(responses.length);\n      for (let i = 0; i < responses.length; ++i) {\n        const len = Buffer.byteLength(responses[i]);\n        responseLens[i] = len;\n        responsesTotalLen += 4 + len;\n      }\n    }\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + responsesTotalLen);\n\n    packet[p] = MESSAGE.USERAUTH_INFO_RESPONSE;\n\n    if (responses) {\n      writeUInt32BE(packet, responses.length, ++p);\n      p += 4;\n      for (let i = 0; i < responses.length; ++i) {\n        const len = responseLens[i];\n        writeUInt32BE(packet, len, p);\n        p += 4;\n        if (len) {\n          packet.utf8Write(responses[i], p, len);\n          p += len;\n        }\n      }\n    } else {\n      writeUInt32BE(packet, 0, ++p);\n    }\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_INFO_RESPONSE');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n\n  // 'ssh-connection' service-specific\n  // ---------------------------------\n  tcpipForward(bindAddr, bindPort, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const addrLen = Buffer.byteLength(bindAddr);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 13 + 1 + 4 + addrLen + 4);\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 13, ++p);\n    packet.utf8Write('tcpip-forward', p += 4, 13);\n\n    packet[p += 13] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, addrLen, ++p);\n    packet.utf8Write(bindAddr, p += 4, addrLen);\n\n    writeUInt32BE(packet, bindPort, p += addrLen);\n\n    this._debug\n      && this._debug('Outbound: Sending GLOBAL_REQUEST (tcpip-forward)');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  cancelTcpipForward(bindAddr, bindPort, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const addrLen = Buffer.byteLength(bindAddr);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 20 + 1 + 4 + addrLen + 4);\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 20, ++p);\n    packet.utf8Write('cancel-tcpip-forward', p += 4, 20);\n\n    packet[p += 20] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, addrLen, ++p);\n    packet.utf8Write(bindAddr, p += 4, addrLen);\n\n    writeUInt32BE(packet, bindPort, p += addrLen);\n\n    this._debug\n      && this._debug('Outbound: Sending GLOBAL_REQUEST (cancel-tcpip-forward)');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_streamLocalForward(socketPath, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const socketPathLen = Buffer.byteLength(socketPath);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 31 + 1 + 4 + socketPathLen\n    );\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 31, ++p);\n    packet.utf8Write('streamlocal-forward@openssh.com', p += 4, 31);\n\n    packet[p += 31] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, socketPathLen, ++p);\n    packet.utf8Write(socketPath, p += 4, socketPathLen);\n\n    this._debug && this._debug(\n      'Outbound: Sending GLOBAL_REQUEST (streamlocal-forward@openssh.com)'\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_cancelStreamLocalForward(socketPath, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const socketPathLen = Buffer.byteLength(socketPath);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 38 + 1 + 4 + socketPathLen\n    );\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 38, ++p);\n    packet.utf8Write('cancel-streamlocal-forward@openssh.com', p += 4, 38);\n\n    packet[p += 38] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, socketPathLen, ++p);\n    packet.utf8Write(socketPath, p += 4, socketPathLen);\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending GLOBAL_REQUEST '\n          + '(cancel-streamlocal-forward@openssh.com)'\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  directTcpip(chan, initWindow, maxPacket, cfg) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const srcLen = Buffer.byteLength(cfg.srcIP);\n    const dstLen = Buffer.byteLength(cfg.dstIP);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 12 + 4 + 4 + 4 + 4 + srcLen + 4 + 4 + dstLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 12, ++p);\n    packet.utf8Write('direct-tcpip', p += 4, 12);\n\n    writeUInt32BE(packet, chan, p += 12);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, dstLen, p += 4);\n    packet.utf8Write(cfg.dstIP, p += 4, dstLen);\n\n    writeUInt32BE(packet, cfg.dstPort, p += dstLen);\n\n    writeUInt32BE(packet, srcLen, p += 4);\n    packet.utf8Write(cfg.srcIP, p += 4, srcLen);\n\n    writeUInt32BE(packet, cfg.srcPort, p += srcLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN (r:${chan}, direct-tcpip)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_directStreamLocal(chan, initWindow, maxPacket, cfg) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const pathLen = Buffer.byteLength(cfg.socketPath);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 30 + 4 + 4 + 4 + 4 + pathLen + 4 + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 30, ++p);\n    packet.utf8Write('direct-streamlocal@openssh.com', p += 4, 30);\n\n    writeUInt32BE(packet, chan, p += 30);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, pathLen, p += 4);\n    packet.utf8Write(cfg.socketPath, p += 4, pathLen);\n\n    // zero-fill reserved fields (string and uint32)\n    bufferFill(packet, 0, p += pathLen, p + 8);\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending CHANNEL_OPEN '\n          + `(r:${chan}, direct-streamlocal@openssh.com)`\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_noMoreSessions(wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 28 + 1);\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 28, ++p);\n    packet.utf8Write('no-more-sessions@openssh.com', p += 4, 28);\n\n    packet[p += 28] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    this._debug && this._debug(\n      'Outbound: Sending GLOBAL_REQUEST (no-more-sessions@openssh.com)'\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  session(chan, initWindow, maxPacket) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 7 + 4 + 4 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 7, ++p);\n    packet.utf8Write('session', p += 4, 7);\n\n    writeUInt32BE(packet, chan, p += 7);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_OPEN (r:${chan}, session)`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  windowChange(chan, rows, cols, height, width) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 13 + 1 + 4 + 4 + 4 + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 13, p += 4);\n    packet.utf8Write('window-change', p += 4, 13);\n\n    packet[p += 13] = 0;\n\n    writeUInt32BE(packet, cols, ++p);\n\n    writeUInt32BE(packet, rows, p += 4);\n\n    writeUInt32BE(packet, width, p += 4);\n\n    writeUInt32BE(packet, height, p += 4);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, window-change)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  pty(chan, rows, cols, height, width, term, modes, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    if (!term || !term.length)\n      term = 'vt100';\n    if (modes\n        && !Buffer.isBuffer(modes)\n        && !Array.isArray(modes)\n        && typeof modes === 'object'\n        && modes !== null) {\n      modes = modesToBytes(modes);\n    }\n    if (!modes || !modes.length)\n      modes = NO_TERMINAL_MODES_BUFFER;\n\n    const termLen = term.length;\n    const modesLen = modes.length;\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 7 + 1 + 4 + termLen + 4 + 4 + 4 + 4 + 4 + modesLen\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 7, p += 4);\n    packet.utf8Write('pty-req', p += 4, 7);\n\n    packet[p += 7] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, termLen, ++p);\n    packet.utf8Write(term, p += 4, termLen);\n\n    writeUInt32BE(packet, cols, p += termLen);\n\n    writeUInt32BE(packet, rows, p += 4);\n\n    writeUInt32BE(packet, width, p += 4);\n\n    writeUInt32BE(packet, height, p += 4);\n\n    writeUInt32BE(packet, modesLen, p += 4);\n    p += 4;\n    if (Array.isArray(modes)) {\n      for (let i = 0; i < modesLen; ++i)\n        packet[p++] = modes[i];\n    } else if (Buffer.isBuffer(modes)) {\n      packet.set(modes, p);\n    }\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, pty-req)`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  shell(chan, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 5 + 1);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 5, p += 4);\n    packet.utf8Write('shell', p += 4, 5);\n\n    packet[p += 5] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, shell)`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  exec(chan, cmd, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    const isBuf = Buffer.isBuffer(cmd);\n    const cmdLen = (isBuf ? cmd.length : Buffer.byteLength(cmd));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + 1 + 4 + cmdLen);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 4, p += 4);\n    packet.utf8Write('exec', p += 4, 4);\n\n    packet[p += 4] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, cmdLen, ++p);\n    if (isBuf)\n      packet.set(cmd, p += 4);\n    else\n      packet.utf8Write(cmd, p += 4, cmdLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exec: ${cmd})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  signal(chan, signal) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    const origSignal = signal;\n\n    signal = signal.toUpperCase();\n    if (signal.slice(0, 3) === 'SIG')\n      signal = signal.slice(3);\n\n    if (SIGNALS[signal] !== 1)\n      throw new Error(`Invalid signal: ${origSignal}`);\n\n    const signalLen = signal.length;\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 6 + 1 + 4 + signalLen\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 6, p += 4);\n    packet.utf8Write('signal', p += 4, 6);\n\n    packet[p += 6] = 0;\n\n    writeUInt32BE(packet, signalLen, ++p);\n    packet.utf8Write(signal, p += 4, signalLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, signal: ${signal})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  env(chan, key, val, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    const keyLen = Buffer.byteLength(key);\n    const isBuf = Buffer.isBuffer(val);\n    const valLen = (isBuf ? val.length : Buffer.byteLength(val));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 3 + 1 + 4 + keyLen + 4 + valLen\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 3, p += 4);\n    packet.utf8Write('env', p += 4, 3);\n\n    packet[p += 3] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, keyLen, ++p);\n    packet.utf8Write(key, p += 4, keyLen);\n\n    writeUInt32BE(packet, valLen, p += keyLen);\n    if (isBuf)\n      packet.set(val, p += 4);\n    else\n      packet.utf8Write(val, p += 4, valLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, env: ${key}=${val})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  x11Forward(chan, cfg, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    const protocol = cfg.protocol;\n    const cookie = cfg.cookie;\n    const isBufProto = Buffer.isBuffer(protocol);\n    const protoLen = (isBufProto\n                      ? protocol.length\n                      : Buffer.byteLength(protocol));\n    const isBufCookie = Buffer.isBuffer(cookie);\n    const cookieLen = (isBufCookie\n                       ? cookie.length\n                       : Buffer.byteLength(cookie));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 7 + 1 + 1 + 4 + protoLen + 4 + cookieLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 7, p += 4);\n    packet.utf8Write('x11-req', p += 4, 7);\n\n    packet[p += 7] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    packet[++p] = (cfg.single ? 1 : 0);\n\n    writeUInt32BE(packet, protoLen, ++p);\n    if (isBufProto)\n      packet.set(protocol, p += 4);\n    else\n      packet.utf8Write(protocol, p += 4, protoLen);\n\n    writeUInt32BE(packet, cookieLen, p += protoLen);\n    if (isBufCookie)\n      packet.set(cookie, p += 4);\n    else\n      packet.latin1Write(cookie, p += 4, cookieLen);\n\n    writeUInt32BE(packet, (cfg.screen || 0), p += cookieLen);\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, x11-req)`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  subsystem(chan, name, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n    const nameLen = Buffer.byteLength(name);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 9 + 1 + 4 + nameLen);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 9, p += 4);\n    packet.utf8Write('subsystem', p += 4, 9);\n\n    packet[p += 9] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, nameLen, ++p);\n    packet.utf8Write(name, p += 4, nameLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, subsystem: ${name})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_agentForward(chan, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 26 + 1);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 26, p += 4);\n    packet.utf8Write('auth-agent-req@openssh.com', p += 4, 26);\n\n    packet[p += 26] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending CHANNEL_REQUEST '\n          + `(r:${chan}, auth-agent-req@openssh.com)`\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_hostKeysProve(keys) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    let keysTotal = 0;\n    const publicKeys = [];\n    for (const key of keys) {\n      const publicKey = key.getPublicSSH();\n      keysTotal += 4 + publicKey.length;\n      publicKeys.push(publicKey);\n    }\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 29 + 1 + keysTotal);\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 29, ++p);\n    packet.utf8Write('hostkeys-prove-00@openssh.com', p += 4, 29);\n\n    packet[p += 29] = 1; // want reply\n\n    ++p;\n    for (const buf of publicKeys) {\n      writeUInt32BE(packet, buf.length, p);\n      bufferCopy(buf, packet, 0, buf.length, p += 4);\n      p += buf.length;\n    }\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending GLOBAL_REQUEST (hostkeys-prove-00@openssh.com)'\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n\n  // ===========================================================================\n  // Server-specific ===========================================================\n  // ===========================================================================\n\n  // Global\n  // ------\n  serviceAccept(svcName) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const svcNameLen = Buffer.byteLength(svcName);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + svcNameLen);\n\n    packet[p] = MESSAGE.SERVICE_ACCEPT;\n\n    writeUInt32BE(packet, svcNameLen, ++p);\n    packet.utf8Write(svcName, p += 4, svcNameLen);\n\n    this._debug && this._debug(`Outbound: Sending SERVICE_ACCEPT (${svcName})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n\n    if (this._server && this._banner && svcName === 'ssh-userauth') {\n      const banner = this._banner;\n      this._banner = undefined; // Prevent banner from being displayed again\n      const bannerLen = Buffer.byteLength(banner);\n      p = this._packetRW.write.allocStart;\n      const packet = this._packetRW.write.alloc(1 + 4 + bannerLen + 4);\n\n      packet[p] = MESSAGE.USERAUTH_BANNER;\n\n      writeUInt32BE(packet, bannerLen, ++p);\n      packet.utf8Write(banner, p += 4, bannerLen);\n\n      writeUInt32BE(packet, 0, p += bannerLen); // Empty language tag\n\n      this._debug && this._debug('Outbound: Sending USERAUTH_BANNER');\n      sendPacket(this, this._packetRW.write.finalize(packet));\n    }\n  }\n  // 'ssh-connection' service-specific\n  forwardedTcpip(chan, initWindow, maxPacket, cfg) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const boundAddrLen = Buffer.byteLength(cfg.boundAddr);\n    const remoteAddrLen = Buffer.byteLength(cfg.remoteAddr);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 15 + 4 + 4 + 4 + 4 + boundAddrLen + 4 + 4 + remoteAddrLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 15, ++p);\n    packet.utf8Write('forwarded-tcpip', p += 4, 15);\n\n    writeUInt32BE(packet, chan, p += 15);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, boundAddrLen, p += 4);\n    packet.utf8Write(cfg.boundAddr, p += 4, boundAddrLen);\n\n    writeUInt32BE(packet, cfg.boundPort, p += boundAddrLen);\n\n    writeUInt32BE(packet, remoteAddrLen, p += 4);\n    packet.utf8Write(cfg.remoteAddr, p += 4, remoteAddrLen);\n\n    writeUInt32BE(packet, cfg.remotePort, p += remoteAddrLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN (r:${chan}, forwarded-tcpip)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  x11(chan, initWindow, maxPacket, cfg) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const addrLen = Buffer.byteLength(cfg.originAddr);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 3 + 4 + 4 + 4 + 4 + addrLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 3, ++p);\n    packet.utf8Write('x11', p += 4, 3);\n\n    writeUInt32BE(packet, chan, p += 3);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, addrLen, p += 4);\n    packet.utf8Write(cfg.originAddr, p += 4, addrLen);\n\n    writeUInt32BE(packet, cfg.originPort, p += addrLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN (r:${chan}, x11)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_authAgent(chan, initWindow, maxPacket) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 22 + 4 + 4 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 22, ++p);\n    packet.utf8Write('auth-agent@openssh.com', p += 4, 22);\n\n    writeUInt32BE(packet, chan, p += 22);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN (r:${chan}, auth-agent@openssh.com)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_forwardedStreamLocal(chan, initWindow, maxPacket, cfg) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const pathLen = Buffer.byteLength(cfg.socketPath);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 33 + 4 + 4 + 4 + 4 + pathLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 33, ++p);\n    packet.utf8Write('forwarded-streamlocal@openssh.com', p += 4, 33);\n\n    writeUInt32BE(packet, chan, p += 33);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, pathLen, p += 4);\n    packet.utf8Write(cfg.socketPath, p += 4, pathLen);\n\n    writeUInt32BE(packet, 0, p += pathLen);\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending CHANNEL_OPEN '\n          + `(r:${chan}, forwarded-streamlocal@openssh.com)`\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  exitStatus(chan, status) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    // Does not consume window space\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 11 + 1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 11, p += 4);\n    packet.utf8Write('exit-status', p += 4, 11);\n\n    packet[p += 11] = 0;\n\n    writeUInt32BE(packet, status, ++p);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exit-status: ${status})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  exitSignal(chan, name, coreDumped, msg) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    // Does not consume window space\n\n    const origSignal = name;\n\n    if (typeof origSignal !== 'string' || !origSignal)\n      throw new Error(`Invalid signal: ${origSignal}`);\n\n    let signal = name.toUpperCase();\n    if (signal.slice(0, 3) === 'SIG')\n      signal = signal.slice(3);\n\n    if (SIGNALS[signal] !== 1)\n      throw new Error(`Invalid signal: ${origSignal}`);\n\n    const nameLen = Buffer.byteLength(signal);\n    const msgLen = (msg ? Buffer.byteLength(msg) : 0);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 11 + 1 + 4 + nameLen + 1 + 4 + msgLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 11, p += 4);\n    packet.utf8Write('exit-signal', p += 4, 11);\n\n    packet[p += 11] = 0;\n\n    writeUInt32BE(packet, nameLen, ++p);\n    packet.utf8Write(signal, p += 4, nameLen);\n\n    packet[p += nameLen] = (coreDumped ? 1 : 0);\n\n    writeUInt32BE(packet, msgLen, ++p);\n\n    p += 4;\n    if (msgLen) {\n      packet.utf8Write(msg, p, msgLen);\n      p += msgLen;\n    }\n\n    writeUInt32BE(packet, 0, p);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exit-signal: ${name})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  // 'ssh-userauth' service-specific\n  authFailure(authMethods, isPartial) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    if (this._authsQueue.length === 0)\n      throw new Error('No auth in progress');\n\n    let methods;\n\n    if (typeof authMethods === 'boolean') {\n      isPartial = authMethods;\n      authMethods = undefined;\n    }\n\n    if (authMethods) {\n      methods = [];\n      for (let i = 0; i < authMethods.length; ++i) {\n        if (authMethods[i].toLowerCase() === 'none')\n          continue;\n        methods.push(authMethods[i]);\n      }\n      methods = methods.join(',');\n    } else {\n      methods = '';\n    }\n\n    const methodsLen = methods.length;\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + methodsLen + 1);\n\n    packet[p] = MESSAGE.USERAUTH_FAILURE;\n\n    writeUInt32BE(packet, methodsLen, ++p);\n    packet.utf8Write(methods, p += 4, methodsLen);\n\n    packet[p += methodsLen] = (isPartial === true ? 1 : 0);\n\n    this._authsQueue.shift();\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_FAILURE');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authSuccess() {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    if (this._authsQueue.length === 0)\n      throw new Error('No auth in progress');\n\n    const p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1);\n\n    packet[p] = MESSAGE.USERAUTH_SUCCESS;\n\n    this._authsQueue.shift();\n    this._authenticated = true;\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_SUCCESS');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n\n    if (this._kex.negotiated.cs.compress === 'zlib@openssh.com')\n      this._packetRW.read = new ZlibPacketReader();\n    if (this._kex.negotiated.sc.compress === 'zlib@openssh.com')\n      this._packetRW.write = new ZlibPacketWriter(this);\n  }\n  authPKOK(keyAlgo, key) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    if (this._authsQueue.length === 0 || this._authsQueue[0] !== 'publickey')\n      throw new Error('\"publickey\" auth not in progress');\n\n    // TODO: support parsed key for `key`\n\n    const keyAlgoLen = Buffer.byteLength(keyAlgo);\n    const keyLen = key.length;\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + keyAlgoLen + 4 + keyLen);\n\n    packet[p] = MESSAGE.USERAUTH_PK_OK;\n\n    writeUInt32BE(packet, keyAlgoLen, ++p);\n    packet.utf8Write(keyAlgo, p += 4, keyAlgoLen);\n\n    writeUInt32BE(packet, keyLen, p += keyAlgoLen);\n    packet.set(key, p += 4);\n\n    this._authsQueue.shift();\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_PK_OK');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authPasswdChg(prompt) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const promptLen = Buffer.byteLength(prompt);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + promptLen + 4);\n\n    packet[p] = MESSAGE.USERAUTH_PASSWD_CHANGEREQ;\n\n    writeUInt32BE(packet, promptLen, ++p);\n    packet.utf8Write(prompt, p += 4, promptLen);\n\n    writeUInt32BE(packet, 0, p += promptLen); // Empty language tag\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_PASSWD_CHANGEREQ');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authInfoReq(name, instructions, prompts) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    let promptsLen = 0;\n    const nameLen = name ? Buffer.byteLength(name) : 0;\n    const instrLen = instructions ? Buffer.byteLength(instructions) : 0;\n\n    for (let i = 0; i < prompts.length; ++i)\n      promptsLen += 4 + Buffer.byteLength(prompts[i].prompt) + 1;\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + nameLen + 4 + instrLen + 4 + 4 + promptsLen\n    );\n\n    packet[p] = MESSAGE.USERAUTH_INFO_REQUEST;\n\n    writeUInt32BE(packet, nameLen, ++p);\n    p += 4;\n    if (name) {\n      packet.utf8Write(name, p, nameLen);\n      p += nameLen;\n    }\n\n    writeUInt32BE(packet, instrLen, p);\n    p += 4;\n    if (instructions) {\n      packet.utf8Write(instructions, p, instrLen);\n      p += instrLen;\n    }\n\n    writeUInt32BE(packet, 0, p);\n\n    writeUInt32BE(packet, prompts.length, p += 4);\n    p += 4;\n    for (let i = 0; i < prompts.length; ++i) {\n      const prompt = prompts[i];\n      const promptLen = Buffer.byteLength(prompt.prompt);\n\n      writeUInt32BE(packet, promptLen, p);\n      p += 4;\n      if (promptLen) {\n        packet.utf8Write(prompt.prompt, p, promptLen);\n        p += promptLen;\n      }\n      packet[p++] = (prompt.echo ? 1 : 0);\n    }\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_INFO_REQUEST');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n}\n\n// SSH-protoversion-softwareversion (SP comments) CR LF\nconst RE_IDENT = /^SSH-(2\\.0|1\\.99)-([^ ]+)(?: (.*))?$/;\n\n// TODO: optimize this by starting n bytes from the end of this._buffer instead\n// of the beginning\nfunction parseHeader(chunk, p, len) {\n  let data;\n  let chunkOffset;\n  if (this._buffer) {\n    data = Buffer.allocUnsafe(this._buffer.length + (len - p));\n    data.set(this._buffer, 0);\n    if (p === 0) {\n      data.set(chunk, this._buffer.length);\n    } else {\n      data.set(new Uint8Array(chunk.buffer,\n                              chunk.byteOffset + p,\n                              (len - p)),\n               this._buffer.length);\n    }\n    chunkOffset = this._buffer.length;\n    p = 0;\n  } else {\n    data = chunk;\n    chunkOffset = 0;\n  }\n  const op = p;\n  let start = p;\n  let end = p;\n  let needNL = false;\n  let lineLen = 0;\n  let lines = 0;\n  for (; p < data.length; ++p) {\n    const ch = data[p];\n\n    if (ch === 13 /* '\\r' */) {\n      needNL = true;\n      continue;\n    }\n\n    if (ch === 10 /* '\\n' */) {\n      if (end > start\n          && end - start > 4\n          && data[start] === 83 /* 'S' */\n          && data[start + 1] === 83 /* 'S' */\n          && data[start + 2] === 72 /* 'H' */\n          && data[start + 3] === 45 /* '-' */) {\n\n        const full = data.latin1Slice(op, end + 1);\n        const identRaw = (start === op ? full : full.slice(start - op));\n        const m = RE_IDENT.exec(identRaw);\n        if (!m)\n          throw new Error('Invalid identification string');\n\n        const header = {\n          greeting: (start === op ? '' : full.slice(0, start - op)),\n          identRaw,\n          versions: {\n            protocol: m[1],\n            software: m[2],\n          },\n          comments: m[3]\n        };\n\n        // Needed during handshake\n        this._remoteIdentRaw = Buffer.from(identRaw);\n\n        this._debug && this._debug(`Remote ident: ${inspect(identRaw)}`);\n        this._compatFlags = getCompatFlags(header);\n\n        this._buffer = undefined;\n        this._decipher =\n          new NullDecipher(0, onKEXPayload.bind(this, { firstPacket: true }));\n        this._parse = parsePacket;\n\n        this._onHeader(header);\n        if (!this._destruct) {\n          // We disconnected inside _onHeader\n          return len;\n        }\n\n        kexinit(this);\n\n        return p + 1 - chunkOffset;\n      }\n\n      // Only allow pre-ident greetings when we're a client\n      if (this._server)\n        throw new Error('Greetings from clients not permitted');\n\n      if (++lines > MAX_LINES)\n        throw new Error('Max greeting lines exceeded');\n\n      needNL = false;\n      start = p + 1;\n      lineLen = 0;\n    } else if (needNL) {\n      throw new Error('Invalid header: expected newline');\n    } else if (++lineLen >= MAX_LINE_LEN) {\n      throw new Error('Header line too long');\n    }\n\n    end = p;\n  }\n  if (!this._buffer)\n    this._buffer = bufferSlice(data, op);\n\n  return p - chunkOffset;\n}\n\nfunction parsePacket(chunk, p, len) {\n  return this._decipher.decrypt(chunk, p, len);\n}\n\nfunction onPayload(payload) {\n  // XXX: move this to the Decipher implementations?\n\n  this._onPacket();\n\n  if (payload.length === 0) {\n    this._debug && this._debug('Inbound: Skipping empty packet payload');\n    return;\n  }\n\n  payload = this._packetRW.read.read(payload);\n\n  const type = payload[0];\n  if (type === MESSAGE.USERAUTH_SUCCESS\n      && !this._server\n      && !this._authenticated) {\n    this._authenticated = true;\n    if (this._kex.negotiated.cs.compress === 'zlib@openssh.com')\n      this._packetRW.write = new ZlibPacketWriter(this);\n    if (this._kex.negotiated.sc.compress === 'zlib@openssh.com')\n      this._packetRW.read = new ZlibPacketReader();\n  }\n  const handler = MESSAGE_HANDLERS[type];\n  if (handler === undefined) {\n    this._debug && this._debug(`Inbound: Unsupported message type: ${type}`);\n    return;\n  }\n\n  return handler(this, payload);\n}\n\nfunction getCompatFlags(header) {\n  const software = header.versions.software;\n\n  let flags = 0;\n\n  for (const rule of COMPAT_CHECKS) {\n    if (typeof rule[0] === 'string') {\n      if (software === rule[0])\n        flags |= rule[1];\n    } else if (rule[0].test(software)) {\n      flags |= rule[1];\n    }\n  }\n\n  return flags;\n}\n\nfunction modesToBytes(modes) {\n  const keys = Object.keys(modes);\n  const bytes = Buffer.allocUnsafe((5 * keys.length) + 1);\n  let b = 0;\n\n  for (let i = 0; i < keys.length; ++i) {\n    const key = keys[i];\n    if (key === 'TTY_OP_END')\n      continue;\n\n    const opcode = TERMINAL_MODE[key];\n    if (opcode === undefined)\n      continue;\n\n    const val = modes[key];\n    if (typeof val === 'number' && isFinite(val)) {\n      bytes[b++] = opcode;\n      bytes[b++] = val >>> 24;\n      bytes[b++] = val >>> 16;\n      bytes[b++] = val >>> 8;\n      bytes[b++] = val;\n    }\n  }\n\n  bytes[b++] = TERMINAL_MODE.TTY_OP_END;\n\n  if (b < bytes.length)\n    return bufferSlice(bytes, 0, b);\n\n  return bytes;\n}\n\nmodule.exports = Protocol;\n","'use strict';\n\nconst EventEmitter = require('events');\nconst fs = require('fs');\nconst { constants } = fs;\nconst {\n  Readable: ReadableStream,\n  Writable: WritableStream\n} = require('stream');\nconst { inherits, isDate } = require('util');\n\nconst FastBuffer = Buffer[Symbol.species];\n\nconst {\n  bufferCopy,\n  bufferSlice,\n  makeBufferParser,\n  writeUInt32BE,\n} = require('./utils.js');\n\nconst ATTR = {\n  SIZE: 0x00000001,\n  UIDGID: 0x00000002,\n  PERMISSIONS: 0x00000004,\n  ACMODTIME: 0x00000008,\n  EXTENDED: 0x80000000,\n};\n\n// Large enough to store all possible attributes\nconst ATTRS_BUF = Buffer.alloc(28);\n\nconst STATUS_CODE = {\n  OK: 0,\n  EOF: 1,\n  NO_SUCH_FILE: 2,\n  PERMISSION_DENIED: 3,\n  FAILURE: 4,\n  BAD_MESSAGE: 5,\n  NO_CONNECTION: 6,\n  CONNECTION_LOST: 7,\n  OP_UNSUPPORTED: 8\n};\n\nconst VALID_STATUS_CODES = new Map(\n  Object.values(STATUS_CODE).map((n) => [n, 1])\n);\n\nconst STATUS_CODE_STR = {\n  [STATUS_CODE.OK]: 'No error',\n  [STATUS_CODE.EOF]: 'End of file',\n  [STATUS_CODE.NO_SUCH_FILE]: 'No such file or directory',\n  [STATUS_CODE.PERMISSION_DENIED]: 'Permission denied',\n  [STATUS_CODE.FAILURE]: 'Failure',\n  [STATUS_CODE.BAD_MESSAGE]: 'Bad message',\n  [STATUS_CODE.NO_CONNECTION]: 'No connection',\n  [STATUS_CODE.CONNECTION_LOST]: 'Connection lost',\n  [STATUS_CODE.OP_UNSUPPORTED]: 'Operation unsupported',\n};\n\nconst REQUEST = {\n  INIT: 1,\n  OPEN: 3,\n  CLOSE: 4,\n  READ: 5,\n  WRITE: 6,\n  LSTAT: 7,\n  FSTAT: 8,\n  SETSTAT: 9,\n  FSETSTAT: 10,\n  OPENDIR: 11,\n  READDIR: 12,\n  REMOVE: 13,\n  MKDIR: 14,\n  RMDIR: 15,\n  REALPATH: 16,\n  STAT: 17,\n  RENAME: 18,\n  READLINK: 19,\n  SYMLINK: 20,\n  EXTENDED: 200\n};\n\nconst RESPONSE = {\n  VERSION: 2,\n  STATUS: 101,\n  HANDLE: 102,\n  DATA: 103,\n  NAME: 104,\n  ATTRS: 105,\n  EXTENDED: 201\n};\n\nconst OPEN_MODE = {\n  READ: 0x00000001,\n  WRITE: 0x00000002,\n  APPEND: 0x00000004,\n  CREAT: 0x00000008,\n  TRUNC: 0x00000010,\n  EXCL: 0x00000020\n};\n\nconst PKT_RW_OVERHEAD = 2 * 1024;\nconst MAX_REQID = 2 ** 32 - 1;\nconst CLIENT_VERSION_BUFFER = Buffer.from([\n  0, 0, 0, 5 /* length */,\n    REQUEST.INIT,\n    0, 0, 0, 3 /* version */\n]);\nconst SERVER_VERSION_BUFFER = Buffer.from([\n  0, 0, 0, 5 /* length */,\n    RESPONSE.VERSION,\n    0, 0, 0, 3 /* version */\n]);\n\nconst RE_OPENSSH = /^SSH-2.0-(?:OpenSSH|dropbear)/;\nconst OPENSSH_MAX_PKT_LEN = 256 * 1024;\n\nconst bufferParser = makeBufferParser();\n\nconst fakeStderr = {\n  readable: false,\n  writable: false,\n  push: (data) => {},\n  once: () => {},\n  on: () => {},\n  emit: () => {},\n  end: () => {},\n};\n\nfunction noop() {}\n\n// Emulates enough of `Channel` to be able to be used as a drop-in replacement\n// in order to process incoming data with as little overhead as possible\nclass SFTP extends EventEmitter {\n  constructor(client, chanInfo, cfg) {\n    super();\n\n    if (typeof cfg !== 'object' || !cfg)\n      cfg = {};\n\n    const remoteIdentRaw = client._protocol._remoteIdentRaw;\n\n    this.server = !!cfg.server;\n    this._debug = (typeof cfg.debug === 'function' ? cfg.debug : undefined);\n    this._isOpenSSH = (remoteIdentRaw && RE_OPENSSH.test(remoteIdentRaw));\n\n    this._version = -1;\n    this._extensions = {};\n    this._biOpt = cfg.biOpt;\n    this._pktLenBytes = 0;\n    this._pktLen = 0;\n    this._pktPos = 0;\n    this._pktType = 0;\n    this._pktData = undefined;\n    this._writeReqid = -1;\n    this._requests = {};\n    this._maxInPktLen = OPENSSH_MAX_PKT_LEN;\n    this._maxOutPktLen = 34000;\n    this._maxReadLen =\n      (this._isOpenSSH ? OPENSSH_MAX_PKT_LEN : 34000) - PKT_RW_OVERHEAD;\n    this._maxWriteLen =\n      (this._isOpenSSH ? OPENSSH_MAX_PKT_LEN : 34000) - PKT_RW_OVERHEAD;\n\n    this.maxOpenHandles = undefined;\n\n    // Channel compatibility\n    this._client = client;\n    this._protocol = client._protocol;\n    this._callbacks = [];\n    this._hasX11 = false;\n    this._exit = {\n      code: undefined,\n      signal: undefined,\n      dump: undefined,\n      desc: undefined,\n    };\n    this._waitWindow = false; // SSH-level backpressure\n    this._chunkcb = undefined;\n    this._buffer = [];\n    this.type = chanInfo.type;\n    this.subtype = undefined;\n    this.incoming = chanInfo.incoming;\n    this.outgoing = chanInfo.outgoing;\n    this.stderr = fakeStderr;\n    this.readable = true;\n  }\n\n  // This handles incoming data to parse\n  push(data) {\n    if (data === null) {\n      cleanupRequests(this);\n      if (!this.readable)\n        return;\n      // No more incoming data from the remote side\n      this.readable = false;\n      this.emit('end');\n      return;\n    }\n    /*\n        uint32             length\n        byte               type\n        byte[length - 1]   data payload\n    */\n    let p = 0;\n\n    while (p < data.length) {\n      if (this._pktLenBytes < 4) {\n        let nb = Math.min(4 - this._pktLenBytes, data.length - p);\n        this._pktLenBytes += nb;\n\n        while (nb--)\n          this._pktLen = (this._pktLen << 8) + data[p++];\n\n        if (this._pktLenBytes < 4)\n          return;\n        if (this._pktLen === 0)\n          return doFatalSFTPError(this, 'Invalid packet length');\n        if (this._pktLen > this._maxInPktLen) {\n          const max = this._maxInPktLen;\n          return doFatalSFTPError(\n            this,\n            `Packet length ${this._pktLen} exceeds max length of ${max}`\n          );\n        }\n        if (p >= data.length)\n          return;\n      }\n      if (this._pktPos < this._pktLen) {\n        const nb = Math.min(this._pktLen - this._pktPos, data.length - p);\n        if (p !== 0 || nb !== data.length) {\n          if (nb === this._pktLen) {\n            this._pkt = new FastBuffer(data.buffer, data.byteOffset + p, nb);\n          } else {\n            if (!this._pkt)\n              this._pkt = Buffer.allocUnsafe(this._pktLen);\n            this._pkt.set(\n              new Uint8Array(data.buffer, data.byteOffset + p, nb),\n              this._pktPos\n            );\n          }\n        } else if (nb === this._pktLen) {\n          this._pkt = data;\n        } else {\n          if (!this._pkt)\n            this._pkt = Buffer.allocUnsafe(this._pktLen);\n          this._pkt.set(data, this._pktPos);\n        }\n        p += nb;\n        this._pktPos += nb;\n        if (this._pktPos < this._pktLen)\n          return;\n      }\n\n      const type = this._pkt[0];\n      const payload = this._pkt;\n\n      // Prepare for next packet\n      this._pktLen = 0;\n      this._pktLenBytes = 0;\n      this._pkt = undefined;\n      this._pktPos = 0;\n\n      const handler = (this.server\n                       ? SERVER_HANDLERS[type]\n                       : CLIENT_HANDLERS[type]);\n      if (!handler)\n        return doFatalSFTPError(this, `Unknown packet type ${type}`);\n\n      if (this._version === -1) {\n        if (this.server) {\n          if (type !== REQUEST.INIT)\n            return doFatalSFTPError(this, `Expected INIT packet, got ${type}`);\n        } else if (type !== RESPONSE.VERSION) {\n          return doFatalSFTPError(this, `Expected VERSION packet, got ${type}`);\n        }\n      }\n\n      if (handler(this, payload) === false)\n        return;\n    }\n  }\n\n  end() {\n    this.destroy();\n  }\n  destroy() {\n    if (this.outgoing.state === 'open' || this.outgoing.state === 'eof') {\n      this.outgoing.state = 'closing';\n      this._protocol.channelClose(this.outgoing.id);\n    }\n  }\n  _init() {\n    this._init = noop;\n    if (!this.server)\n      sendOrBuffer(this, CLIENT_VERSION_BUFFER);\n  }\n\n  // ===========================================================================\n  // Client-specific ===========================================================\n  // ===========================================================================\n  createReadStream(path, options) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    return new ReadStream(this, path, options);\n  }\n  createWriteStream(path, options) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    return new WriteStream(this, path, options);\n  }\n  open(path, flags_, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (typeof attrs === 'function') {\n      cb = attrs;\n      attrs = undefined;\n    }\n\n    const flags = (typeof flags_ === 'number' ? flags_ : stringToFlags(flags_));\n    if (flags === null)\n      throw new Error(`Unknown flags string: ${flags_}`);\n\n    let attrsFlags = 0;\n    let attrsLen = 0;\n    if (typeof attrs === 'string' || typeof attrs === 'number')\n      attrs = { mode: attrs };\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      attrsFlags = attrs.flags;\n      attrsLen = attrs.nb;\n    }\n\n    /*\n      uint32        id\n      string        filename\n      uint32        pflags\n      ATTRS         attrs\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.OPEN;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n    writeUInt32BE(buf, flags, p += pathLen);\n    writeUInt32BE(buf, attrsFlags, p += 4);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} OPEN`\n    );\n  }\n  close(handle, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    /*\n      uint32     id\n      string     handle\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.CLOSE;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    buf.set(handle, p += 4);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} CLOSE`\n    );\n  }\n  read(handle, buf, off, len, position, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n    if (!Buffer.isBuffer(buf))\n      throw new Error('buffer is not a Buffer');\n    if (off >= buf.length)\n      throw new Error('offset is out of bounds');\n    if (off + len > buf.length)\n      throw new Error('length extends beyond buffer');\n    if (position === null)\n      throw new Error('null position currently unsupported');\n\n    read_(this, handle, buf, off, len, position, cb);\n  }\n  readData(handle, buf, off, len, position, cb) {\n    // Backwards compatibility\n    this.read(handle, buf, off, len, position, cb);\n  }\n  write(handle, buf, off, len, position, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n    if (!Buffer.isBuffer(buf))\n      throw new Error('buffer is not a Buffer');\n    if (off > buf.length)\n      throw new Error('offset is out of bounds');\n    if (off + len > buf.length)\n      throw new Error('length extends beyond buffer');\n    if (position === null)\n      throw new Error('null position currently unsupported');\n\n    if (!len) {\n      cb && process.nextTick(cb, undefined, 0);\n      return;\n    }\n\n    const maxDataLen = this._maxWriteLen;\n    const overflow = Math.max(len - maxDataLen, 0);\n    const origPosition = position;\n\n    if (overflow)\n      len = maxDataLen;\n\n    /*\n      uint32     id\n      string     handle\n      uint64     offset\n      string     data\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const out = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 8 + 4 + len);\n\n    writeUInt32BE(out, out.length - 4, 0);\n    out[4] = REQUEST.WRITE;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(out, reqid, 5);\n\n    writeUInt32BE(out, handleLen, p);\n    out.set(handle, p += 4);\n    p += handleLen;\n    for (let i = 7; i >= 0; --i) {\n      out[p + i] = position & 0xFF;\n      position /= 256;\n    }\n    writeUInt32BE(out, len, p += 8);\n    bufferCopy(buf, out, off, off + len, p += 4);\n\n    this._requests[reqid] = {\n      cb: (err) => {\n        if (err) {\n          if (typeof cb === 'function')\n            cb(err);\n        } else if (overflow) {\n          this.write(handle,\n                     buf,\n                     off + len,\n                     overflow,\n                     origPosition + len,\n                     cb);\n        } else if (typeof cb === 'function') {\n          cb(undefined, off + len);\n        }\n      }\n    };\n\n    const isSent = sendOrBuffer(this, out);\n    if (this._debug) {\n      const how = (isSent ? 'Sent' : 'Buffered');\n      this._debug(`SFTP: Outbound: ${how} WRITE (id:${reqid})`);\n    }\n  }\n  writeData(handle, buf, off, len, position, cb) {\n    // Backwards compatibility\n    this.write(handle, buf, off, len, position, cb);\n  }\n  fastGet(remotePath, localPath, opts, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    fastXfer(this, fs, remotePath, localPath, opts, cb);\n  }\n  fastPut(localPath, remotePath, opts, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    fastXfer(fs, this, localPath, remotePath, opts, cb);\n  }\n  readFile(path, options, callback_) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let callback;\n    if (typeof callback_ === 'function') {\n      callback = callback_;\n    } else if (typeof options === 'function') {\n      callback = options;\n      options = undefined;\n    }\n\n    if (typeof options === 'string')\n      options = { encoding: options, flag: 'r' };\n    else if (!options)\n      options = { encoding: null, flag: 'r' };\n    else if (typeof options !== 'object')\n      throw new TypeError('Bad arguments');\n\n    const encoding = options.encoding;\n    if (encoding && !Buffer.isEncoding(encoding))\n      throw new Error(`Unknown encoding: ${encoding}`);\n\n    // First stat the file, so we know the size.\n    let size;\n    let buffer; // Single buffer with file data\n    let buffers; // List for when size is unknown\n    let pos = 0;\n    let handle;\n\n    // SFTPv3 does not support using -1 for read position, so we have to track\n    // read position manually\n    let bytesRead = 0;\n\n    const flag = options.flag || 'r';\n\n    const read = () => {\n      if (size === 0) {\n        buffer = Buffer.allocUnsafe(8192);\n        this.read(handle, buffer, 0, 8192, bytesRead, afterRead);\n      } else {\n        this.read(handle, buffer, pos, size - pos, bytesRead, afterRead);\n      }\n    };\n\n    const afterRead = (er, nbytes) => {\n      let eof;\n      if (er) {\n        eof = (er.code === STATUS_CODE.EOF);\n        if (!eof) {\n          return this.close(handle, () => {\n            return callback && callback(er);\n          });\n        }\n      } else {\n        eof = false;\n      }\n\n      if (eof || (size === 0 && nbytes === 0))\n        return close();\n\n      bytesRead += nbytes;\n      pos += nbytes;\n      if (size !== 0) {\n        if (pos === size)\n          close();\n        else\n          read();\n      } else {\n        // Unknown size, just read until we don't get bytes.\n        buffers.push(bufferSlice(buffer, 0, nbytes));\n        read();\n      }\n    };\n    afterRead._wantEOFError = true;\n\n    const close = () => {\n      this.close(handle, (er) => {\n        if (size === 0) {\n          // Collect the data into the buffers list.\n          buffer = Buffer.concat(buffers, pos);\n        } else if (pos < size) {\n          buffer = bufferSlice(buffer, 0, pos);\n        }\n\n        if (encoding)\n          buffer = buffer.toString(encoding);\n        return callback && callback(er, buffer);\n      });\n    };\n\n    this.open(path, flag, 0o666, (er, handle_) => {\n      if (er)\n        return callback && callback(er);\n      handle = handle_;\n\n      const tryStat = (er, st) => {\n        if (er) {\n          // Try stat() for sftp servers that may not support fstat() for\n          // whatever reason\n          this.stat(path, (er_, st_) => {\n            if (er_) {\n              return this.close(handle, () => {\n                callback && callback(er);\n              });\n            }\n            tryStat(null, st_);\n          });\n          return;\n        }\n\n        size = st.size || 0;\n        if (size === 0) {\n          // The kernel lies about many files.\n          // Go ahead and try to read some bytes.\n          buffers = [];\n          return read();\n        }\n\n        buffer = Buffer.allocUnsafe(size);\n        read();\n      };\n      this.fstat(handle, tryStat);\n    });\n  }\n  writeFile(path, data, options, callback_) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let callback;\n    if (typeof callback_ === 'function') {\n      callback = callback_;\n    } else if (typeof options === 'function') {\n      callback = options;\n      options = undefined;\n    }\n\n    if (typeof options === 'string')\n      options = { encoding: options, mode: 0o666, flag: 'w' };\n    else if (!options)\n      options = { encoding: 'utf8', mode: 0o666, flag: 'w' };\n    else if (typeof options !== 'object')\n      throw new TypeError('Bad arguments');\n\n    if (options.encoding && !Buffer.isEncoding(options.encoding))\n      throw new Error(`Unknown encoding: ${options.encoding}`);\n\n    const flag = options.flag || 'w';\n    this.open(path, flag, options.mode, (openErr, handle) => {\n      if (openErr) {\n        callback && callback(openErr);\n      } else {\n        const buffer = (Buffer.isBuffer(data)\n                        ? data\n                        : Buffer.from('' + data, options.encoding || 'utf8'));\n        const position = (/a/.test(flag) ? null : 0);\n\n        // SFTPv3 does not support the notion of 'current position'\n        // (null position), so we just attempt to append to the end of the file\n        // instead\n        if (position === null) {\n          const tryStat = (er, st) => {\n            if (er) {\n              // Try stat() for sftp servers that may not support fstat() for\n              // whatever reason\n              this.stat(path, (er_, st_) => {\n                if (er_) {\n                  return this.close(handle, () => {\n                    callback && callback(er);\n                  });\n                }\n                tryStat(null, st_);\n              });\n              return;\n            }\n            writeAll(this, handle, buffer, 0, buffer.length, st.size, callback);\n          };\n          this.fstat(handle, tryStat);\n          return;\n        }\n        writeAll(this, handle, buffer, 0, buffer.length, position, callback);\n      }\n    });\n  }\n  appendFile(path, data, options, callback_) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let callback;\n    if (typeof callback_ === 'function') {\n      callback = callback_;\n    } else if (typeof options === 'function') {\n      callback = options;\n      options = undefined;\n    }\n\n    if (typeof options === 'string')\n      options = { encoding: options, mode: 0o666, flag: 'a' };\n    else if (!options)\n      options = { encoding: 'utf8', mode: 0o666, flag: 'a' };\n    else if (typeof options !== 'object')\n      throw new TypeError('Bad arguments');\n\n    if (!options.flag)\n      options = Object.assign({ flag: 'a' }, options);\n    this.writeFile(path, data, options, callback);\n  }\n  exists(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    this.stat(path, (err) => {\n      cb && cb(err ? false : true);\n    });\n  }\n  unlink(filename, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     filename\n    */\n    const fnameLen = Buffer.byteLength(filename);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + fnameLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.REMOVE;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, fnameLen, p);\n    buf.utf8Write(filename, p += 4, fnameLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} REMOVE`\n    );\n  }\n  rename(oldPath, newPath, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     oldpath\n      string     newpath\n    */\n    const oldLen = Buffer.byteLength(oldPath);\n    const newLen = Buffer.byteLength(newPath);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + oldLen + 4 + newLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.RENAME;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, oldLen, p);\n    buf.utf8Write(oldPath, p += 4, oldLen);\n    writeUInt32BE(buf, newLen, p += oldLen);\n    buf.utf8Write(newPath, p += 4, newLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} RENAME`\n    );\n  }\n  mkdir(path, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let flags = 0;\n    let attrsLen = 0;\n\n    if (typeof attrs === 'function') {\n      cb = attrs;\n      attrs = undefined;\n    }\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      flags = attrs.flags;\n      attrsLen = attrs.nb;\n    }\n\n    /*\n      uint32     id\n      string     path\n      ATTRS      attrs\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.MKDIR;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n    writeUInt32BE(buf, flags, p += pathLen);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} MKDIR`\n    );\n  }\n  rmdir(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.RMDIR;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} RMDIR`\n    );\n  }\n  readdir(where, opts, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (typeof opts === 'function') {\n      cb = opts;\n      opts = {};\n    }\n    if (typeof opts !== 'object' || opts === null)\n      opts = {};\n\n    const doFilter = (opts && opts.full ? false : true);\n\n    if (!Buffer.isBuffer(where) && typeof where !== 'string')\n      throw new Error('missing directory handle or path');\n\n    if (typeof where === 'string') {\n      const entries = [];\n      let e = 0;\n\n      const reread = (err, handle) => {\n        if (err)\n          return cb(err);\n\n        this.readdir(handle, opts, (err, list) => {\n          const eof = (err && err.code === STATUS_CODE.EOF);\n\n          if (err && !eof)\n            return this.close(handle, () => cb(err));\n\n          if (eof) {\n            return this.close(handle, (err) => {\n              if (err)\n                return cb(err);\n              cb(undefined, entries);\n            });\n          }\n\n          for (let i = 0; i < list.length; ++i, ++e)\n            entries[e] = list[i];\n\n          reread(undefined, handle);\n        });\n      };\n      return this.opendir(where, reread);\n    }\n\n    /*\n      uint32     id\n      string     handle\n    */\n    const handleLen = where.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.READDIR;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    buf.set(where, p += 4);\n\n    this._requests[reqid] = {\n      cb: (doFilter\n           ? (err, list) => {\n               if (typeof cb !== 'function')\n                 return;\n               if (err)\n                 return cb(err);\n\n               for (let i = list.length - 1; i >= 0; --i) {\n                 if (list[i].filename === '.' || list[i].filename === '..')\n                   list.splice(i, 1);\n               }\n\n               cb(undefined, list);\n             }\n           : cb)\n    };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READDIR`\n    );\n  }\n  fstat(handle, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    /*\n      uint32     id\n      string     handle\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.FSTAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    buf.set(handle, p += 4);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} FSTAT`\n    );\n  }\n  stat(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.STAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} STAT`\n    );\n  }\n  lstat(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.LSTAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} LSTAT`\n    );\n  }\n  opendir(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.OPENDIR;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} OPENDIR`\n    );\n  }\n  setstat(path, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let flags = 0;\n    let attrsLen = 0;\n\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      flags = attrs.flags;\n      attrsLen = attrs.nb;\n    } else if (typeof attrs === 'function') {\n      cb = attrs;\n    }\n\n    /*\n      uint32     id\n      string     path\n      ATTRS      attrs\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.SETSTAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n    writeUInt32BE(buf, flags, p += pathLen);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} SETSTAT`\n    );\n  }\n  fsetstat(handle, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    let flags = 0;\n    let attrsLen = 0;\n\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      flags = attrs.flags;\n      attrsLen = attrs.nb;\n    } else if (typeof attrs === 'function') {\n      cb = attrs;\n    }\n\n    /*\n      uint32     id\n      string     handle\n      ATTRS      attrs\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.FSETSTAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    buf.set(handle, p += 4);\n    writeUInt32BE(buf, flags, p += handleLen);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} FSETSTAT`\n    );\n  }\n  futimes(handle, atime, mtime, cb) {\n    return this.fsetstat(handle, {\n      atime: toUnixTimestamp(atime),\n      mtime: toUnixTimestamp(mtime)\n    }, cb);\n  }\n  utimes(path, atime, mtime, cb) {\n    return this.setstat(path, {\n      atime: toUnixTimestamp(atime),\n      mtime: toUnixTimestamp(mtime)\n    }, cb);\n  }\n  fchown(handle, uid, gid, cb) {\n    return this.fsetstat(handle, {\n      uid: uid,\n      gid: gid\n    }, cb);\n  }\n  chown(path, uid, gid, cb) {\n    return this.setstat(path, {\n      uid: uid,\n      gid: gid\n    }, cb);\n  }\n  fchmod(handle, mode, cb) {\n    return this.fsetstat(handle, {\n      mode: mode\n    }, cb);\n  }\n  chmod(path, mode, cb) {\n    return this.setstat(path, {\n      mode: mode\n    }, cb);\n  }\n  readlink(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.READLINK;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = {\n      cb: (err, names) => {\n        if (typeof cb !== 'function')\n          return;\n        if (err)\n          return cb(err);\n        if (!names || !names.length)\n          return cb(new Error('Response missing link info'));\n        cb(undefined, names[0].filename);\n      }\n    };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READLINK`\n    );\n  }\n  symlink(targetPath, linkPath, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     linkpath\n      string     targetpath\n    */\n    const linkLen = Buffer.byteLength(linkPath);\n    const targetLen = Buffer.byteLength(targetPath);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + linkLen + 4 + targetLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.SYMLINK;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    if (this._isOpenSSH) {\n      // OpenSSH has linkpath and targetpath positions switched\n      writeUInt32BE(buf, targetLen, p);\n      buf.utf8Write(targetPath, p += 4, targetLen);\n      writeUInt32BE(buf, linkLen, p += targetLen);\n      buf.utf8Write(linkPath, p += 4, linkLen);\n    } else {\n      writeUInt32BE(buf, linkLen, p);\n      buf.utf8Write(linkPath, p += 4, linkLen);\n      writeUInt32BE(buf, targetLen, p += linkLen);\n      buf.utf8Write(targetPath, p += 4, targetLen);\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} SYMLINK`\n    );\n  }\n  realpath(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.REALPATH;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = {\n      cb: (err, names) => {\n        if (typeof cb !== 'function')\n          return;\n        if (err)\n          return cb(err);\n        if (!names || !names.length)\n          return cb(new Error('Response missing path info'));\n        cb(undefined, names[0].filename);\n      }\n    };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} REALPATH`\n    );\n  }\n  // extended requests\n  ext_openssh_rename(oldPath, newPath, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['posix-rename@openssh.com'];\n    if (!ext || ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    /*\n      uint32    id\n      string    \"posix-rename@openssh.com\"\n      string    oldpath\n      string    newpath\n    */\n    const oldLen = Buffer.byteLength(oldPath);\n    const newLen = Buffer.byteLength(newPath);\n    let p = 9;\n    const buf =\n      Buffer.allocUnsafe(4 + 1 + 4 + 4 + 24 + 4 + oldLen + 4 + newLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 24, p);\n    buf.utf8Write('posix-rename@openssh.com', p += 4, 24);\n    writeUInt32BE(buf, oldLen, p += 24);\n    buf.utf8Write(oldPath, p += 4, oldLen);\n    writeUInt32BE(buf, newLen, p += oldLen);\n    buf.utf8Write(newPath, p += 4, newLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const which = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${which} posix-rename@openssh.com`);\n    }\n  }\n  ext_openssh_statvfs(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['statvfs@openssh.com'];\n    if (!ext || ext !== '2')\n      throw new Error('Server does not support this extended request');\n\n    /*\n      uint32    id\n      string    \"statvfs@openssh.com\"\n      string    path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 19 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 19, p);\n    buf.utf8Write('statvfs@openssh.com', p += 4, 19);\n    writeUInt32BE(buf, pathLen, p += 19);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { extended: 'statvfs@openssh.com', cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const which = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${which} statvfs@openssh.com`);\n    }\n  }\n  ext_openssh_fstatvfs(handle, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['fstatvfs@openssh.com'];\n    if (!ext || ext !== '2')\n      throw new Error('Server does not support this extended request');\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    /*\n      uint32    id\n      string    \"fstatvfs@openssh.com\"\n      string    handle\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 20, p);\n    buf.utf8Write('fstatvfs@openssh.com', p += 4, 20);\n    writeUInt32BE(buf, handleLen, p += 20);\n    buf.set(handle, p += 4);\n\n    this._requests[reqid] = { extended: 'fstatvfs@openssh.com', cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const which = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${which} fstatvfs@openssh.com`);\n    }\n  }\n  ext_openssh_hardlink(oldPath, newPath, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['hardlink@openssh.com'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    /*\n      uint32    id\n      string    \"hardlink@openssh.com\"\n      string    oldpath\n      string    newpath\n    */\n    const oldLen = Buffer.byteLength(oldPath);\n    const newLen = Buffer.byteLength(newPath);\n    let p = 9;\n    const buf =\n      Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + oldLen + 4 + newLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 20, p);\n    buf.utf8Write('hardlink@openssh.com', p += 4, 20);\n    writeUInt32BE(buf, oldLen, p += 20);\n    buf.utf8Write(oldPath, p += 4, oldLen);\n    writeUInt32BE(buf, newLen, p += oldLen);\n    buf.utf8Write(newPath, p += 4, newLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const which = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${which} hardlink@openssh.com`);\n    }\n  }\n  ext_openssh_fsync(handle, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['fsync@openssh.com'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    /*\n      uint32    id\n      string    \"fsync@openssh.com\"\n      string    handle\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 17 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 17, p);\n    buf.utf8Write('fsync@openssh.com', p += 4, 17);\n    writeUInt32BE(buf, handleLen, p += 17);\n    buf.set(handle, p += 4);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} fsync@openssh.com`\n    );\n  }\n  ext_openssh_lsetstat(path, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['lsetstat@openssh.com'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    let flags = 0;\n    let attrsLen = 0;\n\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      flags = attrs.flags;\n      attrsLen = attrs.nb;\n    } else if (typeof attrs === 'function') {\n      cb = attrs;\n    }\n\n    /*\n      uint32    id\n      string    \"lsetstat@openssh.com\"\n      string    path\n      ATTRS     attrs\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf =\n      Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + pathLen + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 20, p);\n    buf.utf8Write('lsetstat@openssh.com', p += 4, 20);\n\n    writeUInt32BE(buf, pathLen, p += 20);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    writeUInt32BE(buf, flags, p += pathLen);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const status = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${status} lsetstat@openssh.com`);\n    }\n  }\n  ext_openssh_expandPath(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['expand-path@openssh.com'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    /*\n      uint32    id\n      string    \"expand-path@openssh.com\"\n      string    path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 23 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 23, p);\n    buf.utf8Write('expand-path@openssh.com', p += 4, 23);\n\n    writeUInt32BE(buf, pathLen, p += 20);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const status = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${status} expand-path@openssh.com`);\n    }\n  }\n  ext_copy_data(srcHandle, srcOffset, len, dstHandle, dstOffset, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['copy-data'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    if (!Buffer.isBuffer(srcHandle))\n      throw new Error('Source handle is not a Buffer');\n\n    if (!Buffer.isBuffer(dstHandle))\n      throw new Error('Destination handle is not a Buffer');\n\n    /*\n      uint32    id\n      string    \"copy-data\"\n      string    read-from-handle\n      uint64    read-from-offset\n      uint64    read-data-length\n      string    write-to-handle\n      uint64    write-to-offset\n    */\n    let p = 0;\n    const buf = Buffer.allocUnsafe(\n      4 + 1\n      + 4\n      + 4 + 9\n      + 4 + srcHandle.length\n      + 8\n      + 8\n      + 4 + dstHandle.length\n      + 8\n    );\n\n    writeUInt32BE(buf, buf.length - 4, p);\n    p += 4;\n\n    buf[p] = REQUEST.EXTENDED;\n    ++p;\n\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, p);\n    p += 4;\n\n    writeUInt32BE(buf, 9, p);\n    p += 4;\n    buf.utf8Write('copy-data', p, 9);\n    p += 9;\n\n    writeUInt32BE(buf, srcHandle.length, p);\n    p += 4;\n    buf.set(srcHandle, p);\n    p += srcHandle.length;\n\n    for (let i = 7; i >= 0; --i) {\n      buf[p + i] = srcOffset & 0xFF;\n      srcOffset /= 256;\n    }\n    p += 8;\n\n    for (let i = 7; i >= 0; --i) {\n      buf[p + i] = len & 0xFF;\n      len /= 256;\n    }\n    p += 8;\n\n    writeUInt32BE(buf, dstHandle.length, p);\n    p += 4;\n    buf.set(dstHandle, p);\n    p += dstHandle.length;\n\n    for (let i = 7; i >= 0; --i) {\n      buf[p + i] = dstOffset & 0xFF;\n      dstOffset /= 256;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const status = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${status} copy-data`);\n    }\n  }\n  // ===========================================================================\n  // Server-specific ===========================================================\n  // ===========================================================================\n  handle(reqid, handle) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    const handleLen = handle.length;\n\n    if (handleLen > 256)\n      throw new Error('handle too large (> 256 bytes)');\n\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.HANDLE;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    if (handleLen)\n      buf.set(handle, p += 4);\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} HANDLE`\n    );\n  }\n  status(reqid, code, message) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (!VALID_STATUS_CODES.has(code))\n      throw new Error(`Bad status code: ${code}`);\n\n    message || (message = '');\n\n    const msgLen = Buffer.byteLength(message);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 4 + msgLen + 4);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.STATUS;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, code, p);\n\n    writeUInt32BE(buf, msgLen, p += 4);\n    p += 4;\n    if (msgLen) {\n      buf.utf8Write(message, p, msgLen);\n      p += msgLen;\n    }\n\n    writeUInt32BE(buf, 0, p); // Empty language tag\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} STATUS`\n    );\n  }\n  data(reqid, data, encoding) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    const isBuffer = Buffer.isBuffer(data);\n\n    if (!isBuffer && typeof data !== 'string')\n      throw new Error('data is not a Buffer or string');\n\n    let isUTF8;\n    if (!isBuffer && !encoding) {\n      encoding = undefined;\n      isUTF8 = true;\n    }\n\n    const dataLen = (\n      isBuffer\n      ? data.length\n      : Buffer.byteLength(data, encoding)\n    );\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + dataLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.DATA;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, dataLen, p);\n    if (dataLen) {\n      if (isBuffer)\n        buf.set(data, p += 4);\n      else if (isUTF8)\n        buf.utf8Write(data, p += 4, dataLen);\n      else\n        buf.write(data, p += 4, dataLen, encoding);\n    }\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} DATA`\n    );\n  }\n  name(reqid, names) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (!Array.isArray(names)) {\n      if (typeof names !== 'object' || names === null)\n        throw new Error('names is not an object or array');\n      names = [ names ];\n    }\n\n    const count = names.length;\n    let namesLen = 0;\n    let nameAttrs;\n    const attrs = [];\n\n    for (let i = 0; i < count; ++i) {\n      const name = names[i];\n      const filename = (\n        !name || !name.filename || typeof name.filename !== 'string'\n        ? ''\n        : name.filename\n      );\n      namesLen += 4 + Buffer.byteLength(filename);\n      const longname = (\n        !name || !name.longname || typeof name.longname !== 'string'\n        ? ''\n        : name.longname\n      );\n      namesLen += 4 + Buffer.byteLength(longname);\n\n      if (typeof name.attrs === 'object' && name.attrs !== null) {\n        nameAttrs = attrsToBytes(name.attrs);\n        namesLen += 4 + nameAttrs.nb;\n\n        if (nameAttrs.nb) {\n          let bytes;\n\n          if (nameAttrs.nb === ATTRS_BUF.length) {\n            bytes = new Uint8Array(ATTRS_BUF);\n          } else {\n            bytes = new Uint8Array(nameAttrs.nb);\n            bufferCopy(ATTRS_BUF, bytes, 0, nameAttrs.nb, 0);\n          }\n\n          nameAttrs.bytes = bytes;\n        }\n\n        attrs.push(nameAttrs);\n      } else {\n        namesLen += 4;\n        attrs.push(null);\n      }\n    }\n\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + namesLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.NAME;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, count, p);\n\n    p += 4;\n\n    for (let i = 0; i < count; ++i) {\n      const name = names[i];\n\n      {\n        const filename = (\n          !name || !name.filename || typeof name.filename !== 'string'\n          ? ''\n          : name.filename\n        );\n        const len = Buffer.byteLength(filename);\n        writeUInt32BE(buf, len, p);\n        p += 4;\n        if (len) {\n          buf.utf8Write(filename, p, len);\n          p += len;\n        }\n      }\n\n      {\n        const longname = (\n          !name || !name.longname || typeof name.longname !== 'string'\n          ? ''\n          : name.longname\n        );\n        const len = Buffer.byteLength(longname);\n        writeUInt32BE(buf, len, p);\n        p += 4;\n        if (len) {\n          buf.utf8Write(longname, p, len);\n          p += len;\n        }\n      }\n\n      const attr = attrs[i];\n      if (attr) {\n        writeUInt32BE(buf, attr.flags, p);\n        p += 4;\n        if (attr.flags && attr.bytes) {\n          buf.set(attr.bytes, p);\n          p += attr.nb;\n        }\n      } else {\n        writeUInt32BE(buf, 0, p);\n        p += 4;\n      }\n    }\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} NAME`\n    );\n  }\n  attrs(reqid, attrs) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (typeof attrs !== 'object' || attrs === null)\n      throw new Error('attrs is not an object');\n\n    attrs = attrsToBytes(attrs);\n    const flags = attrs.flags;\n    const attrsLen = attrs.nb;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.ATTRS;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, flags, p);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} ATTRS`\n    );\n  }\n}\n\nfunction tryCreateBuffer(size) {\n  try {\n    return Buffer.allocUnsafe(size);\n  } catch (ex) {\n    return ex;\n  }\n}\n\nfunction read_(self, handle, buf, off, len, position, cb, req_) {\n  const maxDataLen = self._maxReadLen;\n  const overflow = Math.max(len - maxDataLen, 0);\n\n  if (overflow)\n    len = maxDataLen;\n\n  /*\n    uint32     id\n    string     handle\n    uint64     offset\n    uint32     len\n  */\n  const handleLen = handle.length;\n  let p = 9;\n  let pos = position;\n  const out = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 8 + 4);\n\n  writeUInt32BE(out, out.length - 4, 0);\n  out[4] = REQUEST.READ;\n  const reqid = self._writeReqid = (self._writeReqid + 1) & MAX_REQID;\n  writeUInt32BE(out, reqid, 5);\n\n  writeUInt32BE(out, handleLen, p);\n  out.set(handle, p += 4);\n  p += handleLen;\n  for (let i = 7; i >= 0; --i) {\n    out[p + i] = pos & 0xFF;\n    pos /= 256;\n  }\n  writeUInt32BE(out, len, p += 8);\n\n  if (typeof cb !== 'function')\n    cb = noop;\n\n  const req = (req_ || {\n    nb: 0,\n    position,\n    off,\n    origOff: off,\n    len: undefined,\n    overflow: undefined,\n    cb: (err, data, nb) => {\n      const len = req.len;\n      const overflow = req.overflow;\n\n      if (err) {\n        if (cb._wantEOFError || err.code !== STATUS_CODE.EOF)\n          return cb(err);\n      } else if (nb > len) {\n        return cb(new Error('Received more data than requested'));\n      } else if (nb === len && overflow) {\n        req.nb += nb;\n        req.position += nb;\n        req.off += nb;\n        read_(self, handle, buf, req.off, overflow, req.position, cb, req);\n        return;\n      }\n\n      nb = (nb || 0);\n      if (req.origOff === 0 && buf.length === req.nb)\n        data = buf;\n      else\n        data = bufferSlice(buf, req.origOff, req.origOff + req.nb + nb);\n      cb(undefined, req.nb + nb, data, req.position);\n    },\n    buffer: undefined,\n  });\n\n  req.len = len;\n  req.overflow = overflow;\n\n  // TODO: avoid creating multiple buffer slices when we need to re-call read_()\n  // because of overflow\n  req.buffer = bufferSlice(buf, off, off + len);\n\n  self._requests[reqid] = req;\n\n  const isBuffered = sendOrBuffer(self, out);\n  self._debug && self._debug(\n    `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READ`\n  );\n}\n\nfunction fastXfer(src, dst, srcPath, dstPath, opts, cb) {\n  let concurrency = 64;\n  let chunkSize = 32768;\n  let onstep;\n  let mode;\n  let fileSize;\n\n  if (typeof opts === 'function') {\n    cb = opts;\n  } else if (typeof opts === 'object' && opts !== null) {\n    if (typeof opts.concurrency === 'number'\n        && opts.concurrency > 0\n        && !isNaN(opts.concurrency)) {\n      concurrency = opts.concurrency;\n    }\n    if (typeof opts.chunkSize === 'number'\n        && opts.chunkSize > 0\n        && !isNaN(opts.chunkSize)) {\n      chunkSize = opts.chunkSize;\n    }\n    if (typeof opts.fileSize === 'number'\n        && opts.fileSize > 0\n        && !isNaN(opts.fileSize)) {\n      fileSize = opts.fileSize;\n    }\n    if (typeof opts.step === 'function')\n      onstep = opts.step;\n\n    if (typeof opts.mode === 'string' || typeof opts.mode === 'number')\n      mode = modeNum(opts.mode);\n  }\n\n  // Internal state variables\n  let fsize;\n  let pdst = 0;\n  let total = 0;\n  let hadError = false;\n  let srcHandle;\n  let dstHandle;\n  let readbuf;\n  let bufsize = chunkSize * concurrency;\n\n  function onerror(err) {\n    if (hadError)\n      return;\n\n    hadError = true;\n\n    let left = 0;\n    let cbfinal;\n\n    if (srcHandle || dstHandle) {\n      cbfinal = () => {\n        if (--left === 0)\n          cb(err);\n      };\n      if (srcHandle && (src === fs || src.outgoing.state === 'open'))\n        ++left;\n      if (dstHandle && (dst === fs || dst.outgoing.state === 'open'))\n        ++left;\n      if (srcHandle && (src === fs || src.outgoing.state === 'open'))\n        src.close(srcHandle, cbfinal);\n      if (dstHandle && (dst === fs || dst.outgoing.state === 'open'))\n        dst.close(dstHandle, cbfinal);\n    } else {\n      cb(err);\n    }\n  }\n\n  src.open(srcPath, 'r', (err, sourceHandle) => {\n    if (err)\n      return onerror(err);\n\n    srcHandle = sourceHandle;\n\n    if (fileSize === undefined)\n      src.fstat(srcHandle, tryStat);\n    else\n      tryStat(null, { size: fileSize });\n\n    function tryStat(err, attrs) {\n      if (err) {\n        if (src !== fs) {\n          // Try stat() for sftp servers that may not support fstat() for\n          // whatever reason\n          src.stat(srcPath, (err_, attrs_) => {\n            if (err_)\n              return onerror(err);\n            tryStat(null, attrs_);\n          });\n          return;\n        }\n        return onerror(err);\n      }\n      fsize = attrs.size;\n\n      dst.open(dstPath, 'w', (err, destHandle) => {\n        if (err)\n          return onerror(err);\n\n        dstHandle = destHandle;\n\n        if (fsize <= 0)\n          return onerror();\n\n        // Use less memory where possible\n        while (bufsize > fsize) {\n          if (concurrency === 1) {\n            bufsize = fsize;\n            break;\n          }\n          bufsize -= chunkSize;\n          --concurrency;\n        }\n\n        readbuf = tryCreateBuffer(bufsize);\n        if (readbuf instanceof Error)\n          return onerror(readbuf);\n\n        if (mode !== undefined) {\n          dst.fchmod(dstHandle, mode, function tryAgain(err) {\n            if (err) {\n              // Try chmod() for sftp servers that may not support fchmod()\n              // for whatever reason\n              dst.chmod(dstPath, mode, (err_) => tryAgain());\n              return;\n            }\n            startReads();\n          });\n        } else {\n          startReads();\n        }\n\n        function onread(err, nb, data, dstpos, datapos, origChunkLen) {\n          if (err)\n            return onerror(err);\n\n          datapos = datapos || 0;\n\n          dst.write(dstHandle, readbuf, datapos, nb, dstpos, writeCb);\n\n          function writeCb(err) {\n            if (err)\n              return onerror(err);\n\n            total += nb;\n            onstep && onstep(total, nb, fsize);\n\n            if (nb < origChunkLen)\n              return singleRead(datapos, dstpos + nb, origChunkLen - nb);\n\n            if (total === fsize) {\n              dst.close(dstHandle, (err) => {\n                dstHandle = undefined;\n                if (err)\n                  return onerror(err);\n                src.close(srcHandle, (err) => {\n                  srcHandle = undefined;\n                  if (err)\n                    return onerror(err);\n                  cb();\n                });\n              });\n              return;\n            }\n\n            if (pdst >= fsize)\n              return;\n\n            const chunk =\n              (pdst + chunkSize > fsize ? fsize - pdst : chunkSize);\n            singleRead(datapos, pdst, chunk);\n            pdst += chunk;\n          }\n        }\n\n        function makeCb(psrc, pdst, chunk) {\n          return (err, nb, data) => {\n            onread(err, nb, data, pdst, psrc, chunk);\n          };\n        }\n\n        function singleRead(psrc, pdst, chunk) {\n          src.read(srcHandle,\n                   readbuf,\n                   psrc,\n                   chunk,\n                   pdst,\n                   makeCb(psrc, pdst, chunk));\n        }\n\n        function startReads() {\n          let reads = 0;\n          let psrc = 0;\n          while (pdst < fsize && reads < concurrency) {\n            const chunk =\n              (pdst + chunkSize > fsize ? fsize - pdst : chunkSize);\n            singleRead(psrc, pdst, chunk);\n            psrc += chunk;\n            pdst += chunk;\n            ++reads;\n          }\n        }\n      });\n    }\n  });\n}\n\nfunction writeAll(sftp, handle, buffer, offset, length, position, callback_) {\n  const callback = (typeof callback_ === 'function' ? callback_ : undefined);\n\n  sftp.write(handle,\n             buffer,\n             offset,\n             length,\n             position,\n             (writeErr, written) => {\n    if (writeErr) {\n      return sftp.close(handle, () => {\n        callback && callback(writeErr);\n      });\n    }\n    if (written === length) {\n      sftp.close(handle, callback);\n    } else {\n      offset += written;\n      length -= written;\n      position += written;\n      writeAll(sftp, handle, buffer, offset, length, position, callback);\n    }\n  });\n}\n\nclass Stats {\n  constructor(initial) {\n    this.mode = (initial && initial.mode);\n    this.uid = (initial && initial.uid);\n    this.gid = (initial && initial.gid);\n    this.size = (initial && initial.size);\n    this.atime = (initial && initial.atime);\n    this.mtime = (initial && initial.mtime);\n    this.extended = (initial && initial.extended);\n  }\n  isDirectory() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFDIR);\n  }\n  isFile() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFREG);\n  }\n  isBlockDevice() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFBLK);\n  }\n  isCharacterDevice() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFCHR);\n  }\n  isSymbolicLink() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFLNK);\n  }\n  isFIFO() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFIFO);\n  }\n  isSocket() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFSOCK);\n  }\n}\n\nfunction attrsToBytes(attrs) {\n  let flags = 0;\n  let nb = 0;\n\n  if (typeof attrs === 'object' && attrs !== null) {\n    if (typeof attrs.size === 'number') {\n      flags |= ATTR.SIZE;\n      const val = attrs.size;\n      // Big Endian\n      ATTRS_BUF[nb++] = val / 72057594037927940; // 2**56\n      ATTRS_BUF[nb++] = val / 281474976710656; // 2**48\n      ATTRS_BUF[nb++] = val / 1099511627776; // 2**40\n      ATTRS_BUF[nb++] = val / 4294967296; // 2**32\n      ATTRS_BUF[nb++] = val / 16777216; // 2**24\n      ATTRS_BUF[nb++] = val / 65536; // 2**16\n      ATTRS_BUF[nb++] = val / 256; // 2**8\n      ATTRS_BUF[nb++] = val;\n    }\n    if (typeof attrs.uid === 'number' && typeof attrs.gid === 'number') {\n      flags |= ATTR.UIDGID;\n      const uid = attrs.uid;\n      const gid = attrs.gid;\n      // Big Endian\n      ATTRS_BUF[nb++] = uid >>> 24;\n      ATTRS_BUF[nb++] = uid >>> 16;\n      ATTRS_BUF[nb++] = uid >>> 8;\n      ATTRS_BUF[nb++] = uid;\n      ATTRS_BUF[nb++] = gid >>> 24;\n      ATTRS_BUF[nb++] = gid >>> 16;\n      ATTRS_BUF[nb++] = gid >>> 8;\n      ATTRS_BUF[nb++] = gid;\n    }\n    if (typeof attrs.mode === 'number' || typeof attrs.mode === 'string') {\n      const mode = modeNum(attrs.mode);\n      flags |= ATTR.PERMISSIONS;\n      // Big Endian\n      ATTRS_BUF[nb++] = mode >>> 24;\n      ATTRS_BUF[nb++] = mode >>> 16;\n      ATTRS_BUF[nb++] = mode >>> 8;\n      ATTRS_BUF[nb++] = mode;\n    }\n    if ((typeof attrs.atime === 'number' || isDate(attrs.atime))\n        && (typeof attrs.mtime === 'number' || isDate(attrs.mtime))) {\n      const atime = toUnixTimestamp(attrs.atime);\n      const mtime = toUnixTimestamp(attrs.mtime);\n\n      flags |= ATTR.ACMODTIME;\n      // Big Endian\n      ATTRS_BUF[nb++] = atime >>> 24;\n      ATTRS_BUF[nb++] = atime >>> 16;\n      ATTRS_BUF[nb++] = atime >>> 8;\n      ATTRS_BUF[nb++] = atime;\n      ATTRS_BUF[nb++] = mtime >>> 24;\n      ATTRS_BUF[nb++] = mtime >>> 16;\n      ATTRS_BUF[nb++] = mtime >>> 8;\n      ATTRS_BUF[nb++] = mtime;\n    }\n    // TODO: extended attributes\n  }\n\n  return { flags, nb };\n}\n\nfunction toUnixTimestamp(time) {\n  // eslint-disable-next-line no-self-compare\n  if (typeof time === 'number' && time === time) // Valid, non-NaN number\n    return time;\n  if (isDate(time))\n    return parseInt(time.getTime() / 1000, 10);\n  throw new Error(`Cannot parse time: ${time}`);\n}\n\nfunction modeNum(mode) {\n  // eslint-disable-next-line no-self-compare\n  if (typeof mode === 'number' && mode === mode) // Valid, non-NaN number\n    return mode;\n  if (typeof mode === 'string')\n    return modeNum(parseInt(mode, 8));\n  throw new Error(`Cannot parse mode: ${mode}`);\n}\n\nconst stringFlagMap = {\n  'r': OPEN_MODE.READ,\n  'r+': OPEN_MODE.READ | OPEN_MODE.WRITE,\n  'w': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE,\n  'wx': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n  'xw': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n  'w+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE,\n  'wx+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n         | OPEN_MODE.EXCL,\n  'xw+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n         | OPEN_MODE.EXCL,\n  'a': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE,\n  'ax': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n  'xa': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n  'a+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE,\n  'ax+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n         | OPEN_MODE.EXCL,\n  'xa+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n         | OPEN_MODE.EXCL\n};\n\nfunction stringToFlags(str) {\n  const flags = stringFlagMap[str];\n  return (flags !== undefined ? flags : null);\n}\n\nconst flagsToString = (() => {\n  const stringFlagMapKeys = Object.keys(stringFlagMap);\n  return (flags) => {\n    for (let i = 0; i < stringFlagMapKeys.length; ++i) {\n      const key = stringFlagMapKeys[i];\n      if (stringFlagMap[key] === flags)\n        return key;\n    }\n    return null;\n  };\n})();\n\nfunction readAttrs(biOpt) {\n  /*\n    uint32   flags\n    uint64   size           present only if flag SSH_FILEXFER_ATTR_SIZE\n    uint32   uid            present only if flag SSH_FILEXFER_ATTR_UIDGID\n    uint32   gid            present only if flag SSH_FILEXFER_ATTR_UIDGID\n    uint32   permissions    present only if flag SSH_FILEXFER_ATTR_PERMISSIONS\n    uint32   atime          present only if flag SSH_FILEXFER_ACMODTIME\n    uint32   mtime          present only if flag SSH_FILEXFER_ACMODTIME\n    uint32   extended_count present only if flag SSH_FILEXFER_ATTR_EXTENDED\n    string   extended_type\n    string   extended_data\n    ...      more extended data (extended_type - extended_data pairs),\n               so that number of pairs equals extended_count\n  */\n  const flags = bufferParser.readUInt32BE();\n  if (flags === undefined)\n    return;\n\n  const attrs = new Stats();\n  if (flags & ATTR.SIZE) {\n    const size = bufferParser.readUInt64BE(biOpt);\n    if (size === undefined)\n      return;\n    attrs.size = size;\n  }\n\n  if (flags & ATTR.UIDGID) {\n    const uid = bufferParser.readUInt32BE();\n    const gid = bufferParser.readUInt32BE();\n    if (gid === undefined)\n      return;\n    attrs.uid = uid;\n    attrs.gid = gid;\n  }\n\n  if (flags & ATTR.PERMISSIONS) {\n    const mode = bufferParser.readUInt32BE();\n    if (mode === undefined)\n      return;\n    attrs.mode = mode;\n  }\n\n  if (flags & ATTR.ACMODTIME) {\n    const atime = bufferParser.readUInt32BE();\n    const mtime = bufferParser.readUInt32BE();\n    if (mtime === undefined)\n      return;\n    attrs.atime = atime;\n    attrs.mtime = mtime;\n  }\n\n  if (flags & ATTR.EXTENDED) {\n    const count = bufferParser.readUInt32BE();\n    if (count === undefined)\n      return;\n    const extended = {};\n    for (let i = 0; i < count; ++i) {\n      const type = bufferParser.readString(true);\n      const data = bufferParser.readString();\n      if (data === undefined)\n        return;\n      extended[type] = data;\n    }\n    attrs.extended = extended;\n  }\n\n  return attrs;\n}\n\nfunction sendOrBuffer(sftp, payload) {\n  const ret = tryWritePayload(sftp, payload);\n  if (ret !== undefined) {\n    sftp._buffer.push(ret);\n    return false;\n  }\n  return true;\n}\n\nfunction tryWritePayload(sftp, payload) {\n  const outgoing = sftp.outgoing;\n  if (outgoing.state !== 'open')\n    return;\n\n  if (outgoing.window === 0) {\n    sftp._waitWindow = true;\n    sftp._chunkcb = drainBuffer;\n    return payload;\n  }\n\n  let ret;\n  const len = payload.length;\n  let p = 0;\n\n  while (len - p > 0 && outgoing.window > 0) {\n    const actualLen = Math.min(len - p, outgoing.window, outgoing.packetSize);\n    outgoing.window -= actualLen;\n    if (outgoing.window === 0) {\n      sftp._waitWindow = true;\n      sftp._chunkcb = drainBuffer;\n    }\n\n    if (p === 0 && actualLen === len) {\n      sftp._protocol.channelData(sftp.outgoing.id, payload);\n    } else {\n      sftp._protocol.channelData(sftp.outgoing.id,\n                                 bufferSlice(payload, p, p + actualLen));\n    }\n\n    p += actualLen;\n  }\n\n  if (len - p > 0) {\n    if (p > 0)\n      ret = bufferSlice(payload, p, len);\n    else\n      ret = payload; // XXX: should never get here?\n  }\n\n  return ret;\n}\n\nfunction drainBuffer() {\n  this._chunkcb = undefined;\n  const buffer = this._buffer;\n  let i = 0;\n  while (i < buffer.length) {\n    const payload = buffer[i];\n    const ret = tryWritePayload(this, payload);\n    if (ret !== undefined) {\n      if (ret !== payload)\n        buffer[i] = ret;\n      if (i > 0)\n        this._buffer = buffer.slice(i);\n      return;\n    }\n    ++i;\n  }\n  if (i > 0)\n    this._buffer = [];\n}\n\nfunction doFatalSFTPError(sftp, msg, noDebug) {\n  const err = new Error(msg);\n  err.level = 'sftp-protocol';\n  if (!noDebug && sftp._debug)\n    sftp._debug(`SFTP: Inbound: ${msg}`);\n  sftp.emit('error', err);\n  sftp.destroy();\n  cleanupRequests(sftp);\n  return false;\n}\n\nfunction cleanupRequests(sftp) {\n  const keys = Object.keys(sftp._requests);\n  if (keys.length === 0)\n    return;\n\n  const reqs = sftp._requests;\n  sftp._requests = {};\n  const err = new Error('No response from server');\n  for (let i = 0; i < keys.length; ++i) {\n    const req = reqs[keys[i]];\n    if (typeof req.cb === 'function')\n      req.cb(err);\n  }\n}\n\nfunction requestLimits(sftp, cb) {\n  /*\n    uint32    id\n    string    \"limits@openssh.com\"\n  */\n  let p = 9;\n  const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 18);\n\n  writeUInt32BE(buf, buf.length - 4, 0);\n  buf[4] = REQUEST.EXTENDED;\n  const reqid = sftp._writeReqid = (sftp._writeReqid + 1) & MAX_REQID;\n  writeUInt32BE(buf, reqid, 5);\n\n  writeUInt32BE(buf, 18, p);\n  buf.utf8Write('limits@openssh.com', p += 4, 18);\n\n  sftp._requests[reqid] = { extended: 'limits@openssh.com', cb };\n\n  const isBuffered = sendOrBuffer(sftp, buf);\n  if (sftp._debug) {\n    const which = (isBuffered ? 'Buffered' : 'Sending');\n    sftp._debug(`SFTP: Outbound: ${which} limits@openssh.com`);\n  }\n}\n\nconst CLIENT_HANDLERS = {\n  [RESPONSE.VERSION]: (sftp, payload) => {\n    if (sftp._version !== -1)\n      return doFatalSFTPError(sftp, 'Duplicate VERSION packet');\n\n    const extensions = {};\n\n    /*\n      uint32 version\n      <extension data>\n    */\n    bufferParser.init(payload, 1);\n    let version = bufferParser.readUInt32BE();\n    while (bufferParser.avail()) {\n      const extName = bufferParser.readString(true);\n      const extData = bufferParser.readString(true);\n      if (extData === undefined) {\n        version = undefined;\n        break;\n      }\n      extensions[extName] = extData;\n    }\n    bufferParser.clear();\n\n    if (version === undefined)\n      return doFatalSFTPError(sftp, 'Malformed VERSION packet');\n\n    if (sftp._debug) {\n      const names = Object.keys(extensions);\n      if (names.length) {\n        sftp._debug(\n          `SFTP: Inbound: Received VERSION (v${version}, exts:${names})`\n        );\n      } else {\n        sftp._debug(`SFTP: Inbound: Received VERSION (v${version})`);\n      }\n    }\n\n    sftp._version = version;\n    sftp._extensions = extensions;\n\n    if (extensions['limits@openssh.com'] === '1') {\n      return requestLimits(sftp, (err, limits) => {\n        if (!err) {\n          if (limits.maxPktLen > 0)\n            sftp._maxOutPktLen = limits.maxPktLen;\n          if (limits.maxReadLen > 0)\n            sftp._maxReadLen = limits.maxReadLen;\n          if (limits.maxWriteLen > 0)\n            sftp._maxWriteLen = limits.maxWriteLen;\n          sftp.maxOpenHandles = (\n            limits.maxOpenHandles > 0 ? limits.maxOpenHandles : Infinity\n          );\n        }\n        sftp.emit('ready');\n      });\n    }\n\n    sftp.emit('ready');\n  },\n  [RESPONSE.STATUS]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      uint32     error/status code\n      string     error message (ISO-10646 UTF-8)\n      string     language tag\n    */\n    const errorCode = bufferParser.readUInt32BE();\n    const errorMsg = bufferParser.readString(true);\n    bufferParser.clear();\n\n    // Note: we avoid checking that the error message and language tag are in\n    // the packet because there are some broken implementations that incorrectly\n    // omit them. The language tag in general was never really used amongst ssh\n    // implementations, so in the case of a missing error message we just\n    // default to something sensible.\n\n    if (sftp._debug) {\n      const jsonMsg = JSON.stringify(errorMsg);\n      sftp._debug(\n        `SFTP: Inbound: Received STATUS (id:${reqID}, ${errorCode}, ${jsonMsg})`\n      );\n    }\n    const req = sftp._requests[reqID];\n    delete sftp._requests[reqID];\n    if (req && typeof req.cb === 'function') {\n      if (errorCode === STATUS_CODE.OK) {\n        req.cb();\n        return;\n      }\n      const err = new Error(errorMsg\n                            || STATUS_CODE_STR[errorCode]\n                            || 'Unknown status');\n      err.code = errorCode;\n      req.cb(err);\n    }\n  },\n  [RESPONSE.HANDLE]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     handle\n    */\n    const handle = bufferParser.readString();\n    bufferParser.clear();\n\n    if (handle === undefined) {\n      if (reqID !== undefined)\n        delete sftp._requests[reqID];\n      return doFatalSFTPError(sftp, 'Malformed HANDLE packet');\n    }\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received HANDLE (id:${reqID})`);\n\n    const req = sftp._requests[reqID];\n    delete sftp._requests[reqID];\n    if (req && typeof req.cb === 'function')\n      req.cb(undefined, handle);\n  },\n  [RESPONSE.DATA]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    let req;\n    if (reqID !== undefined) {\n      req = sftp._requests[reqID];\n      delete sftp._requests[reqID];\n    }\n    /*\n      string     data\n    */\n    if (req && typeof req.cb === 'function') {\n      if (req.buffer) {\n        // We have already pre-allocated space to store the data\n\n        const nb = bufferParser.readString(req.buffer);\n        bufferParser.clear();\n\n        if (nb !== undefined) {\n          sftp._debug && sftp._debug(\n            `SFTP: Inbound: Received DATA (id:${reqID}, ${nb})`\n          );\n          req.cb(undefined, req.buffer, nb);\n          return;\n        }\n      } else {\n        const data = bufferParser.readString();\n        bufferParser.clear();\n\n        if (data !== undefined) {\n          sftp._debug && sftp._debug(\n            `SFTP: Inbound: Received DATA (id:${reqID}, ${data.length})`\n          );\n          req.cb(undefined, data);\n          return;\n        }\n      }\n    } else {\n      const nb = bufferParser.skipString();\n      bufferParser.clear();\n      if (nb !== undefined) {\n        sftp._debug && sftp._debug(\n          `SFTP: Inbound: Received DATA (id:${reqID}, ${nb})`\n        );\n        return;\n      }\n    }\n\n    return doFatalSFTPError(sftp, 'Malformed DATA packet');\n  },\n  [RESPONSE.NAME]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    let req;\n    if (reqID !== undefined) {\n      req = sftp._requests[reqID];\n      delete sftp._requests[reqID];\n    }\n    /*\n      uint32     count\n      repeats count times:\n              string     filename\n              string     longname\n              ATTRS      attrs\n    */\n    const count = bufferParser.readUInt32BE();\n    if (count !== undefined) {\n      let names = [];\n      for (let i = 0; i < count; ++i) {\n        // We are going to assume UTF-8 for filenames despite the SFTPv3\n        // spec not specifying an encoding because the specs for newer\n        // versions of the protocol all explicitly specify UTF-8 for\n        // filenames\n        const filename = bufferParser.readString(true);\n\n        // `longname` only exists in SFTPv3 and since it typically will\n        // contain the filename, we assume it is also UTF-8\n        const longname = bufferParser.readString(true);\n\n        const attrs = readAttrs(sftp._biOpt);\n        if (attrs === undefined) {\n          names = undefined;\n          break;\n        }\n        names.push({ filename, longname, attrs });\n      }\n      if (names !== undefined) {\n        sftp._debug && sftp._debug(\n          `SFTP: Inbound: Received NAME (id:${reqID}, ${names.length})`\n        );\n        bufferParser.clear();\n        if (req && typeof req.cb === 'function')\n          req.cb(undefined, names);\n        return;\n      }\n    }\n\n    bufferParser.clear();\n    return doFatalSFTPError(sftp, 'Malformed NAME packet');\n  },\n  [RESPONSE.ATTRS]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    let req;\n    if (reqID !== undefined) {\n      req = sftp._requests[reqID];\n      delete sftp._requests[reqID];\n    }\n    /*\n      ATTRS      attrs\n    */\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n    if (attrs !== undefined) {\n      sftp._debug && sftp._debug(`SFTP: Inbound: Received ATTRS (id:${reqID})`);\n      if (req && typeof req.cb === 'function')\n        req.cb(undefined, attrs);\n      return;\n    }\n\n    return doFatalSFTPError(sftp, 'Malformed ATTRS packet');\n  },\n  [RESPONSE.EXTENDED]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    if (reqID !== undefined) {\n      const req = sftp._requests[reqID];\n      if (req) {\n        delete sftp._requests[reqID];\n        switch (req.extended) {\n          case 'statvfs@openssh.com':\n          case 'fstatvfs@openssh.com': {\n            /*\n              uint64    f_bsize   // file system block size\n              uint64    f_frsize  // fundamental fs block size\n              uint64    f_blocks  // number of blocks (unit f_frsize)\n              uint64    f_bfree   // free blocks in file system\n              uint64    f_bavail  // free blocks for non-root\n              uint64    f_files   // total file inodes\n              uint64    f_ffree   // free file inodes\n              uint64    f_favail  // free file inodes for to non-root\n              uint64    f_fsid    // file system id\n              uint64    f_flag    // bit mask of f_flag values\n              uint64    f_namemax // maximum filename length\n            */\n            const biOpt = sftp._biOpt;\n            const stats = {\n              f_bsize: bufferParser.readUInt64BE(biOpt),\n              f_frsize: bufferParser.readUInt64BE(biOpt),\n              f_blocks: bufferParser.readUInt64BE(biOpt),\n              f_bfree: bufferParser.readUInt64BE(biOpt),\n              f_bavail: bufferParser.readUInt64BE(biOpt),\n              f_files: bufferParser.readUInt64BE(biOpt),\n              f_ffree: bufferParser.readUInt64BE(biOpt),\n              f_favail: bufferParser.readUInt64BE(biOpt),\n              f_sid: bufferParser.readUInt64BE(biOpt),\n              f_flag: bufferParser.readUInt64BE(biOpt),\n              f_namemax: bufferParser.readUInt64BE(biOpt),\n            };\n            if (stats.f_namemax === undefined)\n              break;\n            if (sftp._debug) {\n              sftp._debug(\n                'SFTP: Inbound: Received EXTENDED_REPLY '\n                  + `(id:${reqID}, ${req.extended})`\n              );\n            }\n            bufferParser.clear();\n            if (typeof req.cb === 'function')\n              req.cb(undefined, stats);\n            return;\n          }\n          case 'limits@openssh.com': {\n            /*\n              uint64          max-packet-length\n              uint64          max-read-length\n              uint64          max-write-length\n              uint64          max-open-handles\n            */\n            const limits = {\n              maxPktLen: bufferParser.readUInt64BE(),\n              maxReadLen: bufferParser.readUInt64BE(),\n              maxWriteLen: bufferParser.readUInt64BE(),\n              maxOpenHandles: bufferParser.readUInt64BE(),\n            };\n            if (limits.maxOpenHandles === undefined)\n              break;\n            if (sftp._debug) {\n              sftp._debug(\n                'SFTP: Inbound: Received EXTENDED_REPLY '\n                  + `(id:${reqID}, ${req.extended})`\n              );\n            }\n            bufferParser.clear();\n            if (typeof req.cb === 'function')\n              req.cb(undefined, limits);\n            return;\n          }\n          default:\n            // Unknown extended request\n            sftp._debug && sftp._debug(\n              `SFTP: Inbound: Received EXTENDED_REPLY (id:${reqID}, ???)`\n            );\n            bufferParser.clear();\n            if (typeof req.cb === 'function')\n              req.cb();\n            return;\n        }\n      } else {\n        sftp._debug && sftp._debug(\n          `SFTP: Inbound: Received EXTENDED_REPLY (id:${reqID}, ???)`\n        );\n        bufferParser.clear();\n        return;\n      }\n    }\n\n    bufferParser.clear();\n    return doFatalSFTPError(sftp, 'Malformed EXTENDED_REPLY packet');\n  },\n};\nconst SERVER_HANDLERS = {\n  [REQUEST.INIT]: (sftp, payload) => {\n    if (sftp._version !== -1)\n      return doFatalSFTPError(sftp, 'Duplicate INIT packet');\n\n    const extensions = {};\n\n    /*\n      uint32 version\n      <extension data>\n    */\n    bufferParser.init(payload, 1);\n    let version = bufferParser.readUInt32BE();\n    while (bufferParser.avail()) {\n      const extName = bufferParser.readString(true);\n      const extData = bufferParser.readString(true);\n      if (extData === undefined) {\n        version = undefined;\n        break;\n      }\n      extensions[extName] = extData;\n    }\n    bufferParser.clear();\n\n    if (version === undefined)\n      return doFatalSFTPError(sftp, 'Malformed INIT packet');\n\n    if (sftp._debug) {\n      const names = Object.keys(extensions);\n      if (names.length) {\n        sftp._debug(\n          `SFTP: Inbound: Received INIT (v${version}, exts:${names})`\n        );\n      } else {\n        sftp._debug(`SFTP: Inbound: Received INIT (v${version})`);\n      }\n    }\n\n    sendOrBuffer(sftp, SERVER_VERSION_BUFFER);\n\n    sftp._version = version;\n    sftp._extensions = extensions;\n    sftp.emit('ready');\n  },\n  [REQUEST.OPEN]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string        filename\n      uint32        pflags\n      ATTRS         attrs\n    */\n    const filename = bufferParser.readString(true);\n    const pflags = bufferParser.readUInt32BE();\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n\n    if (attrs === undefined)\n      return doFatalSFTPError(sftp, 'Malformed OPEN packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received OPEN (id:${reqID})`);\n\n    if (!sftp.emit('OPEN', reqID, filename, pflags, attrs)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.CLOSE]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string        handle\n    */\n    const handle = bufferParser.readString();\n    bufferParser.clear();\n\n    if (handle === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed CLOSE packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received CLOSE (id:${reqID})`);\n\n    if (!sftp.emit('CLOSE', reqID, handle)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.READ]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     handle\n      uint64     offset\n      uint32     len\n    */\n    const handle = bufferParser.readString();\n    const offset = bufferParser.readUInt64BE(sftp._biOpt);\n    const len = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (len === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed READ packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received READ (id:${reqID})`);\n\n    if (!sftp.emit('READ', reqID, handle, offset, len)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.WRITE]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     handle\n      uint64     offset\n      string     data\n    */\n    const handle = bufferParser.readString();\n    const offset = bufferParser.readUInt64BE(sftp._biOpt);\n    const data = bufferParser.readString();\n    bufferParser.clear();\n\n    if (data === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed WRITE packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received WRITE (id:${reqID})`);\n\n    if (!sftp.emit('WRITE', reqID, handle, offset, data)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.LSTAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed LSTAT packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received LSTAT (id:${reqID})`);\n\n    if (!sftp.emit('LSTAT', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.FSTAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string        handle\n    */\n    const handle = bufferParser.readString();\n    bufferParser.clear();\n\n    if (handle === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed FSTAT packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received FSTAT (id:${reqID})`);\n\n    if (!sftp.emit('FSTAT', reqID, handle)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.SETSTAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n      ATTRS      attrs\n    */\n    const path = bufferParser.readString(true);\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n\n    if (attrs === undefined)\n      return doFatalSFTPError(sftp, 'Malformed SETSTAT packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received SETSTAT (id:${reqID})`);\n\n    if (!sftp.emit('SETSTAT', reqID, path, attrs)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.FSETSTAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     handle\n      ATTRS      attrs\n    */\n    const handle = bufferParser.readString();\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n\n    if (attrs === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed FSETSTAT packet');\n\n    sftp._debug && sftp._debug(\n      `SFTP: Inbound: Received FSETSTAT (id:${reqID})`\n    );\n\n    if (!sftp.emit('FSETSTAT', reqID, handle, attrs)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.OPENDIR]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed OPENDIR packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received OPENDIR (id:${reqID})`);\n\n    if (!sftp.emit('OPENDIR', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.READDIR]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string        handle\n    */\n    const handle = bufferParser.readString();\n    bufferParser.clear();\n\n    if (handle === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed READDIR packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received READDIR (id:${reqID})`);\n\n    if (!sftp.emit('READDIR', reqID, handle)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.REMOVE]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed REMOVE packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received REMOVE (id:${reqID})`);\n\n    if (!sftp.emit('REMOVE', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.MKDIR]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n      ATTRS      attrs\n    */\n    const path = bufferParser.readString(true);\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n\n    if (attrs === undefined)\n      return doFatalSFTPError(sftp, 'Malformed MKDIR packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received MKDIR (id:${reqID})`);\n\n    if (!sftp.emit('MKDIR', reqID, path, attrs)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.RMDIR]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed RMDIR packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received RMDIR (id:${reqID})`);\n\n    if (!sftp.emit('RMDIR', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.REALPATH]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed REALPATH packet');\n\n    sftp._debug && sftp._debug(\n      `SFTP: Inbound: Received REALPATH (id:${reqID})`\n    );\n\n    if (!sftp.emit('REALPATH', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.STAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed STAT packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received STAT (id:${reqID})`);\n\n    if (!sftp.emit('STAT', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.RENAME]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     oldpath\n      string     newpath\n    */\n    const oldPath = bufferParser.readString(true);\n    const newPath = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (newPath === undefined)\n      return doFatalSFTPError(sftp, 'Malformed RENAME packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received RENAME (id:${reqID})`);\n\n    if (!sftp.emit('RENAME', reqID, oldPath, newPath)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.READLINK]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed READLINK packet');\n\n    sftp._debug && sftp._debug(\n      `SFTP: Inbound: Received READLINK (id:${reqID})`\n    );\n\n    if (!sftp.emit('READLINK', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.SYMLINK]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     linkpath\n      string     targetpath\n    */\n    const linkPath = bufferParser.readString(true);\n    const targetPath = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (targetPath === undefined)\n      return doFatalSFTPError(sftp, 'Malformed SYMLINK packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received SYMLINK (id:${reqID})`);\n\n    let handled;\n    if (sftp._isOpenSSH) {\n      // OpenSSH has linkpath and targetpath positions switched\n      handled = sftp.emit('SYMLINK', reqID, targetPath, linkPath);\n    } else {\n      handled = sftp.emit('SYMLINK', reqID, linkPath, targetPath);\n    }\n    if (!handled) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.EXTENDED]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     extended-request\n      ... any request-specific data ...\n    */\n    const extName = bufferParser.readString(true);\n    if (extName === undefined) {\n      bufferParser.clear();\n      return doFatalSFTPError(sftp, 'Malformed EXTENDED packet');\n    }\n\n    let extData;\n    if (bufferParser.avail())\n      extData = bufferParser.readRaw();\n    bufferParser.clear();\n\n    sftp._debug && sftp._debug(\n      `SFTP: Inbound: Received EXTENDED (id:${reqID})`\n    );\n\n    if (!sftp.emit('EXTENDED', reqID, extName, extData)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n};\n\n// =============================================================================\n// ReadStream/WriteStream-related ==============================================\n// =============================================================================\nconst {\n  ERR_INVALID_ARG_TYPE,\n  ERR_OUT_OF_RANGE,\n  validateNumber\n} = require('./node-fs-compat');\n\nconst kMinPoolSpace = 128;\n\nlet pool;\n// It can happen that we expect to read a large chunk of data, and reserve\n// a large chunk of the pool accordingly, but the read() call only filled\n// a portion of it. If a concurrently executing read() then uses the same pool,\n// the \"reserved\" portion cannot be used, so we allow it to be re-used as a\n// new pool later.\nconst poolFragments = [];\n\nfunction allocNewPool(poolSize) {\n  if (poolFragments.length > 0)\n    pool = poolFragments.pop();\n  else\n    pool = Buffer.allocUnsafe(poolSize);\n  pool.used = 0;\n}\n\n// Check the `this.start` and `this.end` of stream.\nfunction checkPosition(pos, name) {\n  if (!Number.isSafeInteger(pos)) {\n    validateNumber(pos, name);\n    if (!Number.isInteger(pos))\n      throw new ERR_OUT_OF_RANGE(name, 'an integer', pos);\n    throw new ERR_OUT_OF_RANGE(name, '>= 0 and <= 2 ** 53 - 1', pos);\n  }\n  if (pos < 0)\n    throw new ERR_OUT_OF_RANGE(name, '>= 0 and <= 2 ** 53 - 1', pos);\n}\n\nfunction roundUpToMultipleOf8(n) {\n  return (n + 7) & ~7;  // Align to 8 byte boundary.\n}\n\nfunction ReadStream(sftp, path, options) {\n  if (options === undefined)\n    options = {};\n  else if (typeof options === 'string')\n    options = { encoding: options };\n  else if (options === null || typeof options !== 'object')\n    throw new TypeError('\"options\" argument must be a string or an object');\n  else\n    options = Object.create(options);\n\n  // A little bit bigger buffer and water marks by default\n  if (options.highWaterMark === undefined)\n    options.highWaterMark = 64 * 1024;\n\n  // For backwards compat do not emit close on destroy.\n  options.emitClose = false;\n  options.autoDestroy = false; // Node 14 major change.\n\n  ReadableStream.call(this, options);\n\n  this.path = path;\n  this.flags = options.flags === undefined ? 'r' : options.flags;\n  this.mode = options.mode === undefined ? 0o666 : options.mode;\n\n  this.start = options.start;\n  this.end = options.end;\n  this.autoClose = options.autoClose === undefined ? true : options.autoClose;\n  this.pos = 0;\n  this.bytesRead = 0;\n  this.isClosed = false;\n\n  this.handle = options.handle === undefined ? null : options.handle;\n  this.sftp = sftp;\n  this._opening = false;\n\n  if (this.start !== undefined) {\n    checkPosition(this.start, 'start');\n\n    this.pos = this.start;\n  }\n\n  if (this.end === undefined) {\n    this.end = Infinity;\n  } else if (this.end !== Infinity) {\n    checkPosition(this.end, 'end');\n\n    if (this.start !== undefined && this.start > this.end) {\n      throw new ERR_OUT_OF_RANGE(\n        'start',\n        `<= \"end\" (here: ${this.end})`,\n        this.start\n      );\n    }\n  }\n\n  this.on('end', function() {\n    if (this.autoClose)\n      this.destroy();\n  });\n\n  if (!Buffer.isBuffer(this.handle))\n    this.open();\n}\ninherits(ReadStream, ReadableStream);\n\nReadStream.prototype.open = function() {\n  if (this._opening)\n    return;\n\n  this._opening = true;\n\n  this.sftp.open(this.path, this.flags, this.mode, (er, handle) => {\n    this._opening = false;\n\n    if (er) {\n      this.emit('error', er);\n      if (this.autoClose)\n        this.destroy();\n      return;\n    }\n\n    this.handle = handle;\n    this.emit('open', handle);\n    this.emit('ready');\n    // Start the flow of data.\n    this.read();\n  });\n};\n\nReadStream.prototype._read = function(n) {\n  if (!Buffer.isBuffer(this.handle))\n    return this.once('open', () => this._read(n));\n\n  // XXX: safe to remove this?\n  if (this.destroyed)\n    return;\n\n  if (!pool || pool.length - pool.used < kMinPoolSpace) {\n    // Discard the old pool.\n    allocNewPool(this.readableHighWaterMark\n                 || this._readableState.highWaterMark);\n  }\n\n  // Grab another reference to the pool in the case that while we're\n  // in the thread pool another read() finishes up the pool, and\n  // allocates a new one.\n  const thisPool = pool;\n  let toRead = Math.min(pool.length - pool.used, n);\n  const start = pool.used;\n\n  if (this.end !== undefined)\n    toRead = Math.min(this.end - this.pos + 1, toRead);\n\n  // Already read everything we were supposed to read!\n  // treat as EOF.\n  if (toRead <= 0)\n    return this.push(null);\n\n  // the actual read.\n  this.sftp.read(this.handle,\n                 pool,\n                 pool.used,\n                 toRead,\n                 this.pos,\n                 (er, bytesRead) => {\n    if (er) {\n      this.emit('error', er);\n      if (this.autoClose)\n        this.destroy();\n      return;\n    }\n    let b = null;\n\n    // Now that we know how much data we have actually read, re-wind the\n    // 'used' field if we can, and otherwise allow the remainder of our\n    // reservation to be used as a new pool later.\n    if (start + toRead === thisPool.used && thisPool === pool) {\n      thisPool.used = roundUpToMultipleOf8(thisPool.used + bytesRead - toRead);\n    } else {\n      // Round down to the next lowest multiple of 8 to ensure the new pool\n      // fragment start and end positions are aligned to an 8 byte boundary.\n      const alignedEnd = (start + toRead) & ~7;\n      const alignedStart = roundUpToMultipleOf8(start + bytesRead);\n      if (alignedEnd - alignedStart >= kMinPoolSpace)\n        poolFragments.push(thisPool.slice(alignedStart, alignedEnd));\n    }\n\n    if (bytesRead > 0) {\n      this.bytesRead += bytesRead;\n      b = thisPool.slice(start, start + bytesRead);\n    }\n\n    // Move the pool positions, and internal position for reading.\n    this.pos += bytesRead;\n\n    this.push(b);\n  });\n\n  pool.used = roundUpToMultipleOf8(pool.used + toRead);\n};\n\nReadStream.prototype._destroy = function(err, cb) {\n  if (this._opening && !Buffer.isBuffer(this.handle)) {\n    this.once('open', closeStream.bind(null, this, cb, err));\n    return;\n  }\n\n  closeStream(this, cb, err);\n  this.handle = null;\n  this._opening = false;\n};\n\nfunction closeStream(stream, cb, err) {\n  if (!stream.handle)\n    return onclose();\n\n  stream.sftp.close(stream.handle, onclose);\n\n  function onclose(er) {\n    er = er || err;\n    cb(er);\n    stream.isClosed = true;\n    if (!er)\n      stream.emit('close');\n  }\n}\n\nReadStream.prototype.close = function(cb) {\n  this.destroy(null, cb);\n};\n\nObject.defineProperty(ReadStream.prototype, 'pending', {\n  get() {\n    return this.handle === null;\n  },\n  configurable: true\n});\n\n// TODO: add `concurrency` setting to allow more than one in-flight WRITE\n// request to server to improve throughput\nfunction WriteStream(sftp, path, options) {\n  if (options === undefined)\n    options = {};\n  else if (typeof options === 'string')\n    options = { encoding: options };\n  else if (options === null || typeof options !== 'object')\n    throw new TypeError('\"options\" argument must be a string or an object');\n  else\n    options = Object.create(options);\n\n  // For backwards compat do not emit close on destroy.\n  options.emitClose = false;\n  options.autoDestroy = false; // Node 14 major change.\n\n  WritableStream.call(this, options);\n\n  this.path = path;\n  this.flags = options.flags === undefined ? 'w' : options.flags;\n  this.mode = options.mode === undefined ? 0o666 : options.mode;\n\n  this.start = options.start;\n  this.autoClose = options.autoClose === undefined ? true : options.autoClose;\n  this.pos = 0;\n  this.bytesWritten = 0;\n  this.isClosed = false;\n\n  this.handle = options.handle === undefined ? null : options.handle;\n  this.sftp = sftp;\n  this._opening = false;\n\n  if (this.start !== undefined) {\n    checkPosition(this.start, 'start');\n\n    this.pos = this.start;\n  }\n\n  if (options.encoding)\n    this.setDefaultEncoding(options.encoding);\n\n  // Node v6.x only\n  this.on('finish', function() {\n    if (this._writableState.finalCalled)\n      return;\n    if (this.autoClose)\n      this.destroy();\n  });\n\n  if (!Buffer.isBuffer(this.handle))\n    this.open();\n}\ninherits(WriteStream, WritableStream);\n\nWriteStream.prototype._final = function(cb) {\n  if (this.autoClose)\n    this.destroy();\n  cb();\n};\n\nWriteStream.prototype.open = function() {\n  if (this._opening)\n    return;\n\n  this._opening = true;\n\n  this.sftp.open(this.path, this.flags, this.mode, (er, handle) => {\n    this._opening = false;\n\n    if (er) {\n      this.emit('error', er);\n      if (this.autoClose)\n        this.destroy();\n      return;\n    }\n\n    this.handle = handle;\n\n    const tryAgain = (err) => {\n      if (err) {\n        // Try chmod() for sftp servers that may not support fchmod() for\n        // whatever reason\n        this.sftp.chmod(this.path, this.mode, (err_) => tryAgain());\n        return;\n      }\n\n      // SFTPv3 requires absolute offsets, no matter the open flag used\n      if (this.flags[0] === 'a') {\n        const tryStat = (err, st) => {\n          if (err) {\n            // Try stat() for sftp servers that may not support fstat() for\n            // whatever reason\n            this.sftp.stat(this.path, (err_, st_) => {\n              if (err_) {\n                this.destroy();\n                this.emit('error', err);\n                return;\n              }\n              tryStat(null, st_);\n            });\n            return;\n          }\n\n          this.pos = st.size;\n          this.emit('open', handle);\n          this.emit('ready');\n        };\n\n        this.sftp.fstat(handle, tryStat);\n        return;\n      }\n\n      this.emit('open', handle);\n      this.emit('ready');\n    };\n\n    this.sftp.fchmod(handle, this.mode, tryAgain);\n  });\n};\n\nWriteStream.prototype._write = function(data, encoding, cb) {\n  if (!Buffer.isBuffer(data)) {\n    const err = new ERR_INVALID_ARG_TYPE('data', 'Buffer', data);\n    return this.emit('error', err);\n  }\n\n  if (!Buffer.isBuffer(this.handle)) {\n    return this.once('open', function() {\n      this._write(data, encoding, cb);\n    });\n  }\n\n  this.sftp.write(this.handle,\n                  data,\n                  0,\n                  data.length,\n                  this.pos,\n                  (er, bytes) => {\n    if (er) {\n      if (this.autoClose)\n        this.destroy();\n      return cb(er);\n    }\n    this.bytesWritten += bytes;\n    cb();\n  });\n\n  this.pos += data.length;\n};\n\nWriteStream.prototype._writev = function(data, cb) {\n  if (!Buffer.isBuffer(this.handle)) {\n    return this.once('open', function() {\n      this._writev(data, cb);\n    });\n  }\n\n  const sftp = this.sftp;\n  const handle = this.handle;\n  let writesLeft = data.length;\n\n  const onwrite = (er, bytes) => {\n    if (er) {\n      this.destroy();\n      return cb(er);\n    }\n    this.bytesWritten += bytes;\n    if (--writesLeft === 0)\n      cb();\n  };\n\n  // TODO: try to combine chunks to reduce number of requests to the server?\n  for (let i = 0; i < data.length; ++i) {\n    const chunk = data[i].chunk;\n\n    sftp.write(handle, chunk, 0, chunk.length, this.pos, onwrite);\n    this.pos += chunk.length;\n  }\n};\n\nif (typeof WritableStream.prototype.destroy !== 'function')\n  WriteStream.prototype.destroy = ReadStream.prototype.destroy;\n\nWriteStream.prototype._destroy = ReadStream.prototype._destroy;\nWriteStream.prototype.close = function(cb) {\n  if (cb) {\n    if (this.isClosed) {\n      process.nextTick(cb);\n      return;\n    }\n    this.on('close', cb);\n  }\n\n  // If we are not autoClosing, we should call\n  // destroy on 'finish'.\n  if (!this.autoClose)\n    this.on('finish', this.destroy.bind(this));\n\n  this.end();\n};\n\n// There is no shutdown() for files.\nWriteStream.prototype.destroySoon = WriteStream.prototype.end;\n\nObject.defineProperty(WriteStream.prototype, 'pending', {\n  get() {\n    return this.handle === null;\n  },\n  configurable: true\n});\n// =============================================================================\n\nmodule.exports = {\n  flagsToString,\n  OPEN_MODE,\n  SFTP,\n  Stats,\n  STATUS_CODE,\n  stringToFlags,\n};\n","'use strict';\n\nconst crypto = require('crypto');\n\nlet cpuInfo;\ntry {\n  cpuInfo = require('cpu-features')();\n} catch {}\n\nconst { bindingAvailable, CIPHER_INFO, MAC_INFO } = require('./crypto.js');\n\nconst eddsaSupported = (() => {\n  if (typeof crypto.sign === 'function'\n      && typeof crypto.verify === 'function') {\n    const key =\n      '-----BEGIN PRIVATE KEY-----\\r\\nMC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD'\n      + '/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\\r\\n-----END PRIVATE KEY-----';\n    const data = Buffer.from('a');\n    let sig;\n    let verified;\n    try {\n      sig = crypto.sign(null, data, key);\n      verified = crypto.verify(null, data, key, sig);\n    } catch {}\n    return (Buffer.isBuffer(sig) && sig.length === 64 && verified === true);\n  }\n\n  return false;\n})();\n\nconst curve25519Supported = (typeof crypto.diffieHellman === 'function'\n                             && typeof crypto.generateKeyPairSync === 'function'\n                             && typeof crypto.createPublicKey === 'function');\n\nconst DEFAULT_KEX = [\n  // https://tools.ietf.org/html/rfc5656#section-10.1\n  'ecdh-sha2-nistp256',\n  'ecdh-sha2-nistp384',\n  'ecdh-sha2-nistp521',\n\n  // https://tools.ietf.org/html/rfc4419#section-4\n  'diffie-hellman-group-exchange-sha256',\n\n  // https://tools.ietf.org/html/rfc8268\n  'diffie-hellman-group14-sha256',\n  'diffie-hellman-group15-sha512',\n  'diffie-hellman-group16-sha512',\n  'diffie-hellman-group17-sha512',\n  'diffie-hellman-group18-sha512',\n];\nif (curve25519Supported) {\n  DEFAULT_KEX.unshift('curve25519-sha256');\n  DEFAULT_KEX.unshift('curve25519-sha256@libssh.org');\n}\nconst SUPPORTED_KEX = DEFAULT_KEX.concat([\n  // https://tools.ietf.org/html/rfc4419#section-4\n  'diffie-hellman-group-exchange-sha1',\n\n  'diffie-hellman-group14-sha1', // REQUIRED\n  'diffie-hellman-group1-sha1',  // REQUIRED\n]);\n\n\nconst DEFAULT_SERVER_HOST_KEY = [\n  'ecdsa-sha2-nistp256',\n  'ecdsa-sha2-nistp384',\n  'ecdsa-sha2-nistp521',\n  'rsa-sha2-512', // RFC 8332\n  'rsa-sha2-256', // RFC 8332\n  'ssh-rsa',\n];\nif (eddsaSupported)\n  DEFAULT_SERVER_HOST_KEY.unshift('ssh-ed25519');\nconst SUPPORTED_SERVER_HOST_KEY = DEFAULT_SERVER_HOST_KEY.concat([\n  'ssh-dss',\n]);\n\n\nconst canUseCipher = (() => {\n  const ciphers = crypto.getCiphers();\n  return (name) => ciphers.includes(CIPHER_INFO[name].sslName);\n})();\nlet DEFAULT_CIPHER = [\n  // http://tools.ietf.org/html/rfc5647\n  'aes128-gcm@openssh.com',\n  'aes256-gcm@openssh.com',\n\n  // http://tools.ietf.org/html/rfc4344#section-4\n  'aes128-ctr',\n  'aes192-ctr',\n  'aes256-ctr',\n];\nif (cpuInfo && cpuInfo.flags && !cpuInfo.flags.aes) {\n  // We know for sure the CPU does not support AES acceleration\n  if (bindingAvailable)\n    DEFAULT_CIPHER.unshift('chacha20-poly1305@openssh.com');\n  else\n    DEFAULT_CIPHER.push('chacha20-poly1305@openssh.com');\n} else if (bindingAvailable && cpuInfo && cpuInfo.arch === 'x86') {\n  // Places chacha20-poly1305 immediately after GCM ciphers since GCM ciphers\n  // seem to outperform it on x86, but it seems to be faster than CTR ciphers\n  DEFAULT_CIPHER.splice(4, 0, 'chacha20-poly1305@openssh.com');\n} else {\n  DEFAULT_CIPHER.push('chacha20-poly1305@openssh.com');\n}\nDEFAULT_CIPHER = DEFAULT_CIPHER.filter(canUseCipher);\nconst SUPPORTED_CIPHER = DEFAULT_CIPHER.concat([\n  'aes256-cbc',\n  'aes192-cbc',\n  'aes128-cbc',\n  'blowfish-cbc',\n  '3des-cbc',\n  'aes128-gcm',\n  'aes256-gcm',\n\n  // http://tools.ietf.org/html/rfc4345#section-4:\n  'arcfour256',\n  'arcfour128',\n\n  'cast128-cbc',\n  'arcfour',\n].filter(canUseCipher));\n\n\nconst canUseMAC = (() => {\n  const hashes = crypto.getHashes();\n  return (name) => hashes.includes(MAC_INFO[name].sslName);\n})();\nconst DEFAULT_MAC = [\n  'hmac-sha2-256-etm@openssh.com',\n  'hmac-sha2-512-etm@openssh.com',\n  'hmac-sha1-etm@openssh.com',\n  'hmac-sha2-256',\n  'hmac-sha2-512',\n  'hmac-sha1',\n].filter(canUseMAC);\nconst SUPPORTED_MAC = DEFAULT_MAC.concat([\n  'hmac-md5',\n  'hmac-sha2-256-96', // first 96 bits of HMAC-SHA256\n  'hmac-sha2-512-96', // first 96 bits of HMAC-SHA512\n  'hmac-ripemd160',\n  'hmac-sha1-96',     // first 96 bits of HMAC-SHA1\n  'hmac-md5-96',      // first 96 bits of HMAC-MD5\n].filter(canUseMAC));\n\nconst DEFAULT_COMPRESSION = [\n  'none',\n  'zlib@openssh.com', // ZLIB (LZ77) compression, except\n                      // compression/decompression does not start until after\n                      // successful user authentication\n  'zlib',             // ZLIB (LZ77) compression\n];\nconst SUPPORTED_COMPRESSION = DEFAULT_COMPRESSION.concat([\n]);\n\n\nconst COMPAT = {\n  BAD_DHGEX: 1 << 0,\n  OLD_EXIT: 1 << 1,\n  DYN_RPORT_BUG: 1 << 2,\n  BUG_DHGEX_LARGE: 1 << 3,\n};\n\nmodule.exports = {\n  MESSAGE: {\n    // Transport layer protocol -- generic (1-19)\n    DISCONNECT: 1,\n    IGNORE: 2,\n    UNIMPLEMENTED: 3,\n    DEBUG: 4,\n    SERVICE_REQUEST: 5,\n    SERVICE_ACCEPT: 6,\n\n    // Transport layer protocol -- algorithm negotiation (20-29)\n    KEXINIT: 20,\n    NEWKEYS: 21,\n\n    // Transport layer protocol -- key exchange method-specific (30-49)\n    KEXDH_INIT: 30,\n    KEXDH_REPLY: 31,\n\n    KEXDH_GEX_GROUP: 31,\n    KEXDH_GEX_INIT: 32,\n    KEXDH_GEX_REPLY: 33,\n    KEXDH_GEX_REQUEST: 34,\n\n    KEXECDH_INIT: 30,\n    KEXECDH_REPLY: 31,\n\n    // User auth protocol -- generic (50-59)\n    USERAUTH_REQUEST: 50,\n    USERAUTH_FAILURE: 51,\n    USERAUTH_SUCCESS: 52,\n    USERAUTH_BANNER: 53,\n\n    // User auth protocol -- user auth method-specific (60-79)\n    USERAUTH_PASSWD_CHANGEREQ: 60,\n\n    USERAUTH_PK_OK: 60,\n\n    USERAUTH_INFO_REQUEST: 60,\n    USERAUTH_INFO_RESPONSE: 61,\n\n    // Connection protocol -- generic (80-89)\n    GLOBAL_REQUEST: 80,\n    REQUEST_SUCCESS: 81,\n    REQUEST_FAILURE: 82,\n\n    // Connection protocol -- channel-related (90-127)\n    CHANNEL_OPEN: 90,\n    CHANNEL_OPEN_CONFIRMATION: 91,\n    CHANNEL_OPEN_FAILURE: 92,\n    CHANNEL_WINDOW_ADJUST: 93,\n    CHANNEL_DATA: 94,\n    CHANNEL_EXTENDED_DATA: 95,\n    CHANNEL_EOF: 96,\n    CHANNEL_CLOSE: 97,\n    CHANNEL_REQUEST: 98,\n    CHANNEL_SUCCESS: 99,\n    CHANNEL_FAILURE: 100\n\n    // Reserved for client protocols (128-191)\n\n    // Local extensions (192-155)\n  },\n  DISCONNECT_REASON: {\n    HOST_NOT_ALLOWED_TO_CONNECT: 1,\n    PROTOCOL_ERROR: 2,\n    KEY_EXCHANGE_FAILED: 3,\n    RESERVED: 4,\n    MAC_ERROR: 5,\n    COMPRESSION_ERROR: 6,\n    SERVICE_NOT_AVAILABLE: 7,\n    PROTOCOL_VERSION_NOT_SUPPORTED: 8,\n    HOST_KEY_NOT_VERIFIABLE: 9,\n    CONNECTION_LOST: 10,\n    BY_APPLICATION: 11,\n    TOO_MANY_CONNECTIONS: 12,\n    AUTH_CANCELED_BY_USER: 13,\n    NO_MORE_AUTH_METHODS_AVAILABLE: 14,\n    ILLEGAL_USER_NAME: 15,\n  },\n  DISCONNECT_REASON_STR: undefined,\n  CHANNEL_OPEN_FAILURE: {\n    ADMINISTRATIVELY_PROHIBITED: 1,\n    CONNECT_FAILED: 2,\n    UNKNOWN_CHANNEL_TYPE: 3,\n    RESOURCE_SHORTAGE: 4\n  },\n  TERMINAL_MODE: {\n    TTY_OP_END: 0,        // Indicates end of options.\n    VINTR: 1,             // Interrupt character; 255 if none. Similarly for the\n                          //  other characters.  Not all of these characters are\n                          //  supported on all systems.\n    VQUIT: 2,             // The quit character (sends SIGQUIT signal on POSIX\n                          //  systems).\n    VERASE: 3,            // Erase the character to left of the cursor.\n    VKILL: 4,             // Kill the current input line.\n    VEOF: 5,              // End-of-file character (sends EOF from the\n                          //  terminal).\n    VEOL: 6,              // End-of-line character in addition to carriage\n                          //  return and/or linefeed.\n    VEOL2: 7,             // Additional end-of-line character.\n    VSTART: 8,            // Continues paused output (normally control-Q).\n    VSTOP: 9,             // Pauses output (normally control-S).\n    VSUSP: 10,            // Suspends the current program.\n    VDSUSP: 11,           // Another suspend character.\n    VREPRINT: 12,         // Reprints the current input line.\n    VWERASE: 13,          // Erases a word left of cursor.\n    VLNEXT: 14,           // Enter the next character typed literally, even if\n                          //  it is a special character\n    VFLUSH: 15,           // Character to flush output.\n    VSWTCH: 16,           // Switch to a different shell layer.\n    VSTATUS: 17,          // Prints system status line (load, command, pid,\n                          //  etc).\n    VDISCARD: 18,         // Toggles the flushing of terminal output.\n    IGNPAR: 30,           // The ignore parity flag.  The parameter SHOULD be 0\n                          //  if this flag is FALSE, and 1 if it is TRUE.\n    PARMRK: 31,           // Mark parity and framing errors.\n    INPCK: 32,            // Enable checking of parity errors.\n    ISTRIP: 33,           // Strip 8th bit off characters.\n    INLCR: 34,            // Map NL into CR on input.\n    IGNCR: 35,            // Ignore CR on input.\n    ICRNL: 36,            // Map CR to NL on input.\n    IUCLC: 37,            // Translate uppercase characters to lowercase.\n    IXON: 38,             // Enable output flow control.\n    IXANY: 39,            // Any char will restart after stop.\n    IXOFF: 40,            // Enable input flow control.\n    IMAXBEL: 41,          // Ring bell on input queue full.\n    ISIG: 50,             // Enable signals INTR, QUIT, [D]SUSP.\n    ICANON: 51,           // Canonicalize input lines.\n    XCASE: 52,            // Enable input and output of uppercase characters by\n                          //  preceding their lowercase equivalents with \"\\\".\n    ECHO: 53,             // Enable echoing.\n    ECHOE: 54,            // Visually erase chars.\n    ECHOK: 55,            // Kill character discards current line.\n    ECHONL: 56,           // Echo NL even if ECHO is off.\n    NOFLSH: 57,           // Don't flush after interrupt.\n    TOSTOP: 58,           // Stop background jobs from output.\n    IEXTEN: 59,           // Enable extensions.\n    ECHOCTL: 60,          // Echo control characters as ^(Char).\n    ECHOKE: 61,           // Visual erase for line kill.\n    PENDIN: 62,           // Retype pending input.\n    OPOST: 70,            // Enable output processing.\n    OLCUC: 71,            // Convert lowercase to uppercase.\n    ONLCR: 72,            // Map NL to CR-NL.\n    OCRNL: 73,            // Translate carriage return to newline (output).\n    ONOCR: 74,            // Translate newline to carriage return-newline\n                          //  (output).\n    ONLRET: 75,           // Newline performs a carriage return (output).\n    CS7: 90,              // 7 bit mode.\n    CS8: 91,              // 8 bit mode.\n    PARENB: 92,           // Parity enable.\n    PARODD: 93,           // Odd parity, else even.\n    TTY_OP_ISPEED: 128,   // Specifies the input baud rate in bits per second.\n    TTY_OP_OSPEED: 129,   // Specifies the output baud rate in bits per second.\n  },\n  CHANNEL_EXTENDED_DATATYPE: {\n    STDERR: 1,\n  },\n\n  SIGNALS: [\n    'ABRT', 'ALRM', 'FPE', 'HUP', 'ILL', 'INT', 'QUIT', 'SEGV', 'TERM', 'USR1',\n    'USR2', 'KILL', 'PIPE'\n  ].reduce((cur, val) => ({ ...cur, [val]: 1 }), {}),\n\n  COMPAT,\n  COMPAT_CHECKS: [\n    [ 'Cisco-1.25', COMPAT.BAD_DHGEX ],\n    [ /^Cisco-1\\./, COMPAT.BUG_DHGEX_LARGE ],\n    [ /^[0-9.]+$/, COMPAT.OLD_EXIT ], // old SSH.com implementations\n    [ /^OpenSSH_5\\.\\d+/, COMPAT.DYN_RPORT_BUG ],\n  ],\n\n  // KEX proposal-related\n  DEFAULT_KEX,\n  SUPPORTED_KEX,\n  DEFAULT_SERVER_HOST_KEY,\n  SUPPORTED_SERVER_HOST_KEY,\n  DEFAULT_CIPHER,\n  SUPPORTED_CIPHER,\n  DEFAULT_MAC,\n  SUPPORTED_MAC,\n  DEFAULT_COMPRESSION,\n  SUPPORTED_COMPRESSION,\n\n  curve25519Supported,\n  eddsaSupported,\n};\n\nmodule.exports.DISCONNECT_REASON_BY_VALUE =\n  Array.from(Object.entries(module.exports.DISCONNECT_REASON))\n       .reduce((obj, [key, value]) => ({ ...obj, [value]: key }), {});\n","// TODO:\n//    * make max packet size configurable\n//    * if decompression is enabled, use `._packet` in decipher instances as\n//      input to (sync) zlib inflater with appropriate offset and length to\n//      avoid an additional copy of payload data before inflation\n//    * factor decompression status into packet length checks\n'use strict';\n\nconst {\n  createCipheriv, createDecipheriv, createHmac, randomFillSync, timingSafeEqual\n} = require('crypto');\n\nconst { readUInt32BE, writeUInt32BE } = require('./utils.js');\n\nconst FastBuffer = Buffer[Symbol.species];\nconst MAX_SEQNO = 2 ** 32 - 1;\nconst EMPTY_BUFFER = Buffer.alloc(0);\nconst BUF_INT = Buffer.alloc(4);\nconst DISCARD_CACHE = new Map();\nconst MAX_PACKET_SIZE = 35000;\n\nlet binding;\nlet AESGCMCipher;\nlet ChaChaPolyCipher;\nlet GenericCipher;\nlet AESGCMDecipher;\nlet ChaChaPolyDecipher;\nlet GenericDecipher;\ntry {\n  binding = require('./crypto/build/Release/sshcrypto.node');\n  ({ AESGCMCipher, ChaChaPolyCipher, GenericCipher,\n     AESGCMDecipher, ChaChaPolyDecipher, GenericDecipher } = binding);\n} catch {}\n\nconst CIPHER_STREAM = 1 << 0;\nconst CIPHER_INFO = (() => {\n  function info(sslName, blockLen, keyLen, ivLen, authLen, discardLen, flags) {\n    return {\n      sslName,\n      blockLen,\n      keyLen,\n      ivLen: (ivLen !== 0 || (flags & CIPHER_STREAM)\n              ? ivLen\n              : blockLen),\n      authLen,\n      discardLen,\n      stream: !!(flags & CIPHER_STREAM),\n    };\n  }\n\n  return {\n    'chacha20-poly1305@openssh.com':\n      info('chacha20', 8, 64, 0, 16, 0, CIPHER_STREAM),\n\n    'aes128-gcm': info('aes-128-gcm', 16, 16, 12, 16, 0, CIPHER_STREAM),\n    'aes256-gcm': info('aes-256-gcm', 16, 32, 12, 16, 0, CIPHER_STREAM),\n    'aes128-gcm@openssh.com':\n      info('aes-128-gcm', 16, 16, 12, 16, 0, CIPHER_STREAM),\n    'aes256-gcm@openssh.com':\n      info('aes-256-gcm', 16, 32, 12, 16, 0, CIPHER_STREAM),\n\n    'aes128-cbc': info('aes-128-cbc', 16, 16, 0, 0, 0, 0),\n    'aes192-cbc': info('aes-192-cbc', 16, 24, 0, 0, 0, 0),\n    'aes256-cbc': info('aes-256-cbc', 16, 32, 0, 0, 0, 0),\n    'rijndael-cbc@lysator.liu.se': info('aes-256-cbc', 16, 32, 0, 0, 0, 0),\n    '3des-cbc': info('des-ede3-cbc', 8, 24, 0, 0, 0, 0),\n    'blowfish-cbc': info('bf-cbc', 8, 16, 0, 0, 0, 0),\n    'idea-cbc': info('idea-cbc', 8, 16, 0, 0, 0, 0),\n    'cast128-cbc': info('cast-cbc', 8, 16, 0, 0, 0, 0),\n\n    'aes128-ctr': info('aes-128-ctr', 16, 16, 16, 0, 0, CIPHER_STREAM),\n    'aes192-ctr': info('aes-192-ctr', 16, 24, 16, 0, 0, CIPHER_STREAM),\n    'aes256-ctr': info('aes-256-ctr', 16, 32, 16, 0, 0, CIPHER_STREAM),\n    '3des-ctr': info('des-ede3', 8, 24, 8, 0, 0, CIPHER_STREAM),\n    'blowfish-ctr': info('bf-ecb', 8, 16, 8, 0, 0, CIPHER_STREAM),\n    'cast128-ctr': info('cast5-ecb', 8, 16, 8, 0, 0, CIPHER_STREAM),\n\n    /* The \"arcfour128\" algorithm is the RC4 cipher, as described in\n       [SCHNEIER], using a 128-bit key.  The first 1536 bytes of keystream\n       generated by the cipher MUST be discarded, and the first byte of the\n       first encrypted packet MUST be encrypted using the 1537th byte of\n       keystream.\n\n       -- http://tools.ietf.org/html/rfc4345#section-4 */\n    'arcfour': info('rc4', 8, 16, 0, 0, 1536, CIPHER_STREAM),\n    'arcfour128': info('rc4', 8, 16, 0, 0, 1536, CIPHER_STREAM),\n    'arcfour256': info('rc4', 8, 32, 0, 0, 1536, CIPHER_STREAM),\n    'arcfour512': info('rc4', 8, 64, 0, 0, 1536, CIPHER_STREAM),\n  };\n})();\n\nconst MAC_INFO = (() => {\n  function info(sslName, len, actualLen, isETM) {\n    return {\n      sslName,\n      len,\n      actualLen,\n      isETM,\n    };\n  }\n\n  return {\n    'hmac-md5': info('md5', 16, 16, false),\n    'hmac-md5-96': info('md5', 16, 12, false),\n    'hmac-ripemd160': info('ripemd160', 20, 20, false),\n    'hmac-sha1': info('sha1', 20, 20, false),\n    'hmac-sha1-etm@openssh.com': info('sha1', 20, 20, true),\n    'hmac-sha1-96': info('sha1', 20, 12, false),\n    'hmac-sha2-256': info('sha256', 32, 32, false),\n    'hmac-sha2-256-etm@openssh.com': info('sha256', 32, 32, true),\n    'hmac-sha2-256-96': info('sha256', 32, 12, false),\n    'hmac-sha2-512': info('sha512', 64, 64, false),\n    'hmac-sha2-512-etm@openssh.com': info('sha512', 64, 64, true),\n    'hmac-sha2-512-96': info('sha512', 64, 12, false),\n  };\n})();\n\n\n// Should only_be used during the initial handshake\nclass NullCipher {\n  constructor(seqno, onWrite) {\n    this.outSeqno = seqno;\n    this._onWrite = onWrite;\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 8 - (pktLen & (8 - 1));\n    if (padLen < 4)\n      padLen += 8;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    this._onWrite(packet);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\n\nconst POLY1305_ZEROS = Buffer.alloc(32);\nconst POLY1305_OUT_COMPUTE = Buffer.alloc(16);\nlet POLY1305_WASM_MODULE;\nlet POLY1305_RESULT_MALLOC;\nlet poly1305_auth;\nclass ChaChaPolyCipherNative {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._encKeyMain = enc.cipherKey.slice(0, 32);\n    this._encKeyPktLen = enc.cipherKey.slice(32);\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 8 - ((pktLen - 4) & (8 - 1));\n    if (padLen < 4)\n      padLen += 8;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    // Generate Poly1305 key\n    POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n    writeUInt32BE(POLY1305_OUT_COMPUTE, this.outSeqno, 12);\n    const polyKey =\n      createCipheriv('chacha20', this._encKeyMain, POLY1305_OUT_COMPUTE)\n      .update(POLY1305_ZEROS);\n\n    // Encrypt packet length\n    const pktLenEnc =\n      createCipheriv('chacha20', this._encKeyPktLen, POLY1305_OUT_COMPUTE)\n      .update(packet.slice(0, 4));\n    this._onWrite(pktLenEnc);\n\n    // Encrypt rest of packet\n    POLY1305_OUT_COMPUTE[0] = 1; // Set counter to 1 (little endian)\n    const payloadEnc =\n      createCipheriv('chacha20', this._encKeyMain, POLY1305_OUT_COMPUTE)\n      .update(packet.slice(4));\n    this._onWrite(payloadEnc);\n\n    // Calculate Poly1305 MAC\n    poly1305_auth(POLY1305_RESULT_MALLOC,\n                  pktLenEnc,\n                  pktLenEnc.length,\n                  payloadEnc,\n                  payloadEnc.length,\n                  polyKey);\n    const mac = Buffer.allocUnsafe(16);\n    mac.set(\n      new Uint8Array(POLY1305_WASM_MODULE.HEAPU8.buffer,\n                     POLY1305_RESULT_MALLOC,\n                     16),\n      0\n    );\n    this._onWrite(mac);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\nclass ChaChaPolyCipherBinding {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._instance = new ChaChaPolyCipher(enc.cipherKey);\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n    this._instance.free();\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 8 - ((pktLen - 4) & (8 - 1));\n    if (padLen < 4)\n      padLen += 8;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen + 16/* MAC */);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    // Encrypts in-place\n    this._instance.encrypt(packet, this.outSeqno);\n\n    this._onWrite(packet);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\n\nclass AESGCMCipherNative {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._encSSLName = enc.cipherInfo.sslName;\n    this._encKey = enc.cipherKey;\n    this._encIV = enc.cipherIV;\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 16 - ((pktLen - 4) & (16 - 1));\n    if (padLen < 4)\n      padLen += 16;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    const cipher = createCipheriv(this._encSSLName, this._encKey, this._encIV);\n    cipher.setAutoPadding(false);\n\n    const lenData = packet.slice(0, 4);\n    cipher.setAAD(lenData);\n    this._onWrite(lenData);\n\n    // Encrypt pad length, payload, and padding\n    const encrypted = cipher.update(packet.slice(4));\n    this._onWrite(encrypted);\n    const final = cipher.final();\n    // XXX: final.length === 0 always?\n    if (final.length)\n      this._onWrite(final);\n\n    // Generate MAC\n    const tag = cipher.getAuthTag();\n    this._onWrite(tag);\n\n    // Increment counter in IV by 1 for next packet\n    ivIncrement(this._encIV);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\nclass AESGCMCipherBinding {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._instance = new AESGCMCipher(enc.cipherInfo.sslName,\n                                      enc.cipherKey,\n                                      enc.cipherIV);\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n    this._instance.free();\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 16 - ((pktLen - 4) & (16 - 1));\n    if (padLen < 4)\n      padLen += 16;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen + 16/* authTag */);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    // Encrypts in-place\n    this._instance.encrypt(packet);\n\n    this._onWrite(packet);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\n\nclass GenericCipherNative {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._encBlockLen = enc.cipherInfo.blockLen;\n    this._cipherInstance = createCipheriv(enc.cipherInfo.sslName,\n                                          enc.cipherKey,\n                                          enc.cipherIV);\n    this._macSSLName = enc.macInfo.sslName;\n    this._macKey = enc.macKey;\n    this._macActualLen = enc.macInfo.actualLen;\n    this._macETM = enc.macInfo.isETM;\n    this._aadLen = (this._macETM ? 4 : 0);\n    this._dead = false;\n\n    const discardLen = enc.cipherInfo.discardLen;\n    if (discardLen) {\n      let discard = DISCARD_CACHE.get(discardLen);\n      if (discard === undefined) {\n        discard = Buffer.alloc(discardLen);\n        DISCARD_CACHE.set(discardLen, discard);\n      }\n      this._cipherInstance.update(discard);\n    }\n  }\n  free() {\n    this._dead = true;\n  }\n  allocPacket(payloadLen) {\n    const blockLen = this._encBlockLen;\n\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = blockLen - ((pktLen - this._aadLen) & (blockLen - 1));\n    if (padLen < 4)\n      padLen += blockLen;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    let mac;\n    if (this._macETM) {\n      // Encrypt pad length, payload, and padding\n      const lenBytes = new Uint8Array(packet.buffer, packet.byteOffset, 4);\n      const encrypted = this._cipherInstance.update(\n        new Uint8Array(packet.buffer,\n                       packet.byteOffset + 4,\n                       packet.length - 4)\n      );\n\n      this._onWrite(lenBytes);\n      this._onWrite(encrypted);\n\n      // TODO: look into storing seqno as 4-byte buffer and incrementing like we\n      // do for AES-GCM IVs to avoid having to (re)write all 4 bytes every time\n      mac = createHmac(this._macSSLName, this._macKey);\n      writeUInt32BE(BUF_INT, this.outSeqno, 0);\n      mac.update(BUF_INT);\n      mac.update(lenBytes);\n      mac.update(encrypted);\n    } else {\n      // Encrypt length field, pad length, payload, and padding\n      const encrypted = this._cipherInstance.update(packet);\n      this._onWrite(encrypted);\n\n      // TODO: look into storing seqno as 4-byte buffer and incrementing like we\n      // do for AES-GCM IVs to avoid having to (re)write all 4 bytes every time\n      mac = createHmac(this._macSSLName, this._macKey);\n      writeUInt32BE(BUF_INT, this.outSeqno, 0);\n      mac.update(BUF_INT);\n      mac.update(packet);\n    }\n\n    let digest = mac.digest();\n    if (digest.length > this._macActualLen)\n      digest = digest.slice(0, this._macActualLen);\n    this._onWrite(digest);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\nclass GenericCipherBinding {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._encBlockLen = enc.cipherInfo.blockLen;\n    this._macLen = enc.macInfo.len;\n    this._macActualLen = enc.macInfo.actualLen;\n    this._aadLen = (enc.macInfo.isETM ? 4 : 0);\n    this._instance = new GenericCipher(enc.cipherInfo.sslName,\n                                       enc.cipherKey,\n                                       enc.cipherIV,\n                                       enc.macInfo.sslName,\n                                       enc.macKey,\n                                       enc.macInfo.isETM);\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n    this._instance.free();\n  }\n  allocPacket(payloadLen) {\n    const blockLen = this._encBlockLen;\n\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = blockLen - ((pktLen - this._aadLen) & (blockLen - 1));\n    if (padLen < 4)\n      padLen += blockLen;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen + this._macLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    // Encrypts in-place\n    this._instance.encrypt(packet, this.outSeqno);\n\n    if (this._macActualLen < this._macLen) {\n      packet = new FastBuffer(packet.buffer,\n                              packet.byteOffset,\n                              (packet.length\n                                - (this._macLen - this._macActualLen)));\n    }\n    this._onWrite(packet);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\n\nclass NullDecipher {\n  constructor(seqno, onPayload) {\n    this.inSeqno = seqno;\n    this._onPayload = onPayload;\n    this._len = 0;\n    this._lenBytes = 0;\n    this._packet = null;\n    this._packetPos = 0;\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    while (p < dataLen) {\n      // Read packet length\n      if (this._lenBytes < 4) {\n        let nb = Math.min(4 - this._lenBytes, dataLen - p);\n\n        this._lenBytes += nb;\n        while (nb--)\n          this._len = (this._len << 8) + data[p++];\n\n        if (this._lenBytes < 4)\n          return;\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 8\n            || (4 + this._len & 7) !== 0) {\n          throw new Error('Bad packet length');\n        }\n        if (p >= dataLen)\n          return;\n      }\n\n      // Read padding length, payload, and padding\n      if (this._packetPos < this._len) {\n        const nb = Math.min(this._len - this._packetPos, dataLen - p);\n        let chunk;\n        if (p !== 0 || nb !== dataLen)\n          chunk = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          chunk = data;\n        if (nb === this._len) {\n          this._packet = chunk;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(chunk, this._packetPos);\n        }\n        p += nb;\n        this._packetPos += nb;\n        if (this._packetPos < this._len)\n          return;\n      }\n\n      const payload = (!this._packet\n                       ? EMPTY_BUFFER\n                       : new FastBuffer(this._packet.buffer,\n                                        this._packet.byteOffset + 1,\n                                        this._packet.length\n                                          - this._packet[0] - 1));\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._len = 0;\n      this._lenBytes = 0;\n      this._packet = null;\n      this._packetPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass ChaChaPolyDecipherNative {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._decKeyMain = dec.decipherKey.slice(0, 32);\n    this._decKeyPktLen = dec.decipherKey.slice(32);\n    this._len = 0;\n    this._lenBuf = Buffer.alloc(4);\n    this._lenPos = 0;\n    this._packet = null;\n    this._pktLen = 0;\n    this._mac = Buffer.allocUnsafe(16);\n    this._calcMac = Buffer.allocUnsafe(16);\n    this._macPos = 0;\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read packet length\n      if (this._lenPos < 4) {\n        let nb = Math.min(4 - this._lenPos, dataLen - p);\n        while (nb--)\n          this._lenBuf[this._lenPos++] = data[p++];\n        if (this._lenPos < 4)\n          return;\n\n        POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n        writeUInt32BE(POLY1305_OUT_COMPUTE, this.inSeqno, 12);\n\n        const decLenBytes =\n          createDecipheriv('chacha20', this._decKeyPktLen, POLY1305_OUT_COMPUTE)\n          .update(this._lenBuf);\n        this._len = readUInt32BE(decLenBytes, 0);\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 8\n            || (this._len & 7) !== 0) {\n          throw new Error('Bad packet length');\n        }\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        if (p >= dataLen)\n          return;\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (nb === this._len) {\n          this._packet = encrypted;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(encrypted, this._pktLen);\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read Poly1305 MAC\n      {\n        const nb = Math.min(16 - this._macPos, dataLen - p);\n        // TODO: avoid copying if entire MAC is in current chunk\n        if (p !== 0 || nb !== dataLen) {\n          this._mac.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._macPos\n          );\n        } else {\n          this._mac.set(data, this._macPos);\n        }\n        p += nb;\n        this._macPos += nb;\n        if (this._macPos < 16)\n          return;\n      }\n\n      // Generate Poly1305 key\n      POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n      writeUInt32BE(POLY1305_OUT_COMPUTE, this.inSeqno, 12);\n      const polyKey =\n        createCipheriv('chacha20', this._decKeyMain, POLY1305_OUT_COMPUTE)\n        .update(POLY1305_ZEROS);\n\n      // Calculate and compare Poly1305 MACs\n      poly1305_auth(POLY1305_RESULT_MALLOC,\n                    this._lenBuf,\n                    4,\n                    this._packet,\n                    this._packet.length,\n                    polyKey);\n\n      this._calcMac.set(\n        new Uint8Array(POLY1305_WASM_MODULE.HEAPU8.buffer,\n                       POLY1305_RESULT_MALLOC,\n                       16),\n        0\n      );\n      if (!timingSafeEqual(this._calcMac, this._mac))\n        throw new Error('Invalid MAC');\n\n      // Decrypt packet\n      POLY1305_OUT_COMPUTE[0] = 1; // Set counter to 1 (little endian)\n      const packet =\n        createDecipheriv('chacha20', this._decKeyMain, POLY1305_OUT_COMPUTE)\n        .update(this._packet);\n\n      const payload = new FastBuffer(packet.buffer,\n                                     packet.byteOffset + 1,\n                                     packet.length - packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._len = 0;\n      this._lenPos = 0;\n      this._packet = null;\n      this._pktLen = 0;\n      this._macPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass ChaChaPolyDecipherBinding {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._instance = new ChaChaPolyDecipher(dec.decipherKey);\n    this._len = 0;\n    this._lenBuf = Buffer.alloc(4);\n    this._lenPos = 0;\n    this._packet = null;\n    this._pktLen = 0;\n    this._mac = Buffer.allocUnsafe(16);\n    this._macPos = 0;\n  }\n  free() {\n    this._instance.free();\n  }\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read packet length\n      if (this._lenPos < 4) {\n        let nb = Math.min(4 - this._lenPos, dataLen - p);\n        while (nb--)\n          this._lenBuf[this._lenPos++] = data[p++];\n        if (this._lenPos < 4)\n          return;\n\n        this._len = this._instance.decryptLen(this._lenBuf, this.inSeqno);\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 8\n            || (this._len & 7) !== 0) {\n          throw new Error('Bad packet length');\n        }\n\n        if (p >= dataLen)\n          return;\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (nb === this._len) {\n          this._packet = encrypted;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(encrypted, this._pktLen);\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read Poly1305 MAC\n      {\n        const nb = Math.min(16 - this._macPos, dataLen - p);\n        // TODO: avoid copying if entire MAC is in current chunk\n        if (p !== 0 || nb !== dataLen) {\n          this._mac.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._macPos\n          );\n        } else {\n          this._mac.set(data, this._macPos);\n        }\n        p += nb;\n        this._macPos += nb;\n        if (this._macPos < 16)\n          return;\n      }\n\n      this._instance.decrypt(this._packet, this._mac, this.inSeqno);\n\n      const payload = new FastBuffer(this._packet.buffer,\n                                     this._packet.byteOffset + 1,\n                                     this._packet.length - this._packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._len = 0;\n      this._lenPos = 0;\n      this._packet = null;\n      this._pktLen = 0;\n      this._macPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass AESGCMDecipherNative {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._decipherInstance = null;\n    this._decipherSSLName = dec.decipherInfo.sslName;\n    this._decipherKey = dec.decipherKey;\n    this._decipherIV = dec.decipherIV;\n    this._len = 0;\n    this._lenBytes = 0;\n    this._packet = null;\n    this._packetPos = 0;\n    this._pktLen = 0;\n    this._tag = Buffer.allocUnsafe(16);\n    this._tagPos = 0;\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read packet length (unencrypted, but AAD)\n      if (this._lenBytes < 4) {\n        let nb = Math.min(4 - this._lenBytes, dataLen - p);\n        this._lenBytes += nb;\n        while (nb--)\n          this._len = (this._len << 8) + data[p++];\n        if (this._lenBytes < 4)\n          return;\n\n        if ((this._len + 20) > MAX_PACKET_SIZE\n            || this._len < 16\n            || (this._len & 15) !== 0) {\n          throw new Error('Bad packet length');\n        }\n\n        this._decipherInstance = createDecipheriv(\n          this._decipherSSLName,\n          this._decipherKey,\n          this._decipherIV\n        );\n        this._decipherInstance.setAutoPadding(false);\n        this._decipherInstance.setAAD(intToBytes(this._len));\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        if (p >= dataLen)\n          return;\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let decrypted;\n        if (p !== 0 || nb !== dataLen) {\n          decrypted = this._decipherInstance.update(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb)\n          );\n        } else {\n          decrypted = this._decipherInstance.update(data);\n        }\n        if (decrypted.length) {\n          if (nb === this._len) {\n            this._packet = decrypted;\n          } else {\n            if (!this._packet)\n              this._packet = Buffer.allocUnsafe(this._len);\n            this._packet.set(decrypted, this._packetPos);\n          }\n          this._packetPos += decrypted.length;\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read authentication tag\n      {\n        const nb = Math.min(16 - this._tagPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen) {\n          this._tag.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._tagPos\n          );\n        } else {\n          this._tag.set(data, this._tagPos);\n        }\n        p += nb;\n        this._tagPos += nb;\n        if (this._tagPos < 16)\n          return;\n      }\n\n      {\n        // Verify authentication tag\n        this._decipherInstance.setAuthTag(this._tag);\n\n        const decrypted = this._decipherInstance.final();\n\n        // XXX: this should never output any data since stream ciphers always\n        // return data from .update() and block ciphers must end on a multiple\n        // of the block length, which would have caused an exception to be\n        // thrown if the total input was not...\n        if (decrypted.length) {\n          if (this._packet)\n            this._packet.set(decrypted, this._packetPos);\n          else\n            this._packet = decrypted;\n        }\n      }\n\n      const payload = (!this._packet\n                       ? EMPTY_BUFFER\n                       : new FastBuffer(this._packet.buffer,\n                                        this._packet.byteOffset + 1,\n                                        this._packet.length\n                                          - this._packet[0] - 1));\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      ivIncrement(this._decipherIV);\n      this._len = 0;\n      this._lenBytes = 0;\n      this._packet = null;\n      this._packetPos = 0;\n      this._pktLen = 0;\n      this._tagPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass AESGCMDecipherBinding {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._instance = new AESGCMDecipher(dec.decipherInfo.sslName,\n                                        dec.decipherKey,\n                                        dec.decipherIV);\n    this._len = 0;\n    this._lenBytes = 0;\n    this._packet = null;\n    this._pktLen = 0;\n    this._tag = Buffer.allocUnsafe(16);\n    this._tagPos = 0;\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read packet length (unencrypted, but AAD)\n      if (this._lenBytes < 4) {\n        let nb = Math.min(4 - this._lenBytes, dataLen - p);\n        this._lenBytes += nb;\n        while (nb--)\n          this._len = (this._len << 8) + data[p++];\n        if (this._lenBytes < 4)\n          return;\n\n        if ((this._len + 20) > MAX_PACKET_SIZE\n            || this._len < 16\n            || (this._len & 15) !== 0) {\n          throw new Error(`Bad packet length: ${this._len}`);\n        }\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        if (p >= dataLen)\n          return;\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (nb === this._len) {\n          this._packet = encrypted;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(encrypted, this._pktLen);\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read authentication tag\n      {\n        const nb = Math.min(16 - this._tagPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen) {\n          this._tag.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._tagPos\n          );\n        } else {\n          this._tag.set(data, this._tagPos);\n        }\n        p += nb;\n        this._tagPos += nb;\n        if (this._tagPos < 16)\n          return;\n      }\n\n      this._instance.decrypt(this._packet, this._len, this._tag);\n\n      const payload = new FastBuffer(this._packet.buffer,\n                                     this._packet.byteOffset + 1,\n                                     this._packet.length - this._packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._len = 0;\n      this._lenBytes = 0;\n      this._packet = null;\n      this._pktLen = 0;\n      this._tagPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\n// TODO: test incremental .update()s vs. copying to _packet and doing a single\n// .update() after entire packet read -- a single .update() would allow\n// verifying MAC before decrypting for ETM MACs\nclass GenericDecipherNative {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._decipherInstance = createDecipheriv(dec.decipherInfo.sslName,\n                                              dec.decipherKey,\n                                              dec.decipherIV);\n    this._decipherInstance.setAutoPadding(false);\n    this._block = Buffer.allocUnsafe(\n      dec.macInfo.isETM ? 4 : dec.decipherInfo.blockLen\n    );\n    this._blockSize = dec.decipherInfo.blockLen;\n    this._blockPos = 0;\n    this._len = 0;\n    this._packet = null;\n    this._packetPos = 0;\n    this._pktLen = 0;\n    this._mac = Buffer.allocUnsafe(dec.macInfo.actualLen);\n    this._macPos = 0;\n    this._macSSLName = dec.macInfo.sslName;\n    this._macKey = dec.macKey;\n    this._macActualLen = dec.macInfo.actualLen;\n    this._macETM = dec.macInfo.isETM;\n    this._macInstance = null;\n\n    const discardLen = dec.decipherInfo.discardLen;\n    if (discardLen) {\n      let discard = DISCARD_CACHE.get(discardLen);\n      if (discard === undefined) {\n        discard = Buffer.alloc(discardLen);\n        DISCARD_CACHE.set(discardLen, discard);\n      }\n      this._decipherInstance.update(discard);\n    }\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read first encrypted block\n      if (this._blockPos < this._block.length) {\n        const nb = Math.min(this._block.length - this._blockPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen || nb < data.length) {\n          this._block.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._blockPos\n          );\n        } else {\n          this._block.set(data, this._blockPos);\n        }\n\n        p += nb;\n        this._blockPos += nb;\n        if (this._blockPos < this._block.length)\n          return;\n\n        let decrypted;\n        let need;\n        if (this._macETM) {\n          this._len = need = readUInt32BE(this._block, 0);\n        } else {\n          // Decrypt first block to get packet length\n          decrypted = this._decipherInstance.update(this._block);\n          this._len = readUInt32BE(decrypted, 0);\n          need = 4 + this._len - this._blockSize;\n        }\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 5\n            || (need & (this._blockSize - 1)) !== 0) {\n          throw new Error('Bad packet length');\n        }\n\n        // Create MAC up front to calculate in parallel with decryption\n        this._macInstance = createHmac(this._macSSLName, this._macKey);\n\n        writeUInt32BE(BUF_INT, this.inSeqno, 0);\n        this._macInstance.update(BUF_INT);\n        if (this._macETM) {\n          this._macInstance.update(this._block);\n        } else {\n          this._macInstance.update(new Uint8Array(decrypted.buffer,\n                                                  decrypted.byteOffset,\n                                                  4));\n          this._pktLen = decrypted.length - 4;\n          this._packetPos = this._pktLen;\n          this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(\n            new Uint8Array(decrypted.buffer,\n                           decrypted.byteOffset + 4,\n                           this._packetPos),\n            0\n          );\n        }\n\n        if (p >= dataLen)\n          return;\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (this._macETM)\n          this._macInstance.update(encrypted);\n        const decrypted = this._decipherInstance.update(encrypted);\n        if (decrypted.length) {\n          if (nb === this._len) {\n            this._packet = decrypted;\n          } else {\n            if (!this._packet)\n              this._packet = Buffer.allocUnsafe(this._len);\n            this._packet.set(decrypted, this._packetPos);\n          }\n          this._packetPos += decrypted.length;\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read MAC\n      {\n        const nb = Math.min(this._macActualLen - this._macPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen) {\n          this._mac.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._macPos\n          );\n        } else {\n          this._mac.set(data, this._macPos);\n        }\n        p += nb;\n        this._macPos += nb;\n        if (this._macPos < this._macActualLen)\n          return;\n      }\n\n      // Verify MAC\n      if (!this._macETM)\n        this._macInstance.update(this._packet);\n      let calculated = this._macInstance.digest();\n      if (this._macActualLen < calculated.length) {\n        calculated = new Uint8Array(calculated.buffer,\n                                    calculated.byteOffset,\n                                    this._macActualLen);\n      }\n      if (!timingSafeEquals(calculated, this._mac))\n        throw new Error('Invalid MAC');\n\n      const payload = new FastBuffer(this._packet.buffer,\n                                     this._packet.byteOffset + 1,\n                                     this._packet.length - this._packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._blockPos = 0;\n      this._len = 0;\n      this._packet = null;\n      this._packetPos = 0;\n      this._pktLen = 0;\n      this._macPos = 0;\n      this._macInstance = null;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass GenericDecipherBinding {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._instance = new GenericDecipher(dec.decipherInfo.sslName,\n                                         dec.decipherKey,\n                                         dec.decipherIV,\n                                         dec.macInfo.sslName,\n                                         dec.macKey,\n                                         dec.macInfo.isETM,\n                                         dec.macInfo.actualLen);\n    this._block = Buffer.allocUnsafe(\n      dec.macInfo.isETM || dec.decipherInfo.stream\n      ? 4\n      : dec.decipherInfo.blockLen\n    );\n    this._blockPos = 0;\n    this._len = 0;\n    this._packet = null;\n    this._pktLen = 0;\n    this._mac = Buffer.allocUnsafe(dec.macInfo.actualLen);\n    this._macPos = 0;\n    this._macActualLen = dec.macInfo.actualLen;\n    this._macETM = dec.macInfo.isETM;\n  }\n  free() {\n    this._instance.free();\n  }\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read first encrypted block\n      if (this._blockPos < this._block.length) {\n        const nb = Math.min(this._block.length - this._blockPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen || nb < data.length) {\n          this._block.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._blockPos\n          );\n        } else {\n          this._block.set(data, this._blockPos);\n        }\n\n        p += nb;\n        this._blockPos += nb;\n        if (this._blockPos < this._block.length)\n          return;\n\n        let need;\n        if (this._macETM) {\n          this._len = need = readUInt32BE(this._block, 0);\n        } else {\n          // Decrypt first block to get packet length\n          this._instance.decryptBlock(this._block);\n          this._len = readUInt32BE(this._block, 0);\n          need = 4 + this._len - this._block.length;\n        }\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 5\n            || (need & (this._block.length - 1)) !== 0) {\n          throw new Error('Bad packet length');\n        }\n\n        if (!this._macETM) {\n          this._pktLen = (this._block.length - 4);\n          if (this._pktLen) {\n            this._packet = Buffer.allocUnsafe(this._len);\n            this._packet.set(\n              new Uint8Array(this._block.buffer,\n                             this._block.byteOffset + 4,\n                             this._pktLen),\n              0\n            );\n          }\n        }\n\n        if (p >= dataLen)\n          return;\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (nb === this._len) {\n          this._packet = encrypted;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(encrypted, this._pktLen);\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read MAC\n      {\n        const nb = Math.min(this._macActualLen - this._macPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen) {\n          this._mac.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._macPos\n          );\n        } else {\n          this._mac.set(data, this._macPos);\n        }\n        p += nb;\n        this._macPos += nb;\n        if (this._macPos < this._macActualLen)\n          return;\n      }\n\n      // Decrypt and verify MAC\n      this._instance.decrypt(this._packet,\n                             this.inSeqno,\n                             this._block,\n                             this._mac);\n\n      const payload = new FastBuffer(this._packet.buffer,\n                                     this._packet.byteOffset + 1,\n                                     this._packet.length - this._packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._blockPos = 0;\n      this._len = 0;\n      this._packet = null;\n      this._pktLen = 0;\n      this._macPos = 0;\n      this._macInstance = null;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\n// Increments unsigned, big endian counter (last 8 bytes) of AES-GCM IV\nfunction ivIncrement(iv) {\n  // eslint-disable-next-line no-unused-expressions\n  ++iv[11] >>> 8\n  && ++iv[10] >>> 8\n  && ++iv[9] >>> 8\n  && ++iv[8] >>> 8\n  && ++iv[7] >>> 8\n  && ++iv[6] >>> 8\n  && ++iv[5] >>> 8\n  && ++iv[4] >>> 8;\n}\n\nconst intToBytes = (() => {\n  const ret = Buffer.alloc(4);\n  return (n) => {\n    ret[0] = (n >>> 24);\n    ret[1] = (n >>> 16);\n    ret[2] = (n >>> 8);\n    ret[3] = n;\n    return ret;\n  };\n})();\n\nfunction timingSafeEquals(a, b) {\n  if (a.length !== b.length) {\n    timingSafeEqual(a, a);\n    return false;\n  }\n  return timingSafeEqual(a, b);\n}\n\nfunction createCipher(config) {\n  if (typeof config !== 'object' || config === null)\n    throw new Error('Invalid config');\n\n  if (typeof config.outbound !== 'object' || config.outbound === null)\n    throw new Error('Invalid outbound');\n\n  const outbound = config.outbound;\n\n  if (typeof outbound.onWrite !== 'function')\n    throw new Error('Invalid outbound.onWrite');\n\n  if (typeof outbound.cipherInfo !== 'object' || outbound.cipherInfo === null)\n    throw new Error('Invalid outbound.cipherInfo');\n\n  if (!Buffer.isBuffer(outbound.cipherKey)\n      || outbound.cipherKey.length !== outbound.cipherInfo.keyLen) {\n    throw new Error('Invalid outbound.cipherKey');\n  }\n\n  if (outbound.cipherInfo.ivLen\n      && (!Buffer.isBuffer(outbound.cipherIV)\n          || outbound.cipherIV.length !== outbound.cipherInfo.ivLen)) {\n    throw new Error('Invalid outbound.cipherIV');\n  }\n\n  if (typeof outbound.seqno !== 'number'\n      || outbound.seqno < 0\n      || outbound.seqno > MAX_SEQNO) {\n    throw new Error('Invalid outbound.seqno');\n  }\n\n  const forceNative = !!outbound.forceNative;\n\n  switch (outbound.cipherInfo.sslName) {\n    case 'aes-128-gcm':\n    case 'aes-256-gcm':\n      return (AESGCMCipher && !forceNative\n              ? new AESGCMCipherBinding(config)\n              : new AESGCMCipherNative(config));\n    case 'chacha20':\n      return (ChaChaPolyCipher && !forceNative\n              ? new ChaChaPolyCipherBinding(config)\n              : new ChaChaPolyCipherNative(config));\n    default: {\n      if (typeof outbound.macInfo !== 'object' || outbound.macInfo === null)\n        throw new Error('Invalid outbound.macInfo');\n      if (!Buffer.isBuffer(outbound.macKey)\n          || outbound.macKey.length !== outbound.macInfo.len) {\n        throw new Error('Invalid outbound.macKey');\n      }\n      return (GenericCipher && !forceNative\n              ? new GenericCipherBinding(config)\n              : new GenericCipherNative(config));\n    }\n  }\n}\n\nfunction createDecipher(config) {\n  if (typeof config !== 'object' || config === null)\n    throw new Error('Invalid config');\n\n  if (typeof config.inbound !== 'object' || config.inbound === null)\n    throw new Error('Invalid inbound');\n\n  const inbound = config.inbound;\n\n  if (typeof inbound.onPayload !== 'function')\n    throw new Error('Invalid inbound.onPayload');\n\n  if (typeof inbound.decipherInfo !== 'object'\n      || inbound.decipherInfo === null) {\n    throw new Error('Invalid inbound.decipherInfo');\n  }\n\n  if (!Buffer.isBuffer(inbound.decipherKey)\n      || inbound.decipherKey.length !== inbound.decipherInfo.keyLen) {\n    throw new Error('Invalid inbound.decipherKey');\n  }\n\n  if (inbound.decipherInfo.ivLen\n      && (!Buffer.isBuffer(inbound.decipherIV)\n          || inbound.decipherIV.length !== inbound.decipherInfo.ivLen)) {\n    throw new Error('Invalid inbound.decipherIV');\n  }\n\n  if (typeof inbound.seqno !== 'number'\n      || inbound.seqno < 0\n      || inbound.seqno > MAX_SEQNO) {\n    throw new Error('Invalid inbound.seqno');\n  }\n\n  const forceNative = !!inbound.forceNative;\n\n  switch (inbound.decipherInfo.sslName) {\n    case 'aes-128-gcm':\n    case 'aes-256-gcm':\n      return (AESGCMDecipher && !forceNative\n              ? new AESGCMDecipherBinding(config)\n              : new AESGCMDecipherNative(config));\n    case 'chacha20':\n      return (ChaChaPolyDecipher && !forceNative\n              ? new ChaChaPolyDecipherBinding(config)\n              : new ChaChaPolyDecipherNative(config));\n    default: {\n      if (typeof inbound.macInfo !== 'object' || inbound.macInfo === null)\n        throw new Error('Invalid inbound.macInfo');\n      if (!Buffer.isBuffer(inbound.macKey)\n          || inbound.macKey.length !== inbound.macInfo.len) {\n        throw new Error('Invalid inbound.macKey');\n      }\n      return (GenericDecipher && !forceNative\n              ? new GenericDecipherBinding(config)\n              : new GenericDecipherNative(config));\n    }\n  }\n}\n\nmodule.exports = {\n  CIPHER_INFO,\n  MAC_INFO,\n  bindingAvailable: !!binding,\n  init: (() => {\n    // eslint-disable-next-line no-async-promise-executor\n    return new Promise(async (resolve, reject) => {\n      try {\n        POLY1305_WASM_MODULE = await require('./crypto/poly1305.js')();\n        POLY1305_RESULT_MALLOC = POLY1305_WASM_MODULE._malloc(16);\n        poly1305_auth = POLY1305_WASM_MODULE.cwrap(\n          'poly1305_auth',\n          null,\n          ['number', 'array', 'number', 'array', 'number', 'array']\n        );\n      } catch (ex) {\n        return reject(ex);\n      }\n      resolve();\n    });\n  })(),\n\n  NullCipher,\n  createCipher,\n  NullDecipher,\n  createDecipher,\n};\n","\nvar createPoly1305 = (function() {\n  var _scriptDir = typeof document !== 'undefined' && document.currentScript ? document.currentScript.src : undefined;\n  if (typeof __filename !== 'undefined') _scriptDir = _scriptDir || __filename;\n  return (\nfunction(createPoly1305) {\n  createPoly1305 = createPoly1305 || {};\n\n\nvar b;b||(b=typeof createPoly1305 !== 'undefined' ? createPoly1305 : {});var q,r;b.ready=new Promise(function(a,c){q=a;r=c});var u={},w;for(w in b)b.hasOwnProperty(w)&&(u[w]=b[w]);var x=\"object\"===typeof window,y=\"function\"===typeof importScripts,z=\"object\"===typeof process&&\"object\"===typeof process.versions&&\"string\"===typeof process.versions.node,B=\"\",C,D,E,F,G;\nif(z)B=y?require(\"path\").dirname(B)+\"/\":__dirname+\"/\",C=function(a,c){var d=H(a);if(d)return c?d:d.toString();F||(F=require(\"fs\"));G||(G=require(\"path\"));a=G.normalize(a);return F.readFileSync(a,c?null:\"utf8\")},E=function(a){a=C(a,!0);a.buffer||(a=new Uint8Array(a));assert(a.buffer);return a},D=function(a,c,d){var e=H(a);e&&c(e);F||(F=require(\"fs\"));G||(G=require(\"path\"));a=G.normalize(a);F.readFile(a,function(f,l){f?d(f):c(l.buffer)})},1<process.argv.length&&process.argv[1].replace(/\\\\/g,\"/\"),process.argv.slice(2),\nb.inspect=function(){return\"[Emscripten Module object]\"};else if(x||y)y?B=self.location.href:\"undefined\"!==typeof document&&document.currentScript&&(B=document.currentScript.src),_scriptDir&&(B=_scriptDir),0!==B.indexOf(\"blob:\")?B=B.substr(0,B.lastIndexOf(\"/\")+1):B=\"\",C=function(a){try{var c=new XMLHttpRequest;c.open(\"GET\",a,!1);c.send(null);return c.responseText}catch(f){if(a=H(a)){c=[];for(var d=0;d<a.length;d++){var e=a[d];255<e&&(ba&&assert(!1,\"Character code \"+e+\" (\"+String.fromCharCode(e)+\")  at offset \"+\nd+\" not in 0x00-0xFF.\"),e&=255);c.push(String.fromCharCode(e))}return c.join(\"\")}throw f;}},y&&(E=function(a){try{var c=new XMLHttpRequest;c.open(\"GET\",a,!1);c.responseType=\"arraybuffer\";c.send(null);return new Uint8Array(c.response)}catch(d){if(a=H(a))return a;throw d;}}),D=function(a,c,d){var e=new XMLHttpRequest;e.open(\"GET\",a,!0);e.responseType=\"arraybuffer\";e.onload=function(){if(200==e.status||0==e.status&&e.response)c(e.response);else{var f=H(a);f?c(f.buffer):d()}};e.onerror=d;e.send(null)};\nb.print||console.log.bind(console);var I=b.printErr||console.warn.bind(console);for(w in u)u.hasOwnProperty(w)&&(b[w]=u[w]);u=null;var J;b.wasmBinary&&(J=b.wasmBinary);var noExitRuntime=b.noExitRuntime||!0;\"object\"!==typeof WebAssembly&&K(\"no native wasm support detected\");var L,M=!1;function assert(a,c){a||K(\"Assertion failed: \"+c)}function N(a){var c=b[\"_\"+a];assert(c,\"Cannot call unknown function \"+a+\", make sure it is exported\");return c}\nfunction ca(a,c,d,e){var f={string:function(g){var p=0;if(null!==g&&void 0!==g&&0!==g){var n=(g.length<<2)+1;p=O(n);var k=p,h=P;if(0<n){n=k+n-1;for(var v=0;v<g.length;++v){var m=g.charCodeAt(v);if(55296<=m&&57343>=m){var oa=g.charCodeAt(++v);m=65536+((m&1023)<<10)|oa&1023}if(127>=m){if(k>=n)break;h[k++]=m}else{if(2047>=m){if(k+1>=n)break;h[k++]=192|m>>6}else{if(65535>=m){if(k+2>=n)break;h[k++]=224|m>>12}else{if(k+3>=n)break;h[k++]=240|m>>18;h[k++]=128|m>>12&63}h[k++]=128|m>>6&63}h[k++]=128|m&63}}h[k]=\n0}}return p},array:function(g){var p=O(g.length);Q.set(g,p);return p}},l=N(a),A=[];a=0;if(e)for(var t=0;t<e.length;t++){var aa=f[d[t]];aa?(0===a&&(a=da()),A[t]=aa(e[t])):A[t]=e[t]}d=l.apply(null,A);d=function(g){if(\"string\"===c)if(g){for(var p=P,n=g+NaN,k=g;p[k]&&!(k>=n);)++k;if(16<k-g&&p.subarray&&ea)g=ea.decode(p.subarray(g,k));else{for(n=\"\";g<k;){var h=p[g++];if(h&128){var v=p[g++]&63;if(192==(h&224))n+=String.fromCharCode((h&31)<<6|v);else{var m=p[g++]&63;h=224==(h&240)?(h&15)<<12|v<<6|m:(h&7)<<\n18|v<<12|m<<6|p[g++]&63;65536>h?n+=String.fromCharCode(h):(h-=65536,n+=String.fromCharCode(55296|h>>10,56320|h&1023))}}else n+=String.fromCharCode(h)}g=n}}else g=\"\";else g=\"boolean\"===c?!!g:g;return g}(d);0!==a&&fa(a);return d}var ea=\"undefined\"!==typeof TextDecoder?new TextDecoder(\"utf8\"):void 0,ha,Q,P;\nfunction ia(){var a=L.buffer;ha=a;b.HEAP8=Q=new Int8Array(a);b.HEAP16=new Int16Array(a);b.HEAP32=new Int32Array(a);b.HEAPU8=P=new Uint8Array(a);b.HEAPU16=new Uint16Array(a);b.HEAPU32=new Uint32Array(a);b.HEAPF32=new Float32Array(a);b.HEAPF64=new Float64Array(a)}var R,ja=[],ka=[],la=[];function ma(){var a=b.preRun.shift();ja.unshift(a)}var S=0,T=null,U=null;b.preloadedImages={};b.preloadedAudios={};\nfunction K(a){if(b.onAbort)b.onAbort(a);I(a);M=!0;a=new WebAssembly.RuntimeError(\"abort(\"+a+\"). Build with -s ASSERTIONS=1 for more info.\");r(a);throw a;}var V=\"data:application/octet-stream;base64,\",W;W=\"data:application/octet-stream;base64,AGFzbQEAAAABIAZgAX8Bf2ADf39/AGABfwBgAABgAAF/YAZ/f39/f38AAgcBAWEBYQAAAwsKAAEDAQAAAgQFAgQFAXABAQEFBwEBgAKAgAIGCQF/AUGAjMACCwclCQFiAgABYwADAWQACQFlAAgBZgAHAWcABgFoAAUBaQAKAWoBAAqGTQpPAQJ/QYAIKAIAIgEgAEEDakF8cSICaiEAAkAgAkEAIAAgAU0bDQAgAD8AQRB0SwRAIAAQAEUNAQtBgAggADYCACABDwtBhAhBMDYCAEF/C4wFAg5+Cn8gACgCJCEUIAAoAiAhFSAAKAIcIREgACgCGCESIAAoAhQhEyACQRBPBEAgAC0ATEVBGHQhFyAAKAIEIhZBBWytIQ8gACgCCCIYQQVsrSENIAAoAgwiGUEFbK0hCyAAKAIQIhpBBWytIQkgADUCACEIIBqtIRAgGa0hDiAYrSEMIBatIQoDQCASIAEtAAMiEiABLQAEQQh0ciABLQAFQRB0ciABLQAGIhZBGHRyQQJ2Qf///x9xaq0iAyAOfiABLwAAIAEtAAJBEHRyIBNqIBJBGHRBgICAGHFqrSIEIBB+fCARIAEtAAdBCHQgFnIgAS0ACEEQdHIgAS0ACSIRQRh0ckEEdkH///8fcWqtIgUgDH58IAEtAApBCHQgEXIgAS0AC0EQdHIgAS0ADEEYdHJBBnYgFWqtIgYgCn58IBQgF2ogAS8ADSABLQAPQRB0cmqtIgcgCH58IAMgDH4gBCAOfnwgBSAKfnwgBiAIfnwgByAJfnwgAyAKfiAEIAx+fCAFIAh+fCAGIAl+fCAHIAt+fCADIAh+IAQgCn58IAUgCX58IAYgC358IAcgDX58IAMgCX4gBCAIfnwgBSALfnwgBiANfnwgByAPfnwiA0IaiEL/////D4N8IgRCGohC/////w+DfCIFQhqIQv////8Pg3wiBkIaiEL/////D4N8IgdCGoinQQVsIAOnQf///x9xaiITQRp2IASnQf///x9xaiESIAWnQf///x9xIREgBqdB////H3EhFSAHp0H///8fcSEUIBNB////H3EhEyABQRBqIQEgAkEQayICQQ9LDQALCyAAIBQ2AiQgACAVNgIgIAAgETYCHCAAIBI2AhggACATNgIUCwMAAQu2BAEGfwJAIAAoAjgiBARAIABBPGohBQJAIAJBECAEayIDIAIgA0kbIgZFDQAgBkEDcSEHAkAgBkEBa0EDSQRAQQAhAwwBCyAGQXxxIQhBACEDA0AgBSADIARqaiABIANqLQAAOgAAIAUgA0EBciIEIAAoAjhqaiABIARqLQAAOgAAIAUgA0ECciIEIAAoAjhqaiABIARqLQAAOgAAIAUgA0EDciIEIAAoAjhqaiABIARqLQAAOgAAIANBBGohAyAAKAI4IQQgCEEEayIIDQALCyAHRQ0AA0AgBSADIARqaiABIANqLQAAOgAAIANBAWohAyAAKAI4IQQgB0EBayIHDQALCyAAIAQgBmoiAzYCOCADQRBJDQEgACAFQRAQAiAAQQA2AjggAiAGayECIAEgBmohAQsgAkEQTwRAIAAgASACQXBxIgMQAiACQQ9xIQIgASADaiEBCyACRQ0AIAJBA3EhBCAAQTxqIQVBACEDIAJBAWtBA08EQCACQXxxIQcDQCAFIAAoAjggA2pqIAEgA2otAAA6AAAgBSADQQFyIgYgACgCOGpqIAEgBmotAAA6AAAgBSADQQJyIgYgACgCOGpqIAEgBmotAAA6AAAgBSADQQNyIgYgACgCOGpqIAEgBmotAAA6AAAgA0EEaiEDIAdBBGsiBw0ACwsgBARAA0AgBSAAKAI4IANqaiABIANqLQAAOgAAIANBAWohAyAEQQFrIgQNAAsLIAAgACgCOCACajYCOAsLoS0BDH8jAEEQayIMJAACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAEH0AU0EQEGICCgCACIFQRAgAEELakF4cSAAQQtJGyIIQQN2IgJ2IgFBA3EEQCABQX9zQQFxIAJqIgNBA3QiAUG4CGooAgAiBEEIaiEAAkAgBCgCCCICIAFBsAhqIgFGBEBBiAggBUF+IAN3cTYCAAwBCyACIAE2AgwgASACNgIICyAEIANBA3QiAUEDcjYCBCABIARqIgEgASgCBEEBcjYCBAwNCyAIQZAIKAIAIgpNDQEgAQRAAkBBAiACdCIAQQAgAGtyIAEgAnRxIgBBACAAa3FBAWsiACAAQQx2QRBxIgJ2IgFBBXZBCHEiACACciABIAB2IgFBAnZBBHEiAHIgASAAdiIBQQF2QQJxIgByIAEgAHYiAUEBdkEBcSIAciABIAB2aiIDQQN0IgBBuAhqKAIAIgQoAggiASAAQbAIaiIARgRAQYgIIAVBfiADd3EiBTYCAAwBCyABIAA2AgwgACABNgIICyAEQQhqIQAgBCAIQQNyNgIEIAQgCGoiAiADQQN0IgEgCGsiA0EBcjYCBCABIARqIAM2AgAgCgRAIApBA3YiAUEDdEGwCGohB0GcCCgCACEEAn8gBUEBIAF0IgFxRQRAQYgIIAEgBXI2AgAgBwwBCyAHKAIICyEBIAcgBDYCCCABIAQ2AgwgBCAHNgIMIAQgATYCCAtBnAggAjYCAEGQCCADNgIADA0LQYwIKAIAIgZFDQEgBkEAIAZrcUEBayIAIABBDHZBEHEiAnYiAUEFdkEIcSIAIAJyIAEgAHYiAUECdkEEcSIAciABIAB2IgFBAXZBAnEiAHIgASAAdiIBQQF2QQFxIgByIAEgAHZqQQJ0QbgKaigCACIBKAIEQXhxIAhrIQMgASECA0ACQCACKAIQIgBFBEAgAigCFCIARQ0BCyAAKAIEQXhxIAhrIgIgAyACIANJIgIbIQMgACABIAIbIQEgACECDAELCyABIAhqIgkgAU0NAiABKAIYIQsgASABKAIMIgRHBEAgASgCCCIAQZgIKAIASRogACAENgIMIAQgADYCCAwMCyABQRRqIgIoAgAiAEUEQCABKAIQIgBFDQQgAUEQaiECCwNAIAIhByAAIgRBFGoiAigCACIADQAgBEEQaiECIAQoAhAiAA0ACyAHQQA2AgAMCwtBfyEIIABBv39LDQAgAEELaiIAQXhxIQhBjAgoAgAiCUUNAEEAIAhrIQMCQAJAAkACf0EAIAhBgAJJDQAaQR8gCEH///8HSw0AGiAAQQh2IgAgAEGA/j9qQRB2QQhxIgJ0IgAgAEGA4B9qQRB2QQRxIgF0IgAgAEGAgA9qQRB2QQJxIgB0QQ92IAEgAnIgAHJrIgBBAXQgCCAAQRVqdkEBcXJBHGoLIgVBAnRBuApqKAIAIgJFBEBBACEADAELQQAhACAIQQBBGSAFQQF2ayAFQR9GG3QhAQNAAkAgAigCBEF4cSAIayIHIANPDQAgAiEEIAciAw0AQQAhAyACIQAMAwsgACACKAIUIgcgByACIAFBHXZBBHFqKAIQIgJGGyAAIAcbIQAgAUEBdCEBIAINAAsLIAAgBHJFBEBBACEEQQIgBXQiAEEAIABrciAJcSIARQ0DIABBACAAa3FBAWsiACAAQQx2QRBxIgJ2IgFBBXZBCHEiACACciABIAB2IgFBAnZBBHEiAHIgASAAdiIBQQF2QQJxIgByIAEgAHYiAUEBdkEBcSIAciABIAB2akECdEG4CmooAgAhAAsgAEUNAQsDQCAAKAIEQXhxIAhrIgEgA0khAiABIAMgAhshAyAAIAQgAhshBCAAKAIQIgEEfyABBSAAKAIUCyIADQALCyAERQ0AIANBkAgoAgAgCGtPDQAgBCAIaiIGIARNDQEgBCgCGCEFIAQgBCgCDCIBRwRAIAQoAggiAEGYCCgCAEkaIAAgATYCDCABIAA2AggMCgsgBEEUaiICKAIAIgBFBEAgBCgCECIARQ0EIARBEGohAgsDQCACIQcgACIBQRRqIgIoAgAiAA0AIAFBEGohAiABKAIQIgANAAsgB0EANgIADAkLIAhBkAgoAgAiAk0EQEGcCCgCACEDAkAgAiAIayIBQRBPBEBBkAggATYCAEGcCCADIAhqIgA2AgAgACABQQFyNgIEIAIgA2ogATYCACADIAhBA3I2AgQMAQtBnAhBADYCAEGQCEEANgIAIAMgAkEDcjYCBCACIANqIgAgACgCBEEBcjYCBAsgA0EIaiEADAsLIAhBlAgoAgAiBkkEQEGUCCAGIAhrIgE2AgBBoAhBoAgoAgAiAiAIaiIANgIAIAAgAUEBcjYCBCACIAhBA3I2AgQgAkEIaiEADAsLQQAhACAIQS9qIgkCf0HgCygCAARAQegLKAIADAELQewLQn83AgBB5AtCgKCAgICABDcCAEHgCyAMQQxqQXBxQdiq1aoFczYCAEH0C0EANgIAQcQLQQA2AgBBgCALIgFqIgVBACABayIHcSICIAhNDQpBwAsoAgAiBARAQbgLKAIAIgMgAmoiASADTQ0LIAEgBEsNCwtBxAstAABBBHENBQJAAkBBoAgoAgAiAwRAQcgLIQADQCADIAAoAgAiAU8EQCABIAAoAgRqIANLDQMLIAAoAggiAA0ACwtBABABIgFBf0YNBiACIQVB5AsoAgAiA0EBayIAIAFxBEAgAiABayAAIAFqQQAgA2txaiEFCyAFIAhNDQYgBUH+////B0sNBkHACygCACIEBEBBuAsoAgAiAyAFaiIAIANNDQcgACAESw0HCyAFEAEiACABRw0BDAgLIAUgBmsgB3EiBUH+////B0sNBSAFEAEiASAAKAIAIAAoAgRqRg0EIAEhAAsCQCAAQX9GDQAgCEEwaiAFTQ0AQegLKAIAIgEgCSAFa2pBACABa3EiAUH+////B0sEQCAAIQEMCAsgARABQX9HBEAgASAFaiEFIAAhAQwIC0EAIAVrEAEaDAULIAAiAUF/Rw0GDAQLAAtBACEEDAcLQQAhAQwFCyABQX9HDQILQcQLQcQLKAIAQQRyNgIACyACQf7///8HSw0BIAIQASEBQQAQASEAIAFBf0YNASAAQX9GDQEgACABTQ0BIAAgAWsiBSAIQShqTQ0BC0G4C0G4CygCACAFaiIANgIAQbwLKAIAIABJBEBBvAsgADYCAAsCQAJAAkBBoAgoAgAiBwRAQcgLIQADQCABIAAoAgAiAyAAKAIEIgJqRg0CIAAoAggiAA0ACwwCC0GYCCgCACIAQQAgACABTRtFBEBBmAggATYCAAtBACEAQcwLIAU2AgBByAsgATYCAEGoCEF/NgIAQawIQeALKAIANgIAQdQLQQA2AgADQCAAQQN0IgNBuAhqIANBsAhqIgI2AgAgA0G8CGogAjYCACAAQQFqIgBBIEcNAAtBlAggBUEoayIDQXggAWtBB3FBACABQQhqQQdxGyIAayICNgIAQaAIIAAgAWoiADYCACAAIAJBAXI2AgQgASADakEoNgIEQaQIQfALKAIANgIADAILIAAtAAxBCHENACADIAdLDQAgASAHTQ0AIAAgAiAFajYCBEGgCCAHQXggB2tBB3FBACAHQQhqQQdxGyIAaiICNgIAQZQIQZQIKAIAIAVqIgEgAGsiADYCACACIABBAXI2AgQgASAHakEoNgIEQaQIQfALKAIANgIADAELQZgIKAIAIAFLBEBBmAggATYCAAsgASAFaiECQcgLIQACQAJAAkACQAJAAkADQCACIAAoAgBHBEAgACgCCCIADQEMAgsLIAAtAAxBCHFFDQELQcgLIQADQCAHIAAoAgAiAk8EQCACIAAoAgRqIgQgB0sNAwsgACgCCCEADAALAAsgACABNgIAIAAgACgCBCAFajYCBCABQXggAWtBB3FBACABQQhqQQdxG2oiCSAIQQNyNgIEIAJBeCACa0EHcUEAIAJBCGpBB3EbaiIFIAggCWoiBmshAiAFIAdGBEBBoAggBjYCAEGUCEGUCCgCACACaiIANgIAIAYgAEEBcjYCBAwDCyAFQZwIKAIARgRAQZwIIAY2AgBBkAhBkAgoAgAgAmoiADYCACAGIABBAXI2AgQgACAGaiAANgIADAMLIAUoAgQiAEEDcUEBRgRAIABBeHEhBwJAIABB/wFNBEAgBSgCCCIDIABBA3YiAEEDdEGwCGpGGiADIAUoAgwiAUYEQEGICEGICCgCAEF+IAB3cTYCAAwCCyADIAE2AgwgASADNgIIDAELIAUoAhghCAJAIAUgBSgCDCIBRwRAIAUoAggiACABNgIMIAEgADYCCAwBCwJAIAVBFGoiACgCACIDDQAgBUEQaiIAKAIAIgMNAEEAIQEMAQsDQCAAIQQgAyIBQRRqIgAoAgAiAw0AIAFBEGohACABKAIQIgMNAAsgBEEANgIACyAIRQ0AAkAgBSAFKAIcIgNBAnRBuApqIgAoAgBGBEAgACABNgIAIAENAUGMCEGMCCgCAEF+IAN3cTYCAAwCCyAIQRBBFCAIKAIQIAVGG2ogATYCACABRQ0BCyABIAg2AhggBSgCECIABEAgASAANgIQIAAgATYCGAsgBSgCFCIARQ0AIAEgADYCFCAAIAE2AhgLIAUgB2ohBSACIAdqIQILIAUgBSgCBEF+cTYCBCAGIAJBAXI2AgQgAiAGaiACNgIAIAJB/wFNBEAgAkEDdiIAQQN0QbAIaiECAn9BiAgoAgAiAUEBIAB0IgBxRQRAQYgIIAAgAXI2AgAgAgwBCyACKAIICyEAIAIgBjYCCCAAIAY2AgwgBiACNgIMIAYgADYCCAwDC0EfIQAgAkH///8HTQRAIAJBCHYiACAAQYD+P2pBEHZBCHEiA3QiACAAQYDgH2pBEHZBBHEiAXQiACAAQYCAD2pBEHZBAnEiAHRBD3YgASADciAAcmsiAEEBdCACIABBFWp2QQFxckEcaiEACyAGIAA2AhwgBkIANwIQIABBAnRBuApqIQQCQEGMCCgCACIDQQEgAHQiAXFFBEBBjAggASADcjYCACAEIAY2AgAgBiAENgIYDAELIAJBAEEZIABBAXZrIABBH0YbdCEAIAQoAgAhAQNAIAEiAygCBEF4cSACRg0DIABBHXYhASAAQQF0IQAgAyABQQRxaiIEKAIQIgENAAsgBCAGNgIQIAYgAzYCGAsgBiAGNgIMIAYgBjYCCAwCC0GUCCAFQShrIgNBeCABa0EHcUEAIAFBCGpBB3EbIgBrIgI2AgBBoAggACABaiIANgIAIAAgAkEBcjYCBCABIANqQSg2AgRBpAhB8AsoAgA2AgAgByAEQScgBGtBB3FBACAEQSdrQQdxG2pBL2siACAAIAdBEGpJGyICQRs2AgQgAkHQCykCADcCECACQcgLKQIANwIIQdALIAJBCGo2AgBBzAsgBTYCAEHICyABNgIAQdQLQQA2AgAgAkEYaiEAA0AgAEEHNgIEIABBCGohASAAQQRqIQAgASAESQ0ACyACIAdGDQMgAiACKAIEQX5xNgIEIAcgAiAHayIEQQFyNgIEIAIgBDYCACAEQf8BTQRAIARBA3YiAEEDdEGwCGohAgJ/QYgIKAIAIgFBASAAdCIAcUUEQEGICCAAIAFyNgIAIAIMAQsgAigCCAshACACIAc2AgggACAHNgIMIAcgAjYCDCAHIAA2AggMBAtBHyEAIAdCADcCECAEQf///wdNBEAgBEEIdiIAIABBgP4/akEQdkEIcSICdCIAIABBgOAfakEQdkEEcSIBdCIAIABBgIAPakEQdkECcSIAdEEPdiABIAJyIAByayIAQQF0IAQgAEEVanZBAXFyQRxqIQALIAcgADYCHCAAQQJ0QbgKaiEDAkBBjAgoAgAiAkEBIAB0IgFxRQRAQYwIIAEgAnI2AgAgAyAHNgIAIAcgAzYCGAwBCyAEQQBBGSAAQQF2ayAAQR9GG3QhACADKAIAIQEDQCABIgIoAgRBeHEgBEYNBCAAQR12IQEgAEEBdCEAIAIgAUEEcWoiAygCECIBDQALIAMgBzYCECAHIAI2AhgLIAcgBzYCDCAHIAc2AggMAwsgAygCCCIAIAY2AgwgAyAGNgIIIAZBADYCGCAGIAM2AgwgBiAANgIICyAJQQhqIQAMBQsgAigCCCIAIAc2AgwgAiAHNgIIIAdBADYCGCAHIAI2AgwgByAANgIIC0GUCCgCACIAIAhNDQBBlAggACAIayIBNgIAQaAIQaAIKAIAIgIgCGoiADYCACAAIAFBAXI2AgQgAiAIQQNyNgIEIAJBCGohAAwDC0GECEEwNgIAQQAhAAwCCwJAIAVFDQACQCAEKAIcIgJBAnRBuApqIgAoAgAgBEYEQCAAIAE2AgAgAQ0BQYwIIAlBfiACd3EiCTYCAAwCCyAFQRBBFCAFKAIQIARGG2ogATYCACABRQ0BCyABIAU2AhggBCgCECIABEAgASAANgIQIAAgATYCGAsgBCgCFCIARQ0AIAEgADYCFCAAIAE2AhgLAkAgA0EPTQRAIAQgAyAIaiIAQQNyNgIEIAAgBGoiACAAKAIEQQFyNgIEDAELIAQgCEEDcjYCBCAGIANBAXI2AgQgAyAGaiADNgIAIANB/wFNBEAgA0EDdiIAQQN0QbAIaiECAn9BiAgoAgAiAUEBIAB0IgBxRQRAQYgIIAAgAXI2AgAgAgwBCyACKAIICyEAIAIgBjYCCCAAIAY2AgwgBiACNgIMIAYgADYCCAwBC0EfIQAgA0H///8HTQRAIANBCHYiACAAQYD+P2pBEHZBCHEiAnQiACAAQYDgH2pBEHZBBHEiAXQiACAAQYCAD2pBEHZBAnEiAHRBD3YgASACciAAcmsiAEEBdCADIABBFWp2QQFxckEcaiEACyAGIAA2AhwgBkIANwIQIABBAnRBuApqIQICQAJAIAlBASAAdCIBcUUEQEGMCCABIAlyNgIAIAIgBjYCACAGIAI2AhgMAQsgA0EAQRkgAEEBdmsgAEEfRht0IQAgAigCACEIA0AgCCIBKAIEQXhxIANGDQIgAEEddiECIABBAXQhACABIAJBBHFqIgIoAhAiCA0ACyACIAY2AhAgBiABNgIYCyAGIAY2AgwgBiAGNgIIDAELIAEoAggiACAGNgIMIAEgBjYCCCAGQQA2AhggBiABNgIMIAYgADYCCAsgBEEIaiEADAELAkAgC0UNAAJAIAEoAhwiAkECdEG4CmoiACgCACABRgRAIAAgBDYCACAEDQFBjAggBkF+IAJ3cTYCAAwCCyALQRBBFCALKAIQIAFGG2ogBDYCACAERQ0BCyAEIAs2AhggASgCECIABEAgBCAANgIQIAAgBDYCGAsgASgCFCIARQ0AIAQgADYCFCAAIAQ2AhgLAkAgA0EPTQRAIAEgAyAIaiIAQQNyNgIEIAAgAWoiACAAKAIEQQFyNgIEDAELIAEgCEEDcjYCBCAJIANBAXI2AgQgAyAJaiADNgIAIAoEQCAKQQN2IgBBA3RBsAhqIQRBnAgoAgAhAgJ/QQEgAHQiACAFcUUEQEGICCAAIAVyNgIAIAQMAQsgBCgCCAshACAEIAI2AgggACACNgIMIAIgBDYCDCACIAA2AggLQZwIIAk2AgBBkAggAzYCAAsgAUEIaiEACyAMQRBqJAAgAAsQACMAIABrQXBxIgAkACAACwYAIAAkAAsEACMAC4AJAgh/BH4jAEGQAWsiBiQAIAYgBS0AA0EYdEGAgIAYcSAFLwAAIAUtAAJBEHRycjYCACAGIAUoAANBAnZBg/7/H3E2AgQgBiAFKAAGQQR2Qf+B/x9xNgIIIAYgBSgACUEGdkH//8AfcTYCDCAFLwANIQggBS0ADyEJIAZCADcCFCAGQgA3AhwgBkEANgIkIAYgCCAJQRB0QYCAPHFyNgIQIAYgBSgAEDYCKCAGIAUoABQ2AiwgBiAFKAAYNgIwIAUoABwhBSAGQQA6AEwgBkEANgI4IAYgBTYCNCAGIAEgAhAEIAQEQCAGIAMgBBAECyAGKAI4IgEEQCAGQTxqIgIgAWpBAToAACABQQFqQQ9NBEAgASAGakE9aiEEAkBBDyABayIDRQ0AIAMgBGoiAUEBa0EAOgAAIARBADoAACADQQNJDQAgAUECa0EAOgAAIARBADoAASABQQNrQQA6AAAgBEEAOgACIANBB0kNACABQQRrQQA6AAAgBEEAOgADIANBCUkNACAEQQAgBGtBA3EiAWoiBEEANgIAIAQgAyABa0F8cSIBaiIDQQRrQQA2AgAgAUEJSQ0AIARBADYCCCAEQQA2AgQgA0EIa0EANgIAIANBDGtBADYCACABQRlJDQAgBEEANgIYIARBADYCFCAEQQA2AhAgBEEANgIMIANBEGtBADYCACADQRRrQQA2AgAgA0EYa0EANgIAIANBHGtBADYCACABIARBBHFBGHIiAWsiA0EgSQ0AIAEgBGohAQNAIAFCADcDGCABQgA3AxAgAUIANwMIIAFCADcDACABQSBqIQEgA0EgayIDQR9LDQALCwsgBkEBOgBMIAYgAkEQEAILIAY1AjQhECAGNQIwIREgBjUCLCEOIAAgBjUCKCAGKAIkIAYoAiAgBigCHCAGKAIYIgNBGnZqIgJBGnZqIgFBGnZqIgtBgICAYHIgAUH///8fcSINIAJB////H3EiCCAGKAIUIAtBGnZBBWxqIgFB////H3EiCUEFaiIFQRp2IANB////H3EgAUEadmoiA2oiAUEadmoiAkEadmoiBEEadmoiDEEfdSIHIANxIAEgDEEfdkEBayIDQf///x9xIgpxciIBQRp0IAUgCnEgByAJcXJyrXwiDzwAACAAIA9CGIg8AAMgACAPQhCIPAACIAAgD0IIiDwAASAAIA4gByAIcSACIApxciICQRR0IAFBBnZyrXwgD0IgiHwiDjwABCAAIA5CGIg8AAcgACAOQhCIPAAGIAAgDkIIiDwABSAAIBEgByANcSAEIApxciIBQQ50IAJBDHZyrXwgDkIgiHwiDjwACCAAIA5CGIg8AAsgACAOQhCIPAAKIAAgDkIIiDwACSAAIBAgAyAMcSAHIAtxckEIdCABQRJ2cq18IA5CIIh8Ig48AAwgACAOQhiIPAAPIAAgDkIQiDwADiAAIA5CCIg8AA0gBkIANwIwIAZCADcCKCAGQgA3AiAgBkIANwIYIAZCADcCECAGQgA3AgggBkIANwIAIAZBkAFqJAALpwwBB38CQCAARQ0AIABBCGsiAyAAQQRrKAIAIgFBeHEiAGohBQJAIAFBAXENACABQQNxRQ0BIAMgAygCACIBayIDQZgIKAIASQ0BIAAgAWohACADQZwIKAIARwRAIAFB/wFNBEAgAygCCCICIAFBA3YiBEEDdEGwCGpGGiACIAMoAgwiAUYEQEGICEGICCgCAEF+IAR3cTYCAAwDCyACIAE2AgwgASACNgIIDAILIAMoAhghBgJAIAMgAygCDCIBRwRAIAMoAggiAiABNgIMIAEgAjYCCAwBCwJAIANBFGoiAigCACIEDQAgA0EQaiICKAIAIgQNAEEAIQEMAQsDQCACIQcgBCIBQRRqIgIoAgAiBA0AIAFBEGohAiABKAIQIgQNAAsgB0EANgIACyAGRQ0BAkAgAyADKAIcIgJBAnRBuApqIgQoAgBGBEAgBCABNgIAIAENAUGMCEGMCCgCAEF+IAJ3cTYCAAwDCyAGQRBBFCAGKAIQIANGG2ogATYCACABRQ0CCyABIAY2AhggAygCECICBEAgASACNgIQIAIgATYCGAsgAygCFCICRQ0BIAEgAjYCFCACIAE2AhgMAQsgBSgCBCIBQQNxQQNHDQBBkAggADYCACAFIAFBfnE2AgQgAyAAQQFyNgIEIAAgA2ogADYCAA8LIAMgBU8NACAFKAIEIgFBAXFFDQACQCABQQJxRQRAIAVBoAgoAgBGBEBBoAggAzYCAEGUCEGUCCgCACAAaiIANgIAIAMgAEEBcjYCBCADQZwIKAIARw0DQZAIQQA2AgBBnAhBADYCAA8LIAVBnAgoAgBGBEBBnAggAzYCAEGQCEGQCCgCACAAaiIANgIAIAMgAEEBcjYCBCAAIANqIAA2AgAPCyABQXhxIABqIQACQCABQf8BTQRAIAUoAggiAiABQQN2IgRBA3RBsAhqRhogAiAFKAIMIgFGBEBBiAhBiAgoAgBBfiAEd3E2AgAMAgsgAiABNgIMIAEgAjYCCAwBCyAFKAIYIQYCQCAFIAUoAgwiAUcEQCAFKAIIIgJBmAgoAgBJGiACIAE2AgwgASACNgIIDAELAkAgBUEUaiICKAIAIgQNACAFQRBqIgIoAgAiBA0AQQAhAQwBCwNAIAIhByAEIgFBFGoiAigCACIEDQAgAUEQaiECIAEoAhAiBA0ACyAHQQA2AgALIAZFDQACQCAFIAUoAhwiAkECdEG4CmoiBCgCAEYEQCAEIAE2AgAgAQ0BQYwIQYwIKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgBUYbaiABNgIAIAFFDQELIAEgBjYCGCAFKAIQIgIEQCABIAI2AhAgAiABNgIYCyAFKAIUIgJFDQAgASACNgIUIAIgATYCGAsgAyAAQQFyNgIEIAAgA2ogADYCACADQZwIKAIARw0BQZAIIAA2AgAPCyAFIAFBfnE2AgQgAyAAQQFyNgIEIAAgA2ogADYCAAsgAEH/AU0EQCAAQQN2IgFBA3RBsAhqIQACf0GICCgCACICQQEgAXQiAXFFBEBBiAggASACcjYCACAADAELIAAoAggLIQIgACADNgIIIAIgAzYCDCADIAA2AgwgAyACNgIIDwtBHyECIANCADcCECAAQf///wdNBEAgAEEIdiIBIAFBgP4/akEQdkEIcSIBdCICIAJBgOAfakEQdkEEcSICdCIEIARBgIAPakEQdkECcSIEdEEPdiABIAJyIARyayIBQQF0IAAgAUEVanZBAXFyQRxqIQILIAMgAjYCHCACQQJ0QbgKaiEBAkACQAJAQYwIKAIAIgRBASACdCIHcUUEQEGMCCAEIAdyNgIAIAEgAzYCACADIAE2AhgMAQsgAEEAQRkgAkEBdmsgAkEfRht0IQIgASgCACEBA0AgASIEKAIEQXhxIABGDQIgAkEddiEBIAJBAXQhAiAEIAFBBHFqIgdBEGooAgAiAQ0ACyAHIAM2AhAgAyAENgIYCyADIAM2AgwgAyADNgIIDAELIAQoAggiACADNgIMIAQgAzYCCCADQQA2AhggAyAENgIMIAMgADYCCAtBqAhBqAgoAgBBAWsiAEF/IAAbNgIACwsLCQEAQYEICwIGUA==\";if(!W.startsWith(V)){var na=W;W=b.locateFile?b.locateFile(na,B):B+na}function pa(){var a=W;try{if(a==W&&J)return new Uint8Array(J);var c=H(a);if(c)return c;if(E)return E(a);throw\"both async and sync fetching of the wasm failed\";}catch(d){K(d)}}\nfunction qa(){if(!J&&(x||y)){if(\"function\"===typeof fetch&&!W.startsWith(\"file://\"))return fetch(W,{credentials:\"same-origin\"}).then(function(a){if(!a.ok)throw\"failed to load wasm binary file at '\"+W+\"'\";return a.arrayBuffer()}).catch(function(){return pa()});if(D)return new Promise(function(a,c){D(W,function(d){a(new Uint8Array(d))},c)})}return Promise.resolve().then(function(){return pa()})}\nfunction X(a){for(;0<a.length;){var c=a.shift();if(\"function\"==typeof c)c(b);else{var d=c.m;\"number\"===typeof d?void 0===c.l?R.get(d)():R.get(d)(c.l):d(void 0===c.l?null:c.l)}}}\nvar ba=!1,ra=\"function\"===typeof atob?atob:function(a){var c=\"\",d=0;a=a.replace(/[^A-Za-z0-9\\+\\/=]/g,\"\");do{var e=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\".indexOf(a.charAt(d++));var f=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\".indexOf(a.charAt(d++));var l=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\".indexOf(a.charAt(d++));var A=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\".indexOf(a.charAt(d++));e=e<<\n2|f>>4;f=(f&15)<<4|l>>2;var t=(l&3)<<6|A;c+=String.fromCharCode(e);64!==l&&(c+=String.fromCharCode(f));64!==A&&(c+=String.fromCharCode(t))}while(d<a.length);return c};\nfunction H(a){if(a.startsWith(V)){a=a.slice(V.length);if(\"boolean\"===typeof z&&z){var c=Buffer.from(a,\"base64\");c=new Uint8Array(c.buffer,c.byteOffset,c.byteLength)}else try{var d=ra(a),e=new Uint8Array(d.length);for(a=0;a<d.length;++a)e[a]=d.charCodeAt(a);c=e}catch(f){throw Error(\"Converting base64 string to bytes failed.\");}return c}}\nvar sa={a:function(a){var c=P.length;a>>>=0;if(2147483648<a)return!1;for(var d=1;4>=d;d*=2){var e=c*(1+.2/d);e=Math.min(e,a+100663296);e=Math.max(a,e);0<e%65536&&(e+=65536-e%65536);a:{try{L.grow(Math.min(2147483648,e)-ha.byteLength+65535>>>16);ia();var f=1;break a}catch(l){}f=void 0}if(f)return!0}return!1}};\n(function(){function a(f){b.asm=f.exports;L=b.asm.b;ia();R=b.asm.j;ka.unshift(b.asm.c);S--;b.monitorRunDependencies&&b.monitorRunDependencies(S);0==S&&(null!==T&&(clearInterval(T),T=null),U&&(f=U,U=null,f()))}function c(f){a(f.instance)}function d(f){return qa().then(function(l){return WebAssembly.instantiate(l,e)}).then(f,function(l){I(\"failed to asynchronously prepare wasm: \"+l);K(l)})}var e={a:sa};S++;b.monitorRunDependencies&&b.monitorRunDependencies(S);if(b.instantiateWasm)try{return b.instantiateWasm(e,\na)}catch(f){return I(\"Module.instantiateWasm callback failed with error: \"+f),!1}(function(){return J||\"function\"!==typeof WebAssembly.instantiateStreaming||W.startsWith(V)||W.startsWith(\"file://\")||\"function\"!==typeof fetch?d(c):fetch(W,{credentials:\"same-origin\"}).then(function(f){return WebAssembly.instantiateStreaming(f,e).then(c,function(l){I(\"wasm streaming compile failed: \"+l);I(\"falling back to ArrayBuffer instantiation\");return d(c)})})})().catch(r);return{}})();\nb.___wasm_call_ctors=function(){return(b.___wasm_call_ctors=b.asm.c).apply(null,arguments)};b._poly1305_auth=function(){return(b._poly1305_auth=b.asm.d).apply(null,arguments)};var da=b.stackSave=function(){return(da=b.stackSave=b.asm.e).apply(null,arguments)},fa=b.stackRestore=function(){return(fa=b.stackRestore=b.asm.f).apply(null,arguments)},O=b.stackAlloc=function(){return(O=b.stackAlloc=b.asm.g).apply(null,arguments)};b._malloc=function(){return(b._malloc=b.asm.h).apply(null,arguments)};\nb._free=function(){return(b._free=b.asm.i).apply(null,arguments)};b.cwrap=function(a,c,d,e){d=d||[];var f=d.every(function(l){return\"number\"===l});return\"string\"!==c&&f&&!e?N(a):function(){return ca(a,c,d,arguments)}};var Y;U=function ta(){Y||Z();Y||(U=ta)};\nfunction Z(){function a(){if(!Y&&(Y=!0,b.calledRun=!0,!M)){X(ka);q(b);if(b.onRuntimeInitialized)b.onRuntimeInitialized();if(b.postRun)for(\"function\"==typeof b.postRun&&(b.postRun=[b.postRun]);b.postRun.length;){var c=b.postRun.shift();la.unshift(c)}X(la)}}if(!(0<S)){if(b.preRun)for(\"function\"==typeof b.preRun&&(b.preRun=[b.preRun]);b.preRun.length;)ma();X(ja);0<S||(b.setStatus?(b.setStatus(\"Running...\"),setTimeout(function(){setTimeout(function(){b.setStatus(\"\")},1);a()},1)):a())}}b.run=Z;\nif(b.preInit)for(\"function\"==typeof b.preInit&&(b.preInit=[b.preInit]);0<b.preInit.length;)b.preInit.pop()();Z();\n\n\n  return createPoly1305.ready\n}\n);\n})();\nif (typeof exports === 'object' && typeof module === 'object')\n  module.exports = createPoly1305;\nelse if (typeof define === 'function' && define['amd'])\n  define([], function() { return createPoly1305; });\nelse if (typeof exports === 'object')\n  exports[\"createPoly1305\"] = createPoly1305;\n","'use strict';\n\nconst MESSAGE_HANDLERS = new Array(256);\n[\n  require('./kex.js').HANDLERS,\n  require('./handlers.misc.js'),\n].forEach((handlers) => {\n  // eslint-disable-next-line prefer-const\n  for (let [type, handler] of Object.entries(handlers)) {\n    type = +type;\n    if (isFinite(type) && type >= 0 && type < MESSAGE_HANDLERS.length)\n      MESSAGE_HANDLERS[type] = handler;\n  }\n});\n\nmodule.exports = MESSAGE_HANDLERS;\n","'use strict';\n\nconst {\n  bufferSlice,\n  bufferParser,\n  doFatalError,\n  sigSSHToASN1,\n  writeUInt32BE,\n} = require('./utils.js');\n\nconst {\n  CHANNEL_OPEN_FAILURE,\n  COMPAT,\n  MESSAGE,\n  TERMINAL_MODE,\n} = require('./constants.js');\n\nconst {\n  parseKey,\n} = require('./keyParser.js');\n\nconst TERMINAL_MODE_BY_VALUE =\n  Array.from(Object.entries(TERMINAL_MODE))\n       .reduce((obj, [key, value]) => ({ ...obj, [key]: value }), {});\n\nmodule.exports = {\n  // Transport layer protocol ==================================================\n  [MESSAGE.DISCONNECT]: (self, payload) => {\n    /*\n      byte      SSH_MSG_DISCONNECT\n      uint32    reason code\n      string    description in ISO-10646 UTF-8 encoding\n      string    language tag\n    */\n    bufferParser.init(payload, 1);\n    const reason = bufferParser.readUInt32BE();\n    const desc = bufferParser.readString(true);\n    const lang = bufferParser.readString();\n    bufferParser.clear();\n\n    if (lang === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed DISCONNECT packet'\n      );\n    }\n\n    self._debug && self._debug(\n      `Inbound: Received DISCONNECT (${reason}, \"${desc}\")`\n    );\n\n    const handler = self._handlers.DISCONNECT;\n    handler && handler(self, reason, desc);\n  },\n  [MESSAGE.IGNORE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_IGNORE\n      string    data\n    */\n    self._debug && self._debug('Inbound: Received IGNORE');\n  },\n  [MESSAGE.UNIMPLEMENTED]: (self, payload) => {\n    /*\n      byte      SSH_MSG_UNIMPLEMENTED\n      uint32    packet sequence number of rejected message\n    */\n    bufferParser.init(payload, 1);\n    const seqno = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (seqno === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed UNIMPLEMENTED packet'\n      );\n    }\n\n    self._debug\n      && self._debug(`Inbound: Received UNIMPLEMENTED (seqno ${seqno})`);\n  },\n  [MESSAGE.DEBUG]: (self, payload) => {\n    /*\n      byte      SSH_MSG_DEBUG\n      boolean   always_display\n      string    message in ISO-10646 UTF-8 encoding [RFC3629]\n      string    language tag [RFC3066]\n    */\n    bufferParser.init(payload, 1);\n    const display = bufferParser.readBool();\n    const msg = bufferParser.readString(true);\n    const lang = bufferParser.readString();\n    bufferParser.clear();\n\n    if (lang === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed DEBUG packet'\n      );\n    }\n\n    self._debug && self._debug('Inbound: Received DEBUG');\n\n    const handler = self._handlers.DEBUG;\n    handler && handler(self, display, msg);\n  },\n  [MESSAGE.SERVICE_REQUEST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_SERVICE_REQUEST\n      string    service name\n    */\n    bufferParser.init(payload, 1);\n    const name = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (name === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed SERVICE_REQUEST packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: Received SERVICE_REQUEST (${name})`);\n\n    const handler = self._handlers.SERVICE_REQUEST;\n    handler && handler(self, name);\n  },\n  [MESSAGE.SERVICE_ACCEPT]: (self, payload) => {\n    // S->C\n    /*\n      byte      SSH_MSG_SERVICE_ACCEPT\n      string    service name\n    */\n    bufferParser.init(payload, 1);\n    const name = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (name === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed SERVICE_ACCEPT packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: Received SERVICE_ACCEPT (${name})`);\n\n    const handler = self._handlers.SERVICE_ACCEPT;\n    handler && handler(self, name);\n  },\n\n  // User auth protocol -- generic =============================================\n  [MESSAGE.USERAUTH_REQUEST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_USERAUTH_REQUEST\n      string    user name in ISO-10646 UTF-8 encoding [RFC3629]\n      string    service name in US-ASCII\n      string    method name in US-ASCII\n      ....      method specific fields\n    */\n    bufferParser.init(payload, 1);\n    const user = bufferParser.readString(true);\n    const service = bufferParser.readString(true);\n    const method = bufferParser.readString(true);\n    let methodData;\n    let methodDesc;\n    switch (method) {\n      case 'none':\n        methodData = null;\n        break;\n      case 'password': {\n        /*\n          boolean   <new password follows (old) plaintext password?>\n          string    plaintext password in ISO-10646 UTF-8 encoding [RFC3629]\n         [string    new password]\n        */\n        const isChange = bufferParser.readBool();\n        if (isChange !== undefined) {\n          methodData = bufferParser.readString(true);\n          if (methodData !== undefined && isChange) {\n            const newPassword = bufferParser.readString(true);\n            if (newPassword !== undefined)\n              methodData = { oldPassword: methodData, newPassword };\n            else\n              methodData = undefined;\n          }\n        }\n        break;\n      }\n      case 'publickey': {\n        /*\n          boolean   <signature follows public key blob?>\n          string    public key algorithm name\n          string    public key blob\n         [string    signature]\n        */\n        const hasSig = bufferParser.readBool();\n        if (hasSig !== undefined) {\n          const keyAlgo = bufferParser.readString(true);\n          const key = bufferParser.readString();\n          if (hasSig) {\n            const blobEnd = bufferParser.pos();\n            let signature = bufferParser.readString();\n            if (signature !== undefined) {\n              if (signature.length > (4 + keyAlgo.length + 4)\n                  && signature.utf8Slice(4, 4 + keyAlgo.length) === keyAlgo) {\n                // Skip algoLen + algo + sigLen\n                signature = bufferSlice(signature, 4 + keyAlgo.length + 4);\n              }\n\n              signature = sigSSHToASN1(signature, keyAlgo);\n              if (signature) {\n                const sessionID = self._kex.sessionID;\n                const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd);\n                writeUInt32BE(blob, sessionID.length, 0);\n                blob.set(sessionID, 4);\n                blob.set(\n                  new Uint8Array(payload.buffer, payload.byteOffset, blobEnd),\n                  4 + sessionID.length\n                );\n                methodData = {\n                  keyAlgo,\n                  key,\n                  signature,\n                  blob,\n                };\n              }\n            }\n          } else {\n            methodData = { keyAlgo, key };\n            methodDesc = 'publickey -- check';\n          }\n        }\n        break;\n      }\n      case 'hostbased': {\n        /*\n          string    public key algorithm for host key\n          string    public host key and certificates for client host\n          string    client host name expressed as the FQDN in US-ASCII\n          string    user name on the client host in ISO-10646 UTF-8 encoding\n                     [RFC3629]\n          string    signature\n        */\n        const keyAlgo = bufferParser.readString(true);\n        const key = bufferParser.readString();\n        const localHostname = bufferParser.readString(true);\n        const localUsername = bufferParser.readString(true);\n\n        const blobEnd = bufferParser.pos();\n        let signature = bufferParser.readString();\n        if (signature !== undefined) {\n          if (signature.length > (4 + keyAlgo.length + 4)\n              && signature.utf8Slice(4, 4 + keyAlgo.length) === keyAlgo) {\n            // Skip algoLen + algo + sigLen\n            signature = bufferSlice(signature, 4 + keyAlgo.length + 4);\n          }\n\n          signature = sigSSHToASN1(signature, keyAlgo);\n          if (signature !== undefined) {\n            const sessionID = self._kex.sessionID;\n            const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd);\n            writeUInt32BE(blob, sessionID.length, 0);\n            blob.set(sessionID, 4);\n            blob.set(\n              new Uint8Array(payload.buffer, payload.byteOffset, blobEnd),\n              4 + sessionID.length\n            );\n            methodData = {\n              keyAlgo,\n              key,\n              signature,\n              blob,\n              localHostname,\n              localUsername,\n            };\n          }\n        }\n        break;\n      }\n      case 'keyboard-interactive':\n        /*\n          string    language tag (as defined in [RFC-3066])\n          string    submethods (ISO-10646 UTF-8)\n        */\n        // Skip/ignore language field -- it's deprecated in RFC 4256\n        bufferParser.skipString();\n\n        methodData = bufferParser.readList();\n        break;\n      default:\n        if (method !== undefined)\n          methodData = bufferParser.readRaw();\n    }\n    bufferParser.clear();\n\n    if (methodData === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed USERAUTH_REQUEST packet'\n      );\n    }\n\n    if (methodDesc === undefined)\n      methodDesc = method;\n\n    self._authsQueue.push(method);\n\n    self._debug\n      && self._debug(`Inbound: Received USERAUTH_REQUEST (${methodDesc})`);\n\n    const handler = self._handlers.USERAUTH_REQUEST;\n    handler && handler(self, user, service, method, methodData);\n  },\n  [MESSAGE.USERAUTH_FAILURE]: (self, payload) => {\n    // S->C\n    /*\n      byte         SSH_MSG_USERAUTH_FAILURE\n      name-list    authentications that can continue\n      boolean      partial success\n    */\n    bufferParser.init(payload, 1);\n    const authMethods = bufferParser.readList();\n    const partialSuccess = bufferParser.readBool();\n    bufferParser.clear();\n\n    if (partialSuccess === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed USERAUTH_FAILURE packet'\n      );\n    }\n\n    self._debug\n      && self._debug(`Inbound: Received USERAUTH_FAILURE (${authMethods})`);\n\n    self._authsQueue.shift();\n    const handler = self._handlers.USERAUTH_FAILURE;\n    handler && handler(self, authMethods, partialSuccess);\n  },\n  [MESSAGE.USERAUTH_SUCCESS]: (self, payload) => {\n    // S->C\n    /*\n      byte      SSH_MSG_USERAUTH_SUCCESS\n    */\n    self._debug && self._debug('Inbound: Received USERAUTH_SUCCESS');\n\n    self._authsQueue.shift();\n    const handler = self._handlers.USERAUTH_SUCCESS;\n    handler && handler(self);\n  },\n  [MESSAGE.USERAUTH_BANNER]: (self, payload) => {\n    // S->C\n    /*\n      byte      SSH_MSG_USERAUTH_BANNER\n      string    message in ISO-10646 UTF-8 encoding [RFC3629]\n      string    language tag [RFC3066]\n    */\n    bufferParser.init(payload, 1);\n    const msg = bufferParser.readString(true);\n    const lang = bufferParser.readString();\n    bufferParser.clear();\n\n    if (lang === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed USERAUTH_BANNER packet'\n      );\n    }\n\n    self._debug && self._debug('Inbound: Received USERAUTH_BANNER');\n\n    const handler = self._handlers.USERAUTH_BANNER;\n    handler && handler(self, msg);\n  },\n\n  // User auth protocol -- method-specific =====================================\n  60: (self, payload) => {\n    if (!self._authsQueue.length) {\n      self._debug\n        && self._debug('Inbound: Received payload type 60 without auth');\n      return;\n    }\n\n    switch (self._authsQueue[0]) {\n      case 'password': {\n        // S->C\n        /*\n          byte      SSH_MSG_USERAUTH_PASSWD_CHANGEREQ\n          string    prompt in ISO-10646 UTF-8 encoding [RFC3629]\n          string    language tag [RFC3066]\n        */\n        bufferParser.init(payload, 1);\n        const prompt = bufferParser.readString(true);\n        const lang = bufferParser.readString();\n        bufferParser.clear();\n\n        if (lang === undefined) {\n          return doFatalError(\n            self,\n            'Inbound: Malformed USERAUTH_PASSWD_CHANGEREQ packet'\n          );\n        }\n\n        self._debug\n          && self._debug('Inbound: Received USERAUTH_PASSWD_CHANGEREQ');\n\n        const handler = self._handlers.USERAUTH_PASSWD_CHANGEREQ;\n        handler && handler(self, prompt);\n        break;\n      }\n      case 'publickey': {\n        // S->C\n        /*\n          byte      SSH_MSG_USERAUTH_PK_OK\n          string    public key algorithm name from the request\n          string    public key blob from the request\n        */\n        bufferParser.init(payload, 1);\n        const keyAlgo = bufferParser.readString(true);\n        const key = bufferParser.readString();\n        bufferParser.clear();\n\n        if (key === undefined) {\n          return doFatalError(\n            self,\n            'Inbound: Malformed USERAUTH_PK_OK packet'\n          );\n        }\n\n        self._debug && self._debug('Inbound: Received USERAUTH_PK_OK');\n\n        self._authsQueue.shift();\n        const handler = self._handlers.USERAUTH_PK_OK;\n        handler && handler(self, keyAlgo, key);\n        break;\n      }\n      case 'keyboard-interactive': {\n        // S->C\n        /*\n          byte      SSH_MSG_USERAUTH_INFO_REQUEST\n          string    name (ISO-10646 UTF-8)\n          string    instruction (ISO-10646 UTF-8)\n          string    language tag (as defined in [RFC-3066])\n          int       num-prompts\n          string    prompt[1] (ISO-10646 UTF-8)\n          boolean   echo[1]\n          ...\n          string    prompt[num-prompts] (ISO-10646 UTF-8)\n          boolean   echo[num-prompts]\n        */\n        bufferParser.init(payload, 1);\n        const name = bufferParser.readString(true);\n        const instructions = bufferParser.readString(true);\n        bufferParser.readString(); // skip lang\n        const numPrompts = bufferParser.readUInt32BE();\n        let prompts;\n        if (numPrompts !== undefined) {\n          prompts = new Array(numPrompts);\n          let i;\n          for (i = 0; i < numPrompts; ++i) {\n            const prompt = bufferParser.readString(true);\n            const echo = bufferParser.readBool();\n            if (echo === undefined)\n              break;\n            prompts[i] = { prompt, echo };\n          }\n          if (i !== numPrompts)\n            prompts = undefined;\n        }\n        bufferParser.clear();\n\n        if (prompts === undefined) {\n          return doFatalError(\n            self,\n            'Inbound: Malformed USERAUTH_INFO_REQUEST packet'\n          );\n        }\n\n        self._debug && self._debug('Inbound: Received USERAUTH_INFO_REQUEST');\n\n        const handler = self._handlers.USERAUTH_INFO_REQUEST;\n        handler && handler(self, name, instructions, prompts);\n        break;\n      }\n      default:\n        self._debug\n          && self._debug('Inbound: Received unexpected payload type 60');\n    }\n  },\n  61: (self, payload) => {\n    if (!self._authsQueue.length) {\n      self._debug\n        && self._debug('Inbound: Received payload type 61 without auth');\n      return;\n    }\n    /*\n      byte      SSH_MSG_USERAUTH_INFO_RESPONSE\n      int       num-responses\n      string    response[1] (ISO-10646 UTF-8)\n      ...\n      string    response[num-responses] (ISO-10646 UTF-8)\n    */\n    if (self._authsQueue[0] !== 'keyboard-interactive') {\n      return doFatalError(\n        self,\n        'Inbound: Received unexpected payload type 61'\n      );\n    }\n    bufferParser.init(payload, 1);\n    const numResponses = bufferParser.readUInt32BE();\n    let responses;\n    if (numResponses !== undefined) {\n      responses = new Array(numResponses);\n      let i;\n      for (i = 0; i < numResponses; ++i) {\n        const response = bufferParser.readString(true);\n        if (response === undefined)\n          break;\n        responses[i] = response;\n      }\n      if (i !== numResponses)\n        responses = undefined;\n    }\n    bufferParser.clear();\n\n    if (responses === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed USERAUTH_INFO_RESPONSE packet'\n      );\n    }\n\n    self._debug && self._debug('Inbound: Received USERAUTH_INFO_RESPONSE');\n\n    const handler = self._handlers.USERAUTH_INFO_RESPONSE;\n    handler && handler(self, responses);\n  },\n\n  // Connection protocol -- generic ============================================\n  [MESSAGE.GLOBAL_REQUEST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_GLOBAL_REQUEST\n      string    request name in US-ASCII only\n      boolean   want reply\n      ....      request-specific data follows\n    */\n    bufferParser.init(payload, 1);\n    const name = bufferParser.readString(true);\n    const wantReply = bufferParser.readBool();\n    let data;\n    if (wantReply !== undefined) {\n      switch (name) {\n        case 'tcpip-forward':\n        case 'cancel-tcpip-forward': {\n          /*\n            string    address to bind (e.g., \"0.0.0.0\")\n            uint32    port number to bind\n          */\n          const bindAddr = bufferParser.readString(true);\n          const bindPort = bufferParser.readUInt32BE();\n          if (bindPort !== undefined)\n            data = { bindAddr, bindPort };\n          break;\n        }\n        case 'streamlocal-forward@openssh.com':\n        case 'cancel-streamlocal-forward@openssh.com': {\n          /*\n            string    socket path\n          */\n          const socketPath = bufferParser.readString(true);\n          if (socketPath !== undefined)\n            data = { socketPath };\n          break;\n        }\n        case 'no-more-sessions@openssh.com':\n          data = null;\n          break;\n        case 'hostkeys-00@openssh.com': {\n          data = [];\n          while (bufferParser.avail() > 0) {\n            const keyRaw = bufferParser.readString();\n            if (keyRaw === undefined) {\n              data = undefined;\n              break;\n            }\n            const key = parseKey(keyRaw);\n            if (!(key instanceof Error))\n              data.push(key);\n          }\n          break;\n        }\n        default:\n          data = bufferParser.readRaw();\n      }\n    }\n    bufferParser.clear();\n\n    if (data === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed GLOBAL_REQUEST packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: GLOBAL_REQUEST (${name})`);\n\n    const handler = self._handlers.GLOBAL_REQUEST;\n    if (handler)\n      handler(self, name, wantReply, data);\n    else\n      self.requestFailure(); // Auto reject\n  },\n  [MESSAGE.REQUEST_SUCCESS]: (self, payload) => {\n    /*\n      byte      SSH_MSG_REQUEST_SUCCESS\n      ....     response specific data\n    */\n    const data = (payload.length > 1 ? bufferSlice(payload, 1) : null);\n\n    self._debug && self._debug('Inbound: REQUEST_SUCCESS');\n\n    const handler = self._handlers.REQUEST_SUCCESS;\n    handler && handler(self, data);\n  },\n  [MESSAGE.REQUEST_FAILURE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_REQUEST_FAILURE\n    */\n    self._debug && self._debug('Inbound: Received REQUEST_FAILURE');\n\n    const handler = self._handlers.REQUEST_FAILURE;\n    handler && handler(self);\n  },\n\n  // Connection protocol -- channel-related ====================================\n  [MESSAGE.CHANNEL_OPEN]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_OPEN\n      string    channel type in US-ASCII only\n      uint32    sender channel\n      uint32    initial window size\n      uint32    maximum packet size\n      ....      channel type specific data follows\n    */\n    bufferParser.init(payload, 1);\n    const type = bufferParser.readString(true);\n    const sender = bufferParser.readUInt32BE();\n    const window = bufferParser.readUInt32BE();\n    const packetSize = bufferParser.readUInt32BE();\n    let channelInfo;\n\n    switch (type) {\n      case 'forwarded-tcpip': // S->C\n      case 'direct-tcpip': { // C->S\n        /*\n          string    address that was connected / host to connect\n          uint32    port that was connected / port to connect\n          string    originator IP address\n          uint32    originator port\n        */\n        const destIP = bufferParser.readString(true);\n        const destPort = bufferParser.readUInt32BE();\n        const srcIP = bufferParser.readString(true);\n        const srcPort = bufferParser.readUInt32BE();\n        if (srcPort !== undefined) {\n          channelInfo = {\n            type,\n            sender,\n            window,\n            packetSize,\n            data: { destIP, destPort, srcIP, srcPort }\n          };\n        }\n        break;\n      }\n      case 'forwarded-streamlocal@openssh.com': // S->C\n      case 'direct-streamlocal@openssh.com': { // C->S\n        /*\n          string    socket path\n          string    reserved for future use\n\n          (direct-streamlocal@openssh.com additionally has:)\n          uint32    reserved\n        */\n        const socketPath = bufferParser.readString(true);\n        if (socketPath !== undefined) {\n          channelInfo = {\n            type,\n            sender,\n            window,\n            packetSize,\n            data: { socketPath }\n          };\n        }\n        break;\n      }\n      case 'x11': { // S->C\n        /*\n          string    originator address (e.g., \"192.168.7.38\")\n          uint32    originator port\n        */\n        const srcIP = bufferParser.readString(true);\n        const srcPort = bufferParser.readUInt32BE();\n        if (srcPort !== undefined) {\n          channelInfo = {\n            type,\n            sender,\n            window,\n            packetSize,\n            data: { srcIP, srcPort }\n          };\n        }\n        break;\n      }\n      default:\n        // Includes:\n        //   'session' (C->S)\n        //   'auth-agent@openssh.com' (S->C)\n        channelInfo = {\n          type,\n          sender,\n          window,\n          packetSize,\n          data: {}\n        };\n    }\n    bufferParser.clear();\n\n    if (channelInfo === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_OPEN packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_OPEN (s:${sender}, ${type})`);\n\n    const handler = self._handlers.CHANNEL_OPEN;\n    if (handler) {\n      handler(self, channelInfo);\n    } else {\n      self.channelOpenFail(\n        channelInfo.sender,\n        CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED,\n        '',\n        ''\n      );\n    }\n  },\n  [MESSAGE.CHANNEL_OPEN_CONFIRMATION]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_OPEN_CONFIRMATION\n      uint32    recipient channel\n      uint32    sender channel\n      uint32    initial window size\n      uint32    maximum packet size\n      ....      channel type specific data follows\n    */\n    // \"The 'recipient channel' is the channel number given in the\n    // original open request, and 'sender channel' is the channel number\n    // allocated by the other side.\"\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const sender = bufferParser.readUInt32BE();\n    const window = bufferParser.readUInt32BE();\n    const packetSize = bufferParser.readUInt32BE();\n    const data = (bufferParser.avail() ? bufferParser.readRaw() : undefined);\n    bufferParser.clear();\n\n    if (packetSize === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_OPEN_CONFIRMATION packet'\n      );\n    }\n\n    self._debug && self._debug(\n      `Inbound: CHANNEL_OPEN_CONFIRMATION (r:${recipient}, s:${sender})`\n    );\n\n    const handler = self._handlers.CHANNEL_OPEN_CONFIRMATION;\n    if (handler)\n      handler(self, { recipient, sender, window, packetSize, data });\n  },\n  [MESSAGE.CHANNEL_OPEN_FAILURE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_OPEN_FAILURE\n      uint32    recipient channel\n      uint32    reason code\n      string    description in ISO-10646 UTF-8 encoding [RFC3629]\n      string    language tag [RFC3066]\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const reason = bufferParser.readUInt32BE();\n    const description = bufferParser.readString(true);\n    const lang = bufferParser.readString();\n    bufferParser.clear();\n\n    if (lang === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_OPEN_FAILURE packet'\n      );\n    }\n\n    self._debug\n      && self._debug(`Inbound: CHANNEL_OPEN_FAILURE (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_OPEN_FAILURE;\n    handler && handler(self, recipient, reason, description);\n  },\n  [MESSAGE.CHANNEL_WINDOW_ADJUST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_WINDOW_ADJUST\n      uint32    recipient channel\n      uint32    bytes to add\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const bytesToAdd = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (bytesToAdd === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_WINDOW_ADJUST packet'\n      );\n    }\n\n    self._debug && self._debug(\n      `Inbound: CHANNEL_WINDOW_ADJUST (r:${recipient}, ${bytesToAdd})`\n    );\n\n    const handler = self._handlers.CHANNEL_WINDOW_ADJUST;\n    handler && handler(self, recipient, bytesToAdd);\n  },\n  [MESSAGE.CHANNEL_DATA]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_DATA\n      uint32    recipient channel\n      string    data\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const data = bufferParser.readString();\n    bufferParser.clear();\n\n    if (data === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_DATA packet'\n      );\n    }\n\n    self._debug\n      && self._debug(`Inbound: CHANNEL_DATA (r:${recipient}, ${data.length})`);\n\n    const handler = self._handlers.CHANNEL_DATA;\n    handler && handler(self, recipient, data);\n  },\n  [MESSAGE.CHANNEL_EXTENDED_DATA]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_EXTENDED_DATA\n      uint32    recipient channel\n      uint32    data_type_code\n      string    data\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const type = bufferParser.readUInt32BE();\n    const data = bufferParser.readString();\n    bufferParser.clear();\n\n    if (data === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_EXTENDED_DATA packet'\n      );\n    }\n\n    self._debug && self._debug(\n      `Inbound: CHANNEL_EXTENDED_DATA (r:${recipient}, ${data.length})`\n    );\n\n    const handler = self._handlers.CHANNEL_EXTENDED_DATA;\n    handler && handler(self, recipient, data, type);\n  },\n  [MESSAGE.CHANNEL_EOF]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_EOF\n      uint32    recipient channel\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (recipient === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_EOF packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_EOF (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_EOF;\n    handler && handler(self, recipient);\n  },\n  [MESSAGE.CHANNEL_CLOSE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_CLOSE\n      uint32    recipient channel\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (recipient === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_CLOSE packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_CLOSE (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_CLOSE;\n    handler && handler(self, recipient);\n  },\n  [MESSAGE.CHANNEL_REQUEST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_REQUEST\n      uint32    recipient channel\n      string    request type in US-ASCII characters only\n      boolean   want reply\n      ....      type-specific data follows\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const type = bufferParser.readString(true);\n    const wantReply = bufferParser.readBool();\n    let data;\n    if (wantReply !== undefined) {\n      switch (type) {\n        case 'exit-status': // S->C\n          /*\n            uint32    exit_status\n          */\n          data = bufferParser.readUInt32BE();\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'exit-signal': { // S->C\n          /*\n            string    signal name (without the \"SIG\" prefix)\n            boolean   core dumped\n            string    error message in ISO-10646 UTF-8 encoding\n            string    language tag\n          */\n          let signal;\n          let coreDumped;\n          if (self._compatFlags & COMPAT.OLD_EXIT) {\n            /*\n              Instead of `signal name` and `core dumped`, we have just:\n                uint32  signal number\n            */\n            const num = bufferParser.readUInt32BE();\n            switch (num) {\n              case 1:\n                signal = 'HUP';\n                break;\n              case 2:\n                signal = 'INT';\n                break;\n              case 3:\n                signal = 'QUIT';\n                break;\n              case 6:\n                signal = 'ABRT';\n                break;\n              case 9:\n                signal = 'KILL';\n                break;\n              case 14:\n                signal = 'ALRM';\n                break;\n              case 15:\n                signal = 'TERM';\n                break;\n              default:\n                if (num !== undefined) {\n                  // Unknown or OS-specific\n                  signal = `UNKNOWN (${num})`;\n                }\n            }\n            coreDumped = false;\n          } else {\n            signal = bufferParser.readString(true);\n            coreDumped = bufferParser.readBool();\n            if (coreDumped === undefined)\n              signal = undefined;\n          }\n          const errorMessage = bufferParser.readString(true);\n          if (bufferParser.skipString() !== undefined)\n            data = { signal, coreDumped, errorMessage };\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${signal})`\n          );\n          break;\n        }\n        case 'pty-req': { // C->S\n          /*\n            string    TERM environment variable value (e.g., vt100)\n            uint32    terminal width, characters (e.g., 80)\n            uint32    terminal height, rows (e.g., 24)\n            uint32    terminal width, pixels (e.g., 640)\n            uint32    terminal height, pixels (e.g., 480)\n            string    encoded terminal modes\n          */\n          const term = bufferParser.readString(true);\n          const cols = bufferParser.readUInt32BE();\n          const rows = bufferParser.readUInt32BE();\n          const width = bufferParser.readUInt32BE();\n          const height = bufferParser.readUInt32BE();\n          const modesBinary = bufferParser.readString();\n          if (modesBinary !== undefined) {\n            bufferParser.init(modesBinary, 1);\n            let modes = {};\n            while (bufferParser.avail()) {\n              const opcode = bufferParser.readByte();\n              if (opcode === TERMINAL_MODE.TTY_OP_END)\n                break;\n              const name = TERMINAL_MODE_BY_VALUE[opcode];\n              const value = bufferParser.readUInt32BE();\n              if (opcode === undefined\n                  || name === undefined\n                  || value === undefined) {\n                modes = undefined;\n                break;\n              }\n              modes[name] = value;\n            }\n            if (modes !== undefined)\n              data = { term, cols, rows, width, height, modes };\n          }\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        }\n        case 'window-change': { // C->S\n          /*\n            uint32    terminal width, columns\n            uint32    terminal height, rows\n            uint32    terminal width, pixels\n            uint32    terminal height, pixels\n          */\n          const cols = bufferParser.readUInt32BE();\n          const rows = bufferParser.readUInt32BE();\n          const width = bufferParser.readUInt32BE();\n          const height = bufferParser.readUInt32BE();\n          if (height !== undefined)\n            data = { cols, rows, width, height };\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        }\n        case 'x11-req': { // C->S\n          /*\n            boolean   single connection\n            string    x11 authentication protocol\n            string    x11 authentication cookie\n            uint32    x11 screen number\n          */\n          const single = bufferParser.readBool();\n          const protocol = bufferParser.readString(true);\n          const cookie = bufferParser.readString();\n          const screen = bufferParser.readUInt32BE();\n          if (screen !== undefined)\n            data = { single, protocol, cookie, screen };\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        }\n        case 'env': { // C->S\n          /*\n            string    variable name\n            string    variable value\n          */\n          const name = bufferParser.readString(true);\n          const value = bufferParser.readString(true);\n          if (value !== undefined)\n            data = { name, value };\n          if (self._debug) {\n            self._debug(\n              `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: `\n                + `${name}=${value})`\n            );\n          }\n          break;\n        }\n        case 'shell': // C->S\n          data = null; // No extra data\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        case 'exec': // C->S\n          /*\n            string    command\n          */\n          data = bufferParser.readString(true);\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'subsystem': // C->S\n          /*\n            string    subsystem name\n          */\n          data = bufferParser.readString(true);\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'signal': // C->S\n          /*\n            string    signal name (without the \"SIG\" prefix)\n          */\n          data = bufferParser.readString(true);\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'xon-xoff': // C->S\n          /*\n            boolean   client can do\n          */\n          data = bufferParser.readBool();\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'auth-agent-req@openssh.com': // C-S\n          data = null; // No extra data\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        default:\n          data = (bufferParser.avail() ? bufferParser.readRaw() : null);\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n      }\n    }\n    bufferParser.clear();\n\n    if (data === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_REQUEST packet'\n      );\n    }\n\n    const handler = self._handlers.CHANNEL_REQUEST;\n    handler && handler(self, recipient, type, wantReply, data);\n  },\n  [MESSAGE.CHANNEL_SUCCESS]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_SUCCESS\n      uint32    recipient channel\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (recipient === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_SUCCESS packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_SUCCESS (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_SUCCESS;\n    handler && handler(self, recipient);\n  },\n  [MESSAGE.CHANNEL_FAILURE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_FAILURE\n      uint32    recipient channel\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (recipient === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_FAILURE packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_FAILURE (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_FAILURE;\n    handler && handler(self, recipient);\n  },\n};\n","'use strict';\n\nconst {\n  createDiffieHellman,\n  createDiffieHellmanGroup,\n  createECDH,\n  createHash,\n  createPublicKey,\n  diffieHellman,\n  generateKeyPairSync,\n  randomFillSync,\n} = require('crypto');\n\nconst { Ber } = require('asn1');\n\nconst {\n  COMPAT,\n  curve25519Supported,\n  DEFAULT_KEX,\n  DEFAULT_SERVER_HOST_KEY,\n  DEFAULT_CIPHER,\n  DEFAULT_MAC,\n  DEFAULT_COMPRESSION,\n  DISCONNECT_REASON,\n  MESSAGE,\n} = require('./constants.js');\nconst {\n  CIPHER_INFO,\n  createCipher,\n  createDecipher,\n  MAC_INFO,\n} = require('./crypto.js');\nconst { parseDERKey } = require('./keyParser.js');\nconst {\n  bufferFill,\n  bufferParser,\n  convertSignature,\n  doFatalError,\n  FastBuffer,\n  sigSSHToASN1,\n  writeUInt32BE,\n} = require('./utils.js');\nconst {\n  PacketReader,\n  PacketWriter,\n  ZlibPacketReader,\n  ZlibPacketWriter,\n} = require('./zlib.js');\n\nlet MESSAGE_HANDLERS;\n\nconst GEX_MIN_BITS = 2048; // RFC 8270\nconst GEX_MAX_BITS = 8192; // RFC 8270\n\nconst EMPTY_BUFFER = Buffer.alloc(0);\n\n// Client/Server\nfunction kexinit(self) {\n  /*\n    byte         SSH_MSG_KEXINIT\n    byte[16]     cookie (random bytes)\n    name-list    kex_algorithms\n    name-list    server_host_key_algorithms\n    name-list    encryption_algorithms_client_to_server\n    name-list    encryption_algorithms_server_to_client\n    name-list    mac_algorithms_client_to_server\n    name-list    mac_algorithms_server_to_client\n    name-list    compression_algorithms_client_to_server\n    name-list    compression_algorithms_server_to_client\n    name-list    languages_client_to_server\n    name-list    languages_server_to_client\n    boolean      first_kex_packet_follows\n    uint32       0 (reserved for future extension)\n  */\n\n  let payload;\n  if (self._compatFlags & COMPAT.BAD_DHGEX) {\n    const entry = self._offer.lists.kex;\n    let kex = entry.array;\n    let found = false;\n    for (let i = 0; i < kex.length; ++i) {\n      if (kex[i].includes('group-exchange')) {\n        if (!found) {\n          found = true;\n          // Copy array lazily\n          kex = kex.slice();\n        }\n        kex.splice(i--, 1);\n      }\n    }\n    if (found) {\n      let len = 1 + 16 + self._offer.totalSize + 1 + 4;\n      const newKexBuf = Buffer.from(kex.join(','));\n      len -= (entry.buffer.length - newKexBuf.length);\n\n      const all = self._offer.lists.all;\n      const rest = new Uint8Array(\n        all.buffer,\n        all.byteOffset + 4 + entry.buffer.length,\n        all.length - (4 + entry.buffer.length)\n      );\n\n      payload = Buffer.allocUnsafe(len);\n      writeUInt32BE(payload, newKexBuf.length, 17);\n      payload.set(newKexBuf, 17 + 4);\n      payload.set(rest, 17 + 4 + newKexBuf.length);\n    }\n  }\n\n  if (payload === undefined) {\n    payload = Buffer.allocUnsafe(1 + 16 + self._offer.totalSize + 1 + 4);\n    self._offer.copyAllTo(payload, 17);\n  }\n\n  self._debug && self._debug('Outbound: Sending KEXINIT');\n\n  payload[0] = MESSAGE.KEXINIT;\n  randomFillSync(payload, 1, 16);\n\n  // Zero-fill first_kex_packet_follows and reserved bytes\n  bufferFill(payload, 0, payload.length - 5);\n\n  self._kexinit = payload;\n\n  // Needed to correct the starting position in allocated \"packets\" when packets\n  // will be buffered due to active key exchange\n  self._packetRW.write.allocStart = 0;\n\n  // TODO: only create single buffer and set _kexinit as slice of packet instead\n  {\n    const p = self._packetRW.write.allocStartKEX;\n    const packet = self._packetRW.write.alloc(payload.length, true);\n    packet.set(payload, p);\n    self._cipher.encrypt(self._packetRW.write.finalize(packet, true));\n  }\n}\n\nfunction handleKexInit(self, payload) {\n  /*\n    byte         SSH_MSG_KEXINIT\n    byte[16]     cookie (random bytes)\n    name-list    kex_algorithms\n    name-list    server_host_key_algorithms\n    name-list    encryption_algorithms_client_to_server\n    name-list    encryption_algorithms_server_to_client\n    name-list    mac_algorithms_client_to_server\n    name-list    mac_algorithms_server_to_client\n    name-list    compression_algorithms_client_to_server\n    name-list    compression_algorithms_server_to_client\n    name-list    languages_client_to_server\n    name-list    languages_server_to_client\n    boolean      first_kex_packet_follows\n    uint32       0 (reserved for future extension)\n  */\n  const init = {\n    kex: undefined,\n    serverHostKey: undefined,\n    cs: {\n      cipher: undefined,\n      mac: undefined,\n      compress: undefined,\n      lang: undefined,\n    },\n    sc: {\n      cipher: undefined,\n      mac: undefined,\n      compress: undefined,\n      lang: undefined,\n    },\n  };\n\n  bufferParser.init(payload, 17);\n\n  if ((init.kex = bufferParser.readList()) === undefined\n      || (init.serverHostKey = bufferParser.readList()) === undefined\n      || (init.cs.cipher = bufferParser.readList()) === undefined\n      || (init.sc.cipher = bufferParser.readList()) === undefined\n      || (init.cs.mac = bufferParser.readList()) === undefined\n      || (init.sc.mac = bufferParser.readList()) === undefined\n      || (init.cs.compress = bufferParser.readList()) === undefined\n      || (init.sc.compress = bufferParser.readList()) === undefined\n      || (init.cs.lang = bufferParser.readList()) === undefined\n      || (init.sc.lang = bufferParser.readList()) === undefined) {\n    bufferParser.clear();\n    return doFatalError(\n      self,\n      'Received malformed KEXINIT',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n\n  const pos = bufferParser.pos();\n  const firstFollows = (pos < payload.length && payload[pos] === 1);\n  bufferParser.clear();\n\n  const local = self._offer;\n  const remote = init;\n\n  let localKex = local.lists.kex.array;\n  if (self._compatFlags & COMPAT.BAD_DHGEX) {\n    let found = false;\n    for (let i = 0; i < localKex.length; ++i) {\n      if (localKex[i].indexOf('group-exchange') !== -1) {\n        if (!found) {\n          found = true;\n          // Copy array lazily\n          localKex = localKex.slice();\n        }\n        localKex.splice(i--, 1);\n      }\n    }\n  }\n\n  let clientList;\n  let serverList;\n  let i;\n  const debug = self._debug;\n\n  debug && debug('Inbound: Handshake in progress');\n\n  // Key exchange method =======================================================\n  debug && debug(`Handshake: (local) KEX method: ${localKex}`);\n  debug && debug(`Handshake: (remote) KEX method: ${remote.kex}`);\n  if (self._server) {\n    serverList = localKex;\n    clientList = remote.kex;\n  } else {\n    serverList = remote.kex;\n    clientList = localKex;\n  }\n  // Check for agreeable key exchange algorithm\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching key exchange algorithm');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching key exchange algorithm',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.kex = clientList[i];\n  debug && debug(`Handshake: KEX algorithm: ${clientList[i]}`);\n  if (firstFollows && (!remote.kex.length || clientList[i] !== remote.kex[0])) {\n    // Ignore next inbound packet, it was a wrong first guess at KEX algorithm\n    self._skipNextInboundPacket = true;\n  }\n\n\n  // Server host key format ====================================================\n  const localSrvHostKey = local.lists.serverHostKey.array;\n  debug && debug(`Handshake: (local) Host key format: ${localSrvHostKey}`);\n  debug && debug(\n    `Handshake: (remote) Host key format: ${remote.serverHostKey}`\n  );\n  if (self._server) {\n    serverList = localSrvHostKey;\n    clientList = remote.serverHostKey;\n  } else {\n    serverList = remote.serverHostKey;\n    clientList = localSrvHostKey;\n  }\n  // Check for agreeable server host key format\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching host key format');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching host key format',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.serverHostKey = clientList[i];\n  debug && debug(`Handshake: Host key format: ${clientList[i]}`);\n\n\n  // Client->Server cipher =====================================================\n  const localCSCipher = local.lists.cs.cipher.array;\n  debug && debug(`Handshake: (local) C->S cipher: ${localCSCipher}`);\n  debug && debug(`Handshake: (remote) C->S cipher: ${remote.cs.cipher}`);\n  if (self._server) {\n    serverList = localCSCipher;\n    clientList = remote.cs.cipher;\n  } else {\n    serverList = remote.cs.cipher;\n    clientList = localCSCipher;\n  }\n  // Check for agreeable client->server cipher\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching C->S cipher');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching C->S cipher',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.cs.cipher = clientList[i];\n  debug && debug(`Handshake: C->S Cipher: ${clientList[i]}`);\n\n\n  // Server->Client cipher =====================================================\n  const localSCCipher = local.lists.sc.cipher.array;\n  debug && debug(`Handshake: (local) S->C cipher: ${localSCCipher}`);\n  debug && debug(`Handshake: (remote) S->C cipher: ${remote.sc.cipher}`);\n  if (self._server) {\n    serverList = localSCCipher;\n    clientList = remote.sc.cipher;\n  } else {\n    serverList = remote.sc.cipher;\n    clientList = localSCCipher;\n  }\n  // Check for agreeable server->client cipher\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching S->C cipher');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching S->C cipher',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.sc.cipher = clientList[i];\n  debug && debug(`Handshake: S->C cipher: ${clientList[i]}`);\n\n\n  // Client->Server MAC ========================================================\n  const localCSMAC = local.lists.cs.mac.array;\n  debug && debug(`Handshake: (local) C->S MAC: ${localCSMAC}`);\n  debug && debug(`Handshake: (remote) C->S MAC: ${remote.cs.mac}`);\n  if (CIPHER_INFO[init.cs.cipher].authLen > 0) {\n    init.cs.mac = '';\n    debug && debug('Handshake: C->S MAC: <implicit>');\n  } else {\n    if (self._server) {\n      serverList = localCSMAC;\n      clientList = remote.cs.mac;\n    } else {\n      serverList = remote.cs.mac;\n      clientList = localCSMAC;\n    }\n    // Check for agreeable client->server hmac algorithm\n    for (i = 0;\n         i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n         ++i);\n    if (i === clientList.length) {\n      // No suitable match found!\n      debug && debug('Handshake: No matching C->S MAC');\n      return doFatalError(\n        self,\n        'Handshake failed: no matching C->S MAC',\n        'handshake',\n        DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n      );\n    }\n    init.cs.mac = clientList[i];\n    debug && debug(`Handshake: C->S MAC: ${clientList[i]}`);\n  }\n\n\n  // Server->Client MAC ========================================================\n  const localSCMAC = local.lists.sc.mac.array;\n  debug && debug(`Handshake: (local) S->C MAC: ${localSCMAC}`);\n  debug && debug(`Handshake: (remote) S->C MAC: ${remote.sc.mac}`);\n  if (CIPHER_INFO[init.sc.cipher].authLen > 0) {\n    init.sc.mac = '';\n    debug && debug('Handshake: S->C MAC: <implicit>');\n  } else {\n    if (self._server) {\n      serverList = localSCMAC;\n      clientList = remote.sc.mac;\n    } else {\n      serverList = remote.sc.mac;\n      clientList = localSCMAC;\n    }\n    // Check for agreeable server->client hmac algorithm\n    for (i = 0;\n         i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n         ++i);\n    if (i === clientList.length) {\n      // No suitable match found!\n      debug && debug('Handshake: No matching S->C MAC');\n      return doFatalError(\n        self,\n        'Handshake failed: no matching S->C MAC',\n        'handshake',\n        DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n      );\n    }\n    init.sc.mac = clientList[i];\n    debug && debug(`Handshake: S->C MAC: ${clientList[i]}`);\n  }\n\n\n  // Client->Server compression ================================================\n  const localCSCompress = local.lists.cs.compress.array;\n  debug && debug(`Handshake: (local) C->S compression: ${localCSCompress}`);\n  debug && debug(`Handshake: (remote) C->S compression: ${remote.cs.compress}`);\n  if (self._server) {\n    serverList = localCSCompress;\n    clientList = remote.cs.compress;\n  } else {\n    serverList = remote.cs.compress;\n    clientList = localCSCompress;\n  }\n  // Check for agreeable client->server compression algorithm\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching C->S compression');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching C->S compression',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.cs.compress = clientList[i];\n  debug && debug(`Handshake: C->S compression: ${clientList[i]}`);\n\n\n  // Server->Client compression ================================================\n  const localSCCompress = local.lists.sc.compress.array;\n  debug && debug(`Handshake: (local) S->C compression: ${localSCCompress}`);\n  debug && debug(`Handshake: (remote) S->C compression: ${remote.sc.compress}`);\n  if (self._server) {\n    serverList = localSCCompress;\n    clientList = remote.sc.compress;\n  } else {\n    serverList = remote.sc.compress;\n    clientList = localSCCompress;\n  }\n  // Check for agreeable server->client compression algorithm\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching S->C compression');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching S->C compression',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.sc.compress = clientList[i];\n  debug && debug(`Handshake: S->C compression: ${clientList[i]}`);\n\n  init.cs.lang = '';\n  init.sc.lang = '';\n\n  // XXX: hack -- find a better way to do this\n  if (self._kex) {\n    if (!self._kexinit) {\n      // We received a rekey request, but we haven't sent a KEXINIT in response\n      // yet\n      kexinit(self);\n    }\n    self._decipher._onPayload = onKEXPayload.bind(self, { firstPacket: false });\n  }\n\n  self._kex = createKeyExchange(init, self, payload);\n  self._kex.start();\n}\n\nconst createKeyExchange = (() => {\n  function convertToMpint(buf) {\n    let idx = 0;\n    let length = buf.length;\n    while (buf[idx] === 0x00) {\n      ++idx;\n      --length;\n    }\n    let newBuf;\n    if (buf[idx] & 0x80) {\n      newBuf = Buffer.allocUnsafe(1 + length);\n      newBuf[0] = 0;\n      buf.copy(newBuf, 1, idx);\n      buf = newBuf;\n    } else if (length !== buf.length) {\n      newBuf = Buffer.allocUnsafe(length);\n      buf.copy(newBuf, 0, idx);\n      buf = newBuf;\n    }\n    return buf;\n  }\n\n  class KeyExchange {\n    constructor(negotiated, protocol, remoteKexinit) {\n      this._protocol = protocol;\n\n      this.sessionID = (protocol._kex ? protocol._kex.sessionID : undefined);\n      this.negotiated = negotiated;\n      this._step = 1;\n      this._public = null;\n      this._dh = null;\n      this._sentNEWKEYS = false;\n      this._receivedNEWKEYS = false;\n      this._finished = false;\n      this._hostVerified = false;\n\n      // Data needed for initializing cipher/decipher/etc.\n      this._kexinit = protocol._kexinit;\n      this._remoteKexinit = remoteKexinit;\n      this._identRaw = protocol._identRaw;\n      this._remoteIdentRaw = protocol._remoteIdentRaw;\n      this._hostKey = undefined;\n      this._dhData = undefined;\n      this._sig = undefined;\n    }\n    finish() {\n      if (this._finished)\n        return false;\n      this._finished = true;\n\n      const isServer = this._protocol._server;\n      const negotiated = this.negotiated;\n\n      const pubKey = this.convertPublicKey(this._dhData);\n      let secret = this.computeSecret(this._dhData);\n      if (secret instanceof Error) {\n        secret.message =\n          `Error while computing DH secret (${this.type}): ${secret.message}`;\n        secret.level = 'handshake';\n        return doFatalError(\n          this._protocol,\n          secret,\n          DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n        );\n      }\n\n      const hash = createHash(this.hashName);\n      // V_C\n      hashString(hash, (isServer ? this._remoteIdentRaw : this._identRaw));\n      // \"V_S\"\n      hashString(hash, (isServer ? this._identRaw : this._remoteIdentRaw));\n      // \"I_C\"\n      hashString(hash, (isServer ? this._remoteKexinit : this._kexinit));\n      // \"I_S\"\n      hashString(hash, (isServer ? this._kexinit : this._remoteKexinit));\n      // \"K_S\"\n      const serverPublicHostKey = (isServer\n                                   ? this._hostKey.getPublicSSH()\n                                   : this._hostKey);\n      hashString(hash, serverPublicHostKey);\n\n      if (this.type === 'groupex') {\n        // Group exchange-specific\n        const params = this.getDHParams();\n        const num = Buffer.allocUnsafe(4);\n        // min (uint32)\n        writeUInt32BE(num, this._minBits, 0);\n        hash.update(num);\n        // preferred (uint32)\n        writeUInt32BE(num, this._prefBits, 0);\n        hash.update(num);\n        // max (uint32)\n        writeUInt32BE(num, this._maxBits, 0);\n        hash.update(num);\n        // prime\n        hashString(hash, params.prime);\n        // generator\n        hashString(hash, params.generator);\n      }\n\n      // method-specific data sent by client\n      hashString(hash, (isServer ? pubKey : this.getPublicKey()));\n      // method-specific data sent by server\n      const serverPublicKey = (isServer ? this.getPublicKey() : pubKey);\n      hashString(hash, serverPublicKey);\n      // shared secret (\"K\")\n      hashString(hash, secret);\n\n      // \"H\"\n      const exchangeHash = hash.digest();\n\n      if (!isServer) {\n        bufferParser.init(this._sig, 0);\n        const sigType = bufferParser.readString(true);\n\n        if (!sigType) {\n          return doFatalError(\n            this._protocol,\n            'Malformed packet while reading signature',\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        if (sigType !== negotiated.serverHostKey) {\n          return doFatalError(\n            this._protocol,\n            `Wrong signature type: ${sigType}, `\n              + `expected: ${negotiated.serverHostKey}`,\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        // \"s\"\n        let sigValue = bufferParser.readString();\n\n        bufferParser.clear();\n\n        if (sigValue === undefined) {\n          return doFatalError(\n            this._protocol,\n            'Malformed packet while reading signature',\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        if (!(sigValue = sigSSHToASN1(sigValue, sigType))) {\n          return doFatalError(\n            this._protocol,\n            'Malformed signature',\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        let parsedHostKey;\n        {\n          bufferParser.init(this._hostKey, 0);\n          const name = bufferParser.readString(true);\n          const hostKey = this._hostKey.slice(bufferParser.pos());\n          bufferParser.clear();\n          parsedHostKey = parseDERKey(hostKey, name);\n          if (parsedHostKey instanceof Error) {\n            parsedHostKey.level = 'handshake';\n            return doFatalError(\n              this._protocol,\n              parsedHostKey,\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n        }\n\n        let hashAlgo;\n        // Check if we need to override the default hash algorithm\n        switch (this.negotiated.serverHostKey) {\n          case 'rsa-sha2-256': hashAlgo = 'sha256'; break;\n          case 'rsa-sha2-512': hashAlgo = 'sha512'; break;\n        }\n\n        this._protocol._debug\n          && this._protocol._debug('Verifying signature ...');\n\n        const verified = parsedHostKey.verify(exchangeHash, sigValue, hashAlgo);\n        if (verified !== true) {\n          if (verified instanceof Error) {\n            this._protocol._debug && this._protocol._debug(\n              `Signature verification failed: ${verified.stack}`\n            );\n          } else {\n            this._protocol._debug && this._protocol._debug(\n              'Signature verification failed'\n            );\n          }\n          return doFatalError(\n            this._protocol,\n            'Handshake failed: signature verification failed',\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n        this._protocol._debug && this._protocol._debug('Verified signature');\n      } else {\n        // Server\n\n        let hashAlgo;\n        // Check if we need to override the default hash algorithm\n        switch (this.negotiated.serverHostKey) {\n          case 'rsa-sha2-256': hashAlgo = 'sha256'; break;\n          case 'rsa-sha2-512': hashAlgo = 'sha512'; break;\n        }\n\n        this._protocol._debug && this._protocol._debug(\n          'Generating signature ...'\n        );\n\n        let signature = this._hostKey.sign(exchangeHash, hashAlgo);\n        if (signature instanceof Error) {\n          return doFatalError(\n            this._protocol,\n            'Handshake failed: signature generation failed for '\n              + `${this._hostKey.type} host key: ${signature.message}`,\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        signature = convertSignature(signature, this._hostKey.type);\n        if (signature === false) {\n          return doFatalError(\n            this._protocol,\n            'Handshake failed: signature conversion failed for '\n              + `${this._hostKey.type} host key`,\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        // Send KEX reply\n        /*\n          byte      SSH_MSG_KEXDH_REPLY\n                      / SSH_MSG_KEX_DH_GEX_REPLY\n                      / SSH_MSG_KEX_ECDH_REPLY\n          string    server public host key and certificates (K_S)\n          string    <method-specific data>\n          string    signature of H\n        */\n        const sigType = this.negotiated.serverHostKey;\n        const sigTypeLen = Buffer.byteLength(sigType);\n        const sigLen = 4 + sigTypeLen + 4 + signature.length;\n        let p = this._protocol._packetRW.write.allocStartKEX;\n        const packet = this._protocol._packetRW.write.alloc(\n          1\n            + 4 + serverPublicHostKey.length\n            + 4 + serverPublicKey.length\n            + 4 + sigLen,\n          true\n        );\n\n        packet[p] = MESSAGE.KEXDH_REPLY;\n\n        writeUInt32BE(packet, serverPublicHostKey.length, ++p);\n        packet.set(serverPublicHostKey, p += 4);\n\n        writeUInt32BE(packet,\n                      serverPublicKey.length,\n                      p += serverPublicHostKey.length);\n        packet.set(serverPublicKey, p += 4);\n\n        writeUInt32BE(packet, sigLen, p += serverPublicKey.length);\n\n        writeUInt32BE(packet, sigTypeLen, p += 4);\n        packet.utf8Write(sigType, p += 4, sigTypeLen);\n\n        writeUInt32BE(packet, signature.length, p += sigTypeLen);\n        packet.set(signature, p += 4);\n\n        if (this._protocol._debug) {\n          let type;\n          switch (this.type) {\n            case 'group':\n              type = 'KEXDH_REPLY';\n              break;\n            case 'groupex':\n              type = 'KEXDH_GEX_REPLY';\n              break;\n            default:\n              type = 'KEXECDH_REPLY';\n          }\n          this._protocol._debug(`Outbound: Sending ${type}`);\n        }\n        this._protocol._cipher.encrypt(\n          this._protocol._packetRW.write.finalize(packet, true)\n        );\n      }\n      trySendNEWKEYS(this);\n\n      const completeHandshake = () => {\n        if (!this.sessionID)\n          this.sessionID = exchangeHash;\n\n        {\n          const newSecret = Buffer.allocUnsafe(4 + secret.length);\n          writeUInt32BE(newSecret, secret.length, 0);\n          newSecret.set(secret, 4);\n          secret = newSecret;\n        }\n\n        // Initialize new ciphers, deciphers, etc.\n\n        const csCipherInfo = CIPHER_INFO[negotiated.cs.cipher];\n        const scCipherInfo = CIPHER_INFO[negotiated.sc.cipher];\n\n        const csIV = generateKEXVal(csCipherInfo.ivLen,\n                                    this.hashName,\n                                    secret,\n                                    exchangeHash,\n                                    this.sessionID,\n                                    'A');\n        const scIV = generateKEXVal(scCipherInfo.ivLen,\n                                    this.hashName,\n                                    secret,\n                                    exchangeHash,\n                                    this.sessionID,\n                                    'B');\n        const csKey = generateKEXVal(csCipherInfo.keyLen,\n                                     this.hashName,\n                                     secret,\n                                     exchangeHash,\n                                     this.sessionID,\n                                     'C');\n        const scKey = generateKEXVal(scCipherInfo.keyLen,\n                                     this.hashName,\n                                     secret,\n                                     exchangeHash,\n                                     this.sessionID,\n                                     'D');\n        let csMacInfo;\n        let csMacKey;\n        if (!csCipherInfo.authLen) {\n          csMacInfo = MAC_INFO[negotiated.cs.mac];\n          csMacKey = generateKEXVal(csMacInfo.len,\n                                    this.hashName,\n                                    secret,\n                                    exchangeHash,\n                                    this.sessionID,\n                                    'E');\n        }\n        let scMacInfo;\n        let scMacKey;\n        if (!scCipherInfo.authLen) {\n          scMacInfo = MAC_INFO[negotiated.sc.mac];\n          scMacKey = generateKEXVal(scMacInfo.len,\n                                    this.hashName,\n                                    secret,\n                                    exchangeHash,\n                                    this.sessionID,\n                                    'F');\n        }\n\n        const config = {\n          inbound: {\n            onPayload: this._protocol._onPayload,\n            seqno: this._protocol._decipher.inSeqno,\n            decipherInfo: (!isServer ? scCipherInfo : csCipherInfo),\n            decipherIV: (!isServer ? scIV : csIV),\n            decipherKey: (!isServer ? scKey : csKey),\n            macInfo: (!isServer ? scMacInfo : csMacInfo),\n            macKey: (!isServer ? scMacKey : csMacKey),\n          },\n          outbound: {\n            onWrite: this._protocol._onWrite,\n            seqno: this._protocol._cipher.outSeqno,\n            cipherInfo: (isServer ? scCipherInfo : csCipherInfo),\n            cipherIV: (isServer ? scIV : csIV),\n            cipherKey: (isServer ? scKey : csKey),\n            macInfo: (isServer ? scMacInfo : csMacInfo),\n            macKey: (isServer ? scMacKey : csMacKey),\n          },\n        };\n        this._protocol._cipher && this._protocol._cipher.free();\n        this._protocol._decipher && this._protocol._decipher.free();\n        this._protocol._cipher = createCipher(config);\n        this._protocol._decipher = createDecipher(config);\n\n        const rw = {\n          read: undefined,\n          write: undefined,\n        };\n        switch (negotiated.cs.compress) {\n          case 'zlib': // starts immediately\n            if (isServer)\n              rw.read = new ZlibPacketReader();\n            else\n              rw.write = new ZlibPacketWriter(this._protocol);\n            break;\n          case 'zlib@openssh.com':\n            // Starts after successful user authentication\n\n            if (this._protocol._authenticated) {\n              // If a rekey happens and this compression method is selected and\n              // we already authenticated successfully, we need to start\n              // immediately instead\n              if (isServer)\n                rw.read = new ZlibPacketReader();\n              else\n                rw.write = new ZlibPacketWriter(this._protocol);\n              break;\n            }\n          // FALLTHROUGH\n          default:\n            // none -- never any compression/decompression\n\n            if (isServer)\n              rw.read = new PacketReader();\n            else\n              rw.write = new PacketWriter(this._protocol);\n        }\n        switch (negotiated.sc.compress) {\n          case 'zlib': // starts immediately\n            if (isServer)\n              rw.write = new ZlibPacketWriter(this._protocol);\n            else\n              rw.read = new ZlibPacketReader();\n            break;\n          case 'zlib@openssh.com':\n            // Starts after successful user authentication\n\n            if (this._protocol._authenticated) {\n              // If a rekey happens and this compression method is selected and\n              // we already authenticated successfully, we need to start\n              // immediately instead\n              if (isServer)\n                rw.write = new ZlibPacketWriter(this._protocol);\n              else\n                rw.read = new ZlibPacketReader();\n              break;\n            }\n          // FALLTHROUGH\n          default:\n            // none -- never any compression/decompression\n\n            if (isServer)\n              rw.write = new PacketWriter(this._protocol);\n            else\n              rw.read = new PacketReader();\n        }\n        this._protocol._packetRW.read.cleanup();\n        this._protocol._packetRW.write.cleanup();\n        this._protocol._packetRW = rw;\n\n        // Cleanup/reset various state\n        this._public = null;\n        this._dh = null;\n        this._kexinit = this._protocol._kexinit = undefined;\n        this._remoteKexinit = undefined;\n        this._identRaw = undefined;\n        this._remoteIdentRaw = undefined;\n        this._hostKey = undefined;\n        this._dhData = undefined;\n        this._sig = undefined;\n\n        this._protocol._onHandshakeComplete(negotiated);\n\n        return false;\n      };\n      if (!isServer)\n        return completeHandshake();\n      this.finish = completeHandshake;\n    }\n\n    start() {\n      if (!this._protocol._server) {\n        if (this._protocol._debug) {\n          let type;\n          switch (this.type) {\n            case 'group':\n              type = 'KEXDH_INIT';\n              break;\n            default:\n              type = 'KEXECDH_INIT';\n          }\n          this._protocol._debug(`Outbound: Sending ${type}`);\n        }\n\n        const pubKey = this.getPublicKey();\n\n        let p = this._protocol._packetRW.write.allocStartKEX;\n        const packet = this._protocol._packetRW.write.alloc(\n          1 + 4 + pubKey.length,\n          true\n        );\n        packet[p] = MESSAGE.KEXDH_INIT;\n        writeUInt32BE(packet, pubKey.length, ++p);\n        packet.set(pubKey, p += 4);\n        this._protocol._cipher.encrypt(\n          this._protocol._packetRW.write.finalize(packet, true)\n        );\n      }\n    }\n    getPublicKey() {\n      this.generateKeys();\n\n      const key = this._public;\n\n      if (key)\n        return this.convertPublicKey(key);\n    }\n    convertPublicKey(key) {\n      let newKey;\n      let idx = 0;\n      let len = key.length;\n      while (key[idx] === 0x00) {\n        ++idx;\n        --len;\n      }\n\n      if (key[idx] & 0x80) {\n        newKey = Buffer.allocUnsafe(1 + len);\n        newKey[0] = 0;\n        key.copy(newKey, 1, idx);\n        return newKey;\n      }\n\n      if (len !== key.length) {\n        newKey = Buffer.allocUnsafe(len);\n        key.copy(newKey, 0, idx);\n        key = newKey;\n      }\n      return key;\n    }\n    computeSecret(otherPublicKey) {\n      this.generateKeys();\n\n      try {\n        return convertToMpint(this._dh.computeSecret(otherPublicKey));\n      } catch (ex) {\n        return ex;\n      }\n    }\n    parse(payload) {\n      const type = payload[0];\n      switch (this._step) {\n        case 1:\n          if (this._protocol._server) {\n            // Server\n            if (type !== MESSAGE.KEXDH_INIT) {\n              return doFatalError(\n                this._protocol,\n                `Received packet ${type} instead of ${MESSAGE.KEXDH_INIT}`,\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            this._protocol._debug && this._protocol._debug(\n              'Received DH Init'\n            );\n            /*\n              byte     SSH_MSG_KEXDH_INIT\n                         / SSH_MSG_KEX_ECDH_INIT\n              string   <method-specific data>\n            */\n            bufferParser.init(payload, 1);\n            const dhData = bufferParser.readString();\n            bufferParser.clear();\n            if (dhData === undefined) {\n              return doFatalError(\n                this._protocol,\n                'Received malformed KEX*_INIT',\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n\n            // Client public key\n            this._dhData = dhData;\n\n            let hostKey =\n              this._protocol._hostKeys[this.negotiated.serverHostKey];\n            if (Array.isArray(hostKey))\n              hostKey = hostKey[0];\n            this._hostKey = hostKey;\n\n            this.finish();\n          } else {\n            // Client\n            if (type !== MESSAGE.KEXDH_REPLY) {\n              return doFatalError(\n                this._protocol,\n                `Received packet ${type} instead of ${MESSAGE.KEXDH_REPLY}`,\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            this._protocol._debug && this._protocol._debug(\n              'Received DH Reply'\n            );\n            /*\n              byte      SSH_MSG_KEXDH_REPLY\n                          / SSH_MSG_KEX_DH_GEX_REPLY\n                          / SSH_MSG_KEX_ECDH_REPLY\n              string    server public host key and certificates (K_S)\n              string    <method-specific data>\n              string    signature of H\n            */\n            bufferParser.init(payload, 1);\n            let hostPubKey;\n            let dhData;\n            let sig;\n            if ((hostPubKey = bufferParser.readString()) === undefined\n                || (dhData = bufferParser.readString()) === undefined\n                || (sig = bufferParser.readString()) === undefined) {\n              bufferParser.clear();\n              return doFatalError(\n                this._protocol,\n                'Received malformed KEX*_REPLY',\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            bufferParser.clear();\n\n            // Check that the host public key type matches what was negotiated\n            // during KEXINIT swap\n            bufferParser.init(hostPubKey, 0);\n            const hostPubKeyType = bufferParser.readString(true);\n            bufferParser.clear();\n            if (hostPubKeyType === undefined) {\n              return doFatalError(\n                this._protocol,\n                'Received malformed host public key',\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            if (hostPubKeyType !== this.negotiated.serverHostKey) {\n              // Check if we need to make an exception\n              switch (this.negotiated.serverHostKey) {\n                case 'rsa-sha2-256':\n                case 'rsa-sha2-512':\n                  if (hostPubKeyType === 'ssh-rsa')\n                    break;\n                // FALLTHROUGH\n                default:\n                  return doFatalError(\n                    this._protocol,\n                    'Host key does not match negotiated type',\n                    'handshake',\n                    DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n                  );\n              }\n            }\n\n            this._hostKey = hostPubKey;\n            this._dhData = dhData;\n            this._sig = sig;\n\n            let checked = false;\n            let ret;\n            if (this._protocol._hostVerifier === undefined) {\n              ret = true;\n              this._protocol._debug && this._protocol._debug(\n                'Host accepted by default (no verification)'\n              );\n            } else {\n              ret = this._protocol._hostVerifier(hostPubKey, (permitted) => {\n                if (checked)\n                  return;\n                checked = true;\n                if (permitted === false) {\n                  this._protocol._debug && this._protocol._debug(\n                    'Host denied (verification failed)'\n                  );\n                  return doFatalError(\n                    this._protocol,\n                    'Host denied (verification failed)',\n                    'handshake',\n                    DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n                  );\n                }\n                this._protocol._debug && this._protocol._debug(\n                  'Host accepted (verified)'\n                );\n                this._hostVerified = true;\n                if (this._receivedNEWKEYS)\n                  this.finish();\n                else\n                  trySendNEWKEYS(this);\n              });\n            }\n            if (ret === undefined) {\n              // Async host verification\n              ++this._step;\n              return;\n            }\n            checked = true;\n            if (ret === false) {\n              this._protocol._debug && this._protocol._debug(\n                'Host denied (verification failed)'\n              );\n              return doFatalError(\n                this._protocol,\n                'Host denied (verification failed)',\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            this._protocol._debug && this._protocol._debug(\n              'Host accepted (verified)'\n            );\n            this._hostVerified = true;\n            trySendNEWKEYS(this);\n          }\n          ++this._step;\n          break;\n        case 2:\n          if (type !== MESSAGE.NEWKEYS) {\n            return doFatalError(\n              this._protocol,\n              `Received packet ${type} instead of ${MESSAGE.NEWKEYS}`,\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n          this._protocol._debug && this._protocol._debug(\n            'Inbound: NEWKEYS'\n          );\n          this._receivedNEWKEYS = true;\n          ++this._step;\n          if (this._protocol._server || this._hostVerified)\n            return this.finish();\n\n          // Signal to current decipher that we need to change to a new decipher\n          // for the next packet\n          return false;\n        default:\n          return doFatalError(\n            this._protocol,\n            `Received unexpected packet ${type} after NEWKEYS`,\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n      }\n    }\n  }\n\n  class Curve25519Exchange extends KeyExchange {\n    constructor(hashName, ...args) {\n      super(...args);\n\n      this.type = '25519';\n      this.hashName = hashName;\n      this._keys = null;\n    }\n    generateKeys() {\n      if (!this._keys)\n        this._keys = generateKeyPairSync('x25519');\n    }\n    getPublicKey() {\n      this.generateKeys();\n\n      const key = this._keys.publicKey.export({ type: 'spki', format: 'der' });\n      return key.slice(-32); // HACK: avoids parsing DER/BER header\n    }\n    convertPublicKey(key) {\n      let newKey;\n      let idx = 0;\n      let len = key.length;\n      while (key[idx] === 0x00) {\n        ++idx;\n        --len;\n      }\n\n      if (key.length === 32)\n        return key;\n\n      if (len !== key.length) {\n        newKey = Buffer.allocUnsafe(len);\n        key.copy(newKey, 0, idx);\n        key = newKey;\n      }\n      return key;\n    }\n    computeSecret(otherPublicKey) {\n      this.generateKeys();\n\n      try {\n        const asnWriter = new Ber.Writer();\n        asnWriter.startSequence();\n          // algorithm\n          asnWriter.startSequence();\n            asnWriter.writeOID('1.3.101.110'); // id-X25519\n          asnWriter.endSequence();\n\n          // PublicKey\n          asnWriter.startSequence(Ber.BitString);\n            asnWriter.writeByte(0x00);\n            // XXX: hack to write a raw buffer without a tag -- yuck\n            asnWriter._ensure(otherPublicKey.length);\n            otherPublicKey.copy(asnWriter._buf,\n                                asnWriter._offset,\n                                0,\n                                otherPublicKey.length);\n            asnWriter._offset += otherPublicKey.length;\n          asnWriter.endSequence();\n        asnWriter.endSequence();\n\n        return convertToMpint(diffieHellman({\n          privateKey: this._keys.privateKey,\n          publicKey: createPublicKey({\n            key: asnWriter.buffer,\n            type: 'spki',\n            format: 'der',\n          }),\n        }));\n      } catch (ex) {\n        return ex;\n      }\n    }\n  }\n\n  class ECDHExchange extends KeyExchange {\n    constructor(curveName, hashName, ...args) {\n      super(...args);\n\n      this.type = 'ecdh';\n      this.curveName = curveName;\n      this.hashName = hashName;\n    }\n    generateKeys() {\n      if (!this._dh) {\n        this._dh = createECDH(this.curveName);\n        this._public = this._dh.generateKeys();\n      }\n    }\n  }\n\n  class DHGroupExchange extends KeyExchange {\n    constructor(hashName, ...args) {\n      super(...args);\n\n      this.type = 'groupex';\n      this.hashName = hashName;\n      this._prime = null;\n      this._generator = null;\n      this._minBits = GEX_MIN_BITS;\n      this._prefBits = dhEstimate(this.negotiated);\n      if (this._protocol._compatFlags & COMPAT.BUG_DHGEX_LARGE)\n        this._prefBits = Math.min(this._prefBits, 4096);\n      this._maxBits = GEX_MAX_BITS;\n    }\n    start() {\n      if (this._protocol._server)\n        return;\n      this._protocol._debug && this._protocol._debug(\n        'Outbound: Sending KEXDH_GEX_REQUEST'\n      );\n      let p = this._protocol._packetRW.write.allocStartKEX;\n      const packet = this._protocol._packetRW.write.alloc(\n        1 + 4 + 4 + 4,\n        true\n      );\n      packet[p] = MESSAGE.KEXDH_GEX_REQUEST;\n      writeUInt32BE(packet, this._minBits, ++p);\n      writeUInt32BE(packet, this._prefBits, p += 4);\n      writeUInt32BE(packet, this._maxBits, p += 4);\n      this._protocol._cipher.encrypt(\n        this._protocol._packetRW.write.finalize(packet, true)\n      );\n    }\n    generateKeys() {\n      if (!this._dh && this._prime && this._generator) {\n        this._dh = createDiffieHellman(this._prime, this._generator);\n        this._public = this._dh.generateKeys();\n      }\n    }\n    setDHParams(prime, generator) {\n      if (!Buffer.isBuffer(prime))\n        throw new Error('Invalid prime value');\n      if (!Buffer.isBuffer(generator))\n        throw new Error('Invalid generator value');\n      this._prime = prime;\n      this._generator = generator;\n    }\n    getDHParams() {\n      if (this._dh) {\n        return {\n          prime: convertToMpint(this._dh.getPrime()),\n          generator: convertToMpint(this._dh.getGenerator()),\n        };\n      }\n    }\n    parse(payload) {\n      const type = payload[0];\n      switch (this._step) {\n        case 1:\n          if (this._protocol._server) {\n            if (type !== MESSAGE.KEXDH_GEX_REQUEST) {\n              return doFatalError(\n                this._protocol,\n                `Received packet ${type} instead of `\n                  + MESSAGE.KEXDH_GEX_REQUEST,\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            // TODO: allow user implementation to provide safe prime and\n            // generator on demand to support group exchange on server side\n            return doFatalError(\n              this._protocol,\n              'Group exchange not implemented for server',\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n\n          if (type !== MESSAGE.KEXDH_GEX_GROUP) {\n            return doFatalError(\n              this._protocol,\n              `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_GROUP}`,\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n\n          this._protocol._debug && this._protocol._debug(\n            'Received DH GEX Group'\n          );\n\n          /*\n            byte    SSH_MSG_KEX_DH_GEX_GROUP\n            mpint   p, safe prime\n            mpint   g, generator for subgroup in GF(p)\n          */\n          bufferParser.init(payload, 1);\n          let prime;\n          let gen;\n          if ((prime = bufferParser.readString()) === undefined\n              || (gen = bufferParser.readString()) === undefined) {\n            bufferParser.clear();\n            return doFatalError(\n              this._protocol,\n              'Received malformed KEXDH_GEX_GROUP',\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n          bufferParser.clear();\n\n          // TODO: validate prime\n          this.setDHParams(prime, gen);\n          this.generateKeys();\n          const pubkey = this.getPublicKey();\n\n          this._protocol._debug && this._protocol._debug(\n            'Outbound: Sending KEXDH_GEX_INIT'\n          );\n\n          let p = this._protocol._packetRW.write.allocStartKEX;\n          const packet =\n            this._protocol._packetRW.write.alloc(1 + 4 + pubkey.length, true);\n          packet[p] = MESSAGE.KEXDH_GEX_INIT;\n          writeUInt32BE(packet, pubkey.length, ++p);\n          packet.set(pubkey, p += 4);\n          this._protocol._cipher.encrypt(\n            this._protocol._packetRW.write.finalize(packet, true)\n          );\n\n          ++this._step;\n          break;\n        case 2:\n          if (this._protocol._server) {\n            if (type !== MESSAGE.KEXDH_GEX_INIT) {\n              return doFatalError(\n                this._protocol,\n                `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_INIT}`,\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            this._protocol._debug && this._protocol._debug(\n              'Received DH GEX Init'\n            );\n            return doFatalError(\n              this._protocol,\n              'Group exchange not implemented for server',\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          } else if (type !== MESSAGE.KEXDH_GEX_REPLY) {\n            return doFatalError(\n              this._protocol,\n              `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_REPLY}`,\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n          this._protocol._debug && this._protocol._debug(\n            'Received DH GEX Reply'\n          );\n          this._step = 1;\n          payload[0] = MESSAGE.KEXDH_REPLY;\n          this.parse = KeyExchange.prototype.parse;\n          this.parse(payload);\n      }\n    }\n  }\n\n  class DHExchange extends KeyExchange {\n    constructor(groupName, hashName, ...args) {\n      super(...args);\n\n      this.type = 'group';\n      this.groupName = groupName;\n      this.hashName = hashName;\n    }\n    start() {\n      if (!this._protocol._server) {\n        this._protocol._debug && this._protocol._debug(\n          'Outbound: Sending KEXDH_INIT'\n        );\n        const pubKey = this.getPublicKey();\n        let p = this._protocol._packetRW.write.allocStartKEX;\n        const packet =\n          this._protocol._packetRW.write.alloc(1 + 4 + pubKey.length, true);\n        packet[p] = MESSAGE.KEXDH_INIT;\n        writeUInt32BE(packet, pubKey.length, ++p);\n        packet.set(pubKey, p += 4);\n        this._protocol._cipher.encrypt(\n          this._protocol._packetRW.write.finalize(packet, true)\n        );\n      }\n    }\n    generateKeys() {\n      if (!this._dh) {\n        this._dh = createDiffieHellmanGroup(this.groupName);\n        this._public = this._dh.generateKeys();\n      }\n    }\n    getDHParams() {\n      if (this._dh) {\n        return {\n          prime: convertToMpint(this._dh.getPrime()),\n          generator: convertToMpint(this._dh.getGenerator()),\n        };\n      }\n    }\n  }\n\n  return (negotiated, ...args) => {\n    if (typeof negotiated !== 'object' || negotiated === null)\n      throw new Error('Invalid negotiated argument');\n    const kexType = negotiated.kex;\n    if (typeof kexType === 'string') {\n      args = [negotiated, ...args];\n      switch (kexType) {\n        case 'curve25519-sha256':\n        case 'curve25519-sha256@libssh.org':\n          if (!curve25519Supported)\n            break;\n          return new Curve25519Exchange('sha256', ...args);\n\n        case 'ecdh-sha2-nistp256':\n          return new ECDHExchange('prime256v1', 'sha256', ...args);\n        case 'ecdh-sha2-nistp384':\n          return new ECDHExchange('secp384r1', 'sha384', ...args);\n        case 'ecdh-sha2-nistp521':\n          return new ECDHExchange('secp521r1', 'sha512', ...args);\n\n        case 'diffie-hellman-group1-sha1':\n          return new DHExchange('modp2', 'sha1', ...args);\n        case 'diffie-hellman-group14-sha1':\n          return new DHExchange('modp14', 'sha1', ...args);\n        case 'diffie-hellman-group14-sha256':\n          return new DHExchange('modp14', 'sha256', ...args);\n        case 'diffie-hellman-group15-sha512':\n          return new DHExchange('modp15', 'sha512', ...args);\n        case 'diffie-hellman-group16-sha512':\n          return new DHExchange('modp16', 'sha512', ...args);\n        case 'diffie-hellman-group17-sha512':\n          return new DHExchange('modp17', 'sha512', ...args);\n        case 'diffie-hellman-group18-sha512':\n          return new DHExchange('modp18', 'sha512', ...args);\n\n        case 'diffie-hellman-group-exchange-sha1':\n          return new DHGroupExchange('sha1', ...args);\n        case 'diffie-hellman-group-exchange-sha256':\n          return new DHGroupExchange('sha256', ...args);\n      }\n      throw new Error(`Unsupported key exchange algorithm: ${kexType}`);\n    }\n    throw new Error(`Invalid key exchange type: ${kexType}`);\n  };\n})();\n\nconst KexInit = (() => {\n  const KEX_PROPERTY_NAMES = [\n    'kex',\n    'serverHostKey',\n    ['cs', 'cipher' ],\n    ['sc', 'cipher' ],\n    ['cs', 'mac' ],\n    ['sc', 'mac' ],\n    ['cs', 'compress' ],\n    ['sc', 'compress' ],\n    ['cs', 'lang' ],\n    ['sc', 'lang' ],\n  ];\n  return class KexInit {\n    constructor(obj) {\n      if (typeof obj !== 'object' || obj === null)\n        throw new TypeError('Argument must be an object');\n\n      const lists = {\n        kex: undefined,\n        serverHostKey: undefined,\n        cs: {\n          cipher: undefined,\n          mac: undefined,\n          compress: undefined,\n          lang: undefined,\n        },\n        sc: {\n          cipher: undefined,\n          mac: undefined,\n          compress: undefined,\n          lang: undefined,\n        },\n\n        all: undefined,\n      };\n      let totalSize = 0;\n      for (const prop of KEX_PROPERTY_NAMES) {\n        let base;\n        let val;\n        let desc;\n        let key;\n        if (typeof prop === 'string') {\n          base = lists;\n          val = obj[prop];\n          desc = key = prop;\n        } else {\n          const parent = prop[0];\n          base = lists[parent];\n          key = prop[1];\n          val = obj[parent][key];\n          desc = `${parent}.${key}`;\n        }\n        const entry = { array: undefined, buffer: undefined };\n        if (Buffer.isBuffer(val)) {\n          entry.array = ('' + val).split(',');\n          entry.buffer = val;\n          totalSize += 4 + val.length;\n        } else {\n          if (typeof val === 'string')\n            val = val.split(',');\n          if (Array.isArray(val)) {\n            entry.array = val;\n            entry.buffer = Buffer.from(val.join(','));\n          } else {\n            throw new TypeError(`Invalid \\`${desc}\\` type: ${typeof val}`);\n          }\n          totalSize += 4 + entry.buffer.length;\n        }\n        base[key] = entry;\n      }\n\n      const all = Buffer.allocUnsafe(totalSize);\n      lists.all = all;\n\n      let allPos = 0;\n      for (const prop of KEX_PROPERTY_NAMES) {\n        let data;\n        if (typeof prop === 'string')\n          data = lists[prop].buffer;\n        else\n          data = lists[prop[0]][prop[1]].buffer;\n        allPos = writeUInt32BE(all, data.length, allPos);\n        all.set(data, allPos);\n        allPos += data.length;\n      }\n\n      this.totalSize = totalSize;\n      this.lists = lists;\n    }\n    copyAllTo(buf, offset) {\n      const src = this.lists.all;\n      if (typeof offset !== 'number')\n        throw new TypeError(`Invalid offset value: ${typeof offset}`);\n      if (buf.length - offset < src.length)\n        throw new Error('Insufficient space to copy list');\n      buf.set(src, offset);\n      return src.length;\n    }\n  };\n})();\n\nconst hashString = (() => {\n  const LEN = Buffer.allocUnsafe(4);\n  return (hash, buf) => {\n    writeUInt32BE(LEN, buf.length, 0);\n    hash.update(LEN);\n    hash.update(buf);\n  };\n})();\n\nfunction generateKEXVal(len, hashName, secret, exchangeHash, sessionID, char) {\n  let ret;\n  if (len) {\n    let digest = createHash(hashName)\n                   .update(secret)\n                   .update(exchangeHash)\n                   .update(char)\n                   .update(sessionID)\n                   .digest();\n    while (digest.length < len) {\n      const chunk = createHash(hashName)\n                      .update(secret)\n                      .update(exchangeHash)\n                      .update(digest)\n                      .digest();\n      const extended = Buffer.allocUnsafe(digest.length + chunk.length);\n      extended.set(digest, 0);\n      extended.set(chunk, digest.length);\n      digest = extended;\n    }\n    if (digest.length === len)\n      ret = digest;\n    else\n      ret = new FastBuffer(digest.buffer, digest.byteOffset, len);\n  } else {\n    ret = EMPTY_BUFFER;\n  }\n  return ret;\n}\n\nfunction onKEXPayload(state, payload) {\n  // XXX: move this to the Decipher implementations?\n  if (payload.length === 0) {\n    this._debug && this._debug('Inbound: Skipping empty packet payload');\n    return;\n  }\n\n  if (this._skipNextInboundPacket) {\n    this._skipNextInboundPacket = false;\n    return;\n  }\n\n  payload = this._packetRW.read.read(payload);\n\n  const type = payload[0];\n  switch (type) {\n    case MESSAGE.DISCONNECT:\n    case MESSAGE.IGNORE:\n    case MESSAGE.UNIMPLEMENTED:\n    case MESSAGE.DEBUG:\n      if (!MESSAGE_HANDLERS)\n        MESSAGE_HANDLERS = require('./handlers.js');\n      return MESSAGE_HANDLERS[type](this, payload);\n    case MESSAGE.KEXINIT:\n      if (!state.firstPacket) {\n        return doFatalError(\n          this,\n          'Received extra KEXINIT during handshake',\n          'handshake',\n          DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n        );\n      }\n      state.firstPacket = false;\n      return handleKexInit(this, payload);\n    default:\n      if (type < 20 || type > 49) {\n        return doFatalError(\n          this,\n          `Received unexpected packet type ${type}`,\n          'handshake',\n          DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n        );\n      }\n  }\n\n  return this._kex.parse(payload);\n}\n\nfunction dhEstimate(neg) {\n  const csCipher = CIPHER_INFO[neg.cs.cipher];\n  const scCipher = CIPHER_INFO[neg.sc.cipher];\n  // XXX: if OpenSSH's `umac-*` MACs are ever supported, their key lengths will\n  // also need to be considered when calculating `bits`\n  const bits = Math.max(\n    0,\n    (csCipher.sslName === 'des-ede3-cbc' ? 14 : csCipher.keyLen),\n    csCipher.blockLen,\n    csCipher.ivLen,\n    (scCipher.sslName === 'des-ede3-cbc' ? 14 : scCipher.keyLen),\n    scCipher.blockLen,\n    scCipher.ivLen\n  ) * 8;\n  if (bits <= 112)\n    return 2048;\n  if (bits <= 128)\n    return 3072;\n  if (bits <= 192)\n    return 7680;\n  return 8192;\n}\n\nfunction trySendNEWKEYS(kex) {\n  if (!kex._sentNEWKEYS) {\n    kex._protocol._debug && kex._protocol._debug(\n      'Outbound: Sending NEWKEYS'\n    );\n    const p = kex._protocol._packetRW.write.allocStartKEX;\n    const packet = kex._protocol._packetRW.write.alloc(1, true);\n    packet[p] = MESSAGE.NEWKEYS;\n    kex._protocol._cipher.encrypt(\n      kex._protocol._packetRW.write.finalize(packet, true)\n    );\n    kex._sentNEWKEYS = true;\n  }\n}\n\nmodule.exports = {\n  KexInit,\n  kexinit,\n  onKEXPayload,\n  DEFAULT_KEXINIT: new KexInit({\n    kex: DEFAULT_KEX,\n    serverHostKey: DEFAULT_SERVER_HOST_KEY,\n    cs: {\n      cipher: DEFAULT_CIPHER,\n      mac: DEFAULT_MAC,\n      compress: DEFAULT_COMPRESSION,\n      lang: [],\n    },\n    sc: {\n      cipher: DEFAULT_CIPHER,\n      mac: DEFAULT_MAC,\n      compress: DEFAULT_COMPRESSION,\n      lang: [],\n    },\n  }),\n  HANDLERS: {\n    [MESSAGE.KEXINIT]: handleKexInit,\n  },\n};\n","// TODO:\n//    * utilize `crypto.create(Private|Public)Key()` and `keyObject.export()`\n//    * handle multi-line header values (OpenSSH)?\n//    * more thorough validation?\n'use strict';\n\nconst {\n  createDecipheriv,\n  createECDH,\n  createHash,\n  createHmac,\n  createSign,\n  createVerify,\n  getCiphers,\n  sign: sign_,\n  verify: verify_,\n} = require('crypto');\nconst supportedOpenSSLCiphers = getCiphers();\n\nconst { Ber } = require('asn1');\nconst bcrypt_pbkdf = require('bcrypt-pbkdf').pbkdf;\n\nconst { CIPHER_INFO } = require('./crypto.js');\nconst { eddsaSupported, SUPPORTED_CIPHER } = require('./constants.js');\nconst {\n  bufferSlice,\n  makeBufferParser,\n  readString,\n  readUInt32BE,\n  writeUInt32BE,\n} = require('./utils.js');\n\nconst SYM_HASH_ALGO = Symbol('Hash Algorithm');\nconst SYM_PRIV_PEM = Symbol('Private key PEM');\nconst SYM_PUB_PEM = Symbol('Public key PEM');\nconst SYM_PUB_SSH = Symbol('Public key SSH');\nconst SYM_DECRYPTED = Symbol('Decrypted Key');\n\n// Create OpenSSL cipher name -> SSH cipher name conversion table\nconst CIPHER_INFO_OPENSSL = Object.create(null);\n{\n  const keys = Object.keys(CIPHER_INFO);\n  for (let i = 0; i < keys.length; ++i) {\n    const cipherName = CIPHER_INFO[keys[i]].sslName;\n    if (!cipherName || CIPHER_INFO_OPENSSL[cipherName])\n      continue;\n    CIPHER_INFO_OPENSSL[cipherName] = CIPHER_INFO[keys[i]];\n  }\n}\n\nconst binaryKeyParser = makeBufferParser();\n\nfunction makePEM(type, data) {\n  data = data.base64Slice(0, data.length);\n  let formatted = data.replace(/.{64}/g, '$&\\n');\n  if (data.length & 63)\n    formatted += '\\n';\n  return `-----BEGIN ${type} KEY-----\\n${formatted}-----END ${type} KEY-----`;\n}\n\nfunction combineBuffers(buf1, buf2) {\n  const result = Buffer.allocUnsafe(buf1.length + buf2.length);\n  result.set(buf1, 0);\n  result.set(buf2, buf1.length);\n  return result;\n}\n\nfunction skipFields(buf, nfields) {\n  const bufLen = buf.length;\n  let pos = (buf._pos || 0);\n  for (let i = 0; i < nfields; ++i) {\n    const left = (bufLen - pos);\n    if (pos >= bufLen || left < 4)\n      return false;\n    const len = readUInt32BE(buf, pos);\n    if (left < 4 + len)\n      return false;\n    pos += 4 + len;\n  }\n  buf._pos = pos;\n  return true;\n}\n\nfunction genOpenSSLRSAPub(n, e) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.2.840.113549.1.1.1'); // rsaEncryption\n      // algorithm parameters (RSA has none)\n      asnWriter.writeNull();\n    asnWriter.endSequence();\n\n    // subjectPublicKey\n    asnWriter.startSequence(Ber.BitString);\n      asnWriter.writeByte(0x00);\n      asnWriter.startSequence();\n        asnWriter.writeBuffer(n, Ber.Integer);\n        asnWriter.writeBuffer(e, Ber.Integer);\n      asnWriter.endSequence();\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHRSAPub(n, e) {\n  const publicKey = Buffer.allocUnsafe(4 + 7 + 4 + e.length + 4 + n.length);\n\n  writeUInt32BE(publicKey, 7, 0);\n  publicKey.utf8Write('ssh-rsa', 4, 7);\n\n  let i = 4 + 7;\n  writeUInt32BE(publicKey, e.length, i);\n  publicKey.set(e, i += 4);\n\n  writeUInt32BE(publicKey, n.length, i += e.length);\n  publicKey.set(n, i + 4);\n\n  return publicKey;\n}\n\nconst genOpenSSLRSAPriv = (() => {\n  function genRSAASN1Buf(n, e, d, p, q, dmp1, dmq1, iqmp) {\n    const asnWriter = new Ber.Writer();\n    asnWriter.startSequence();\n      asnWriter.writeInt(0x00, Ber.Integer);\n      asnWriter.writeBuffer(n, Ber.Integer);\n      asnWriter.writeBuffer(e, Ber.Integer);\n      asnWriter.writeBuffer(d, Ber.Integer);\n      asnWriter.writeBuffer(p, Ber.Integer);\n      asnWriter.writeBuffer(q, Ber.Integer);\n      asnWriter.writeBuffer(dmp1, Ber.Integer);\n      asnWriter.writeBuffer(dmq1, Ber.Integer);\n      asnWriter.writeBuffer(iqmp, Ber.Integer);\n    asnWriter.endSequence();\n    return asnWriter.buffer;\n  }\n\n  function bigIntFromBuffer(buf) {\n    return BigInt(`0x${buf.hexSlice(0, buf.length)}`);\n  }\n\n  function bigIntToBuffer(bn) {\n    let hex = bn.toString(16);\n    if ((hex.length & 1) !== 0) {\n      hex = `0${hex}`;\n    } else {\n      const sigbit = hex.charCodeAt(0);\n      // BER/DER integers require leading zero byte to denote a positive value\n      // when first byte >= 0x80\n      if (sigbit === 56/* '8' */\n          || sigbit === 57/* '9' */\n          || (sigbit >= 97/* 'a' */ && sigbit <= 102/* 'f' */)) {\n        hex = `00${hex}`;\n      }\n    }\n    return Buffer.from(hex, 'hex');\n  }\n\n  return function genOpenSSLRSAPriv(n, e, d, iqmp, p, q) {\n    const bn_d = bigIntFromBuffer(d);\n    const dmp1 = bigIntToBuffer(bn_d % (bigIntFromBuffer(p) - 1n));\n    const dmq1 = bigIntToBuffer(bn_d % (bigIntFromBuffer(q) - 1n));\n    return makePEM('RSA PRIVATE',\n                   genRSAASN1Buf(n, e, d, p, q, dmp1, dmq1, iqmp));\n  };\n})();\n\nfunction genOpenSSLDSAPub(p, q, g, y) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.2.840.10040.4.1'); // id-dsa\n      // algorithm parameters\n      asnWriter.startSequence();\n        asnWriter.writeBuffer(p, Ber.Integer);\n        asnWriter.writeBuffer(q, Ber.Integer);\n        asnWriter.writeBuffer(g, Ber.Integer);\n      asnWriter.endSequence();\n    asnWriter.endSequence();\n\n    // subjectPublicKey\n    asnWriter.startSequence(Ber.BitString);\n      asnWriter.writeByte(0x00);\n      asnWriter.writeBuffer(y, Ber.Integer);\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHDSAPub(p, q, g, y) {\n  const publicKey = Buffer.allocUnsafe(\n    4 + 7 + 4 + p.length + 4 + q.length + 4 + g.length + 4 + y.length\n  );\n\n  writeUInt32BE(publicKey, 7, 0);\n  publicKey.utf8Write('ssh-dss', 4, 7);\n\n  let i = 4 + 7;\n  writeUInt32BE(publicKey, p.length, i);\n  publicKey.set(p, i += 4);\n\n  writeUInt32BE(publicKey, q.length, i += p.length);\n  publicKey.set(q, i += 4);\n\n  writeUInt32BE(publicKey, g.length, i += q.length);\n  publicKey.set(g, i += 4);\n\n  writeUInt32BE(publicKey, y.length, i += g.length);\n  publicKey.set(y, i + 4);\n\n  return publicKey;\n}\n\nfunction genOpenSSLDSAPriv(p, q, g, y, x) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    asnWriter.writeInt(0x00, Ber.Integer);\n    asnWriter.writeBuffer(p, Ber.Integer);\n    asnWriter.writeBuffer(q, Ber.Integer);\n    asnWriter.writeBuffer(g, Ber.Integer);\n    asnWriter.writeBuffer(y, Ber.Integer);\n    asnWriter.writeBuffer(x, Ber.Integer);\n  asnWriter.endSequence();\n  return makePEM('DSA PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLEdPub(pub) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.3.101.112'); // id-Ed25519\n    asnWriter.endSequence();\n\n    // PublicKey\n    asnWriter.startSequence(Ber.BitString);\n      asnWriter.writeByte(0x00);\n      // XXX: hack to write a raw buffer without a tag -- yuck\n      asnWriter._ensure(pub.length);\n      asnWriter._buf.set(pub, asnWriter._offset);\n      asnWriter._offset += pub.length;\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHEdPub(pub) {\n  const publicKey = Buffer.allocUnsafe(4 + 11 + 4 + pub.length);\n\n  writeUInt32BE(publicKey, 11, 0);\n  publicKey.utf8Write('ssh-ed25519', 4, 11);\n\n  writeUInt32BE(publicKey, pub.length, 15);\n  publicKey.set(pub, 19);\n\n  return publicKey;\n}\n\nfunction genOpenSSLEdPriv(priv) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // version\n    asnWriter.writeInt(0x00, Ber.Integer);\n\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.3.101.112'); // id-Ed25519\n    asnWriter.endSequence();\n\n    // PrivateKey\n    asnWriter.startSequence(Ber.OctetString);\n      asnWriter.writeBuffer(priv, Ber.OctetString);\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLECDSAPub(oid, Q) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.2.840.10045.2.1'); // id-ecPublicKey\n      // algorithm parameters (namedCurve)\n      asnWriter.writeOID(oid);\n    asnWriter.endSequence();\n\n    // subjectPublicKey\n    asnWriter.startSequence(Ber.BitString);\n      asnWriter.writeByte(0x00);\n      // XXX: hack to write a raw buffer without a tag -- yuck\n      asnWriter._ensure(Q.length);\n      asnWriter._buf.set(Q, asnWriter._offset);\n      asnWriter._offset += Q.length;\n      // end hack\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHECDSAPub(oid, Q) {\n  let curveName;\n  switch (oid) {\n    case '1.2.840.10045.3.1.7':\n      // prime256v1/secp256r1\n      curveName = 'nistp256';\n      break;\n    case '1.3.132.0.34':\n      // secp384r1\n      curveName = 'nistp384';\n      break;\n    case '1.3.132.0.35':\n      // secp521r1\n      curveName = 'nistp521';\n      break;\n    default:\n      return;\n  }\n\n  const publicKey = Buffer.allocUnsafe(4 + 19 + 4 + 8 + 4 + Q.length);\n\n  writeUInt32BE(publicKey, 19, 0);\n  publicKey.utf8Write(`ecdsa-sha2-${curveName}`, 4, 19);\n\n  writeUInt32BE(publicKey, 8, 23);\n  publicKey.utf8Write(curveName, 27, 8);\n\n  writeUInt32BE(publicKey, Q.length, 35);\n  publicKey.set(Q, 39);\n\n  return publicKey;\n}\n\nfunction genOpenSSLECDSAPriv(oid, pub, priv) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // version\n    asnWriter.writeInt(0x01, Ber.Integer);\n    // privateKey\n    asnWriter.writeBuffer(priv, Ber.OctetString);\n    // parameters (optional)\n    asnWriter.startSequence(0xA0);\n      asnWriter.writeOID(oid);\n    asnWriter.endSequence();\n    // publicKey (optional)\n    asnWriter.startSequence(0xA1);\n      asnWriter.startSequence(Ber.BitString);\n        asnWriter.writeByte(0x00);\n        // XXX: hack to write a raw buffer without a tag -- yuck\n        asnWriter._ensure(pub.length);\n        asnWriter._buf.set(pub, asnWriter._offset);\n        asnWriter._offset += pub.length;\n        // end hack\n      asnWriter.endSequence();\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('EC PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLECDSAPubFromPriv(curveName, priv) {\n  const tempECDH = createECDH(curveName);\n  tempECDH.setPrivateKey(priv);\n  return tempECDH.getPublicKey();\n}\n\nconst BaseKey = {\n  sign: (() => {\n    if (typeof sign_ === 'function') {\n      return function sign(data, algo) {\n        const pem = this[SYM_PRIV_PEM];\n        if (pem === null)\n          return new Error('No private key available');\n        if (!algo || typeof algo !== 'string')\n          algo = this[SYM_HASH_ALGO];\n        try {\n          return sign_(algo, data, pem);\n        } catch (ex) {\n          return ex;\n        }\n      };\n    }\n    return function sign(data, algo) {\n      const pem = this[SYM_PRIV_PEM];\n      if (pem === null)\n        return new Error('No private key available');\n      if (!algo || typeof algo !== 'string')\n        algo = this[SYM_HASH_ALGO];\n      const signature = createSign(algo);\n      signature.update(data);\n      try {\n        return signature.sign(pem);\n      } catch (ex) {\n        return ex;\n      }\n    };\n  })(),\n  verify: (() => {\n    if (typeof verify_ === 'function') {\n      return function verify(data, signature, algo) {\n        const pem = this[SYM_PUB_PEM];\n        if (pem === null)\n          return new Error('No public key available');\n        if (!algo || typeof algo !== 'string')\n          algo = this[SYM_HASH_ALGO];\n        try {\n          return verify_(algo, data, pem, signature);\n        } catch (ex) {\n          return ex;\n        }\n      };\n    }\n    return function verify(data, signature, algo) {\n      const pem = this[SYM_PUB_PEM];\n      if (pem === null)\n        return new Error('No public key available');\n      if (!algo || typeof algo !== 'string')\n        algo = this[SYM_HASH_ALGO];\n      const verifier = createVerify(algo);\n      verifier.update(data);\n      try {\n        return verifier.verify(pem, signature);\n      } catch (ex) {\n        return ex;\n      }\n    };\n  })(),\n  isPrivateKey: function isPrivateKey() {\n    return (this[SYM_PRIV_PEM] !== null);\n  },\n  getPrivatePEM: function getPrivatePEM() {\n    return this[SYM_PRIV_PEM];\n  },\n  getPublicPEM: function getPublicPEM() {\n    return this[SYM_PUB_PEM];\n  },\n  getPublicSSH: function getPublicSSH() {\n    return this[SYM_PUB_SSH];\n  },\n  equals: function equals(key) {\n    const parsed = parseKey(key);\n    if (parsed instanceof Error)\n      return false;\n    return (\n      this.type === parsed.type\n      && this[SYM_PRIV_PEM] === parsed[SYM_PRIV_PEM]\n      && this[SYM_PUB_PEM] === parsed[SYM_PUB_PEM]\n      && this[SYM_PUB_SSH] === parsed[SYM_PUB_SSH]\n    );\n  },\n};\n\n\nfunction OpenSSH_Private(type, comment, privPEM, pubPEM, pubSSH, algo,\n                         decrypted) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = privPEM;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = decrypted;\n}\nOpenSSH_Private.prototype = BaseKey;\n{\n  const regexp = /^-----BEGIN OPENSSH PRIVATE KEY-----(?:\\r\\n|\\n)([\\s\\S]+)(?:\\r\\n|\\n)-----END OPENSSH PRIVATE KEY-----$/;\n  OpenSSH_Private.parse = (str, passphrase) => {\n    const m = regexp.exec(str);\n    if (m === null)\n      return null;\n    let ret;\n    const data = Buffer.from(m[1], 'base64');\n    if (data.length < 31) // magic (+ magic null term.) + minimum field lengths\n      return new Error('Malformed OpenSSH private key');\n    const magic = data.utf8Slice(0, 15);\n    if (magic !== 'openssh-key-v1\\0')\n      return new Error(`Unsupported OpenSSH key magic: ${magic}`);\n\n    const cipherName = readString(data, 15, true);\n    if (cipherName === undefined)\n      return new Error('Malformed OpenSSH private key');\n    if (cipherName !== 'none' && SUPPORTED_CIPHER.indexOf(cipherName) === -1)\n      return new Error(`Unsupported cipher for OpenSSH key: ${cipherName}`);\n\n    const kdfName = readString(data, data._pos, true);\n    if (kdfName === undefined)\n      return new Error('Malformed OpenSSH private key');\n    if (kdfName !== 'none') {\n      if (cipherName === 'none')\n        return new Error('Malformed OpenSSH private key');\n      if (kdfName !== 'bcrypt')\n        return new Error(`Unsupported kdf name for OpenSSH key: ${kdfName}`);\n      if (!passphrase) {\n        return new Error(\n          'Encrypted private OpenSSH key detected, but no passphrase given'\n        );\n      }\n    } else if (cipherName !== 'none') {\n      return new Error('Malformed OpenSSH private key');\n    }\n\n    let encInfo;\n    let cipherKey;\n    let cipherIV;\n    if (cipherName !== 'none')\n      encInfo = CIPHER_INFO[cipherName];\n    const kdfOptions = readString(data, data._pos);\n    if (kdfOptions === undefined)\n      return new Error('Malformed OpenSSH private key');\n    if (kdfOptions.length) {\n      switch (kdfName) {\n        case 'none':\n          return new Error('Malformed OpenSSH private key');\n        case 'bcrypt':\n          /*\n            string salt\n            uint32 rounds\n          */\n          const salt = readString(kdfOptions, 0);\n          if (salt === undefined || kdfOptions._pos + 4 > kdfOptions.length)\n            return new Error('Malformed OpenSSH private key');\n          const rounds = readUInt32BE(kdfOptions, kdfOptions._pos);\n          const gen = Buffer.allocUnsafe(encInfo.keyLen + encInfo.ivLen);\n          const r = bcrypt_pbkdf(passphrase,\n                                 passphrase.length,\n                                 salt,\n                                 salt.length,\n                                 gen,\n                                 gen.length,\n                                 rounds);\n          if (r !== 0)\n            return new Error('Failed to generate information to decrypt key');\n          cipherKey = bufferSlice(gen, 0, encInfo.keyLen);\n          cipherIV = bufferSlice(gen, encInfo.keyLen, gen.length);\n          break;\n      }\n    } else if (kdfName !== 'none') {\n      return new Error('Malformed OpenSSH private key');\n    }\n\n    if (data._pos + 3 >= data.length)\n      return new Error('Malformed OpenSSH private key');\n    const keyCount = readUInt32BE(data, data._pos);\n    data._pos += 4;\n\n    if (keyCount > 0) {\n      // TODO: place sensible limit on max `keyCount`\n\n      // Read public keys first\n      for (let i = 0; i < keyCount; ++i) {\n        const pubData = readString(data, data._pos);\n        if (pubData === undefined)\n          return new Error('Malformed OpenSSH private key');\n        const type = readString(pubData, 0, true);\n        if (type === undefined)\n          return new Error('Malformed OpenSSH private key');\n      }\n\n      let privBlob = readString(data, data._pos);\n      if (privBlob === undefined)\n        return new Error('Malformed OpenSSH private key');\n\n      if (cipherKey !== undefined) {\n        // Encrypted private key(s)\n        if (privBlob.length < encInfo.blockLen\n            || (privBlob.length % encInfo.blockLen) !== 0) {\n          return new Error('Malformed OpenSSH private key');\n        }\n        try {\n          const options = { authTagLength: encInfo.authLen };\n          const decipher = createDecipheriv(encInfo.sslName,\n                                            cipherKey,\n                                            cipherIV,\n                                            options);\n          if (encInfo.authLen > 0) {\n            if (data.length - data._pos < encInfo.authLen)\n              return new Error('Malformed OpenSSH private key');\n            decipher.setAuthTag(\n              bufferSlice(data, data._pos, data._pos += encInfo.authLen)\n            );\n          }\n          privBlob = combineBuffers(decipher.update(privBlob),\n                                    decipher.final());\n        } catch (ex) {\n          return ex;\n        }\n      }\n      // Nothing should we follow the private key(s), except a possible\n      // authentication tag for relevant ciphers\n      if (data._pos !== data.length)\n        return new Error('Malformed OpenSSH private key');\n\n      ret = parseOpenSSHPrivKeys(privBlob, keyCount, cipherKey !== undefined);\n    } else {\n      ret = [];\n    }\n    if (ret instanceof Error)\n      return ret;\n    // This will need to change if/when OpenSSH ever starts storing multiple\n    // keys in their key files\n    return ret[0];\n  };\n\n  function parseOpenSSHPrivKeys(data, nkeys, decrypted) {\n    const keys = [];\n    /*\n      uint32  checkint\n      uint32  checkint\n      string  privatekey1\n      string  comment1\n      string  privatekey2\n      string  comment2\n      ...\n      string  privatekeyN\n      string  commentN\n      char  1\n      char  2\n      char  3\n      ...\n      char  padlen % 255\n    */\n    if (data.length < 8)\n      return new Error('Malformed OpenSSH private key');\n    const check1 = readUInt32BE(data, 0);\n    const check2 = readUInt32BE(data, 4);\n    if (check1 !== check2) {\n      if (decrypted) {\n        return new Error(\n          'OpenSSH key integrity check failed -- bad passphrase?'\n        );\n      }\n      return new Error('OpenSSH key integrity check failed');\n    }\n    data._pos = 8;\n    let i;\n    let oid;\n    for (i = 0; i < nkeys; ++i) {\n      let algo;\n      let privPEM;\n      let pubPEM;\n      let pubSSH;\n      // The OpenSSH documentation for the key format actually lies, the\n      // entirety of the private key content is not contained with a string\n      // field, it's actually the literal contents of the private key, so to be\n      // able to find the end of the key data you need to know the layout/format\n      // of each key type ...\n      const type = readString(data, data._pos, true);\n      if (type === undefined)\n        return new Error('Malformed OpenSSH private key');\n\n      switch (type) {\n        case 'ssh-rsa': {\n          /*\n            string  n -- public\n            string  e -- public\n            string  d -- private\n            string  iqmp -- private\n            string  p -- private\n            string  q -- private\n          */\n          const n = readString(data, data._pos);\n          if (n === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const e = readString(data, data._pos);\n          if (e === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const d = readString(data, data._pos);\n          if (d === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const iqmp = readString(data, data._pos);\n          if (iqmp === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const p = readString(data, data._pos);\n          if (p === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const q = readString(data, data._pos);\n          if (q === undefined)\n            return new Error('Malformed OpenSSH private key');\n\n          pubPEM = genOpenSSLRSAPub(n, e);\n          pubSSH = genOpenSSHRSAPub(n, e);\n          privPEM = genOpenSSLRSAPriv(n, e, d, iqmp, p, q);\n          algo = 'sha1';\n          break;\n        }\n        case 'ssh-dss': {\n          /*\n            string  p -- public\n            string  q -- public\n            string  g -- public\n            string  y -- public\n            string  x -- private\n          */\n          const p = readString(data, data._pos);\n          if (p === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const q = readString(data, data._pos);\n          if (q === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const g = readString(data, data._pos);\n          if (g === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const y = readString(data, data._pos);\n          if (y === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const x = readString(data, data._pos);\n          if (x === undefined)\n            return new Error('Malformed OpenSSH private key');\n\n          pubPEM = genOpenSSLDSAPub(p, q, g, y);\n          pubSSH = genOpenSSHDSAPub(p, q, g, y);\n          privPEM = genOpenSSLDSAPriv(p, q, g, y, x);\n          algo = 'sha1';\n          break;\n        }\n        case 'ssh-ed25519': {\n          if (!eddsaSupported)\n            return new Error(`Unsupported OpenSSH private key type: ${type}`);\n          /*\n            * string  public key\n            * string  private key + public key\n          */\n          const edpub = readString(data, data._pos);\n          if (edpub === undefined || edpub.length !== 32)\n            return new Error('Malformed OpenSSH private key');\n          const edpriv = readString(data, data._pos);\n          if (edpriv === undefined || edpriv.length !== 64)\n            return new Error('Malformed OpenSSH private key');\n\n          pubPEM = genOpenSSLEdPub(edpub);\n          pubSSH = genOpenSSHEdPub(edpub);\n          privPEM = genOpenSSLEdPriv(bufferSlice(edpriv, 0, 32));\n          algo = null;\n          break;\n        }\n        case 'ecdsa-sha2-nistp256':\n          algo = 'sha256';\n          oid = '1.2.840.10045.3.1.7';\n        // FALLTHROUGH\n        case 'ecdsa-sha2-nistp384':\n          if (algo === undefined) {\n            algo = 'sha384';\n            oid = '1.3.132.0.34';\n          }\n        // FALLTHROUGH\n        case 'ecdsa-sha2-nistp521': {\n          if (algo === undefined) {\n            algo = 'sha512';\n            oid = '1.3.132.0.35';\n          }\n          /*\n            string  curve name\n            string  Q -- public\n            string  d -- private\n          */\n          // TODO: validate curve name against type\n          if (!skipFields(data, 1)) // Skip curve name\n            return new Error('Malformed OpenSSH private key');\n          const ecpub = readString(data, data._pos);\n          if (ecpub === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const ecpriv = readString(data, data._pos);\n          if (ecpriv === undefined)\n            return new Error('Malformed OpenSSH private key');\n\n          pubPEM = genOpenSSLECDSAPub(oid, ecpub);\n          pubSSH = genOpenSSHECDSAPub(oid, ecpub);\n          privPEM = genOpenSSLECDSAPriv(oid, ecpub, ecpriv);\n          break;\n        }\n        default:\n          return new Error(`Unsupported OpenSSH private key type: ${type}`);\n      }\n\n      const privComment = readString(data, data._pos, true);\n      if (privComment === undefined)\n        return new Error('Malformed OpenSSH private key');\n\n      keys.push(\n        new OpenSSH_Private(type, privComment, privPEM, pubPEM, pubSSH, algo,\n                            decrypted)\n      );\n    }\n    let cnt = 0;\n    for (i = data._pos; i < data.length; ++i) {\n      if (data[i] !== (++cnt % 255))\n        return new Error('Malformed OpenSSH private key');\n    }\n\n    return keys;\n  }\n}\n\n\nfunction OpenSSH_Old_Private(type, comment, privPEM, pubPEM, pubSSH, algo,\n                             decrypted) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = privPEM;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = decrypted;\n}\nOpenSSH_Old_Private.prototype = BaseKey;\n{\n  const regexp = /^-----BEGIN (RSA|DSA|EC) PRIVATE KEY-----(?:\\r\\n|\\n)((?:[^:]+:\\s*[\\S].*(?:\\r\\n|\\n))*)([\\s\\S]+)(?:\\r\\n|\\n)-----END (RSA|DSA|EC) PRIVATE KEY-----$/;\n  OpenSSH_Old_Private.parse = (str, passphrase) => {\n    const m = regexp.exec(str);\n    if (m === null)\n      return null;\n    let privBlob = Buffer.from(m[3], 'base64');\n    let headers = m[2];\n    let decrypted = false;\n    if (headers !== undefined) {\n      // encrypted key\n      headers = headers.split(/\\r\\n|\\n/g);\n      for (let i = 0; i < headers.length; ++i) {\n        const header = headers[i];\n        let sepIdx = header.indexOf(':');\n        if (header.slice(0, sepIdx) === 'DEK-Info') {\n          const val = header.slice(sepIdx + 2);\n          sepIdx = val.indexOf(',');\n          if (sepIdx === -1)\n            continue;\n          const cipherName = val.slice(0, sepIdx).toLowerCase();\n          if (supportedOpenSSLCiphers.indexOf(cipherName) === -1) {\n            return new Error(\n              `Cipher (${cipherName}) not supported `\n                + 'for encrypted OpenSSH private key'\n            );\n          }\n          const encInfo = CIPHER_INFO_OPENSSL[cipherName];\n          if (!encInfo) {\n            return new Error(\n              `Cipher (${cipherName}) not supported `\n                + 'for encrypted OpenSSH private key'\n            );\n          }\n          const cipherIV = Buffer.from(val.slice(sepIdx + 1), 'hex');\n          if (cipherIV.length !== encInfo.ivLen)\n            return new Error('Malformed encrypted OpenSSH private key');\n          if (!passphrase) {\n            return new Error(\n              'Encrypted OpenSSH private key detected, but no passphrase given'\n            );\n          }\n          const ivSlice = bufferSlice(cipherIV, 0, 8);\n          let cipherKey = createHash('md5')\n                            .update(passphrase)\n                            .update(ivSlice)\n                            .digest();\n          while (cipherKey.length < encInfo.keyLen) {\n            cipherKey = combineBuffers(\n              cipherKey,\n              createHash('md5')\n                .update(cipherKey)\n                .update(passphrase)\n                .update(ivSlice)\n                .digest()\n            );\n          }\n          if (cipherKey.length > encInfo.keyLen)\n            cipherKey = bufferSlice(cipherKey, 0, encInfo.keyLen);\n          try {\n            const decipher = createDecipheriv(cipherName, cipherKey, cipherIV);\n            decipher.setAutoPadding(false);\n            privBlob = combineBuffers(decipher.update(privBlob),\n                                      decipher.final());\n            decrypted = true;\n          } catch (ex) {\n            return ex;\n          }\n        }\n      }\n    }\n\n    let type;\n    let privPEM;\n    let pubPEM;\n    let pubSSH;\n    let algo;\n    let reader;\n    let errMsg = 'Malformed OpenSSH private key';\n    if (decrypted)\n      errMsg += '. Bad passphrase?';\n    switch (m[1]) {\n      case 'RSA':\n        type = 'ssh-rsa';\n        privPEM = makePEM('RSA PRIVATE', privBlob);\n        try {\n          reader = new Ber.Reader(privBlob);\n          reader.readSequence();\n          reader.readInt(); // skip version\n          const n = reader.readString(Ber.Integer, true);\n          if (n === null)\n            return new Error(errMsg);\n          const e = reader.readString(Ber.Integer, true);\n          if (e === null)\n            return new Error(errMsg);\n          pubPEM = genOpenSSLRSAPub(n, e);\n          pubSSH = genOpenSSHRSAPub(n, e);\n        } catch {\n          return new Error(errMsg);\n        }\n        algo = 'sha1';\n        break;\n      case 'DSA':\n        type = 'ssh-dss';\n        privPEM = makePEM('DSA PRIVATE', privBlob);\n        try {\n          reader = new Ber.Reader(privBlob);\n          reader.readSequence();\n          reader.readInt(); // skip version\n          const p = reader.readString(Ber.Integer, true);\n          if (p === null)\n            return new Error(errMsg);\n          const q = reader.readString(Ber.Integer, true);\n          if (q === null)\n            return new Error(errMsg);\n          const g = reader.readString(Ber.Integer, true);\n          if (g === null)\n            return new Error(errMsg);\n          const y = reader.readString(Ber.Integer, true);\n          if (y === null)\n            return new Error(errMsg);\n          pubPEM = genOpenSSLDSAPub(p, q, g, y);\n          pubSSH = genOpenSSHDSAPub(p, q, g, y);\n        } catch {\n          return new Error(errMsg);\n        }\n        algo = 'sha1';\n        break;\n      case 'EC':\n        let ecSSLName;\n        let ecPriv;\n        let ecOID;\n        try {\n          reader = new Ber.Reader(privBlob);\n          reader.readSequence();\n          reader.readInt(); // skip version\n          ecPriv = reader.readString(Ber.OctetString, true);\n          reader.readByte(); // Skip \"complex\" context type byte\n          const offset = reader.readLength(); // Skip context length\n          if (offset !== null) {\n            reader._offset = offset;\n            ecOID = reader.readOID();\n            if (ecOID === null)\n              return new Error(errMsg);\n            switch (ecOID) {\n              case '1.2.840.10045.3.1.7':\n                // prime256v1/secp256r1\n                ecSSLName = 'prime256v1';\n                type = 'ecdsa-sha2-nistp256';\n                algo = 'sha256';\n                break;\n              case '1.3.132.0.34':\n                // secp384r1\n                ecSSLName = 'secp384r1';\n                type = 'ecdsa-sha2-nistp384';\n                algo = 'sha384';\n                break;\n              case '1.3.132.0.35':\n                // secp521r1\n                ecSSLName = 'secp521r1';\n                type = 'ecdsa-sha2-nistp521';\n                algo = 'sha512';\n                break;\n              default:\n                return new Error(`Unsupported private key EC OID: ${ecOID}`);\n            }\n          } else {\n            return new Error(errMsg);\n          }\n        } catch {\n          return new Error(errMsg);\n        }\n        privPEM = makePEM('EC PRIVATE', privBlob);\n        const pubBlob = genOpenSSLECDSAPubFromPriv(ecSSLName, ecPriv);\n        pubPEM = genOpenSSLECDSAPub(ecOID, pubBlob);\n        pubSSH = genOpenSSHECDSAPub(ecOID, pubBlob);\n        break;\n    }\n\n    return new OpenSSH_Old_Private(type, '', privPEM, pubPEM, pubSSH, algo,\n                                   decrypted);\n  };\n}\n\n\nfunction PPK_Private(type, comment, privPEM, pubPEM, pubSSH, algo, decrypted) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = privPEM;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = decrypted;\n}\nPPK_Private.prototype = BaseKey;\n{\n  const EMPTY_PASSPHRASE = Buffer.alloc(0);\n  const PPK_IV = Buffer.from([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]);\n  const PPK_PP1 = Buffer.from([0, 0, 0, 0]);\n  const PPK_PP2 = Buffer.from([0, 0, 0, 1]);\n  const regexp = /^PuTTY-User-Key-File-2: (ssh-(?:rsa|dss))\\r?\\nEncryption: (aes256-cbc|none)\\r?\\nComment: ([^\\r\\n]*)\\r?\\nPublic-Lines: \\d+\\r?\\n([\\s\\S]+?)\\r?\\nPrivate-Lines: \\d+\\r?\\n([\\s\\S]+?)\\r?\\nPrivate-MAC: ([^\\r\\n]+)/;\n  PPK_Private.parse = (str, passphrase) => {\n    const m = regexp.exec(str);\n    if (m === null)\n      return null;\n    // m[1] = key type\n    // m[2] = encryption type\n    // m[3] = comment\n    // m[4] = base64-encoded public key data:\n    //         for \"ssh-rsa\":\n    //          string \"ssh-rsa\"\n    //          mpint  e    (public exponent)\n    //          mpint  n    (modulus)\n    //         for \"ssh-dss\":\n    //          string \"ssh-dss\"\n    //          mpint p     (modulus)\n    //          mpint q     (prime)\n    //          mpint g     (base number)\n    //          mpint y     (public key parameter: g^x mod p)\n    // m[5] = base64-encoded private key data:\n    //         for \"ssh-rsa\":\n    //          mpint  d    (private exponent)\n    //          mpint  p    (prime 1)\n    //          mpint  q    (prime 2)\n    //          mpint  iqmp ([inverse of q] mod p)\n    //         for \"ssh-dss\":\n    //          mpint x     (private key parameter)\n    // m[6] = SHA1 HMAC over:\n    //          string  name of algorithm (\"ssh-dss\", \"ssh-rsa\")\n    //          string  encryption type\n    //          string  comment\n    //          string  public key data\n    //          string  private-plaintext (including the final padding)\n    const cipherName = m[2];\n    const encrypted = (cipherName !== 'none');\n    if (encrypted && !passphrase) {\n      return new Error(\n        'Encrypted PPK private key detected, but no passphrase given'\n      );\n    }\n\n    let privBlob = Buffer.from(m[5], 'base64');\n\n    if (encrypted) {\n      const encInfo = CIPHER_INFO[cipherName];\n      let cipherKey = combineBuffers(\n        createHash('sha1').update(PPK_PP1).update(passphrase).digest(),\n        createHash('sha1').update(PPK_PP2).update(passphrase).digest()\n      );\n      if (cipherKey.length > encInfo.keyLen)\n        cipherKey = bufferSlice(cipherKey, 0, encInfo.keyLen);\n      try {\n        const decipher = createDecipheriv(encInfo.sslName,\n                                        cipherKey,\n                                        PPK_IV);\n        decipher.setAutoPadding(false);\n        privBlob = combineBuffers(decipher.update(privBlob),\n                                  decipher.final());\n      } catch (ex) {\n        return ex;\n      }\n    }\n\n    const type = m[1];\n    const comment = m[3];\n    const pubBlob = Buffer.from(m[4], 'base64');\n\n    const mac = m[6];\n    const typeLen = type.length;\n    const cipherNameLen = cipherName.length;\n    const commentLen = Buffer.byteLength(comment);\n    const pubLen = pubBlob.length;\n    const privLen = privBlob.length;\n    const macData = Buffer.allocUnsafe(4 + typeLen\n                                       + 4 + cipherNameLen\n                                       + 4 + commentLen\n                                       + 4 + pubLen\n                                       + 4 + privLen);\n    let p = 0;\n\n    writeUInt32BE(macData, typeLen, p);\n    macData.utf8Write(type, p += 4, typeLen);\n    writeUInt32BE(macData, cipherNameLen, p += typeLen);\n    macData.utf8Write(cipherName, p += 4, cipherNameLen);\n    writeUInt32BE(macData, commentLen, p += cipherNameLen);\n    macData.utf8Write(comment, p += 4, commentLen);\n    writeUInt32BE(macData, pubLen, p += commentLen);\n    macData.set(pubBlob, p += 4);\n    writeUInt32BE(macData, privLen, p += pubLen);\n    macData.set(privBlob, p + 4);\n\n    if (!passphrase)\n      passphrase = EMPTY_PASSPHRASE;\n\n    const calcMAC = createHmac(\n      'sha1',\n       createHash('sha1')\n         .update('putty-private-key-file-mac-key')\n         .update(passphrase)\n         .digest()\n    ).update(macData).digest('hex');\n\n    if (calcMAC !== mac) {\n      if (encrypted) {\n        return new Error(\n          'PPK private key integrity check failed -- bad passphrase?'\n        );\n      }\n      return new Error('PPK private key integrity check failed');\n    }\n\n    let pubPEM;\n    let pubSSH;\n    let privPEM;\n    pubBlob._pos = 0;\n    skipFields(pubBlob, 1); // skip (duplicate) key type\n    switch (type) {\n      case 'ssh-rsa': {\n        const e = readString(pubBlob, pubBlob._pos);\n        if (e === undefined)\n          return new Error('Malformed PPK public key');\n        const n = readString(pubBlob, pubBlob._pos);\n        if (n === undefined)\n          return new Error('Malformed PPK public key');\n        const d = readString(privBlob, 0);\n        if (d === undefined)\n          return new Error('Malformed PPK private key');\n        const p = readString(privBlob, privBlob._pos);\n        if (p === undefined)\n          return new Error('Malformed PPK private key');\n        const q = readString(privBlob, privBlob._pos);\n        if (q === undefined)\n          return new Error('Malformed PPK private key');\n        const iqmp = readString(privBlob, privBlob._pos);\n        if (iqmp === undefined)\n          return new Error('Malformed PPK private key');\n        pubPEM = genOpenSSLRSAPub(n, e);\n        pubSSH = genOpenSSHRSAPub(n, e);\n        privPEM = genOpenSSLRSAPriv(n, e, d, iqmp, p, q);\n        break;\n      }\n      case 'ssh-dss': {\n        const p = readString(pubBlob, pubBlob._pos);\n        if (p === undefined)\n          return new Error('Malformed PPK public key');\n        const q = readString(pubBlob, pubBlob._pos);\n        if (q === undefined)\n          return new Error('Malformed PPK public key');\n        const g = readString(pubBlob, pubBlob._pos);\n        if (g === undefined)\n          return new Error('Malformed PPK public key');\n        const y = readString(pubBlob, pubBlob._pos);\n        if (y === undefined)\n          return new Error('Malformed PPK public key');\n        const x = readString(privBlob, 0);\n        if (x === undefined)\n          return new Error('Malformed PPK private key');\n\n        pubPEM = genOpenSSLDSAPub(p, q, g, y);\n        pubSSH = genOpenSSHDSAPub(p, q, g, y);\n        privPEM = genOpenSSLDSAPriv(p, q, g, y, x);\n        break;\n      }\n    }\n\n    return new PPK_Private(type, comment, privPEM, pubPEM, pubSSH, 'sha1',\n                           encrypted);\n  };\n}\n\n\nfunction OpenSSH_Public(type, comment, pubPEM, pubSSH, algo) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = null;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = false;\n}\nOpenSSH_Public.prototype = BaseKey;\n{\n  let regexp;\n  if (eddsaSupported)\n    regexp = /^(((?:ssh-(?:rsa|dss|ed25519))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\\s+([\\S].*)?)$/;\n  else\n    regexp = /^(((?:ssh-(?:rsa|dss))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\\s+([\\S].*)?)$/;\n  OpenSSH_Public.parse = (str) => {\n    const m = regexp.exec(str);\n    if (m === null)\n      return null;\n    // m[1] = full type\n    // m[2] = base type\n    // m[3] = base64-encoded public key\n    // m[4] = comment\n\n    const fullType = m[1];\n    const baseType = m[2];\n    const data = Buffer.from(m[3], 'base64');\n    const comment = (m[4] || '');\n\n    const type = readString(data, data._pos, true);\n    if (type === undefined || type.indexOf(baseType) !== 0)\n      return new Error('Malformed OpenSSH public key');\n\n    return parseDER(data, baseType, comment, fullType);\n  };\n}\n\n\nfunction RFC4716_Public(type, comment, pubPEM, pubSSH, algo) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = null;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = false;\n}\nRFC4716_Public.prototype = BaseKey;\n{\n  const regexp = /^---- BEGIN SSH2 PUBLIC KEY ----(?:\\r?\\n)((?:.{0,72}\\r?\\n)+)---- END SSH2 PUBLIC KEY ----$/;\n  const RE_DATA = /^[A-Z0-9a-z/+=\\r\\n]+$/;\n  const RE_HEADER = /^([\\x21-\\x39\\x3B-\\x7E]{1,64}): ((?:[^\\\\]*\\\\\\r?\\n)*[^\\r\\n]+)\\r?\\n/gm;\n  const RE_HEADER_ENDS = /\\\\\\r?\\n/g;\n  RFC4716_Public.parse = (str) => {\n    let m = regexp.exec(str);\n    if (m === null)\n      return null;\n\n    const body = m[1];\n    let dataStart = 0;\n    let comment = '';\n\n    while (m = RE_HEADER.exec(body)) {\n      const headerName = m[1];\n      const headerValue = m[2].replace(RE_HEADER_ENDS, '');\n      if (headerValue.length > 1024) {\n        RE_HEADER.lastIndex = 0;\n        return new Error('Malformed RFC4716 public key');\n      }\n\n      dataStart = RE_HEADER.lastIndex;\n\n      if (headerName.toLowerCase() === 'comment') {\n        comment = headerValue;\n        if (comment.length > 1\n            && comment.charCodeAt(0) === 34/* '\"' */\n            && comment.charCodeAt(comment.length - 1) === 34/* '\"' */) {\n          comment = comment.slice(1, -1);\n        }\n      }\n    }\n\n    let data = body.slice(dataStart);\n    if (!RE_DATA.test(data))\n      return new Error('Malformed RFC4716 public key');\n\n    data = Buffer.from(data, 'base64');\n\n    const type = readString(data, 0, true);\n    if (type === undefined)\n      return new Error('Malformed RFC4716 public key');\n\n    let pubPEM = null;\n    let pubSSH = null;\n    switch (type) {\n      case 'ssh-rsa': {\n        const e = readString(data, data._pos);\n        if (e === undefined)\n          return new Error('Malformed RFC4716 public key');\n        const n = readString(data, data._pos);\n        if (n === undefined)\n          return new Error('Malformed RFC4716 public key');\n        pubPEM = genOpenSSLRSAPub(n, e);\n        pubSSH = genOpenSSHRSAPub(n, e);\n        break;\n      }\n      case 'ssh-dss': {\n        const p = readString(data, data._pos);\n        if (p === undefined)\n          return new Error('Malformed RFC4716 public key');\n        const q = readString(data, data._pos);\n        if (q === undefined)\n          return new Error('Malformed RFC4716 public key');\n        const g = readString(data, data._pos);\n        if (g === undefined)\n          return new Error('Malformed RFC4716 public key');\n        const y = readString(data, data._pos);\n        if (y === undefined)\n          return new Error('Malformed RFC4716 public key');\n        pubPEM = genOpenSSLDSAPub(p, q, g, y);\n        pubSSH = genOpenSSHDSAPub(p, q, g, y);\n        break;\n      }\n      default:\n        return new Error('Malformed RFC4716 public key');\n    }\n\n    return new RFC4716_Public(type, comment, pubPEM, pubSSH, 'sha1');\n  };\n}\n\n\nfunction parseDER(data, baseType, comment, fullType) {\n  if (!isSupportedKeyType(baseType))\n    return new Error(`Unsupported OpenSSH public key type: ${baseType}`);\n\n  let algo;\n  let oid;\n  let pubPEM = null;\n  let pubSSH = null;\n\n  switch (baseType) {\n    case 'ssh-rsa': {\n      const e = readString(data, data._pos || 0);\n      if (e === undefined)\n        return new Error('Malformed OpenSSH public key');\n      const n = readString(data, data._pos);\n      if (n === undefined)\n        return new Error('Malformed OpenSSH public key');\n      pubPEM = genOpenSSLRSAPub(n, e);\n      pubSSH = genOpenSSHRSAPub(n, e);\n      algo = 'sha1';\n      break;\n    }\n    case 'ssh-dss': {\n      const p = readString(data, data._pos || 0);\n      if (p === undefined)\n        return new Error('Malformed OpenSSH public key');\n      const q = readString(data, data._pos);\n      if (q === undefined)\n        return new Error('Malformed OpenSSH public key');\n      const g = readString(data, data._pos);\n      if (g === undefined)\n        return new Error('Malformed OpenSSH public key');\n      const y = readString(data, data._pos);\n      if (y === undefined)\n        return new Error('Malformed OpenSSH public key');\n      pubPEM = genOpenSSLDSAPub(p, q, g, y);\n      pubSSH = genOpenSSHDSAPub(p, q, g, y);\n      algo = 'sha1';\n      break;\n    }\n    case 'ssh-ed25519': {\n      const edpub = readString(data, data._pos || 0);\n      if (edpub === undefined || edpub.length !== 32)\n        return new Error('Malformed OpenSSH public key');\n      pubPEM = genOpenSSLEdPub(edpub);\n      pubSSH = genOpenSSHEdPub(edpub);\n      algo = null;\n      break;\n    }\n    case 'ecdsa-sha2-nistp256':\n      algo = 'sha256';\n      oid = '1.2.840.10045.3.1.7';\n    // FALLTHROUGH\n    case 'ecdsa-sha2-nistp384':\n      if (algo === undefined) {\n        algo = 'sha384';\n        oid = '1.3.132.0.34';\n      }\n    // FALLTHROUGH\n    case 'ecdsa-sha2-nistp521': {\n      if (algo === undefined) {\n        algo = 'sha512';\n        oid = '1.3.132.0.35';\n      }\n      // TODO: validate curve name against type\n      if (!skipFields(data, 1)) // Skip curve name\n        return new Error('Malformed OpenSSH public key');\n      const ecpub = readString(data, data._pos || 0);\n      if (ecpub === undefined)\n        return new Error('Malformed OpenSSH public key');\n      pubPEM = genOpenSSLECDSAPub(oid, ecpub);\n      pubSSH = genOpenSSHECDSAPub(oid, ecpub);\n      break;\n    }\n    default:\n      return new Error(`Unsupported OpenSSH public key type: ${baseType}`);\n  }\n\n  return new OpenSSH_Public(fullType, comment, pubPEM, pubSSH, algo);\n}\n\nfunction isSupportedKeyType(type) {\n  switch (type) {\n    case 'ssh-rsa':\n    case 'ssh-dss':\n    case 'ecdsa-sha2-nistp256':\n    case 'ecdsa-sha2-nistp384':\n    case 'ecdsa-sha2-nistp521':\n      return true;\n    case 'ssh-ed25519':\n      if (eddsaSupported)\n        return true;\n    // FALLTHROUGH\n    default:\n      return false;\n  }\n}\n\nfunction isParsedKey(val) {\n  if (!val)\n    return false;\n  return (typeof val[SYM_DECRYPTED] === 'boolean');\n}\n\nfunction parseKey(data, passphrase) {\n  if (isParsedKey(data))\n    return data;\n\n  let origBuffer;\n  if (Buffer.isBuffer(data)) {\n    origBuffer = data;\n    data = data.utf8Slice(0, data.length).trim();\n  } else if (typeof data === 'string') {\n    data = data.trim();\n  } else {\n    return new Error('Key data must be a Buffer or string');\n  }\n\n  // eslint-disable-next-line eqeqeq\n  if (passphrase != undefined) {\n    if (typeof passphrase === 'string')\n      passphrase = Buffer.from(passphrase);\n    else if (!Buffer.isBuffer(passphrase))\n      return new Error('Passphrase must be a string or Buffer when supplied');\n  }\n\n  let ret;\n\n  // First try as printable string format (e.g. PEM)\n\n  // Private keys\n  if ((ret = OpenSSH_Private.parse(data, passphrase)) !== null)\n    return ret;\n  if ((ret = OpenSSH_Old_Private.parse(data, passphrase)) !== null)\n    return ret;\n  if ((ret = PPK_Private.parse(data, passphrase)) !== null)\n    return ret;\n\n  // Public keys\n  if ((ret = OpenSSH_Public.parse(data)) !== null)\n    return ret;\n  if ((ret = RFC4716_Public.parse(data)) !== null)\n    return ret;\n\n  // Finally try as a binary format if we were originally passed binary data\n  if (origBuffer) {\n    binaryKeyParser.init(origBuffer, 0);\n    const type = binaryKeyParser.readString(true);\n    if (type !== undefined) {\n      data = binaryKeyParser.readRaw();\n      if (data !== undefined) {\n        ret = parseDER(data, type, '', type);\n        // Ignore potentially useless errors in case the data was not actually\n        // in the binary format\n        if (ret instanceof Error)\n          ret = null;\n      }\n    }\n    binaryKeyParser.clear();\n  }\n\n  if (ret)\n    return ret;\n\n  return new Error('Unsupported key format');\n}\n\nmodule.exports = {\n  isParsedKey,\n  isSupportedKeyType,\n  parseDERKey: (data, type) => parseDER(data, type, '', type),\n  parseKey,\n};\n","'use strict';\n\nconst assert = require('assert');\nconst { inspect } = require('util');\n\n// Only use this for integers! Decimal numbers do not work with this function.\nfunction addNumericalSeparator(val) {\n  let res = '';\n  let i = val.length;\n  const start = val[0] === '-' ? 1 : 0;\n  for (; i >= start + 4; i -= 3)\n    res = `_${val.slice(i - 3, i)}${res}`;\n  return `${val.slice(0, i)}${res}`;\n}\n\nfunction oneOf(expected, thing) {\n  assert(typeof thing === 'string', '`thing` has to be of type string');\n  if (Array.isArray(expected)) {\n    const len = expected.length;\n    assert(len > 0, 'At least one expected value needs to be specified');\n    expected = expected.map((i) => String(i));\n    if (len > 2) {\n      return `one of ${thing} ${expected.slice(0, len - 1).join(', ')}, or `\n              + expected[len - 1];\n    } else if (len === 2) {\n      return `one of ${thing} ${expected[0]} or ${expected[1]}`;\n    }\n    return `of ${thing} ${expected[0]}`;\n  }\n  return `of ${thing} ${String(expected)}`;\n}\n\n\nexports.ERR_INTERNAL_ASSERTION = class ERR_INTERNAL_ASSERTION extends Error {\n  constructor(message) {\n    super();\n    Error.captureStackTrace(this, ERR_INTERNAL_ASSERTION);\n\n    const suffix = 'This is caused by either a bug in ssh2 '\n                   + 'or incorrect usage of ssh2 internals.\\n'\n                   + 'Please open an issue with this stack trace at '\n                   + 'https://github.com/mscdex/ssh2/issues\\n';\n\n    this.message = (message === undefined ? suffix : `${message}\\n${suffix}`);\n  }\n};\n\nconst MAX_32BIT_INT = 2 ** 32;\nconst MAX_32BIT_BIGINT = (() => {\n  try {\n    return new Function('return 2n ** 32n')();\n  } catch {}\n})();\nexports.ERR_OUT_OF_RANGE = class ERR_OUT_OF_RANGE extends RangeError {\n  constructor(str, range, input, replaceDefaultBoolean) {\n    super();\n    Error.captureStackTrace(this, ERR_OUT_OF_RANGE);\n\n    assert(range, 'Missing \"range\" argument');\n    let msg = (replaceDefaultBoolean\n               ? str\n               : `The value of \"${str}\" is out of range.`);\n    let received;\n    if (Number.isInteger(input) && Math.abs(input) > MAX_32BIT_INT) {\n      received = addNumericalSeparator(String(input));\n    } else if (typeof input === 'bigint') {\n      received = String(input);\n      if (input > MAX_32BIT_BIGINT || input < -MAX_32BIT_BIGINT)\n        received = addNumericalSeparator(received);\n      received += 'n';\n    } else {\n      received = inspect(input);\n    }\n    msg += ` It must be ${range}. Received ${received}`;\n\n    this.message = msg;\n  }\n};\n\nclass ERR_INVALID_ARG_TYPE extends TypeError {\n  constructor(name, expected, actual) {\n    super();\n    Error.captureStackTrace(this, ERR_INVALID_ARG_TYPE);\n\n    assert(typeof name === 'string', `'name' must be a string`);\n\n    // determiner: 'must be' or 'must not be'\n    let determiner;\n    if (typeof expected === 'string' && expected.startsWith('not ')) {\n      determiner = 'must not be';\n      expected = expected.replace(/^not /, '');\n    } else {\n      determiner = 'must be';\n    }\n\n    let msg;\n    if (name.endsWith(' argument')) {\n      // For cases like 'first argument'\n      msg = `The ${name} ${determiner} ${oneOf(expected, 'type')}`;\n    } else {\n      const type = (name.includes('.') ? 'property' : 'argument');\n      msg = `The \"${name}\" ${type} ${determiner} ${oneOf(expected, 'type')}`;\n    }\n\n    msg += `. Received type ${typeof actual}`;\n\n    this.message = msg;\n  }\n}\nexports.ERR_INVALID_ARG_TYPE = ERR_INVALID_ARG_TYPE;\n\nexports.validateNumber = function validateNumber(value, name) {\n  if (typeof value !== 'number')\n    throw new ERR_INVALID_ARG_TYPE(name, 'number', value);\n};\n","'use strict';\n\nconst Ber = require('asn1').Ber;\n\nlet DISCONNECT_REASON;\n\nconst FastBuffer = Buffer[Symbol.species];\nconst TypedArrayFill = Object.getPrototypeOf(Uint8Array.prototype).fill;\n\nfunction readUInt32BE(buf, offset) {\n  return (buf[offset++] * 16777216)\n         + (buf[offset++] * 65536)\n         + (buf[offset++] * 256)\n         + buf[offset];\n}\n\nfunction bufferCopy(src, dest, srcStart, srcEnd, destStart) {\n  if (!destStart)\n    destStart = 0;\n  if (srcEnd > src.length)\n    srcEnd = src.length;\n  let nb = srcEnd - srcStart;\n  const destLeft = (dest.length - destStart);\n  if (nb > destLeft)\n    nb = destLeft;\n  dest.set(new Uint8Array(src.buffer, src.byteOffset + srcStart, nb),\n           destStart);\n  return nb;\n}\n\nfunction bufferSlice(buf, start, end) {\n  if (end === undefined)\n    end = buf.length;\n  return new FastBuffer(buf.buffer, buf.byteOffset + start, end - start);\n}\n\nfunction makeBufferParser() {\n  let pos = 0;\n  let buffer;\n\n  const self = {\n    init: (buf, start) => {\n      buffer = buf;\n      pos = (typeof start === 'number' ? start : 0);\n    },\n    pos: () => pos,\n    length: () => (buffer ? buffer.length : 0),\n    avail: () => (buffer && pos < buffer.length ? buffer.length - pos : 0),\n    clear: () => {\n      buffer = undefined;\n    },\n    readUInt32BE: () => {\n      if (!buffer || pos + 3 >= buffer.length)\n        return;\n      return (buffer[pos++] * 16777216)\n             + (buffer[pos++] * 65536)\n             + (buffer[pos++] * 256)\n             + buffer[pos++];\n    },\n    readUInt64BE: (behavior) => {\n      if (!buffer || pos + 7 >= buffer.length)\n        return;\n      switch (behavior) {\n        case 'always':\n          return BigInt(`0x${buffer.hexSlice(pos, pos += 8)}`);\n        case 'maybe':\n          if (buffer[pos] > 0x1F)\n            return BigInt(`0x${buffer.hexSlice(pos, pos += 8)}`);\n          // FALLTHROUGH\n        default:\n          return (buffer[pos++] * 72057594037927940)\n                 + (buffer[pos++] * 281474976710656)\n                 + (buffer[pos++] * 1099511627776)\n                 + (buffer[pos++] * 4294967296)\n                 + (buffer[pos++] * 16777216)\n                 + (buffer[pos++] * 65536)\n                 + (buffer[pos++] * 256)\n                 + buffer[pos++];\n      }\n    },\n    skip: (n) => {\n      if (buffer && n > 0)\n        pos += n;\n    },\n    skipString: () => {\n      const len = self.readUInt32BE();\n      if (len === undefined)\n        return;\n      pos += len;\n      return (pos <= buffer.length ? len : undefined);\n    },\n    readByte: () => {\n      if (buffer && pos < buffer.length)\n        return buffer[pos++];\n    },\n    readBool: () => {\n      if (buffer && pos < buffer.length)\n        return !!buffer[pos++];\n    },\n    readList: () => {\n      const list = self.readString(true);\n      if (list === undefined)\n        return;\n      return (list ? list.split(',') : []);\n    },\n    readString: (dest, maxLen) => {\n      if (typeof dest === 'number') {\n        maxLen = dest;\n        dest = undefined;\n      }\n\n      const len = self.readUInt32BE();\n      if (len === undefined)\n        return;\n\n      if ((buffer.length - pos) < len\n          || (typeof maxLen === 'number' && len > maxLen)) {\n        return;\n      }\n\n      if (dest) {\n        if (Buffer.isBuffer(dest))\n          return bufferCopy(buffer, dest, pos, pos += len);\n        return buffer.utf8Slice(pos, pos += len);\n      }\n      return bufferSlice(buffer, pos, pos += len);\n    },\n    readRaw: (len) => {\n      if (!buffer)\n        return;\n      if (typeof len !== 'number')\n        return bufferSlice(buffer, pos, pos += (buffer.length - pos));\n      if ((buffer.length - pos) >= len)\n        return bufferSlice(buffer, pos, pos += len);\n    },\n  };\n\n  return self;\n}\n\nfunction makeError(msg, level, fatal) {\n  const err = new Error(msg);\n  if (typeof level === 'boolean') {\n    fatal = level;\n    err.level = 'protocol';\n  } else {\n    err.level = level || 'protocol';\n  }\n  err.fatal = !!fatal;\n  return err;\n}\n\nfunction writeUInt32BE(buf, value, offset) {\n  buf[offset++] = (value >>> 24);\n  buf[offset++] = (value >>> 16);\n  buf[offset++] = (value >>> 8);\n  buf[offset++] = value;\n  return offset;\n}\n\nconst utilBufferParser = makeBufferParser();\n\nmodule.exports = {\n  bufferCopy,\n  bufferSlice,\n  FastBuffer,\n  bufferFill: (buf, value, start, end) => {\n    return TypedArrayFill.call(buf, value, start, end);\n  },\n  makeError,\n  doFatalError: (protocol, msg, level, reason) => {\n    let err;\n    if (DISCONNECT_REASON === undefined)\n      ({ DISCONNECT_REASON } = require('./constants.js'));\n    if (msg instanceof Error) {\n      // doFatalError(protocol, err[, reason])\n      err = msg;\n      if (typeof level !== 'number')\n        reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n      else\n        reason = level;\n    } else {\n      // doFatalError(protocol, msg[, level[, reason]])\n      err = makeError(msg, level, true);\n    }\n    if (typeof reason !== 'number')\n      reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n    protocol.disconnect(reason);\n    protocol._destruct();\n    protocol._onError(err);\n    return Infinity;\n  },\n  readUInt32BE,\n  writeUInt32BE,\n  writeUInt32LE: (buf, value, offset) => {\n    buf[offset++] = value;\n    buf[offset++] = (value >>> 8);\n    buf[offset++] = (value >>> 16);\n    buf[offset++] = (value >>> 24);\n    return offset;\n  },\n  makeBufferParser,\n  bufferParser: makeBufferParser(),\n  readString: (buffer, start, dest, maxLen) => {\n    if (typeof dest === 'number') {\n      maxLen = dest;\n      dest = undefined;\n    }\n\n    if (start === undefined)\n      start = 0;\n\n    const left = (buffer.length - start);\n    if (start < 0 || start >= buffer.length || left < 4)\n      return;\n\n    const len = readUInt32BE(buffer, start);\n    if (left < (4 + len) || (typeof maxLen === 'number' && len > maxLen))\n      return;\n\n    start += 4;\n    const end = start + len;\n    buffer._pos = end;\n\n    if (dest) {\n      if (Buffer.isBuffer(dest))\n        return bufferCopy(buffer, dest, start, end);\n      return buffer.utf8Slice(start, end);\n    }\n    return bufferSlice(buffer, start, end);\n  },\n  sigSSHToASN1: (sig, type) => {\n    switch (type) {\n      case 'ssh-dss': {\n        if (sig.length > 40)\n          return sig;\n        // Change bare signature r and s values to ASN.1 BER values for OpenSSL\n        const asnWriter = new Ber.Writer();\n        asnWriter.startSequence();\n        let r = sig.slice(0, 20);\n        let s = sig.slice(20);\n        if (r[0] & 0x80) {\n          const rNew = Buffer.allocUnsafe(21);\n          rNew[0] = 0x00;\n          r.copy(rNew, 1);\n          r = rNew;\n        } else if (r[0] === 0x00 && !(r[1] & 0x80)) {\n          r = r.slice(1);\n        }\n        if (s[0] & 0x80) {\n          const sNew = Buffer.allocUnsafe(21);\n          sNew[0] = 0x00;\n          s.copy(sNew, 1);\n          s = sNew;\n        } else if (s[0] === 0x00 && !(s[1] & 0x80)) {\n          s = s.slice(1);\n        }\n        asnWriter.writeBuffer(r, Ber.Integer);\n        asnWriter.writeBuffer(s, Ber.Integer);\n        asnWriter.endSequence();\n        return asnWriter.buffer;\n      }\n      case 'ecdsa-sha2-nistp256':\n      case 'ecdsa-sha2-nistp384':\n      case 'ecdsa-sha2-nistp521': {\n        utilBufferParser.init(sig, 0);\n        const r = utilBufferParser.readString();\n        const s = utilBufferParser.readString();\n        utilBufferParser.clear();\n        if (r === undefined || s === undefined)\n          return;\n\n        const asnWriter = new Ber.Writer();\n        asnWriter.startSequence();\n        asnWriter.writeBuffer(r, Ber.Integer);\n        asnWriter.writeBuffer(s, Ber.Integer);\n        asnWriter.endSequence();\n        return asnWriter.buffer;\n      }\n      default:\n        return sig;\n    }\n  },\n  convertSignature: (signature, keyType) => {\n    switch (keyType) {\n      case 'ssh-dss': {\n        if (signature.length <= 40)\n          return signature;\n        // This is a quick and dirty way to get from BER encoded r and s that\n        // OpenSSL gives us, to just the bare values back to back (40 bytes\n        // total) like OpenSSH (and possibly others) are expecting\n        const asnReader = new Ber.Reader(signature);\n        asnReader.readSequence();\n        let r = asnReader.readString(Ber.Integer, true);\n        let s = asnReader.readString(Ber.Integer, true);\n        let rOffset = 0;\n        let sOffset = 0;\n        if (r.length < 20) {\n          const rNew = Buffer.allocUnsafe(20);\n          rNew.set(r, 1);\n          r = rNew;\n          r[0] = 0;\n        }\n        if (s.length < 20) {\n          const sNew = Buffer.allocUnsafe(20);\n          sNew.set(s, 1);\n          s = sNew;\n          s[0] = 0;\n        }\n        if (r.length > 20 && r[0] === 0)\n          rOffset = 1;\n        if (s.length > 20 && s[0] === 0)\n          sOffset = 1;\n        const newSig =\n          Buffer.allocUnsafe((r.length - rOffset) + (s.length - sOffset));\n        bufferCopy(r, newSig, rOffset, r.length, 0);\n        bufferCopy(s, newSig, sOffset, s.length, r.length - rOffset);\n        return newSig;\n      }\n      case 'ecdsa-sha2-nistp256':\n      case 'ecdsa-sha2-nistp384':\n      case 'ecdsa-sha2-nistp521': {\n        if (signature[0] === 0)\n          return signature;\n        // Convert SSH signature parameters to ASN.1 BER values for OpenSSL\n        const asnReader = new Ber.Reader(signature);\n        asnReader.readSequence();\n        const r = asnReader.readString(Ber.Integer, true);\n        const s = asnReader.readString(Ber.Integer, true);\n        if (r === null || s === null)\n          return;\n        const newSig = Buffer.allocUnsafe(4 + r.length + 4 + s.length);\n        writeUInt32BE(newSig, r.length, 0);\n        newSig.set(r, 4);\n        writeUInt32BE(newSig, s.length, 4 + r.length);\n        newSig.set(s, 4 + 4 + r.length);\n        return newSig;\n      }\n    }\n\n    return signature;\n  },\n  sendPacket: (proto, packet, bypass) => {\n    if (!bypass && proto._kexinit !== undefined) {\n      // We're currently in the middle of a handshake\n\n      if (proto._queue === undefined)\n        proto._queue = [];\n      proto._queue.push(packet);\n      proto._debug && proto._debug('Outbound: ... packet queued');\n      return false;\n    }\n    proto._cipher.encrypt(packet);\n    return true;\n  },\n};\n","'use strict';\n\nconst { kMaxLength } = require('buffer');\nconst {\n  createInflate,\n  constants: {\n    DEFLATE,\n    INFLATE,\n    Z_DEFAULT_CHUNK,\n    Z_DEFAULT_COMPRESSION,\n    Z_DEFAULT_MEMLEVEL,\n    Z_DEFAULT_STRATEGY,\n    Z_DEFAULT_WINDOWBITS,\n    Z_PARTIAL_FLUSH,\n  }\n} = require('zlib');\nconst ZlibHandle = createInflate()._handle.constructor;\n\nfunction processCallback() {\n  throw new Error('Should not get here');\n}\n\nfunction zlibOnError(message, errno, code) {\n  const self = this._owner;\n  // There is no way to cleanly recover.\n  // Continuing only obscures problems.\n\n  const error = new Error(message);\n  error.errno = errno;\n  error.code = code;\n  self._err = error;\n}\n\nfunction _close(engine) {\n  // Caller may invoke .close after a zlib error (which will null _handle).\n  if (!engine._handle)\n    return;\n\n  engine._handle.close();\n  engine._handle = null;\n}\n\nclass Zlib {\n  constructor(mode) {\n    const windowBits = Z_DEFAULT_WINDOWBITS;\n    const level = Z_DEFAULT_COMPRESSION;\n    const memLevel = Z_DEFAULT_MEMLEVEL;\n    const strategy = Z_DEFAULT_STRATEGY;\n    const dictionary = undefined;\n\n    this._err = undefined;\n    this._writeState = new Uint32Array(2);\n    this._chunkSize = Z_DEFAULT_CHUNK;\n    this._maxOutputLength = kMaxLength;\n    this._outBuffer = Buffer.allocUnsafe(this._chunkSize);\n    this._outOffset = 0;\n\n    this._handle = new ZlibHandle(mode);\n    this._handle._owner = this;\n    this._handle.onerror = zlibOnError;\n    this._handle.init(windowBits,\n                      level,\n                      memLevel,\n                      strategy,\n                      this._writeState,\n                      processCallback,\n                      dictionary);\n  }\n\n  writeSync(chunk, retChunks) {\n    const handle = this._handle;\n    if (!handle)\n      throw new Error('Invalid Zlib instance');\n\n    let availInBefore = chunk.length;\n    let availOutBefore = this._chunkSize - this._outOffset;\n    let inOff = 0;\n    let availOutAfter;\n    let availInAfter;\n\n    let buffers;\n    let nread = 0;\n    const state = this._writeState;\n    let buffer = this._outBuffer;\n    let offset = this._outOffset;\n    const chunkSize = this._chunkSize;\n\n    while (true) {\n      handle.writeSync(Z_PARTIAL_FLUSH,\n                       chunk, // in\n                       inOff, // in_off\n                       availInBefore, // in_len\n                       buffer, // out\n                       offset, // out_off\n                       availOutBefore); // out_len\n      if (this._err)\n        throw this._err;\n\n      availOutAfter = state[0];\n      availInAfter = state[1];\n\n      const inDelta = availInBefore - availInAfter;\n      const have = availOutBefore - availOutAfter;\n\n      if (have > 0) {\n        const out = (offset === 0 && have === buffer.length\n                     ? buffer\n                     : buffer.slice(offset, offset + have));\n        offset += have;\n        if (!buffers)\n          buffers = out;\n        else if (buffers.push === undefined)\n          buffers = [buffers, out];\n        else\n          buffers.push(out);\n        nread += out.byteLength;\n\n        if (nread > this._maxOutputLength) {\n          _close(this);\n          throw new Error(\n            `Output length exceeded maximum of ${this._maxOutputLength}`\n          );\n        }\n      } else if (have !== 0) {\n        throw new Error('have should not go down');\n      }\n\n      // Exhausted the output buffer, or used all the input create a new one.\n      if (availOutAfter === 0 || offset >= chunkSize) {\n        availOutBefore = chunkSize;\n        offset = 0;\n        buffer = Buffer.allocUnsafe(chunkSize);\n      }\n\n      if (availOutAfter === 0) {\n        // Not actually done. Need to reprocess.\n        // Also, update the availInBefore to the availInAfter value,\n        // so that if we have to hit it a third (fourth, etc.) time,\n        // it'll have the correct byte counts.\n        inOff += inDelta;\n        availInBefore = availInAfter;\n      } else {\n        break;\n      }\n    }\n\n    this._outBuffer = buffer;\n    this._outOffset = offset;\n\n    if (nread === 0)\n      buffers = Buffer.alloc(0);\n\n    if (retChunks) {\n      buffers.totalLen = nread;\n      return buffers;\n    }\n\n    if (buffers.push === undefined)\n      return buffers;\n\n    const output = Buffer.allocUnsafe(nread);\n    for (let i = 0, p = 0; i < buffers.length; ++i) {\n      const buf = buffers[i];\n      output.set(buf, p);\n      p += buf.length;\n    }\n    return output;\n  }\n}\n\nclass ZlibPacketWriter {\n  constructor(protocol) {\n    this.allocStart = 0;\n    this.allocStartKEX = 0;\n    this._protocol = protocol;\n    this._zlib = new Zlib(DEFLATE);\n  }\n\n  cleanup() {\n    if (this._zlib)\n      _close(this._zlib);\n  }\n\n  alloc(payloadSize, force) {\n    return Buffer.allocUnsafe(payloadSize);\n  }\n\n  finalize(payload, force) {\n    if (this._protocol._kexinit === undefined || force) {\n      const output = this._zlib.writeSync(payload, true);\n      const packet = this._protocol._cipher.allocPacket(output.totalLen);\n      if (output.push === undefined) {\n        packet.set(output, 5);\n      } else {\n        for (let i = 0, p = 5; i < output.length; ++i) {\n          const chunk = output[i];\n          packet.set(chunk, p);\n          p += chunk.length;\n        }\n      }\n      return packet;\n    }\n    return payload;\n  }\n}\n\nclass PacketWriter {\n  constructor(protocol) {\n    this.allocStart = 5;\n    this.allocStartKEX = 5;\n    this._protocol = protocol;\n  }\n\n  cleanup() {}\n\n  alloc(payloadSize, force) {\n    if (this._protocol._kexinit === undefined || force)\n      return this._protocol._cipher.allocPacket(payloadSize);\n    return Buffer.allocUnsafe(payloadSize);\n  }\n\n  finalize(packet, force) {\n    return packet;\n  }\n}\n\nclass ZlibPacketReader {\n  constructor() {\n    this._zlib = new Zlib(INFLATE);\n  }\n\n  cleanup() {\n    if (this._zlib)\n      _close(this._zlib);\n  }\n\n  read(data) {\n    return this._zlib.writeSync(data, false);\n  }\n}\n\nclass PacketReader {\n  cleanup() {}\n\n  read(data) {\n    return data;\n  }\n}\n\nmodule.exports = {\n  PacketReader,\n  PacketWriter,\n  ZlibPacketReader,\n  ZlibPacketWriter,\n};\n","// TODO:\n//   * convert listenerCount() usage to emit() return value checking?\n//   * emit error when connection severed early (e.g. before handshake)\n//   * add '.connected' or similar property to connection objects to allow\n//     immediate connection status checking\n'use strict';\n\nconst { Server: netServer } = require('net');\nconst EventEmitter = require('events');\nconst { listenerCount } = EventEmitter;\n\nconst {\n  CHANNEL_OPEN_FAILURE,\n  DEFAULT_CIPHER,\n  DEFAULT_COMPRESSION,\n  DEFAULT_KEX,\n  DEFAULT_MAC,\n  DEFAULT_SERVER_HOST_KEY,\n  DISCONNECT_REASON,\n  DISCONNECT_REASON_BY_VALUE,\n  SUPPORTED_CIPHER,\n  SUPPORTED_COMPRESSION,\n  SUPPORTED_KEX,\n  SUPPORTED_MAC,\n  SUPPORTED_SERVER_HOST_KEY,\n} = require('./protocol/constants.js');\nconst { init: cryptoInit } = require('./protocol/crypto.js');\nconst { KexInit } = require('./protocol/kex.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst Protocol = require('./protocol/Protocol.js');\nconst { SFTP } = require('./protocol/SFTP.js');\nconst { writeUInt32BE } = require('./protocol/utils.js');\n\nconst {\n  Channel,\n  MAX_WINDOW,\n  PACKET_SIZE,\n  windowAdjust,\n  WINDOW_THRESHOLD,\n} = require('./Channel.js');\n\nconst {\n  ChannelManager,\n  generateAlgorithmList,\n  isWritable,\n  onChannelOpenFailure,\n  onCHANNEL_CLOSE,\n} = require('./utils.js');\n\nconst MAX_PENDING_AUTHS = 10;\n\nclass AuthContext extends EventEmitter {\n  constructor(protocol, username, service, method, cb) {\n    super();\n\n    this.username = this.user = username;\n    this.service = service;\n    this.method = method;\n    this._initialResponse = false;\n    this._finalResponse = false;\n    this._multistep = false;\n    this._cbfinal = (allowed, methodsLeft, isPartial) => {\n      if (!this._finalResponse) {\n        this._finalResponse = true;\n        cb(this, allowed, methodsLeft, isPartial);\n      }\n    };\n    this._protocol = protocol;\n  }\n\n  accept() {\n    this._cleanup && this._cleanup();\n    this._initialResponse = true;\n    this._cbfinal(true);\n  }\n  reject(methodsLeft, isPartial) {\n    this._cleanup && this._cleanup();\n    this._initialResponse = true;\n    this._cbfinal(false, methodsLeft, isPartial);\n  }\n}\n\n\nclass KeyboardAuthContext extends AuthContext {\n  constructor(protocol, username, service, method, submethods, cb) {\n    super(protocol, username, service, method, cb);\n\n    this._multistep = true;\n\n    this._cb = undefined;\n    this._onInfoResponse = (responses) => {\n      const callback = this._cb;\n      if (callback) {\n        this._cb = undefined;\n        callback(responses);\n      }\n    };\n    this.submethods = submethods;\n    this.on('abort', () => {\n      this._cb && this._cb(new Error('Authentication request aborted'));\n    });\n  }\n\n  prompt(prompts, title, instructions, cb) {\n    if (!Array.isArray(prompts))\n      prompts = [ prompts ];\n\n    if (typeof title === 'function') {\n      cb = title;\n      title = instructions = undefined;\n    } else if (typeof instructions === 'function') {\n      cb = instructions;\n      instructions = undefined;\n    } else if (typeof cb !== 'function') {\n      cb = undefined;\n    }\n\n    for (let i = 0; i < prompts.length; ++i) {\n      if (typeof prompts[i] === 'string') {\n        prompts[i] = {\n          prompt: prompts[i],\n          echo: true\n        };\n      }\n    }\n\n    this._cb = cb;\n    this._initialResponse = true;\n\n    this._protocol.authInfoReq(title, instructions, prompts);\n  }\n}\n\nclass PKAuthContext extends AuthContext {\n  constructor(protocol, username, service, method, pkInfo, cb) {\n    super(protocol, username, service, method, cb);\n\n    this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key };\n    this.signature = pkInfo.signature;\n    this.blob = pkInfo.blob;\n  }\n\n  accept() {\n    if (!this.signature) {\n      this._initialResponse = true;\n      this._protocol.authPKOK(this.key.algo, this.key.data);\n    } else {\n      AuthContext.prototype.accept.call(this);\n    }\n  }\n}\n\nclass HostbasedAuthContext extends AuthContext {\n  constructor(protocol, username, service, method, pkInfo, cb) {\n    super(protocol, username, service, method, cb);\n\n    this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key };\n    this.signature = pkInfo.signature;\n    this.blob = pkInfo.blob;\n    this.localHostname = pkInfo.localHostname;\n    this.localUsername = pkInfo.localUsername;\n  }\n}\n\nclass PwdAuthContext extends AuthContext {\n  constructor(protocol, username, service, method, password, cb) {\n    super(protocol, username, service, method, cb);\n\n    this.password = password;\n    this._changeCb = undefined;\n  }\n\n  requestChange(prompt, cb) {\n    if (this._changeCb)\n      throw new Error('Change request already in progress');\n    if (typeof prompt !== 'string')\n      throw new Error('prompt argument must be a string');\n    if (typeof cb !== 'function')\n      throw new Error('Callback argument must be a function');\n    this._changeCb = cb;\n    this._protocol.authPasswdChg(prompt);\n  }\n}\n\n\nclass Session extends EventEmitter {\n  constructor(client, info, localChan) {\n    super();\n\n    this.type = 'session';\n    this.subtype = undefined;\n    this.server = true;\n    this._ending = false;\n    this._channel = undefined;\n    this._chanInfo = {\n      type: 'session',\n      incoming: {\n        id: localChan,\n        window: MAX_WINDOW,\n        packetSize: PACKET_SIZE,\n        state: 'open'\n      },\n      outgoing: {\n        id: info.sender,\n        window: info.window,\n        packetSize: info.packetSize,\n        state: 'open'\n      }\n    };\n  }\n}\n\n\nclass Server extends EventEmitter {\n  constructor(cfg, listener) {\n    super();\n\n    if (typeof cfg !== 'object' || cfg === null)\n      throw new Error('Missing configuration object');\n\n    const hostKeys = Object.create(null);\n    const hostKeyAlgoOrder = [];\n\n    const hostKeys_ = cfg.hostKeys;\n    if (!Array.isArray(hostKeys_))\n      throw new Error('hostKeys must be an array');\n\n    const cfgAlgos = (\n      typeof cfg.algorithms === 'object' && cfg.algorithms !== null\n      ? cfg.algorithms\n      : {}\n    );\n\n    const hostKeyAlgos = generateAlgorithmList(\n      cfgAlgos.serverHostKey,\n      DEFAULT_SERVER_HOST_KEY,\n      SUPPORTED_SERVER_HOST_KEY\n    );\n    for (let i = 0; i < hostKeys_.length; ++i) {\n      let privateKey;\n      if (Buffer.isBuffer(hostKeys_[i]) || typeof hostKeys_[i] === 'string')\n        privateKey = parseKey(hostKeys_[i]);\n      else\n        privateKey = parseKey(hostKeys_[i].key, hostKeys_[i].passphrase);\n\n      if (privateKey instanceof Error)\n        throw new Error(`Cannot parse privateKey: ${privateKey.message}`);\n\n      if (Array.isArray(privateKey)) {\n        // OpenSSH's newer format only stores 1 key for now\n        privateKey = privateKey[0];\n      }\n\n      if (privateKey.getPrivatePEM() === null)\n        throw new Error('privateKey value contains an invalid private key');\n\n      // Discard key if we already found a key of the same type\n      if (hostKeyAlgoOrder.includes(privateKey.type))\n        continue;\n\n      if (privateKey.type === 'ssh-rsa') {\n        // SSH supports multiple signature hashing algorithms for RSA, so we add\n        // the algorithms in the desired order\n        let sha1Pos = hostKeyAlgos.indexOf('ssh-rsa');\n        const sha256Pos = hostKeyAlgos.indexOf('rsa-sha2-256');\n        const sha512Pos = hostKeyAlgos.indexOf('rsa-sha2-512');\n        if (sha1Pos === -1) {\n          // Fall back to giving SHA1 the lowest priority\n          sha1Pos = Infinity;\n        }\n        [sha1Pos, sha256Pos, sha512Pos].sort(compareNumbers).forEach((pos) => {\n          if (pos === -1)\n            return;\n\n          let type;\n          switch (pos) {\n            case sha1Pos: type = 'ssh-rsa'; break;\n            case sha256Pos: type = 'rsa-sha2-256'; break;\n            case sha512Pos: type = 'rsa-sha2-512'; break;\n            default: return;\n          }\n\n          // Store same RSA key under each hash algorithm name for convenience\n          hostKeys[type] = privateKey;\n\n          hostKeyAlgoOrder.push(type);\n        });\n      } else {\n        hostKeys[privateKey.type] = privateKey;\n        hostKeyAlgoOrder.push(privateKey.type);\n      }\n    }\n\n    const algorithms = {\n      kex: generateAlgorithmList(cfgAlgos.kex, DEFAULT_KEX, SUPPORTED_KEX),\n      serverHostKey: hostKeyAlgoOrder,\n      cs: {\n        cipher: generateAlgorithmList(\n                  cfgAlgos.cipher,\n                  DEFAULT_CIPHER,\n                  SUPPORTED_CIPHER\n                ),\n        mac: generateAlgorithmList(cfgAlgos.hmac, DEFAULT_MAC, SUPPORTED_MAC),\n        compress: generateAlgorithmList(\n                    cfgAlgos.compress,\n                    DEFAULT_COMPRESSION,\n                    SUPPORTED_COMPRESSION\n                  ),\n        lang: [],\n      },\n      sc: undefined,\n    };\n    algorithms.sc = algorithms.cs;\n\n    if (typeof listener === 'function')\n      this.on('connection', listener);\n\n    const origDebug = (typeof cfg.debug === 'function' ? cfg.debug : undefined);\n    const ident = (cfg.ident ? Buffer.from(cfg.ident) : undefined);\n    const offer = new KexInit(algorithms);\n\n    this._srv = new netServer((socket) => {\n      if (this._connections >= this.maxConnections) {\n        socket.destroy();\n        return;\n      }\n      ++this._connections;\n      socket.once('close', () => {\n        --this._connections;\n      });\n\n      let debug;\n      if (origDebug) {\n        // Prepend debug output with a unique identifier in case there are\n        // multiple clients connected at the same time\n        const debugPrefix = `[${process.hrtime().join('.')}] `;\n        debug = (msg) => {\n          origDebug(`${debugPrefix}${msg}`);\n        };\n      }\n\n      // eslint-disable-next-line no-use-before-define\n      new Client(socket, hostKeys, ident, offer, debug, this, cfg);\n    }).on('error', (err) => {\n      this.emit('error', err);\n    }).on('listening', () => {\n      this.emit('listening');\n    }).on('close', () => {\n      this.emit('close');\n    });\n    this._connections = 0;\n    this.maxConnections = Infinity;\n  }\n\n  injectSocket(socket) {\n    this._srv.emit('connection', socket);\n  }\n\n  listen(...args) {\n    this._srv.listen(...args);\n    return this;\n  }\n\n  address() {\n    return this._srv.address();\n  }\n\n  getConnections(cb) {\n    this._srv.getConnections(cb);\n    return this;\n  }\n\n  close(cb) {\n    this._srv.close(cb);\n    return this;\n  }\n\n  ref() {\n    this._srv.ref();\n    return this;\n  }\n\n  unref() {\n    this._srv.unref();\n    return this;\n  }\n}\nServer.KEEPALIVE_CLIENT_INTERVAL = 15000;\nServer.KEEPALIVE_CLIENT_COUNT_MAX = 3;\n\n\nclass Client extends EventEmitter {\n  constructor(socket, hostKeys, ident, offer, debug, server, srvCfg) {\n    super();\n\n    let exchanges = 0;\n    let acceptedAuthSvc = false;\n    let pendingAuths = [];\n    let authCtx;\n    let kaTimer;\n    let onPacket;\n    const unsentGlobalRequestsReplies = [];\n    this._sock = socket;\n    this._chanMgr = new ChannelManager(this);\n    this._debug = debug;\n    this.noMoreSessions = false;\n    this.authenticated = false;\n\n    // Silence pre-header errors\n    function onClientPreHeaderError(err) {}\n    this.on('error', onClientPreHeaderError);\n\n    const DEBUG_HANDLER = (!debug ? undefined : (p, display, msg) => {\n      debug(`Debug output from client: ${JSON.stringify(msg)}`);\n    });\n\n    const kaIntvl = (\n      typeof srvCfg.keepaliveInterval === 'number'\n        && isFinite(srvCfg.keepaliveInterval)\n        && srvCfg.keepaliveInterval > 0\n      ? srvCfg.keepaliveInterval\n      : (\n        typeof Server.KEEPALIVE_CLIENT_INTERVAL === 'number'\n          && isFinite(Server.KEEPALIVE_CLIENT_INTERVAL)\n          && Server.KEEPALIVE_CLIENT_INTERVAL > 0\n        ? Server.KEEPALIVE_CLIENT_INTERVAL\n        : -1\n      )\n    );\n    const kaCountMax = (\n      typeof srvCfg.keepaliveCountMax === 'number'\n        && isFinite(srvCfg.keepaliveCountMax)\n        && srvCfg.keepaliveCountMax >= 0\n      ? srvCfg.keepaliveCountMax\n      : (\n        typeof Server.KEEPALIVE_CLIENT_COUNT_MAX === 'number'\n          && isFinite(Server.KEEPALIVE_CLIENT_COUNT_MAX)\n          && Server.KEEPALIVE_CLIENT_COUNT_MAX >= 0\n        ? Server.KEEPALIVE_CLIENT_COUNT_MAX\n        : -1\n      )\n    );\n    let kaCurCount = 0;\n    if (kaIntvl !== -1 && kaCountMax !== -1) {\n      this.once('ready', () => {\n        const onClose = () => {\n          clearInterval(kaTimer);\n        };\n        this.on('close', onClose).on('end', onClose);\n        kaTimer = setInterval(() => {\n          if (++kaCurCount > kaCountMax) {\n            clearInterval(kaTimer);\n            const err = new Error('Keepalive timeout');\n            err.level = 'client-timeout';\n            this.emit('error', err);\n            this.end();\n          } else {\n            // XXX: if the server ever starts sending real global requests to\n            //      the client, we will need to add a dummy callback here to\n            //      keep the correct reply order\n            proto.ping();\n          }\n        }, kaIntvl);\n      });\n      // TODO: re-verify keepalive behavior with OpenSSH\n      onPacket = () => {\n        kaTimer && kaTimer.refresh();\n        kaCurCount = 0;\n      };\n    }\n\n    const proto = this._protocol = new Protocol({\n      server: true,\n      hostKeys,\n      ident,\n      offer,\n      onPacket,\n      greeting: srvCfg.greeting,\n      banner: srvCfg.banner,\n      onWrite: (data) => {\n        if (isWritable(socket))\n          socket.write(data);\n      },\n      onError: (err) => {\n        if (!proto._destruct)\n          socket.removeAllListeners('data');\n        this.emit('error', err);\n        try {\n          socket.end();\n        } catch {}\n      },\n      onHeader: (header) => {\n        this.removeListener('error', onClientPreHeaderError);\n\n        const info = {\n          ip: socket.remoteAddress,\n          family: socket.remoteFamily,\n          port: socket.remotePort,\n          header,\n        };\n        if (!server.emit('connection', this, info)) {\n          // auto reject\n          proto.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n          socket.end();\n          return;\n        }\n\n        if (header.greeting)\n          this.emit('greeting', header.greeting);\n      },\n      onHandshakeComplete: (negotiated) => {\n        if (++exchanges > 1)\n          this.emit('rekey');\n        this.emit('handshake', negotiated);\n      },\n      debug,\n      messageHandlers: {\n        DEBUG: DEBUG_HANDLER,\n        DISCONNECT: (p, reason, desc) => {\n          if (reason !== DISCONNECT_REASON.BY_APPLICATION) {\n            if (!desc) {\n              desc = DISCONNECT_REASON_BY_VALUE[reason];\n              if (desc === undefined)\n                desc = `Unexpected disconnection reason: ${reason}`;\n            }\n            const err = new Error(desc);\n            err.code = reason;\n            this.emit('error', err);\n          }\n          socket.end();\n        },\n        CHANNEL_OPEN: (p, info) => {\n          // Handle incoming requests from client\n\n          // Do early reject in some cases to prevent wasteful channel\n          // allocation\n          if ((info.type === 'session' && this.noMoreSessions)\n              || !this.authenticated) {\n            const reasonCode = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n            return proto.channelOpenFail(info.sender, reasonCode);\n          }\n\n          let localChan = -1;\n          let reason;\n          let replied = false;\n\n          let accept;\n          const reject = () => {\n            if (replied)\n              return;\n            replied = true;\n\n            if (reason === undefined) {\n              if (localChan === -1)\n                reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n              else\n                reason = CHANNEL_OPEN_FAILURE.CONNECT_FAILED;\n            }\n\n            if (localChan !== -1)\n              this._chanMgr.remove(localChan);\n            proto.channelOpenFail(info.sender, reason, '');\n          };\n          const reserveChannel = () => {\n            localChan = this._chanMgr.add();\n\n            if (localChan === -1) {\n              reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n              if (debug) {\n                debug('Automatic rejection of incoming channel open: '\n                        + 'no channels available');\n              }\n            }\n\n            return (localChan !== -1);\n          };\n\n          const data = info.data;\n          switch (info.type) {\n            case 'session':\n              if (listenerCount(this, 'session') && reserveChannel()) {\n                accept = () => {\n                  if (replied)\n                    return;\n                  replied = true;\n\n                  const instance = new Session(this, info, localChan);\n                  this._chanMgr.update(localChan, instance);\n\n                  proto.channelOpenConfirm(info.sender,\n                                           localChan,\n                                           MAX_WINDOW,\n                                           PACKET_SIZE);\n\n                  return instance;\n                };\n\n                this.emit('session', accept, reject);\n                return;\n              }\n              break;\n            case 'direct-tcpip':\n              if (listenerCount(this, 'tcpip') && reserveChannel()) {\n                accept = () => {\n                  if (replied)\n                    return;\n                  replied = true;\n\n                  const chanInfo = {\n                    type: undefined,\n                    incoming: {\n                      id: localChan,\n                      window: MAX_WINDOW,\n                      packetSize: PACKET_SIZE,\n                      state: 'open'\n                    },\n                    outgoing: {\n                      id: info.sender,\n                      window: info.window,\n                      packetSize: info.packetSize,\n                      state: 'open'\n                    }\n                  };\n\n                  const stream = new Channel(this, chanInfo, { server: true });\n                  this._chanMgr.update(localChan, stream);\n\n                  proto.channelOpenConfirm(info.sender,\n                                           localChan,\n                                           MAX_WINDOW,\n                                           PACKET_SIZE);\n\n                  return stream;\n                };\n\n                this.emit('tcpip', accept, reject, data);\n                return;\n              }\n              break;\n            case 'direct-streamlocal@openssh.com':\n              if (listenerCount(this, 'openssh.streamlocal')\n                  && reserveChannel()) {\n                accept = () => {\n                  if (replied)\n                    return;\n                  replied = true;\n\n                  const chanInfo = {\n                    type: undefined,\n                    incoming: {\n                      id: localChan,\n                      window: MAX_WINDOW,\n                      packetSize: PACKET_SIZE,\n                      state: 'open'\n                    },\n                    outgoing: {\n                      id: info.sender,\n                      window: info.window,\n                      packetSize: info.packetSize,\n                      state: 'open'\n                    }\n                  };\n\n                  const stream = new Channel(this, chanInfo, { server: true });\n                  this._chanMgr.update(localChan, stream);\n\n                  proto.channelOpenConfirm(info.sender,\n                                           localChan,\n                                           MAX_WINDOW,\n                                           PACKET_SIZE);\n\n                  return stream;\n                };\n\n                this.emit('openssh.streamlocal', accept, reject, data);\n                return;\n              }\n              break;\n            default:\n              // Automatically reject any unsupported channel open requests\n              reason = CHANNEL_OPEN_FAILURE.UNKNOWN_CHANNEL_TYPE;\n              if (debug) {\n                debug('Automatic rejection of unsupported incoming channel open'\n                        + ` type: ${info.type}`);\n              }\n          }\n\n          if (reason === undefined) {\n            reason = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n            if (debug) {\n              debug('Automatic rejection of unexpected incoming channel open'\n                      + ` for: ${info.type}`);\n            }\n          }\n\n          reject();\n        },\n        CHANNEL_OPEN_CONFIRMATION: (p, info) => {\n          const channel = this._chanMgr.get(info.recipient);\n          if (typeof channel !== 'function')\n            return;\n\n          const chanInfo = {\n            type: channel.type,\n            incoming: {\n              id: info.recipient,\n              window: MAX_WINDOW,\n              packetSize: PACKET_SIZE,\n              state: 'open'\n            },\n            outgoing: {\n              id: info.sender,\n              window: info.window,\n              packetSize: info.packetSize,\n              state: 'open'\n            }\n          };\n\n          const instance = new Channel(this, chanInfo, { server: true });\n          this._chanMgr.update(info.recipient, instance);\n          channel(undefined, instance);\n        },\n        CHANNEL_OPEN_FAILURE: (p, recipient, reason, description) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'function')\n            return;\n\n          const info = { reason, description };\n          onChannelOpenFailure(this, recipient, info, channel);\n        },\n        CHANNEL_DATA: (p, recipient, data) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          // The remote party should not be sending us data if there is no\n          // window space available ...\n          // TODO: raise error on data with not enough window?\n          if (channel.incoming.window === 0)\n            return;\n\n          channel.incoming.window -= data.length;\n\n          if (channel.push(data) === false) {\n            channel._waitChanDrain = true;\n            return;\n          }\n\n          if (channel.incoming.window <= WINDOW_THRESHOLD)\n            windowAdjust(channel);\n        },\n        CHANNEL_EXTENDED_DATA: (p, recipient, data, type) => {\n          // NOOP -- should not be sent by client\n        },\n        CHANNEL_WINDOW_ADJUST: (p, recipient, amount) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          // The other side is allowing us to send `amount` more bytes of data\n          channel.outgoing.window += amount;\n\n          if (channel._waitWindow) {\n            channel._waitWindow = false;\n\n            if (channel._chunk) {\n              channel._write(channel._chunk, null, channel._chunkcb);\n            } else if (channel._chunkcb) {\n              channel._chunkcb();\n            } else if (channel._chunkErr) {\n              channel.stderr._write(channel._chunkErr,\n                                    null,\n                                    channel._chunkcbErr);\n            } else if (channel._chunkcbErr) {\n              channel._chunkcbErr();\n            }\n          }\n        },\n        CHANNEL_SUCCESS: (p, recipient) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          if (channel._callbacks.length)\n            channel._callbacks.shift()(false);\n        },\n        CHANNEL_FAILURE: (p, recipient) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          if (channel._callbacks.length)\n            channel._callbacks.shift()(true);\n        },\n        CHANNEL_REQUEST: (p, recipient, type, wantReply, data) => {\n          const session = this._chanMgr.get(recipient);\n          if (typeof session !== 'object' || session === null)\n            return;\n\n          let replied = false;\n          let accept;\n          let reject;\n\n          if (session.constructor !== Session) {\n            // normal Channel instance\n            if (wantReply)\n              proto.channelFailure(session.outgoing.id);\n            return;\n          }\n\n          if (wantReply) {\n            // \"real session\" requests will have custom accept behaviors\n            if (type !== 'shell'\n                && type !== 'exec'\n                && type !== 'subsystem') {\n              accept = () => {\n                if (replied || session._ending || session._channel)\n                  return;\n                replied = true;\n\n                proto.channelSuccess(session._chanInfo.outgoing.id);\n              };\n            }\n\n            reject = () => {\n              if (replied || session._ending || session._channel)\n                return;\n              replied = true;\n\n              proto.channelFailure(session._chanInfo.outgoing.id);\n            };\n          }\n\n          if (session._ending) {\n            reject && reject();\n            return;\n          }\n\n          switch (type) {\n            // \"pre-real session start\" requests\n            case 'env':\n              if (listenerCount(session, 'env')) {\n                session.emit('env', accept, reject, {\n                  key: data.name,\n                  val: data.value\n                });\n                return;\n              }\n              break;\n            case 'pty-req':\n              if (listenerCount(session, 'pty')) {\n                session.emit('pty', accept, reject, data);\n                return;\n              }\n              break;\n            case 'window-change':\n              if (listenerCount(session, 'window-change'))\n                session.emit('window-change', accept, reject, data);\n              else\n                reject && reject();\n              break;\n            case 'x11-req':\n              if (listenerCount(session, 'x11')) {\n                session.emit('x11', accept, reject, data);\n                return;\n              }\n              break;\n            // \"post-real session start\" requests\n            case 'signal':\n              if (listenerCount(session, 'signal')) {\n                session.emit('signal', accept, reject, {\n                  name: data\n                });\n                return;\n              }\n              break;\n            // XXX: is `auth-agent-req@openssh.com` really \"post-real session\n            // start\"?\n            case 'auth-agent-req@openssh.com':\n              if (listenerCount(session, 'auth-agent')) {\n                session.emit('auth-agent', accept, reject);\n                return;\n              }\n              break;\n            // \"real session start\" requests\n            case 'shell':\n              if (listenerCount(session, 'shell')) {\n                accept = () => {\n                  if (replied || session._ending || session._channel)\n                    return;\n                  replied = true;\n\n                  if (wantReply)\n                    proto.channelSuccess(session._chanInfo.outgoing.id);\n\n                  const channel = new Channel(\n                    this, session._chanInfo, { server: true }\n                  );\n\n                  channel.subtype = session.subtype = type;\n                  session._channel = channel;\n\n                  return channel;\n                };\n\n                session.emit('shell', accept, reject);\n                return;\n              }\n              break;\n            case 'exec':\n              if (listenerCount(session, 'exec')) {\n                accept = () => {\n                  if (replied || session._ending || session._channel)\n                    return;\n                  replied = true;\n\n                  if (wantReply)\n                    proto.channelSuccess(session._chanInfo.outgoing.id);\n\n                  const channel = new Channel(\n                    this, session._chanInfo, { server: true }\n                  );\n\n                  channel.subtype = session.subtype = type;\n                  session._channel = channel;\n\n                  return channel;\n                };\n\n                session.emit('exec', accept, reject, {\n                  command: data\n                });\n                return;\n              }\n              break;\n            case 'subsystem': {\n              let useSFTP = (data === 'sftp');\n              accept = () => {\n                if (replied || session._ending || session._channel)\n                  return;\n                replied = true;\n\n                if (wantReply)\n                  proto.channelSuccess(session._chanInfo.outgoing.id);\n\n                let instance;\n                if (useSFTP) {\n                  instance = new SFTP(this, session._chanInfo, {\n                    server: true,\n                    debug,\n                  });\n                } else {\n                  instance = new Channel(\n                    this, session._chanInfo, { server: true }\n                  );\n                  instance.subtype =\n                    session.subtype = `${type}:${data}`;\n                }\n                session._channel = instance;\n\n                return instance;\n              };\n\n              if (data === 'sftp') {\n                if (listenerCount(session, 'sftp')) {\n                  session.emit('sftp', accept, reject);\n                  return;\n                }\n                useSFTP = false;\n              }\n              if (listenerCount(session, 'subsystem')) {\n                session.emit('subsystem', accept, reject, {\n                  name: data\n                });\n                return;\n              }\n              break;\n            }\n          }\n          debug && debug(\n            `Automatic rejection of incoming channel request: ${type}`\n          );\n          reject && reject();\n        },\n        CHANNEL_EOF: (p, recipient) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            if (!channel._ending) {\n              channel._ending = true;\n              channel.emit('eof');\n              channel.emit('end');\n            }\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          if (channel.incoming.state !== 'open')\n            return;\n          channel.incoming.state = 'eof';\n\n          if (channel.readable)\n            channel.push(null);\n        },\n        CHANNEL_CLOSE: (p, recipient) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel._ending = true;\n            channel.emit('close');\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          onCHANNEL_CLOSE(this, recipient, channel);\n        },\n        // Begin service/auth-related ==========================================\n        SERVICE_REQUEST: (p, service) => {\n          if (exchanges === 0\n              || acceptedAuthSvc\n              || this.authenticated\n              || service !== 'ssh-userauth') {\n            proto.disconnect(DISCONNECT_REASON.SERVICE_NOT_AVAILABLE);\n            socket.end();\n            return;\n          }\n\n          acceptedAuthSvc = true;\n          proto.serviceAccept(service);\n        },\n        USERAUTH_REQUEST: (p, username, service, method, methodData) => {\n          if (exchanges === 0\n              || this.authenticated\n              || (authCtx\n                  && (authCtx.username !== username\n                      || authCtx.service !== service))\n                // TODO: support hostbased auth\n              || (method !== 'password'\n                  && method !== 'publickey'\n                  && method !== 'hostbased'\n                  && method !== 'keyboard-interactive'\n                  && method !== 'none')\n              || pendingAuths.length === MAX_PENDING_AUTHS) {\n            proto.disconnect(DISCONNECT_REASON.PROTOCOL_ERROR);\n            socket.end();\n            return;\n          } else if (service !== 'ssh-connection') {\n            proto.disconnect(DISCONNECT_REASON.SERVICE_NOT_AVAILABLE);\n            socket.end();\n            return;\n          }\n\n          let ctx;\n          switch (method) {\n            case 'keyboard-interactive':\n              ctx = new KeyboardAuthContext(proto, username, service, method,\n                                            methodData, onAuthDecide);\n              break;\n            case 'publickey':\n              ctx = new PKAuthContext(proto, username, service, method,\n                                      methodData, onAuthDecide);\n              break;\n            case 'hostbased':\n              ctx = new HostbasedAuthContext(proto, username, service, method,\n                                             methodData, onAuthDecide);\n              break;\n            case 'password':\n              if (authCtx\n                  && authCtx instanceof PwdAuthContext\n                  && authCtx._changeCb) {\n                const cb = authCtx._changeCb;\n                authCtx._changeCb = undefined;\n                cb(methodData.newPassword);\n                return;\n              }\n              ctx = new PwdAuthContext(proto, username, service, method,\n                                       methodData, onAuthDecide);\n              break;\n            case 'none':\n              ctx = new AuthContext(proto, username, service, method,\n                                    onAuthDecide);\n              break;\n          }\n\n          if (authCtx) {\n            if (!authCtx._initialResponse) {\n              return pendingAuths.push(ctx);\n            } else if (authCtx._multistep && !authCtx._finalResponse) {\n              // RFC 4252 says to silently abort the current auth request if a\n              // new auth request comes in before the final response from an\n              // auth method that requires additional request/response exchanges\n              // -- this means keyboard-interactive for now ...\n              authCtx._cleanup && authCtx._cleanup();\n              authCtx.emit('abort');\n            }\n          }\n\n          authCtx = ctx;\n\n          if (listenerCount(this, 'authentication'))\n            this.emit('authentication', authCtx);\n          else\n            authCtx.reject();\n        },\n        USERAUTH_INFO_RESPONSE: (p, responses) => {\n          if (authCtx && authCtx instanceof KeyboardAuthContext)\n            authCtx._onInfoResponse(responses);\n        },\n        // End service/auth-related ============================================\n        GLOBAL_REQUEST: (p, name, wantReply, data) => {\n          const reply = {\n            type: null,\n            buf: null\n          };\n\n          function setReply(type, buf) {\n            reply.type = type;\n            reply.buf = buf;\n            sendReplies();\n          }\n\n          if (wantReply)\n            unsentGlobalRequestsReplies.push(reply);\n\n          if ((name === 'tcpip-forward'\n               || name === 'cancel-tcpip-forward'\n               || name === 'no-more-sessions@openssh.com'\n               || name === 'streamlocal-forward@openssh.com'\n               || name === 'cancel-streamlocal-forward@openssh.com')\n              && listenerCount(this, 'request')\n              && this.authenticated) {\n            let accept;\n            let reject;\n\n            if (wantReply) {\n              let replied = false;\n              accept = (chosenPort) => {\n                if (replied)\n                  return;\n                replied = true;\n                let bufPort;\n                if (name === 'tcpip-forward'\n                    && data.bindPort === 0\n                    && typeof chosenPort === 'number') {\n                  bufPort = Buffer.allocUnsafe(4);\n                  writeUInt32BE(bufPort, chosenPort, 0);\n                }\n                setReply('SUCCESS', bufPort);\n              };\n              reject = () => {\n                if (replied)\n                  return;\n                replied = true;\n                setReply('FAILURE');\n              };\n            }\n\n            if (name === 'no-more-sessions@openssh.com') {\n              this.noMoreSessions = true;\n              accept && accept();\n              return;\n            }\n\n            this.emit('request', accept, reject, name, data);\n          } else if (wantReply) {\n            setReply('FAILURE');\n          }\n        },\n      },\n    });\n\n    socket.pause();\n    cryptoInit.then(() => {\n      proto.start();\n      socket.on('data', (data) => {\n        try {\n          proto.parse(data, 0, data.length);\n        } catch (ex) {\n          this.emit('error', ex);\n          try {\n            if (isWritable(socket))\n              socket.end();\n          } catch {}\n        }\n      });\n      socket.resume();\n    }).catch((err) => {\n      this.emit('error', err);\n      try {\n        if (isWritable(socket))\n          socket.end();\n      } catch {}\n    });\n    socket.on('error', (err) => {\n      err.level = 'socket';\n      this.emit('error', err);\n    }).once('end', () => {\n      debug && debug('Socket ended');\n      proto.cleanup();\n      this.emit('end');\n    }).once('close', () => {\n      debug && debug('Socket closed');\n      proto.cleanup();\n      this.emit('close');\n\n      const err = new Error('No response from server');\n\n      // Simulate error for pending channels and close any open channels\n      this._chanMgr.cleanup(err);\n    });\n\n    const onAuthDecide = (ctx, allowed, methodsLeft, isPartial) => {\n      if (authCtx === ctx && !this.authenticated) {\n        if (allowed) {\n          authCtx = undefined;\n          this.authenticated = true;\n          proto.authSuccess();\n          pendingAuths = [];\n          this.emit('ready');\n        } else {\n          proto.authFailure(methodsLeft, isPartial);\n          if (pendingAuths.length) {\n            authCtx = pendingAuths.pop();\n            if (listenerCount(this, 'authentication'))\n              this.emit('authentication', authCtx);\n            else\n              authCtx.reject();\n          }\n        }\n      }\n    };\n\n    function sendReplies() {\n      while (unsentGlobalRequestsReplies.length > 0\n             && unsentGlobalRequestsReplies[0].type) {\n        const reply = unsentGlobalRequestsReplies.shift();\n        if (reply.type === 'SUCCESS')\n          proto.requestSuccess(reply.buf);\n        if (reply.type === 'FAILURE')\n          proto.requestFailure();\n      }\n    }\n  }\n\n  end() {\n    if (this._sock && isWritable(this._sock)) {\n      this._protocol.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n      this._sock.end();\n    }\n    return this;\n  }\n\n  x11(originAddr, originPort, cb) {\n    const opts = { originAddr, originPort };\n    openChannel(this, 'x11', opts, cb);\n    return this;\n  }\n\n  forwardOut(boundAddr, boundPort, remoteAddr, remotePort, cb) {\n    const opts = { boundAddr, boundPort, remoteAddr, remotePort };\n    openChannel(this, 'forwarded-tcpip', opts, cb);\n    return this;\n  }\n\n  openssh_forwardOutStreamLocal(socketPath, cb) {\n    const opts = { socketPath };\n    openChannel(this, 'forwarded-streamlocal@openssh.com', opts, cb);\n    return this;\n  }\n\n  rekey(cb) {\n    let error;\n\n    try {\n      this._protocol.rekey();\n    } catch (ex) {\n      error = ex;\n    }\n\n    // TODO: re-throw error if no callback?\n\n    if (typeof cb === 'function') {\n      if (error)\n        process.nextTick(cb, error);\n      else\n        this.once('rekey', cb);\n    }\n  }\n}\n\n\nfunction openChannel(self, type, opts, cb) {\n  // Ask the client to open a channel for some purpose (e.g. a forwarded TCP\n  // connection)\n  const initWindow = MAX_WINDOW;\n  const maxPacket = PACKET_SIZE;\n\n  if (typeof opts === 'function') {\n    cb = opts;\n    opts = {};\n  }\n\n  const wrapper = (err, stream) => {\n    cb(err, stream);\n  };\n  wrapper.type = type;\n\n  const localChan = self._chanMgr.add(wrapper);\n\n  if (localChan === -1) {\n    cb(new Error('No free channels available'));\n    return;\n  }\n\n  switch (type) {\n    case 'forwarded-tcpip':\n      self._protocol.forwardedTcpip(localChan, initWindow, maxPacket, opts);\n      break;\n    case 'x11':\n      self._protocol.x11(localChan, initWindow, maxPacket, opts);\n      break;\n    case 'forwarded-streamlocal@openssh.com':\n      self._protocol.openssh_forwardedStreamLocal(\n        localChan, initWindow, maxPacket, opts\n      );\n      break;\n    default:\n      throw new Error(`Unsupported channel type: ${type}`);\n  }\n}\n\nfunction compareNumbers(a, b) {\n  return a - b;\n}\n\nmodule.exports = Server;\nmodule.exports.IncomingClient = Client;\n","'use strict';\n\nconst { SFTP } = require('./protocol/SFTP.js');\n\nconst MAX_CHANNEL = 2 ** 32 - 1;\n\nfunction onChannelOpenFailure(self, recipient, info, cb) {\n  self._chanMgr.remove(recipient);\n  if (typeof cb !== 'function')\n    return;\n\n  let err;\n  if (info instanceof Error) {\n    err = info;\n  } else if (typeof info === 'object' && info !== null) {\n    err = new Error(`(SSH) Channel open failure: ${info.description}`);\n    err.reason = info.reason;\n  } else {\n    err = new Error(\n      '(SSH) Channel open failure: server closed channel unexpectedly'\n    );\n    err.reason = '';\n  }\n\n  cb(err);\n}\n\nfunction onCHANNEL_CLOSE(self, recipient, channel, err, dead) {\n  if (typeof channel === 'function') {\n    // We got CHANNEL_CLOSE instead of CHANNEL_OPEN_FAILURE when\n    // requesting to open a channel\n    onChannelOpenFailure(self, recipient, err, channel);\n    return;\n  }\n\n  if (typeof channel !== 'object' || channel === null)\n    return;\n\n  if (channel.incoming && channel.incoming.state === 'closed')\n    return;\n\n  self._chanMgr.remove(recipient);\n\n  if (channel.server && channel.constructor.name === 'Session')\n    return;\n\n  channel.incoming.state = 'closed';\n\n  if (channel.readable)\n    channel.push(null);\n  if (channel.server) {\n    if (channel.stderr.writable)\n      channel.stderr.end();\n  } else if (channel.stderr.readable) {\n    channel.stderr.push(null);\n  }\n\n  if (channel.constructor !== SFTP\n      && (channel.outgoing.state === 'open'\n          || channel.outgoing.state === 'eof')\n      && !dead) {\n    channel.close();\n  }\n  if (channel.outgoing.state === 'closing')\n    channel.outgoing.state = 'closed';\n\n  const readState = channel._readableState;\n  const writeState = channel._writableState;\n  if (writeState && !writeState.ending && !writeState.finished && !dead)\n    channel.end();\n\n  // Take care of any outstanding channel requests\n  const chanCallbacks = channel._callbacks;\n  channel._callbacks = [];\n  for (let i = 0; i < chanCallbacks.length; ++i)\n    chanCallbacks[i](true);\n\n  if (channel.server) {\n    if (!channel.readable\n        || channel.destroyed\n        || (readState && readState.endEmitted)) {\n      channel.emit('close');\n    } else {\n      channel.once('end', () => channel.emit('close'));\n    }\n  } else {\n    let doClose;\n    switch (channel.type) {\n      case 'direct-streamlocal@openssh.com':\n      case 'direct-tcpip':\n        doClose = () => channel.emit('close');\n        break;\n      default: {\n        // Align more with node child processes, where the close event gets\n        // the same arguments as the exit event\n        const exit = channel._exit;\n        doClose = () => {\n          if (exit.code === null)\n            channel.emit('close', exit.code, exit.signal, exit.dump, exit.desc);\n          else\n            channel.emit('close', exit.code);\n        };\n      }\n    }\n    if (!channel.readable\n        || channel.destroyed\n        || (readState && readState.endEmitted)) {\n      doClose();\n    } else {\n      channel.once('end', doClose);\n    }\n\n    const errReadState = channel.stderr._readableState;\n    if (!channel.stderr.readable\n        || channel.stderr.destroyed\n        || (errReadState && errReadState.endEmitted)) {\n      channel.stderr.emit('close');\n    } else {\n      channel.stderr.once('end', () => channel.stderr.emit('close'));\n    }\n  }\n}\n\nclass ChannelManager {\n  constructor(client) {\n    this._client = client;\n    this._channels = {};\n    this._cur = -1;\n    this._count = 0;\n  }\n  add(val) {\n    // Attempt to reserve an id\n\n    let id;\n    // Optimized paths\n    if (this._cur < MAX_CHANNEL) {\n      id = ++this._cur;\n    } else if (this._count === 0) {\n      // Revert and reset back to fast path once we no longer have any channels\n      // open\n      this._cur = 0;\n      id = 0;\n    } else {\n      // Slower lookup path\n\n      // This path is triggered we have opened at least MAX_CHANNEL channels\n      // while having at least one channel open at any given time, so we have\n      // to search for a free id.\n      const channels = this._channels;\n      for (let i = 0; i < MAX_CHANNEL; ++i) {\n        if (channels[i] === undefined) {\n          id = i;\n          break;\n        }\n      }\n    }\n\n    if (id === undefined)\n      return -1;\n\n    this._channels[id] = (val || true);\n    ++this._count;\n\n    return id;\n  }\n  update(id, val) {\n    if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n      throw new Error(`Invalid channel id: ${id}`);\n\n    if (val && this._channels[id])\n      this._channels[id] = val;\n  }\n  get(id) {\n    if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n      throw new Error(`Invalid channel id: ${id}`);\n\n    return this._channels[id];\n  }\n  remove(id) {\n    if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n      throw new Error(`Invalid channel id: ${id}`);\n\n    if (this._channels[id]) {\n      delete this._channels[id];\n      if (this._count)\n        --this._count;\n    }\n  }\n  cleanup(err) {\n    const channels = this._channels;\n    this._channels = {};\n    this._cur = -1;\n    this._count = 0;\n\n    const chanIDs = Object.keys(channels);\n    const client = this._client;\n    for (let i = 0; i < chanIDs.length; ++i) {\n      const id = +chanIDs[i];\n      const channel = channels[id];\n      onCHANNEL_CLOSE(client, id, channel._channel || channel, err, true);\n    }\n  }\n}\n\nconst isRegExp = (() => {\n  const toString = Object.prototype.toString;\n  return (val) => toString.call(val) === '[object RegExp]';\n})();\n\nfunction generateAlgorithmList(algoList, defaultList, supportedList) {\n  if (Array.isArray(algoList) && algoList.length > 0) {\n    // Exact list\n    for (let i = 0; i < algoList.length; ++i) {\n      if (supportedList.indexOf(algoList[i]) === -1)\n        throw new Error(`Unsupported algorithm: ${algoList[i]}`);\n    }\n    return algoList;\n  }\n\n  if (typeof algoList === 'object' && algoList !== null) {\n    // Operations based on the default list\n    const keys = Object.keys(algoList);\n    let list = defaultList;\n    for (let i = 0; i < keys.length; ++i) {\n      const key = keys[i];\n      let val = algoList[key];\n      switch (key) {\n        case 'append':\n          if (!Array.isArray(val))\n            val = [val];\n          if (Array.isArray(val)) {\n            for (let j = 0; j < val.length; ++j) {\n              const append = val[j];\n              if (typeof append === 'string') {\n                if (!append || list.indexOf(append) !== -1)\n                  continue;\n                if (supportedList.indexOf(append) === -1)\n                  throw new Error(`Unsupported algorithm: ${append}`);\n                if (list === defaultList)\n                  list = list.slice();\n                list.push(append);\n              } else if (isRegExp(append)) {\n                for (let k = 0; k < supportedList.length; ++k) {\n                  const algo = supportedList[k];\n                  if (append.test(algo)) {\n                    if (list.indexOf(algo) !== -1)\n                      continue;\n                    if (list === defaultList)\n                      list = list.slice();\n                    list.push(algo);\n                  }\n                }\n              }\n            }\n          }\n          break;\n        case 'prepend':\n          if (!Array.isArray(val))\n            val = [val];\n          if (Array.isArray(val)) {\n            for (let j = val.length; j >= 0; --j) {\n              const prepend = val[j];\n              if (typeof prepend === 'string') {\n                if (!prepend || list.indexOf(prepend) !== -1)\n                  continue;\n                if (supportedList.indexOf(prepend) === -1)\n                  throw new Error(`Unsupported algorithm: ${prepend}`);\n                if (list === defaultList)\n                  list = list.slice();\n                list.unshift(prepend);\n              } else if (isRegExp(prepend)) {\n                for (let k = supportedList.length; k >= 0; --k) {\n                  const algo = supportedList[k];\n                  if (prepend.test(algo)) {\n                    if (list.indexOf(algo) !== -1)\n                      continue;\n                    if (list === defaultList)\n                      list = list.slice();\n                    list.unshift(algo);\n                  }\n                }\n              }\n            }\n          }\n          break;\n        case 'remove':\n          if (!Array.isArray(val))\n            val = [val];\n          if (Array.isArray(val)) {\n            for (let j = 0; j < val.length; ++j) {\n              const search = val[j];\n              if (typeof search === 'string') {\n                if (!search)\n                  continue;\n                const idx = list.indexOf(search);\n                if (idx === -1)\n                  continue;\n                if (list === defaultList)\n                  list = list.slice();\n                list.splice(idx, 1);\n              } else if (isRegExp(search)) {\n                for (let k = 0; k < list.length; ++k) {\n                  if (search.test(list[k])) {\n                    if (list === defaultList)\n                      list = list.slice();\n                    list.splice(k, 1);\n                    --k;\n                  }\n                }\n              }\n            }\n          }\n          break;\n      }\n    }\n\n    return list;\n  }\n\n  return defaultList;\n}\n\nmodule.exports = {\n  ChannelManager,\n  generateAlgorithmList,\n  onChannelOpenFailure,\n  onCHANNEL_CLOSE,\n  isWritable: (stream) => {\n    // XXX: hack to workaround regression in node\n    // See: https://github.com/nodejs/node/issues/36029\n    return (stream\n            && stream.writable\n            && stream._readableState\n            && stream._readableState.ended === false);\n  },\n};\n","module.exports = require('./lib/tunnel');\n","'use strict';\n\nvar net = require('net');\nvar tls = require('tls');\nvar http = require('http');\nvar https = require('https');\nvar events = require('events');\nvar assert = require('assert');\nvar util = require('util');\n\n\nexports.httpOverHttp = httpOverHttp;\nexports.httpsOverHttp = httpsOverHttp;\nexports.httpOverHttps = httpOverHttps;\nexports.httpsOverHttps = httpsOverHttps;\n\n\nfunction httpOverHttp(options) {\n  var agent = new TunnelingAgent(options);\n  agent.request = http.request;\n  return agent;\n}\n\nfunction httpsOverHttp(options) {\n  var agent = new TunnelingAgent(options);\n  agent.request = http.request;\n  agent.createSocket = createSecureSocket;\n  agent.defaultPort = 443;\n  return agent;\n}\n\nfunction httpOverHttps(options) {\n  var agent = new TunnelingAgent(options);\n  agent.request = https.request;\n  return agent;\n}\n\nfunction httpsOverHttps(options) {\n  var agent = new TunnelingAgent(options);\n  agent.request = https.request;\n  agent.createSocket = createSecureSocket;\n  agent.defaultPort = 443;\n  return agent;\n}\n\n\nfunction TunnelingAgent(options) {\n  var self = this;\n  self.options = options || {};\n  self.proxyOptions = self.options.proxy || {};\n  self.maxSockets = self.options.maxSockets || http.Agent.defaultMaxSockets;\n  self.requests = [];\n  self.sockets = [];\n\n  self.on('free', function onFree(socket, host, port, localAddress) {\n    var options = toOptions(host, port, localAddress);\n    for (var i = 0, len = self.requests.length; i < len; ++i) {\n      var pending = self.requests[i];\n      if (pending.host === options.host && pending.port === options.port) {\n        // Detect the request to connect same origin server,\n        // reuse the connection.\n        self.requests.splice(i, 1);\n        pending.request.onSocket(socket);\n        return;\n      }\n    }\n    socket.destroy();\n    self.removeSocket(socket);\n  });\n}\nutil.inherits(TunnelingAgent, events.EventEmitter);\n\nTunnelingAgent.prototype.addRequest = function addRequest(req, host, port, localAddress) {\n  var self = this;\n  var options = mergeOptions({request: req}, self.options, toOptions(host, port, localAddress));\n\n  if (self.sockets.length >= this.maxSockets) {\n    // We are over limit so we'll add it to the queue.\n    self.requests.push(options);\n    return;\n  }\n\n  // If we are under maxSockets create a new one.\n  self.createSocket(options, function(socket) {\n    socket.on('free', onFree);\n    socket.on('close', onCloseOrRemove);\n    socket.on('agentRemove', onCloseOrRemove);\n    req.onSocket(socket);\n\n    function onFree() {\n      self.emit('free', socket, options);\n    }\n\n    function onCloseOrRemove(err) {\n      self.removeSocket(socket);\n      socket.removeListener('free', onFree);\n      socket.removeListener('close', onCloseOrRemove);\n      socket.removeListener('agentRemove', onCloseOrRemove);\n    }\n  });\n};\n\nTunnelingAgent.prototype.createSocket = function createSocket(options, cb) {\n  var self = this;\n  var placeholder = {};\n  self.sockets.push(placeholder);\n\n  var connectOptions = mergeOptions({}, self.proxyOptions, {\n    method: 'CONNECT',\n    path: options.host + ':' + options.port,\n    agent: false,\n    headers: {\n      host: options.host + ':' + options.port\n    }\n  });\n  if (options.localAddress) {\n    connectOptions.localAddress = options.localAddress;\n  }\n  if (connectOptions.proxyAuth) {\n    connectOptions.headers = connectOptions.headers || {};\n    connectOptions.headers['Proxy-Authorization'] = 'Basic ' +\n        new Buffer(connectOptions.proxyAuth).toString('base64');\n  }\n\n  debug('making CONNECT request');\n  var connectReq = self.request(connectOptions);\n  connectReq.useChunkedEncodingByDefault = false; // for v0.6\n  connectReq.once('response', onResponse); // for v0.6\n  connectReq.once('upgrade', onUpgrade);   // for v0.6\n  connectReq.once('connect', onConnect);   // for v0.7 or later\n  connectReq.once('error', onError);\n  connectReq.end();\n\n  function onResponse(res) {\n    // Very hacky. This is necessary to avoid http-parser leaks.\n    res.upgrade = true;\n  }\n\n  function onUpgrade(res, socket, head) {\n    // Hacky.\n    process.nextTick(function() {\n      onConnect(res, socket, head);\n    });\n  }\n\n  function onConnect(res, socket, head) {\n    connectReq.removeAllListeners();\n    socket.removeAllListeners();\n\n    if (res.statusCode !== 200) {\n      debug('tunneling socket could not be established, statusCode=%d',\n        res.statusCode);\n      socket.destroy();\n      var error = new Error('tunneling socket could not be established, ' +\n        'statusCode=' + res.statusCode);\n      error.code = 'ECONNRESET';\n      options.request.emit('error', error);\n      self.removeSocket(placeholder);\n      return;\n    }\n    if (head.length > 0) {\n      debug('got illegal response body from proxy');\n      socket.destroy();\n      var error = new Error('got illegal response body from proxy');\n      error.code = 'ECONNRESET';\n      options.request.emit('error', error);\n      self.removeSocket(placeholder);\n      return;\n    }\n    debug('tunneling connection has established');\n    self.sockets[self.sockets.indexOf(placeholder)] = socket;\n    return cb(socket);\n  }\n\n  function onError(cause) {\n    connectReq.removeAllListeners();\n\n    debug('tunneling socket could not be established, cause=%s\\n',\n          cause.message, cause.stack);\n    var error = new Error('tunneling socket could not be established, ' +\n                          'cause=' + cause.message);\n    error.code = 'ECONNRESET';\n    options.request.emit('error', error);\n    self.removeSocket(placeholder);\n  }\n};\n\nTunnelingAgent.prototype.removeSocket = function removeSocket(socket) {\n  var pos = this.sockets.indexOf(socket)\n  if (pos === -1) {\n    return;\n  }\n  this.sockets.splice(pos, 1);\n\n  var pending = this.requests.shift();\n  if (pending) {\n    // If we have pending requests and a socket gets closed a new one\n    // needs to be created to take over in the pool for the one that closed.\n    this.createSocket(pending, function(socket) {\n      pending.request.onSocket(socket);\n    });\n  }\n};\n\nfunction createSecureSocket(options, cb) {\n  var self = this;\n  TunnelingAgent.prototype.createSocket.call(self, options, function(socket) {\n    var hostHeader = options.request.getHeader('host');\n    var tlsOptions = mergeOptions({}, self.options, {\n      socket: socket,\n      servername: hostHeader ? hostHeader.replace(/:.*$/, '') : options.host\n    });\n\n    // 0 is dummy port for v0.6\n    var secureSocket = tls.connect(0, tlsOptions);\n    self.sockets[self.sockets.indexOf(socket)] = secureSocket;\n    cb(secureSocket);\n  });\n}\n\n\nfunction toOptions(host, port, localAddress) {\n  if (typeof host === 'string') { // since v0.10\n    return {\n      host: host,\n      port: port,\n      localAddress: localAddress\n    };\n  }\n  return host; // for v0.11 or later\n}\n\nfunction mergeOptions(target) {\n  for (var i = 1, len = arguments.length; i < len; ++i) {\n    var overrides = arguments[i];\n    if (typeof overrides === 'object') {\n      var keys = Object.keys(overrides);\n      for (var j = 0, keyLen = keys.length; j < keyLen; ++j) {\n        var k = keys[j];\n        if (overrides[k] !== undefined) {\n          target[k] = overrides[k];\n        }\n      }\n    }\n  }\n  return target;\n}\n\n\nvar debug;\nif (process.env.NODE_DEBUG && /\\btunnel\\b/.test(process.env.NODE_DEBUG)) {\n  debug = function() {\n    var args = Array.prototype.slice.call(arguments);\n    if (typeof args[0] === 'string') {\n      args[0] = 'TUNNEL: ' + args[0];\n    } else {\n      args.unshift('TUNNEL:');\n    }\n    console.error.apply(console, args);\n  }\n} else {\n  debug = function() {};\n}\nexports.debug = debug; // for test\n","(function(nacl) {\n'use strict';\n\n// Ported in 2014 by Dmitry Chestnykh and Devi Mandiri.\n// Public domain.\n//\n// Implementation derived from TweetNaCl version 20140427.\n// See for details: http://tweetnacl.cr.yp.to/\n\nvar gf = function(init) {\n  var i, r = new Float64Array(16);\n  if (init) for (i = 0; i < init.length; i++) r[i] = init[i];\n  return r;\n};\n\n//  Pluggable, initialized in high-level API below.\nvar randombytes = function(/* x, n */) { throw new Error('no PRNG'); };\n\nvar _0 = new Uint8Array(16);\nvar _9 = new Uint8Array(32); _9[0] = 9;\n\nvar gf0 = gf(),\n    gf1 = gf([1]),\n    _121665 = gf([0xdb41, 1]),\n    D = gf([0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203]),\n    D2 = gf([0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406]),\n    X = gf([0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169]),\n    Y = gf([0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666]),\n    I = gf([0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83]);\n\nfunction ts64(x, i, h, l) {\n  x[i]   = (h >> 24) & 0xff;\n  x[i+1] = (h >> 16) & 0xff;\n  x[i+2] = (h >>  8) & 0xff;\n  x[i+3] = h & 0xff;\n  x[i+4] = (l >> 24)  & 0xff;\n  x[i+5] = (l >> 16)  & 0xff;\n  x[i+6] = (l >>  8)  & 0xff;\n  x[i+7] = l & 0xff;\n}\n\nfunction vn(x, xi, y, yi, n) {\n  var i,d = 0;\n  for (i = 0; i < n; i++) d |= x[xi+i]^y[yi+i];\n  return (1 & ((d - 1) >>> 8)) - 1;\n}\n\nfunction crypto_verify_16(x, xi, y, yi) {\n  return vn(x,xi,y,yi,16);\n}\n\nfunction crypto_verify_32(x, xi, y, yi) {\n  return vn(x,xi,y,yi,32);\n}\n\nfunction core_salsa20(o, p, k, c) {\n  var j0  = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,\n      j1  = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,\n      j2  = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,\n      j3  = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,\n      j4  = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,\n      j5  = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,\n      j6  = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,\n      j7  = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,\n      j8  = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,\n      j9  = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,\n      j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,\n      j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,\n      j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,\n      j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,\n      j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,\n      j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;\n\n  var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,\n      x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,\n      x15 = j15, u;\n\n  for (var i = 0; i < 20; i += 2) {\n    u = x0 + x12 | 0;\n    x4 ^= u<<7 | u>>>(32-7);\n    u = x4 + x0 | 0;\n    x8 ^= u<<9 | u>>>(32-9);\n    u = x8 + x4 | 0;\n    x12 ^= u<<13 | u>>>(32-13);\n    u = x12 + x8 | 0;\n    x0 ^= u<<18 | u>>>(32-18);\n\n    u = x5 + x1 | 0;\n    x9 ^= u<<7 | u>>>(32-7);\n    u = x9 + x5 | 0;\n    x13 ^= u<<9 | u>>>(32-9);\n    u = x13 + x9 | 0;\n    x1 ^= u<<13 | u>>>(32-13);\n    u = x1 + x13 | 0;\n    x5 ^= u<<18 | u>>>(32-18);\n\n    u = x10 + x6 | 0;\n    x14 ^= u<<7 | u>>>(32-7);\n    u = x14 + x10 | 0;\n    x2 ^= u<<9 | u>>>(32-9);\n    u = x2 + x14 | 0;\n    x6 ^= u<<13 | u>>>(32-13);\n    u = x6 + x2 | 0;\n    x10 ^= u<<18 | u>>>(32-18);\n\n    u = x15 + x11 | 0;\n    x3 ^= u<<7 | u>>>(32-7);\n    u = x3 + x15 | 0;\n    x7 ^= u<<9 | u>>>(32-9);\n    u = x7 + x3 | 0;\n    x11 ^= u<<13 | u>>>(32-13);\n    u = x11 + x7 | 0;\n    x15 ^= u<<18 | u>>>(32-18);\n\n    u = x0 + x3 | 0;\n    x1 ^= u<<7 | u>>>(32-7);\n    u = x1 + x0 | 0;\n    x2 ^= u<<9 | u>>>(32-9);\n    u = x2 + x1 | 0;\n    x3 ^= u<<13 | u>>>(32-13);\n    u = x3 + x2 | 0;\n    x0 ^= u<<18 | u>>>(32-18);\n\n    u = x5 + x4 | 0;\n    x6 ^= u<<7 | u>>>(32-7);\n    u = x6 + x5 | 0;\n    x7 ^= u<<9 | u>>>(32-9);\n    u = x7 + x6 | 0;\n    x4 ^= u<<13 | u>>>(32-13);\n    u = x4 + x7 | 0;\n    x5 ^= u<<18 | u>>>(32-18);\n\n    u = x10 + x9 | 0;\n    x11 ^= u<<7 | u>>>(32-7);\n    u = x11 + x10 | 0;\n    x8 ^= u<<9 | u>>>(32-9);\n    u = x8 + x11 | 0;\n    x9 ^= u<<13 | u>>>(32-13);\n    u = x9 + x8 | 0;\n    x10 ^= u<<18 | u>>>(32-18);\n\n    u = x15 + x14 | 0;\n    x12 ^= u<<7 | u>>>(32-7);\n    u = x12 + x15 | 0;\n    x13 ^= u<<9 | u>>>(32-9);\n    u = x13 + x12 | 0;\n    x14 ^= u<<13 | u>>>(32-13);\n    u = x14 + x13 | 0;\n    x15 ^= u<<18 | u>>>(32-18);\n  }\n   x0 =  x0 +  j0 | 0;\n   x1 =  x1 +  j1 | 0;\n   x2 =  x2 +  j2 | 0;\n   x3 =  x3 +  j3 | 0;\n   x4 =  x4 +  j4 | 0;\n   x5 =  x5 +  j5 | 0;\n   x6 =  x6 +  j6 | 0;\n   x7 =  x7 +  j7 | 0;\n   x8 =  x8 +  j8 | 0;\n   x9 =  x9 +  j9 | 0;\n  x10 = x10 + j10 | 0;\n  x11 = x11 + j11 | 0;\n  x12 = x12 + j12 | 0;\n  x13 = x13 + j13 | 0;\n  x14 = x14 + j14 | 0;\n  x15 = x15 + j15 | 0;\n\n  o[ 0] = x0 >>>  0 & 0xff;\n  o[ 1] = x0 >>>  8 & 0xff;\n  o[ 2] = x0 >>> 16 & 0xff;\n  o[ 3] = x0 >>> 24 & 0xff;\n\n  o[ 4] = x1 >>>  0 & 0xff;\n  o[ 5] = x1 >>>  8 & 0xff;\n  o[ 6] = x1 >>> 16 & 0xff;\n  o[ 7] = x1 >>> 24 & 0xff;\n\n  o[ 8] = x2 >>>  0 & 0xff;\n  o[ 9] = x2 >>>  8 & 0xff;\n  o[10] = x2 >>> 16 & 0xff;\n  o[11] = x2 >>> 24 & 0xff;\n\n  o[12] = x3 >>>  0 & 0xff;\n  o[13] = x3 >>>  8 & 0xff;\n  o[14] = x3 >>> 16 & 0xff;\n  o[15] = x3 >>> 24 & 0xff;\n\n  o[16] = x4 >>>  0 & 0xff;\n  o[17] = x4 >>>  8 & 0xff;\n  o[18] = x4 >>> 16 & 0xff;\n  o[19] = x4 >>> 24 & 0xff;\n\n  o[20] = x5 >>>  0 & 0xff;\n  o[21] = x5 >>>  8 & 0xff;\n  o[22] = x5 >>> 16 & 0xff;\n  o[23] = x5 >>> 24 & 0xff;\n\n  o[24] = x6 >>>  0 & 0xff;\n  o[25] = x6 >>>  8 & 0xff;\n  o[26] = x6 >>> 16 & 0xff;\n  o[27] = x6 >>> 24 & 0xff;\n\n  o[28] = x7 >>>  0 & 0xff;\n  o[29] = x7 >>>  8 & 0xff;\n  o[30] = x7 >>> 16 & 0xff;\n  o[31] = x7 >>> 24 & 0xff;\n\n  o[32] = x8 >>>  0 & 0xff;\n  o[33] = x8 >>>  8 & 0xff;\n  o[34] = x8 >>> 16 & 0xff;\n  o[35] = x8 >>> 24 & 0xff;\n\n  o[36] = x9 >>>  0 & 0xff;\n  o[37] = x9 >>>  8 & 0xff;\n  o[38] = x9 >>> 16 & 0xff;\n  o[39] = x9 >>> 24 & 0xff;\n\n  o[40] = x10 >>>  0 & 0xff;\n  o[41] = x10 >>>  8 & 0xff;\n  o[42] = x10 >>> 16 & 0xff;\n  o[43] = x10 >>> 24 & 0xff;\n\n  o[44] = x11 >>>  0 & 0xff;\n  o[45] = x11 >>>  8 & 0xff;\n  o[46] = x11 >>> 16 & 0xff;\n  o[47] = x11 >>> 24 & 0xff;\n\n  o[48] = x12 >>>  0 & 0xff;\n  o[49] = x12 >>>  8 & 0xff;\n  o[50] = x12 >>> 16 & 0xff;\n  o[51] = x12 >>> 24 & 0xff;\n\n  o[52] = x13 >>>  0 & 0xff;\n  o[53] = x13 >>>  8 & 0xff;\n  o[54] = x13 >>> 16 & 0xff;\n  o[55] = x13 >>> 24 & 0xff;\n\n  o[56] = x14 >>>  0 & 0xff;\n  o[57] = x14 >>>  8 & 0xff;\n  o[58] = x14 >>> 16 & 0xff;\n  o[59] = x14 >>> 24 & 0xff;\n\n  o[60] = x15 >>>  0 & 0xff;\n  o[61] = x15 >>>  8 & 0xff;\n  o[62] = x15 >>> 16 & 0xff;\n  o[63] = x15 >>> 24 & 0xff;\n}\n\nfunction core_hsalsa20(o,p,k,c) {\n  var j0  = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,\n      j1  = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,\n      j2  = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,\n      j3  = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,\n      j4  = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,\n      j5  = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,\n      j6  = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,\n      j7  = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,\n      j8  = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,\n      j9  = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,\n      j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,\n      j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,\n      j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,\n      j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,\n      j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,\n      j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;\n\n  var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,\n      x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,\n      x15 = j15, u;\n\n  for (var i = 0; i < 20; i += 2) {\n    u = x0 + x12 | 0;\n    x4 ^= u<<7 | u>>>(32-7);\n    u = x4 + x0 | 0;\n    x8 ^= u<<9 | u>>>(32-9);\n    u = x8 + x4 | 0;\n    x12 ^= u<<13 | u>>>(32-13);\n    u = x12 + x8 | 0;\n    x0 ^= u<<18 | u>>>(32-18);\n\n    u = x5 + x1 | 0;\n    x9 ^= u<<7 | u>>>(32-7);\n    u = x9 + x5 | 0;\n    x13 ^= u<<9 | u>>>(32-9);\n    u = x13 + x9 | 0;\n    x1 ^= u<<13 | u>>>(32-13);\n    u = x1 + x13 | 0;\n    x5 ^= u<<18 | u>>>(32-18);\n\n    u = x10 + x6 | 0;\n    x14 ^= u<<7 | u>>>(32-7);\n    u = x14 + x10 | 0;\n    x2 ^= u<<9 | u>>>(32-9);\n    u = x2 + x14 | 0;\n    x6 ^= u<<13 | u>>>(32-13);\n    u = x6 + x2 | 0;\n    x10 ^= u<<18 | u>>>(32-18);\n\n    u = x15 + x11 | 0;\n    x3 ^= u<<7 | u>>>(32-7);\n    u = x3 + x15 | 0;\n    x7 ^= u<<9 | u>>>(32-9);\n    u = x7 + x3 | 0;\n    x11 ^= u<<13 | u>>>(32-13);\n    u = x11 + x7 | 0;\n    x15 ^= u<<18 | u>>>(32-18);\n\n    u = x0 + x3 | 0;\n    x1 ^= u<<7 | u>>>(32-7);\n    u = x1 + x0 | 0;\n    x2 ^= u<<9 | u>>>(32-9);\n    u = x2 + x1 | 0;\n    x3 ^= u<<13 | u>>>(32-13);\n    u = x3 + x2 | 0;\n    x0 ^= u<<18 | u>>>(32-18);\n\n    u = x5 + x4 | 0;\n    x6 ^= u<<7 | u>>>(32-7);\n    u = x6 + x5 | 0;\n    x7 ^= u<<9 | u>>>(32-9);\n    u = x7 + x6 | 0;\n    x4 ^= u<<13 | u>>>(32-13);\n    u = x4 + x7 | 0;\n    x5 ^= u<<18 | u>>>(32-18);\n\n    u = x10 + x9 | 0;\n    x11 ^= u<<7 | u>>>(32-7);\n    u = x11 + x10 | 0;\n    x8 ^= u<<9 | u>>>(32-9);\n    u = x8 + x11 | 0;\n    x9 ^= u<<13 | u>>>(32-13);\n    u = x9 + x8 | 0;\n    x10 ^= u<<18 | u>>>(32-18);\n\n    u = x15 + x14 | 0;\n    x12 ^= u<<7 | u>>>(32-7);\n    u = x12 + x15 | 0;\n    x13 ^= u<<9 | u>>>(32-9);\n    u = x13 + x12 | 0;\n    x14 ^= u<<13 | u>>>(32-13);\n    u = x14 + x13 | 0;\n    x15 ^= u<<18 | u>>>(32-18);\n  }\n\n  o[ 0] = x0 >>>  0 & 0xff;\n  o[ 1] = x0 >>>  8 & 0xff;\n  o[ 2] = x0 >>> 16 & 0xff;\n  o[ 3] = x0 >>> 24 & 0xff;\n\n  o[ 4] = x5 >>>  0 & 0xff;\n  o[ 5] = x5 >>>  8 & 0xff;\n  o[ 6] = x5 >>> 16 & 0xff;\n  o[ 7] = x5 >>> 24 & 0xff;\n\n  o[ 8] = x10 >>>  0 & 0xff;\n  o[ 9] = x10 >>>  8 & 0xff;\n  o[10] = x10 >>> 16 & 0xff;\n  o[11] = x10 >>> 24 & 0xff;\n\n  o[12] = x15 >>>  0 & 0xff;\n  o[13] = x15 >>>  8 & 0xff;\n  o[14] = x15 >>> 16 & 0xff;\n  o[15] = x15 >>> 24 & 0xff;\n\n  o[16] = x6 >>>  0 & 0xff;\n  o[17] = x6 >>>  8 & 0xff;\n  o[18] = x6 >>> 16 & 0xff;\n  o[19] = x6 >>> 24 & 0xff;\n\n  o[20] = x7 >>>  0 & 0xff;\n  o[21] = x7 >>>  8 & 0xff;\n  o[22] = x7 >>> 16 & 0xff;\n  o[23] = x7 >>> 24 & 0xff;\n\n  o[24] = x8 >>>  0 & 0xff;\n  o[25] = x8 >>>  8 & 0xff;\n  o[26] = x8 >>> 16 & 0xff;\n  o[27] = x8 >>> 24 & 0xff;\n\n  o[28] = x9 >>>  0 & 0xff;\n  o[29] = x9 >>>  8 & 0xff;\n  o[30] = x9 >>> 16 & 0xff;\n  o[31] = x9 >>> 24 & 0xff;\n}\n\nfunction crypto_core_salsa20(out,inp,k,c) {\n  core_salsa20(out,inp,k,c);\n}\n\nfunction crypto_core_hsalsa20(out,inp,k,c) {\n  core_hsalsa20(out,inp,k,c);\n}\n\nvar sigma = new Uint8Array([101, 120, 112, 97, 110, 100, 32, 51, 50, 45, 98, 121, 116, 101, 32, 107]);\n            // \"expand 32-byte k\"\n\nfunction crypto_stream_salsa20_xor(c,cpos,m,mpos,b,n,k) {\n  var z = new Uint8Array(16), x = new Uint8Array(64);\n  var u, i;\n  for (i = 0; i < 16; i++) z[i] = 0;\n  for (i = 0; i < 8; i++) z[i] = n[i];\n  while (b >= 64) {\n    crypto_core_salsa20(x,z,k,sigma);\n    for (i = 0; i < 64; i++) c[cpos+i] = m[mpos+i] ^ x[i];\n    u = 1;\n    for (i = 8; i < 16; i++) {\n      u = u + (z[i] & 0xff) | 0;\n      z[i] = u & 0xff;\n      u >>>= 8;\n    }\n    b -= 64;\n    cpos += 64;\n    mpos += 64;\n  }\n  if (b > 0) {\n    crypto_core_salsa20(x,z,k,sigma);\n    for (i = 0; i < b; i++) c[cpos+i] = m[mpos+i] ^ x[i];\n  }\n  return 0;\n}\n\nfunction crypto_stream_salsa20(c,cpos,b,n,k) {\n  var z = new Uint8Array(16), x = new Uint8Array(64);\n  var u, i;\n  for (i = 0; i < 16; i++) z[i] = 0;\n  for (i = 0; i < 8; i++) z[i] = n[i];\n  while (b >= 64) {\n    crypto_core_salsa20(x,z,k,sigma);\n    for (i = 0; i < 64; i++) c[cpos+i] = x[i];\n    u = 1;\n    for (i = 8; i < 16; i++) {\n      u = u + (z[i] & 0xff) | 0;\n      z[i] = u & 0xff;\n      u >>>= 8;\n    }\n    b -= 64;\n    cpos += 64;\n  }\n  if (b > 0) {\n    crypto_core_salsa20(x,z,k,sigma);\n    for (i = 0; i < b; i++) c[cpos+i] = x[i];\n  }\n  return 0;\n}\n\nfunction crypto_stream(c,cpos,d,n,k) {\n  var s = new Uint8Array(32);\n  crypto_core_hsalsa20(s,n,k,sigma);\n  var sn = new Uint8Array(8);\n  for (var i = 0; i < 8; i++) sn[i] = n[i+16];\n  return crypto_stream_salsa20(c,cpos,d,sn,s);\n}\n\nfunction crypto_stream_xor(c,cpos,m,mpos,d,n,k) {\n  var s = new Uint8Array(32);\n  crypto_core_hsalsa20(s,n,k,sigma);\n  var sn = new Uint8Array(8);\n  for (var i = 0; i < 8; i++) sn[i] = n[i+16];\n  return crypto_stream_salsa20_xor(c,cpos,m,mpos,d,sn,s);\n}\n\n/*\n* Port of Andrew Moon's Poly1305-donna-16. Public domain.\n* https://github.com/floodyberry/poly1305-donna\n*/\n\nvar poly1305 = function(key) {\n  this.buffer = new Uint8Array(16);\n  this.r = new Uint16Array(10);\n  this.h = new Uint16Array(10);\n  this.pad = new Uint16Array(8);\n  this.leftover = 0;\n  this.fin = 0;\n\n  var t0, t1, t2, t3, t4, t5, t6, t7;\n\n  t0 = key[ 0] & 0xff | (key[ 1] & 0xff) << 8; this.r[0] = ( t0                     ) & 0x1fff;\n  t1 = key[ 2] & 0xff | (key[ 3] & 0xff) << 8; this.r[1] = ((t0 >>> 13) | (t1 <<  3)) & 0x1fff;\n  t2 = key[ 4] & 0xff | (key[ 5] & 0xff) << 8; this.r[2] = ((t1 >>> 10) | (t2 <<  6)) & 0x1f03;\n  t3 = key[ 6] & 0xff | (key[ 7] & 0xff) << 8; this.r[3] = ((t2 >>>  7) | (t3 <<  9)) & 0x1fff;\n  t4 = key[ 8] & 0xff | (key[ 9] & 0xff) << 8; this.r[4] = ((t3 >>>  4) | (t4 << 12)) & 0x00ff;\n  this.r[5] = ((t4 >>>  1)) & 0x1ffe;\n  t5 = key[10] & 0xff | (key[11] & 0xff) << 8; this.r[6] = ((t4 >>> 14) | (t5 <<  2)) & 0x1fff;\n  t6 = key[12] & 0xff | (key[13] & 0xff) << 8; this.r[7] = ((t5 >>> 11) | (t6 <<  5)) & 0x1f81;\n  t7 = key[14] & 0xff | (key[15] & 0xff) << 8; this.r[8] = ((t6 >>>  8) | (t7 <<  8)) & 0x1fff;\n  this.r[9] = ((t7 >>>  5)) & 0x007f;\n\n  this.pad[0] = key[16] & 0xff | (key[17] & 0xff) << 8;\n  this.pad[1] = key[18] & 0xff | (key[19] & 0xff) << 8;\n  this.pad[2] = key[20] & 0xff | (key[21] & 0xff) << 8;\n  this.pad[3] = key[22] & 0xff | (key[23] & 0xff) << 8;\n  this.pad[4] = key[24] & 0xff | (key[25] & 0xff) << 8;\n  this.pad[5] = key[26] & 0xff | (key[27] & 0xff) << 8;\n  this.pad[6] = key[28] & 0xff | (key[29] & 0xff) << 8;\n  this.pad[7] = key[30] & 0xff | (key[31] & 0xff) << 8;\n};\n\npoly1305.prototype.blocks = function(m, mpos, bytes) {\n  var hibit = this.fin ? 0 : (1 << 11);\n  var t0, t1, t2, t3, t4, t5, t6, t7, c;\n  var d0, d1, d2, d3, d4, d5, d6, d7, d8, d9;\n\n  var h0 = this.h[0],\n      h1 = this.h[1],\n      h2 = this.h[2],\n      h3 = this.h[3],\n      h4 = this.h[4],\n      h5 = this.h[5],\n      h6 = this.h[6],\n      h7 = this.h[7],\n      h8 = this.h[8],\n      h9 = this.h[9];\n\n  var r0 = this.r[0],\n      r1 = this.r[1],\n      r2 = this.r[2],\n      r3 = this.r[3],\n      r4 = this.r[4],\n      r5 = this.r[5],\n      r6 = this.r[6],\n      r7 = this.r[7],\n      r8 = this.r[8],\n      r9 = this.r[9];\n\n  while (bytes >= 16) {\n    t0 = m[mpos+ 0] & 0xff | (m[mpos+ 1] & 0xff) << 8; h0 += ( t0                     ) & 0x1fff;\n    t1 = m[mpos+ 2] & 0xff | (m[mpos+ 3] & 0xff) << 8; h1 += ((t0 >>> 13) | (t1 <<  3)) & 0x1fff;\n    t2 = m[mpos+ 4] & 0xff | (m[mpos+ 5] & 0xff) << 8; h2 += ((t1 >>> 10) | (t2 <<  6)) & 0x1fff;\n    t3 = m[mpos+ 6] & 0xff | (m[mpos+ 7] & 0xff) << 8; h3 += ((t2 >>>  7) | (t3 <<  9)) & 0x1fff;\n    t4 = m[mpos+ 8] & 0xff | (m[mpos+ 9] & 0xff) << 8; h4 += ((t3 >>>  4) | (t4 << 12)) & 0x1fff;\n    h5 += ((t4 >>>  1)) & 0x1fff;\n    t5 = m[mpos+10] & 0xff | (m[mpos+11] & 0xff) << 8; h6 += ((t4 >>> 14) | (t5 <<  2)) & 0x1fff;\n    t6 = m[mpos+12] & 0xff | (m[mpos+13] & 0xff) << 8; h7 += ((t5 >>> 11) | (t6 <<  5)) & 0x1fff;\n    t7 = m[mpos+14] & 0xff | (m[mpos+15] & 0xff) << 8; h8 += ((t6 >>>  8) | (t7 <<  8)) & 0x1fff;\n    h9 += ((t7 >>> 5)) | hibit;\n\n    c = 0;\n\n    d0 = c;\n    d0 += h0 * r0;\n    d0 += h1 * (5 * r9);\n    d0 += h2 * (5 * r8);\n    d0 += h3 * (5 * r7);\n    d0 += h4 * (5 * r6);\n    c = (d0 >>> 13); d0 &= 0x1fff;\n    d0 += h5 * (5 * r5);\n    d0 += h6 * (5 * r4);\n    d0 += h7 * (5 * r3);\n    d0 += h8 * (5 * r2);\n    d0 += h9 * (5 * r1);\n    c += (d0 >>> 13); d0 &= 0x1fff;\n\n    d1 = c;\n    d1 += h0 * r1;\n    d1 += h1 * r0;\n    d1 += h2 * (5 * r9);\n    d1 += h3 * (5 * r8);\n    d1 += h4 * (5 * r7);\n    c = (d1 >>> 13); d1 &= 0x1fff;\n    d1 += h5 * (5 * r6);\n    d1 += h6 * (5 * r5);\n    d1 += h7 * (5 * r4);\n    d1 += h8 * (5 * r3);\n    d1 += h9 * (5 * r2);\n    c += (d1 >>> 13); d1 &= 0x1fff;\n\n    d2 = c;\n    d2 += h0 * r2;\n    d2 += h1 * r1;\n    d2 += h2 * r0;\n    d2 += h3 * (5 * r9);\n    d2 += h4 * (5 * r8);\n    c = (d2 >>> 13); d2 &= 0x1fff;\n    d2 += h5 * (5 * r7);\n    d2 += h6 * (5 * r6);\n    d2 += h7 * (5 * r5);\n    d2 += h8 * (5 * r4);\n    d2 += h9 * (5 * r3);\n    c += (d2 >>> 13); d2 &= 0x1fff;\n\n    d3 = c;\n    d3 += h0 * r3;\n    d3 += h1 * r2;\n    d3 += h2 * r1;\n    d3 += h3 * r0;\n    d3 += h4 * (5 * r9);\n    c = (d3 >>> 13); d3 &= 0x1fff;\n    d3 += h5 * (5 * r8);\n    d3 += h6 * (5 * r7);\n    d3 += h7 * (5 * r6);\n    d3 += h8 * (5 * r5);\n    d3 += h9 * (5 * r4);\n    c += (d3 >>> 13); d3 &= 0x1fff;\n\n    d4 = c;\n    d4 += h0 * r4;\n    d4 += h1 * r3;\n    d4 += h2 * r2;\n    d4 += h3 * r1;\n    d4 += h4 * r0;\n    c = (d4 >>> 13); d4 &= 0x1fff;\n    d4 += h5 * (5 * r9);\n    d4 += h6 * (5 * r8);\n    d4 += h7 * (5 * r7);\n    d4 += h8 * (5 * r6);\n    d4 += h9 * (5 * r5);\n    c += (d4 >>> 13); d4 &= 0x1fff;\n\n    d5 = c;\n    d5 += h0 * r5;\n    d5 += h1 * r4;\n    d5 += h2 * r3;\n    d5 += h3 * r2;\n    d5 += h4 * r1;\n    c = (d5 >>> 13); d5 &= 0x1fff;\n    d5 += h5 * r0;\n    d5 += h6 * (5 * r9);\n    d5 += h7 * (5 * r8);\n    d5 += h8 * (5 * r7);\n    d5 += h9 * (5 * r6);\n    c += (d5 >>> 13); d5 &= 0x1fff;\n\n    d6 = c;\n    d6 += h0 * r6;\n    d6 += h1 * r5;\n    d6 += h2 * r4;\n    d6 += h3 * r3;\n    d6 += h4 * r2;\n    c = (d6 >>> 13); d6 &= 0x1fff;\n    d6 += h5 * r1;\n    d6 += h6 * r0;\n    d6 += h7 * (5 * r9);\n    d6 += h8 * (5 * r8);\n    d6 += h9 * (5 * r7);\n    c += (d6 >>> 13); d6 &= 0x1fff;\n\n    d7 = c;\n    d7 += h0 * r7;\n    d7 += h1 * r6;\n    d7 += h2 * r5;\n    d7 += h3 * r4;\n    d7 += h4 * r3;\n    c = (d7 >>> 13); d7 &= 0x1fff;\n    d7 += h5 * r2;\n    d7 += h6 * r1;\n    d7 += h7 * r0;\n    d7 += h8 * (5 * r9);\n    d7 += h9 * (5 * r8);\n    c += (d7 >>> 13); d7 &= 0x1fff;\n\n    d8 = c;\n    d8 += h0 * r8;\n    d8 += h1 * r7;\n    d8 += h2 * r6;\n    d8 += h3 * r5;\n    d8 += h4 * r4;\n    c = (d8 >>> 13); d8 &= 0x1fff;\n    d8 += h5 * r3;\n    d8 += h6 * r2;\n    d8 += h7 * r1;\n    d8 += h8 * r0;\n    d8 += h9 * (5 * r9);\n    c += (d8 >>> 13); d8 &= 0x1fff;\n\n    d9 = c;\n    d9 += h0 * r9;\n    d9 += h1 * r8;\n    d9 += h2 * r7;\n    d9 += h3 * r6;\n    d9 += h4 * r5;\n    c = (d9 >>> 13); d9 &= 0x1fff;\n    d9 += h5 * r4;\n    d9 += h6 * r3;\n    d9 += h7 * r2;\n    d9 += h8 * r1;\n    d9 += h9 * r0;\n    c += (d9 >>> 13); d9 &= 0x1fff;\n\n    c = (((c << 2) + c)) | 0;\n    c = (c + d0) | 0;\n    d0 = c & 0x1fff;\n    c = (c >>> 13);\n    d1 += c;\n\n    h0 = d0;\n    h1 = d1;\n    h2 = d2;\n    h3 = d3;\n    h4 = d4;\n    h5 = d5;\n    h6 = d6;\n    h7 = d7;\n    h8 = d8;\n    h9 = d9;\n\n    mpos += 16;\n    bytes -= 16;\n  }\n  this.h[0] = h0;\n  this.h[1] = h1;\n  this.h[2] = h2;\n  this.h[3] = h3;\n  this.h[4] = h4;\n  this.h[5] = h5;\n  this.h[6] = h6;\n  this.h[7] = h7;\n  this.h[8] = h8;\n  this.h[9] = h9;\n};\n\npoly1305.prototype.finish = function(mac, macpos) {\n  var g = new Uint16Array(10);\n  var c, mask, f, i;\n\n  if (this.leftover) {\n    i = this.leftover;\n    this.buffer[i++] = 1;\n    for (; i < 16; i++) this.buffer[i] = 0;\n    this.fin = 1;\n    this.blocks(this.buffer, 0, 16);\n  }\n\n  c = this.h[1] >>> 13;\n  this.h[1] &= 0x1fff;\n  for (i = 2; i < 10; i++) {\n    this.h[i] += c;\n    c = this.h[i] >>> 13;\n    this.h[i] &= 0x1fff;\n  }\n  this.h[0] += (c * 5);\n  c = this.h[0] >>> 13;\n  this.h[0] &= 0x1fff;\n  this.h[1] += c;\n  c = this.h[1] >>> 13;\n  this.h[1] &= 0x1fff;\n  this.h[2] += c;\n\n  g[0] = this.h[0] + 5;\n  c = g[0] >>> 13;\n  g[0] &= 0x1fff;\n  for (i = 1; i < 10; i++) {\n    g[i] = this.h[i] + c;\n    c = g[i] >>> 13;\n    g[i] &= 0x1fff;\n  }\n  g[9] -= (1 << 13);\n\n  mask = (c ^ 1) - 1;\n  for (i = 0; i < 10; i++) g[i] &= mask;\n  mask = ~mask;\n  for (i = 0; i < 10; i++) this.h[i] = (this.h[i] & mask) | g[i];\n\n  this.h[0] = ((this.h[0]       ) | (this.h[1] << 13)                    ) & 0xffff;\n  this.h[1] = ((this.h[1] >>>  3) | (this.h[2] << 10)                    ) & 0xffff;\n  this.h[2] = ((this.h[2] >>>  6) | (this.h[3] <<  7)                    ) & 0xffff;\n  this.h[3] = ((this.h[3] >>>  9) | (this.h[4] <<  4)                    ) & 0xffff;\n  this.h[4] = ((this.h[4] >>> 12) | (this.h[5] <<  1) | (this.h[6] << 14)) & 0xffff;\n  this.h[5] = ((this.h[6] >>>  2) | (this.h[7] << 11)                    ) & 0xffff;\n  this.h[6] = ((this.h[7] >>>  5) | (this.h[8] <<  8)                    ) & 0xffff;\n  this.h[7] = ((this.h[8] >>>  8) | (this.h[9] <<  5)                    ) & 0xffff;\n\n  f = this.h[0] + this.pad[0];\n  this.h[0] = f & 0xffff;\n  for (i = 1; i < 8; i++) {\n    f = (((this.h[i] + this.pad[i]) | 0) + (f >>> 16)) | 0;\n    this.h[i] = f & 0xffff;\n  }\n\n  mac[macpos+ 0] = (this.h[0] >>> 0) & 0xff;\n  mac[macpos+ 1] = (this.h[0] >>> 8) & 0xff;\n  mac[macpos+ 2] = (this.h[1] >>> 0) & 0xff;\n  mac[macpos+ 3] = (this.h[1] >>> 8) & 0xff;\n  mac[macpos+ 4] = (this.h[2] >>> 0) & 0xff;\n  mac[macpos+ 5] = (this.h[2] >>> 8) & 0xff;\n  mac[macpos+ 6] = (this.h[3] >>> 0) & 0xff;\n  mac[macpos+ 7] = (this.h[3] >>> 8) & 0xff;\n  mac[macpos+ 8] = (this.h[4] >>> 0) & 0xff;\n  mac[macpos+ 9] = (this.h[4] >>> 8) & 0xff;\n  mac[macpos+10] = (this.h[5] >>> 0) & 0xff;\n  mac[macpos+11] = (this.h[5] >>> 8) & 0xff;\n  mac[macpos+12] = (this.h[6] >>> 0) & 0xff;\n  mac[macpos+13] = (this.h[6] >>> 8) & 0xff;\n  mac[macpos+14] = (this.h[7] >>> 0) & 0xff;\n  mac[macpos+15] = (this.h[7] >>> 8) & 0xff;\n};\n\npoly1305.prototype.update = function(m, mpos, bytes) {\n  var i, want;\n\n  if (this.leftover) {\n    want = (16 - this.leftover);\n    if (want > bytes)\n      want = bytes;\n    for (i = 0; i < want; i++)\n      this.buffer[this.leftover + i] = m[mpos+i];\n    bytes -= want;\n    mpos += want;\n    this.leftover += want;\n    if (this.leftover < 16)\n      return;\n    this.blocks(this.buffer, 0, 16);\n    this.leftover = 0;\n  }\n\n  if (bytes >= 16) {\n    want = bytes - (bytes % 16);\n    this.blocks(m, mpos, want);\n    mpos += want;\n    bytes -= want;\n  }\n\n  if (bytes) {\n    for (i = 0; i < bytes; i++)\n      this.buffer[this.leftover + i] = m[mpos+i];\n    this.leftover += bytes;\n  }\n};\n\nfunction crypto_onetimeauth(out, outpos, m, mpos, n, k) {\n  var s = new poly1305(k);\n  s.update(m, mpos, n);\n  s.finish(out, outpos);\n  return 0;\n}\n\nfunction crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) {\n  var x = new Uint8Array(16);\n  crypto_onetimeauth(x,0,m,mpos,n,k);\n  return crypto_verify_16(h,hpos,x,0);\n}\n\nfunction crypto_secretbox(c,m,d,n,k) {\n  var i;\n  if (d < 32) return -1;\n  crypto_stream_xor(c,0,m,0,d,n,k);\n  crypto_onetimeauth(c, 16, c, 32, d - 32, c);\n  for (i = 0; i < 16; i++) c[i] = 0;\n  return 0;\n}\n\nfunction crypto_secretbox_open(m,c,d,n,k) {\n  var i;\n  var x = new Uint8Array(32);\n  if (d < 32) return -1;\n  crypto_stream(x,0,32,n,k);\n  if (crypto_onetimeauth_verify(c, 16,c, 32,d - 32,x) !== 0) return -1;\n  crypto_stream_xor(m,0,c,0,d,n,k);\n  for (i = 0; i < 32; i++) m[i] = 0;\n  return 0;\n}\n\nfunction set25519(r, a) {\n  var i;\n  for (i = 0; i < 16; i++) r[i] = a[i]|0;\n}\n\nfunction car25519(o) {\n  var i, v, c = 1;\n  for (i = 0; i < 16; i++) {\n    v = o[i] + c + 65535;\n    c = Math.floor(v / 65536);\n    o[i] = v - c * 65536;\n  }\n  o[0] += c-1 + 37 * (c-1);\n}\n\nfunction sel25519(p, q, b) {\n  var t, c = ~(b-1);\n  for (var i = 0; i < 16; i++) {\n    t = c & (p[i] ^ q[i]);\n    p[i] ^= t;\n    q[i] ^= t;\n  }\n}\n\nfunction pack25519(o, n) {\n  var i, j, b;\n  var m = gf(), t = gf();\n  for (i = 0; i < 16; i++) t[i] = n[i];\n  car25519(t);\n  car25519(t);\n  car25519(t);\n  for (j = 0; j < 2; j++) {\n    m[0] = t[0] - 0xffed;\n    for (i = 1; i < 15; i++) {\n      m[i] = t[i] - 0xffff - ((m[i-1]>>16) & 1);\n      m[i-1] &= 0xffff;\n    }\n    m[15] = t[15] - 0x7fff - ((m[14]>>16) & 1);\n    b = (m[15]>>16) & 1;\n    m[14] &= 0xffff;\n    sel25519(t, m, 1-b);\n  }\n  for (i = 0; i < 16; i++) {\n    o[2*i] = t[i] & 0xff;\n    o[2*i+1] = t[i]>>8;\n  }\n}\n\nfunction neq25519(a, b) {\n  var c = new Uint8Array(32), d = new Uint8Array(32);\n  pack25519(c, a);\n  pack25519(d, b);\n  return crypto_verify_32(c, 0, d, 0);\n}\n\nfunction par25519(a) {\n  var d = new Uint8Array(32);\n  pack25519(d, a);\n  return d[0] & 1;\n}\n\nfunction unpack25519(o, n) {\n  var i;\n  for (i = 0; i < 16; i++) o[i] = n[2*i] + (n[2*i+1] << 8);\n  o[15] &= 0x7fff;\n}\n\nfunction A(o, a, b) {\n  for (var i = 0; i < 16; i++) o[i] = a[i] + b[i];\n}\n\nfunction Z(o, a, b) {\n  for (var i = 0; i < 16; i++) o[i] = a[i] - b[i];\n}\n\nfunction M(o, a, b) {\n  var v, c,\n     t0 = 0,  t1 = 0,  t2 = 0,  t3 = 0,  t4 = 0,  t5 = 0,  t6 = 0,  t7 = 0,\n     t8 = 0,  t9 = 0, t10 = 0, t11 = 0, t12 = 0, t13 = 0, t14 = 0, t15 = 0,\n    t16 = 0, t17 = 0, t18 = 0, t19 = 0, t20 = 0, t21 = 0, t22 = 0, t23 = 0,\n    t24 = 0, t25 = 0, t26 = 0, t27 = 0, t28 = 0, t29 = 0, t30 = 0,\n    b0 = b[0],\n    b1 = b[1],\n    b2 = b[2],\n    b3 = b[3],\n    b4 = b[4],\n    b5 = b[5],\n    b6 = b[6],\n    b7 = b[7],\n    b8 = b[8],\n    b9 = b[9],\n    b10 = b[10],\n    b11 = b[11],\n    b12 = b[12],\n    b13 = b[13],\n    b14 = b[14],\n    b15 = b[15];\n\n  v = a[0];\n  t0 += v * b0;\n  t1 += v * b1;\n  t2 += v * b2;\n  t3 += v * b3;\n  t4 += v * b4;\n  t5 += v * b5;\n  t6 += v * b6;\n  t7 += v * b7;\n  t8 += v * b8;\n  t9 += v * b9;\n  t10 += v * b10;\n  t11 += v * b11;\n  t12 += v * b12;\n  t13 += v * b13;\n  t14 += v * b14;\n  t15 += v * b15;\n  v = a[1];\n  t1 += v * b0;\n  t2 += v * b1;\n  t3 += v * b2;\n  t4 += v * b3;\n  t5 += v * b4;\n  t6 += v * b5;\n  t7 += v * b6;\n  t8 += v * b7;\n  t9 += v * b8;\n  t10 += v * b9;\n  t11 += v * b10;\n  t12 += v * b11;\n  t13 += v * b12;\n  t14 += v * b13;\n  t15 += v * b14;\n  t16 += v * b15;\n  v = a[2];\n  t2 += v * b0;\n  t3 += v * b1;\n  t4 += v * b2;\n  t5 += v * b3;\n  t6 += v * b4;\n  t7 += v * b5;\n  t8 += v * b6;\n  t9 += v * b7;\n  t10 += v * b8;\n  t11 += v * b9;\n  t12 += v * b10;\n  t13 += v * b11;\n  t14 += v * b12;\n  t15 += v * b13;\n  t16 += v * b14;\n  t17 += v * b15;\n  v = a[3];\n  t3 += v * b0;\n  t4 += v * b1;\n  t5 += v * b2;\n  t6 += v * b3;\n  t7 += v * b4;\n  t8 += v * b5;\n  t9 += v * b6;\n  t10 += v * b7;\n  t11 += v * b8;\n  t12 += v * b9;\n  t13 += v * b10;\n  t14 += v * b11;\n  t15 += v * b12;\n  t16 += v * b13;\n  t17 += v * b14;\n  t18 += v * b15;\n  v = a[4];\n  t4 += v * b0;\n  t5 += v * b1;\n  t6 += v * b2;\n  t7 += v * b3;\n  t8 += v * b4;\n  t9 += v * b5;\n  t10 += v * b6;\n  t11 += v * b7;\n  t12 += v * b8;\n  t13 += v * b9;\n  t14 += v * b10;\n  t15 += v * b11;\n  t16 += v * b12;\n  t17 += v * b13;\n  t18 += v * b14;\n  t19 += v * b15;\n  v = a[5];\n  t5 += v * b0;\n  t6 += v * b1;\n  t7 += v * b2;\n  t8 += v * b3;\n  t9 += v * b4;\n  t10 += v * b5;\n  t11 += v * b6;\n  t12 += v * b7;\n  t13 += v * b8;\n  t14 += v * b9;\n  t15 += v * b10;\n  t16 += v * b11;\n  t17 += v * b12;\n  t18 += v * b13;\n  t19 += v * b14;\n  t20 += v * b15;\n  v = a[6];\n  t6 += v * b0;\n  t7 += v * b1;\n  t8 += v * b2;\n  t9 += v * b3;\n  t10 += v * b4;\n  t11 += v * b5;\n  t12 += v * b6;\n  t13 += v * b7;\n  t14 += v * b8;\n  t15 += v * b9;\n  t16 += v * b10;\n  t17 += v * b11;\n  t18 += v * b12;\n  t19 += v * b13;\n  t20 += v * b14;\n  t21 += v * b15;\n  v = a[7];\n  t7 += v * b0;\n  t8 += v * b1;\n  t9 += v * b2;\n  t10 += v * b3;\n  t11 += v * b4;\n  t12 += v * b5;\n  t13 += v * b6;\n  t14 += v * b7;\n  t15 += v * b8;\n  t16 += v * b9;\n  t17 += v * b10;\n  t18 += v * b11;\n  t19 += v * b12;\n  t20 += v * b13;\n  t21 += v * b14;\n  t22 += v * b15;\n  v = a[8];\n  t8 += v * b0;\n  t9 += v * b1;\n  t10 += v * b2;\n  t11 += v * b3;\n  t12 += v * b4;\n  t13 += v * b5;\n  t14 += v * b6;\n  t15 += v * b7;\n  t16 += v * b8;\n  t17 += v * b9;\n  t18 += v * b10;\n  t19 += v * b11;\n  t20 += v * b12;\n  t21 += v * b13;\n  t22 += v * b14;\n  t23 += v * b15;\n  v = a[9];\n  t9 += v * b0;\n  t10 += v * b1;\n  t11 += v * b2;\n  t12 += v * b3;\n  t13 += v * b4;\n  t14 += v * b5;\n  t15 += v * b6;\n  t16 += v * b7;\n  t17 += v * b8;\n  t18 += v * b9;\n  t19 += v * b10;\n  t20 += v * b11;\n  t21 += v * b12;\n  t22 += v * b13;\n  t23 += v * b14;\n  t24 += v * b15;\n  v = a[10];\n  t10 += v * b0;\n  t11 += v * b1;\n  t12 += v * b2;\n  t13 += v * b3;\n  t14 += v * b4;\n  t15 += v * b5;\n  t16 += v * b6;\n  t17 += v * b7;\n  t18 += v * b8;\n  t19 += v * b9;\n  t20 += v * b10;\n  t21 += v * b11;\n  t22 += v * b12;\n  t23 += v * b13;\n  t24 += v * b14;\n  t25 += v * b15;\n  v = a[11];\n  t11 += v * b0;\n  t12 += v * b1;\n  t13 += v * b2;\n  t14 += v * b3;\n  t15 += v * b4;\n  t16 += v * b5;\n  t17 += v * b6;\n  t18 += v * b7;\n  t19 += v * b8;\n  t20 += v * b9;\n  t21 += v * b10;\n  t22 += v * b11;\n  t23 += v * b12;\n  t24 += v * b13;\n  t25 += v * b14;\n  t26 += v * b15;\n  v = a[12];\n  t12 += v * b0;\n  t13 += v * b1;\n  t14 += v * b2;\n  t15 += v * b3;\n  t16 += v * b4;\n  t17 += v * b5;\n  t18 += v * b6;\n  t19 += v * b7;\n  t20 += v * b8;\n  t21 += v * b9;\n  t22 += v * b10;\n  t23 += v * b11;\n  t24 += v * b12;\n  t25 += v * b13;\n  t26 += v * b14;\n  t27 += v * b15;\n  v = a[13];\n  t13 += v * b0;\n  t14 += v * b1;\n  t15 += v * b2;\n  t16 += v * b3;\n  t17 += v * b4;\n  t18 += v * b5;\n  t19 += v * b6;\n  t20 += v * b7;\n  t21 += v * b8;\n  t22 += v * b9;\n  t23 += v * b10;\n  t24 += v * b11;\n  t25 += v * b12;\n  t26 += v * b13;\n  t27 += v * b14;\n  t28 += v * b15;\n  v = a[14];\n  t14 += v * b0;\n  t15 += v * b1;\n  t16 += v * b2;\n  t17 += v * b3;\n  t18 += v * b4;\n  t19 += v * b5;\n  t20 += v * b6;\n  t21 += v * b7;\n  t22 += v * b8;\n  t23 += v * b9;\n  t24 += v * b10;\n  t25 += v * b11;\n  t26 += v * b12;\n  t27 += v * b13;\n  t28 += v * b14;\n  t29 += v * b15;\n  v = a[15];\n  t15 += v * b0;\n  t16 += v * b1;\n  t17 += v * b2;\n  t18 += v * b3;\n  t19 += v * b4;\n  t20 += v * b5;\n  t21 += v * b6;\n  t22 += v * b7;\n  t23 += v * b8;\n  t24 += v * b9;\n  t25 += v * b10;\n  t26 += v * b11;\n  t27 += v * b12;\n  t28 += v * b13;\n  t29 += v * b14;\n  t30 += v * b15;\n\n  t0  += 38 * t16;\n  t1  += 38 * t17;\n  t2  += 38 * t18;\n  t3  += 38 * t19;\n  t4  += 38 * t20;\n  t5  += 38 * t21;\n  t6  += 38 * t22;\n  t7  += 38 * t23;\n  t8  += 38 * t24;\n  t9  += 38 * t25;\n  t10 += 38 * t26;\n  t11 += 38 * t27;\n  t12 += 38 * t28;\n  t13 += 38 * t29;\n  t14 += 38 * t30;\n  // t15 left as is\n\n  // first car\n  c = 1;\n  v =  t0 + c + 65535; c = Math.floor(v / 65536);  t0 = v - c * 65536;\n  v =  t1 + c + 65535; c = Math.floor(v / 65536);  t1 = v - c * 65536;\n  v =  t2 + c + 65535; c = Math.floor(v / 65536);  t2 = v - c * 65536;\n  v =  t3 + c + 65535; c = Math.floor(v / 65536);  t3 = v - c * 65536;\n  v =  t4 + c + 65535; c = Math.floor(v / 65536);  t4 = v - c * 65536;\n  v =  t5 + c + 65535; c = Math.floor(v / 65536);  t5 = v - c * 65536;\n  v =  t6 + c + 65535; c = Math.floor(v / 65536);  t6 = v - c * 65536;\n  v =  t7 + c + 65535; c = Math.floor(v / 65536);  t7 = v - c * 65536;\n  v =  t8 + c + 65535; c = Math.floor(v / 65536);  t8 = v - c * 65536;\n  v =  t9 + c + 65535; c = Math.floor(v / 65536);  t9 = v - c * 65536;\n  v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;\n  v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;\n  v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;\n  v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;\n  v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;\n  v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;\n  t0 += c-1 + 37 * (c-1);\n\n  // second car\n  c = 1;\n  v =  t0 + c + 65535; c = Math.floor(v / 65536);  t0 = v - c * 65536;\n  v =  t1 + c + 65535; c = Math.floor(v / 65536);  t1 = v - c * 65536;\n  v =  t2 + c + 65535; c = Math.floor(v / 65536);  t2 = v - c * 65536;\n  v =  t3 + c + 65535; c = Math.floor(v / 65536);  t3 = v - c * 65536;\n  v =  t4 + c + 65535; c = Math.floor(v / 65536);  t4 = v - c * 65536;\n  v =  t5 + c + 65535; c = Math.floor(v / 65536);  t5 = v - c * 65536;\n  v =  t6 + c + 65535; c = Math.floor(v / 65536);  t6 = v - c * 65536;\n  v =  t7 + c + 65535; c = Math.floor(v / 65536);  t7 = v - c * 65536;\n  v =  t8 + c + 65535; c = Math.floor(v / 65536);  t8 = v - c * 65536;\n  v =  t9 + c + 65535; c = Math.floor(v / 65536);  t9 = v - c * 65536;\n  v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;\n  v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;\n  v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;\n  v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;\n  v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;\n  v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;\n  t0 += c-1 + 37 * (c-1);\n\n  o[ 0] = t0;\n  o[ 1] = t1;\n  o[ 2] = t2;\n  o[ 3] = t3;\n  o[ 4] = t4;\n  o[ 5] = t5;\n  o[ 6] = t6;\n  o[ 7] = t7;\n  o[ 8] = t8;\n  o[ 9] = t9;\n  o[10] = t10;\n  o[11] = t11;\n  o[12] = t12;\n  o[13] = t13;\n  o[14] = t14;\n  o[15] = t15;\n}\n\nfunction S(o, a) {\n  M(o, a, a);\n}\n\nfunction inv25519(o, i) {\n  var c = gf();\n  var a;\n  for (a = 0; a < 16; a++) c[a] = i[a];\n  for (a = 253; a >= 0; a--) {\n    S(c, c);\n    if(a !== 2 && a !== 4) M(c, c, i);\n  }\n  for (a = 0; a < 16; a++) o[a] = c[a];\n}\n\nfunction pow2523(o, i) {\n  var c = gf();\n  var a;\n  for (a = 0; a < 16; a++) c[a] = i[a];\n  for (a = 250; a >= 0; a--) {\n      S(c, c);\n      if(a !== 1) M(c, c, i);\n  }\n  for (a = 0; a < 16; a++) o[a] = c[a];\n}\n\nfunction crypto_scalarmult(q, n, p) {\n  var z = new Uint8Array(32);\n  var x = new Float64Array(80), r, i;\n  var a = gf(), b = gf(), c = gf(),\n      d = gf(), e = gf(), f = gf();\n  for (i = 0; i < 31; i++) z[i] = n[i];\n  z[31]=(n[31]&127)|64;\n  z[0]&=248;\n  unpack25519(x,p);\n  for (i = 0; i < 16; i++) {\n    b[i]=x[i];\n    d[i]=a[i]=c[i]=0;\n  }\n  a[0]=d[0]=1;\n  for (i=254; i>=0; --i) {\n    r=(z[i>>>3]>>>(i&7))&1;\n    sel25519(a,b,r);\n    sel25519(c,d,r);\n    A(e,a,c);\n    Z(a,a,c);\n    A(c,b,d);\n    Z(b,b,d);\n    S(d,e);\n    S(f,a);\n    M(a,c,a);\n    M(c,b,e);\n    A(e,a,c);\n    Z(a,a,c);\n    S(b,a);\n    Z(c,d,f);\n    M(a,c,_121665);\n    A(a,a,d);\n    M(c,c,a);\n    M(a,d,f);\n    M(d,b,x);\n    S(b,e);\n    sel25519(a,b,r);\n    sel25519(c,d,r);\n  }\n  for (i = 0; i < 16; i++) {\n    x[i+16]=a[i];\n    x[i+32]=c[i];\n    x[i+48]=b[i];\n    x[i+64]=d[i];\n  }\n  var x32 = x.subarray(32);\n  var x16 = x.subarray(16);\n  inv25519(x32,x32);\n  M(x16,x16,x32);\n  pack25519(q,x16);\n  return 0;\n}\n\nfunction crypto_scalarmult_base(q, n) {\n  return crypto_scalarmult(q, n, _9);\n}\n\nfunction crypto_box_keypair(y, x) {\n  randombytes(x, 32);\n  return crypto_scalarmult_base(y, x);\n}\n\nfunction crypto_box_beforenm(k, y, x) {\n  var s = new Uint8Array(32);\n  crypto_scalarmult(s, x, y);\n  return crypto_core_hsalsa20(k, _0, s, sigma);\n}\n\nvar crypto_box_afternm = crypto_secretbox;\nvar crypto_box_open_afternm = crypto_secretbox_open;\n\nfunction crypto_box(c, m, d, n, y, x) {\n  var k = new Uint8Array(32);\n  crypto_box_beforenm(k, y, x);\n  return crypto_box_afternm(c, m, d, n, k);\n}\n\nfunction crypto_box_open(m, c, d, n, y, x) {\n  var k = new Uint8Array(32);\n  crypto_box_beforenm(k, y, x);\n  return crypto_box_open_afternm(m, c, d, n, k);\n}\n\nvar K = [\n  0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,\n  0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,\n  0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,\n  0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,\n  0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,\n  0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,\n  0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,\n  0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,\n  0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,\n  0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,\n  0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,\n  0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,\n  0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,\n  0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,\n  0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,\n  0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,\n  0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,\n  0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,\n  0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,\n  0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,\n  0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,\n  0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,\n  0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,\n  0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,\n  0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,\n  0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,\n  0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,\n  0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,\n  0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,\n  0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,\n  0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,\n  0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,\n  0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,\n  0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,\n  0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,\n  0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,\n  0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,\n  0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,\n  0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,\n  0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817\n];\n\nfunction crypto_hashblocks_hl(hh, hl, m, n) {\n  var wh = new Int32Array(16), wl = new Int32Array(16),\n      bh0, bh1, bh2, bh3, bh4, bh5, bh6, bh7,\n      bl0, bl1, bl2, bl3, bl4, bl5, bl6, bl7,\n      th, tl, i, j, h, l, a, b, c, d;\n\n  var ah0 = hh[0],\n      ah1 = hh[1],\n      ah2 = hh[2],\n      ah3 = hh[3],\n      ah4 = hh[4],\n      ah5 = hh[5],\n      ah6 = hh[6],\n      ah7 = hh[7],\n\n      al0 = hl[0],\n      al1 = hl[1],\n      al2 = hl[2],\n      al3 = hl[3],\n      al4 = hl[4],\n      al5 = hl[5],\n      al6 = hl[6],\n      al7 = hl[7];\n\n  var pos = 0;\n  while (n >= 128) {\n    for (i = 0; i < 16; i++) {\n      j = 8 * i + pos;\n      wh[i] = (m[j+0] << 24) | (m[j+1] << 16) | (m[j+2] << 8) | m[j+3];\n      wl[i] = (m[j+4] << 24) | (m[j+5] << 16) | (m[j+6] << 8) | m[j+7];\n    }\n    for (i = 0; i < 80; i++) {\n      bh0 = ah0;\n      bh1 = ah1;\n      bh2 = ah2;\n      bh3 = ah3;\n      bh4 = ah4;\n      bh5 = ah5;\n      bh6 = ah6;\n      bh7 = ah7;\n\n      bl0 = al0;\n      bl1 = al1;\n      bl2 = al2;\n      bl3 = al3;\n      bl4 = al4;\n      bl5 = al5;\n      bl6 = al6;\n      bl7 = al7;\n\n      // add\n      h = ah7;\n      l = al7;\n\n      a = l & 0xffff; b = l >>> 16;\n      c = h & 0xffff; d = h >>> 16;\n\n      // Sigma1\n      h = ((ah4 >>> 14) | (al4 << (32-14))) ^ ((ah4 >>> 18) | (al4 << (32-18))) ^ ((al4 >>> (41-32)) | (ah4 << (32-(41-32))));\n      l = ((al4 >>> 14) | (ah4 << (32-14))) ^ ((al4 >>> 18) | (ah4 << (32-18))) ^ ((ah4 >>> (41-32)) | (al4 << (32-(41-32))));\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      // Ch\n      h = (ah4 & ah5) ^ (~ah4 & ah6);\n      l = (al4 & al5) ^ (~al4 & al6);\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      // K\n      h = K[i*2];\n      l = K[i*2+1];\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      // w\n      h = wh[i%16];\n      l = wl[i%16];\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      b += a >>> 16;\n      c += b >>> 16;\n      d += c >>> 16;\n\n      th = c & 0xffff | d << 16;\n      tl = a & 0xffff | b << 16;\n\n      // add\n      h = th;\n      l = tl;\n\n      a = l & 0xffff; b = l >>> 16;\n      c = h & 0xffff; d = h >>> 16;\n\n      // Sigma0\n      h = ((ah0 >>> 28) | (al0 << (32-28))) ^ ((al0 >>> (34-32)) | (ah0 << (32-(34-32)))) ^ ((al0 >>> (39-32)) | (ah0 << (32-(39-32))));\n      l = ((al0 >>> 28) | (ah0 << (32-28))) ^ ((ah0 >>> (34-32)) | (al0 << (32-(34-32)))) ^ ((ah0 >>> (39-32)) | (al0 << (32-(39-32))));\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      // Maj\n      h = (ah0 & ah1) ^ (ah0 & ah2) ^ (ah1 & ah2);\n      l = (al0 & al1) ^ (al0 & al2) ^ (al1 & al2);\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      b += a >>> 16;\n      c += b >>> 16;\n      d += c >>> 16;\n\n      bh7 = (c & 0xffff) | (d << 16);\n      bl7 = (a & 0xffff) | (b << 16);\n\n      // add\n      h = bh3;\n      l = bl3;\n\n      a = l & 0xffff; b = l >>> 16;\n      c = h & 0xffff; d = h >>> 16;\n\n      h = th;\n      l = tl;\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      b += a >>> 16;\n      c += b >>> 16;\n      d += c >>> 16;\n\n      bh3 = (c & 0xffff) | (d << 16);\n      bl3 = (a & 0xffff) | (b << 16);\n\n      ah1 = bh0;\n      ah2 = bh1;\n      ah3 = bh2;\n      ah4 = bh3;\n      ah5 = bh4;\n      ah6 = bh5;\n      ah7 = bh6;\n      ah0 = bh7;\n\n      al1 = bl0;\n      al2 = bl1;\n      al3 = bl2;\n      al4 = bl3;\n      al5 = bl4;\n      al6 = bl5;\n      al7 = bl6;\n      al0 = bl7;\n\n      if (i%16 === 15) {\n        for (j = 0; j < 16; j++) {\n          // add\n          h = wh[j];\n          l = wl[j];\n\n          a = l & 0xffff; b = l >>> 16;\n          c = h & 0xffff; d = h >>> 16;\n\n          h = wh[(j+9)%16];\n          l = wl[(j+9)%16];\n\n          a += l & 0xffff; b += l >>> 16;\n          c += h & 0xffff; d += h >>> 16;\n\n          // sigma0\n          th = wh[(j+1)%16];\n          tl = wl[(j+1)%16];\n          h = ((th >>> 1) | (tl << (32-1))) ^ ((th >>> 8) | (tl << (32-8))) ^ (th >>> 7);\n          l = ((tl >>> 1) | (th << (32-1))) ^ ((tl >>> 8) | (th << (32-8))) ^ ((tl >>> 7) | (th << (32-7)));\n\n          a += l & 0xffff; b += l >>> 16;\n          c += h & 0xffff; d += h >>> 16;\n\n          // sigma1\n          th = wh[(j+14)%16];\n          tl = wl[(j+14)%16];\n          h = ((th >>> 19) | (tl << (32-19))) ^ ((tl >>> (61-32)) | (th << (32-(61-32)))) ^ (th >>> 6);\n          l = ((tl >>> 19) | (th << (32-19))) ^ ((th >>> (61-32)) | (tl << (32-(61-32)))) ^ ((tl >>> 6) | (th << (32-6)));\n\n          a += l & 0xffff; b += l >>> 16;\n          c += h & 0xffff; d += h >>> 16;\n\n          b += a >>> 16;\n          c += b >>> 16;\n          d += c >>> 16;\n\n          wh[j] = (c & 0xffff) | (d << 16);\n          wl[j] = (a & 0xffff) | (b << 16);\n        }\n      }\n    }\n\n    // add\n    h = ah0;\n    l = al0;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[0];\n    l = hl[0];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[0] = ah0 = (c & 0xffff) | (d << 16);\n    hl[0] = al0 = (a & 0xffff) | (b << 16);\n\n    h = ah1;\n    l = al1;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[1];\n    l = hl[1];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[1] = ah1 = (c & 0xffff) | (d << 16);\n    hl[1] = al1 = (a & 0xffff) | (b << 16);\n\n    h = ah2;\n    l = al2;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[2];\n    l = hl[2];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[2] = ah2 = (c & 0xffff) | (d << 16);\n    hl[2] = al2 = (a & 0xffff) | (b << 16);\n\n    h = ah3;\n    l = al3;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[3];\n    l = hl[3];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[3] = ah3 = (c & 0xffff) | (d << 16);\n    hl[3] = al3 = (a & 0xffff) | (b << 16);\n\n    h = ah4;\n    l = al4;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[4];\n    l = hl[4];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[4] = ah4 = (c & 0xffff) | (d << 16);\n    hl[4] = al4 = (a & 0xffff) | (b << 16);\n\n    h = ah5;\n    l = al5;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[5];\n    l = hl[5];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[5] = ah5 = (c & 0xffff) | (d << 16);\n    hl[5] = al5 = (a & 0xffff) | (b << 16);\n\n    h = ah6;\n    l = al6;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[6];\n    l = hl[6];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[6] = ah6 = (c & 0xffff) | (d << 16);\n    hl[6] = al6 = (a & 0xffff) | (b << 16);\n\n    h = ah7;\n    l = al7;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[7];\n    l = hl[7];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[7] = ah7 = (c & 0xffff) | (d << 16);\n    hl[7] = al7 = (a & 0xffff) | (b << 16);\n\n    pos += 128;\n    n -= 128;\n  }\n\n  return n;\n}\n\nfunction crypto_hash(out, m, n) {\n  var hh = new Int32Array(8),\n      hl = new Int32Array(8),\n      x = new Uint8Array(256),\n      i, b = n;\n\n  hh[0] = 0x6a09e667;\n  hh[1] = 0xbb67ae85;\n  hh[2] = 0x3c6ef372;\n  hh[3] = 0xa54ff53a;\n  hh[4] = 0x510e527f;\n  hh[5] = 0x9b05688c;\n  hh[6] = 0x1f83d9ab;\n  hh[7] = 0x5be0cd19;\n\n  hl[0] = 0xf3bcc908;\n  hl[1] = 0x84caa73b;\n  hl[2] = 0xfe94f82b;\n  hl[3] = 0x5f1d36f1;\n  hl[4] = 0xade682d1;\n  hl[5] = 0x2b3e6c1f;\n  hl[6] = 0xfb41bd6b;\n  hl[7] = 0x137e2179;\n\n  crypto_hashblocks_hl(hh, hl, m, n);\n  n %= 128;\n\n  for (i = 0; i < n; i++) x[i] = m[b-n+i];\n  x[n] = 128;\n\n  n = 256-128*(n<112?1:0);\n  x[n-9] = 0;\n  ts64(x, n-8,  (b / 0x20000000) | 0, b << 3);\n  crypto_hashblocks_hl(hh, hl, x, n);\n\n  for (i = 0; i < 8; i++) ts64(out, 8*i, hh[i], hl[i]);\n\n  return 0;\n}\n\nfunction add(p, q) {\n  var a = gf(), b = gf(), c = gf(),\n      d = gf(), e = gf(), f = gf(),\n      g = gf(), h = gf(), t = gf();\n\n  Z(a, p[1], p[0]);\n  Z(t, q[1], q[0]);\n  M(a, a, t);\n  A(b, p[0], p[1]);\n  A(t, q[0], q[1]);\n  M(b, b, t);\n  M(c, p[3], q[3]);\n  M(c, c, D2);\n  M(d, p[2], q[2]);\n  A(d, d, d);\n  Z(e, b, a);\n  Z(f, d, c);\n  A(g, d, c);\n  A(h, b, a);\n\n  M(p[0], e, f);\n  M(p[1], h, g);\n  M(p[2], g, f);\n  M(p[3], e, h);\n}\n\nfunction cswap(p, q, b) {\n  var i;\n  for (i = 0; i < 4; i++) {\n    sel25519(p[i], q[i], b);\n  }\n}\n\nfunction pack(r, p) {\n  var tx = gf(), ty = gf(), zi = gf();\n  inv25519(zi, p[2]);\n  M(tx, p[0], zi);\n  M(ty, p[1], zi);\n  pack25519(r, ty);\n  r[31] ^= par25519(tx) << 7;\n}\n\nfunction scalarmult(p, q, s) {\n  var b, i;\n  set25519(p[0], gf0);\n  set25519(p[1], gf1);\n  set25519(p[2], gf1);\n  set25519(p[3], gf0);\n  for (i = 255; i >= 0; --i) {\n    b = (s[(i/8)|0] >> (i&7)) & 1;\n    cswap(p, q, b);\n    add(q, p);\n    add(p, p);\n    cswap(p, q, b);\n  }\n}\n\nfunction scalarbase(p, s) {\n  var q = [gf(), gf(), gf(), gf()];\n  set25519(q[0], X);\n  set25519(q[1], Y);\n  set25519(q[2], gf1);\n  M(q[3], X, Y);\n  scalarmult(p, q, s);\n}\n\nfunction crypto_sign_keypair(pk, sk, seeded) {\n  var d = new Uint8Array(64);\n  var p = [gf(), gf(), gf(), gf()];\n  var i;\n\n  if (!seeded) randombytes(sk, 32);\n  crypto_hash(d, sk, 32);\n  d[0] &= 248;\n  d[31] &= 127;\n  d[31] |= 64;\n\n  scalarbase(p, d);\n  pack(pk, p);\n\n  for (i = 0; i < 32; i++) sk[i+32] = pk[i];\n  return 0;\n}\n\nvar L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]);\n\nfunction modL(r, x) {\n  var carry, i, j, k;\n  for (i = 63; i >= 32; --i) {\n    carry = 0;\n    for (j = i - 32, k = i - 12; j < k; ++j) {\n      x[j] += carry - 16 * x[i] * L[j - (i - 32)];\n      carry = (x[j] + 128) >> 8;\n      x[j] -= carry * 256;\n    }\n    x[j] += carry;\n    x[i] = 0;\n  }\n  carry = 0;\n  for (j = 0; j < 32; j++) {\n    x[j] += carry - (x[31] >> 4) * L[j];\n    carry = x[j] >> 8;\n    x[j] &= 255;\n  }\n  for (j = 0; j < 32; j++) x[j] -= carry * L[j];\n  for (i = 0; i < 32; i++) {\n    x[i+1] += x[i] >> 8;\n    r[i] = x[i] & 255;\n  }\n}\n\nfunction reduce(r) {\n  var x = new Float64Array(64), i;\n  for (i = 0; i < 64; i++) x[i] = r[i];\n  for (i = 0; i < 64; i++) r[i] = 0;\n  modL(r, x);\n}\n\n// Note: difference from C - smlen returned, not passed as argument.\nfunction crypto_sign(sm, m, n, sk) {\n  var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64);\n  var i, j, x = new Float64Array(64);\n  var p = [gf(), gf(), gf(), gf()];\n\n  crypto_hash(d, sk, 32);\n  d[0] &= 248;\n  d[31] &= 127;\n  d[31] |= 64;\n\n  var smlen = n + 64;\n  for (i = 0; i < n; i++) sm[64 + i] = m[i];\n  for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i];\n\n  crypto_hash(r, sm.subarray(32), n+32);\n  reduce(r);\n  scalarbase(p, r);\n  pack(sm, p);\n\n  for (i = 32; i < 64; i++) sm[i] = sk[i];\n  crypto_hash(h, sm, n + 64);\n  reduce(h);\n\n  for (i = 0; i < 64; i++) x[i] = 0;\n  for (i = 0; i < 32; i++) x[i] = r[i];\n  for (i = 0; i < 32; i++) {\n    for (j = 0; j < 32; j++) {\n      x[i+j] += h[i] * d[j];\n    }\n  }\n\n  modL(sm.subarray(32), x);\n  return smlen;\n}\n\nfunction unpackneg(r, p) {\n  var t = gf(), chk = gf(), num = gf(),\n      den = gf(), den2 = gf(), den4 = gf(),\n      den6 = gf();\n\n  set25519(r[2], gf1);\n  unpack25519(r[1], p);\n  S(num, r[1]);\n  M(den, num, D);\n  Z(num, num, r[2]);\n  A(den, r[2], den);\n\n  S(den2, den);\n  S(den4, den2);\n  M(den6, den4, den2);\n  M(t, den6, num);\n  M(t, t, den);\n\n  pow2523(t, t);\n  M(t, t, num);\n  M(t, t, den);\n  M(t, t, den);\n  M(r[0], t, den);\n\n  S(chk, r[0]);\n  M(chk, chk, den);\n  if (neq25519(chk, num)) M(r[0], r[0], I);\n\n  S(chk, r[0]);\n  M(chk, chk, den);\n  if (neq25519(chk, num)) return -1;\n\n  if (par25519(r[0]) === (p[31]>>7)) Z(r[0], gf0, r[0]);\n\n  M(r[3], r[0], r[1]);\n  return 0;\n}\n\nfunction crypto_sign_open(m, sm, n, pk) {\n  var i, mlen;\n  var t = new Uint8Array(32), h = new Uint8Array(64);\n  var p = [gf(), gf(), gf(), gf()],\n      q = [gf(), gf(), gf(), gf()];\n\n  mlen = -1;\n  if (n < 64) return -1;\n\n  if (unpackneg(q, pk)) return -1;\n\n  for (i = 0; i < n; i++) m[i] = sm[i];\n  for (i = 0; i < 32; i++) m[i+32] = pk[i];\n  crypto_hash(h, m, n);\n  reduce(h);\n  scalarmult(p, q, h);\n\n  scalarbase(q, sm.subarray(32));\n  add(p, q);\n  pack(t, p);\n\n  n -= 64;\n  if (crypto_verify_32(sm, 0, t, 0)) {\n    for (i = 0; i < n; i++) m[i] = 0;\n    return -1;\n  }\n\n  for (i = 0; i < n; i++) m[i] = sm[i + 64];\n  mlen = n;\n  return mlen;\n}\n\nvar crypto_secretbox_KEYBYTES = 32,\n    crypto_secretbox_NONCEBYTES = 24,\n    crypto_secretbox_ZEROBYTES = 32,\n    crypto_secretbox_BOXZEROBYTES = 16,\n    crypto_scalarmult_BYTES = 32,\n    crypto_scalarmult_SCALARBYTES = 32,\n    crypto_box_PUBLICKEYBYTES = 32,\n    crypto_box_SECRETKEYBYTES = 32,\n    crypto_box_BEFORENMBYTES = 32,\n    crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES,\n    crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES,\n    crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES,\n    crypto_sign_BYTES = 64,\n    crypto_sign_PUBLICKEYBYTES = 32,\n    crypto_sign_SECRETKEYBYTES = 64,\n    crypto_sign_SEEDBYTES = 32,\n    crypto_hash_BYTES = 64;\n\nnacl.lowlevel = {\n  crypto_core_hsalsa20: crypto_core_hsalsa20,\n  crypto_stream_xor: crypto_stream_xor,\n  crypto_stream: crypto_stream,\n  crypto_stream_salsa20_xor: crypto_stream_salsa20_xor,\n  crypto_stream_salsa20: crypto_stream_salsa20,\n  crypto_onetimeauth: crypto_onetimeauth,\n  crypto_onetimeauth_verify: crypto_onetimeauth_verify,\n  crypto_verify_16: crypto_verify_16,\n  crypto_verify_32: crypto_verify_32,\n  crypto_secretbox: crypto_secretbox,\n  crypto_secretbox_open: crypto_secretbox_open,\n  crypto_scalarmult: crypto_scalarmult,\n  crypto_scalarmult_base: crypto_scalarmult_base,\n  crypto_box_beforenm: crypto_box_beforenm,\n  crypto_box_afternm: crypto_box_afternm,\n  crypto_box: crypto_box,\n  crypto_box_open: crypto_box_open,\n  crypto_box_keypair: crypto_box_keypair,\n  crypto_hash: crypto_hash,\n  crypto_sign: crypto_sign,\n  crypto_sign_keypair: crypto_sign_keypair,\n  crypto_sign_open: crypto_sign_open,\n\n  crypto_secretbox_KEYBYTES: crypto_secretbox_KEYBYTES,\n  crypto_secretbox_NONCEBYTES: crypto_secretbox_NONCEBYTES,\n  crypto_secretbox_ZEROBYTES: crypto_secretbox_ZEROBYTES,\n  crypto_secretbox_BOXZEROBYTES: crypto_secretbox_BOXZEROBYTES,\n  crypto_scalarmult_BYTES: crypto_scalarmult_BYTES,\n  crypto_scalarmult_SCALARBYTES: crypto_scalarmult_SCALARBYTES,\n  crypto_box_PUBLICKEYBYTES: crypto_box_PUBLICKEYBYTES,\n  crypto_box_SECRETKEYBYTES: crypto_box_SECRETKEYBYTES,\n  crypto_box_BEFORENMBYTES: crypto_box_BEFORENMBYTES,\n  crypto_box_NONCEBYTES: crypto_box_NONCEBYTES,\n  crypto_box_ZEROBYTES: crypto_box_ZEROBYTES,\n  crypto_box_BOXZEROBYTES: crypto_box_BOXZEROBYTES,\n  crypto_sign_BYTES: crypto_sign_BYTES,\n  crypto_sign_PUBLICKEYBYTES: crypto_sign_PUBLICKEYBYTES,\n  crypto_sign_SECRETKEYBYTES: crypto_sign_SECRETKEYBYTES,\n  crypto_sign_SEEDBYTES: crypto_sign_SEEDBYTES,\n  crypto_hash_BYTES: crypto_hash_BYTES\n};\n\n/* High-level API */\n\nfunction checkLengths(k, n) {\n  if (k.length !== crypto_secretbox_KEYBYTES) throw new Error('bad key size');\n  if (n.length !== crypto_secretbox_NONCEBYTES) throw new Error('bad nonce size');\n}\n\nfunction checkBoxLengths(pk, sk) {\n  if (pk.length !== crypto_box_PUBLICKEYBYTES) throw new Error('bad public key size');\n  if (sk.length !== crypto_box_SECRETKEYBYTES) throw new Error('bad secret key size');\n}\n\nfunction checkArrayTypes() {\n  var t, i;\n  for (i = 0; i < arguments.length; i++) {\n     if ((t = Object.prototype.toString.call(arguments[i])) !== '[object Uint8Array]')\n       throw new TypeError('unexpected type ' + t + ', use Uint8Array');\n  }\n}\n\nfunction cleanup(arr) {\n  for (var i = 0; i < arr.length; i++) arr[i] = 0;\n}\n\n// TODO: Completely remove this in v0.15.\nif (!nacl.util) {\n  nacl.util = {};\n  nacl.util.decodeUTF8 = nacl.util.encodeUTF8 = nacl.util.encodeBase64 = nacl.util.decodeBase64 = function() {\n    throw new Error('nacl.util moved into separate package: https://github.com/dchest/tweetnacl-util-js');\n  };\n}\n\nnacl.randomBytes = function(n) {\n  var b = new Uint8Array(n);\n  randombytes(b, n);\n  return b;\n};\n\nnacl.secretbox = function(msg, nonce, key) {\n  checkArrayTypes(msg, nonce, key);\n  checkLengths(key, nonce);\n  var m = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.length);\n  var c = new Uint8Array(m.length);\n  for (var i = 0; i < msg.length; i++) m[i+crypto_secretbox_ZEROBYTES] = msg[i];\n  crypto_secretbox(c, m, m.length, nonce, key);\n  return c.subarray(crypto_secretbox_BOXZEROBYTES);\n};\n\nnacl.secretbox.open = function(box, nonce, key) {\n  checkArrayTypes(box, nonce, key);\n  checkLengths(key, nonce);\n  var c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.length);\n  var m = new Uint8Array(c.length);\n  for (var i = 0; i < box.length; i++) c[i+crypto_secretbox_BOXZEROBYTES] = box[i];\n  if (c.length < 32) return false;\n  if (crypto_secretbox_open(m, c, c.length, nonce, key) !== 0) return false;\n  return m.subarray(crypto_secretbox_ZEROBYTES);\n};\n\nnacl.secretbox.keyLength = crypto_secretbox_KEYBYTES;\nnacl.secretbox.nonceLength = crypto_secretbox_NONCEBYTES;\nnacl.secretbox.overheadLength = crypto_secretbox_BOXZEROBYTES;\n\nnacl.scalarMult = function(n, p) {\n  checkArrayTypes(n, p);\n  if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');\n  if (p.length !== crypto_scalarmult_BYTES) throw new Error('bad p size');\n  var q = new Uint8Array(crypto_scalarmult_BYTES);\n  crypto_scalarmult(q, n, p);\n  return q;\n};\n\nnacl.scalarMult.base = function(n) {\n  checkArrayTypes(n);\n  if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');\n  var q = new Uint8Array(crypto_scalarmult_BYTES);\n  crypto_scalarmult_base(q, n);\n  return q;\n};\n\nnacl.scalarMult.scalarLength = crypto_scalarmult_SCALARBYTES;\nnacl.scalarMult.groupElementLength = crypto_scalarmult_BYTES;\n\nnacl.box = function(msg, nonce, publicKey, secretKey) {\n  var k = nacl.box.before(publicKey, secretKey);\n  return nacl.secretbox(msg, nonce, k);\n};\n\nnacl.box.before = function(publicKey, secretKey) {\n  checkArrayTypes(publicKey, secretKey);\n  checkBoxLengths(publicKey, secretKey);\n  var k = new Uint8Array(crypto_box_BEFORENMBYTES);\n  crypto_box_beforenm(k, publicKey, secretKey);\n  return k;\n};\n\nnacl.box.after = nacl.secretbox;\n\nnacl.box.open = function(msg, nonce, publicKey, secretKey) {\n  var k = nacl.box.before(publicKey, secretKey);\n  return nacl.secretbox.open(msg, nonce, k);\n};\n\nnacl.box.open.after = nacl.secretbox.open;\n\nnacl.box.keyPair = function() {\n  var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);\n  var sk = new Uint8Array(crypto_box_SECRETKEYBYTES);\n  crypto_box_keypair(pk, sk);\n  return {publicKey: pk, secretKey: sk};\n};\n\nnacl.box.keyPair.fromSecretKey = function(secretKey) {\n  checkArrayTypes(secretKey);\n  if (secretKey.length !== crypto_box_SECRETKEYBYTES)\n    throw new Error('bad secret key size');\n  var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);\n  crypto_scalarmult_base(pk, secretKey);\n  return {publicKey: pk, secretKey: new Uint8Array(secretKey)};\n};\n\nnacl.box.publicKeyLength = crypto_box_PUBLICKEYBYTES;\nnacl.box.secretKeyLength = crypto_box_SECRETKEYBYTES;\nnacl.box.sharedKeyLength = crypto_box_BEFORENMBYTES;\nnacl.box.nonceLength = crypto_box_NONCEBYTES;\nnacl.box.overheadLength = nacl.secretbox.overheadLength;\n\nnacl.sign = function(msg, secretKey) {\n  checkArrayTypes(msg, secretKey);\n  if (secretKey.length !== crypto_sign_SECRETKEYBYTES)\n    throw new Error('bad secret key size');\n  var signedMsg = new Uint8Array(crypto_sign_BYTES+msg.length);\n  crypto_sign(signedMsg, msg, msg.length, secretKey);\n  return signedMsg;\n};\n\nnacl.sign.open = function(signedMsg, publicKey) {\n  if (arguments.length !== 2)\n    throw new Error('nacl.sign.open accepts 2 arguments; did you mean to use nacl.sign.detached.verify?');\n  checkArrayTypes(signedMsg, publicKey);\n  if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)\n    throw new Error('bad public key size');\n  var tmp = new Uint8Array(signedMsg.length);\n  var mlen = crypto_sign_open(tmp, signedMsg, signedMsg.length, publicKey);\n  if (mlen < 0) return null;\n  var m = new Uint8Array(mlen);\n  for (var i = 0; i < m.length; i++) m[i] = tmp[i];\n  return m;\n};\n\nnacl.sign.detached = function(msg, secretKey) {\n  var signedMsg = nacl.sign(msg, secretKey);\n  var sig = new Uint8Array(crypto_sign_BYTES);\n  for (var i = 0; i < sig.length; i++) sig[i] = signedMsg[i];\n  return sig;\n};\n\nnacl.sign.detached.verify = function(msg, sig, publicKey) {\n  checkArrayTypes(msg, sig, publicKey);\n  if (sig.length !== crypto_sign_BYTES)\n    throw new Error('bad signature size');\n  if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)\n    throw new Error('bad public key size');\n  var sm = new Uint8Array(crypto_sign_BYTES + msg.length);\n  var m = new Uint8Array(crypto_sign_BYTES + msg.length);\n  var i;\n  for (i = 0; i < crypto_sign_BYTES; i++) sm[i] = sig[i];\n  for (i = 0; i < msg.length; i++) sm[i+crypto_sign_BYTES] = msg[i];\n  return (crypto_sign_open(m, sm, sm.length, publicKey) >= 0);\n};\n\nnacl.sign.keyPair = function() {\n  var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n  var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);\n  crypto_sign_keypair(pk, sk);\n  return {publicKey: pk, secretKey: sk};\n};\n\nnacl.sign.keyPair.fromSecretKey = function(secretKey) {\n  checkArrayTypes(secretKey);\n  if (secretKey.length !== crypto_sign_SECRETKEYBYTES)\n    throw new Error('bad secret key size');\n  var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n  for (var i = 0; i < pk.length; i++) pk[i] = secretKey[32+i];\n  return {publicKey: pk, secretKey: new Uint8Array(secretKey)};\n};\n\nnacl.sign.keyPair.fromSeed = function(seed) {\n  checkArrayTypes(seed);\n  if (seed.length !== crypto_sign_SEEDBYTES)\n    throw new Error('bad seed size');\n  var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n  var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);\n  for (var i = 0; i < 32; i++) sk[i] = seed[i];\n  crypto_sign_keypair(pk, sk, true);\n  return {publicKey: pk, secretKey: sk};\n};\n\nnacl.sign.publicKeyLength = crypto_sign_PUBLICKEYBYTES;\nnacl.sign.secretKeyLength = crypto_sign_SECRETKEYBYTES;\nnacl.sign.seedLength = crypto_sign_SEEDBYTES;\nnacl.sign.signatureLength = crypto_sign_BYTES;\n\nnacl.hash = function(msg) {\n  checkArrayTypes(msg);\n  var h = new Uint8Array(crypto_hash_BYTES);\n  crypto_hash(h, msg, msg.length);\n  return h;\n};\n\nnacl.hash.hashLength = crypto_hash_BYTES;\n\nnacl.verify = function(x, y) {\n  checkArrayTypes(x, y);\n  // Zero length arguments are considered not equal.\n  if (x.length === 0 || y.length === 0) return false;\n  if (x.length !== y.length) return false;\n  return (vn(x, 0, y, 0, x.length) === 0) ? true : false;\n};\n\nnacl.setPRNG = function(fn) {\n  randombytes = fn;\n};\n\n(function() {\n  // Initialize PRNG if environment provides CSPRNG.\n  // If not, methods calling randombytes will throw.\n  var crypto = typeof self !== 'undefined' ? (self.crypto || self.msCrypto) : null;\n  if (crypto && crypto.getRandomValues) {\n    // Browsers.\n    var QUOTA = 65536;\n    nacl.setPRNG(function(x, n) {\n      var i, v = new Uint8Array(n);\n      for (i = 0; i < n; i += QUOTA) {\n        crypto.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));\n      }\n      for (i = 0; i < n; i++) x[i] = v[i];\n      cleanup(v);\n    });\n  } else if (typeof require !== 'undefined') {\n    // Node.js.\n    crypto = require('crypto');\n    if (crypto && crypto.randomBytes) {\n      nacl.setPRNG(function(x, n) {\n        var i, v = crypto.randomBytes(n);\n        for (i = 0; i < n; i++) x[i] = v[i];\n        cleanup(v);\n      });\n    }\n  }\n})();\n\n})(typeof module !== 'undefined' && module.exports ? module.exports : (self.nacl = self.nacl || {}));\n","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nObject.defineProperty(exports, \"v1\", {\n  enumerable: true,\n  get: function () {\n    return _v.default;\n  }\n});\nObject.defineProperty(exports, \"v3\", {\n  enumerable: true,\n  get: function () {\n    return _v2.default;\n  }\n});\nObject.defineProperty(exports, \"v4\", {\n  enumerable: true,\n  get: function () {\n    return _v3.default;\n  }\n});\nObject.defineProperty(exports, \"v5\", {\n  enumerable: true,\n  get: function () {\n    return _v4.default;\n  }\n});\nObject.defineProperty(exports, \"NIL\", {\n  enumerable: true,\n  get: function () {\n    return _nil.default;\n  }\n});\nObject.defineProperty(exports, \"version\", {\n  enumerable: true,\n  get: function () {\n    return _version.default;\n  }\n});\nObject.defineProperty(exports, \"validate\", {\n  enumerable: true,\n  get: function () {\n    return _validate.default;\n  }\n});\nObject.defineProperty(exports, \"stringify\", {\n  enumerable: true,\n  get: function () {\n    return _stringify.default;\n  }\n});\nObject.defineProperty(exports, \"parse\", {\n  enumerable: true,\n  get: function () {\n    return _parse.default;\n  }\n});\n\nvar _v = _interopRequireDefault(require(\"./v1.js\"));\n\nvar _v2 = _interopRequireDefault(require(\"./v3.js\"));\n\nvar _v3 = _interopRequireDefault(require(\"./v4.js\"));\n\nvar _v4 = _interopRequireDefault(require(\"./v5.js\"));\n\nvar _nil = _interopRequireDefault(require(\"./nil.js\"));\n\nvar _version = _interopRequireDefault(require(\"./version.js\"));\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nvar _parse = _interopRequireDefault(require(\"./parse.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _crypto = _interopRequireDefault(require(\"crypto\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction md5(bytes) {\n  if (Array.isArray(bytes)) {\n    bytes = Buffer.from(bytes);\n  } else if (typeof bytes === 'string') {\n    bytes = Buffer.from(bytes, 'utf8');\n  }\n\n  return _crypto.default.createHash('md5').update(bytes).digest();\n}\n\nvar _default = md5;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\nvar _default = '00000000-0000-0000-0000-000000000000';\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction parse(uuid) {\n  if (!(0, _validate.default)(uuid)) {\n    throw TypeError('Invalid UUID');\n  }\n\n  let v;\n  const arr = new Uint8Array(16); // Parse ########-....-....-....-............\n\n  arr[0] = (v = parseInt(uuid.slice(0, 8), 16)) >>> 24;\n  arr[1] = v >>> 16 & 0xff;\n  arr[2] = v >>> 8 & 0xff;\n  arr[3] = v & 0xff; // Parse ........-####-....-....-............\n\n  arr[4] = (v = parseInt(uuid.slice(9, 13), 16)) >>> 8;\n  arr[5] = v & 0xff; // Parse ........-....-####-....-............\n\n  arr[6] = (v = parseInt(uuid.slice(14, 18), 16)) >>> 8;\n  arr[7] = v & 0xff; // Parse ........-....-....-####-............\n\n  arr[8] = (v = parseInt(uuid.slice(19, 23), 16)) >>> 8;\n  arr[9] = v & 0xff; // Parse ........-....-....-....-############\n  // (Use \"/\" to avoid 32-bit truncation when bit-shifting high-order bytes)\n\n  arr[10] = (v = parseInt(uuid.slice(24, 36), 16)) / 0x10000000000 & 0xff;\n  arr[11] = v / 0x100000000 & 0xff;\n  arr[12] = v >>> 24 & 0xff;\n  arr[13] = v >>> 16 & 0xff;\n  arr[14] = v >>> 8 & 0xff;\n  arr[15] = v & 0xff;\n  return arr;\n}\n\nvar _default = parse;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\nvar _default = /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000)$/i;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = rng;\n\nvar _crypto = _interopRequireDefault(require(\"crypto\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nconst rnds8Pool = new Uint8Array(256); // # of random values to pre-allocate\n\nlet poolPtr = rnds8Pool.length;\n\nfunction rng() {\n  if (poolPtr > rnds8Pool.length - 16) {\n    _crypto.default.randomFillSync(rnds8Pool);\n\n    poolPtr = 0;\n  }\n\n  return rnds8Pool.slice(poolPtr, poolPtr += 16);\n}","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _crypto = _interopRequireDefault(require(\"crypto\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction sha1(bytes) {\n  if (Array.isArray(bytes)) {\n    bytes = Buffer.from(bytes);\n  } else if (typeof bytes === 'string') {\n    bytes = Buffer.from(bytes, 'utf8');\n  }\n\n  return _crypto.default.createHash('sha1').update(bytes).digest();\n}\n\nvar _default = sha1;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n/**\n * Convert array of 16 byte values to UUID string format of the form:\n * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\n */\nconst byteToHex = [];\n\nfor (let i = 0; i < 256; ++i) {\n  byteToHex.push((i + 0x100).toString(16).substr(1));\n}\n\nfunction stringify(arr, offset = 0) {\n  // Note: Be careful editing this code!  It's been tuned for performance\n  // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434\n  const uuid = (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase(); // Consistency check for valid UUID.  If this throws, it's likely due to one\n  // of the following:\n  // - One or more input array values don't map to a hex octet (leading to\n  // \"undefined\" in the uuid)\n  // - Invalid input values for the RFC `version` or `variant` fields\n\n  if (!(0, _validate.default)(uuid)) {\n    throw TypeError('Stringified UUID is invalid');\n  }\n\n  return uuid;\n}\n\nvar _default = stringify;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _rng = _interopRequireDefault(require(\"./rng.js\"));\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n// **`v1()` - Generate time-based UUID**\n//\n// Inspired by https://github.com/LiosK/UUID.js\n// and http://docs.python.org/library/uuid.html\nlet _nodeId;\n\nlet _clockseq; // Previous uuid creation time\n\n\nlet _lastMSecs = 0;\nlet _lastNSecs = 0; // See https://github.com/uuidjs/uuid for API details\n\nfunction v1(options, buf, offset) {\n  let i = buf && offset || 0;\n  const b = buf || new Array(16);\n  options = options || {};\n  let node = options.node || _nodeId;\n  let clockseq = options.clockseq !== undefined ? options.clockseq : _clockseq; // node and clockseq need to be initialized to random values if they're not\n  // specified.  We do this lazily to minimize issues related to insufficient\n  // system entropy.  See #189\n\n  if (node == null || clockseq == null) {\n    const seedBytes = options.random || (options.rng || _rng.default)();\n\n    if (node == null) {\n      // Per 4.5, create and 48-bit node id, (47 random bits + multicast bit = 1)\n      node = _nodeId = [seedBytes[0] | 0x01, seedBytes[1], seedBytes[2], seedBytes[3], seedBytes[4], seedBytes[5]];\n    }\n\n    if (clockseq == null) {\n      // Per 4.2.2, randomize (14 bit) clockseq\n      clockseq = _clockseq = (seedBytes[6] << 8 | seedBytes[7]) & 0x3fff;\n    }\n  } // UUID timestamps are 100 nano-second units since the Gregorian epoch,\n  // (1582-10-15 00:00).  JSNumbers aren't precise enough for this, so\n  // time is handled internally as 'msecs' (integer milliseconds) and 'nsecs'\n  // (100-nanoseconds offset from msecs) since unix epoch, 1970-01-01 00:00.\n\n\n  let msecs = options.msecs !== undefined ? options.msecs : Date.now(); // Per 4.2.1.2, use count of uuid's generated during the current clock\n  // cycle to simulate higher resolution clock\n\n  let nsecs = options.nsecs !== undefined ? options.nsecs : _lastNSecs + 1; // Time since last uuid creation (in msecs)\n\n  const dt = msecs - _lastMSecs + (nsecs - _lastNSecs) / 10000; // Per 4.2.1.2, Bump clockseq on clock regression\n\n  if (dt < 0 && options.clockseq === undefined) {\n    clockseq = clockseq + 1 & 0x3fff;\n  } // Reset nsecs if clock regresses (new clockseq) or we've moved onto a new\n  // time interval\n\n\n  if ((dt < 0 || msecs > _lastMSecs) && options.nsecs === undefined) {\n    nsecs = 0;\n  } // Per 4.2.1.2 Throw error if too many uuids are requested\n\n\n  if (nsecs >= 10000) {\n    throw new Error(\"uuid.v1(): Can't create more than 10M uuids/sec\");\n  }\n\n  _lastMSecs = msecs;\n  _lastNSecs = nsecs;\n  _clockseq = clockseq; // Per 4.1.4 - Convert from unix epoch to Gregorian epoch\n\n  msecs += 12219292800000; // `time_low`\n\n  const tl = ((msecs & 0xfffffff) * 10000 + nsecs) % 0x100000000;\n  b[i++] = tl >>> 24 & 0xff;\n  b[i++] = tl >>> 16 & 0xff;\n  b[i++] = tl >>> 8 & 0xff;\n  b[i++] = tl & 0xff; // `time_mid`\n\n  const tmh = msecs / 0x100000000 * 10000 & 0xfffffff;\n  b[i++] = tmh >>> 8 & 0xff;\n  b[i++] = tmh & 0xff; // `time_high_and_version`\n\n  b[i++] = tmh >>> 24 & 0xf | 0x10; // include version\n\n  b[i++] = tmh >>> 16 & 0xff; // `clock_seq_hi_and_reserved` (Per 4.2.2 - include variant)\n\n  b[i++] = clockseq >>> 8 | 0x80; // `clock_seq_low`\n\n  b[i++] = clockseq & 0xff; // `node`\n\n  for (let n = 0; n < 6; ++n) {\n    b[i + n] = node[n];\n  }\n\n  return buf || (0, _stringify.default)(b);\n}\n\nvar _default = v1;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _v = _interopRequireDefault(require(\"./v35.js\"));\n\nvar _md = _interopRequireDefault(require(\"./md5.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nconst v3 = (0, _v.default)('v3', 0x30, _md.default);\nvar _default = v3;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = _default;\nexports.URL = exports.DNS = void 0;\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nvar _parse = _interopRequireDefault(require(\"./parse.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction stringToBytes(str) {\n  str = unescape(encodeURIComponent(str)); // UTF8 escape\n\n  const bytes = [];\n\n  for (let i = 0; i < str.length; ++i) {\n    bytes.push(str.charCodeAt(i));\n  }\n\n  return bytes;\n}\n\nconst DNS = '6ba7b810-9dad-11d1-80b4-00c04fd430c8';\nexports.DNS = DNS;\nconst URL = '6ba7b811-9dad-11d1-80b4-00c04fd430c8';\nexports.URL = URL;\n\nfunction _default(name, version, hashfunc) {\n  function generateUUID(value, namespace, buf, offset) {\n    if (typeof value === 'string') {\n      value = stringToBytes(value);\n    }\n\n    if (typeof namespace === 'string') {\n      namespace = (0, _parse.default)(namespace);\n    }\n\n    if (namespace.length !== 16) {\n      throw TypeError('Namespace must be array-like (16 iterable integer values, 0-255)');\n    } // Compute hash of namespace and value, Per 4.3\n    // Future: Use spread syntax when supported on all platforms, e.g. `bytes =\n    // hashfunc([...namespace, ... value])`\n\n\n    let bytes = new Uint8Array(16 + value.length);\n    bytes.set(namespace);\n    bytes.set(value, namespace.length);\n    bytes = hashfunc(bytes);\n    bytes[6] = bytes[6] & 0x0f | version;\n    bytes[8] = bytes[8] & 0x3f | 0x80;\n\n    if (buf) {\n      offset = offset || 0;\n\n      for (let i = 0; i < 16; ++i) {\n        buf[offset + i] = bytes[i];\n      }\n\n      return buf;\n    }\n\n    return (0, _stringify.default)(bytes);\n  } // Function#name is not settable on some platforms (#270)\n\n\n  try {\n    generateUUID.name = name; // eslint-disable-next-line no-empty\n  } catch (err) {} // For CommonJS default export support\n\n\n  generateUUID.DNS = DNS;\n  generateUUID.URL = URL;\n  return generateUUID;\n}","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _rng = _interopRequireDefault(require(\"./rng.js\"));\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction v4(options, buf, offset) {\n  options = options || {};\n\n  const rnds = options.random || (options.rng || _rng.default)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`\n\n\n  rnds[6] = rnds[6] & 0x0f | 0x40;\n  rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided\n\n  if (buf) {\n    offset = offset || 0;\n\n    for (let i = 0; i < 16; ++i) {\n      buf[offset + i] = rnds[i];\n    }\n\n    return buf;\n  }\n\n  return (0, _stringify.default)(rnds);\n}\n\nvar _default = v4;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _v = _interopRequireDefault(require(\"./v35.js\"));\n\nvar _sha = _interopRequireDefault(require(\"./sha1.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nconst v5 = (0, _v.default)('v5', 0x50, _sha.default);\nvar _default = v5;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _regex = _interopRequireDefault(require(\"./regex.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction validate(uuid) {\n  return typeof uuid === 'string' && _regex.default.test(uuid);\n}\n\nvar _default = validate;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction version(uuid) {\n  if (!(0, _validate.default)(uuid)) {\n    throw TypeError('Invalid UUID');\n  }\n\n  return parseInt(uuid.substr(14, 1), 16);\n}\n\nvar _default = version;\nexports.default = _default;","module.exports = __non_webpack_require__(__webpack_require__.ab + \"build/Release/cpufeatures.node\")","module.exports = __non_webpack_require__(__webpack_require__.ab + \"lib/protocol/crypto/build/Release/sshcrypto.node\")","module.exports = require(\"assert\");","module.exports = require(\"buffer\");","module.exports = require(\"child_process\");","module.exports = require(\"crypto\");","module.exports = require(\"dns\");","module.exports = require(\"events\");","module.exports = require(\"fs\");","module.exports = require(\"http\");","module.exports = require(\"https\");","module.exports = require(\"net\");","module.exports = require(\"os\");","module.exports = require(\"path\");","module.exports = require(\"stream\");","module.exports = require(\"tls\");","module.exports = require(\"util\");","module.exports = require(\"zlib\");","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n    return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.NodeSSH = exports.SSHError = void 0;\nconst fs_1 = __importDefault(require(\"fs\"));\nconst path_1 = __importDefault(require(\"path\"));\nconst make_dir_1 = __importDefault(require(\"make-dir\"));\nconst is_stream_1 = __importDefault(require(\"is-stream\"));\nconst shell_escape_1 = __importDefault(require(\"shell-escape\"));\nconst sb_scandir_1 = __importDefault(require(\"sb-scandir\"));\nconst sb_promise_queue_1 = require(\"sb-promise-queue\");\nconst assert_1 = __importStar(require(\"assert\"));\nconst ssh2_1 = __importDefault(require(\"ssh2\"));\nconst DEFAULT_CONCURRENCY = 1;\nconst DEFAULT_VALIDATE = (path) => !path_1.default.basename(path).startsWith('.');\nconst DEFAULT_TICK = () => {\n    /* No Op */\n};\nclass SSHError extends Error {\n    constructor(message, code = null) {\n        super(message);\n        this.code = code;\n    }\n}\nexports.SSHError = SSHError;\nfunction unixifyPath(path) {\n    if (path.includes('\\\\')) {\n        return path.split('\\\\').join('/');\n    }\n    return path;\n}\nasync function readFile(filePath) {\n    return new Promise((resolve, reject) => {\n        fs_1.default.readFile(filePath, 'utf8', (err, res) => {\n            if (err) {\n                reject(err);\n            }\n            else {\n                resolve(res);\n            }\n        });\n    });\n}\nconst SFTP_MKDIR_ERR_CODE_REGEXP = /Error: (E[\\S]+): /;\nasync function makeDirectoryWithSftp(path, sftp) {\n    let stats = null;\n    try {\n        stats = await new Promise((resolve, reject) => {\n            sftp.stat(path, (err, res) => {\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            });\n        });\n    }\n    catch (_) {\n        /* No Op */\n    }\n    if (stats) {\n        if (stats.isDirectory()) {\n            // Already exists, nothing to worry about\n            return;\n        }\n        throw new Error('mkdir() failed, target already exists and is not a directory');\n    }\n    try {\n        await new Promise((resolve, reject) => {\n            sftp.mkdir(path, (err) => {\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve();\n                }\n            });\n        });\n    }\n    catch (err) {\n        if (err != null && typeof err.stack === 'string') {\n            const matches = SFTP_MKDIR_ERR_CODE_REGEXP.exec(err.stack);\n            if (matches != null) {\n                throw new SSHError(err.message, matches[1]);\n            }\n            throw err;\n        }\n    }\n}\nclass NodeSSH {\n    constructor() {\n        this.connection = null;\n    }\n    getConnection() {\n        const { connection } = this;\n        if (connection == null) {\n            throw new Error('Not connected to server');\n        }\n        return connection;\n    }\n    async connect(givenConfig) {\n        assert_1.default(givenConfig != null && typeof givenConfig === 'object', 'config must be a valid object');\n        const config = { ...givenConfig };\n        assert_1.default(config.username != null && typeof config.username === 'string', 'config.username must be a valid string');\n        if (config.host != null) {\n            assert_1.default(typeof config.host === 'string', 'config.host must be a valid string');\n        }\n        else if (config.sock != null) {\n            assert_1.default(typeof config.sock === 'object', 'config.sock must be a valid object');\n        }\n        else {\n            throw new assert_1.AssertionError({ message: 'Either config.host or config.sock must be provided' });\n        }\n        if (config.privateKey != null || config.privateKeyPath != null) {\n            if (config.privateKey != null) {\n                assert_1.default(typeof config.privateKey === 'string', 'config.privateKey must be a valid string');\n                assert_1.default(config.privateKeyPath == null, 'config.privateKeyPath must not be specified when config.privateKey is specified');\n            }\n            else if (config.privateKeyPath != null) {\n                assert_1.default(typeof config.privateKeyPath === 'string', 'config.privateKeyPath must be a valid string');\n                assert_1.default(config.privateKey == null, 'config.privateKey must not be specified when config.privateKeyPath is specified');\n            }\n            assert_1.default(config.passphrase == null || typeof config.passphrase === 'string', 'config.passphrase must be null or a valid string');\n            if (config.privateKeyPath != null) {\n                // Must be an fs path\n                try {\n                    config.privateKey = await readFile(config.privateKeyPath);\n                }\n                catch (err) {\n                    if (err != null && err.code === 'ENOENT') {\n                        throw new assert_1.AssertionError({ message: 'config.privateKeyPath does not exist at given fs path' });\n                    }\n                    throw err;\n                }\n            }\n        }\n        else if (config.password != null) {\n            assert_1.default(typeof config.password === 'string', 'config.password must be a valid string');\n        }\n        if (config.tryKeyboard != null) {\n            assert_1.default(typeof config.tryKeyboard === 'boolean', 'config.tryKeyboard must be a valid boolean');\n        }\n        if (config.tryKeyboard) {\n            const { password } = config;\n            if (config.onKeyboardInteractive != null) {\n                assert_1.default(typeof config.onKeyboardInteractive === 'function', 'config.onKeyboardInteractive must be a valid function');\n            }\n            else if (password != null) {\n                config.onKeyboardInteractive = (name, instructions, instructionsLang, prompts, finish) => {\n                    if (prompts.length > 0 && prompts[0].prompt.toLowerCase().includes('password')) {\n                        finish([password]);\n                    }\n                };\n            }\n        }\n        const connection = new ssh2_1.default.Client();\n        this.connection = connection;\n        await new Promise((resolve, reject) => {\n            connection.on('error', reject);\n            if (config.onKeyboardInteractive) {\n                connection.on('keyboard-interactive', config.onKeyboardInteractive);\n            }\n            connection.on('ready', () => {\n                connection.removeListener('error', reject);\n                resolve();\n            });\n            connection.on('end', () => {\n                if (this.connection === connection) {\n                    this.connection = null;\n                }\n            });\n            connection.on('close', () => {\n                if (this.connection === connection) {\n                    this.connection = null;\n                }\n                reject(new SSHError('No response from server', 'ETIMEDOUT'));\n            });\n            connection.connect(config);\n        });\n        return this;\n    }\n    isConnected() {\n        return this.connection != null;\n    }\n    async requestShell(options) {\n        const connection = this.getConnection();\n        return new Promise((resolve, reject) => {\n            connection.on('error', reject);\n            const callback = (err, res) => {\n                connection.removeListener('error', reject);\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            };\n            if (options == null) {\n                connection.shell(callback);\n            }\n            else {\n                connection.shell(options, callback);\n            }\n        });\n    }\n    async withShell(callback, options) {\n        assert_1.default(typeof callback === 'function', 'callback must be a valid function');\n        const shell = await this.requestShell(options);\n        try {\n            await callback(shell);\n        }\n        finally {\n            // Try to close gracefully\n            if (!shell.close()) {\n                // Destroy local socket if it doesn't work\n                shell.destroy();\n            }\n        }\n    }\n    async requestSFTP() {\n        const connection = this.getConnection();\n        return new Promise((resolve, reject) => {\n            connection.on('error', reject);\n            connection.sftp((err, res) => {\n                connection.removeListener('error', reject);\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            });\n        });\n    }\n    async withSFTP(callback) {\n        assert_1.default(typeof callback === 'function', 'callback must be a valid function');\n        const sftp = await this.requestSFTP();\n        try {\n            await callback(sftp);\n        }\n        finally {\n            sftp.end();\n        }\n    }\n    async execCommand(givenCommand, options = {}) {\n        assert_1.default(typeof givenCommand === 'string', 'command must be a valid string');\n        assert_1.default(options != null && typeof options === 'object', 'options must be a valid object');\n        assert_1.default(options.cwd == null || typeof options.cwd === 'string', 'options.cwd must be a valid string');\n        assert_1.default(options.stdin == null || typeof options.stdin === 'string' || is_stream_1.default.readable(options.stdin), 'options.stdin must be a valid string or readable stream');\n        assert_1.default(options.execOptions == null || typeof options.execOptions === 'object', 'options.execOptions must be a valid object');\n        assert_1.default(options.encoding == null || typeof options.encoding === 'string', 'options.encoding must be a valid string');\n        assert_1.default(options.onChannel == null || typeof options.onChannel === 'function', 'options.onChannel must be a valid function');\n        assert_1.default(options.onStdout == null || typeof options.onStdout === 'function', 'options.onStdout must be a valid function');\n        assert_1.default(options.onStderr == null || typeof options.onStderr === 'function', 'options.onStderr must be a valid function');\n        let command = givenCommand;\n        if (options.cwd) {\n            command = `cd ${shell_escape_1.default([options.cwd])} ; ${command}`;\n        }\n        const connection = this.getConnection();\n        const output = { stdout: [], stderr: [] };\n        return new Promise((resolve, reject) => {\n            connection.on('error', reject);\n            connection.exec(command, options.execOptions != null ? options.execOptions : {}, (err, channel) => {\n                connection.removeListener('error', reject);\n                if (err) {\n                    reject(err);\n                    return;\n                }\n                if (options.onChannel) {\n                    options.onChannel(channel);\n                }\n                channel.on('data', (chunk) => {\n                    if (options.onStdout)\n                        options.onStdout(chunk);\n                    output.stdout.push(chunk.toString(options.encoding));\n                });\n                channel.stderr.on('data', (chunk) => {\n                    if (options.onStderr)\n                        options.onStderr(chunk);\n                    output.stderr.push(chunk.toString(options.encoding));\n                });\n                if (options.stdin != null) {\n                    if (is_stream_1.default.readable(options.stdin)) {\n                        options.stdin.pipe(channel, {\n                            end: true,\n                        });\n                    }\n                    else {\n                        channel.write(options.stdin);\n                        channel.end();\n                    }\n                }\n                else {\n                    channel.end();\n                }\n                let code = null;\n                let signal = null;\n                channel.on('exit', (code_, signal_) => {\n                    code = code_ !== null && code_ !== void 0 ? code_ : null;\n                    signal = signal_ !== null && signal_ !== void 0 ? signal_ : null;\n                });\n                channel.on('close', () => {\n                    resolve({\n                        code: code != null ? code : null,\n                        signal: signal != null ? signal : null,\n                        stdout: output.stdout.join('').trim(),\n                        stderr: output.stderr.join('').trim(),\n                    });\n                });\n            });\n        });\n    }\n    async exec(command, parameters, options = {}) {\n        assert_1.default(typeof command === 'string', 'command must be a valid string');\n        assert_1.default(Array.isArray(parameters), 'parameters must be a valid array');\n        assert_1.default(options != null && typeof options === 'object', 'options must be a valid object');\n        assert_1.default(options.stream == null || ['both', 'stdout', 'stderr'].includes(options.stream), 'options.stream must be one of both, stdout, stderr');\n        for (let i = 0, { length } = parameters; i < length; i += 1) {\n            assert_1.default(typeof parameters[i] === 'string', `parameters[${i}] must be a valid string`);\n        }\n        const completeCommand = `${command} ${shell_escape_1.default(parameters)}`;\n        const response = await this.execCommand(completeCommand, options);\n        if (options.stream == null || options.stream === 'stdout') {\n            if (response.stderr) {\n                throw new Error(response.stderr);\n            }\n            return response.stdout;\n        }\n        if (options.stream === 'stderr') {\n            return response.stderr;\n        }\n        return response;\n    }\n    async mkdir(path, method = 'sftp', givenSftp = null) {\n        assert_1.default(typeof path === 'string', 'path must be a valid string');\n        assert_1.default(typeof method === 'string' && (method === 'sftp' || method === 'exec'), 'method must be either sftp or exec');\n        assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n        if (method === 'exec') {\n            await this.exec('mkdir', ['-p', unixifyPath(path)]);\n            return;\n        }\n        const sftp = givenSftp || (await this.requestSFTP());\n        const makeSftpDirectory = async (retry) => makeDirectoryWithSftp(unixifyPath(path), sftp).catch(async (error) => {\n            if (!retry || error == null || (error.message !== 'No such file' && error.code !== 'ENOENT')) {\n                throw error;\n            }\n            await this.mkdir(path_1.default.dirname(path), 'sftp', sftp);\n            await makeSftpDirectory(false);\n        });\n        try {\n            await makeSftpDirectory(true);\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n    }\n    async getFile(localFile, remoteFile, givenSftp = null, transferOptions = null) {\n        assert_1.default(typeof localFile === 'string', 'localFile must be a valid string');\n        assert_1.default(typeof remoteFile === 'string', 'remoteFile must be a valid string');\n        assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n        assert_1.default(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object');\n        const sftp = givenSftp || (await this.requestSFTP());\n        try {\n            await new Promise((resolve, reject) => {\n                sftp.fastGet(unixifyPath(remoteFile), localFile, transferOptions || {}, (err) => {\n                    if (err) {\n                        reject(err);\n                    }\n                    else {\n                        resolve();\n                    }\n                });\n            });\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n    }\n    async putFile(localFile, remoteFile, givenSftp = null, transferOptions = null) {\n        assert_1.default(typeof localFile === 'string', 'localFile must be a valid string');\n        assert_1.default(typeof remoteFile === 'string', 'remoteFile must be a valid string');\n        assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n        assert_1.default(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object');\n        assert_1.default(await new Promise((resolve) => {\n            fs_1.default.access(localFile, fs_1.default.constants.R_OK, (err) => {\n                resolve(err === null);\n            });\n        }), `localFile does not exist at ${localFile}`);\n        const sftp = givenSftp || (await this.requestSFTP());\n        const putFile = (retry) => {\n            return new Promise((resolve, reject) => {\n                sftp.fastPut(localFile, unixifyPath(remoteFile), transferOptions || {}, (err) => {\n                    if (err == null) {\n                        resolve();\n                        return;\n                    }\n                    if (err.message === 'No such file' && retry) {\n                        resolve(this.mkdir(path_1.default.dirname(remoteFile), 'sftp', sftp).then(() => putFile(false)));\n                    }\n                    else {\n                        reject(err);\n                    }\n                });\n            });\n        };\n        try {\n            await putFile(true);\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n    }\n    async putFiles(files, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {} } = {}) {\n        assert_1.default(Array.isArray(files), 'files must be an array');\n        for (let i = 0, { length } = files; i < length; i += 1) {\n            const file = files[i];\n            assert_1.default(file, 'files items must be valid objects');\n            assert_1.default(file.local && typeof file.local === 'string', `files[${i}].local must be a string`);\n            assert_1.default(file.remote && typeof file.remote === 'string', `files[${i}].remote must be a string`);\n        }\n        const transferred = [];\n        const sftp = givenSftp || (await this.requestSFTP());\n        const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n        try {\n            await new Promise((resolve, reject) => {\n                files.forEach((file) => {\n                    queue\n                        .add(async () => {\n                        await this.putFile(file.local, file.remote, sftp, transferOptions);\n                        transferred.push(file);\n                    })\n                        .catch(reject);\n                });\n                queue.waitTillIdle().then(resolve);\n            });\n        }\n        catch (error) {\n            if (error != null) {\n                error.transferred = transferred;\n            }\n            throw error;\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n    }\n    async putDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) {\n        assert_1.default(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string');\n        assert_1.default(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string');\n        const localDirectoryStat = await new Promise((resolve) => {\n            fs_1.default.stat(localDirectory, (err, stat) => {\n                resolve(stat || null);\n            });\n        });\n        assert_1.default(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`);\n        assert_1.default(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`);\n        const sftp = givenSftp || (await this.requestSFTP());\n        const scanned = await sb_scandir_1.default(localDirectory, {\n            recursive,\n            validate,\n        });\n        const files = scanned.files.map((item) => path_1.default.relative(localDirectory, item));\n        const directories = scanned.directories.map((item) => path_1.default.relative(localDirectory, item));\n        // Sort shortest to longest\n        directories.sort((a, b) => a.length - b.length);\n        let failed = false;\n        try {\n            // Do the directories first.\n            await new Promise((resolve, reject) => {\n                const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n                directories.forEach((directory) => {\n                    queue\n                        .add(async () => {\n                        await this.mkdir(path_1.default.join(remoteDirectory, directory), 'sftp', sftp);\n                    })\n                        .catch(reject);\n                });\n                resolve(queue.waitTillIdle());\n            });\n            // and now the files\n            await new Promise((resolve, reject) => {\n                const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n                files.forEach((file) => {\n                    queue\n                        .add(async () => {\n                        const localFile = path_1.default.join(localDirectory, file);\n                        const remoteFile = path_1.default.join(remoteDirectory, file);\n                        try {\n                            await this.putFile(localFile, remoteFile, sftp, transferOptions);\n                            tick(localFile, remoteFile, null);\n                        }\n                        catch (_) {\n                            failed = true;\n                            tick(localFile, remoteFile, _);\n                        }\n                    })\n                        .catch(reject);\n                });\n                resolve(queue.waitTillIdle());\n            });\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n        return !failed;\n    }\n    async getDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) {\n        assert_1.default(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string');\n        assert_1.default(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string');\n        const localDirectoryStat = await new Promise((resolve) => {\n            fs_1.default.stat(localDirectory, (err, stat) => {\n                resolve(stat || null);\n            });\n        });\n        assert_1.default(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`);\n        assert_1.default(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`);\n        const sftp = givenSftp || (await this.requestSFTP());\n        const scanned = await sb_scandir_1.default(remoteDirectory, {\n            recursive,\n            validate,\n            concurrency,\n            fileSystem: {\n                basename(path) {\n                    return path_1.default.posix.basename(path);\n                },\n                join(pathA, pathB) {\n                    return path_1.default.posix.join(pathA, pathB);\n                },\n                readdir(path) {\n                    return new Promise((resolve, reject) => {\n                        sftp.readdir(path, (err, res) => {\n                            if (err) {\n                                reject(err);\n                            }\n                            else {\n                                resolve(res.map((item) => item.filename));\n                            }\n                        });\n                    });\n                },\n                stat(path) {\n                    return new Promise((resolve, reject) => {\n                        sftp.stat(path, (err, res) => {\n                            if (err) {\n                                reject(err);\n                            }\n                            else {\n                                // eslint-disable-next-line @typescript-eslint/no-explicit-any\n                                resolve(res);\n                            }\n                        });\n                    });\n                },\n            },\n        });\n        const files = scanned.files.map((item) => path_1.default.relative(remoteDirectory, item));\n        const directories = scanned.directories.map((item) => path_1.default.relative(remoteDirectory, item));\n        // Sort shortest to longest\n        directories.sort((a, b) => a.length - b.length);\n        let failed = false;\n        try {\n            // Do the directories first.\n            await new Promise((resolve, reject) => {\n                const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n                directories.forEach((directory) => {\n                    queue\n                        .add(async () => {\n                        await make_dir_1.default(path_1.default.join(localDirectory, directory));\n                    })\n                        .catch(reject);\n                });\n                resolve(queue.waitTillIdle());\n            });\n            // and now the files\n            await new Promise((resolve, reject) => {\n                const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n                files.forEach((file) => {\n                    queue\n                        .add(async () => {\n                        const localFile = path_1.default.join(localDirectory, file);\n                        const remoteFile = path_1.default.join(remoteDirectory, file);\n                        try {\n                            await this.getFile(localFile, remoteFile, sftp, transferOptions);\n                            tick(localFile, remoteFile, null);\n                        }\n                        catch (_) {\n                            failed = true;\n                            tick(localFile, remoteFile, _);\n                        }\n                    })\n                        .catch(reject);\n                });\n                resolve(queue.waitTillIdle());\n            });\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n        return !failed;\n    }\n    dispose() {\n        if (this.connection) {\n            this.connection.end();\n            this.connection = null;\n        }\n    }\n}\nexports.NodeSSH = NodeSSH;\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nvar PromiseQueue = /** @class */ (function () {\n    function PromiseQueue(_a) {\n        var _b = (_a === void 0 ? {} : _a).concurrency, concurrency = _b === void 0 ? 1 : _b;\n        this.options = { concurrency: concurrency };\n        this.running = 0;\n        this.queue = [];\n        this.idleCallbacks = [];\n    }\n    PromiseQueue.prototype.clear = function () {\n        this.queue = [];\n    };\n    PromiseQueue.prototype.onIdle = function (callback) {\n        var _this = this;\n        this.idleCallbacks.push(callback);\n        return function () {\n            var index = _this.idleCallbacks.indexOf(callback);\n            if (index !== -1) {\n                _this.idleCallbacks.splice(index, 1);\n            }\n        };\n    };\n    PromiseQueue.prototype.waitTillIdle = function () {\n        var _this = this;\n        return new Promise(function (resolve) {\n            if (_this.running === 0) {\n                resolve();\n                return;\n            }\n            var dispose = _this.onIdle(function () {\n                dispose();\n                resolve();\n            });\n        });\n    };\n    PromiseQueue.prototype.add = function (callback) {\n        var _this = this;\n        return new Promise(function (resolve, reject) {\n            var runCallback = function () {\n                _this.running += 1;\n                try {\n                    Promise.resolve(callback()).then(function (val) {\n                        resolve(val);\n                        _this.processNext();\n                    }, function (err) {\n                        reject(err);\n                        _this.processNext();\n                    });\n                }\n                catch (err) {\n                    reject(err);\n                    _this.processNext();\n                }\n            };\n            if (_this.running >= _this.options.concurrency) {\n                _this.queue.push(runCallback);\n            }\n            else {\n                runCallback();\n            }\n        });\n    };\n    // Internal function, don't use\n    PromiseQueue.prototype.processNext = function () {\n        this.running -= 1;\n        var callback = this.queue.shift();\n        if (callback) {\n            callback();\n        }\n        else if (this.running === 0) {\n            this.idleCallbacks.forEach(function (item) { return item(); });\n        }\n    };\n    return PromiseQueue;\n}());\nexports.PromiseQueue = PromiseQueue;\n","\"use strict\";\n/* @flow */\nvar __assign = (this && this.__assign) || function () {\n    __assign = Object.assign || function(t) {\n        for (var s, i = 1, n = arguments.length; i < n; i++) {\n            s = arguments[i];\n            for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))\n                t[p] = s[p];\n        }\n        return t;\n    };\n    return __assign.apply(this, arguments);\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nvar __generator = (this && this.__generator) || function (thisArg, body) {\n    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;\n    return g = { next: verb(0), \"throw\": verb(1), \"return\": verb(2) }, typeof Symbol === \"function\" && (g[Symbol.iterator] = function() { return this; }), g;\n    function verb(n) { return function (v) { return step([n, v]); }; }\n    function step(op) {\n        if (f) throw new TypeError(\"Generator is already executing.\");\n        while (_) try {\n            if (f = 1, y && (t = op[0] & 2 ? y[\"return\"] : op[0] ? y[\"throw\"] || ((t = y[\"return\"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;\n            if (y = 0, t) op = [op[0] & 2, t.value];\n            switch (op[0]) {\n                case 0: case 1: t = op; break;\n                case 4: _.label++; return { value: op[1], done: false };\n                case 5: _.label++; y = op[1]; op = [0]; continue;\n                case 7: op = _.ops.pop(); _.trys.pop(); continue;\n                default:\n                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }\n                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }\n                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }\n                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }\n                    if (t[2]) _.ops.pop();\n                    _.trys.pop(); continue;\n            }\n            op = body.call(thisArg, _);\n        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }\n        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };\n    }\n};\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n    return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.defaultFilesystem = void 0;\nvar fs_1 = __importDefault(require(\"fs\"));\nvar path_1 = __importDefault(require(\"path\"));\nvar assert_1 = __importDefault(require(\"assert\"));\nvar sb_promise_queue_1 = require(\"sb-promise-queue\");\nexports.defaultFilesystem = {\n    join: function (pathA, pathB) {\n        return path_1.default.join(pathA, pathB);\n    },\n    basename: function (path) {\n        return path_1.default.basename(path);\n    },\n    stat: function (path) {\n        return new Promise(function (resolve, reject) {\n            fs_1.default.stat(path, function (err, res) {\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            });\n        });\n    },\n    readdir: function (path) {\n        return new Promise(function (resolve, reject) {\n            fs_1.default.readdir(path, function (err, res) {\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            });\n        });\n    },\n};\nfunction scanDirectoryInternal(_a) {\n    var path = _a.path, recursive = _a.recursive, validate = _a.validate, result = _a.result, fileSystem = _a.fileSystem, queue = _a.queue, reject = _a.reject;\n    return __awaiter(this, void 0, void 0, function () {\n        var itemStat, contents;\n        return __generator(this, function (_b) {\n            switch (_b.label) {\n                case 0: return [4 /*yield*/, fileSystem.stat(path)];\n                case 1:\n                    itemStat = _b.sent();\n                    if (itemStat.isFile()) {\n                        result.files.push(path);\n                    }\n                    else if (itemStat.isDirectory()) {\n                        result.directories.push(path);\n                    }\n                    if (!itemStat.isDirectory() || recursive === 'none') {\n                        return [2 /*return*/];\n                    }\n                    return [4 /*yield*/, fileSystem.readdir(path)];\n                case 2:\n                    contents = _b.sent();\n                    contents.forEach(function (item) {\n                        var itemPath = fileSystem.join(path, item);\n                        if (!validate(itemPath)) {\n                            return;\n                        }\n                        queue\n                            .add(function () {\n                            return scanDirectoryInternal({\n                                path: itemPath,\n                                recursive: recursive === 'shallow' ? 'none' : 'deep',\n                                validate: validate,\n                                result: result,\n                                fileSystem: fileSystem,\n                                queue: queue,\n                                reject: reject,\n                            });\n                        })\n                            .catch(reject);\n                    });\n                    return [2 /*return*/];\n            }\n        });\n    });\n}\nfunction scanDirectory(path, _a) {\n    var _b = _a === void 0 ? {} : _a, _c = _b.recursive, recursive = _c === void 0 ? true : _c, _d = _b.validate, validate = _d === void 0 ? null : _d, _e = _b.concurrency, concurrency = _e === void 0 ? Infinity : _e, _f = _b.fileSystem, fileSystem = _f === void 0 ? exports.defaultFilesystem : _f;\n    return __awaiter(this, void 0, void 0, function () {\n        var queue, result, mergedFileSystem;\n        return __generator(this, function (_g) {\n            switch (_g.label) {\n                case 0:\n                    assert_1.default(path && typeof path === 'string', 'path must be a valid string');\n                    assert_1.default(typeof recursive === 'boolean', 'options.recursive must be a valid boolean');\n                    assert_1.default(validate === null || typeof validate === 'function', 'options.validate must be a valid function');\n                    assert_1.default(typeof concurrency === 'number', 'options.concurrency must be a valid number');\n                    assert_1.default(fileSystem !== null && typeof fileSystem === 'object', 'options.fileSystem must be a valid object');\n                    queue = new sb_promise_queue_1.PromiseQueue({\n                        concurrency: concurrency,\n                    });\n                    result = { files: [], directories: [] };\n                    mergedFileSystem = __assign(__assign({}, exports.defaultFilesystem), fileSystem);\n                    return [4 /*yield*/, new Promise(function (resolve, reject) {\n                            scanDirectoryInternal({\n                                path: path,\n                                recursive: recursive ? 'deep' : 'shallow',\n                                validate: validate != null ? validate : function (item) { return mergedFileSystem.basename(item).slice(0, 1) !== '.'; },\n                                result: result,\n                                fileSystem: mergedFileSystem,\n                                queue: queue,\n                                reject: reject,\n                            })\n                                .then(function () { return queue.waitTillIdle(); })\n                                .then(resolve, reject);\n                        })];\n                case 1:\n                    _g.sent();\n                    return [2 /*return*/, result];\n            }\n        });\n    });\n}\nexports.default = scanDirectory;\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\tvar threw = true;\n\ttry {\n\t\t__webpack_modules__[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n\t\tthrew = false;\n\t} finally {\n\t\tif(threw) delete __webpack_module_cache__[moduleId];\n\t}\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","\nif (typeof __webpack_require__ !== 'undefined') __webpack_require__.ab = __dirname + \"/\";","","// startup\n// Load entry module and return exports\n// This entry module is referenced by other modules so it can't be inlined\nvar __webpack_exports__ = __webpack_require__(4822);\n",""],"names":[],"sourceRoot":""}
\ No newline at end of file
+{"version":3,"file":"index.js","mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACTA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC3FA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC/UA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1RA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5lBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;AC5DA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACrQA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACnCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5TA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3iBA;AACA;AACA;AACA;AACA;;;;;;;;;ACJA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC3JA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1mDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtSA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuKA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkDA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACzNA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC79DA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC1CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5hEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvxHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AChWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACjkDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACvCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7rCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACtyDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC18CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AClHA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACnWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC9PA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACt1CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC/UA;;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvQA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACn1EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC9EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACPA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC5CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACPA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACvBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1GA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC7EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACpCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;ACpBA;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACjoBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5EA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;;;;;;;AC5KA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AC7BA;AACA;;;;AEDA;AACA;AACA;AACA","sources":["../webpack://@garygrossgarten/github-action-ssh/./lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./lib/keyboard.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/command.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/core.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/file-command.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/oidc-utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/path-utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/summary.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/core/lib/utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/http-client/lib/auth.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/http-client/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/@actions/http-client/lib/proxy.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/errors.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/reader.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/types.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/ber/writer.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/asn1/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/bcrypt-pbkdf/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/cpu-features/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/is-stream/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/make-dir/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/safer-buffer/safer.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/semver/semver.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/shell-escape/shell-escape.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/Channel.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/agent.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/client.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/http-agents.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/Protocol.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/SFTP.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/constants.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/crypto.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/crypto/poly1305.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/handlers.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/handlers.misc.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/kex.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/keyParser.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/node-fs-compat.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/zlib.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/server.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/utils.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/tunnel/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/tunnel/lib/tunnel.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/tweetnacl/nacl-fast.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/md5.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/nil.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/parse.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/regex.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/rng.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/sha1.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/stringify.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v1.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v3.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v35.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v4.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/v5.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/validate.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/uuid/dist/version.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/cpu-features/build/Release/cpufeatures.node","../webpack://@garygrossgarten/github-action-ssh/./node_modules/ssh2/lib/protocol/crypto/build/Release/sshcrypto.node","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"assert\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"buffer\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"child_process\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"crypto\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"dns\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"events\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"fs\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"http\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"https\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"net\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"os\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"path\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"stream\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"tls\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"util\"","../webpack://@garygrossgarten/github-action-ssh/external node-commonjs \"zlib\"","../webpack://@garygrossgarten/github-action-ssh/./node_modules/node-ssh/lib/cjs/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/sb-promise-queue/lib/cjs/index.js","../webpack://@garygrossgarten/github-action-ssh/./node_modules/sb-scandir/lib/cjs/index.js","../webpack://@garygrossgarten/github-action-ssh/webpack/bootstrap","../webpack://@garygrossgarten/github-action-ssh/webpack/runtime/compat","../webpack://@garygrossgarten/github-action-ssh/webpack/before-startup","../webpack://@garygrossgarten/github-action-ssh/webpack/startup","../webpack://@garygrossgarten/github-action-ssh/webpack/after-startup"],"sourcesContent":["\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    var desc = Object.getOwnPropertyDescriptor(m, k);\n    if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\n      desc = { enumerable: true, get: function() { return m[k]; } };\n    }\n    Object.defineProperty(o, k2, desc);\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nconst core = __importStar(require(\"@actions/core\"));\nconst node_ssh_1 = require(\"node-ssh\");\nconst keyboard_1 = require(\"./keyboard\");\nfunction run() {\n    return __awaiter(this, void 0, void 0, function* () {\n        const command = core.getInput('command');\n        const host = core.getInput('host') || 'localhost';\n        const username = core.getInput('username');\n        const port = +core.getInput('port') || 22;\n        const privateKey = core.getInput('privateKey');\n        const password = core.getInput('password');\n        const passphrase = core.getInput('passphrase');\n        const tryKeyboard = !!core.getInput('tryKeyboard');\n        try {\n            const ssh = yield connect(host, username, port, privateKey, password, passphrase, tryKeyboard);\n            yield executeCommand(ssh, command);\n            ssh.dispose();\n        }\n        catch (err) {\n            core.setFailed(err);\n        }\n    });\n}\nfunction connect(host = 'localhost', username, port = 22, privateKey, password, passphrase, tryKeyboard) {\n    return __awaiter(this, void 0, void 0, function* () {\n        const ssh = new node_ssh_1.NodeSSH();\n        console.log(`Establishing a SSH connection to ${host}.`);\n        try {\n            const config = {\n                host: host,\n                port: port,\n                username: username,\n                password: password,\n                passphrase: passphrase,\n                tryKeyboard: tryKeyboard,\n                onKeyboardInteractive: tryKeyboard ? (0, keyboard_1.keyboardFunction)(password) : null\n            };\n            if (privateKey) {\n                console.log('using provided private key');\n                config.privateKey = privateKey;\n            }\n            yield ssh.connect(config);\n            console.log(`🤝 Connected to ${host}.`);\n        }\n        catch (err) {\n            console.error(`⚠️ The GitHub Action couldn't connect to ${host}.`, err);\n            core.setFailed(err.message);\n        }\n        return ssh;\n    });\n}\nfunction executeCommand(ssh, command) {\n    var _a;\n    return __awaiter(this, void 0, void 0, function* () {\n        console.log(`Executing command: ${command}`);\n        try {\n            const { code } = yield ssh.exec(command, [], {\n                stream: 'both',\n                onStdout(chunk) {\n                    console.log(chunk.toString('utf8'));\n                },\n                onStderr(chunk) {\n                    console.log(chunk.toString('utf8'));\n                }\n            });\n            if (code > 0) {\n                throw Error(`Command exited with code ${code}`);\n            }\n            console.log('✅ SSH Action finished.');\n            if (ssh.isConnected()) {\n                ssh.dispose();\n            }\n        }\n        catch (err) {\n            console.error(`⚠️ An error happened executing command ${command}.`, (_a = err === null || err === void 0 ? void 0 : err.message) !== null && _a !== void 0 ? _a : err);\n            core.setFailed(err.message);\n            process.abort();\n        }\n    });\n}\nprocess.on('uncaughtException', (err) => {\n    if (err['code'] !== 'ECONNRESET')\n        throw err;\n});\nrun();\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.keyboardFunction = void 0;\nconst keyboardFunction = password => (name, instructions, instructionsLang, prompts, finish) => {\n    if (prompts.length > 0 &&\n        prompts[0].prompt.toLowerCase().includes(\"password\")) {\n        finish([password]);\n    }\n};\nexports.keyboardFunction = keyboardFunction;\n","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.issue = exports.issueCommand = void 0;\nconst os = __importStar(require(\"os\"));\nconst utils_1 = require(\"./utils\");\n/**\n * Commands\n *\n * Command Format:\n *   ::name key=value,key=value::message\n *\n * Examples:\n *   ::warning::This is the message\n *   ::set-env name=MY_VAR::some value\n */\nfunction issueCommand(command, properties, message) {\n    const cmd = new Command(command, properties, message);\n    process.stdout.write(cmd.toString() + os.EOL);\n}\nexports.issueCommand = issueCommand;\nfunction issue(name, message = '') {\n    issueCommand(name, {}, message);\n}\nexports.issue = issue;\nconst CMD_STRING = '::';\nclass Command {\n    constructor(command, properties, message) {\n        if (!command) {\n            command = 'missing.command';\n        }\n        this.command = command;\n        this.properties = properties;\n        this.message = message;\n    }\n    toString() {\n        let cmdStr = CMD_STRING + this.command;\n        if (this.properties && Object.keys(this.properties).length > 0) {\n            cmdStr += ' ';\n            let first = true;\n            for (const key in this.properties) {\n                if (this.properties.hasOwnProperty(key)) {\n                    const val = this.properties[key];\n                    if (val) {\n                        if (first) {\n                            first = false;\n                        }\n                        else {\n                            cmdStr += ',';\n                        }\n                        cmdStr += `${key}=${escapeProperty(val)}`;\n                    }\n                }\n            }\n        }\n        cmdStr += `${CMD_STRING}${escapeData(this.message)}`;\n        return cmdStr;\n    }\n}\nfunction escapeData(s) {\n    return utils_1.toCommandValue(s)\n        .replace(/%/g, '%25')\n        .replace(/\\r/g, '%0D')\n        .replace(/\\n/g, '%0A');\n}\nfunction escapeProperty(s) {\n    return utils_1.toCommandValue(s)\n        .replace(/%/g, '%25')\n        .replace(/\\r/g, '%0D')\n        .replace(/\\n/g, '%0A')\n        .replace(/:/g, '%3A')\n        .replace(/,/g, '%2C');\n}\n//# sourceMappingURL=command.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.getIDToken = exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0;\nconst command_1 = require(\"./command\");\nconst file_command_1 = require(\"./file-command\");\nconst utils_1 = require(\"./utils\");\nconst os = __importStar(require(\"os\"));\nconst path = __importStar(require(\"path\"));\nconst oidc_utils_1 = require(\"./oidc-utils\");\n/**\n * The code to exit an action\n */\nvar ExitCode;\n(function (ExitCode) {\n    /**\n     * A code indicating that the action was successful\n     */\n    ExitCode[ExitCode[\"Success\"] = 0] = \"Success\";\n    /**\n     * A code indicating that the action was a failure\n     */\n    ExitCode[ExitCode[\"Failure\"] = 1] = \"Failure\";\n})(ExitCode = exports.ExitCode || (exports.ExitCode = {}));\n//-----------------------------------------------------------------------\n// Variables\n//-----------------------------------------------------------------------\n/**\n * Sets env variable for this action and future actions in the job\n * @param name the name of the variable to set\n * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction exportVariable(name, val) {\n    const convertedVal = utils_1.toCommandValue(val);\n    process.env[name] = convertedVal;\n    const filePath = process.env['GITHUB_ENV'] || '';\n    if (filePath) {\n        return file_command_1.issueFileCommand('ENV', file_command_1.prepareKeyValueMessage(name, val));\n    }\n    command_1.issueCommand('set-env', { name }, convertedVal);\n}\nexports.exportVariable = exportVariable;\n/**\n * Registers a secret which will get masked from logs\n * @param secret value of the secret\n */\nfunction setSecret(secret) {\n    command_1.issueCommand('add-mask', {}, secret);\n}\nexports.setSecret = setSecret;\n/**\n * Prepends inputPath to the PATH (for this action and future actions)\n * @param inputPath\n */\nfunction addPath(inputPath) {\n    const filePath = process.env['GITHUB_PATH'] || '';\n    if (filePath) {\n        file_command_1.issueFileCommand('PATH', inputPath);\n    }\n    else {\n        command_1.issueCommand('add-path', {}, inputPath);\n    }\n    process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`;\n}\nexports.addPath = addPath;\n/**\n * Gets the value of an input.\n * Unless trimWhitespace is set to false in InputOptions, the value is also trimmed.\n * Returns an empty string if the value is not defined.\n *\n * @param     name     name of the input to get\n * @param     options  optional. See InputOptions.\n * @returns   string\n */\nfunction getInput(name, options) {\n    const val = process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] || '';\n    if (options && options.required && !val) {\n        throw new Error(`Input required and not supplied: ${name}`);\n    }\n    if (options && options.trimWhitespace === false) {\n        return val;\n    }\n    return val.trim();\n}\nexports.getInput = getInput;\n/**\n * Gets the values of an multiline input.  Each value is also trimmed.\n *\n * @param     name     name of the input to get\n * @param     options  optional. See InputOptions.\n * @returns   string[]\n *\n */\nfunction getMultilineInput(name, options) {\n    const inputs = getInput(name, options)\n        .split('\\n')\n        .filter(x => x !== '');\n    if (options && options.trimWhitespace === false) {\n        return inputs;\n    }\n    return inputs.map(input => input.trim());\n}\nexports.getMultilineInput = getMultilineInput;\n/**\n * Gets the input value of the boolean type in the YAML 1.2 \"core schema\" specification.\n * Support boolean input list: `true | True | TRUE | false | False | FALSE` .\n * The return value is also in boolean type.\n * ref: https://yaml.org/spec/1.2/spec.html#id2804923\n *\n * @param     name     name of the input to get\n * @param     options  optional. See InputOptions.\n * @returns   boolean\n */\nfunction getBooleanInput(name, options) {\n    const trueValue = ['true', 'True', 'TRUE'];\n    const falseValue = ['false', 'False', 'FALSE'];\n    const val = getInput(name, options);\n    if (trueValue.includes(val))\n        return true;\n    if (falseValue.includes(val))\n        return false;\n    throw new TypeError(`Input does not meet YAML 1.2 \"Core Schema\" specification: ${name}\\n` +\n        `Support boolean input list: \\`true | True | TRUE | false | False | FALSE\\``);\n}\nexports.getBooleanInput = getBooleanInput;\n/**\n * Sets the value of an output.\n *\n * @param     name     name of the output to set\n * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction setOutput(name, value) {\n    const filePath = process.env['GITHUB_OUTPUT'] || '';\n    if (filePath) {\n        return file_command_1.issueFileCommand('OUTPUT', file_command_1.prepareKeyValueMessage(name, value));\n    }\n    process.stdout.write(os.EOL);\n    command_1.issueCommand('set-output', { name }, utils_1.toCommandValue(value));\n}\nexports.setOutput = setOutput;\n/**\n * Enables or disables the echoing of commands into stdout for the rest of the step.\n * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set.\n *\n */\nfunction setCommandEcho(enabled) {\n    command_1.issue('echo', enabled ? 'on' : 'off');\n}\nexports.setCommandEcho = setCommandEcho;\n//-----------------------------------------------------------------------\n// Results\n//-----------------------------------------------------------------------\n/**\n * Sets the action status to failed.\n * When the action exits it will be with an exit code of 1\n * @param message add error issue message\n */\nfunction setFailed(message) {\n    process.exitCode = ExitCode.Failure;\n    error(message);\n}\nexports.setFailed = setFailed;\n//-----------------------------------------------------------------------\n// Logging Commands\n//-----------------------------------------------------------------------\n/**\n * Gets whether Actions Step Debug is on or not\n */\nfunction isDebug() {\n    return process.env['RUNNER_DEBUG'] === '1';\n}\nexports.isDebug = isDebug;\n/**\n * Writes debug message to user log\n * @param message debug message\n */\nfunction debug(message) {\n    command_1.issueCommand('debug', {}, message);\n}\nexports.debug = debug;\n/**\n * Adds an error issue\n * @param message error issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction error(message, properties = {}) {\n    command_1.issueCommand('error', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message);\n}\nexports.error = error;\n/**\n * Adds a warning issue\n * @param message warning issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction warning(message, properties = {}) {\n    command_1.issueCommand('warning', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message);\n}\nexports.warning = warning;\n/**\n * Adds a notice issue\n * @param message notice issue message. Errors will be converted to string via toString()\n * @param properties optional properties to add to the annotation.\n */\nfunction notice(message, properties = {}) {\n    command_1.issueCommand('notice', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message);\n}\nexports.notice = notice;\n/**\n * Writes info to log with console.log.\n * @param message info message\n */\nfunction info(message) {\n    process.stdout.write(message + os.EOL);\n}\nexports.info = info;\n/**\n * Begin an output group.\n *\n * Output until the next `groupEnd` will be foldable in this group\n *\n * @param name The name of the output group\n */\nfunction startGroup(name) {\n    command_1.issue('group', name);\n}\nexports.startGroup = startGroup;\n/**\n * End an output group.\n */\nfunction endGroup() {\n    command_1.issue('endgroup');\n}\nexports.endGroup = endGroup;\n/**\n * Wrap an asynchronous function call in a group.\n *\n * Returns the same type as the function itself.\n *\n * @param name The name of the group\n * @param fn The function to wrap in the group\n */\nfunction group(name, fn) {\n    return __awaiter(this, void 0, void 0, function* () {\n        startGroup(name);\n        let result;\n        try {\n            result = yield fn();\n        }\n        finally {\n            endGroup();\n        }\n        return result;\n    });\n}\nexports.group = group;\n//-----------------------------------------------------------------------\n// Wrapper action state\n//-----------------------------------------------------------------------\n/**\n * Saves state for current action, the state can only be retrieved by this action's post job execution.\n *\n * @param     name     name of the state to store\n * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nfunction saveState(name, value) {\n    const filePath = process.env['GITHUB_STATE'] || '';\n    if (filePath) {\n        return file_command_1.issueFileCommand('STATE', file_command_1.prepareKeyValueMessage(name, value));\n    }\n    command_1.issueCommand('save-state', { name }, utils_1.toCommandValue(value));\n}\nexports.saveState = saveState;\n/**\n * Gets the value of an state set by this action's main execution.\n *\n * @param     name     name of the state to get\n * @returns   string\n */\nfunction getState(name) {\n    return process.env[`STATE_${name}`] || '';\n}\nexports.getState = getState;\nfunction getIDToken(aud) {\n    return __awaiter(this, void 0, void 0, function* () {\n        return yield oidc_utils_1.OidcClient.getIDToken(aud);\n    });\n}\nexports.getIDToken = getIDToken;\n/**\n * Summary exports\n */\nvar summary_1 = require(\"./summary\");\nObject.defineProperty(exports, \"summary\", { enumerable: true, get: function () { return summary_1.summary; } });\n/**\n * @deprecated use core.summary\n */\nvar summary_2 = require(\"./summary\");\nObject.defineProperty(exports, \"markdownSummary\", { enumerable: true, get: function () { return summary_2.markdownSummary; } });\n/**\n * Path exports\n */\nvar path_utils_1 = require(\"./path-utils\");\nObject.defineProperty(exports, \"toPosixPath\", { enumerable: true, get: function () { return path_utils_1.toPosixPath; } });\nObject.defineProperty(exports, \"toWin32Path\", { enumerable: true, get: function () { return path_utils_1.toWin32Path; } });\nObject.defineProperty(exports, \"toPlatformPath\", { enumerable: true, get: function () { return path_utils_1.toPlatformPath; } });\n//# sourceMappingURL=core.js.map","\"use strict\";\n// For internal use, subject to change.\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.prepareKeyValueMessage = exports.issueFileCommand = void 0;\n// We use any as a valid input type\n/* eslint-disable @typescript-eslint/no-explicit-any */\nconst fs = __importStar(require(\"fs\"));\nconst os = __importStar(require(\"os\"));\nconst uuid_1 = require(\"uuid\");\nconst utils_1 = require(\"./utils\");\nfunction issueFileCommand(command, message) {\n    const filePath = process.env[`GITHUB_${command}`];\n    if (!filePath) {\n        throw new Error(`Unable to find environment variable for file command ${command}`);\n    }\n    if (!fs.existsSync(filePath)) {\n        throw new Error(`Missing file at path: ${filePath}`);\n    }\n    fs.appendFileSync(filePath, `${utils_1.toCommandValue(message)}${os.EOL}`, {\n        encoding: 'utf8'\n    });\n}\nexports.issueFileCommand = issueFileCommand;\nfunction prepareKeyValueMessage(key, value) {\n    const delimiter = `ghadelimiter_${uuid_1.v4()}`;\n    const convertedValue = utils_1.toCommandValue(value);\n    // These should realistically never happen, but just in case someone finds a\n    // way to exploit uuid generation let's not allow keys or values that contain\n    // the delimiter.\n    if (key.includes(delimiter)) {\n        throw new Error(`Unexpected input: name should not contain the delimiter \"${delimiter}\"`);\n    }\n    if (convertedValue.includes(delimiter)) {\n        throw new Error(`Unexpected input: value should not contain the delimiter \"${delimiter}\"`);\n    }\n    return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`;\n}\nexports.prepareKeyValueMessage = prepareKeyValueMessage;\n//# sourceMappingURL=file-command.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.OidcClient = void 0;\nconst http_client_1 = require(\"@actions/http-client\");\nconst auth_1 = require(\"@actions/http-client/lib/auth\");\nconst core_1 = require(\"./core\");\nclass OidcClient {\n    static createHttpClient(allowRetry = true, maxRetry = 10) {\n        const requestOptions = {\n            allowRetries: allowRetry,\n            maxRetries: maxRetry\n        };\n        return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions);\n    }\n    static getRequestToken() {\n        const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'];\n        if (!token) {\n            throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable');\n        }\n        return token;\n    }\n    static getIDTokenUrl() {\n        const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL'];\n        if (!runtimeUrl) {\n            throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable');\n        }\n        return runtimeUrl;\n    }\n    static getCall(id_token_url) {\n        var _a;\n        return __awaiter(this, void 0, void 0, function* () {\n            const httpclient = OidcClient.createHttpClient();\n            const res = yield httpclient\n                .getJson(id_token_url)\n                .catch(error => {\n                throw new Error(`Failed to get ID Token. \\n \n        Error Code : ${error.statusCode}\\n \n        Error Message: ${error.result.message}`);\n            });\n            const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value;\n            if (!id_token) {\n                throw new Error('Response json body do not have ID Token field');\n            }\n            return id_token;\n        });\n    }\n    static getIDToken(audience) {\n        return __awaiter(this, void 0, void 0, function* () {\n            try {\n                // New ID Token is requested from action service\n                let id_token_url = OidcClient.getIDTokenUrl();\n                if (audience) {\n                    const encodedAudience = encodeURIComponent(audience);\n                    id_token_url = `${id_token_url}&audience=${encodedAudience}`;\n                }\n                core_1.debug(`ID token url is ${id_token_url}`);\n                const id_token = yield OidcClient.getCall(id_token_url);\n                core_1.setSecret(id_token);\n                return id_token;\n            }\n            catch (error) {\n                throw new Error(`Error message: ${error.message}`);\n            }\n        });\n    }\n}\nexports.OidcClient = OidcClient;\n//# sourceMappingURL=oidc-utils.js.map","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = void 0;\nconst path = __importStar(require(\"path\"));\n/**\n * toPosixPath converts the given path to the posix form. On Windows, \\\\ will be\n * replaced with /.\n *\n * @param pth. Path to transform.\n * @return string Posix path.\n */\nfunction toPosixPath(pth) {\n    return pth.replace(/[\\\\]/g, '/');\n}\nexports.toPosixPath = toPosixPath;\n/**\n * toWin32Path converts the given path to the win32 form. On Linux, / will be\n * replaced with \\\\.\n *\n * @param pth. Path to transform.\n * @return string Win32 path.\n */\nfunction toWin32Path(pth) {\n    return pth.replace(/[/]/g, '\\\\');\n}\nexports.toWin32Path = toWin32Path;\n/**\n * toPlatformPath converts the given path to a platform-specific path. It does\n * this by replacing instances of / and \\ with the platform-specific path\n * separator.\n *\n * @param pth The path to platformize.\n * @return string The platform-specific path.\n */\nfunction toPlatformPath(pth) {\n    return pth.replace(/[/\\\\]/g, path.sep);\n}\nexports.toPlatformPath = toPlatformPath;\n//# sourceMappingURL=path-utils.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.summary = exports.markdownSummary = exports.SUMMARY_DOCS_URL = exports.SUMMARY_ENV_VAR = void 0;\nconst os_1 = require(\"os\");\nconst fs_1 = require(\"fs\");\nconst { access, appendFile, writeFile } = fs_1.promises;\nexports.SUMMARY_ENV_VAR = 'GITHUB_STEP_SUMMARY';\nexports.SUMMARY_DOCS_URL = 'https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary';\nclass Summary {\n    constructor() {\n        this._buffer = '';\n    }\n    /**\n     * Finds the summary file path from the environment, rejects if env var is not found or file does not exist\n     * Also checks r/w permissions.\n     *\n     * @returns step summary file path\n     */\n    filePath() {\n        return __awaiter(this, void 0, void 0, function* () {\n            if (this._filePath) {\n                return this._filePath;\n            }\n            const pathFromEnv = process.env[exports.SUMMARY_ENV_VAR];\n            if (!pathFromEnv) {\n                throw new Error(`Unable to find environment variable for $${exports.SUMMARY_ENV_VAR}. Check if your runtime environment supports job summaries.`);\n            }\n            try {\n                yield access(pathFromEnv, fs_1.constants.R_OK | fs_1.constants.W_OK);\n            }\n            catch (_a) {\n                throw new Error(`Unable to access summary file: '${pathFromEnv}'. Check if the file has correct read/write permissions.`);\n            }\n            this._filePath = pathFromEnv;\n            return this._filePath;\n        });\n    }\n    /**\n     * Wraps content in an HTML tag, adding any HTML attributes\n     *\n     * @param {string} tag HTML tag to wrap\n     * @param {string | null} content content within the tag\n     * @param {[attribute: string]: string} attrs key-value list of HTML attributes to add\n     *\n     * @returns {string} content wrapped in HTML element\n     */\n    wrap(tag, content, attrs = {}) {\n        const htmlAttrs = Object.entries(attrs)\n            .map(([key, value]) => ` ${key}=\"${value}\"`)\n            .join('');\n        if (!content) {\n            return `<${tag}${htmlAttrs}>`;\n        }\n        return `<${tag}${htmlAttrs}>${content}</${tag}>`;\n    }\n    /**\n     * Writes text in the buffer to the summary buffer file and empties buffer. Will append by default.\n     *\n     * @param {SummaryWriteOptions} [options] (optional) options for write operation\n     *\n     * @returns {Promise<Summary>} summary instance\n     */\n    write(options) {\n        return __awaiter(this, void 0, void 0, function* () {\n            const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite);\n            const filePath = yield this.filePath();\n            const writeFunc = overwrite ? writeFile : appendFile;\n            yield writeFunc(filePath, this._buffer, { encoding: 'utf8' });\n            return this.emptyBuffer();\n        });\n    }\n    /**\n     * Clears the summary buffer and wipes the summary file\n     *\n     * @returns {Summary} summary instance\n     */\n    clear() {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.emptyBuffer().write({ overwrite: true });\n        });\n    }\n    /**\n     * Returns the current summary buffer as a string\n     *\n     * @returns {string} string of summary buffer\n     */\n    stringify() {\n        return this._buffer;\n    }\n    /**\n     * If the summary buffer is empty\n     *\n     * @returns {boolen} true if the buffer is empty\n     */\n    isEmptyBuffer() {\n        return this._buffer.length === 0;\n    }\n    /**\n     * Resets the summary buffer without writing to summary file\n     *\n     * @returns {Summary} summary instance\n     */\n    emptyBuffer() {\n        this._buffer = '';\n        return this;\n    }\n    /**\n     * Adds raw text to the summary buffer\n     *\n     * @param {string} text content to add\n     * @param {boolean} [addEOL=false] (optional) append an EOL to the raw text (default: false)\n     *\n     * @returns {Summary} summary instance\n     */\n    addRaw(text, addEOL = false) {\n        this._buffer += text;\n        return addEOL ? this.addEOL() : this;\n    }\n    /**\n     * Adds the operating system-specific end-of-line marker to the buffer\n     *\n     * @returns {Summary} summary instance\n     */\n    addEOL() {\n        return this.addRaw(os_1.EOL);\n    }\n    /**\n     * Adds an HTML codeblock to the summary buffer\n     *\n     * @param {string} code content to render within fenced code block\n     * @param {string} lang (optional) language to syntax highlight code\n     *\n     * @returns {Summary} summary instance\n     */\n    addCodeBlock(code, lang) {\n        const attrs = Object.assign({}, (lang && { lang }));\n        const element = this.wrap('pre', this.wrap('code', code), attrs);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML list to the summary buffer\n     *\n     * @param {string[]} items list of items to render\n     * @param {boolean} [ordered=false] (optional) if the rendered list should be ordered or not (default: false)\n     *\n     * @returns {Summary} summary instance\n     */\n    addList(items, ordered = false) {\n        const tag = ordered ? 'ol' : 'ul';\n        const listItems = items.map(item => this.wrap('li', item)).join('');\n        const element = this.wrap(tag, listItems);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML table to the summary buffer\n     *\n     * @param {SummaryTableCell[]} rows table rows\n     *\n     * @returns {Summary} summary instance\n     */\n    addTable(rows) {\n        const tableBody = rows\n            .map(row => {\n            const cells = row\n                .map(cell => {\n                if (typeof cell === 'string') {\n                    return this.wrap('td', cell);\n                }\n                const { header, data, colspan, rowspan } = cell;\n                const tag = header ? 'th' : 'td';\n                const attrs = Object.assign(Object.assign({}, (colspan && { colspan })), (rowspan && { rowspan }));\n                return this.wrap(tag, data, attrs);\n            })\n                .join('');\n            return this.wrap('tr', cells);\n        })\n            .join('');\n        const element = this.wrap('table', tableBody);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds a collapsable HTML details element to the summary buffer\n     *\n     * @param {string} label text for the closed state\n     * @param {string} content collapsable content\n     *\n     * @returns {Summary} summary instance\n     */\n    addDetails(label, content) {\n        const element = this.wrap('details', this.wrap('summary', label) + content);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML image tag to the summary buffer\n     *\n     * @param {string} src path to the image you to embed\n     * @param {string} alt text description of the image\n     * @param {SummaryImageOptions} options (optional) addition image attributes\n     *\n     * @returns {Summary} summary instance\n     */\n    addImage(src, alt, options) {\n        const { width, height } = options || {};\n        const attrs = Object.assign(Object.assign({}, (width && { width })), (height && { height }));\n        const element = this.wrap('img', null, Object.assign({ src, alt }, attrs));\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML section heading element\n     *\n     * @param {string} text heading text\n     * @param {number | string} [level=1] (optional) the heading level, default: 1\n     *\n     * @returns {Summary} summary instance\n     */\n    addHeading(text, level) {\n        const tag = `h${level}`;\n        const allowedTag = ['h1', 'h2', 'h3', 'h4', 'h5', 'h6'].includes(tag)\n            ? tag\n            : 'h1';\n        const element = this.wrap(allowedTag, text);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML thematic break (<hr>) to the summary buffer\n     *\n     * @returns {Summary} summary instance\n     */\n    addSeparator() {\n        const element = this.wrap('hr', null);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML line break (<br>) to the summary buffer\n     *\n     * @returns {Summary} summary instance\n     */\n    addBreak() {\n        const element = this.wrap('br', null);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML blockquote to the summary buffer\n     *\n     * @param {string} text quote text\n     * @param {string} cite (optional) citation url\n     *\n     * @returns {Summary} summary instance\n     */\n    addQuote(text, cite) {\n        const attrs = Object.assign({}, (cite && { cite }));\n        const element = this.wrap('blockquote', text, attrs);\n        return this.addRaw(element).addEOL();\n    }\n    /**\n     * Adds an HTML anchor tag to the summary buffer\n     *\n     * @param {string} text link text/content\n     * @param {string} href hyperlink\n     *\n     * @returns {Summary} summary instance\n     */\n    addLink(text, href) {\n        const element = this.wrap('a', text, { href });\n        return this.addRaw(element).addEOL();\n    }\n}\nconst _summary = new Summary();\n/**\n * @deprecated use `core.summary`\n */\nexports.markdownSummary = _summary;\nexports.summary = _summary;\n//# sourceMappingURL=summary.js.map","\"use strict\";\n// We use any as a valid input type\n/* eslint-disable @typescript-eslint/no-explicit-any */\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.toCommandProperties = exports.toCommandValue = void 0;\n/**\n * Sanitizes an input into a string so it can be passed into issueCommand safely\n * @param input input to sanitize into a string\n */\nfunction toCommandValue(input) {\n    if (input === null || input === undefined) {\n        return '';\n    }\n    else if (typeof input === 'string' || input instanceof String) {\n        return input;\n    }\n    return JSON.stringify(input);\n}\nexports.toCommandValue = toCommandValue;\n/**\n *\n * @param annotationProperties\n * @returns The command properties to send with the actual annotation command\n * See IssueCommandProperties: https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionCommandManager.cs#L646\n */\nfunction toCommandProperties(annotationProperties) {\n    if (!Object.keys(annotationProperties).length) {\n        return {};\n    }\n    return {\n        title: annotationProperties.title,\n        file: annotationProperties.file,\n        line: annotationProperties.startLine,\n        endLine: annotationProperties.endLine,\n        col: annotationProperties.startColumn,\n        endColumn: annotationProperties.endColumn\n    };\n}\nexports.toCommandProperties = toCommandProperties;\n//# sourceMappingURL=utils.js.map","\"use strict\";\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.PersonalAccessTokenCredentialHandler = exports.BearerCredentialHandler = exports.BasicCredentialHandler = void 0;\nclass BasicCredentialHandler {\n    constructor(username, password) {\n        this.username = username;\n        this.password = password;\n    }\n    prepareRequest(options) {\n        if (!options.headers) {\n            throw Error('The request has no headers');\n        }\n        options.headers['Authorization'] = `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`;\n    }\n    // This handler cannot handle 401\n    canHandleAuthentication() {\n        return false;\n    }\n    handleAuthentication() {\n        return __awaiter(this, void 0, void 0, function* () {\n            throw new Error('not implemented');\n        });\n    }\n}\nexports.BasicCredentialHandler = BasicCredentialHandler;\nclass BearerCredentialHandler {\n    constructor(token) {\n        this.token = token;\n    }\n    // currently implements pre-authorization\n    // TODO: support preAuth = false where it hooks on 401\n    prepareRequest(options) {\n        if (!options.headers) {\n            throw Error('The request has no headers');\n        }\n        options.headers['Authorization'] = `Bearer ${this.token}`;\n    }\n    // This handler cannot handle 401\n    canHandleAuthentication() {\n        return false;\n    }\n    handleAuthentication() {\n        return __awaiter(this, void 0, void 0, function* () {\n            throw new Error('not implemented');\n        });\n    }\n}\nexports.BearerCredentialHandler = BearerCredentialHandler;\nclass PersonalAccessTokenCredentialHandler {\n    constructor(token) {\n        this.token = token;\n    }\n    // currently implements pre-authorization\n    // TODO: support preAuth = false where it hooks on 401\n    prepareRequest(options) {\n        if (!options.headers) {\n            throw Error('The request has no headers');\n        }\n        options.headers['Authorization'] = `Basic ${Buffer.from(`PAT:${this.token}`).toString('base64')}`;\n    }\n    // This handler cannot handle 401\n    canHandleAuthentication() {\n        return false;\n    }\n    handleAuthentication() {\n        return __awaiter(this, void 0, void 0, function* () {\n            throw new Error('not implemented');\n        });\n    }\n}\nexports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHandler;\n//# sourceMappingURL=auth.js.map","\"use strict\";\n/* eslint-disable @typescript-eslint/no-explicit-any */\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.HttpClient = exports.isHttps = exports.HttpClientResponse = exports.HttpClientError = exports.getProxyUrl = exports.MediaTypes = exports.Headers = exports.HttpCodes = void 0;\nconst http = __importStar(require(\"http\"));\nconst https = __importStar(require(\"https\"));\nconst pm = __importStar(require(\"./proxy\"));\nconst tunnel = __importStar(require(\"tunnel\"));\nvar HttpCodes;\n(function (HttpCodes) {\n    HttpCodes[HttpCodes[\"OK\"] = 200] = \"OK\";\n    HttpCodes[HttpCodes[\"MultipleChoices\"] = 300] = \"MultipleChoices\";\n    HttpCodes[HttpCodes[\"MovedPermanently\"] = 301] = \"MovedPermanently\";\n    HttpCodes[HttpCodes[\"ResourceMoved\"] = 302] = \"ResourceMoved\";\n    HttpCodes[HttpCodes[\"SeeOther\"] = 303] = \"SeeOther\";\n    HttpCodes[HttpCodes[\"NotModified\"] = 304] = \"NotModified\";\n    HttpCodes[HttpCodes[\"UseProxy\"] = 305] = \"UseProxy\";\n    HttpCodes[HttpCodes[\"SwitchProxy\"] = 306] = \"SwitchProxy\";\n    HttpCodes[HttpCodes[\"TemporaryRedirect\"] = 307] = \"TemporaryRedirect\";\n    HttpCodes[HttpCodes[\"PermanentRedirect\"] = 308] = \"PermanentRedirect\";\n    HttpCodes[HttpCodes[\"BadRequest\"] = 400] = \"BadRequest\";\n    HttpCodes[HttpCodes[\"Unauthorized\"] = 401] = \"Unauthorized\";\n    HttpCodes[HttpCodes[\"PaymentRequired\"] = 402] = \"PaymentRequired\";\n    HttpCodes[HttpCodes[\"Forbidden\"] = 403] = \"Forbidden\";\n    HttpCodes[HttpCodes[\"NotFound\"] = 404] = \"NotFound\";\n    HttpCodes[HttpCodes[\"MethodNotAllowed\"] = 405] = \"MethodNotAllowed\";\n    HttpCodes[HttpCodes[\"NotAcceptable\"] = 406] = \"NotAcceptable\";\n    HttpCodes[HttpCodes[\"ProxyAuthenticationRequired\"] = 407] = \"ProxyAuthenticationRequired\";\n    HttpCodes[HttpCodes[\"RequestTimeout\"] = 408] = \"RequestTimeout\";\n    HttpCodes[HttpCodes[\"Conflict\"] = 409] = \"Conflict\";\n    HttpCodes[HttpCodes[\"Gone\"] = 410] = \"Gone\";\n    HttpCodes[HttpCodes[\"TooManyRequests\"] = 429] = \"TooManyRequests\";\n    HttpCodes[HttpCodes[\"InternalServerError\"] = 500] = \"InternalServerError\";\n    HttpCodes[HttpCodes[\"NotImplemented\"] = 501] = \"NotImplemented\";\n    HttpCodes[HttpCodes[\"BadGateway\"] = 502] = \"BadGateway\";\n    HttpCodes[HttpCodes[\"ServiceUnavailable\"] = 503] = \"ServiceUnavailable\";\n    HttpCodes[HttpCodes[\"GatewayTimeout\"] = 504] = \"GatewayTimeout\";\n})(HttpCodes = exports.HttpCodes || (exports.HttpCodes = {}));\nvar Headers;\n(function (Headers) {\n    Headers[\"Accept\"] = \"accept\";\n    Headers[\"ContentType\"] = \"content-type\";\n})(Headers = exports.Headers || (exports.Headers = {}));\nvar MediaTypes;\n(function (MediaTypes) {\n    MediaTypes[\"ApplicationJson\"] = \"application/json\";\n})(MediaTypes = exports.MediaTypes || (exports.MediaTypes = {}));\n/**\n * Returns the proxy URL, depending upon the supplied url and proxy environment variables.\n * @param serverUrl  The server URL where the request will be sent. For example, https://api.github.com\n */\nfunction getProxyUrl(serverUrl) {\n    const proxyUrl = pm.getProxyUrl(new URL(serverUrl));\n    return proxyUrl ? proxyUrl.href : '';\n}\nexports.getProxyUrl = getProxyUrl;\nconst HttpRedirectCodes = [\n    HttpCodes.MovedPermanently,\n    HttpCodes.ResourceMoved,\n    HttpCodes.SeeOther,\n    HttpCodes.TemporaryRedirect,\n    HttpCodes.PermanentRedirect\n];\nconst HttpResponseRetryCodes = [\n    HttpCodes.BadGateway,\n    HttpCodes.ServiceUnavailable,\n    HttpCodes.GatewayTimeout\n];\nconst RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD'];\nconst ExponentialBackoffCeiling = 10;\nconst ExponentialBackoffTimeSlice = 5;\nclass HttpClientError extends Error {\n    constructor(message, statusCode) {\n        super(message);\n        this.name = 'HttpClientError';\n        this.statusCode = statusCode;\n        Object.setPrototypeOf(this, HttpClientError.prototype);\n    }\n}\nexports.HttpClientError = HttpClientError;\nclass HttpClientResponse {\n    constructor(message) {\n        this.message = message;\n    }\n    readBody() {\n        return __awaiter(this, void 0, void 0, function* () {\n            return new Promise((resolve) => __awaiter(this, void 0, void 0, function* () {\n                let output = Buffer.alloc(0);\n                this.message.on('data', (chunk) => {\n                    output = Buffer.concat([output, chunk]);\n                });\n                this.message.on('end', () => {\n                    resolve(output.toString());\n                });\n            }));\n        });\n    }\n}\nexports.HttpClientResponse = HttpClientResponse;\nfunction isHttps(requestUrl) {\n    const parsedUrl = new URL(requestUrl);\n    return parsedUrl.protocol === 'https:';\n}\nexports.isHttps = isHttps;\nclass HttpClient {\n    constructor(userAgent, handlers, requestOptions) {\n        this._ignoreSslError = false;\n        this._allowRedirects = true;\n        this._allowRedirectDowngrade = false;\n        this._maxRedirects = 50;\n        this._allowRetries = false;\n        this._maxRetries = 1;\n        this._keepAlive = false;\n        this._disposed = false;\n        this.userAgent = userAgent;\n        this.handlers = handlers || [];\n        this.requestOptions = requestOptions;\n        if (requestOptions) {\n            if (requestOptions.ignoreSslError != null) {\n                this._ignoreSslError = requestOptions.ignoreSslError;\n            }\n            this._socketTimeout = requestOptions.socketTimeout;\n            if (requestOptions.allowRedirects != null) {\n                this._allowRedirects = requestOptions.allowRedirects;\n            }\n            if (requestOptions.allowRedirectDowngrade != null) {\n                this._allowRedirectDowngrade = requestOptions.allowRedirectDowngrade;\n            }\n            if (requestOptions.maxRedirects != null) {\n                this._maxRedirects = Math.max(requestOptions.maxRedirects, 0);\n            }\n            if (requestOptions.keepAlive != null) {\n                this._keepAlive = requestOptions.keepAlive;\n            }\n            if (requestOptions.allowRetries != null) {\n                this._allowRetries = requestOptions.allowRetries;\n            }\n            if (requestOptions.maxRetries != null) {\n                this._maxRetries = requestOptions.maxRetries;\n            }\n        }\n    }\n    options(requestUrl, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('OPTIONS', requestUrl, null, additionalHeaders || {});\n        });\n    }\n    get(requestUrl, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('GET', requestUrl, null, additionalHeaders || {});\n        });\n    }\n    del(requestUrl, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('DELETE', requestUrl, null, additionalHeaders || {});\n        });\n    }\n    post(requestUrl, data, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('POST', requestUrl, data, additionalHeaders || {});\n        });\n    }\n    patch(requestUrl, data, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('PATCH', requestUrl, data, additionalHeaders || {});\n        });\n    }\n    put(requestUrl, data, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('PUT', requestUrl, data, additionalHeaders || {});\n        });\n    }\n    head(requestUrl, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request('HEAD', requestUrl, null, additionalHeaders || {});\n        });\n    }\n    sendStream(verb, requestUrl, stream, additionalHeaders) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return this.request(verb, requestUrl, stream, additionalHeaders);\n        });\n    }\n    /**\n     * Gets a typed object from an endpoint\n     * Be aware that not found returns a null.  Other errors (4xx, 5xx) reject the promise\n     */\n    getJson(requestUrl, additionalHeaders = {}) {\n        return __awaiter(this, void 0, void 0, function* () {\n            additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n            const res = yield this.get(requestUrl, additionalHeaders);\n            return this._processResponse(res, this.requestOptions);\n        });\n    }\n    postJson(requestUrl, obj, additionalHeaders = {}) {\n        return __awaiter(this, void 0, void 0, function* () {\n            const data = JSON.stringify(obj, null, 2);\n            additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n            additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson);\n            const res = yield this.post(requestUrl, data, additionalHeaders);\n            return this._processResponse(res, this.requestOptions);\n        });\n    }\n    putJson(requestUrl, obj, additionalHeaders = {}) {\n        return __awaiter(this, void 0, void 0, function* () {\n            const data = JSON.stringify(obj, null, 2);\n            additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n            additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson);\n            const res = yield this.put(requestUrl, data, additionalHeaders);\n            return this._processResponse(res, this.requestOptions);\n        });\n    }\n    patchJson(requestUrl, obj, additionalHeaders = {}) {\n        return __awaiter(this, void 0, void 0, function* () {\n            const data = JSON.stringify(obj, null, 2);\n            additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson);\n            additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson);\n            const res = yield this.patch(requestUrl, data, additionalHeaders);\n            return this._processResponse(res, this.requestOptions);\n        });\n    }\n    /**\n     * Makes a raw http request.\n     * All other methods such as get, post, patch, and request ultimately call this.\n     * Prefer get, del, post and patch\n     */\n    request(verb, requestUrl, data, headers) {\n        return __awaiter(this, void 0, void 0, function* () {\n            if (this._disposed) {\n                throw new Error('Client has already been disposed.');\n            }\n            const parsedUrl = new URL(requestUrl);\n            let info = this._prepareRequest(verb, parsedUrl, headers);\n            // Only perform retries on reads since writes may not be idempotent.\n            const maxTries = this._allowRetries && RetryableHttpVerbs.includes(verb)\n                ? this._maxRetries + 1\n                : 1;\n            let numTries = 0;\n            let response;\n            do {\n                response = yield this.requestRaw(info, data);\n                // Check if it's an authentication challenge\n                if (response &&\n                    response.message &&\n                    response.message.statusCode === HttpCodes.Unauthorized) {\n                    let authenticationHandler;\n                    for (const handler of this.handlers) {\n                        if (handler.canHandleAuthentication(response)) {\n                            authenticationHandler = handler;\n                            break;\n                        }\n                    }\n                    if (authenticationHandler) {\n                        return authenticationHandler.handleAuthentication(this, info, data);\n                    }\n                    else {\n                        // We have received an unauthorized response but have no handlers to handle it.\n                        // Let the response return to the caller.\n                        return response;\n                    }\n                }\n                let redirectsRemaining = this._maxRedirects;\n                while (response.message.statusCode &&\n                    HttpRedirectCodes.includes(response.message.statusCode) &&\n                    this._allowRedirects &&\n                    redirectsRemaining > 0) {\n                    const redirectUrl = response.message.headers['location'];\n                    if (!redirectUrl) {\n                        // if there's no location to redirect to, we won't\n                        break;\n                    }\n                    const parsedRedirectUrl = new URL(redirectUrl);\n                    if (parsedUrl.protocol === 'https:' &&\n                        parsedUrl.protocol !== parsedRedirectUrl.protocol &&\n                        !this._allowRedirectDowngrade) {\n                        throw new Error('Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.');\n                    }\n                    // we need to finish reading the response before reassigning response\n                    // which will leak the open socket.\n                    yield response.readBody();\n                    // strip authorization header if redirected to a different hostname\n                    if (parsedRedirectUrl.hostname !== parsedUrl.hostname) {\n                        for (const header in headers) {\n                            // header names are case insensitive\n                            if (header.toLowerCase() === 'authorization') {\n                                delete headers[header];\n                            }\n                        }\n                    }\n                    // let's make the request with the new redirectUrl\n                    info = this._prepareRequest(verb, parsedRedirectUrl, headers);\n                    response = yield this.requestRaw(info, data);\n                    redirectsRemaining--;\n                }\n                if (!response.message.statusCode ||\n                    !HttpResponseRetryCodes.includes(response.message.statusCode)) {\n                    // If not a retry code, return immediately instead of retrying\n                    return response;\n                }\n                numTries += 1;\n                if (numTries < maxTries) {\n                    yield response.readBody();\n                    yield this._performExponentialBackoff(numTries);\n                }\n            } while (numTries < maxTries);\n            return response;\n        });\n    }\n    /**\n     * Needs to be called if keepAlive is set to true in request options.\n     */\n    dispose() {\n        if (this._agent) {\n            this._agent.destroy();\n        }\n        this._disposed = true;\n    }\n    /**\n     * Raw request.\n     * @param info\n     * @param data\n     */\n    requestRaw(info, data) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return new Promise((resolve, reject) => {\n                function callbackForResult(err, res) {\n                    if (err) {\n                        reject(err);\n                    }\n                    else if (!res) {\n                        // If `err` is not passed, then `res` must be passed.\n                        reject(new Error('Unknown error'));\n                    }\n                    else {\n                        resolve(res);\n                    }\n                }\n                this.requestRawWithCallback(info, data, callbackForResult);\n            });\n        });\n    }\n    /**\n     * Raw request with callback.\n     * @param info\n     * @param data\n     * @param onResult\n     */\n    requestRawWithCallback(info, data, onResult) {\n        if (typeof data === 'string') {\n            if (!info.options.headers) {\n                info.options.headers = {};\n            }\n            info.options.headers['Content-Length'] = Buffer.byteLength(data, 'utf8');\n        }\n        let callbackCalled = false;\n        function handleResult(err, res) {\n            if (!callbackCalled) {\n                callbackCalled = true;\n                onResult(err, res);\n            }\n        }\n        const req = info.httpModule.request(info.options, (msg) => {\n            const res = new HttpClientResponse(msg);\n            handleResult(undefined, res);\n        });\n        let socket;\n        req.on('socket', sock => {\n            socket = sock;\n        });\n        // If we ever get disconnected, we want the socket to timeout eventually\n        req.setTimeout(this._socketTimeout || 3 * 60000, () => {\n            if (socket) {\n                socket.end();\n            }\n            handleResult(new Error(`Request timeout: ${info.options.path}`));\n        });\n        req.on('error', function (err) {\n            // err has statusCode property\n            // res should have headers\n            handleResult(err);\n        });\n        if (data && typeof data === 'string') {\n            req.write(data, 'utf8');\n        }\n        if (data && typeof data !== 'string') {\n            data.on('close', function () {\n                req.end();\n            });\n            data.pipe(req);\n        }\n        else {\n            req.end();\n        }\n    }\n    /**\n     * Gets an http agent. This function is useful when you need an http agent that handles\n     * routing through a proxy server - depending upon the url and proxy environment variables.\n     * @param serverUrl  The server URL where the request will be sent. For example, https://api.github.com\n     */\n    getAgent(serverUrl) {\n        const parsedUrl = new URL(serverUrl);\n        return this._getAgent(parsedUrl);\n    }\n    _prepareRequest(method, requestUrl, headers) {\n        const info = {};\n        info.parsedUrl = requestUrl;\n        const usingSsl = info.parsedUrl.protocol === 'https:';\n        info.httpModule = usingSsl ? https : http;\n        const defaultPort = usingSsl ? 443 : 80;\n        info.options = {};\n        info.options.host = info.parsedUrl.hostname;\n        info.options.port = info.parsedUrl.port\n            ? parseInt(info.parsedUrl.port)\n            : defaultPort;\n        info.options.path =\n            (info.parsedUrl.pathname || '') + (info.parsedUrl.search || '');\n        info.options.method = method;\n        info.options.headers = this._mergeHeaders(headers);\n        if (this.userAgent != null) {\n            info.options.headers['user-agent'] = this.userAgent;\n        }\n        info.options.agent = this._getAgent(info.parsedUrl);\n        // gives handlers an opportunity to participate\n        if (this.handlers) {\n            for (const handler of this.handlers) {\n                handler.prepareRequest(info.options);\n            }\n        }\n        return info;\n    }\n    _mergeHeaders(headers) {\n        if (this.requestOptions && this.requestOptions.headers) {\n            return Object.assign({}, lowercaseKeys(this.requestOptions.headers), lowercaseKeys(headers || {}));\n        }\n        return lowercaseKeys(headers || {});\n    }\n    _getExistingOrDefaultHeader(additionalHeaders, header, _default) {\n        let clientHeader;\n        if (this.requestOptions && this.requestOptions.headers) {\n            clientHeader = lowercaseKeys(this.requestOptions.headers)[header];\n        }\n        return additionalHeaders[header] || clientHeader || _default;\n    }\n    _getAgent(parsedUrl) {\n        let agent;\n        const proxyUrl = pm.getProxyUrl(parsedUrl);\n        const useProxy = proxyUrl && proxyUrl.hostname;\n        if (this._keepAlive && useProxy) {\n            agent = this._proxyAgent;\n        }\n        if (this._keepAlive && !useProxy) {\n            agent = this._agent;\n        }\n        // if agent is already assigned use that agent.\n        if (agent) {\n            return agent;\n        }\n        const usingSsl = parsedUrl.protocol === 'https:';\n        let maxSockets = 100;\n        if (this.requestOptions) {\n            maxSockets = this.requestOptions.maxSockets || http.globalAgent.maxSockets;\n        }\n        // This is `useProxy` again, but we need to check `proxyURl` directly for TypeScripts's flow analysis.\n        if (proxyUrl && proxyUrl.hostname) {\n            const agentOptions = {\n                maxSockets,\n                keepAlive: this._keepAlive,\n                proxy: Object.assign(Object.assign({}, ((proxyUrl.username || proxyUrl.password) && {\n                    proxyAuth: `${proxyUrl.username}:${proxyUrl.password}`\n                })), { host: proxyUrl.hostname, port: proxyUrl.port })\n            };\n            let tunnelAgent;\n            const overHttps = proxyUrl.protocol === 'https:';\n            if (usingSsl) {\n                tunnelAgent = overHttps ? tunnel.httpsOverHttps : tunnel.httpsOverHttp;\n            }\n            else {\n                tunnelAgent = overHttps ? tunnel.httpOverHttps : tunnel.httpOverHttp;\n            }\n            agent = tunnelAgent(agentOptions);\n            this._proxyAgent = agent;\n        }\n        // if reusing agent across request and tunneling agent isn't assigned create a new agent\n        if (this._keepAlive && !agent) {\n            const options = { keepAlive: this._keepAlive, maxSockets };\n            agent = usingSsl ? new https.Agent(options) : new http.Agent(options);\n            this._agent = agent;\n        }\n        // if not using private agent and tunnel agent isn't setup then use global agent\n        if (!agent) {\n            agent = usingSsl ? https.globalAgent : http.globalAgent;\n        }\n        if (usingSsl && this._ignoreSslError) {\n            // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process\n            // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options\n            // we have to cast it to any and change it directly\n            agent.options = Object.assign(agent.options || {}, {\n                rejectUnauthorized: false\n            });\n        }\n        return agent;\n    }\n    _performExponentialBackoff(retryNumber) {\n        return __awaiter(this, void 0, void 0, function* () {\n            retryNumber = Math.min(ExponentialBackoffCeiling, retryNumber);\n            const ms = ExponentialBackoffTimeSlice * Math.pow(2, retryNumber);\n            return new Promise(resolve => setTimeout(() => resolve(), ms));\n        });\n    }\n    _processResponse(res, options) {\n        return __awaiter(this, void 0, void 0, function* () {\n            return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () {\n                const statusCode = res.message.statusCode || 0;\n                const response = {\n                    statusCode,\n                    result: null,\n                    headers: {}\n                };\n                // not found leads to null obj returned\n                if (statusCode === HttpCodes.NotFound) {\n                    resolve(response);\n                }\n                // get the result from the body\n                function dateTimeDeserializer(key, value) {\n                    if (typeof value === 'string') {\n                        const a = new Date(value);\n                        if (!isNaN(a.valueOf())) {\n                            return a;\n                        }\n                    }\n                    return value;\n                }\n                let obj;\n                let contents;\n                try {\n                    contents = yield res.readBody();\n                    if (contents && contents.length > 0) {\n                        if (options && options.deserializeDates) {\n                            obj = JSON.parse(contents, dateTimeDeserializer);\n                        }\n                        else {\n                            obj = JSON.parse(contents);\n                        }\n                        response.result = obj;\n                    }\n                    response.headers = res.message.headers;\n                }\n                catch (err) {\n                    // Invalid resource (contents not json);  leaving result obj null\n                }\n                // note that 3xx redirects are handled by the http layer.\n                if (statusCode > 299) {\n                    let msg;\n                    // if exception/error in body, attempt to get better error\n                    if (obj && obj.message) {\n                        msg = obj.message;\n                    }\n                    else if (contents && contents.length > 0) {\n                        // it may be the case that the exception is in the body message as string\n                        msg = contents;\n                    }\n                    else {\n                        msg = `Failed request: (${statusCode})`;\n                    }\n                    const err = new HttpClientError(msg, statusCode);\n                    err.result = response.result;\n                    reject(err);\n                }\n                else {\n                    resolve(response);\n                }\n            }));\n        });\n    }\n}\nexports.HttpClient = HttpClient;\nconst lowercaseKeys = (obj) => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {});\n//# sourceMappingURL=index.js.map","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.checkBypass = exports.getProxyUrl = void 0;\nfunction getProxyUrl(reqUrl) {\n    const usingSsl = reqUrl.protocol === 'https:';\n    if (checkBypass(reqUrl)) {\n        return undefined;\n    }\n    const proxyVar = (() => {\n        if (usingSsl) {\n            return process.env['https_proxy'] || process.env['HTTPS_PROXY'];\n        }\n        else {\n            return process.env['http_proxy'] || process.env['HTTP_PROXY'];\n        }\n    })();\n    if (proxyVar) {\n        return new URL(proxyVar);\n    }\n    else {\n        return undefined;\n    }\n}\nexports.getProxyUrl = getProxyUrl;\nfunction checkBypass(reqUrl) {\n    if (!reqUrl.hostname) {\n        return false;\n    }\n    const noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || '';\n    if (!noProxy) {\n        return false;\n    }\n    // Determine the request port\n    let reqPort;\n    if (reqUrl.port) {\n        reqPort = Number(reqUrl.port);\n    }\n    else if (reqUrl.protocol === 'http:') {\n        reqPort = 80;\n    }\n    else if (reqUrl.protocol === 'https:') {\n        reqPort = 443;\n    }\n    // Format the request hostname and hostname with port\n    const upperReqHosts = [reqUrl.hostname.toUpperCase()];\n    if (typeof reqPort === 'number') {\n        upperReqHosts.push(`${upperReqHosts[0]}:${reqPort}`);\n    }\n    // Compare request host against noproxy\n    for (const upperNoProxyItem of noProxy\n        .split(',')\n        .map(x => x.trim().toUpperCase())\n        .filter(x => x)) {\n        if (upperReqHosts.some(x => x === upperNoProxyItem)) {\n            return true;\n        }\n    }\n    return false;\n}\nexports.checkBypass = checkBypass;\n//# sourceMappingURL=proxy.js.map","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\n\nmodule.exports = {\n\n  newInvalidAsn1Error: function (msg) {\n    var e = new Error();\n    e.name = 'InvalidAsn1Error';\n    e.message = msg || '';\n    return e;\n  }\n\n};\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\nvar errors = require('./errors');\nvar types = require('./types');\n\nvar Reader = require('./reader');\nvar Writer = require('./writer');\n\n\n// --- Exports\n\nmodule.exports = {\n\n  Reader: Reader,\n\n  Writer: Writer\n\n};\n\nfor (var t in types) {\n  if (types.hasOwnProperty(t))\n    module.exports[t] = types[t];\n}\nfor (var e in errors) {\n  if (errors.hasOwnProperty(e))\n    module.exports[e] = errors[e];\n}\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\nvar assert = require('assert');\nvar Buffer = require('safer-buffer').Buffer;\n\nvar ASN1 = require('./types');\nvar errors = require('./errors');\n\n\n// --- Globals\n\nvar newInvalidAsn1Error = errors.newInvalidAsn1Error;\n\n\n\n// --- API\n\nfunction Reader(data) {\n  if (!data || !Buffer.isBuffer(data))\n    throw new TypeError('data must be a node Buffer');\n\n  this._buf = data;\n  this._size = data.length;\n\n  // These hold the \"current\" state\n  this._len = 0;\n  this._offset = 0;\n}\n\nObject.defineProperty(Reader.prototype, 'length', {\n  enumerable: true,\n  get: function () { return (this._len); }\n});\n\nObject.defineProperty(Reader.prototype, 'offset', {\n  enumerable: true,\n  get: function () { return (this._offset); }\n});\n\nObject.defineProperty(Reader.prototype, 'remain', {\n  get: function () { return (this._size - this._offset); }\n});\n\nObject.defineProperty(Reader.prototype, 'buffer', {\n  get: function () { return (this._buf.slice(this._offset)); }\n});\n\n\n/**\n * Reads a single byte and advances offset; you can pass in `true` to make this\n * a \"peek\" operation (i.e., get the byte, but don't advance the offset).\n *\n * @param {Boolean} peek true means don't move offset.\n * @return {Number} the next byte, null if not enough data.\n */\nReader.prototype.readByte = function (peek) {\n  if (this._size - this._offset < 1)\n    return null;\n\n  var b = this._buf[this._offset] & 0xff;\n\n  if (!peek)\n    this._offset += 1;\n\n  return b;\n};\n\n\nReader.prototype.peek = function () {\n  return this.readByte(true);\n};\n\n\n/**\n * Reads a (potentially) variable length off the BER buffer.  This call is\n * not really meant to be called directly, as callers have to manipulate\n * the internal buffer afterwards.\n *\n * As a result of this call, you can call `Reader.length`, until the\n * next thing called that does a readLength.\n *\n * @return {Number} the amount of offset to advance the buffer.\n * @throws {InvalidAsn1Error} on bad ASN.1\n */\nReader.prototype.readLength = function (offset) {\n  if (offset === undefined)\n    offset = this._offset;\n\n  if (offset >= this._size)\n    return null;\n\n  var lenB = this._buf[offset++] & 0xff;\n  if (lenB === null)\n    return null;\n\n  if ((lenB & 0x80) === 0x80) {\n    lenB &= 0x7f;\n\n    if (lenB === 0)\n      throw newInvalidAsn1Error('Indefinite length not supported');\n\n    if (lenB > 4)\n      throw newInvalidAsn1Error('encoding too long');\n\n    if (this._size - offset < lenB)\n      return null;\n\n    this._len = 0;\n    for (var i = 0; i < lenB; i++)\n      this._len = (this._len << 8) + (this._buf[offset++] & 0xff);\n\n  } else {\n    // Wasn't a variable length\n    this._len = lenB;\n  }\n\n  return offset;\n};\n\n\n/**\n * Parses the next sequence in this BER buffer.\n *\n * To get the length of the sequence, call `Reader.length`.\n *\n * @return {Number} the sequence's tag.\n */\nReader.prototype.readSequence = function (tag) {\n  var seq = this.peek();\n  if (seq === null)\n    return null;\n  if (tag !== undefined && tag !== seq)\n    throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n                              ': got 0x' + seq.toString(16));\n\n  var o = this.readLength(this._offset + 1); // stored in `length`\n  if (o === null)\n    return null;\n\n  this._offset = o;\n  return seq;\n};\n\n\nReader.prototype.readInt = function () {\n  return this._readTag(ASN1.Integer);\n};\n\n\nReader.prototype.readBoolean = function () {\n  return (this._readTag(ASN1.Boolean) === 0 ? false : true);\n};\n\n\nReader.prototype.readEnumeration = function () {\n  return this._readTag(ASN1.Enumeration);\n};\n\n\nReader.prototype.readString = function (tag, retbuf) {\n  if (!tag)\n    tag = ASN1.OctetString;\n\n  var b = this.peek();\n  if (b === null)\n    return null;\n\n  if (b !== tag)\n    throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n                              ': got 0x' + b.toString(16));\n\n  var o = this.readLength(this._offset + 1); // stored in `length`\n\n  if (o === null)\n    return null;\n\n  if (this.length > this._size - o)\n    return null;\n\n  this._offset = o;\n\n  if (this.length === 0)\n    return retbuf ? Buffer.alloc(0) : '';\n\n  var str = this._buf.slice(this._offset, this._offset + this.length);\n  this._offset += this.length;\n\n  return retbuf ? str : str.toString('utf8');\n};\n\nReader.prototype.readOID = function (tag) {\n  if (!tag)\n    tag = ASN1.OID;\n\n  var b = this.readString(tag, true);\n  if (b === null)\n    return null;\n\n  var values = [];\n  var value = 0;\n\n  for (var i = 0; i < b.length; i++) {\n    var byte = b[i] & 0xff;\n\n    value <<= 7;\n    value += byte & 0x7f;\n    if ((byte & 0x80) === 0) {\n      values.push(value);\n      value = 0;\n    }\n  }\n\n  value = values.shift();\n  values.unshift(value % 40);\n  values.unshift((value / 40) >> 0);\n\n  return values.join('.');\n};\n\n\nReader.prototype._readTag = function (tag) {\n  assert.ok(tag !== undefined);\n\n  var b = this.peek();\n\n  if (b === null)\n    return null;\n\n  if (b !== tag)\n    throw newInvalidAsn1Error('Expected 0x' + tag.toString(16) +\n                              ': got 0x' + b.toString(16));\n\n  var o = this.readLength(this._offset + 1); // stored in `length`\n  if (o === null)\n    return null;\n\n  if (this.length > 4)\n    throw newInvalidAsn1Error('Integer too long: ' + this.length);\n\n  if (this.length > this._size - o)\n    return null;\n  this._offset = o;\n\n  var fb = this._buf[this._offset];\n  var value = 0;\n\n  for (var i = 0; i < this.length; i++) {\n    value <<= 8;\n    value |= (this._buf[this._offset++] & 0xff);\n  }\n\n  if ((fb & 0x80) === 0x80 && i !== 4)\n    value -= (1 << (i * 8));\n\n  return value >> 0;\n};\n\n\n\n// --- Exported API\n\nmodule.exports = Reader;\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\n\nmodule.exports = {\n  EOC: 0,\n  Boolean: 1,\n  Integer: 2,\n  BitString: 3,\n  OctetString: 4,\n  Null: 5,\n  OID: 6,\n  ObjectDescriptor: 7,\n  External: 8,\n  Real: 9, // float\n  Enumeration: 10,\n  PDV: 11,\n  Utf8String: 12,\n  RelativeOID: 13,\n  Sequence: 16,\n  Set: 17,\n  NumericString: 18,\n  PrintableString: 19,\n  T61String: 20,\n  VideotexString: 21,\n  IA5String: 22,\n  UTCTime: 23,\n  GeneralizedTime: 24,\n  GraphicString: 25,\n  VisibleString: 26,\n  GeneralString: 28,\n  UniversalString: 29,\n  CharacterString: 30,\n  BMPString: 31,\n  Constructor: 32,\n  Context: 128\n};\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\nvar assert = require('assert');\nvar Buffer = require('safer-buffer').Buffer;\nvar ASN1 = require('./types');\nvar errors = require('./errors');\n\n\n// --- Globals\n\nvar newInvalidAsn1Error = errors.newInvalidAsn1Error;\n\nvar DEFAULT_OPTS = {\n  size: 1024,\n  growthFactor: 8\n};\n\n\n// --- Helpers\n\nfunction merge(from, to) {\n  assert.ok(from);\n  assert.equal(typeof (from), 'object');\n  assert.ok(to);\n  assert.equal(typeof (to), 'object');\n\n  var keys = Object.getOwnPropertyNames(from);\n  keys.forEach(function (key) {\n    if (to[key])\n      return;\n\n    var value = Object.getOwnPropertyDescriptor(from, key);\n    Object.defineProperty(to, key, value);\n  });\n\n  return to;\n}\n\n\n\n// --- API\n\nfunction Writer(options) {\n  options = merge(DEFAULT_OPTS, options || {});\n\n  this._buf = Buffer.alloc(options.size || 1024);\n  this._size = this._buf.length;\n  this._offset = 0;\n  this._options = options;\n\n  // A list of offsets in the buffer where we need to insert\n  // sequence tag/len pairs.\n  this._seq = [];\n}\n\nObject.defineProperty(Writer.prototype, 'buffer', {\n  get: function () {\n    if (this._seq.length)\n      throw newInvalidAsn1Error(this._seq.length + ' unended sequence(s)');\n\n    return (this._buf.slice(0, this._offset));\n  }\n});\n\nWriter.prototype.writeByte = function (b) {\n  if (typeof (b) !== 'number')\n    throw new TypeError('argument must be a Number');\n\n  this._ensure(1);\n  this._buf[this._offset++] = b;\n};\n\n\nWriter.prototype.writeInt = function (i, tag) {\n  if (typeof (i) !== 'number')\n    throw new TypeError('argument must be a Number');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.Integer;\n\n  var sz = 4;\n\n  while ((((i & 0xff800000) === 0) || ((i & 0xff800000) === 0xff800000 >> 0)) &&\n        (sz > 1)) {\n    sz--;\n    i <<= 8;\n  }\n\n  if (sz > 4)\n    throw newInvalidAsn1Error('BER ints cannot be > 0xffffffff');\n\n  this._ensure(2 + sz);\n  this._buf[this._offset++] = tag;\n  this._buf[this._offset++] = sz;\n\n  while (sz-- > 0) {\n    this._buf[this._offset++] = ((i & 0xff000000) >>> 24);\n    i <<= 8;\n  }\n\n};\n\n\nWriter.prototype.writeNull = function () {\n  this.writeByte(ASN1.Null);\n  this.writeByte(0x00);\n};\n\n\nWriter.prototype.writeEnumeration = function (i, tag) {\n  if (typeof (i) !== 'number')\n    throw new TypeError('argument must be a Number');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.Enumeration;\n\n  return this.writeInt(i, tag);\n};\n\n\nWriter.prototype.writeBoolean = function (b, tag) {\n  if (typeof (b) !== 'boolean')\n    throw new TypeError('argument must be a Boolean');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.Boolean;\n\n  this._ensure(3);\n  this._buf[this._offset++] = tag;\n  this._buf[this._offset++] = 0x01;\n  this._buf[this._offset++] = b ? 0xff : 0x00;\n};\n\n\nWriter.prototype.writeString = function (s, tag) {\n  if (typeof (s) !== 'string')\n    throw new TypeError('argument must be a string (was: ' + typeof (s) + ')');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.OctetString;\n\n  var len = Buffer.byteLength(s);\n  this.writeByte(tag);\n  this.writeLength(len);\n  if (len) {\n    this._ensure(len);\n    this._buf.write(s, this._offset);\n    this._offset += len;\n  }\n};\n\n\nWriter.prototype.writeBuffer = function (buf, tag) {\n  if (typeof (tag) !== 'number')\n    throw new TypeError('tag must be a number');\n  if (!Buffer.isBuffer(buf))\n    throw new TypeError('argument must be a buffer');\n\n  this.writeByte(tag);\n  this.writeLength(buf.length);\n  this._ensure(buf.length);\n  buf.copy(this._buf, this._offset, 0, buf.length);\n  this._offset += buf.length;\n};\n\n\nWriter.prototype.writeStringArray = function (strings) {\n  if ((!strings instanceof Array))\n    throw new TypeError('argument must be an Array[String]');\n\n  var self = this;\n  strings.forEach(function (s) {\n    self.writeString(s);\n  });\n};\n\n// This is really to solve DER cases, but whatever for now\nWriter.prototype.writeOID = function (s, tag) {\n  if (typeof (s) !== 'string')\n    throw new TypeError('argument must be a string');\n  if (typeof (tag) !== 'number')\n    tag = ASN1.OID;\n\n  if (!/^([0-9]+\\.){3,}[0-9]+$/.test(s))\n    throw new Error('argument is not a valid OID string');\n\n  function encodeOctet(bytes, octet) {\n    if (octet < 128) {\n        bytes.push(octet);\n    } else if (octet < 16384) {\n        bytes.push((octet >>> 7) | 0x80);\n        bytes.push(octet & 0x7F);\n    } else if (octet < 2097152) {\n      bytes.push((octet >>> 14) | 0x80);\n      bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n      bytes.push(octet & 0x7F);\n    } else if (octet < 268435456) {\n      bytes.push((octet >>> 21) | 0x80);\n      bytes.push(((octet >>> 14) | 0x80) & 0xFF);\n      bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n      bytes.push(octet & 0x7F);\n    } else {\n      bytes.push(((octet >>> 28) | 0x80) & 0xFF);\n      bytes.push(((octet >>> 21) | 0x80) & 0xFF);\n      bytes.push(((octet >>> 14) | 0x80) & 0xFF);\n      bytes.push(((octet >>> 7) | 0x80) & 0xFF);\n      bytes.push(octet & 0x7F);\n    }\n  }\n\n  var tmp = s.split('.');\n  var bytes = [];\n  bytes.push(parseInt(tmp[0], 10) * 40 + parseInt(tmp[1], 10));\n  tmp.slice(2).forEach(function (b) {\n    encodeOctet(bytes, parseInt(b, 10));\n  });\n\n  var self = this;\n  this._ensure(2 + bytes.length);\n  this.writeByte(tag);\n  this.writeLength(bytes.length);\n  bytes.forEach(function (b) {\n    self.writeByte(b);\n  });\n};\n\n\nWriter.prototype.writeLength = function (len) {\n  if (typeof (len) !== 'number')\n    throw new TypeError('argument must be a Number');\n\n  this._ensure(4);\n\n  if (len <= 0x7f) {\n    this._buf[this._offset++] = len;\n  } else if (len <= 0xff) {\n    this._buf[this._offset++] = 0x81;\n    this._buf[this._offset++] = len;\n  } else if (len <= 0xffff) {\n    this._buf[this._offset++] = 0x82;\n    this._buf[this._offset++] = len >> 8;\n    this._buf[this._offset++] = len;\n  } else if (len <= 0xffffff) {\n    this._buf[this._offset++] = 0x83;\n    this._buf[this._offset++] = len >> 16;\n    this._buf[this._offset++] = len >> 8;\n    this._buf[this._offset++] = len;\n  } else {\n    throw newInvalidAsn1Error('Length too long (> 4 bytes)');\n  }\n};\n\nWriter.prototype.startSequence = function (tag) {\n  if (typeof (tag) !== 'number')\n    tag = ASN1.Sequence | ASN1.Constructor;\n\n  this.writeByte(tag);\n  this._seq.push(this._offset);\n  this._ensure(3);\n  this._offset += 3;\n};\n\n\nWriter.prototype.endSequence = function () {\n  var seq = this._seq.pop();\n  var start = seq + 3;\n  var len = this._offset - start;\n\n  if (len <= 0x7f) {\n    this._shift(start, len, -2);\n    this._buf[seq] = len;\n  } else if (len <= 0xff) {\n    this._shift(start, len, -1);\n    this._buf[seq] = 0x81;\n    this._buf[seq + 1] = len;\n  } else if (len <= 0xffff) {\n    this._buf[seq] = 0x82;\n    this._buf[seq + 1] = len >> 8;\n    this._buf[seq + 2] = len;\n  } else if (len <= 0xffffff) {\n    this._shift(start, len, 1);\n    this._buf[seq] = 0x83;\n    this._buf[seq + 1] = len >> 16;\n    this._buf[seq + 2] = len >> 8;\n    this._buf[seq + 3] = len;\n  } else {\n    throw newInvalidAsn1Error('Sequence too long');\n  }\n};\n\n\nWriter.prototype._shift = function (start, len, shift) {\n  assert.ok(start !== undefined);\n  assert.ok(len !== undefined);\n  assert.ok(shift);\n\n  this._buf.copy(this._buf, start + shift, start, start + len);\n  this._offset += shift;\n};\n\nWriter.prototype._ensure = function (len) {\n  assert.ok(len);\n\n  if (this._size - this._offset < len) {\n    var sz = this._size * this._options.growthFactor;\n    if (sz - this._offset < len)\n      sz += len;\n\n    var buf = Buffer.alloc(sz);\n\n    this._buf.copy(buf, 0, 0, this._offset);\n    this._buf = buf;\n    this._size = sz;\n  }\n};\n\n\n\n// --- Exported API\n\nmodule.exports = Writer;\n","// Copyright 2011 Mark Cavage <mcavage@gmail.com> All rights reserved.\n\n// If you have no idea what ASN.1 or BER is, see this:\n// ftp://ftp.rsa.com/pub/pkcs/ascii/layman.asc\n\nvar Ber = require('./ber/index');\n\n\n\n// --- Exported API\n\nmodule.exports = {\n\n  Ber: Ber,\n\n  BerReader: Ber.Reader,\n\n  BerWriter: Ber.Writer\n\n};\n","'use strict';\n\nvar crypto_hash_sha512 = require('tweetnacl').lowlevel.crypto_hash;\n\n/*\n * This file is a 1:1 port from the OpenBSD blowfish.c and bcrypt_pbkdf.c. As a\n * result, it retains the original copyright and license. The two files are\n * under slightly different (but compatible) licenses, and are here combined in\n * one file.\n *\n * Credit for the actual porting work goes to:\n *  Devi Mandiri <me@devi.web.id>\n */\n\n/*\n * The Blowfish portions are under the following license:\n *\n * Blowfish block cipher for OpenBSD\n * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>\n * All rights reserved.\n *\n * Implementation advice by David Mazieres <dm@lcs.mit.edu>.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n *    notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n *    notice, this list of conditions and the following disclaimer in the\n *    documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n *    derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n */\n\n/*\n * The bcrypt_pbkdf portions are under the following license:\n *\n * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>\n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n/*\n * Performance improvements (Javascript-specific):\n *\n * Copyright 2016, Joyent Inc\n * Author: Alex Wilson <alex.wilson@joyent.com>\n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n// Ported from OpenBSD bcrypt_pbkdf.c v1.9\n\nvar BLF_J = 0;\n\nvar Blowfish = function() {\n  this.S = [\n    new Uint32Array([\n      0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7,\n      0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99,\n      0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16,\n      0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e,\n      0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee,\n      0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013,\n      0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef,\n      0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e,\n      0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60,\n      0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440,\n      0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce,\n      0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a,\n      0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e,\n      0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677,\n      0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193,\n      0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032,\n      0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88,\n      0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239,\n      0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e,\n      0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0,\n      0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3,\n      0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98,\n      0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88,\n      0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe,\n      0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6,\n      0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d,\n      0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b,\n      0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7,\n      0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba,\n      0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463,\n      0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f,\n      0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09,\n      0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3,\n      0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb,\n      0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279,\n      0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8,\n      0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab,\n      0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82,\n      0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db,\n      0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573,\n      0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0,\n      0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b,\n      0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790,\n      0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8,\n      0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4,\n      0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0,\n      0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7,\n      0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c,\n      0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad,\n      0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1,\n      0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299,\n      0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9,\n      0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477,\n      0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf,\n      0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49,\n      0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af,\n      0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa,\n      0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5,\n      0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41,\n      0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915,\n      0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400,\n      0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915,\n      0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664,\n      0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a]),\n    new Uint32Array([\n      0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623,\n      0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266,\n      0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1,\n      0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e,\n      0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6,\n      0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1,\n      0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e,\n      0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1,\n      0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737,\n      0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8,\n      0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff,\n      0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd,\n      0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701,\n      0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7,\n      0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41,\n      0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331,\n      0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf,\n      0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af,\n      0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e,\n      0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87,\n      0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c,\n      0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2,\n      0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16,\n      0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd,\n      0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b,\n      0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509,\n      0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e,\n      0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3,\n      0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f,\n      0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a,\n      0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4,\n      0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960,\n      0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66,\n      0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28,\n      0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802,\n      0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84,\n      0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510,\n      0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf,\n      0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14,\n      0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e,\n      0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50,\n      0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7,\n      0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8,\n      0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281,\n      0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99,\n      0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696,\n      0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128,\n      0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73,\n      0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0,\n      0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0,\n      0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105,\n      0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250,\n      0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3,\n      0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285,\n      0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00,\n      0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061,\n      0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb,\n      0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e,\n      0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735,\n      0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc,\n      0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9,\n      0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340,\n      0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20,\n      0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7]),\n    new Uint32Array([\n      0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934,\n      0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068,\n      0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af,\n      0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840,\n      0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45,\n      0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504,\n      0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a,\n      0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb,\n      0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee,\n      0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6,\n      0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42,\n      0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b,\n      0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2,\n      0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb,\n      0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527,\n      0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b,\n      0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33,\n      0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c,\n      0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3,\n      0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc,\n      0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17,\n      0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564,\n      0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b,\n      0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115,\n      0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922,\n      0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728,\n      0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0,\n      0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e,\n      0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37,\n      0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d,\n      0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804,\n      0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b,\n      0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3,\n      0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb,\n      0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d,\n      0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c,\n      0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350,\n      0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9,\n      0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a,\n      0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe,\n      0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d,\n      0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc,\n      0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f,\n      0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61,\n      0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2,\n      0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9,\n      0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2,\n      0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c,\n      0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e,\n      0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633,\n      0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10,\n      0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169,\n      0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52,\n      0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027,\n      0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5,\n      0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62,\n      0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634,\n      0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76,\n      0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24,\n      0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc,\n      0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4,\n      0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c,\n      0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837,\n      0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0]),\n    new Uint32Array([\n      0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b,\n      0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe,\n      0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b,\n      0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4,\n      0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8,\n      0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6,\n      0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304,\n      0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22,\n      0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4,\n      0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6,\n      0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9,\n      0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59,\n      0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593,\n      0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51,\n      0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28,\n      0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c,\n      0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b,\n      0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28,\n      0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c,\n      0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd,\n      0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a,\n      0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319,\n      0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb,\n      0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f,\n      0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991,\n      0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32,\n      0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680,\n      0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166,\n      0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae,\n      0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb,\n      0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5,\n      0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47,\n      0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370,\n      0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d,\n      0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84,\n      0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048,\n      0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8,\n      0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd,\n      0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9,\n      0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7,\n      0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38,\n      0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f,\n      0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c,\n      0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525,\n      0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1,\n      0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442,\n      0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964,\n      0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e,\n      0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8,\n      0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d,\n      0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f,\n      0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299,\n      0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02,\n      0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc,\n      0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614,\n      0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a,\n      0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6,\n      0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b,\n      0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0,\n      0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060,\n      0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e,\n      0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9,\n      0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f,\n      0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6])\n    ];\n  this.P = new Uint32Array([\n    0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344,\n    0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89,\n    0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c,\n    0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917,\n    0x9216d5d9, 0x8979fb1b]);\n};\n\nfunction F(S, x8, i) {\n  return (((S[0][x8[i+3]] +\n            S[1][x8[i+2]]) ^\n            S[2][x8[i+1]]) +\n            S[3][x8[i]]);\n};\n\nBlowfish.prototype.encipher = function(x, x8) {\n  if (x8 === undefined) {\n    x8 = new Uint8Array(x.buffer);\n    if (x.byteOffset !== 0)\n      x8 = x8.subarray(x.byteOffset);\n  }\n  x[0] ^= this.P[0];\n  for (var i = 1; i < 16; i += 2) {\n    x[1] ^= F(this.S, x8, 0) ^ this.P[i];\n    x[0] ^= F(this.S, x8, 4) ^ this.P[i+1];\n  }\n  var t = x[0];\n  x[0] = x[1] ^ this.P[17];\n  x[1] = t;\n};\n\nBlowfish.prototype.decipher = function(x) {\n  var x8 = new Uint8Array(x.buffer);\n  if (x.byteOffset !== 0)\n    x8 = x8.subarray(x.byteOffset);\n  x[0] ^= this.P[17];\n  for (var i = 16; i > 0; i -= 2) {\n    x[1] ^= F(this.S, x8, 0) ^ this.P[i];\n    x[0] ^= F(this.S, x8, 4) ^ this.P[i-1];\n  }\n  var t = x[0];\n  x[0] = x[1] ^ this.P[0];\n  x[1] = t;\n};\n\nfunction stream2word(data, databytes){\n  var i, temp = 0;\n  for (i = 0; i < 4; i++, BLF_J++) {\n    if (BLF_J >= databytes) BLF_J = 0;\n    temp = (temp << 8) | data[BLF_J];\n  }\n  return temp;\n};\n\nBlowfish.prototype.expand0state = function(key, keybytes) {\n  var d = new Uint32Array(2), i, k;\n  var d8 = new Uint8Array(d.buffer);\n\n  for (i = 0, BLF_J = 0; i < 18; i++) {\n    this.P[i] ^= stream2word(key, keybytes);\n  }\n  BLF_J = 0;\n\n  for (i = 0; i < 18; i += 2) {\n    this.encipher(d, d8);\n    this.P[i]   = d[0];\n    this.P[i+1] = d[1];\n  }\n\n  for (i = 0; i < 4; i++) {\n    for (k = 0; k < 256; k += 2) {\n      this.encipher(d, d8);\n      this.S[i][k]   = d[0];\n      this.S[i][k+1] = d[1];\n    }\n  }\n};\n\nBlowfish.prototype.expandstate = function(data, databytes, key, keybytes) {\n  var d = new Uint32Array(2), i, k;\n\n  for (i = 0, BLF_J = 0; i < 18; i++) {\n    this.P[i] ^= stream2word(key, keybytes);\n  }\n\n  for (i = 0, BLF_J = 0; i < 18; i += 2) {\n    d[0] ^= stream2word(data, databytes);\n    d[1] ^= stream2word(data, databytes);\n    this.encipher(d);\n    this.P[i]   = d[0];\n    this.P[i+1] = d[1];\n  }\n\n  for (i = 0; i < 4; i++) {\n    for (k = 0; k < 256; k += 2) {\n      d[0] ^= stream2word(data, databytes);\n      d[1] ^= stream2word(data, databytes);\n      this.encipher(d);\n      this.S[i][k]   = d[0];\n      this.S[i][k+1] = d[1];\n    }\n  }\n  BLF_J = 0;\n};\n\nBlowfish.prototype.enc = function(data, blocks) {\n  for (var i = 0; i < blocks; i++) {\n    this.encipher(data.subarray(i*2));\n  }\n};\n\nBlowfish.prototype.dec = function(data, blocks) {\n  for (var i = 0; i < blocks; i++) {\n    this.decipher(data.subarray(i*2));\n  }\n};\n\nvar BCRYPT_BLOCKS = 8,\n    BCRYPT_HASHSIZE = 32;\n\nfunction bcrypt_hash(sha2pass, sha2salt, out) {\n  var state = new Blowfish(),\n      cdata = new Uint32Array(BCRYPT_BLOCKS), i,\n      ciphertext = new Uint8Array([79,120,121,99,104,114,111,109,97,116,105,\n            99,66,108,111,119,102,105,115,104,83,119,97,116,68,121,110,97,109,\n            105,116,101]); //\"OxychromaticBlowfishSwatDynamite\"\n\n  state.expandstate(sha2salt, 64, sha2pass, 64);\n  for (i = 0; i < 64; i++) {\n    state.expand0state(sha2salt, 64);\n    state.expand0state(sha2pass, 64);\n  }\n\n  for (i = 0; i < BCRYPT_BLOCKS; i++)\n    cdata[i] = stream2word(ciphertext, ciphertext.byteLength);\n  for (i = 0; i < 64; i++)\n    state.enc(cdata, cdata.byteLength / 8);\n\n  for (i = 0; i < BCRYPT_BLOCKS; i++) {\n    out[4*i+3] = cdata[i] >>> 24;\n    out[4*i+2] = cdata[i] >>> 16;\n    out[4*i+1] = cdata[i] >>> 8;\n    out[4*i+0] = cdata[i];\n  }\n};\n\nfunction bcrypt_pbkdf(pass, passlen, salt, saltlen, key, keylen, rounds) {\n  var sha2pass = new Uint8Array(64),\n      sha2salt = new Uint8Array(64),\n      out = new Uint8Array(BCRYPT_HASHSIZE),\n      tmpout = new Uint8Array(BCRYPT_HASHSIZE),\n      countsalt = new Uint8Array(saltlen+4),\n      i, j, amt, stride, dest, count,\n      origkeylen = keylen;\n\n  if (rounds < 1)\n    return -1;\n  if (passlen === 0 || saltlen === 0 || keylen === 0 ||\n      keylen > (out.byteLength * out.byteLength) || saltlen > (1<<20))\n    return -1;\n\n  stride = Math.floor((keylen + out.byteLength - 1) / out.byteLength);\n  amt = Math.floor((keylen + stride - 1) / stride);\n\n  for (i = 0; i < saltlen; i++)\n    countsalt[i] = salt[i];\n\n  crypto_hash_sha512(sha2pass, pass, passlen);\n\n  for (count = 1; keylen > 0; count++) {\n    countsalt[saltlen+0] = count >>> 24;\n    countsalt[saltlen+1] = count >>> 16;\n    countsalt[saltlen+2] = count >>>  8;\n    countsalt[saltlen+3] = count;\n\n    crypto_hash_sha512(sha2salt, countsalt, saltlen + 4);\n    bcrypt_hash(sha2pass, sha2salt, tmpout);\n    for (i = out.byteLength; i--;)\n      out[i] = tmpout[i];\n\n    for (i = 1; i < rounds; i++) {\n      crypto_hash_sha512(sha2salt, tmpout, tmpout.byteLength);\n      bcrypt_hash(sha2pass, sha2salt, tmpout);\n      for (j = 0; j < out.byteLength; j++)\n        out[j] ^= tmpout[j];\n    }\n\n    amt = Math.min(amt, keylen);\n    for (i = 0; i < amt; i++) {\n      dest = i * stride + (count - 1);\n      if (dest >= origkeylen)\n        break;\n      key[dest] = out[i];\n    }\n    keylen -= i;\n  }\n\n  return 0;\n};\n\nmodule.exports = {\n      BLOCKS: BCRYPT_BLOCKS,\n      HASHSIZE: BCRYPT_HASHSIZE,\n      hash: bcrypt_hash,\n      pbkdf: bcrypt_pbkdf\n};\n","'use strict';\n\nconst binding = require('../build/Release/cpufeatures.node');\n\nmodule.exports = binding.getCPUInfo;\n","'use strict';\n\nconst isStream = stream =>\n\tstream !== null &&\n\ttypeof stream === 'object' &&\n\ttypeof stream.pipe === 'function';\n\nisStream.writable = stream =>\n\tisStream(stream) &&\n\tstream.writable !== false &&\n\ttypeof stream._write === 'function' &&\n\ttypeof stream._writableState === 'object';\n\nisStream.readable = stream =>\n\tisStream(stream) &&\n\tstream.readable !== false &&\n\ttypeof stream._read === 'function' &&\n\ttypeof stream._readableState === 'object';\n\nisStream.duplex = stream =>\n\tisStream.writable(stream) &&\n\tisStream.readable(stream);\n\nisStream.transform = stream =>\n\tisStream.duplex(stream) &&\n\ttypeof stream._transform === 'function';\n\nmodule.exports = isStream;\n","'use strict';\nconst fs = require('fs');\nconst path = require('path');\nconst {promisify} = require('util');\nconst semver = require('semver');\n\nconst useNativeRecursiveOption = semver.satisfies(process.version, '>=10.12.0');\n\n// https://github.com/nodejs/node/issues/8987\n// https://github.com/libuv/libuv/pull/1088\nconst checkPath = pth => {\n\tif (process.platform === 'win32') {\n\t\tconst pathHasInvalidWinCharacters = /[<>:\"|?*]/.test(pth.replace(path.parse(pth).root, ''));\n\n\t\tif (pathHasInvalidWinCharacters) {\n\t\t\tconst error = new Error(`Path contains invalid characters: ${pth}`);\n\t\t\terror.code = 'EINVAL';\n\t\t\tthrow error;\n\t\t}\n\t}\n};\n\nconst processOptions = options => {\n\t// https://github.com/sindresorhus/make-dir/issues/18\n\tconst defaults = {\n\t\tmode: 0o777,\n\t\tfs\n\t};\n\n\treturn {\n\t\t...defaults,\n\t\t...options\n\t};\n};\n\nconst permissionError = pth => {\n\t// This replicates the exception of `fs.mkdir` with native the\n\t// `recusive` option when run on an invalid drive under Windows.\n\tconst error = new Error(`operation not permitted, mkdir '${pth}'`);\n\terror.code = 'EPERM';\n\terror.errno = -4048;\n\terror.path = pth;\n\terror.syscall = 'mkdir';\n\treturn error;\n};\n\nconst makeDir = async (input, options) => {\n\tcheckPath(input);\n\toptions = processOptions(options);\n\n\tconst mkdir = promisify(options.fs.mkdir);\n\tconst stat = promisify(options.fs.stat);\n\n\tif (useNativeRecursiveOption && options.fs.mkdir === fs.mkdir) {\n\t\tconst pth = path.resolve(input);\n\n\t\tawait mkdir(pth, {\n\t\t\tmode: options.mode,\n\t\t\trecursive: true\n\t\t});\n\n\t\treturn pth;\n\t}\n\n\tconst make = async pth => {\n\t\ttry {\n\t\t\tawait mkdir(pth, options.mode);\n\n\t\t\treturn pth;\n\t\t} catch (error) {\n\t\t\tif (error.code === 'EPERM') {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\tif (error.code === 'ENOENT') {\n\t\t\t\tif (path.dirname(pth) === pth) {\n\t\t\t\t\tthrow permissionError(pth);\n\t\t\t\t}\n\n\t\t\t\tif (error.message.includes('null bytes')) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\n\t\t\t\tawait make(path.dirname(pth));\n\n\t\t\t\treturn make(pth);\n\t\t\t}\n\n\t\t\ttry {\n\t\t\t\tconst stats = await stat(pth);\n\t\t\t\tif (!stats.isDirectory()) {\n\t\t\t\t\tthrow new Error('The path is not a directory');\n\t\t\t\t}\n\t\t\t} catch (_) {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\treturn pth;\n\t\t}\n\t};\n\n\treturn make(path.resolve(input));\n};\n\nmodule.exports = makeDir;\n\nmodule.exports.sync = (input, options) => {\n\tcheckPath(input);\n\toptions = processOptions(options);\n\n\tif (useNativeRecursiveOption && options.fs.mkdirSync === fs.mkdirSync) {\n\t\tconst pth = path.resolve(input);\n\n\t\tfs.mkdirSync(pth, {\n\t\t\tmode: options.mode,\n\t\t\trecursive: true\n\t\t});\n\n\t\treturn pth;\n\t}\n\n\tconst make = pth => {\n\t\ttry {\n\t\t\toptions.fs.mkdirSync(pth, options.mode);\n\t\t} catch (error) {\n\t\t\tif (error.code === 'EPERM') {\n\t\t\t\tthrow error;\n\t\t\t}\n\n\t\t\tif (error.code === 'ENOENT') {\n\t\t\t\tif (path.dirname(pth) === pth) {\n\t\t\t\t\tthrow permissionError(pth);\n\t\t\t\t}\n\n\t\t\t\tif (error.message.includes('null bytes')) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\n\t\t\t\tmake(path.dirname(pth));\n\t\t\t\treturn make(pth);\n\t\t\t}\n\n\t\t\ttry {\n\t\t\t\tif (!options.fs.statSync(pth).isDirectory()) {\n\t\t\t\t\tthrow new Error('The path is not a directory');\n\t\t\t\t}\n\t\t\t} catch (_) {\n\t\t\t\tthrow error;\n\t\t\t}\n\t\t}\n\n\t\treturn pth;\n\t};\n\n\treturn make(path.resolve(input));\n};\n","/* eslint-disable node/no-deprecated-api */\n\n'use strict'\n\nvar buffer = require('buffer')\nvar Buffer = buffer.Buffer\n\nvar safer = {}\n\nvar key\n\nfor (key in buffer) {\n  if (!buffer.hasOwnProperty(key)) continue\n  if (key === 'SlowBuffer' || key === 'Buffer') continue\n  safer[key] = buffer[key]\n}\n\nvar Safer = safer.Buffer = {}\nfor (key in Buffer) {\n  if (!Buffer.hasOwnProperty(key)) continue\n  if (key === 'allocUnsafe' || key === 'allocUnsafeSlow') continue\n  Safer[key] = Buffer[key]\n}\n\nsafer.Buffer.prototype = Buffer.prototype\n\nif (!Safer.from || Safer.from === Uint8Array.from) {\n  Safer.from = function (value, encodingOrOffset, length) {\n    if (typeof value === 'number') {\n      throw new TypeError('The \"value\" argument must not be of type number. Received type ' + typeof value)\n    }\n    if (value && typeof value.length === 'undefined') {\n      throw new TypeError('The first argument must be one of type string, Buffer, ArrayBuffer, Array, or Array-like Object. Received type ' + typeof value)\n    }\n    return Buffer(value, encodingOrOffset, length)\n  }\n}\n\nif (!Safer.alloc) {\n  Safer.alloc = function (size, fill, encoding) {\n    if (typeof size !== 'number') {\n      throw new TypeError('The \"size\" argument must be of type number. Received type ' + typeof size)\n    }\n    if (size < 0 || size >= 2 * (1 << 30)) {\n      throw new RangeError('The value \"' + size + '\" is invalid for option \"size\"')\n    }\n    var buf = Buffer(size)\n    if (!fill || fill.length === 0) {\n      buf.fill(0)\n    } else if (typeof encoding === 'string') {\n      buf.fill(fill, encoding)\n    } else {\n      buf.fill(fill)\n    }\n    return buf\n  }\n}\n\nif (!safer.kStringMaxLength) {\n  try {\n    safer.kStringMaxLength = process.binding('buffer').kStringMaxLength\n  } catch (e) {\n    // we can't determine kStringMaxLength in environments where process.binding\n    // is unsupported, so let's not set it\n  }\n}\n\nif (!safer.constants) {\n  safer.constants = {\n    MAX_LENGTH: safer.kMaxLength\n  }\n  if (safer.kStringMaxLength) {\n    safer.constants.MAX_STRING_LENGTH = safer.kStringMaxLength\n  }\n}\n\nmodule.exports = safer\n","exports = module.exports = SemVer\n\nvar debug\n/* istanbul ignore next */\nif (typeof process === 'object' &&\n    process.env &&\n    process.env.NODE_DEBUG &&\n    /\\bsemver\\b/i.test(process.env.NODE_DEBUG)) {\n  debug = function () {\n    var args = Array.prototype.slice.call(arguments, 0)\n    args.unshift('SEMVER')\n    console.log.apply(console, args)\n  }\n} else {\n  debug = function () {}\n}\n\n// Note: this is the semver.org version of the spec that it implements\n// Not necessarily the package version of this code.\nexports.SEMVER_SPEC_VERSION = '2.0.0'\n\nvar MAX_LENGTH = 256\nvar MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER ||\n  /* istanbul ignore next */ 9007199254740991\n\n// Max safe segment length for coercion.\nvar MAX_SAFE_COMPONENT_LENGTH = 16\n\nvar MAX_SAFE_BUILD_LENGTH = MAX_LENGTH - 6\n\n// The actual regexps go on exports.re\nvar re = exports.re = []\nvar safeRe = exports.safeRe = []\nvar src = exports.src = []\nvar t = exports.tokens = {}\nvar R = 0\n\nfunction tok (n) {\n  t[n] = R++\n}\n\nvar LETTERDASHNUMBER = '[a-zA-Z0-9-]'\n\n// Replace some greedy regex tokens to prevent regex dos issues. These regex are\n// used internally via the safeRe object since all inputs in this library get\n// normalized first to trim and collapse all extra whitespace. The original\n// regexes are exported for userland consumption and lower level usage. A\n// future breaking change could export the safer regex only with a note that\n// all input should have extra whitespace removed.\nvar safeRegexReplacements = [\n  ['\\\\s', 1],\n  ['\\\\d', MAX_LENGTH],\n  [LETTERDASHNUMBER, MAX_SAFE_BUILD_LENGTH],\n]\n\nfunction makeSafeRe (value) {\n  for (var i = 0; i < safeRegexReplacements.length; i++) {\n    var token = safeRegexReplacements[i][0]\n    var max = safeRegexReplacements[i][1]\n    value = value\n      .split(token + '*').join(token + '{0,' + max + '}')\n      .split(token + '+').join(token + '{1,' + max + '}')\n  }\n  return value\n}\n\n// The following Regular Expressions can be used for tokenizing,\n// validating, and parsing SemVer version strings.\n\n// ## Numeric Identifier\n// A single `0`, or a non-zero digit followed by zero or more digits.\n\ntok('NUMERICIDENTIFIER')\nsrc[t.NUMERICIDENTIFIER] = '0|[1-9]\\\\d*'\ntok('NUMERICIDENTIFIERLOOSE')\nsrc[t.NUMERICIDENTIFIERLOOSE] = '\\\\d+'\n\n// ## Non-numeric Identifier\n// Zero or more digits, followed by a letter or hyphen, and then zero or\n// more letters, digits, or hyphens.\n\ntok('NONNUMERICIDENTIFIER')\nsrc[t.NONNUMERICIDENTIFIER] = '\\\\d*[a-zA-Z-]' + LETTERDASHNUMBER + '*'\n\n// ## Main Version\n// Three dot-separated numeric identifiers.\n\ntok('MAINVERSION')\nsrc[t.MAINVERSION] = '(' + src[t.NUMERICIDENTIFIER] + ')\\\\.' +\n                   '(' + src[t.NUMERICIDENTIFIER] + ')\\\\.' +\n                   '(' + src[t.NUMERICIDENTIFIER] + ')'\n\ntok('MAINVERSIONLOOSE')\nsrc[t.MAINVERSIONLOOSE] = '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')\\\\.' +\n                        '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')\\\\.' +\n                        '(' + src[t.NUMERICIDENTIFIERLOOSE] + ')'\n\n// ## Pre-release Version Identifier\n// A numeric identifier, or a non-numeric identifier.\n\ntok('PRERELEASEIDENTIFIER')\nsrc[t.PRERELEASEIDENTIFIER] = '(?:' + src[t.NUMERICIDENTIFIER] +\n                            '|' + src[t.NONNUMERICIDENTIFIER] + ')'\n\ntok('PRERELEASEIDENTIFIERLOOSE')\nsrc[t.PRERELEASEIDENTIFIERLOOSE] = '(?:' + src[t.NUMERICIDENTIFIERLOOSE] +\n                                 '|' + src[t.NONNUMERICIDENTIFIER] + ')'\n\n// ## Pre-release Version\n// Hyphen, followed by one or more dot-separated pre-release version\n// identifiers.\n\ntok('PRERELEASE')\nsrc[t.PRERELEASE] = '(?:-(' + src[t.PRERELEASEIDENTIFIER] +\n                  '(?:\\\\.' + src[t.PRERELEASEIDENTIFIER] + ')*))'\n\ntok('PRERELEASELOOSE')\nsrc[t.PRERELEASELOOSE] = '(?:-?(' + src[t.PRERELEASEIDENTIFIERLOOSE] +\n                       '(?:\\\\.' + src[t.PRERELEASEIDENTIFIERLOOSE] + ')*))'\n\n// ## Build Metadata Identifier\n// Any combination of digits, letters, or hyphens.\n\ntok('BUILDIDENTIFIER')\nsrc[t.BUILDIDENTIFIER] = LETTERDASHNUMBER + '+'\n\n// ## Build Metadata\n// Plus sign, followed by one or more period-separated build metadata\n// identifiers.\n\ntok('BUILD')\nsrc[t.BUILD] = '(?:\\\\+(' + src[t.BUILDIDENTIFIER] +\n             '(?:\\\\.' + src[t.BUILDIDENTIFIER] + ')*))'\n\n// ## Full Version String\n// A main version, followed optionally by a pre-release version and\n// build metadata.\n\n// Note that the only major, minor, patch, and pre-release sections of\n// the version string are capturing groups.  The build metadata is not a\n// capturing group, because it should not ever be used in version\n// comparison.\n\ntok('FULL')\ntok('FULLPLAIN')\nsrc[t.FULLPLAIN] = 'v?' + src[t.MAINVERSION] +\n                  src[t.PRERELEASE] + '?' +\n                  src[t.BUILD] + '?'\n\nsrc[t.FULL] = '^' + src[t.FULLPLAIN] + '$'\n\n// like full, but allows v1.2.3 and =1.2.3, which people do sometimes.\n// also, 1.0.0alpha1 (prerelease without the hyphen) which is pretty\n// common in the npm registry.\ntok('LOOSEPLAIN')\nsrc[t.LOOSEPLAIN] = '[v=\\\\s]*' + src[t.MAINVERSIONLOOSE] +\n                  src[t.PRERELEASELOOSE] + '?' +\n                  src[t.BUILD] + '?'\n\ntok('LOOSE')\nsrc[t.LOOSE] = '^' + src[t.LOOSEPLAIN] + '$'\n\ntok('GTLT')\nsrc[t.GTLT] = '((?:<|>)?=?)'\n\n// Something like \"2.*\" or \"1.2.x\".\n// Note that \"x.x\" is a valid xRange identifer, meaning \"any version\"\n// Only the first item is strictly required.\ntok('XRANGEIDENTIFIERLOOSE')\nsrc[t.XRANGEIDENTIFIERLOOSE] = src[t.NUMERICIDENTIFIERLOOSE] + '|x|X|\\\\*'\ntok('XRANGEIDENTIFIER')\nsrc[t.XRANGEIDENTIFIER] = src[t.NUMERICIDENTIFIER] + '|x|X|\\\\*'\n\ntok('XRANGEPLAIN')\nsrc[t.XRANGEPLAIN] = '[v=\\\\s]*(' + src[t.XRANGEIDENTIFIER] + ')' +\n                   '(?:\\\\.(' + src[t.XRANGEIDENTIFIER] + ')' +\n                   '(?:\\\\.(' + src[t.XRANGEIDENTIFIER] + ')' +\n                   '(?:' + src[t.PRERELEASE] + ')?' +\n                   src[t.BUILD] + '?' +\n                   ')?)?'\n\ntok('XRANGEPLAINLOOSE')\nsrc[t.XRANGEPLAINLOOSE] = '[v=\\\\s]*(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n                        '(?:\\\\.(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n                        '(?:\\\\.(' + src[t.XRANGEIDENTIFIERLOOSE] + ')' +\n                        '(?:' + src[t.PRERELEASELOOSE] + ')?' +\n                        src[t.BUILD] + '?' +\n                        ')?)?'\n\ntok('XRANGE')\nsrc[t.XRANGE] = '^' + src[t.GTLT] + '\\\\s*' + src[t.XRANGEPLAIN] + '$'\ntok('XRANGELOOSE')\nsrc[t.XRANGELOOSE] = '^' + src[t.GTLT] + '\\\\s*' + src[t.XRANGEPLAINLOOSE] + '$'\n\n// Coercion.\n// Extract anything that could conceivably be a part of a valid semver\ntok('COERCE')\nsrc[t.COERCE] = '(^|[^\\\\d])' +\n              '(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '})' +\n              '(?:\\\\.(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' +\n              '(?:\\\\.(\\\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' +\n              '(?:$|[^\\\\d])'\ntok('COERCERTL')\nre[t.COERCERTL] = new RegExp(src[t.COERCE], 'g')\nsafeRe[t.COERCERTL] = new RegExp(makeSafeRe(src[t.COERCE]), 'g')\n\n// Tilde ranges.\n// Meaning is \"reasonably at or greater than\"\ntok('LONETILDE')\nsrc[t.LONETILDE] = '(?:~>?)'\n\ntok('TILDETRIM')\nsrc[t.TILDETRIM] = '(\\\\s*)' + src[t.LONETILDE] + '\\\\s+'\nre[t.TILDETRIM] = new RegExp(src[t.TILDETRIM], 'g')\nsafeRe[t.TILDETRIM] = new RegExp(makeSafeRe(src[t.TILDETRIM]), 'g')\nvar tildeTrimReplace = '$1~'\n\ntok('TILDE')\nsrc[t.TILDE] = '^' + src[t.LONETILDE] + src[t.XRANGEPLAIN] + '$'\ntok('TILDELOOSE')\nsrc[t.TILDELOOSE] = '^' + src[t.LONETILDE] + src[t.XRANGEPLAINLOOSE] + '$'\n\n// Caret ranges.\n// Meaning is \"at least and backwards compatible with\"\ntok('LONECARET')\nsrc[t.LONECARET] = '(?:\\\\^)'\n\ntok('CARETTRIM')\nsrc[t.CARETTRIM] = '(\\\\s*)' + src[t.LONECARET] + '\\\\s+'\nre[t.CARETTRIM] = new RegExp(src[t.CARETTRIM], 'g')\nsafeRe[t.CARETTRIM] = new RegExp(makeSafeRe(src[t.CARETTRIM]), 'g')\nvar caretTrimReplace = '$1^'\n\ntok('CARET')\nsrc[t.CARET] = '^' + src[t.LONECARET] + src[t.XRANGEPLAIN] + '$'\ntok('CARETLOOSE')\nsrc[t.CARETLOOSE] = '^' + src[t.LONECARET] + src[t.XRANGEPLAINLOOSE] + '$'\n\n// A simple gt/lt/eq thing, or just \"\" to indicate \"any version\"\ntok('COMPARATORLOOSE')\nsrc[t.COMPARATORLOOSE] = '^' + src[t.GTLT] + '\\\\s*(' + src[t.LOOSEPLAIN] + ')$|^$'\ntok('COMPARATOR')\nsrc[t.COMPARATOR] = '^' + src[t.GTLT] + '\\\\s*(' + src[t.FULLPLAIN] + ')$|^$'\n\n// An expression to strip any whitespace between the gtlt and the thing\n// it modifies, so that `> 1.2.3` ==> `>1.2.3`\ntok('COMPARATORTRIM')\nsrc[t.COMPARATORTRIM] = '(\\\\s*)' + src[t.GTLT] +\n                      '\\\\s*(' + src[t.LOOSEPLAIN] + '|' + src[t.XRANGEPLAIN] + ')'\n\n// this one has to use the /g flag\nre[t.COMPARATORTRIM] = new RegExp(src[t.COMPARATORTRIM], 'g')\nsafeRe[t.COMPARATORTRIM] = new RegExp(makeSafeRe(src[t.COMPARATORTRIM]), 'g')\nvar comparatorTrimReplace = '$1$2$3'\n\n// Something like `1.2.3 - 1.2.4`\n// Note that these all use the loose form, because they'll be\n// checked against either the strict or loose comparator form\n// later.\ntok('HYPHENRANGE')\nsrc[t.HYPHENRANGE] = '^\\\\s*(' + src[t.XRANGEPLAIN] + ')' +\n                   '\\\\s+-\\\\s+' +\n                   '(' + src[t.XRANGEPLAIN] + ')' +\n                   '\\\\s*$'\n\ntok('HYPHENRANGELOOSE')\nsrc[t.HYPHENRANGELOOSE] = '^\\\\s*(' + src[t.XRANGEPLAINLOOSE] + ')' +\n                        '\\\\s+-\\\\s+' +\n                        '(' + src[t.XRANGEPLAINLOOSE] + ')' +\n                        '\\\\s*$'\n\n// Star ranges basically just allow anything at all.\ntok('STAR')\nsrc[t.STAR] = '(<|>)?=?\\\\s*\\\\*'\n\n// Compile to actual regexp objects.\n// All are flag-free, unless they were created above with a flag.\nfor (var i = 0; i < R; i++) {\n  debug(i, src[i])\n  if (!re[i]) {\n    re[i] = new RegExp(src[i])\n\n    // Replace all greedy whitespace to prevent regex dos issues. These regex are\n    // used internally via the safeRe object since all inputs in this library get\n    // normalized first to trim and collapse all extra whitespace. The original\n    // regexes are exported for userland consumption and lower level usage. A\n    // future breaking change could export the safer regex only with a note that\n    // all input should have extra whitespace removed.\n    safeRe[i] = new RegExp(makeSafeRe(src[i]))\n  }\n}\n\nexports.parse = parse\nfunction parse (version, options) {\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n\n  if (version instanceof SemVer) {\n    return version\n  }\n\n  if (typeof version !== 'string') {\n    return null\n  }\n\n  if (version.length > MAX_LENGTH) {\n    return null\n  }\n\n  var r = options.loose ? safeRe[t.LOOSE] : safeRe[t.FULL]\n  if (!r.test(version)) {\n    return null\n  }\n\n  try {\n    return new SemVer(version, options)\n  } catch (er) {\n    return null\n  }\n}\n\nexports.valid = valid\nfunction valid (version, options) {\n  var v = parse(version, options)\n  return v ? v.version : null\n}\n\nexports.clean = clean\nfunction clean (version, options) {\n  var s = parse(version.trim().replace(/^[=v]+/, ''), options)\n  return s ? s.version : null\n}\n\nexports.SemVer = SemVer\n\nfunction SemVer (version, options) {\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n  if (version instanceof SemVer) {\n    if (version.loose === options.loose) {\n      return version\n    } else {\n      version = version.version\n    }\n  } else if (typeof version !== 'string') {\n    throw new TypeError('Invalid Version: ' + version)\n  }\n\n  if (version.length > MAX_LENGTH) {\n    throw new TypeError('version is longer than ' + MAX_LENGTH + ' characters')\n  }\n\n  if (!(this instanceof SemVer)) {\n    return new SemVer(version, options)\n  }\n\n  debug('SemVer', version, options)\n  this.options = options\n  this.loose = !!options.loose\n\n  var m = version.trim().match(options.loose ? safeRe[t.LOOSE] : safeRe[t.FULL])\n\n  if (!m) {\n    throw new TypeError('Invalid Version: ' + version)\n  }\n\n  this.raw = version\n\n  // these are actually numbers\n  this.major = +m[1]\n  this.minor = +m[2]\n  this.patch = +m[3]\n\n  if (this.major > MAX_SAFE_INTEGER || this.major < 0) {\n    throw new TypeError('Invalid major version')\n  }\n\n  if (this.minor > MAX_SAFE_INTEGER || this.minor < 0) {\n    throw new TypeError('Invalid minor version')\n  }\n\n  if (this.patch > MAX_SAFE_INTEGER || this.patch < 0) {\n    throw new TypeError('Invalid patch version')\n  }\n\n  // numberify any prerelease numeric ids\n  if (!m[4]) {\n    this.prerelease = []\n  } else {\n    this.prerelease = m[4].split('.').map(function (id) {\n      if (/^[0-9]+$/.test(id)) {\n        var num = +id\n        if (num >= 0 && num < MAX_SAFE_INTEGER) {\n          return num\n        }\n      }\n      return id\n    })\n  }\n\n  this.build = m[5] ? m[5].split('.') : []\n  this.format()\n}\n\nSemVer.prototype.format = function () {\n  this.version = this.major + '.' + this.minor + '.' + this.patch\n  if (this.prerelease.length) {\n    this.version += '-' + this.prerelease.join('.')\n  }\n  return this.version\n}\n\nSemVer.prototype.toString = function () {\n  return this.version\n}\n\nSemVer.prototype.compare = function (other) {\n  debug('SemVer.compare', this.version, this.options, other)\n  if (!(other instanceof SemVer)) {\n    other = new SemVer(other, this.options)\n  }\n\n  return this.compareMain(other) || this.comparePre(other)\n}\n\nSemVer.prototype.compareMain = function (other) {\n  if (!(other instanceof SemVer)) {\n    other = new SemVer(other, this.options)\n  }\n\n  return compareIdentifiers(this.major, other.major) ||\n         compareIdentifiers(this.minor, other.minor) ||\n         compareIdentifiers(this.patch, other.patch)\n}\n\nSemVer.prototype.comparePre = function (other) {\n  if (!(other instanceof SemVer)) {\n    other = new SemVer(other, this.options)\n  }\n\n  // NOT having a prerelease is > having one\n  if (this.prerelease.length && !other.prerelease.length) {\n    return -1\n  } else if (!this.prerelease.length && other.prerelease.length) {\n    return 1\n  } else if (!this.prerelease.length && !other.prerelease.length) {\n    return 0\n  }\n\n  var i = 0\n  do {\n    var a = this.prerelease[i]\n    var b = other.prerelease[i]\n    debug('prerelease compare', i, a, b)\n    if (a === undefined && b === undefined) {\n      return 0\n    } else if (b === undefined) {\n      return 1\n    } else if (a === undefined) {\n      return -1\n    } else if (a === b) {\n      continue\n    } else {\n      return compareIdentifiers(a, b)\n    }\n  } while (++i)\n}\n\nSemVer.prototype.compareBuild = function (other) {\n  if (!(other instanceof SemVer)) {\n    other = new SemVer(other, this.options)\n  }\n\n  var i = 0\n  do {\n    var a = this.build[i]\n    var b = other.build[i]\n    debug('prerelease compare', i, a, b)\n    if (a === undefined && b === undefined) {\n      return 0\n    } else if (b === undefined) {\n      return 1\n    } else if (a === undefined) {\n      return -1\n    } else if (a === b) {\n      continue\n    } else {\n      return compareIdentifiers(a, b)\n    }\n  } while (++i)\n}\n\n// preminor will bump the version up to the next minor release, and immediately\n// down to pre-release. premajor and prepatch work the same way.\nSemVer.prototype.inc = function (release, identifier) {\n  switch (release) {\n    case 'premajor':\n      this.prerelease.length = 0\n      this.patch = 0\n      this.minor = 0\n      this.major++\n      this.inc('pre', identifier)\n      break\n    case 'preminor':\n      this.prerelease.length = 0\n      this.patch = 0\n      this.minor++\n      this.inc('pre', identifier)\n      break\n    case 'prepatch':\n      // If this is already a prerelease, it will bump to the next version\n      // drop any prereleases that might already exist, since they are not\n      // relevant at this point.\n      this.prerelease.length = 0\n      this.inc('patch', identifier)\n      this.inc('pre', identifier)\n      break\n    // If the input is a non-prerelease version, this acts the same as\n    // prepatch.\n    case 'prerelease':\n      if (this.prerelease.length === 0) {\n        this.inc('patch', identifier)\n      }\n      this.inc('pre', identifier)\n      break\n\n    case 'major':\n      // If this is a pre-major version, bump up to the same major version.\n      // Otherwise increment major.\n      // 1.0.0-5 bumps to 1.0.0\n      // 1.1.0 bumps to 2.0.0\n      if (this.minor !== 0 ||\n          this.patch !== 0 ||\n          this.prerelease.length === 0) {\n        this.major++\n      }\n      this.minor = 0\n      this.patch = 0\n      this.prerelease = []\n      break\n    case 'minor':\n      // If this is a pre-minor version, bump up to the same minor version.\n      // Otherwise increment minor.\n      // 1.2.0-5 bumps to 1.2.0\n      // 1.2.1 bumps to 1.3.0\n      if (this.patch !== 0 || this.prerelease.length === 0) {\n        this.minor++\n      }\n      this.patch = 0\n      this.prerelease = []\n      break\n    case 'patch':\n      // If this is not a pre-release version, it will increment the patch.\n      // If it is a pre-release it will bump up to the same patch version.\n      // 1.2.0-5 patches to 1.2.0\n      // 1.2.0 patches to 1.2.1\n      if (this.prerelease.length === 0) {\n        this.patch++\n      }\n      this.prerelease = []\n      break\n    // This probably shouldn't be used publicly.\n    // 1.0.0 \"pre\" would become 1.0.0-0 which is the wrong direction.\n    case 'pre':\n      if (this.prerelease.length === 0) {\n        this.prerelease = [0]\n      } else {\n        var i = this.prerelease.length\n        while (--i >= 0) {\n          if (typeof this.prerelease[i] === 'number') {\n            this.prerelease[i]++\n            i = -2\n          }\n        }\n        if (i === -1) {\n          // didn't increment anything\n          this.prerelease.push(0)\n        }\n      }\n      if (identifier) {\n        // 1.2.0-beta.1 bumps to 1.2.0-beta.2,\n        // 1.2.0-beta.fooblz or 1.2.0-beta bumps to 1.2.0-beta.0\n        if (this.prerelease[0] === identifier) {\n          if (isNaN(this.prerelease[1])) {\n            this.prerelease = [identifier, 0]\n          }\n        } else {\n          this.prerelease = [identifier, 0]\n        }\n      }\n      break\n\n    default:\n      throw new Error('invalid increment argument: ' + release)\n  }\n  this.format()\n  this.raw = this.version\n  return this\n}\n\nexports.inc = inc\nfunction inc (version, release, loose, identifier) {\n  if (typeof (loose) === 'string') {\n    identifier = loose\n    loose = undefined\n  }\n\n  try {\n    return new SemVer(version, loose).inc(release, identifier).version\n  } catch (er) {\n    return null\n  }\n}\n\nexports.diff = diff\nfunction diff (version1, version2) {\n  if (eq(version1, version2)) {\n    return null\n  } else {\n    var v1 = parse(version1)\n    var v2 = parse(version2)\n    var prefix = ''\n    if (v1.prerelease.length || v2.prerelease.length) {\n      prefix = 'pre'\n      var defaultResult = 'prerelease'\n    }\n    for (var key in v1) {\n      if (key === 'major' || key === 'minor' || key === 'patch') {\n        if (v1[key] !== v2[key]) {\n          return prefix + key\n        }\n      }\n    }\n    return defaultResult // may be undefined\n  }\n}\n\nexports.compareIdentifiers = compareIdentifiers\n\nvar numeric = /^[0-9]+$/\nfunction compareIdentifiers (a, b) {\n  var anum = numeric.test(a)\n  var bnum = numeric.test(b)\n\n  if (anum && bnum) {\n    a = +a\n    b = +b\n  }\n\n  return a === b ? 0\n    : (anum && !bnum) ? -1\n    : (bnum && !anum) ? 1\n    : a < b ? -1\n    : 1\n}\n\nexports.rcompareIdentifiers = rcompareIdentifiers\nfunction rcompareIdentifiers (a, b) {\n  return compareIdentifiers(b, a)\n}\n\nexports.major = major\nfunction major (a, loose) {\n  return new SemVer(a, loose).major\n}\n\nexports.minor = minor\nfunction minor (a, loose) {\n  return new SemVer(a, loose).minor\n}\n\nexports.patch = patch\nfunction patch (a, loose) {\n  return new SemVer(a, loose).patch\n}\n\nexports.compare = compare\nfunction compare (a, b, loose) {\n  return new SemVer(a, loose).compare(new SemVer(b, loose))\n}\n\nexports.compareLoose = compareLoose\nfunction compareLoose (a, b) {\n  return compare(a, b, true)\n}\n\nexports.compareBuild = compareBuild\nfunction compareBuild (a, b, loose) {\n  var versionA = new SemVer(a, loose)\n  var versionB = new SemVer(b, loose)\n  return versionA.compare(versionB) || versionA.compareBuild(versionB)\n}\n\nexports.rcompare = rcompare\nfunction rcompare (a, b, loose) {\n  return compare(b, a, loose)\n}\n\nexports.sort = sort\nfunction sort (list, loose) {\n  return list.sort(function (a, b) {\n    return exports.compareBuild(a, b, loose)\n  })\n}\n\nexports.rsort = rsort\nfunction rsort (list, loose) {\n  return list.sort(function (a, b) {\n    return exports.compareBuild(b, a, loose)\n  })\n}\n\nexports.gt = gt\nfunction gt (a, b, loose) {\n  return compare(a, b, loose) > 0\n}\n\nexports.lt = lt\nfunction lt (a, b, loose) {\n  return compare(a, b, loose) < 0\n}\n\nexports.eq = eq\nfunction eq (a, b, loose) {\n  return compare(a, b, loose) === 0\n}\n\nexports.neq = neq\nfunction neq (a, b, loose) {\n  return compare(a, b, loose) !== 0\n}\n\nexports.gte = gte\nfunction gte (a, b, loose) {\n  return compare(a, b, loose) >= 0\n}\n\nexports.lte = lte\nfunction lte (a, b, loose) {\n  return compare(a, b, loose) <= 0\n}\n\nexports.cmp = cmp\nfunction cmp (a, op, b, loose) {\n  switch (op) {\n    case '===':\n      if (typeof a === 'object')\n        a = a.version\n      if (typeof b === 'object')\n        b = b.version\n      return a === b\n\n    case '!==':\n      if (typeof a === 'object')\n        a = a.version\n      if (typeof b === 'object')\n        b = b.version\n      return a !== b\n\n    case '':\n    case '=':\n    case '==':\n      return eq(a, b, loose)\n\n    case '!=':\n      return neq(a, b, loose)\n\n    case '>':\n      return gt(a, b, loose)\n\n    case '>=':\n      return gte(a, b, loose)\n\n    case '<':\n      return lt(a, b, loose)\n\n    case '<=':\n      return lte(a, b, loose)\n\n    default:\n      throw new TypeError('Invalid operator: ' + op)\n  }\n}\n\nexports.Comparator = Comparator\nfunction Comparator (comp, options) {\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n\n  if (comp instanceof Comparator) {\n    if (comp.loose === !!options.loose) {\n      return comp\n    } else {\n      comp = comp.value\n    }\n  }\n\n  if (!(this instanceof Comparator)) {\n    return new Comparator(comp, options)\n  }\n\n  comp = comp.trim().split(/\\s+/).join(' ')\n  debug('comparator', comp, options)\n  this.options = options\n  this.loose = !!options.loose\n  this.parse(comp)\n\n  if (this.semver === ANY) {\n    this.value = ''\n  } else {\n    this.value = this.operator + this.semver.version\n  }\n\n  debug('comp', this)\n}\n\nvar ANY = {}\nComparator.prototype.parse = function (comp) {\n  var r = this.options.loose ? safeRe[t.COMPARATORLOOSE] : safeRe[t.COMPARATOR]\n  var m = comp.match(r)\n\n  if (!m) {\n    throw new TypeError('Invalid comparator: ' + comp)\n  }\n\n  this.operator = m[1] !== undefined ? m[1] : ''\n  if (this.operator === '=') {\n    this.operator = ''\n  }\n\n  // if it literally is just '>' or '' then allow anything.\n  if (!m[2]) {\n    this.semver = ANY\n  } else {\n    this.semver = new SemVer(m[2], this.options.loose)\n  }\n}\n\nComparator.prototype.toString = function () {\n  return this.value\n}\n\nComparator.prototype.test = function (version) {\n  debug('Comparator.test', version, this.options.loose)\n\n  if (this.semver === ANY || version === ANY) {\n    return true\n  }\n\n  if (typeof version === 'string') {\n    try {\n      version = new SemVer(version, this.options)\n    } catch (er) {\n      return false\n    }\n  }\n\n  return cmp(version, this.operator, this.semver, this.options)\n}\n\nComparator.prototype.intersects = function (comp, options) {\n  if (!(comp instanceof Comparator)) {\n    throw new TypeError('a Comparator is required')\n  }\n\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n\n  var rangeTmp\n\n  if (this.operator === '') {\n    if (this.value === '') {\n      return true\n    }\n    rangeTmp = new Range(comp.value, options)\n    return satisfies(this.value, rangeTmp, options)\n  } else if (comp.operator === '') {\n    if (comp.value === '') {\n      return true\n    }\n    rangeTmp = new Range(this.value, options)\n    return satisfies(comp.semver, rangeTmp, options)\n  }\n\n  var sameDirectionIncreasing =\n    (this.operator === '>=' || this.operator === '>') &&\n    (comp.operator === '>=' || comp.operator === '>')\n  var sameDirectionDecreasing =\n    (this.operator === '<=' || this.operator === '<') &&\n    (comp.operator === '<=' || comp.operator === '<')\n  var sameSemVer = this.semver.version === comp.semver.version\n  var differentDirectionsInclusive =\n    (this.operator === '>=' || this.operator === '<=') &&\n    (comp.operator === '>=' || comp.operator === '<=')\n  var oppositeDirectionsLessThan =\n    cmp(this.semver, '<', comp.semver, options) &&\n    ((this.operator === '>=' || this.operator === '>') &&\n    (comp.operator === '<=' || comp.operator === '<'))\n  var oppositeDirectionsGreaterThan =\n    cmp(this.semver, '>', comp.semver, options) &&\n    ((this.operator === '<=' || this.operator === '<') &&\n    (comp.operator === '>=' || comp.operator === '>'))\n\n  return sameDirectionIncreasing || sameDirectionDecreasing ||\n    (sameSemVer && differentDirectionsInclusive) ||\n    oppositeDirectionsLessThan || oppositeDirectionsGreaterThan\n}\n\nexports.Range = Range\nfunction Range (range, options) {\n  if (!options || typeof options !== 'object') {\n    options = {\n      loose: !!options,\n      includePrerelease: false\n    }\n  }\n\n  if (range instanceof Range) {\n    if (range.loose === !!options.loose &&\n        range.includePrerelease === !!options.includePrerelease) {\n      return range\n    } else {\n      return new Range(range.raw, options)\n    }\n  }\n\n  if (range instanceof Comparator) {\n    return new Range(range.value, options)\n  }\n\n  if (!(this instanceof Range)) {\n    return new Range(range, options)\n  }\n\n  this.options = options\n  this.loose = !!options.loose\n  this.includePrerelease = !!options.includePrerelease\n\n  // First reduce all whitespace as much as possible so we do not have to rely\n  // on potentially slow regexes like \\s*. This is then stored and used for\n  // future error messages as well.\n  this.raw = range\n    .trim()\n    .split(/\\s+/)\n    .join(' ')\n\n  // First, split based on boolean or ||\n  this.set = this.raw.split('||').map(function (range) {\n    return this.parseRange(range.trim())\n  }, this).filter(function (c) {\n    // throw out any that are not relevant for whatever reason\n    return c.length\n  })\n\n  if (!this.set.length) {\n    throw new TypeError('Invalid SemVer Range: ' + this.raw)\n  }\n\n  this.format()\n}\n\nRange.prototype.format = function () {\n  this.range = this.set.map(function (comps) {\n    return comps.join(' ').trim()\n  }).join('||').trim()\n  return this.range\n}\n\nRange.prototype.toString = function () {\n  return this.range\n}\n\nRange.prototype.parseRange = function (range) {\n  var loose = this.options.loose\n  // `1.2.3 - 1.2.4` => `>=1.2.3 <=1.2.4`\n  var hr = loose ? safeRe[t.HYPHENRANGELOOSE] : safeRe[t.HYPHENRANGE]\n  range = range.replace(hr, hyphenReplace)\n  debug('hyphen replace', range)\n  // `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5`\n  range = range.replace(safeRe[t.COMPARATORTRIM], comparatorTrimReplace)\n  debug('comparator trim', range, safeRe[t.COMPARATORTRIM])\n\n  // `~ 1.2.3` => `~1.2.3`\n  range = range.replace(safeRe[t.TILDETRIM], tildeTrimReplace)\n\n  // `^ 1.2.3` => `^1.2.3`\n  range = range.replace(safeRe[t.CARETTRIM], caretTrimReplace)\n\n  // normalize spaces\n  range = range.split(/\\s+/).join(' ')\n\n  // At this point, the range is completely trimmed and\n  // ready to be split into comparators.\n\n  var compRe = loose ? safeRe[t.COMPARATORLOOSE] : safeRe[t.COMPARATOR]\n  var set = range.split(' ').map(function (comp) {\n    return parseComparator(comp, this.options)\n  }, this).join(' ').split(/\\s+/)\n  if (this.options.loose) {\n    // in loose mode, throw out any that are not valid comparators\n    set = set.filter(function (comp) {\n      return !!comp.match(compRe)\n    })\n  }\n  set = set.map(function (comp) {\n    return new Comparator(comp, this.options)\n  }, this)\n\n  return set\n}\n\nRange.prototype.intersects = function (range, options) {\n  if (!(range instanceof Range)) {\n    throw new TypeError('a Range is required')\n  }\n\n  return this.set.some(function (thisComparators) {\n    return (\n      isSatisfiable(thisComparators, options) &&\n      range.set.some(function (rangeComparators) {\n        return (\n          isSatisfiable(rangeComparators, options) &&\n          thisComparators.every(function (thisComparator) {\n            return rangeComparators.every(function (rangeComparator) {\n              return thisComparator.intersects(rangeComparator, options)\n            })\n          })\n        )\n      })\n    )\n  })\n}\n\n// take a set of comparators and determine whether there\n// exists a version which can satisfy it\nfunction isSatisfiable (comparators, options) {\n  var result = true\n  var remainingComparators = comparators.slice()\n  var testComparator = remainingComparators.pop()\n\n  while (result && remainingComparators.length) {\n    result = remainingComparators.every(function (otherComparator) {\n      return testComparator.intersects(otherComparator, options)\n    })\n\n    testComparator = remainingComparators.pop()\n  }\n\n  return result\n}\n\n// Mostly just for testing and legacy API reasons\nexports.toComparators = toComparators\nfunction toComparators (range, options) {\n  return new Range(range, options).set.map(function (comp) {\n    return comp.map(function (c) {\n      return c.value\n    }).join(' ').trim().split(' ')\n  })\n}\n\n// comprised of xranges, tildes, stars, and gtlt's at this point.\n// already replaced the hyphen ranges\n// turn into a set of JUST comparators.\nfunction parseComparator (comp, options) {\n  debug('comp', comp, options)\n  comp = replaceCarets(comp, options)\n  debug('caret', comp)\n  comp = replaceTildes(comp, options)\n  debug('tildes', comp)\n  comp = replaceXRanges(comp, options)\n  debug('xrange', comp)\n  comp = replaceStars(comp, options)\n  debug('stars', comp)\n  return comp\n}\n\nfunction isX (id) {\n  return !id || id.toLowerCase() === 'x' || id === '*'\n}\n\n// ~, ~> --> * (any, kinda silly)\n// ~2, ~2.x, ~2.x.x, ~>2, ~>2.x ~>2.x.x --> >=2.0.0 <3.0.0\n// ~2.0, ~2.0.x, ~>2.0, ~>2.0.x --> >=2.0.0 <2.1.0\n// ~1.2, ~1.2.x, ~>1.2, ~>1.2.x --> >=1.2.0 <1.3.0\n// ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0\n// ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0\nfunction replaceTildes (comp, options) {\n  return comp.trim().split(/\\s+/).map(function (comp) {\n    return replaceTilde(comp, options)\n  }).join(' ')\n}\n\nfunction replaceTilde (comp, options) {\n  var r = options.loose ? safeRe[t.TILDELOOSE] : safeRe[t.TILDE]\n  return comp.replace(r, function (_, M, m, p, pr) {\n    debug('tilde', comp, _, M, m, p, pr)\n    var ret\n\n    if (isX(M)) {\n      ret = ''\n    } else if (isX(m)) {\n      ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'\n    } else if (isX(p)) {\n      // ~1.2 == >=1.2.0 <1.3.0\n      ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'\n    } else if (pr) {\n      debug('replaceTilde pr', pr)\n      ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n            ' <' + M + '.' + (+m + 1) + '.0'\n    } else {\n      // ~1.2.3 == >=1.2.3 <1.3.0\n      ret = '>=' + M + '.' + m + '.' + p +\n            ' <' + M + '.' + (+m + 1) + '.0'\n    }\n\n    debug('tilde return', ret)\n    return ret\n  })\n}\n\n// ^ --> * (any, kinda silly)\n// ^2, ^2.x, ^2.x.x --> >=2.0.0 <3.0.0\n// ^2.0, ^2.0.x --> >=2.0.0 <3.0.0\n// ^1.2, ^1.2.x --> >=1.2.0 <2.0.0\n// ^1.2.3 --> >=1.2.3 <2.0.0\n// ^1.2.0 --> >=1.2.0 <2.0.0\nfunction replaceCarets (comp, options) {\n  return comp.trim().split(/\\s+/).map(function (comp) {\n    return replaceCaret(comp, options)\n  }).join(' ')\n}\n\nfunction replaceCaret (comp, options) {\n  debug('caret', comp, options)\n  var r = options.loose ? safeRe[t.CARETLOOSE] : safeRe[t.CARET]\n  return comp.replace(r, function (_, M, m, p, pr) {\n    debug('caret', comp, _, M, m, p, pr)\n    var ret\n\n    if (isX(M)) {\n      ret = ''\n    } else if (isX(m)) {\n      ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'\n    } else if (isX(p)) {\n      if (M === '0') {\n        ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'\n      } else {\n        ret = '>=' + M + '.' + m + '.0 <' + (+M + 1) + '.0.0'\n      }\n    } else if (pr) {\n      debug('replaceCaret pr', pr)\n      if (M === '0') {\n        if (m === '0') {\n          ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n                ' <' + M + '.' + m + '.' + (+p + 1)\n        } else {\n          ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n                ' <' + M + '.' + (+m + 1) + '.0'\n        }\n      } else {\n        ret = '>=' + M + '.' + m + '.' + p + '-' + pr +\n              ' <' + (+M + 1) + '.0.0'\n      }\n    } else {\n      debug('no pr')\n      if (M === '0') {\n        if (m === '0') {\n          ret = '>=' + M + '.' + m + '.' + p +\n                ' <' + M + '.' + m + '.' + (+p + 1)\n        } else {\n          ret = '>=' + M + '.' + m + '.' + p +\n                ' <' + M + '.' + (+m + 1) + '.0'\n        }\n      } else {\n        ret = '>=' + M + '.' + m + '.' + p +\n              ' <' + (+M + 1) + '.0.0'\n      }\n    }\n\n    debug('caret return', ret)\n    return ret\n  })\n}\n\nfunction replaceXRanges (comp, options) {\n  debug('replaceXRanges', comp, options)\n  return comp.split(/\\s+/).map(function (comp) {\n    return replaceXRange(comp, options)\n  }).join(' ')\n}\n\nfunction replaceXRange (comp, options) {\n  comp = comp.trim()\n  var r = options.loose ? safeRe[t.XRANGELOOSE] : safeRe[t.XRANGE]\n  return comp.replace(r, function (ret, gtlt, M, m, p, pr) {\n    debug('xRange', comp, ret, gtlt, M, m, p, pr)\n    var xM = isX(M)\n    var xm = xM || isX(m)\n    var xp = xm || isX(p)\n    var anyX = xp\n\n    if (gtlt === '=' && anyX) {\n      gtlt = ''\n    }\n\n    // if we're including prereleases in the match, then we need\n    // to fix this to -0, the lowest possible prerelease value\n    pr = options.includePrerelease ? '-0' : ''\n\n    if (xM) {\n      if (gtlt === '>' || gtlt === '<') {\n        // nothing is allowed\n        ret = '<0.0.0-0'\n      } else {\n        // nothing is forbidden\n        ret = '*'\n      }\n    } else if (gtlt && anyX) {\n      // we know patch is an x, because we have any x at all.\n      // replace X with 0\n      if (xm) {\n        m = 0\n      }\n      p = 0\n\n      if (gtlt === '>') {\n        // >1 => >=2.0.0\n        // >1.2 => >=1.3.0\n        // >1.2.3 => >= 1.2.4\n        gtlt = '>='\n        if (xm) {\n          M = +M + 1\n          m = 0\n          p = 0\n        } else {\n          m = +m + 1\n          p = 0\n        }\n      } else if (gtlt === '<=') {\n        // <=0.7.x is actually <0.8.0, since any 0.7.x should\n        // pass.  Similarly, <=7.x is actually <8.0.0, etc.\n        gtlt = '<'\n        if (xm) {\n          M = +M + 1\n        } else {\n          m = +m + 1\n        }\n      }\n\n      ret = gtlt + M + '.' + m + '.' + p + pr\n    } else if (xm) {\n      ret = '>=' + M + '.0.0' + pr + ' <' + (+M + 1) + '.0.0' + pr\n    } else if (xp) {\n      ret = '>=' + M + '.' + m + '.0' + pr +\n        ' <' + M + '.' + (+m + 1) + '.0' + pr\n    }\n\n    debug('xRange return', ret)\n\n    return ret\n  })\n}\n\n// Because * is AND-ed with everything else in the comparator,\n// and '' means \"any version\", just remove the *s entirely.\nfunction replaceStars (comp, options) {\n  debug('replaceStars', comp, options)\n  // Looseness is ignored here.  star is always as loose as it gets!\n  return comp.trim().replace(safeRe[t.STAR], '')\n}\n\n// This function is passed to string.replace(re[t.HYPHENRANGE])\n// M, m, patch, prerelease, build\n// 1.2 - 3.4.5 => >=1.2.0 <=3.4.5\n// 1.2.3 - 3.4 => >=1.2.0 <3.5.0 Any 3.4.x will do\n// 1.2 - 3.4 => >=1.2.0 <3.5.0\nfunction hyphenReplace ($0,\n  from, fM, fm, fp, fpr, fb,\n  to, tM, tm, tp, tpr, tb) {\n  if (isX(fM)) {\n    from = ''\n  } else if (isX(fm)) {\n    from = '>=' + fM + '.0.0'\n  } else if (isX(fp)) {\n    from = '>=' + fM + '.' + fm + '.0'\n  } else {\n    from = '>=' + from\n  }\n\n  if (isX(tM)) {\n    to = ''\n  } else if (isX(tm)) {\n    to = '<' + (+tM + 1) + '.0.0'\n  } else if (isX(tp)) {\n    to = '<' + tM + '.' + (+tm + 1) + '.0'\n  } else if (tpr) {\n    to = '<=' + tM + '.' + tm + '.' + tp + '-' + tpr\n  } else {\n    to = '<=' + to\n  }\n\n  return (from + ' ' + to).trim()\n}\n\n// if ANY of the sets match ALL of its comparators, then pass\nRange.prototype.test = function (version) {\n  if (!version) {\n    return false\n  }\n\n  if (typeof version === 'string') {\n    try {\n      version = new SemVer(version, this.options)\n    } catch (er) {\n      return false\n    }\n  }\n\n  for (var i = 0; i < this.set.length; i++) {\n    if (testSet(this.set[i], version, this.options)) {\n      return true\n    }\n  }\n  return false\n}\n\nfunction testSet (set, version, options) {\n  for (var i = 0; i < set.length; i++) {\n    if (!set[i].test(version)) {\n      return false\n    }\n  }\n\n  if (version.prerelease.length && !options.includePrerelease) {\n    // Find the set of versions that are allowed to have prereleases\n    // For example, ^1.2.3-pr.1 desugars to >=1.2.3-pr.1 <2.0.0\n    // That should allow `1.2.3-pr.2` to pass.\n    // However, `1.2.4-alpha.notready` should NOT be allowed,\n    // even though it's within the range set by the comparators.\n    for (i = 0; i < set.length; i++) {\n      debug(set[i].semver)\n      if (set[i].semver === ANY) {\n        continue\n      }\n\n      if (set[i].semver.prerelease.length > 0) {\n        var allowed = set[i].semver\n        if (allowed.major === version.major &&\n            allowed.minor === version.minor &&\n            allowed.patch === version.patch) {\n          return true\n        }\n      }\n    }\n\n    // Version has a -pre, but it's not one of the ones we like.\n    return false\n  }\n\n  return true\n}\n\nexports.satisfies = satisfies\nfunction satisfies (version, range, options) {\n  try {\n    range = new Range(range, options)\n  } catch (er) {\n    return false\n  }\n  return range.test(version)\n}\n\nexports.maxSatisfying = maxSatisfying\nfunction maxSatisfying (versions, range, options) {\n  var max = null\n  var maxSV = null\n  try {\n    var rangeObj = new Range(range, options)\n  } catch (er) {\n    return null\n  }\n  versions.forEach(function (v) {\n    if (rangeObj.test(v)) {\n      // satisfies(v, range, options)\n      if (!max || maxSV.compare(v) === -1) {\n        // compare(max, v, true)\n        max = v\n        maxSV = new SemVer(max, options)\n      }\n    }\n  })\n  return max\n}\n\nexports.minSatisfying = minSatisfying\nfunction minSatisfying (versions, range, options) {\n  var min = null\n  var minSV = null\n  try {\n    var rangeObj = new Range(range, options)\n  } catch (er) {\n    return null\n  }\n  versions.forEach(function (v) {\n    if (rangeObj.test(v)) {\n      // satisfies(v, range, options)\n      if (!min || minSV.compare(v) === 1) {\n        // compare(min, v, true)\n        min = v\n        minSV = new SemVer(min, options)\n      }\n    }\n  })\n  return min\n}\n\nexports.minVersion = minVersion\nfunction minVersion (range, loose) {\n  range = new Range(range, loose)\n\n  var minver = new SemVer('0.0.0')\n  if (range.test(minver)) {\n    return minver\n  }\n\n  minver = new SemVer('0.0.0-0')\n  if (range.test(minver)) {\n    return minver\n  }\n\n  minver = null\n  for (var i = 0; i < range.set.length; ++i) {\n    var comparators = range.set[i]\n\n    comparators.forEach(function (comparator) {\n      // Clone to avoid manipulating the comparator's semver object.\n      var compver = new SemVer(comparator.semver.version)\n      switch (comparator.operator) {\n        case '>':\n          if (compver.prerelease.length === 0) {\n            compver.patch++\n          } else {\n            compver.prerelease.push(0)\n          }\n          compver.raw = compver.format()\n          /* fallthrough */\n        case '':\n        case '>=':\n          if (!minver || gt(minver, compver)) {\n            minver = compver\n          }\n          break\n        case '<':\n        case '<=':\n          /* Ignore maximum versions */\n          break\n        /* istanbul ignore next */\n        default:\n          throw new Error('Unexpected operation: ' + comparator.operator)\n      }\n    })\n  }\n\n  if (minver && range.test(minver)) {\n    return minver\n  }\n\n  return null\n}\n\nexports.validRange = validRange\nfunction validRange (range, options) {\n  try {\n    // Return '*' instead of '' so that truthiness works.\n    // This will throw if it's invalid anyway\n    return new Range(range, options).range || '*'\n  } catch (er) {\n    return null\n  }\n}\n\n// Determine if version is less than all the versions possible in the range\nexports.ltr = ltr\nfunction ltr (version, range, options) {\n  return outside(version, range, '<', options)\n}\n\n// Determine if version is greater than all the versions possible in the range.\nexports.gtr = gtr\nfunction gtr (version, range, options) {\n  return outside(version, range, '>', options)\n}\n\nexports.outside = outside\nfunction outside (version, range, hilo, options) {\n  version = new SemVer(version, options)\n  range = new Range(range, options)\n\n  var gtfn, ltefn, ltfn, comp, ecomp\n  switch (hilo) {\n    case '>':\n      gtfn = gt\n      ltefn = lte\n      ltfn = lt\n      comp = '>'\n      ecomp = '>='\n      break\n    case '<':\n      gtfn = lt\n      ltefn = gte\n      ltfn = gt\n      comp = '<'\n      ecomp = '<='\n      break\n    default:\n      throw new TypeError('Must provide a hilo val of \"<\" or \">\"')\n  }\n\n  // If it satisifes the range it is not outside\n  if (satisfies(version, range, options)) {\n    return false\n  }\n\n  // From now on, variable terms are as if we're in \"gtr\" mode.\n  // but note that everything is flipped for the \"ltr\" function.\n\n  for (var i = 0; i < range.set.length; ++i) {\n    var comparators = range.set[i]\n\n    var high = null\n    var low = null\n\n    comparators.forEach(function (comparator) {\n      if (comparator.semver === ANY) {\n        comparator = new Comparator('>=0.0.0')\n      }\n      high = high || comparator\n      low = low || comparator\n      if (gtfn(comparator.semver, high.semver, options)) {\n        high = comparator\n      } else if (ltfn(comparator.semver, low.semver, options)) {\n        low = comparator\n      }\n    })\n\n    // If the edge version comparator has a operator then our version\n    // isn't outside it\n    if (high.operator === comp || high.operator === ecomp) {\n      return false\n    }\n\n    // If the lowest version comparator has an operator and our version\n    // is less than it then it isn't higher than the range\n    if ((!low.operator || low.operator === comp) &&\n        ltefn(version, low.semver)) {\n      return false\n    } else if (low.operator === ecomp && ltfn(version, low.semver)) {\n      return false\n    }\n  }\n  return true\n}\n\nexports.prerelease = prerelease\nfunction prerelease (version, options) {\n  var parsed = parse(version, options)\n  return (parsed && parsed.prerelease.length) ? parsed.prerelease : null\n}\n\nexports.intersects = intersects\nfunction intersects (r1, r2, options) {\n  r1 = new Range(r1, options)\n  r2 = new Range(r2, options)\n  return r1.intersects(r2)\n}\n\nexports.coerce = coerce\nfunction coerce (version, options) {\n  if (version instanceof SemVer) {\n    return version\n  }\n\n  if (typeof version === 'number') {\n    version = String(version)\n  }\n\n  if (typeof version !== 'string') {\n    return null\n  }\n\n  options = options || {}\n\n  var match = null\n  if (!options.rtl) {\n    match = version.match(safeRe[t.COERCE])\n  } else {\n    // Find the right-most coercible string that does not share\n    // a terminus with a more left-ward coercible string.\n    // Eg, '1.2.3.4' wants to coerce '2.3.4', not '3.4' or '4'\n    //\n    // Walk through the string checking with a /g regexp\n    // Manually set the index so as to pick up overlapping matches.\n    // Stop when we get a match that ends at the string end, since no\n    // coercible string can be more right-ward without the same terminus.\n    var next\n    while ((next = safeRe[t.COERCERTL].exec(version)) &&\n      (!match || match.index + match[0].length !== version.length)\n    ) {\n      if (!match ||\n          next.index + next[0].length !== match.index + match[0].length) {\n        match = next\n      }\n      safeRe[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length\n    }\n    // leave it in a clean state\n    safeRe[t.COERCERTL].lastIndex = -1\n  }\n\n  if (match === null) {\n    return null\n  }\n\n  return parse(match[2] +\n    '.' + (match[3] || '0') +\n    '.' + (match[4] || '0'), options)\n}\n","module.exports = shellescape;\n\n// return a shell compatible format\nfunction shellescape(a) {\n  var ret = [];\n\n  a.forEach(function(s) {\n    if (!/^[A-Za-z0-9_\\/-]+$/.test(s)) {\n      s = \"'\"+s.replace(/'/g,\"'\\\\''\")+\"'\";\n      s = s.replace(/^(?:'')+/g, '') // unduplicate single-quote at the beginning\n        .replace(/\\\\'''/g, \"\\\\'\" ); // remove non-escaped single-quote if there are enclosed between 2 escaped\n    }\n    ret.push(s);\n  });\n\n  return ret.join(' ');\n}\n","'use strict';\n\nconst {\n  Duplex: DuplexStream,\n  Readable: ReadableStream,\n  Writable: WritableStream,\n} = require('stream');\n\nconst {\n  CHANNEL_EXTENDED_DATATYPE: { STDERR },\n} = require('./protocol/constants.js');\nconst { bufferSlice } = require('./protocol/utils.js');\n\nconst PACKET_SIZE = 32 * 1024;\nconst MAX_WINDOW = 2 * 1024 * 1024;\nconst WINDOW_THRESHOLD = MAX_WINDOW / 2;\n\nclass ClientStderr extends ReadableStream {\n  constructor(channel, streamOpts) {\n    super(streamOpts);\n\n    this._channel = channel;\n  }\n  _read(n) {\n    if (this._channel._waitChanDrain) {\n      this._channel._waitChanDrain = false;\n      if (this._channel.incoming.window <= WINDOW_THRESHOLD)\n        windowAdjust(this._channel);\n    }\n  }\n}\n\nclass ServerStderr extends WritableStream {\n  constructor(channel) {\n    super({ highWaterMark: MAX_WINDOW });\n\n    this._channel = channel;\n  }\n\n  _write(data, encoding, cb) {\n    const channel = this._channel;\n    const protocol = channel._client._protocol;\n    const outgoing = channel.outgoing;\n    const packetSize = outgoing.packetSize;\n    const id = outgoing.id;\n    let window = outgoing.window;\n    const len = data.length;\n    let p = 0;\n\n    if (outgoing.state !== 'open')\n      return;\n\n    while (len - p > 0 && window > 0) {\n      let sliceLen = len - p;\n      if (sliceLen > window)\n        sliceLen = window;\n      if (sliceLen > packetSize)\n        sliceLen = packetSize;\n\n      if (p === 0 && sliceLen === len)\n        protocol.channelExtData(id, data, STDERR);\n      else\n        protocol.channelExtData(id, bufferSlice(data, p, p + sliceLen), STDERR);\n\n      p += sliceLen;\n      window -= sliceLen;\n    }\n\n    outgoing.window = window;\n\n    if (len - p > 0) {\n      if (window === 0)\n        channel._waitWindow = true;\n      if (p > 0)\n        channel._chunkErr = bufferSlice(data, p, len);\n      else\n        channel._chunkErr = data;\n      channel._chunkcbErr = cb;\n      return;\n    }\n\n    cb();\n  }\n}\n\nclass Channel extends DuplexStream {\n  constructor(client, info, opts) {\n    const streamOpts = {\n      highWaterMark: MAX_WINDOW,\n      allowHalfOpen: (!opts || (opts && opts.allowHalfOpen !== false)),\n      emitClose: false,\n    };\n    super(streamOpts);\n    this.allowHalfOpen = streamOpts.allowHalfOpen;\n\n    const server = !!(opts && opts.server);\n\n    this.server = server;\n    this.type = info.type;\n    this.subtype = undefined;\n\n    /*\n      incoming and outgoing contain these properties:\n      {\n        id: undefined,\n        window: undefined,\n        packetSize: undefined,\n        state: 'closed'\n      }\n    */\n    this.incoming = info.incoming;\n    this.outgoing = info.outgoing;\n    this._callbacks = [];\n\n    this._client = client;\n    this._hasX11 = false;\n    this._exit = {\n      code: undefined,\n      signal: undefined,\n      dump: undefined,\n      desc: undefined,\n    };\n\n    this.stdin = this.stdout = this;\n\n    if (server)\n      this.stderr = new ServerStderr(this);\n    else\n      this.stderr = new ClientStderr(this, streamOpts);\n\n    // Outgoing data\n    this._waitWindow = false; // SSH-level backpressure\n\n    // Incoming data\n    this._waitChanDrain = false; // Channel Readable side backpressure\n\n    this._chunk = undefined;\n    this._chunkcb = undefined;\n    this._chunkErr = undefined;\n    this._chunkcbErr = undefined;\n\n    this.on('finish', onFinish)\n        .on('prefinish', onFinish); // For node v0.11+\n\n    this.on('end', onEnd).on('close', onEnd);\n  }\n\n  _read(n) {\n    if (this._waitChanDrain) {\n      this._waitChanDrain = false;\n      if (this.incoming.window <= WINDOW_THRESHOLD)\n        windowAdjust(this);\n    }\n  }\n\n  _write(data, encoding, cb) {\n    const protocol = this._client._protocol;\n    const outgoing = this.outgoing;\n    const packetSize = outgoing.packetSize;\n    const id = outgoing.id;\n    let window = outgoing.window;\n    const len = data.length;\n    let p = 0;\n\n    if (outgoing.state !== 'open')\n      return;\n\n    while (len - p > 0 && window > 0) {\n      let sliceLen = len - p;\n      if (sliceLen > window)\n        sliceLen = window;\n      if (sliceLen > packetSize)\n        sliceLen = packetSize;\n\n      if (p === 0 && sliceLen === len)\n        protocol.channelData(id, data);\n      else\n        protocol.channelData(id, bufferSlice(data, p, p + sliceLen));\n\n      p += sliceLen;\n      window -= sliceLen;\n    }\n\n    outgoing.window = window;\n\n    if (len - p > 0) {\n      if (window === 0)\n        this._waitWindow = true;\n      if (p > 0)\n        this._chunk = bufferSlice(data, p, len);\n      else\n        this._chunk = data;\n      this._chunkcb = cb;\n      return;\n    }\n\n    cb();\n  }\n\n  eof() {\n    if (this.outgoing.state === 'open') {\n      this.outgoing.state = 'eof';\n      this._client._protocol.channelEOF(this.outgoing.id);\n    }\n  }\n\n  close() {\n    if (this.outgoing.state === 'open' || this.outgoing.state === 'eof') {\n      this.outgoing.state = 'closing';\n      this._client._protocol.channelClose(this.outgoing.id);\n    }\n  }\n\n  destroy() {\n    this.end();\n    this.close();\n    return this;\n  }\n\n  // Session type-specific methods =============================================\n  setWindow(rows, cols, height, width) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (this.type === 'session'\n        && (this.subtype === 'shell' || this.subtype === 'exec')\n        && this.writable\n        && this.outgoing.state === 'open') {\n      this._client._protocol.windowChange(this.outgoing.id,\n                                          rows,\n                                          cols,\n                                          height,\n                                          width);\n    }\n  }\n\n  signal(signalName) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (this.type === 'session'\n        && this.writable\n        && this.outgoing.state === 'open') {\n      this._client._protocol.signal(this.outgoing.id, signalName);\n    }\n  }\n\n  exit(statusOrSignal, coreDumped, msg) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (this.type === 'session'\n        && this.writable\n        && this.outgoing.state === 'open') {\n      if (typeof statusOrSignal === 'number') {\n        this._client._protocol.exitStatus(this.outgoing.id, statusOrSignal);\n      } else {\n        this._client._protocol.exitSignal(this.outgoing.id,\n                                          statusOrSignal,\n                                          coreDumped,\n                                          msg);\n      }\n    }\n  }\n\n}\n\nfunction onFinish() {\n  this.eof();\n  if (this.server || !this.allowHalfOpen)\n    this.close();\n  this.writable = false;\n}\n\nfunction onEnd() {\n  this.readable = false;\n}\n\nfunction windowAdjust(self) {\n  if (self.outgoing.state === 'closed')\n    return;\n  const amt = MAX_WINDOW - self.incoming.window;\n  if (amt <= 0)\n    return;\n  self.incoming.window += amt;\n  self._client._protocol.channelWindowAdjust(self.outgoing.id, amt);\n}\n\nmodule.exports = {\n  Channel,\n  MAX_WINDOW,\n  PACKET_SIZE,\n  windowAdjust,\n  WINDOW_THRESHOLD,\n};\n",null,"// TODO:\n//    * add `.connected` or similar property to allow immediate connection\n//      status checking\n//    * add/improve debug output during user authentication phase\n'use strict';\n\nconst {\n  createHash,\n  getHashes,\n  randomFillSync,\n} = require('crypto');\nconst { Socket } = require('net');\nconst { lookup: dnsLookup } = require('dns');\nconst EventEmitter = require('events');\nconst HASHES = getHashes();\n\nconst {\n  COMPAT,\n  CHANNEL_EXTENDED_DATATYPE: { STDERR },\n  CHANNEL_OPEN_FAILURE,\n  DEFAULT_CIPHER,\n  DEFAULT_COMPRESSION,\n  DEFAULT_KEX,\n  DEFAULT_MAC,\n  DEFAULT_SERVER_HOST_KEY,\n  DISCONNECT_REASON,\n  DISCONNECT_REASON_BY_VALUE,\n  SUPPORTED_CIPHER,\n  SUPPORTED_COMPRESSION,\n  SUPPORTED_KEX,\n  SUPPORTED_MAC,\n  SUPPORTED_SERVER_HOST_KEY,\n} = require('./protocol/constants.js');\nconst { init: cryptoInit } = require('./protocol/crypto.js');\nconst Protocol = require('./protocol/Protocol.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst { SFTP } = require('./protocol/SFTP.js');\nconst {\n  bufferCopy,\n  makeBufferParser,\n  makeError,\n  readUInt32BE,\n  sigSSHToASN1,\n  writeUInt32BE,\n} = require('./protocol/utils.js');\n\nconst { AgentContext, createAgent, isAgent } = require('./agent.js');\nconst {\n  Channel,\n  MAX_WINDOW,\n  PACKET_SIZE,\n  windowAdjust,\n  WINDOW_THRESHOLD,\n} = require('./Channel.js');\nconst {\n  ChannelManager,\n  generateAlgorithmList,\n  isWritable,\n  onChannelOpenFailure,\n  onCHANNEL_CLOSE,\n} = require('./utils.js');\n\nconst bufferParser = makeBufferParser();\nconst sigParser = makeBufferParser();\nconst RE_OPENSSH = /^OpenSSH_(?:(?![0-4])\\d)|(?:\\d{2,})/;\nconst noop = (err) => {};\n\nclass Client extends EventEmitter {\n  constructor() {\n    super();\n\n    this.config = {\n      host: undefined,\n      port: undefined,\n      localAddress: undefined,\n      localPort: undefined,\n      forceIPv4: undefined,\n      forceIPv6: undefined,\n      keepaliveCountMax: undefined,\n      keepaliveInterval: undefined,\n      readyTimeout: undefined,\n      ident: undefined,\n\n      username: undefined,\n      password: undefined,\n      privateKey: undefined,\n      tryKeyboard: undefined,\n      agent: undefined,\n      allowAgentFwd: undefined,\n      authHandler: undefined,\n\n      hostHashAlgo: undefined,\n      hostHashCb: undefined,\n      strictVendor: undefined,\n      debug: undefined\n    };\n\n    this._agent = undefined;\n    this._readyTimeout = undefined;\n    this._chanMgr = undefined;\n    this._callbacks = undefined;\n    this._forwarding = undefined;\n    this._forwardingUnix = undefined;\n    this._acceptX11 = undefined;\n    this._agentFwdEnabled = undefined;\n    this._remoteVer = undefined;\n\n    this._protocol = undefined;\n    this._sock = undefined;\n    this._resetKA = undefined;\n  }\n\n  connect(cfg) {\n    if (this._sock && isWritable(this._sock)) {\n      this.once('close', () => {\n        this.connect(cfg);\n      });\n      this.end();\n      return this;\n    }\n\n    this.config.host = cfg.hostname || cfg.host || 'localhost';\n    this.config.port = cfg.port || 22;\n    this.config.localAddress = (typeof cfg.localAddress === 'string'\n                                ? cfg.localAddress\n                                : undefined);\n    this.config.localPort = (typeof cfg.localPort === 'string'\n                             || typeof cfg.localPort === 'number'\n                             ? cfg.localPort\n                             : undefined);\n    this.config.forceIPv4 = cfg.forceIPv4 || false;\n    this.config.forceIPv6 = cfg.forceIPv6 || false;\n    this.config.keepaliveCountMax = (typeof cfg.keepaliveCountMax === 'number'\n                                     && cfg.keepaliveCountMax >= 0\n                                     ? cfg.keepaliveCountMax\n                                     : 3);\n    this.config.keepaliveInterval = (typeof cfg.keepaliveInterval === 'number'\n                                     && cfg.keepaliveInterval > 0\n                                     ? cfg.keepaliveInterval\n                                     : 0);\n    this.config.readyTimeout = (typeof cfg.readyTimeout === 'number'\n                                && cfg.readyTimeout >= 0\n                                ? cfg.readyTimeout\n                                : 20000);\n    this.config.ident = (typeof cfg.ident === 'string'\n                         || Buffer.isBuffer(cfg.ident)\n                         ? cfg.ident\n                         : undefined);\n\n    const algorithms = {\n      kex: undefined,\n      serverHostKey: undefined,\n      cs: {\n        cipher: undefined,\n        mac: undefined,\n        compress: undefined,\n        lang: [],\n      },\n      sc: undefined,\n    };\n    let allOfferDefaults = true;\n    if (typeof cfg.algorithms === 'object' && cfg.algorithms !== null) {\n      algorithms.kex = generateAlgorithmList(cfg.algorithms.kex,\n                                             DEFAULT_KEX,\n                                             SUPPORTED_KEX);\n      if (algorithms.kex !== DEFAULT_KEX)\n        allOfferDefaults = false;\n\n      algorithms.serverHostKey =\n        generateAlgorithmList(cfg.algorithms.serverHostKey,\n                              DEFAULT_SERVER_HOST_KEY,\n                              SUPPORTED_SERVER_HOST_KEY);\n      if (algorithms.serverHostKey !== DEFAULT_SERVER_HOST_KEY)\n        allOfferDefaults = false;\n\n      algorithms.cs.cipher = generateAlgorithmList(cfg.algorithms.cipher,\n                                                   DEFAULT_CIPHER,\n                                                   SUPPORTED_CIPHER);\n      if (algorithms.cs.cipher !== DEFAULT_CIPHER)\n        allOfferDefaults = false;\n\n      algorithms.cs.mac = generateAlgorithmList(cfg.algorithms.hmac,\n                                                DEFAULT_MAC,\n                                                SUPPORTED_MAC);\n      if (algorithms.cs.mac !== DEFAULT_MAC)\n        allOfferDefaults = false;\n\n      algorithms.cs.compress = generateAlgorithmList(cfg.algorithms.compress,\n                                                     DEFAULT_COMPRESSION,\n                                                     SUPPORTED_COMPRESSION);\n      if (algorithms.cs.compress !== DEFAULT_COMPRESSION)\n        allOfferDefaults = false;\n\n      if (!allOfferDefaults)\n        algorithms.sc = algorithms.cs;\n    }\n\n    if (typeof cfg.username === 'string')\n      this.config.username = cfg.username;\n    else if (typeof cfg.user === 'string')\n      this.config.username = cfg.user;\n    else\n      throw new Error('Invalid username');\n\n    this.config.password = (typeof cfg.password === 'string'\n                            ? cfg.password\n                            : undefined);\n    this.config.privateKey = (typeof cfg.privateKey === 'string'\n                              || Buffer.isBuffer(cfg.privateKey)\n                              ? cfg.privateKey\n                              : undefined);\n    this.config.localHostname = (typeof cfg.localHostname === 'string'\n                                 ? cfg.localHostname\n                                 : undefined);\n    this.config.localUsername = (typeof cfg.localUsername === 'string'\n                                 ? cfg.localUsername\n                                 : undefined);\n    this.config.tryKeyboard = (cfg.tryKeyboard === true);\n    if (typeof cfg.agent === 'string' && cfg.agent.length)\n      this.config.agent = createAgent(cfg.agent);\n    else if (isAgent(cfg.agent))\n      this.config.agent = cfg.agent;\n    else\n      this.config.agent = undefined;\n    this.config.allowAgentFwd = (cfg.agentForward === true\n                                 && this.config.agent !== undefined);\n    let authHandler = this.config.authHandler = (\n      typeof cfg.authHandler === 'function'\n      || Array.isArray(cfg.authHandler)\n      ? cfg.authHandler\n      : undefined\n    );\n\n    this.config.strictVendor = (typeof cfg.strictVendor === 'boolean'\n                                ? cfg.strictVendor\n                                : true);\n\n    const debug = this.config.debug = (typeof cfg.debug === 'function'\n                                       ? cfg.debug\n                                       : undefined);\n\n    if (cfg.agentForward === true && !this.config.allowAgentFwd) {\n      throw new Error(\n        'You must set a valid agent path to allow agent forwarding'\n      );\n    }\n\n    let callbacks = this._callbacks = [];\n    this._chanMgr = new ChannelManager(this);\n    this._forwarding = {};\n    this._forwardingUnix = {};\n    this._acceptX11 = 0;\n    this._agentFwdEnabled = false;\n    this._agent = (this.config.agent ? this.config.agent : undefined);\n    this._remoteVer = undefined;\n    let privateKey;\n\n    if (this.config.privateKey) {\n      privateKey = parseKey(this.config.privateKey, cfg.passphrase);\n      if (privateKey instanceof Error)\n        throw new Error(`Cannot parse privateKey: ${privateKey.message}`);\n      if (Array.isArray(privateKey)) {\n        // OpenSSH's newer format only stores 1 key for now\n        privateKey = privateKey[0];\n      }\n      if (privateKey.getPrivatePEM() === null) {\n        throw new Error(\n          'privateKey value does not contain a (valid) private key'\n        );\n      }\n    }\n\n    let hostVerifier;\n    if (typeof cfg.hostVerifier === 'function') {\n      const hashCb = cfg.hostVerifier;\n      let hasher;\n      if (HASHES.indexOf(cfg.hostHash) !== -1) {\n        // Default to old behavior of hashing on user's behalf\n        hasher = createHash(cfg.hostHash);\n      }\n      hostVerifier = (key, verify) => {\n        if (hasher) {\n          hasher.update(key);\n          key = hasher.digest('hex');\n        }\n        const ret = hashCb(key, verify);\n        if (ret !== undefined)\n          verify(ret);\n      };\n    }\n\n    const sock = this._sock = (cfg.sock || new Socket());\n    let ready = false;\n    let sawHeader = false;\n    if (this._protocol)\n      this._protocol.cleanup();\n    const DEBUG_HANDLER = (!debug ? undefined : (p, display, msg) => {\n      debug(`Debug output from server: ${JSON.stringify(msg)}`);\n    });\n    const proto = this._protocol = new Protocol({\n      ident: this.config.ident,\n      offer: (allOfferDefaults ? undefined : algorithms),\n      onWrite: (data) => {\n        if (isWritable(sock))\n          sock.write(data);\n      },\n      onError: (err) => {\n        if (err.level === 'handshake')\n          clearTimeout(this._readyTimeout);\n        if (!proto._destruct)\n          sock.removeAllListeners('data');\n        this.emit('error', err);\n        try {\n          sock.end();\n        } catch {}\n      },\n      onHeader: (header) => {\n        sawHeader = true;\n        this._remoteVer = header.versions.software;\n        if (header.greeting)\n          this.emit('greeting', header.greeting);\n      },\n      onHandshakeComplete: (negotiated) => {\n        this.emit('handshake', negotiated);\n        if (!ready) {\n          ready = true;\n          proto.service('ssh-userauth');\n        }\n      },\n      debug,\n      hostVerifier,\n      messageHandlers: {\n        DEBUG: DEBUG_HANDLER,\n        DISCONNECT: (p, reason, desc) => {\n          if (reason !== DISCONNECT_REASON.BY_APPLICATION) {\n            if (!desc) {\n              desc = DISCONNECT_REASON_BY_VALUE[reason];\n              if (desc === undefined)\n                desc = `Unexpected disconnection reason: ${reason}`;\n            }\n            const err = new Error(desc);\n            err.code = reason;\n            this.emit('error', err);\n          }\n          sock.end();\n        },\n        SERVICE_ACCEPT: (p, name) => {\n          if (name === 'ssh-userauth')\n            tryNextAuth();\n        },\n        USERAUTH_BANNER: (p, msg) => {\n          this.emit('banner', msg);\n        },\n        USERAUTH_SUCCESS: (p) => {\n          // Start keepalive mechanism\n          resetKA();\n\n          clearTimeout(this._readyTimeout);\n\n          this.emit('ready');\n        },\n        USERAUTH_FAILURE: (p, authMethods, partialSuccess) => {\n          if (curAuth.type === 'agent') {\n            const pos = curAuth.agentCtx.pos();\n            debug && debug(`Client: Agent key #${pos + 1} failed`);\n            return tryNextAgentKey();\n          }\n\n          debug && debug(`Client: ${curAuth.type} auth failed`);\n\n          curPartial = partialSuccess;\n          curAuthsLeft = authMethods;\n          tryNextAuth();\n        },\n        USERAUTH_PASSWD_CHANGEREQ: (p, prompt) => {\n          if (curAuth.type === 'password') {\n            // TODO: support a `changePrompt()` on `curAuth` that defaults to\n            // emitting 'change password' as before\n            this.emit('change password', prompt, (newPassword) => {\n              proto.authPassword(\n                this.config.username,\n                this.config.password,\n                newPassword\n              );\n            });\n          }\n        },\n        USERAUTH_PK_OK: (p) => {\n          if (curAuth.type === 'agent') {\n            const key = curAuth.agentCtx.currentKey();\n            proto.authPK(curAuth.username, key, (buf, cb) => {\n              curAuth.agentCtx.sign(key, buf, {}, (err, signed) => {\n                if (err) {\n                  err.level = 'agent';\n                  this.emit('error', err);\n                } else {\n                  return cb(signed);\n                }\n\n                tryNextAgentKey();\n              });\n            });\n          } else if (curAuth.type === 'publickey') {\n            proto.authPK(curAuth.username, curAuth.key, (buf, cb) => {\n              const signature = curAuth.key.sign(buf);\n              if (signature instanceof Error) {\n                signature.message =\n                  `Error signing data with key: ${signature.message}`;\n                signature.level = 'client-authentication';\n                this.emit('error', signature);\n                return tryNextAuth();\n              }\n              cb(signature);\n            });\n          }\n        },\n        USERAUTH_INFO_REQUEST: (p, name, instructions, prompts) => {\n          if (curAuth.type === 'keyboard-interactive') {\n            const nprompts = (Array.isArray(prompts) ? prompts.length : 0);\n            if (nprompts === 0) {\n              debug && debug(\n                'Client: Sending automatic USERAUTH_INFO_RESPONSE'\n              );\n              proto.authInfoRes();\n              return;\n            }\n            // We sent a keyboard-interactive user authentication request and\n            // now the server is sending us the prompts we need to present to\n            // the user\n            curAuth.prompt(\n              name,\n              instructions,\n              '',\n              prompts,\n              (answers) => {\n                proto.authInfoRes(answers);\n              }\n            );\n          }\n        },\n        REQUEST_SUCCESS: (p, data) => {\n          if (callbacks.length)\n            callbacks.shift()(false, data);\n        },\n        REQUEST_FAILURE: (p) => {\n          if (callbacks.length)\n            callbacks.shift()(true);\n        },\n        GLOBAL_REQUEST: (p, name, wantReply, data) => {\n          switch (name) {\n            case 'hostkeys-00@openssh.com':\n              // Automatically verify keys before passing to end user\n              hostKeysProve(this, data, (err, keys) => {\n                if (err)\n                  return;\n                this.emit('hostkeys', keys);\n              });\n              if (wantReply)\n                proto.requestSuccess();\n              break;\n            default:\n              // Auto-reject all other global requests, this can be especially\n              // useful if the server is sending us dummy keepalive global\n              // requests\n              if (wantReply)\n                proto.requestFailure();\n          }\n        },\n        CHANNEL_OPEN: (p, info) => {\n          // Handle incoming requests from server, typically a forwarded TCP or\n          // X11 connection\n          onCHANNEL_OPEN(this, info);\n        },\n        CHANNEL_OPEN_CONFIRMATION: (p, info) => {\n          const channel = this._chanMgr.get(info.recipient);\n          if (typeof channel !== 'function')\n            return;\n\n          const isSFTP = (channel.type === 'sftp');\n          const type = (isSFTP ? 'session' : channel.type);\n          const chanInfo = {\n            type,\n            incoming: {\n              id: info.recipient,\n              window: MAX_WINDOW,\n              packetSize: PACKET_SIZE,\n              state: 'open'\n            },\n            outgoing: {\n              id: info.sender,\n              window: info.window,\n              packetSize: info.packetSize,\n              state: 'open'\n            }\n          };\n          const instance = (\n            isSFTP\n            ? new SFTP(this, chanInfo, { debug })\n            : new Channel(this, chanInfo)\n          );\n          this._chanMgr.update(info.recipient, instance);\n          channel(undefined, instance);\n        },\n        CHANNEL_OPEN_FAILURE: (p, recipient, reason, description) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'function')\n            return;\n\n          const info = { reason, description };\n          onChannelOpenFailure(this, recipient, info, channel);\n        },\n        CHANNEL_DATA: (p, recipient, data) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          // The remote party should not be sending us data if there is no\n          // window space available ...\n          // TODO: raise error on data with not enough window?\n          if (channel.incoming.window === 0)\n            return;\n\n          channel.incoming.window -= data.length;\n\n          if (channel.push(data) === false) {\n            channel._waitChanDrain = true;\n            return;\n          }\n\n          if (channel.incoming.window <= WINDOW_THRESHOLD)\n            windowAdjust(channel);\n        },\n        CHANNEL_EXTENDED_DATA: (p, recipient, data, type) => {\n          if (type !== STDERR)\n            return;\n\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          // The remote party should not be sending us data if there is no\n          // window space available ...\n          // TODO: raise error on data with not enough window?\n          if (channel.incoming.window === 0)\n            return;\n\n          channel.incoming.window -= data.length;\n\n          if (!channel.stderr.push(data)) {\n            channel._waitChanDrain = true;\n            return;\n          }\n\n          if (channel.incoming.window <= WINDOW_THRESHOLD)\n            windowAdjust(channel);\n        },\n        CHANNEL_WINDOW_ADJUST: (p, recipient, amount) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          // The other side is allowing us to send `amount` more bytes of data\n          channel.outgoing.window += amount;\n\n          if (channel._waitWindow) {\n            channel._waitWindow = false;\n\n            if (channel._chunk) {\n              channel._write(channel._chunk, null, channel._chunkcb);\n            } else if (channel._chunkcb) {\n              channel._chunkcb();\n            } else if (channel._chunkErr) {\n              channel.stderr._write(channel._chunkErr,\n                                    null,\n                                    channel._chunkcbErr);\n            } else if (channel._chunkcbErr) {\n              channel._chunkcbErr();\n            }\n          }\n        },\n        CHANNEL_SUCCESS: (p, recipient) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          this._resetKA();\n\n          if (channel._callbacks.length)\n            channel._callbacks.shift()(false);\n        },\n        CHANNEL_FAILURE: (p, recipient) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          this._resetKA();\n\n          if (channel._callbacks.length)\n            channel._callbacks.shift()(true);\n        },\n        CHANNEL_REQUEST: (p, recipient, type, wantReply, data) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          const exit = channel._exit;\n          if (exit.code !== undefined)\n            return;\n          switch (type) {\n            case 'exit-status':\n              channel.emit('exit', exit.code = data);\n              return;\n            case 'exit-signal':\n              channel.emit('exit',\n                           exit.code = null,\n                           exit.signal = `SIG${data.signal}`,\n                           exit.dump = data.coreDumped,\n                           exit.desc = data.errorMessage);\n              return;\n          }\n\n          // Keepalive request? OpenSSH will send one as a channel request if\n          // there is a channel open\n\n          if (wantReply)\n            p.channelFailure(channel.outgoing.id);\n        },\n        CHANNEL_EOF: (p, recipient) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.incoming.state !== 'open')\n            return;\n          channel.incoming.state = 'eof';\n\n          if (channel.readable)\n            channel.push(null);\n          if (channel.stderr.readable)\n            channel.stderr.push(null);\n        },\n        CHANNEL_CLOSE: (p, recipient) => {\n          onCHANNEL_CLOSE(this, recipient, this._chanMgr.get(recipient));\n        },\n      },\n    });\n\n    sock.pause();\n\n    // TODO: check keepalive implementation\n    // Keepalive-related\n    const kainterval = this.config.keepaliveInterval;\n    const kacountmax = this.config.keepaliveCountMax;\n    let kacount = 0;\n    let katimer;\n    const sendKA = () => {\n      if (++kacount > kacountmax) {\n        clearInterval(katimer);\n        if (sock.readable) {\n          const err = new Error('Keepalive timeout');\n          err.level = 'client-timeout';\n          this.emit('error', err);\n          sock.destroy();\n        }\n        return;\n      }\n      if (isWritable(sock)) {\n        // Append dummy callback to keep correct callback order\n        callbacks.push(resetKA);\n        proto.ping();\n      } else {\n        clearInterval(katimer);\n      }\n    };\n    function resetKA() {\n      if (kainterval > 0) {\n        kacount = 0;\n        clearInterval(katimer);\n        if (isWritable(sock))\n          katimer = setInterval(sendKA, kainterval);\n      }\n    }\n    this._resetKA = resetKA;\n\n    const onDone = (() => {\n      let called = false;\n      return () => {\n        if (called)\n          return;\n        called = true;\n        if (wasConnected && !sawHeader) {\n          const err =\n            makeError('Connection lost before handshake', 'protocol', true);\n          this.emit('error', err);\n        }\n      };\n    })();\n    const onConnect = (() => {\n      let called = false;\n      return () => {\n        if (called)\n          return;\n        called = true;\n\n        wasConnected = true;\n        debug && debug('Socket connected');\n        this.emit('connect');\n\n        cryptoInit.then(() => {\n          proto.start();\n          sock.on('data', (data) => {\n            try {\n              proto.parse(data, 0, data.length);\n            } catch (ex) {\n              this.emit('error', ex);\n              try {\n                if (isWritable(sock))\n                  sock.end();\n              } catch {}\n            }\n          });\n\n          // Drain stderr if we are connection hopping using an exec stream\n          if (sock.stderr && typeof sock.stderr.resume === 'function')\n            sock.stderr.resume();\n\n          sock.resume();\n        }).catch((err) => {\n          this.emit('error', err);\n          try {\n            if (isWritable(sock))\n              sock.end();\n          } catch {}\n        });\n      };\n    })();\n    let wasConnected = false;\n    sock.on('connect', onConnect)\n        .on('timeout', () => {\n      this.emit('timeout');\n    }).on('error', (err) => {\n      debug && debug(`Socket error: ${err.message}`);\n      clearTimeout(this._readyTimeout);\n      err.level = 'client-socket';\n      this.emit('error', err);\n    }).on('end', () => {\n      debug && debug('Socket ended');\n      onDone();\n      proto.cleanup();\n      clearTimeout(this._readyTimeout);\n      clearInterval(katimer);\n      this.emit('end');\n    }).on('close', () => {\n      debug && debug('Socket closed');\n      onDone();\n      proto.cleanup();\n      clearTimeout(this._readyTimeout);\n      clearInterval(katimer);\n      this.emit('close');\n\n      // Notify outstanding channel requests of disconnection ...\n      const callbacks_ = callbacks;\n      callbacks = this._callbacks = [];\n      const err = new Error('No response from server');\n      for (let i = 0; i < callbacks_.length; ++i)\n        callbacks_[i](err);\n\n      // Simulate error for any channels waiting to be opened\n      this._chanMgr.cleanup(err);\n    });\n\n    // Begin authentication handling ===========================================\n    let curAuth;\n    let curPartial = null;\n    let curAuthsLeft = null;\n    const authsAllowed = ['none'];\n    if (this.config.password !== undefined)\n      authsAllowed.push('password');\n    if (privateKey !== undefined)\n      authsAllowed.push('publickey');\n    if (this._agent !== undefined)\n      authsAllowed.push('agent');\n    if (this.config.tryKeyboard)\n      authsAllowed.push('keyboard-interactive');\n    if (privateKey !== undefined\n        && this.config.localHostname !== undefined\n        && this.config.localUsername !== undefined) {\n      authsAllowed.push('hostbased');\n    }\n\n    if (Array.isArray(authHandler))\n      authHandler = makeSimpleAuthHandler(authHandler);\n    else if (typeof authHandler !== 'function')\n      authHandler = makeSimpleAuthHandler(authsAllowed);\n\n    let hasSentAuth = false;\n    const doNextAuth = (nextAuth) => {\n      if (hasSentAuth)\n        return;\n      hasSentAuth = true;\n\n      if (nextAuth === false) {\n        const err = new Error('All configured authentication methods failed');\n        err.level = 'client-authentication';\n        this.emit('error', err);\n        this.end();\n        return;\n      }\n\n      if (typeof nextAuth === 'string') {\n        // Remain backwards compatible with original `authHandler()` usage,\n        // which only supported passing names of next method to try using data\n        // from the `connect()` config object\n\n        const type = nextAuth;\n        if (authsAllowed.indexOf(type) === -1)\n          return skipAuth(`Authentication method not allowed: ${type}`);\n\n        const username = this.config.username;\n        switch (type) {\n          case 'password':\n            nextAuth = { type, username, password: this.config.password };\n            break;\n          case 'publickey':\n            nextAuth = { type, username, key: privateKey };\n            break;\n          case 'hostbased':\n            nextAuth = {\n              type,\n              username,\n              key: privateKey,\n              localHostname: this.config.localHostname,\n              localUsername: this.config.localUsername,\n            };\n            break;\n          case 'agent':\n            nextAuth = {\n              type,\n              username,\n              agentCtx: new AgentContext(this._agent),\n            };\n            break;\n          case 'keyboard-interactive':\n            nextAuth = {\n              type,\n              username,\n              prompt: (...args) => this.emit('keyboard-interactive', ...args),\n            };\n            break;\n          case 'none':\n            nextAuth = { type, username };\n            break;\n          default:\n            return skipAuth(\n              `Skipping unsupported authentication method: ${nextAuth}`\n            );\n        }\n      } else if (typeof nextAuth !== 'object' || nextAuth === null) {\n        return skipAuth(\n          `Skipping invalid authentication attempt: ${nextAuth}`\n        );\n      } else {\n        const username = nextAuth.username;\n        if (typeof username !== 'string') {\n          return skipAuth(\n            `Skipping invalid authentication attempt: ${nextAuth}`\n          );\n        }\n        const type = nextAuth.type;\n        switch (type) {\n          case 'password': {\n            const { password } = nextAuth;\n            if (typeof password !== 'string' && !Buffer.isBuffer(password))\n              return skipAuth('Skipping invalid password auth attempt');\n            nextAuth = { type, username, password };\n            break;\n          }\n          case 'publickey': {\n            const key = parseKey(nextAuth.key, nextAuth.passphrase);\n            if (key instanceof Error)\n              return skipAuth('Skipping invalid key auth attempt');\n            if (!key.isPrivateKey())\n              return skipAuth('Skipping non-private key');\n            nextAuth = { type, username, key };\n            break;\n          }\n          case 'hostbased': {\n            const { localHostname, localUsername } = nextAuth;\n            const key = parseKey(nextAuth.key, nextAuth.passphrase);\n            if (key instanceof Error\n                || typeof localHostname !== 'string'\n                || typeof localUsername !== 'string') {\n              return skipAuth('Skipping invalid hostbased auth attempt');\n            }\n            if (!key.isPrivateKey())\n              return skipAuth('Skipping non-private key');\n            nextAuth = { type, username, key, localHostname, localUsername };\n            break;\n          }\n          case 'agent': {\n            let agent = nextAuth.agent;\n            if (typeof agent === 'string' && agent.length) {\n              agent = createAgent(agent);\n            } else if (!isAgent(agent)) {\n              return skipAuth(\n                `Skipping invalid agent: ${nextAuth.agent}`\n              );\n            }\n            nextAuth = { type, username, agentCtx: new AgentContext(agent) };\n            break;\n          }\n          case 'keyboard-interactive': {\n            const { prompt } = nextAuth;\n            if (typeof prompt !== 'function') {\n              return skipAuth(\n                'Skipping invalid keyboard-interactive auth attempt'\n              );\n            }\n            nextAuth = { type, username, prompt };\n            break;\n          }\n          case 'none':\n            nextAuth = { type, username };\n            break;\n          default:\n            return skipAuth(\n              `Skipping unsupported authentication method: ${nextAuth}`\n            );\n        }\n      }\n      curAuth = nextAuth;\n\n      // Begin authentication method's process\n      try {\n        const username = curAuth.username;\n        switch (curAuth.type) {\n          case 'password':\n            proto.authPassword(username, curAuth.password);\n            break;\n          case 'publickey':\n            proto.authPK(username, curAuth.key);\n            break;\n          case 'hostbased':\n            proto.authHostbased(username,\n                                curAuth.key,\n                                curAuth.localHostname,\n                                curAuth.localUsername,\n                                (buf, cb) => {\n              const signature = curAuth.key.sign(buf);\n              if (signature instanceof Error) {\n                signature.message =\n                  `Error while signing with key: ${signature.message}`;\n                signature.level = 'client-authentication';\n                this.emit('error', signature);\n                return tryNextAuth();\n              }\n\n              cb(signature);\n            });\n            break;\n          case 'agent':\n            curAuth.agentCtx.init((err) => {\n              if (err) {\n                err.level = 'agent';\n                this.emit('error', err);\n                return tryNextAuth();\n              }\n              tryNextAgentKey();\n            });\n            break;\n          case 'keyboard-interactive':\n            proto.authKeyboard(username);\n            break;\n          case 'none':\n            proto.authNone(username);\n            break;\n        }\n      } finally {\n        hasSentAuth = false;\n      }\n    };\n\n    function skipAuth(msg) {\n      debug && debug(msg);\n      process.nextTick(tryNextAuth);\n    }\n\n    function tryNextAuth() {\n      hasSentAuth = false;\n      const auth = authHandler(curAuthsLeft, curPartial, doNextAuth);\n      if (hasSentAuth || auth === undefined)\n        return;\n      doNextAuth(auth);\n    }\n\n    const tryNextAgentKey = () => {\n      if (curAuth.type === 'agent') {\n        const key = curAuth.agentCtx.nextKey();\n        if (key === false) {\n          debug && debug('Agent: No more keys left to try');\n          debug && debug('Client: agent auth failed');\n          tryNextAuth();\n        } else {\n          const pos = curAuth.agentCtx.pos();\n          debug && debug(`Agent: Trying key #${pos + 1}`);\n          proto.authPK(curAuth.username, key);\n        }\n      }\n    };\n\n    const startTimeout = () => {\n      if (this.config.readyTimeout > 0) {\n        this._readyTimeout = setTimeout(() => {\n          const err = new Error('Timed out while waiting for handshake');\n          err.level = 'client-timeout';\n          this.emit('error', err);\n          sock.destroy();\n        }, this.config.readyTimeout);\n      }\n    };\n\n    if (!cfg.sock) {\n      let host = this.config.host;\n      const forceIPv4 = this.config.forceIPv4;\n      const forceIPv6 = this.config.forceIPv6;\n\n      debug && debug(`Client: Trying ${host} on port ${this.config.port} ...`);\n\n      const doConnect = () => {\n        startTimeout();\n        sock.connect({\n          host,\n          port: this.config.port,\n          localAddress: this.config.localAddress,\n          localPort: this.config.localPort\n        });\n        sock.setNoDelay(true);\n        sock.setMaxListeners(0);\n        sock.setTimeout(typeof cfg.timeout === 'number' ? cfg.timeout : 0);\n      };\n\n      if ((!forceIPv4 && !forceIPv6) || (forceIPv4 && forceIPv6)) {\n        doConnect();\n      } else {\n        dnsLookup(host, (forceIPv4 ? 4 : 6), (err, address, family) => {\n          if (err) {\n            const type = (forceIPv4 ? 'IPv4' : 'IPv6');\n            const error = new Error(\n              `Error while looking up ${type} address for '${host}': ${err}`\n            );\n            clearTimeout(this._readyTimeout);\n            error.level = 'client-dns';\n            this.emit('error', error);\n            this.emit('close');\n            return;\n          }\n          host = address;\n          doConnect();\n        });\n      }\n    } else {\n      // Custom socket passed in\n      startTimeout();\n      if (typeof sock.connecting === 'boolean') {\n        // net.Socket\n\n        if (!sock.connecting) {\n          // Already connected\n          onConnect();\n        }\n      } else {\n        // Assume socket/stream is already \"connected\"\n        onConnect();\n      }\n    }\n\n    return this;\n  }\n\n  end() {\n    if (this._sock && isWritable(this._sock)) {\n      this._protocol.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n      this._sock.end();\n    }\n    return this;\n  }\n\n  destroy() {\n    this._sock && isWritable(this._sock) && this._sock.destroy();\n    return this;\n  }\n\n  exec(cmd, opts, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    if (typeof opts === 'function') {\n      cb = opts;\n      opts = {};\n    }\n\n    const extraOpts = { allowHalfOpen: (opts.allowHalfOpen !== false) };\n\n    openChannel(this, 'session', extraOpts, (err, chan) => {\n      if (err) {\n        cb(err);\n        return;\n      }\n\n      const todo = [];\n\n      function reqCb(err) {\n        if (err) {\n          chan.close();\n          cb(err);\n          return;\n        }\n        if (todo.length)\n          todo.shift()();\n      }\n\n      if (this.config.allowAgentFwd === true\n          || (opts\n              && opts.agentForward === true\n              && this._agent !== undefined)) {\n        todo.push(() => reqAgentFwd(chan, reqCb));\n      }\n\n      if (typeof opts === 'object' && opts !== null) {\n        if (typeof opts.env === 'object' && opts.env !== null)\n          reqEnv(chan, opts.env);\n        if ((typeof opts.pty === 'object' && opts.pty !== null)\n            || opts.pty === true) {\n          todo.push(() => reqPty(chan, opts.pty, reqCb));\n        }\n        if ((typeof opts.x11 === 'object' && opts.x11 !== null)\n            || opts.x11 === 'number'\n            || opts.x11 === true) {\n          todo.push(() => reqX11(chan, opts.x11, reqCb));\n        }\n      }\n\n      todo.push(() => reqExec(chan, cmd, opts, cb));\n      todo.shift()();\n    });\n\n    return this;\n  }\n\n  shell(wndopts, opts, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    if (typeof wndopts === 'function') {\n      cb = wndopts;\n      wndopts = opts = undefined;\n    } else if (typeof opts === 'function') {\n      cb = opts;\n      opts = undefined;\n    }\n    if (wndopts && (wndopts.x11 !== undefined || wndopts.env !== undefined)) {\n      opts = wndopts;\n      wndopts = undefined;\n    }\n\n    openChannel(this, 'session', (err, chan) => {\n      if (err) {\n        cb(err);\n        return;\n      }\n\n      const todo = [];\n\n      function reqCb(err) {\n        if (err) {\n          chan.close();\n          cb(err);\n          return;\n        }\n        if (todo.length)\n          todo.shift()();\n      }\n\n      if (this.config.allowAgentFwd === true\n          || (opts\n              && opts.agentForward === true\n              && this._agent !== undefined)) {\n        todo.push(() => reqAgentFwd(chan, reqCb));\n      }\n\n      if (wndopts !== false)\n        todo.push(() => reqPty(chan, wndopts, reqCb));\n\n      if (typeof opts === 'object' && opts !== null) {\n        if (typeof opts.env === 'object' && opts.env !== null)\n          reqEnv(chan, opts.env);\n        if ((typeof opts.x11 === 'object' && opts.x11 !== null)\n            || opts.x11 === 'number'\n            || opts.x11 === true) {\n          todo.push(() => reqX11(chan, opts.x11, reqCb));\n        }\n      }\n\n      todo.push(() => reqShell(chan, cb));\n      todo.shift()();\n    });\n\n    return this;\n  }\n\n  subsys(name, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    openChannel(this, 'session', (err, chan) => {\n      if (err) {\n        cb(err);\n        return;\n      }\n\n      reqSubsystem(chan, name, (err, stream) => {\n        if (err) {\n          cb(err);\n          return;\n        }\n\n        cb(undefined, stream);\n      });\n    });\n\n    return this;\n  }\n\n  forwardIn(bindAddr, bindPort, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    // Send a request for the server to start forwarding TCP connections to us\n    // on a particular address and port\n\n    const wantReply = (typeof cb === 'function');\n\n    if (wantReply) {\n      this._callbacks.push((had_err, data) => {\n        if (had_err) {\n          cb(had_err !== true\n             ? had_err\n             : new Error(`Unable to bind to ${bindAddr}:${bindPort}`));\n          return;\n        }\n\n        let realPort = bindPort;\n        if (bindPort === 0 && data && data.length >= 4) {\n          realPort = readUInt32BE(data, 0);\n          if (!(this._protocol._compatFlags & COMPAT.DYN_RPORT_BUG))\n            bindPort = realPort;\n        }\n\n        this._forwarding[`${bindAddr}:${bindPort}`] = realPort;\n\n        cb(undefined, realPort);\n      });\n    }\n\n    this._protocol.tcpipForward(bindAddr, bindPort, wantReply);\n\n    return this;\n  }\n\n  unforwardIn(bindAddr, bindPort, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    // Send a request to stop forwarding us new connections for a particular\n    // address and port\n\n    const wantReply = (typeof cb === 'function');\n\n    if (wantReply) {\n      this._callbacks.push((had_err) => {\n        if (had_err) {\n          cb(had_err !== true\n             ? had_err\n             : new Error(`Unable to unbind from ${bindAddr}:${bindPort}`));\n          return;\n        }\n\n        delete this._forwarding[`${bindAddr}:${bindPort}`];\n\n        cb();\n      });\n    }\n\n    this._protocol.cancelTcpipForward(bindAddr, bindPort, wantReply);\n\n    return this;\n  }\n\n  forwardOut(srcIP, srcPort, dstIP, dstPort, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    // Send a request to forward a TCP connection to the server\n\n    const cfg = {\n      srcIP: srcIP,\n      srcPort: srcPort,\n      dstIP: dstIP,\n      dstPort: dstPort\n    };\n\n    if (typeof cb !== 'function')\n      cb = noop;\n\n    openChannel(this, 'direct-tcpip', cfg, cb);\n\n    return this;\n  }\n\n  openssh_noMoreSessions(cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    const wantReply = (typeof cb === 'function');\n\n    if (!this.config.strictVendor\n        || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n      if (wantReply) {\n        this._callbacks.push((had_err) => {\n          if (had_err) {\n            cb(had_err !== true\n               ? had_err\n               : new Error('Unable to disable future sessions'));\n            return;\n          }\n\n          cb();\n        });\n      }\n\n      this._protocol.openssh_noMoreSessions(wantReply);\n      return this;\n    }\n\n    if (!wantReply)\n      return this;\n\n    process.nextTick(\n      cb,\n      new Error(\n        'strictVendor enabled and server is not OpenSSH or compatible version'\n      )\n    );\n\n    return this;\n  }\n\n  openssh_forwardInStreamLocal(socketPath, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    const wantReply = (typeof cb === 'function');\n\n    if (!this.config.strictVendor\n        || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n      if (wantReply) {\n        this._callbacks.push((had_err) => {\n          if (had_err) {\n            cb(had_err !== true\n               ? had_err\n               : new Error(`Unable to bind to ${socketPath}`));\n            return;\n          }\n          this._forwardingUnix[socketPath] = true;\n          cb();\n        });\n      }\n\n      this._protocol.openssh_streamLocalForward(socketPath, wantReply);\n      return this;\n    }\n\n    if (!wantReply)\n      return this;\n\n    process.nextTick(\n      cb,\n      new Error(\n        'strictVendor enabled and server is not OpenSSH or compatible version'\n      )\n    );\n\n    return this;\n  }\n\n  openssh_unforwardInStreamLocal(socketPath, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    const wantReply = (typeof cb === 'function');\n\n    if (!this.config.strictVendor\n        || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n      if (wantReply) {\n        this._callbacks.push((had_err) => {\n          if (had_err) {\n            cb(had_err !== true\n               ? had_err\n               : new Error(`Unable to unbind from ${socketPath}`));\n            return;\n          }\n          delete this._forwardingUnix[socketPath];\n          cb();\n        });\n      }\n\n      this._protocol.openssh_cancelStreamLocalForward(socketPath, wantReply);\n      return this;\n    }\n\n    if (!wantReply)\n      return this;\n\n    process.nextTick(\n      cb,\n      new Error(\n        'strictVendor enabled and server is not OpenSSH or compatible version'\n      )\n    );\n\n    return this;\n  }\n\n  openssh_forwardOutStreamLocal(socketPath, cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    if (typeof cb !== 'function')\n      cb = noop;\n\n    if (!this.config.strictVendor\n        || (this.config.strictVendor && RE_OPENSSH.test(this._remoteVer))) {\n      openChannel(this, 'direct-streamlocal@openssh.com', { socketPath }, cb);\n      return this;\n    }\n    process.nextTick(\n      cb,\n      new Error(\n        'strictVendor enabled and server is not OpenSSH or compatible version'\n      )\n    );\n\n    return this;\n  }\n\n  sftp(cb) {\n    if (!this._sock || !isWritable(this._sock))\n      throw new Error('Not connected');\n\n    openChannel(this, 'sftp', (err, sftp) => {\n      if (err) {\n        cb(err);\n        return;\n      }\n\n      reqSubsystem(sftp, 'sftp', (err, sftp_) => {\n        if (err) {\n          cb(err);\n          return;\n        }\n\n        function removeListeners() {\n          sftp.removeListener('ready', onReady);\n          sftp.removeListener('error', onError);\n          sftp.removeListener('exit', onExit);\n          sftp.removeListener('close', onExit);\n        }\n\n        function onReady() {\n          // TODO: do not remove exit/close in case remote end closes the\n          // channel abruptly and we need to notify outstanding callbacks\n          removeListeners();\n          cb(undefined, sftp);\n        }\n\n        function onError(err) {\n          removeListeners();\n          cb(err);\n        }\n\n        function onExit(code, signal) {\n          removeListeners();\n          let msg;\n          if (typeof code === 'number')\n            msg = `Received exit code ${code} while establishing SFTP session`;\n          else if (signal !== undefined)\n            msg = `Received signal ${signal} while establishing SFTP session`;\n          else\n            msg = 'Received unexpected SFTP session termination';\n          const err = new Error(msg);\n          err.code = code;\n          err.signal = signal;\n          cb(err);\n        }\n\n        sftp.on('ready', onReady)\n            .on('error', onError)\n            .on('exit', onExit)\n            .on('close', onExit);\n\n        sftp._init();\n      });\n    });\n\n    return this;\n  }\n}\n\nfunction openChannel(self, type, opts, cb) {\n  // Ask the server to open a channel for some purpose\n  // (e.g. session (sftp, exec, shell), or forwarding a TCP connection\n  const initWindow = MAX_WINDOW;\n  const maxPacket = PACKET_SIZE;\n\n  if (typeof opts === 'function') {\n    cb = opts;\n    opts = {};\n  }\n\n  const wrapper = (err, stream) => {\n    cb(err, stream);\n  };\n  wrapper.type = type;\n\n  const localChan = self._chanMgr.add(wrapper);\n\n  if (localChan === -1) {\n    cb(new Error('No free channels available'));\n    return;\n  }\n\n  switch (type) {\n    case 'session':\n    case 'sftp':\n      self._protocol.session(localChan, initWindow, maxPacket);\n      break;\n    case 'direct-tcpip':\n      self._protocol.directTcpip(localChan, initWindow, maxPacket, opts);\n      break;\n    case 'direct-streamlocal@openssh.com':\n      self._protocol.openssh_directStreamLocal(\n        localChan, initWindow, maxPacket, opts\n      );\n      break;\n    default:\n      throw new Error(`Unsupported channel type: ${type}`);\n  }\n}\n\nfunction reqX11(chan, screen, cb) {\n  // Asks server to start sending us X11 connections\n  const cfg = {\n    single: false,\n    protocol: 'MIT-MAGIC-COOKIE-1',\n    cookie: undefined,\n    screen: 0\n  };\n\n  if (typeof screen === 'function') {\n    cb = screen;\n  } else if (typeof screen === 'object' && screen !== null) {\n    if (typeof screen.single === 'boolean')\n      cfg.single = screen.single;\n    if (typeof screen.screen === 'number')\n      cfg.screen = screen.screen;\n    if (typeof screen.protocol === 'string')\n      cfg.protocol = screen.protocol;\n    if (typeof screen.cookie === 'string')\n      cfg.cookie = screen.cookie;\n    else if (Buffer.isBuffer(screen.cookie))\n      cfg.cookie = screen.cookie.hexSlice(0, screen.cookie.length);\n  }\n  if (cfg.cookie === undefined)\n    cfg.cookie = randomCookie();\n\n  const wantReply = (typeof cb === 'function');\n\n  if (chan.outgoing.state !== 'open') {\n    if (wantReply)\n      cb(new Error('Channel is not open'));\n    return;\n  }\n\n  if (wantReply) {\n    chan._callbacks.push((had_err) => {\n      if (had_err) {\n        cb(had_err !== true ? had_err : new Error('Unable to request X11'));\n        return;\n      }\n\n      chan._hasX11 = true;\n      ++chan._client._acceptX11;\n      chan.once('close', () => {\n        if (chan._client._acceptX11)\n          --chan._client._acceptX11;\n      });\n\n      cb();\n    });\n  }\n\n  chan._client._protocol.x11Forward(chan.outgoing.id, cfg, wantReply);\n}\n\nfunction reqPty(chan, opts, cb) {\n  let rows = 24;\n  let cols = 80;\n  let width = 640;\n  let height = 480;\n  let term = 'vt100';\n  let modes = null;\n\n  if (typeof opts === 'function') {\n    cb = opts;\n  } else if (typeof opts === 'object' && opts !== null) {\n    if (typeof opts.rows === 'number')\n      rows = opts.rows;\n    if (typeof opts.cols === 'number')\n      cols = opts.cols;\n    if (typeof opts.width === 'number')\n      width = opts.width;\n    if (typeof opts.height === 'number')\n      height = opts.height;\n    if (typeof opts.term === 'string')\n      term = opts.term;\n    if (typeof opts.modes === 'object')\n      modes = opts.modes;\n  }\n\n  const wantReply = (typeof cb === 'function');\n\n  if (chan.outgoing.state !== 'open') {\n    if (wantReply)\n      cb(new Error('Channel is not open'));\n    return;\n  }\n\n  if (wantReply) {\n    chan._callbacks.push((had_err) => {\n      if (had_err) {\n        cb(had_err !== true\n           ? had_err\n           : new Error('Unable to request a pseudo-terminal'));\n        return;\n      }\n      cb();\n    });\n  }\n\n  chan._client._protocol.pty(chan.outgoing.id,\n                             rows,\n                             cols,\n                             height,\n                             width,\n                             term,\n                             modes,\n                             wantReply);\n}\n\nfunction reqAgentFwd(chan, cb) {\n  const wantReply = (typeof cb === 'function');\n\n  if (chan.outgoing.state !== 'open') {\n    wantReply && cb(new Error('Channel is not open'));\n    return;\n  }\n  if (chan._client._agentFwdEnabled) {\n    wantReply && cb(false);\n    return;\n  }\n\n  chan._client._agentFwdEnabled = true;\n\n  chan._callbacks.push((had_err) => {\n    if (had_err) {\n      chan._client._agentFwdEnabled = false;\n      if (wantReply) {\n        cb(had_err !== true\n           ? had_err\n           : new Error('Unable to request agent forwarding'));\n      }\n      return;\n    }\n\n    if (wantReply)\n      cb();\n  });\n\n  chan._client._protocol.openssh_agentForward(chan.outgoing.id, true);\n}\n\nfunction reqShell(chan, cb) {\n  if (chan.outgoing.state !== 'open') {\n    cb(new Error('Channel is not open'));\n    return;\n  }\n\n  chan._callbacks.push((had_err) => {\n    if (had_err) {\n      cb(had_err !== true ? had_err : new Error('Unable to open shell'));\n      return;\n    }\n    chan.subtype = 'shell';\n    cb(undefined, chan);\n  });\n\n  chan._client._protocol.shell(chan.outgoing.id, true);\n}\n\nfunction reqExec(chan, cmd, opts, cb) {\n  if (chan.outgoing.state !== 'open') {\n    cb(new Error('Channel is not open'));\n    return;\n  }\n\n  chan._callbacks.push((had_err) => {\n    if (had_err) {\n      cb(had_err !== true ? had_err : new Error('Unable to exec'));\n      return;\n    }\n    chan.subtype = 'exec';\n    chan.allowHalfOpen = (opts.allowHalfOpen !== false);\n    cb(undefined, chan);\n  });\n\n  chan._client._protocol.exec(chan.outgoing.id, cmd, true);\n}\n\nfunction reqEnv(chan, env) {\n  if (chan.outgoing.state !== 'open')\n    return;\n\n  const keys = Object.keys(env || {});\n\n  for (let i = 0; i < keys.length; ++i) {\n    const key = keys[i];\n    const val = env[key];\n    chan._client._protocol.env(chan.outgoing.id, key, val, false);\n  }\n}\n\nfunction reqSubsystem(chan, name, cb) {\n  if (chan.outgoing.state !== 'open') {\n    cb(new Error('Channel is not open'));\n    return;\n  }\n\n  chan._callbacks.push((had_err) => {\n    if (had_err) {\n      cb(had_err !== true\n         ? had_err\n         : new Error(`Unable to start subsystem: ${name}`));\n      return;\n    }\n    chan.subtype = 'subsystem';\n    cb(undefined, chan);\n  });\n\n  chan._client._protocol.subsystem(chan.outgoing.id, name, true);\n}\n\n// TODO: inline implementation into single call site\nfunction onCHANNEL_OPEN(self, info) {\n  // The server is trying to open a channel with us, this is usually when\n  // we asked the server to forward us connections on some port and now they\n  // are asking us to accept/deny an incoming connection on their side\n\n  let localChan = -1;\n  let reason;\n\n  const accept = () => {\n    const chanInfo = {\n      type: info.type,\n      incoming: {\n        id: localChan,\n        window: MAX_WINDOW,\n        packetSize: PACKET_SIZE,\n        state: 'open'\n      },\n      outgoing: {\n        id: info.sender,\n        window: info.window,\n        packetSize: info.packetSize,\n        state: 'open'\n      }\n    };\n    const stream = new Channel(self, chanInfo);\n    self._chanMgr.update(localChan, stream);\n\n    self._protocol.channelOpenConfirm(info.sender,\n                                      localChan,\n                                      MAX_WINDOW,\n                                      PACKET_SIZE);\n    return stream;\n  };\n  const reject = () => {\n    if (reason === undefined) {\n      if (localChan === -1)\n        reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n      else\n        reason = CHANNEL_OPEN_FAILURE.CONNECT_FAILED;\n    }\n\n    if (localChan !== -1)\n      self._chanMgr.remove(localChan);\n\n    self._protocol.channelOpenFail(info.sender, reason, '');\n  };\n  const reserveChannel = () => {\n    localChan = self._chanMgr.add();\n\n    if (localChan === -1) {\n      reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n      if (self.config.debug) {\n        self.config.debug(\n          'Client: Automatic rejection of incoming channel open: '\n            + 'no channels available'\n        );\n      }\n    }\n\n    return (localChan !== -1);\n  };\n\n  const data = info.data;\n  switch (info.type) {\n    case 'forwarded-tcpip': {\n      const val = self._forwarding[`${data.destIP}:${data.destPort}`];\n      if (val !== undefined && reserveChannel()) {\n        if (data.destPort === 0)\n          data.destPort = val;\n        self.emit('tcp connection', data, accept, reject);\n        return;\n      }\n      break;\n    }\n    case 'forwarded-streamlocal@openssh.com':\n      if (self._forwardingUnix[data.socketPath] !== undefined\n          && reserveChannel()) {\n        self.emit('unix connection', data, accept, reject);\n        return;\n      }\n      break;\n    case 'auth-agent@openssh.com':\n      if (self._agentFwdEnabled\n          && typeof self._agent.getStream === 'function'\n          && reserveChannel()) {\n        self._agent.getStream((err, stream) => {\n          if (err)\n            return reject();\n\n          const upstream = accept();\n          upstream.pipe(stream).pipe(upstream);\n        });\n        return;\n      }\n      break;\n    case 'x11':\n      if (self._acceptX11 !== 0 && reserveChannel()) {\n        self.emit('x11', data, accept, reject);\n        return;\n      }\n      break;\n    default:\n      // Automatically reject any unsupported channel open requests\n      reason = CHANNEL_OPEN_FAILURE.UNKNOWN_CHANNEL_TYPE;\n      if (self.config.debug) {\n        self.config.debug(\n          'Client: Automatic rejection of unsupported incoming channel open '\n            + `type: ${info.type}`\n        );\n      }\n  }\n\n  if (reason === undefined) {\n    reason = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n    if (self.config.debug) {\n       self.config.debug(\n        'Client: Automatic rejection of unexpected incoming channel open for: '\n          + info.type\n      );\n    }\n  }\n\n  reject();\n}\n\nconst randomCookie = (() => {\n  const buffer = Buffer.allocUnsafe(16);\n  return () => {\n    randomFillSync(buffer, 0, 16);\n    return buffer.hexSlice(0, 16);\n  };\n})();\n\nfunction makeSimpleAuthHandler(authList) {\n  if (!Array.isArray(authList))\n    throw new Error('authList must be an array');\n\n  let a = 0;\n  return (authsLeft, partialSuccess, cb) => {\n    if (a === authList.length)\n      return false;\n    return authList[a++];\n  };\n}\n\nfunction hostKeysProve(client, keys_, cb) {\n  if (!client._sock || !isWritable(client._sock))\n    return;\n\n  if (typeof cb !== 'function')\n    cb = noop;\n\n  if (!Array.isArray(keys_))\n    throw new TypeError('Invalid keys argument type');\n\n  const keys = [];\n  for (const key of keys_) {\n    const parsed = parseKey(key);\n    if (parsed instanceof Error)\n      throw parsed;\n    keys.push(parsed);\n  }\n\n  if (!client.config.strictVendor\n      || (client.config.strictVendor && RE_OPENSSH.test(client._remoteVer))) {\n    client._callbacks.push((had_err, data) => {\n      if (had_err) {\n        cb(had_err !== true\n           ? had_err\n           : new Error('Server failed to prove supplied keys'));\n        return;\n      }\n\n      // TODO: move all of this parsing/verifying logic out of the client?\n      const ret = [];\n      let keyIdx = 0;\n      bufferParser.init(data, 0);\n      while (bufferParser.avail()) {\n        if (keyIdx === keys.length)\n          break;\n        const key = keys[keyIdx++];\n        const keyPublic = key.getPublicSSH();\n\n        const sigEntry = bufferParser.readString();\n        sigParser.init(sigEntry, 0);\n        const type = sigParser.readString(true);\n        let value = sigParser.readString();\n\n        let algo;\n        if (type !== key.type) {\n          if (key.type === 'ssh-rsa') {\n            switch (type) {\n              case 'rsa-sha2-256':\n                algo = 'sha256';\n                break;\n              case 'rsa-sha2-512':\n                algo = 'sha512';\n                break;\n              default:\n                continue;\n            }\n          } else {\n            continue;\n          }\n        }\n\n        const sessionID = client._protocol._kex.sessionID;\n        const verifyData = Buffer.allocUnsafe(\n          4 + 29 + 4 + sessionID.length + 4 + keyPublic.length\n        );\n        let p = 0;\n        writeUInt32BE(verifyData, 29, p);\n        verifyData.utf8Write('hostkeys-prove-00@openssh.com', p += 4, 29);\n        writeUInt32BE(verifyData, sessionID.length, p += 29);\n        bufferCopy(sessionID, verifyData, 0, sessionID.length, p += 4);\n        writeUInt32BE(verifyData, keyPublic.length, p += sessionID.length);\n        bufferCopy(keyPublic, verifyData, 0, keyPublic.length, p += 4);\n\n        if (!(value = sigSSHToASN1(value, type)))\n          continue;\n        if (key.verify(verifyData, value, algo) === true)\n          ret.push(key);\n      }\n      sigParser.clear();\n      bufferParser.clear();\n\n      cb(null, ret);\n    });\n\n    client._protocol.openssh_hostKeysProve(keys);\n    return;\n  }\n\n  process.nextTick(\n    cb,\n    new Error(\n      'strictVendor enabled and server is not OpenSSH or compatible version'\n    )\n  );\n}\n\nmodule.exports = Client;\n","'use strict';\n\nconst { Agent: HttpAgent } = require('http');\nconst { Agent: HttpsAgent } = require('https');\nconst { connect: tlsConnect } = require('tls');\n\nlet Client;\n\nfor (const ctor of [HttpAgent, HttpsAgent]) {\n  class SSHAgent extends ctor {\n    constructor(connectCfg, agentOptions) {\n      super(agentOptions);\n\n      this._connectCfg = connectCfg;\n      this._defaultSrcIP = (agentOptions && agentOptions.srcIP) || 'localhost';\n    }\n\n    createConnection(options, cb) {\n      const srcIP = (options && options.localAddress) || this._defaultSrcIP;\n      const srcPort = (options && options.localPort) || 0;\n      const dstIP = options.host;\n      const dstPort = options.port;\n\n      if (Client === undefined)\n        Client = require('./client.js');\n\n      const client = new Client();\n      let triedForward = false;\n      client.on('ready', () => {\n        client.forwardOut(srcIP, srcPort, dstIP, dstPort, (err, stream) => {\n          triedForward = true;\n          if (err) {\n            client.end();\n            return cb(err);\n          }\n          stream.once('close', () => client.end());\n          cb(null, decorateStream(stream, ctor, options));\n        });\n      }).on('error', cb).on('close', () => {\n        if (!triedForward)\n          cb(new Error('Unexpected connection close'));\n      }).connect(this._connectCfg);\n    }\n  }\n\n  exports[ctor === HttpAgent ? 'SSHTTPAgent' : 'SSHTTPSAgent'] = SSHAgent;\n}\n\nfunction noop() {}\n\nfunction decorateStream(stream, ctor, options) {\n  if (ctor === HttpAgent) {\n    // HTTP\n    stream.setKeepAlive = noop;\n    stream.setNoDelay = noop;\n    stream.setTimeout = noop;\n    stream.ref = noop;\n    stream.unref = noop;\n    stream.destroySoon = stream.destroy;\n    return stream;\n  }\n\n  // HTTPS\n  options.socket = stream;\n  const wrapped = tlsConnect(options);\n\n  // This is a workaround for a regression in node v12.16.3+\n  // https://github.com/nodejs/node/issues/35904\n  const onClose = (() => {\n    let called = false;\n    return () => {\n      if (called)\n        return;\n      called = true;\n      if (stream.isPaused())\n        stream.resume();\n    };\n  })();\n  // 'end' listener is needed because 'close' is not emitted in some scenarios\n  // in node v12.x for some unknown reason\n  wrapped.on('end', onClose).on('close', onClose);\n\n  return wrapped;\n}\n","'use strict';\n\nconst {\n  AgentProtocol,\n  BaseAgent,\n  createAgent,\n  CygwinAgent,\n  OpenSSHAgent,\n  PageantAgent,\n} = require('./agent.js');\nconst {\n  SSHTTPAgent: HTTPAgent,\n  SSHTTPSAgent: HTTPSAgent,\n} = require('./http-agents.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst {\n  flagsToString,\n  OPEN_MODE,\n  STATUS_CODE,\n  stringToFlags,\n} = require('./protocol/SFTP.js');\n\nmodule.exports = {\n  AgentProtocol,\n  BaseAgent,\n  createAgent,\n  Client: require('./client.js'),\n  CygwinAgent,\n  HTTPAgent,\n  HTTPSAgent,\n  OpenSSHAgent,\n  PageantAgent,\n  Server: require('./server.js'),\n  utils: {\n    parseKey,\n    sftp: {\n      flagsToString,\n      OPEN_MODE,\n      STATUS_CODE,\n      stringToFlags,\n    },\n  },\n};\n","/*\n  TODO:\n    * Replace `buffer._pos` usage in keyParser.js and elsewhere\n    * Utilize optional \"writev\" support when writing packets from\n      cipher.encrypt()\n    * Built-in support for automatic re-keying, on by default\n    * Revisit receiving unexpected/unknown packets\n      * Error (fatal or otherwise) or ignore or pass on to user (in some or all\n        cases)?\n      * Including server/client check for single directional packet types?\n      * Check packets for validity or bail as early as possible?\n    * Automatic re-key every 2**31 packets after the last key exchange (sent or\n      received), as suggested by RFC4344. OpenSSH currently does this.\n    * Automatic re-key every so many blocks depending on cipher. RFC4344:\n         Because of a birthday property of block ciphers and some modes of\n         operation, implementations must be careful not to encrypt too many\n         blocks with the same encryption key.\n\n         Let L be the block length (in bits) of an SSH encryption method's\n         block cipher (e.g., 128 for AES).  If L is at least 128, then, after\n         rekeying, an SSH implementation SHOULD NOT encrypt more than 2**(L/4)\n         blocks before rekeying again.  If L is at least 128, then SSH\n         implementations should also attempt to force a rekey before receiving\n         more than 2**(L/4) blocks.  If L is less than 128 (which is the case\n         for older ciphers such as 3DES, Blowfish, CAST-128, and IDEA), then,\n         although it may be too expensive to rekey every 2**(L/4) blocks, it\n         is still advisable for SSH implementations to follow the original\n         recommendation in [RFC4253]: rekey at least once for every gigabyte\n         of transmitted data.\n\n         Note that if L is less than or equal to 128, then the recommendation\n         in this subsection supersedes the recommendation in Section 3.1.  If\n         an SSH implementation uses a block cipher with a larger block size\n         (e.g., Rijndael with 256-bit blocks), then the recommendations in\n         Section 3.1 may supersede the recommendations in this subsection\n         (depending on the lengths of the packets).\n*/\n\n'use strict';\n\nconst { inspect } = require('util');\n\nconst { bindingAvailable, NullCipher, NullDecipher } = require('./crypto.js');\nconst {\n  COMPAT_CHECKS,\n  DISCONNECT_REASON,\n  MESSAGE,\n  SIGNALS,\n  TERMINAL_MODE,\n} = require('./constants.js');\nconst {\n  DEFAULT_KEXINIT,\n  KexInit,\n  kexinit,\n  onKEXPayload,\n} = require('./kex.js');\nconst {\n  parseKey,\n} = require('./keyParser.js');\nconst MESSAGE_HANDLERS = require('./handlers.js');\nconst {\n  bufferCopy,\n  bufferFill,\n  bufferSlice,\n  convertSignature,\n  sendPacket,\n  writeUInt32BE,\n} = require('./utils.js');\nconst {\n  PacketReader,\n  PacketWriter,\n  ZlibPacketReader,\n  ZlibPacketWriter,\n} = require('./zlib.js');\n\nconst MODULE_VER = require('../../package.json').version;\n\nconst VALID_DISCONNECT_REASONS = new Map(\n  Object.values(DISCONNECT_REASON).map((n) => [n, 1])\n);\nconst IDENT_RAW = Buffer.from(`SSH-2.0-ssh2js${MODULE_VER}`);\nconst IDENT = Buffer.from(`${IDENT_RAW}\\r\\n`);\nconst MAX_LINE_LEN = 8192;\nconst MAX_LINES = 1024;\nconst PING_PAYLOAD = Buffer.from([\n  MESSAGE.GLOBAL_REQUEST,\n  // \"keepalive@openssh.com\"\n  0, 0, 0, 21,\n    107, 101, 101, 112, 97, 108, 105, 118, 101, 64, 111, 112, 101, 110, 115,\n    115, 104, 46, 99, 111, 109,\n  // Request a reply\n  1,\n]);\nconst NO_TERMINAL_MODES_BUFFER = Buffer.from([ TERMINAL_MODE.TTY_OP_END ]);\n\nfunction noop() {}\n\n/*\n  Inbound:\n    * kexinit payload (needed only until exchange hash is generated)\n    * raw ident\n    * rekey packet queue\n    * expected packet (implemented as separate _parse() function?)\n  Outbound:\n    * kexinit payload (needed only until exchange hash is generated)\n    * rekey packet queue\n    * kex secret (needed only until NEWKEYS)\n    * exchange hash (needed only until NEWKEYS)\n    * session ID (set to exchange hash from initial handshake)\n*/\nclass Protocol {\n  constructor(config) {\n    const onWrite = config.onWrite;\n    if (typeof onWrite !== 'function')\n      throw new Error('Missing onWrite function');\n    this._onWrite = (data) => { onWrite(data); };\n\n    const onError = config.onError;\n    if (typeof onError !== 'function')\n      throw new Error('Missing onError function');\n    this._onError = (err) => { onError(err); };\n\n    const debug = config.debug;\n    this._debug = (typeof debug === 'function'\n                   ? (msg) => { debug(msg); }\n                   : undefined);\n\n    const onHeader = config.onHeader;\n    this._onHeader = (typeof onHeader === 'function'\n                      ? (...args) => { onHeader(...args); }\n                      : noop);\n\n    const onPacket = config.onPacket;\n    this._onPacket = (typeof onPacket === 'function'\n                      ? () => { onPacket(); }\n                      : noop);\n\n    let onHandshakeComplete = config.onHandshakeComplete;\n    if (typeof onHandshakeComplete !== 'function')\n      onHandshakeComplete = noop;\n    this._onHandshakeComplete = (...args) => {\n      this._debug && this._debug('Handshake completed');\n\n      // Process packets queued during a rekey where necessary\n      const oldQueue = this._queue;\n      if (oldQueue) {\n        this._queue = undefined;\n        this._debug && this._debug(\n          `Draining outbound queue (${oldQueue.length}) ...`\n        );\n        for (let i = 0; i < oldQueue.length; ++i) {\n          const data = oldQueue[i];\n          // data === payload only\n\n          // XXX: hacky\n          let finalized = this._packetRW.write.finalize(data);\n          if (finalized === data) {\n            const packet = this._cipher.allocPacket(data.length);\n            packet.set(data, 5);\n            finalized = packet;\n          }\n\n          sendPacket(this, finalized);\n        }\n        this._debug && this._debug('... finished draining outbound queue');\n      }\n\n      onHandshakeComplete(...args);\n    };\n    this._queue = undefined;\n\n    const messageHandlers = config.messageHandlers;\n    if (typeof messageHandlers === 'object' && messageHandlers !== null)\n      this._handlers = messageHandlers;\n    else\n      this._handlers = {};\n\n    this._onPayload = onPayload.bind(this);\n\n    this._server = !!config.server;\n    this._banner = undefined;\n    let greeting;\n    if (this._server) {\n      if (typeof config.hostKeys !== 'object' || config.hostKeys === null)\n        throw new Error('Missing server host key(s)');\n      this._hostKeys = config.hostKeys;\n\n      // Greeting displayed before the ssh identification string is sent, this\n      // is usually ignored by most clients\n      if (typeof config.greeting === 'string' && config.greeting.length) {\n        greeting = (config.greeting.slice(-2) === '\\r\\n'\n                    ? config.greeting\n                    : `${config.greeting}\\r\\n`);\n      }\n\n      // Banner shown after the handshake completes, but before user\n      // authentication begins\n      if (typeof config.banner === 'string' && config.banner.length) {\n        this._banner = (config.banner.slice(-2) === '\\r\\n'\n                        ? config.banner\n                        : `${config.banner}\\r\\n`);\n      }\n    } else {\n      this._hostKeys = undefined;\n    }\n\n    let offer = config.offer;\n    if (typeof offer !== 'object' || offer === null)\n      offer = DEFAULT_KEXINIT;\n    else if (offer.constructor !== KexInit)\n      offer = new KexInit(offer);\n    this._kex = undefined;\n    this._kexinit = undefined;\n    this._offer = offer;\n    this._cipher = new NullCipher(0, this._onWrite);\n    this._decipher = undefined;\n    this._skipNextInboundPacket = false;\n    this._packetRW = {\n      read: new PacketReader(),\n      write: new PacketWriter(this),\n    };\n    this._hostVerifier = (!this._server\n                           && typeof config.hostVerifier === 'function'\n                          ? config.hostVerifier\n                          : undefined);\n\n    this._parse = parseHeader;\n    this._buffer = undefined;\n    this._authsQueue = [];\n    this._authenticated = false;\n    this._remoteIdentRaw = undefined;\n    let sentIdent;\n    if (typeof config.ident === 'string') {\n      this._identRaw = Buffer.from(`SSH-2.0-${config.ident}`);\n\n      sentIdent = Buffer.allocUnsafe(this._identRaw.length + 2);\n      sentIdent.set(this._identRaw, 0);\n      sentIdent[sentIdent.length - 2] = 13; // '\\r'\n      sentIdent[sentIdent.length - 1] = 10; // '\\n'\n    } else if (Buffer.isBuffer(config.ident)) {\n      const fullIdent = Buffer.allocUnsafe(8 + config.ident.length);\n      fullIdent.latin1Write('SSH-2.0-', 0, 8);\n      fullIdent.set(config.ident, 8);\n      this._identRaw = fullIdent;\n\n      sentIdent = Buffer.allocUnsafe(fullIdent.length + 2);\n      sentIdent.set(fullIdent, 0);\n      sentIdent[sentIdent.length - 2] = 13; // '\\r'\n      sentIdent[sentIdent.length - 1] = 10; // '\\n'\n    } else {\n      this._identRaw = IDENT_RAW;\n      sentIdent = IDENT;\n    }\n    this._compatFlags = 0;\n\n    if (this._debug) {\n      if (bindingAvailable)\n        this._debug('Custom crypto binding available');\n      else\n        this._debug('Custom crypto binding not available');\n    }\n\n    this._debug && this._debug(\n      `Local ident: ${inspect(this._identRaw.toString())}`\n    );\n    this.start = () => {\n      this.start = undefined;\n      if (greeting)\n        this._onWrite(greeting);\n      this._onWrite(sentIdent);\n    };\n  }\n  _destruct(reason) {\n    this._packetRW.read.cleanup();\n    this._packetRW.write.cleanup();\n    this._cipher && this._cipher.free();\n    this._decipher && this._decipher.free();\n    if (typeof reason !== 'string' || reason.length === 0)\n      reason = 'fatal error';\n    this.parse = () => {\n      throw new Error(`Instance unusable after ${reason}`);\n    };\n    this._onWrite = () => {\n      throw new Error(`Instance unusable after ${reason}`);\n    };\n    this._destruct = undefined;\n  }\n  cleanup() {\n    this._destruct && this._destruct();\n  }\n  parse(chunk, i, len) {\n    while (i < len)\n      i = this._parse(chunk, i, len);\n  }\n\n  // Protocol message API\n\n  // ===========================================================================\n  // Common/Shared =============================================================\n  // ===========================================================================\n\n  // Global\n  // ------\n  disconnect(reason) {\n    const pktLen = 1 + 4 + 4 + 4;\n    // We don't use _packetRW.write.* here because we need to make sure that\n    // we always get a full packet allocated because this message can be sent\n    // at any time -- even during a key exchange\n    let p = this._packetRW.write.allocStartKEX;\n    const packet = this._packetRW.write.alloc(pktLen, true);\n    const end = p + pktLen;\n\n    if (!VALID_DISCONNECT_REASONS.has(reason))\n      reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n\n    packet[p] = MESSAGE.DISCONNECT;\n    writeUInt32BE(packet, reason, ++p);\n    packet.fill(0, p += 4, end);\n\n    this._debug && this._debug(`Outbound: Sending DISCONNECT (${reason})`);\n    sendPacket(this, this._packetRW.write.finalize(packet, true), true);\n  }\n  ping() {\n    const p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(PING_PAYLOAD.length);\n\n    packet.set(PING_PAYLOAD, p);\n\n    this._debug && this._debug(\n      'Outbound: Sending ping (GLOBAL_REQUEST: keepalive@openssh.com)'\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  rekey() {\n    if (this._kexinit === undefined) {\n      this._debug && this._debug('Outbound: Initiated explicit rekey');\n      this._queue = [];\n      kexinit(this);\n    } else {\n      this._debug && this._debug('Outbound: Ignoring rekey during handshake');\n    }\n  }\n\n  // 'ssh-connection' service-specific\n  // ---------------------------------\n  requestSuccess(data) {\n    let p = this._packetRW.write.allocStart;\n    let packet;\n    if (Buffer.isBuffer(data)) {\n      packet = this._packetRW.write.alloc(1 + data.length);\n\n      packet[p] = MESSAGE.REQUEST_SUCCESS;\n\n      packet.set(data, ++p);\n    } else {\n      packet = this._packetRW.write.alloc(1);\n\n      packet[p] = MESSAGE.REQUEST_SUCCESS;\n    }\n\n    this._debug && this._debug('Outbound: Sending REQUEST_SUCCESS');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  requestFailure() {\n    const p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1);\n\n    packet[p] = MESSAGE.REQUEST_FAILURE;\n\n    this._debug && this._debug('Outbound: Sending REQUEST_FAILURE');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelSuccess(chan) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_SUCCESS;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    this._debug && this._debug(`Outbound: Sending CHANNEL_SUCCESS (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelFailure(chan) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_FAILURE;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    this._debug && this._debug(`Outbound: Sending CHANNEL_FAILURE (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelEOF(chan) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_EOF;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    this._debug && this._debug(`Outbound: Sending CHANNEL_EOF (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelClose(chan) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_CLOSE;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    this._debug && this._debug(`Outbound: Sending CHANNEL_CLOSE (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelWindowAdjust(chan, amount) {\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_WINDOW_ADJUST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, amount, p += 4);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_WINDOW_ADJUST (r:${chan}, ${amount})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelData(chan, data) {\n    const isBuffer = Buffer.isBuffer(data);\n    const dataLen = (isBuffer ? data.length : Buffer.byteLength(data));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + dataLen);\n\n    packet[p] = MESSAGE.CHANNEL_DATA;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, dataLen, p += 4);\n\n    if (isBuffer)\n      packet.set(data, p += 4);\n    else\n      packet.utf8Write(data, p += 4, dataLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_DATA (r:${chan}, ${dataLen})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelExtData(chan, data, type) {\n    const isBuffer = Buffer.isBuffer(data);\n    const dataLen = (isBuffer ? data.length : Buffer.byteLength(data));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + dataLen);\n\n    packet[p] = MESSAGE.CHANNEL_EXTENDED_DATA;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, type, p += 4);\n\n    writeUInt32BE(packet, dataLen, p += 4);\n\n    if (isBuffer)\n      packet.set(data, p += 4);\n    else\n      packet.utf8Write(data, p += 4, dataLen);\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_EXTENDED_DATA (r:${chan})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelOpenConfirm(remote, local, initWindow, maxPacket) {\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_OPEN_CONFIRMATION;\n\n    writeUInt32BE(packet, remote, ++p);\n\n    writeUInt32BE(packet, local, p += 4);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN_CONFIRMATION (r:${remote}, l:${local})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  channelOpenFail(remote, reason, desc) {\n    if (typeof desc !== 'string')\n      desc = '';\n\n    const descLen = Buffer.byteLength(desc);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + descLen + 4);\n\n    packet[p] = MESSAGE.CHANNEL_OPEN_FAILURE;\n\n    writeUInt32BE(packet, remote, ++p);\n\n    writeUInt32BE(packet, reason, p += 4);\n\n    writeUInt32BE(packet, descLen, p += 4);\n\n    p += 4;\n    if (descLen) {\n      packet.utf8Write(desc, p, descLen);\n      p += descLen;\n    }\n\n    writeUInt32BE(packet, 0, p); // Empty language tag\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_OPEN_FAILURE (r:${remote})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n\n  // ===========================================================================\n  // Client-specific ===========================================================\n  // ===========================================================================\n\n  // Global\n  // ------\n  service(name) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const nameLen = Buffer.byteLength(name);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + nameLen);\n\n    packet[p] = MESSAGE.SERVICE_REQUEST;\n\n    writeUInt32BE(packet, nameLen, ++p);\n    packet.utf8Write(name, p += 4, nameLen);\n\n    this._debug && this._debug(`Outbound: Sending SERVICE_REQUEST (${name})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n\n  // 'ssh-userauth' service-specific\n  // -------------------------------\n  authPassword(username, password, newPassword) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const userLen = Buffer.byteLength(username);\n    const passLen = Buffer.byteLength(password);\n    const newPassLen = (newPassword ? Buffer.byteLength(newPassword) : 0);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + userLen + 4 + 14 + 4 + 8 + 1 + 4 + passLen\n        + (newPassword ? 4 + newPassLen : 0)\n    );\n\n    packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(packet, userLen, ++p);\n    packet.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(packet, 14, p += userLen);\n    packet.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(packet, 8, p += 14);\n    packet.utf8Write('password', p += 4, 8);\n\n    packet[p += 8] = (newPassword ? 1 : 0);\n\n    writeUInt32BE(packet, passLen, ++p);\n    if (Buffer.isBuffer(password))\n      bufferCopy(password, packet, 0, passLen, p += 4);\n    else\n      packet.utf8Write(password, p += 4, passLen);\n\n    if (newPassword) {\n      writeUInt32BE(packet, newPassLen, p += passLen);\n      if (Buffer.isBuffer(newPassword))\n        bufferCopy(newPassword, packet, 0, newPassLen, p += 4);\n      else\n        packet.utf8Write(newPassword, p += 4, newPassLen);\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (changed password)'\n      );\n    } else {\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (password)'\n      );\n    }\n\n    this._authsQueue.push('password');\n\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authPK(username, pubKey, cbSign) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    pubKey = parseKey(pubKey);\n    if (pubKey instanceof Error)\n      throw new Error('Invalid key');\n\n    const keyType = pubKey.type;\n    pubKey = pubKey.getPublicSSH();\n\n    const userLen = Buffer.byteLength(username);\n    const algoLen = Buffer.byteLength(keyType);\n    const pubKeyLen = pubKey.length;\n    const sessionID = this._kex.sessionID;\n    const sesLen = sessionID.length;\n    const payloadLen =\n      (cbSign ? 4 + sesLen : 0)\n        + 1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen;\n    let packet;\n    let p;\n    if (cbSign) {\n      packet = Buffer.allocUnsafe(payloadLen);\n      p = 0;\n      writeUInt32BE(packet, sesLen, p);\n      packet.set(sessionID, p += 4);\n      p += sesLen;\n    } else {\n      packet = this._packetRW.write.alloc(payloadLen);\n      p = this._packetRW.write.allocStart;\n    }\n\n    packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(packet, userLen, ++p);\n    packet.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(packet, 14, p += userLen);\n    packet.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(packet, 9, p += 14);\n    packet.utf8Write('publickey', p += 4, 9);\n\n    packet[p += 9] = (cbSign ? 1 : 0);\n\n    writeUInt32BE(packet, algoLen, ++p);\n    packet.utf8Write(keyType, p += 4, algoLen);\n\n    writeUInt32BE(packet, pubKeyLen, p += algoLen);\n    packet.set(pubKey, p += 4);\n\n    if (!cbSign) {\n      this._authsQueue.push('publickey');\n\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (publickey -- check)'\n      );\n      sendPacket(this, this._packetRW.write.finalize(packet));\n      return;\n    }\n\n    cbSign(packet, (signature) => {\n      signature = convertSignature(signature, keyType);\n      if (signature === false)\n        throw new Error('Error while converting handshake signature');\n\n      const sigLen = signature.length;\n      p = this._packetRW.write.allocStart;\n      packet = this._packetRW.write.alloc(\n        1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen + 4\n          + 4 + algoLen + 4 + sigLen\n      );\n\n      // TODO: simply copy from original \"packet\" to new `packet` to avoid\n      // having to write each individual field a second time?\n      packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n      writeUInt32BE(packet, userLen, ++p);\n      packet.utf8Write(username, p += 4, userLen);\n\n      writeUInt32BE(packet, 14, p += userLen);\n      packet.utf8Write('ssh-connection', p += 4, 14);\n\n      writeUInt32BE(packet, 9, p += 14);\n      packet.utf8Write('publickey', p += 4, 9);\n\n      packet[p += 9] = 1;\n\n      writeUInt32BE(packet, algoLen, ++p);\n      packet.utf8Write(keyType, p += 4, algoLen);\n\n      writeUInt32BE(packet, pubKeyLen, p += algoLen);\n      packet.set(pubKey, p += 4);\n\n      writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += pubKeyLen);\n\n      writeUInt32BE(packet, algoLen, p += 4);\n      packet.utf8Write(keyType, p += 4, algoLen);\n\n      writeUInt32BE(packet, sigLen, p += algoLen);\n      packet.set(signature, p += 4);\n\n      // Servers shouldn't send packet type 60 in response to signed publickey\n      // attempts, but if they do, interpret as type 60.\n      this._authsQueue.push('publickey');\n\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (publickey)'\n      );\n      sendPacket(this, this._packetRW.write.finalize(packet));\n    });\n  }\n  authHostbased(username, pubKey, hostname, userlocal, cbSign) {\n    // TODO: Make DRY by sharing similar code with authPK()\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    pubKey = parseKey(pubKey);\n    if (pubKey instanceof Error)\n      throw new Error('Invalid key');\n\n    const keyType = pubKey.type;\n    pubKey = pubKey.getPublicSSH();\n\n    const userLen = Buffer.byteLength(username);\n    const algoLen = Buffer.byteLength(keyType);\n    const pubKeyLen = pubKey.length;\n    const sessionID = this._kex.sessionID;\n    const sesLen = sessionID.length;\n    const hostnameLen = Buffer.byteLength(hostname);\n    const userlocalLen = Buffer.byteLength(userlocal);\n    const data = Buffer.allocUnsafe(\n      4 + sesLen + 1 + 4 + userLen + 4 + 14 + 4 + 9 + 4 + algoLen\n        + 4 + pubKeyLen + 4 + hostnameLen + 4 + userlocalLen\n    );\n    let p = 0;\n\n    writeUInt32BE(data, sesLen, p);\n    data.set(sessionID, p += 4);\n\n    data[p += sesLen] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(data, userLen, ++p);\n    data.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(data, 14, p += userLen);\n    data.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(data, 9, p += 14);\n    data.utf8Write('hostbased', p += 4, 9);\n\n    writeUInt32BE(data, algoLen, p += 9);\n    data.utf8Write(keyType, p += 4, algoLen);\n\n    writeUInt32BE(data, pubKeyLen, p += algoLen);\n    data.set(pubKey, p += 4);\n\n    writeUInt32BE(data, hostnameLen, p += pubKeyLen);\n    data.utf8Write(hostname, p += 4, hostnameLen);\n\n    writeUInt32BE(data, userlocalLen, p += hostnameLen);\n    data.utf8Write(userlocal, p += 4, userlocalLen);\n\n    cbSign(data, (signature) => {\n      signature = convertSignature(signature, keyType);\n      if (!signature)\n        throw new Error('Error while converting handshake signature');\n\n      const sigLen = signature.length;\n      const reqDataLen = (data.length - sesLen - 4);\n      p = this._packetRW.write.allocStart;\n      const packet = this._packetRW.write.alloc(\n        reqDataLen + 4 + 4 + algoLen + 4 + sigLen\n      );\n\n      bufferCopy(data, packet, 4 + sesLen, data.length, p);\n\n      writeUInt32BE(packet, 4 + algoLen + 4 + sigLen, p += reqDataLen);\n      writeUInt32BE(packet, algoLen, p += 4);\n      packet.utf8Write(keyType, p += 4, algoLen);\n      writeUInt32BE(packet, sigLen, p += algoLen);\n      packet.set(signature, p += 4);\n\n      this._authsQueue.push('hostbased');\n\n      this._debug && this._debug(\n        'Outbound: Sending USERAUTH_REQUEST (hostbased)'\n      );\n      sendPacket(this, this._packetRW.write.finalize(packet));\n    });\n  }\n  authKeyboard(username) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const userLen = Buffer.byteLength(username);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + userLen + 4 + 14 + 4 + 20 + 4 + 4\n    );\n\n    packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(packet, userLen, ++p);\n    packet.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(packet, 14, p += userLen);\n    packet.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(packet, 20, p += 14);\n    packet.utf8Write('keyboard-interactive', p += 4, 20);\n\n    writeUInt32BE(packet, 0, p += 20);\n\n    writeUInt32BE(packet, 0, p += 4);\n\n    this._authsQueue.push('keyboard-interactive');\n\n    this._debug && this._debug(\n      'Outbound: Sending USERAUTH_REQUEST (keyboard-interactive)'\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authNone(username) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const userLen = Buffer.byteLength(username);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + userLen + 4 + 14 + 4 + 4);\n\n    packet[p] = MESSAGE.USERAUTH_REQUEST;\n\n    writeUInt32BE(packet, userLen, ++p);\n    packet.utf8Write(username, p += 4, userLen);\n\n    writeUInt32BE(packet, 14, p += userLen);\n    packet.utf8Write('ssh-connection', p += 4, 14);\n\n    writeUInt32BE(packet, 4, p += 14);\n    packet.utf8Write('none', p += 4, 4);\n\n    this._authsQueue.push('none');\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_REQUEST (none)');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authInfoRes(responses) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    let responsesTotalLen = 0;\n    let responseLens;\n\n    if (responses) {\n      responseLens = new Array(responses.length);\n      for (let i = 0; i < responses.length; ++i) {\n        const len = Buffer.byteLength(responses[i]);\n        responseLens[i] = len;\n        responsesTotalLen += 4 + len;\n      }\n    }\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + responsesTotalLen);\n\n    packet[p] = MESSAGE.USERAUTH_INFO_RESPONSE;\n\n    if (responses) {\n      writeUInt32BE(packet, responses.length, ++p);\n      p += 4;\n      for (let i = 0; i < responses.length; ++i) {\n        const len = responseLens[i];\n        writeUInt32BE(packet, len, p);\n        p += 4;\n        if (len) {\n          packet.utf8Write(responses[i], p, len);\n          p += len;\n        }\n      }\n    } else {\n      writeUInt32BE(packet, 0, ++p);\n    }\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_INFO_RESPONSE');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n\n  // 'ssh-connection' service-specific\n  // ---------------------------------\n  tcpipForward(bindAddr, bindPort, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const addrLen = Buffer.byteLength(bindAddr);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 13 + 1 + 4 + addrLen + 4);\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 13, ++p);\n    packet.utf8Write('tcpip-forward', p += 4, 13);\n\n    packet[p += 13] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, addrLen, ++p);\n    packet.utf8Write(bindAddr, p += 4, addrLen);\n\n    writeUInt32BE(packet, bindPort, p += addrLen);\n\n    this._debug\n      && this._debug('Outbound: Sending GLOBAL_REQUEST (tcpip-forward)');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  cancelTcpipForward(bindAddr, bindPort, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const addrLen = Buffer.byteLength(bindAddr);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 20 + 1 + 4 + addrLen + 4);\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 20, ++p);\n    packet.utf8Write('cancel-tcpip-forward', p += 4, 20);\n\n    packet[p += 20] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, addrLen, ++p);\n    packet.utf8Write(bindAddr, p += 4, addrLen);\n\n    writeUInt32BE(packet, bindPort, p += addrLen);\n\n    this._debug\n      && this._debug('Outbound: Sending GLOBAL_REQUEST (cancel-tcpip-forward)');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_streamLocalForward(socketPath, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const socketPathLen = Buffer.byteLength(socketPath);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 31 + 1 + 4 + socketPathLen\n    );\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 31, ++p);\n    packet.utf8Write('streamlocal-forward@openssh.com', p += 4, 31);\n\n    packet[p += 31] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, socketPathLen, ++p);\n    packet.utf8Write(socketPath, p += 4, socketPathLen);\n\n    this._debug && this._debug(\n      'Outbound: Sending GLOBAL_REQUEST (streamlocal-forward@openssh.com)'\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_cancelStreamLocalForward(socketPath, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const socketPathLen = Buffer.byteLength(socketPath);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 38 + 1 + 4 + socketPathLen\n    );\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 38, ++p);\n    packet.utf8Write('cancel-streamlocal-forward@openssh.com', p += 4, 38);\n\n    packet[p += 38] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, socketPathLen, ++p);\n    packet.utf8Write(socketPath, p += 4, socketPathLen);\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending GLOBAL_REQUEST '\n          + '(cancel-streamlocal-forward@openssh.com)'\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  directTcpip(chan, initWindow, maxPacket, cfg) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const srcLen = Buffer.byteLength(cfg.srcIP);\n    const dstLen = Buffer.byteLength(cfg.dstIP);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 12 + 4 + 4 + 4 + 4 + srcLen + 4 + 4 + dstLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 12, ++p);\n    packet.utf8Write('direct-tcpip', p += 4, 12);\n\n    writeUInt32BE(packet, chan, p += 12);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, dstLen, p += 4);\n    packet.utf8Write(cfg.dstIP, p += 4, dstLen);\n\n    writeUInt32BE(packet, cfg.dstPort, p += dstLen);\n\n    writeUInt32BE(packet, srcLen, p += 4);\n    packet.utf8Write(cfg.srcIP, p += 4, srcLen);\n\n    writeUInt32BE(packet, cfg.srcPort, p += srcLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN (r:${chan}, direct-tcpip)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_directStreamLocal(chan, initWindow, maxPacket, cfg) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    const pathLen = Buffer.byteLength(cfg.socketPath);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 30 + 4 + 4 + 4 + 4 + pathLen + 4 + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 30, ++p);\n    packet.utf8Write('direct-streamlocal@openssh.com', p += 4, 30);\n\n    writeUInt32BE(packet, chan, p += 30);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, pathLen, p += 4);\n    packet.utf8Write(cfg.socketPath, p += 4, pathLen);\n\n    // zero-fill reserved fields (string and uint32)\n    bufferFill(packet, 0, p += pathLen, p + 8);\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending CHANNEL_OPEN '\n          + `(r:${chan}, direct-streamlocal@openssh.com)`\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_noMoreSessions(wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 28 + 1);\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 28, ++p);\n    packet.utf8Write('no-more-sessions@openssh.com', p += 4, 28);\n\n    packet[p += 28] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    this._debug && this._debug(\n      'Outbound: Sending GLOBAL_REQUEST (no-more-sessions@openssh.com)'\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  session(chan, initWindow, maxPacket) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 7 + 4 + 4 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 7, ++p);\n    packet.utf8Write('session', p += 4, 7);\n\n    writeUInt32BE(packet, chan, p += 7);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_OPEN (r:${chan}, session)`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  windowChange(chan, rows, cols, height, width) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 13 + 1 + 4 + 4 + 4 + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 13, p += 4);\n    packet.utf8Write('window-change', p += 4, 13);\n\n    packet[p += 13] = 0;\n\n    writeUInt32BE(packet, cols, ++p);\n\n    writeUInt32BE(packet, rows, p += 4);\n\n    writeUInt32BE(packet, width, p += 4);\n\n    writeUInt32BE(packet, height, p += 4);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, window-change)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  pty(chan, rows, cols, height, width, term, modes, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    if (!term || !term.length)\n      term = 'vt100';\n    if (modes\n        && !Buffer.isBuffer(modes)\n        && !Array.isArray(modes)\n        && typeof modes === 'object'\n        && modes !== null) {\n      modes = modesToBytes(modes);\n    }\n    if (!modes || !modes.length)\n      modes = NO_TERMINAL_MODES_BUFFER;\n\n    const termLen = term.length;\n    const modesLen = modes.length;\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 7 + 1 + 4 + termLen + 4 + 4 + 4 + 4 + 4 + modesLen\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 7, p += 4);\n    packet.utf8Write('pty-req', p += 4, 7);\n\n    packet[p += 7] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, termLen, ++p);\n    packet.utf8Write(term, p += 4, termLen);\n\n    writeUInt32BE(packet, cols, p += termLen);\n\n    writeUInt32BE(packet, rows, p += 4);\n\n    writeUInt32BE(packet, width, p += 4);\n\n    writeUInt32BE(packet, height, p += 4);\n\n    writeUInt32BE(packet, modesLen, p += 4);\n    p += 4;\n    if (Array.isArray(modes)) {\n      for (let i = 0; i < modesLen; ++i)\n        packet[p++] = modes[i];\n    } else if (Buffer.isBuffer(modes)) {\n      packet.set(modes, p);\n    }\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, pty-req)`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  shell(chan, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 5 + 1);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 5, p += 4);\n    packet.utf8Write('shell', p += 4, 5);\n\n    packet[p += 5] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, shell)`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  exec(chan, cmd, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    const isBuf = Buffer.isBuffer(cmd);\n    const cmdLen = (isBuf ? cmd.length : Buffer.byteLength(cmd));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 4 + 1 + 4 + cmdLen);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 4, p += 4);\n    packet.utf8Write('exec', p += 4, 4);\n\n    packet[p += 4] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, cmdLen, ++p);\n    if (isBuf)\n      packet.set(cmd, p += 4);\n    else\n      packet.utf8Write(cmd, p += 4, cmdLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exec: ${cmd})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  signal(chan, signal) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    const origSignal = signal;\n\n    signal = signal.toUpperCase();\n    if (signal.slice(0, 3) === 'SIG')\n      signal = signal.slice(3);\n\n    if (SIGNALS[signal] !== 1)\n      throw new Error(`Invalid signal: ${origSignal}`);\n\n    const signalLen = signal.length;\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 6 + 1 + 4 + signalLen\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 6, p += 4);\n    packet.utf8Write('signal', p += 4, 6);\n\n    packet[p += 6] = 0;\n\n    writeUInt32BE(packet, signalLen, ++p);\n    packet.utf8Write(signal, p += 4, signalLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, signal: ${signal})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  env(chan, key, val, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    const keyLen = Buffer.byteLength(key);\n    const isBuf = Buffer.isBuffer(val);\n    const valLen = (isBuf ? val.length : Buffer.byteLength(val));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 3 + 1 + 4 + keyLen + 4 + valLen\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 3, p += 4);\n    packet.utf8Write('env', p += 4, 3);\n\n    packet[p += 3] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, keyLen, ++p);\n    packet.utf8Write(key, p += 4, keyLen);\n\n    writeUInt32BE(packet, valLen, p += keyLen);\n    if (isBuf)\n      packet.set(val, p += 4);\n    else\n      packet.utf8Write(val, p += 4, valLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, env: ${key}=${val})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  x11Forward(chan, cfg, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    const protocol = cfg.protocol;\n    const cookie = cfg.cookie;\n    const isBufProto = Buffer.isBuffer(protocol);\n    const protoLen = (isBufProto\n                      ? protocol.length\n                      : Buffer.byteLength(protocol));\n    const isBufCookie = Buffer.isBuffer(cookie);\n    const cookieLen = (isBufCookie\n                       ? cookie.length\n                       : Buffer.byteLength(cookie));\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 7 + 1 + 1 + 4 + protoLen + 4 + cookieLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 7, p += 4);\n    packet.utf8Write('x11-req', p += 4, 7);\n\n    packet[p += 7] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    packet[++p] = (cfg.single ? 1 : 0);\n\n    writeUInt32BE(packet, protoLen, ++p);\n    if (isBufProto)\n      packet.set(protocol, p += 4);\n    else\n      packet.utf8Write(protocol, p += 4, protoLen);\n\n    writeUInt32BE(packet, cookieLen, p += protoLen);\n    if (isBufCookie)\n      packet.set(cookie, p += 4);\n    else\n      packet.latin1Write(cookie, p += 4, cookieLen);\n\n    writeUInt32BE(packet, (cfg.screen || 0), p += cookieLen);\n\n    this._debug\n      && this._debug(`Outbound: Sending CHANNEL_REQUEST (r:${chan}, x11-req)`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  subsystem(chan, name, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n    const nameLen = Buffer.byteLength(name);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 9 + 1 + 4 + nameLen);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 9, p += 4);\n    packet.utf8Write('subsystem', p += 4, 9);\n\n    packet[p += 9] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    writeUInt32BE(packet, nameLen, ++p);\n    packet.utf8Write(name, p += 4, nameLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, subsystem: ${name})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_agentForward(chan, wantReply) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    // Does not consume window space\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 26 + 1);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 26, p += 4);\n    packet.utf8Write('auth-agent-req@openssh.com', p += 4, 26);\n\n    packet[p += 26] = (wantReply === undefined || wantReply === true ? 1 : 0);\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending CHANNEL_REQUEST '\n          + `(r:${chan}, auth-agent-req@openssh.com)`\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_hostKeysProve(keys) {\n    if (this._server)\n      throw new Error('Client-only method called in server mode');\n\n    let keysTotal = 0;\n    const publicKeys = [];\n    for (const key of keys) {\n      const publicKey = key.getPublicSSH();\n      keysTotal += 4 + publicKey.length;\n      publicKeys.push(publicKey);\n    }\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 29 + 1 + keysTotal);\n\n    packet[p] = MESSAGE.GLOBAL_REQUEST;\n\n    writeUInt32BE(packet, 29, ++p);\n    packet.utf8Write('hostkeys-prove-00@openssh.com', p += 4, 29);\n\n    packet[p += 29] = 1; // want reply\n\n    ++p;\n    for (const buf of publicKeys) {\n      writeUInt32BE(packet, buf.length, p);\n      bufferCopy(buf, packet, 0, buf.length, p += 4);\n      p += buf.length;\n    }\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending GLOBAL_REQUEST (hostkeys-prove-00@openssh.com)'\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n\n  // ===========================================================================\n  // Server-specific ===========================================================\n  // ===========================================================================\n\n  // Global\n  // ------\n  serviceAccept(svcName) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const svcNameLen = Buffer.byteLength(svcName);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + svcNameLen);\n\n    packet[p] = MESSAGE.SERVICE_ACCEPT;\n\n    writeUInt32BE(packet, svcNameLen, ++p);\n    packet.utf8Write(svcName, p += 4, svcNameLen);\n\n    this._debug && this._debug(`Outbound: Sending SERVICE_ACCEPT (${svcName})`);\n    sendPacket(this, this._packetRW.write.finalize(packet));\n\n    if (this._server && this._banner && svcName === 'ssh-userauth') {\n      const banner = this._banner;\n      this._banner = undefined; // Prevent banner from being displayed again\n      const bannerLen = Buffer.byteLength(banner);\n      p = this._packetRW.write.allocStart;\n      const packet = this._packetRW.write.alloc(1 + 4 + bannerLen + 4);\n\n      packet[p] = MESSAGE.USERAUTH_BANNER;\n\n      writeUInt32BE(packet, bannerLen, ++p);\n      packet.utf8Write(banner, p += 4, bannerLen);\n\n      writeUInt32BE(packet, 0, p += bannerLen); // Empty language tag\n\n      this._debug && this._debug('Outbound: Sending USERAUTH_BANNER');\n      sendPacket(this, this._packetRW.write.finalize(packet));\n    }\n  }\n  // 'ssh-connection' service-specific\n  forwardedTcpip(chan, initWindow, maxPacket, cfg) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const boundAddrLen = Buffer.byteLength(cfg.boundAddr);\n    const remoteAddrLen = Buffer.byteLength(cfg.remoteAddr);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 15 + 4 + 4 + 4 + 4 + boundAddrLen + 4 + 4 + remoteAddrLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 15, ++p);\n    packet.utf8Write('forwarded-tcpip', p += 4, 15);\n\n    writeUInt32BE(packet, chan, p += 15);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, boundAddrLen, p += 4);\n    packet.utf8Write(cfg.boundAddr, p += 4, boundAddrLen);\n\n    writeUInt32BE(packet, cfg.boundPort, p += boundAddrLen);\n\n    writeUInt32BE(packet, remoteAddrLen, p += 4);\n    packet.utf8Write(cfg.remoteAddr, p += 4, remoteAddrLen);\n\n    writeUInt32BE(packet, cfg.remotePort, p += remoteAddrLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN (r:${chan}, forwarded-tcpip)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  x11(chan, initWindow, maxPacket, cfg) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const addrLen = Buffer.byteLength(cfg.originAddr);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 3 + 4 + 4 + 4 + 4 + addrLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 3, ++p);\n    packet.utf8Write('x11', p += 4, 3);\n\n    writeUInt32BE(packet, chan, p += 3);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, addrLen, p += 4);\n    packet.utf8Write(cfg.originAddr, p += 4, addrLen);\n\n    writeUInt32BE(packet, cfg.originPort, p += addrLen);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN (r:${chan}, x11)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_authAgent(chan, initWindow, maxPacket) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 22 + 4 + 4 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 22, ++p);\n    packet.utf8Write('auth-agent@openssh.com', p += 4, 22);\n\n    writeUInt32BE(packet, chan, p += 22);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_OPEN (r:${chan}, auth-agent@openssh.com)`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  openssh_forwardedStreamLocal(chan, initWindow, maxPacket, cfg) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const pathLen = Buffer.byteLength(cfg.socketPath);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 33 + 4 + 4 + 4 + 4 + pathLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_OPEN;\n\n    writeUInt32BE(packet, 33, ++p);\n    packet.utf8Write('forwarded-streamlocal@openssh.com', p += 4, 33);\n\n    writeUInt32BE(packet, chan, p += 33);\n\n    writeUInt32BE(packet, initWindow, p += 4);\n\n    writeUInt32BE(packet, maxPacket, p += 4);\n\n    writeUInt32BE(packet, pathLen, p += 4);\n    packet.utf8Write(cfg.socketPath, p += 4, pathLen);\n\n    writeUInt32BE(packet, 0, p += pathLen);\n\n    if (this._debug) {\n      this._debug(\n        'Outbound: Sending CHANNEL_OPEN '\n          + `(r:${chan}, forwarded-streamlocal@openssh.com)`\n      );\n    }\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  exitStatus(chan, status) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    // Does not consume window space\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + 4 + 11 + 1 + 4);\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 11, p += 4);\n    packet.utf8Write('exit-status', p += 4, 11);\n\n    packet[p += 11] = 0;\n\n    writeUInt32BE(packet, status, ++p);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exit-status: ${status})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  exitSignal(chan, name, coreDumped, msg) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    // Does not consume window space\n\n    const origSignal = name;\n\n    if (typeof origSignal !== 'string' || !origSignal)\n      throw new Error(`Invalid signal: ${origSignal}`);\n\n    let signal = name.toUpperCase();\n    if (signal.slice(0, 3) === 'SIG')\n      signal = signal.slice(3);\n\n    if (SIGNALS[signal] !== 1)\n      throw new Error(`Invalid signal: ${origSignal}`);\n\n    const nameLen = Buffer.byteLength(signal);\n    const msgLen = (msg ? Buffer.byteLength(msg) : 0);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + 4 + 11 + 1 + 4 + nameLen + 1 + 4 + msgLen + 4\n    );\n\n    packet[p] = MESSAGE.CHANNEL_REQUEST;\n\n    writeUInt32BE(packet, chan, ++p);\n\n    writeUInt32BE(packet, 11, p += 4);\n    packet.utf8Write('exit-signal', p += 4, 11);\n\n    packet[p += 11] = 0;\n\n    writeUInt32BE(packet, nameLen, ++p);\n    packet.utf8Write(signal, p += 4, nameLen);\n\n    packet[p += nameLen] = (coreDumped ? 1 : 0);\n\n    writeUInt32BE(packet, msgLen, ++p);\n\n    p += 4;\n    if (msgLen) {\n      packet.utf8Write(msg, p, msgLen);\n      p += msgLen;\n    }\n\n    writeUInt32BE(packet, 0, p);\n\n    this._debug && this._debug(\n      `Outbound: Sending CHANNEL_REQUEST (r:${chan}, exit-signal: ${name})`\n    );\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  // 'ssh-userauth' service-specific\n  authFailure(authMethods, isPartial) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    if (this._authsQueue.length === 0)\n      throw new Error('No auth in progress');\n\n    let methods;\n\n    if (typeof authMethods === 'boolean') {\n      isPartial = authMethods;\n      authMethods = undefined;\n    }\n\n    if (authMethods) {\n      methods = [];\n      for (let i = 0; i < authMethods.length; ++i) {\n        if (authMethods[i].toLowerCase() === 'none')\n          continue;\n        methods.push(authMethods[i]);\n      }\n      methods = methods.join(',');\n    } else {\n      methods = '';\n    }\n\n    const methodsLen = methods.length;\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + methodsLen + 1);\n\n    packet[p] = MESSAGE.USERAUTH_FAILURE;\n\n    writeUInt32BE(packet, methodsLen, ++p);\n    packet.utf8Write(methods, p += 4, methodsLen);\n\n    packet[p += methodsLen] = (isPartial === true ? 1 : 0);\n\n    this._authsQueue.shift();\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_FAILURE');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authSuccess() {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    if (this._authsQueue.length === 0)\n      throw new Error('No auth in progress');\n\n    const p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1);\n\n    packet[p] = MESSAGE.USERAUTH_SUCCESS;\n\n    this._authsQueue.shift();\n    this._authenticated = true;\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_SUCCESS');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n\n    if (this._kex.negotiated.cs.compress === 'zlib@openssh.com')\n      this._packetRW.read = new ZlibPacketReader();\n    if (this._kex.negotiated.sc.compress === 'zlib@openssh.com')\n      this._packetRW.write = new ZlibPacketWriter(this);\n  }\n  authPKOK(keyAlgo, key) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    if (this._authsQueue.length === 0 || this._authsQueue[0] !== 'publickey')\n      throw new Error('\"publickey\" auth not in progress');\n\n    // TODO: support parsed key for `key`\n\n    const keyAlgoLen = Buffer.byteLength(keyAlgo);\n    const keyLen = key.length;\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + keyAlgoLen + 4 + keyLen);\n\n    packet[p] = MESSAGE.USERAUTH_PK_OK;\n\n    writeUInt32BE(packet, keyAlgoLen, ++p);\n    packet.utf8Write(keyAlgo, p += 4, keyAlgoLen);\n\n    writeUInt32BE(packet, keyLen, p += keyAlgoLen);\n    packet.set(key, p += 4);\n\n    this._authsQueue.shift();\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_PK_OK');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authPasswdChg(prompt) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    const promptLen = Buffer.byteLength(prompt);\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(1 + 4 + promptLen + 4);\n\n    packet[p] = MESSAGE.USERAUTH_PASSWD_CHANGEREQ;\n\n    writeUInt32BE(packet, promptLen, ++p);\n    packet.utf8Write(prompt, p += 4, promptLen);\n\n    writeUInt32BE(packet, 0, p += promptLen); // Empty language tag\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_PASSWD_CHANGEREQ');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n  authInfoReq(name, instructions, prompts) {\n    if (!this._server)\n      throw new Error('Server-only method called in client mode');\n\n    let promptsLen = 0;\n    const nameLen = name ? Buffer.byteLength(name) : 0;\n    const instrLen = instructions ? Buffer.byteLength(instructions) : 0;\n\n    for (let i = 0; i < prompts.length; ++i)\n      promptsLen += 4 + Buffer.byteLength(prompts[i].prompt) + 1;\n\n    let p = this._packetRW.write.allocStart;\n    const packet = this._packetRW.write.alloc(\n      1 + 4 + nameLen + 4 + instrLen + 4 + 4 + promptsLen\n    );\n\n    packet[p] = MESSAGE.USERAUTH_INFO_REQUEST;\n\n    writeUInt32BE(packet, nameLen, ++p);\n    p += 4;\n    if (name) {\n      packet.utf8Write(name, p, nameLen);\n      p += nameLen;\n    }\n\n    writeUInt32BE(packet, instrLen, p);\n    p += 4;\n    if (instructions) {\n      packet.utf8Write(instructions, p, instrLen);\n      p += instrLen;\n    }\n\n    writeUInt32BE(packet, 0, p);\n\n    writeUInt32BE(packet, prompts.length, p += 4);\n    p += 4;\n    for (let i = 0; i < prompts.length; ++i) {\n      const prompt = prompts[i];\n      const promptLen = Buffer.byteLength(prompt.prompt);\n\n      writeUInt32BE(packet, promptLen, p);\n      p += 4;\n      if (promptLen) {\n        packet.utf8Write(prompt.prompt, p, promptLen);\n        p += promptLen;\n      }\n      packet[p++] = (prompt.echo ? 1 : 0);\n    }\n\n    this._debug && this._debug('Outbound: Sending USERAUTH_INFO_REQUEST');\n    sendPacket(this, this._packetRW.write.finalize(packet));\n  }\n}\n\n// SSH-protoversion-softwareversion (SP comments) CR LF\nconst RE_IDENT = /^SSH-(2\\.0|1\\.99)-([^ ]+)(?: (.*))?$/;\n\n// TODO: optimize this by starting n bytes from the end of this._buffer instead\n// of the beginning\nfunction parseHeader(chunk, p, len) {\n  let data;\n  let chunkOffset;\n  if (this._buffer) {\n    data = Buffer.allocUnsafe(this._buffer.length + (len - p));\n    data.set(this._buffer, 0);\n    if (p === 0) {\n      data.set(chunk, this._buffer.length);\n    } else {\n      data.set(new Uint8Array(chunk.buffer,\n                              chunk.byteOffset + p,\n                              (len - p)),\n               this._buffer.length);\n    }\n    chunkOffset = this._buffer.length;\n    p = 0;\n  } else {\n    data = chunk;\n    chunkOffset = 0;\n  }\n  const op = p;\n  let start = p;\n  let end = p;\n  let needNL = false;\n  let lineLen = 0;\n  let lines = 0;\n  for (; p < data.length; ++p) {\n    const ch = data[p];\n\n    if (ch === 13 /* '\\r' */) {\n      needNL = true;\n      continue;\n    }\n\n    if (ch === 10 /* '\\n' */) {\n      if (end > start\n          && end - start > 4\n          && data[start] === 83 /* 'S' */\n          && data[start + 1] === 83 /* 'S' */\n          && data[start + 2] === 72 /* 'H' */\n          && data[start + 3] === 45 /* '-' */) {\n\n        const full = data.latin1Slice(op, end + 1);\n        const identRaw = (start === op ? full : full.slice(start - op));\n        const m = RE_IDENT.exec(identRaw);\n        if (!m)\n          throw new Error('Invalid identification string');\n\n        const header = {\n          greeting: (start === op ? '' : full.slice(0, start - op)),\n          identRaw,\n          versions: {\n            protocol: m[1],\n            software: m[2],\n          },\n          comments: m[3]\n        };\n\n        // Needed during handshake\n        this._remoteIdentRaw = Buffer.from(identRaw);\n\n        this._debug && this._debug(`Remote ident: ${inspect(identRaw)}`);\n        this._compatFlags = getCompatFlags(header);\n\n        this._buffer = undefined;\n        this._decipher =\n          new NullDecipher(0, onKEXPayload.bind(this, { firstPacket: true }));\n        this._parse = parsePacket;\n\n        this._onHeader(header);\n        if (!this._destruct) {\n          // We disconnected inside _onHeader\n          return len;\n        }\n\n        kexinit(this);\n\n        return p + 1 - chunkOffset;\n      }\n\n      // Only allow pre-ident greetings when we're a client\n      if (this._server)\n        throw new Error('Greetings from clients not permitted');\n\n      if (++lines > MAX_LINES)\n        throw new Error('Max greeting lines exceeded');\n\n      needNL = false;\n      start = p + 1;\n      lineLen = 0;\n    } else if (needNL) {\n      throw new Error('Invalid header: expected newline');\n    } else if (++lineLen >= MAX_LINE_LEN) {\n      throw new Error('Header line too long');\n    }\n\n    end = p;\n  }\n  if (!this._buffer)\n    this._buffer = bufferSlice(data, op);\n\n  return p - chunkOffset;\n}\n\nfunction parsePacket(chunk, p, len) {\n  return this._decipher.decrypt(chunk, p, len);\n}\n\nfunction onPayload(payload) {\n  // XXX: move this to the Decipher implementations?\n\n  this._onPacket();\n\n  if (payload.length === 0) {\n    this._debug && this._debug('Inbound: Skipping empty packet payload');\n    return;\n  }\n\n  payload = this._packetRW.read.read(payload);\n\n  const type = payload[0];\n  if (type === MESSAGE.USERAUTH_SUCCESS\n      && !this._server\n      && !this._authenticated) {\n    this._authenticated = true;\n    if (this._kex.negotiated.cs.compress === 'zlib@openssh.com')\n      this._packetRW.write = new ZlibPacketWriter(this);\n    if (this._kex.negotiated.sc.compress === 'zlib@openssh.com')\n      this._packetRW.read = new ZlibPacketReader();\n  }\n  const handler = MESSAGE_HANDLERS[type];\n  if (handler === undefined) {\n    this._debug && this._debug(`Inbound: Unsupported message type: ${type}`);\n    return;\n  }\n\n  return handler(this, payload);\n}\n\nfunction getCompatFlags(header) {\n  const software = header.versions.software;\n\n  let flags = 0;\n\n  for (const rule of COMPAT_CHECKS) {\n    if (typeof rule[0] === 'string') {\n      if (software === rule[0])\n        flags |= rule[1];\n    } else if (rule[0].test(software)) {\n      flags |= rule[1];\n    }\n  }\n\n  return flags;\n}\n\nfunction modesToBytes(modes) {\n  const keys = Object.keys(modes);\n  const bytes = Buffer.allocUnsafe((5 * keys.length) + 1);\n  let b = 0;\n\n  for (let i = 0; i < keys.length; ++i) {\n    const key = keys[i];\n    if (key === 'TTY_OP_END')\n      continue;\n\n    const opcode = TERMINAL_MODE[key];\n    if (opcode === undefined)\n      continue;\n\n    const val = modes[key];\n    if (typeof val === 'number' && isFinite(val)) {\n      bytes[b++] = opcode;\n      bytes[b++] = val >>> 24;\n      bytes[b++] = val >>> 16;\n      bytes[b++] = val >>> 8;\n      bytes[b++] = val;\n    }\n  }\n\n  bytes[b++] = TERMINAL_MODE.TTY_OP_END;\n\n  if (b < bytes.length)\n    return bufferSlice(bytes, 0, b);\n\n  return bytes;\n}\n\nmodule.exports = Protocol;\n","'use strict';\n\nconst EventEmitter = require('events');\nconst fs = require('fs');\nconst { constants } = fs;\nconst {\n  Readable: ReadableStream,\n  Writable: WritableStream\n} = require('stream');\nconst { inherits, isDate } = require('util');\n\nconst FastBuffer = Buffer[Symbol.species];\n\nconst {\n  bufferCopy,\n  bufferSlice,\n  makeBufferParser,\n  writeUInt32BE,\n} = require('./utils.js');\n\nconst ATTR = {\n  SIZE: 0x00000001,\n  UIDGID: 0x00000002,\n  PERMISSIONS: 0x00000004,\n  ACMODTIME: 0x00000008,\n  EXTENDED: 0x80000000,\n};\n\n// Large enough to store all possible attributes\nconst ATTRS_BUF = Buffer.alloc(28);\n\nconst STATUS_CODE = {\n  OK: 0,\n  EOF: 1,\n  NO_SUCH_FILE: 2,\n  PERMISSION_DENIED: 3,\n  FAILURE: 4,\n  BAD_MESSAGE: 5,\n  NO_CONNECTION: 6,\n  CONNECTION_LOST: 7,\n  OP_UNSUPPORTED: 8\n};\n\nconst VALID_STATUS_CODES = new Map(\n  Object.values(STATUS_CODE).map((n) => [n, 1])\n);\n\nconst STATUS_CODE_STR = {\n  [STATUS_CODE.OK]: 'No error',\n  [STATUS_CODE.EOF]: 'End of file',\n  [STATUS_CODE.NO_SUCH_FILE]: 'No such file or directory',\n  [STATUS_CODE.PERMISSION_DENIED]: 'Permission denied',\n  [STATUS_CODE.FAILURE]: 'Failure',\n  [STATUS_CODE.BAD_MESSAGE]: 'Bad message',\n  [STATUS_CODE.NO_CONNECTION]: 'No connection',\n  [STATUS_CODE.CONNECTION_LOST]: 'Connection lost',\n  [STATUS_CODE.OP_UNSUPPORTED]: 'Operation unsupported',\n};\n\nconst REQUEST = {\n  INIT: 1,\n  OPEN: 3,\n  CLOSE: 4,\n  READ: 5,\n  WRITE: 6,\n  LSTAT: 7,\n  FSTAT: 8,\n  SETSTAT: 9,\n  FSETSTAT: 10,\n  OPENDIR: 11,\n  READDIR: 12,\n  REMOVE: 13,\n  MKDIR: 14,\n  RMDIR: 15,\n  REALPATH: 16,\n  STAT: 17,\n  RENAME: 18,\n  READLINK: 19,\n  SYMLINK: 20,\n  EXTENDED: 200\n};\n\nconst RESPONSE = {\n  VERSION: 2,\n  STATUS: 101,\n  HANDLE: 102,\n  DATA: 103,\n  NAME: 104,\n  ATTRS: 105,\n  EXTENDED: 201\n};\n\nconst OPEN_MODE = {\n  READ: 0x00000001,\n  WRITE: 0x00000002,\n  APPEND: 0x00000004,\n  CREAT: 0x00000008,\n  TRUNC: 0x00000010,\n  EXCL: 0x00000020\n};\n\nconst PKT_RW_OVERHEAD = 2 * 1024;\nconst MAX_REQID = 2 ** 32 - 1;\nconst CLIENT_VERSION_BUFFER = Buffer.from([\n  0, 0, 0, 5 /* length */,\n    REQUEST.INIT,\n    0, 0, 0, 3 /* version */\n]);\nconst SERVER_VERSION_BUFFER = Buffer.from([\n  0, 0, 0, 5 /* length */,\n    RESPONSE.VERSION,\n    0, 0, 0, 3 /* version */\n]);\n\nconst RE_OPENSSH = /^SSH-2.0-(?:OpenSSH|dropbear)/;\nconst OPENSSH_MAX_PKT_LEN = 256 * 1024;\n\nconst bufferParser = makeBufferParser();\n\nconst fakeStderr = {\n  readable: false,\n  writable: false,\n  push: (data) => {},\n  once: () => {},\n  on: () => {},\n  emit: () => {},\n  end: () => {},\n};\n\nfunction noop() {}\n\n// Emulates enough of `Channel` to be able to be used as a drop-in replacement\n// in order to process incoming data with as little overhead as possible\nclass SFTP extends EventEmitter {\n  constructor(client, chanInfo, cfg) {\n    super();\n\n    if (typeof cfg !== 'object' || !cfg)\n      cfg = {};\n\n    const remoteIdentRaw = client._protocol._remoteIdentRaw;\n\n    this.server = !!cfg.server;\n    this._debug = (typeof cfg.debug === 'function' ? cfg.debug : undefined);\n    this._isOpenSSH = (remoteIdentRaw && RE_OPENSSH.test(remoteIdentRaw));\n\n    this._version = -1;\n    this._extensions = {};\n    this._biOpt = cfg.biOpt;\n    this._pktLenBytes = 0;\n    this._pktLen = 0;\n    this._pktPos = 0;\n    this._pktType = 0;\n    this._pktData = undefined;\n    this._writeReqid = -1;\n    this._requests = {};\n    this._maxInPktLen = OPENSSH_MAX_PKT_LEN;\n    this._maxOutPktLen = 34000;\n    this._maxReadLen =\n      (this._isOpenSSH ? OPENSSH_MAX_PKT_LEN : 34000) - PKT_RW_OVERHEAD;\n    this._maxWriteLen =\n      (this._isOpenSSH ? OPENSSH_MAX_PKT_LEN : 34000) - PKT_RW_OVERHEAD;\n\n    this.maxOpenHandles = undefined;\n\n    // Channel compatibility\n    this._client = client;\n    this._protocol = client._protocol;\n    this._callbacks = [];\n    this._hasX11 = false;\n    this._exit = {\n      code: undefined,\n      signal: undefined,\n      dump: undefined,\n      desc: undefined,\n    };\n    this._waitWindow = false; // SSH-level backpressure\n    this._chunkcb = undefined;\n    this._buffer = [];\n    this.type = chanInfo.type;\n    this.subtype = undefined;\n    this.incoming = chanInfo.incoming;\n    this.outgoing = chanInfo.outgoing;\n    this.stderr = fakeStderr;\n    this.readable = true;\n  }\n\n  // This handles incoming data to parse\n  push(data) {\n    if (data === null) {\n      cleanupRequests(this);\n      if (!this.readable)\n        return;\n      // No more incoming data from the remote side\n      this.readable = false;\n      this.emit('end');\n      return;\n    }\n    /*\n        uint32             length\n        byte               type\n        byte[length - 1]   data payload\n    */\n    let p = 0;\n\n    while (p < data.length) {\n      if (this._pktLenBytes < 4) {\n        let nb = Math.min(4 - this._pktLenBytes, data.length - p);\n        this._pktLenBytes += nb;\n\n        while (nb--)\n          this._pktLen = (this._pktLen << 8) + data[p++];\n\n        if (this._pktLenBytes < 4)\n          return;\n        if (this._pktLen === 0)\n          return doFatalSFTPError(this, 'Invalid packet length');\n        if (this._pktLen > this._maxInPktLen) {\n          const max = this._maxInPktLen;\n          return doFatalSFTPError(\n            this,\n            `Packet length ${this._pktLen} exceeds max length of ${max}`\n          );\n        }\n        if (p >= data.length)\n          return;\n      }\n      if (this._pktPos < this._pktLen) {\n        const nb = Math.min(this._pktLen - this._pktPos, data.length - p);\n        if (p !== 0 || nb !== data.length) {\n          if (nb === this._pktLen) {\n            this._pkt = new FastBuffer(data.buffer, data.byteOffset + p, nb);\n          } else {\n            if (!this._pkt)\n              this._pkt = Buffer.allocUnsafe(this._pktLen);\n            this._pkt.set(\n              new Uint8Array(data.buffer, data.byteOffset + p, nb),\n              this._pktPos\n            );\n          }\n        } else if (nb === this._pktLen) {\n          this._pkt = data;\n        } else {\n          if (!this._pkt)\n            this._pkt = Buffer.allocUnsafe(this._pktLen);\n          this._pkt.set(data, this._pktPos);\n        }\n        p += nb;\n        this._pktPos += nb;\n        if (this._pktPos < this._pktLen)\n          return;\n      }\n\n      const type = this._pkt[0];\n      const payload = this._pkt;\n\n      // Prepare for next packet\n      this._pktLen = 0;\n      this._pktLenBytes = 0;\n      this._pkt = undefined;\n      this._pktPos = 0;\n\n      const handler = (this.server\n                       ? SERVER_HANDLERS[type]\n                       : CLIENT_HANDLERS[type]);\n      if (!handler)\n        return doFatalSFTPError(this, `Unknown packet type ${type}`);\n\n      if (this._version === -1) {\n        if (this.server) {\n          if (type !== REQUEST.INIT)\n            return doFatalSFTPError(this, `Expected INIT packet, got ${type}`);\n        } else if (type !== RESPONSE.VERSION) {\n          return doFatalSFTPError(this, `Expected VERSION packet, got ${type}`);\n        }\n      }\n\n      if (handler(this, payload) === false)\n        return;\n    }\n  }\n\n  end() {\n    this.destroy();\n  }\n  destroy() {\n    if (this.outgoing.state === 'open' || this.outgoing.state === 'eof') {\n      this.outgoing.state = 'closing';\n      this._protocol.channelClose(this.outgoing.id);\n    }\n  }\n  _init() {\n    this._init = noop;\n    if (!this.server)\n      sendOrBuffer(this, CLIENT_VERSION_BUFFER);\n  }\n\n  // ===========================================================================\n  // Client-specific ===========================================================\n  // ===========================================================================\n  createReadStream(path, options) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    return new ReadStream(this, path, options);\n  }\n  createWriteStream(path, options) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    return new WriteStream(this, path, options);\n  }\n  open(path, flags_, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (typeof attrs === 'function') {\n      cb = attrs;\n      attrs = undefined;\n    }\n\n    const flags = (typeof flags_ === 'number' ? flags_ : stringToFlags(flags_));\n    if (flags === null)\n      throw new Error(`Unknown flags string: ${flags_}`);\n\n    let attrsFlags = 0;\n    let attrsLen = 0;\n    if (typeof attrs === 'string' || typeof attrs === 'number')\n      attrs = { mode: attrs };\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      attrsFlags = attrs.flags;\n      attrsLen = attrs.nb;\n    }\n\n    /*\n      uint32        id\n      string        filename\n      uint32        pflags\n      ATTRS         attrs\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.OPEN;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n    writeUInt32BE(buf, flags, p += pathLen);\n    writeUInt32BE(buf, attrsFlags, p += 4);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} OPEN`\n    );\n  }\n  close(handle, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    /*\n      uint32     id\n      string     handle\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.CLOSE;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    buf.set(handle, p += 4);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} CLOSE`\n    );\n  }\n  read(handle, buf, off, len, position, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n    if (!Buffer.isBuffer(buf))\n      throw new Error('buffer is not a Buffer');\n    if (off >= buf.length)\n      throw new Error('offset is out of bounds');\n    if (off + len > buf.length)\n      throw new Error('length extends beyond buffer');\n    if (position === null)\n      throw new Error('null position currently unsupported');\n\n    read_(this, handle, buf, off, len, position, cb);\n  }\n  readData(handle, buf, off, len, position, cb) {\n    // Backwards compatibility\n    this.read(handle, buf, off, len, position, cb);\n  }\n  write(handle, buf, off, len, position, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n    if (!Buffer.isBuffer(buf))\n      throw new Error('buffer is not a Buffer');\n    if (off > buf.length)\n      throw new Error('offset is out of bounds');\n    if (off + len > buf.length)\n      throw new Error('length extends beyond buffer');\n    if (position === null)\n      throw new Error('null position currently unsupported');\n\n    if (!len) {\n      cb && process.nextTick(cb, undefined, 0);\n      return;\n    }\n\n    const maxDataLen = this._maxWriteLen;\n    const overflow = Math.max(len - maxDataLen, 0);\n    const origPosition = position;\n\n    if (overflow)\n      len = maxDataLen;\n\n    /*\n      uint32     id\n      string     handle\n      uint64     offset\n      string     data\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const out = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 8 + 4 + len);\n\n    writeUInt32BE(out, out.length - 4, 0);\n    out[4] = REQUEST.WRITE;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(out, reqid, 5);\n\n    writeUInt32BE(out, handleLen, p);\n    out.set(handle, p += 4);\n    p += handleLen;\n    for (let i = 7; i >= 0; --i) {\n      out[p + i] = position & 0xFF;\n      position /= 256;\n    }\n    writeUInt32BE(out, len, p += 8);\n    bufferCopy(buf, out, off, off + len, p += 4);\n\n    this._requests[reqid] = {\n      cb: (err) => {\n        if (err) {\n          if (typeof cb === 'function')\n            cb(err);\n        } else if (overflow) {\n          this.write(handle,\n                     buf,\n                     off + len,\n                     overflow,\n                     origPosition + len,\n                     cb);\n        } else if (typeof cb === 'function') {\n          cb(undefined, off + len);\n        }\n      }\n    };\n\n    const isSent = sendOrBuffer(this, out);\n    if (this._debug) {\n      const how = (isSent ? 'Sent' : 'Buffered');\n      this._debug(`SFTP: Outbound: ${how} WRITE (id:${reqid})`);\n    }\n  }\n  writeData(handle, buf, off, len, position, cb) {\n    // Backwards compatibility\n    this.write(handle, buf, off, len, position, cb);\n  }\n  fastGet(remotePath, localPath, opts, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    fastXfer(this, fs, remotePath, localPath, opts, cb);\n  }\n  fastPut(localPath, remotePath, opts, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    fastXfer(fs, this, localPath, remotePath, opts, cb);\n  }\n  readFile(path, options, callback_) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let callback;\n    if (typeof callback_ === 'function') {\n      callback = callback_;\n    } else if (typeof options === 'function') {\n      callback = options;\n      options = undefined;\n    }\n\n    if (typeof options === 'string')\n      options = { encoding: options, flag: 'r' };\n    else if (!options)\n      options = { encoding: null, flag: 'r' };\n    else if (typeof options !== 'object')\n      throw new TypeError('Bad arguments');\n\n    const encoding = options.encoding;\n    if (encoding && !Buffer.isEncoding(encoding))\n      throw new Error(`Unknown encoding: ${encoding}`);\n\n    // First stat the file, so we know the size.\n    let size;\n    let buffer; // Single buffer with file data\n    let buffers; // List for when size is unknown\n    let pos = 0;\n    let handle;\n\n    // SFTPv3 does not support using -1 for read position, so we have to track\n    // read position manually\n    let bytesRead = 0;\n\n    const flag = options.flag || 'r';\n\n    const read = () => {\n      if (size === 0) {\n        buffer = Buffer.allocUnsafe(8192);\n        this.read(handle, buffer, 0, 8192, bytesRead, afterRead);\n      } else {\n        this.read(handle, buffer, pos, size - pos, bytesRead, afterRead);\n      }\n    };\n\n    const afterRead = (er, nbytes) => {\n      let eof;\n      if (er) {\n        eof = (er.code === STATUS_CODE.EOF);\n        if (!eof) {\n          return this.close(handle, () => {\n            return callback && callback(er);\n          });\n        }\n      } else {\n        eof = false;\n      }\n\n      if (eof || (size === 0 && nbytes === 0))\n        return close();\n\n      bytesRead += nbytes;\n      pos += nbytes;\n      if (size !== 0) {\n        if (pos === size)\n          close();\n        else\n          read();\n      } else {\n        // Unknown size, just read until we don't get bytes.\n        buffers.push(bufferSlice(buffer, 0, nbytes));\n        read();\n      }\n    };\n    afterRead._wantEOFError = true;\n\n    const close = () => {\n      this.close(handle, (er) => {\n        if (size === 0) {\n          // Collect the data into the buffers list.\n          buffer = Buffer.concat(buffers, pos);\n        } else if (pos < size) {\n          buffer = bufferSlice(buffer, 0, pos);\n        }\n\n        if (encoding)\n          buffer = buffer.toString(encoding);\n        return callback && callback(er, buffer);\n      });\n    };\n\n    this.open(path, flag, 0o666, (er, handle_) => {\n      if (er)\n        return callback && callback(er);\n      handle = handle_;\n\n      const tryStat = (er, st) => {\n        if (er) {\n          // Try stat() for sftp servers that may not support fstat() for\n          // whatever reason\n          this.stat(path, (er_, st_) => {\n            if (er_) {\n              return this.close(handle, () => {\n                callback && callback(er);\n              });\n            }\n            tryStat(null, st_);\n          });\n          return;\n        }\n\n        size = st.size || 0;\n        if (size === 0) {\n          // The kernel lies about many files.\n          // Go ahead and try to read some bytes.\n          buffers = [];\n          return read();\n        }\n\n        buffer = Buffer.allocUnsafe(size);\n        read();\n      };\n      this.fstat(handle, tryStat);\n    });\n  }\n  writeFile(path, data, options, callback_) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let callback;\n    if (typeof callback_ === 'function') {\n      callback = callback_;\n    } else if (typeof options === 'function') {\n      callback = options;\n      options = undefined;\n    }\n\n    if (typeof options === 'string')\n      options = { encoding: options, mode: 0o666, flag: 'w' };\n    else if (!options)\n      options = { encoding: 'utf8', mode: 0o666, flag: 'w' };\n    else if (typeof options !== 'object')\n      throw new TypeError('Bad arguments');\n\n    if (options.encoding && !Buffer.isEncoding(options.encoding))\n      throw new Error(`Unknown encoding: ${options.encoding}`);\n\n    const flag = options.flag || 'w';\n    this.open(path, flag, options.mode, (openErr, handle) => {\n      if (openErr) {\n        callback && callback(openErr);\n      } else {\n        const buffer = (Buffer.isBuffer(data)\n                        ? data\n                        : Buffer.from('' + data, options.encoding || 'utf8'));\n        const position = (/a/.test(flag) ? null : 0);\n\n        // SFTPv3 does not support the notion of 'current position'\n        // (null position), so we just attempt to append to the end of the file\n        // instead\n        if (position === null) {\n          const tryStat = (er, st) => {\n            if (er) {\n              // Try stat() for sftp servers that may not support fstat() for\n              // whatever reason\n              this.stat(path, (er_, st_) => {\n                if (er_) {\n                  return this.close(handle, () => {\n                    callback && callback(er);\n                  });\n                }\n                tryStat(null, st_);\n              });\n              return;\n            }\n            writeAll(this, handle, buffer, 0, buffer.length, st.size, callback);\n          };\n          this.fstat(handle, tryStat);\n          return;\n        }\n        writeAll(this, handle, buffer, 0, buffer.length, position, callback);\n      }\n    });\n  }\n  appendFile(path, data, options, callback_) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let callback;\n    if (typeof callback_ === 'function') {\n      callback = callback_;\n    } else if (typeof options === 'function') {\n      callback = options;\n      options = undefined;\n    }\n\n    if (typeof options === 'string')\n      options = { encoding: options, mode: 0o666, flag: 'a' };\n    else if (!options)\n      options = { encoding: 'utf8', mode: 0o666, flag: 'a' };\n    else if (typeof options !== 'object')\n      throw new TypeError('Bad arguments');\n\n    if (!options.flag)\n      options = Object.assign({ flag: 'a' }, options);\n    this.writeFile(path, data, options, callback);\n  }\n  exists(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    this.stat(path, (err) => {\n      cb && cb(err ? false : true);\n    });\n  }\n  unlink(filename, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     filename\n    */\n    const fnameLen = Buffer.byteLength(filename);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + fnameLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.REMOVE;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, fnameLen, p);\n    buf.utf8Write(filename, p += 4, fnameLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} REMOVE`\n    );\n  }\n  rename(oldPath, newPath, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     oldpath\n      string     newpath\n    */\n    const oldLen = Buffer.byteLength(oldPath);\n    const newLen = Buffer.byteLength(newPath);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + oldLen + 4 + newLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.RENAME;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, oldLen, p);\n    buf.utf8Write(oldPath, p += 4, oldLen);\n    writeUInt32BE(buf, newLen, p += oldLen);\n    buf.utf8Write(newPath, p += 4, newLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} RENAME`\n    );\n  }\n  mkdir(path, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let flags = 0;\n    let attrsLen = 0;\n\n    if (typeof attrs === 'function') {\n      cb = attrs;\n      attrs = undefined;\n    }\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      flags = attrs.flags;\n      attrsLen = attrs.nb;\n    }\n\n    /*\n      uint32     id\n      string     path\n      ATTRS      attrs\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.MKDIR;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n    writeUInt32BE(buf, flags, p += pathLen);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} MKDIR`\n    );\n  }\n  rmdir(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.RMDIR;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} RMDIR`\n    );\n  }\n  readdir(where, opts, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (typeof opts === 'function') {\n      cb = opts;\n      opts = {};\n    }\n    if (typeof opts !== 'object' || opts === null)\n      opts = {};\n\n    const doFilter = (opts && opts.full ? false : true);\n\n    if (!Buffer.isBuffer(where) && typeof where !== 'string')\n      throw new Error('missing directory handle or path');\n\n    if (typeof where === 'string') {\n      const entries = [];\n      let e = 0;\n\n      const reread = (err, handle) => {\n        if (err)\n          return cb(err);\n\n        this.readdir(handle, opts, (err, list) => {\n          const eof = (err && err.code === STATUS_CODE.EOF);\n\n          if (err && !eof)\n            return this.close(handle, () => cb(err));\n\n          if (eof) {\n            return this.close(handle, (err) => {\n              if (err)\n                return cb(err);\n              cb(undefined, entries);\n            });\n          }\n\n          for (let i = 0; i < list.length; ++i, ++e)\n            entries[e] = list[i];\n\n          reread(undefined, handle);\n        });\n      };\n      return this.opendir(where, reread);\n    }\n\n    /*\n      uint32     id\n      string     handle\n    */\n    const handleLen = where.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.READDIR;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    buf.set(where, p += 4);\n\n    this._requests[reqid] = {\n      cb: (doFilter\n           ? (err, list) => {\n               if (typeof cb !== 'function')\n                 return;\n               if (err)\n                 return cb(err);\n\n               for (let i = list.length - 1; i >= 0; --i) {\n                 if (list[i].filename === '.' || list[i].filename === '..')\n                   list.splice(i, 1);\n               }\n\n               cb(undefined, list);\n             }\n           : cb)\n    };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READDIR`\n    );\n  }\n  fstat(handle, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    /*\n      uint32     id\n      string     handle\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.FSTAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    buf.set(handle, p += 4);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} FSTAT`\n    );\n  }\n  stat(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.STAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} STAT`\n    );\n  }\n  lstat(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.LSTAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} LSTAT`\n    );\n  }\n  opendir(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.OPENDIR;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} OPENDIR`\n    );\n  }\n  setstat(path, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    let flags = 0;\n    let attrsLen = 0;\n\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      flags = attrs.flags;\n      attrsLen = attrs.nb;\n    } else if (typeof attrs === 'function') {\n      cb = attrs;\n    }\n\n    /*\n      uint32     id\n      string     path\n      ATTRS      attrs\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.SETSTAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n    writeUInt32BE(buf, flags, p += pathLen);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} SETSTAT`\n    );\n  }\n  fsetstat(handle, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    let flags = 0;\n    let attrsLen = 0;\n\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      flags = attrs.flags;\n      attrsLen = attrs.nb;\n    } else if (typeof attrs === 'function') {\n      cb = attrs;\n    }\n\n    /*\n      uint32     id\n      string     handle\n      ATTRS      attrs\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.FSETSTAT;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    buf.set(handle, p += 4);\n    writeUInt32BE(buf, flags, p += handleLen);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} FSETSTAT`\n    );\n  }\n  futimes(handle, atime, mtime, cb) {\n    return this.fsetstat(handle, {\n      atime: toUnixTimestamp(atime),\n      mtime: toUnixTimestamp(mtime)\n    }, cb);\n  }\n  utimes(path, atime, mtime, cb) {\n    return this.setstat(path, {\n      atime: toUnixTimestamp(atime),\n      mtime: toUnixTimestamp(mtime)\n    }, cb);\n  }\n  fchown(handle, uid, gid, cb) {\n    return this.fsetstat(handle, {\n      uid: uid,\n      gid: gid\n    }, cb);\n  }\n  chown(path, uid, gid, cb) {\n    return this.setstat(path, {\n      uid: uid,\n      gid: gid\n    }, cb);\n  }\n  fchmod(handle, mode, cb) {\n    return this.fsetstat(handle, {\n      mode: mode\n    }, cb);\n  }\n  chmod(path, mode, cb) {\n    return this.setstat(path, {\n      mode: mode\n    }, cb);\n  }\n  readlink(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.READLINK;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = {\n      cb: (err, names) => {\n        if (typeof cb !== 'function')\n          return;\n        if (err)\n          return cb(err);\n        if (!names || !names.length)\n          return cb(new Error('Response missing link info'));\n        cb(undefined, names[0].filename);\n      }\n    };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READLINK`\n    );\n  }\n  symlink(targetPath, linkPath, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     linkpath\n      string     targetpath\n    */\n    const linkLen = Buffer.byteLength(linkPath);\n    const targetLen = Buffer.byteLength(targetPath);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + linkLen + 4 + targetLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.SYMLINK;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    if (this._isOpenSSH) {\n      // OpenSSH has linkpath and targetpath positions switched\n      writeUInt32BE(buf, targetLen, p);\n      buf.utf8Write(targetPath, p += 4, targetLen);\n      writeUInt32BE(buf, linkLen, p += targetLen);\n      buf.utf8Write(linkPath, p += 4, linkLen);\n    } else {\n      writeUInt32BE(buf, linkLen, p);\n      buf.utf8Write(linkPath, p += 4, linkLen);\n      writeUInt32BE(buf, targetLen, p += linkLen);\n      buf.utf8Write(targetPath, p += 4, targetLen);\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} SYMLINK`\n    );\n  }\n  realpath(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    /*\n      uint32     id\n      string     path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.REALPATH;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, pathLen, p);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = {\n      cb: (err, names) => {\n        if (typeof cb !== 'function')\n          return;\n        if (err)\n          return cb(err);\n        if (!names || !names.length)\n          return cb(new Error('Response missing path info'));\n        cb(undefined, names[0].filename);\n      }\n    };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} REALPATH`\n    );\n  }\n  // extended requests\n  ext_openssh_rename(oldPath, newPath, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['posix-rename@openssh.com'];\n    if (!ext || ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    /*\n      uint32    id\n      string    \"posix-rename@openssh.com\"\n      string    oldpath\n      string    newpath\n    */\n    const oldLen = Buffer.byteLength(oldPath);\n    const newLen = Buffer.byteLength(newPath);\n    let p = 9;\n    const buf =\n      Buffer.allocUnsafe(4 + 1 + 4 + 4 + 24 + 4 + oldLen + 4 + newLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 24, p);\n    buf.utf8Write('posix-rename@openssh.com', p += 4, 24);\n    writeUInt32BE(buf, oldLen, p += 24);\n    buf.utf8Write(oldPath, p += 4, oldLen);\n    writeUInt32BE(buf, newLen, p += oldLen);\n    buf.utf8Write(newPath, p += 4, newLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const which = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${which} posix-rename@openssh.com`);\n    }\n  }\n  ext_openssh_statvfs(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['statvfs@openssh.com'];\n    if (!ext || ext !== '2')\n      throw new Error('Server does not support this extended request');\n\n    /*\n      uint32    id\n      string    \"statvfs@openssh.com\"\n      string    path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 19 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 19, p);\n    buf.utf8Write('statvfs@openssh.com', p += 4, 19);\n    writeUInt32BE(buf, pathLen, p += 19);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { extended: 'statvfs@openssh.com', cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const which = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${which} statvfs@openssh.com`);\n    }\n  }\n  ext_openssh_fstatvfs(handle, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['fstatvfs@openssh.com'];\n    if (!ext || ext !== '2')\n      throw new Error('Server does not support this extended request');\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    /*\n      uint32    id\n      string    \"fstatvfs@openssh.com\"\n      string    handle\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 20, p);\n    buf.utf8Write('fstatvfs@openssh.com', p += 4, 20);\n    writeUInt32BE(buf, handleLen, p += 20);\n    buf.set(handle, p += 4);\n\n    this._requests[reqid] = { extended: 'fstatvfs@openssh.com', cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const which = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${which} fstatvfs@openssh.com`);\n    }\n  }\n  ext_openssh_hardlink(oldPath, newPath, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['hardlink@openssh.com'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    /*\n      uint32    id\n      string    \"hardlink@openssh.com\"\n      string    oldpath\n      string    newpath\n    */\n    const oldLen = Buffer.byteLength(oldPath);\n    const newLen = Buffer.byteLength(newPath);\n    let p = 9;\n    const buf =\n      Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + oldLen + 4 + newLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 20, p);\n    buf.utf8Write('hardlink@openssh.com', p += 4, 20);\n    writeUInt32BE(buf, oldLen, p += 20);\n    buf.utf8Write(oldPath, p += 4, oldLen);\n    writeUInt32BE(buf, newLen, p += oldLen);\n    buf.utf8Write(newPath, p += 4, newLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const which = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${which} hardlink@openssh.com`);\n    }\n  }\n  ext_openssh_fsync(handle, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['fsync@openssh.com'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    /*\n      uint32    id\n      string    \"fsync@openssh.com\"\n      string    handle\n    */\n    const handleLen = handle.length;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 17 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 17, p);\n    buf.utf8Write('fsync@openssh.com', p += 4, 17);\n    writeUInt32BE(buf, handleLen, p += 17);\n    buf.set(handle, p += 4);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} fsync@openssh.com`\n    );\n  }\n  ext_openssh_lsetstat(path, attrs, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['lsetstat@openssh.com'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    let flags = 0;\n    let attrsLen = 0;\n\n    if (typeof attrs === 'object' && attrs !== null) {\n      attrs = attrsToBytes(attrs);\n      flags = attrs.flags;\n      attrsLen = attrs.nb;\n    } else if (typeof attrs === 'function') {\n      cb = attrs;\n    }\n\n    /*\n      uint32    id\n      string    \"lsetstat@openssh.com\"\n      string    path\n      ATTRS     attrs\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf =\n      Buffer.allocUnsafe(4 + 1 + 4 + 4 + 20 + 4 + pathLen + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 20, p);\n    buf.utf8Write('lsetstat@openssh.com', p += 4, 20);\n\n    writeUInt32BE(buf, pathLen, p += 20);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    writeUInt32BE(buf, flags, p += pathLen);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const status = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${status} lsetstat@openssh.com`);\n    }\n  }\n  ext_openssh_expandPath(path, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['expand-path@openssh.com'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    /*\n      uint32    id\n      string    \"expand-path@openssh.com\"\n      string    path\n    */\n    const pathLen = Buffer.byteLength(path);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 23 + 4 + pathLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = REQUEST.EXTENDED;\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, 23, p);\n    buf.utf8Write('expand-path@openssh.com', p += 4, 23);\n\n    writeUInt32BE(buf, pathLen, p += 20);\n    buf.utf8Write(path, p += 4, pathLen);\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const status = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${status} expand-path@openssh.com`);\n    }\n  }\n  ext_copy_data(srcHandle, srcOffset, len, dstHandle, dstOffset, cb) {\n    if (this.server)\n      throw new Error('Client-only method called in server mode');\n\n    const ext = this._extensions['copy-data'];\n    if (ext !== '1')\n      throw new Error('Server does not support this extended request');\n\n    if (!Buffer.isBuffer(srcHandle))\n      throw new Error('Source handle is not a Buffer');\n\n    if (!Buffer.isBuffer(dstHandle))\n      throw new Error('Destination handle is not a Buffer');\n\n    /*\n      uint32    id\n      string    \"copy-data\"\n      string    read-from-handle\n      uint64    read-from-offset\n      uint64    read-data-length\n      string    write-to-handle\n      uint64    write-to-offset\n    */\n    let p = 0;\n    const buf = Buffer.allocUnsafe(\n      4 + 1\n      + 4\n      + 4 + 9\n      + 4 + srcHandle.length\n      + 8\n      + 8\n      + 4 + dstHandle.length\n      + 8\n    );\n\n    writeUInt32BE(buf, buf.length - 4, p);\n    p += 4;\n\n    buf[p] = REQUEST.EXTENDED;\n    ++p;\n\n    const reqid = this._writeReqid = (this._writeReqid + 1) & MAX_REQID;\n    writeUInt32BE(buf, reqid, p);\n    p += 4;\n\n    writeUInt32BE(buf, 9, p);\n    p += 4;\n    buf.utf8Write('copy-data', p, 9);\n    p += 9;\n\n    writeUInt32BE(buf, srcHandle.length, p);\n    p += 4;\n    buf.set(srcHandle, p);\n    p += srcHandle.length;\n\n    for (let i = 7; i >= 0; --i) {\n      buf[p + i] = srcOffset & 0xFF;\n      srcOffset /= 256;\n    }\n    p += 8;\n\n    for (let i = 7; i >= 0; --i) {\n      buf[p + i] = len & 0xFF;\n      len /= 256;\n    }\n    p += 8;\n\n    writeUInt32BE(buf, dstHandle.length, p);\n    p += 4;\n    buf.set(dstHandle, p);\n    p += dstHandle.length;\n\n    for (let i = 7; i >= 0; --i) {\n      buf[p + i] = dstOffset & 0xFF;\n      dstOffset /= 256;\n    }\n\n    this._requests[reqid] = { cb };\n\n    const isBuffered = sendOrBuffer(this, buf);\n    if (this._debug) {\n      const status = (isBuffered ? 'Buffered' : 'Sending');\n      this._debug(`SFTP: Outbound: ${status} copy-data`);\n    }\n  }\n  // ===========================================================================\n  // Server-specific ===========================================================\n  // ===========================================================================\n  handle(reqid, handle) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (!Buffer.isBuffer(handle))\n      throw new Error('handle is not a Buffer');\n\n    const handleLen = handle.length;\n\n    if (handleLen > 256)\n      throw new Error('handle too large (> 256 bytes)');\n\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.HANDLE;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, handleLen, p);\n    if (handleLen)\n      buf.set(handle, p += 4);\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} HANDLE`\n    );\n  }\n  status(reqid, code, message) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (!VALID_STATUS_CODES.has(code))\n      throw new Error(`Bad status code: ${code}`);\n\n    message || (message = '');\n\n    const msgLen = Buffer.byteLength(message);\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 4 + msgLen + 4);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.STATUS;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, code, p);\n\n    writeUInt32BE(buf, msgLen, p += 4);\n    p += 4;\n    if (msgLen) {\n      buf.utf8Write(message, p, msgLen);\n      p += msgLen;\n    }\n\n    writeUInt32BE(buf, 0, p); // Empty language tag\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} STATUS`\n    );\n  }\n  data(reqid, data, encoding) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    const isBuffer = Buffer.isBuffer(data);\n\n    if (!isBuffer && typeof data !== 'string')\n      throw new Error('data is not a Buffer or string');\n\n    let isUTF8;\n    if (!isBuffer && !encoding) {\n      encoding = undefined;\n      isUTF8 = true;\n    }\n\n    const dataLen = (\n      isBuffer\n      ? data.length\n      : Buffer.byteLength(data, encoding)\n    );\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + dataLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.DATA;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, dataLen, p);\n    if (dataLen) {\n      if (isBuffer)\n        buf.set(data, p += 4);\n      else if (isUTF8)\n        buf.utf8Write(data, p += 4, dataLen);\n      else\n        buf.write(data, p += 4, dataLen, encoding);\n    }\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} DATA`\n    );\n  }\n  name(reqid, names) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (!Array.isArray(names)) {\n      if (typeof names !== 'object' || names === null)\n        throw new Error('names is not an object or array');\n      names = [ names ];\n    }\n\n    const count = names.length;\n    let namesLen = 0;\n    let nameAttrs;\n    const attrs = [];\n\n    for (let i = 0; i < count; ++i) {\n      const name = names[i];\n      const filename = (\n        !name || !name.filename || typeof name.filename !== 'string'\n        ? ''\n        : name.filename\n      );\n      namesLen += 4 + Buffer.byteLength(filename);\n      const longname = (\n        !name || !name.longname || typeof name.longname !== 'string'\n        ? ''\n        : name.longname\n      );\n      namesLen += 4 + Buffer.byteLength(longname);\n\n      if (typeof name.attrs === 'object' && name.attrs !== null) {\n        nameAttrs = attrsToBytes(name.attrs);\n        namesLen += 4 + nameAttrs.nb;\n\n        if (nameAttrs.nb) {\n          let bytes;\n\n          if (nameAttrs.nb === ATTRS_BUF.length) {\n            bytes = new Uint8Array(ATTRS_BUF);\n          } else {\n            bytes = new Uint8Array(nameAttrs.nb);\n            bufferCopy(ATTRS_BUF, bytes, 0, nameAttrs.nb, 0);\n          }\n\n          nameAttrs.bytes = bytes;\n        }\n\n        attrs.push(nameAttrs);\n      } else {\n        namesLen += 4;\n        attrs.push(null);\n      }\n    }\n\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + namesLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.NAME;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, count, p);\n\n    p += 4;\n\n    for (let i = 0; i < count; ++i) {\n      const name = names[i];\n\n      {\n        const filename = (\n          !name || !name.filename || typeof name.filename !== 'string'\n          ? ''\n          : name.filename\n        );\n        const len = Buffer.byteLength(filename);\n        writeUInt32BE(buf, len, p);\n        p += 4;\n        if (len) {\n          buf.utf8Write(filename, p, len);\n          p += len;\n        }\n      }\n\n      {\n        const longname = (\n          !name || !name.longname || typeof name.longname !== 'string'\n          ? ''\n          : name.longname\n        );\n        const len = Buffer.byteLength(longname);\n        writeUInt32BE(buf, len, p);\n        p += 4;\n        if (len) {\n          buf.utf8Write(longname, p, len);\n          p += len;\n        }\n      }\n\n      const attr = attrs[i];\n      if (attr) {\n        writeUInt32BE(buf, attr.flags, p);\n        p += 4;\n        if (attr.flags && attr.bytes) {\n          buf.set(attr.bytes, p);\n          p += attr.nb;\n        }\n      } else {\n        writeUInt32BE(buf, 0, p);\n        p += 4;\n      }\n    }\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} NAME`\n    );\n  }\n  attrs(reqid, attrs) {\n    if (!this.server)\n      throw new Error('Server-only method called in client mode');\n\n    if (typeof attrs !== 'object' || attrs === null)\n      throw new Error('attrs is not an object');\n\n    attrs = attrsToBytes(attrs);\n    const flags = attrs.flags;\n    const attrsLen = attrs.nb;\n    let p = 9;\n    const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + attrsLen);\n\n    writeUInt32BE(buf, buf.length - 4, 0);\n    buf[4] = RESPONSE.ATTRS;\n    writeUInt32BE(buf, reqid, 5);\n\n    writeUInt32BE(buf, flags, p);\n    if (attrsLen) {\n      p += 4;\n\n      if (attrsLen === ATTRS_BUF.length)\n        buf.set(ATTRS_BUF, p);\n      else\n        bufferCopy(ATTRS_BUF, buf, 0, attrsLen, p);\n\n      p += attrsLen;\n    }\n\n    const isBuffered = sendOrBuffer(this, buf);\n    this._debug && this._debug(\n      `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} ATTRS`\n    );\n  }\n}\n\nfunction tryCreateBuffer(size) {\n  try {\n    return Buffer.allocUnsafe(size);\n  } catch (ex) {\n    return ex;\n  }\n}\n\nfunction read_(self, handle, buf, off, len, position, cb, req_) {\n  const maxDataLen = self._maxReadLen;\n  const overflow = Math.max(len - maxDataLen, 0);\n\n  if (overflow)\n    len = maxDataLen;\n\n  /*\n    uint32     id\n    string     handle\n    uint64     offset\n    uint32     len\n  */\n  const handleLen = handle.length;\n  let p = 9;\n  let pos = position;\n  const out = Buffer.allocUnsafe(4 + 1 + 4 + 4 + handleLen + 8 + 4);\n\n  writeUInt32BE(out, out.length - 4, 0);\n  out[4] = REQUEST.READ;\n  const reqid = self._writeReqid = (self._writeReqid + 1) & MAX_REQID;\n  writeUInt32BE(out, reqid, 5);\n\n  writeUInt32BE(out, handleLen, p);\n  out.set(handle, p += 4);\n  p += handleLen;\n  for (let i = 7; i >= 0; --i) {\n    out[p + i] = pos & 0xFF;\n    pos /= 256;\n  }\n  writeUInt32BE(out, len, p += 8);\n\n  if (typeof cb !== 'function')\n    cb = noop;\n\n  const req = (req_ || {\n    nb: 0,\n    position,\n    off,\n    origOff: off,\n    len: undefined,\n    overflow: undefined,\n    cb: (err, data, nb) => {\n      const len = req.len;\n      const overflow = req.overflow;\n\n      if (err) {\n        if (cb._wantEOFError || err.code !== STATUS_CODE.EOF)\n          return cb(err);\n      } else if (nb > len) {\n        return cb(new Error('Received more data than requested'));\n      } else if (nb === len && overflow) {\n        req.nb += nb;\n        req.position += nb;\n        req.off += nb;\n        read_(self, handle, buf, req.off, overflow, req.position, cb, req);\n        return;\n      }\n\n      nb = (nb || 0);\n      if (req.origOff === 0 && buf.length === req.nb)\n        data = buf;\n      else\n        data = bufferSlice(buf, req.origOff, req.origOff + req.nb + nb);\n      cb(undefined, req.nb + nb, data, req.position);\n    },\n    buffer: undefined,\n  });\n\n  req.len = len;\n  req.overflow = overflow;\n\n  // TODO: avoid creating multiple buffer slices when we need to re-call read_()\n  // because of overflow\n  req.buffer = bufferSlice(buf, off, off + len);\n\n  self._requests[reqid] = req;\n\n  const isBuffered = sendOrBuffer(self, out);\n  self._debug && self._debug(\n    `SFTP: Outbound: ${isBuffered ? 'Buffered' : 'Sending'} READ`\n  );\n}\n\nfunction fastXfer(src, dst, srcPath, dstPath, opts, cb) {\n  let concurrency = 64;\n  let chunkSize = 32768;\n  let onstep;\n  let mode;\n  let fileSize;\n\n  if (typeof opts === 'function') {\n    cb = opts;\n  } else if (typeof opts === 'object' && opts !== null) {\n    if (typeof opts.concurrency === 'number'\n        && opts.concurrency > 0\n        && !isNaN(opts.concurrency)) {\n      concurrency = opts.concurrency;\n    }\n    if (typeof opts.chunkSize === 'number'\n        && opts.chunkSize > 0\n        && !isNaN(opts.chunkSize)) {\n      chunkSize = opts.chunkSize;\n    }\n    if (typeof opts.fileSize === 'number'\n        && opts.fileSize > 0\n        && !isNaN(opts.fileSize)) {\n      fileSize = opts.fileSize;\n    }\n    if (typeof opts.step === 'function')\n      onstep = opts.step;\n\n    if (typeof opts.mode === 'string' || typeof opts.mode === 'number')\n      mode = modeNum(opts.mode);\n  }\n\n  // Internal state variables\n  let fsize;\n  let pdst = 0;\n  let total = 0;\n  let hadError = false;\n  let srcHandle;\n  let dstHandle;\n  let readbuf;\n  let bufsize = chunkSize * concurrency;\n\n  function onerror(err) {\n    if (hadError)\n      return;\n\n    hadError = true;\n\n    let left = 0;\n    let cbfinal;\n\n    if (srcHandle || dstHandle) {\n      cbfinal = () => {\n        if (--left === 0)\n          cb(err);\n      };\n      if (srcHandle && (src === fs || src.outgoing.state === 'open'))\n        ++left;\n      if (dstHandle && (dst === fs || dst.outgoing.state === 'open'))\n        ++left;\n      if (srcHandle && (src === fs || src.outgoing.state === 'open'))\n        src.close(srcHandle, cbfinal);\n      if (dstHandle && (dst === fs || dst.outgoing.state === 'open'))\n        dst.close(dstHandle, cbfinal);\n    } else {\n      cb(err);\n    }\n  }\n\n  src.open(srcPath, 'r', (err, sourceHandle) => {\n    if (err)\n      return onerror(err);\n\n    srcHandle = sourceHandle;\n\n    if (fileSize === undefined)\n      src.fstat(srcHandle, tryStat);\n    else\n      tryStat(null, { size: fileSize });\n\n    function tryStat(err, attrs) {\n      if (err) {\n        if (src !== fs) {\n          // Try stat() for sftp servers that may not support fstat() for\n          // whatever reason\n          src.stat(srcPath, (err_, attrs_) => {\n            if (err_)\n              return onerror(err);\n            tryStat(null, attrs_);\n          });\n          return;\n        }\n        return onerror(err);\n      }\n      fsize = attrs.size;\n\n      dst.open(dstPath, 'w', (err, destHandle) => {\n        if (err)\n          return onerror(err);\n\n        dstHandle = destHandle;\n\n        if (fsize <= 0)\n          return onerror();\n\n        // Use less memory where possible\n        while (bufsize > fsize) {\n          if (concurrency === 1) {\n            bufsize = fsize;\n            break;\n          }\n          bufsize -= chunkSize;\n          --concurrency;\n        }\n\n        readbuf = tryCreateBuffer(bufsize);\n        if (readbuf instanceof Error)\n          return onerror(readbuf);\n\n        if (mode !== undefined) {\n          dst.fchmod(dstHandle, mode, function tryAgain(err) {\n            if (err) {\n              // Try chmod() for sftp servers that may not support fchmod()\n              // for whatever reason\n              dst.chmod(dstPath, mode, (err_) => tryAgain());\n              return;\n            }\n            startReads();\n          });\n        } else {\n          startReads();\n        }\n\n        function onread(err, nb, data, dstpos, datapos, origChunkLen) {\n          if (err)\n            return onerror(err);\n\n          datapos = datapos || 0;\n\n          dst.write(dstHandle, readbuf, datapos, nb, dstpos, writeCb);\n\n          function writeCb(err) {\n            if (err)\n              return onerror(err);\n\n            total += nb;\n            onstep && onstep(total, nb, fsize);\n\n            if (nb < origChunkLen)\n              return singleRead(datapos, dstpos + nb, origChunkLen - nb);\n\n            if (total === fsize) {\n              dst.close(dstHandle, (err) => {\n                dstHandle = undefined;\n                if (err)\n                  return onerror(err);\n                src.close(srcHandle, (err) => {\n                  srcHandle = undefined;\n                  if (err)\n                    return onerror(err);\n                  cb();\n                });\n              });\n              return;\n            }\n\n            if (pdst >= fsize)\n              return;\n\n            const chunk =\n              (pdst + chunkSize > fsize ? fsize - pdst : chunkSize);\n            singleRead(datapos, pdst, chunk);\n            pdst += chunk;\n          }\n        }\n\n        function makeCb(psrc, pdst, chunk) {\n          return (err, nb, data) => {\n            onread(err, nb, data, pdst, psrc, chunk);\n          };\n        }\n\n        function singleRead(psrc, pdst, chunk) {\n          src.read(srcHandle,\n                   readbuf,\n                   psrc,\n                   chunk,\n                   pdst,\n                   makeCb(psrc, pdst, chunk));\n        }\n\n        function startReads() {\n          let reads = 0;\n          let psrc = 0;\n          while (pdst < fsize && reads < concurrency) {\n            const chunk =\n              (pdst + chunkSize > fsize ? fsize - pdst : chunkSize);\n            singleRead(psrc, pdst, chunk);\n            psrc += chunk;\n            pdst += chunk;\n            ++reads;\n          }\n        }\n      });\n    }\n  });\n}\n\nfunction writeAll(sftp, handle, buffer, offset, length, position, callback_) {\n  const callback = (typeof callback_ === 'function' ? callback_ : undefined);\n\n  sftp.write(handle,\n             buffer,\n             offset,\n             length,\n             position,\n             (writeErr, written) => {\n    if (writeErr) {\n      return sftp.close(handle, () => {\n        callback && callback(writeErr);\n      });\n    }\n    if (written === length) {\n      sftp.close(handle, callback);\n    } else {\n      offset += written;\n      length -= written;\n      position += written;\n      writeAll(sftp, handle, buffer, offset, length, position, callback);\n    }\n  });\n}\n\nclass Stats {\n  constructor(initial) {\n    this.mode = (initial && initial.mode);\n    this.uid = (initial && initial.uid);\n    this.gid = (initial && initial.gid);\n    this.size = (initial && initial.size);\n    this.atime = (initial && initial.atime);\n    this.mtime = (initial && initial.mtime);\n    this.extended = (initial && initial.extended);\n  }\n  isDirectory() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFDIR);\n  }\n  isFile() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFREG);\n  }\n  isBlockDevice() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFBLK);\n  }\n  isCharacterDevice() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFCHR);\n  }\n  isSymbolicLink() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFLNK);\n  }\n  isFIFO() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFIFO);\n  }\n  isSocket() {\n    return ((this.mode & constants.S_IFMT) === constants.S_IFSOCK);\n  }\n}\n\nfunction attrsToBytes(attrs) {\n  let flags = 0;\n  let nb = 0;\n\n  if (typeof attrs === 'object' && attrs !== null) {\n    if (typeof attrs.size === 'number') {\n      flags |= ATTR.SIZE;\n      const val = attrs.size;\n      // Big Endian\n      ATTRS_BUF[nb++] = val / 72057594037927940; // 2**56\n      ATTRS_BUF[nb++] = val / 281474976710656; // 2**48\n      ATTRS_BUF[nb++] = val / 1099511627776; // 2**40\n      ATTRS_BUF[nb++] = val / 4294967296; // 2**32\n      ATTRS_BUF[nb++] = val / 16777216; // 2**24\n      ATTRS_BUF[nb++] = val / 65536; // 2**16\n      ATTRS_BUF[nb++] = val / 256; // 2**8\n      ATTRS_BUF[nb++] = val;\n    }\n    if (typeof attrs.uid === 'number' && typeof attrs.gid === 'number') {\n      flags |= ATTR.UIDGID;\n      const uid = attrs.uid;\n      const gid = attrs.gid;\n      // Big Endian\n      ATTRS_BUF[nb++] = uid >>> 24;\n      ATTRS_BUF[nb++] = uid >>> 16;\n      ATTRS_BUF[nb++] = uid >>> 8;\n      ATTRS_BUF[nb++] = uid;\n      ATTRS_BUF[nb++] = gid >>> 24;\n      ATTRS_BUF[nb++] = gid >>> 16;\n      ATTRS_BUF[nb++] = gid >>> 8;\n      ATTRS_BUF[nb++] = gid;\n    }\n    if (typeof attrs.mode === 'number' || typeof attrs.mode === 'string') {\n      const mode = modeNum(attrs.mode);\n      flags |= ATTR.PERMISSIONS;\n      // Big Endian\n      ATTRS_BUF[nb++] = mode >>> 24;\n      ATTRS_BUF[nb++] = mode >>> 16;\n      ATTRS_BUF[nb++] = mode >>> 8;\n      ATTRS_BUF[nb++] = mode;\n    }\n    if ((typeof attrs.atime === 'number' || isDate(attrs.atime))\n        && (typeof attrs.mtime === 'number' || isDate(attrs.mtime))) {\n      const atime = toUnixTimestamp(attrs.atime);\n      const mtime = toUnixTimestamp(attrs.mtime);\n\n      flags |= ATTR.ACMODTIME;\n      // Big Endian\n      ATTRS_BUF[nb++] = atime >>> 24;\n      ATTRS_BUF[nb++] = atime >>> 16;\n      ATTRS_BUF[nb++] = atime >>> 8;\n      ATTRS_BUF[nb++] = atime;\n      ATTRS_BUF[nb++] = mtime >>> 24;\n      ATTRS_BUF[nb++] = mtime >>> 16;\n      ATTRS_BUF[nb++] = mtime >>> 8;\n      ATTRS_BUF[nb++] = mtime;\n    }\n    // TODO: extended attributes\n  }\n\n  return { flags, nb };\n}\n\nfunction toUnixTimestamp(time) {\n  // eslint-disable-next-line no-self-compare\n  if (typeof time === 'number' && time === time) // Valid, non-NaN number\n    return time;\n  if (isDate(time))\n    return parseInt(time.getTime() / 1000, 10);\n  throw new Error(`Cannot parse time: ${time}`);\n}\n\nfunction modeNum(mode) {\n  // eslint-disable-next-line no-self-compare\n  if (typeof mode === 'number' && mode === mode) // Valid, non-NaN number\n    return mode;\n  if (typeof mode === 'string')\n    return modeNum(parseInt(mode, 8));\n  throw new Error(`Cannot parse mode: ${mode}`);\n}\n\nconst stringFlagMap = {\n  'r': OPEN_MODE.READ,\n  'r+': OPEN_MODE.READ | OPEN_MODE.WRITE,\n  'w': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE,\n  'wx': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n  'xw': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n  'w+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE,\n  'wx+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n         | OPEN_MODE.EXCL,\n  'xw+': OPEN_MODE.TRUNC | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n         | OPEN_MODE.EXCL,\n  'a': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE,\n  'ax': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n  'xa': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.WRITE | OPEN_MODE.EXCL,\n  'a+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE,\n  'ax+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n         | OPEN_MODE.EXCL,\n  'xa+': OPEN_MODE.APPEND | OPEN_MODE.CREAT | OPEN_MODE.READ | OPEN_MODE.WRITE\n         | OPEN_MODE.EXCL\n};\n\nfunction stringToFlags(str) {\n  const flags = stringFlagMap[str];\n  return (flags !== undefined ? flags : null);\n}\n\nconst flagsToString = (() => {\n  const stringFlagMapKeys = Object.keys(stringFlagMap);\n  return (flags) => {\n    for (let i = 0; i < stringFlagMapKeys.length; ++i) {\n      const key = stringFlagMapKeys[i];\n      if (stringFlagMap[key] === flags)\n        return key;\n    }\n    return null;\n  };\n})();\n\nfunction readAttrs(biOpt) {\n  /*\n    uint32   flags\n    uint64   size           present only if flag SSH_FILEXFER_ATTR_SIZE\n    uint32   uid            present only if flag SSH_FILEXFER_ATTR_UIDGID\n    uint32   gid            present only if flag SSH_FILEXFER_ATTR_UIDGID\n    uint32   permissions    present only if flag SSH_FILEXFER_ATTR_PERMISSIONS\n    uint32   atime          present only if flag SSH_FILEXFER_ACMODTIME\n    uint32   mtime          present only if flag SSH_FILEXFER_ACMODTIME\n    uint32   extended_count present only if flag SSH_FILEXFER_ATTR_EXTENDED\n    string   extended_type\n    string   extended_data\n    ...      more extended data (extended_type - extended_data pairs),\n               so that number of pairs equals extended_count\n  */\n  const flags = bufferParser.readUInt32BE();\n  if (flags === undefined)\n    return;\n\n  const attrs = new Stats();\n  if (flags & ATTR.SIZE) {\n    const size = bufferParser.readUInt64BE(biOpt);\n    if (size === undefined)\n      return;\n    attrs.size = size;\n  }\n\n  if (flags & ATTR.UIDGID) {\n    const uid = bufferParser.readUInt32BE();\n    const gid = bufferParser.readUInt32BE();\n    if (gid === undefined)\n      return;\n    attrs.uid = uid;\n    attrs.gid = gid;\n  }\n\n  if (flags & ATTR.PERMISSIONS) {\n    const mode = bufferParser.readUInt32BE();\n    if (mode === undefined)\n      return;\n    attrs.mode = mode;\n  }\n\n  if (flags & ATTR.ACMODTIME) {\n    const atime = bufferParser.readUInt32BE();\n    const mtime = bufferParser.readUInt32BE();\n    if (mtime === undefined)\n      return;\n    attrs.atime = atime;\n    attrs.mtime = mtime;\n  }\n\n  if (flags & ATTR.EXTENDED) {\n    const count = bufferParser.readUInt32BE();\n    if (count === undefined)\n      return;\n    const extended = {};\n    for (let i = 0; i < count; ++i) {\n      const type = bufferParser.readString(true);\n      const data = bufferParser.readString();\n      if (data === undefined)\n        return;\n      extended[type] = data;\n    }\n    attrs.extended = extended;\n  }\n\n  return attrs;\n}\n\nfunction sendOrBuffer(sftp, payload) {\n  const ret = tryWritePayload(sftp, payload);\n  if (ret !== undefined) {\n    sftp._buffer.push(ret);\n    return false;\n  }\n  return true;\n}\n\nfunction tryWritePayload(sftp, payload) {\n  const outgoing = sftp.outgoing;\n  if (outgoing.state !== 'open')\n    return;\n\n  if (outgoing.window === 0) {\n    sftp._waitWindow = true;\n    sftp._chunkcb = drainBuffer;\n    return payload;\n  }\n\n  let ret;\n  const len = payload.length;\n  let p = 0;\n\n  while (len - p > 0 && outgoing.window > 0) {\n    const actualLen = Math.min(len - p, outgoing.window, outgoing.packetSize);\n    outgoing.window -= actualLen;\n    if (outgoing.window === 0) {\n      sftp._waitWindow = true;\n      sftp._chunkcb = drainBuffer;\n    }\n\n    if (p === 0 && actualLen === len) {\n      sftp._protocol.channelData(sftp.outgoing.id, payload);\n    } else {\n      sftp._protocol.channelData(sftp.outgoing.id,\n                                 bufferSlice(payload, p, p + actualLen));\n    }\n\n    p += actualLen;\n  }\n\n  if (len - p > 0) {\n    if (p > 0)\n      ret = bufferSlice(payload, p, len);\n    else\n      ret = payload; // XXX: should never get here?\n  }\n\n  return ret;\n}\n\nfunction drainBuffer() {\n  this._chunkcb = undefined;\n  const buffer = this._buffer;\n  let i = 0;\n  while (i < buffer.length) {\n    const payload = buffer[i];\n    const ret = tryWritePayload(this, payload);\n    if (ret !== undefined) {\n      if (ret !== payload)\n        buffer[i] = ret;\n      if (i > 0)\n        this._buffer = buffer.slice(i);\n      return;\n    }\n    ++i;\n  }\n  if (i > 0)\n    this._buffer = [];\n}\n\nfunction doFatalSFTPError(sftp, msg, noDebug) {\n  const err = new Error(msg);\n  err.level = 'sftp-protocol';\n  if (!noDebug && sftp._debug)\n    sftp._debug(`SFTP: Inbound: ${msg}`);\n  sftp.emit('error', err);\n  sftp.destroy();\n  cleanupRequests(sftp);\n  return false;\n}\n\nfunction cleanupRequests(sftp) {\n  const keys = Object.keys(sftp._requests);\n  if (keys.length === 0)\n    return;\n\n  const reqs = sftp._requests;\n  sftp._requests = {};\n  const err = new Error('No response from server');\n  for (let i = 0; i < keys.length; ++i) {\n    const req = reqs[keys[i]];\n    if (typeof req.cb === 'function')\n      req.cb(err);\n  }\n}\n\nfunction requestLimits(sftp, cb) {\n  /*\n    uint32    id\n    string    \"limits@openssh.com\"\n  */\n  let p = 9;\n  const buf = Buffer.allocUnsafe(4 + 1 + 4 + 4 + 18);\n\n  writeUInt32BE(buf, buf.length - 4, 0);\n  buf[4] = REQUEST.EXTENDED;\n  const reqid = sftp._writeReqid = (sftp._writeReqid + 1) & MAX_REQID;\n  writeUInt32BE(buf, reqid, 5);\n\n  writeUInt32BE(buf, 18, p);\n  buf.utf8Write('limits@openssh.com', p += 4, 18);\n\n  sftp._requests[reqid] = { extended: 'limits@openssh.com', cb };\n\n  const isBuffered = sendOrBuffer(sftp, buf);\n  if (sftp._debug) {\n    const which = (isBuffered ? 'Buffered' : 'Sending');\n    sftp._debug(`SFTP: Outbound: ${which} limits@openssh.com`);\n  }\n}\n\nconst CLIENT_HANDLERS = {\n  [RESPONSE.VERSION]: (sftp, payload) => {\n    if (sftp._version !== -1)\n      return doFatalSFTPError(sftp, 'Duplicate VERSION packet');\n\n    const extensions = {};\n\n    /*\n      uint32 version\n      <extension data>\n    */\n    bufferParser.init(payload, 1);\n    let version = bufferParser.readUInt32BE();\n    while (bufferParser.avail()) {\n      const extName = bufferParser.readString(true);\n      const extData = bufferParser.readString(true);\n      if (extData === undefined) {\n        version = undefined;\n        break;\n      }\n      extensions[extName] = extData;\n    }\n    bufferParser.clear();\n\n    if (version === undefined)\n      return doFatalSFTPError(sftp, 'Malformed VERSION packet');\n\n    if (sftp._debug) {\n      const names = Object.keys(extensions);\n      if (names.length) {\n        sftp._debug(\n          `SFTP: Inbound: Received VERSION (v${version}, exts:${names})`\n        );\n      } else {\n        sftp._debug(`SFTP: Inbound: Received VERSION (v${version})`);\n      }\n    }\n\n    sftp._version = version;\n    sftp._extensions = extensions;\n\n    if (extensions['limits@openssh.com'] === '1') {\n      return requestLimits(sftp, (err, limits) => {\n        if (!err) {\n          if (limits.maxPktLen > 0)\n            sftp._maxOutPktLen = limits.maxPktLen;\n          if (limits.maxReadLen > 0)\n            sftp._maxReadLen = limits.maxReadLen;\n          if (limits.maxWriteLen > 0)\n            sftp._maxWriteLen = limits.maxWriteLen;\n          sftp.maxOpenHandles = (\n            limits.maxOpenHandles > 0 ? limits.maxOpenHandles : Infinity\n          );\n        }\n        sftp.emit('ready');\n      });\n    }\n\n    sftp.emit('ready');\n  },\n  [RESPONSE.STATUS]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      uint32     error/status code\n      string     error message (ISO-10646 UTF-8)\n      string     language tag\n    */\n    const errorCode = bufferParser.readUInt32BE();\n    const errorMsg = bufferParser.readString(true);\n    bufferParser.clear();\n\n    // Note: we avoid checking that the error message and language tag are in\n    // the packet because there are some broken implementations that incorrectly\n    // omit them. The language tag in general was never really used amongst ssh\n    // implementations, so in the case of a missing error message we just\n    // default to something sensible.\n\n    if (sftp._debug) {\n      const jsonMsg = JSON.stringify(errorMsg);\n      sftp._debug(\n        `SFTP: Inbound: Received STATUS (id:${reqID}, ${errorCode}, ${jsonMsg})`\n      );\n    }\n    const req = sftp._requests[reqID];\n    delete sftp._requests[reqID];\n    if (req && typeof req.cb === 'function') {\n      if (errorCode === STATUS_CODE.OK) {\n        req.cb();\n        return;\n      }\n      const err = new Error(errorMsg\n                            || STATUS_CODE_STR[errorCode]\n                            || 'Unknown status');\n      err.code = errorCode;\n      req.cb(err);\n    }\n  },\n  [RESPONSE.HANDLE]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     handle\n    */\n    const handle = bufferParser.readString();\n    bufferParser.clear();\n\n    if (handle === undefined) {\n      if (reqID !== undefined)\n        delete sftp._requests[reqID];\n      return doFatalSFTPError(sftp, 'Malformed HANDLE packet');\n    }\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received HANDLE (id:${reqID})`);\n\n    const req = sftp._requests[reqID];\n    delete sftp._requests[reqID];\n    if (req && typeof req.cb === 'function')\n      req.cb(undefined, handle);\n  },\n  [RESPONSE.DATA]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    let req;\n    if (reqID !== undefined) {\n      req = sftp._requests[reqID];\n      delete sftp._requests[reqID];\n    }\n    /*\n      string     data\n    */\n    if (req && typeof req.cb === 'function') {\n      if (req.buffer) {\n        // We have already pre-allocated space to store the data\n\n        const nb = bufferParser.readString(req.buffer);\n        bufferParser.clear();\n\n        if (nb !== undefined) {\n          sftp._debug && sftp._debug(\n            `SFTP: Inbound: Received DATA (id:${reqID}, ${nb})`\n          );\n          req.cb(undefined, req.buffer, nb);\n          return;\n        }\n      } else {\n        const data = bufferParser.readString();\n        bufferParser.clear();\n\n        if (data !== undefined) {\n          sftp._debug && sftp._debug(\n            `SFTP: Inbound: Received DATA (id:${reqID}, ${data.length})`\n          );\n          req.cb(undefined, data);\n          return;\n        }\n      }\n    } else {\n      const nb = bufferParser.skipString();\n      bufferParser.clear();\n      if (nb !== undefined) {\n        sftp._debug && sftp._debug(\n          `SFTP: Inbound: Received DATA (id:${reqID}, ${nb})`\n        );\n        return;\n      }\n    }\n\n    return doFatalSFTPError(sftp, 'Malformed DATA packet');\n  },\n  [RESPONSE.NAME]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    let req;\n    if (reqID !== undefined) {\n      req = sftp._requests[reqID];\n      delete sftp._requests[reqID];\n    }\n    /*\n      uint32     count\n      repeats count times:\n              string     filename\n              string     longname\n              ATTRS      attrs\n    */\n    const count = bufferParser.readUInt32BE();\n    if (count !== undefined) {\n      let names = [];\n      for (let i = 0; i < count; ++i) {\n        // We are going to assume UTF-8 for filenames despite the SFTPv3\n        // spec not specifying an encoding because the specs for newer\n        // versions of the protocol all explicitly specify UTF-8 for\n        // filenames\n        const filename = bufferParser.readString(true);\n\n        // `longname` only exists in SFTPv3 and since it typically will\n        // contain the filename, we assume it is also UTF-8\n        const longname = bufferParser.readString(true);\n\n        const attrs = readAttrs(sftp._biOpt);\n        if (attrs === undefined) {\n          names = undefined;\n          break;\n        }\n        names.push({ filename, longname, attrs });\n      }\n      if (names !== undefined) {\n        sftp._debug && sftp._debug(\n          `SFTP: Inbound: Received NAME (id:${reqID}, ${names.length})`\n        );\n        bufferParser.clear();\n        if (req && typeof req.cb === 'function')\n          req.cb(undefined, names);\n        return;\n      }\n    }\n\n    bufferParser.clear();\n    return doFatalSFTPError(sftp, 'Malformed NAME packet');\n  },\n  [RESPONSE.ATTRS]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    let req;\n    if (reqID !== undefined) {\n      req = sftp._requests[reqID];\n      delete sftp._requests[reqID];\n    }\n    /*\n      ATTRS      attrs\n    */\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n    if (attrs !== undefined) {\n      sftp._debug && sftp._debug(`SFTP: Inbound: Received ATTRS (id:${reqID})`);\n      if (req && typeof req.cb === 'function')\n        req.cb(undefined, attrs);\n      return;\n    }\n\n    return doFatalSFTPError(sftp, 'Malformed ATTRS packet');\n  },\n  [RESPONSE.EXTENDED]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    if (reqID !== undefined) {\n      const req = sftp._requests[reqID];\n      if (req) {\n        delete sftp._requests[reqID];\n        switch (req.extended) {\n          case 'statvfs@openssh.com':\n          case 'fstatvfs@openssh.com': {\n            /*\n              uint64    f_bsize   // file system block size\n              uint64    f_frsize  // fundamental fs block size\n              uint64    f_blocks  // number of blocks (unit f_frsize)\n              uint64    f_bfree   // free blocks in file system\n              uint64    f_bavail  // free blocks for non-root\n              uint64    f_files   // total file inodes\n              uint64    f_ffree   // free file inodes\n              uint64    f_favail  // free file inodes for to non-root\n              uint64    f_fsid    // file system id\n              uint64    f_flag    // bit mask of f_flag values\n              uint64    f_namemax // maximum filename length\n            */\n            const biOpt = sftp._biOpt;\n            const stats = {\n              f_bsize: bufferParser.readUInt64BE(biOpt),\n              f_frsize: bufferParser.readUInt64BE(biOpt),\n              f_blocks: bufferParser.readUInt64BE(biOpt),\n              f_bfree: bufferParser.readUInt64BE(biOpt),\n              f_bavail: bufferParser.readUInt64BE(biOpt),\n              f_files: bufferParser.readUInt64BE(biOpt),\n              f_ffree: bufferParser.readUInt64BE(biOpt),\n              f_favail: bufferParser.readUInt64BE(biOpt),\n              f_sid: bufferParser.readUInt64BE(biOpt),\n              f_flag: bufferParser.readUInt64BE(biOpt),\n              f_namemax: bufferParser.readUInt64BE(biOpt),\n            };\n            if (stats.f_namemax === undefined)\n              break;\n            if (sftp._debug) {\n              sftp._debug(\n                'SFTP: Inbound: Received EXTENDED_REPLY '\n                  + `(id:${reqID}, ${req.extended})`\n              );\n            }\n            bufferParser.clear();\n            if (typeof req.cb === 'function')\n              req.cb(undefined, stats);\n            return;\n          }\n          case 'limits@openssh.com': {\n            /*\n              uint64          max-packet-length\n              uint64          max-read-length\n              uint64          max-write-length\n              uint64          max-open-handles\n            */\n            const limits = {\n              maxPktLen: bufferParser.readUInt64BE(),\n              maxReadLen: bufferParser.readUInt64BE(),\n              maxWriteLen: bufferParser.readUInt64BE(),\n              maxOpenHandles: bufferParser.readUInt64BE(),\n            };\n            if (limits.maxOpenHandles === undefined)\n              break;\n            if (sftp._debug) {\n              sftp._debug(\n                'SFTP: Inbound: Received EXTENDED_REPLY '\n                  + `(id:${reqID}, ${req.extended})`\n              );\n            }\n            bufferParser.clear();\n            if (typeof req.cb === 'function')\n              req.cb(undefined, limits);\n            return;\n          }\n          default:\n            // Unknown extended request\n            sftp._debug && sftp._debug(\n              `SFTP: Inbound: Received EXTENDED_REPLY (id:${reqID}, ???)`\n            );\n            bufferParser.clear();\n            if (typeof req.cb === 'function')\n              req.cb();\n            return;\n        }\n      } else {\n        sftp._debug && sftp._debug(\n          `SFTP: Inbound: Received EXTENDED_REPLY (id:${reqID}, ???)`\n        );\n        bufferParser.clear();\n        return;\n      }\n    }\n\n    bufferParser.clear();\n    return doFatalSFTPError(sftp, 'Malformed EXTENDED_REPLY packet');\n  },\n};\nconst SERVER_HANDLERS = {\n  [REQUEST.INIT]: (sftp, payload) => {\n    if (sftp._version !== -1)\n      return doFatalSFTPError(sftp, 'Duplicate INIT packet');\n\n    const extensions = {};\n\n    /*\n      uint32 version\n      <extension data>\n    */\n    bufferParser.init(payload, 1);\n    let version = bufferParser.readUInt32BE();\n    while (bufferParser.avail()) {\n      const extName = bufferParser.readString(true);\n      const extData = bufferParser.readString(true);\n      if (extData === undefined) {\n        version = undefined;\n        break;\n      }\n      extensions[extName] = extData;\n    }\n    bufferParser.clear();\n\n    if (version === undefined)\n      return doFatalSFTPError(sftp, 'Malformed INIT packet');\n\n    if (sftp._debug) {\n      const names = Object.keys(extensions);\n      if (names.length) {\n        sftp._debug(\n          `SFTP: Inbound: Received INIT (v${version}, exts:${names})`\n        );\n      } else {\n        sftp._debug(`SFTP: Inbound: Received INIT (v${version})`);\n      }\n    }\n\n    sendOrBuffer(sftp, SERVER_VERSION_BUFFER);\n\n    sftp._version = version;\n    sftp._extensions = extensions;\n    sftp.emit('ready');\n  },\n  [REQUEST.OPEN]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string        filename\n      uint32        pflags\n      ATTRS         attrs\n    */\n    const filename = bufferParser.readString(true);\n    const pflags = bufferParser.readUInt32BE();\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n\n    if (attrs === undefined)\n      return doFatalSFTPError(sftp, 'Malformed OPEN packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received OPEN (id:${reqID})`);\n\n    if (!sftp.emit('OPEN', reqID, filename, pflags, attrs)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.CLOSE]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string        handle\n    */\n    const handle = bufferParser.readString();\n    bufferParser.clear();\n\n    if (handle === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed CLOSE packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received CLOSE (id:${reqID})`);\n\n    if (!sftp.emit('CLOSE', reqID, handle)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.READ]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     handle\n      uint64     offset\n      uint32     len\n    */\n    const handle = bufferParser.readString();\n    const offset = bufferParser.readUInt64BE(sftp._biOpt);\n    const len = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (len === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed READ packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received READ (id:${reqID})`);\n\n    if (!sftp.emit('READ', reqID, handle, offset, len)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.WRITE]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     handle\n      uint64     offset\n      string     data\n    */\n    const handle = bufferParser.readString();\n    const offset = bufferParser.readUInt64BE(sftp._biOpt);\n    const data = bufferParser.readString();\n    bufferParser.clear();\n\n    if (data === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed WRITE packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received WRITE (id:${reqID})`);\n\n    if (!sftp.emit('WRITE', reqID, handle, offset, data)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.LSTAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed LSTAT packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received LSTAT (id:${reqID})`);\n\n    if (!sftp.emit('LSTAT', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.FSTAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string        handle\n    */\n    const handle = bufferParser.readString();\n    bufferParser.clear();\n\n    if (handle === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed FSTAT packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received FSTAT (id:${reqID})`);\n\n    if (!sftp.emit('FSTAT', reqID, handle)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.SETSTAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n      ATTRS      attrs\n    */\n    const path = bufferParser.readString(true);\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n\n    if (attrs === undefined)\n      return doFatalSFTPError(sftp, 'Malformed SETSTAT packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received SETSTAT (id:${reqID})`);\n\n    if (!sftp.emit('SETSTAT', reqID, path, attrs)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.FSETSTAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     handle\n      ATTRS      attrs\n    */\n    const handle = bufferParser.readString();\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n\n    if (attrs === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed FSETSTAT packet');\n\n    sftp._debug && sftp._debug(\n      `SFTP: Inbound: Received FSETSTAT (id:${reqID})`\n    );\n\n    if (!sftp.emit('FSETSTAT', reqID, handle, attrs)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.OPENDIR]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed OPENDIR packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received OPENDIR (id:${reqID})`);\n\n    if (!sftp.emit('OPENDIR', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.READDIR]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string        handle\n    */\n    const handle = bufferParser.readString();\n    bufferParser.clear();\n\n    if (handle === undefined || handle.length > 256)\n      return doFatalSFTPError(sftp, 'Malformed READDIR packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received READDIR (id:${reqID})`);\n\n    if (!sftp.emit('READDIR', reqID, handle)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.REMOVE]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed REMOVE packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received REMOVE (id:${reqID})`);\n\n    if (!sftp.emit('REMOVE', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.MKDIR]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n      ATTRS      attrs\n    */\n    const path = bufferParser.readString(true);\n    const attrs = readAttrs(sftp._biOpt);\n    bufferParser.clear();\n\n    if (attrs === undefined)\n      return doFatalSFTPError(sftp, 'Malformed MKDIR packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received MKDIR (id:${reqID})`);\n\n    if (!sftp.emit('MKDIR', reqID, path, attrs)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.RMDIR]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed RMDIR packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received RMDIR (id:${reqID})`);\n\n    if (!sftp.emit('RMDIR', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.REALPATH]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed REALPATH packet');\n\n    sftp._debug && sftp._debug(\n      `SFTP: Inbound: Received REALPATH (id:${reqID})`\n    );\n\n    if (!sftp.emit('REALPATH', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.STAT]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed STAT packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received STAT (id:${reqID})`);\n\n    if (!sftp.emit('STAT', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.RENAME]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     oldpath\n      string     newpath\n    */\n    const oldPath = bufferParser.readString(true);\n    const newPath = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (newPath === undefined)\n      return doFatalSFTPError(sftp, 'Malformed RENAME packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received RENAME (id:${reqID})`);\n\n    if (!sftp.emit('RENAME', reqID, oldPath, newPath)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.READLINK]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     path\n    */\n    const path = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (path === undefined)\n      return doFatalSFTPError(sftp, 'Malformed READLINK packet');\n\n    sftp._debug && sftp._debug(\n      `SFTP: Inbound: Received READLINK (id:${reqID})`\n    );\n\n    if (!sftp.emit('READLINK', reqID, path)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.SYMLINK]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     linkpath\n      string     targetpath\n    */\n    const linkPath = bufferParser.readString(true);\n    const targetPath = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (targetPath === undefined)\n      return doFatalSFTPError(sftp, 'Malformed SYMLINK packet');\n\n    sftp._debug && sftp._debug(`SFTP: Inbound: Received SYMLINK (id:${reqID})`);\n\n    let handled;\n    if (sftp._isOpenSSH) {\n      // OpenSSH has linkpath and targetpath positions switched\n      handled = sftp.emit('SYMLINK', reqID, targetPath, linkPath);\n    } else {\n      handled = sftp.emit('SYMLINK', reqID, linkPath, targetPath);\n    }\n    if (!handled) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n  [REQUEST.EXTENDED]: (sftp, payload) => {\n    bufferParser.init(payload, 1);\n    const reqID = bufferParser.readUInt32BE();\n    /*\n      string     extended-request\n      ... any request-specific data ...\n    */\n    const extName = bufferParser.readString(true);\n    if (extName === undefined) {\n      bufferParser.clear();\n      return doFatalSFTPError(sftp, 'Malformed EXTENDED packet');\n    }\n\n    let extData;\n    if (bufferParser.avail())\n      extData = bufferParser.readRaw();\n    bufferParser.clear();\n\n    sftp._debug && sftp._debug(\n      `SFTP: Inbound: Received EXTENDED (id:${reqID})`\n    );\n\n    if (!sftp.emit('EXTENDED', reqID, extName, extData)) {\n      // Automatically reject request if no handler for request type\n      sftp.status(reqID, STATUS_CODE.OP_UNSUPPORTED);\n    }\n  },\n};\n\n// =============================================================================\n// ReadStream/WriteStream-related ==============================================\n// =============================================================================\nconst {\n  ERR_INVALID_ARG_TYPE,\n  ERR_OUT_OF_RANGE,\n  validateNumber\n} = require('./node-fs-compat');\n\nconst kMinPoolSpace = 128;\n\nlet pool;\n// It can happen that we expect to read a large chunk of data, and reserve\n// a large chunk of the pool accordingly, but the read() call only filled\n// a portion of it. If a concurrently executing read() then uses the same pool,\n// the \"reserved\" portion cannot be used, so we allow it to be re-used as a\n// new pool later.\nconst poolFragments = [];\n\nfunction allocNewPool(poolSize) {\n  if (poolFragments.length > 0)\n    pool = poolFragments.pop();\n  else\n    pool = Buffer.allocUnsafe(poolSize);\n  pool.used = 0;\n}\n\n// Check the `this.start` and `this.end` of stream.\nfunction checkPosition(pos, name) {\n  if (!Number.isSafeInteger(pos)) {\n    validateNumber(pos, name);\n    if (!Number.isInteger(pos))\n      throw new ERR_OUT_OF_RANGE(name, 'an integer', pos);\n    throw new ERR_OUT_OF_RANGE(name, '>= 0 and <= 2 ** 53 - 1', pos);\n  }\n  if (pos < 0)\n    throw new ERR_OUT_OF_RANGE(name, '>= 0 and <= 2 ** 53 - 1', pos);\n}\n\nfunction roundUpToMultipleOf8(n) {\n  return (n + 7) & ~7;  // Align to 8 byte boundary.\n}\n\nfunction ReadStream(sftp, path, options) {\n  if (options === undefined)\n    options = {};\n  else if (typeof options === 'string')\n    options = { encoding: options };\n  else if (options === null || typeof options !== 'object')\n    throw new TypeError('\"options\" argument must be a string or an object');\n  else\n    options = Object.create(options);\n\n  // A little bit bigger buffer and water marks by default\n  if (options.highWaterMark === undefined)\n    options.highWaterMark = 64 * 1024;\n\n  // For backwards compat do not emit close on destroy.\n  options.emitClose = false;\n  options.autoDestroy = false; // Node 14 major change.\n\n  ReadableStream.call(this, options);\n\n  this.path = path;\n  this.flags = options.flags === undefined ? 'r' : options.flags;\n  this.mode = options.mode === undefined ? 0o666 : options.mode;\n\n  this.start = options.start;\n  this.end = options.end;\n  this.autoClose = options.autoClose === undefined ? true : options.autoClose;\n  this.pos = 0;\n  this.bytesRead = 0;\n  this.isClosed = false;\n\n  this.handle = options.handle === undefined ? null : options.handle;\n  this.sftp = sftp;\n  this._opening = false;\n\n  if (this.start !== undefined) {\n    checkPosition(this.start, 'start');\n\n    this.pos = this.start;\n  }\n\n  if (this.end === undefined) {\n    this.end = Infinity;\n  } else if (this.end !== Infinity) {\n    checkPosition(this.end, 'end');\n\n    if (this.start !== undefined && this.start > this.end) {\n      throw new ERR_OUT_OF_RANGE(\n        'start',\n        `<= \"end\" (here: ${this.end})`,\n        this.start\n      );\n    }\n  }\n\n  this.on('end', function() {\n    if (this.autoClose)\n      this.destroy();\n  });\n\n  if (!Buffer.isBuffer(this.handle))\n    this.open();\n}\ninherits(ReadStream, ReadableStream);\n\nReadStream.prototype.open = function() {\n  if (this._opening)\n    return;\n\n  this._opening = true;\n\n  this.sftp.open(this.path, this.flags, this.mode, (er, handle) => {\n    this._opening = false;\n\n    if (er) {\n      this.emit('error', er);\n      if (this.autoClose)\n        this.destroy();\n      return;\n    }\n\n    this.handle = handle;\n    this.emit('open', handle);\n    this.emit('ready');\n    // Start the flow of data.\n    this.read();\n  });\n};\n\nReadStream.prototype._read = function(n) {\n  if (!Buffer.isBuffer(this.handle))\n    return this.once('open', () => this._read(n));\n\n  // XXX: safe to remove this?\n  if (this.destroyed)\n    return;\n\n  if (!pool || pool.length - pool.used < kMinPoolSpace) {\n    // Discard the old pool.\n    allocNewPool(this.readableHighWaterMark\n                 || this._readableState.highWaterMark);\n  }\n\n  // Grab another reference to the pool in the case that while we're\n  // in the thread pool another read() finishes up the pool, and\n  // allocates a new one.\n  const thisPool = pool;\n  let toRead = Math.min(pool.length - pool.used, n);\n  const start = pool.used;\n\n  if (this.end !== undefined)\n    toRead = Math.min(this.end - this.pos + 1, toRead);\n\n  // Already read everything we were supposed to read!\n  // treat as EOF.\n  if (toRead <= 0)\n    return this.push(null);\n\n  // the actual read.\n  this.sftp.read(this.handle,\n                 pool,\n                 pool.used,\n                 toRead,\n                 this.pos,\n                 (er, bytesRead) => {\n    if (er) {\n      this.emit('error', er);\n      if (this.autoClose)\n        this.destroy();\n      return;\n    }\n    let b = null;\n\n    // Now that we know how much data we have actually read, re-wind the\n    // 'used' field if we can, and otherwise allow the remainder of our\n    // reservation to be used as a new pool later.\n    if (start + toRead === thisPool.used && thisPool === pool) {\n      thisPool.used = roundUpToMultipleOf8(thisPool.used + bytesRead - toRead);\n    } else {\n      // Round down to the next lowest multiple of 8 to ensure the new pool\n      // fragment start and end positions are aligned to an 8 byte boundary.\n      const alignedEnd = (start + toRead) & ~7;\n      const alignedStart = roundUpToMultipleOf8(start + bytesRead);\n      if (alignedEnd - alignedStart >= kMinPoolSpace)\n        poolFragments.push(thisPool.slice(alignedStart, alignedEnd));\n    }\n\n    if (bytesRead > 0) {\n      this.bytesRead += bytesRead;\n      b = thisPool.slice(start, start + bytesRead);\n    }\n\n    // Move the pool positions, and internal position for reading.\n    this.pos += bytesRead;\n\n    this.push(b);\n  });\n\n  pool.used = roundUpToMultipleOf8(pool.used + toRead);\n};\n\nReadStream.prototype._destroy = function(err, cb) {\n  if (this._opening && !Buffer.isBuffer(this.handle)) {\n    this.once('open', closeStream.bind(null, this, cb, err));\n    return;\n  }\n\n  closeStream(this, cb, err);\n  this.handle = null;\n  this._opening = false;\n};\n\nfunction closeStream(stream, cb, err) {\n  if (!stream.handle)\n    return onclose();\n\n  stream.sftp.close(stream.handle, onclose);\n\n  function onclose(er) {\n    er = er || err;\n    cb(er);\n    stream.isClosed = true;\n    if (!er)\n      stream.emit('close');\n  }\n}\n\nReadStream.prototype.close = function(cb) {\n  this.destroy(null, cb);\n};\n\nObject.defineProperty(ReadStream.prototype, 'pending', {\n  get() {\n    return this.handle === null;\n  },\n  configurable: true\n});\n\n// TODO: add `concurrency` setting to allow more than one in-flight WRITE\n// request to server to improve throughput\nfunction WriteStream(sftp, path, options) {\n  if (options === undefined)\n    options = {};\n  else if (typeof options === 'string')\n    options = { encoding: options };\n  else if (options === null || typeof options !== 'object')\n    throw new TypeError('\"options\" argument must be a string or an object');\n  else\n    options = Object.create(options);\n\n  // For backwards compat do not emit close on destroy.\n  options.emitClose = false;\n  options.autoDestroy = false; // Node 14 major change.\n\n  WritableStream.call(this, options);\n\n  this.path = path;\n  this.flags = options.flags === undefined ? 'w' : options.flags;\n  this.mode = options.mode === undefined ? 0o666 : options.mode;\n\n  this.start = options.start;\n  this.autoClose = options.autoClose === undefined ? true : options.autoClose;\n  this.pos = 0;\n  this.bytesWritten = 0;\n  this.isClosed = false;\n\n  this.handle = options.handle === undefined ? null : options.handle;\n  this.sftp = sftp;\n  this._opening = false;\n\n  if (this.start !== undefined) {\n    checkPosition(this.start, 'start');\n\n    this.pos = this.start;\n  }\n\n  if (options.encoding)\n    this.setDefaultEncoding(options.encoding);\n\n  // Node v6.x only\n  this.on('finish', function() {\n    if (this._writableState.finalCalled)\n      return;\n    if (this.autoClose)\n      this.destroy();\n  });\n\n  if (!Buffer.isBuffer(this.handle))\n    this.open();\n}\ninherits(WriteStream, WritableStream);\n\nWriteStream.prototype._final = function(cb) {\n  if (this.autoClose)\n    this.destroy();\n  cb();\n};\n\nWriteStream.prototype.open = function() {\n  if (this._opening)\n    return;\n\n  this._opening = true;\n\n  this.sftp.open(this.path, this.flags, this.mode, (er, handle) => {\n    this._opening = false;\n\n    if (er) {\n      this.emit('error', er);\n      if (this.autoClose)\n        this.destroy();\n      return;\n    }\n\n    this.handle = handle;\n\n    const tryAgain = (err) => {\n      if (err) {\n        // Try chmod() for sftp servers that may not support fchmod() for\n        // whatever reason\n        this.sftp.chmod(this.path, this.mode, (err_) => tryAgain());\n        return;\n      }\n\n      // SFTPv3 requires absolute offsets, no matter the open flag used\n      if (this.flags[0] === 'a') {\n        const tryStat = (err, st) => {\n          if (err) {\n            // Try stat() for sftp servers that may not support fstat() for\n            // whatever reason\n            this.sftp.stat(this.path, (err_, st_) => {\n              if (err_) {\n                this.destroy();\n                this.emit('error', err);\n                return;\n              }\n              tryStat(null, st_);\n            });\n            return;\n          }\n\n          this.pos = st.size;\n          this.emit('open', handle);\n          this.emit('ready');\n        };\n\n        this.sftp.fstat(handle, tryStat);\n        return;\n      }\n\n      this.emit('open', handle);\n      this.emit('ready');\n    };\n\n    this.sftp.fchmod(handle, this.mode, tryAgain);\n  });\n};\n\nWriteStream.prototype._write = function(data, encoding, cb) {\n  if (!Buffer.isBuffer(data)) {\n    const err = new ERR_INVALID_ARG_TYPE('data', 'Buffer', data);\n    return this.emit('error', err);\n  }\n\n  if (!Buffer.isBuffer(this.handle)) {\n    return this.once('open', function() {\n      this._write(data, encoding, cb);\n    });\n  }\n\n  this.sftp.write(this.handle,\n                  data,\n                  0,\n                  data.length,\n                  this.pos,\n                  (er, bytes) => {\n    if (er) {\n      if (this.autoClose)\n        this.destroy();\n      return cb(er);\n    }\n    this.bytesWritten += bytes;\n    cb();\n  });\n\n  this.pos += data.length;\n};\n\nWriteStream.prototype._writev = function(data, cb) {\n  if (!Buffer.isBuffer(this.handle)) {\n    return this.once('open', function() {\n      this._writev(data, cb);\n    });\n  }\n\n  const sftp = this.sftp;\n  const handle = this.handle;\n  let writesLeft = data.length;\n\n  const onwrite = (er, bytes) => {\n    if (er) {\n      this.destroy();\n      return cb(er);\n    }\n    this.bytesWritten += bytes;\n    if (--writesLeft === 0)\n      cb();\n  };\n\n  // TODO: try to combine chunks to reduce number of requests to the server?\n  for (let i = 0; i < data.length; ++i) {\n    const chunk = data[i].chunk;\n\n    sftp.write(handle, chunk, 0, chunk.length, this.pos, onwrite);\n    this.pos += chunk.length;\n  }\n};\n\nif (typeof WritableStream.prototype.destroy !== 'function')\n  WriteStream.prototype.destroy = ReadStream.prototype.destroy;\n\nWriteStream.prototype._destroy = ReadStream.prototype._destroy;\nWriteStream.prototype.close = function(cb) {\n  if (cb) {\n    if (this.isClosed) {\n      process.nextTick(cb);\n      return;\n    }\n    this.on('close', cb);\n  }\n\n  // If we are not autoClosing, we should call\n  // destroy on 'finish'.\n  if (!this.autoClose)\n    this.on('finish', this.destroy.bind(this));\n\n  this.end();\n};\n\n// There is no shutdown() for files.\nWriteStream.prototype.destroySoon = WriteStream.prototype.end;\n\nObject.defineProperty(WriteStream.prototype, 'pending', {\n  get() {\n    return this.handle === null;\n  },\n  configurable: true\n});\n// =============================================================================\n\nmodule.exports = {\n  flagsToString,\n  OPEN_MODE,\n  SFTP,\n  Stats,\n  STATUS_CODE,\n  stringToFlags,\n};\n","'use strict';\n\nconst crypto = require('crypto');\n\nlet cpuInfo;\ntry {\n  cpuInfo = require('cpu-features')();\n} catch {}\n\nconst { bindingAvailable, CIPHER_INFO, MAC_INFO } = require('./crypto.js');\n\nconst eddsaSupported = (() => {\n  if (typeof crypto.sign === 'function'\n      && typeof crypto.verify === 'function') {\n    const key =\n      '-----BEGIN PRIVATE KEY-----\\r\\nMC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD'\n      + '/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\\r\\n-----END PRIVATE KEY-----';\n    const data = Buffer.from('a');\n    let sig;\n    let verified;\n    try {\n      sig = crypto.sign(null, data, key);\n      verified = crypto.verify(null, data, key, sig);\n    } catch {}\n    return (Buffer.isBuffer(sig) && sig.length === 64 && verified === true);\n  }\n\n  return false;\n})();\n\nconst curve25519Supported = (typeof crypto.diffieHellman === 'function'\n                             && typeof crypto.generateKeyPairSync === 'function'\n                             && typeof crypto.createPublicKey === 'function');\n\nconst DEFAULT_KEX = [\n  // https://tools.ietf.org/html/rfc5656#section-10.1\n  'ecdh-sha2-nistp256',\n  'ecdh-sha2-nistp384',\n  'ecdh-sha2-nistp521',\n\n  // https://tools.ietf.org/html/rfc4419#section-4\n  'diffie-hellman-group-exchange-sha256',\n\n  // https://tools.ietf.org/html/rfc8268\n  'diffie-hellman-group14-sha256',\n  'diffie-hellman-group15-sha512',\n  'diffie-hellman-group16-sha512',\n  'diffie-hellman-group17-sha512',\n  'diffie-hellman-group18-sha512',\n];\nif (curve25519Supported) {\n  DEFAULT_KEX.unshift('curve25519-sha256');\n  DEFAULT_KEX.unshift('curve25519-sha256@libssh.org');\n}\nconst SUPPORTED_KEX = DEFAULT_KEX.concat([\n  // https://tools.ietf.org/html/rfc4419#section-4\n  'diffie-hellman-group-exchange-sha1',\n\n  'diffie-hellman-group14-sha1', // REQUIRED\n  'diffie-hellman-group1-sha1',  // REQUIRED\n]);\n\n\nconst DEFAULT_SERVER_HOST_KEY = [\n  'ecdsa-sha2-nistp256',\n  'ecdsa-sha2-nistp384',\n  'ecdsa-sha2-nistp521',\n  'rsa-sha2-512', // RFC 8332\n  'rsa-sha2-256', // RFC 8332\n  'ssh-rsa',\n];\nif (eddsaSupported)\n  DEFAULT_SERVER_HOST_KEY.unshift('ssh-ed25519');\nconst SUPPORTED_SERVER_HOST_KEY = DEFAULT_SERVER_HOST_KEY.concat([\n  'ssh-dss',\n]);\n\n\nconst canUseCipher = (() => {\n  const ciphers = crypto.getCiphers();\n  return (name) => ciphers.includes(CIPHER_INFO[name].sslName);\n})();\nlet DEFAULT_CIPHER = [\n  // http://tools.ietf.org/html/rfc5647\n  'aes128-gcm@openssh.com',\n  'aes256-gcm@openssh.com',\n\n  // http://tools.ietf.org/html/rfc4344#section-4\n  'aes128-ctr',\n  'aes192-ctr',\n  'aes256-ctr',\n];\nif (cpuInfo && cpuInfo.flags && !cpuInfo.flags.aes) {\n  // We know for sure the CPU does not support AES acceleration\n  if (bindingAvailable)\n    DEFAULT_CIPHER.unshift('chacha20-poly1305@openssh.com');\n  else\n    DEFAULT_CIPHER.push('chacha20-poly1305@openssh.com');\n} else if (bindingAvailable && cpuInfo && cpuInfo.arch === 'x86') {\n  // Places chacha20-poly1305 immediately after GCM ciphers since GCM ciphers\n  // seem to outperform it on x86, but it seems to be faster than CTR ciphers\n  DEFAULT_CIPHER.splice(4, 0, 'chacha20-poly1305@openssh.com');\n} else {\n  DEFAULT_CIPHER.push('chacha20-poly1305@openssh.com');\n}\nDEFAULT_CIPHER = DEFAULT_CIPHER.filter(canUseCipher);\nconst SUPPORTED_CIPHER = DEFAULT_CIPHER.concat([\n  'aes256-cbc',\n  'aes192-cbc',\n  'aes128-cbc',\n  'blowfish-cbc',\n  '3des-cbc',\n  'aes128-gcm',\n  'aes256-gcm',\n\n  // http://tools.ietf.org/html/rfc4345#section-4:\n  'arcfour256',\n  'arcfour128',\n\n  'cast128-cbc',\n  'arcfour',\n].filter(canUseCipher));\n\n\nconst canUseMAC = (() => {\n  const hashes = crypto.getHashes();\n  return (name) => hashes.includes(MAC_INFO[name].sslName);\n})();\nconst DEFAULT_MAC = [\n  'hmac-sha2-256-etm@openssh.com',\n  'hmac-sha2-512-etm@openssh.com',\n  'hmac-sha1-etm@openssh.com',\n  'hmac-sha2-256',\n  'hmac-sha2-512',\n  'hmac-sha1',\n].filter(canUseMAC);\nconst SUPPORTED_MAC = DEFAULT_MAC.concat([\n  'hmac-md5',\n  'hmac-sha2-256-96', // first 96 bits of HMAC-SHA256\n  'hmac-sha2-512-96', // first 96 bits of HMAC-SHA512\n  'hmac-ripemd160',\n  'hmac-sha1-96',     // first 96 bits of HMAC-SHA1\n  'hmac-md5-96',      // first 96 bits of HMAC-MD5\n].filter(canUseMAC));\n\nconst DEFAULT_COMPRESSION = [\n  'none',\n  'zlib@openssh.com', // ZLIB (LZ77) compression, except\n                      // compression/decompression does not start until after\n                      // successful user authentication\n  'zlib',             // ZLIB (LZ77) compression\n];\nconst SUPPORTED_COMPRESSION = DEFAULT_COMPRESSION.concat([\n]);\n\n\nconst COMPAT = {\n  BAD_DHGEX: 1 << 0,\n  OLD_EXIT: 1 << 1,\n  DYN_RPORT_BUG: 1 << 2,\n  BUG_DHGEX_LARGE: 1 << 3,\n};\n\nmodule.exports = {\n  MESSAGE: {\n    // Transport layer protocol -- generic (1-19)\n    DISCONNECT: 1,\n    IGNORE: 2,\n    UNIMPLEMENTED: 3,\n    DEBUG: 4,\n    SERVICE_REQUEST: 5,\n    SERVICE_ACCEPT: 6,\n\n    // Transport layer protocol -- algorithm negotiation (20-29)\n    KEXINIT: 20,\n    NEWKEYS: 21,\n\n    // Transport layer protocol -- key exchange method-specific (30-49)\n    KEXDH_INIT: 30,\n    KEXDH_REPLY: 31,\n\n    KEXDH_GEX_GROUP: 31,\n    KEXDH_GEX_INIT: 32,\n    KEXDH_GEX_REPLY: 33,\n    KEXDH_GEX_REQUEST: 34,\n\n    KEXECDH_INIT: 30,\n    KEXECDH_REPLY: 31,\n\n    // User auth protocol -- generic (50-59)\n    USERAUTH_REQUEST: 50,\n    USERAUTH_FAILURE: 51,\n    USERAUTH_SUCCESS: 52,\n    USERAUTH_BANNER: 53,\n\n    // User auth protocol -- user auth method-specific (60-79)\n    USERAUTH_PASSWD_CHANGEREQ: 60,\n\n    USERAUTH_PK_OK: 60,\n\n    USERAUTH_INFO_REQUEST: 60,\n    USERAUTH_INFO_RESPONSE: 61,\n\n    // Connection protocol -- generic (80-89)\n    GLOBAL_REQUEST: 80,\n    REQUEST_SUCCESS: 81,\n    REQUEST_FAILURE: 82,\n\n    // Connection protocol -- channel-related (90-127)\n    CHANNEL_OPEN: 90,\n    CHANNEL_OPEN_CONFIRMATION: 91,\n    CHANNEL_OPEN_FAILURE: 92,\n    CHANNEL_WINDOW_ADJUST: 93,\n    CHANNEL_DATA: 94,\n    CHANNEL_EXTENDED_DATA: 95,\n    CHANNEL_EOF: 96,\n    CHANNEL_CLOSE: 97,\n    CHANNEL_REQUEST: 98,\n    CHANNEL_SUCCESS: 99,\n    CHANNEL_FAILURE: 100\n\n    // Reserved for client protocols (128-191)\n\n    // Local extensions (192-155)\n  },\n  DISCONNECT_REASON: {\n    HOST_NOT_ALLOWED_TO_CONNECT: 1,\n    PROTOCOL_ERROR: 2,\n    KEY_EXCHANGE_FAILED: 3,\n    RESERVED: 4,\n    MAC_ERROR: 5,\n    COMPRESSION_ERROR: 6,\n    SERVICE_NOT_AVAILABLE: 7,\n    PROTOCOL_VERSION_NOT_SUPPORTED: 8,\n    HOST_KEY_NOT_VERIFIABLE: 9,\n    CONNECTION_LOST: 10,\n    BY_APPLICATION: 11,\n    TOO_MANY_CONNECTIONS: 12,\n    AUTH_CANCELED_BY_USER: 13,\n    NO_MORE_AUTH_METHODS_AVAILABLE: 14,\n    ILLEGAL_USER_NAME: 15,\n  },\n  DISCONNECT_REASON_STR: undefined,\n  CHANNEL_OPEN_FAILURE: {\n    ADMINISTRATIVELY_PROHIBITED: 1,\n    CONNECT_FAILED: 2,\n    UNKNOWN_CHANNEL_TYPE: 3,\n    RESOURCE_SHORTAGE: 4\n  },\n  TERMINAL_MODE: {\n    TTY_OP_END: 0,        // Indicates end of options.\n    VINTR: 1,             // Interrupt character; 255 if none. Similarly for the\n                          //  other characters.  Not all of these characters are\n                          //  supported on all systems.\n    VQUIT: 2,             // The quit character (sends SIGQUIT signal on POSIX\n                          //  systems).\n    VERASE: 3,            // Erase the character to left of the cursor.\n    VKILL: 4,             // Kill the current input line.\n    VEOF: 5,              // End-of-file character (sends EOF from the\n                          //  terminal).\n    VEOL: 6,              // End-of-line character in addition to carriage\n                          //  return and/or linefeed.\n    VEOL2: 7,             // Additional end-of-line character.\n    VSTART: 8,            // Continues paused output (normally control-Q).\n    VSTOP: 9,             // Pauses output (normally control-S).\n    VSUSP: 10,            // Suspends the current program.\n    VDSUSP: 11,           // Another suspend character.\n    VREPRINT: 12,         // Reprints the current input line.\n    VWERASE: 13,          // Erases a word left of cursor.\n    VLNEXT: 14,           // Enter the next character typed literally, even if\n                          //  it is a special character\n    VFLUSH: 15,           // Character to flush output.\n    VSWTCH: 16,           // Switch to a different shell layer.\n    VSTATUS: 17,          // Prints system status line (load, command, pid,\n                          //  etc).\n    VDISCARD: 18,         // Toggles the flushing of terminal output.\n    IGNPAR: 30,           // The ignore parity flag.  The parameter SHOULD be 0\n                          //  if this flag is FALSE, and 1 if it is TRUE.\n    PARMRK: 31,           // Mark parity and framing errors.\n    INPCK: 32,            // Enable checking of parity errors.\n    ISTRIP: 33,           // Strip 8th bit off characters.\n    INLCR: 34,            // Map NL into CR on input.\n    IGNCR: 35,            // Ignore CR on input.\n    ICRNL: 36,            // Map CR to NL on input.\n    IUCLC: 37,            // Translate uppercase characters to lowercase.\n    IXON: 38,             // Enable output flow control.\n    IXANY: 39,            // Any char will restart after stop.\n    IXOFF: 40,            // Enable input flow control.\n    IMAXBEL: 41,          // Ring bell on input queue full.\n    ISIG: 50,             // Enable signals INTR, QUIT, [D]SUSP.\n    ICANON: 51,           // Canonicalize input lines.\n    XCASE: 52,            // Enable input and output of uppercase characters by\n                          //  preceding their lowercase equivalents with \"\\\".\n    ECHO: 53,             // Enable echoing.\n    ECHOE: 54,            // Visually erase chars.\n    ECHOK: 55,            // Kill character discards current line.\n    ECHONL: 56,           // Echo NL even if ECHO is off.\n    NOFLSH: 57,           // Don't flush after interrupt.\n    TOSTOP: 58,           // Stop background jobs from output.\n    IEXTEN: 59,           // Enable extensions.\n    ECHOCTL: 60,          // Echo control characters as ^(Char).\n    ECHOKE: 61,           // Visual erase for line kill.\n    PENDIN: 62,           // Retype pending input.\n    OPOST: 70,            // Enable output processing.\n    OLCUC: 71,            // Convert lowercase to uppercase.\n    ONLCR: 72,            // Map NL to CR-NL.\n    OCRNL: 73,            // Translate carriage return to newline (output).\n    ONOCR: 74,            // Translate newline to carriage return-newline\n                          //  (output).\n    ONLRET: 75,           // Newline performs a carriage return (output).\n    CS7: 90,              // 7 bit mode.\n    CS8: 91,              // 8 bit mode.\n    PARENB: 92,           // Parity enable.\n    PARODD: 93,           // Odd parity, else even.\n    TTY_OP_ISPEED: 128,   // Specifies the input baud rate in bits per second.\n    TTY_OP_OSPEED: 129,   // Specifies the output baud rate in bits per second.\n  },\n  CHANNEL_EXTENDED_DATATYPE: {\n    STDERR: 1,\n  },\n\n  SIGNALS: [\n    'ABRT', 'ALRM', 'FPE', 'HUP', 'ILL', 'INT', 'QUIT', 'SEGV', 'TERM', 'USR1',\n    'USR2', 'KILL', 'PIPE'\n  ].reduce((cur, val) => ({ ...cur, [val]: 1 }), {}),\n\n  COMPAT,\n  COMPAT_CHECKS: [\n    [ 'Cisco-1.25', COMPAT.BAD_DHGEX ],\n    [ /^Cisco-1\\./, COMPAT.BUG_DHGEX_LARGE ],\n    [ /^[0-9.]+$/, COMPAT.OLD_EXIT ], // old SSH.com implementations\n    [ /^OpenSSH_5\\.\\d+/, COMPAT.DYN_RPORT_BUG ],\n  ],\n\n  // KEX proposal-related\n  DEFAULT_KEX,\n  SUPPORTED_KEX,\n  DEFAULT_SERVER_HOST_KEY,\n  SUPPORTED_SERVER_HOST_KEY,\n  DEFAULT_CIPHER,\n  SUPPORTED_CIPHER,\n  DEFAULT_MAC,\n  SUPPORTED_MAC,\n  DEFAULT_COMPRESSION,\n  SUPPORTED_COMPRESSION,\n\n  curve25519Supported,\n  eddsaSupported,\n};\n\nmodule.exports.DISCONNECT_REASON_BY_VALUE =\n  Array.from(Object.entries(module.exports.DISCONNECT_REASON))\n       .reduce((obj, [key, value]) => ({ ...obj, [value]: key }), {});\n","// TODO:\n//    * make max packet size configurable\n//    * if decompression is enabled, use `._packet` in decipher instances as\n//      input to (sync) zlib inflater with appropriate offset and length to\n//      avoid an additional copy of payload data before inflation\n//    * factor decompression status into packet length checks\n'use strict';\n\nconst {\n  createCipheriv, createDecipheriv, createHmac, randomFillSync, timingSafeEqual\n} = require('crypto');\n\nconst { readUInt32BE, writeUInt32BE } = require('./utils.js');\n\nconst FastBuffer = Buffer[Symbol.species];\nconst MAX_SEQNO = 2 ** 32 - 1;\nconst EMPTY_BUFFER = Buffer.alloc(0);\nconst BUF_INT = Buffer.alloc(4);\nconst DISCARD_CACHE = new Map();\nconst MAX_PACKET_SIZE = 35000;\n\nlet binding;\nlet AESGCMCipher;\nlet ChaChaPolyCipher;\nlet GenericCipher;\nlet AESGCMDecipher;\nlet ChaChaPolyDecipher;\nlet GenericDecipher;\ntry {\n  binding = require('./crypto/build/Release/sshcrypto.node');\n  ({ AESGCMCipher, ChaChaPolyCipher, GenericCipher,\n     AESGCMDecipher, ChaChaPolyDecipher, GenericDecipher } = binding);\n} catch {}\n\nconst CIPHER_STREAM = 1 << 0;\nconst CIPHER_INFO = (() => {\n  function info(sslName, blockLen, keyLen, ivLen, authLen, discardLen, flags) {\n    return {\n      sslName,\n      blockLen,\n      keyLen,\n      ivLen: (ivLen !== 0 || (flags & CIPHER_STREAM)\n              ? ivLen\n              : blockLen),\n      authLen,\n      discardLen,\n      stream: !!(flags & CIPHER_STREAM),\n    };\n  }\n\n  return {\n    'chacha20-poly1305@openssh.com':\n      info('chacha20', 8, 64, 0, 16, 0, CIPHER_STREAM),\n\n    'aes128-gcm': info('aes-128-gcm', 16, 16, 12, 16, 0, CIPHER_STREAM),\n    'aes256-gcm': info('aes-256-gcm', 16, 32, 12, 16, 0, CIPHER_STREAM),\n    'aes128-gcm@openssh.com':\n      info('aes-128-gcm', 16, 16, 12, 16, 0, CIPHER_STREAM),\n    'aes256-gcm@openssh.com':\n      info('aes-256-gcm', 16, 32, 12, 16, 0, CIPHER_STREAM),\n\n    'aes128-cbc': info('aes-128-cbc', 16, 16, 0, 0, 0, 0),\n    'aes192-cbc': info('aes-192-cbc', 16, 24, 0, 0, 0, 0),\n    'aes256-cbc': info('aes-256-cbc', 16, 32, 0, 0, 0, 0),\n    'rijndael-cbc@lysator.liu.se': info('aes-256-cbc', 16, 32, 0, 0, 0, 0),\n    '3des-cbc': info('des-ede3-cbc', 8, 24, 0, 0, 0, 0),\n    'blowfish-cbc': info('bf-cbc', 8, 16, 0, 0, 0, 0),\n    'idea-cbc': info('idea-cbc', 8, 16, 0, 0, 0, 0),\n    'cast128-cbc': info('cast-cbc', 8, 16, 0, 0, 0, 0),\n\n    'aes128-ctr': info('aes-128-ctr', 16, 16, 16, 0, 0, CIPHER_STREAM),\n    'aes192-ctr': info('aes-192-ctr', 16, 24, 16, 0, 0, CIPHER_STREAM),\n    'aes256-ctr': info('aes-256-ctr', 16, 32, 16, 0, 0, CIPHER_STREAM),\n    '3des-ctr': info('des-ede3', 8, 24, 8, 0, 0, CIPHER_STREAM),\n    'blowfish-ctr': info('bf-ecb', 8, 16, 8, 0, 0, CIPHER_STREAM),\n    'cast128-ctr': info('cast5-ecb', 8, 16, 8, 0, 0, CIPHER_STREAM),\n\n    /* The \"arcfour128\" algorithm is the RC4 cipher, as described in\n       [SCHNEIER], using a 128-bit key.  The first 1536 bytes of keystream\n       generated by the cipher MUST be discarded, and the first byte of the\n       first encrypted packet MUST be encrypted using the 1537th byte of\n       keystream.\n\n       -- http://tools.ietf.org/html/rfc4345#section-4 */\n    'arcfour': info('rc4', 8, 16, 0, 0, 1536, CIPHER_STREAM),\n    'arcfour128': info('rc4', 8, 16, 0, 0, 1536, CIPHER_STREAM),\n    'arcfour256': info('rc4', 8, 32, 0, 0, 1536, CIPHER_STREAM),\n    'arcfour512': info('rc4', 8, 64, 0, 0, 1536, CIPHER_STREAM),\n  };\n})();\n\nconst MAC_INFO = (() => {\n  function info(sslName, len, actualLen, isETM) {\n    return {\n      sslName,\n      len,\n      actualLen,\n      isETM,\n    };\n  }\n\n  return {\n    'hmac-md5': info('md5', 16, 16, false),\n    'hmac-md5-96': info('md5', 16, 12, false),\n    'hmac-ripemd160': info('ripemd160', 20, 20, false),\n    'hmac-sha1': info('sha1', 20, 20, false),\n    'hmac-sha1-etm@openssh.com': info('sha1', 20, 20, true),\n    'hmac-sha1-96': info('sha1', 20, 12, false),\n    'hmac-sha2-256': info('sha256', 32, 32, false),\n    'hmac-sha2-256-etm@openssh.com': info('sha256', 32, 32, true),\n    'hmac-sha2-256-96': info('sha256', 32, 12, false),\n    'hmac-sha2-512': info('sha512', 64, 64, false),\n    'hmac-sha2-512-etm@openssh.com': info('sha512', 64, 64, true),\n    'hmac-sha2-512-96': info('sha512', 64, 12, false),\n  };\n})();\n\n\n// Should only_be used during the initial handshake\nclass NullCipher {\n  constructor(seqno, onWrite) {\n    this.outSeqno = seqno;\n    this._onWrite = onWrite;\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 8 - (pktLen & (8 - 1));\n    if (padLen < 4)\n      padLen += 8;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    this._onWrite(packet);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\n\nconst POLY1305_ZEROS = Buffer.alloc(32);\nconst POLY1305_OUT_COMPUTE = Buffer.alloc(16);\nlet POLY1305_WASM_MODULE;\nlet POLY1305_RESULT_MALLOC;\nlet poly1305_auth;\nclass ChaChaPolyCipherNative {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._encKeyMain = enc.cipherKey.slice(0, 32);\n    this._encKeyPktLen = enc.cipherKey.slice(32);\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 8 - ((pktLen - 4) & (8 - 1));\n    if (padLen < 4)\n      padLen += 8;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    // Generate Poly1305 key\n    POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n    writeUInt32BE(POLY1305_OUT_COMPUTE, this.outSeqno, 12);\n    const polyKey =\n      createCipheriv('chacha20', this._encKeyMain, POLY1305_OUT_COMPUTE)\n      .update(POLY1305_ZEROS);\n\n    // Encrypt packet length\n    const pktLenEnc =\n      createCipheriv('chacha20', this._encKeyPktLen, POLY1305_OUT_COMPUTE)\n      .update(packet.slice(0, 4));\n    this._onWrite(pktLenEnc);\n\n    // Encrypt rest of packet\n    POLY1305_OUT_COMPUTE[0] = 1; // Set counter to 1 (little endian)\n    const payloadEnc =\n      createCipheriv('chacha20', this._encKeyMain, POLY1305_OUT_COMPUTE)\n      .update(packet.slice(4));\n    this._onWrite(payloadEnc);\n\n    // Calculate Poly1305 MAC\n    poly1305_auth(POLY1305_RESULT_MALLOC,\n                  pktLenEnc,\n                  pktLenEnc.length,\n                  payloadEnc,\n                  payloadEnc.length,\n                  polyKey);\n    const mac = Buffer.allocUnsafe(16);\n    mac.set(\n      new Uint8Array(POLY1305_WASM_MODULE.HEAPU8.buffer,\n                     POLY1305_RESULT_MALLOC,\n                     16),\n      0\n    );\n    this._onWrite(mac);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\nclass ChaChaPolyCipherBinding {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._instance = new ChaChaPolyCipher(enc.cipherKey);\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n    this._instance.free();\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 8 - ((pktLen - 4) & (8 - 1));\n    if (padLen < 4)\n      padLen += 8;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen + 16/* MAC */);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    // Encrypts in-place\n    this._instance.encrypt(packet, this.outSeqno);\n\n    this._onWrite(packet);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\n\nclass AESGCMCipherNative {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._encSSLName = enc.cipherInfo.sslName;\n    this._encKey = enc.cipherKey;\n    this._encIV = enc.cipherIV;\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 16 - ((pktLen - 4) & (16 - 1));\n    if (padLen < 4)\n      padLen += 16;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    const cipher = createCipheriv(this._encSSLName, this._encKey, this._encIV);\n    cipher.setAutoPadding(false);\n\n    const lenData = packet.slice(0, 4);\n    cipher.setAAD(lenData);\n    this._onWrite(lenData);\n\n    // Encrypt pad length, payload, and padding\n    const encrypted = cipher.update(packet.slice(4));\n    this._onWrite(encrypted);\n    const final = cipher.final();\n    // XXX: final.length === 0 always?\n    if (final.length)\n      this._onWrite(final);\n\n    // Generate MAC\n    const tag = cipher.getAuthTag();\n    this._onWrite(tag);\n\n    // Increment counter in IV by 1 for next packet\n    ivIncrement(this._encIV);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\nclass AESGCMCipherBinding {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._instance = new AESGCMCipher(enc.cipherInfo.sslName,\n                                      enc.cipherKey,\n                                      enc.cipherIV);\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n    this._instance.free();\n  }\n  allocPacket(payloadLen) {\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = 16 - ((pktLen - 4) & (16 - 1));\n    if (padLen < 4)\n      padLen += 16;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen + 16/* authTag */);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    // Encrypts in-place\n    this._instance.encrypt(packet);\n\n    this._onWrite(packet);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\n\nclass GenericCipherNative {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._encBlockLen = enc.cipherInfo.blockLen;\n    this._cipherInstance = createCipheriv(enc.cipherInfo.sslName,\n                                          enc.cipherKey,\n                                          enc.cipherIV);\n    this._macSSLName = enc.macInfo.sslName;\n    this._macKey = enc.macKey;\n    this._macActualLen = enc.macInfo.actualLen;\n    this._macETM = enc.macInfo.isETM;\n    this._aadLen = (this._macETM ? 4 : 0);\n    this._dead = false;\n\n    const discardLen = enc.cipherInfo.discardLen;\n    if (discardLen) {\n      let discard = DISCARD_CACHE.get(discardLen);\n      if (discard === undefined) {\n        discard = Buffer.alloc(discardLen);\n        DISCARD_CACHE.set(discardLen, discard);\n      }\n      this._cipherInstance.update(discard);\n    }\n  }\n  free() {\n    this._dead = true;\n  }\n  allocPacket(payloadLen) {\n    const blockLen = this._encBlockLen;\n\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = blockLen - ((pktLen - this._aadLen) & (blockLen - 1));\n    if (padLen < 4)\n      padLen += blockLen;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    let mac;\n    if (this._macETM) {\n      // Encrypt pad length, payload, and padding\n      const lenBytes = new Uint8Array(packet.buffer, packet.byteOffset, 4);\n      const encrypted = this._cipherInstance.update(\n        new Uint8Array(packet.buffer,\n                       packet.byteOffset + 4,\n                       packet.length - 4)\n      );\n\n      this._onWrite(lenBytes);\n      this._onWrite(encrypted);\n\n      // TODO: look into storing seqno as 4-byte buffer and incrementing like we\n      // do for AES-GCM IVs to avoid having to (re)write all 4 bytes every time\n      mac = createHmac(this._macSSLName, this._macKey);\n      writeUInt32BE(BUF_INT, this.outSeqno, 0);\n      mac.update(BUF_INT);\n      mac.update(lenBytes);\n      mac.update(encrypted);\n    } else {\n      // Encrypt length field, pad length, payload, and padding\n      const encrypted = this._cipherInstance.update(packet);\n      this._onWrite(encrypted);\n\n      // TODO: look into storing seqno as 4-byte buffer and incrementing like we\n      // do for AES-GCM IVs to avoid having to (re)write all 4 bytes every time\n      mac = createHmac(this._macSSLName, this._macKey);\n      writeUInt32BE(BUF_INT, this.outSeqno, 0);\n      mac.update(BUF_INT);\n      mac.update(packet);\n    }\n\n    let digest = mac.digest();\n    if (digest.length > this._macActualLen)\n      digest = digest.slice(0, this._macActualLen);\n    this._onWrite(digest);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\nclass GenericCipherBinding {\n  constructor(config) {\n    const enc = config.outbound;\n    this.outSeqno = enc.seqno;\n    this._onWrite = enc.onWrite;\n    this._encBlockLen = enc.cipherInfo.blockLen;\n    this._macLen = enc.macInfo.len;\n    this._macActualLen = enc.macInfo.actualLen;\n    this._aadLen = (enc.macInfo.isETM ? 4 : 0);\n    this._instance = new GenericCipher(enc.cipherInfo.sslName,\n                                       enc.cipherKey,\n                                       enc.cipherIV,\n                                       enc.macInfo.sslName,\n                                       enc.macKey,\n                                       enc.macInfo.isETM);\n    this._dead = false;\n  }\n  free() {\n    this._dead = true;\n    this._instance.free();\n  }\n  allocPacket(payloadLen) {\n    const blockLen = this._encBlockLen;\n\n    let pktLen = 4 + 1 + payloadLen;\n    let padLen = blockLen - ((pktLen - this._aadLen) & (blockLen - 1));\n    if (padLen < 4)\n      padLen += blockLen;\n    pktLen += padLen;\n\n    const packet = Buffer.allocUnsafe(pktLen + this._macLen);\n\n    writeUInt32BE(packet, pktLen - 4, 0);\n    packet[4] = padLen;\n\n    randomFillSync(packet, 5 + payloadLen, padLen);\n\n    return packet;\n  }\n  encrypt(packet) {\n    // `packet` === unencrypted packet\n\n    if (this._dead)\n      return;\n\n    // Encrypts in-place\n    this._instance.encrypt(packet, this.outSeqno);\n\n    if (this._macActualLen < this._macLen) {\n      packet = new FastBuffer(packet.buffer,\n                              packet.byteOffset,\n                              (packet.length\n                                - (this._macLen - this._macActualLen)));\n    }\n    this._onWrite(packet);\n\n    this.outSeqno = (this.outSeqno + 1) >>> 0;\n  }\n}\n\n\nclass NullDecipher {\n  constructor(seqno, onPayload) {\n    this.inSeqno = seqno;\n    this._onPayload = onPayload;\n    this._len = 0;\n    this._lenBytes = 0;\n    this._packet = null;\n    this._packetPos = 0;\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    while (p < dataLen) {\n      // Read packet length\n      if (this._lenBytes < 4) {\n        let nb = Math.min(4 - this._lenBytes, dataLen - p);\n\n        this._lenBytes += nb;\n        while (nb--)\n          this._len = (this._len << 8) + data[p++];\n\n        if (this._lenBytes < 4)\n          return;\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 8\n            || (4 + this._len & 7) !== 0) {\n          throw new Error('Bad packet length');\n        }\n        if (p >= dataLen)\n          return;\n      }\n\n      // Read padding length, payload, and padding\n      if (this._packetPos < this._len) {\n        const nb = Math.min(this._len - this._packetPos, dataLen - p);\n        let chunk;\n        if (p !== 0 || nb !== dataLen)\n          chunk = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          chunk = data;\n        if (nb === this._len) {\n          this._packet = chunk;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(chunk, this._packetPos);\n        }\n        p += nb;\n        this._packetPos += nb;\n        if (this._packetPos < this._len)\n          return;\n      }\n\n      const payload = (!this._packet\n                       ? EMPTY_BUFFER\n                       : new FastBuffer(this._packet.buffer,\n                                        this._packet.byteOffset + 1,\n                                        this._packet.length\n                                          - this._packet[0] - 1));\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._len = 0;\n      this._lenBytes = 0;\n      this._packet = null;\n      this._packetPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass ChaChaPolyDecipherNative {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._decKeyMain = dec.decipherKey.slice(0, 32);\n    this._decKeyPktLen = dec.decipherKey.slice(32);\n    this._len = 0;\n    this._lenBuf = Buffer.alloc(4);\n    this._lenPos = 0;\n    this._packet = null;\n    this._pktLen = 0;\n    this._mac = Buffer.allocUnsafe(16);\n    this._calcMac = Buffer.allocUnsafe(16);\n    this._macPos = 0;\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read packet length\n      if (this._lenPos < 4) {\n        let nb = Math.min(4 - this._lenPos, dataLen - p);\n        while (nb--)\n          this._lenBuf[this._lenPos++] = data[p++];\n        if (this._lenPos < 4)\n          return;\n\n        POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n        writeUInt32BE(POLY1305_OUT_COMPUTE, this.inSeqno, 12);\n\n        const decLenBytes =\n          createDecipheriv('chacha20', this._decKeyPktLen, POLY1305_OUT_COMPUTE)\n          .update(this._lenBuf);\n        this._len = readUInt32BE(decLenBytes, 0);\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 8\n            || (this._len & 7) !== 0) {\n          throw new Error('Bad packet length');\n        }\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        if (p >= dataLen)\n          return;\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (nb === this._len) {\n          this._packet = encrypted;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(encrypted, this._pktLen);\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read Poly1305 MAC\n      {\n        const nb = Math.min(16 - this._macPos, dataLen - p);\n        // TODO: avoid copying if entire MAC is in current chunk\n        if (p !== 0 || nb !== dataLen) {\n          this._mac.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._macPos\n          );\n        } else {\n          this._mac.set(data, this._macPos);\n        }\n        p += nb;\n        this._macPos += nb;\n        if (this._macPos < 16)\n          return;\n      }\n\n      // Generate Poly1305 key\n      POLY1305_OUT_COMPUTE[0] = 0; // Set counter to 0 (little endian)\n      writeUInt32BE(POLY1305_OUT_COMPUTE, this.inSeqno, 12);\n      const polyKey =\n        createCipheriv('chacha20', this._decKeyMain, POLY1305_OUT_COMPUTE)\n        .update(POLY1305_ZEROS);\n\n      // Calculate and compare Poly1305 MACs\n      poly1305_auth(POLY1305_RESULT_MALLOC,\n                    this._lenBuf,\n                    4,\n                    this._packet,\n                    this._packet.length,\n                    polyKey);\n\n      this._calcMac.set(\n        new Uint8Array(POLY1305_WASM_MODULE.HEAPU8.buffer,\n                       POLY1305_RESULT_MALLOC,\n                       16),\n        0\n      );\n      if (!timingSafeEqual(this._calcMac, this._mac))\n        throw new Error('Invalid MAC');\n\n      // Decrypt packet\n      POLY1305_OUT_COMPUTE[0] = 1; // Set counter to 1 (little endian)\n      const packet =\n        createDecipheriv('chacha20', this._decKeyMain, POLY1305_OUT_COMPUTE)\n        .update(this._packet);\n\n      const payload = new FastBuffer(packet.buffer,\n                                     packet.byteOffset + 1,\n                                     packet.length - packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._len = 0;\n      this._lenPos = 0;\n      this._packet = null;\n      this._pktLen = 0;\n      this._macPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass ChaChaPolyDecipherBinding {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._instance = new ChaChaPolyDecipher(dec.decipherKey);\n    this._len = 0;\n    this._lenBuf = Buffer.alloc(4);\n    this._lenPos = 0;\n    this._packet = null;\n    this._pktLen = 0;\n    this._mac = Buffer.allocUnsafe(16);\n    this._macPos = 0;\n  }\n  free() {\n    this._instance.free();\n  }\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read packet length\n      if (this._lenPos < 4) {\n        let nb = Math.min(4 - this._lenPos, dataLen - p);\n        while (nb--)\n          this._lenBuf[this._lenPos++] = data[p++];\n        if (this._lenPos < 4)\n          return;\n\n        this._len = this._instance.decryptLen(this._lenBuf, this.inSeqno);\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 8\n            || (this._len & 7) !== 0) {\n          throw new Error('Bad packet length');\n        }\n\n        if (p >= dataLen)\n          return;\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (nb === this._len) {\n          this._packet = encrypted;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(encrypted, this._pktLen);\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read Poly1305 MAC\n      {\n        const nb = Math.min(16 - this._macPos, dataLen - p);\n        // TODO: avoid copying if entire MAC is in current chunk\n        if (p !== 0 || nb !== dataLen) {\n          this._mac.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._macPos\n          );\n        } else {\n          this._mac.set(data, this._macPos);\n        }\n        p += nb;\n        this._macPos += nb;\n        if (this._macPos < 16)\n          return;\n      }\n\n      this._instance.decrypt(this._packet, this._mac, this.inSeqno);\n\n      const payload = new FastBuffer(this._packet.buffer,\n                                     this._packet.byteOffset + 1,\n                                     this._packet.length - this._packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._len = 0;\n      this._lenPos = 0;\n      this._packet = null;\n      this._pktLen = 0;\n      this._macPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass AESGCMDecipherNative {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._decipherInstance = null;\n    this._decipherSSLName = dec.decipherInfo.sslName;\n    this._decipherKey = dec.decipherKey;\n    this._decipherIV = dec.decipherIV;\n    this._len = 0;\n    this._lenBytes = 0;\n    this._packet = null;\n    this._packetPos = 0;\n    this._pktLen = 0;\n    this._tag = Buffer.allocUnsafe(16);\n    this._tagPos = 0;\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read packet length (unencrypted, but AAD)\n      if (this._lenBytes < 4) {\n        let nb = Math.min(4 - this._lenBytes, dataLen - p);\n        this._lenBytes += nb;\n        while (nb--)\n          this._len = (this._len << 8) + data[p++];\n        if (this._lenBytes < 4)\n          return;\n\n        if ((this._len + 20) > MAX_PACKET_SIZE\n            || this._len < 16\n            || (this._len & 15) !== 0) {\n          throw new Error('Bad packet length');\n        }\n\n        this._decipherInstance = createDecipheriv(\n          this._decipherSSLName,\n          this._decipherKey,\n          this._decipherIV\n        );\n        this._decipherInstance.setAutoPadding(false);\n        this._decipherInstance.setAAD(intToBytes(this._len));\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        if (p >= dataLen)\n          return;\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let decrypted;\n        if (p !== 0 || nb !== dataLen) {\n          decrypted = this._decipherInstance.update(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb)\n          );\n        } else {\n          decrypted = this._decipherInstance.update(data);\n        }\n        if (decrypted.length) {\n          if (nb === this._len) {\n            this._packet = decrypted;\n          } else {\n            if (!this._packet)\n              this._packet = Buffer.allocUnsafe(this._len);\n            this._packet.set(decrypted, this._packetPos);\n          }\n          this._packetPos += decrypted.length;\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read authentication tag\n      {\n        const nb = Math.min(16 - this._tagPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen) {\n          this._tag.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._tagPos\n          );\n        } else {\n          this._tag.set(data, this._tagPos);\n        }\n        p += nb;\n        this._tagPos += nb;\n        if (this._tagPos < 16)\n          return;\n      }\n\n      {\n        // Verify authentication tag\n        this._decipherInstance.setAuthTag(this._tag);\n\n        const decrypted = this._decipherInstance.final();\n\n        // XXX: this should never output any data since stream ciphers always\n        // return data from .update() and block ciphers must end on a multiple\n        // of the block length, which would have caused an exception to be\n        // thrown if the total input was not...\n        if (decrypted.length) {\n          if (this._packet)\n            this._packet.set(decrypted, this._packetPos);\n          else\n            this._packet = decrypted;\n        }\n      }\n\n      const payload = (!this._packet\n                       ? EMPTY_BUFFER\n                       : new FastBuffer(this._packet.buffer,\n                                        this._packet.byteOffset + 1,\n                                        this._packet.length\n                                          - this._packet[0] - 1));\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      ivIncrement(this._decipherIV);\n      this._len = 0;\n      this._lenBytes = 0;\n      this._packet = null;\n      this._packetPos = 0;\n      this._pktLen = 0;\n      this._tagPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass AESGCMDecipherBinding {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._instance = new AESGCMDecipher(dec.decipherInfo.sslName,\n                                        dec.decipherKey,\n                                        dec.decipherIV);\n    this._len = 0;\n    this._lenBytes = 0;\n    this._packet = null;\n    this._pktLen = 0;\n    this._tag = Buffer.allocUnsafe(16);\n    this._tagPos = 0;\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read packet length (unencrypted, but AAD)\n      if (this._lenBytes < 4) {\n        let nb = Math.min(4 - this._lenBytes, dataLen - p);\n        this._lenBytes += nb;\n        while (nb--)\n          this._len = (this._len << 8) + data[p++];\n        if (this._lenBytes < 4)\n          return;\n\n        if ((this._len + 20) > MAX_PACKET_SIZE\n            || this._len < 16\n            || (this._len & 15) !== 0) {\n          throw new Error(`Bad packet length: ${this._len}`);\n        }\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        if (p >= dataLen)\n          return;\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (nb === this._len) {\n          this._packet = encrypted;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(encrypted, this._pktLen);\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read authentication tag\n      {\n        const nb = Math.min(16 - this._tagPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen) {\n          this._tag.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._tagPos\n          );\n        } else {\n          this._tag.set(data, this._tagPos);\n        }\n        p += nb;\n        this._tagPos += nb;\n        if (this._tagPos < 16)\n          return;\n      }\n\n      this._instance.decrypt(this._packet, this._len, this._tag);\n\n      const payload = new FastBuffer(this._packet.buffer,\n                                     this._packet.byteOffset + 1,\n                                     this._packet.length - this._packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._len = 0;\n      this._lenBytes = 0;\n      this._packet = null;\n      this._pktLen = 0;\n      this._tagPos = 0;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\n// TODO: test incremental .update()s vs. copying to _packet and doing a single\n// .update() after entire packet read -- a single .update() would allow\n// verifying MAC before decrypting for ETM MACs\nclass GenericDecipherNative {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._decipherInstance = createDecipheriv(dec.decipherInfo.sslName,\n                                              dec.decipherKey,\n                                              dec.decipherIV);\n    this._decipherInstance.setAutoPadding(false);\n    this._block = Buffer.allocUnsafe(\n      dec.macInfo.isETM ? 4 : dec.decipherInfo.blockLen\n    );\n    this._blockSize = dec.decipherInfo.blockLen;\n    this._blockPos = 0;\n    this._len = 0;\n    this._packet = null;\n    this._packetPos = 0;\n    this._pktLen = 0;\n    this._mac = Buffer.allocUnsafe(dec.macInfo.actualLen);\n    this._macPos = 0;\n    this._macSSLName = dec.macInfo.sslName;\n    this._macKey = dec.macKey;\n    this._macActualLen = dec.macInfo.actualLen;\n    this._macETM = dec.macInfo.isETM;\n    this._macInstance = null;\n\n    const discardLen = dec.decipherInfo.discardLen;\n    if (discardLen) {\n      let discard = DISCARD_CACHE.get(discardLen);\n      if (discard === undefined) {\n        discard = Buffer.alloc(discardLen);\n        DISCARD_CACHE.set(discardLen, discard);\n      }\n      this._decipherInstance.update(discard);\n    }\n  }\n  free() {}\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read first encrypted block\n      if (this._blockPos < this._block.length) {\n        const nb = Math.min(this._block.length - this._blockPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen || nb < data.length) {\n          this._block.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._blockPos\n          );\n        } else {\n          this._block.set(data, this._blockPos);\n        }\n\n        p += nb;\n        this._blockPos += nb;\n        if (this._blockPos < this._block.length)\n          return;\n\n        let decrypted;\n        let need;\n        if (this._macETM) {\n          this._len = need = readUInt32BE(this._block, 0);\n        } else {\n          // Decrypt first block to get packet length\n          decrypted = this._decipherInstance.update(this._block);\n          this._len = readUInt32BE(decrypted, 0);\n          need = 4 + this._len - this._blockSize;\n        }\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 5\n            || (need & (this._blockSize - 1)) !== 0) {\n          throw new Error('Bad packet length');\n        }\n\n        // Create MAC up front to calculate in parallel with decryption\n        this._macInstance = createHmac(this._macSSLName, this._macKey);\n\n        writeUInt32BE(BUF_INT, this.inSeqno, 0);\n        this._macInstance.update(BUF_INT);\n        if (this._macETM) {\n          this._macInstance.update(this._block);\n        } else {\n          this._macInstance.update(new Uint8Array(decrypted.buffer,\n                                                  decrypted.byteOffset,\n                                                  4));\n          this._pktLen = decrypted.length - 4;\n          this._packetPos = this._pktLen;\n          this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(\n            new Uint8Array(decrypted.buffer,\n                           decrypted.byteOffset + 4,\n                           this._packetPos),\n            0\n          );\n        }\n\n        if (p >= dataLen)\n          return;\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (this._macETM)\n          this._macInstance.update(encrypted);\n        const decrypted = this._decipherInstance.update(encrypted);\n        if (decrypted.length) {\n          if (nb === this._len) {\n            this._packet = decrypted;\n          } else {\n            if (!this._packet)\n              this._packet = Buffer.allocUnsafe(this._len);\n            this._packet.set(decrypted, this._packetPos);\n          }\n          this._packetPos += decrypted.length;\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read MAC\n      {\n        const nb = Math.min(this._macActualLen - this._macPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen) {\n          this._mac.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._macPos\n          );\n        } else {\n          this._mac.set(data, this._macPos);\n        }\n        p += nb;\n        this._macPos += nb;\n        if (this._macPos < this._macActualLen)\n          return;\n      }\n\n      // Verify MAC\n      if (!this._macETM)\n        this._macInstance.update(this._packet);\n      let calculated = this._macInstance.digest();\n      if (this._macActualLen < calculated.length) {\n        calculated = new Uint8Array(calculated.buffer,\n                                    calculated.byteOffset,\n                                    this._macActualLen);\n      }\n      if (!timingSafeEquals(calculated, this._mac))\n        throw new Error('Invalid MAC');\n\n      const payload = new FastBuffer(this._packet.buffer,\n                                     this._packet.byteOffset + 1,\n                                     this._packet.length - this._packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._blockPos = 0;\n      this._len = 0;\n      this._packet = null;\n      this._packetPos = 0;\n      this._pktLen = 0;\n      this._macPos = 0;\n      this._macInstance = null;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\nclass GenericDecipherBinding {\n  constructor(config) {\n    const dec = config.inbound;\n    this.inSeqno = dec.seqno;\n    this._onPayload = dec.onPayload;\n    this._instance = new GenericDecipher(dec.decipherInfo.sslName,\n                                         dec.decipherKey,\n                                         dec.decipherIV,\n                                         dec.macInfo.sslName,\n                                         dec.macKey,\n                                         dec.macInfo.isETM,\n                                         dec.macInfo.actualLen);\n    this._block = Buffer.allocUnsafe(\n      dec.macInfo.isETM || dec.decipherInfo.stream\n      ? 4\n      : dec.decipherInfo.blockLen\n    );\n    this._blockPos = 0;\n    this._len = 0;\n    this._packet = null;\n    this._pktLen = 0;\n    this._mac = Buffer.allocUnsafe(dec.macInfo.actualLen);\n    this._macPos = 0;\n    this._macActualLen = dec.macInfo.actualLen;\n    this._macETM = dec.macInfo.isETM;\n  }\n  free() {\n    this._instance.free();\n  }\n  decrypt(data, p, dataLen) {\n    // `data` === encrypted data\n\n    while (p < dataLen) {\n      // Read first encrypted block\n      if (this._blockPos < this._block.length) {\n        const nb = Math.min(this._block.length - this._blockPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen || nb < data.length) {\n          this._block.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._blockPos\n          );\n        } else {\n          this._block.set(data, this._blockPos);\n        }\n\n        p += nb;\n        this._blockPos += nb;\n        if (this._blockPos < this._block.length)\n          return;\n\n        let need;\n        if (this._macETM) {\n          this._len = need = readUInt32BE(this._block, 0);\n        } else {\n          // Decrypt first block to get packet length\n          this._instance.decryptBlock(this._block);\n          this._len = readUInt32BE(this._block, 0);\n          need = 4 + this._len - this._block.length;\n        }\n\n        if (this._len > MAX_PACKET_SIZE\n            || this._len < 5\n            || (need & (this._block.length - 1)) !== 0) {\n          throw new Error('Bad packet length');\n        }\n\n        if (!this._macETM) {\n          this._pktLen = (this._block.length - 4);\n          if (this._pktLen) {\n            this._packet = Buffer.allocUnsafe(this._len);\n            this._packet.set(\n              new Uint8Array(this._block.buffer,\n                             this._block.byteOffset + 4,\n                             this._pktLen),\n              0\n            );\n          }\n        }\n\n        if (p >= dataLen)\n          return;\n      }\n\n      // Read padding length, payload, and padding\n      if (this._pktLen < this._len) {\n        const nb = Math.min(this._len - this._pktLen, dataLen - p);\n        let encrypted;\n        if (p !== 0 || nb !== dataLen)\n          encrypted = new Uint8Array(data.buffer, data.byteOffset + p, nb);\n        else\n          encrypted = data;\n        if (nb === this._len) {\n          this._packet = encrypted;\n        } else {\n          if (!this._packet)\n            this._packet = Buffer.allocUnsafe(this._len);\n          this._packet.set(encrypted, this._pktLen);\n        }\n        p += nb;\n        this._pktLen += nb;\n        if (this._pktLen < this._len || p >= dataLen)\n          return;\n      }\n\n      // Read MAC\n      {\n        const nb = Math.min(this._macActualLen - this._macPos, dataLen - p);\n        if (p !== 0 || nb !== dataLen) {\n          this._mac.set(\n            new Uint8Array(data.buffer, data.byteOffset + p, nb),\n            this._macPos\n          );\n        } else {\n          this._mac.set(data, this._macPos);\n        }\n        p += nb;\n        this._macPos += nb;\n        if (this._macPos < this._macActualLen)\n          return;\n      }\n\n      // Decrypt and verify MAC\n      this._instance.decrypt(this._packet,\n                             this.inSeqno,\n                             this._block,\n                             this._mac);\n\n      const payload = new FastBuffer(this._packet.buffer,\n                                     this._packet.byteOffset + 1,\n                                     this._packet.length - this._packet[0] - 1);\n\n      // Prepare for next packet\n      this.inSeqno = (this.inSeqno + 1) >>> 0;\n      this._blockPos = 0;\n      this._len = 0;\n      this._packet = null;\n      this._pktLen = 0;\n      this._macPos = 0;\n      this._macInstance = null;\n\n      {\n        const ret = this._onPayload(payload);\n        if (ret !== undefined)\n          return (ret === false ? p : ret);\n      }\n    }\n  }\n}\n\n// Increments unsigned, big endian counter (last 8 bytes) of AES-GCM IV\nfunction ivIncrement(iv) {\n  // eslint-disable-next-line no-unused-expressions\n  ++iv[11] >>> 8\n  && ++iv[10] >>> 8\n  && ++iv[9] >>> 8\n  && ++iv[8] >>> 8\n  && ++iv[7] >>> 8\n  && ++iv[6] >>> 8\n  && ++iv[5] >>> 8\n  && ++iv[4] >>> 8;\n}\n\nconst intToBytes = (() => {\n  const ret = Buffer.alloc(4);\n  return (n) => {\n    ret[0] = (n >>> 24);\n    ret[1] = (n >>> 16);\n    ret[2] = (n >>> 8);\n    ret[3] = n;\n    return ret;\n  };\n})();\n\nfunction timingSafeEquals(a, b) {\n  if (a.length !== b.length) {\n    timingSafeEqual(a, a);\n    return false;\n  }\n  return timingSafeEqual(a, b);\n}\n\nfunction createCipher(config) {\n  if (typeof config !== 'object' || config === null)\n    throw new Error('Invalid config');\n\n  if (typeof config.outbound !== 'object' || config.outbound === null)\n    throw new Error('Invalid outbound');\n\n  const outbound = config.outbound;\n\n  if (typeof outbound.onWrite !== 'function')\n    throw new Error('Invalid outbound.onWrite');\n\n  if (typeof outbound.cipherInfo !== 'object' || outbound.cipherInfo === null)\n    throw new Error('Invalid outbound.cipherInfo');\n\n  if (!Buffer.isBuffer(outbound.cipherKey)\n      || outbound.cipherKey.length !== outbound.cipherInfo.keyLen) {\n    throw new Error('Invalid outbound.cipherKey');\n  }\n\n  if (outbound.cipherInfo.ivLen\n      && (!Buffer.isBuffer(outbound.cipherIV)\n          || outbound.cipherIV.length !== outbound.cipherInfo.ivLen)) {\n    throw new Error('Invalid outbound.cipherIV');\n  }\n\n  if (typeof outbound.seqno !== 'number'\n      || outbound.seqno < 0\n      || outbound.seqno > MAX_SEQNO) {\n    throw new Error('Invalid outbound.seqno');\n  }\n\n  const forceNative = !!outbound.forceNative;\n\n  switch (outbound.cipherInfo.sslName) {\n    case 'aes-128-gcm':\n    case 'aes-256-gcm':\n      return (AESGCMCipher && !forceNative\n              ? new AESGCMCipherBinding(config)\n              : new AESGCMCipherNative(config));\n    case 'chacha20':\n      return (ChaChaPolyCipher && !forceNative\n              ? new ChaChaPolyCipherBinding(config)\n              : new ChaChaPolyCipherNative(config));\n    default: {\n      if (typeof outbound.macInfo !== 'object' || outbound.macInfo === null)\n        throw new Error('Invalid outbound.macInfo');\n      if (!Buffer.isBuffer(outbound.macKey)\n          || outbound.macKey.length !== outbound.macInfo.len) {\n        throw new Error('Invalid outbound.macKey');\n      }\n      return (GenericCipher && !forceNative\n              ? new GenericCipherBinding(config)\n              : new GenericCipherNative(config));\n    }\n  }\n}\n\nfunction createDecipher(config) {\n  if (typeof config !== 'object' || config === null)\n    throw new Error('Invalid config');\n\n  if (typeof config.inbound !== 'object' || config.inbound === null)\n    throw new Error('Invalid inbound');\n\n  const inbound = config.inbound;\n\n  if (typeof inbound.onPayload !== 'function')\n    throw new Error('Invalid inbound.onPayload');\n\n  if (typeof inbound.decipherInfo !== 'object'\n      || inbound.decipherInfo === null) {\n    throw new Error('Invalid inbound.decipherInfo');\n  }\n\n  if (!Buffer.isBuffer(inbound.decipherKey)\n      || inbound.decipherKey.length !== inbound.decipherInfo.keyLen) {\n    throw new Error('Invalid inbound.decipherKey');\n  }\n\n  if (inbound.decipherInfo.ivLen\n      && (!Buffer.isBuffer(inbound.decipherIV)\n          || inbound.decipherIV.length !== inbound.decipherInfo.ivLen)) {\n    throw new Error('Invalid inbound.decipherIV');\n  }\n\n  if (typeof inbound.seqno !== 'number'\n      || inbound.seqno < 0\n      || inbound.seqno > MAX_SEQNO) {\n    throw new Error('Invalid inbound.seqno');\n  }\n\n  const forceNative = !!inbound.forceNative;\n\n  switch (inbound.decipherInfo.sslName) {\n    case 'aes-128-gcm':\n    case 'aes-256-gcm':\n      return (AESGCMDecipher && !forceNative\n              ? new AESGCMDecipherBinding(config)\n              : new AESGCMDecipherNative(config));\n    case 'chacha20':\n      return (ChaChaPolyDecipher && !forceNative\n              ? new ChaChaPolyDecipherBinding(config)\n              : new ChaChaPolyDecipherNative(config));\n    default: {\n      if (typeof inbound.macInfo !== 'object' || inbound.macInfo === null)\n        throw new Error('Invalid inbound.macInfo');\n      if (!Buffer.isBuffer(inbound.macKey)\n          || inbound.macKey.length !== inbound.macInfo.len) {\n        throw new Error('Invalid inbound.macKey');\n      }\n      return (GenericDecipher && !forceNative\n              ? new GenericDecipherBinding(config)\n              : new GenericDecipherNative(config));\n    }\n  }\n}\n\nmodule.exports = {\n  CIPHER_INFO,\n  MAC_INFO,\n  bindingAvailable: !!binding,\n  init: (() => {\n    // eslint-disable-next-line no-async-promise-executor\n    return new Promise(async (resolve, reject) => {\n      try {\n        POLY1305_WASM_MODULE = await require('./crypto/poly1305.js')();\n        POLY1305_RESULT_MALLOC = POLY1305_WASM_MODULE._malloc(16);\n        poly1305_auth = POLY1305_WASM_MODULE.cwrap(\n          'poly1305_auth',\n          null,\n          ['number', 'array', 'number', 'array', 'number', 'array']\n        );\n      } catch (ex) {\n        return reject(ex);\n      }\n      resolve();\n    });\n  })(),\n\n  NullCipher,\n  createCipher,\n  NullDecipher,\n  createDecipher,\n};\n","\nvar createPoly1305 = (function() {\n  var _scriptDir = typeof document !== 'undefined' && document.currentScript ? document.currentScript.src : undefined;\n  if (typeof __filename !== 'undefined') _scriptDir = _scriptDir || __filename;\n  return (\nfunction(createPoly1305) {\n  createPoly1305 = createPoly1305 || {};\n\n\nvar b;b||(b=typeof createPoly1305 !== 'undefined' ? createPoly1305 : {});var q,r;b.ready=new Promise(function(a,c){q=a;r=c});var u={},w;for(w in b)b.hasOwnProperty(w)&&(u[w]=b[w]);var x=\"object\"===typeof window,y=\"function\"===typeof importScripts,z=\"object\"===typeof process&&\"object\"===typeof process.versions&&\"string\"===typeof process.versions.node,B=\"\",C,D,E,F,G;\nif(z)B=y?require(\"path\").dirname(B)+\"/\":__dirname+\"/\",C=function(a,c){var d=H(a);if(d)return c?d:d.toString();F||(F=require(\"fs\"));G||(G=require(\"path\"));a=G.normalize(a);return F.readFileSync(a,c?null:\"utf8\")},E=function(a){a=C(a,!0);a.buffer||(a=new Uint8Array(a));assert(a.buffer);return a},D=function(a,c,d){var e=H(a);e&&c(e);F||(F=require(\"fs\"));G||(G=require(\"path\"));a=G.normalize(a);F.readFile(a,function(f,l){f?d(f):c(l.buffer)})},1<process.argv.length&&process.argv[1].replace(/\\\\/g,\"/\"),process.argv.slice(2),\nb.inspect=function(){return\"[Emscripten Module object]\"};else if(x||y)y?B=self.location.href:\"undefined\"!==typeof document&&document.currentScript&&(B=document.currentScript.src),_scriptDir&&(B=_scriptDir),0!==B.indexOf(\"blob:\")?B=B.substr(0,B.lastIndexOf(\"/\")+1):B=\"\",C=function(a){try{var c=new XMLHttpRequest;c.open(\"GET\",a,!1);c.send(null);return c.responseText}catch(f){if(a=H(a)){c=[];for(var d=0;d<a.length;d++){var e=a[d];255<e&&(ba&&assert(!1,\"Character code \"+e+\" (\"+String.fromCharCode(e)+\")  at offset \"+\nd+\" not in 0x00-0xFF.\"),e&=255);c.push(String.fromCharCode(e))}return c.join(\"\")}throw f;}},y&&(E=function(a){try{var c=new XMLHttpRequest;c.open(\"GET\",a,!1);c.responseType=\"arraybuffer\";c.send(null);return new Uint8Array(c.response)}catch(d){if(a=H(a))return a;throw d;}}),D=function(a,c,d){var e=new XMLHttpRequest;e.open(\"GET\",a,!0);e.responseType=\"arraybuffer\";e.onload=function(){if(200==e.status||0==e.status&&e.response)c(e.response);else{var f=H(a);f?c(f.buffer):d()}};e.onerror=d;e.send(null)};\nb.print||console.log.bind(console);var I=b.printErr||console.warn.bind(console);for(w in u)u.hasOwnProperty(w)&&(b[w]=u[w]);u=null;var J;b.wasmBinary&&(J=b.wasmBinary);var noExitRuntime=b.noExitRuntime||!0;\"object\"!==typeof WebAssembly&&K(\"no native wasm support detected\");var L,M=!1;function assert(a,c){a||K(\"Assertion failed: \"+c)}function N(a){var c=b[\"_\"+a];assert(c,\"Cannot call unknown function \"+a+\", make sure it is exported\");return c}\nfunction ca(a,c,d,e){var f={string:function(g){var p=0;if(null!==g&&void 0!==g&&0!==g){var n=(g.length<<2)+1;p=O(n);var k=p,h=P;if(0<n){n=k+n-1;for(var v=0;v<g.length;++v){var m=g.charCodeAt(v);if(55296<=m&&57343>=m){var oa=g.charCodeAt(++v);m=65536+((m&1023)<<10)|oa&1023}if(127>=m){if(k>=n)break;h[k++]=m}else{if(2047>=m){if(k+1>=n)break;h[k++]=192|m>>6}else{if(65535>=m){if(k+2>=n)break;h[k++]=224|m>>12}else{if(k+3>=n)break;h[k++]=240|m>>18;h[k++]=128|m>>12&63}h[k++]=128|m>>6&63}h[k++]=128|m&63}}h[k]=\n0}}return p},array:function(g){var p=O(g.length);Q.set(g,p);return p}},l=N(a),A=[];a=0;if(e)for(var t=0;t<e.length;t++){var aa=f[d[t]];aa?(0===a&&(a=da()),A[t]=aa(e[t])):A[t]=e[t]}d=l.apply(null,A);d=function(g){if(\"string\"===c)if(g){for(var p=P,n=g+NaN,k=g;p[k]&&!(k>=n);)++k;if(16<k-g&&p.subarray&&ea)g=ea.decode(p.subarray(g,k));else{for(n=\"\";g<k;){var h=p[g++];if(h&128){var v=p[g++]&63;if(192==(h&224))n+=String.fromCharCode((h&31)<<6|v);else{var m=p[g++]&63;h=224==(h&240)?(h&15)<<12|v<<6|m:(h&7)<<\n18|v<<12|m<<6|p[g++]&63;65536>h?n+=String.fromCharCode(h):(h-=65536,n+=String.fromCharCode(55296|h>>10,56320|h&1023))}}else n+=String.fromCharCode(h)}g=n}}else g=\"\";else g=\"boolean\"===c?!!g:g;return g}(d);0!==a&&fa(a);return d}var ea=\"undefined\"!==typeof TextDecoder?new TextDecoder(\"utf8\"):void 0,ha,Q,P;\nfunction ia(){var a=L.buffer;ha=a;b.HEAP8=Q=new Int8Array(a);b.HEAP16=new Int16Array(a);b.HEAP32=new Int32Array(a);b.HEAPU8=P=new Uint8Array(a);b.HEAPU16=new Uint16Array(a);b.HEAPU32=new Uint32Array(a);b.HEAPF32=new Float32Array(a);b.HEAPF64=new Float64Array(a)}var R,ja=[],ka=[],la=[];function ma(){var a=b.preRun.shift();ja.unshift(a)}var S=0,T=null,U=null;b.preloadedImages={};b.preloadedAudios={};\nfunction K(a){if(b.onAbort)b.onAbort(a);I(a);M=!0;a=new WebAssembly.RuntimeError(\"abort(\"+a+\"). Build with -s ASSERTIONS=1 for more info.\");r(a);throw a;}var V=\"data:application/octet-stream;base64,\",W;W=\"data:application/octet-stream;base64,AGFzbQEAAAABIAZgAX8Bf2ADf39/AGABfwBgAABgAAF/YAZ/f39/f38AAgcBAWEBYQAAAwsKAAEDAQAAAgQFAgQFAXABAQEFBwEBgAKAgAIGCQF/AUGAjMACCwclCQFiAgABYwADAWQACQFlAAgBZgAHAWcABgFoAAUBaQAKAWoBAAqGTQpPAQJ/QYAIKAIAIgEgAEEDakF8cSICaiEAAkAgAkEAIAAgAU0bDQAgAD8AQRB0SwRAIAAQAEUNAQtBgAggADYCACABDwtBhAhBMDYCAEF/C4wFAg5+Cn8gACgCJCEUIAAoAiAhFSAAKAIcIREgACgCGCESIAAoAhQhEyACQRBPBEAgAC0ATEVBGHQhFyAAKAIEIhZBBWytIQ8gACgCCCIYQQVsrSENIAAoAgwiGUEFbK0hCyAAKAIQIhpBBWytIQkgADUCACEIIBqtIRAgGa0hDiAYrSEMIBatIQoDQCASIAEtAAMiEiABLQAEQQh0ciABLQAFQRB0ciABLQAGIhZBGHRyQQJ2Qf///x9xaq0iAyAOfiABLwAAIAEtAAJBEHRyIBNqIBJBGHRBgICAGHFqrSIEIBB+fCARIAEtAAdBCHQgFnIgAS0ACEEQdHIgAS0ACSIRQRh0ckEEdkH///8fcWqtIgUgDH58IAEtAApBCHQgEXIgAS0AC0EQdHIgAS0ADEEYdHJBBnYgFWqtIgYgCn58IBQgF2ogAS8ADSABLQAPQRB0cmqtIgcgCH58IAMgDH4gBCAOfnwgBSAKfnwgBiAIfnwgByAJfnwgAyAKfiAEIAx+fCAFIAh+fCAGIAl+fCAHIAt+fCADIAh+IAQgCn58IAUgCX58IAYgC358IAcgDX58IAMgCX4gBCAIfnwgBSALfnwgBiANfnwgByAPfnwiA0IaiEL/////D4N8IgRCGohC/////w+DfCIFQhqIQv////8Pg3wiBkIaiEL/////D4N8IgdCGoinQQVsIAOnQf///x9xaiITQRp2IASnQf///x9xaiESIAWnQf///x9xIREgBqdB////H3EhFSAHp0H///8fcSEUIBNB////H3EhEyABQRBqIQEgAkEQayICQQ9LDQALCyAAIBQ2AiQgACAVNgIgIAAgETYCHCAAIBI2AhggACATNgIUCwMAAQu2BAEGfwJAIAAoAjgiBARAIABBPGohBQJAIAJBECAEayIDIAIgA0kbIgZFDQAgBkEDcSEHAkAgBkEBa0EDSQRAQQAhAwwBCyAGQXxxIQhBACEDA0AgBSADIARqaiABIANqLQAAOgAAIAUgA0EBciIEIAAoAjhqaiABIARqLQAAOgAAIAUgA0ECciIEIAAoAjhqaiABIARqLQAAOgAAIAUgA0EDciIEIAAoAjhqaiABIARqLQAAOgAAIANBBGohAyAAKAI4IQQgCEEEayIIDQALCyAHRQ0AA0AgBSADIARqaiABIANqLQAAOgAAIANBAWohAyAAKAI4IQQgB0EBayIHDQALCyAAIAQgBmoiAzYCOCADQRBJDQEgACAFQRAQAiAAQQA2AjggAiAGayECIAEgBmohAQsgAkEQTwRAIAAgASACQXBxIgMQAiACQQ9xIQIgASADaiEBCyACRQ0AIAJBA3EhBCAAQTxqIQVBACEDIAJBAWtBA08EQCACQXxxIQcDQCAFIAAoAjggA2pqIAEgA2otAAA6AAAgBSADQQFyIgYgACgCOGpqIAEgBmotAAA6AAAgBSADQQJyIgYgACgCOGpqIAEgBmotAAA6AAAgBSADQQNyIgYgACgCOGpqIAEgBmotAAA6AAAgA0EEaiEDIAdBBGsiBw0ACwsgBARAA0AgBSAAKAI4IANqaiABIANqLQAAOgAAIANBAWohAyAEQQFrIgQNAAsLIAAgACgCOCACajYCOAsLoS0BDH8jAEEQayIMJAACQAJAAkACQAJAAkACQAJAAkACQAJAAkAgAEH0AU0EQEGICCgCACIFQRAgAEELakF4cSAAQQtJGyIIQQN2IgJ2IgFBA3EEQCABQX9zQQFxIAJqIgNBA3QiAUG4CGooAgAiBEEIaiEAAkAgBCgCCCICIAFBsAhqIgFGBEBBiAggBUF+IAN3cTYCAAwBCyACIAE2AgwgASACNgIICyAEIANBA3QiAUEDcjYCBCABIARqIgEgASgCBEEBcjYCBAwNCyAIQZAIKAIAIgpNDQEgAQRAAkBBAiACdCIAQQAgAGtyIAEgAnRxIgBBACAAa3FBAWsiACAAQQx2QRBxIgJ2IgFBBXZBCHEiACACciABIAB2IgFBAnZBBHEiAHIgASAAdiIBQQF2QQJxIgByIAEgAHYiAUEBdkEBcSIAciABIAB2aiIDQQN0IgBBuAhqKAIAIgQoAggiASAAQbAIaiIARgRAQYgIIAVBfiADd3EiBTYCAAwBCyABIAA2AgwgACABNgIICyAEQQhqIQAgBCAIQQNyNgIEIAQgCGoiAiADQQN0IgEgCGsiA0EBcjYCBCABIARqIAM2AgAgCgRAIApBA3YiAUEDdEGwCGohB0GcCCgCACEEAn8gBUEBIAF0IgFxRQRAQYgIIAEgBXI2AgAgBwwBCyAHKAIICyEBIAcgBDYCCCABIAQ2AgwgBCAHNgIMIAQgATYCCAtBnAggAjYCAEGQCCADNgIADA0LQYwIKAIAIgZFDQEgBkEAIAZrcUEBayIAIABBDHZBEHEiAnYiAUEFdkEIcSIAIAJyIAEgAHYiAUECdkEEcSIAciABIAB2IgFBAXZBAnEiAHIgASAAdiIBQQF2QQFxIgByIAEgAHZqQQJ0QbgKaigCACIBKAIEQXhxIAhrIQMgASECA0ACQCACKAIQIgBFBEAgAigCFCIARQ0BCyAAKAIEQXhxIAhrIgIgAyACIANJIgIbIQMgACABIAIbIQEgACECDAELCyABIAhqIgkgAU0NAiABKAIYIQsgASABKAIMIgRHBEAgASgCCCIAQZgIKAIASRogACAENgIMIAQgADYCCAwMCyABQRRqIgIoAgAiAEUEQCABKAIQIgBFDQQgAUEQaiECCwNAIAIhByAAIgRBFGoiAigCACIADQAgBEEQaiECIAQoAhAiAA0ACyAHQQA2AgAMCwtBfyEIIABBv39LDQAgAEELaiIAQXhxIQhBjAgoAgAiCUUNAEEAIAhrIQMCQAJAAkACf0EAIAhBgAJJDQAaQR8gCEH///8HSw0AGiAAQQh2IgAgAEGA/j9qQRB2QQhxIgJ0IgAgAEGA4B9qQRB2QQRxIgF0IgAgAEGAgA9qQRB2QQJxIgB0QQ92IAEgAnIgAHJrIgBBAXQgCCAAQRVqdkEBcXJBHGoLIgVBAnRBuApqKAIAIgJFBEBBACEADAELQQAhACAIQQBBGSAFQQF2ayAFQR9GG3QhAQNAAkAgAigCBEF4cSAIayIHIANPDQAgAiEEIAciAw0AQQAhAyACIQAMAwsgACACKAIUIgcgByACIAFBHXZBBHFqKAIQIgJGGyAAIAcbIQAgAUEBdCEBIAINAAsLIAAgBHJFBEBBACEEQQIgBXQiAEEAIABrciAJcSIARQ0DIABBACAAa3FBAWsiACAAQQx2QRBxIgJ2IgFBBXZBCHEiACACciABIAB2IgFBAnZBBHEiAHIgASAAdiIBQQF2QQJxIgByIAEgAHYiAUEBdkEBcSIAciABIAB2akECdEG4CmooAgAhAAsgAEUNAQsDQCAAKAIEQXhxIAhrIgEgA0khAiABIAMgAhshAyAAIAQgAhshBCAAKAIQIgEEfyABBSAAKAIUCyIADQALCyAERQ0AIANBkAgoAgAgCGtPDQAgBCAIaiIGIARNDQEgBCgCGCEFIAQgBCgCDCIBRwRAIAQoAggiAEGYCCgCAEkaIAAgATYCDCABIAA2AggMCgsgBEEUaiICKAIAIgBFBEAgBCgCECIARQ0EIARBEGohAgsDQCACIQcgACIBQRRqIgIoAgAiAA0AIAFBEGohAiABKAIQIgANAAsgB0EANgIADAkLIAhBkAgoAgAiAk0EQEGcCCgCACEDAkAgAiAIayIBQRBPBEBBkAggATYCAEGcCCADIAhqIgA2AgAgACABQQFyNgIEIAIgA2ogATYCACADIAhBA3I2AgQMAQtBnAhBADYCAEGQCEEANgIAIAMgAkEDcjYCBCACIANqIgAgACgCBEEBcjYCBAsgA0EIaiEADAsLIAhBlAgoAgAiBkkEQEGUCCAGIAhrIgE2AgBBoAhBoAgoAgAiAiAIaiIANgIAIAAgAUEBcjYCBCACIAhBA3I2AgQgAkEIaiEADAsLQQAhACAIQS9qIgkCf0HgCygCAARAQegLKAIADAELQewLQn83AgBB5AtCgKCAgICABDcCAEHgCyAMQQxqQXBxQdiq1aoFczYCAEH0C0EANgIAQcQLQQA2AgBBgCALIgFqIgVBACABayIHcSICIAhNDQpBwAsoAgAiBARAQbgLKAIAIgMgAmoiASADTQ0LIAEgBEsNCwtBxAstAABBBHENBQJAAkBBoAgoAgAiAwRAQcgLIQADQCADIAAoAgAiAU8EQCABIAAoAgRqIANLDQMLIAAoAggiAA0ACwtBABABIgFBf0YNBiACIQVB5AsoAgAiA0EBayIAIAFxBEAgAiABayAAIAFqQQAgA2txaiEFCyAFIAhNDQYgBUH+////B0sNBkHACygCACIEBEBBuAsoAgAiAyAFaiIAIANNDQcgACAESw0HCyAFEAEiACABRw0BDAgLIAUgBmsgB3EiBUH+////B0sNBSAFEAEiASAAKAIAIAAoAgRqRg0EIAEhAAsCQCAAQX9GDQAgCEEwaiAFTQ0AQegLKAIAIgEgCSAFa2pBACABa3EiAUH+////B0sEQCAAIQEMCAsgARABQX9HBEAgASAFaiEFIAAhAQwIC0EAIAVrEAEaDAULIAAiAUF/Rw0GDAQLAAtBACEEDAcLQQAhAQwFCyABQX9HDQILQcQLQcQLKAIAQQRyNgIACyACQf7///8HSw0BIAIQASEBQQAQASEAIAFBf0YNASAAQX9GDQEgACABTQ0BIAAgAWsiBSAIQShqTQ0BC0G4C0G4CygCACAFaiIANgIAQbwLKAIAIABJBEBBvAsgADYCAAsCQAJAAkBBoAgoAgAiBwRAQcgLIQADQCABIAAoAgAiAyAAKAIEIgJqRg0CIAAoAggiAA0ACwwCC0GYCCgCACIAQQAgACABTRtFBEBBmAggATYCAAtBACEAQcwLIAU2AgBByAsgATYCAEGoCEF/NgIAQawIQeALKAIANgIAQdQLQQA2AgADQCAAQQN0IgNBuAhqIANBsAhqIgI2AgAgA0G8CGogAjYCACAAQQFqIgBBIEcNAAtBlAggBUEoayIDQXggAWtBB3FBACABQQhqQQdxGyIAayICNgIAQaAIIAAgAWoiADYCACAAIAJBAXI2AgQgASADakEoNgIEQaQIQfALKAIANgIADAILIAAtAAxBCHENACADIAdLDQAgASAHTQ0AIAAgAiAFajYCBEGgCCAHQXggB2tBB3FBACAHQQhqQQdxGyIAaiICNgIAQZQIQZQIKAIAIAVqIgEgAGsiADYCACACIABBAXI2AgQgASAHakEoNgIEQaQIQfALKAIANgIADAELQZgIKAIAIAFLBEBBmAggATYCAAsgASAFaiECQcgLIQACQAJAAkACQAJAAkADQCACIAAoAgBHBEAgACgCCCIADQEMAgsLIAAtAAxBCHFFDQELQcgLIQADQCAHIAAoAgAiAk8EQCACIAAoAgRqIgQgB0sNAwsgACgCCCEADAALAAsgACABNgIAIAAgACgCBCAFajYCBCABQXggAWtBB3FBACABQQhqQQdxG2oiCSAIQQNyNgIEIAJBeCACa0EHcUEAIAJBCGpBB3EbaiIFIAggCWoiBmshAiAFIAdGBEBBoAggBjYCAEGUCEGUCCgCACACaiIANgIAIAYgAEEBcjYCBAwDCyAFQZwIKAIARgRAQZwIIAY2AgBBkAhBkAgoAgAgAmoiADYCACAGIABBAXI2AgQgACAGaiAANgIADAMLIAUoAgQiAEEDcUEBRgRAIABBeHEhBwJAIABB/wFNBEAgBSgCCCIDIABBA3YiAEEDdEGwCGpGGiADIAUoAgwiAUYEQEGICEGICCgCAEF+IAB3cTYCAAwCCyADIAE2AgwgASADNgIIDAELIAUoAhghCAJAIAUgBSgCDCIBRwRAIAUoAggiACABNgIMIAEgADYCCAwBCwJAIAVBFGoiACgCACIDDQAgBUEQaiIAKAIAIgMNAEEAIQEMAQsDQCAAIQQgAyIBQRRqIgAoAgAiAw0AIAFBEGohACABKAIQIgMNAAsgBEEANgIACyAIRQ0AAkAgBSAFKAIcIgNBAnRBuApqIgAoAgBGBEAgACABNgIAIAENAUGMCEGMCCgCAEF+IAN3cTYCAAwCCyAIQRBBFCAIKAIQIAVGG2ogATYCACABRQ0BCyABIAg2AhggBSgCECIABEAgASAANgIQIAAgATYCGAsgBSgCFCIARQ0AIAEgADYCFCAAIAE2AhgLIAUgB2ohBSACIAdqIQILIAUgBSgCBEF+cTYCBCAGIAJBAXI2AgQgAiAGaiACNgIAIAJB/wFNBEAgAkEDdiIAQQN0QbAIaiECAn9BiAgoAgAiAUEBIAB0IgBxRQRAQYgIIAAgAXI2AgAgAgwBCyACKAIICyEAIAIgBjYCCCAAIAY2AgwgBiACNgIMIAYgADYCCAwDC0EfIQAgAkH///8HTQRAIAJBCHYiACAAQYD+P2pBEHZBCHEiA3QiACAAQYDgH2pBEHZBBHEiAXQiACAAQYCAD2pBEHZBAnEiAHRBD3YgASADciAAcmsiAEEBdCACIABBFWp2QQFxckEcaiEACyAGIAA2AhwgBkIANwIQIABBAnRBuApqIQQCQEGMCCgCACIDQQEgAHQiAXFFBEBBjAggASADcjYCACAEIAY2AgAgBiAENgIYDAELIAJBAEEZIABBAXZrIABBH0YbdCEAIAQoAgAhAQNAIAEiAygCBEF4cSACRg0DIABBHXYhASAAQQF0IQAgAyABQQRxaiIEKAIQIgENAAsgBCAGNgIQIAYgAzYCGAsgBiAGNgIMIAYgBjYCCAwCC0GUCCAFQShrIgNBeCABa0EHcUEAIAFBCGpBB3EbIgBrIgI2AgBBoAggACABaiIANgIAIAAgAkEBcjYCBCABIANqQSg2AgRBpAhB8AsoAgA2AgAgByAEQScgBGtBB3FBACAEQSdrQQdxG2pBL2siACAAIAdBEGpJGyICQRs2AgQgAkHQCykCADcCECACQcgLKQIANwIIQdALIAJBCGo2AgBBzAsgBTYCAEHICyABNgIAQdQLQQA2AgAgAkEYaiEAA0AgAEEHNgIEIABBCGohASAAQQRqIQAgASAESQ0ACyACIAdGDQMgAiACKAIEQX5xNgIEIAcgAiAHayIEQQFyNgIEIAIgBDYCACAEQf8BTQRAIARBA3YiAEEDdEGwCGohAgJ/QYgIKAIAIgFBASAAdCIAcUUEQEGICCAAIAFyNgIAIAIMAQsgAigCCAshACACIAc2AgggACAHNgIMIAcgAjYCDCAHIAA2AggMBAtBHyEAIAdCADcCECAEQf///wdNBEAgBEEIdiIAIABBgP4/akEQdkEIcSICdCIAIABBgOAfakEQdkEEcSIBdCIAIABBgIAPakEQdkECcSIAdEEPdiABIAJyIAByayIAQQF0IAQgAEEVanZBAXFyQRxqIQALIAcgADYCHCAAQQJ0QbgKaiEDAkBBjAgoAgAiAkEBIAB0IgFxRQRAQYwIIAEgAnI2AgAgAyAHNgIAIAcgAzYCGAwBCyAEQQBBGSAAQQF2ayAAQR9GG3QhACADKAIAIQEDQCABIgIoAgRBeHEgBEYNBCAAQR12IQEgAEEBdCEAIAIgAUEEcWoiAygCECIBDQALIAMgBzYCECAHIAI2AhgLIAcgBzYCDCAHIAc2AggMAwsgAygCCCIAIAY2AgwgAyAGNgIIIAZBADYCGCAGIAM2AgwgBiAANgIICyAJQQhqIQAMBQsgAigCCCIAIAc2AgwgAiAHNgIIIAdBADYCGCAHIAI2AgwgByAANgIIC0GUCCgCACIAIAhNDQBBlAggACAIayIBNgIAQaAIQaAIKAIAIgIgCGoiADYCACAAIAFBAXI2AgQgAiAIQQNyNgIEIAJBCGohAAwDC0GECEEwNgIAQQAhAAwCCwJAIAVFDQACQCAEKAIcIgJBAnRBuApqIgAoAgAgBEYEQCAAIAE2AgAgAQ0BQYwIIAlBfiACd3EiCTYCAAwCCyAFQRBBFCAFKAIQIARGG2ogATYCACABRQ0BCyABIAU2AhggBCgCECIABEAgASAANgIQIAAgATYCGAsgBCgCFCIARQ0AIAEgADYCFCAAIAE2AhgLAkAgA0EPTQRAIAQgAyAIaiIAQQNyNgIEIAAgBGoiACAAKAIEQQFyNgIEDAELIAQgCEEDcjYCBCAGIANBAXI2AgQgAyAGaiADNgIAIANB/wFNBEAgA0EDdiIAQQN0QbAIaiECAn9BiAgoAgAiAUEBIAB0IgBxRQRAQYgIIAAgAXI2AgAgAgwBCyACKAIICyEAIAIgBjYCCCAAIAY2AgwgBiACNgIMIAYgADYCCAwBC0EfIQAgA0H///8HTQRAIANBCHYiACAAQYD+P2pBEHZBCHEiAnQiACAAQYDgH2pBEHZBBHEiAXQiACAAQYCAD2pBEHZBAnEiAHRBD3YgASACciAAcmsiAEEBdCADIABBFWp2QQFxckEcaiEACyAGIAA2AhwgBkIANwIQIABBAnRBuApqIQICQAJAIAlBASAAdCIBcUUEQEGMCCABIAlyNgIAIAIgBjYCACAGIAI2AhgMAQsgA0EAQRkgAEEBdmsgAEEfRht0IQAgAigCACEIA0AgCCIBKAIEQXhxIANGDQIgAEEddiECIABBAXQhACABIAJBBHFqIgIoAhAiCA0ACyACIAY2AhAgBiABNgIYCyAGIAY2AgwgBiAGNgIIDAELIAEoAggiACAGNgIMIAEgBjYCCCAGQQA2AhggBiABNgIMIAYgADYCCAsgBEEIaiEADAELAkAgC0UNAAJAIAEoAhwiAkECdEG4CmoiACgCACABRgRAIAAgBDYCACAEDQFBjAggBkF+IAJ3cTYCAAwCCyALQRBBFCALKAIQIAFGG2ogBDYCACAERQ0BCyAEIAs2AhggASgCECIABEAgBCAANgIQIAAgBDYCGAsgASgCFCIARQ0AIAQgADYCFCAAIAQ2AhgLAkAgA0EPTQRAIAEgAyAIaiIAQQNyNgIEIAAgAWoiACAAKAIEQQFyNgIEDAELIAEgCEEDcjYCBCAJIANBAXI2AgQgAyAJaiADNgIAIAoEQCAKQQN2IgBBA3RBsAhqIQRBnAgoAgAhAgJ/QQEgAHQiACAFcUUEQEGICCAAIAVyNgIAIAQMAQsgBCgCCAshACAEIAI2AgggACACNgIMIAIgBDYCDCACIAA2AggLQZwIIAk2AgBBkAggAzYCAAsgAUEIaiEACyAMQRBqJAAgAAsQACMAIABrQXBxIgAkACAACwYAIAAkAAsEACMAC4AJAgh/BH4jAEGQAWsiBiQAIAYgBS0AA0EYdEGAgIAYcSAFLwAAIAUtAAJBEHRycjYCACAGIAUoAANBAnZBg/7/H3E2AgQgBiAFKAAGQQR2Qf+B/x9xNgIIIAYgBSgACUEGdkH//8AfcTYCDCAFLwANIQggBS0ADyEJIAZCADcCFCAGQgA3AhwgBkEANgIkIAYgCCAJQRB0QYCAPHFyNgIQIAYgBSgAEDYCKCAGIAUoABQ2AiwgBiAFKAAYNgIwIAUoABwhBSAGQQA6AEwgBkEANgI4IAYgBTYCNCAGIAEgAhAEIAQEQCAGIAMgBBAECyAGKAI4IgEEQCAGQTxqIgIgAWpBAToAACABQQFqQQ9NBEAgASAGakE9aiEEAkBBDyABayIDRQ0AIAMgBGoiAUEBa0EAOgAAIARBADoAACADQQNJDQAgAUECa0EAOgAAIARBADoAASABQQNrQQA6AAAgBEEAOgACIANBB0kNACABQQRrQQA6AAAgBEEAOgADIANBCUkNACAEQQAgBGtBA3EiAWoiBEEANgIAIAQgAyABa0F8cSIBaiIDQQRrQQA2AgAgAUEJSQ0AIARBADYCCCAEQQA2AgQgA0EIa0EANgIAIANBDGtBADYCACABQRlJDQAgBEEANgIYIARBADYCFCAEQQA2AhAgBEEANgIMIANBEGtBADYCACADQRRrQQA2AgAgA0EYa0EANgIAIANBHGtBADYCACABIARBBHFBGHIiAWsiA0EgSQ0AIAEgBGohAQNAIAFCADcDGCABQgA3AxAgAUIANwMIIAFCADcDACABQSBqIQEgA0EgayIDQR9LDQALCwsgBkEBOgBMIAYgAkEQEAILIAY1AjQhECAGNQIwIREgBjUCLCEOIAAgBjUCKCAGKAIkIAYoAiAgBigCHCAGKAIYIgNBGnZqIgJBGnZqIgFBGnZqIgtBgICAYHIgAUH///8fcSINIAJB////H3EiCCAGKAIUIAtBGnZBBWxqIgFB////H3EiCUEFaiIFQRp2IANB////H3EgAUEadmoiA2oiAUEadmoiAkEadmoiBEEadmoiDEEfdSIHIANxIAEgDEEfdkEBayIDQf///x9xIgpxciIBQRp0IAUgCnEgByAJcXJyrXwiDzwAACAAIA9CGIg8AAMgACAPQhCIPAACIAAgD0IIiDwAASAAIA4gByAIcSACIApxciICQRR0IAFBBnZyrXwgD0IgiHwiDjwABCAAIA5CGIg8AAcgACAOQhCIPAAGIAAgDkIIiDwABSAAIBEgByANcSAEIApxciIBQQ50IAJBDHZyrXwgDkIgiHwiDjwACCAAIA5CGIg8AAsgACAOQhCIPAAKIAAgDkIIiDwACSAAIBAgAyAMcSAHIAtxckEIdCABQRJ2cq18IA5CIIh8Ig48AAwgACAOQhiIPAAPIAAgDkIQiDwADiAAIA5CCIg8AA0gBkIANwIwIAZCADcCKCAGQgA3AiAgBkIANwIYIAZCADcCECAGQgA3AgggBkIANwIAIAZBkAFqJAALpwwBB38CQCAARQ0AIABBCGsiAyAAQQRrKAIAIgFBeHEiAGohBQJAIAFBAXENACABQQNxRQ0BIAMgAygCACIBayIDQZgIKAIASQ0BIAAgAWohACADQZwIKAIARwRAIAFB/wFNBEAgAygCCCICIAFBA3YiBEEDdEGwCGpGGiACIAMoAgwiAUYEQEGICEGICCgCAEF+IAR3cTYCAAwDCyACIAE2AgwgASACNgIIDAILIAMoAhghBgJAIAMgAygCDCIBRwRAIAMoAggiAiABNgIMIAEgAjYCCAwBCwJAIANBFGoiAigCACIEDQAgA0EQaiICKAIAIgQNAEEAIQEMAQsDQCACIQcgBCIBQRRqIgIoAgAiBA0AIAFBEGohAiABKAIQIgQNAAsgB0EANgIACyAGRQ0BAkAgAyADKAIcIgJBAnRBuApqIgQoAgBGBEAgBCABNgIAIAENAUGMCEGMCCgCAEF+IAJ3cTYCAAwDCyAGQRBBFCAGKAIQIANGG2ogATYCACABRQ0CCyABIAY2AhggAygCECICBEAgASACNgIQIAIgATYCGAsgAygCFCICRQ0BIAEgAjYCFCACIAE2AhgMAQsgBSgCBCIBQQNxQQNHDQBBkAggADYCACAFIAFBfnE2AgQgAyAAQQFyNgIEIAAgA2ogADYCAA8LIAMgBU8NACAFKAIEIgFBAXFFDQACQCABQQJxRQRAIAVBoAgoAgBGBEBBoAggAzYCAEGUCEGUCCgCACAAaiIANgIAIAMgAEEBcjYCBCADQZwIKAIARw0DQZAIQQA2AgBBnAhBADYCAA8LIAVBnAgoAgBGBEBBnAggAzYCAEGQCEGQCCgCACAAaiIANgIAIAMgAEEBcjYCBCAAIANqIAA2AgAPCyABQXhxIABqIQACQCABQf8BTQRAIAUoAggiAiABQQN2IgRBA3RBsAhqRhogAiAFKAIMIgFGBEBBiAhBiAgoAgBBfiAEd3E2AgAMAgsgAiABNgIMIAEgAjYCCAwBCyAFKAIYIQYCQCAFIAUoAgwiAUcEQCAFKAIIIgJBmAgoAgBJGiACIAE2AgwgASACNgIIDAELAkAgBUEUaiICKAIAIgQNACAFQRBqIgIoAgAiBA0AQQAhAQwBCwNAIAIhByAEIgFBFGoiAigCACIEDQAgAUEQaiECIAEoAhAiBA0ACyAHQQA2AgALIAZFDQACQCAFIAUoAhwiAkECdEG4CmoiBCgCAEYEQCAEIAE2AgAgAQ0BQYwIQYwIKAIAQX4gAndxNgIADAILIAZBEEEUIAYoAhAgBUYbaiABNgIAIAFFDQELIAEgBjYCGCAFKAIQIgIEQCABIAI2AhAgAiABNgIYCyAFKAIUIgJFDQAgASACNgIUIAIgATYCGAsgAyAAQQFyNgIEIAAgA2ogADYCACADQZwIKAIARw0BQZAIIAA2AgAPCyAFIAFBfnE2AgQgAyAAQQFyNgIEIAAgA2ogADYCAAsgAEH/AU0EQCAAQQN2IgFBA3RBsAhqIQACf0GICCgCACICQQEgAXQiAXFFBEBBiAggASACcjYCACAADAELIAAoAggLIQIgACADNgIIIAIgAzYCDCADIAA2AgwgAyACNgIIDwtBHyECIANCADcCECAAQf///wdNBEAgAEEIdiIBIAFBgP4/akEQdkEIcSIBdCICIAJBgOAfakEQdkEEcSICdCIEIARBgIAPakEQdkECcSIEdEEPdiABIAJyIARyayIBQQF0IAAgAUEVanZBAXFyQRxqIQILIAMgAjYCHCACQQJ0QbgKaiEBAkACQAJAQYwIKAIAIgRBASACdCIHcUUEQEGMCCAEIAdyNgIAIAEgAzYCACADIAE2AhgMAQsgAEEAQRkgAkEBdmsgAkEfRht0IQIgASgCACEBA0AgASIEKAIEQXhxIABGDQIgAkEddiEBIAJBAXQhAiAEIAFBBHFqIgdBEGooAgAiAQ0ACyAHIAM2AhAgAyAENgIYCyADIAM2AgwgAyADNgIIDAELIAQoAggiACADNgIMIAQgAzYCCCADQQA2AhggAyAENgIMIAMgADYCCAtBqAhBqAgoAgBBAWsiAEF/IAAbNgIACwsLCQEAQYEICwIGUA==\";if(!W.startsWith(V)){var na=W;W=b.locateFile?b.locateFile(na,B):B+na}function pa(){var a=W;try{if(a==W&&J)return new Uint8Array(J);var c=H(a);if(c)return c;if(E)return E(a);throw\"both async and sync fetching of the wasm failed\";}catch(d){K(d)}}\nfunction qa(){if(!J&&(x||y)){if(\"function\"===typeof fetch&&!W.startsWith(\"file://\"))return fetch(W,{credentials:\"same-origin\"}).then(function(a){if(!a.ok)throw\"failed to load wasm binary file at '\"+W+\"'\";return a.arrayBuffer()}).catch(function(){return pa()});if(D)return new Promise(function(a,c){D(W,function(d){a(new Uint8Array(d))},c)})}return Promise.resolve().then(function(){return pa()})}\nfunction X(a){for(;0<a.length;){var c=a.shift();if(\"function\"==typeof c)c(b);else{var d=c.m;\"number\"===typeof d?void 0===c.l?R.get(d)():R.get(d)(c.l):d(void 0===c.l?null:c.l)}}}\nvar ba=!1,ra=\"function\"===typeof atob?atob:function(a){var c=\"\",d=0;a=a.replace(/[^A-Za-z0-9\\+\\/=]/g,\"\");do{var e=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\".indexOf(a.charAt(d++));var f=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\".indexOf(a.charAt(d++));var l=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\".indexOf(a.charAt(d++));var A=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\".indexOf(a.charAt(d++));e=e<<\n2|f>>4;f=(f&15)<<4|l>>2;var t=(l&3)<<6|A;c+=String.fromCharCode(e);64!==l&&(c+=String.fromCharCode(f));64!==A&&(c+=String.fromCharCode(t))}while(d<a.length);return c};\nfunction H(a){if(a.startsWith(V)){a=a.slice(V.length);if(\"boolean\"===typeof z&&z){var c=Buffer.from(a,\"base64\");c=new Uint8Array(c.buffer,c.byteOffset,c.byteLength)}else try{var d=ra(a),e=new Uint8Array(d.length);for(a=0;a<d.length;++a)e[a]=d.charCodeAt(a);c=e}catch(f){throw Error(\"Converting base64 string to bytes failed.\");}return c}}\nvar sa={a:function(a){var c=P.length;a>>>=0;if(2147483648<a)return!1;for(var d=1;4>=d;d*=2){var e=c*(1+.2/d);e=Math.min(e,a+100663296);e=Math.max(a,e);0<e%65536&&(e+=65536-e%65536);a:{try{L.grow(Math.min(2147483648,e)-ha.byteLength+65535>>>16);ia();var f=1;break a}catch(l){}f=void 0}if(f)return!0}return!1}};\n(function(){function a(f){b.asm=f.exports;L=b.asm.b;ia();R=b.asm.j;ka.unshift(b.asm.c);S--;b.monitorRunDependencies&&b.monitorRunDependencies(S);0==S&&(null!==T&&(clearInterval(T),T=null),U&&(f=U,U=null,f()))}function c(f){a(f.instance)}function d(f){return qa().then(function(l){return WebAssembly.instantiate(l,e)}).then(f,function(l){I(\"failed to asynchronously prepare wasm: \"+l);K(l)})}var e={a:sa};S++;b.monitorRunDependencies&&b.monitorRunDependencies(S);if(b.instantiateWasm)try{return b.instantiateWasm(e,\na)}catch(f){return I(\"Module.instantiateWasm callback failed with error: \"+f),!1}(function(){return J||\"function\"!==typeof WebAssembly.instantiateStreaming||W.startsWith(V)||W.startsWith(\"file://\")||\"function\"!==typeof fetch?d(c):fetch(W,{credentials:\"same-origin\"}).then(function(f){return WebAssembly.instantiateStreaming(f,e).then(c,function(l){I(\"wasm streaming compile failed: \"+l);I(\"falling back to ArrayBuffer instantiation\");return d(c)})})})().catch(r);return{}})();\nb.___wasm_call_ctors=function(){return(b.___wasm_call_ctors=b.asm.c).apply(null,arguments)};b._poly1305_auth=function(){return(b._poly1305_auth=b.asm.d).apply(null,arguments)};var da=b.stackSave=function(){return(da=b.stackSave=b.asm.e).apply(null,arguments)},fa=b.stackRestore=function(){return(fa=b.stackRestore=b.asm.f).apply(null,arguments)},O=b.stackAlloc=function(){return(O=b.stackAlloc=b.asm.g).apply(null,arguments)};b._malloc=function(){return(b._malloc=b.asm.h).apply(null,arguments)};\nb._free=function(){return(b._free=b.asm.i).apply(null,arguments)};b.cwrap=function(a,c,d,e){d=d||[];var f=d.every(function(l){return\"number\"===l});return\"string\"!==c&&f&&!e?N(a):function(){return ca(a,c,d,arguments)}};var Y;U=function ta(){Y||Z();Y||(U=ta)};\nfunction Z(){function a(){if(!Y&&(Y=!0,b.calledRun=!0,!M)){X(ka);q(b);if(b.onRuntimeInitialized)b.onRuntimeInitialized();if(b.postRun)for(\"function\"==typeof b.postRun&&(b.postRun=[b.postRun]);b.postRun.length;){var c=b.postRun.shift();la.unshift(c)}X(la)}}if(!(0<S)){if(b.preRun)for(\"function\"==typeof b.preRun&&(b.preRun=[b.preRun]);b.preRun.length;)ma();X(ja);0<S||(b.setStatus?(b.setStatus(\"Running...\"),setTimeout(function(){setTimeout(function(){b.setStatus(\"\")},1);a()},1)):a())}}b.run=Z;\nif(b.preInit)for(\"function\"==typeof b.preInit&&(b.preInit=[b.preInit]);0<b.preInit.length;)b.preInit.pop()();Z();\n\n\n  return createPoly1305.ready\n}\n);\n})();\nif (typeof exports === 'object' && typeof module === 'object')\n  module.exports = createPoly1305;\nelse if (typeof define === 'function' && define['amd'])\n  define([], function() { return createPoly1305; });\nelse if (typeof exports === 'object')\n  exports[\"createPoly1305\"] = createPoly1305;\n","'use strict';\n\nconst MESSAGE_HANDLERS = new Array(256);\n[\n  require('./kex.js').HANDLERS,\n  require('./handlers.misc.js'),\n].forEach((handlers) => {\n  // eslint-disable-next-line prefer-const\n  for (let [type, handler] of Object.entries(handlers)) {\n    type = +type;\n    if (isFinite(type) && type >= 0 && type < MESSAGE_HANDLERS.length)\n      MESSAGE_HANDLERS[type] = handler;\n  }\n});\n\nmodule.exports = MESSAGE_HANDLERS;\n","'use strict';\n\nconst {\n  bufferSlice,\n  bufferParser,\n  doFatalError,\n  sigSSHToASN1,\n  writeUInt32BE,\n} = require('./utils.js');\n\nconst {\n  CHANNEL_OPEN_FAILURE,\n  COMPAT,\n  MESSAGE,\n  TERMINAL_MODE,\n} = require('./constants.js');\n\nconst {\n  parseKey,\n} = require('./keyParser.js');\n\nconst TERMINAL_MODE_BY_VALUE =\n  Array.from(Object.entries(TERMINAL_MODE))\n       .reduce((obj, [key, value]) => ({ ...obj, [key]: value }), {});\n\nmodule.exports = {\n  // Transport layer protocol ==================================================\n  [MESSAGE.DISCONNECT]: (self, payload) => {\n    /*\n      byte      SSH_MSG_DISCONNECT\n      uint32    reason code\n      string    description in ISO-10646 UTF-8 encoding\n      string    language tag\n    */\n    bufferParser.init(payload, 1);\n    const reason = bufferParser.readUInt32BE();\n    const desc = bufferParser.readString(true);\n    const lang = bufferParser.readString();\n    bufferParser.clear();\n\n    if (lang === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed DISCONNECT packet'\n      );\n    }\n\n    self._debug && self._debug(\n      `Inbound: Received DISCONNECT (${reason}, \"${desc}\")`\n    );\n\n    const handler = self._handlers.DISCONNECT;\n    handler && handler(self, reason, desc);\n  },\n  [MESSAGE.IGNORE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_IGNORE\n      string    data\n    */\n    self._debug && self._debug('Inbound: Received IGNORE');\n  },\n  [MESSAGE.UNIMPLEMENTED]: (self, payload) => {\n    /*\n      byte      SSH_MSG_UNIMPLEMENTED\n      uint32    packet sequence number of rejected message\n    */\n    bufferParser.init(payload, 1);\n    const seqno = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (seqno === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed UNIMPLEMENTED packet'\n      );\n    }\n\n    self._debug\n      && self._debug(`Inbound: Received UNIMPLEMENTED (seqno ${seqno})`);\n  },\n  [MESSAGE.DEBUG]: (self, payload) => {\n    /*\n      byte      SSH_MSG_DEBUG\n      boolean   always_display\n      string    message in ISO-10646 UTF-8 encoding [RFC3629]\n      string    language tag [RFC3066]\n    */\n    bufferParser.init(payload, 1);\n    const display = bufferParser.readBool();\n    const msg = bufferParser.readString(true);\n    const lang = bufferParser.readString();\n    bufferParser.clear();\n\n    if (lang === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed DEBUG packet'\n      );\n    }\n\n    self._debug && self._debug('Inbound: Received DEBUG');\n\n    const handler = self._handlers.DEBUG;\n    handler && handler(self, display, msg);\n  },\n  [MESSAGE.SERVICE_REQUEST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_SERVICE_REQUEST\n      string    service name\n    */\n    bufferParser.init(payload, 1);\n    const name = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (name === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed SERVICE_REQUEST packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: Received SERVICE_REQUEST (${name})`);\n\n    const handler = self._handlers.SERVICE_REQUEST;\n    handler && handler(self, name);\n  },\n  [MESSAGE.SERVICE_ACCEPT]: (self, payload) => {\n    // S->C\n    /*\n      byte      SSH_MSG_SERVICE_ACCEPT\n      string    service name\n    */\n    bufferParser.init(payload, 1);\n    const name = bufferParser.readString(true);\n    bufferParser.clear();\n\n    if (name === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed SERVICE_ACCEPT packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: Received SERVICE_ACCEPT (${name})`);\n\n    const handler = self._handlers.SERVICE_ACCEPT;\n    handler && handler(self, name);\n  },\n\n  // User auth protocol -- generic =============================================\n  [MESSAGE.USERAUTH_REQUEST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_USERAUTH_REQUEST\n      string    user name in ISO-10646 UTF-8 encoding [RFC3629]\n      string    service name in US-ASCII\n      string    method name in US-ASCII\n      ....      method specific fields\n    */\n    bufferParser.init(payload, 1);\n    const user = bufferParser.readString(true);\n    const service = bufferParser.readString(true);\n    const method = bufferParser.readString(true);\n    let methodData;\n    let methodDesc;\n    switch (method) {\n      case 'none':\n        methodData = null;\n        break;\n      case 'password': {\n        /*\n          boolean   <new password follows (old) plaintext password?>\n          string    plaintext password in ISO-10646 UTF-8 encoding [RFC3629]\n         [string    new password]\n        */\n        const isChange = bufferParser.readBool();\n        if (isChange !== undefined) {\n          methodData = bufferParser.readString(true);\n          if (methodData !== undefined && isChange) {\n            const newPassword = bufferParser.readString(true);\n            if (newPassword !== undefined)\n              methodData = { oldPassword: methodData, newPassword };\n            else\n              methodData = undefined;\n          }\n        }\n        break;\n      }\n      case 'publickey': {\n        /*\n          boolean   <signature follows public key blob?>\n          string    public key algorithm name\n          string    public key blob\n         [string    signature]\n        */\n        const hasSig = bufferParser.readBool();\n        if (hasSig !== undefined) {\n          const keyAlgo = bufferParser.readString(true);\n          const key = bufferParser.readString();\n          if (hasSig) {\n            const blobEnd = bufferParser.pos();\n            let signature = bufferParser.readString();\n            if (signature !== undefined) {\n              if (signature.length > (4 + keyAlgo.length + 4)\n                  && signature.utf8Slice(4, 4 + keyAlgo.length) === keyAlgo) {\n                // Skip algoLen + algo + sigLen\n                signature = bufferSlice(signature, 4 + keyAlgo.length + 4);\n              }\n\n              signature = sigSSHToASN1(signature, keyAlgo);\n              if (signature) {\n                const sessionID = self._kex.sessionID;\n                const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd);\n                writeUInt32BE(blob, sessionID.length, 0);\n                blob.set(sessionID, 4);\n                blob.set(\n                  new Uint8Array(payload.buffer, payload.byteOffset, blobEnd),\n                  4 + sessionID.length\n                );\n                methodData = {\n                  keyAlgo,\n                  key,\n                  signature,\n                  blob,\n                };\n              }\n            }\n          } else {\n            methodData = { keyAlgo, key };\n            methodDesc = 'publickey -- check';\n          }\n        }\n        break;\n      }\n      case 'hostbased': {\n        /*\n          string    public key algorithm for host key\n          string    public host key and certificates for client host\n          string    client host name expressed as the FQDN in US-ASCII\n          string    user name on the client host in ISO-10646 UTF-8 encoding\n                     [RFC3629]\n          string    signature\n        */\n        const keyAlgo = bufferParser.readString(true);\n        const key = bufferParser.readString();\n        const localHostname = bufferParser.readString(true);\n        const localUsername = bufferParser.readString(true);\n\n        const blobEnd = bufferParser.pos();\n        let signature = bufferParser.readString();\n        if (signature !== undefined) {\n          if (signature.length > (4 + keyAlgo.length + 4)\n              && signature.utf8Slice(4, 4 + keyAlgo.length) === keyAlgo) {\n            // Skip algoLen + algo + sigLen\n            signature = bufferSlice(signature, 4 + keyAlgo.length + 4);\n          }\n\n          signature = sigSSHToASN1(signature, keyAlgo);\n          if (signature !== undefined) {\n            const sessionID = self._kex.sessionID;\n            const blob = Buffer.allocUnsafe(4 + sessionID.length + blobEnd);\n            writeUInt32BE(blob, sessionID.length, 0);\n            blob.set(sessionID, 4);\n            blob.set(\n              new Uint8Array(payload.buffer, payload.byteOffset, blobEnd),\n              4 + sessionID.length\n            );\n            methodData = {\n              keyAlgo,\n              key,\n              signature,\n              blob,\n              localHostname,\n              localUsername,\n            };\n          }\n        }\n        break;\n      }\n      case 'keyboard-interactive':\n        /*\n          string    language tag (as defined in [RFC-3066])\n          string    submethods (ISO-10646 UTF-8)\n        */\n        // Skip/ignore language field -- it's deprecated in RFC 4256\n        bufferParser.skipString();\n\n        methodData = bufferParser.readList();\n        break;\n      default:\n        if (method !== undefined)\n          methodData = bufferParser.readRaw();\n    }\n    bufferParser.clear();\n\n    if (methodData === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed USERAUTH_REQUEST packet'\n      );\n    }\n\n    if (methodDesc === undefined)\n      methodDesc = method;\n\n    self._authsQueue.push(method);\n\n    self._debug\n      && self._debug(`Inbound: Received USERAUTH_REQUEST (${methodDesc})`);\n\n    const handler = self._handlers.USERAUTH_REQUEST;\n    handler && handler(self, user, service, method, methodData);\n  },\n  [MESSAGE.USERAUTH_FAILURE]: (self, payload) => {\n    // S->C\n    /*\n      byte         SSH_MSG_USERAUTH_FAILURE\n      name-list    authentications that can continue\n      boolean      partial success\n    */\n    bufferParser.init(payload, 1);\n    const authMethods = bufferParser.readList();\n    const partialSuccess = bufferParser.readBool();\n    bufferParser.clear();\n\n    if (partialSuccess === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed USERAUTH_FAILURE packet'\n      );\n    }\n\n    self._debug\n      && self._debug(`Inbound: Received USERAUTH_FAILURE (${authMethods})`);\n\n    self._authsQueue.shift();\n    const handler = self._handlers.USERAUTH_FAILURE;\n    handler && handler(self, authMethods, partialSuccess);\n  },\n  [MESSAGE.USERAUTH_SUCCESS]: (self, payload) => {\n    // S->C\n    /*\n      byte      SSH_MSG_USERAUTH_SUCCESS\n    */\n    self._debug && self._debug('Inbound: Received USERAUTH_SUCCESS');\n\n    self._authsQueue.shift();\n    const handler = self._handlers.USERAUTH_SUCCESS;\n    handler && handler(self);\n  },\n  [MESSAGE.USERAUTH_BANNER]: (self, payload) => {\n    // S->C\n    /*\n      byte      SSH_MSG_USERAUTH_BANNER\n      string    message in ISO-10646 UTF-8 encoding [RFC3629]\n      string    language tag [RFC3066]\n    */\n    bufferParser.init(payload, 1);\n    const msg = bufferParser.readString(true);\n    const lang = bufferParser.readString();\n    bufferParser.clear();\n\n    if (lang === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed USERAUTH_BANNER packet'\n      );\n    }\n\n    self._debug && self._debug('Inbound: Received USERAUTH_BANNER');\n\n    const handler = self._handlers.USERAUTH_BANNER;\n    handler && handler(self, msg);\n  },\n\n  // User auth protocol -- method-specific =====================================\n  60: (self, payload) => {\n    if (!self._authsQueue.length) {\n      self._debug\n        && self._debug('Inbound: Received payload type 60 without auth');\n      return;\n    }\n\n    switch (self._authsQueue[0]) {\n      case 'password': {\n        // S->C\n        /*\n          byte      SSH_MSG_USERAUTH_PASSWD_CHANGEREQ\n          string    prompt in ISO-10646 UTF-8 encoding [RFC3629]\n          string    language tag [RFC3066]\n        */\n        bufferParser.init(payload, 1);\n        const prompt = bufferParser.readString(true);\n        const lang = bufferParser.readString();\n        bufferParser.clear();\n\n        if (lang === undefined) {\n          return doFatalError(\n            self,\n            'Inbound: Malformed USERAUTH_PASSWD_CHANGEREQ packet'\n          );\n        }\n\n        self._debug\n          && self._debug('Inbound: Received USERAUTH_PASSWD_CHANGEREQ');\n\n        const handler = self._handlers.USERAUTH_PASSWD_CHANGEREQ;\n        handler && handler(self, prompt);\n        break;\n      }\n      case 'publickey': {\n        // S->C\n        /*\n          byte      SSH_MSG_USERAUTH_PK_OK\n          string    public key algorithm name from the request\n          string    public key blob from the request\n        */\n        bufferParser.init(payload, 1);\n        const keyAlgo = bufferParser.readString(true);\n        const key = bufferParser.readString();\n        bufferParser.clear();\n\n        if (key === undefined) {\n          return doFatalError(\n            self,\n            'Inbound: Malformed USERAUTH_PK_OK packet'\n          );\n        }\n\n        self._debug && self._debug('Inbound: Received USERAUTH_PK_OK');\n\n        self._authsQueue.shift();\n        const handler = self._handlers.USERAUTH_PK_OK;\n        handler && handler(self, keyAlgo, key);\n        break;\n      }\n      case 'keyboard-interactive': {\n        // S->C\n        /*\n          byte      SSH_MSG_USERAUTH_INFO_REQUEST\n          string    name (ISO-10646 UTF-8)\n          string    instruction (ISO-10646 UTF-8)\n          string    language tag (as defined in [RFC-3066])\n          int       num-prompts\n          string    prompt[1] (ISO-10646 UTF-8)\n          boolean   echo[1]\n          ...\n          string    prompt[num-prompts] (ISO-10646 UTF-8)\n          boolean   echo[num-prompts]\n        */\n        bufferParser.init(payload, 1);\n        const name = bufferParser.readString(true);\n        const instructions = bufferParser.readString(true);\n        bufferParser.readString(); // skip lang\n        const numPrompts = bufferParser.readUInt32BE();\n        let prompts;\n        if (numPrompts !== undefined) {\n          prompts = new Array(numPrompts);\n          let i;\n          for (i = 0; i < numPrompts; ++i) {\n            const prompt = bufferParser.readString(true);\n            const echo = bufferParser.readBool();\n            if (echo === undefined)\n              break;\n            prompts[i] = { prompt, echo };\n          }\n          if (i !== numPrompts)\n            prompts = undefined;\n        }\n        bufferParser.clear();\n\n        if (prompts === undefined) {\n          return doFatalError(\n            self,\n            'Inbound: Malformed USERAUTH_INFO_REQUEST packet'\n          );\n        }\n\n        self._debug && self._debug('Inbound: Received USERAUTH_INFO_REQUEST');\n\n        const handler = self._handlers.USERAUTH_INFO_REQUEST;\n        handler && handler(self, name, instructions, prompts);\n        break;\n      }\n      default:\n        self._debug\n          && self._debug('Inbound: Received unexpected payload type 60');\n    }\n  },\n  61: (self, payload) => {\n    if (!self._authsQueue.length) {\n      self._debug\n        && self._debug('Inbound: Received payload type 61 without auth');\n      return;\n    }\n    /*\n      byte      SSH_MSG_USERAUTH_INFO_RESPONSE\n      int       num-responses\n      string    response[1] (ISO-10646 UTF-8)\n      ...\n      string    response[num-responses] (ISO-10646 UTF-8)\n    */\n    if (self._authsQueue[0] !== 'keyboard-interactive') {\n      return doFatalError(\n        self,\n        'Inbound: Received unexpected payload type 61'\n      );\n    }\n    bufferParser.init(payload, 1);\n    const numResponses = bufferParser.readUInt32BE();\n    let responses;\n    if (numResponses !== undefined) {\n      responses = new Array(numResponses);\n      let i;\n      for (i = 0; i < numResponses; ++i) {\n        const response = bufferParser.readString(true);\n        if (response === undefined)\n          break;\n        responses[i] = response;\n      }\n      if (i !== numResponses)\n        responses = undefined;\n    }\n    bufferParser.clear();\n\n    if (responses === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed USERAUTH_INFO_RESPONSE packet'\n      );\n    }\n\n    self._debug && self._debug('Inbound: Received USERAUTH_INFO_RESPONSE');\n\n    const handler = self._handlers.USERAUTH_INFO_RESPONSE;\n    handler && handler(self, responses);\n  },\n\n  // Connection protocol -- generic ============================================\n  [MESSAGE.GLOBAL_REQUEST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_GLOBAL_REQUEST\n      string    request name in US-ASCII only\n      boolean   want reply\n      ....      request-specific data follows\n    */\n    bufferParser.init(payload, 1);\n    const name = bufferParser.readString(true);\n    const wantReply = bufferParser.readBool();\n    let data;\n    if (wantReply !== undefined) {\n      switch (name) {\n        case 'tcpip-forward':\n        case 'cancel-tcpip-forward': {\n          /*\n            string    address to bind (e.g., \"0.0.0.0\")\n            uint32    port number to bind\n          */\n          const bindAddr = bufferParser.readString(true);\n          const bindPort = bufferParser.readUInt32BE();\n          if (bindPort !== undefined)\n            data = { bindAddr, bindPort };\n          break;\n        }\n        case 'streamlocal-forward@openssh.com':\n        case 'cancel-streamlocal-forward@openssh.com': {\n          /*\n            string    socket path\n          */\n          const socketPath = bufferParser.readString(true);\n          if (socketPath !== undefined)\n            data = { socketPath };\n          break;\n        }\n        case 'no-more-sessions@openssh.com':\n          data = null;\n          break;\n        case 'hostkeys-00@openssh.com': {\n          data = [];\n          while (bufferParser.avail() > 0) {\n            const keyRaw = bufferParser.readString();\n            if (keyRaw === undefined) {\n              data = undefined;\n              break;\n            }\n            const key = parseKey(keyRaw);\n            if (!(key instanceof Error))\n              data.push(key);\n          }\n          break;\n        }\n        default:\n          data = bufferParser.readRaw();\n      }\n    }\n    bufferParser.clear();\n\n    if (data === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed GLOBAL_REQUEST packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: GLOBAL_REQUEST (${name})`);\n\n    const handler = self._handlers.GLOBAL_REQUEST;\n    if (handler)\n      handler(self, name, wantReply, data);\n    else\n      self.requestFailure(); // Auto reject\n  },\n  [MESSAGE.REQUEST_SUCCESS]: (self, payload) => {\n    /*\n      byte      SSH_MSG_REQUEST_SUCCESS\n      ....     response specific data\n    */\n    const data = (payload.length > 1 ? bufferSlice(payload, 1) : null);\n\n    self._debug && self._debug('Inbound: REQUEST_SUCCESS');\n\n    const handler = self._handlers.REQUEST_SUCCESS;\n    handler && handler(self, data);\n  },\n  [MESSAGE.REQUEST_FAILURE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_REQUEST_FAILURE\n    */\n    self._debug && self._debug('Inbound: Received REQUEST_FAILURE');\n\n    const handler = self._handlers.REQUEST_FAILURE;\n    handler && handler(self);\n  },\n\n  // Connection protocol -- channel-related ====================================\n  [MESSAGE.CHANNEL_OPEN]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_OPEN\n      string    channel type in US-ASCII only\n      uint32    sender channel\n      uint32    initial window size\n      uint32    maximum packet size\n      ....      channel type specific data follows\n    */\n    bufferParser.init(payload, 1);\n    const type = bufferParser.readString(true);\n    const sender = bufferParser.readUInt32BE();\n    const window = bufferParser.readUInt32BE();\n    const packetSize = bufferParser.readUInt32BE();\n    let channelInfo;\n\n    switch (type) {\n      case 'forwarded-tcpip': // S->C\n      case 'direct-tcpip': { // C->S\n        /*\n          string    address that was connected / host to connect\n          uint32    port that was connected / port to connect\n          string    originator IP address\n          uint32    originator port\n        */\n        const destIP = bufferParser.readString(true);\n        const destPort = bufferParser.readUInt32BE();\n        const srcIP = bufferParser.readString(true);\n        const srcPort = bufferParser.readUInt32BE();\n        if (srcPort !== undefined) {\n          channelInfo = {\n            type,\n            sender,\n            window,\n            packetSize,\n            data: { destIP, destPort, srcIP, srcPort }\n          };\n        }\n        break;\n      }\n      case 'forwarded-streamlocal@openssh.com': // S->C\n      case 'direct-streamlocal@openssh.com': { // C->S\n        /*\n          string    socket path\n          string    reserved for future use\n\n          (direct-streamlocal@openssh.com additionally has:)\n          uint32    reserved\n        */\n        const socketPath = bufferParser.readString(true);\n        if (socketPath !== undefined) {\n          channelInfo = {\n            type,\n            sender,\n            window,\n            packetSize,\n            data: { socketPath }\n          };\n        }\n        break;\n      }\n      case 'x11': { // S->C\n        /*\n          string    originator address (e.g., \"192.168.7.38\")\n          uint32    originator port\n        */\n        const srcIP = bufferParser.readString(true);\n        const srcPort = bufferParser.readUInt32BE();\n        if (srcPort !== undefined) {\n          channelInfo = {\n            type,\n            sender,\n            window,\n            packetSize,\n            data: { srcIP, srcPort }\n          };\n        }\n        break;\n      }\n      default:\n        // Includes:\n        //   'session' (C->S)\n        //   'auth-agent@openssh.com' (S->C)\n        channelInfo = {\n          type,\n          sender,\n          window,\n          packetSize,\n          data: {}\n        };\n    }\n    bufferParser.clear();\n\n    if (channelInfo === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_OPEN packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_OPEN (s:${sender}, ${type})`);\n\n    const handler = self._handlers.CHANNEL_OPEN;\n    if (handler) {\n      handler(self, channelInfo);\n    } else {\n      self.channelOpenFail(\n        channelInfo.sender,\n        CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED,\n        '',\n        ''\n      );\n    }\n  },\n  [MESSAGE.CHANNEL_OPEN_CONFIRMATION]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_OPEN_CONFIRMATION\n      uint32    recipient channel\n      uint32    sender channel\n      uint32    initial window size\n      uint32    maximum packet size\n      ....      channel type specific data follows\n    */\n    // \"The 'recipient channel' is the channel number given in the\n    // original open request, and 'sender channel' is the channel number\n    // allocated by the other side.\"\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const sender = bufferParser.readUInt32BE();\n    const window = bufferParser.readUInt32BE();\n    const packetSize = bufferParser.readUInt32BE();\n    const data = (bufferParser.avail() ? bufferParser.readRaw() : undefined);\n    bufferParser.clear();\n\n    if (packetSize === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_OPEN_CONFIRMATION packet'\n      );\n    }\n\n    self._debug && self._debug(\n      `Inbound: CHANNEL_OPEN_CONFIRMATION (r:${recipient}, s:${sender})`\n    );\n\n    const handler = self._handlers.CHANNEL_OPEN_CONFIRMATION;\n    if (handler)\n      handler(self, { recipient, sender, window, packetSize, data });\n  },\n  [MESSAGE.CHANNEL_OPEN_FAILURE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_OPEN_FAILURE\n      uint32    recipient channel\n      uint32    reason code\n      string    description in ISO-10646 UTF-8 encoding [RFC3629]\n      string    language tag [RFC3066]\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const reason = bufferParser.readUInt32BE();\n    const description = bufferParser.readString(true);\n    const lang = bufferParser.readString();\n    bufferParser.clear();\n\n    if (lang === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_OPEN_FAILURE packet'\n      );\n    }\n\n    self._debug\n      && self._debug(`Inbound: CHANNEL_OPEN_FAILURE (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_OPEN_FAILURE;\n    handler && handler(self, recipient, reason, description);\n  },\n  [MESSAGE.CHANNEL_WINDOW_ADJUST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_WINDOW_ADJUST\n      uint32    recipient channel\n      uint32    bytes to add\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const bytesToAdd = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (bytesToAdd === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_WINDOW_ADJUST packet'\n      );\n    }\n\n    self._debug && self._debug(\n      `Inbound: CHANNEL_WINDOW_ADJUST (r:${recipient}, ${bytesToAdd})`\n    );\n\n    const handler = self._handlers.CHANNEL_WINDOW_ADJUST;\n    handler && handler(self, recipient, bytesToAdd);\n  },\n  [MESSAGE.CHANNEL_DATA]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_DATA\n      uint32    recipient channel\n      string    data\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const data = bufferParser.readString();\n    bufferParser.clear();\n\n    if (data === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_DATA packet'\n      );\n    }\n\n    self._debug\n      && self._debug(`Inbound: CHANNEL_DATA (r:${recipient}, ${data.length})`);\n\n    const handler = self._handlers.CHANNEL_DATA;\n    handler && handler(self, recipient, data);\n  },\n  [MESSAGE.CHANNEL_EXTENDED_DATA]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_EXTENDED_DATA\n      uint32    recipient channel\n      uint32    data_type_code\n      string    data\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const type = bufferParser.readUInt32BE();\n    const data = bufferParser.readString();\n    bufferParser.clear();\n\n    if (data === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_EXTENDED_DATA packet'\n      );\n    }\n\n    self._debug && self._debug(\n      `Inbound: CHANNEL_EXTENDED_DATA (r:${recipient}, ${data.length})`\n    );\n\n    const handler = self._handlers.CHANNEL_EXTENDED_DATA;\n    handler && handler(self, recipient, data, type);\n  },\n  [MESSAGE.CHANNEL_EOF]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_EOF\n      uint32    recipient channel\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (recipient === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_EOF packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_EOF (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_EOF;\n    handler && handler(self, recipient);\n  },\n  [MESSAGE.CHANNEL_CLOSE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_CLOSE\n      uint32    recipient channel\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (recipient === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_CLOSE packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_CLOSE (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_CLOSE;\n    handler && handler(self, recipient);\n  },\n  [MESSAGE.CHANNEL_REQUEST]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_REQUEST\n      uint32    recipient channel\n      string    request type in US-ASCII characters only\n      boolean   want reply\n      ....      type-specific data follows\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    const type = bufferParser.readString(true);\n    const wantReply = bufferParser.readBool();\n    let data;\n    if (wantReply !== undefined) {\n      switch (type) {\n        case 'exit-status': // S->C\n          /*\n            uint32    exit_status\n          */\n          data = bufferParser.readUInt32BE();\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'exit-signal': { // S->C\n          /*\n            string    signal name (without the \"SIG\" prefix)\n            boolean   core dumped\n            string    error message in ISO-10646 UTF-8 encoding\n            string    language tag\n          */\n          let signal;\n          let coreDumped;\n          if (self._compatFlags & COMPAT.OLD_EXIT) {\n            /*\n              Instead of `signal name` and `core dumped`, we have just:\n                uint32  signal number\n            */\n            const num = bufferParser.readUInt32BE();\n            switch (num) {\n              case 1:\n                signal = 'HUP';\n                break;\n              case 2:\n                signal = 'INT';\n                break;\n              case 3:\n                signal = 'QUIT';\n                break;\n              case 6:\n                signal = 'ABRT';\n                break;\n              case 9:\n                signal = 'KILL';\n                break;\n              case 14:\n                signal = 'ALRM';\n                break;\n              case 15:\n                signal = 'TERM';\n                break;\n              default:\n                if (num !== undefined) {\n                  // Unknown or OS-specific\n                  signal = `UNKNOWN (${num})`;\n                }\n            }\n            coreDumped = false;\n          } else {\n            signal = bufferParser.readString(true);\n            coreDumped = bufferParser.readBool();\n            if (coreDumped === undefined)\n              signal = undefined;\n          }\n          const errorMessage = bufferParser.readString(true);\n          if (bufferParser.skipString() !== undefined)\n            data = { signal, coreDumped, errorMessage };\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${signal})`\n          );\n          break;\n        }\n        case 'pty-req': { // C->S\n          /*\n            string    TERM environment variable value (e.g., vt100)\n            uint32    terminal width, characters (e.g., 80)\n            uint32    terminal height, rows (e.g., 24)\n            uint32    terminal width, pixels (e.g., 640)\n            uint32    terminal height, pixels (e.g., 480)\n            string    encoded terminal modes\n          */\n          const term = bufferParser.readString(true);\n          const cols = bufferParser.readUInt32BE();\n          const rows = bufferParser.readUInt32BE();\n          const width = bufferParser.readUInt32BE();\n          const height = bufferParser.readUInt32BE();\n          const modesBinary = bufferParser.readString();\n          if (modesBinary !== undefined) {\n            bufferParser.init(modesBinary, 1);\n            let modes = {};\n            while (bufferParser.avail()) {\n              const opcode = bufferParser.readByte();\n              if (opcode === TERMINAL_MODE.TTY_OP_END)\n                break;\n              const name = TERMINAL_MODE_BY_VALUE[opcode];\n              const value = bufferParser.readUInt32BE();\n              if (opcode === undefined\n                  || name === undefined\n                  || value === undefined) {\n                modes = undefined;\n                break;\n              }\n              modes[name] = value;\n            }\n            if (modes !== undefined)\n              data = { term, cols, rows, width, height, modes };\n          }\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        }\n        case 'window-change': { // C->S\n          /*\n            uint32    terminal width, columns\n            uint32    terminal height, rows\n            uint32    terminal width, pixels\n            uint32    terminal height, pixels\n          */\n          const cols = bufferParser.readUInt32BE();\n          const rows = bufferParser.readUInt32BE();\n          const width = bufferParser.readUInt32BE();\n          const height = bufferParser.readUInt32BE();\n          if (height !== undefined)\n            data = { cols, rows, width, height };\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        }\n        case 'x11-req': { // C->S\n          /*\n            boolean   single connection\n            string    x11 authentication protocol\n            string    x11 authentication cookie\n            uint32    x11 screen number\n          */\n          const single = bufferParser.readBool();\n          const protocol = bufferParser.readString(true);\n          const cookie = bufferParser.readString();\n          const screen = bufferParser.readUInt32BE();\n          if (screen !== undefined)\n            data = { single, protocol, cookie, screen };\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        }\n        case 'env': { // C->S\n          /*\n            string    variable name\n            string    variable value\n          */\n          const name = bufferParser.readString(true);\n          const value = bufferParser.readString(true);\n          if (value !== undefined)\n            data = { name, value };\n          if (self._debug) {\n            self._debug(\n              `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: `\n                + `${name}=${value})`\n            );\n          }\n          break;\n        }\n        case 'shell': // C->S\n          data = null; // No extra data\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        case 'exec': // C->S\n          /*\n            string    command\n          */\n          data = bufferParser.readString(true);\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'subsystem': // C->S\n          /*\n            string    subsystem name\n          */\n          data = bufferParser.readString(true);\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'signal': // C->S\n          /*\n            string    signal name (without the \"SIG\" prefix)\n          */\n          data = bufferParser.readString(true);\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'xon-xoff': // C->S\n          /*\n            boolean   client can do\n          */\n          data = bufferParser.readBool();\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type}: ${data})`\n          );\n          break;\n        case 'auth-agent-req@openssh.com': // C-S\n          data = null; // No extra data\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n          break;\n        default:\n          data = (bufferParser.avail() ? bufferParser.readRaw() : null);\n          self._debug && self._debug(\n            `Inbound: CHANNEL_REQUEST (r:${recipient}, ${type})`\n          );\n      }\n    }\n    bufferParser.clear();\n\n    if (data === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_REQUEST packet'\n      );\n    }\n\n    const handler = self._handlers.CHANNEL_REQUEST;\n    handler && handler(self, recipient, type, wantReply, data);\n  },\n  [MESSAGE.CHANNEL_SUCCESS]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_SUCCESS\n      uint32    recipient channel\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (recipient === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_SUCCESS packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_SUCCESS (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_SUCCESS;\n    handler && handler(self, recipient);\n  },\n  [MESSAGE.CHANNEL_FAILURE]: (self, payload) => {\n    /*\n      byte      SSH_MSG_CHANNEL_FAILURE\n      uint32    recipient channel\n    */\n    bufferParser.init(payload, 1);\n    const recipient = bufferParser.readUInt32BE();\n    bufferParser.clear();\n\n    if (recipient === undefined) {\n      return doFatalError(\n        self,\n        'Inbound: Malformed CHANNEL_FAILURE packet'\n      );\n    }\n\n    self._debug && self._debug(`Inbound: CHANNEL_FAILURE (r:${recipient})`);\n\n    const handler = self._handlers.CHANNEL_FAILURE;\n    handler && handler(self, recipient);\n  },\n};\n","'use strict';\n\nconst {\n  createDiffieHellman,\n  createDiffieHellmanGroup,\n  createECDH,\n  createHash,\n  createPublicKey,\n  diffieHellman,\n  generateKeyPairSync,\n  randomFillSync,\n} = require('crypto');\n\nconst { Ber } = require('asn1');\n\nconst {\n  COMPAT,\n  curve25519Supported,\n  DEFAULT_KEX,\n  DEFAULT_SERVER_HOST_KEY,\n  DEFAULT_CIPHER,\n  DEFAULT_MAC,\n  DEFAULT_COMPRESSION,\n  DISCONNECT_REASON,\n  MESSAGE,\n} = require('./constants.js');\nconst {\n  CIPHER_INFO,\n  createCipher,\n  createDecipher,\n  MAC_INFO,\n} = require('./crypto.js');\nconst { parseDERKey } = require('./keyParser.js');\nconst {\n  bufferFill,\n  bufferParser,\n  convertSignature,\n  doFatalError,\n  FastBuffer,\n  sigSSHToASN1,\n  writeUInt32BE,\n} = require('./utils.js');\nconst {\n  PacketReader,\n  PacketWriter,\n  ZlibPacketReader,\n  ZlibPacketWriter,\n} = require('./zlib.js');\n\nlet MESSAGE_HANDLERS;\n\nconst GEX_MIN_BITS = 2048; // RFC 8270\nconst GEX_MAX_BITS = 8192; // RFC 8270\n\nconst EMPTY_BUFFER = Buffer.alloc(0);\n\n// Client/Server\nfunction kexinit(self) {\n  /*\n    byte         SSH_MSG_KEXINIT\n    byte[16]     cookie (random bytes)\n    name-list    kex_algorithms\n    name-list    server_host_key_algorithms\n    name-list    encryption_algorithms_client_to_server\n    name-list    encryption_algorithms_server_to_client\n    name-list    mac_algorithms_client_to_server\n    name-list    mac_algorithms_server_to_client\n    name-list    compression_algorithms_client_to_server\n    name-list    compression_algorithms_server_to_client\n    name-list    languages_client_to_server\n    name-list    languages_server_to_client\n    boolean      first_kex_packet_follows\n    uint32       0 (reserved for future extension)\n  */\n\n  let payload;\n  if (self._compatFlags & COMPAT.BAD_DHGEX) {\n    const entry = self._offer.lists.kex;\n    let kex = entry.array;\n    let found = false;\n    for (let i = 0; i < kex.length; ++i) {\n      if (kex[i].includes('group-exchange')) {\n        if (!found) {\n          found = true;\n          // Copy array lazily\n          kex = kex.slice();\n        }\n        kex.splice(i--, 1);\n      }\n    }\n    if (found) {\n      let len = 1 + 16 + self._offer.totalSize + 1 + 4;\n      const newKexBuf = Buffer.from(kex.join(','));\n      len -= (entry.buffer.length - newKexBuf.length);\n\n      const all = self._offer.lists.all;\n      const rest = new Uint8Array(\n        all.buffer,\n        all.byteOffset + 4 + entry.buffer.length,\n        all.length - (4 + entry.buffer.length)\n      );\n\n      payload = Buffer.allocUnsafe(len);\n      writeUInt32BE(payload, newKexBuf.length, 17);\n      payload.set(newKexBuf, 17 + 4);\n      payload.set(rest, 17 + 4 + newKexBuf.length);\n    }\n  }\n\n  if (payload === undefined) {\n    payload = Buffer.allocUnsafe(1 + 16 + self._offer.totalSize + 1 + 4);\n    self._offer.copyAllTo(payload, 17);\n  }\n\n  self._debug && self._debug('Outbound: Sending KEXINIT');\n\n  payload[0] = MESSAGE.KEXINIT;\n  randomFillSync(payload, 1, 16);\n\n  // Zero-fill first_kex_packet_follows and reserved bytes\n  bufferFill(payload, 0, payload.length - 5);\n\n  self._kexinit = payload;\n\n  // Needed to correct the starting position in allocated \"packets\" when packets\n  // will be buffered due to active key exchange\n  self._packetRW.write.allocStart = 0;\n\n  // TODO: only create single buffer and set _kexinit as slice of packet instead\n  {\n    const p = self._packetRW.write.allocStartKEX;\n    const packet = self._packetRW.write.alloc(payload.length, true);\n    packet.set(payload, p);\n    self._cipher.encrypt(self._packetRW.write.finalize(packet, true));\n  }\n}\n\nfunction handleKexInit(self, payload) {\n  /*\n    byte         SSH_MSG_KEXINIT\n    byte[16]     cookie (random bytes)\n    name-list    kex_algorithms\n    name-list    server_host_key_algorithms\n    name-list    encryption_algorithms_client_to_server\n    name-list    encryption_algorithms_server_to_client\n    name-list    mac_algorithms_client_to_server\n    name-list    mac_algorithms_server_to_client\n    name-list    compression_algorithms_client_to_server\n    name-list    compression_algorithms_server_to_client\n    name-list    languages_client_to_server\n    name-list    languages_server_to_client\n    boolean      first_kex_packet_follows\n    uint32       0 (reserved for future extension)\n  */\n  const init = {\n    kex: undefined,\n    serverHostKey: undefined,\n    cs: {\n      cipher: undefined,\n      mac: undefined,\n      compress: undefined,\n      lang: undefined,\n    },\n    sc: {\n      cipher: undefined,\n      mac: undefined,\n      compress: undefined,\n      lang: undefined,\n    },\n  };\n\n  bufferParser.init(payload, 17);\n\n  if ((init.kex = bufferParser.readList()) === undefined\n      || (init.serverHostKey = bufferParser.readList()) === undefined\n      || (init.cs.cipher = bufferParser.readList()) === undefined\n      || (init.sc.cipher = bufferParser.readList()) === undefined\n      || (init.cs.mac = bufferParser.readList()) === undefined\n      || (init.sc.mac = bufferParser.readList()) === undefined\n      || (init.cs.compress = bufferParser.readList()) === undefined\n      || (init.sc.compress = bufferParser.readList()) === undefined\n      || (init.cs.lang = bufferParser.readList()) === undefined\n      || (init.sc.lang = bufferParser.readList()) === undefined) {\n    bufferParser.clear();\n    return doFatalError(\n      self,\n      'Received malformed KEXINIT',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n\n  const pos = bufferParser.pos();\n  const firstFollows = (pos < payload.length && payload[pos] === 1);\n  bufferParser.clear();\n\n  const local = self._offer;\n  const remote = init;\n\n  let localKex = local.lists.kex.array;\n  if (self._compatFlags & COMPAT.BAD_DHGEX) {\n    let found = false;\n    for (let i = 0; i < localKex.length; ++i) {\n      if (localKex[i].indexOf('group-exchange') !== -1) {\n        if (!found) {\n          found = true;\n          // Copy array lazily\n          localKex = localKex.slice();\n        }\n        localKex.splice(i--, 1);\n      }\n    }\n  }\n\n  let clientList;\n  let serverList;\n  let i;\n  const debug = self._debug;\n\n  debug && debug('Inbound: Handshake in progress');\n\n  // Key exchange method =======================================================\n  debug && debug(`Handshake: (local) KEX method: ${localKex}`);\n  debug && debug(`Handshake: (remote) KEX method: ${remote.kex}`);\n  if (self._server) {\n    serverList = localKex;\n    clientList = remote.kex;\n  } else {\n    serverList = remote.kex;\n    clientList = localKex;\n  }\n  // Check for agreeable key exchange algorithm\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching key exchange algorithm');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching key exchange algorithm',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.kex = clientList[i];\n  debug && debug(`Handshake: KEX algorithm: ${clientList[i]}`);\n  if (firstFollows && (!remote.kex.length || clientList[i] !== remote.kex[0])) {\n    // Ignore next inbound packet, it was a wrong first guess at KEX algorithm\n    self._skipNextInboundPacket = true;\n  }\n\n\n  // Server host key format ====================================================\n  const localSrvHostKey = local.lists.serverHostKey.array;\n  debug && debug(`Handshake: (local) Host key format: ${localSrvHostKey}`);\n  debug && debug(\n    `Handshake: (remote) Host key format: ${remote.serverHostKey}`\n  );\n  if (self._server) {\n    serverList = localSrvHostKey;\n    clientList = remote.serverHostKey;\n  } else {\n    serverList = remote.serverHostKey;\n    clientList = localSrvHostKey;\n  }\n  // Check for agreeable server host key format\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching host key format');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching host key format',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.serverHostKey = clientList[i];\n  debug && debug(`Handshake: Host key format: ${clientList[i]}`);\n\n\n  // Client->Server cipher =====================================================\n  const localCSCipher = local.lists.cs.cipher.array;\n  debug && debug(`Handshake: (local) C->S cipher: ${localCSCipher}`);\n  debug && debug(`Handshake: (remote) C->S cipher: ${remote.cs.cipher}`);\n  if (self._server) {\n    serverList = localCSCipher;\n    clientList = remote.cs.cipher;\n  } else {\n    serverList = remote.cs.cipher;\n    clientList = localCSCipher;\n  }\n  // Check for agreeable client->server cipher\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching C->S cipher');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching C->S cipher',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.cs.cipher = clientList[i];\n  debug && debug(`Handshake: C->S Cipher: ${clientList[i]}`);\n\n\n  // Server->Client cipher =====================================================\n  const localSCCipher = local.lists.sc.cipher.array;\n  debug && debug(`Handshake: (local) S->C cipher: ${localSCCipher}`);\n  debug && debug(`Handshake: (remote) S->C cipher: ${remote.sc.cipher}`);\n  if (self._server) {\n    serverList = localSCCipher;\n    clientList = remote.sc.cipher;\n  } else {\n    serverList = remote.sc.cipher;\n    clientList = localSCCipher;\n  }\n  // Check for agreeable server->client cipher\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching S->C cipher');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching S->C cipher',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.sc.cipher = clientList[i];\n  debug && debug(`Handshake: S->C cipher: ${clientList[i]}`);\n\n\n  // Client->Server MAC ========================================================\n  const localCSMAC = local.lists.cs.mac.array;\n  debug && debug(`Handshake: (local) C->S MAC: ${localCSMAC}`);\n  debug && debug(`Handshake: (remote) C->S MAC: ${remote.cs.mac}`);\n  if (CIPHER_INFO[init.cs.cipher].authLen > 0) {\n    init.cs.mac = '';\n    debug && debug('Handshake: C->S MAC: <implicit>');\n  } else {\n    if (self._server) {\n      serverList = localCSMAC;\n      clientList = remote.cs.mac;\n    } else {\n      serverList = remote.cs.mac;\n      clientList = localCSMAC;\n    }\n    // Check for agreeable client->server hmac algorithm\n    for (i = 0;\n         i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n         ++i);\n    if (i === clientList.length) {\n      // No suitable match found!\n      debug && debug('Handshake: No matching C->S MAC');\n      return doFatalError(\n        self,\n        'Handshake failed: no matching C->S MAC',\n        'handshake',\n        DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n      );\n    }\n    init.cs.mac = clientList[i];\n    debug && debug(`Handshake: C->S MAC: ${clientList[i]}`);\n  }\n\n\n  // Server->Client MAC ========================================================\n  const localSCMAC = local.lists.sc.mac.array;\n  debug && debug(`Handshake: (local) S->C MAC: ${localSCMAC}`);\n  debug && debug(`Handshake: (remote) S->C MAC: ${remote.sc.mac}`);\n  if (CIPHER_INFO[init.sc.cipher].authLen > 0) {\n    init.sc.mac = '';\n    debug && debug('Handshake: S->C MAC: <implicit>');\n  } else {\n    if (self._server) {\n      serverList = localSCMAC;\n      clientList = remote.sc.mac;\n    } else {\n      serverList = remote.sc.mac;\n      clientList = localSCMAC;\n    }\n    // Check for agreeable server->client hmac algorithm\n    for (i = 0;\n         i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n         ++i);\n    if (i === clientList.length) {\n      // No suitable match found!\n      debug && debug('Handshake: No matching S->C MAC');\n      return doFatalError(\n        self,\n        'Handshake failed: no matching S->C MAC',\n        'handshake',\n        DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n      );\n    }\n    init.sc.mac = clientList[i];\n    debug && debug(`Handshake: S->C MAC: ${clientList[i]}`);\n  }\n\n\n  // Client->Server compression ================================================\n  const localCSCompress = local.lists.cs.compress.array;\n  debug && debug(`Handshake: (local) C->S compression: ${localCSCompress}`);\n  debug && debug(`Handshake: (remote) C->S compression: ${remote.cs.compress}`);\n  if (self._server) {\n    serverList = localCSCompress;\n    clientList = remote.cs.compress;\n  } else {\n    serverList = remote.cs.compress;\n    clientList = localCSCompress;\n  }\n  // Check for agreeable client->server compression algorithm\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching C->S compression');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching C->S compression',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.cs.compress = clientList[i];\n  debug && debug(`Handshake: C->S compression: ${clientList[i]}`);\n\n\n  // Server->Client compression ================================================\n  const localSCCompress = local.lists.sc.compress.array;\n  debug && debug(`Handshake: (local) S->C compression: ${localSCCompress}`);\n  debug && debug(`Handshake: (remote) S->C compression: ${remote.sc.compress}`);\n  if (self._server) {\n    serverList = localSCCompress;\n    clientList = remote.sc.compress;\n  } else {\n    serverList = remote.sc.compress;\n    clientList = localSCCompress;\n  }\n  // Check for agreeable server->client compression algorithm\n  for (i = 0;\n       i < clientList.length && serverList.indexOf(clientList[i]) === -1;\n       ++i);\n  if (i === clientList.length) {\n    // No suitable match found!\n    debug && debug('Handshake: No matching S->C compression');\n    return doFatalError(\n      self,\n      'Handshake failed: no matching S->C compression',\n      'handshake',\n      DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n    );\n  }\n  init.sc.compress = clientList[i];\n  debug && debug(`Handshake: S->C compression: ${clientList[i]}`);\n\n  init.cs.lang = '';\n  init.sc.lang = '';\n\n  // XXX: hack -- find a better way to do this\n  if (self._kex) {\n    if (!self._kexinit) {\n      // We received a rekey request, but we haven't sent a KEXINIT in response\n      // yet\n      kexinit(self);\n    }\n    self._decipher._onPayload = onKEXPayload.bind(self, { firstPacket: false });\n  }\n\n  self._kex = createKeyExchange(init, self, payload);\n  self._kex.start();\n}\n\nconst createKeyExchange = (() => {\n  function convertToMpint(buf) {\n    let idx = 0;\n    let length = buf.length;\n    while (buf[idx] === 0x00) {\n      ++idx;\n      --length;\n    }\n    let newBuf;\n    if (buf[idx] & 0x80) {\n      newBuf = Buffer.allocUnsafe(1 + length);\n      newBuf[0] = 0;\n      buf.copy(newBuf, 1, idx);\n      buf = newBuf;\n    } else if (length !== buf.length) {\n      newBuf = Buffer.allocUnsafe(length);\n      buf.copy(newBuf, 0, idx);\n      buf = newBuf;\n    }\n    return buf;\n  }\n\n  class KeyExchange {\n    constructor(negotiated, protocol, remoteKexinit) {\n      this._protocol = protocol;\n\n      this.sessionID = (protocol._kex ? protocol._kex.sessionID : undefined);\n      this.negotiated = negotiated;\n      this._step = 1;\n      this._public = null;\n      this._dh = null;\n      this._sentNEWKEYS = false;\n      this._receivedNEWKEYS = false;\n      this._finished = false;\n      this._hostVerified = false;\n\n      // Data needed for initializing cipher/decipher/etc.\n      this._kexinit = protocol._kexinit;\n      this._remoteKexinit = remoteKexinit;\n      this._identRaw = protocol._identRaw;\n      this._remoteIdentRaw = protocol._remoteIdentRaw;\n      this._hostKey = undefined;\n      this._dhData = undefined;\n      this._sig = undefined;\n    }\n    finish() {\n      if (this._finished)\n        return false;\n      this._finished = true;\n\n      const isServer = this._protocol._server;\n      const negotiated = this.negotiated;\n\n      const pubKey = this.convertPublicKey(this._dhData);\n      let secret = this.computeSecret(this._dhData);\n      if (secret instanceof Error) {\n        secret.message =\n          `Error while computing DH secret (${this.type}): ${secret.message}`;\n        secret.level = 'handshake';\n        return doFatalError(\n          this._protocol,\n          secret,\n          DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n        );\n      }\n\n      const hash = createHash(this.hashName);\n      // V_C\n      hashString(hash, (isServer ? this._remoteIdentRaw : this._identRaw));\n      // \"V_S\"\n      hashString(hash, (isServer ? this._identRaw : this._remoteIdentRaw));\n      // \"I_C\"\n      hashString(hash, (isServer ? this._remoteKexinit : this._kexinit));\n      // \"I_S\"\n      hashString(hash, (isServer ? this._kexinit : this._remoteKexinit));\n      // \"K_S\"\n      const serverPublicHostKey = (isServer\n                                   ? this._hostKey.getPublicSSH()\n                                   : this._hostKey);\n      hashString(hash, serverPublicHostKey);\n\n      if (this.type === 'groupex') {\n        // Group exchange-specific\n        const params = this.getDHParams();\n        const num = Buffer.allocUnsafe(4);\n        // min (uint32)\n        writeUInt32BE(num, this._minBits, 0);\n        hash.update(num);\n        // preferred (uint32)\n        writeUInt32BE(num, this._prefBits, 0);\n        hash.update(num);\n        // max (uint32)\n        writeUInt32BE(num, this._maxBits, 0);\n        hash.update(num);\n        // prime\n        hashString(hash, params.prime);\n        // generator\n        hashString(hash, params.generator);\n      }\n\n      // method-specific data sent by client\n      hashString(hash, (isServer ? pubKey : this.getPublicKey()));\n      // method-specific data sent by server\n      const serverPublicKey = (isServer ? this.getPublicKey() : pubKey);\n      hashString(hash, serverPublicKey);\n      // shared secret (\"K\")\n      hashString(hash, secret);\n\n      // \"H\"\n      const exchangeHash = hash.digest();\n\n      if (!isServer) {\n        bufferParser.init(this._sig, 0);\n        const sigType = bufferParser.readString(true);\n\n        if (!sigType) {\n          return doFatalError(\n            this._protocol,\n            'Malformed packet while reading signature',\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        if (sigType !== negotiated.serverHostKey) {\n          return doFatalError(\n            this._protocol,\n            `Wrong signature type: ${sigType}, `\n              + `expected: ${negotiated.serverHostKey}`,\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        // \"s\"\n        let sigValue = bufferParser.readString();\n\n        bufferParser.clear();\n\n        if (sigValue === undefined) {\n          return doFatalError(\n            this._protocol,\n            'Malformed packet while reading signature',\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        if (!(sigValue = sigSSHToASN1(sigValue, sigType))) {\n          return doFatalError(\n            this._protocol,\n            'Malformed signature',\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        let parsedHostKey;\n        {\n          bufferParser.init(this._hostKey, 0);\n          const name = bufferParser.readString(true);\n          const hostKey = this._hostKey.slice(bufferParser.pos());\n          bufferParser.clear();\n          parsedHostKey = parseDERKey(hostKey, name);\n          if (parsedHostKey instanceof Error) {\n            parsedHostKey.level = 'handshake';\n            return doFatalError(\n              this._protocol,\n              parsedHostKey,\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n        }\n\n        let hashAlgo;\n        // Check if we need to override the default hash algorithm\n        switch (this.negotiated.serverHostKey) {\n          case 'rsa-sha2-256': hashAlgo = 'sha256'; break;\n          case 'rsa-sha2-512': hashAlgo = 'sha512'; break;\n        }\n\n        this._protocol._debug\n          && this._protocol._debug('Verifying signature ...');\n\n        const verified = parsedHostKey.verify(exchangeHash, sigValue, hashAlgo);\n        if (verified !== true) {\n          if (verified instanceof Error) {\n            this._protocol._debug && this._protocol._debug(\n              `Signature verification failed: ${verified.stack}`\n            );\n          } else {\n            this._protocol._debug && this._protocol._debug(\n              'Signature verification failed'\n            );\n          }\n          return doFatalError(\n            this._protocol,\n            'Handshake failed: signature verification failed',\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n        this._protocol._debug && this._protocol._debug('Verified signature');\n      } else {\n        // Server\n\n        let hashAlgo;\n        // Check if we need to override the default hash algorithm\n        switch (this.negotiated.serverHostKey) {\n          case 'rsa-sha2-256': hashAlgo = 'sha256'; break;\n          case 'rsa-sha2-512': hashAlgo = 'sha512'; break;\n        }\n\n        this._protocol._debug && this._protocol._debug(\n          'Generating signature ...'\n        );\n\n        let signature = this._hostKey.sign(exchangeHash, hashAlgo);\n        if (signature instanceof Error) {\n          return doFatalError(\n            this._protocol,\n            'Handshake failed: signature generation failed for '\n              + `${this._hostKey.type} host key: ${signature.message}`,\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        signature = convertSignature(signature, this._hostKey.type);\n        if (signature === false) {\n          return doFatalError(\n            this._protocol,\n            'Handshake failed: signature conversion failed for '\n              + `${this._hostKey.type} host key`,\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n        }\n\n        // Send KEX reply\n        /*\n          byte      SSH_MSG_KEXDH_REPLY\n                      / SSH_MSG_KEX_DH_GEX_REPLY\n                      / SSH_MSG_KEX_ECDH_REPLY\n          string    server public host key and certificates (K_S)\n          string    <method-specific data>\n          string    signature of H\n        */\n        const sigType = this.negotiated.serverHostKey;\n        const sigTypeLen = Buffer.byteLength(sigType);\n        const sigLen = 4 + sigTypeLen + 4 + signature.length;\n        let p = this._protocol._packetRW.write.allocStartKEX;\n        const packet = this._protocol._packetRW.write.alloc(\n          1\n            + 4 + serverPublicHostKey.length\n            + 4 + serverPublicKey.length\n            + 4 + sigLen,\n          true\n        );\n\n        packet[p] = MESSAGE.KEXDH_REPLY;\n\n        writeUInt32BE(packet, serverPublicHostKey.length, ++p);\n        packet.set(serverPublicHostKey, p += 4);\n\n        writeUInt32BE(packet,\n                      serverPublicKey.length,\n                      p += serverPublicHostKey.length);\n        packet.set(serverPublicKey, p += 4);\n\n        writeUInt32BE(packet, sigLen, p += serverPublicKey.length);\n\n        writeUInt32BE(packet, sigTypeLen, p += 4);\n        packet.utf8Write(sigType, p += 4, sigTypeLen);\n\n        writeUInt32BE(packet, signature.length, p += sigTypeLen);\n        packet.set(signature, p += 4);\n\n        if (this._protocol._debug) {\n          let type;\n          switch (this.type) {\n            case 'group':\n              type = 'KEXDH_REPLY';\n              break;\n            case 'groupex':\n              type = 'KEXDH_GEX_REPLY';\n              break;\n            default:\n              type = 'KEXECDH_REPLY';\n          }\n          this._protocol._debug(`Outbound: Sending ${type}`);\n        }\n        this._protocol._cipher.encrypt(\n          this._protocol._packetRW.write.finalize(packet, true)\n        );\n      }\n      trySendNEWKEYS(this);\n\n      const completeHandshake = () => {\n        if (!this.sessionID)\n          this.sessionID = exchangeHash;\n\n        {\n          const newSecret = Buffer.allocUnsafe(4 + secret.length);\n          writeUInt32BE(newSecret, secret.length, 0);\n          newSecret.set(secret, 4);\n          secret = newSecret;\n        }\n\n        // Initialize new ciphers, deciphers, etc.\n\n        const csCipherInfo = CIPHER_INFO[negotiated.cs.cipher];\n        const scCipherInfo = CIPHER_INFO[negotiated.sc.cipher];\n\n        const csIV = generateKEXVal(csCipherInfo.ivLen,\n                                    this.hashName,\n                                    secret,\n                                    exchangeHash,\n                                    this.sessionID,\n                                    'A');\n        const scIV = generateKEXVal(scCipherInfo.ivLen,\n                                    this.hashName,\n                                    secret,\n                                    exchangeHash,\n                                    this.sessionID,\n                                    'B');\n        const csKey = generateKEXVal(csCipherInfo.keyLen,\n                                     this.hashName,\n                                     secret,\n                                     exchangeHash,\n                                     this.sessionID,\n                                     'C');\n        const scKey = generateKEXVal(scCipherInfo.keyLen,\n                                     this.hashName,\n                                     secret,\n                                     exchangeHash,\n                                     this.sessionID,\n                                     'D');\n        let csMacInfo;\n        let csMacKey;\n        if (!csCipherInfo.authLen) {\n          csMacInfo = MAC_INFO[negotiated.cs.mac];\n          csMacKey = generateKEXVal(csMacInfo.len,\n                                    this.hashName,\n                                    secret,\n                                    exchangeHash,\n                                    this.sessionID,\n                                    'E');\n        }\n        let scMacInfo;\n        let scMacKey;\n        if (!scCipherInfo.authLen) {\n          scMacInfo = MAC_INFO[negotiated.sc.mac];\n          scMacKey = generateKEXVal(scMacInfo.len,\n                                    this.hashName,\n                                    secret,\n                                    exchangeHash,\n                                    this.sessionID,\n                                    'F');\n        }\n\n        const config = {\n          inbound: {\n            onPayload: this._protocol._onPayload,\n            seqno: this._protocol._decipher.inSeqno,\n            decipherInfo: (!isServer ? scCipherInfo : csCipherInfo),\n            decipherIV: (!isServer ? scIV : csIV),\n            decipherKey: (!isServer ? scKey : csKey),\n            macInfo: (!isServer ? scMacInfo : csMacInfo),\n            macKey: (!isServer ? scMacKey : csMacKey),\n          },\n          outbound: {\n            onWrite: this._protocol._onWrite,\n            seqno: this._protocol._cipher.outSeqno,\n            cipherInfo: (isServer ? scCipherInfo : csCipherInfo),\n            cipherIV: (isServer ? scIV : csIV),\n            cipherKey: (isServer ? scKey : csKey),\n            macInfo: (isServer ? scMacInfo : csMacInfo),\n            macKey: (isServer ? scMacKey : csMacKey),\n          },\n        };\n        this._protocol._cipher && this._protocol._cipher.free();\n        this._protocol._decipher && this._protocol._decipher.free();\n        this._protocol._cipher = createCipher(config);\n        this._protocol._decipher = createDecipher(config);\n\n        const rw = {\n          read: undefined,\n          write: undefined,\n        };\n        switch (negotiated.cs.compress) {\n          case 'zlib': // starts immediately\n            if (isServer)\n              rw.read = new ZlibPacketReader();\n            else\n              rw.write = new ZlibPacketWriter(this._protocol);\n            break;\n          case 'zlib@openssh.com':\n            // Starts after successful user authentication\n\n            if (this._protocol._authenticated) {\n              // If a rekey happens and this compression method is selected and\n              // we already authenticated successfully, we need to start\n              // immediately instead\n              if (isServer)\n                rw.read = new ZlibPacketReader();\n              else\n                rw.write = new ZlibPacketWriter(this._protocol);\n              break;\n            }\n          // FALLTHROUGH\n          default:\n            // none -- never any compression/decompression\n\n            if (isServer)\n              rw.read = new PacketReader();\n            else\n              rw.write = new PacketWriter(this._protocol);\n        }\n        switch (negotiated.sc.compress) {\n          case 'zlib': // starts immediately\n            if (isServer)\n              rw.write = new ZlibPacketWriter(this._protocol);\n            else\n              rw.read = new ZlibPacketReader();\n            break;\n          case 'zlib@openssh.com':\n            // Starts after successful user authentication\n\n            if (this._protocol._authenticated) {\n              // If a rekey happens and this compression method is selected and\n              // we already authenticated successfully, we need to start\n              // immediately instead\n              if (isServer)\n                rw.write = new ZlibPacketWriter(this._protocol);\n              else\n                rw.read = new ZlibPacketReader();\n              break;\n            }\n          // FALLTHROUGH\n          default:\n            // none -- never any compression/decompression\n\n            if (isServer)\n              rw.write = new PacketWriter(this._protocol);\n            else\n              rw.read = new PacketReader();\n        }\n        this._protocol._packetRW.read.cleanup();\n        this._protocol._packetRW.write.cleanup();\n        this._protocol._packetRW = rw;\n\n        // Cleanup/reset various state\n        this._public = null;\n        this._dh = null;\n        this._kexinit = this._protocol._kexinit = undefined;\n        this._remoteKexinit = undefined;\n        this._identRaw = undefined;\n        this._remoteIdentRaw = undefined;\n        this._hostKey = undefined;\n        this._dhData = undefined;\n        this._sig = undefined;\n\n        this._protocol._onHandshakeComplete(negotiated);\n\n        return false;\n      };\n      if (!isServer)\n        return completeHandshake();\n      this.finish = completeHandshake;\n    }\n\n    start() {\n      if (!this._protocol._server) {\n        if (this._protocol._debug) {\n          let type;\n          switch (this.type) {\n            case 'group':\n              type = 'KEXDH_INIT';\n              break;\n            default:\n              type = 'KEXECDH_INIT';\n          }\n          this._protocol._debug(`Outbound: Sending ${type}`);\n        }\n\n        const pubKey = this.getPublicKey();\n\n        let p = this._protocol._packetRW.write.allocStartKEX;\n        const packet = this._protocol._packetRW.write.alloc(\n          1 + 4 + pubKey.length,\n          true\n        );\n        packet[p] = MESSAGE.KEXDH_INIT;\n        writeUInt32BE(packet, pubKey.length, ++p);\n        packet.set(pubKey, p += 4);\n        this._protocol._cipher.encrypt(\n          this._protocol._packetRW.write.finalize(packet, true)\n        );\n      }\n    }\n    getPublicKey() {\n      this.generateKeys();\n\n      const key = this._public;\n\n      if (key)\n        return this.convertPublicKey(key);\n    }\n    convertPublicKey(key) {\n      let newKey;\n      let idx = 0;\n      let len = key.length;\n      while (key[idx] === 0x00) {\n        ++idx;\n        --len;\n      }\n\n      if (key[idx] & 0x80) {\n        newKey = Buffer.allocUnsafe(1 + len);\n        newKey[0] = 0;\n        key.copy(newKey, 1, idx);\n        return newKey;\n      }\n\n      if (len !== key.length) {\n        newKey = Buffer.allocUnsafe(len);\n        key.copy(newKey, 0, idx);\n        key = newKey;\n      }\n      return key;\n    }\n    computeSecret(otherPublicKey) {\n      this.generateKeys();\n\n      try {\n        return convertToMpint(this._dh.computeSecret(otherPublicKey));\n      } catch (ex) {\n        return ex;\n      }\n    }\n    parse(payload) {\n      const type = payload[0];\n      switch (this._step) {\n        case 1:\n          if (this._protocol._server) {\n            // Server\n            if (type !== MESSAGE.KEXDH_INIT) {\n              return doFatalError(\n                this._protocol,\n                `Received packet ${type} instead of ${MESSAGE.KEXDH_INIT}`,\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            this._protocol._debug && this._protocol._debug(\n              'Received DH Init'\n            );\n            /*\n              byte     SSH_MSG_KEXDH_INIT\n                         / SSH_MSG_KEX_ECDH_INIT\n              string   <method-specific data>\n            */\n            bufferParser.init(payload, 1);\n            const dhData = bufferParser.readString();\n            bufferParser.clear();\n            if (dhData === undefined) {\n              return doFatalError(\n                this._protocol,\n                'Received malformed KEX*_INIT',\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n\n            // Client public key\n            this._dhData = dhData;\n\n            let hostKey =\n              this._protocol._hostKeys[this.negotiated.serverHostKey];\n            if (Array.isArray(hostKey))\n              hostKey = hostKey[0];\n            this._hostKey = hostKey;\n\n            this.finish();\n          } else {\n            // Client\n            if (type !== MESSAGE.KEXDH_REPLY) {\n              return doFatalError(\n                this._protocol,\n                `Received packet ${type} instead of ${MESSAGE.KEXDH_REPLY}`,\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            this._protocol._debug && this._protocol._debug(\n              'Received DH Reply'\n            );\n            /*\n              byte      SSH_MSG_KEXDH_REPLY\n                          / SSH_MSG_KEX_DH_GEX_REPLY\n                          / SSH_MSG_KEX_ECDH_REPLY\n              string    server public host key and certificates (K_S)\n              string    <method-specific data>\n              string    signature of H\n            */\n            bufferParser.init(payload, 1);\n            let hostPubKey;\n            let dhData;\n            let sig;\n            if ((hostPubKey = bufferParser.readString()) === undefined\n                || (dhData = bufferParser.readString()) === undefined\n                || (sig = bufferParser.readString()) === undefined) {\n              bufferParser.clear();\n              return doFatalError(\n                this._protocol,\n                'Received malformed KEX*_REPLY',\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            bufferParser.clear();\n\n            // Check that the host public key type matches what was negotiated\n            // during KEXINIT swap\n            bufferParser.init(hostPubKey, 0);\n            const hostPubKeyType = bufferParser.readString(true);\n            bufferParser.clear();\n            if (hostPubKeyType === undefined) {\n              return doFatalError(\n                this._protocol,\n                'Received malformed host public key',\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            if (hostPubKeyType !== this.negotiated.serverHostKey) {\n              // Check if we need to make an exception\n              switch (this.negotiated.serverHostKey) {\n                case 'rsa-sha2-256':\n                case 'rsa-sha2-512':\n                  if (hostPubKeyType === 'ssh-rsa')\n                    break;\n                // FALLTHROUGH\n                default:\n                  return doFatalError(\n                    this._protocol,\n                    'Host key does not match negotiated type',\n                    'handshake',\n                    DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n                  );\n              }\n            }\n\n            this._hostKey = hostPubKey;\n            this._dhData = dhData;\n            this._sig = sig;\n\n            let checked = false;\n            let ret;\n            if (this._protocol._hostVerifier === undefined) {\n              ret = true;\n              this._protocol._debug && this._protocol._debug(\n                'Host accepted by default (no verification)'\n              );\n            } else {\n              ret = this._protocol._hostVerifier(hostPubKey, (permitted) => {\n                if (checked)\n                  return;\n                checked = true;\n                if (permitted === false) {\n                  this._protocol._debug && this._protocol._debug(\n                    'Host denied (verification failed)'\n                  );\n                  return doFatalError(\n                    this._protocol,\n                    'Host denied (verification failed)',\n                    'handshake',\n                    DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n                  );\n                }\n                this._protocol._debug && this._protocol._debug(\n                  'Host accepted (verified)'\n                );\n                this._hostVerified = true;\n                if (this._receivedNEWKEYS)\n                  this.finish();\n                else\n                  trySendNEWKEYS(this);\n              });\n            }\n            if (ret === undefined) {\n              // Async host verification\n              ++this._step;\n              return;\n            }\n            checked = true;\n            if (ret === false) {\n              this._protocol._debug && this._protocol._debug(\n                'Host denied (verification failed)'\n              );\n              return doFatalError(\n                this._protocol,\n                'Host denied (verification failed)',\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            this._protocol._debug && this._protocol._debug(\n              'Host accepted (verified)'\n            );\n            this._hostVerified = true;\n            trySendNEWKEYS(this);\n          }\n          ++this._step;\n          break;\n        case 2:\n          if (type !== MESSAGE.NEWKEYS) {\n            return doFatalError(\n              this._protocol,\n              `Received packet ${type} instead of ${MESSAGE.NEWKEYS}`,\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n          this._protocol._debug && this._protocol._debug(\n            'Inbound: NEWKEYS'\n          );\n          this._receivedNEWKEYS = true;\n          ++this._step;\n          if (this._protocol._server || this._hostVerified)\n            return this.finish();\n\n          // Signal to current decipher that we need to change to a new decipher\n          // for the next packet\n          return false;\n        default:\n          return doFatalError(\n            this._protocol,\n            `Received unexpected packet ${type} after NEWKEYS`,\n            'handshake',\n            DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n          );\n      }\n    }\n  }\n\n  class Curve25519Exchange extends KeyExchange {\n    constructor(hashName, ...args) {\n      super(...args);\n\n      this.type = '25519';\n      this.hashName = hashName;\n      this._keys = null;\n    }\n    generateKeys() {\n      if (!this._keys)\n        this._keys = generateKeyPairSync('x25519');\n    }\n    getPublicKey() {\n      this.generateKeys();\n\n      const key = this._keys.publicKey.export({ type: 'spki', format: 'der' });\n      return key.slice(-32); // HACK: avoids parsing DER/BER header\n    }\n    convertPublicKey(key) {\n      let newKey;\n      let idx = 0;\n      let len = key.length;\n      while (key[idx] === 0x00) {\n        ++idx;\n        --len;\n      }\n\n      if (key.length === 32)\n        return key;\n\n      if (len !== key.length) {\n        newKey = Buffer.allocUnsafe(len);\n        key.copy(newKey, 0, idx);\n        key = newKey;\n      }\n      return key;\n    }\n    computeSecret(otherPublicKey) {\n      this.generateKeys();\n\n      try {\n        const asnWriter = new Ber.Writer();\n        asnWriter.startSequence();\n          // algorithm\n          asnWriter.startSequence();\n            asnWriter.writeOID('1.3.101.110'); // id-X25519\n          asnWriter.endSequence();\n\n          // PublicKey\n          asnWriter.startSequence(Ber.BitString);\n            asnWriter.writeByte(0x00);\n            // XXX: hack to write a raw buffer without a tag -- yuck\n            asnWriter._ensure(otherPublicKey.length);\n            otherPublicKey.copy(asnWriter._buf,\n                                asnWriter._offset,\n                                0,\n                                otherPublicKey.length);\n            asnWriter._offset += otherPublicKey.length;\n          asnWriter.endSequence();\n        asnWriter.endSequence();\n\n        return convertToMpint(diffieHellman({\n          privateKey: this._keys.privateKey,\n          publicKey: createPublicKey({\n            key: asnWriter.buffer,\n            type: 'spki',\n            format: 'der',\n          }),\n        }));\n      } catch (ex) {\n        return ex;\n      }\n    }\n  }\n\n  class ECDHExchange extends KeyExchange {\n    constructor(curveName, hashName, ...args) {\n      super(...args);\n\n      this.type = 'ecdh';\n      this.curveName = curveName;\n      this.hashName = hashName;\n    }\n    generateKeys() {\n      if (!this._dh) {\n        this._dh = createECDH(this.curveName);\n        this._public = this._dh.generateKeys();\n      }\n    }\n  }\n\n  class DHGroupExchange extends KeyExchange {\n    constructor(hashName, ...args) {\n      super(...args);\n\n      this.type = 'groupex';\n      this.hashName = hashName;\n      this._prime = null;\n      this._generator = null;\n      this._minBits = GEX_MIN_BITS;\n      this._prefBits = dhEstimate(this.negotiated);\n      if (this._protocol._compatFlags & COMPAT.BUG_DHGEX_LARGE)\n        this._prefBits = Math.min(this._prefBits, 4096);\n      this._maxBits = GEX_MAX_BITS;\n    }\n    start() {\n      if (this._protocol._server)\n        return;\n      this._protocol._debug && this._protocol._debug(\n        'Outbound: Sending KEXDH_GEX_REQUEST'\n      );\n      let p = this._protocol._packetRW.write.allocStartKEX;\n      const packet = this._protocol._packetRW.write.alloc(\n        1 + 4 + 4 + 4,\n        true\n      );\n      packet[p] = MESSAGE.KEXDH_GEX_REQUEST;\n      writeUInt32BE(packet, this._minBits, ++p);\n      writeUInt32BE(packet, this._prefBits, p += 4);\n      writeUInt32BE(packet, this._maxBits, p += 4);\n      this._protocol._cipher.encrypt(\n        this._protocol._packetRW.write.finalize(packet, true)\n      );\n    }\n    generateKeys() {\n      if (!this._dh && this._prime && this._generator) {\n        this._dh = createDiffieHellman(this._prime, this._generator);\n        this._public = this._dh.generateKeys();\n      }\n    }\n    setDHParams(prime, generator) {\n      if (!Buffer.isBuffer(prime))\n        throw new Error('Invalid prime value');\n      if (!Buffer.isBuffer(generator))\n        throw new Error('Invalid generator value');\n      this._prime = prime;\n      this._generator = generator;\n    }\n    getDHParams() {\n      if (this._dh) {\n        return {\n          prime: convertToMpint(this._dh.getPrime()),\n          generator: convertToMpint(this._dh.getGenerator()),\n        };\n      }\n    }\n    parse(payload) {\n      const type = payload[0];\n      switch (this._step) {\n        case 1:\n          if (this._protocol._server) {\n            if (type !== MESSAGE.KEXDH_GEX_REQUEST) {\n              return doFatalError(\n                this._protocol,\n                `Received packet ${type} instead of `\n                  + MESSAGE.KEXDH_GEX_REQUEST,\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            // TODO: allow user implementation to provide safe prime and\n            // generator on demand to support group exchange on server side\n            return doFatalError(\n              this._protocol,\n              'Group exchange not implemented for server',\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n\n          if (type !== MESSAGE.KEXDH_GEX_GROUP) {\n            return doFatalError(\n              this._protocol,\n              `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_GROUP}`,\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n\n          this._protocol._debug && this._protocol._debug(\n            'Received DH GEX Group'\n          );\n\n          /*\n            byte    SSH_MSG_KEX_DH_GEX_GROUP\n            mpint   p, safe prime\n            mpint   g, generator for subgroup in GF(p)\n          */\n          bufferParser.init(payload, 1);\n          let prime;\n          let gen;\n          if ((prime = bufferParser.readString()) === undefined\n              || (gen = bufferParser.readString()) === undefined) {\n            bufferParser.clear();\n            return doFatalError(\n              this._protocol,\n              'Received malformed KEXDH_GEX_GROUP',\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n          bufferParser.clear();\n\n          // TODO: validate prime\n          this.setDHParams(prime, gen);\n          this.generateKeys();\n          const pubkey = this.getPublicKey();\n\n          this._protocol._debug && this._protocol._debug(\n            'Outbound: Sending KEXDH_GEX_INIT'\n          );\n\n          let p = this._protocol._packetRW.write.allocStartKEX;\n          const packet =\n            this._protocol._packetRW.write.alloc(1 + 4 + pubkey.length, true);\n          packet[p] = MESSAGE.KEXDH_GEX_INIT;\n          writeUInt32BE(packet, pubkey.length, ++p);\n          packet.set(pubkey, p += 4);\n          this._protocol._cipher.encrypt(\n            this._protocol._packetRW.write.finalize(packet, true)\n          );\n\n          ++this._step;\n          break;\n        case 2:\n          if (this._protocol._server) {\n            if (type !== MESSAGE.KEXDH_GEX_INIT) {\n              return doFatalError(\n                this._protocol,\n                `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_INIT}`,\n                'handshake',\n                DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n              );\n            }\n            this._protocol._debug && this._protocol._debug(\n              'Received DH GEX Init'\n            );\n            return doFatalError(\n              this._protocol,\n              'Group exchange not implemented for server',\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          } else if (type !== MESSAGE.KEXDH_GEX_REPLY) {\n            return doFatalError(\n              this._protocol,\n              `Received packet ${type} instead of ${MESSAGE.KEXDH_GEX_REPLY}`,\n              'handshake',\n              DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n            );\n          }\n          this._protocol._debug && this._protocol._debug(\n            'Received DH GEX Reply'\n          );\n          this._step = 1;\n          payload[0] = MESSAGE.KEXDH_REPLY;\n          this.parse = KeyExchange.prototype.parse;\n          this.parse(payload);\n      }\n    }\n  }\n\n  class DHExchange extends KeyExchange {\n    constructor(groupName, hashName, ...args) {\n      super(...args);\n\n      this.type = 'group';\n      this.groupName = groupName;\n      this.hashName = hashName;\n    }\n    start() {\n      if (!this._protocol._server) {\n        this._protocol._debug && this._protocol._debug(\n          'Outbound: Sending KEXDH_INIT'\n        );\n        const pubKey = this.getPublicKey();\n        let p = this._protocol._packetRW.write.allocStartKEX;\n        const packet =\n          this._protocol._packetRW.write.alloc(1 + 4 + pubKey.length, true);\n        packet[p] = MESSAGE.KEXDH_INIT;\n        writeUInt32BE(packet, pubKey.length, ++p);\n        packet.set(pubKey, p += 4);\n        this._protocol._cipher.encrypt(\n          this._protocol._packetRW.write.finalize(packet, true)\n        );\n      }\n    }\n    generateKeys() {\n      if (!this._dh) {\n        this._dh = createDiffieHellmanGroup(this.groupName);\n        this._public = this._dh.generateKeys();\n      }\n    }\n    getDHParams() {\n      if (this._dh) {\n        return {\n          prime: convertToMpint(this._dh.getPrime()),\n          generator: convertToMpint(this._dh.getGenerator()),\n        };\n      }\n    }\n  }\n\n  return (negotiated, ...args) => {\n    if (typeof negotiated !== 'object' || negotiated === null)\n      throw new Error('Invalid negotiated argument');\n    const kexType = negotiated.kex;\n    if (typeof kexType === 'string') {\n      args = [negotiated, ...args];\n      switch (kexType) {\n        case 'curve25519-sha256':\n        case 'curve25519-sha256@libssh.org':\n          if (!curve25519Supported)\n            break;\n          return new Curve25519Exchange('sha256', ...args);\n\n        case 'ecdh-sha2-nistp256':\n          return new ECDHExchange('prime256v1', 'sha256', ...args);\n        case 'ecdh-sha2-nistp384':\n          return new ECDHExchange('secp384r1', 'sha384', ...args);\n        case 'ecdh-sha2-nistp521':\n          return new ECDHExchange('secp521r1', 'sha512', ...args);\n\n        case 'diffie-hellman-group1-sha1':\n          return new DHExchange('modp2', 'sha1', ...args);\n        case 'diffie-hellman-group14-sha1':\n          return new DHExchange('modp14', 'sha1', ...args);\n        case 'diffie-hellman-group14-sha256':\n          return new DHExchange('modp14', 'sha256', ...args);\n        case 'diffie-hellman-group15-sha512':\n          return new DHExchange('modp15', 'sha512', ...args);\n        case 'diffie-hellman-group16-sha512':\n          return new DHExchange('modp16', 'sha512', ...args);\n        case 'diffie-hellman-group17-sha512':\n          return new DHExchange('modp17', 'sha512', ...args);\n        case 'diffie-hellman-group18-sha512':\n          return new DHExchange('modp18', 'sha512', ...args);\n\n        case 'diffie-hellman-group-exchange-sha1':\n          return new DHGroupExchange('sha1', ...args);\n        case 'diffie-hellman-group-exchange-sha256':\n          return new DHGroupExchange('sha256', ...args);\n      }\n      throw new Error(`Unsupported key exchange algorithm: ${kexType}`);\n    }\n    throw new Error(`Invalid key exchange type: ${kexType}`);\n  };\n})();\n\nconst KexInit = (() => {\n  const KEX_PROPERTY_NAMES = [\n    'kex',\n    'serverHostKey',\n    ['cs', 'cipher' ],\n    ['sc', 'cipher' ],\n    ['cs', 'mac' ],\n    ['sc', 'mac' ],\n    ['cs', 'compress' ],\n    ['sc', 'compress' ],\n    ['cs', 'lang' ],\n    ['sc', 'lang' ],\n  ];\n  return class KexInit {\n    constructor(obj) {\n      if (typeof obj !== 'object' || obj === null)\n        throw new TypeError('Argument must be an object');\n\n      const lists = {\n        kex: undefined,\n        serverHostKey: undefined,\n        cs: {\n          cipher: undefined,\n          mac: undefined,\n          compress: undefined,\n          lang: undefined,\n        },\n        sc: {\n          cipher: undefined,\n          mac: undefined,\n          compress: undefined,\n          lang: undefined,\n        },\n\n        all: undefined,\n      };\n      let totalSize = 0;\n      for (const prop of KEX_PROPERTY_NAMES) {\n        let base;\n        let val;\n        let desc;\n        let key;\n        if (typeof prop === 'string') {\n          base = lists;\n          val = obj[prop];\n          desc = key = prop;\n        } else {\n          const parent = prop[0];\n          base = lists[parent];\n          key = prop[1];\n          val = obj[parent][key];\n          desc = `${parent}.${key}`;\n        }\n        const entry = { array: undefined, buffer: undefined };\n        if (Buffer.isBuffer(val)) {\n          entry.array = ('' + val).split(',');\n          entry.buffer = val;\n          totalSize += 4 + val.length;\n        } else {\n          if (typeof val === 'string')\n            val = val.split(',');\n          if (Array.isArray(val)) {\n            entry.array = val;\n            entry.buffer = Buffer.from(val.join(','));\n          } else {\n            throw new TypeError(`Invalid \\`${desc}\\` type: ${typeof val}`);\n          }\n          totalSize += 4 + entry.buffer.length;\n        }\n        base[key] = entry;\n      }\n\n      const all = Buffer.allocUnsafe(totalSize);\n      lists.all = all;\n\n      let allPos = 0;\n      for (const prop of KEX_PROPERTY_NAMES) {\n        let data;\n        if (typeof prop === 'string')\n          data = lists[prop].buffer;\n        else\n          data = lists[prop[0]][prop[1]].buffer;\n        allPos = writeUInt32BE(all, data.length, allPos);\n        all.set(data, allPos);\n        allPos += data.length;\n      }\n\n      this.totalSize = totalSize;\n      this.lists = lists;\n    }\n    copyAllTo(buf, offset) {\n      const src = this.lists.all;\n      if (typeof offset !== 'number')\n        throw new TypeError(`Invalid offset value: ${typeof offset}`);\n      if (buf.length - offset < src.length)\n        throw new Error('Insufficient space to copy list');\n      buf.set(src, offset);\n      return src.length;\n    }\n  };\n})();\n\nconst hashString = (() => {\n  const LEN = Buffer.allocUnsafe(4);\n  return (hash, buf) => {\n    writeUInt32BE(LEN, buf.length, 0);\n    hash.update(LEN);\n    hash.update(buf);\n  };\n})();\n\nfunction generateKEXVal(len, hashName, secret, exchangeHash, sessionID, char) {\n  let ret;\n  if (len) {\n    let digest = createHash(hashName)\n                   .update(secret)\n                   .update(exchangeHash)\n                   .update(char)\n                   .update(sessionID)\n                   .digest();\n    while (digest.length < len) {\n      const chunk = createHash(hashName)\n                      .update(secret)\n                      .update(exchangeHash)\n                      .update(digest)\n                      .digest();\n      const extended = Buffer.allocUnsafe(digest.length + chunk.length);\n      extended.set(digest, 0);\n      extended.set(chunk, digest.length);\n      digest = extended;\n    }\n    if (digest.length === len)\n      ret = digest;\n    else\n      ret = new FastBuffer(digest.buffer, digest.byteOffset, len);\n  } else {\n    ret = EMPTY_BUFFER;\n  }\n  return ret;\n}\n\nfunction onKEXPayload(state, payload) {\n  // XXX: move this to the Decipher implementations?\n  if (payload.length === 0) {\n    this._debug && this._debug('Inbound: Skipping empty packet payload');\n    return;\n  }\n\n  if (this._skipNextInboundPacket) {\n    this._skipNextInboundPacket = false;\n    return;\n  }\n\n  payload = this._packetRW.read.read(payload);\n\n  const type = payload[0];\n  switch (type) {\n    case MESSAGE.DISCONNECT:\n    case MESSAGE.IGNORE:\n    case MESSAGE.UNIMPLEMENTED:\n    case MESSAGE.DEBUG:\n      if (!MESSAGE_HANDLERS)\n        MESSAGE_HANDLERS = require('./handlers.js');\n      return MESSAGE_HANDLERS[type](this, payload);\n    case MESSAGE.KEXINIT:\n      if (!state.firstPacket) {\n        return doFatalError(\n          this,\n          'Received extra KEXINIT during handshake',\n          'handshake',\n          DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n        );\n      }\n      state.firstPacket = false;\n      return handleKexInit(this, payload);\n    default:\n      if (type < 20 || type > 49) {\n        return doFatalError(\n          this,\n          `Received unexpected packet type ${type}`,\n          'handshake',\n          DISCONNECT_REASON.KEY_EXCHANGE_FAILED\n        );\n      }\n  }\n\n  return this._kex.parse(payload);\n}\n\nfunction dhEstimate(neg) {\n  const csCipher = CIPHER_INFO[neg.cs.cipher];\n  const scCipher = CIPHER_INFO[neg.sc.cipher];\n  // XXX: if OpenSSH's `umac-*` MACs are ever supported, their key lengths will\n  // also need to be considered when calculating `bits`\n  const bits = Math.max(\n    0,\n    (csCipher.sslName === 'des-ede3-cbc' ? 14 : csCipher.keyLen),\n    csCipher.blockLen,\n    csCipher.ivLen,\n    (scCipher.sslName === 'des-ede3-cbc' ? 14 : scCipher.keyLen),\n    scCipher.blockLen,\n    scCipher.ivLen\n  ) * 8;\n  if (bits <= 112)\n    return 2048;\n  if (bits <= 128)\n    return 3072;\n  if (bits <= 192)\n    return 7680;\n  return 8192;\n}\n\nfunction trySendNEWKEYS(kex) {\n  if (!kex._sentNEWKEYS) {\n    kex._protocol._debug && kex._protocol._debug(\n      'Outbound: Sending NEWKEYS'\n    );\n    const p = kex._protocol._packetRW.write.allocStartKEX;\n    const packet = kex._protocol._packetRW.write.alloc(1, true);\n    packet[p] = MESSAGE.NEWKEYS;\n    kex._protocol._cipher.encrypt(\n      kex._protocol._packetRW.write.finalize(packet, true)\n    );\n    kex._sentNEWKEYS = true;\n  }\n}\n\nmodule.exports = {\n  KexInit,\n  kexinit,\n  onKEXPayload,\n  DEFAULT_KEXINIT: new KexInit({\n    kex: DEFAULT_KEX,\n    serverHostKey: DEFAULT_SERVER_HOST_KEY,\n    cs: {\n      cipher: DEFAULT_CIPHER,\n      mac: DEFAULT_MAC,\n      compress: DEFAULT_COMPRESSION,\n      lang: [],\n    },\n    sc: {\n      cipher: DEFAULT_CIPHER,\n      mac: DEFAULT_MAC,\n      compress: DEFAULT_COMPRESSION,\n      lang: [],\n    },\n  }),\n  HANDLERS: {\n    [MESSAGE.KEXINIT]: handleKexInit,\n  },\n};\n","// TODO:\n//    * utilize `crypto.create(Private|Public)Key()` and `keyObject.export()`\n//    * handle multi-line header values (OpenSSH)?\n//    * more thorough validation?\n'use strict';\n\nconst {\n  createDecipheriv,\n  createECDH,\n  createHash,\n  createHmac,\n  createSign,\n  createVerify,\n  getCiphers,\n  sign: sign_,\n  verify: verify_,\n} = require('crypto');\nconst supportedOpenSSLCiphers = getCiphers();\n\nconst { Ber } = require('asn1');\nconst bcrypt_pbkdf = require('bcrypt-pbkdf').pbkdf;\n\nconst { CIPHER_INFO } = require('./crypto.js');\nconst { eddsaSupported, SUPPORTED_CIPHER } = require('./constants.js');\nconst {\n  bufferSlice,\n  makeBufferParser,\n  readString,\n  readUInt32BE,\n  writeUInt32BE,\n} = require('./utils.js');\n\nconst SYM_HASH_ALGO = Symbol('Hash Algorithm');\nconst SYM_PRIV_PEM = Symbol('Private key PEM');\nconst SYM_PUB_PEM = Symbol('Public key PEM');\nconst SYM_PUB_SSH = Symbol('Public key SSH');\nconst SYM_DECRYPTED = Symbol('Decrypted Key');\n\n// Create OpenSSL cipher name -> SSH cipher name conversion table\nconst CIPHER_INFO_OPENSSL = Object.create(null);\n{\n  const keys = Object.keys(CIPHER_INFO);\n  for (let i = 0; i < keys.length; ++i) {\n    const cipherName = CIPHER_INFO[keys[i]].sslName;\n    if (!cipherName || CIPHER_INFO_OPENSSL[cipherName])\n      continue;\n    CIPHER_INFO_OPENSSL[cipherName] = CIPHER_INFO[keys[i]];\n  }\n}\n\nconst binaryKeyParser = makeBufferParser();\n\nfunction makePEM(type, data) {\n  data = data.base64Slice(0, data.length);\n  let formatted = data.replace(/.{64}/g, '$&\\n');\n  if (data.length & 63)\n    formatted += '\\n';\n  return `-----BEGIN ${type} KEY-----\\n${formatted}-----END ${type} KEY-----`;\n}\n\nfunction combineBuffers(buf1, buf2) {\n  const result = Buffer.allocUnsafe(buf1.length + buf2.length);\n  result.set(buf1, 0);\n  result.set(buf2, buf1.length);\n  return result;\n}\n\nfunction skipFields(buf, nfields) {\n  const bufLen = buf.length;\n  let pos = (buf._pos || 0);\n  for (let i = 0; i < nfields; ++i) {\n    const left = (bufLen - pos);\n    if (pos >= bufLen || left < 4)\n      return false;\n    const len = readUInt32BE(buf, pos);\n    if (left < 4 + len)\n      return false;\n    pos += 4 + len;\n  }\n  buf._pos = pos;\n  return true;\n}\n\nfunction genOpenSSLRSAPub(n, e) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.2.840.113549.1.1.1'); // rsaEncryption\n      // algorithm parameters (RSA has none)\n      asnWriter.writeNull();\n    asnWriter.endSequence();\n\n    // subjectPublicKey\n    asnWriter.startSequence(Ber.BitString);\n      asnWriter.writeByte(0x00);\n      asnWriter.startSequence();\n        asnWriter.writeBuffer(n, Ber.Integer);\n        asnWriter.writeBuffer(e, Ber.Integer);\n      asnWriter.endSequence();\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHRSAPub(n, e) {\n  const publicKey = Buffer.allocUnsafe(4 + 7 + 4 + e.length + 4 + n.length);\n\n  writeUInt32BE(publicKey, 7, 0);\n  publicKey.utf8Write('ssh-rsa', 4, 7);\n\n  let i = 4 + 7;\n  writeUInt32BE(publicKey, e.length, i);\n  publicKey.set(e, i += 4);\n\n  writeUInt32BE(publicKey, n.length, i += e.length);\n  publicKey.set(n, i + 4);\n\n  return publicKey;\n}\n\nconst genOpenSSLRSAPriv = (() => {\n  function genRSAASN1Buf(n, e, d, p, q, dmp1, dmq1, iqmp) {\n    const asnWriter = new Ber.Writer();\n    asnWriter.startSequence();\n      asnWriter.writeInt(0x00, Ber.Integer);\n      asnWriter.writeBuffer(n, Ber.Integer);\n      asnWriter.writeBuffer(e, Ber.Integer);\n      asnWriter.writeBuffer(d, Ber.Integer);\n      asnWriter.writeBuffer(p, Ber.Integer);\n      asnWriter.writeBuffer(q, Ber.Integer);\n      asnWriter.writeBuffer(dmp1, Ber.Integer);\n      asnWriter.writeBuffer(dmq1, Ber.Integer);\n      asnWriter.writeBuffer(iqmp, Ber.Integer);\n    asnWriter.endSequence();\n    return asnWriter.buffer;\n  }\n\n  function bigIntFromBuffer(buf) {\n    return BigInt(`0x${buf.hexSlice(0, buf.length)}`);\n  }\n\n  function bigIntToBuffer(bn) {\n    let hex = bn.toString(16);\n    if ((hex.length & 1) !== 0) {\n      hex = `0${hex}`;\n    } else {\n      const sigbit = hex.charCodeAt(0);\n      // BER/DER integers require leading zero byte to denote a positive value\n      // when first byte >= 0x80\n      if (sigbit === 56/* '8' */\n          || sigbit === 57/* '9' */\n          || (sigbit >= 97/* 'a' */ && sigbit <= 102/* 'f' */)) {\n        hex = `00${hex}`;\n      }\n    }\n    return Buffer.from(hex, 'hex');\n  }\n\n  return function genOpenSSLRSAPriv(n, e, d, iqmp, p, q) {\n    const bn_d = bigIntFromBuffer(d);\n    const dmp1 = bigIntToBuffer(bn_d % (bigIntFromBuffer(p) - 1n));\n    const dmq1 = bigIntToBuffer(bn_d % (bigIntFromBuffer(q) - 1n));\n    return makePEM('RSA PRIVATE',\n                   genRSAASN1Buf(n, e, d, p, q, dmp1, dmq1, iqmp));\n  };\n})();\n\nfunction genOpenSSLDSAPub(p, q, g, y) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.2.840.10040.4.1'); // id-dsa\n      // algorithm parameters\n      asnWriter.startSequence();\n        asnWriter.writeBuffer(p, Ber.Integer);\n        asnWriter.writeBuffer(q, Ber.Integer);\n        asnWriter.writeBuffer(g, Ber.Integer);\n      asnWriter.endSequence();\n    asnWriter.endSequence();\n\n    // subjectPublicKey\n    asnWriter.startSequence(Ber.BitString);\n      asnWriter.writeByte(0x00);\n      asnWriter.writeBuffer(y, Ber.Integer);\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHDSAPub(p, q, g, y) {\n  const publicKey = Buffer.allocUnsafe(\n    4 + 7 + 4 + p.length + 4 + q.length + 4 + g.length + 4 + y.length\n  );\n\n  writeUInt32BE(publicKey, 7, 0);\n  publicKey.utf8Write('ssh-dss', 4, 7);\n\n  let i = 4 + 7;\n  writeUInt32BE(publicKey, p.length, i);\n  publicKey.set(p, i += 4);\n\n  writeUInt32BE(publicKey, q.length, i += p.length);\n  publicKey.set(q, i += 4);\n\n  writeUInt32BE(publicKey, g.length, i += q.length);\n  publicKey.set(g, i += 4);\n\n  writeUInt32BE(publicKey, y.length, i += g.length);\n  publicKey.set(y, i + 4);\n\n  return publicKey;\n}\n\nfunction genOpenSSLDSAPriv(p, q, g, y, x) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    asnWriter.writeInt(0x00, Ber.Integer);\n    asnWriter.writeBuffer(p, Ber.Integer);\n    asnWriter.writeBuffer(q, Ber.Integer);\n    asnWriter.writeBuffer(g, Ber.Integer);\n    asnWriter.writeBuffer(y, Ber.Integer);\n    asnWriter.writeBuffer(x, Ber.Integer);\n  asnWriter.endSequence();\n  return makePEM('DSA PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLEdPub(pub) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.3.101.112'); // id-Ed25519\n    asnWriter.endSequence();\n\n    // PublicKey\n    asnWriter.startSequence(Ber.BitString);\n      asnWriter.writeByte(0x00);\n      // XXX: hack to write a raw buffer without a tag -- yuck\n      asnWriter._ensure(pub.length);\n      asnWriter._buf.set(pub, asnWriter._offset);\n      asnWriter._offset += pub.length;\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHEdPub(pub) {\n  const publicKey = Buffer.allocUnsafe(4 + 11 + 4 + pub.length);\n\n  writeUInt32BE(publicKey, 11, 0);\n  publicKey.utf8Write('ssh-ed25519', 4, 11);\n\n  writeUInt32BE(publicKey, pub.length, 15);\n  publicKey.set(pub, 19);\n\n  return publicKey;\n}\n\nfunction genOpenSSLEdPriv(priv) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // version\n    asnWriter.writeInt(0x00, Ber.Integer);\n\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.3.101.112'); // id-Ed25519\n    asnWriter.endSequence();\n\n    // PrivateKey\n    asnWriter.startSequence(Ber.OctetString);\n      asnWriter.writeBuffer(priv, Ber.OctetString);\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLECDSAPub(oid, Q) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // algorithm\n    asnWriter.startSequence();\n      asnWriter.writeOID('1.2.840.10045.2.1'); // id-ecPublicKey\n      // algorithm parameters (namedCurve)\n      asnWriter.writeOID(oid);\n    asnWriter.endSequence();\n\n    // subjectPublicKey\n    asnWriter.startSequence(Ber.BitString);\n      asnWriter.writeByte(0x00);\n      // XXX: hack to write a raw buffer without a tag -- yuck\n      asnWriter._ensure(Q.length);\n      asnWriter._buf.set(Q, asnWriter._offset);\n      asnWriter._offset += Q.length;\n      // end hack\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('PUBLIC', asnWriter.buffer);\n}\n\nfunction genOpenSSHECDSAPub(oid, Q) {\n  let curveName;\n  switch (oid) {\n    case '1.2.840.10045.3.1.7':\n      // prime256v1/secp256r1\n      curveName = 'nistp256';\n      break;\n    case '1.3.132.0.34':\n      // secp384r1\n      curveName = 'nistp384';\n      break;\n    case '1.3.132.0.35':\n      // secp521r1\n      curveName = 'nistp521';\n      break;\n    default:\n      return;\n  }\n\n  const publicKey = Buffer.allocUnsafe(4 + 19 + 4 + 8 + 4 + Q.length);\n\n  writeUInt32BE(publicKey, 19, 0);\n  publicKey.utf8Write(`ecdsa-sha2-${curveName}`, 4, 19);\n\n  writeUInt32BE(publicKey, 8, 23);\n  publicKey.utf8Write(curveName, 27, 8);\n\n  writeUInt32BE(publicKey, Q.length, 35);\n  publicKey.set(Q, 39);\n\n  return publicKey;\n}\n\nfunction genOpenSSLECDSAPriv(oid, pub, priv) {\n  const asnWriter = new Ber.Writer();\n  asnWriter.startSequence();\n    // version\n    asnWriter.writeInt(0x01, Ber.Integer);\n    // privateKey\n    asnWriter.writeBuffer(priv, Ber.OctetString);\n    // parameters (optional)\n    asnWriter.startSequence(0xA0);\n      asnWriter.writeOID(oid);\n    asnWriter.endSequence();\n    // publicKey (optional)\n    asnWriter.startSequence(0xA1);\n      asnWriter.startSequence(Ber.BitString);\n        asnWriter.writeByte(0x00);\n        // XXX: hack to write a raw buffer without a tag -- yuck\n        asnWriter._ensure(pub.length);\n        asnWriter._buf.set(pub, asnWriter._offset);\n        asnWriter._offset += pub.length;\n        // end hack\n      asnWriter.endSequence();\n    asnWriter.endSequence();\n  asnWriter.endSequence();\n  return makePEM('EC PRIVATE', asnWriter.buffer);\n}\n\nfunction genOpenSSLECDSAPubFromPriv(curveName, priv) {\n  const tempECDH = createECDH(curveName);\n  tempECDH.setPrivateKey(priv);\n  return tempECDH.getPublicKey();\n}\n\nconst BaseKey = {\n  sign: (() => {\n    if (typeof sign_ === 'function') {\n      return function sign(data, algo) {\n        const pem = this[SYM_PRIV_PEM];\n        if (pem === null)\n          return new Error('No private key available');\n        if (!algo || typeof algo !== 'string')\n          algo = this[SYM_HASH_ALGO];\n        try {\n          return sign_(algo, data, pem);\n        } catch (ex) {\n          return ex;\n        }\n      };\n    }\n    return function sign(data, algo) {\n      const pem = this[SYM_PRIV_PEM];\n      if (pem === null)\n        return new Error('No private key available');\n      if (!algo || typeof algo !== 'string')\n        algo = this[SYM_HASH_ALGO];\n      const signature = createSign(algo);\n      signature.update(data);\n      try {\n        return signature.sign(pem);\n      } catch (ex) {\n        return ex;\n      }\n    };\n  })(),\n  verify: (() => {\n    if (typeof verify_ === 'function') {\n      return function verify(data, signature, algo) {\n        const pem = this[SYM_PUB_PEM];\n        if (pem === null)\n          return new Error('No public key available');\n        if (!algo || typeof algo !== 'string')\n          algo = this[SYM_HASH_ALGO];\n        try {\n          return verify_(algo, data, pem, signature);\n        } catch (ex) {\n          return ex;\n        }\n      };\n    }\n    return function verify(data, signature, algo) {\n      const pem = this[SYM_PUB_PEM];\n      if (pem === null)\n        return new Error('No public key available');\n      if (!algo || typeof algo !== 'string')\n        algo = this[SYM_HASH_ALGO];\n      const verifier = createVerify(algo);\n      verifier.update(data);\n      try {\n        return verifier.verify(pem, signature);\n      } catch (ex) {\n        return ex;\n      }\n    };\n  })(),\n  isPrivateKey: function isPrivateKey() {\n    return (this[SYM_PRIV_PEM] !== null);\n  },\n  getPrivatePEM: function getPrivatePEM() {\n    return this[SYM_PRIV_PEM];\n  },\n  getPublicPEM: function getPublicPEM() {\n    return this[SYM_PUB_PEM];\n  },\n  getPublicSSH: function getPublicSSH() {\n    return this[SYM_PUB_SSH];\n  },\n  equals: function equals(key) {\n    const parsed = parseKey(key);\n    if (parsed instanceof Error)\n      return false;\n    return (\n      this.type === parsed.type\n      && this[SYM_PRIV_PEM] === parsed[SYM_PRIV_PEM]\n      && this[SYM_PUB_PEM] === parsed[SYM_PUB_PEM]\n      && this[SYM_PUB_SSH] === parsed[SYM_PUB_SSH]\n    );\n  },\n};\n\n\nfunction OpenSSH_Private(type, comment, privPEM, pubPEM, pubSSH, algo,\n                         decrypted) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = privPEM;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = decrypted;\n}\nOpenSSH_Private.prototype = BaseKey;\n{\n  const regexp = /^-----BEGIN OPENSSH PRIVATE KEY-----(?:\\r\\n|\\n)([\\s\\S]+)(?:\\r\\n|\\n)-----END OPENSSH PRIVATE KEY-----$/;\n  OpenSSH_Private.parse = (str, passphrase) => {\n    const m = regexp.exec(str);\n    if (m === null)\n      return null;\n    let ret;\n    const data = Buffer.from(m[1], 'base64');\n    if (data.length < 31) // magic (+ magic null term.) + minimum field lengths\n      return new Error('Malformed OpenSSH private key');\n    const magic = data.utf8Slice(0, 15);\n    if (magic !== 'openssh-key-v1\\0')\n      return new Error(`Unsupported OpenSSH key magic: ${magic}`);\n\n    const cipherName = readString(data, 15, true);\n    if (cipherName === undefined)\n      return new Error('Malformed OpenSSH private key');\n    if (cipherName !== 'none' && SUPPORTED_CIPHER.indexOf(cipherName) === -1)\n      return new Error(`Unsupported cipher for OpenSSH key: ${cipherName}`);\n\n    const kdfName = readString(data, data._pos, true);\n    if (kdfName === undefined)\n      return new Error('Malformed OpenSSH private key');\n    if (kdfName !== 'none') {\n      if (cipherName === 'none')\n        return new Error('Malformed OpenSSH private key');\n      if (kdfName !== 'bcrypt')\n        return new Error(`Unsupported kdf name for OpenSSH key: ${kdfName}`);\n      if (!passphrase) {\n        return new Error(\n          'Encrypted private OpenSSH key detected, but no passphrase given'\n        );\n      }\n    } else if (cipherName !== 'none') {\n      return new Error('Malformed OpenSSH private key');\n    }\n\n    let encInfo;\n    let cipherKey;\n    let cipherIV;\n    if (cipherName !== 'none')\n      encInfo = CIPHER_INFO[cipherName];\n    const kdfOptions = readString(data, data._pos);\n    if (kdfOptions === undefined)\n      return new Error('Malformed OpenSSH private key');\n    if (kdfOptions.length) {\n      switch (kdfName) {\n        case 'none':\n          return new Error('Malformed OpenSSH private key');\n        case 'bcrypt':\n          /*\n            string salt\n            uint32 rounds\n          */\n          const salt = readString(kdfOptions, 0);\n          if (salt === undefined || kdfOptions._pos + 4 > kdfOptions.length)\n            return new Error('Malformed OpenSSH private key');\n          const rounds = readUInt32BE(kdfOptions, kdfOptions._pos);\n          const gen = Buffer.allocUnsafe(encInfo.keyLen + encInfo.ivLen);\n          const r = bcrypt_pbkdf(passphrase,\n                                 passphrase.length,\n                                 salt,\n                                 salt.length,\n                                 gen,\n                                 gen.length,\n                                 rounds);\n          if (r !== 0)\n            return new Error('Failed to generate information to decrypt key');\n          cipherKey = bufferSlice(gen, 0, encInfo.keyLen);\n          cipherIV = bufferSlice(gen, encInfo.keyLen, gen.length);\n          break;\n      }\n    } else if (kdfName !== 'none') {\n      return new Error('Malformed OpenSSH private key');\n    }\n\n    if (data._pos + 3 >= data.length)\n      return new Error('Malformed OpenSSH private key');\n    const keyCount = readUInt32BE(data, data._pos);\n    data._pos += 4;\n\n    if (keyCount > 0) {\n      // TODO: place sensible limit on max `keyCount`\n\n      // Read public keys first\n      for (let i = 0; i < keyCount; ++i) {\n        const pubData = readString(data, data._pos);\n        if (pubData === undefined)\n          return new Error('Malformed OpenSSH private key');\n        const type = readString(pubData, 0, true);\n        if (type === undefined)\n          return new Error('Malformed OpenSSH private key');\n      }\n\n      let privBlob = readString(data, data._pos);\n      if (privBlob === undefined)\n        return new Error('Malformed OpenSSH private key');\n\n      if (cipherKey !== undefined) {\n        // Encrypted private key(s)\n        if (privBlob.length < encInfo.blockLen\n            || (privBlob.length % encInfo.blockLen) !== 0) {\n          return new Error('Malformed OpenSSH private key');\n        }\n        try {\n          const options = { authTagLength: encInfo.authLen };\n          const decipher = createDecipheriv(encInfo.sslName,\n                                            cipherKey,\n                                            cipherIV,\n                                            options);\n          if (encInfo.authLen > 0) {\n            if (data.length - data._pos < encInfo.authLen)\n              return new Error('Malformed OpenSSH private key');\n            decipher.setAuthTag(\n              bufferSlice(data, data._pos, data._pos += encInfo.authLen)\n            );\n          }\n          privBlob = combineBuffers(decipher.update(privBlob),\n                                    decipher.final());\n        } catch (ex) {\n          return ex;\n        }\n      }\n      // Nothing should we follow the private key(s), except a possible\n      // authentication tag for relevant ciphers\n      if (data._pos !== data.length)\n        return new Error('Malformed OpenSSH private key');\n\n      ret = parseOpenSSHPrivKeys(privBlob, keyCount, cipherKey !== undefined);\n    } else {\n      ret = [];\n    }\n    if (ret instanceof Error)\n      return ret;\n    // This will need to change if/when OpenSSH ever starts storing multiple\n    // keys in their key files\n    return ret[0];\n  };\n\n  function parseOpenSSHPrivKeys(data, nkeys, decrypted) {\n    const keys = [];\n    /*\n      uint32  checkint\n      uint32  checkint\n      string  privatekey1\n      string  comment1\n      string  privatekey2\n      string  comment2\n      ...\n      string  privatekeyN\n      string  commentN\n      char  1\n      char  2\n      char  3\n      ...\n      char  padlen % 255\n    */\n    if (data.length < 8)\n      return new Error('Malformed OpenSSH private key');\n    const check1 = readUInt32BE(data, 0);\n    const check2 = readUInt32BE(data, 4);\n    if (check1 !== check2) {\n      if (decrypted) {\n        return new Error(\n          'OpenSSH key integrity check failed -- bad passphrase?'\n        );\n      }\n      return new Error('OpenSSH key integrity check failed');\n    }\n    data._pos = 8;\n    let i;\n    let oid;\n    for (i = 0; i < nkeys; ++i) {\n      let algo;\n      let privPEM;\n      let pubPEM;\n      let pubSSH;\n      // The OpenSSH documentation for the key format actually lies, the\n      // entirety of the private key content is not contained with a string\n      // field, it's actually the literal contents of the private key, so to be\n      // able to find the end of the key data you need to know the layout/format\n      // of each key type ...\n      const type = readString(data, data._pos, true);\n      if (type === undefined)\n        return new Error('Malformed OpenSSH private key');\n\n      switch (type) {\n        case 'ssh-rsa': {\n          /*\n            string  n -- public\n            string  e -- public\n            string  d -- private\n            string  iqmp -- private\n            string  p -- private\n            string  q -- private\n          */\n          const n = readString(data, data._pos);\n          if (n === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const e = readString(data, data._pos);\n          if (e === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const d = readString(data, data._pos);\n          if (d === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const iqmp = readString(data, data._pos);\n          if (iqmp === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const p = readString(data, data._pos);\n          if (p === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const q = readString(data, data._pos);\n          if (q === undefined)\n            return new Error('Malformed OpenSSH private key');\n\n          pubPEM = genOpenSSLRSAPub(n, e);\n          pubSSH = genOpenSSHRSAPub(n, e);\n          privPEM = genOpenSSLRSAPriv(n, e, d, iqmp, p, q);\n          algo = 'sha1';\n          break;\n        }\n        case 'ssh-dss': {\n          /*\n            string  p -- public\n            string  q -- public\n            string  g -- public\n            string  y -- public\n            string  x -- private\n          */\n          const p = readString(data, data._pos);\n          if (p === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const q = readString(data, data._pos);\n          if (q === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const g = readString(data, data._pos);\n          if (g === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const y = readString(data, data._pos);\n          if (y === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const x = readString(data, data._pos);\n          if (x === undefined)\n            return new Error('Malformed OpenSSH private key');\n\n          pubPEM = genOpenSSLDSAPub(p, q, g, y);\n          pubSSH = genOpenSSHDSAPub(p, q, g, y);\n          privPEM = genOpenSSLDSAPriv(p, q, g, y, x);\n          algo = 'sha1';\n          break;\n        }\n        case 'ssh-ed25519': {\n          if (!eddsaSupported)\n            return new Error(`Unsupported OpenSSH private key type: ${type}`);\n          /*\n            * string  public key\n            * string  private key + public key\n          */\n          const edpub = readString(data, data._pos);\n          if (edpub === undefined || edpub.length !== 32)\n            return new Error('Malformed OpenSSH private key');\n          const edpriv = readString(data, data._pos);\n          if (edpriv === undefined || edpriv.length !== 64)\n            return new Error('Malformed OpenSSH private key');\n\n          pubPEM = genOpenSSLEdPub(edpub);\n          pubSSH = genOpenSSHEdPub(edpub);\n          privPEM = genOpenSSLEdPriv(bufferSlice(edpriv, 0, 32));\n          algo = null;\n          break;\n        }\n        case 'ecdsa-sha2-nistp256':\n          algo = 'sha256';\n          oid = '1.2.840.10045.3.1.7';\n        // FALLTHROUGH\n        case 'ecdsa-sha2-nistp384':\n          if (algo === undefined) {\n            algo = 'sha384';\n            oid = '1.3.132.0.34';\n          }\n        // FALLTHROUGH\n        case 'ecdsa-sha2-nistp521': {\n          if (algo === undefined) {\n            algo = 'sha512';\n            oid = '1.3.132.0.35';\n          }\n          /*\n            string  curve name\n            string  Q -- public\n            string  d -- private\n          */\n          // TODO: validate curve name against type\n          if (!skipFields(data, 1)) // Skip curve name\n            return new Error('Malformed OpenSSH private key');\n          const ecpub = readString(data, data._pos);\n          if (ecpub === undefined)\n            return new Error('Malformed OpenSSH private key');\n          const ecpriv = readString(data, data._pos);\n          if (ecpriv === undefined)\n            return new Error('Malformed OpenSSH private key');\n\n          pubPEM = genOpenSSLECDSAPub(oid, ecpub);\n          pubSSH = genOpenSSHECDSAPub(oid, ecpub);\n          privPEM = genOpenSSLECDSAPriv(oid, ecpub, ecpriv);\n          break;\n        }\n        default:\n          return new Error(`Unsupported OpenSSH private key type: ${type}`);\n      }\n\n      const privComment = readString(data, data._pos, true);\n      if (privComment === undefined)\n        return new Error('Malformed OpenSSH private key');\n\n      keys.push(\n        new OpenSSH_Private(type, privComment, privPEM, pubPEM, pubSSH, algo,\n                            decrypted)\n      );\n    }\n    let cnt = 0;\n    for (i = data._pos; i < data.length; ++i) {\n      if (data[i] !== (++cnt % 255))\n        return new Error('Malformed OpenSSH private key');\n    }\n\n    return keys;\n  }\n}\n\n\nfunction OpenSSH_Old_Private(type, comment, privPEM, pubPEM, pubSSH, algo,\n                             decrypted) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = privPEM;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = decrypted;\n}\nOpenSSH_Old_Private.prototype = BaseKey;\n{\n  const regexp = /^-----BEGIN (RSA|DSA|EC) PRIVATE KEY-----(?:\\r\\n|\\n)((?:[^:]+:\\s*[\\S].*(?:\\r\\n|\\n))*)([\\s\\S]+)(?:\\r\\n|\\n)-----END (RSA|DSA|EC) PRIVATE KEY-----$/;\n  OpenSSH_Old_Private.parse = (str, passphrase) => {\n    const m = regexp.exec(str);\n    if (m === null)\n      return null;\n    let privBlob = Buffer.from(m[3], 'base64');\n    let headers = m[2];\n    let decrypted = false;\n    if (headers !== undefined) {\n      // encrypted key\n      headers = headers.split(/\\r\\n|\\n/g);\n      for (let i = 0; i < headers.length; ++i) {\n        const header = headers[i];\n        let sepIdx = header.indexOf(':');\n        if (header.slice(0, sepIdx) === 'DEK-Info') {\n          const val = header.slice(sepIdx + 2);\n          sepIdx = val.indexOf(',');\n          if (sepIdx === -1)\n            continue;\n          const cipherName = val.slice(0, sepIdx).toLowerCase();\n          if (supportedOpenSSLCiphers.indexOf(cipherName) === -1) {\n            return new Error(\n              `Cipher (${cipherName}) not supported `\n                + 'for encrypted OpenSSH private key'\n            );\n          }\n          const encInfo = CIPHER_INFO_OPENSSL[cipherName];\n          if (!encInfo) {\n            return new Error(\n              `Cipher (${cipherName}) not supported `\n                + 'for encrypted OpenSSH private key'\n            );\n          }\n          const cipherIV = Buffer.from(val.slice(sepIdx + 1), 'hex');\n          if (cipherIV.length !== encInfo.ivLen)\n            return new Error('Malformed encrypted OpenSSH private key');\n          if (!passphrase) {\n            return new Error(\n              'Encrypted OpenSSH private key detected, but no passphrase given'\n            );\n          }\n          const ivSlice = bufferSlice(cipherIV, 0, 8);\n          let cipherKey = createHash('md5')\n                            .update(passphrase)\n                            .update(ivSlice)\n                            .digest();\n          while (cipherKey.length < encInfo.keyLen) {\n            cipherKey = combineBuffers(\n              cipherKey,\n              createHash('md5')\n                .update(cipherKey)\n                .update(passphrase)\n                .update(ivSlice)\n                .digest()\n            );\n          }\n          if (cipherKey.length > encInfo.keyLen)\n            cipherKey = bufferSlice(cipherKey, 0, encInfo.keyLen);\n          try {\n            const decipher = createDecipheriv(cipherName, cipherKey, cipherIV);\n            decipher.setAutoPadding(false);\n            privBlob = combineBuffers(decipher.update(privBlob),\n                                      decipher.final());\n            decrypted = true;\n          } catch (ex) {\n            return ex;\n          }\n        }\n      }\n    }\n\n    let type;\n    let privPEM;\n    let pubPEM;\n    let pubSSH;\n    let algo;\n    let reader;\n    let errMsg = 'Malformed OpenSSH private key';\n    if (decrypted)\n      errMsg += '. Bad passphrase?';\n    switch (m[1]) {\n      case 'RSA':\n        type = 'ssh-rsa';\n        privPEM = makePEM('RSA PRIVATE', privBlob);\n        try {\n          reader = new Ber.Reader(privBlob);\n          reader.readSequence();\n          reader.readInt(); // skip version\n          const n = reader.readString(Ber.Integer, true);\n          if (n === null)\n            return new Error(errMsg);\n          const e = reader.readString(Ber.Integer, true);\n          if (e === null)\n            return new Error(errMsg);\n          pubPEM = genOpenSSLRSAPub(n, e);\n          pubSSH = genOpenSSHRSAPub(n, e);\n        } catch {\n          return new Error(errMsg);\n        }\n        algo = 'sha1';\n        break;\n      case 'DSA':\n        type = 'ssh-dss';\n        privPEM = makePEM('DSA PRIVATE', privBlob);\n        try {\n          reader = new Ber.Reader(privBlob);\n          reader.readSequence();\n          reader.readInt(); // skip version\n          const p = reader.readString(Ber.Integer, true);\n          if (p === null)\n            return new Error(errMsg);\n          const q = reader.readString(Ber.Integer, true);\n          if (q === null)\n            return new Error(errMsg);\n          const g = reader.readString(Ber.Integer, true);\n          if (g === null)\n            return new Error(errMsg);\n          const y = reader.readString(Ber.Integer, true);\n          if (y === null)\n            return new Error(errMsg);\n          pubPEM = genOpenSSLDSAPub(p, q, g, y);\n          pubSSH = genOpenSSHDSAPub(p, q, g, y);\n        } catch {\n          return new Error(errMsg);\n        }\n        algo = 'sha1';\n        break;\n      case 'EC':\n        let ecSSLName;\n        let ecPriv;\n        let ecOID;\n        try {\n          reader = new Ber.Reader(privBlob);\n          reader.readSequence();\n          reader.readInt(); // skip version\n          ecPriv = reader.readString(Ber.OctetString, true);\n          reader.readByte(); // Skip \"complex\" context type byte\n          const offset = reader.readLength(); // Skip context length\n          if (offset !== null) {\n            reader._offset = offset;\n            ecOID = reader.readOID();\n            if (ecOID === null)\n              return new Error(errMsg);\n            switch (ecOID) {\n              case '1.2.840.10045.3.1.7':\n                // prime256v1/secp256r1\n                ecSSLName = 'prime256v1';\n                type = 'ecdsa-sha2-nistp256';\n                algo = 'sha256';\n                break;\n              case '1.3.132.0.34':\n                // secp384r1\n                ecSSLName = 'secp384r1';\n                type = 'ecdsa-sha2-nistp384';\n                algo = 'sha384';\n                break;\n              case '1.3.132.0.35':\n                // secp521r1\n                ecSSLName = 'secp521r1';\n                type = 'ecdsa-sha2-nistp521';\n                algo = 'sha512';\n                break;\n              default:\n                return new Error(`Unsupported private key EC OID: ${ecOID}`);\n            }\n          } else {\n            return new Error(errMsg);\n          }\n        } catch {\n          return new Error(errMsg);\n        }\n        privPEM = makePEM('EC PRIVATE', privBlob);\n        const pubBlob = genOpenSSLECDSAPubFromPriv(ecSSLName, ecPriv);\n        pubPEM = genOpenSSLECDSAPub(ecOID, pubBlob);\n        pubSSH = genOpenSSHECDSAPub(ecOID, pubBlob);\n        break;\n    }\n\n    return new OpenSSH_Old_Private(type, '', privPEM, pubPEM, pubSSH, algo,\n                                   decrypted);\n  };\n}\n\n\nfunction PPK_Private(type, comment, privPEM, pubPEM, pubSSH, algo, decrypted) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = privPEM;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = decrypted;\n}\nPPK_Private.prototype = BaseKey;\n{\n  const EMPTY_PASSPHRASE = Buffer.alloc(0);\n  const PPK_IV = Buffer.from([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]);\n  const PPK_PP1 = Buffer.from([0, 0, 0, 0]);\n  const PPK_PP2 = Buffer.from([0, 0, 0, 1]);\n  const regexp = /^PuTTY-User-Key-File-2: (ssh-(?:rsa|dss))\\r?\\nEncryption: (aes256-cbc|none)\\r?\\nComment: ([^\\r\\n]*)\\r?\\nPublic-Lines: \\d+\\r?\\n([\\s\\S]+?)\\r?\\nPrivate-Lines: \\d+\\r?\\n([\\s\\S]+?)\\r?\\nPrivate-MAC: ([^\\r\\n]+)/;\n  PPK_Private.parse = (str, passphrase) => {\n    const m = regexp.exec(str);\n    if (m === null)\n      return null;\n    // m[1] = key type\n    // m[2] = encryption type\n    // m[3] = comment\n    // m[4] = base64-encoded public key data:\n    //         for \"ssh-rsa\":\n    //          string \"ssh-rsa\"\n    //          mpint  e    (public exponent)\n    //          mpint  n    (modulus)\n    //         for \"ssh-dss\":\n    //          string \"ssh-dss\"\n    //          mpint p     (modulus)\n    //          mpint q     (prime)\n    //          mpint g     (base number)\n    //          mpint y     (public key parameter: g^x mod p)\n    // m[5] = base64-encoded private key data:\n    //         for \"ssh-rsa\":\n    //          mpint  d    (private exponent)\n    //          mpint  p    (prime 1)\n    //          mpint  q    (prime 2)\n    //          mpint  iqmp ([inverse of q] mod p)\n    //         for \"ssh-dss\":\n    //          mpint x     (private key parameter)\n    // m[6] = SHA1 HMAC over:\n    //          string  name of algorithm (\"ssh-dss\", \"ssh-rsa\")\n    //          string  encryption type\n    //          string  comment\n    //          string  public key data\n    //          string  private-plaintext (including the final padding)\n    const cipherName = m[2];\n    const encrypted = (cipherName !== 'none');\n    if (encrypted && !passphrase) {\n      return new Error(\n        'Encrypted PPK private key detected, but no passphrase given'\n      );\n    }\n\n    let privBlob = Buffer.from(m[5], 'base64');\n\n    if (encrypted) {\n      const encInfo = CIPHER_INFO[cipherName];\n      let cipherKey = combineBuffers(\n        createHash('sha1').update(PPK_PP1).update(passphrase).digest(),\n        createHash('sha1').update(PPK_PP2).update(passphrase).digest()\n      );\n      if (cipherKey.length > encInfo.keyLen)\n        cipherKey = bufferSlice(cipherKey, 0, encInfo.keyLen);\n      try {\n        const decipher = createDecipheriv(encInfo.sslName,\n                                        cipherKey,\n                                        PPK_IV);\n        decipher.setAutoPadding(false);\n        privBlob = combineBuffers(decipher.update(privBlob),\n                                  decipher.final());\n      } catch (ex) {\n        return ex;\n      }\n    }\n\n    const type = m[1];\n    const comment = m[3];\n    const pubBlob = Buffer.from(m[4], 'base64');\n\n    const mac = m[6];\n    const typeLen = type.length;\n    const cipherNameLen = cipherName.length;\n    const commentLen = Buffer.byteLength(comment);\n    const pubLen = pubBlob.length;\n    const privLen = privBlob.length;\n    const macData = Buffer.allocUnsafe(4 + typeLen\n                                       + 4 + cipherNameLen\n                                       + 4 + commentLen\n                                       + 4 + pubLen\n                                       + 4 + privLen);\n    let p = 0;\n\n    writeUInt32BE(macData, typeLen, p);\n    macData.utf8Write(type, p += 4, typeLen);\n    writeUInt32BE(macData, cipherNameLen, p += typeLen);\n    macData.utf8Write(cipherName, p += 4, cipherNameLen);\n    writeUInt32BE(macData, commentLen, p += cipherNameLen);\n    macData.utf8Write(comment, p += 4, commentLen);\n    writeUInt32BE(macData, pubLen, p += commentLen);\n    macData.set(pubBlob, p += 4);\n    writeUInt32BE(macData, privLen, p += pubLen);\n    macData.set(privBlob, p + 4);\n\n    if (!passphrase)\n      passphrase = EMPTY_PASSPHRASE;\n\n    const calcMAC = createHmac(\n      'sha1',\n       createHash('sha1')\n         .update('putty-private-key-file-mac-key')\n         .update(passphrase)\n         .digest()\n    ).update(macData).digest('hex');\n\n    if (calcMAC !== mac) {\n      if (encrypted) {\n        return new Error(\n          'PPK private key integrity check failed -- bad passphrase?'\n        );\n      }\n      return new Error('PPK private key integrity check failed');\n    }\n\n    let pubPEM;\n    let pubSSH;\n    let privPEM;\n    pubBlob._pos = 0;\n    skipFields(pubBlob, 1); // skip (duplicate) key type\n    switch (type) {\n      case 'ssh-rsa': {\n        const e = readString(pubBlob, pubBlob._pos);\n        if (e === undefined)\n          return new Error('Malformed PPK public key');\n        const n = readString(pubBlob, pubBlob._pos);\n        if (n === undefined)\n          return new Error('Malformed PPK public key');\n        const d = readString(privBlob, 0);\n        if (d === undefined)\n          return new Error('Malformed PPK private key');\n        const p = readString(privBlob, privBlob._pos);\n        if (p === undefined)\n          return new Error('Malformed PPK private key');\n        const q = readString(privBlob, privBlob._pos);\n        if (q === undefined)\n          return new Error('Malformed PPK private key');\n        const iqmp = readString(privBlob, privBlob._pos);\n        if (iqmp === undefined)\n          return new Error('Malformed PPK private key');\n        pubPEM = genOpenSSLRSAPub(n, e);\n        pubSSH = genOpenSSHRSAPub(n, e);\n        privPEM = genOpenSSLRSAPriv(n, e, d, iqmp, p, q);\n        break;\n      }\n      case 'ssh-dss': {\n        const p = readString(pubBlob, pubBlob._pos);\n        if (p === undefined)\n          return new Error('Malformed PPK public key');\n        const q = readString(pubBlob, pubBlob._pos);\n        if (q === undefined)\n          return new Error('Malformed PPK public key');\n        const g = readString(pubBlob, pubBlob._pos);\n        if (g === undefined)\n          return new Error('Malformed PPK public key');\n        const y = readString(pubBlob, pubBlob._pos);\n        if (y === undefined)\n          return new Error('Malformed PPK public key');\n        const x = readString(privBlob, 0);\n        if (x === undefined)\n          return new Error('Malformed PPK private key');\n\n        pubPEM = genOpenSSLDSAPub(p, q, g, y);\n        pubSSH = genOpenSSHDSAPub(p, q, g, y);\n        privPEM = genOpenSSLDSAPriv(p, q, g, y, x);\n        break;\n      }\n    }\n\n    return new PPK_Private(type, comment, privPEM, pubPEM, pubSSH, 'sha1',\n                           encrypted);\n  };\n}\n\n\nfunction OpenSSH_Public(type, comment, pubPEM, pubSSH, algo) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = null;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = false;\n}\nOpenSSH_Public.prototype = BaseKey;\n{\n  let regexp;\n  if (eddsaSupported)\n    regexp = /^(((?:ssh-(?:rsa|dss|ed25519))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\\s+([\\S].*)?)$/;\n  else\n    regexp = /^(((?:ssh-(?:rsa|dss))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\\s+([\\S].*)?)$/;\n  OpenSSH_Public.parse = (str) => {\n    const m = regexp.exec(str);\n    if (m === null)\n      return null;\n    // m[1] = full type\n    // m[2] = base type\n    // m[3] = base64-encoded public key\n    // m[4] = comment\n\n    const fullType = m[1];\n    const baseType = m[2];\n    const data = Buffer.from(m[3], 'base64');\n    const comment = (m[4] || '');\n\n    const type = readString(data, data._pos, true);\n    if (type === undefined || type.indexOf(baseType) !== 0)\n      return new Error('Malformed OpenSSH public key');\n\n    return parseDER(data, baseType, comment, fullType);\n  };\n}\n\n\nfunction RFC4716_Public(type, comment, pubPEM, pubSSH, algo) {\n  this.type = type;\n  this.comment = comment;\n  this[SYM_PRIV_PEM] = null;\n  this[SYM_PUB_PEM] = pubPEM;\n  this[SYM_PUB_SSH] = pubSSH;\n  this[SYM_HASH_ALGO] = algo;\n  this[SYM_DECRYPTED] = false;\n}\nRFC4716_Public.prototype = BaseKey;\n{\n  const regexp = /^---- BEGIN SSH2 PUBLIC KEY ----(?:\\r?\\n)((?:.{0,72}\\r?\\n)+)---- END SSH2 PUBLIC KEY ----$/;\n  const RE_DATA = /^[A-Z0-9a-z/+=\\r\\n]+$/;\n  const RE_HEADER = /^([\\x21-\\x39\\x3B-\\x7E]{1,64}): ((?:[^\\\\]*\\\\\\r?\\n)*[^\\r\\n]+)\\r?\\n/gm;\n  const RE_HEADER_ENDS = /\\\\\\r?\\n/g;\n  RFC4716_Public.parse = (str) => {\n    let m = regexp.exec(str);\n    if (m === null)\n      return null;\n\n    const body = m[1];\n    let dataStart = 0;\n    let comment = '';\n\n    while (m = RE_HEADER.exec(body)) {\n      const headerName = m[1];\n      const headerValue = m[2].replace(RE_HEADER_ENDS, '');\n      if (headerValue.length > 1024) {\n        RE_HEADER.lastIndex = 0;\n        return new Error('Malformed RFC4716 public key');\n      }\n\n      dataStart = RE_HEADER.lastIndex;\n\n      if (headerName.toLowerCase() === 'comment') {\n        comment = headerValue;\n        if (comment.length > 1\n            && comment.charCodeAt(0) === 34/* '\"' */\n            && comment.charCodeAt(comment.length - 1) === 34/* '\"' */) {\n          comment = comment.slice(1, -1);\n        }\n      }\n    }\n\n    let data = body.slice(dataStart);\n    if (!RE_DATA.test(data))\n      return new Error('Malformed RFC4716 public key');\n\n    data = Buffer.from(data, 'base64');\n\n    const type = readString(data, 0, true);\n    if (type === undefined)\n      return new Error('Malformed RFC4716 public key');\n\n    let pubPEM = null;\n    let pubSSH = null;\n    switch (type) {\n      case 'ssh-rsa': {\n        const e = readString(data, data._pos);\n        if (e === undefined)\n          return new Error('Malformed RFC4716 public key');\n        const n = readString(data, data._pos);\n        if (n === undefined)\n          return new Error('Malformed RFC4716 public key');\n        pubPEM = genOpenSSLRSAPub(n, e);\n        pubSSH = genOpenSSHRSAPub(n, e);\n        break;\n      }\n      case 'ssh-dss': {\n        const p = readString(data, data._pos);\n        if (p === undefined)\n          return new Error('Malformed RFC4716 public key');\n        const q = readString(data, data._pos);\n        if (q === undefined)\n          return new Error('Malformed RFC4716 public key');\n        const g = readString(data, data._pos);\n        if (g === undefined)\n          return new Error('Malformed RFC4716 public key');\n        const y = readString(data, data._pos);\n        if (y === undefined)\n          return new Error('Malformed RFC4716 public key');\n        pubPEM = genOpenSSLDSAPub(p, q, g, y);\n        pubSSH = genOpenSSHDSAPub(p, q, g, y);\n        break;\n      }\n      default:\n        return new Error('Malformed RFC4716 public key');\n    }\n\n    return new RFC4716_Public(type, comment, pubPEM, pubSSH, 'sha1');\n  };\n}\n\n\nfunction parseDER(data, baseType, comment, fullType) {\n  if (!isSupportedKeyType(baseType))\n    return new Error(`Unsupported OpenSSH public key type: ${baseType}`);\n\n  let algo;\n  let oid;\n  let pubPEM = null;\n  let pubSSH = null;\n\n  switch (baseType) {\n    case 'ssh-rsa': {\n      const e = readString(data, data._pos || 0);\n      if (e === undefined)\n        return new Error('Malformed OpenSSH public key');\n      const n = readString(data, data._pos);\n      if (n === undefined)\n        return new Error('Malformed OpenSSH public key');\n      pubPEM = genOpenSSLRSAPub(n, e);\n      pubSSH = genOpenSSHRSAPub(n, e);\n      algo = 'sha1';\n      break;\n    }\n    case 'ssh-dss': {\n      const p = readString(data, data._pos || 0);\n      if (p === undefined)\n        return new Error('Malformed OpenSSH public key');\n      const q = readString(data, data._pos);\n      if (q === undefined)\n        return new Error('Malformed OpenSSH public key');\n      const g = readString(data, data._pos);\n      if (g === undefined)\n        return new Error('Malformed OpenSSH public key');\n      const y = readString(data, data._pos);\n      if (y === undefined)\n        return new Error('Malformed OpenSSH public key');\n      pubPEM = genOpenSSLDSAPub(p, q, g, y);\n      pubSSH = genOpenSSHDSAPub(p, q, g, y);\n      algo = 'sha1';\n      break;\n    }\n    case 'ssh-ed25519': {\n      const edpub = readString(data, data._pos || 0);\n      if (edpub === undefined || edpub.length !== 32)\n        return new Error('Malformed OpenSSH public key');\n      pubPEM = genOpenSSLEdPub(edpub);\n      pubSSH = genOpenSSHEdPub(edpub);\n      algo = null;\n      break;\n    }\n    case 'ecdsa-sha2-nistp256':\n      algo = 'sha256';\n      oid = '1.2.840.10045.3.1.7';\n    // FALLTHROUGH\n    case 'ecdsa-sha2-nistp384':\n      if (algo === undefined) {\n        algo = 'sha384';\n        oid = '1.3.132.0.34';\n      }\n    // FALLTHROUGH\n    case 'ecdsa-sha2-nistp521': {\n      if (algo === undefined) {\n        algo = 'sha512';\n        oid = '1.3.132.0.35';\n      }\n      // TODO: validate curve name against type\n      if (!skipFields(data, 1)) // Skip curve name\n        return new Error('Malformed OpenSSH public key');\n      const ecpub = readString(data, data._pos || 0);\n      if (ecpub === undefined)\n        return new Error('Malformed OpenSSH public key');\n      pubPEM = genOpenSSLECDSAPub(oid, ecpub);\n      pubSSH = genOpenSSHECDSAPub(oid, ecpub);\n      break;\n    }\n    default:\n      return new Error(`Unsupported OpenSSH public key type: ${baseType}`);\n  }\n\n  return new OpenSSH_Public(fullType, comment, pubPEM, pubSSH, algo);\n}\n\nfunction isSupportedKeyType(type) {\n  switch (type) {\n    case 'ssh-rsa':\n    case 'ssh-dss':\n    case 'ecdsa-sha2-nistp256':\n    case 'ecdsa-sha2-nistp384':\n    case 'ecdsa-sha2-nistp521':\n      return true;\n    case 'ssh-ed25519':\n      if (eddsaSupported)\n        return true;\n    // FALLTHROUGH\n    default:\n      return false;\n  }\n}\n\nfunction isParsedKey(val) {\n  if (!val)\n    return false;\n  return (typeof val[SYM_DECRYPTED] === 'boolean');\n}\n\nfunction parseKey(data, passphrase) {\n  if (isParsedKey(data))\n    return data;\n\n  let origBuffer;\n  if (Buffer.isBuffer(data)) {\n    origBuffer = data;\n    data = data.utf8Slice(0, data.length).trim();\n  } else if (typeof data === 'string') {\n    data = data.trim();\n  } else {\n    return new Error('Key data must be a Buffer or string');\n  }\n\n  // eslint-disable-next-line eqeqeq\n  if (passphrase != undefined) {\n    if (typeof passphrase === 'string')\n      passphrase = Buffer.from(passphrase);\n    else if (!Buffer.isBuffer(passphrase))\n      return new Error('Passphrase must be a string or Buffer when supplied');\n  }\n\n  let ret;\n\n  // First try as printable string format (e.g. PEM)\n\n  // Private keys\n  if ((ret = OpenSSH_Private.parse(data, passphrase)) !== null)\n    return ret;\n  if ((ret = OpenSSH_Old_Private.parse(data, passphrase)) !== null)\n    return ret;\n  if ((ret = PPK_Private.parse(data, passphrase)) !== null)\n    return ret;\n\n  // Public keys\n  if ((ret = OpenSSH_Public.parse(data)) !== null)\n    return ret;\n  if ((ret = RFC4716_Public.parse(data)) !== null)\n    return ret;\n\n  // Finally try as a binary format if we were originally passed binary data\n  if (origBuffer) {\n    binaryKeyParser.init(origBuffer, 0);\n    const type = binaryKeyParser.readString(true);\n    if (type !== undefined) {\n      data = binaryKeyParser.readRaw();\n      if (data !== undefined) {\n        ret = parseDER(data, type, '', type);\n        // Ignore potentially useless errors in case the data was not actually\n        // in the binary format\n        if (ret instanceof Error)\n          ret = null;\n      }\n    }\n    binaryKeyParser.clear();\n  }\n\n  if (ret)\n    return ret;\n\n  return new Error('Unsupported key format');\n}\n\nmodule.exports = {\n  isParsedKey,\n  isSupportedKeyType,\n  parseDERKey: (data, type) => parseDER(data, type, '', type),\n  parseKey,\n};\n","'use strict';\n\nconst assert = require('assert');\nconst { inspect } = require('util');\n\n// Only use this for integers! Decimal numbers do not work with this function.\nfunction addNumericalSeparator(val) {\n  let res = '';\n  let i = val.length;\n  const start = val[0] === '-' ? 1 : 0;\n  for (; i >= start + 4; i -= 3)\n    res = `_${val.slice(i - 3, i)}${res}`;\n  return `${val.slice(0, i)}${res}`;\n}\n\nfunction oneOf(expected, thing) {\n  assert(typeof thing === 'string', '`thing` has to be of type string');\n  if (Array.isArray(expected)) {\n    const len = expected.length;\n    assert(len > 0, 'At least one expected value needs to be specified');\n    expected = expected.map((i) => String(i));\n    if (len > 2) {\n      return `one of ${thing} ${expected.slice(0, len - 1).join(', ')}, or `\n              + expected[len - 1];\n    } else if (len === 2) {\n      return `one of ${thing} ${expected[0]} or ${expected[1]}`;\n    }\n    return `of ${thing} ${expected[0]}`;\n  }\n  return `of ${thing} ${String(expected)}`;\n}\n\n\nexports.ERR_INTERNAL_ASSERTION = class ERR_INTERNAL_ASSERTION extends Error {\n  constructor(message) {\n    super();\n    Error.captureStackTrace(this, ERR_INTERNAL_ASSERTION);\n\n    const suffix = 'This is caused by either a bug in ssh2 '\n                   + 'or incorrect usage of ssh2 internals.\\n'\n                   + 'Please open an issue with this stack trace at '\n                   + 'https://github.com/mscdex/ssh2/issues\\n';\n\n    this.message = (message === undefined ? suffix : `${message}\\n${suffix}`);\n  }\n};\n\nconst MAX_32BIT_INT = 2 ** 32;\nconst MAX_32BIT_BIGINT = (() => {\n  try {\n    return new Function('return 2n ** 32n')();\n  } catch {}\n})();\nexports.ERR_OUT_OF_RANGE = class ERR_OUT_OF_RANGE extends RangeError {\n  constructor(str, range, input, replaceDefaultBoolean) {\n    super();\n    Error.captureStackTrace(this, ERR_OUT_OF_RANGE);\n\n    assert(range, 'Missing \"range\" argument');\n    let msg = (replaceDefaultBoolean\n               ? str\n               : `The value of \"${str}\" is out of range.`);\n    let received;\n    if (Number.isInteger(input) && Math.abs(input) > MAX_32BIT_INT) {\n      received = addNumericalSeparator(String(input));\n    } else if (typeof input === 'bigint') {\n      received = String(input);\n      if (input > MAX_32BIT_BIGINT || input < -MAX_32BIT_BIGINT)\n        received = addNumericalSeparator(received);\n      received += 'n';\n    } else {\n      received = inspect(input);\n    }\n    msg += ` It must be ${range}. Received ${received}`;\n\n    this.message = msg;\n  }\n};\n\nclass ERR_INVALID_ARG_TYPE extends TypeError {\n  constructor(name, expected, actual) {\n    super();\n    Error.captureStackTrace(this, ERR_INVALID_ARG_TYPE);\n\n    assert(typeof name === 'string', `'name' must be a string`);\n\n    // determiner: 'must be' or 'must not be'\n    let determiner;\n    if (typeof expected === 'string' && expected.startsWith('not ')) {\n      determiner = 'must not be';\n      expected = expected.replace(/^not /, '');\n    } else {\n      determiner = 'must be';\n    }\n\n    let msg;\n    if (name.endsWith(' argument')) {\n      // For cases like 'first argument'\n      msg = `The ${name} ${determiner} ${oneOf(expected, 'type')}`;\n    } else {\n      const type = (name.includes('.') ? 'property' : 'argument');\n      msg = `The \"${name}\" ${type} ${determiner} ${oneOf(expected, 'type')}`;\n    }\n\n    msg += `. Received type ${typeof actual}`;\n\n    this.message = msg;\n  }\n}\nexports.ERR_INVALID_ARG_TYPE = ERR_INVALID_ARG_TYPE;\n\nexports.validateNumber = function validateNumber(value, name) {\n  if (typeof value !== 'number')\n    throw new ERR_INVALID_ARG_TYPE(name, 'number', value);\n};\n","'use strict';\n\nconst Ber = require('asn1').Ber;\n\nlet DISCONNECT_REASON;\n\nconst FastBuffer = Buffer[Symbol.species];\nconst TypedArrayFill = Object.getPrototypeOf(Uint8Array.prototype).fill;\n\nfunction readUInt32BE(buf, offset) {\n  return (buf[offset++] * 16777216)\n         + (buf[offset++] * 65536)\n         + (buf[offset++] * 256)\n         + buf[offset];\n}\n\nfunction bufferCopy(src, dest, srcStart, srcEnd, destStart) {\n  if (!destStart)\n    destStart = 0;\n  if (srcEnd > src.length)\n    srcEnd = src.length;\n  let nb = srcEnd - srcStart;\n  const destLeft = (dest.length - destStart);\n  if (nb > destLeft)\n    nb = destLeft;\n  dest.set(new Uint8Array(src.buffer, src.byteOffset + srcStart, nb),\n           destStart);\n  return nb;\n}\n\nfunction bufferSlice(buf, start, end) {\n  if (end === undefined)\n    end = buf.length;\n  return new FastBuffer(buf.buffer, buf.byteOffset + start, end - start);\n}\n\nfunction makeBufferParser() {\n  let pos = 0;\n  let buffer;\n\n  const self = {\n    init: (buf, start) => {\n      buffer = buf;\n      pos = (typeof start === 'number' ? start : 0);\n    },\n    pos: () => pos,\n    length: () => (buffer ? buffer.length : 0),\n    avail: () => (buffer && pos < buffer.length ? buffer.length - pos : 0),\n    clear: () => {\n      buffer = undefined;\n    },\n    readUInt32BE: () => {\n      if (!buffer || pos + 3 >= buffer.length)\n        return;\n      return (buffer[pos++] * 16777216)\n             + (buffer[pos++] * 65536)\n             + (buffer[pos++] * 256)\n             + buffer[pos++];\n    },\n    readUInt64BE: (behavior) => {\n      if (!buffer || pos + 7 >= buffer.length)\n        return;\n      switch (behavior) {\n        case 'always':\n          return BigInt(`0x${buffer.hexSlice(pos, pos += 8)}`);\n        case 'maybe':\n          if (buffer[pos] > 0x1F)\n            return BigInt(`0x${buffer.hexSlice(pos, pos += 8)}`);\n          // FALLTHROUGH\n        default:\n          return (buffer[pos++] * 72057594037927940)\n                 + (buffer[pos++] * 281474976710656)\n                 + (buffer[pos++] * 1099511627776)\n                 + (buffer[pos++] * 4294967296)\n                 + (buffer[pos++] * 16777216)\n                 + (buffer[pos++] * 65536)\n                 + (buffer[pos++] * 256)\n                 + buffer[pos++];\n      }\n    },\n    skip: (n) => {\n      if (buffer && n > 0)\n        pos += n;\n    },\n    skipString: () => {\n      const len = self.readUInt32BE();\n      if (len === undefined)\n        return;\n      pos += len;\n      return (pos <= buffer.length ? len : undefined);\n    },\n    readByte: () => {\n      if (buffer && pos < buffer.length)\n        return buffer[pos++];\n    },\n    readBool: () => {\n      if (buffer && pos < buffer.length)\n        return !!buffer[pos++];\n    },\n    readList: () => {\n      const list = self.readString(true);\n      if (list === undefined)\n        return;\n      return (list ? list.split(',') : []);\n    },\n    readString: (dest, maxLen) => {\n      if (typeof dest === 'number') {\n        maxLen = dest;\n        dest = undefined;\n      }\n\n      const len = self.readUInt32BE();\n      if (len === undefined)\n        return;\n\n      if ((buffer.length - pos) < len\n          || (typeof maxLen === 'number' && len > maxLen)) {\n        return;\n      }\n\n      if (dest) {\n        if (Buffer.isBuffer(dest))\n          return bufferCopy(buffer, dest, pos, pos += len);\n        return buffer.utf8Slice(pos, pos += len);\n      }\n      return bufferSlice(buffer, pos, pos += len);\n    },\n    readRaw: (len) => {\n      if (!buffer)\n        return;\n      if (typeof len !== 'number')\n        return bufferSlice(buffer, pos, pos += (buffer.length - pos));\n      if ((buffer.length - pos) >= len)\n        return bufferSlice(buffer, pos, pos += len);\n    },\n  };\n\n  return self;\n}\n\nfunction makeError(msg, level, fatal) {\n  const err = new Error(msg);\n  if (typeof level === 'boolean') {\n    fatal = level;\n    err.level = 'protocol';\n  } else {\n    err.level = level || 'protocol';\n  }\n  err.fatal = !!fatal;\n  return err;\n}\n\nfunction writeUInt32BE(buf, value, offset) {\n  buf[offset++] = (value >>> 24);\n  buf[offset++] = (value >>> 16);\n  buf[offset++] = (value >>> 8);\n  buf[offset++] = value;\n  return offset;\n}\n\nconst utilBufferParser = makeBufferParser();\n\nmodule.exports = {\n  bufferCopy,\n  bufferSlice,\n  FastBuffer,\n  bufferFill: (buf, value, start, end) => {\n    return TypedArrayFill.call(buf, value, start, end);\n  },\n  makeError,\n  doFatalError: (protocol, msg, level, reason) => {\n    let err;\n    if (DISCONNECT_REASON === undefined)\n      ({ DISCONNECT_REASON } = require('./constants.js'));\n    if (msg instanceof Error) {\n      // doFatalError(protocol, err[, reason])\n      err = msg;\n      if (typeof level !== 'number')\n        reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n      else\n        reason = level;\n    } else {\n      // doFatalError(protocol, msg[, level[, reason]])\n      err = makeError(msg, level, true);\n    }\n    if (typeof reason !== 'number')\n      reason = DISCONNECT_REASON.PROTOCOL_ERROR;\n    protocol.disconnect(reason);\n    protocol._destruct();\n    protocol._onError(err);\n    return Infinity;\n  },\n  readUInt32BE,\n  writeUInt32BE,\n  writeUInt32LE: (buf, value, offset) => {\n    buf[offset++] = value;\n    buf[offset++] = (value >>> 8);\n    buf[offset++] = (value >>> 16);\n    buf[offset++] = (value >>> 24);\n    return offset;\n  },\n  makeBufferParser,\n  bufferParser: makeBufferParser(),\n  readString: (buffer, start, dest, maxLen) => {\n    if (typeof dest === 'number') {\n      maxLen = dest;\n      dest = undefined;\n    }\n\n    if (start === undefined)\n      start = 0;\n\n    const left = (buffer.length - start);\n    if (start < 0 || start >= buffer.length || left < 4)\n      return;\n\n    const len = readUInt32BE(buffer, start);\n    if (left < (4 + len) || (typeof maxLen === 'number' && len > maxLen))\n      return;\n\n    start += 4;\n    const end = start + len;\n    buffer._pos = end;\n\n    if (dest) {\n      if (Buffer.isBuffer(dest))\n        return bufferCopy(buffer, dest, start, end);\n      return buffer.utf8Slice(start, end);\n    }\n    return bufferSlice(buffer, start, end);\n  },\n  sigSSHToASN1: (sig, type) => {\n    switch (type) {\n      case 'ssh-dss': {\n        if (sig.length > 40)\n          return sig;\n        // Change bare signature r and s values to ASN.1 BER values for OpenSSL\n        const asnWriter = new Ber.Writer();\n        asnWriter.startSequence();\n        let r = sig.slice(0, 20);\n        let s = sig.slice(20);\n        if (r[0] & 0x80) {\n          const rNew = Buffer.allocUnsafe(21);\n          rNew[0] = 0x00;\n          r.copy(rNew, 1);\n          r = rNew;\n        } else if (r[0] === 0x00 && !(r[1] & 0x80)) {\n          r = r.slice(1);\n        }\n        if (s[0] & 0x80) {\n          const sNew = Buffer.allocUnsafe(21);\n          sNew[0] = 0x00;\n          s.copy(sNew, 1);\n          s = sNew;\n        } else if (s[0] === 0x00 && !(s[1] & 0x80)) {\n          s = s.slice(1);\n        }\n        asnWriter.writeBuffer(r, Ber.Integer);\n        asnWriter.writeBuffer(s, Ber.Integer);\n        asnWriter.endSequence();\n        return asnWriter.buffer;\n      }\n      case 'ecdsa-sha2-nistp256':\n      case 'ecdsa-sha2-nistp384':\n      case 'ecdsa-sha2-nistp521': {\n        utilBufferParser.init(sig, 0);\n        const r = utilBufferParser.readString();\n        const s = utilBufferParser.readString();\n        utilBufferParser.clear();\n        if (r === undefined || s === undefined)\n          return;\n\n        const asnWriter = new Ber.Writer();\n        asnWriter.startSequence();\n        asnWriter.writeBuffer(r, Ber.Integer);\n        asnWriter.writeBuffer(s, Ber.Integer);\n        asnWriter.endSequence();\n        return asnWriter.buffer;\n      }\n      default:\n        return sig;\n    }\n  },\n  convertSignature: (signature, keyType) => {\n    switch (keyType) {\n      case 'ssh-dss': {\n        if (signature.length <= 40)\n          return signature;\n        // This is a quick and dirty way to get from BER encoded r and s that\n        // OpenSSL gives us, to just the bare values back to back (40 bytes\n        // total) like OpenSSH (and possibly others) are expecting\n        const asnReader = new Ber.Reader(signature);\n        asnReader.readSequence();\n        let r = asnReader.readString(Ber.Integer, true);\n        let s = asnReader.readString(Ber.Integer, true);\n        let rOffset = 0;\n        let sOffset = 0;\n        if (r.length < 20) {\n          const rNew = Buffer.allocUnsafe(20);\n          rNew.set(r, 1);\n          r = rNew;\n          r[0] = 0;\n        }\n        if (s.length < 20) {\n          const sNew = Buffer.allocUnsafe(20);\n          sNew.set(s, 1);\n          s = sNew;\n          s[0] = 0;\n        }\n        if (r.length > 20 && r[0] === 0)\n          rOffset = 1;\n        if (s.length > 20 && s[0] === 0)\n          sOffset = 1;\n        const newSig =\n          Buffer.allocUnsafe((r.length - rOffset) + (s.length - sOffset));\n        bufferCopy(r, newSig, rOffset, r.length, 0);\n        bufferCopy(s, newSig, sOffset, s.length, r.length - rOffset);\n        return newSig;\n      }\n      case 'ecdsa-sha2-nistp256':\n      case 'ecdsa-sha2-nistp384':\n      case 'ecdsa-sha2-nistp521': {\n        if (signature[0] === 0)\n          return signature;\n        // Convert SSH signature parameters to ASN.1 BER values for OpenSSL\n        const asnReader = new Ber.Reader(signature);\n        asnReader.readSequence();\n        const r = asnReader.readString(Ber.Integer, true);\n        const s = asnReader.readString(Ber.Integer, true);\n        if (r === null || s === null)\n          return;\n        const newSig = Buffer.allocUnsafe(4 + r.length + 4 + s.length);\n        writeUInt32BE(newSig, r.length, 0);\n        newSig.set(r, 4);\n        writeUInt32BE(newSig, s.length, 4 + r.length);\n        newSig.set(s, 4 + 4 + r.length);\n        return newSig;\n      }\n    }\n\n    return signature;\n  },\n  sendPacket: (proto, packet, bypass) => {\n    if (!bypass && proto._kexinit !== undefined) {\n      // We're currently in the middle of a handshake\n\n      if (proto._queue === undefined)\n        proto._queue = [];\n      proto._queue.push(packet);\n      proto._debug && proto._debug('Outbound: ... packet queued');\n      return false;\n    }\n    proto._cipher.encrypt(packet);\n    return true;\n  },\n};\n","'use strict';\n\nconst { kMaxLength } = require('buffer');\nconst {\n  createInflate,\n  constants: {\n    DEFLATE,\n    INFLATE,\n    Z_DEFAULT_CHUNK,\n    Z_DEFAULT_COMPRESSION,\n    Z_DEFAULT_MEMLEVEL,\n    Z_DEFAULT_STRATEGY,\n    Z_DEFAULT_WINDOWBITS,\n    Z_PARTIAL_FLUSH,\n  }\n} = require('zlib');\nconst ZlibHandle = createInflate()._handle.constructor;\n\nfunction processCallback() {\n  throw new Error('Should not get here');\n}\n\nfunction zlibOnError(message, errno, code) {\n  const self = this._owner;\n  // There is no way to cleanly recover.\n  // Continuing only obscures problems.\n\n  const error = new Error(message);\n  error.errno = errno;\n  error.code = code;\n  self._err = error;\n}\n\nfunction _close(engine) {\n  // Caller may invoke .close after a zlib error (which will null _handle).\n  if (!engine._handle)\n    return;\n\n  engine._handle.close();\n  engine._handle = null;\n}\n\nclass Zlib {\n  constructor(mode) {\n    const windowBits = Z_DEFAULT_WINDOWBITS;\n    const level = Z_DEFAULT_COMPRESSION;\n    const memLevel = Z_DEFAULT_MEMLEVEL;\n    const strategy = Z_DEFAULT_STRATEGY;\n    const dictionary = undefined;\n\n    this._err = undefined;\n    this._writeState = new Uint32Array(2);\n    this._chunkSize = Z_DEFAULT_CHUNK;\n    this._maxOutputLength = kMaxLength;\n    this._outBuffer = Buffer.allocUnsafe(this._chunkSize);\n    this._outOffset = 0;\n\n    this._handle = new ZlibHandle(mode);\n    this._handle._owner = this;\n    this._handle.onerror = zlibOnError;\n    this._handle.init(windowBits,\n                      level,\n                      memLevel,\n                      strategy,\n                      this._writeState,\n                      processCallback,\n                      dictionary);\n  }\n\n  writeSync(chunk, retChunks) {\n    const handle = this._handle;\n    if (!handle)\n      throw new Error('Invalid Zlib instance');\n\n    let availInBefore = chunk.length;\n    let availOutBefore = this._chunkSize - this._outOffset;\n    let inOff = 0;\n    let availOutAfter;\n    let availInAfter;\n\n    let buffers;\n    let nread = 0;\n    const state = this._writeState;\n    let buffer = this._outBuffer;\n    let offset = this._outOffset;\n    const chunkSize = this._chunkSize;\n\n    while (true) {\n      handle.writeSync(Z_PARTIAL_FLUSH,\n                       chunk, // in\n                       inOff, // in_off\n                       availInBefore, // in_len\n                       buffer, // out\n                       offset, // out_off\n                       availOutBefore); // out_len\n      if (this._err)\n        throw this._err;\n\n      availOutAfter = state[0];\n      availInAfter = state[1];\n\n      const inDelta = availInBefore - availInAfter;\n      const have = availOutBefore - availOutAfter;\n\n      if (have > 0) {\n        const out = (offset === 0 && have === buffer.length\n                     ? buffer\n                     : buffer.slice(offset, offset + have));\n        offset += have;\n        if (!buffers)\n          buffers = out;\n        else if (buffers.push === undefined)\n          buffers = [buffers, out];\n        else\n          buffers.push(out);\n        nread += out.byteLength;\n\n        if (nread > this._maxOutputLength) {\n          _close(this);\n          throw new Error(\n            `Output length exceeded maximum of ${this._maxOutputLength}`\n          );\n        }\n      } else if (have !== 0) {\n        throw new Error('have should not go down');\n      }\n\n      // Exhausted the output buffer, or used all the input create a new one.\n      if (availOutAfter === 0 || offset >= chunkSize) {\n        availOutBefore = chunkSize;\n        offset = 0;\n        buffer = Buffer.allocUnsafe(chunkSize);\n      }\n\n      if (availOutAfter === 0) {\n        // Not actually done. Need to reprocess.\n        // Also, update the availInBefore to the availInAfter value,\n        // so that if we have to hit it a third (fourth, etc.) time,\n        // it'll have the correct byte counts.\n        inOff += inDelta;\n        availInBefore = availInAfter;\n      } else {\n        break;\n      }\n    }\n\n    this._outBuffer = buffer;\n    this._outOffset = offset;\n\n    if (nread === 0)\n      buffers = Buffer.alloc(0);\n\n    if (retChunks) {\n      buffers.totalLen = nread;\n      return buffers;\n    }\n\n    if (buffers.push === undefined)\n      return buffers;\n\n    const output = Buffer.allocUnsafe(nread);\n    for (let i = 0, p = 0; i < buffers.length; ++i) {\n      const buf = buffers[i];\n      output.set(buf, p);\n      p += buf.length;\n    }\n    return output;\n  }\n}\n\nclass ZlibPacketWriter {\n  constructor(protocol) {\n    this.allocStart = 0;\n    this.allocStartKEX = 0;\n    this._protocol = protocol;\n    this._zlib = new Zlib(DEFLATE);\n  }\n\n  cleanup() {\n    if (this._zlib)\n      _close(this._zlib);\n  }\n\n  alloc(payloadSize, force) {\n    return Buffer.allocUnsafe(payloadSize);\n  }\n\n  finalize(payload, force) {\n    if (this._protocol._kexinit === undefined || force) {\n      const output = this._zlib.writeSync(payload, true);\n      const packet = this._protocol._cipher.allocPacket(output.totalLen);\n      if (output.push === undefined) {\n        packet.set(output, 5);\n      } else {\n        for (let i = 0, p = 5; i < output.length; ++i) {\n          const chunk = output[i];\n          packet.set(chunk, p);\n          p += chunk.length;\n        }\n      }\n      return packet;\n    }\n    return payload;\n  }\n}\n\nclass PacketWriter {\n  constructor(protocol) {\n    this.allocStart = 5;\n    this.allocStartKEX = 5;\n    this._protocol = protocol;\n  }\n\n  cleanup() {}\n\n  alloc(payloadSize, force) {\n    if (this._protocol._kexinit === undefined || force)\n      return this._protocol._cipher.allocPacket(payloadSize);\n    return Buffer.allocUnsafe(payloadSize);\n  }\n\n  finalize(packet, force) {\n    return packet;\n  }\n}\n\nclass ZlibPacketReader {\n  constructor() {\n    this._zlib = new Zlib(INFLATE);\n  }\n\n  cleanup() {\n    if (this._zlib)\n      _close(this._zlib);\n  }\n\n  read(data) {\n    return this._zlib.writeSync(data, false);\n  }\n}\n\nclass PacketReader {\n  cleanup() {}\n\n  read(data) {\n    return data;\n  }\n}\n\nmodule.exports = {\n  PacketReader,\n  PacketWriter,\n  ZlibPacketReader,\n  ZlibPacketWriter,\n};\n","// TODO:\n//   * convert listenerCount() usage to emit() return value checking?\n//   * emit error when connection severed early (e.g. before handshake)\n//   * add '.connected' or similar property to connection objects to allow\n//     immediate connection status checking\n'use strict';\n\nconst { Server: netServer } = require('net');\nconst EventEmitter = require('events');\nconst { listenerCount } = EventEmitter;\n\nconst {\n  CHANNEL_OPEN_FAILURE,\n  DEFAULT_CIPHER,\n  DEFAULT_COMPRESSION,\n  DEFAULT_KEX,\n  DEFAULT_MAC,\n  DEFAULT_SERVER_HOST_KEY,\n  DISCONNECT_REASON,\n  DISCONNECT_REASON_BY_VALUE,\n  SUPPORTED_CIPHER,\n  SUPPORTED_COMPRESSION,\n  SUPPORTED_KEX,\n  SUPPORTED_MAC,\n  SUPPORTED_SERVER_HOST_KEY,\n} = require('./protocol/constants.js');\nconst { init: cryptoInit } = require('./protocol/crypto.js');\nconst { KexInit } = require('./protocol/kex.js');\nconst { parseKey } = require('./protocol/keyParser.js');\nconst Protocol = require('./protocol/Protocol.js');\nconst { SFTP } = require('./protocol/SFTP.js');\nconst { writeUInt32BE } = require('./protocol/utils.js');\n\nconst {\n  Channel,\n  MAX_WINDOW,\n  PACKET_SIZE,\n  windowAdjust,\n  WINDOW_THRESHOLD,\n} = require('./Channel.js');\n\nconst {\n  ChannelManager,\n  generateAlgorithmList,\n  isWritable,\n  onChannelOpenFailure,\n  onCHANNEL_CLOSE,\n} = require('./utils.js');\n\nconst MAX_PENDING_AUTHS = 10;\n\nclass AuthContext extends EventEmitter {\n  constructor(protocol, username, service, method, cb) {\n    super();\n\n    this.username = this.user = username;\n    this.service = service;\n    this.method = method;\n    this._initialResponse = false;\n    this._finalResponse = false;\n    this._multistep = false;\n    this._cbfinal = (allowed, methodsLeft, isPartial) => {\n      if (!this._finalResponse) {\n        this._finalResponse = true;\n        cb(this, allowed, methodsLeft, isPartial);\n      }\n    };\n    this._protocol = protocol;\n  }\n\n  accept() {\n    this._cleanup && this._cleanup();\n    this._initialResponse = true;\n    this._cbfinal(true);\n  }\n  reject(methodsLeft, isPartial) {\n    this._cleanup && this._cleanup();\n    this._initialResponse = true;\n    this._cbfinal(false, methodsLeft, isPartial);\n  }\n}\n\n\nclass KeyboardAuthContext extends AuthContext {\n  constructor(protocol, username, service, method, submethods, cb) {\n    super(protocol, username, service, method, cb);\n\n    this._multistep = true;\n\n    this._cb = undefined;\n    this._onInfoResponse = (responses) => {\n      const callback = this._cb;\n      if (callback) {\n        this._cb = undefined;\n        callback(responses);\n      }\n    };\n    this.submethods = submethods;\n    this.on('abort', () => {\n      this._cb && this._cb(new Error('Authentication request aborted'));\n    });\n  }\n\n  prompt(prompts, title, instructions, cb) {\n    if (!Array.isArray(prompts))\n      prompts = [ prompts ];\n\n    if (typeof title === 'function') {\n      cb = title;\n      title = instructions = undefined;\n    } else if (typeof instructions === 'function') {\n      cb = instructions;\n      instructions = undefined;\n    } else if (typeof cb !== 'function') {\n      cb = undefined;\n    }\n\n    for (let i = 0; i < prompts.length; ++i) {\n      if (typeof prompts[i] === 'string') {\n        prompts[i] = {\n          prompt: prompts[i],\n          echo: true\n        };\n      }\n    }\n\n    this._cb = cb;\n    this._initialResponse = true;\n\n    this._protocol.authInfoReq(title, instructions, prompts);\n  }\n}\n\nclass PKAuthContext extends AuthContext {\n  constructor(protocol, username, service, method, pkInfo, cb) {\n    super(protocol, username, service, method, cb);\n\n    this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key };\n    this.signature = pkInfo.signature;\n    this.blob = pkInfo.blob;\n  }\n\n  accept() {\n    if (!this.signature) {\n      this._initialResponse = true;\n      this._protocol.authPKOK(this.key.algo, this.key.data);\n    } else {\n      AuthContext.prototype.accept.call(this);\n    }\n  }\n}\n\nclass HostbasedAuthContext extends AuthContext {\n  constructor(protocol, username, service, method, pkInfo, cb) {\n    super(protocol, username, service, method, cb);\n\n    this.key = { algo: pkInfo.keyAlgo, data: pkInfo.key };\n    this.signature = pkInfo.signature;\n    this.blob = pkInfo.blob;\n    this.localHostname = pkInfo.localHostname;\n    this.localUsername = pkInfo.localUsername;\n  }\n}\n\nclass PwdAuthContext extends AuthContext {\n  constructor(protocol, username, service, method, password, cb) {\n    super(protocol, username, service, method, cb);\n\n    this.password = password;\n    this._changeCb = undefined;\n  }\n\n  requestChange(prompt, cb) {\n    if (this._changeCb)\n      throw new Error('Change request already in progress');\n    if (typeof prompt !== 'string')\n      throw new Error('prompt argument must be a string');\n    if (typeof cb !== 'function')\n      throw new Error('Callback argument must be a function');\n    this._changeCb = cb;\n    this._protocol.authPasswdChg(prompt);\n  }\n}\n\n\nclass Session extends EventEmitter {\n  constructor(client, info, localChan) {\n    super();\n\n    this.type = 'session';\n    this.subtype = undefined;\n    this.server = true;\n    this._ending = false;\n    this._channel = undefined;\n    this._chanInfo = {\n      type: 'session',\n      incoming: {\n        id: localChan,\n        window: MAX_WINDOW,\n        packetSize: PACKET_SIZE,\n        state: 'open'\n      },\n      outgoing: {\n        id: info.sender,\n        window: info.window,\n        packetSize: info.packetSize,\n        state: 'open'\n      }\n    };\n  }\n}\n\n\nclass Server extends EventEmitter {\n  constructor(cfg, listener) {\n    super();\n\n    if (typeof cfg !== 'object' || cfg === null)\n      throw new Error('Missing configuration object');\n\n    const hostKeys = Object.create(null);\n    const hostKeyAlgoOrder = [];\n\n    const hostKeys_ = cfg.hostKeys;\n    if (!Array.isArray(hostKeys_))\n      throw new Error('hostKeys must be an array');\n\n    const cfgAlgos = (\n      typeof cfg.algorithms === 'object' && cfg.algorithms !== null\n      ? cfg.algorithms\n      : {}\n    );\n\n    const hostKeyAlgos = generateAlgorithmList(\n      cfgAlgos.serverHostKey,\n      DEFAULT_SERVER_HOST_KEY,\n      SUPPORTED_SERVER_HOST_KEY\n    );\n    for (let i = 0; i < hostKeys_.length; ++i) {\n      let privateKey;\n      if (Buffer.isBuffer(hostKeys_[i]) || typeof hostKeys_[i] === 'string')\n        privateKey = parseKey(hostKeys_[i]);\n      else\n        privateKey = parseKey(hostKeys_[i].key, hostKeys_[i].passphrase);\n\n      if (privateKey instanceof Error)\n        throw new Error(`Cannot parse privateKey: ${privateKey.message}`);\n\n      if (Array.isArray(privateKey)) {\n        // OpenSSH's newer format only stores 1 key for now\n        privateKey = privateKey[0];\n      }\n\n      if (privateKey.getPrivatePEM() === null)\n        throw new Error('privateKey value contains an invalid private key');\n\n      // Discard key if we already found a key of the same type\n      if (hostKeyAlgoOrder.includes(privateKey.type))\n        continue;\n\n      if (privateKey.type === 'ssh-rsa') {\n        // SSH supports multiple signature hashing algorithms for RSA, so we add\n        // the algorithms in the desired order\n        let sha1Pos = hostKeyAlgos.indexOf('ssh-rsa');\n        const sha256Pos = hostKeyAlgos.indexOf('rsa-sha2-256');\n        const sha512Pos = hostKeyAlgos.indexOf('rsa-sha2-512');\n        if (sha1Pos === -1) {\n          // Fall back to giving SHA1 the lowest priority\n          sha1Pos = Infinity;\n        }\n        [sha1Pos, sha256Pos, sha512Pos].sort(compareNumbers).forEach((pos) => {\n          if (pos === -1)\n            return;\n\n          let type;\n          switch (pos) {\n            case sha1Pos: type = 'ssh-rsa'; break;\n            case sha256Pos: type = 'rsa-sha2-256'; break;\n            case sha512Pos: type = 'rsa-sha2-512'; break;\n            default: return;\n          }\n\n          // Store same RSA key under each hash algorithm name for convenience\n          hostKeys[type] = privateKey;\n\n          hostKeyAlgoOrder.push(type);\n        });\n      } else {\n        hostKeys[privateKey.type] = privateKey;\n        hostKeyAlgoOrder.push(privateKey.type);\n      }\n    }\n\n    const algorithms = {\n      kex: generateAlgorithmList(cfgAlgos.kex, DEFAULT_KEX, SUPPORTED_KEX),\n      serverHostKey: hostKeyAlgoOrder,\n      cs: {\n        cipher: generateAlgorithmList(\n                  cfgAlgos.cipher,\n                  DEFAULT_CIPHER,\n                  SUPPORTED_CIPHER\n                ),\n        mac: generateAlgorithmList(cfgAlgos.hmac, DEFAULT_MAC, SUPPORTED_MAC),\n        compress: generateAlgorithmList(\n                    cfgAlgos.compress,\n                    DEFAULT_COMPRESSION,\n                    SUPPORTED_COMPRESSION\n                  ),\n        lang: [],\n      },\n      sc: undefined,\n    };\n    algorithms.sc = algorithms.cs;\n\n    if (typeof listener === 'function')\n      this.on('connection', listener);\n\n    const origDebug = (typeof cfg.debug === 'function' ? cfg.debug : undefined);\n    const ident = (cfg.ident ? Buffer.from(cfg.ident) : undefined);\n    const offer = new KexInit(algorithms);\n\n    this._srv = new netServer((socket) => {\n      if (this._connections >= this.maxConnections) {\n        socket.destroy();\n        return;\n      }\n      ++this._connections;\n      socket.once('close', () => {\n        --this._connections;\n      });\n\n      let debug;\n      if (origDebug) {\n        // Prepend debug output with a unique identifier in case there are\n        // multiple clients connected at the same time\n        const debugPrefix = `[${process.hrtime().join('.')}] `;\n        debug = (msg) => {\n          origDebug(`${debugPrefix}${msg}`);\n        };\n      }\n\n      // eslint-disable-next-line no-use-before-define\n      new Client(socket, hostKeys, ident, offer, debug, this, cfg);\n    }).on('error', (err) => {\n      this.emit('error', err);\n    }).on('listening', () => {\n      this.emit('listening');\n    }).on('close', () => {\n      this.emit('close');\n    });\n    this._connections = 0;\n    this.maxConnections = Infinity;\n  }\n\n  injectSocket(socket) {\n    this._srv.emit('connection', socket);\n  }\n\n  listen(...args) {\n    this._srv.listen(...args);\n    return this;\n  }\n\n  address() {\n    return this._srv.address();\n  }\n\n  getConnections(cb) {\n    this._srv.getConnections(cb);\n    return this;\n  }\n\n  close(cb) {\n    this._srv.close(cb);\n    return this;\n  }\n\n  ref() {\n    this._srv.ref();\n    return this;\n  }\n\n  unref() {\n    this._srv.unref();\n    return this;\n  }\n}\nServer.KEEPALIVE_CLIENT_INTERVAL = 15000;\nServer.KEEPALIVE_CLIENT_COUNT_MAX = 3;\n\n\nclass Client extends EventEmitter {\n  constructor(socket, hostKeys, ident, offer, debug, server, srvCfg) {\n    super();\n\n    let exchanges = 0;\n    let acceptedAuthSvc = false;\n    let pendingAuths = [];\n    let authCtx;\n    let kaTimer;\n    let onPacket;\n    const unsentGlobalRequestsReplies = [];\n    this._sock = socket;\n    this._chanMgr = new ChannelManager(this);\n    this._debug = debug;\n    this.noMoreSessions = false;\n    this.authenticated = false;\n\n    // Silence pre-header errors\n    function onClientPreHeaderError(err) {}\n    this.on('error', onClientPreHeaderError);\n\n    const DEBUG_HANDLER = (!debug ? undefined : (p, display, msg) => {\n      debug(`Debug output from client: ${JSON.stringify(msg)}`);\n    });\n\n    const kaIntvl = (\n      typeof srvCfg.keepaliveInterval === 'number'\n        && isFinite(srvCfg.keepaliveInterval)\n        && srvCfg.keepaliveInterval > 0\n      ? srvCfg.keepaliveInterval\n      : (\n        typeof Server.KEEPALIVE_CLIENT_INTERVAL === 'number'\n          && isFinite(Server.KEEPALIVE_CLIENT_INTERVAL)\n          && Server.KEEPALIVE_CLIENT_INTERVAL > 0\n        ? Server.KEEPALIVE_CLIENT_INTERVAL\n        : -1\n      )\n    );\n    const kaCountMax = (\n      typeof srvCfg.keepaliveCountMax === 'number'\n        && isFinite(srvCfg.keepaliveCountMax)\n        && srvCfg.keepaliveCountMax >= 0\n      ? srvCfg.keepaliveCountMax\n      : (\n        typeof Server.KEEPALIVE_CLIENT_COUNT_MAX === 'number'\n          && isFinite(Server.KEEPALIVE_CLIENT_COUNT_MAX)\n          && Server.KEEPALIVE_CLIENT_COUNT_MAX >= 0\n        ? Server.KEEPALIVE_CLIENT_COUNT_MAX\n        : -1\n      )\n    );\n    let kaCurCount = 0;\n    if (kaIntvl !== -1 && kaCountMax !== -1) {\n      this.once('ready', () => {\n        const onClose = () => {\n          clearInterval(kaTimer);\n        };\n        this.on('close', onClose).on('end', onClose);\n        kaTimer = setInterval(() => {\n          if (++kaCurCount > kaCountMax) {\n            clearInterval(kaTimer);\n            const err = new Error('Keepalive timeout');\n            err.level = 'client-timeout';\n            this.emit('error', err);\n            this.end();\n          } else {\n            // XXX: if the server ever starts sending real global requests to\n            //      the client, we will need to add a dummy callback here to\n            //      keep the correct reply order\n            proto.ping();\n          }\n        }, kaIntvl);\n      });\n      // TODO: re-verify keepalive behavior with OpenSSH\n      onPacket = () => {\n        kaTimer && kaTimer.refresh();\n        kaCurCount = 0;\n      };\n    }\n\n    const proto = this._protocol = new Protocol({\n      server: true,\n      hostKeys,\n      ident,\n      offer,\n      onPacket,\n      greeting: srvCfg.greeting,\n      banner: srvCfg.banner,\n      onWrite: (data) => {\n        if (isWritable(socket))\n          socket.write(data);\n      },\n      onError: (err) => {\n        if (!proto._destruct)\n          socket.removeAllListeners('data');\n        this.emit('error', err);\n        try {\n          socket.end();\n        } catch {}\n      },\n      onHeader: (header) => {\n        this.removeListener('error', onClientPreHeaderError);\n\n        const info = {\n          ip: socket.remoteAddress,\n          family: socket.remoteFamily,\n          port: socket.remotePort,\n          header,\n        };\n        if (!server.emit('connection', this, info)) {\n          // auto reject\n          proto.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n          socket.end();\n          return;\n        }\n\n        if (header.greeting)\n          this.emit('greeting', header.greeting);\n      },\n      onHandshakeComplete: (negotiated) => {\n        if (++exchanges > 1)\n          this.emit('rekey');\n        this.emit('handshake', negotiated);\n      },\n      debug,\n      messageHandlers: {\n        DEBUG: DEBUG_HANDLER,\n        DISCONNECT: (p, reason, desc) => {\n          if (reason !== DISCONNECT_REASON.BY_APPLICATION) {\n            if (!desc) {\n              desc = DISCONNECT_REASON_BY_VALUE[reason];\n              if (desc === undefined)\n                desc = `Unexpected disconnection reason: ${reason}`;\n            }\n            const err = new Error(desc);\n            err.code = reason;\n            this.emit('error', err);\n          }\n          socket.end();\n        },\n        CHANNEL_OPEN: (p, info) => {\n          // Handle incoming requests from client\n\n          // Do early reject in some cases to prevent wasteful channel\n          // allocation\n          if ((info.type === 'session' && this.noMoreSessions)\n              || !this.authenticated) {\n            const reasonCode = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n            return proto.channelOpenFail(info.sender, reasonCode);\n          }\n\n          let localChan = -1;\n          let reason;\n          let replied = false;\n\n          let accept;\n          const reject = () => {\n            if (replied)\n              return;\n            replied = true;\n\n            if (reason === undefined) {\n              if (localChan === -1)\n                reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n              else\n                reason = CHANNEL_OPEN_FAILURE.CONNECT_FAILED;\n            }\n\n            if (localChan !== -1)\n              this._chanMgr.remove(localChan);\n            proto.channelOpenFail(info.sender, reason, '');\n          };\n          const reserveChannel = () => {\n            localChan = this._chanMgr.add();\n\n            if (localChan === -1) {\n              reason = CHANNEL_OPEN_FAILURE.RESOURCE_SHORTAGE;\n              if (debug) {\n                debug('Automatic rejection of incoming channel open: '\n                        + 'no channels available');\n              }\n            }\n\n            return (localChan !== -1);\n          };\n\n          const data = info.data;\n          switch (info.type) {\n            case 'session':\n              if (listenerCount(this, 'session') && reserveChannel()) {\n                accept = () => {\n                  if (replied)\n                    return;\n                  replied = true;\n\n                  const instance = new Session(this, info, localChan);\n                  this._chanMgr.update(localChan, instance);\n\n                  proto.channelOpenConfirm(info.sender,\n                                           localChan,\n                                           MAX_WINDOW,\n                                           PACKET_SIZE);\n\n                  return instance;\n                };\n\n                this.emit('session', accept, reject);\n                return;\n              }\n              break;\n            case 'direct-tcpip':\n              if (listenerCount(this, 'tcpip') && reserveChannel()) {\n                accept = () => {\n                  if (replied)\n                    return;\n                  replied = true;\n\n                  const chanInfo = {\n                    type: undefined,\n                    incoming: {\n                      id: localChan,\n                      window: MAX_WINDOW,\n                      packetSize: PACKET_SIZE,\n                      state: 'open'\n                    },\n                    outgoing: {\n                      id: info.sender,\n                      window: info.window,\n                      packetSize: info.packetSize,\n                      state: 'open'\n                    }\n                  };\n\n                  const stream = new Channel(this, chanInfo, { server: true });\n                  this._chanMgr.update(localChan, stream);\n\n                  proto.channelOpenConfirm(info.sender,\n                                           localChan,\n                                           MAX_WINDOW,\n                                           PACKET_SIZE);\n\n                  return stream;\n                };\n\n                this.emit('tcpip', accept, reject, data);\n                return;\n              }\n              break;\n            case 'direct-streamlocal@openssh.com':\n              if (listenerCount(this, 'openssh.streamlocal')\n                  && reserveChannel()) {\n                accept = () => {\n                  if (replied)\n                    return;\n                  replied = true;\n\n                  const chanInfo = {\n                    type: undefined,\n                    incoming: {\n                      id: localChan,\n                      window: MAX_WINDOW,\n                      packetSize: PACKET_SIZE,\n                      state: 'open'\n                    },\n                    outgoing: {\n                      id: info.sender,\n                      window: info.window,\n                      packetSize: info.packetSize,\n                      state: 'open'\n                    }\n                  };\n\n                  const stream = new Channel(this, chanInfo, { server: true });\n                  this._chanMgr.update(localChan, stream);\n\n                  proto.channelOpenConfirm(info.sender,\n                                           localChan,\n                                           MAX_WINDOW,\n                                           PACKET_SIZE);\n\n                  return stream;\n                };\n\n                this.emit('openssh.streamlocal', accept, reject, data);\n                return;\n              }\n              break;\n            default:\n              // Automatically reject any unsupported channel open requests\n              reason = CHANNEL_OPEN_FAILURE.UNKNOWN_CHANNEL_TYPE;\n              if (debug) {\n                debug('Automatic rejection of unsupported incoming channel open'\n                        + ` type: ${info.type}`);\n              }\n          }\n\n          if (reason === undefined) {\n            reason = CHANNEL_OPEN_FAILURE.ADMINISTRATIVELY_PROHIBITED;\n            if (debug) {\n              debug('Automatic rejection of unexpected incoming channel open'\n                      + ` for: ${info.type}`);\n            }\n          }\n\n          reject();\n        },\n        CHANNEL_OPEN_CONFIRMATION: (p, info) => {\n          const channel = this._chanMgr.get(info.recipient);\n          if (typeof channel !== 'function')\n            return;\n\n          const chanInfo = {\n            type: channel.type,\n            incoming: {\n              id: info.recipient,\n              window: MAX_WINDOW,\n              packetSize: PACKET_SIZE,\n              state: 'open'\n            },\n            outgoing: {\n              id: info.sender,\n              window: info.window,\n              packetSize: info.packetSize,\n              state: 'open'\n            }\n          };\n\n          const instance = new Channel(this, chanInfo, { server: true });\n          this._chanMgr.update(info.recipient, instance);\n          channel(undefined, instance);\n        },\n        CHANNEL_OPEN_FAILURE: (p, recipient, reason, description) => {\n          const channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'function')\n            return;\n\n          const info = { reason, description };\n          onChannelOpenFailure(this, recipient, info, channel);\n        },\n        CHANNEL_DATA: (p, recipient, data) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          // The remote party should not be sending us data if there is no\n          // window space available ...\n          // TODO: raise error on data with not enough window?\n          if (channel.incoming.window === 0)\n            return;\n\n          channel.incoming.window -= data.length;\n\n          if (channel.push(data) === false) {\n            channel._waitChanDrain = true;\n            return;\n          }\n\n          if (channel.incoming.window <= WINDOW_THRESHOLD)\n            windowAdjust(channel);\n        },\n        CHANNEL_EXTENDED_DATA: (p, recipient, data, type) => {\n          // NOOP -- should not be sent by client\n        },\n        CHANNEL_WINDOW_ADJUST: (p, recipient, amount) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          // The other side is allowing us to send `amount` more bytes of data\n          channel.outgoing.window += amount;\n\n          if (channel._waitWindow) {\n            channel._waitWindow = false;\n\n            if (channel._chunk) {\n              channel._write(channel._chunk, null, channel._chunkcb);\n            } else if (channel._chunkcb) {\n              channel._chunkcb();\n            } else if (channel._chunkErr) {\n              channel.stderr._write(channel._chunkErr,\n                                    null,\n                                    channel._chunkcbErr);\n            } else if (channel._chunkcbErr) {\n              channel._chunkcbErr();\n            }\n          }\n        },\n        CHANNEL_SUCCESS: (p, recipient) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          if (channel._callbacks.length)\n            channel._callbacks.shift()(false);\n        },\n        CHANNEL_FAILURE: (p, recipient) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          if (channel._callbacks.length)\n            channel._callbacks.shift()(true);\n        },\n        CHANNEL_REQUEST: (p, recipient, type, wantReply, data) => {\n          const session = this._chanMgr.get(recipient);\n          if (typeof session !== 'object' || session === null)\n            return;\n\n          let replied = false;\n          let accept;\n          let reject;\n\n          if (session.constructor !== Session) {\n            // normal Channel instance\n            if (wantReply)\n              proto.channelFailure(session.outgoing.id);\n            return;\n          }\n\n          if (wantReply) {\n            // \"real session\" requests will have custom accept behaviors\n            if (type !== 'shell'\n                && type !== 'exec'\n                && type !== 'subsystem') {\n              accept = () => {\n                if (replied || session._ending || session._channel)\n                  return;\n                replied = true;\n\n                proto.channelSuccess(session._chanInfo.outgoing.id);\n              };\n            }\n\n            reject = () => {\n              if (replied || session._ending || session._channel)\n                return;\n              replied = true;\n\n              proto.channelFailure(session._chanInfo.outgoing.id);\n            };\n          }\n\n          if (session._ending) {\n            reject && reject();\n            return;\n          }\n\n          switch (type) {\n            // \"pre-real session start\" requests\n            case 'env':\n              if (listenerCount(session, 'env')) {\n                session.emit('env', accept, reject, {\n                  key: data.name,\n                  val: data.value\n                });\n                return;\n              }\n              break;\n            case 'pty-req':\n              if (listenerCount(session, 'pty')) {\n                session.emit('pty', accept, reject, data);\n                return;\n              }\n              break;\n            case 'window-change':\n              if (listenerCount(session, 'window-change'))\n                session.emit('window-change', accept, reject, data);\n              else\n                reject && reject();\n              break;\n            case 'x11-req':\n              if (listenerCount(session, 'x11')) {\n                session.emit('x11', accept, reject, data);\n                return;\n              }\n              break;\n            // \"post-real session start\" requests\n            case 'signal':\n              if (listenerCount(session, 'signal')) {\n                session.emit('signal', accept, reject, {\n                  name: data\n                });\n                return;\n              }\n              break;\n            // XXX: is `auth-agent-req@openssh.com` really \"post-real session\n            // start\"?\n            case 'auth-agent-req@openssh.com':\n              if (listenerCount(session, 'auth-agent')) {\n                session.emit('auth-agent', accept, reject);\n                return;\n              }\n              break;\n            // \"real session start\" requests\n            case 'shell':\n              if (listenerCount(session, 'shell')) {\n                accept = () => {\n                  if (replied || session._ending || session._channel)\n                    return;\n                  replied = true;\n\n                  if (wantReply)\n                    proto.channelSuccess(session._chanInfo.outgoing.id);\n\n                  const channel = new Channel(\n                    this, session._chanInfo, { server: true }\n                  );\n\n                  channel.subtype = session.subtype = type;\n                  session._channel = channel;\n\n                  return channel;\n                };\n\n                session.emit('shell', accept, reject);\n                return;\n              }\n              break;\n            case 'exec':\n              if (listenerCount(session, 'exec')) {\n                accept = () => {\n                  if (replied || session._ending || session._channel)\n                    return;\n                  replied = true;\n\n                  if (wantReply)\n                    proto.channelSuccess(session._chanInfo.outgoing.id);\n\n                  const channel = new Channel(\n                    this, session._chanInfo, { server: true }\n                  );\n\n                  channel.subtype = session.subtype = type;\n                  session._channel = channel;\n\n                  return channel;\n                };\n\n                session.emit('exec', accept, reject, {\n                  command: data\n                });\n                return;\n              }\n              break;\n            case 'subsystem': {\n              let useSFTP = (data === 'sftp');\n              accept = () => {\n                if (replied || session._ending || session._channel)\n                  return;\n                replied = true;\n\n                if (wantReply)\n                  proto.channelSuccess(session._chanInfo.outgoing.id);\n\n                let instance;\n                if (useSFTP) {\n                  instance = new SFTP(this, session._chanInfo, {\n                    server: true,\n                    debug,\n                  });\n                } else {\n                  instance = new Channel(\n                    this, session._chanInfo, { server: true }\n                  );\n                  instance.subtype =\n                    session.subtype = `${type}:${data}`;\n                }\n                session._channel = instance;\n\n                return instance;\n              };\n\n              if (data === 'sftp') {\n                if (listenerCount(session, 'sftp')) {\n                  session.emit('sftp', accept, reject);\n                  return;\n                }\n                useSFTP = false;\n              }\n              if (listenerCount(session, 'subsystem')) {\n                session.emit('subsystem', accept, reject, {\n                  name: data\n                });\n                return;\n              }\n              break;\n            }\n          }\n          debug && debug(\n            `Automatic rejection of incoming channel request: ${type}`\n          );\n          reject && reject();\n        },\n        CHANNEL_EOF: (p, recipient) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            if (!channel._ending) {\n              channel._ending = true;\n              channel.emit('eof');\n              channel.emit('end');\n            }\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          if (channel.incoming.state !== 'open')\n            return;\n          channel.incoming.state = 'eof';\n\n          if (channel.readable)\n            channel.push(null);\n        },\n        CHANNEL_CLOSE: (p, recipient) => {\n          let channel = this._chanMgr.get(recipient);\n          if (typeof channel !== 'object' || channel === null)\n            return;\n\n          if (channel.constructor === Session) {\n            channel._ending = true;\n            channel.emit('close');\n            channel = channel._channel;\n            if (!channel)\n              return;\n          }\n\n          onCHANNEL_CLOSE(this, recipient, channel);\n        },\n        // Begin service/auth-related ==========================================\n        SERVICE_REQUEST: (p, service) => {\n          if (exchanges === 0\n              || acceptedAuthSvc\n              || this.authenticated\n              || service !== 'ssh-userauth') {\n            proto.disconnect(DISCONNECT_REASON.SERVICE_NOT_AVAILABLE);\n            socket.end();\n            return;\n          }\n\n          acceptedAuthSvc = true;\n          proto.serviceAccept(service);\n        },\n        USERAUTH_REQUEST: (p, username, service, method, methodData) => {\n          if (exchanges === 0\n              || this.authenticated\n              || (authCtx\n                  && (authCtx.username !== username\n                      || authCtx.service !== service))\n                // TODO: support hostbased auth\n              || (method !== 'password'\n                  && method !== 'publickey'\n                  && method !== 'hostbased'\n                  && method !== 'keyboard-interactive'\n                  && method !== 'none')\n              || pendingAuths.length === MAX_PENDING_AUTHS) {\n            proto.disconnect(DISCONNECT_REASON.PROTOCOL_ERROR);\n            socket.end();\n            return;\n          } else if (service !== 'ssh-connection') {\n            proto.disconnect(DISCONNECT_REASON.SERVICE_NOT_AVAILABLE);\n            socket.end();\n            return;\n          }\n\n          let ctx;\n          switch (method) {\n            case 'keyboard-interactive':\n              ctx = new KeyboardAuthContext(proto, username, service, method,\n                                            methodData, onAuthDecide);\n              break;\n            case 'publickey':\n              ctx = new PKAuthContext(proto, username, service, method,\n                                      methodData, onAuthDecide);\n              break;\n            case 'hostbased':\n              ctx = new HostbasedAuthContext(proto, username, service, method,\n                                             methodData, onAuthDecide);\n              break;\n            case 'password':\n              if (authCtx\n                  && authCtx instanceof PwdAuthContext\n                  && authCtx._changeCb) {\n                const cb = authCtx._changeCb;\n                authCtx._changeCb = undefined;\n                cb(methodData.newPassword);\n                return;\n              }\n              ctx = new PwdAuthContext(proto, username, service, method,\n                                       methodData, onAuthDecide);\n              break;\n            case 'none':\n              ctx = new AuthContext(proto, username, service, method,\n                                    onAuthDecide);\n              break;\n          }\n\n          if (authCtx) {\n            if (!authCtx._initialResponse) {\n              return pendingAuths.push(ctx);\n            } else if (authCtx._multistep && !authCtx._finalResponse) {\n              // RFC 4252 says to silently abort the current auth request if a\n              // new auth request comes in before the final response from an\n              // auth method that requires additional request/response exchanges\n              // -- this means keyboard-interactive for now ...\n              authCtx._cleanup && authCtx._cleanup();\n              authCtx.emit('abort');\n            }\n          }\n\n          authCtx = ctx;\n\n          if (listenerCount(this, 'authentication'))\n            this.emit('authentication', authCtx);\n          else\n            authCtx.reject();\n        },\n        USERAUTH_INFO_RESPONSE: (p, responses) => {\n          if (authCtx && authCtx instanceof KeyboardAuthContext)\n            authCtx._onInfoResponse(responses);\n        },\n        // End service/auth-related ============================================\n        GLOBAL_REQUEST: (p, name, wantReply, data) => {\n          const reply = {\n            type: null,\n            buf: null\n          };\n\n          function setReply(type, buf) {\n            reply.type = type;\n            reply.buf = buf;\n            sendReplies();\n          }\n\n          if (wantReply)\n            unsentGlobalRequestsReplies.push(reply);\n\n          if ((name === 'tcpip-forward'\n               || name === 'cancel-tcpip-forward'\n               || name === 'no-more-sessions@openssh.com'\n               || name === 'streamlocal-forward@openssh.com'\n               || name === 'cancel-streamlocal-forward@openssh.com')\n              && listenerCount(this, 'request')\n              && this.authenticated) {\n            let accept;\n            let reject;\n\n            if (wantReply) {\n              let replied = false;\n              accept = (chosenPort) => {\n                if (replied)\n                  return;\n                replied = true;\n                let bufPort;\n                if (name === 'tcpip-forward'\n                    && data.bindPort === 0\n                    && typeof chosenPort === 'number') {\n                  bufPort = Buffer.allocUnsafe(4);\n                  writeUInt32BE(bufPort, chosenPort, 0);\n                }\n                setReply('SUCCESS', bufPort);\n              };\n              reject = () => {\n                if (replied)\n                  return;\n                replied = true;\n                setReply('FAILURE');\n              };\n            }\n\n            if (name === 'no-more-sessions@openssh.com') {\n              this.noMoreSessions = true;\n              accept && accept();\n              return;\n            }\n\n            this.emit('request', accept, reject, name, data);\n          } else if (wantReply) {\n            setReply('FAILURE');\n          }\n        },\n      },\n    });\n\n    socket.pause();\n    cryptoInit.then(() => {\n      proto.start();\n      socket.on('data', (data) => {\n        try {\n          proto.parse(data, 0, data.length);\n        } catch (ex) {\n          this.emit('error', ex);\n          try {\n            if (isWritable(socket))\n              socket.end();\n          } catch {}\n        }\n      });\n      socket.resume();\n    }).catch((err) => {\n      this.emit('error', err);\n      try {\n        if (isWritable(socket))\n          socket.end();\n      } catch {}\n    });\n    socket.on('error', (err) => {\n      err.level = 'socket';\n      this.emit('error', err);\n    }).once('end', () => {\n      debug && debug('Socket ended');\n      proto.cleanup();\n      this.emit('end');\n    }).once('close', () => {\n      debug && debug('Socket closed');\n      proto.cleanup();\n      this.emit('close');\n\n      const err = new Error('No response from server');\n\n      // Simulate error for pending channels and close any open channels\n      this._chanMgr.cleanup(err);\n    });\n\n    const onAuthDecide = (ctx, allowed, methodsLeft, isPartial) => {\n      if (authCtx === ctx && !this.authenticated) {\n        if (allowed) {\n          authCtx = undefined;\n          this.authenticated = true;\n          proto.authSuccess();\n          pendingAuths = [];\n          this.emit('ready');\n        } else {\n          proto.authFailure(methodsLeft, isPartial);\n          if (pendingAuths.length) {\n            authCtx = pendingAuths.pop();\n            if (listenerCount(this, 'authentication'))\n              this.emit('authentication', authCtx);\n            else\n              authCtx.reject();\n          }\n        }\n      }\n    };\n\n    function sendReplies() {\n      while (unsentGlobalRequestsReplies.length > 0\n             && unsentGlobalRequestsReplies[0].type) {\n        const reply = unsentGlobalRequestsReplies.shift();\n        if (reply.type === 'SUCCESS')\n          proto.requestSuccess(reply.buf);\n        if (reply.type === 'FAILURE')\n          proto.requestFailure();\n      }\n    }\n  }\n\n  end() {\n    if (this._sock && isWritable(this._sock)) {\n      this._protocol.disconnect(DISCONNECT_REASON.BY_APPLICATION);\n      this._sock.end();\n    }\n    return this;\n  }\n\n  x11(originAddr, originPort, cb) {\n    const opts = { originAddr, originPort };\n    openChannel(this, 'x11', opts, cb);\n    return this;\n  }\n\n  forwardOut(boundAddr, boundPort, remoteAddr, remotePort, cb) {\n    const opts = { boundAddr, boundPort, remoteAddr, remotePort };\n    openChannel(this, 'forwarded-tcpip', opts, cb);\n    return this;\n  }\n\n  openssh_forwardOutStreamLocal(socketPath, cb) {\n    const opts = { socketPath };\n    openChannel(this, 'forwarded-streamlocal@openssh.com', opts, cb);\n    return this;\n  }\n\n  rekey(cb) {\n    let error;\n\n    try {\n      this._protocol.rekey();\n    } catch (ex) {\n      error = ex;\n    }\n\n    // TODO: re-throw error if no callback?\n\n    if (typeof cb === 'function') {\n      if (error)\n        process.nextTick(cb, error);\n      else\n        this.once('rekey', cb);\n    }\n  }\n}\n\n\nfunction openChannel(self, type, opts, cb) {\n  // Ask the client to open a channel for some purpose (e.g. a forwarded TCP\n  // connection)\n  const initWindow = MAX_WINDOW;\n  const maxPacket = PACKET_SIZE;\n\n  if (typeof opts === 'function') {\n    cb = opts;\n    opts = {};\n  }\n\n  const wrapper = (err, stream) => {\n    cb(err, stream);\n  };\n  wrapper.type = type;\n\n  const localChan = self._chanMgr.add(wrapper);\n\n  if (localChan === -1) {\n    cb(new Error('No free channels available'));\n    return;\n  }\n\n  switch (type) {\n    case 'forwarded-tcpip':\n      self._protocol.forwardedTcpip(localChan, initWindow, maxPacket, opts);\n      break;\n    case 'x11':\n      self._protocol.x11(localChan, initWindow, maxPacket, opts);\n      break;\n    case 'forwarded-streamlocal@openssh.com':\n      self._protocol.openssh_forwardedStreamLocal(\n        localChan, initWindow, maxPacket, opts\n      );\n      break;\n    default:\n      throw new Error(`Unsupported channel type: ${type}`);\n  }\n}\n\nfunction compareNumbers(a, b) {\n  return a - b;\n}\n\nmodule.exports = Server;\nmodule.exports.IncomingClient = Client;\n","'use strict';\n\nconst { SFTP } = require('./protocol/SFTP.js');\n\nconst MAX_CHANNEL = 2 ** 32 - 1;\n\nfunction onChannelOpenFailure(self, recipient, info, cb) {\n  self._chanMgr.remove(recipient);\n  if (typeof cb !== 'function')\n    return;\n\n  let err;\n  if (info instanceof Error) {\n    err = info;\n  } else if (typeof info === 'object' && info !== null) {\n    err = new Error(`(SSH) Channel open failure: ${info.description}`);\n    err.reason = info.reason;\n  } else {\n    err = new Error(\n      '(SSH) Channel open failure: server closed channel unexpectedly'\n    );\n    err.reason = '';\n  }\n\n  cb(err);\n}\n\nfunction onCHANNEL_CLOSE(self, recipient, channel, err, dead) {\n  if (typeof channel === 'function') {\n    // We got CHANNEL_CLOSE instead of CHANNEL_OPEN_FAILURE when\n    // requesting to open a channel\n    onChannelOpenFailure(self, recipient, err, channel);\n    return;\n  }\n\n  if (typeof channel !== 'object' || channel === null)\n    return;\n\n  if (channel.incoming && channel.incoming.state === 'closed')\n    return;\n\n  self._chanMgr.remove(recipient);\n\n  if (channel.server && channel.constructor.name === 'Session')\n    return;\n\n  channel.incoming.state = 'closed';\n\n  if (channel.readable)\n    channel.push(null);\n  if (channel.server) {\n    if (channel.stderr.writable)\n      channel.stderr.end();\n  } else if (channel.stderr.readable) {\n    channel.stderr.push(null);\n  }\n\n  if (channel.constructor !== SFTP\n      && (channel.outgoing.state === 'open'\n          || channel.outgoing.state === 'eof')\n      && !dead) {\n    channel.close();\n  }\n  if (channel.outgoing.state === 'closing')\n    channel.outgoing.state = 'closed';\n\n  const readState = channel._readableState;\n  const writeState = channel._writableState;\n  if (writeState && !writeState.ending && !writeState.finished && !dead)\n    channel.end();\n\n  // Take care of any outstanding channel requests\n  const chanCallbacks = channel._callbacks;\n  channel._callbacks = [];\n  for (let i = 0; i < chanCallbacks.length; ++i)\n    chanCallbacks[i](true);\n\n  if (channel.server) {\n    if (!channel.readable\n        || channel.destroyed\n        || (readState && readState.endEmitted)) {\n      channel.emit('close');\n    } else {\n      channel.once('end', () => channel.emit('close'));\n    }\n  } else {\n    let doClose;\n    switch (channel.type) {\n      case 'direct-streamlocal@openssh.com':\n      case 'direct-tcpip':\n        doClose = () => channel.emit('close');\n        break;\n      default: {\n        // Align more with node child processes, where the close event gets\n        // the same arguments as the exit event\n        const exit = channel._exit;\n        doClose = () => {\n          if (exit.code === null)\n            channel.emit('close', exit.code, exit.signal, exit.dump, exit.desc);\n          else\n            channel.emit('close', exit.code);\n        };\n      }\n    }\n    if (!channel.readable\n        || channel.destroyed\n        || (readState && readState.endEmitted)) {\n      doClose();\n    } else {\n      channel.once('end', doClose);\n    }\n\n    const errReadState = channel.stderr._readableState;\n    if (!channel.stderr.readable\n        || channel.stderr.destroyed\n        || (errReadState && errReadState.endEmitted)) {\n      channel.stderr.emit('close');\n    } else {\n      channel.stderr.once('end', () => channel.stderr.emit('close'));\n    }\n  }\n}\n\nclass ChannelManager {\n  constructor(client) {\n    this._client = client;\n    this._channels = {};\n    this._cur = -1;\n    this._count = 0;\n  }\n  add(val) {\n    // Attempt to reserve an id\n\n    let id;\n    // Optimized paths\n    if (this._cur < MAX_CHANNEL) {\n      id = ++this._cur;\n    } else if (this._count === 0) {\n      // Revert and reset back to fast path once we no longer have any channels\n      // open\n      this._cur = 0;\n      id = 0;\n    } else {\n      // Slower lookup path\n\n      // This path is triggered we have opened at least MAX_CHANNEL channels\n      // while having at least one channel open at any given time, so we have\n      // to search for a free id.\n      const channels = this._channels;\n      for (let i = 0; i < MAX_CHANNEL; ++i) {\n        if (channels[i] === undefined) {\n          id = i;\n          break;\n        }\n      }\n    }\n\n    if (id === undefined)\n      return -1;\n\n    this._channels[id] = (val || true);\n    ++this._count;\n\n    return id;\n  }\n  update(id, val) {\n    if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n      throw new Error(`Invalid channel id: ${id}`);\n\n    if (val && this._channels[id])\n      this._channels[id] = val;\n  }\n  get(id) {\n    if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n      throw new Error(`Invalid channel id: ${id}`);\n\n    return this._channels[id];\n  }\n  remove(id) {\n    if (typeof id !== 'number' || id < 0 || id >= MAX_CHANNEL || !isFinite(id))\n      throw new Error(`Invalid channel id: ${id}`);\n\n    if (this._channels[id]) {\n      delete this._channels[id];\n      if (this._count)\n        --this._count;\n    }\n  }\n  cleanup(err) {\n    const channels = this._channels;\n    this._channels = {};\n    this._cur = -1;\n    this._count = 0;\n\n    const chanIDs = Object.keys(channels);\n    const client = this._client;\n    for (let i = 0; i < chanIDs.length; ++i) {\n      const id = +chanIDs[i];\n      const channel = channels[id];\n      onCHANNEL_CLOSE(client, id, channel._channel || channel, err, true);\n    }\n  }\n}\n\nconst isRegExp = (() => {\n  const toString = Object.prototype.toString;\n  return (val) => toString.call(val) === '[object RegExp]';\n})();\n\nfunction generateAlgorithmList(algoList, defaultList, supportedList) {\n  if (Array.isArray(algoList) && algoList.length > 0) {\n    // Exact list\n    for (let i = 0; i < algoList.length; ++i) {\n      if (supportedList.indexOf(algoList[i]) === -1)\n        throw new Error(`Unsupported algorithm: ${algoList[i]}`);\n    }\n    return algoList;\n  }\n\n  if (typeof algoList === 'object' && algoList !== null) {\n    // Operations based on the default list\n    const keys = Object.keys(algoList);\n    let list = defaultList;\n    for (let i = 0; i < keys.length; ++i) {\n      const key = keys[i];\n      let val = algoList[key];\n      switch (key) {\n        case 'append':\n          if (!Array.isArray(val))\n            val = [val];\n          if (Array.isArray(val)) {\n            for (let j = 0; j < val.length; ++j) {\n              const append = val[j];\n              if (typeof append === 'string') {\n                if (!append || list.indexOf(append) !== -1)\n                  continue;\n                if (supportedList.indexOf(append) === -1)\n                  throw new Error(`Unsupported algorithm: ${append}`);\n                if (list === defaultList)\n                  list = list.slice();\n                list.push(append);\n              } else if (isRegExp(append)) {\n                for (let k = 0; k < supportedList.length; ++k) {\n                  const algo = supportedList[k];\n                  if (append.test(algo)) {\n                    if (list.indexOf(algo) !== -1)\n                      continue;\n                    if (list === defaultList)\n                      list = list.slice();\n                    list.push(algo);\n                  }\n                }\n              }\n            }\n          }\n          break;\n        case 'prepend':\n          if (!Array.isArray(val))\n            val = [val];\n          if (Array.isArray(val)) {\n            for (let j = val.length; j >= 0; --j) {\n              const prepend = val[j];\n              if (typeof prepend === 'string') {\n                if (!prepend || list.indexOf(prepend) !== -1)\n                  continue;\n                if (supportedList.indexOf(prepend) === -1)\n                  throw new Error(`Unsupported algorithm: ${prepend}`);\n                if (list === defaultList)\n                  list = list.slice();\n                list.unshift(prepend);\n              } else if (isRegExp(prepend)) {\n                for (let k = supportedList.length; k >= 0; --k) {\n                  const algo = supportedList[k];\n                  if (prepend.test(algo)) {\n                    if (list.indexOf(algo) !== -1)\n                      continue;\n                    if (list === defaultList)\n                      list = list.slice();\n                    list.unshift(algo);\n                  }\n                }\n              }\n            }\n          }\n          break;\n        case 'remove':\n          if (!Array.isArray(val))\n            val = [val];\n          if (Array.isArray(val)) {\n            for (let j = 0; j < val.length; ++j) {\n              const search = val[j];\n              if (typeof search === 'string') {\n                if (!search)\n                  continue;\n                const idx = list.indexOf(search);\n                if (idx === -1)\n                  continue;\n                if (list === defaultList)\n                  list = list.slice();\n                list.splice(idx, 1);\n              } else if (isRegExp(search)) {\n                for (let k = 0; k < list.length; ++k) {\n                  if (search.test(list[k])) {\n                    if (list === defaultList)\n                      list = list.slice();\n                    list.splice(k, 1);\n                    --k;\n                  }\n                }\n              }\n            }\n          }\n          break;\n      }\n    }\n\n    return list;\n  }\n\n  return defaultList;\n}\n\nmodule.exports = {\n  ChannelManager,\n  generateAlgorithmList,\n  onChannelOpenFailure,\n  onCHANNEL_CLOSE,\n  isWritable: (stream) => {\n    // XXX: hack to workaround regression in node\n    // See: https://github.com/nodejs/node/issues/36029\n    return (stream\n            && stream.writable\n            && stream._readableState\n            && stream._readableState.ended === false);\n  },\n};\n","module.exports = require('./lib/tunnel');\n","'use strict';\n\nvar net = require('net');\nvar tls = require('tls');\nvar http = require('http');\nvar https = require('https');\nvar events = require('events');\nvar assert = require('assert');\nvar util = require('util');\n\n\nexports.httpOverHttp = httpOverHttp;\nexports.httpsOverHttp = httpsOverHttp;\nexports.httpOverHttps = httpOverHttps;\nexports.httpsOverHttps = httpsOverHttps;\n\n\nfunction httpOverHttp(options) {\n  var agent = new TunnelingAgent(options);\n  agent.request = http.request;\n  return agent;\n}\n\nfunction httpsOverHttp(options) {\n  var agent = new TunnelingAgent(options);\n  agent.request = http.request;\n  agent.createSocket = createSecureSocket;\n  agent.defaultPort = 443;\n  return agent;\n}\n\nfunction httpOverHttps(options) {\n  var agent = new TunnelingAgent(options);\n  agent.request = https.request;\n  return agent;\n}\n\nfunction httpsOverHttps(options) {\n  var agent = new TunnelingAgent(options);\n  agent.request = https.request;\n  agent.createSocket = createSecureSocket;\n  agent.defaultPort = 443;\n  return agent;\n}\n\n\nfunction TunnelingAgent(options) {\n  var self = this;\n  self.options = options || {};\n  self.proxyOptions = self.options.proxy || {};\n  self.maxSockets = self.options.maxSockets || http.Agent.defaultMaxSockets;\n  self.requests = [];\n  self.sockets = [];\n\n  self.on('free', function onFree(socket, host, port, localAddress) {\n    var options = toOptions(host, port, localAddress);\n    for (var i = 0, len = self.requests.length; i < len; ++i) {\n      var pending = self.requests[i];\n      if (pending.host === options.host && pending.port === options.port) {\n        // Detect the request to connect same origin server,\n        // reuse the connection.\n        self.requests.splice(i, 1);\n        pending.request.onSocket(socket);\n        return;\n      }\n    }\n    socket.destroy();\n    self.removeSocket(socket);\n  });\n}\nutil.inherits(TunnelingAgent, events.EventEmitter);\n\nTunnelingAgent.prototype.addRequest = function addRequest(req, host, port, localAddress) {\n  var self = this;\n  var options = mergeOptions({request: req}, self.options, toOptions(host, port, localAddress));\n\n  if (self.sockets.length >= this.maxSockets) {\n    // We are over limit so we'll add it to the queue.\n    self.requests.push(options);\n    return;\n  }\n\n  // If we are under maxSockets create a new one.\n  self.createSocket(options, function(socket) {\n    socket.on('free', onFree);\n    socket.on('close', onCloseOrRemove);\n    socket.on('agentRemove', onCloseOrRemove);\n    req.onSocket(socket);\n\n    function onFree() {\n      self.emit('free', socket, options);\n    }\n\n    function onCloseOrRemove(err) {\n      self.removeSocket(socket);\n      socket.removeListener('free', onFree);\n      socket.removeListener('close', onCloseOrRemove);\n      socket.removeListener('agentRemove', onCloseOrRemove);\n    }\n  });\n};\n\nTunnelingAgent.prototype.createSocket = function createSocket(options, cb) {\n  var self = this;\n  var placeholder = {};\n  self.sockets.push(placeholder);\n\n  var connectOptions = mergeOptions({}, self.proxyOptions, {\n    method: 'CONNECT',\n    path: options.host + ':' + options.port,\n    agent: false,\n    headers: {\n      host: options.host + ':' + options.port\n    }\n  });\n  if (options.localAddress) {\n    connectOptions.localAddress = options.localAddress;\n  }\n  if (connectOptions.proxyAuth) {\n    connectOptions.headers = connectOptions.headers || {};\n    connectOptions.headers['Proxy-Authorization'] = 'Basic ' +\n        new Buffer(connectOptions.proxyAuth).toString('base64');\n  }\n\n  debug('making CONNECT request');\n  var connectReq = self.request(connectOptions);\n  connectReq.useChunkedEncodingByDefault = false; // for v0.6\n  connectReq.once('response', onResponse); // for v0.6\n  connectReq.once('upgrade', onUpgrade);   // for v0.6\n  connectReq.once('connect', onConnect);   // for v0.7 or later\n  connectReq.once('error', onError);\n  connectReq.end();\n\n  function onResponse(res) {\n    // Very hacky. This is necessary to avoid http-parser leaks.\n    res.upgrade = true;\n  }\n\n  function onUpgrade(res, socket, head) {\n    // Hacky.\n    process.nextTick(function() {\n      onConnect(res, socket, head);\n    });\n  }\n\n  function onConnect(res, socket, head) {\n    connectReq.removeAllListeners();\n    socket.removeAllListeners();\n\n    if (res.statusCode !== 200) {\n      debug('tunneling socket could not be established, statusCode=%d',\n        res.statusCode);\n      socket.destroy();\n      var error = new Error('tunneling socket could not be established, ' +\n        'statusCode=' + res.statusCode);\n      error.code = 'ECONNRESET';\n      options.request.emit('error', error);\n      self.removeSocket(placeholder);\n      return;\n    }\n    if (head.length > 0) {\n      debug('got illegal response body from proxy');\n      socket.destroy();\n      var error = new Error('got illegal response body from proxy');\n      error.code = 'ECONNRESET';\n      options.request.emit('error', error);\n      self.removeSocket(placeholder);\n      return;\n    }\n    debug('tunneling connection has established');\n    self.sockets[self.sockets.indexOf(placeholder)] = socket;\n    return cb(socket);\n  }\n\n  function onError(cause) {\n    connectReq.removeAllListeners();\n\n    debug('tunneling socket could not be established, cause=%s\\n',\n          cause.message, cause.stack);\n    var error = new Error('tunneling socket could not be established, ' +\n                          'cause=' + cause.message);\n    error.code = 'ECONNRESET';\n    options.request.emit('error', error);\n    self.removeSocket(placeholder);\n  }\n};\n\nTunnelingAgent.prototype.removeSocket = function removeSocket(socket) {\n  var pos = this.sockets.indexOf(socket)\n  if (pos === -1) {\n    return;\n  }\n  this.sockets.splice(pos, 1);\n\n  var pending = this.requests.shift();\n  if (pending) {\n    // If we have pending requests and a socket gets closed a new one\n    // needs to be created to take over in the pool for the one that closed.\n    this.createSocket(pending, function(socket) {\n      pending.request.onSocket(socket);\n    });\n  }\n};\n\nfunction createSecureSocket(options, cb) {\n  var self = this;\n  TunnelingAgent.prototype.createSocket.call(self, options, function(socket) {\n    var hostHeader = options.request.getHeader('host');\n    var tlsOptions = mergeOptions({}, self.options, {\n      socket: socket,\n      servername: hostHeader ? hostHeader.replace(/:.*$/, '') : options.host\n    });\n\n    // 0 is dummy port for v0.6\n    var secureSocket = tls.connect(0, tlsOptions);\n    self.sockets[self.sockets.indexOf(socket)] = secureSocket;\n    cb(secureSocket);\n  });\n}\n\n\nfunction toOptions(host, port, localAddress) {\n  if (typeof host === 'string') { // since v0.10\n    return {\n      host: host,\n      port: port,\n      localAddress: localAddress\n    };\n  }\n  return host; // for v0.11 or later\n}\n\nfunction mergeOptions(target) {\n  for (var i = 1, len = arguments.length; i < len; ++i) {\n    var overrides = arguments[i];\n    if (typeof overrides === 'object') {\n      var keys = Object.keys(overrides);\n      for (var j = 0, keyLen = keys.length; j < keyLen; ++j) {\n        var k = keys[j];\n        if (overrides[k] !== undefined) {\n          target[k] = overrides[k];\n        }\n      }\n    }\n  }\n  return target;\n}\n\n\nvar debug;\nif (process.env.NODE_DEBUG && /\\btunnel\\b/.test(process.env.NODE_DEBUG)) {\n  debug = function() {\n    var args = Array.prototype.slice.call(arguments);\n    if (typeof args[0] === 'string') {\n      args[0] = 'TUNNEL: ' + args[0];\n    } else {\n      args.unshift('TUNNEL:');\n    }\n    console.error.apply(console, args);\n  }\n} else {\n  debug = function() {};\n}\nexports.debug = debug; // for test\n","(function(nacl) {\n'use strict';\n\n// Ported in 2014 by Dmitry Chestnykh and Devi Mandiri.\n// Public domain.\n//\n// Implementation derived from TweetNaCl version 20140427.\n// See for details: http://tweetnacl.cr.yp.to/\n\nvar gf = function(init) {\n  var i, r = new Float64Array(16);\n  if (init) for (i = 0; i < init.length; i++) r[i] = init[i];\n  return r;\n};\n\n//  Pluggable, initialized in high-level API below.\nvar randombytes = function(/* x, n */) { throw new Error('no PRNG'); };\n\nvar _0 = new Uint8Array(16);\nvar _9 = new Uint8Array(32); _9[0] = 9;\n\nvar gf0 = gf(),\n    gf1 = gf([1]),\n    _121665 = gf([0xdb41, 1]),\n    D = gf([0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203]),\n    D2 = gf([0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406]),\n    X = gf([0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169]),\n    Y = gf([0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666]),\n    I = gf([0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83]);\n\nfunction ts64(x, i, h, l) {\n  x[i]   = (h >> 24) & 0xff;\n  x[i+1] = (h >> 16) & 0xff;\n  x[i+2] = (h >>  8) & 0xff;\n  x[i+3] = h & 0xff;\n  x[i+4] = (l >> 24)  & 0xff;\n  x[i+5] = (l >> 16)  & 0xff;\n  x[i+6] = (l >>  8)  & 0xff;\n  x[i+7] = l & 0xff;\n}\n\nfunction vn(x, xi, y, yi, n) {\n  var i,d = 0;\n  for (i = 0; i < n; i++) d |= x[xi+i]^y[yi+i];\n  return (1 & ((d - 1) >>> 8)) - 1;\n}\n\nfunction crypto_verify_16(x, xi, y, yi) {\n  return vn(x,xi,y,yi,16);\n}\n\nfunction crypto_verify_32(x, xi, y, yi) {\n  return vn(x,xi,y,yi,32);\n}\n\nfunction core_salsa20(o, p, k, c) {\n  var j0  = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,\n      j1  = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,\n      j2  = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,\n      j3  = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,\n      j4  = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,\n      j5  = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,\n      j6  = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,\n      j7  = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,\n      j8  = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,\n      j9  = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,\n      j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,\n      j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,\n      j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,\n      j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,\n      j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,\n      j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;\n\n  var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,\n      x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,\n      x15 = j15, u;\n\n  for (var i = 0; i < 20; i += 2) {\n    u = x0 + x12 | 0;\n    x4 ^= u<<7 | u>>>(32-7);\n    u = x4 + x0 | 0;\n    x8 ^= u<<9 | u>>>(32-9);\n    u = x8 + x4 | 0;\n    x12 ^= u<<13 | u>>>(32-13);\n    u = x12 + x8 | 0;\n    x0 ^= u<<18 | u>>>(32-18);\n\n    u = x5 + x1 | 0;\n    x9 ^= u<<7 | u>>>(32-7);\n    u = x9 + x5 | 0;\n    x13 ^= u<<9 | u>>>(32-9);\n    u = x13 + x9 | 0;\n    x1 ^= u<<13 | u>>>(32-13);\n    u = x1 + x13 | 0;\n    x5 ^= u<<18 | u>>>(32-18);\n\n    u = x10 + x6 | 0;\n    x14 ^= u<<7 | u>>>(32-7);\n    u = x14 + x10 | 0;\n    x2 ^= u<<9 | u>>>(32-9);\n    u = x2 + x14 | 0;\n    x6 ^= u<<13 | u>>>(32-13);\n    u = x6 + x2 | 0;\n    x10 ^= u<<18 | u>>>(32-18);\n\n    u = x15 + x11 | 0;\n    x3 ^= u<<7 | u>>>(32-7);\n    u = x3 + x15 | 0;\n    x7 ^= u<<9 | u>>>(32-9);\n    u = x7 + x3 | 0;\n    x11 ^= u<<13 | u>>>(32-13);\n    u = x11 + x7 | 0;\n    x15 ^= u<<18 | u>>>(32-18);\n\n    u = x0 + x3 | 0;\n    x1 ^= u<<7 | u>>>(32-7);\n    u = x1 + x0 | 0;\n    x2 ^= u<<9 | u>>>(32-9);\n    u = x2 + x1 | 0;\n    x3 ^= u<<13 | u>>>(32-13);\n    u = x3 + x2 | 0;\n    x0 ^= u<<18 | u>>>(32-18);\n\n    u = x5 + x4 | 0;\n    x6 ^= u<<7 | u>>>(32-7);\n    u = x6 + x5 | 0;\n    x7 ^= u<<9 | u>>>(32-9);\n    u = x7 + x6 | 0;\n    x4 ^= u<<13 | u>>>(32-13);\n    u = x4 + x7 | 0;\n    x5 ^= u<<18 | u>>>(32-18);\n\n    u = x10 + x9 | 0;\n    x11 ^= u<<7 | u>>>(32-7);\n    u = x11 + x10 | 0;\n    x8 ^= u<<9 | u>>>(32-9);\n    u = x8 + x11 | 0;\n    x9 ^= u<<13 | u>>>(32-13);\n    u = x9 + x8 | 0;\n    x10 ^= u<<18 | u>>>(32-18);\n\n    u = x15 + x14 | 0;\n    x12 ^= u<<7 | u>>>(32-7);\n    u = x12 + x15 | 0;\n    x13 ^= u<<9 | u>>>(32-9);\n    u = x13 + x12 | 0;\n    x14 ^= u<<13 | u>>>(32-13);\n    u = x14 + x13 | 0;\n    x15 ^= u<<18 | u>>>(32-18);\n  }\n   x0 =  x0 +  j0 | 0;\n   x1 =  x1 +  j1 | 0;\n   x2 =  x2 +  j2 | 0;\n   x3 =  x3 +  j3 | 0;\n   x4 =  x4 +  j4 | 0;\n   x5 =  x5 +  j5 | 0;\n   x6 =  x6 +  j6 | 0;\n   x7 =  x7 +  j7 | 0;\n   x8 =  x8 +  j8 | 0;\n   x9 =  x9 +  j9 | 0;\n  x10 = x10 + j10 | 0;\n  x11 = x11 + j11 | 0;\n  x12 = x12 + j12 | 0;\n  x13 = x13 + j13 | 0;\n  x14 = x14 + j14 | 0;\n  x15 = x15 + j15 | 0;\n\n  o[ 0] = x0 >>>  0 & 0xff;\n  o[ 1] = x0 >>>  8 & 0xff;\n  o[ 2] = x0 >>> 16 & 0xff;\n  o[ 3] = x0 >>> 24 & 0xff;\n\n  o[ 4] = x1 >>>  0 & 0xff;\n  o[ 5] = x1 >>>  8 & 0xff;\n  o[ 6] = x1 >>> 16 & 0xff;\n  o[ 7] = x1 >>> 24 & 0xff;\n\n  o[ 8] = x2 >>>  0 & 0xff;\n  o[ 9] = x2 >>>  8 & 0xff;\n  o[10] = x2 >>> 16 & 0xff;\n  o[11] = x2 >>> 24 & 0xff;\n\n  o[12] = x3 >>>  0 & 0xff;\n  o[13] = x3 >>>  8 & 0xff;\n  o[14] = x3 >>> 16 & 0xff;\n  o[15] = x3 >>> 24 & 0xff;\n\n  o[16] = x4 >>>  0 & 0xff;\n  o[17] = x4 >>>  8 & 0xff;\n  o[18] = x4 >>> 16 & 0xff;\n  o[19] = x4 >>> 24 & 0xff;\n\n  o[20] = x5 >>>  0 & 0xff;\n  o[21] = x5 >>>  8 & 0xff;\n  o[22] = x5 >>> 16 & 0xff;\n  o[23] = x5 >>> 24 & 0xff;\n\n  o[24] = x6 >>>  0 & 0xff;\n  o[25] = x6 >>>  8 & 0xff;\n  o[26] = x6 >>> 16 & 0xff;\n  o[27] = x6 >>> 24 & 0xff;\n\n  o[28] = x7 >>>  0 & 0xff;\n  o[29] = x7 >>>  8 & 0xff;\n  o[30] = x7 >>> 16 & 0xff;\n  o[31] = x7 >>> 24 & 0xff;\n\n  o[32] = x8 >>>  0 & 0xff;\n  o[33] = x8 >>>  8 & 0xff;\n  o[34] = x8 >>> 16 & 0xff;\n  o[35] = x8 >>> 24 & 0xff;\n\n  o[36] = x9 >>>  0 & 0xff;\n  o[37] = x9 >>>  8 & 0xff;\n  o[38] = x9 >>> 16 & 0xff;\n  o[39] = x9 >>> 24 & 0xff;\n\n  o[40] = x10 >>>  0 & 0xff;\n  o[41] = x10 >>>  8 & 0xff;\n  o[42] = x10 >>> 16 & 0xff;\n  o[43] = x10 >>> 24 & 0xff;\n\n  o[44] = x11 >>>  0 & 0xff;\n  o[45] = x11 >>>  8 & 0xff;\n  o[46] = x11 >>> 16 & 0xff;\n  o[47] = x11 >>> 24 & 0xff;\n\n  o[48] = x12 >>>  0 & 0xff;\n  o[49] = x12 >>>  8 & 0xff;\n  o[50] = x12 >>> 16 & 0xff;\n  o[51] = x12 >>> 24 & 0xff;\n\n  o[52] = x13 >>>  0 & 0xff;\n  o[53] = x13 >>>  8 & 0xff;\n  o[54] = x13 >>> 16 & 0xff;\n  o[55] = x13 >>> 24 & 0xff;\n\n  o[56] = x14 >>>  0 & 0xff;\n  o[57] = x14 >>>  8 & 0xff;\n  o[58] = x14 >>> 16 & 0xff;\n  o[59] = x14 >>> 24 & 0xff;\n\n  o[60] = x15 >>>  0 & 0xff;\n  o[61] = x15 >>>  8 & 0xff;\n  o[62] = x15 >>> 16 & 0xff;\n  o[63] = x15 >>> 24 & 0xff;\n}\n\nfunction core_hsalsa20(o,p,k,c) {\n  var j0  = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,\n      j1  = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,\n      j2  = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,\n      j3  = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,\n      j4  = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,\n      j5  = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,\n      j6  = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,\n      j7  = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,\n      j8  = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,\n      j9  = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,\n      j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,\n      j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,\n      j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,\n      j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,\n      j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,\n      j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;\n\n  var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,\n      x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,\n      x15 = j15, u;\n\n  for (var i = 0; i < 20; i += 2) {\n    u = x0 + x12 | 0;\n    x4 ^= u<<7 | u>>>(32-7);\n    u = x4 + x0 | 0;\n    x8 ^= u<<9 | u>>>(32-9);\n    u = x8 + x4 | 0;\n    x12 ^= u<<13 | u>>>(32-13);\n    u = x12 + x8 | 0;\n    x0 ^= u<<18 | u>>>(32-18);\n\n    u = x5 + x1 | 0;\n    x9 ^= u<<7 | u>>>(32-7);\n    u = x9 + x5 | 0;\n    x13 ^= u<<9 | u>>>(32-9);\n    u = x13 + x9 | 0;\n    x1 ^= u<<13 | u>>>(32-13);\n    u = x1 + x13 | 0;\n    x5 ^= u<<18 | u>>>(32-18);\n\n    u = x10 + x6 | 0;\n    x14 ^= u<<7 | u>>>(32-7);\n    u = x14 + x10 | 0;\n    x2 ^= u<<9 | u>>>(32-9);\n    u = x2 + x14 | 0;\n    x6 ^= u<<13 | u>>>(32-13);\n    u = x6 + x2 | 0;\n    x10 ^= u<<18 | u>>>(32-18);\n\n    u = x15 + x11 | 0;\n    x3 ^= u<<7 | u>>>(32-7);\n    u = x3 + x15 | 0;\n    x7 ^= u<<9 | u>>>(32-9);\n    u = x7 + x3 | 0;\n    x11 ^= u<<13 | u>>>(32-13);\n    u = x11 + x7 | 0;\n    x15 ^= u<<18 | u>>>(32-18);\n\n    u = x0 + x3 | 0;\n    x1 ^= u<<7 | u>>>(32-7);\n    u = x1 + x0 | 0;\n    x2 ^= u<<9 | u>>>(32-9);\n    u = x2 + x1 | 0;\n    x3 ^= u<<13 | u>>>(32-13);\n    u = x3 + x2 | 0;\n    x0 ^= u<<18 | u>>>(32-18);\n\n    u = x5 + x4 | 0;\n    x6 ^= u<<7 | u>>>(32-7);\n    u = x6 + x5 | 0;\n    x7 ^= u<<9 | u>>>(32-9);\n    u = x7 + x6 | 0;\n    x4 ^= u<<13 | u>>>(32-13);\n    u = x4 + x7 | 0;\n    x5 ^= u<<18 | u>>>(32-18);\n\n    u = x10 + x9 | 0;\n    x11 ^= u<<7 | u>>>(32-7);\n    u = x11 + x10 | 0;\n    x8 ^= u<<9 | u>>>(32-9);\n    u = x8 + x11 | 0;\n    x9 ^= u<<13 | u>>>(32-13);\n    u = x9 + x8 | 0;\n    x10 ^= u<<18 | u>>>(32-18);\n\n    u = x15 + x14 | 0;\n    x12 ^= u<<7 | u>>>(32-7);\n    u = x12 + x15 | 0;\n    x13 ^= u<<9 | u>>>(32-9);\n    u = x13 + x12 | 0;\n    x14 ^= u<<13 | u>>>(32-13);\n    u = x14 + x13 | 0;\n    x15 ^= u<<18 | u>>>(32-18);\n  }\n\n  o[ 0] = x0 >>>  0 & 0xff;\n  o[ 1] = x0 >>>  8 & 0xff;\n  o[ 2] = x0 >>> 16 & 0xff;\n  o[ 3] = x0 >>> 24 & 0xff;\n\n  o[ 4] = x5 >>>  0 & 0xff;\n  o[ 5] = x5 >>>  8 & 0xff;\n  o[ 6] = x5 >>> 16 & 0xff;\n  o[ 7] = x5 >>> 24 & 0xff;\n\n  o[ 8] = x10 >>>  0 & 0xff;\n  o[ 9] = x10 >>>  8 & 0xff;\n  o[10] = x10 >>> 16 & 0xff;\n  o[11] = x10 >>> 24 & 0xff;\n\n  o[12] = x15 >>>  0 & 0xff;\n  o[13] = x15 >>>  8 & 0xff;\n  o[14] = x15 >>> 16 & 0xff;\n  o[15] = x15 >>> 24 & 0xff;\n\n  o[16] = x6 >>>  0 & 0xff;\n  o[17] = x6 >>>  8 & 0xff;\n  o[18] = x6 >>> 16 & 0xff;\n  o[19] = x6 >>> 24 & 0xff;\n\n  o[20] = x7 >>>  0 & 0xff;\n  o[21] = x7 >>>  8 & 0xff;\n  o[22] = x7 >>> 16 & 0xff;\n  o[23] = x7 >>> 24 & 0xff;\n\n  o[24] = x8 >>>  0 & 0xff;\n  o[25] = x8 >>>  8 & 0xff;\n  o[26] = x8 >>> 16 & 0xff;\n  o[27] = x8 >>> 24 & 0xff;\n\n  o[28] = x9 >>>  0 & 0xff;\n  o[29] = x9 >>>  8 & 0xff;\n  o[30] = x9 >>> 16 & 0xff;\n  o[31] = x9 >>> 24 & 0xff;\n}\n\nfunction crypto_core_salsa20(out,inp,k,c) {\n  core_salsa20(out,inp,k,c);\n}\n\nfunction crypto_core_hsalsa20(out,inp,k,c) {\n  core_hsalsa20(out,inp,k,c);\n}\n\nvar sigma = new Uint8Array([101, 120, 112, 97, 110, 100, 32, 51, 50, 45, 98, 121, 116, 101, 32, 107]);\n            // \"expand 32-byte k\"\n\nfunction crypto_stream_salsa20_xor(c,cpos,m,mpos,b,n,k) {\n  var z = new Uint8Array(16), x = new Uint8Array(64);\n  var u, i;\n  for (i = 0; i < 16; i++) z[i] = 0;\n  for (i = 0; i < 8; i++) z[i] = n[i];\n  while (b >= 64) {\n    crypto_core_salsa20(x,z,k,sigma);\n    for (i = 0; i < 64; i++) c[cpos+i] = m[mpos+i] ^ x[i];\n    u = 1;\n    for (i = 8; i < 16; i++) {\n      u = u + (z[i] & 0xff) | 0;\n      z[i] = u & 0xff;\n      u >>>= 8;\n    }\n    b -= 64;\n    cpos += 64;\n    mpos += 64;\n  }\n  if (b > 0) {\n    crypto_core_salsa20(x,z,k,sigma);\n    for (i = 0; i < b; i++) c[cpos+i] = m[mpos+i] ^ x[i];\n  }\n  return 0;\n}\n\nfunction crypto_stream_salsa20(c,cpos,b,n,k) {\n  var z = new Uint8Array(16), x = new Uint8Array(64);\n  var u, i;\n  for (i = 0; i < 16; i++) z[i] = 0;\n  for (i = 0; i < 8; i++) z[i] = n[i];\n  while (b >= 64) {\n    crypto_core_salsa20(x,z,k,sigma);\n    for (i = 0; i < 64; i++) c[cpos+i] = x[i];\n    u = 1;\n    for (i = 8; i < 16; i++) {\n      u = u + (z[i] & 0xff) | 0;\n      z[i] = u & 0xff;\n      u >>>= 8;\n    }\n    b -= 64;\n    cpos += 64;\n  }\n  if (b > 0) {\n    crypto_core_salsa20(x,z,k,sigma);\n    for (i = 0; i < b; i++) c[cpos+i] = x[i];\n  }\n  return 0;\n}\n\nfunction crypto_stream(c,cpos,d,n,k) {\n  var s = new Uint8Array(32);\n  crypto_core_hsalsa20(s,n,k,sigma);\n  var sn = new Uint8Array(8);\n  for (var i = 0; i < 8; i++) sn[i] = n[i+16];\n  return crypto_stream_salsa20(c,cpos,d,sn,s);\n}\n\nfunction crypto_stream_xor(c,cpos,m,mpos,d,n,k) {\n  var s = new Uint8Array(32);\n  crypto_core_hsalsa20(s,n,k,sigma);\n  var sn = new Uint8Array(8);\n  for (var i = 0; i < 8; i++) sn[i] = n[i+16];\n  return crypto_stream_salsa20_xor(c,cpos,m,mpos,d,sn,s);\n}\n\n/*\n* Port of Andrew Moon's Poly1305-donna-16. Public domain.\n* https://github.com/floodyberry/poly1305-donna\n*/\n\nvar poly1305 = function(key) {\n  this.buffer = new Uint8Array(16);\n  this.r = new Uint16Array(10);\n  this.h = new Uint16Array(10);\n  this.pad = new Uint16Array(8);\n  this.leftover = 0;\n  this.fin = 0;\n\n  var t0, t1, t2, t3, t4, t5, t6, t7;\n\n  t0 = key[ 0] & 0xff | (key[ 1] & 0xff) << 8; this.r[0] = ( t0                     ) & 0x1fff;\n  t1 = key[ 2] & 0xff | (key[ 3] & 0xff) << 8; this.r[1] = ((t0 >>> 13) | (t1 <<  3)) & 0x1fff;\n  t2 = key[ 4] & 0xff | (key[ 5] & 0xff) << 8; this.r[2] = ((t1 >>> 10) | (t2 <<  6)) & 0x1f03;\n  t3 = key[ 6] & 0xff | (key[ 7] & 0xff) << 8; this.r[3] = ((t2 >>>  7) | (t3 <<  9)) & 0x1fff;\n  t4 = key[ 8] & 0xff | (key[ 9] & 0xff) << 8; this.r[4] = ((t3 >>>  4) | (t4 << 12)) & 0x00ff;\n  this.r[5] = ((t4 >>>  1)) & 0x1ffe;\n  t5 = key[10] & 0xff | (key[11] & 0xff) << 8; this.r[6] = ((t4 >>> 14) | (t5 <<  2)) & 0x1fff;\n  t6 = key[12] & 0xff | (key[13] & 0xff) << 8; this.r[7] = ((t5 >>> 11) | (t6 <<  5)) & 0x1f81;\n  t7 = key[14] & 0xff | (key[15] & 0xff) << 8; this.r[8] = ((t6 >>>  8) | (t7 <<  8)) & 0x1fff;\n  this.r[9] = ((t7 >>>  5)) & 0x007f;\n\n  this.pad[0] = key[16] & 0xff | (key[17] & 0xff) << 8;\n  this.pad[1] = key[18] & 0xff | (key[19] & 0xff) << 8;\n  this.pad[2] = key[20] & 0xff | (key[21] & 0xff) << 8;\n  this.pad[3] = key[22] & 0xff | (key[23] & 0xff) << 8;\n  this.pad[4] = key[24] & 0xff | (key[25] & 0xff) << 8;\n  this.pad[5] = key[26] & 0xff | (key[27] & 0xff) << 8;\n  this.pad[6] = key[28] & 0xff | (key[29] & 0xff) << 8;\n  this.pad[7] = key[30] & 0xff | (key[31] & 0xff) << 8;\n};\n\npoly1305.prototype.blocks = function(m, mpos, bytes) {\n  var hibit = this.fin ? 0 : (1 << 11);\n  var t0, t1, t2, t3, t4, t5, t6, t7, c;\n  var d0, d1, d2, d3, d4, d5, d6, d7, d8, d9;\n\n  var h0 = this.h[0],\n      h1 = this.h[1],\n      h2 = this.h[2],\n      h3 = this.h[3],\n      h4 = this.h[4],\n      h5 = this.h[5],\n      h6 = this.h[6],\n      h7 = this.h[7],\n      h8 = this.h[8],\n      h9 = this.h[9];\n\n  var r0 = this.r[0],\n      r1 = this.r[1],\n      r2 = this.r[2],\n      r3 = this.r[3],\n      r4 = this.r[4],\n      r5 = this.r[5],\n      r6 = this.r[6],\n      r7 = this.r[7],\n      r8 = this.r[8],\n      r9 = this.r[9];\n\n  while (bytes >= 16) {\n    t0 = m[mpos+ 0] & 0xff | (m[mpos+ 1] & 0xff) << 8; h0 += ( t0                     ) & 0x1fff;\n    t1 = m[mpos+ 2] & 0xff | (m[mpos+ 3] & 0xff) << 8; h1 += ((t0 >>> 13) | (t1 <<  3)) & 0x1fff;\n    t2 = m[mpos+ 4] & 0xff | (m[mpos+ 5] & 0xff) << 8; h2 += ((t1 >>> 10) | (t2 <<  6)) & 0x1fff;\n    t3 = m[mpos+ 6] & 0xff | (m[mpos+ 7] & 0xff) << 8; h3 += ((t2 >>>  7) | (t3 <<  9)) & 0x1fff;\n    t4 = m[mpos+ 8] & 0xff | (m[mpos+ 9] & 0xff) << 8; h4 += ((t3 >>>  4) | (t4 << 12)) & 0x1fff;\n    h5 += ((t4 >>>  1)) & 0x1fff;\n    t5 = m[mpos+10] & 0xff | (m[mpos+11] & 0xff) << 8; h6 += ((t4 >>> 14) | (t5 <<  2)) & 0x1fff;\n    t6 = m[mpos+12] & 0xff | (m[mpos+13] & 0xff) << 8; h7 += ((t5 >>> 11) | (t6 <<  5)) & 0x1fff;\n    t7 = m[mpos+14] & 0xff | (m[mpos+15] & 0xff) << 8; h8 += ((t6 >>>  8) | (t7 <<  8)) & 0x1fff;\n    h9 += ((t7 >>> 5)) | hibit;\n\n    c = 0;\n\n    d0 = c;\n    d0 += h0 * r0;\n    d0 += h1 * (5 * r9);\n    d0 += h2 * (5 * r8);\n    d0 += h3 * (5 * r7);\n    d0 += h4 * (5 * r6);\n    c = (d0 >>> 13); d0 &= 0x1fff;\n    d0 += h5 * (5 * r5);\n    d0 += h6 * (5 * r4);\n    d0 += h7 * (5 * r3);\n    d0 += h8 * (5 * r2);\n    d0 += h9 * (5 * r1);\n    c += (d0 >>> 13); d0 &= 0x1fff;\n\n    d1 = c;\n    d1 += h0 * r1;\n    d1 += h1 * r0;\n    d1 += h2 * (5 * r9);\n    d1 += h3 * (5 * r8);\n    d1 += h4 * (5 * r7);\n    c = (d1 >>> 13); d1 &= 0x1fff;\n    d1 += h5 * (5 * r6);\n    d1 += h6 * (5 * r5);\n    d1 += h7 * (5 * r4);\n    d1 += h8 * (5 * r3);\n    d1 += h9 * (5 * r2);\n    c += (d1 >>> 13); d1 &= 0x1fff;\n\n    d2 = c;\n    d2 += h0 * r2;\n    d2 += h1 * r1;\n    d2 += h2 * r0;\n    d2 += h3 * (5 * r9);\n    d2 += h4 * (5 * r8);\n    c = (d2 >>> 13); d2 &= 0x1fff;\n    d2 += h5 * (5 * r7);\n    d2 += h6 * (5 * r6);\n    d2 += h7 * (5 * r5);\n    d2 += h8 * (5 * r4);\n    d2 += h9 * (5 * r3);\n    c += (d2 >>> 13); d2 &= 0x1fff;\n\n    d3 = c;\n    d3 += h0 * r3;\n    d3 += h1 * r2;\n    d3 += h2 * r1;\n    d3 += h3 * r0;\n    d3 += h4 * (5 * r9);\n    c = (d3 >>> 13); d3 &= 0x1fff;\n    d3 += h5 * (5 * r8);\n    d3 += h6 * (5 * r7);\n    d3 += h7 * (5 * r6);\n    d3 += h8 * (5 * r5);\n    d3 += h9 * (5 * r4);\n    c += (d3 >>> 13); d3 &= 0x1fff;\n\n    d4 = c;\n    d4 += h0 * r4;\n    d4 += h1 * r3;\n    d4 += h2 * r2;\n    d4 += h3 * r1;\n    d4 += h4 * r0;\n    c = (d4 >>> 13); d4 &= 0x1fff;\n    d4 += h5 * (5 * r9);\n    d4 += h6 * (5 * r8);\n    d4 += h7 * (5 * r7);\n    d4 += h8 * (5 * r6);\n    d4 += h9 * (5 * r5);\n    c += (d4 >>> 13); d4 &= 0x1fff;\n\n    d5 = c;\n    d5 += h0 * r5;\n    d5 += h1 * r4;\n    d5 += h2 * r3;\n    d5 += h3 * r2;\n    d5 += h4 * r1;\n    c = (d5 >>> 13); d5 &= 0x1fff;\n    d5 += h5 * r0;\n    d5 += h6 * (5 * r9);\n    d5 += h7 * (5 * r8);\n    d5 += h8 * (5 * r7);\n    d5 += h9 * (5 * r6);\n    c += (d5 >>> 13); d5 &= 0x1fff;\n\n    d6 = c;\n    d6 += h0 * r6;\n    d6 += h1 * r5;\n    d6 += h2 * r4;\n    d6 += h3 * r3;\n    d6 += h4 * r2;\n    c = (d6 >>> 13); d6 &= 0x1fff;\n    d6 += h5 * r1;\n    d6 += h6 * r0;\n    d6 += h7 * (5 * r9);\n    d6 += h8 * (5 * r8);\n    d6 += h9 * (5 * r7);\n    c += (d6 >>> 13); d6 &= 0x1fff;\n\n    d7 = c;\n    d7 += h0 * r7;\n    d7 += h1 * r6;\n    d7 += h2 * r5;\n    d7 += h3 * r4;\n    d7 += h4 * r3;\n    c = (d7 >>> 13); d7 &= 0x1fff;\n    d7 += h5 * r2;\n    d7 += h6 * r1;\n    d7 += h7 * r0;\n    d7 += h8 * (5 * r9);\n    d7 += h9 * (5 * r8);\n    c += (d7 >>> 13); d7 &= 0x1fff;\n\n    d8 = c;\n    d8 += h0 * r8;\n    d8 += h1 * r7;\n    d8 += h2 * r6;\n    d8 += h3 * r5;\n    d8 += h4 * r4;\n    c = (d8 >>> 13); d8 &= 0x1fff;\n    d8 += h5 * r3;\n    d8 += h6 * r2;\n    d8 += h7 * r1;\n    d8 += h8 * r0;\n    d8 += h9 * (5 * r9);\n    c += (d8 >>> 13); d8 &= 0x1fff;\n\n    d9 = c;\n    d9 += h0 * r9;\n    d9 += h1 * r8;\n    d9 += h2 * r7;\n    d9 += h3 * r6;\n    d9 += h4 * r5;\n    c = (d9 >>> 13); d9 &= 0x1fff;\n    d9 += h5 * r4;\n    d9 += h6 * r3;\n    d9 += h7 * r2;\n    d9 += h8 * r1;\n    d9 += h9 * r0;\n    c += (d9 >>> 13); d9 &= 0x1fff;\n\n    c = (((c << 2) + c)) | 0;\n    c = (c + d0) | 0;\n    d0 = c & 0x1fff;\n    c = (c >>> 13);\n    d1 += c;\n\n    h0 = d0;\n    h1 = d1;\n    h2 = d2;\n    h3 = d3;\n    h4 = d4;\n    h5 = d5;\n    h6 = d6;\n    h7 = d7;\n    h8 = d8;\n    h9 = d9;\n\n    mpos += 16;\n    bytes -= 16;\n  }\n  this.h[0] = h0;\n  this.h[1] = h1;\n  this.h[2] = h2;\n  this.h[3] = h3;\n  this.h[4] = h4;\n  this.h[5] = h5;\n  this.h[6] = h6;\n  this.h[7] = h7;\n  this.h[8] = h8;\n  this.h[9] = h9;\n};\n\npoly1305.prototype.finish = function(mac, macpos) {\n  var g = new Uint16Array(10);\n  var c, mask, f, i;\n\n  if (this.leftover) {\n    i = this.leftover;\n    this.buffer[i++] = 1;\n    for (; i < 16; i++) this.buffer[i] = 0;\n    this.fin = 1;\n    this.blocks(this.buffer, 0, 16);\n  }\n\n  c = this.h[1] >>> 13;\n  this.h[1] &= 0x1fff;\n  for (i = 2; i < 10; i++) {\n    this.h[i] += c;\n    c = this.h[i] >>> 13;\n    this.h[i] &= 0x1fff;\n  }\n  this.h[0] += (c * 5);\n  c = this.h[0] >>> 13;\n  this.h[0] &= 0x1fff;\n  this.h[1] += c;\n  c = this.h[1] >>> 13;\n  this.h[1] &= 0x1fff;\n  this.h[2] += c;\n\n  g[0] = this.h[0] + 5;\n  c = g[0] >>> 13;\n  g[0] &= 0x1fff;\n  for (i = 1; i < 10; i++) {\n    g[i] = this.h[i] + c;\n    c = g[i] >>> 13;\n    g[i] &= 0x1fff;\n  }\n  g[9] -= (1 << 13);\n\n  mask = (c ^ 1) - 1;\n  for (i = 0; i < 10; i++) g[i] &= mask;\n  mask = ~mask;\n  for (i = 0; i < 10; i++) this.h[i] = (this.h[i] & mask) | g[i];\n\n  this.h[0] = ((this.h[0]       ) | (this.h[1] << 13)                    ) & 0xffff;\n  this.h[1] = ((this.h[1] >>>  3) | (this.h[2] << 10)                    ) & 0xffff;\n  this.h[2] = ((this.h[2] >>>  6) | (this.h[3] <<  7)                    ) & 0xffff;\n  this.h[3] = ((this.h[3] >>>  9) | (this.h[4] <<  4)                    ) & 0xffff;\n  this.h[4] = ((this.h[4] >>> 12) | (this.h[5] <<  1) | (this.h[6] << 14)) & 0xffff;\n  this.h[5] = ((this.h[6] >>>  2) | (this.h[7] << 11)                    ) & 0xffff;\n  this.h[6] = ((this.h[7] >>>  5) | (this.h[8] <<  8)                    ) & 0xffff;\n  this.h[7] = ((this.h[8] >>>  8) | (this.h[9] <<  5)                    ) & 0xffff;\n\n  f = this.h[0] + this.pad[0];\n  this.h[0] = f & 0xffff;\n  for (i = 1; i < 8; i++) {\n    f = (((this.h[i] + this.pad[i]) | 0) + (f >>> 16)) | 0;\n    this.h[i] = f & 0xffff;\n  }\n\n  mac[macpos+ 0] = (this.h[0] >>> 0) & 0xff;\n  mac[macpos+ 1] = (this.h[0] >>> 8) & 0xff;\n  mac[macpos+ 2] = (this.h[1] >>> 0) & 0xff;\n  mac[macpos+ 3] = (this.h[1] >>> 8) & 0xff;\n  mac[macpos+ 4] = (this.h[2] >>> 0) & 0xff;\n  mac[macpos+ 5] = (this.h[2] >>> 8) & 0xff;\n  mac[macpos+ 6] = (this.h[3] >>> 0) & 0xff;\n  mac[macpos+ 7] = (this.h[3] >>> 8) & 0xff;\n  mac[macpos+ 8] = (this.h[4] >>> 0) & 0xff;\n  mac[macpos+ 9] = (this.h[4] >>> 8) & 0xff;\n  mac[macpos+10] = (this.h[5] >>> 0) & 0xff;\n  mac[macpos+11] = (this.h[5] >>> 8) & 0xff;\n  mac[macpos+12] = (this.h[6] >>> 0) & 0xff;\n  mac[macpos+13] = (this.h[6] >>> 8) & 0xff;\n  mac[macpos+14] = (this.h[7] >>> 0) & 0xff;\n  mac[macpos+15] = (this.h[7] >>> 8) & 0xff;\n};\n\npoly1305.prototype.update = function(m, mpos, bytes) {\n  var i, want;\n\n  if (this.leftover) {\n    want = (16 - this.leftover);\n    if (want > bytes)\n      want = bytes;\n    for (i = 0; i < want; i++)\n      this.buffer[this.leftover + i] = m[mpos+i];\n    bytes -= want;\n    mpos += want;\n    this.leftover += want;\n    if (this.leftover < 16)\n      return;\n    this.blocks(this.buffer, 0, 16);\n    this.leftover = 0;\n  }\n\n  if (bytes >= 16) {\n    want = bytes - (bytes % 16);\n    this.blocks(m, mpos, want);\n    mpos += want;\n    bytes -= want;\n  }\n\n  if (bytes) {\n    for (i = 0; i < bytes; i++)\n      this.buffer[this.leftover + i] = m[mpos+i];\n    this.leftover += bytes;\n  }\n};\n\nfunction crypto_onetimeauth(out, outpos, m, mpos, n, k) {\n  var s = new poly1305(k);\n  s.update(m, mpos, n);\n  s.finish(out, outpos);\n  return 0;\n}\n\nfunction crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) {\n  var x = new Uint8Array(16);\n  crypto_onetimeauth(x,0,m,mpos,n,k);\n  return crypto_verify_16(h,hpos,x,0);\n}\n\nfunction crypto_secretbox(c,m,d,n,k) {\n  var i;\n  if (d < 32) return -1;\n  crypto_stream_xor(c,0,m,0,d,n,k);\n  crypto_onetimeauth(c, 16, c, 32, d - 32, c);\n  for (i = 0; i < 16; i++) c[i] = 0;\n  return 0;\n}\n\nfunction crypto_secretbox_open(m,c,d,n,k) {\n  var i;\n  var x = new Uint8Array(32);\n  if (d < 32) return -1;\n  crypto_stream(x,0,32,n,k);\n  if (crypto_onetimeauth_verify(c, 16,c, 32,d - 32,x) !== 0) return -1;\n  crypto_stream_xor(m,0,c,0,d,n,k);\n  for (i = 0; i < 32; i++) m[i] = 0;\n  return 0;\n}\n\nfunction set25519(r, a) {\n  var i;\n  for (i = 0; i < 16; i++) r[i] = a[i]|0;\n}\n\nfunction car25519(o) {\n  var i, v, c = 1;\n  for (i = 0; i < 16; i++) {\n    v = o[i] + c + 65535;\n    c = Math.floor(v / 65536);\n    o[i] = v - c * 65536;\n  }\n  o[0] += c-1 + 37 * (c-1);\n}\n\nfunction sel25519(p, q, b) {\n  var t, c = ~(b-1);\n  for (var i = 0; i < 16; i++) {\n    t = c & (p[i] ^ q[i]);\n    p[i] ^= t;\n    q[i] ^= t;\n  }\n}\n\nfunction pack25519(o, n) {\n  var i, j, b;\n  var m = gf(), t = gf();\n  for (i = 0; i < 16; i++) t[i] = n[i];\n  car25519(t);\n  car25519(t);\n  car25519(t);\n  for (j = 0; j < 2; j++) {\n    m[0] = t[0] - 0xffed;\n    for (i = 1; i < 15; i++) {\n      m[i] = t[i] - 0xffff - ((m[i-1]>>16) & 1);\n      m[i-1] &= 0xffff;\n    }\n    m[15] = t[15] - 0x7fff - ((m[14]>>16) & 1);\n    b = (m[15]>>16) & 1;\n    m[14] &= 0xffff;\n    sel25519(t, m, 1-b);\n  }\n  for (i = 0; i < 16; i++) {\n    o[2*i] = t[i] & 0xff;\n    o[2*i+1] = t[i]>>8;\n  }\n}\n\nfunction neq25519(a, b) {\n  var c = new Uint8Array(32), d = new Uint8Array(32);\n  pack25519(c, a);\n  pack25519(d, b);\n  return crypto_verify_32(c, 0, d, 0);\n}\n\nfunction par25519(a) {\n  var d = new Uint8Array(32);\n  pack25519(d, a);\n  return d[0] & 1;\n}\n\nfunction unpack25519(o, n) {\n  var i;\n  for (i = 0; i < 16; i++) o[i] = n[2*i] + (n[2*i+1] << 8);\n  o[15] &= 0x7fff;\n}\n\nfunction A(o, a, b) {\n  for (var i = 0; i < 16; i++) o[i] = a[i] + b[i];\n}\n\nfunction Z(o, a, b) {\n  for (var i = 0; i < 16; i++) o[i] = a[i] - b[i];\n}\n\nfunction M(o, a, b) {\n  var v, c,\n     t0 = 0,  t1 = 0,  t2 = 0,  t3 = 0,  t4 = 0,  t5 = 0,  t6 = 0,  t7 = 0,\n     t8 = 0,  t9 = 0, t10 = 0, t11 = 0, t12 = 0, t13 = 0, t14 = 0, t15 = 0,\n    t16 = 0, t17 = 0, t18 = 0, t19 = 0, t20 = 0, t21 = 0, t22 = 0, t23 = 0,\n    t24 = 0, t25 = 0, t26 = 0, t27 = 0, t28 = 0, t29 = 0, t30 = 0,\n    b0 = b[0],\n    b1 = b[1],\n    b2 = b[2],\n    b3 = b[3],\n    b4 = b[4],\n    b5 = b[5],\n    b6 = b[6],\n    b7 = b[7],\n    b8 = b[8],\n    b9 = b[9],\n    b10 = b[10],\n    b11 = b[11],\n    b12 = b[12],\n    b13 = b[13],\n    b14 = b[14],\n    b15 = b[15];\n\n  v = a[0];\n  t0 += v * b0;\n  t1 += v * b1;\n  t2 += v * b2;\n  t3 += v * b3;\n  t4 += v * b4;\n  t5 += v * b5;\n  t6 += v * b6;\n  t7 += v * b7;\n  t8 += v * b8;\n  t9 += v * b9;\n  t10 += v * b10;\n  t11 += v * b11;\n  t12 += v * b12;\n  t13 += v * b13;\n  t14 += v * b14;\n  t15 += v * b15;\n  v = a[1];\n  t1 += v * b0;\n  t2 += v * b1;\n  t3 += v * b2;\n  t4 += v * b3;\n  t5 += v * b4;\n  t6 += v * b5;\n  t7 += v * b6;\n  t8 += v * b7;\n  t9 += v * b8;\n  t10 += v * b9;\n  t11 += v * b10;\n  t12 += v * b11;\n  t13 += v * b12;\n  t14 += v * b13;\n  t15 += v * b14;\n  t16 += v * b15;\n  v = a[2];\n  t2 += v * b0;\n  t3 += v * b1;\n  t4 += v * b2;\n  t5 += v * b3;\n  t6 += v * b4;\n  t7 += v * b5;\n  t8 += v * b6;\n  t9 += v * b7;\n  t10 += v * b8;\n  t11 += v * b9;\n  t12 += v * b10;\n  t13 += v * b11;\n  t14 += v * b12;\n  t15 += v * b13;\n  t16 += v * b14;\n  t17 += v * b15;\n  v = a[3];\n  t3 += v * b0;\n  t4 += v * b1;\n  t5 += v * b2;\n  t6 += v * b3;\n  t7 += v * b4;\n  t8 += v * b5;\n  t9 += v * b6;\n  t10 += v * b7;\n  t11 += v * b8;\n  t12 += v * b9;\n  t13 += v * b10;\n  t14 += v * b11;\n  t15 += v * b12;\n  t16 += v * b13;\n  t17 += v * b14;\n  t18 += v * b15;\n  v = a[4];\n  t4 += v * b0;\n  t5 += v * b1;\n  t6 += v * b2;\n  t7 += v * b3;\n  t8 += v * b4;\n  t9 += v * b5;\n  t10 += v * b6;\n  t11 += v * b7;\n  t12 += v * b8;\n  t13 += v * b9;\n  t14 += v * b10;\n  t15 += v * b11;\n  t16 += v * b12;\n  t17 += v * b13;\n  t18 += v * b14;\n  t19 += v * b15;\n  v = a[5];\n  t5 += v * b0;\n  t6 += v * b1;\n  t7 += v * b2;\n  t8 += v * b3;\n  t9 += v * b4;\n  t10 += v * b5;\n  t11 += v * b6;\n  t12 += v * b7;\n  t13 += v * b8;\n  t14 += v * b9;\n  t15 += v * b10;\n  t16 += v * b11;\n  t17 += v * b12;\n  t18 += v * b13;\n  t19 += v * b14;\n  t20 += v * b15;\n  v = a[6];\n  t6 += v * b0;\n  t7 += v * b1;\n  t8 += v * b2;\n  t9 += v * b3;\n  t10 += v * b4;\n  t11 += v * b5;\n  t12 += v * b6;\n  t13 += v * b7;\n  t14 += v * b8;\n  t15 += v * b9;\n  t16 += v * b10;\n  t17 += v * b11;\n  t18 += v * b12;\n  t19 += v * b13;\n  t20 += v * b14;\n  t21 += v * b15;\n  v = a[7];\n  t7 += v * b0;\n  t8 += v * b1;\n  t9 += v * b2;\n  t10 += v * b3;\n  t11 += v * b4;\n  t12 += v * b5;\n  t13 += v * b6;\n  t14 += v * b7;\n  t15 += v * b8;\n  t16 += v * b9;\n  t17 += v * b10;\n  t18 += v * b11;\n  t19 += v * b12;\n  t20 += v * b13;\n  t21 += v * b14;\n  t22 += v * b15;\n  v = a[8];\n  t8 += v * b0;\n  t9 += v * b1;\n  t10 += v * b2;\n  t11 += v * b3;\n  t12 += v * b4;\n  t13 += v * b5;\n  t14 += v * b6;\n  t15 += v * b7;\n  t16 += v * b8;\n  t17 += v * b9;\n  t18 += v * b10;\n  t19 += v * b11;\n  t20 += v * b12;\n  t21 += v * b13;\n  t22 += v * b14;\n  t23 += v * b15;\n  v = a[9];\n  t9 += v * b0;\n  t10 += v * b1;\n  t11 += v * b2;\n  t12 += v * b3;\n  t13 += v * b4;\n  t14 += v * b5;\n  t15 += v * b6;\n  t16 += v * b7;\n  t17 += v * b8;\n  t18 += v * b9;\n  t19 += v * b10;\n  t20 += v * b11;\n  t21 += v * b12;\n  t22 += v * b13;\n  t23 += v * b14;\n  t24 += v * b15;\n  v = a[10];\n  t10 += v * b0;\n  t11 += v * b1;\n  t12 += v * b2;\n  t13 += v * b3;\n  t14 += v * b4;\n  t15 += v * b5;\n  t16 += v * b6;\n  t17 += v * b7;\n  t18 += v * b8;\n  t19 += v * b9;\n  t20 += v * b10;\n  t21 += v * b11;\n  t22 += v * b12;\n  t23 += v * b13;\n  t24 += v * b14;\n  t25 += v * b15;\n  v = a[11];\n  t11 += v * b0;\n  t12 += v * b1;\n  t13 += v * b2;\n  t14 += v * b3;\n  t15 += v * b4;\n  t16 += v * b5;\n  t17 += v * b6;\n  t18 += v * b7;\n  t19 += v * b8;\n  t20 += v * b9;\n  t21 += v * b10;\n  t22 += v * b11;\n  t23 += v * b12;\n  t24 += v * b13;\n  t25 += v * b14;\n  t26 += v * b15;\n  v = a[12];\n  t12 += v * b0;\n  t13 += v * b1;\n  t14 += v * b2;\n  t15 += v * b3;\n  t16 += v * b4;\n  t17 += v * b5;\n  t18 += v * b6;\n  t19 += v * b7;\n  t20 += v * b8;\n  t21 += v * b9;\n  t22 += v * b10;\n  t23 += v * b11;\n  t24 += v * b12;\n  t25 += v * b13;\n  t26 += v * b14;\n  t27 += v * b15;\n  v = a[13];\n  t13 += v * b0;\n  t14 += v * b1;\n  t15 += v * b2;\n  t16 += v * b3;\n  t17 += v * b4;\n  t18 += v * b5;\n  t19 += v * b6;\n  t20 += v * b7;\n  t21 += v * b8;\n  t22 += v * b9;\n  t23 += v * b10;\n  t24 += v * b11;\n  t25 += v * b12;\n  t26 += v * b13;\n  t27 += v * b14;\n  t28 += v * b15;\n  v = a[14];\n  t14 += v * b0;\n  t15 += v * b1;\n  t16 += v * b2;\n  t17 += v * b3;\n  t18 += v * b4;\n  t19 += v * b5;\n  t20 += v * b6;\n  t21 += v * b7;\n  t22 += v * b8;\n  t23 += v * b9;\n  t24 += v * b10;\n  t25 += v * b11;\n  t26 += v * b12;\n  t27 += v * b13;\n  t28 += v * b14;\n  t29 += v * b15;\n  v = a[15];\n  t15 += v * b0;\n  t16 += v * b1;\n  t17 += v * b2;\n  t18 += v * b3;\n  t19 += v * b4;\n  t20 += v * b5;\n  t21 += v * b6;\n  t22 += v * b7;\n  t23 += v * b8;\n  t24 += v * b9;\n  t25 += v * b10;\n  t26 += v * b11;\n  t27 += v * b12;\n  t28 += v * b13;\n  t29 += v * b14;\n  t30 += v * b15;\n\n  t0  += 38 * t16;\n  t1  += 38 * t17;\n  t2  += 38 * t18;\n  t3  += 38 * t19;\n  t4  += 38 * t20;\n  t5  += 38 * t21;\n  t6  += 38 * t22;\n  t7  += 38 * t23;\n  t8  += 38 * t24;\n  t9  += 38 * t25;\n  t10 += 38 * t26;\n  t11 += 38 * t27;\n  t12 += 38 * t28;\n  t13 += 38 * t29;\n  t14 += 38 * t30;\n  // t15 left as is\n\n  // first car\n  c = 1;\n  v =  t0 + c + 65535; c = Math.floor(v / 65536);  t0 = v - c * 65536;\n  v =  t1 + c + 65535; c = Math.floor(v / 65536);  t1 = v - c * 65536;\n  v =  t2 + c + 65535; c = Math.floor(v / 65536);  t2 = v - c * 65536;\n  v =  t3 + c + 65535; c = Math.floor(v / 65536);  t3 = v - c * 65536;\n  v =  t4 + c + 65535; c = Math.floor(v / 65536);  t4 = v - c * 65536;\n  v =  t5 + c + 65535; c = Math.floor(v / 65536);  t5 = v - c * 65536;\n  v =  t6 + c + 65535; c = Math.floor(v / 65536);  t6 = v - c * 65536;\n  v =  t7 + c + 65535; c = Math.floor(v / 65536);  t7 = v - c * 65536;\n  v =  t8 + c + 65535; c = Math.floor(v / 65536);  t8 = v - c * 65536;\n  v =  t9 + c + 65535; c = Math.floor(v / 65536);  t9 = v - c * 65536;\n  v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;\n  v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;\n  v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;\n  v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;\n  v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;\n  v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;\n  t0 += c-1 + 37 * (c-1);\n\n  // second car\n  c = 1;\n  v =  t0 + c + 65535; c = Math.floor(v / 65536);  t0 = v - c * 65536;\n  v =  t1 + c + 65535; c = Math.floor(v / 65536);  t1 = v - c * 65536;\n  v =  t2 + c + 65535; c = Math.floor(v / 65536);  t2 = v - c * 65536;\n  v =  t3 + c + 65535; c = Math.floor(v / 65536);  t3 = v - c * 65536;\n  v =  t4 + c + 65535; c = Math.floor(v / 65536);  t4 = v - c * 65536;\n  v =  t5 + c + 65535; c = Math.floor(v / 65536);  t5 = v - c * 65536;\n  v =  t6 + c + 65535; c = Math.floor(v / 65536);  t6 = v - c * 65536;\n  v =  t7 + c + 65535; c = Math.floor(v / 65536);  t7 = v - c * 65536;\n  v =  t8 + c + 65535; c = Math.floor(v / 65536);  t8 = v - c * 65536;\n  v =  t9 + c + 65535; c = Math.floor(v / 65536);  t9 = v - c * 65536;\n  v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;\n  v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;\n  v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;\n  v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;\n  v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;\n  v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;\n  t0 += c-1 + 37 * (c-1);\n\n  o[ 0] = t0;\n  o[ 1] = t1;\n  o[ 2] = t2;\n  o[ 3] = t3;\n  o[ 4] = t4;\n  o[ 5] = t5;\n  o[ 6] = t6;\n  o[ 7] = t7;\n  o[ 8] = t8;\n  o[ 9] = t9;\n  o[10] = t10;\n  o[11] = t11;\n  o[12] = t12;\n  o[13] = t13;\n  o[14] = t14;\n  o[15] = t15;\n}\n\nfunction S(o, a) {\n  M(o, a, a);\n}\n\nfunction inv25519(o, i) {\n  var c = gf();\n  var a;\n  for (a = 0; a < 16; a++) c[a] = i[a];\n  for (a = 253; a >= 0; a--) {\n    S(c, c);\n    if(a !== 2 && a !== 4) M(c, c, i);\n  }\n  for (a = 0; a < 16; a++) o[a] = c[a];\n}\n\nfunction pow2523(o, i) {\n  var c = gf();\n  var a;\n  for (a = 0; a < 16; a++) c[a] = i[a];\n  for (a = 250; a >= 0; a--) {\n      S(c, c);\n      if(a !== 1) M(c, c, i);\n  }\n  for (a = 0; a < 16; a++) o[a] = c[a];\n}\n\nfunction crypto_scalarmult(q, n, p) {\n  var z = new Uint8Array(32);\n  var x = new Float64Array(80), r, i;\n  var a = gf(), b = gf(), c = gf(),\n      d = gf(), e = gf(), f = gf();\n  for (i = 0; i < 31; i++) z[i] = n[i];\n  z[31]=(n[31]&127)|64;\n  z[0]&=248;\n  unpack25519(x,p);\n  for (i = 0; i < 16; i++) {\n    b[i]=x[i];\n    d[i]=a[i]=c[i]=0;\n  }\n  a[0]=d[0]=1;\n  for (i=254; i>=0; --i) {\n    r=(z[i>>>3]>>>(i&7))&1;\n    sel25519(a,b,r);\n    sel25519(c,d,r);\n    A(e,a,c);\n    Z(a,a,c);\n    A(c,b,d);\n    Z(b,b,d);\n    S(d,e);\n    S(f,a);\n    M(a,c,a);\n    M(c,b,e);\n    A(e,a,c);\n    Z(a,a,c);\n    S(b,a);\n    Z(c,d,f);\n    M(a,c,_121665);\n    A(a,a,d);\n    M(c,c,a);\n    M(a,d,f);\n    M(d,b,x);\n    S(b,e);\n    sel25519(a,b,r);\n    sel25519(c,d,r);\n  }\n  for (i = 0; i < 16; i++) {\n    x[i+16]=a[i];\n    x[i+32]=c[i];\n    x[i+48]=b[i];\n    x[i+64]=d[i];\n  }\n  var x32 = x.subarray(32);\n  var x16 = x.subarray(16);\n  inv25519(x32,x32);\n  M(x16,x16,x32);\n  pack25519(q,x16);\n  return 0;\n}\n\nfunction crypto_scalarmult_base(q, n) {\n  return crypto_scalarmult(q, n, _9);\n}\n\nfunction crypto_box_keypair(y, x) {\n  randombytes(x, 32);\n  return crypto_scalarmult_base(y, x);\n}\n\nfunction crypto_box_beforenm(k, y, x) {\n  var s = new Uint8Array(32);\n  crypto_scalarmult(s, x, y);\n  return crypto_core_hsalsa20(k, _0, s, sigma);\n}\n\nvar crypto_box_afternm = crypto_secretbox;\nvar crypto_box_open_afternm = crypto_secretbox_open;\n\nfunction crypto_box(c, m, d, n, y, x) {\n  var k = new Uint8Array(32);\n  crypto_box_beforenm(k, y, x);\n  return crypto_box_afternm(c, m, d, n, k);\n}\n\nfunction crypto_box_open(m, c, d, n, y, x) {\n  var k = new Uint8Array(32);\n  crypto_box_beforenm(k, y, x);\n  return crypto_box_open_afternm(m, c, d, n, k);\n}\n\nvar K = [\n  0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,\n  0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,\n  0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,\n  0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,\n  0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,\n  0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,\n  0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,\n  0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,\n  0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,\n  0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,\n  0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,\n  0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,\n  0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,\n  0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,\n  0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,\n  0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,\n  0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,\n  0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,\n  0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,\n  0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,\n  0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,\n  0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,\n  0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,\n  0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,\n  0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,\n  0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,\n  0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,\n  0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,\n  0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,\n  0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,\n  0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,\n  0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,\n  0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,\n  0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,\n  0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,\n  0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,\n  0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,\n  0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,\n  0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,\n  0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817\n];\n\nfunction crypto_hashblocks_hl(hh, hl, m, n) {\n  var wh = new Int32Array(16), wl = new Int32Array(16),\n      bh0, bh1, bh2, bh3, bh4, bh5, bh6, bh7,\n      bl0, bl1, bl2, bl3, bl4, bl5, bl6, bl7,\n      th, tl, i, j, h, l, a, b, c, d;\n\n  var ah0 = hh[0],\n      ah1 = hh[1],\n      ah2 = hh[2],\n      ah3 = hh[3],\n      ah4 = hh[4],\n      ah5 = hh[5],\n      ah6 = hh[6],\n      ah7 = hh[7],\n\n      al0 = hl[0],\n      al1 = hl[1],\n      al2 = hl[2],\n      al3 = hl[3],\n      al4 = hl[4],\n      al5 = hl[5],\n      al6 = hl[6],\n      al7 = hl[7];\n\n  var pos = 0;\n  while (n >= 128) {\n    for (i = 0; i < 16; i++) {\n      j = 8 * i + pos;\n      wh[i] = (m[j+0] << 24) | (m[j+1] << 16) | (m[j+2] << 8) | m[j+3];\n      wl[i] = (m[j+4] << 24) | (m[j+5] << 16) | (m[j+6] << 8) | m[j+7];\n    }\n    for (i = 0; i < 80; i++) {\n      bh0 = ah0;\n      bh1 = ah1;\n      bh2 = ah2;\n      bh3 = ah3;\n      bh4 = ah4;\n      bh5 = ah5;\n      bh6 = ah6;\n      bh7 = ah7;\n\n      bl0 = al0;\n      bl1 = al1;\n      bl2 = al2;\n      bl3 = al3;\n      bl4 = al4;\n      bl5 = al5;\n      bl6 = al6;\n      bl7 = al7;\n\n      // add\n      h = ah7;\n      l = al7;\n\n      a = l & 0xffff; b = l >>> 16;\n      c = h & 0xffff; d = h >>> 16;\n\n      // Sigma1\n      h = ((ah4 >>> 14) | (al4 << (32-14))) ^ ((ah4 >>> 18) | (al4 << (32-18))) ^ ((al4 >>> (41-32)) | (ah4 << (32-(41-32))));\n      l = ((al4 >>> 14) | (ah4 << (32-14))) ^ ((al4 >>> 18) | (ah4 << (32-18))) ^ ((ah4 >>> (41-32)) | (al4 << (32-(41-32))));\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      // Ch\n      h = (ah4 & ah5) ^ (~ah4 & ah6);\n      l = (al4 & al5) ^ (~al4 & al6);\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      // K\n      h = K[i*2];\n      l = K[i*2+1];\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      // w\n      h = wh[i%16];\n      l = wl[i%16];\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      b += a >>> 16;\n      c += b >>> 16;\n      d += c >>> 16;\n\n      th = c & 0xffff | d << 16;\n      tl = a & 0xffff | b << 16;\n\n      // add\n      h = th;\n      l = tl;\n\n      a = l & 0xffff; b = l >>> 16;\n      c = h & 0xffff; d = h >>> 16;\n\n      // Sigma0\n      h = ((ah0 >>> 28) | (al0 << (32-28))) ^ ((al0 >>> (34-32)) | (ah0 << (32-(34-32)))) ^ ((al0 >>> (39-32)) | (ah0 << (32-(39-32))));\n      l = ((al0 >>> 28) | (ah0 << (32-28))) ^ ((ah0 >>> (34-32)) | (al0 << (32-(34-32)))) ^ ((ah0 >>> (39-32)) | (al0 << (32-(39-32))));\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      // Maj\n      h = (ah0 & ah1) ^ (ah0 & ah2) ^ (ah1 & ah2);\n      l = (al0 & al1) ^ (al0 & al2) ^ (al1 & al2);\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      b += a >>> 16;\n      c += b >>> 16;\n      d += c >>> 16;\n\n      bh7 = (c & 0xffff) | (d << 16);\n      bl7 = (a & 0xffff) | (b << 16);\n\n      // add\n      h = bh3;\n      l = bl3;\n\n      a = l & 0xffff; b = l >>> 16;\n      c = h & 0xffff; d = h >>> 16;\n\n      h = th;\n      l = tl;\n\n      a += l & 0xffff; b += l >>> 16;\n      c += h & 0xffff; d += h >>> 16;\n\n      b += a >>> 16;\n      c += b >>> 16;\n      d += c >>> 16;\n\n      bh3 = (c & 0xffff) | (d << 16);\n      bl3 = (a & 0xffff) | (b << 16);\n\n      ah1 = bh0;\n      ah2 = bh1;\n      ah3 = bh2;\n      ah4 = bh3;\n      ah5 = bh4;\n      ah6 = bh5;\n      ah7 = bh6;\n      ah0 = bh7;\n\n      al1 = bl0;\n      al2 = bl1;\n      al3 = bl2;\n      al4 = bl3;\n      al5 = bl4;\n      al6 = bl5;\n      al7 = bl6;\n      al0 = bl7;\n\n      if (i%16 === 15) {\n        for (j = 0; j < 16; j++) {\n          // add\n          h = wh[j];\n          l = wl[j];\n\n          a = l & 0xffff; b = l >>> 16;\n          c = h & 0xffff; d = h >>> 16;\n\n          h = wh[(j+9)%16];\n          l = wl[(j+9)%16];\n\n          a += l & 0xffff; b += l >>> 16;\n          c += h & 0xffff; d += h >>> 16;\n\n          // sigma0\n          th = wh[(j+1)%16];\n          tl = wl[(j+1)%16];\n          h = ((th >>> 1) | (tl << (32-1))) ^ ((th >>> 8) | (tl << (32-8))) ^ (th >>> 7);\n          l = ((tl >>> 1) | (th << (32-1))) ^ ((tl >>> 8) | (th << (32-8))) ^ ((tl >>> 7) | (th << (32-7)));\n\n          a += l & 0xffff; b += l >>> 16;\n          c += h & 0xffff; d += h >>> 16;\n\n          // sigma1\n          th = wh[(j+14)%16];\n          tl = wl[(j+14)%16];\n          h = ((th >>> 19) | (tl << (32-19))) ^ ((tl >>> (61-32)) | (th << (32-(61-32)))) ^ (th >>> 6);\n          l = ((tl >>> 19) | (th << (32-19))) ^ ((th >>> (61-32)) | (tl << (32-(61-32)))) ^ ((tl >>> 6) | (th << (32-6)));\n\n          a += l & 0xffff; b += l >>> 16;\n          c += h & 0xffff; d += h >>> 16;\n\n          b += a >>> 16;\n          c += b >>> 16;\n          d += c >>> 16;\n\n          wh[j] = (c & 0xffff) | (d << 16);\n          wl[j] = (a & 0xffff) | (b << 16);\n        }\n      }\n    }\n\n    // add\n    h = ah0;\n    l = al0;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[0];\n    l = hl[0];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[0] = ah0 = (c & 0xffff) | (d << 16);\n    hl[0] = al0 = (a & 0xffff) | (b << 16);\n\n    h = ah1;\n    l = al1;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[1];\n    l = hl[1];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[1] = ah1 = (c & 0xffff) | (d << 16);\n    hl[1] = al1 = (a & 0xffff) | (b << 16);\n\n    h = ah2;\n    l = al2;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[2];\n    l = hl[2];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[2] = ah2 = (c & 0xffff) | (d << 16);\n    hl[2] = al2 = (a & 0xffff) | (b << 16);\n\n    h = ah3;\n    l = al3;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[3];\n    l = hl[3];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[3] = ah3 = (c & 0xffff) | (d << 16);\n    hl[3] = al3 = (a & 0xffff) | (b << 16);\n\n    h = ah4;\n    l = al4;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[4];\n    l = hl[4];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[4] = ah4 = (c & 0xffff) | (d << 16);\n    hl[4] = al4 = (a & 0xffff) | (b << 16);\n\n    h = ah5;\n    l = al5;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[5];\n    l = hl[5];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[5] = ah5 = (c & 0xffff) | (d << 16);\n    hl[5] = al5 = (a & 0xffff) | (b << 16);\n\n    h = ah6;\n    l = al6;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[6];\n    l = hl[6];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[6] = ah6 = (c & 0xffff) | (d << 16);\n    hl[6] = al6 = (a & 0xffff) | (b << 16);\n\n    h = ah7;\n    l = al7;\n\n    a = l & 0xffff; b = l >>> 16;\n    c = h & 0xffff; d = h >>> 16;\n\n    h = hh[7];\n    l = hl[7];\n\n    a += l & 0xffff; b += l >>> 16;\n    c += h & 0xffff; d += h >>> 16;\n\n    b += a >>> 16;\n    c += b >>> 16;\n    d += c >>> 16;\n\n    hh[7] = ah7 = (c & 0xffff) | (d << 16);\n    hl[7] = al7 = (a & 0xffff) | (b << 16);\n\n    pos += 128;\n    n -= 128;\n  }\n\n  return n;\n}\n\nfunction crypto_hash(out, m, n) {\n  var hh = new Int32Array(8),\n      hl = new Int32Array(8),\n      x = new Uint8Array(256),\n      i, b = n;\n\n  hh[0] = 0x6a09e667;\n  hh[1] = 0xbb67ae85;\n  hh[2] = 0x3c6ef372;\n  hh[3] = 0xa54ff53a;\n  hh[4] = 0x510e527f;\n  hh[5] = 0x9b05688c;\n  hh[6] = 0x1f83d9ab;\n  hh[7] = 0x5be0cd19;\n\n  hl[0] = 0xf3bcc908;\n  hl[1] = 0x84caa73b;\n  hl[2] = 0xfe94f82b;\n  hl[3] = 0x5f1d36f1;\n  hl[4] = 0xade682d1;\n  hl[5] = 0x2b3e6c1f;\n  hl[6] = 0xfb41bd6b;\n  hl[7] = 0x137e2179;\n\n  crypto_hashblocks_hl(hh, hl, m, n);\n  n %= 128;\n\n  for (i = 0; i < n; i++) x[i] = m[b-n+i];\n  x[n] = 128;\n\n  n = 256-128*(n<112?1:0);\n  x[n-9] = 0;\n  ts64(x, n-8,  (b / 0x20000000) | 0, b << 3);\n  crypto_hashblocks_hl(hh, hl, x, n);\n\n  for (i = 0; i < 8; i++) ts64(out, 8*i, hh[i], hl[i]);\n\n  return 0;\n}\n\nfunction add(p, q) {\n  var a = gf(), b = gf(), c = gf(),\n      d = gf(), e = gf(), f = gf(),\n      g = gf(), h = gf(), t = gf();\n\n  Z(a, p[1], p[0]);\n  Z(t, q[1], q[0]);\n  M(a, a, t);\n  A(b, p[0], p[1]);\n  A(t, q[0], q[1]);\n  M(b, b, t);\n  M(c, p[3], q[3]);\n  M(c, c, D2);\n  M(d, p[2], q[2]);\n  A(d, d, d);\n  Z(e, b, a);\n  Z(f, d, c);\n  A(g, d, c);\n  A(h, b, a);\n\n  M(p[0], e, f);\n  M(p[1], h, g);\n  M(p[2], g, f);\n  M(p[3], e, h);\n}\n\nfunction cswap(p, q, b) {\n  var i;\n  for (i = 0; i < 4; i++) {\n    sel25519(p[i], q[i], b);\n  }\n}\n\nfunction pack(r, p) {\n  var tx = gf(), ty = gf(), zi = gf();\n  inv25519(zi, p[2]);\n  M(tx, p[0], zi);\n  M(ty, p[1], zi);\n  pack25519(r, ty);\n  r[31] ^= par25519(tx) << 7;\n}\n\nfunction scalarmult(p, q, s) {\n  var b, i;\n  set25519(p[0], gf0);\n  set25519(p[1], gf1);\n  set25519(p[2], gf1);\n  set25519(p[3], gf0);\n  for (i = 255; i >= 0; --i) {\n    b = (s[(i/8)|0] >> (i&7)) & 1;\n    cswap(p, q, b);\n    add(q, p);\n    add(p, p);\n    cswap(p, q, b);\n  }\n}\n\nfunction scalarbase(p, s) {\n  var q = [gf(), gf(), gf(), gf()];\n  set25519(q[0], X);\n  set25519(q[1], Y);\n  set25519(q[2], gf1);\n  M(q[3], X, Y);\n  scalarmult(p, q, s);\n}\n\nfunction crypto_sign_keypair(pk, sk, seeded) {\n  var d = new Uint8Array(64);\n  var p = [gf(), gf(), gf(), gf()];\n  var i;\n\n  if (!seeded) randombytes(sk, 32);\n  crypto_hash(d, sk, 32);\n  d[0] &= 248;\n  d[31] &= 127;\n  d[31] |= 64;\n\n  scalarbase(p, d);\n  pack(pk, p);\n\n  for (i = 0; i < 32; i++) sk[i+32] = pk[i];\n  return 0;\n}\n\nvar L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]);\n\nfunction modL(r, x) {\n  var carry, i, j, k;\n  for (i = 63; i >= 32; --i) {\n    carry = 0;\n    for (j = i - 32, k = i - 12; j < k; ++j) {\n      x[j] += carry - 16 * x[i] * L[j - (i - 32)];\n      carry = (x[j] + 128) >> 8;\n      x[j] -= carry * 256;\n    }\n    x[j] += carry;\n    x[i] = 0;\n  }\n  carry = 0;\n  for (j = 0; j < 32; j++) {\n    x[j] += carry - (x[31] >> 4) * L[j];\n    carry = x[j] >> 8;\n    x[j] &= 255;\n  }\n  for (j = 0; j < 32; j++) x[j] -= carry * L[j];\n  for (i = 0; i < 32; i++) {\n    x[i+1] += x[i] >> 8;\n    r[i] = x[i] & 255;\n  }\n}\n\nfunction reduce(r) {\n  var x = new Float64Array(64), i;\n  for (i = 0; i < 64; i++) x[i] = r[i];\n  for (i = 0; i < 64; i++) r[i] = 0;\n  modL(r, x);\n}\n\n// Note: difference from C - smlen returned, not passed as argument.\nfunction crypto_sign(sm, m, n, sk) {\n  var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64);\n  var i, j, x = new Float64Array(64);\n  var p = [gf(), gf(), gf(), gf()];\n\n  crypto_hash(d, sk, 32);\n  d[0] &= 248;\n  d[31] &= 127;\n  d[31] |= 64;\n\n  var smlen = n + 64;\n  for (i = 0; i < n; i++) sm[64 + i] = m[i];\n  for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i];\n\n  crypto_hash(r, sm.subarray(32), n+32);\n  reduce(r);\n  scalarbase(p, r);\n  pack(sm, p);\n\n  for (i = 32; i < 64; i++) sm[i] = sk[i];\n  crypto_hash(h, sm, n + 64);\n  reduce(h);\n\n  for (i = 0; i < 64; i++) x[i] = 0;\n  for (i = 0; i < 32; i++) x[i] = r[i];\n  for (i = 0; i < 32; i++) {\n    for (j = 0; j < 32; j++) {\n      x[i+j] += h[i] * d[j];\n    }\n  }\n\n  modL(sm.subarray(32), x);\n  return smlen;\n}\n\nfunction unpackneg(r, p) {\n  var t = gf(), chk = gf(), num = gf(),\n      den = gf(), den2 = gf(), den4 = gf(),\n      den6 = gf();\n\n  set25519(r[2], gf1);\n  unpack25519(r[1], p);\n  S(num, r[1]);\n  M(den, num, D);\n  Z(num, num, r[2]);\n  A(den, r[2], den);\n\n  S(den2, den);\n  S(den4, den2);\n  M(den6, den4, den2);\n  M(t, den6, num);\n  M(t, t, den);\n\n  pow2523(t, t);\n  M(t, t, num);\n  M(t, t, den);\n  M(t, t, den);\n  M(r[0], t, den);\n\n  S(chk, r[0]);\n  M(chk, chk, den);\n  if (neq25519(chk, num)) M(r[0], r[0], I);\n\n  S(chk, r[0]);\n  M(chk, chk, den);\n  if (neq25519(chk, num)) return -1;\n\n  if (par25519(r[0]) === (p[31]>>7)) Z(r[0], gf0, r[0]);\n\n  M(r[3], r[0], r[1]);\n  return 0;\n}\n\nfunction crypto_sign_open(m, sm, n, pk) {\n  var i, mlen;\n  var t = new Uint8Array(32), h = new Uint8Array(64);\n  var p = [gf(), gf(), gf(), gf()],\n      q = [gf(), gf(), gf(), gf()];\n\n  mlen = -1;\n  if (n < 64) return -1;\n\n  if (unpackneg(q, pk)) return -1;\n\n  for (i = 0; i < n; i++) m[i] = sm[i];\n  for (i = 0; i < 32; i++) m[i+32] = pk[i];\n  crypto_hash(h, m, n);\n  reduce(h);\n  scalarmult(p, q, h);\n\n  scalarbase(q, sm.subarray(32));\n  add(p, q);\n  pack(t, p);\n\n  n -= 64;\n  if (crypto_verify_32(sm, 0, t, 0)) {\n    for (i = 0; i < n; i++) m[i] = 0;\n    return -1;\n  }\n\n  for (i = 0; i < n; i++) m[i] = sm[i + 64];\n  mlen = n;\n  return mlen;\n}\n\nvar crypto_secretbox_KEYBYTES = 32,\n    crypto_secretbox_NONCEBYTES = 24,\n    crypto_secretbox_ZEROBYTES = 32,\n    crypto_secretbox_BOXZEROBYTES = 16,\n    crypto_scalarmult_BYTES = 32,\n    crypto_scalarmult_SCALARBYTES = 32,\n    crypto_box_PUBLICKEYBYTES = 32,\n    crypto_box_SECRETKEYBYTES = 32,\n    crypto_box_BEFORENMBYTES = 32,\n    crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES,\n    crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES,\n    crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES,\n    crypto_sign_BYTES = 64,\n    crypto_sign_PUBLICKEYBYTES = 32,\n    crypto_sign_SECRETKEYBYTES = 64,\n    crypto_sign_SEEDBYTES = 32,\n    crypto_hash_BYTES = 64;\n\nnacl.lowlevel = {\n  crypto_core_hsalsa20: crypto_core_hsalsa20,\n  crypto_stream_xor: crypto_stream_xor,\n  crypto_stream: crypto_stream,\n  crypto_stream_salsa20_xor: crypto_stream_salsa20_xor,\n  crypto_stream_salsa20: crypto_stream_salsa20,\n  crypto_onetimeauth: crypto_onetimeauth,\n  crypto_onetimeauth_verify: crypto_onetimeauth_verify,\n  crypto_verify_16: crypto_verify_16,\n  crypto_verify_32: crypto_verify_32,\n  crypto_secretbox: crypto_secretbox,\n  crypto_secretbox_open: crypto_secretbox_open,\n  crypto_scalarmult: crypto_scalarmult,\n  crypto_scalarmult_base: crypto_scalarmult_base,\n  crypto_box_beforenm: crypto_box_beforenm,\n  crypto_box_afternm: crypto_box_afternm,\n  crypto_box: crypto_box,\n  crypto_box_open: crypto_box_open,\n  crypto_box_keypair: crypto_box_keypair,\n  crypto_hash: crypto_hash,\n  crypto_sign: crypto_sign,\n  crypto_sign_keypair: crypto_sign_keypair,\n  crypto_sign_open: crypto_sign_open,\n\n  crypto_secretbox_KEYBYTES: crypto_secretbox_KEYBYTES,\n  crypto_secretbox_NONCEBYTES: crypto_secretbox_NONCEBYTES,\n  crypto_secretbox_ZEROBYTES: crypto_secretbox_ZEROBYTES,\n  crypto_secretbox_BOXZEROBYTES: crypto_secretbox_BOXZEROBYTES,\n  crypto_scalarmult_BYTES: crypto_scalarmult_BYTES,\n  crypto_scalarmult_SCALARBYTES: crypto_scalarmult_SCALARBYTES,\n  crypto_box_PUBLICKEYBYTES: crypto_box_PUBLICKEYBYTES,\n  crypto_box_SECRETKEYBYTES: crypto_box_SECRETKEYBYTES,\n  crypto_box_BEFORENMBYTES: crypto_box_BEFORENMBYTES,\n  crypto_box_NONCEBYTES: crypto_box_NONCEBYTES,\n  crypto_box_ZEROBYTES: crypto_box_ZEROBYTES,\n  crypto_box_BOXZEROBYTES: crypto_box_BOXZEROBYTES,\n  crypto_sign_BYTES: crypto_sign_BYTES,\n  crypto_sign_PUBLICKEYBYTES: crypto_sign_PUBLICKEYBYTES,\n  crypto_sign_SECRETKEYBYTES: crypto_sign_SECRETKEYBYTES,\n  crypto_sign_SEEDBYTES: crypto_sign_SEEDBYTES,\n  crypto_hash_BYTES: crypto_hash_BYTES\n};\n\n/* High-level API */\n\nfunction checkLengths(k, n) {\n  if (k.length !== crypto_secretbox_KEYBYTES) throw new Error('bad key size');\n  if (n.length !== crypto_secretbox_NONCEBYTES) throw new Error('bad nonce size');\n}\n\nfunction checkBoxLengths(pk, sk) {\n  if (pk.length !== crypto_box_PUBLICKEYBYTES) throw new Error('bad public key size');\n  if (sk.length !== crypto_box_SECRETKEYBYTES) throw new Error('bad secret key size');\n}\n\nfunction checkArrayTypes() {\n  var t, i;\n  for (i = 0; i < arguments.length; i++) {\n     if ((t = Object.prototype.toString.call(arguments[i])) !== '[object Uint8Array]')\n       throw new TypeError('unexpected type ' + t + ', use Uint8Array');\n  }\n}\n\nfunction cleanup(arr) {\n  for (var i = 0; i < arr.length; i++) arr[i] = 0;\n}\n\n// TODO: Completely remove this in v0.15.\nif (!nacl.util) {\n  nacl.util = {};\n  nacl.util.decodeUTF8 = nacl.util.encodeUTF8 = nacl.util.encodeBase64 = nacl.util.decodeBase64 = function() {\n    throw new Error('nacl.util moved into separate package: https://github.com/dchest/tweetnacl-util-js');\n  };\n}\n\nnacl.randomBytes = function(n) {\n  var b = new Uint8Array(n);\n  randombytes(b, n);\n  return b;\n};\n\nnacl.secretbox = function(msg, nonce, key) {\n  checkArrayTypes(msg, nonce, key);\n  checkLengths(key, nonce);\n  var m = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.length);\n  var c = new Uint8Array(m.length);\n  for (var i = 0; i < msg.length; i++) m[i+crypto_secretbox_ZEROBYTES] = msg[i];\n  crypto_secretbox(c, m, m.length, nonce, key);\n  return c.subarray(crypto_secretbox_BOXZEROBYTES);\n};\n\nnacl.secretbox.open = function(box, nonce, key) {\n  checkArrayTypes(box, nonce, key);\n  checkLengths(key, nonce);\n  var c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.length);\n  var m = new Uint8Array(c.length);\n  for (var i = 0; i < box.length; i++) c[i+crypto_secretbox_BOXZEROBYTES] = box[i];\n  if (c.length < 32) return false;\n  if (crypto_secretbox_open(m, c, c.length, nonce, key) !== 0) return false;\n  return m.subarray(crypto_secretbox_ZEROBYTES);\n};\n\nnacl.secretbox.keyLength = crypto_secretbox_KEYBYTES;\nnacl.secretbox.nonceLength = crypto_secretbox_NONCEBYTES;\nnacl.secretbox.overheadLength = crypto_secretbox_BOXZEROBYTES;\n\nnacl.scalarMult = function(n, p) {\n  checkArrayTypes(n, p);\n  if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');\n  if (p.length !== crypto_scalarmult_BYTES) throw new Error('bad p size');\n  var q = new Uint8Array(crypto_scalarmult_BYTES);\n  crypto_scalarmult(q, n, p);\n  return q;\n};\n\nnacl.scalarMult.base = function(n) {\n  checkArrayTypes(n);\n  if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');\n  var q = new Uint8Array(crypto_scalarmult_BYTES);\n  crypto_scalarmult_base(q, n);\n  return q;\n};\n\nnacl.scalarMult.scalarLength = crypto_scalarmult_SCALARBYTES;\nnacl.scalarMult.groupElementLength = crypto_scalarmult_BYTES;\n\nnacl.box = function(msg, nonce, publicKey, secretKey) {\n  var k = nacl.box.before(publicKey, secretKey);\n  return nacl.secretbox(msg, nonce, k);\n};\n\nnacl.box.before = function(publicKey, secretKey) {\n  checkArrayTypes(publicKey, secretKey);\n  checkBoxLengths(publicKey, secretKey);\n  var k = new Uint8Array(crypto_box_BEFORENMBYTES);\n  crypto_box_beforenm(k, publicKey, secretKey);\n  return k;\n};\n\nnacl.box.after = nacl.secretbox;\n\nnacl.box.open = function(msg, nonce, publicKey, secretKey) {\n  var k = nacl.box.before(publicKey, secretKey);\n  return nacl.secretbox.open(msg, nonce, k);\n};\n\nnacl.box.open.after = nacl.secretbox.open;\n\nnacl.box.keyPair = function() {\n  var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);\n  var sk = new Uint8Array(crypto_box_SECRETKEYBYTES);\n  crypto_box_keypair(pk, sk);\n  return {publicKey: pk, secretKey: sk};\n};\n\nnacl.box.keyPair.fromSecretKey = function(secretKey) {\n  checkArrayTypes(secretKey);\n  if (secretKey.length !== crypto_box_SECRETKEYBYTES)\n    throw new Error('bad secret key size');\n  var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);\n  crypto_scalarmult_base(pk, secretKey);\n  return {publicKey: pk, secretKey: new Uint8Array(secretKey)};\n};\n\nnacl.box.publicKeyLength = crypto_box_PUBLICKEYBYTES;\nnacl.box.secretKeyLength = crypto_box_SECRETKEYBYTES;\nnacl.box.sharedKeyLength = crypto_box_BEFORENMBYTES;\nnacl.box.nonceLength = crypto_box_NONCEBYTES;\nnacl.box.overheadLength = nacl.secretbox.overheadLength;\n\nnacl.sign = function(msg, secretKey) {\n  checkArrayTypes(msg, secretKey);\n  if (secretKey.length !== crypto_sign_SECRETKEYBYTES)\n    throw new Error('bad secret key size');\n  var signedMsg = new Uint8Array(crypto_sign_BYTES+msg.length);\n  crypto_sign(signedMsg, msg, msg.length, secretKey);\n  return signedMsg;\n};\n\nnacl.sign.open = function(signedMsg, publicKey) {\n  if (arguments.length !== 2)\n    throw new Error('nacl.sign.open accepts 2 arguments; did you mean to use nacl.sign.detached.verify?');\n  checkArrayTypes(signedMsg, publicKey);\n  if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)\n    throw new Error('bad public key size');\n  var tmp = new Uint8Array(signedMsg.length);\n  var mlen = crypto_sign_open(tmp, signedMsg, signedMsg.length, publicKey);\n  if (mlen < 0) return null;\n  var m = new Uint8Array(mlen);\n  for (var i = 0; i < m.length; i++) m[i] = tmp[i];\n  return m;\n};\n\nnacl.sign.detached = function(msg, secretKey) {\n  var signedMsg = nacl.sign(msg, secretKey);\n  var sig = new Uint8Array(crypto_sign_BYTES);\n  for (var i = 0; i < sig.length; i++) sig[i] = signedMsg[i];\n  return sig;\n};\n\nnacl.sign.detached.verify = function(msg, sig, publicKey) {\n  checkArrayTypes(msg, sig, publicKey);\n  if (sig.length !== crypto_sign_BYTES)\n    throw new Error('bad signature size');\n  if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)\n    throw new Error('bad public key size');\n  var sm = new Uint8Array(crypto_sign_BYTES + msg.length);\n  var m = new Uint8Array(crypto_sign_BYTES + msg.length);\n  var i;\n  for (i = 0; i < crypto_sign_BYTES; i++) sm[i] = sig[i];\n  for (i = 0; i < msg.length; i++) sm[i+crypto_sign_BYTES] = msg[i];\n  return (crypto_sign_open(m, sm, sm.length, publicKey) >= 0);\n};\n\nnacl.sign.keyPair = function() {\n  var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n  var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);\n  crypto_sign_keypair(pk, sk);\n  return {publicKey: pk, secretKey: sk};\n};\n\nnacl.sign.keyPair.fromSecretKey = function(secretKey) {\n  checkArrayTypes(secretKey);\n  if (secretKey.length !== crypto_sign_SECRETKEYBYTES)\n    throw new Error('bad secret key size');\n  var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n  for (var i = 0; i < pk.length; i++) pk[i] = secretKey[32+i];\n  return {publicKey: pk, secretKey: new Uint8Array(secretKey)};\n};\n\nnacl.sign.keyPair.fromSeed = function(seed) {\n  checkArrayTypes(seed);\n  if (seed.length !== crypto_sign_SEEDBYTES)\n    throw new Error('bad seed size');\n  var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);\n  var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);\n  for (var i = 0; i < 32; i++) sk[i] = seed[i];\n  crypto_sign_keypair(pk, sk, true);\n  return {publicKey: pk, secretKey: sk};\n};\n\nnacl.sign.publicKeyLength = crypto_sign_PUBLICKEYBYTES;\nnacl.sign.secretKeyLength = crypto_sign_SECRETKEYBYTES;\nnacl.sign.seedLength = crypto_sign_SEEDBYTES;\nnacl.sign.signatureLength = crypto_sign_BYTES;\n\nnacl.hash = function(msg) {\n  checkArrayTypes(msg);\n  var h = new Uint8Array(crypto_hash_BYTES);\n  crypto_hash(h, msg, msg.length);\n  return h;\n};\n\nnacl.hash.hashLength = crypto_hash_BYTES;\n\nnacl.verify = function(x, y) {\n  checkArrayTypes(x, y);\n  // Zero length arguments are considered not equal.\n  if (x.length === 0 || y.length === 0) return false;\n  if (x.length !== y.length) return false;\n  return (vn(x, 0, y, 0, x.length) === 0) ? true : false;\n};\n\nnacl.setPRNG = function(fn) {\n  randombytes = fn;\n};\n\n(function() {\n  // Initialize PRNG if environment provides CSPRNG.\n  // If not, methods calling randombytes will throw.\n  var crypto = typeof self !== 'undefined' ? (self.crypto || self.msCrypto) : null;\n  if (crypto && crypto.getRandomValues) {\n    // Browsers.\n    var QUOTA = 65536;\n    nacl.setPRNG(function(x, n) {\n      var i, v = new Uint8Array(n);\n      for (i = 0; i < n; i += QUOTA) {\n        crypto.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));\n      }\n      for (i = 0; i < n; i++) x[i] = v[i];\n      cleanup(v);\n    });\n  } else if (typeof require !== 'undefined') {\n    // Node.js.\n    crypto = require('crypto');\n    if (crypto && crypto.randomBytes) {\n      nacl.setPRNG(function(x, n) {\n        var i, v = crypto.randomBytes(n);\n        for (i = 0; i < n; i++) x[i] = v[i];\n        cleanup(v);\n      });\n    }\n  }\n})();\n\n})(typeof module !== 'undefined' && module.exports ? module.exports : (self.nacl = self.nacl || {}));\n","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nObject.defineProperty(exports, \"v1\", {\n  enumerable: true,\n  get: function () {\n    return _v.default;\n  }\n});\nObject.defineProperty(exports, \"v3\", {\n  enumerable: true,\n  get: function () {\n    return _v2.default;\n  }\n});\nObject.defineProperty(exports, \"v4\", {\n  enumerable: true,\n  get: function () {\n    return _v3.default;\n  }\n});\nObject.defineProperty(exports, \"v5\", {\n  enumerable: true,\n  get: function () {\n    return _v4.default;\n  }\n});\nObject.defineProperty(exports, \"NIL\", {\n  enumerable: true,\n  get: function () {\n    return _nil.default;\n  }\n});\nObject.defineProperty(exports, \"version\", {\n  enumerable: true,\n  get: function () {\n    return _version.default;\n  }\n});\nObject.defineProperty(exports, \"validate\", {\n  enumerable: true,\n  get: function () {\n    return _validate.default;\n  }\n});\nObject.defineProperty(exports, \"stringify\", {\n  enumerable: true,\n  get: function () {\n    return _stringify.default;\n  }\n});\nObject.defineProperty(exports, \"parse\", {\n  enumerable: true,\n  get: function () {\n    return _parse.default;\n  }\n});\n\nvar _v = _interopRequireDefault(require(\"./v1.js\"));\n\nvar _v2 = _interopRequireDefault(require(\"./v3.js\"));\n\nvar _v3 = _interopRequireDefault(require(\"./v4.js\"));\n\nvar _v4 = _interopRequireDefault(require(\"./v5.js\"));\n\nvar _nil = _interopRequireDefault(require(\"./nil.js\"));\n\nvar _version = _interopRequireDefault(require(\"./version.js\"));\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nvar _parse = _interopRequireDefault(require(\"./parse.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _crypto = _interopRequireDefault(require(\"crypto\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction md5(bytes) {\n  if (Array.isArray(bytes)) {\n    bytes = Buffer.from(bytes);\n  } else if (typeof bytes === 'string') {\n    bytes = Buffer.from(bytes, 'utf8');\n  }\n\n  return _crypto.default.createHash('md5').update(bytes).digest();\n}\n\nvar _default = md5;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\nvar _default = '00000000-0000-0000-0000-000000000000';\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction parse(uuid) {\n  if (!(0, _validate.default)(uuid)) {\n    throw TypeError('Invalid UUID');\n  }\n\n  let v;\n  const arr = new Uint8Array(16); // Parse ########-....-....-....-............\n\n  arr[0] = (v = parseInt(uuid.slice(0, 8), 16)) >>> 24;\n  arr[1] = v >>> 16 & 0xff;\n  arr[2] = v >>> 8 & 0xff;\n  arr[3] = v & 0xff; // Parse ........-####-....-....-............\n\n  arr[4] = (v = parseInt(uuid.slice(9, 13), 16)) >>> 8;\n  arr[5] = v & 0xff; // Parse ........-....-####-....-............\n\n  arr[6] = (v = parseInt(uuid.slice(14, 18), 16)) >>> 8;\n  arr[7] = v & 0xff; // Parse ........-....-....-####-............\n\n  arr[8] = (v = parseInt(uuid.slice(19, 23), 16)) >>> 8;\n  arr[9] = v & 0xff; // Parse ........-....-....-....-############\n  // (Use \"/\" to avoid 32-bit truncation when bit-shifting high-order bytes)\n\n  arr[10] = (v = parseInt(uuid.slice(24, 36), 16)) / 0x10000000000 & 0xff;\n  arr[11] = v / 0x100000000 & 0xff;\n  arr[12] = v >>> 24 & 0xff;\n  arr[13] = v >>> 16 & 0xff;\n  arr[14] = v >>> 8 & 0xff;\n  arr[15] = v & 0xff;\n  return arr;\n}\n\nvar _default = parse;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\nvar _default = /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000)$/i;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = rng;\n\nvar _crypto = _interopRequireDefault(require(\"crypto\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nconst rnds8Pool = new Uint8Array(256); // # of random values to pre-allocate\n\nlet poolPtr = rnds8Pool.length;\n\nfunction rng() {\n  if (poolPtr > rnds8Pool.length - 16) {\n    _crypto.default.randomFillSync(rnds8Pool);\n\n    poolPtr = 0;\n  }\n\n  return rnds8Pool.slice(poolPtr, poolPtr += 16);\n}","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _crypto = _interopRequireDefault(require(\"crypto\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction sha1(bytes) {\n  if (Array.isArray(bytes)) {\n    bytes = Buffer.from(bytes);\n  } else if (typeof bytes === 'string') {\n    bytes = Buffer.from(bytes, 'utf8');\n  }\n\n  return _crypto.default.createHash('sha1').update(bytes).digest();\n}\n\nvar _default = sha1;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n/**\n * Convert array of 16 byte values to UUID string format of the form:\n * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\n */\nconst byteToHex = [];\n\nfor (let i = 0; i < 256; ++i) {\n  byteToHex.push((i + 0x100).toString(16).substr(1));\n}\n\nfunction stringify(arr, offset = 0) {\n  // Note: Be careful editing this code!  It's been tuned for performance\n  // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434\n  const uuid = (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase(); // Consistency check for valid UUID.  If this throws, it's likely due to one\n  // of the following:\n  // - One or more input array values don't map to a hex octet (leading to\n  // \"undefined\" in the uuid)\n  // - Invalid input values for the RFC `version` or `variant` fields\n\n  if (!(0, _validate.default)(uuid)) {\n    throw TypeError('Stringified UUID is invalid');\n  }\n\n  return uuid;\n}\n\nvar _default = stringify;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _rng = _interopRequireDefault(require(\"./rng.js\"));\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n// **`v1()` - Generate time-based UUID**\n//\n// Inspired by https://github.com/LiosK/UUID.js\n// and http://docs.python.org/library/uuid.html\nlet _nodeId;\n\nlet _clockseq; // Previous uuid creation time\n\n\nlet _lastMSecs = 0;\nlet _lastNSecs = 0; // See https://github.com/uuidjs/uuid for API details\n\nfunction v1(options, buf, offset) {\n  let i = buf && offset || 0;\n  const b = buf || new Array(16);\n  options = options || {};\n  let node = options.node || _nodeId;\n  let clockseq = options.clockseq !== undefined ? options.clockseq : _clockseq; // node and clockseq need to be initialized to random values if they're not\n  // specified.  We do this lazily to minimize issues related to insufficient\n  // system entropy.  See #189\n\n  if (node == null || clockseq == null) {\n    const seedBytes = options.random || (options.rng || _rng.default)();\n\n    if (node == null) {\n      // Per 4.5, create and 48-bit node id, (47 random bits + multicast bit = 1)\n      node = _nodeId = [seedBytes[0] | 0x01, seedBytes[1], seedBytes[2], seedBytes[3], seedBytes[4], seedBytes[5]];\n    }\n\n    if (clockseq == null) {\n      // Per 4.2.2, randomize (14 bit) clockseq\n      clockseq = _clockseq = (seedBytes[6] << 8 | seedBytes[7]) & 0x3fff;\n    }\n  } // UUID timestamps are 100 nano-second units since the Gregorian epoch,\n  // (1582-10-15 00:00).  JSNumbers aren't precise enough for this, so\n  // time is handled internally as 'msecs' (integer milliseconds) and 'nsecs'\n  // (100-nanoseconds offset from msecs) since unix epoch, 1970-01-01 00:00.\n\n\n  let msecs = options.msecs !== undefined ? options.msecs : Date.now(); // Per 4.2.1.2, use count of uuid's generated during the current clock\n  // cycle to simulate higher resolution clock\n\n  let nsecs = options.nsecs !== undefined ? options.nsecs : _lastNSecs + 1; // Time since last uuid creation (in msecs)\n\n  const dt = msecs - _lastMSecs + (nsecs - _lastNSecs) / 10000; // Per 4.2.1.2, Bump clockseq on clock regression\n\n  if (dt < 0 && options.clockseq === undefined) {\n    clockseq = clockseq + 1 & 0x3fff;\n  } // Reset nsecs if clock regresses (new clockseq) or we've moved onto a new\n  // time interval\n\n\n  if ((dt < 0 || msecs > _lastMSecs) && options.nsecs === undefined) {\n    nsecs = 0;\n  } // Per 4.2.1.2 Throw error if too many uuids are requested\n\n\n  if (nsecs >= 10000) {\n    throw new Error(\"uuid.v1(): Can't create more than 10M uuids/sec\");\n  }\n\n  _lastMSecs = msecs;\n  _lastNSecs = nsecs;\n  _clockseq = clockseq; // Per 4.1.4 - Convert from unix epoch to Gregorian epoch\n\n  msecs += 12219292800000; // `time_low`\n\n  const tl = ((msecs & 0xfffffff) * 10000 + nsecs) % 0x100000000;\n  b[i++] = tl >>> 24 & 0xff;\n  b[i++] = tl >>> 16 & 0xff;\n  b[i++] = tl >>> 8 & 0xff;\n  b[i++] = tl & 0xff; // `time_mid`\n\n  const tmh = msecs / 0x100000000 * 10000 & 0xfffffff;\n  b[i++] = tmh >>> 8 & 0xff;\n  b[i++] = tmh & 0xff; // `time_high_and_version`\n\n  b[i++] = tmh >>> 24 & 0xf | 0x10; // include version\n\n  b[i++] = tmh >>> 16 & 0xff; // `clock_seq_hi_and_reserved` (Per 4.2.2 - include variant)\n\n  b[i++] = clockseq >>> 8 | 0x80; // `clock_seq_low`\n\n  b[i++] = clockseq & 0xff; // `node`\n\n  for (let n = 0; n < 6; ++n) {\n    b[i + n] = node[n];\n  }\n\n  return buf || (0, _stringify.default)(b);\n}\n\nvar _default = v1;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _v = _interopRequireDefault(require(\"./v35.js\"));\n\nvar _md = _interopRequireDefault(require(\"./md5.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nconst v3 = (0, _v.default)('v3', 0x30, _md.default);\nvar _default = v3;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = _default;\nexports.URL = exports.DNS = void 0;\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nvar _parse = _interopRequireDefault(require(\"./parse.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction stringToBytes(str) {\n  str = unescape(encodeURIComponent(str)); // UTF8 escape\n\n  const bytes = [];\n\n  for (let i = 0; i < str.length; ++i) {\n    bytes.push(str.charCodeAt(i));\n  }\n\n  return bytes;\n}\n\nconst DNS = '6ba7b810-9dad-11d1-80b4-00c04fd430c8';\nexports.DNS = DNS;\nconst URL = '6ba7b811-9dad-11d1-80b4-00c04fd430c8';\nexports.URL = URL;\n\nfunction _default(name, version, hashfunc) {\n  function generateUUID(value, namespace, buf, offset) {\n    if (typeof value === 'string') {\n      value = stringToBytes(value);\n    }\n\n    if (typeof namespace === 'string') {\n      namespace = (0, _parse.default)(namespace);\n    }\n\n    if (namespace.length !== 16) {\n      throw TypeError('Namespace must be array-like (16 iterable integer values, 0-255)');\n    } // Compute hash of namespace and value, Per 4.3\n    // Future: Use spread syntax when supported on all platforms, e.g. `bytes =\n    // hashfunc([...namespace, ... value])`\n\n\n    let bytes = new Uint8Array(16 + value.length);\n    bytes.set(namespace);\n    bytes.set(value, namespace.length);\n    bytes = hashfunc(bytes);\n    bytes[6] = bytes[6] & 0x0f | version;\n    bytes[8] = bytes[8] & 0x3f | 0x80;\n\n    if (buf) {\n      offset = offset || 0;\n\n      for (let i = 0; i < 16; ++i) {\n        buf[offset + i] = bytes[i];\n      }\n\n      return buf;\n    }\n\n    return (0, _stringify.default)(bytes);\n  } // Function#name is not settable on some platforms (#270)\n\n\n  try {\n    generateUUID.name = name; // eslint-disable-next-line no-empty\n  } catch (err) {} // For CommonJS default export support\n\n\n  generateUUID.DNS = DNS;\n  generateUUID.URL = URL;\n  return generateUUID;\n}","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _rng = _interopRequireDefault(require(\"./rng.js\"));\n\nvar _stringify = _interopRequireDefault(require(\"./stringify.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction v4(options, buf, offset) {\n  options = options || {};\n\n  const rnds = options.random || (options.rng || _rng.default)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`\n\n\n  rnds[6] = rnds[6] & 0x0f | 0x40;\n  rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided\n\n  if (buf) {\n    offset = offset || 0;\n\n    for (let i = 0; i < 16; ++i) {\n      buf[offset + i] = rnds[i];\n    }\n\n    return buf;\n  }\n\n  return (0, _stringify.default)(rnds);\n}\n\nvar _default = v4;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _v = _interopRequireDefault(require(\"./v35.js\"));\n\nvar _sha = _interopRequireDefault(require(\"./sha1.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nconst v5 = (0, _v.default)('v5', 0x50, _sha.default);\nvar _default = v5;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _regex = _interopRequireDefault(require(\"./regex.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction validate(uuid) {\n  return typeof uuid === 'string' && _regex.default.test(uuid);\n}\n\nvar _default = validate;\nexports.default = _default;","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n  value: true\n});\nexports.default = void 0;\n\nvar _validate = _interopRequireDefault(require(\"./validate.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction version(uuid) {\n  if (!(0, _validate.default)(uuid)) {\n    throw TypeError('Invalid UUID');\n  }\n\n  return parseInt(uuid.substr(14, 1), 16);\n}\n\nvar _default = version;\nexports.default = _default;","module.exports = __non_webpack_require__(__webpack_require__.ab + \"build/Release/cpufeatures.node\")","module.exports = __non_webpack_require__(__webpack_require__.ab + \"lib/protocol/crypto/build/Release/sshcrypto.node\")","module.exports = require(\"assert\");","module.exports = require(\"buffer\");","module.exports = require(\"child_process\");","module.exports = require(\"crypto\");","module.exports = require(\"dns\");","module.exports = require(\"events\");","module.exports = require(\"fs\");","module.exports = require(\"http\");","module.exports = require(\"https\");","module.exports = require(\"net\");","module.exports = require(\"os\");","module.exports = require(\"path\");","module.exports = require(\"stream\");","module.exports = require(\"tls\");","module.exports = require(\"util\");","module.exports = require(\"zlib\");","\"use strict\";\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\n}) : (function(o, m, k, k2) {\n    if (k2 === undefined) k2 = k;\n    o[k2] = m[k];\n}));\nvar __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {\n    Object.defineProperty(o, \"default\", { enumerable: true, value: v });\n}) : function(o, v) {\n    o[\"default\"] = v;\n});\nvar __importStar = (this && this.__importStar) || function (mod) {\n    if (mod && mod.__esModule) return mod;\n    var result = {};\n    if (mod != null) for (var k in mod) if (k !== \"default\" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);\n    __setModuleDefault(result, mod);\n    return result;\n};\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n    return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.NodeSSH = exports.SSHError = void 0;\nconst fs_1 = __importDefault(require(\"fs\"));\nconst path_1 = __importDefault(require(\"path\"));\nconst make_dir_1 = __importDefault(require(\"make-dir\"));\nconst is_stream_1 = __importDefault(require(\"is-stream\"));\nconst shell_escape_1 = __importDefault(require(\"shell-escape\"));\nconst sb_scandir_1 = __importDefault(require(\"sb-scandir\"));\nconst sb_promise_queue_1 = require(\"sb-promise-queue\");\nconst assert_1 = __importStar(require(\"assert\"));\nconst ssh2_1 = __importDefault(require(\"ssh2\"));\nconst DEFAULT_CONCURRENCY = 1;\nconst DEFAULT_VALIDATE = (path) => !path_1.default.basename(path).startsWith('.');\nconst DEFAULT_TICK = () => {\n    /* No Op */\n};\nclass SSHError extends Error {\n    constructor(message, code = null) {\n        super(message);\n        this.code = code;\n    }\n}\nexports.SSHError = SSHError;\nfunction unixifyPath(path) {\n    if (path.includes('\\\\')) {\n        return path.split('\\\\').join('/');\n    }\n    return path;\n}\nasync function readFile(filePath) {\n    return new Promise((resolve, reject) => {\n        fs_1.default.readFile(filePath, 'utf8', (err, res) => {\n            if (err) {\n                reject(err);\n            }\n            else {\n                resolve(res);\n            }\n        });\n    });\n}\nconst SFTP_MKDIR_ERR_CODE_REGEXP = /Error: (E[\\S]+): /;\nasync function makeDirectoryWithSftp(path, sftp) {\n    let stats = null;\n    try {\n        stats = await new Promise((resolve, reject) => {\n            sftp.stat(path, (err, res) => {\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            });\n        });\n    }\n    catch (_) {\n        /* No Op */\n    }\n    if (stats) {\n        if (stats.isDirectory()) {\n            // Already exists, nothing to worry about\n            return;\n        }\n        throw new Error('mkdir() failed, target already exists and is not a directory');\n    }\n    try {\n        await new Promise((resolve, reject) => {\n            sftp.mkdir(path, (err) => {\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve();\n                }\n            });\n        });\n    }\n    catch (err) {\n        if (err != null && typeof err.stack === 'string') {\n            const matches = SFTP_MKDIR_ERR_CODE_REGEXP.exec(err.stack);\n            if (matches != null) {\n                throw new SSHError(err.message, matches[1]);\n            }\n            throw err;\n        }\n    }\n}\nclass NodeSSH {\n    constructor() {\n        this.connection = null;\n    }\n    getConnection() {\n        const { connection } = this;\n        if (connection == null) {\n            throw new Error('Not connected to server');\n        }\n        return connection;\n    }\n    async connect(givenConfig) {\n        assert_1.default(givenConfig != null && typeof givenConfig === 'object', 'config must be a valid object');\n        const config = { ...givenConfig };\n        assert_1.default(config.username != null && typeof config.username === 'string', 'config.username must be a valid string');\n        if (config.host != null) {\n            assert_1.default(typeof config.host === 'string', 'config.host must be a valid string');\n        }\n        else if (config.sock != null) {\n            assert_1.default(typeof config.sock === 'object', 'config.sock must be a valid object');\n        }\n        else {\n            throw new assert_1.AssertionError({ message: 'Either config.host or config.sock must be provided' });\n        }\n        if (config.privateKey != null || config.privateKeyPath != null) {\n            if (config.privateKey != null) {\n                assert_1.default(typeof config.privateKey === 'string', 'config.privateKey must be a valid string');\n                assert_1.default(config.privateKeyPath == null, 'config.privateKeyPath must not be specified when config.privateKey is specified');\n            }\n            else if (config.privateKeyPath != null) {\n                assert_1.default(typeof config.privateKeyPath === 'string', 'config.privateKeyPath must be a valid string');\n                assert_1.default(config.privateKey == null, 'config.privateKey must not be specified when config.privateKeyPath is specified');\n            }\n            assert_1.default(config.passphrase == null || typeof config.passphrase === 'string', 'config.passphrase must be null or a valid string');\n            if (config.privateKeyPath != null) {\n                // Must be an fs path\n                try {\n                    config.privateKey = await readFile(config.privateKeyPath);\n                }\n                catch (err) {\n                    if (err != null && err.code === 'ENOENT') {\n                        throw new assert_1.AssertionError({ message: 'config.privateKeyPath does not exist at given fs path' });\n                    }\n                    throw err;\n                }\n            }\n        }\n        else if (config.password != null) {\n            assert_1.default(typeof config.password === 'string', 'config.password must be a valid string');\n        }\n        if (config.tryKeyboard != null) {\n            assert_1.default(typeof config.tryKeyboard === 'boolean', 'config.tryKeyboard must be a valid boolean');\n        }\n        if (config.tryKeyboard) {\n            const { password } = config;\n            if (config.onKeyboardInteractive != null) {\n                assert_1.default(typeof config.onKeyboardInteractive === 'function', 'config.onKeyboardInteractive must be a valid function');\n            }\n            else if (password != null) {\n                config.onKeyboardInteractive = (name, instructions, instructionsLang, prompts, finish) => {\n                    if (prompts.length > 0 && prompts[0].prompt.toLowerCase().includes('password')) {\n                        finish([password]);\n                    }\n                };\n            }\n        }\n        const connection = new ssh2_1.default.Client();\n        this.connection = connection;\n        await new Promise((resolve, reject) => {\n            connection.on('error', reject);\n            if (config.onKeyboardInteractive) {\n                connection.on('keyboard-interactive', config.onKeyboardInteractive);\n            }\n            connection.on('ready', () => {\n                connection.removeListener('error', reject);\n                resolve();\n            });\n            connection.on('end', () => {\n                if (this.connection === connection) {\n                    this.connection = null;\n                }\n            });\n            connection.on('close', () => {\n                if (this.connection === connection) {\n                    this.connection = null;\n                }\n                reject(new SSHError('No response from server', 'ETIMEDOUT'));\n            });\n            connection.connect(config);\n        });\n        return this;\n    }\n    isConnected() {\n        return this.connection != null;\n    }\n    async requestShell(options) {\n        const connection = this.getConnection();\n        return new Promise((resolve, reject) => {\n            connection.on('error', reject);\n            const callback = (err, res) => {\n                connection.removeListener('error', reject);\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            };\n            if (options == null) {\n                connection.shell(callback);\n            }\n            else {\n                connection.shell(options, callback);\n            }\n        });\n    }\n    async withShell(callback, options) {\n        assert_1.default(typeof callback === 'function', 'callback must be a valid function');\n        const shell = await this.requestShell(options);\n        try {\n            await callback(shell);\n        }\n        finally {\n            // Try to close gracefully\n            if (!shell.close()) {\n                // Destroy local socket if it doesn't work\n                shell.destroy();\n            }\n        }\n    }\n    async requestSFTP() {\n        const connection = this.getConnection();\n        return new Promise((resolve, reject) => {\n            connection.on('error', reject);\n            connection.sftp((err, res) => {\n                connection.removeListener('error', reject);\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            });\n        });\n    }\n    async withSFTP(callback) {\n        assert_1.default(typeof callback === 'function', 'callback must be a valid function');\n        const sftp = await this.requestSFTP();\n        try {\n            await callback(sftp);\n        }\n        finally {\n            sftp.end();\n        }\n    }\n    async execCommand(givenCommand, options = {}) {\n        assert_1.default(typeof givenCommand === 'string', 'command must be a valid string');\n        assert_1.default(options != null && typeof options === 'object', 'options must be a valid object');\n        assert_1.default(options.cwd == null || typeof options.cwd === 'string', 'options.cwd must be a valid string');\n        assert_1.default(options.stdin == null || typeof options.stdin === 'string' || is_stream_1.default.readable(options.stdin), 'options.stdin must be a valid string or readable stream');\n        assert_1.default(options.execOptions == null || typeof options.execOptions === 'object', 'options.execOptions must be a valid object');\n        assert_1.default(options.encoding == null || typeof options.encoding === 'string', 'options.encoding must be a valid string');\n        assert_1.default(options.onChannel == null || typeof options.onChannel === 'function', 'options.onChannel must be a valid function');\n        assert_1.default(options.onStdout == null || typeof options.onStdout === 'function', 'options.onStdout must be a valid function');\n        assert_1.default(options.onStderr == null || typeof options.onStderr === 'function', 'options.onStderr must be a valid function');\n        let command = givenCommand;\n        if (options.cwd) {\n            command = `cd ${shell_escape_1.default([options.cwd])} ; ${command}`;\n        }\n        const connection = this.getConnection();\n        const output = { stdout: [], stderr: [] };\n        return new Promise((resolve, reject) => {\n            connection.on('error', reject);\n            connection.exec(command, options.execOptions != null ? options.execOptions : {}, (err, channel) => {\n                connection.removeListener('error', reject);\n                if (err) {\n                    reject(err);\n                    return;\n                }\n                if (options.onChannel) {\n                    options.onChannel(channel);\n                }\n                channel.on('data', (chunk) => {\n                    if (options.onStdout)\n                        options.onStdout(chunk);\n                    output.stdout.push(chunk.toString(options.encoding));\n                });\n                channel.stderr.on('data', (chunk) => {\n                    if (options.onStderr)\n                        options.onStderr(chunk);\n                    output.stderr.push(chunk.toString(options.encoding));\n                });\n                if (options.stdin != null) {\n                    if (is_stream_1.default.readable(options.stdin)) {\n                        options.stdin.pipe(channel, {\n                            end: true,\n                        });\n                    }\n                    else {\n                        channel.write(options.stdin);\n                        channel.end();\n                    }\n                }\n                else {\n                    channel.end();\n                }\n                let code = null;\n                let signal = null;\n                channel.on('exit', (code_, signal_) => {\n                    code = code_ !== null && code_ !== void 0 ? code_ : null;\n                    signal = signal_ !== null && signal_ !== void 0 ? signal_ : null;\n                });\n                channel.on('close', () => {\n                    resolve({\n                        code: code != null ? code : null,\n                        signal: signal != null ? signal : null,\n                        stdout: output.stdout.join('').trim(),\n                        stderr: output.stderr.join('').trim(),\n                    });\n                });\n            });\n        });\n    }\n    async exec(command, parameters, options = {}) {\n        assert_1.default(typeof command === 'string', 'command must be a valid string');\n        assert_1.default(Array.isArray(parameters), 'parameters must be a valid array');\n        assert_1.default(options != null && typeof options === 'object', 'options must be a valid object');\n        assert_1.default(options.stream == null || ['both', 'stdout', 'stderr'].includes(options.stream), 'options.stream must be one of both, stdout, stderr');\n        for (let i = 0, { length } = parameters; i < length; i += 1) {\n            assert_1.default(typeof parameters[i] === 'string', `parameters[${i}] must be a valid string`);\n        }\n        const completeCommand = `${command} ${shell_escape_1.default(parameters)}`;\n        const response = await this.execCommand(completeCommand, options);\n        if (options.stream == null || options.stream === 'stdout') {\n            if (response.stderr) {\n                throw new Error(response.stderr);\n            }\n            return response.stdout;\n        }\n        if (options.stream === 'stderr') {\n            return response.stderr;\n        }\n        return response;\n    }\n    async mkdir(path, method = 'sftp', givenSftp = null) {\n        assert_1.default(typeof path === 'string', 'path must be a valid string');\n        assert_1.default(typeof method === 'string' && (method === 'sftp' || method === 'exec'), 'method must be either sftp or exec');\n        assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n        if (method === 'exec') {\n            await this.exec('mkdir', ['-p', unixifyPath(path)]);\n            return;\n        }\n        const sftp = givenSftp || (await this.requestSFTP());\n        const makeSftpDirectory = async (retry) => makeDirectoryWithSftp(unixifyPath(path), sftp).catch(async (error) => {\n            if (!retry || error == null || (error.message !== 'No such file' && error.code !== 'ENOENT')) {\n                throw error;\n            }\n            await this.mkdir(path_1.default.dirname(path), 'sftp', sftp);\n            await makeSftpDirectory(false);\n        });\n        try {\n            await makeSftpDirectory(true);\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n    }\n    async getFile(localFile, remoteFile, givenSftp = null, transferOptions = null) {\n        assert_1.default(typeof localFile === 'string', 'localFile must be a valid string');\n        assert_1.default(typeof remoteFile === 'string', 'remoteFile must be a valid string');\n        assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n        assert_1.default(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object');\n        const sftp = givenSftp || (await this.requestSFTP());\n        try {\n            await new Promise((resolve, reject) => {\n                sftp.fastGet(unixifyPath(remoteFile), localFile, transferOptions || {}, (err) => {\n                    if (err) {\n                        reject(err);\n                    }\n                    else {\n                        resolve();\n                    }\n                });\n            });\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n    }\n    async putFile(localFile, remoteFile, givenSftp = null, transferOptions = null) {\n        assert_1.default(typeof localFile === 'string', 'localFile must be a valid string');\n        assert_1.default(typeof remoteFile === 'string', 'remoteFile must be a valid string');\n        assert_1.default(givenSftp == null || typeof givenSftp === 'object', 'sftp must be a valid object');\n        assert_1.default(transferOptions == null || typeof transferOptions === 'object', 'transferOptions must be a valid object');\n        assert_1.default(await new Promise((resolve) => {\n            fs_1.default.access(localFile, fs_1.default.constants.R_OK, (err) => {\n                resolve(err === null);\n            });\n        }), `localFile does not exist at ${localFile}`);\n        const sftp = givenSftp || (await this.requestSFTP());\n        const putFile = (retry) => {\n            return new Promise((resolve, reject) => {\n                sftp.fastPut(localFile, unixifyPath(remoteFile), transferOptions || {}, (err) => {\n                    if (err == null) {\n                        resolve();\n                        return;\n                    }\n                    if (err.message === 'No such file' && retry) {\n                        resolve(this.mkdir(path_1.default.dirname(remoteFile), 'sftp', sftp).then(() => putFile(false)));\n                    }\n                    else {\n                        reject(err);\n                    }\n                });\n            });\n        };\n        try {\n            await putFile(true);\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n    }\n    async putFiles(files, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {} } = {}) {\n        assert_1.default(Array.isArray(files), 'files must be an array');\n        for (let i = 0, { length } = files; i < length; i += 1) {\n            const file = files[i];\n            assert_1.default(file, 'files items must be valid objects');\n            assert_1.default(file.local && typeof file.local === 'string', `files[${i}].local must be a string`);\n            assert_1.default(file.remote && typeof file.remote === 'string', `files[${i}].remote must be a string`);\n        }\n        const transferred = [];\n        const sftp = givenSftp || (await this.requestSFTP());\n        const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n        try {\n            await new Promise((resolve, reject) => {\n                files.forEach((file) => {\n                    queue\n                        .add(async () => {\n                        await this.putFile(file.local, file.remote, sftp, transferOptions);\n                        transferred.push(file);\n                    })\n                        .catch(reject);\n                });\n                queue.waitTillIdle().then(resolve);\n            });\n        }\n        catch (error) {\n            if (error != null) {\n                error.transferred = transferred;\n            }\n            throw error;\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n    }\n    async putDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) {\n        assert_1.default(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string');\n        assert_1.default(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string');\n        const localDirectoryStat = await new Promise((resolve) => {\n            fs_1.default.stat(localDirectory, (err, stat) => {\n                resolve(stat || null);\n            });\n        });\n        assert_1.default(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`);\n        assert_1.default(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`);\n        const sftp = givenSftp || (await this.requestSFTP());\n        const scanned = await sb_scandir_1.default(localDirectory, {\n            recursive,\n            validate,\n        });\n        const files = scanned.files.map((item) => path_1.default.relative(localDirectory, item));\n        const directories = scanned.directories.map((item) => path_1.default.relative(localDirectory, item));\n        // Sort shortest to longest\n        directories.sort((a, b) => a.length - b.length);\n        let failed = false;\n        try {\n            // Do the directories first.\n            await new Promise((resolve, reject) => {\n                const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n                directories.forEach((directory) => {\n                    queue\n                        .add(async () => {\n                        await this.mkdir(path_1.default.join(remoteDirectory, directory), 'sftp', sftp);\n                    })\n                        .catch(reject);\n                });\n                resolve(queue.waitTillIdle());\n            });\n            // and now the files\n            await new Promise((resolve, reject) => {\n                const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n                files.forEach((file) => {\n                    queue\n                        .add(async () => {\n                        const localFile = path_1.default.join(localDirectory, file);\n                        const remoteFile = path_1.default.join(remoteDirectory, file);\n                        try {\n                            await this.putFile(localFile, remoteFile, sftp, transferOptions);\n                            tick(localFile, remoteFile, null);\n                        }\n                        catch (_) {\n                            failed = true;\n                            tick(localFile, remoteFile, _);\n                        }\n                    })\n                        .catch(reject);\n                });\n                resolve(queue.waitTillIdle());\n            });\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n        return !failed;\n    }\n    async getDirectory(localDirectory, remoteDirectory, { concurrency = DEFAULT_CONCURRENCY, sftp: givenSftp = null, transferOptions = {}, recursive = true, tick = DEFAULT_TICK, validate = DEFAULT_VALIDATE, } = {}) {\n        assert_1.default(typeof localDirectory === 'string' && localDirectory, 'localDirectory must be a string');\n        assert_1.default(typeof remoteDirectory === 'string' && remoteDirectory, 'remoteDirectory must be a string');\n        const localDirectoryStat = await new Promise((resolve) => {\n            fs_1.default.stat(localDirectory, (err, stat) => {\n                resolve(stat || null);\n            });\n        });\n        assert_1.default(localDirectoryStat != null, `localDirectory does not exist at ${localDirectory}`);\n        assert_1.default(localDirectoryStat.isDirectory(), `localDirectory is not a directory at ${localDirectory}`);\n        const sftp = givenSftp || (await this.requestSFTP());\n        const scanned = await sb_scandir_1.default(remoteDirectory, {\n            recursive,\n            validate,\n            concurrency,\n            fileSystem: {\n                basename(path) {\n                    return path_1.default.posix.basename(path);\n                },\n                join(pathA, pathB) {\n                    return path_1.default.posix.join(pathA, pathB);\n                },\n                readdir(path) {\n                    return new Promise((resolve, reject) => {\n                        sftp.readdir(path, (err, res) => {\n                            if (err) {\n                                reject(err);\n                            }\n                            else {\n                                resolve(res.map((item) => item.filename));\n                            }\n                        });\n                    });\n                },\n                stat(path) {\n                    return new Promise((resolve, reject) => {\n                        sftp.stat(path, (err, res) => {\n                            if (err) {\n                                reject(err);\n                            }\n                            else {\n                                // eslint-disable-next-line @typescript-eslint/no-explicit-any\n                                resolve(res);\n                            }\n                        });\n                    });\n                },\n            },\n        });\n        const files = scanned.files.map((item) => path_1.default.relative(remoteDirectory, item));\n        const directories = scanned.directories.map((item) => path_1.default.relative(remoteDirectory, item));\n        // Sort shortest to longest\n        directories.sort((a, b) => a.length - b.length);\n        let failed = false;\n        try {\n            // Do the directories first.\n            await new Promise((resolve, reject) => {\n                const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n                directories.forEach((directory) => {\n                    queue\n                        .add(async () => {\n                        await make_dir_1.default(path_1.default.join(localDirectory, directory));\n                    })\n                        .catch(reject);\n                });\n                resolve(queue.waitTillIdle());\n            });\n            // and now the files\n            await new Promise((resolve, reject) => {\n                const queue = new sb_promise_queue_1.PromiseQueue({ concurrency });\n                files.forEach((file) => {\n                    queue\n                        .add(async () => {\n                        const localFile = path_1.default.join(localDirectory, file);\n                        const remoteFile = path_1.default.join(remoteDirectory, file);\n                        try {\n                            await this.getFile(localFile, remoteFile, sftp, transferOptions);\n                            tick(localFile, remoteFile, null);\n                        }\n                        catch (_) {\n                            failed = true;\n                            tick(localFile, remoteFile, _);\n                        }\n                    })\n                        .catch(reject);\n                });\n                resolve(queue.waitTillIdle());\n            });\n        }\n        finally {\n            if (!givenSftp) {\n                sftp.end();\n            }\n        }\n        return !failed;\n    }\n    dispose() {\n        if (this.connection) {\n            this.connection.end();\n            this.connection = null;\n        }\n    }\n}\nexports.NodeSSH = NodeSSH;\n","\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nvar PromiseQueue = /** @class */ (function () {\n    function PromiseQueue(_a) {\n        var _b = (_a === void 0 ? {} : _a).concurrency, concurrency = _b === void 0 ? 1 : _b;\n        this.options = { concurrency: concurrency };\n        this.running = 0;\n        this.queue = [];\n        this.idleCallbacks = [];\n    }\n    PromiseQueue.prototype.clear = function () {\n        this.queue = [];\n    };\n    PromiseQueue.prototype.onIdle = function (callback) {\n        var _this = this;\n        this.idleCallbacks.push(callback);\n        return function () {\n            var index = _this.idleCallbacks.indexOf(callback);\n            if (index !== -1) {\n                _this.idleCallbacks.splice(index, 1);\n            }\n        };\n    };\n    PromiseQueue.prototype.waitTillIdle = function () {\n        var _this = this;\n        return new Promise(function (resolve) {\n            if (_this.running === 0) {\n                resolve();\n                return;\n            }\n            var dispose = _this.onIdle(function () {\n                dispose();\n                resolve();\n            });\n        });\n    };\n    PromiseQueue.prototype.add = function (callback) {\n        var _this = this;\n        return new Promise(function (resolve, reject) {\n            var runCallback = function () {\n                _this.running += 1;\n                try {\n                    Promise.resolve(callback()).then(function (val) {\n                        resolve(val);\n                        _this.processNext();\n                    }, function (err) {\n                        reject(err);\n                        _this.processNext();\n                    });\n                }\n                catch (err) {\n                    reject(err);\n                    _this.processNext();\n                }\n            };\n            if (_this.running >= _this.options.concurrency) {\n                _this.queue.push(runCallback);\n            }\n            else {\n                runCallback();\n            }\n        });\n    };\n    // Internal function, don't use\n    PromiseQueue.prototype.processNext = function () {\n        this.running -= 1;\n        var callback = this.queue.shift();\n        if (callback) {\n            callback();\n        }\n        else if (this.running === 0) {\n            this.idleCallbacks.forEach(function (item) { return item(); });\n        }\n    };\n    return PromiseQueue;\n}());\nexports.PromiseQueue = PromiseQueue;\n","\"use strict\";\n/* @flow */\nvar __assign = (this && this.__assign) || function () {\n    __assign = Object.assign || function(t) {\n        for (var s, i = 1, n = arguments.length; i < n; i++) {\n            s = arguments[i];\n            for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))\n                t[p] = s[p];\n        }\n        return t;\n    };\n    return __assign.apply(this, arguments);\n};\nvar __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {\n    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\n    return new (P || (P = Promise))(function (resolve, reject) {\n        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\n        function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\n        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\n        step((generator = generator.apply(thisArg, _arguments || [])).next());\n    });\n};\nvar __generator = (this && this.__generator) || function (thisArg, body) {\n    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;\n    return g = { next: verb(0), \"throw\": verb(1), \"return\": verb(2) }, typeof Symbol === \"function\" && (g[Symbol.iterator] = function() { return this; }), g;\n    function verb(n) { return function (v) { return step([n, v]); }; }\n    function step(op) {\n        if (f) throw new TypeError(\"Generator is already executing.\");\n        while (_) try {\n            if (f = 1, y && (t = op[0] & 2 ? y[\"return\"] : op[0] ? y[\"throw\"] || ((t = y[\"return\"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;\n            if (y = 0, t) op = [op[0] & 2, t.value];\n            switch (op[0]) {\n                case 0: case 1: t = op; break;\n                case 4: _.label++; return { value: op[1], done: false };\n                case 5: _.label++; y = op[1]; op = [0]; continue;\n                case 7: op = _.ops.pop(); _.trys.pop(); continue;\n                default:\n                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }\n                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }\n                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }\n                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }\n                    if (t[2]) _.ops.pop();\n                    _.trys.pop(); continue;\n            }\n            op = body.call(thisArg, _);\n        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }\n        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };\n    }\n};\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n    return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.defaultFilesystem = void 0;\nvar fs_1 = __importDefault(require(\"fs\"));\nvar path_1 = __importDefault(require(\"path\"));\nvar assert_1 = __importDefault(require(\"assert\"));\nvar sb_promise_queue_1 = require(\"sb-promise-queue\");\nexports.defaultFilesystem = {\n    join: function (pathA, pathB) {\n        return path_1.default.join(pathA, pathB);\n    },\n    basename: function (path) {\n        return path_1.default.basename(path);\n    },\n    stat: function (path) {\n        return new Promise(function (resolve, reject) {\n            fs_1.default.stat(path, function (err, res) {\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            });\n        });\n    },\n    readdir: function (path) {\n        return new Promise(function (resolve, reject) {\n            fs_1.default.readdir(path, function (err, res) {\n                if (err) {\n                    reject(err);\n                }\n                else {\n                    resolve(res);\n                }\n            });\n        });\n    },\n};\nfunction scanDirectoryInternal(_a) {\n    var path = _a.path, recursive = _a.recursive, validate = _a.validate, result = _a.result, fileSystem = _a.fileSystem, queue = _a.queue, reject = _a.reject;\n    return __awaiter(this, void 0, void 0, function () {\n        var itemStat, contents;\n        return __generator(this, function (_b) {\n            switch (_b.label) {\n                case 0: return [4 /*yield*/, fileSystem.stat(path)];\n                case 1:\n                    itemStat = _b.sent();\n                    if (itemStat.isFile()) {\n                        result.files.push(path);\n                    }\n                    else if (itemStat.isDirectory()) {\n                        result.directories.push(path);\n                    }\n                    if (!itemStat.isDirectory() || recursive === 'none') {\n                        return [2 /*return*/];\n                    }\n                    return [4 /*yield*/, fileSystem.readdir(path)];\n                case 2:\n                    contents = _b.sent();\n                    contents.forEach(function (item) {\n                        var itemPath = fileSystem.join(path, item);\n                        if (!validate(itemPath)) {\n                            return;\n                        }\n                        queue\n                            .add(function () {\n                            return scanDirectoryInternal({\n                                path: itemPath,\n                                recursive: recursive === 'shallow' ? 'none' : 'deep',\n                                validate: validate,\n                                result: result,\n                                fileSystem: fileSystem,\n                                queue: queue,\n                                reject: reject,\n                            });\n                        })\n                            .catch(reject);\n                    });\n                    return [2 /*return*/];\n            }\n        });\n    });\n}\nfunction scanDirectory(path, _a) {\n    var _b = _a === void 0 ? {} : _a, _c = _b.recursive, recursive = _c === void 0 ? true : _c, _d = _b.validate, validate = _d === void 0 ? null : _d, _e = _b.concurrency, concurrency = _e === void 0 ? Infinity : _e, _f = _b.fileSystem, fileSystem = _f === void 0 ? exports.defaultFilesystem : _f;\n    return __awaiter(this, void 0, void 0, function () {\n        var queue, result, mergedFileSystem;\n        return __generator(this, function (_g) {\n            switch (_g.label) {\n                case 0:\n                    assert_1.default(path && typeof path === 'string', 'path must be a valid string');\n                    assert_1.default(typeof recursive === 'boolean', 'options.recursive must be a valid boolean');\n                    assert_1.default(validate === null || typeof validate === 'function', 'options.validate must be a valid function');\n                    assert_1.default(typeof concurrency === 'number', 'options.concurrency must be a valid number');\n                    assert_1.default(fileSystem !== null && typeof fileSystem === 'object', 'options.fileSystem must be a valid object');\n                    queue = new sb_promise_queue_1.PromiseQueue({\n                        concurrency: concurrency,\n                    });\n                    result = { files: [], directories: [] };\n                    mergedFileSystem = __assign(__assign({}, exports.defaultFilesystem), fileSystem);\n                    return [4 /*yield*/, new Promise(function (resolve, reject) {\n                            scanDirectoryInternal({\n                                path: path,\n                                recursive: recursive ? 'deep' : 'shallow',\n                                validate: validate != null ? validate : function (item) { return mergedFileSystem.basename(item).slice(0, 1) !== '.'; },\n                                result: result,\n                                fileSystem: mergedFileSystem,\n                                queue: queue,\n                                reject: reject,\n                            })\n                                .then(function () { return queue.waitTillIdle(); })\n                                .then(resolve, reject);\n                        })];\n                case 1:\n                    _g.sent();\n                    return [2 /*return*/, result];\n            }\n        });\n    });\n}\nexports.default = scanDirectory;\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\tvar threw = true;\n\ttry {\n\t\t__webpack_modules__[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n\t\tthrew = false;\n\t} finally {\n\t\tif(threw) delete __webpack_module_cache__[moduleId];\n\t}\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","\nif (typeof __webpack_require__ !== 'undefined') __webpack_require__.ab = __dirname + \"/\";","","// startup\n// Load entry module and return exports\n// This entry module is referenced by other modules so it can't be inlined\nvar __webpack_exports__ = __webpack_require__(4822);\n",""],"names":[],"sourceRoot":""}
\ No newline at end of file
diff --git a/dist/lib/protocol/crypto/build/Release/sshcrypto.node b/dist/lib/protocol/crypto/build/Release/sshcrypto.node
index 2068d0796d90cf0f29a7bfe2b3c99cc21cbe6dd2..6dfdc9c8fce4d55944235d45c5377b510bbdae2f 100755
GIT binary patch
literal 114208
zcmeIb34D|_8b6+C3zSoYa(YnkDvCfkix*Q$k;+v|6+G5yX$M*<ZD|XFxLO31Rn(5M
zz$&ZtScM9TE3DwL)?*c2R7BTx)zzZt*2M!Au|=W3?>BEUlgZ3bsQdeU{-4i(Mnj$_
z&ynQGle|gZyy;s9zdqbS2$#Sw9^p8I>8*uWRw<K2FW^ZrLU=sc>C>};*uPpULE){C
z%m7vL=kZi{7gQ(&k*#lgibLBs--(GM+rTeQR0a^rmsiZ2QSMK&^=*CJA!WunF>zC0
zywZod%b%mqQ{XKs^_C&U))&9o;VV%3h@1LENcr+gipv8Pw)K^6b@W~2L_*^V4T(IS
zyz+{&!s1zqV(WWa>H9_*T;p0%P+5`a@ysi}rm#5QQ&>E+MB>5iyY6{Ma=KDL+}5E;
zGNPZPz-2t1v8maqp0p{Gr)En+t^8LAw~8%17Rfqv2JG?7DhXIEvc8^<dkO)4l-EC2
z|4NM@_IT!$u#$xpo|*HC^Fqqk^96^QzRw?VQ(s#r+5a!v!D`pw`X(xUnW}umO?`ev
z3JA8FNmUBmIxQI2Hq*L2o}ye&`NBCfN{T$C6=kZPT9&aRU*~T`S5Udyfa3;(-Q&s6
zt;h`|IPDt1>tY;z>r@hPU6ue>0HWRI%qc0>DYm}lv5vk(&4Ad{=THMg+HE|7$1^cw
z@`UuU8IHHX&lG2+;#GL!^$t#|sjHt5m4itFUm~JJ#KbcZ*TE?UXSl?^PDr2b5?g`O
zd_55=b6sK!5O<YJyx(7l_LM>3FB$0!rvsjb_$rwi{-2#IT;jtpq!W<Fe2!b#&}Y@Z
zFZjobTOPhKcTe2gLy(q;;M4)R#&nXfv{jp*V$TGP{Yd{fzOg>kg`x=YM>o2NOAMM<
zUN)$xa0Wx(S!WGQ9+<xnpdfz=g64OfpMqgLn1AZR@(S;qfn$^iwaU6O-}iG|f<6J0
z$a2t5{GFum#HWF)F;o(w|3obiwLsJYQ42&Z5Vb(m0#OS@EfBRp)B;fpL@f}tK-2<J
z3q&mtwLsJYQ42&Z5Vb(m0#OS@EfBRp)B;fpL@f}tK-2<J3q&mtwLsJYQ42&Z5Vb(m
z0#OS@EfBRp)B;fpL@f}tK-2<J3;h4W0{f@@b^W15uJwn~gztw~QIje}Rp0u4zC=-Z
z=hG*PmH4J?Q{^kJ##$k^NZOUBNZOO2F<qwBI%$t-{?`rulv5@DBjiWA<ga$p9?<-|
z4F3HN?H=+YUGk@#CUvaR{BIikn;hC5<VSj4Y}cBOLab!`2Nj>@a_}cqJT}I`4=qYv
zzkkY$>)wnJ2~A5}Z#Q^i)*qM_i?le{q!n!9k~VR}24bSS(IqN(#UT8yl~}nSwmKPk
z%JTI*-G}t7SW(%fE7E=ht-6EQTo;>Avpcq1&DSR}zl54^5cdUN9bzeW<>|gL&^;#G
zjdCZ{Kz`StI7Pco(J}+HB+&5f)~5L5-Hq`tJfAWR@K4vf8@IO;BYuWX=35sle9ZF`
znP;~ertg;N2{qgOu<*TW@IL~0UK_FbzlaZzH^$wVBgAH=H^qp?Er9D{yUV)#32Ajm
zqkg;YT4!x5vH71`mn={BnrA2n9Zc8ddB_h7-zLDcDa*gafj7T`Se8fWxCS_NFx}D7
zwdPaQ^)uM+&yps5a}gg}l#VtWi?&Q#-{2Xu9&PKZjrF`&3fetQO+AVcKaQa5THDaH
z<yE8?AZ-`onTU5ImhIlz-S`!7@nh34+Crz%Ru6)wS-<HS@SC5}eyn2^WTowD2l)MF
z8PaUO@gR+Uk%O3ilcnXf-y{Zn<NjF7Z%z!*?gmZzjmz+xV#jahsC>2GTrBhKR>O4N
zPUrYx;Tvc0_X146xe~FqCH;o!w%_zX8vTa)?Ye87^qUN=OSSpgltY^{U6-f39~QoT
zfVJQJc%p<iry$Mrn=g@09Za|V=2WDy?w^4tlHYs^8vUjYabK+)eMI}s2S}&iypP!L
zH^SX`6?lXE25Gd_QTffO0l%4}{3Zsn(stE@{eJTk^0fWtZKTm}b|I$Uyo^}NX}=i|
z@Qtpv-y{WS9kk!HGW@2@@taRnzS?hIl6hj>L9E+pgC7>Ytp@+Cfay1HA~yYo>9*he
z4r%lo>bL8zb<%I1(Ylo1+($XIIn#A{miuAhTM1bE%`6ArT!Yy3n=61*2h(l8StV)0
zcM0N1ev=Iv{U!_XT?o3a+HWQzjec_xV&ykgBF^2o6S(0wGL5!63cslmR|fp%6SN=e
zSOM9-LhS3CFx>Aqg-D~{RCWwJr_zu{zZom}E3-yuxt!sAPF0P`5BSD1JVT|<N=2I<
zpk1$N&NHlPOiqAy4QLpPs^Yu(eX8oG8y%mb9n5FgKv|w{HPSxv*^p4v18GiM2;V6N
z|A7-6pBjZUZD)=}Ot*b%Kho$^)Nk8G>!eSeu5~G&Y6qPDz;x|XKR}l*PZMD6Q@b2^
zb2m%JE6f`@m~Q)&OX?TCTJS{jspmmk37>fm@nHmASM5_zA&ow@1+m|!65NgFLU)i)
zA&s^=DxVr0@TrTGPkjRY(smn0`hDtMq}gN9V@RV<Judkxv+mb&+NV+izOfJUGpSSi
z&9DINOVFg>v^D%@zT-E~s(kfWR4w!DR>O4NPQUZR!uNZFzW^}DqDK*HThecsZu`wl
zq|tAv->$pXNxxa6bt%8Oj&f*ort9)}{V?V%fVJO@b>Pi6BbMb+I#PgB2h(l8DVH?i
z8-h5J-z0;^v1kzDQUqOB?Kl0AM!z`&vEOgv-HjW82l)-sXse_08+X8Oo<+ZB9WREg
zwB4zr{C+bIY4%u@h&1|5U&&vY)m6*ok8;MM^8&sxL;H>Psqq2Y6`H1fYHWa(t$nJa
z;ZxT-K1Dm2V^Moqo^CbLK58u5-&?nZ@Ck$e9i-Ezx+6{7nLfpI+o#?}8hwiTZM$fl
z^r={_OZmfpC<lLFy7sA^NONG}`v|c1smC37^Y@5NpL!5DbuiubsgEU1`2L7El25G#
zjbqW>h(AQob=5w#5^40QI}!VRs)M_+C(0b;Q%Iw&=u@y$m8fp-gPpM^i+%gRwDy?G
zcffkABi3WFKGsQ&1Iy56n9r_Ta#BNY=wFWcSli>>+eW*@+>Y%<w!oZ)wsp4`BSf3Z
ztRDe$ecLBqG$L%1Iu^(I;!}k$UWi7qN0hMqwYM)mPgLG`o~dt=(pL)|^a+!8o1#4n
z+NYp#-O2UWpW*Md?Zq(i_lXm8@9%&zA&<J)xQ%tOu?R5;u8p7ff^C)vUrgu9tWN-c
zh>+98S%3W(@C{u=V=d}N|M>#=C-9Y=-VWXtdEU?)cy|X+Al_Xx7Jxq<^=DaxYxH{+
zNSEz<itwEdxD<i5C}ukIR%_RM;Iwbz@y?uJ0qLqvGXd8@9ybRi(C*YPQsaH(5kIyW
zd4=YMzK(#WAux|i5KF(V3apVYLK^d_R&$SB;Fno?y-2fdy<>k<wwbpFJf_Vrfz2!T
zHw|a|uzaq*;%(Z1Z6VvNuX}y`VoyU-N70D+OoFy^m1XA@mYp9b-LUi1#KYM6`F3J%
zwM%3_-wEv<BeJ`reA0ff$#%$e0ZyBAMl5Zz=X75J%F)5#`z!e36<=%3H|z{wJMhIA
ze4D{{7=ikJK`ixMcZR<$ze5^rEMlFuY^7ykj~_s*Lzx~%JRV`)lHW9Bpx^ah=5Fkd
zwjJ$?-@6#~IJ9UI`rbsWqbFbu9V^$+_ksT|^wU2gz6S9<i0cvehyJEC7y4@qWMa`@
zv4;}tLVt~|`7t)8=0L2ghGl&l{Mr|n0DeQ_U28r=?6hS!^q+*9!5Eua{=Z3j_Zsb^
z&j6=iB*w5_U2E1#dN=F?$o-Qn^7FaDK6nRV_-qm4LyN|uTxqBa_5-l5!~FoJe~Yp=
zy%dYRpZ1`201w8QMV;0kLVcP4c+OQ}7iX+Fv7xD_<4av(r=h)_GQ0&neT0~cx@5EO
zwf)Z1(Ekbdg3+m+=jOB)+5MMwzIgPXj+@&SFw2a6q%78*_K<$5#;pylM38^q51yP>
zV&qc9+K)y6u2izuBbM!+c$UB2%aO)%BVX7jq2?CgQWp8n1I%_$Li{@Fv2MwgA?==;
zz;>SuJ4}K-CSv~tZU2(f_Fd<uHkjqzc(6&1v)54X!8RlOv{qv7M)<!RBl-#-%UK&E
zMrI+_^@syJ8G$yKh}iMpKs{2C#(LB>Hf@Ok{07>|?E8gCt2|`niE)1t^5nRGDQNcC
zahsyC3>@dpvc93pnt-x)x5lBgFuHae3Lb~f52JI1!IOY-vMYFgVtru$-LXAtUWWba
z5HsCrpM;u$fMuP*^F00RaLzmTo$UVpv)JXm={NN0Pw~7Sgz-##-!zQR708Btu1tZv
zey(HyPDl8jX)FW!#6y6;L7@G=Vmk8Fee6@<(udU8ae#Enp$vNfQ@#Z4@v%;aY!%=S
z5UB5c#Iikq3AE=MNTW_%i6s4UH}K1$<CX4W<(mk<1O7Sin-Mo4?nYY}d(-j4-Pjd<
zt}Et3EC=htKDRM0OrOKp<?nNVb)S0}GAy6Ko?bQfvvHwQ0)1LP2Reby=WR|W=Xu(W
zcqicMd3!c-<2jH*9M1v0kIXUUA=G69LQ`4{#*|j*L#@%5+F(qH$9Ncn{p1*ohc1kV
zqULtU(<ZCpQKvNeMMBM7q_N*(jM#M<VERld#*3+dZ$xMSUiT7td)Ca9ygh4}?zB&j
znsFKi&lP~B&jB6?_!`Vfow2cd%>v-gc-y0fdqkH4AC9)UALAE!dI5)xHftV^S(A{~
z)LtxXiWS>j7#I6ixAu|uQ~2>`XcJuJmvtIKYlJo^KkXySg}M=@?OD(EfY~O87LA8(
zE`*K7VVp_FxEv$LWu1q%gR{pQsy`8WBI)?ChgkVH_)$|VpGhv{6N5Iua|yO!ITGMc
zm7T^k#P9Po#AB@PgRvUEnH`U@x(~+c^@4tb^#|(G1^M7IuY_*<QX2*XW<Puz`Y#8}
zai)^<jb`-Fez+V=>PaX~Z8%x#NvL@qdQhJAT)S4sjDGLXqBN9s3~Z9R9%XmzfjXGw
zr_VG&PTKYq;d=t`&yJp&Mwy=Ae_nnIocxul-?f(cI(_*&(AbwBLag)EdH#uVu-}1c
z&!IecKePz;TOxc1;J^FTvpi9VouazGZy9($iE(|m8_zG=12?5@PDNS{`cfVG>ji|-
zk17FUT-e$7<^H~Yh{x3T_u)pkT{)zqA63SQ&6g8KA4>$xe!1jE`g%9kXBYfyR~qOX
z_xfVoV?Wh2z5^irTusNAJ|25s@qbHgq#n+L`?$s2`Zo9V77P1KJ+x>H>XiyRzqF41
zHV5rvrzM6-qd(bgu@-siwwMff4FY{^l}rz`#R}kNTU1NB(-yY_W?Rs1c3X_0T$r|q
z$66fsac<G=f%Qbq2JmuRoCEu){*(17`dU8H%MjQ;IqjVBZ4mGq+KI+@(a-B(V~#&(
zBP|DMG4OW*d!n88jVYj=yYl^1kd033Arh8$6Dt=YWP$(CqUSNj3EvdFcRRG`g>}CN
z-5kSd6M-`G8PE&)6tr`1i*F^4FK8#WnPVvRX<f7{W!#wW#Sd_g0)Ll2ZN=O=^wp$z
z_qING?r&tj#hfDv>$)8DTjtF+)n#|e{ldD&?joTGy5}KWk6@QAiT;w>DzGL*zO}H;
zHyF>g%{~Q8n>pi`^Zt-|9gVJP==xCUasz$~u&E~_jJ;%;%ylZBU8v*cJeI?FR(XgU
z&#D`V8_%lSh@+30bu8do628DXZUJ4_aXopPsbg2{Q?vaFTw=JEyGO|tU_5kT9%j}p
zQS^E5EZDp$HU{HyEA+kA7*p_Ee97hG`rrrnF8hWopMSo6QbT-9WmbKYSl`q}Y;)Gn
zu8jrpwU;-Y65C&3-(XLg@L_C~?`8S^^jwsI<3nmYkzL90VTtg4+7<725XZ$~Pg~R5
zitPF}@SnwE?qc#{jIebjDc;>}96I%|AMjbX6n)_oO~<@m>N+0dQoP6>0os8yF^c)y
zI=d>FT#S{Z=XMdkzhsGvWf@_EJ(%BhR6Kn#x2bPaxvfv?h`o{@^AI^tLp@m66LkI<
z>$Z#$7gv&wvhjJ@L(yEIF+De?+pV9TB7Cv1XB({_{iZw0%Jm=ao!n=x{}Ms#hCa=@
zgrmOzI`@taExHhGIS%6}p5K_?urIt9L8kI>Q}%tx+a5zXE=)i=+n-|~$Dv=~D;&R=
zF2`2XYbIdwCR~?uC;1M5rvUTgFJo8Uo#={3S)6C5eun*0@(kt`E|e{JP1+RO^=;}2
z_O%llmQx?sZ)!dEHO7*5@Z*ax@0`%eedi6W#CNm{o?!{?kaiJinA@B5RE)b9Vf}Xz
z<`f=R%-k1Y|IrwmzJ`zJ_0U<UhiD^4cG7iw5Ozb}?Nt5Z5zFV~(zE?@@<X80J|aeJ
z8IAm#fJ?hT_6fj0Bd|`5h^6fQz`NydkVe@=wI*z(^My_KfmR0{4<b%SShwVg5MM|=
zL1e>bK64G-;7MKoOUd8lIBTxU_CtrevCRm-9Whq>*Mit<`wDcf1>Zuf%fA@#-w{~;
z*AUC{zZ<CgUy&xuf3RuG4S?Umv(U`*pGf0c(4Qxs33JeP9D{IWs(-)Ag|=c{zs25y
zKp$e=skhH{uJzIvT&;cF8`OJ(etl@a+n`UkpQ)33U_V~rZrlc4oYR{!dR-~7uG|bd
z=i+`k?D7?S!>q?T@Nj-_^6ap9xL;(-+#5#k9Iic4cL96f6-MW62K{!>KS!SIYkGb8
z8RqkQu)dfCJ7ND}80QQeQ(YJb!|h>iPC#2?eB~bIV}LQaUdgeI&#7&I@56IxIp@eI
z6Z7F*Yzp#~?T>!!0z3hM?VrJP>cSX;F|NyK;B2Eh<-1c!m*wqRlM1*F^81ko_s3{A
z=HZh2ehD?34>hfpwlwzr>d;p8@By}Q9}&Mdr@kqB3G}4Gr*xTDL?|=&_t^iRKUvJp
zVa$C##EF~-V=r$Z^5b5Z#Ia{L5BMI9Cl2(@1zx9d?A4*2R(}Nib>#ON;^`<yxIORC
zvFfCT-#~_SOTaj^zq_-pI~($x`{7xiO?#XBP;NX+^qTlfV{W(`dT3v1CpGS^0NwPl
zCh)jp#mG+)OWUJ;Rs#MQfo1y$vFx+PKGfStqh5Cxr)>4WuR|LpV7+bT^~NvG9?}<}
z3#$*q|KxrS^Q8}(a<?fO&Uyv)hku6Q-GS$hSs#|oS=Tx~e<}RDPfsy-JD<0);!HdX
zclLjwukRLI#e7y_LCQsK+u!PT^?5Ix@Bi3U`73<?Tfln})<D1Z?TY}@R<zTdOgDUc
zIdIyjx~*fQwWI^*yy+Ie^zEUj-%_0p*%5#%5vcEa#IXCOzSw6u8GP3od;<W_S9}$k
zFJ+M2Z!R_X`T;Idd{=9}&V%KC^Gt)UC*T>1FGurL4)XWYOOVF8=>6tG;JPl;0CV4~
z9pVkJkD5>HH0K+fPlVfVUe`se+=SqQY%%&s6Xe;)4k3OL@vTTV=iYjs=q|Z;)wQMo
zboPm};nUK8%)MFUsry7*z_dHp=_f*l_T~Jt+T15nW7<;W&AGO@W~o9M*B~@_p2d74
zc)#JN*jAX^#$nIL*$by`uGOA`9)Z0dj`@!P?h`Bax={`d*WsB{hw|uo4fg~ZJTJ><
zZXx)&rWP0%xfjIsG3SI_17AyBTq9$SnS(O-byZ>w*n{i0U0IZi6T`;C$Kzka+8A_>
z$MM&>@9N{~z8CdX>+0?`Q^8vsD~6Fr&#^zl+;R`b@LZJ#=a;0XVqS?dbm2OD6lkc2
zmdhFo9Baw2^+=46o)aNG{5uBc-2&QqTfAHNuqJM#ZFL`{t=@${{28%79p(Ix<w83B
zb~oVa*oKjiZI89&@!fvwzU%qco##HtHb9-}Z#k{;?jP&WYQWSzqqXxqqfKb{bl7<p
z`C`Pj0?_)rmYBjmJP~QmS}61#L;`%~Bm~ok=^sgKAIwMeT!g-ugXihz;HB?Lx>~E6
z>$o)Luh#b?0XMgfJ5pY+A0aRJ$>t=LmmBbj{yI8q;#FNSM-8+0wqLFFIG#5hhczAQ
z#WlufgM=>^KGYBJdgNOPAFYO8eLB=x-|02iE1>0oR(~AUZdh;a#+Xe$uA^3Q9R>c+
z)H>=J@UkE5hL6@C=d7br6~ETI0X%i^)#X?}QBU5Oq+4C|WrUlR`~mD4IcuHJy*ZXW
z5^dEHXj~&jlKZ9P>GcO^xzN``&m%X*o}$+-JN@saVtY4ShO)}>t(mpUiFi&#TD$O_
zrMY(L2b^n{ImX)M7vxjfT8#VzvFu+<y7+v6KSZD}{R^>tCXG*)&yar@e6;7=itjDW
z_kQ3k<I6~6U#vdEc^*=y%md>x+r18XEkt|*!n)YYxlRdshTNaTb;>DNrv#t>JvfVN
zl~+R6Dz8CLt+iJ98so2?JHG%r)>|VVLagh0Dd1`Z*7aV*vaXwxefFB<&!D*v8*7q|
zIF|t3ay^+Vg4T?QNI(7v?UD+**)A_)Od1W}e?ymbvGCzfZ6sWaJast-0G^M)a#kRg
z<vekS?@xGUnscG$pb3`<tev_Udhd7i=7UG;?G70Gx>D~|h^5}8Lwt8wdfC=>!qAH~
z8Q0TXlf|Q~iI}&D`XRoIgH5Yf7_xGWhIYQ`u$sHmpJ6+_{&K-~=K4$Wr^WcLHTh8o
z%`Z>~lb`Fg|6slse;)P`55>;?Wi|GL<14e~puF@weLh5vuP+$mFV1d=O6P1ypA?Mm
zoL{qS&8-cmjcFVL-S*nhU%tMf<?9cAd#&i_PYvbo4SsvwcqIPg!QY6w9-M+bJY5g?
zlV4_WXdW)e{0y0+<!?A%to)_D*j5+Iz0%ON<>#@zYQBi=UGtyV6Kd{8d(_1Q)|si8
zx5&Bn5}cD+f^#xUTnJ)gZ|K~e=BzUl0Cz^9?%wKrhq=Dwd!}yit#IqYfk>D2FxQ2!
zMLqmTuM6=^%RWT?Xuo>+qfSr!s44p=q<?Z4=fRQp&nWwH*wD;-T|04cpT5|S#`uXb
zYE%Dzhpr{0|6`5#Rb$g?o{h?Y&X=H5reiJn1=2r6y2P<o{1o^<HJ&rn_c8EyG`?x5
z?*rf*gCzg{p}zNk{~h>C(0iow4N075EJOLRj$F6o#D-Tp2hKN?pTu#vYt3rt;2gT+
zNnz&DcsBUw(17(EdIDrP_RuzZKg~YhPzWBLZ<vVK8DE6&F!CR-WXB<v<BPGbJQr!~
zr<jYOYzZ}4S{CIzA28P$`=H}a1fFlOpAn0D9Q*kOjI~ER-@tO#;yEGx6J=u=b|C-m
zNT&_xtFj)~1>T3ZMH=hD^9`?q*FN8n40@#V4JU)f`IBi|eZGNZIF|Db?ZfD@&o{IR
zqtia$@FD6T-!-G|Jm0VaIL|jQUA8US>HuI_XYkw%IMVrs>$x63HE2D)slThA@9OWG
znq7|{&-|c22J7+mfZHH!W*TjMitx<@ya|Er@)*;}i@6y0njQkq@+B(Y+Dba*;9Cy^
zrhFm#RJBfrY!=|P2-J5sVzhG=*W=u$TV?Q#2TY$NUzO&=`kCVsZ6))8z6$^^S9~{V
zzOBRjWn6?bma!IdZu<Wnz}+ZQ_v6IMlMzM&KL~s{VvYwdkw45iio5WBmGxp><oX!%
z;sW;7qgWqjLx%N;v_5_o<=`4cpG*9NINm++J!}rj{a@mEcV(`h8#-Ygg7k3j2F9`u
z$dC5tyMZ6U$FdX7S7jmXd+LqBxSNP~?cMI{t=G+g_W?(kSEu!Sdw*;joXu!ma}ewG
z16Z#&V!hrV*DG>8wka@9_HN+%{Z-`W#u-NX{W8E@kJsY6Kl(p>%D*081)5xk;H>C)
zJP+hMX{<E@>+arrbMX#J(n8kcy^J+^ubN`!+19_dmhZhj!}_1^jjmJq+>duqInd9&
z3@_5E5xN7$+2g&O<9Dyc+5`4-A*R0_z`Hf_??&3Ed{>4z4z$^j<9n?PtZVzYdd~ea
z_IJHmj}fiz>wQ0-(M-!lEPa0YFuv2T((m*s%lH3o_!-N<_xqR&Y<{Y}yAjW*DzSE$
zuO9j6_xIO=2j5RLHk~WBH8sVpZ#u>CAC`sf%>4@w%L7}}uliu##d-1O6WrS_qJF&V
ztT;z(!{6gexD<8ed5!sq@%P;lMuR>A@VX^(&9KSbccKoi!<y219&z399dwxeNc%ti
znSN{f`zgc?e;-KP@^@QT68*xQZ(?0c-Cv?#n7TVyx_c<yQa;Rn0PC*z1BQ~fnfJP^
zSERDMVwFXf&8X*o(oxTFWvND8PE=)a1MUo%eOQkHw;YH4f;4`E8~VPE=NtIE>)zAd
zI8}6?!1urPm|MoDxVLS`+PxaSyBO<#tapOf|0oarmA<Oi|9vq>`3v5M;u+ak4L{lf
zo@)3g`!N0gM)=8gEhqQMd&qHyXDD7&>D*6P9Mkny>>=a)6VE<%ulcj0xj;J*>u%hN
zJV>iX`X@0x_ohPEx^vvy;J?EJ^042f=`*R6xeGFhN8qVF0xc1JHIi=HiTfVxPu!>5
zgF2O|axca{ytI+4>)!3qUxzb?k@SRnN5Sz~w!42Wc~ZkL=w5Ej|Ma>1y-1hm^0DqZ
z4t_wNGuB<3;up6G?0e~R`JHY&Pjsj}-_)ni<$nNuA@d=1F8@8y&`$Ch&avire7|%w
z=kl96s<{E?5siR<M9|N(IOt^mu0`G0M+I<sF8^c)KZW#@F@C`ZNFPWX<5L0noppk9
zF8_9<?`GNHcW%J9AkY@enZ6`2FS#DLoR_F``FE18>Qo7s^7grW^6*^#Jk1MzX8@jy
zz&uJ2%W>N{m!FR`=A+N$F9L3#%g0z0Vr%<c{zCAWHs2iKT>g#&O{-;l8tbqz7_YUR
z@gaYZogW5n+W9ro4LiR}JdB<B-mV(s{PXHu{$P|(+7CAQ6fy&V(<WykmNrr6@=rJT
z-UnYl#h0l0uzutG?L>p`P4M+peBCvlaW20-(r9BL-%lje^wF~DiyZ-T?NAFHGZ55!
zlA!0+V$>ttdy;M7=ehi+5c6FA7Q}o{k_MekX*}QF7Vjn6;jBh`oV&sIG_lV4_9Q-c
z{C)Psh6^FbHtCA>;9Y&3Ibsj!kaNU7p>srmd81zct(W7a^A6?j&?9}>=>HQzH}{^t
z1P|;matC6^pK(?k@OCBp3S!wF#`^CWq|ttLt;81meOP&ZSNf3J_w0yw+dKol3w&<#
zd^qL{Z(vO?_x7;o@;c~sLJU6+I?OV?OgZic>vBV`Bc2~x?nTgXj_|ugq}>Zxmpc>i
z-3YAn8pN{P8v@_k-i9>Uht=BRA>fW|*P1&3V{YUdgLqE||GG7(-SNH!?LHChHv#Q<
z5%z{Na9-9qmv5GzWnlUG{@j%9uY+|4gFIZX79-Z>PXv550?S{3SeD;dul@#UvivxM
zaWY_gzjGPV?DZ<oAhIpWK(oi^jf%!H*z47==_imAXs0~T`D`}p(g8lF>&&zDeD|qw
z?(bb1Cch1MzL`91FFW5Ni)U<@yeE+dWlO+59PJ>_W25c(4(=_qT^(YkJ9fppFu>AZ
z!Sg!kdd<7XI@8ZH7awxnJ6OzJjyXiV^B%gYe}AldzYVwU4SYie-`O}7x{;?`_f7(w
zA<H6sZDE^4&bQwm;p2IC2@e?I<GfhHzYO<H__1mA42%`)+l!S?AdEnnBkdW{Ka#95
z;~eBwfc}zzF=PM9&bqW6ba2eL?c^|L5l}xpX5hPC%)b-ld)L204{b$Vdd~=d<~gX{
zJ^~N==Wy)ngq|h9dw%-cJK#ygJ0erh*T_?j3!wGsjQ#;1^V8AC&GT8iz$0)z>tV#Q
z9hV5-bifZFu>RGET{th-7yY9%%3=D|)1Xm*BF3RrfVKR1z;_~0z6!CFPYHZGy$orx
ze|2;0w-&gR#dG0iz<e&y&L5$D)V@}gxsJgZ8jKI&zuPg(cMo&~ozKF){3K<Y<)E>j
z`t1Um-d9=*8vBc%#_<$#><c~6PrF-om={Kuy{}XfMyI*2)B}Av9Xzs+q5kY+2T*_Z
zF{V5A=~0sdSnoZ32YNlen`y$iz<TsCoEK<}Z_D$dt@>ADzP|^0^t)`n4}Tc^TqC&P
z52WKgu#e{?o%h_`Ywp){)V037^UhJOC$KK=0lk$oST5(goNG`H+NUe}!8L6fM%G`S
z^G*Tw1o&L8N50(C7AIAnUuW)Xx34@uA9?6KtE&KCj?hNe4`tZ~JQg^8$HjE$(tB1v
zfkwZnR`ZGWS`L2G2wENF%aH#MfTg`4`zOHPB2eGgh@~%LOwc+%MVj<Q`Hda+?STIV
zI-YDNRz8DpFYsx=*CPH5aSq;fbI;?S!0}Ao%rh9Q_a&g+g|u%G_eHsIURb720dB5;
z$xoZ<Z+m`*49AXR`L^eA$gn;l!8)^nHqAkqdVp@O$-5HAS~W+_*+&pJ=8~zzF_+Zq
zQ=V&GhPvN|aHMY{1jYq^6M^+j$TtzcKvwR9;5&#$!pOf8u(UtEiHL!$-ak13^4!y?
z#M-nQVU!JH+Gfs;?QbG}gf9AUU-&Th*z}%?{wCsUO@|MU$Fo50KS2-opZ*u$MDV$y
z&+Fs4vXbZTSG5m4`=7+T&9xocifywA<ulu61978m-Xd<a%?HF`8>uhMo<|JrrOrSc
zAa9sGkESL3KC3n6Qf)A&!nawA+T#227<}Ini?is?H!d6tWgg1{??*z;qvPFF(+x4}
zm+Ld>okP!juR<BvKD)6mSIzc$N$s;Cj>9=rEFv5_&R6O)>A5_o0N*5Uj5_aqpW?e8
zdl;nMkFkgQ6>GIT=A=yjDYomGde7|lisn)@jve|OIQ?1r4f0|-_rZAXVI<P4g&4L9
zdkH6?ZQny4y%2K`?EucTvkvyT_H11SJg-UTKBBqLFh$W{z#P1uXWCso_7*_@0gTb`
zdv(rSzOM;>uF3fU&zWbSoyMcRF2vk-9KJ_(&YHJJTOY+a@2bEW=Y)n%C`*Ac$M_m$
z`oD3``w8U3c?1rpI%DsHF}`tts}ML=-HurHedC<>5~OkL#kqqmqhS}eksP-n%XY!H
z3Q`t6?Z_JEyep6<$8EL7xD~jR#j{{OV4i*MkNEFxIfszvyn}3gEa$whg`S{!gtf*f
z1D$J(OAzbww*h=H0_#qHkaaiCd5=Y!EI-y5tpM9=jNc%QYYemP=Ai8&o%5cD{RM%(
z!@5(iI_F&#k9kE)&v}oAu1NDBu2;?hopTX?8N;0O9ta-$eSLH1yiX0I*F5LlD~wL_
zoOc4~pQBuyYwP)nKIeTa)*U%VanAc3_>G)<U{7oq;K2x$*i+;fJ{s_Sc;+uhzv7&b
z`SAJj56Up#Q}E6Y@Y@J%|F@WqF-Oli{sx?FRHuCRU!=?OcCC38Fy*gB9PWMoIp2qQ
zpC9I&cU#!NJm=j7`ofj@`3UE{1)uHM8*2K_Ip-~L>;e4@oaekHj&t5W0p~eyiDU2Q
z2jD#Cor(N-&iiA;+>^2QV`!HoJ|q3lo0A$oiw~@=D&&4lLd}zq=lrN6_G4&o^PQat
z*^hD7R<j^O`}+M7b9;L~W*K+{_G1bVOWUUjUvI$q2rSzS#InyC`!UmyM!m>)%as_f
z?DO4vKc*Ob+>i0+&-DY>@$eP)n|Ywu#fgy_h;`mSqweXznRgmunRk6)&6I*P=3T44
zYo4NIG2YQv>rno$q2mq&wU-t&-u0Dhrof&`xcwCB%=y_UH~O=G9|?N^EJIzGeWW2s
z=RT6ZzLZnzC4QH|zQcW*I;3>~tn2(&lr<hW>)aZ#tn=6ue?Os3Sm#RIS@|sB7vWFl
z`i|{Iy}4L_`tydZZ&Q0;-C%3;JXAM~g<nAr$28h&H|79;1kSkt(`C7^zG(x!oDY#_
z4bs<PjrF`*V{v^|kF%Wq{ERi_58#coru-JPpt01lk-es@3!}?kQ+^Oer@5x&{?MD?
z*@L=#hIb+6c=#UXu6+gs_Fu4fvakPd`uW;@6K4O#T*KjP(hqH5E7*qT4!#EbB?4{L
z0eu4Fz)tSJa4$x}IET+UvxITho_jG8UYX*n-`BJ{8*O?W<d-76gR+KOE8Qj6dtGZb
zfzGkuSkAZSLx%n(@Q$%M%=z{m$oB?}<>uPwYNVAR9LxE3e6#64-;Q_8{`2h`u7gk3
zVNR*v)0^kpp8$Uj${_GOu+O*SC9gAY#hf+=&!4`SN9yzKcT)~~KS^l2=FYd@1K!#Q
z=i94Q9(<q2JW_ckSe<WQ3>y13)A^2l1#l6e9*Ggsb0VahZOt}{XFcGv_Brr8<jFR2
z=*~CG1;+QhFMzJsKwHQgW({<-d5u3pUhtpI539V~fN6j8y>3GMk>2aZ;e18#{Xq1|
zk+6+<9{e=wM4Qsy`rJ0pJn$RbQJ`V(!+#!pG1tI~k7F6%&F;bYH3)oM>!hMRop-^*
z_x4r1ebsqyu9w>>J{Q&<S`YV&dNCdS?57_0_2&4=GIHIr8ZqD5MtWCz4SbXLnH=#<
zcbapiTehWs_Tx<Vp4LaVPWiQGx^G6^DsiTpeO!+BFLm*q2zVv}eJ~#}o<lqPc0LD7
zRlJ`w___eTQt@4``PKyP_M3t<KCcqba`rW;(|M+Jt+^O*9rB7p{4nauGu?8`g$?vQ
zRDB2FOn2JRpXttqt|Oi4o(MYDRwL;Tx~{vC_gTPM*ZzoQU6-B{a;E!y(EeYa>276|
z^C^_mrOMevm~9f~Om|oCh-S`oe+zkCf9xl$+>5~af2s9`In&Ly&WSP3boUC(E5r-I
z^9nv^vG(QMC@|;4ynt(MuGiq}&NB~Zz_)+Xw7Sxm$H+6?@QYSI9K#uK><2XJbpYQ5
zHgg7iCf0`f40t`xfY<lIw<v8ZvuFqUt3Hn)`=qO_fBfyUPmGfLxaur;f!;?j=2)E1
znsY4L;z!Sz#!b*2G~a1P<`MAQYe_wi;~dh?V-5K2b>)%x?*Ko~f&1&w%o*^5)7*_W
zK;~G^fzJp3FJ>Oi_)O!sXqR7d-og2v#`-=uFN1SFkeBO8d);cDAzy_v2AE3^<6KjY
z^OzgRGvwBNi@dvEuVI$}z5#)Az*BK9WVy9=<vW+9@Xc^*&Oahu+RZq-PzU?e!w>aY
zaXb&Ri%|bMw0%ANS*KUO-;_NQ={)bvyjz9I+dM;#F>z=A+xmrmkIH#v{<*#@P!^sc
z--^0C0-b{C`_J)Rf^?oCmpIm;7X#-Ra*6Le*Eb0`&yY(TXUH>vbI(QMN$2^}f%6Rc
z5R^6CnIHfBL_f1|7w1Tnfp$s2etv~|m(>RHa=nW67Hw><SKY>X)%-5`8R%g@lr~oH
z_U-SI{{<d5)~nAVmSY*(s~9ltz_R@Xu^b~`KF_~?dK78YTie-r9=!;>6l0OSZq?r<
z*Mct0bt}d&es?1<hB04zZPO9+3(|BMmLG7BS{EaR^ZOoiowhNI>_qE3<wwB7dQiu5
ztTC65!TTpy*V&7)|69p94(iK3;k>KrT5|yR#MAd*K>6xV;rDJs_ts)hxdM8$eNG2l
zs`S!U(mq&sByl_rb3f^G(5d^&Q-GgDz+RD~?-b$d0{BX$?{cQ2OnOfz6F6;MjdvXM
z^L)~QbAE^enk(xd-wpXr)aj5t4E^JQv)<znJI}cD{W{M@8g-)GrOqi@7CO%d%s#sh
zI_^Z^n%|yJ&^F=D&x{5CM1=n!TnnH795MUGXNbQ*JQupz2M*3^i~Z+z*oO|jmo~I7
zoX}7KS^94R`a(jIQ{J)A!@jWbjL^OyjK1KUrAd(Q#T%f9bvFBgy?4_cdIkCdF1%1S
z7QROT|A@e{{eW27(%8GHM;i53wh>!qhv@@)@1_ZS_TCNO3+ug`*2udWbE*%(=d`cz
ztpNNU0`q<svCP{zPx2blm^bF`TP9k4<9pDm%|3^H0sk2sJoi2XJrUoH{1vgzuN3gp
z2+VIQVwqoQz;Ey_QRb)5_P-2V`{Lt(>tcm(2I4pb?v2}iliEAjZyG!o;Tuhy!C4Y|
z28Vql(cCk__iG!qy>gv)sfE362cIrK#=(`hAh7()5u^N@`ql-?|68QdUWwQnzW}hk
zH@*sKm8Q*%Js9={dz@nXahzfq>^aFBs;uGO>)#MYm%RtGFpN%f4~Fmcr+~*iI|JWG
z8}zJUx?__bHCF?c@Ac6(m~;5w>;HszM*hA4-|(Lof^SSydQG}{UWjwCi@_5#??L-~
zg|(nLKBt4{Anfhe1D+ig57%9$OiGx%^?4!A*M^44caAzwB;XfGVe-7qpq~Qze^4fK
z&r0v%>$%WHJVP`rXb)>s|0nwSF8VUe9+q(rHT-|$7}yxLmwQ;}0Zu_+zu*};%n3Ge
z4@>Q5Z4&q<1%1Rx$MZw&XKfNVPo(y<Hi;9@_YM21Y4uqcKM!Mm)*AZod<wsxg?HP0
zE?}<b>}O#tl(s*L?@=~EhW#eeepXM=xmS{-&H|iEygP8br_8~g#W>=4-)!!8?Lm2Q
zKM&q5w)~rsc+A7%{c|Jdn~`&n7rqzROuue`e(rHqb_)GwM1YUa^7}jDo;&K{J%)JZ
zo8OG!Ooc;h=9>|mS6?Y`7dhqi*%$rI$QPh7AAWzL=vnV0tt;~Hj=ha=-;6u~TBL7A
z{sGxY-;Cs9F2Zj{`XZL&8@?IA9?B+t=HX+=@=OHx{8$E_mEhcg-;7BAv%VSm8a&N?
zGlCCfg1#AXp$~8FigW+?ZiIi6Kz}zf?|U(d^{+zOJqUb8$MsCVwjTRE1qZ|^*#>U}
z+8}34_-{=fg6s&`jo+Hcc{|!)?`5Q7?r}8Vnp_I|+Iw^KZThMg`b}S6PTcV2yNFx9
zZ0nMKX{>3r?#Y(!xt8whlx`^>=G+DAuJ;_*koV~J9C6P@V12F2au(%{J}b*+)bp|<
zl%*PWTCB?A20Rb2xhMH8|K3|{?AyPTw8k^M4d!$4n9sGv`GR&h2ZHm_FU9y8@GaO+
z_!jI(d<*t7z6H}~Lintd^;iA6eh~bX^Jevpa)JIfWuJQ#?zJ4&3%*eM{h0M!!}2?2
zcRR6}&z0S$IA=G`Mw;yB=o5AL9(p&vhrSUqXQ*`SO=bU#^BfM1-$9+gyU(SJ3pBoS
z_!MI_>7T`(Skqb2`eOZCkMB@k!#4<hTy6KhfU#mbzCS_#o1F`o{1^;YzKAsH;2!2S
z;H$A;N#9S2UEMn;Rt(?%J?`9$7sH<Kg0Tp9Cf0J@VSPjLKA$-pL(sRJZ%9s%XFGb~
zIbA;p>phHL=2=BI%AJa52lr4}j(<YF5&4JXt;2I*1bDY&4TQTUhs8stBk)m(!||ic
z*=Lepu9dpYc0nF@2wlu_FMcuU)@x(pC$Rj^9U;AI)+2AH%)R#(qVD<|w^8`UO}H*U
znD{-uiwRSQzL+D`;T!ftizdKtE`tALz>mhmpDx5*6F8rO^YuJ4whcPN$tPm1cO}|t
zB<RoM`54o>GHVL_vLE6}i1m3YIqqFK0B06CA3TH4)=hZ}2KaCv?CK-(tUc5Bb#pw>
z^J#ND(1SgM;JgN$8C)LlJb=BkKB!MnnQT7ynZ6sr*UjeJc}B3l0ZG0G+T;6On{P!@
z2;YqzE3;h9@jV26;QI+}9aKJBpXl#<5q!7<B$zL$e{jB6;{M{}@Q%Xf3)4=w*tWBI
zV7n#F@t~a+G{*xyb8Vigflj%f9q9PYy90eOcT{F=vCD1qbsprK0lr6VKD+EFSC*Zp
z&4Y4HXpRSZ@C|dYkA=}QsyQC$8Q2^T%5z3@JkWDub3D+~tvMd(Y1bSN^u#vD13eA6
z-z3O)!`SD$=6Imzi{^Mx9^7ql<h-Eg-R5|p=Z)rgpy$Qrc%bK*=6IlIQ*%7fvmQKy
z@hs|$JsA<x=RFDI?6M!mnNdHC=Y=1}I>8U~+^i$JsWYCfei-L2{ct}6KHY%NG~j^-
zJj8%U81Oj;e1QRvG2n3qe31c9HsCA+zSMv(H{h!bc!mMbG~lZZxY&Tp40yf)Uu(eE
z8}N+=e3Jp+V!*c>@SO&{%7E`S;Cl`D0Rw*6fNKo+F$4ay0sqB-pElsX8t{t-{E7j;
zZoqFE@Gb*>&wxKL;ExUXQv?3Ofd6a2-x%=s27JJP4;t`c1CB`z_-bndZfC%q47iH{
zcQ@eP27Iys_cP$r4fsq09%#Tr40wbApJTum81NVa9%sN88SrES&NARj4ft{czRG}S
z81PI3zS@9`9XJ{DvE&=u`}SS<{QAy-J1ZZ~6ryJ%=5?6A3Bm^eW3OAnKL8$};C+C{
zDH!v$9#<&%zktgW{2#zKDVXOB?^iJ2`8=!Oj{$$IV7~KdQ1JVJPr~GpW%vhR{CzYD
z^Y5}<u3+vZ&QtIXz;`H^XBF2e_!Yn}EBGbApD4H%FxC-L=W~FM$AX@DJq`Fw1wRFN
zf`T^#&QtIcfEOzGF~D~y_))-EOG-WK0B=(;?=IV^;0FNLEBHRZ*e{X%YXP66;6DJy
zxhR>w3NY5y66W_fYZP1s_+<s(26&HxF>mXEy<o|IGvH(eF9n>V;KhJ(@uTFq9&kHc
zI>EXx0z6E?n78#<sNi{kpHMKr$%(_J8Tm^9Pf&0X;5!w}yJlWh@Jzsm6r2b61zdDN
z*&M+86wGgQPQ&7q>HOO|UIp`8ox2pwvt@57_+r4vVR1(O$$&3aFy?DL?p5%3z&OJz
zdC~zNRPY$UDR?nT+0lUW6?`6GoNt%un6LHtQo$ntC$)FdhXVE}crf6*6?`_}|0wuO
zz^7rek@_)T>v4sGPX&CJg8Kr-H<yy<WWX*g49R~2;C>433HWjaW4_koIt6zDyk5b_
z0e(%v9RMFza9hCWMp9>M1IB!<M;~0c$Gik!+;bq|LwNU^so;Zvixm75;AINl4;c45
zNPf)MdfczzZva20;JtvKQ*b@t9e^(uC!d@&<UG;3UAuOjy5Oexg{$$qfA#7|#qWNv
ze{1f+i<9aHAFk$aeSr7rSDfE#uk3hhSNf%yp0te2@#$HfwCw4gS>6gy;e1b#w|G`X
zfv|`X36z@cT^K<uJcTkdi*jd`o4JG}=rYYHD#@GeDKEU%YqFDSP|^x=@qcDX(ZaOC
z(gJUp@D}HlEiA1NGt0bQF{!Y;ys&uIpp4@AxkZKfi6~aNFp)%6Yn_&HsZP11cy@8g
zHN}aA#f24#Gjj`z=9PIxmUpHoF3I<LN@iT`&8zTSQ<hsgut4-J^_G<vmRER-E0X#T
z%qUNvQ(CbwslT|SxC{a|b(%MKHi#gVdlD~594wfSmRnRbBR6lhpvto^aERxh4{BaP
zF8&`fSY%F_cv<q$!NWyqS;_pud~ezL`QDki^NK3OG{}euWhlrk&M)$weL+TXg}1CY
zw`g3Uw<tfYWFCtubGL0&ic)whLQGfgojVV<^(Ge2n==D;*7i~M_M7OEV%9+Pb@DZg
zk(xgB!n8@MmF!HXlzNM&PMw&TCmS)bICoCi#tSJ`;e3B{LVqGM2vTuL#mtnc6=iS%
zQJh<hmO^tUo_Bs?#^h|zq}1u6yrRsL*q2sLFDol4ODy+RRDd}#HFc~Qhc@@-Csvds
z=9SDTE%H`)ixwv8+A1SCQnS3p-m+XNm^-hc0A5g-2ehO(u_AYtxRBJsya*LPQiT-_
zP8(8hMasA|gff0oYFc>vNlG|nl8~M~DUn^#Z%?yix_kI_2aE$}gy+FD>?nokW!HLD
z6A0=R`GvE*<rQ!j?}Acv8CX<ir}|x>`;PTG8H#+b(}7hy(OVo+$2qxq{$etZKxvGo
zQu2vTQ`y~GQ+3a_9nvXZ;*5nA-g4o%?pR&I@Vp_VWaA%2$+Uy`)vKb7;qVut6vQKR
z5kECtGy93~8r`7&Gze%Dh0p?nVhBlg)IcS}IfKq3q$+Y0_m@Osx(K#~XBL)~S0p+D
zHjNH2aNwZwvb;ev3XAj6eFx^{iSqIS=|&|u1}OyI)5@P2W9lfjrwHLj%&_%w{DYrc
z{u}rQ(?QVzS~^Qjf%GU8-U8Dv44>Zl5+^-D#Yrm8QL!!cvP$oKsY7XwKQrIqdsfBG
z@w+P={v9fAj=#e)hrhFmo8zB;r^ElUiksu#@UX+5@`w{R$M0}O|BYH8YJsQ)q85l+
zAZmfA1)>&+S|DnHs0E@Hh*}_Ofv5$d7KmCPYJsQ)q85l+AZmfA1)>&+S|DnHs0E@H
zh*}_Ofv5$d7KmCPYJsQ)q85l+AZmfA1)>&+S|DnHs0E@Hh*}_Ofv5$d7KmCPYJsQ)
zq85l+AZmfA1)>&+S|DnHs0E@HNZjn$V1SBKR6JJ2nJT_g#RV#^P;sS-SEzW6iXT$(
zCKW%c;_WJaSH*QI{z}CSDvsOYl&iCfPgHS|iifG#t>TF)p04726_={`Iu$Qh@k$j}
zt9XNox2pJM74KB>M=GvY@qQJHzc}UWpyHk?K2^noReYX`$E!G7#W^Z2Qt<*6FI91s
zir1=mor*WBxK_nGRQ$e*_o#TEihogY{8LVO6I7h2;sGj7QSn$6XR7#06&I+uLdBIT
zUZLVODt<`Cn^gR)inpuyT@^c}3H;lj(&M%|X`NMkqKcDLJWR!I6;D+0bQR~TSZglV
zfQnZ<?*P0z!~ET=(#^Ce9JN5y0#OS@EfBRp)B;fpL@f}tK-2<J3q&mtwLsJYQ42&Z
z5Vb(m0#OS@EfBRp)B;fpL@f}tK-2<J3q&mtwLsJYQ42&Z5Vb(m0#OS@EfBRp)B;fp
zL@f}tK-2<J3q&mtwLsJYQ42&Z5Vb(m0#OS@EfBRp)B;fpL@f}tK-2<J3;e&Z!0~-W
zPTw)5owLUn|Me3&nPV<b%Sydiba8t;p7M&^yxE?-g4v!~^K#4b#l>@%$5grV7Z&A%
zG;fAyMqzQjw@g%_z+k`p!b>looIE5oed>j2lhO)H3%q5?$$2Hk<rQV~@+wNo(&wiq
z51X^lV<bVNsPc;rz0h0iEi24BO4)$mFelHk-n^sBH6S@$W!VDJ5orav_&>9xXyGvz
zI3*x^Y&l!@9Xi>2O?uXZ$wMdS77rObZeDR-MPW&CT5eI%476NE@ywEp$wTI+48JtD
zXr4DcJ>4<3rDWK+GOzbnYZ;kdoL9E6w4x=7f*Zc2l?v9<;#vi(`8CzD+_I(hvedM=
zVwRqf@Vu5bSV*@SqLhs(D#@GO5*M&Fw$xa*o)%lnR`hGk6*5$`w00qiT3o#lO~1y`
z!wqMHl}AkU7PrJ7!l-Pi(ZZ-|vDw1t`W22bthglKn>={RjH|tQ71PRcOOuC8^XAUh
z<2UVw(K~sBnJ5SKse?UwFhAx;u6+1GDtMf0_DQY9tWo5s<?Q}+)Pf<Ndeo9(8tdp}
z^NTX)i?YgAvd+cV%)tz&OkCjhq-9-}nLWib$2%u)PAL=Pk(i#9<;g4Z=9YQ9Wo0Ft
z4V86P$ua>`rLw}}S)O82dMe5+Z$*GTQ6-j^lzJ*kJacl(W|KEbC6|L&rwwM>rJ0_z
zjLh-rS)R1)>7KlbvLdplgpy|B!A_Dpl!O8d_Bhiea*Pk<DE3}MN@gg91)A+$=qd6R
z&#EXO)AaC6rMda}s5&`vf;m|KIdFcG3KU5V7~=|ybBjFQ1tgUQlQN16VKzxw5KOtG
zG(WdOYO8c9ikgp@>XutHLtm9e3MgEoDU(vuq`~v&$+oYy)3vqN*#ueH+&oWt;kB}e
zn`{PU>aAw_Om9V=v~6urDvd+SY!6CR?Yz@WEQGPh`M#Mr&u^zXot*0}_aqNV@yyDT
zeqL{;4;el}r|;A0tc~M1GZq%-&XF~0(8RL5Va&5K28}Rf>ePvz%+##ZNr5T9XI{n3
z6xAchxSWih%jGbaJU+KLzsNf^ucXwQJS45mixzc~(laMd^`sOQS9r@%{gD~vB}Jg6
z%kox5(2$larTomyZA}E;vB~N4Nw1DXAL7v08T28!rG*|{q~sylB@;{Xa*NXElvXTs
zm^Vda9y+$LytJg;dtp(@42WdPdTfozp5pMqd9u7Sy=C6wJZ}VpIGSoBX-b)tJKM`=
z39`(bpE+(mo-b29VID8@u~Z15WG^iBrqfE>Bk3QN#$ixpK+c^8=P>6fm+hTX%En7h
z#?mDNYr|Yt2bm3*_R9b?GOYwHy`Vy_SKz;ql?+Lq>aEC7ZZWRVTa=$xGOxHIy^xvL
zMV6B@3Hp@ZJAw+3JVLLebZJ#l>J614JjuxydMmWx5o@&Xh-!wQPH9EC<>iynxq|hK
zm?|G7sx%EpR5L;w*Ix(e;+3(14i{R5k(p&B6(tpD>0qhlN0JJ)rgp7JOH#D9UXdCV
zoH`7Xn#ogBJ#>OmQwwJm=T^)s^P;weNJt(9x6oS&W4r~q^9!-1K*F%8h56p}nKLnm
zl0KSAuO5}=Z;FZvISy6@>M&$*dU;-MY3__7HNeO*XM{{d-;(`tO>^ww2AJxA&<Mxh
zlSkMtDr*z)cE2U)v+F|ShYX%tRB{bGE6B|q58o8RJ(SLqS_IR1^D|52=#)`xNn&b)
zoVJF_rl_2P<;Rtk%&|03zBW`ISsSg1HZVH!<f+NBS^c%0I^07w+YL32bIXB&nO=e?
zMeq=wIU$ejO@DKEWpm5UzB8a_BuhIBdr!l`ClwW!OM?U}yPDa*Z;CljmE^%NcG|o$
zjI$NaKwcMyX;^kaS;;l&3-Y|B+;Iu6x4)9iqCSlD$Uqi)tdothFTk6UzQB3fh3Q?A
zx541mopoqP6AY7s2)mVI|6yZuD{|4JXh(MTQg2zs!qf^3D>LTdiOK?3#`#AG|08$k
zaP`ckJtuqTd&{!Cx%pFyixy5T&CT;VuI@aKmj}d0`Ry}2om1mrD+Lc`RpG=&$p&st
zbd4eEA2mYFhAIboUBn^2S}BuDvk_zFVOYT~=J?!lJ)EY?4K@9+N)C)<wB5Qe(vHcG
zB(*7w)CjDbF}XfsZd;Yy1pgLaa`GkU^h1X@qiax&jn2rD)`rRs8B<b%2Y9g~9Q1gk
z#P$%0l#FsGJEx!Q3}whJQBSNR73KX9xltMAsw}Dp8XS6DO$i#5oaesm81*Kzlf5>k
z)5${Vqo$P=R(Qh<IC+Jcg>rmpFogVFQ}uJHwW^ieF~?&YJ<3y7Ay<2AS{=`A^t=VR
z&IY<CH*fB|!ZJB!uC{4qUKqbz($+c30^9F1a|`9He-jBauJx9cutl~K%P%TlC?8n0
z#Pk|uJCQlq2QJAY=T3=Y*;=}g==-hE#ku#uHQ2l&ucypAtFRp74T$>Z@`&}v1Bn&e
z=Zd(v+MD9=?@syeKKXCu%}m)O;X3>)S|8iif2U*IfJivjorm7XyycL1?0XHTw`7xH
zKwR8IPr6{e6)*AM_n&pa&T_;$mc9IsV~%|rYfnsz_WAxB6BqZ<4wiMpZu#%OT2$hy
zxMMHzs<;-Fcx@c4dq)gP{8csotz8q-5*xqR>ex%Xy;Y001mA2G7q@Q<%erYD|9$oq
z{=5GflshiD<@@XVTOYGy9c+E<m9A{lqDtS?CN6Hz?R2R<_wwHzt6St)U&bGMiNB3+
zkz@TB9~W15h-LldYyMk%6Psznk0^Isa!WV8?`e0;jdXvzW3Tcf?ON1G8{1i9yVw^K
zJa~%-;;hkGyxYnie#MG5A>*s~IX=t)DxPcy&)*1>#w3f|JN(LR^2&~Jaa-kMYP<Zm
zUjEx4|6M2leINf?Rcv;n_>GRiCTLdRosO1?nw9uhN85zWihR;B#Kg_YeBLok6ErKe
zx1)#~#y!TMnXN}n&#=T0ZRL3YF=Vp1sUzMui0?YaiE2(7#2WeUa`|r+{uQyau&Fo$
zla<-dCh3Qr3+HotS?untHk!qMI*S<jcHc9zD0f!5_($i81s?G=QazW82RrA9yEt3H
zWMz5G);Rw6t_&SEwb|-g)8<*%^4OPM*Hy(_x7HPxkdi-f{94!8rEvwD+iq^X!c`aZ
zzN@HUYs}6LmGK)~SJuW&T;W>oS{J*i&F1*J_-9>JF>wiNT{~hox7`p=?xKRFF|{3+
zw%*=ugR8+|u4)w@e=2@S&d&k)ul3W@t2Nz(IN4Pxc8+pV-c)$}d5WXELw8@`;6oL@
z!0q6(6~1GPgWsp{xO4}97kDRhpy?Mn__vClFhR-paP%i;I{0_M$-nMm2T$wi(2KGh
zJV)X63a?an!&Ha<2ZdK;JNTOl?|g}af2r^Ug~#=B^d~7iQQ<iXzd+$HD}1`bJ74PP
zD^vJ%h2N&|lxYtA35B0`nS(bdyypxDKcTmi|AIURpP=x}d<UPQ@MjgiP~oR~9r_xD
zPoL}HpD28@!rPzV=-;pY0KpjwcUL(4qZPhG;nNhJJ<p*pQ1~xP9Q<yDcUb1&Pbs{!
z!rxW+sS5v2;k63yeWFvI1~tPUt?=o0I{Kz7{AGpDRrr9r9QqoC*FWgsuPQv}VF&+Q
z;Tsg*r0|qS9D1*locwDQJ{CCrEwjd<U#9Ts3NKc8j>2mdzEt5|PFDV^@LYxOQ1~W=
z?^F0!3h()-lV4IFN8YXQ2?{Szc&Wmx6#jdKZ&moy3a?XmT%w~deuJYwOW^|)Uajy<
zh3{2(g~CVlb>!D5e2&6v75<RI>lOZk!aHnq@*C67ksqw^+ZCRz@DCKeK;Z*VaroCN
z{6>Y>YJP?9QTUKkRs9}w@>`<t0SbRt;h73Q^)!dSLg5t(U!(9B6#lHjJDu+E*D2hq
z@VLjF{GL^KlEOQl;qXsX_*DuoRrm&luT=O!;3v1O6p1f5`nn`Jc&5V7Qh24pM=N}j
z!m|}#r|@EhcYe{)w^ZS7h2I0bQ+pxmVqB7;M&b1eXKKDflJuuQS3`}&yY>&pPX<0y
zxWow^s%Dabq66`d{yQcyz)v-B($OR$o&bJ~CR=pM>*voOp`Y>^CqLy=s2D%ulsD;=
z*Uu|HzbLP9@`sZ*>6F*cH-YC9<ux8j-lS80fg2g&$LAyEHLm5et@4|6%IoJRpQn`9
zxR$r;Z_+8RpSOJeQeNX)-p=2oQ(ixx`MjpQ#<hG0r+R+-n{>+OU+6F#-^!8KxR&1(
z>(Gf$Hu#BCUe5<OKVbeEC!OuL6@fqElsD;=-!VawMYYOb<63@=mA^@+eEt+ie!4Ed
z!nORf4%wf-<|m!<dj2vS^B0z1<63?>0sI)T{3f09dcMQ?59KvZe%AkG1pbIq-lS7r
z&yP4?qP)h*Px<Q*_#;kvlTLX(pW^(A@){>U<vSC=j}hffI_35Ji}NwcYn=Sy@;B*}
z*Yh>b-zcwfEx(qT<42tNn{>+S`5otbl-D@<nSUGtf5a(o(kZX!gPb2yUgPAad;$W0
z#3^smDX-^`oKI3-<K(A&3Icz`DR0s#ujiYbe^OrK<fnW-0)NCQZ_+8R=ck;nQeNZa
zr~E_&{)kiFq*GqcXF0#6yvE5-`SA$+5vROKr@Ws3az0FXjgz19cKexh%J07vO!%GH
z#*x>!mLKbo{rQ`8%Io<y=ikg<<61t>8h=eX<@NlW^L5H=T+0_&`I~ggKXjSHa1CI}
zYh253j&tb5CtGyNPru5c9|kP#r*QJqe#5NsOY@UX`4zd2{L_FbuW^7<euYE!+s~v^
zUav>EKB2tEwR{c%{1~zPCY|zn{lfJO<uy)zmj8VO{)kiFq*Gq6cewtcyvE5-`62}V
zh*RFAQ(mu+xL%^X#>r24yZuZ$<@I`s>nqA@T+62rz>g90H|dnWQqG2iNQa+MUgP9v
z{+X@u4}QccZ_+8hK~?ZgC9iQUuLm$KZ_=fFsZ=k1r{xu{<u^EFfBqW`I_35Hk?Tp8
zU*lT-N=x3PQ(mt(x&EZQ#<jfL>VGDk@_K#B^(y5xuH`3M`I~gg>-8+xx0KhomS17X
zn{>+S^)J`Ml-IbHUv9~pbjs`XGS|<P*SMBnM*u%YlPx;sf0-}I;ym~X<uy)z`j0(-
zGU=4xaIGW%mXg=FmLC@9(1|mDlTP`%>mB-DHUH7Lmd~-|O*-Y>OC0%SDu0b@`DY!n
zzy2nj@_K)P`wg=GN}rau=O3D%bjs`f2<}f%UgKI`72lt~NvFKtzu<lb<u$J5?dQKq
zr@Y?p;Qj~YHLm6D=buTZyxt$-ehK9@uI2I4Oa2&5w&;{!akE43j^_mBHBNr|kNx~H
z>6CY?4sySe*SMA+V70$Vr+ksx&$&X$Yh26Q{m-ORUhfBSe~9JRxR%c$fFGmD7M=2X
z|A_lZl-D@<S^pvg{)kiFq*Gq+H*x=o@){>U<?ZK(NvFKtpW=QM<u$J5;|So#i20jz
z$`4*C$>JQ?nerMZKl87(o*yQi^84;~<o~PeuW>COhjjjkGk=p#`Tc*CWbvxXU*lSS
zJjMn7w7f~D{CN*L^hzbKaV@{WA^YV`I_33#9{2ZHe~oMT1=jP!q*Gq+|8YN%@*3Cj
z6RrGBI_33#A@>g{uW>DJ`>#o-yxw2rek0{IuI26Lhe@Zr-jC$|B;_@(<*Tgvn{>+S
z{Y&m=QeNX)KHjRoNvFKt@8td`<ux8j-lS7r?~ii7l=2$a^7LW;h)=fYl-K*I++U@<
z#>r1vTi&Eoex2H1<$f&XH6BUcq*Gq+*K+@s@*0mMZ_+8R_jkG9OL>iJ`6SeVKjM=u
zI_33#F!zTkuW|CT?zX&1r@Y=j=6*8eH6BUcq*Gq+H*^1)@*0mMZ_+8R_oumEO?iz+
zk~is;*ZbMr-=@6ABgva|%Ip1a?uS!e<B{Y|I_33#d0e6+uW>DJ`=3dtyxw2uemnEm
zcqDm~PI<i_U#;Xd9!cJ$Q(o`ib3dQ?Ydn&?NvFKt@8|wM<u$J5ZT~arl-KVE_`ZPh
z8jmDz(kZXsC-D6O<u$J5ZTp*a%Io(Jd>=u1jYpC<>6F*+EBO9`@*0mMZ_+8R-*51J
z2jw*$N#3MWUcV3F`w_}(Jd(Ugr@VfD!uKhZ*LWm(lTLa4zJ>2!D6jEI@+O_~`u)rY
zN?zlU<V`x|<JJ2XzTaW~8jmDz(kZXs|L}bf<ux8j-lS7rzc1qZBg$($lDtW$ynesL
z_f3@7cqDm~PI>)4itnc=uklFoCY|#7{nZOfUgMGEO*-ZE`!2r!V*VPBByZ9wuiuaH
zeHrC79!cJ$Q(nJM<NGzrYdn&?NvFJi|Hk)ml-GD9d6Q0g{l1Rx?<lYFNb)9~^7{QA
z-}g~o<B{Ywo$muNWcz=7A86uyA86uyA86uyA86uyA86uyA86uy|93jx2kQ5K!{dYL
zE>|$_X%md2dk5*e%c64|)XZ;=rT<(@|8`5B%ScoHutnc)(O<Ll|HHz!Sok9rj^YHp
z|Kv3LI3()#nXK<|?JI>lmYhPce#A2s&hip3Rrq#=S1O$LBz>^LS%2a=3g>?Dajr`L
zelhoNiR=AY?gtas`@P&>B(C=lx!*@z@8@y<P~vLA%l!c2dcDu}IdQ%I=6avFUe9y=
zNL;TExgI61*PC455!dTCt`~{x^&sE>5!dhk_&!bIQ(zeUsuix^zj42bbiJR%{V(Er
ze~bG`#Pxm=_qT}a{VTpNAg<pB&|hia6lGufC-LzLr@s*|P&oaI_yUEqKM+q+IQ^IS
zbcNG@j_ZJWD4hO9e2v2CkHnWNoc>6>O5vXZN0T0QtRcjA79P_!nBLvOPqXk57CzR(
zFSGDs3%|v}@3rvfEc{;<{*8slwhJzQ4+}rj!be;9R12SJ;n!IB?=1X53*T(vFIo65
z3$L^AZ!G+<g&&8p)NId03m;+Oqb)qw!q-~(3l{!?h5umTz2IwRc~UKWsfGXB!bQhm
z`3o$(#KNDk@SiRG+)lyz3N3t%g<o=9F#m5Y{80<vW8v*P2g|!He4&MJv+#o!ekM+H
zn)V!T;Wt?LLl*v;g`dzRSl?6&Ut-};S@<CfAJ#QkU!H}pwD8v~e7}Wv!bZ1Q-_aI+
zxrJ9+_#Z6%RSVzk;K;)HeQDwQ9Gs6~`8#aUyW)Hgg#GeK4({ha$HFIBc(#RKVd1$J
zUTEQS9o#>D-)zyRp(N80E<?B+;R=K+5q^Vk6@mvL2O$?>20|V}K7tovCc-R)0)#?@
zs}W`+6d}w(C`KqjC`FiyP=-*BP=PQHVLrk&2;3`Oh;S{!B82M@ev5ED!VL(O2#XPJ
zL|B5b6k!<xz90}cBP>VYyy6ywTM<?u+=g&F0zPFC+>7)f+=*}(!b*hSBdkJLjj#sc
z4+wW7+=H+d;g1OSBHV{ijc`B00|*ZyJcRHkgohCxLBMAxVm(3)!lMWq5FSH#9AOi}
z69|7scoJa<!cc@^2*VLZAdEyvK^TQ_4#K$z=OLVrZ~?+-1UEt|!We`!gs}*mTa81w
z5Mew*2Es)M6A&gMOhTB9Fa;qK;bMd=gpCNB5u$DX|F-QpKqLxW+i~Rc|1G-_P)i--
z*A-gqSiiB*a>x9og%&*a?=7@sOTM~*taW?eF@HD|s^Zu`Bns8hqHn3Bn&5_RS#^SS
zw6H$GN?Kka%LQ9jBTGpOt7K_u(br$HkwUsh%RfjAtFL87vP;!ME7@vVZl;jIpk?(6
zQPaYTh3ILyQ->R@TKcu4^nfr5TV|{<idtx{Fq&HI3cvE3MVQDQ=$ri_&yfip#g0<Q
z8YhlY%I-HuDHh_DM=2Mkd777WZYopX4C1c51s>~DLz$+&Hk7db;Ly75FXWy-nPA=U
zC)1dLa}}UO&0GCsLOJig;~jrtZ}PJf<&6$@BC_z`-e=QznVg-*ER7rc!jbh|eI|`H
zk+<~8MEia|Gg059XQrtu^kkBK8K0RLB&!%rS@YgKDW?+xrqL;~!1|`WAYQ*!$m-m!
z=cmt<m+A#j-lpfr<TZMJOx>R+ar5Fle}cX-PbRQ9L09F;RNj%-{N;EYBzgH~3vR^=
zCmM2FRX8Sj4_;UTFTm4;Bj0=%o-6dqyYPI+bk|*275|G%?!qb#zTHl<wCq~D2-1=7
zvx^`gpO`^6^#onC6aJPXtt<5Ux1+nkF0%a5U0oMhKHQykk-5WORu_>y)Kvf9yQNMQ
zzS-;Pj>s3Or|XN8j{ZVAm5maNcoSVP+fiOYX9*qs-E)>;$c<;lJy-hDGyi>TymU^>
zxA?X>rQoQqne+39y<g6z9_7VywpiF3<rI_uzN#=?z(1;|{O|6N)7j!CGI?L?(Ow>>
z<c|8*xDfuMxGql1{JMMMsHFuL#Mxra+ze;4>s!o%F5ECLprgPs-vwt09qAIdU{>??
zH;dBzwQs=!LHE6Bk{++ZU-ahZvTt~^2+dsWrn&un#DAw7DDoO`#Jm9<*SHyXyM?{f
zEhtgn=7vP;8n>Vn=kKbhE8WyxZq6lc`t~+?+c>Um3x8i*$lqdNg_1*7Si?BS4!%op
zuz6LBlnT1O?WiPz*P2Hq5@r#1RC3k|^{8a*_32RvO-vr;zYNb)US1&oLPm)*O7f4a
zB&Xnk<G&<#lDDFuB;U4c*jX3uE^T(cF*tCUq;p~C)RDaApN+%3hZfE$9XT$Se@bVe
z{If3MGIGXvb+vQE`*()~<pj*R&vNPrc>`}6uWB6<d<Ab%DJBjXs&Cg#Q-5oQf4u;g
ziK;(Y5HVwWxRN$?o_T@0K4B}FT^K*+YAijofc?=iO7dXmCRTY#s1^*_d>O{#1-Daj
zi2sN58vk-Av>;;#s|8U=Rzq<~cO=^IONz@PQ~lY6==A3nrXYG{7D^h4o5JNEc*!id
z`f9(ya8r54)$#&Z`qQZF675mhp7fM5FK%2e_E<y3h=8{^?GijvIBf#|E|>$aF`I@r
zYC7X{+7R3N{z+LFm3~VE|23(A8G;I6)-$M@Gk#??t>Mk8CvMbbbqk&H2lEb>e-J{s
zf%TU*0+kDv3Dhn)-K?I|jLG2!(V(6Yjw6t781X>n;fQ`83qu^4ul|e>ybOPqM3vAU
zt}WX+HnW%l1+)pevn5*uD{o})C=MC;t?YHvIlh`~vj?}HO$`(?gyJu!O)(29t>jp0
z$|czoGbX2x^^Ch@a$0uAl*yjK*cl2*Om=D&GCs9rH-BJWNm2g5|GmZ`5z2VXTk%IO
zU<=hbr3)EXn|UmlMQNFAgnXT6#1Yl&N5wHPMaV2z(@@z?A+<TCKRjfXDR_kb)gBo<
zu&d4BWBL10PT7<<25D=d>!_~szfk3rN=|tOAJwDLH1sixDH~W1lNOs)+2MbsE^O(3
zT@wWtt%bT&xxzi@)ccQP_eN#9|EbQ%<!tFCw5GF#n?L+Iy^+h?!iI`$)D|jKCA6m)
zzqZx?XZpgIuZ5LW*0T!NLS?FC_N1rfmsSV4;{RH0gwnR;P5%+g*>Z&uO4!2IQB7@|
zv4z@X*|IMUU2Sq+k$tJNEo%NrL%DwefuIMd!)z^#RAQK6Qc)~#RjGExkSuq_O3Mo8
z^KZhTToXsCKXf1lU4p;QP(El@ZrQ>?WAS%Piue~$2F)t0D3~|nY;3LIZ@HX}ZJ$BL
zA4e!3goGi3iV9~8D&=2C!UTGdvn@1e#=OF!{6PZ;4k|Cp8zlJGknz{<2Il4cU&$uR
z`TG!qN@iR=up+k%@0M9GRT36J=U>7qw_p>{Iry#qJ@|2lTHMS0Gf;izI{|4pZ5#U^
z5rdD9V(=f1O(RT4;O|7?dO9&NM&QeaqxsF>r@8#q7)Y~=J^f+}fAiDlT}G|m__KHF
zW78k%e$Pwk8IQc-e(1BeX8mQs_>DJg`1ACVSH7HC8~4w*-<};aWqPZo>o#9^?XnM^
zyLJ5U20YRn{nDFu|GV<RgCD+}`^gyzKmT#+Rjo_AO}wJIW4oumJLBisJ^s~iO3ZaB
zPsa58?T&NaT;V=r@8V0^^txmH?yVR6e$kSwLnHci*mC!UzkQ(kgO5s|?DF@W^SV5E
z+{0}aUUTm0E53ec+{OQV;GKtG>2<=v=c?njJip|ol4o8!(fiYnKiu%@njcQPdc>jg
zp8s~^XCMCi#kDVr=MH=}wD+mYA3uKS!p~p*=MB3K-*Mw}_g$7zGUrbd5B;`XLuIFF
zkH)_^=I!<m-Pic;4A0+gd;H;~b*_81|M<!m`TL9KEF5{y`pX8-dFTB_Bkox0-u6}M
z)qfeep?&u!rtNC@{-v95x$VZn*G{@B=fB_WPl<{9*E8?9CSNnW)5zC{KfiU?;XR)}
z_nX+~R^0aeXESD;x4p-wt^cw6(2ijT+k6pIT7O{whK6gdA2hmZ+TP0=Z#ku1ZvUG`
zJi00^>+d&=8QQMhd;k4x*xECjv+u8^FPwYJM|a=w$npQoynObDrK^A1R9jUu>F(0M
zOv?Go!r^aZfAMSeHz&Vs*}c7XP92<eMZZ^{dbsw2SK>M>ZQpy*8Rah>{^}3YPs#YG
zb>*kSKm2I^kkosh^mHD(-<R=+dz(H#@5h-t4s`zF&O4{C^7Z{-@4wIc<>6kLuVi%a
zPF(W!qLk+{CRKKOEo17bZ)MN9>#H%#@BjX#>YmfqPrtbB!b$1XX$Kzv@y?HCe{=OY
z5C6{h@rdW|e*KH<3#L9X_~j3F&8vCpfhUs6PJ8{c;Um}0KBMnnyer;a^3&YXm)GAi
z@|-(oTzhEO+r9od>5g}A+;I0ttKPYIS@)5T@9#Eg?9U&Ue>=O&E!!Sl_tWiJ=~rJ}
zp1W}Sgxno_AD?v9gG*k${Wm|oenHL2$1T75-MdCz_D0QuFV}WB{7vco?|swxf!pud
ID7)qV0c!*7Gynhq

literal 121259
zcmeFa34D}A@;}^@2@oy`5DpO}5mZowgfpzD2_Z<7BSOS@PKIP4k&uKWTmtI^Jffl!
zWffhI;2GkDyU_*Ll_0K*tFGsIt@|?^YFIo_5dsV3|E=!onSP#`kjd!#{{El$ooG{4
z-Bs1y)z$rU_w#hmJ4e1f-bDz9z+VhPH-zl=Lfq(;QQ~CKL!yLmxw6u;vq0GY>TMBB
zw?i}qsFHs!SGi|tITHYOeMd*Bv>TQyNHntb|3wS0pCI|N@<nsXd{K6N-se=(nrH=y
zHuc4@KGa?QDSfVdPhp9t6ft&vUFsB{)<?9dPXv@Nx45XxUtznx^_!KxYy||-%HkYh
z11?u?S$Sze(L9c~>)X%zcCf)Ut<_k{ib$7hQPGluqC8hY(cEH5TibW@RwX%w6%cLL
z!ATO3pCqFKF4v^gtW;OpjOnwoWJ10CSBMmbHrk139b$pIT=R<kR%=;brZyJzk-Yw+
z>bo@o=yEM6rb-r+yXGz`$_*%A<~GGlzE6KdoBBGcXy3nR2V1*Z>zmE`boq!j_4yPr
zVzrx@>QF?Aj<eF*W?Hw)Rp@q=En6_BxX@KnUdr{<vILcUj1~axLy_76;WlF9KbI@d
zUGCPDZU;Xd<5c=;IErXfpPy4<WVZziii>o-@)J!7v5ED?`=c!Sxc0tOvK#rP%QZD)
z`o-y!GL*N$&zQ5GS($$7K1EZisp~W$yor<qzIcFmz#Kp?U=y5TX@*0@Vo<Eic8JZO
zsSor;_{8lHPk?B=(;+I;h3Jg9Oa%HHfOraL08azVm9fG9NnYa+-vmiI1#y(m%^5F#
z_SJnO|EI3c?ip_`Yj|cP;^Glh9gwTDi^P@fk4Bw^H0nqCkH$BuAL&9-gy<88Vc8)@
zEGjD<QCKjCLhjjT4^JANw+yHt{$vEr@5~z*z&~qQS-EGy@QEx!T4h}+-xSzoJ>XCT
zqRCG5Hvoa?l7BkHxjZIQeB>`;frten7Km6NVu6SSA{K~PAYy@t1tJ!RSRi77hy@}R
zh*%(Efrten7Km6NVu6SSA{K~PAYy@t1tJ!RSRi77hy@}Rh*%(Efrten7Km6NVu6SS
zA{K~PAYy@t1tJ!RSfF(a9GLOS#$(GJ8;_-ls-K*qHsQ?Z*n#oRf5r>%UEd89>u?TZ
zllL>n;d&unKw6?s`x<E!pL%9=rjFaC`Ts}pyA56cB7VeI82le;{;w22bd_jb?+`!Y
z5$7w<-!=a(AHOf}?Zl7x24~OOu0pIMh|m2cJl&z-^9(0NDf-y*)Qtybyjt^*C=u7Z
z+VNhKD{AAx%bbXdhE3YRCJt#6DpU29(fIn``+gL{9qq)r1F+Sl$kQ=cl@IYVox<DW
zBE<cSwCXORuE7~syVKdLwg=(}?+KUyzIK4yPE)od-4id5&Zcz8zn>Tl9wY6vY=7EN
zq!EARtmy2RZCjHG{}al!qmvjrlJjkFiYm%8TISiSmg0A!Jf#2IQ#CHC4g;rh692z|
zFX|xb62N<q;-XRx=Lk_pJk3$!@C(2joV{gT4k4}qalOHt(BE43&WIzO_3cF6Nm`dI
zPw(0Wl7kM4*X4NwaS9hz{{&7prSkkq;dRFVWqDY~Q=mx)#Vfg<wYyN)-Kg7MnI@_p
z2Rybs9c?%XZJD;Q$u)5!+P13R>H6qZr2W3RxlcXdR|vYU^-aw${0;FhA?|&^&44=r
z$-ePZqO;>sX7O|LXtD*xc`uC4J{56~f~Qr#ne6u)9EOv1{2TOdJJo8tml0?8n;Q^E
z?RFy|`OOkQM|Z<-Ci#8i5vN$^j`gRVmgZ0UJ<_P$J5v09a|rb!zj=)F)qb;B=Gm*3
z;&nT@e7LBZZ}3k8PJVMYptdFX4e{9hrT}r|H<f@pdt2+i5^>sZyui&ipGk6PbBfpH
zIoF4astbW@zZt6Vx?(_6#{kfzgW~OebEQlZReb<k@|)2}Bfl95n2n(8s{Ljd;>d5#
z0@Qw!GbTFwF3_gm)Q^tNUW>Sp{08!RyeUP$r#g;@?6x?o?S>=H?l%VqD8D%bNPe>y
zFtyp4NIpPe;wZmw#KAW<9QUW4HqxKgmHlSQ2*2Mf8K?ZFH|MMUrcvhEtCr$*JH3ZE
zg^Q|x1E+El|5o7SH|@ZyZApGZJa)hN7vjiojsWiLVy*l4h|_-aBXG0LUn4oRImPSp
zJmbSf)fV8|Z+@@vx}AWgjypk<4vM$?&D%0fRNVsDlHWXmH1eCr0RN7l>#F_cA;gj2
zJOHTureRQYb~Nl_`b`Srq7WB~-{hR>_nSRvKdR$X&|lG6jSc!aRgE~Zowuw1IhBt%
z8gB{!$#1R%bazrVC%=h0-R~PW;TgKEqd#p9%BY`V*CWmGjo+uDjI^alBV9EE{66(D
z^wL;V!DZ4uHA|MKS1rZsHk{zYMb#98|199-Qzd}f&g4_XWA~}ah$El!0B(!2+T{ww
zX`i|pxakigNDlr$@wz;HeYmI^3|#wEdxh6c1vGUW>92H9yxpgg5l3}D0G^h7syler
z!DqSwjzQ3M)jrh`apY4S0JTr0^oY(b25tIOb@%A(1&9m9rv&8nSTuuusyAdE$DJk8
zFW@UQ_vwr{vYk2i`9Rh;uJ%Jf@~PJWw;giEk{pFcy7~R)2h7h>KlA&|s+0U_|3Mn@
z59#dpo6CACzxfF|DPQe3f0cRms-<|{PS5&qQT39+{{V3En_Ym~mgG0YWA~fQh$FxG
z7%<_WweD{rPW#O}z|A(_KyvUKir3}2)rX6!dw^@dS*q~5R{%{Ng`i0X#oPU+R;G!n
zxqvPC&1$64SX2S{B!aH1_M7F1BfnV&sQsqC*_pi)wCOkTi2DL@q4-UT!|ylS(C?{^
zm5@#SUbV3vi&i3zY-f%|>4>B8WHKQ6O){Y4JHKz7cHHS3Z*t)q319ksD#}Q^3TYeu
z=9k-b)Gv1_`_zsmr*A%eNGPAWhRdXVDp8iFS1rZsHayvfi>lKN{tm#&r=|gFJCjcl
zkKLyRA&z`%B4EW=R=bQtoc5{T05|=i3(3JBC|;N6=TkH;svL;dKD8V1!0U$EbbO3>
z(n0ZdpX!A;s{4E3Y00O)LmG`m-vIW|y0Lc9KJ^vi$*1-JYM;va)|ovOyrxgpf8)%)
z2yx_7@zL$&*l=ZkT9Y~7J9t@V%;mdaJ=PWLF=rLkiN=Ba186fx%Hf*T1DY;?{z~NA
zv3tsv3mjtMIh{q8XqR$020C*(i?JfcJCo{2>)U}bY7ReSzcU;7mY7sgCH9D7vTgkx
z6%%m0`>^n?nlP|G=BkFyX{_@g@}f2|({AUqACa~TX|(pFHQ4>|`TEXcH1Q9N77I6Y
zLAj7ugERV>2B#At3c>MAN3zdqQ56-7aTIuSKa{(NT7z{5eSHscxE^I8AL<JF3;0V;
zKSfWV^nRdwD|!Ucy~W{t@W;RgR2Jd5;G<f^%QhY)sxAlq1OnOPF^Z?Wc?`cFG}$=5
zyP6j~OX*yv2Y@#~9ye~pk?l#pNR6r@o`wS*##L!v=t}{9I|Ai#8{megoSD>aIv+3M
zD4%Mcf7}cDa+}`YBhGH?w+=LCnR)*XJf_XhgU!7Mn#WN4Q287Q;ytoK8RBJ|C8TVO
zsc<z7>54vw{Is3_1e=?7{v&A9&buhxu=78O4r1r6oy5XwhsfG`652aTWKBi+r2Sx%
z|3YR8XtK#<zzvV8XGk2%G11`r0et5(AGNQ8`8t6w+2H#ce509fB%u2d>-cdd;>gAV
zeV@kCbG0n&F%)<M%JeC86e85DzPgFpXXB^N?4fAe3mh@~Do~GO%cr6LO~qRJVyvT`
zavi-N{CA_Teh0XO`afVJ;8oDsoaR8Eje?95eHQyDP6zs|v-W3aRP8~hqn7I4L6-x*
z^de-*=Xat^Cj+Xs?1lalS34TxGnJq0wiDx&_8qbh`9*vb)vIT1y-e?gy#Tp~GL!hJ
zzSIY)9m!`O20XTW63Uf^x?oQLdpooz@E62?kFqy!cVhpiGt#<%2V>3hlQteheJOvk
zOXItGyy@RG2r}eLJz=MxPF7_gJp+YUc>BpBi~3&2A6!jCpHEpjG&S~;3)02Hv(UdX
z65i-X@LEw_I@Hmr)8PA3uFG+Xtey)~o1|~@`1Lm8X#DyFI&r7WSYKK@vGDB<B1`tW
z1X1+`(i=L6aa2d`V{?E%hd_3IhT_*NAL|3(AzNV{H}m(L?$e7gbInm}zuE$xl%pNS
zJwQ63i+tr`;OklT9zgf+)H7GN%Wa4wdwF^6cm%YRMZUKKCmrVjzI!tH+f~xvhQ4n2
zTP*q8bl86y+F>g8Zs2p<mCu=degkymG<ERX1?8WHzD72?18Md#<91HF6=^ii`|3^h
zL>k#M4)*K~8=3hm52EX>V^%vY3Ziq3!4rq^k?eMeZMf6fr}i-F-vCJQ%06+mbAglX
z$VLZ{UU@v{gNIKQrMsP#{ixl@mv^BL&>UGDY#vR|6UYXAo-BgAex4KqpO0{s&I^6v
zQ_yFCCLbA0@yJuRVLvWMHIEs?wH(UOA9w@g??iv;t>Yp4SLo{jn)Jm2rru<o8@EFo
z)h)%L#-WozUq|CcAH*Yk4*7D>p8@U$`~>hI;1rTG_NQZn>T`Evf01m`06yw-=d^2E
zpQ}cjQ=ijge=_vY*q?KfdWMcB`Xtc&jLjw582e`vjj><vAJaIZ`_^knBRi1plw-{=
z>_a_XLml5jXm&<njERPCw}X$j#~9OL<FW0u#~g+6(Sh+1a}dart!Bqi9R>Ds<7%rA
zN8=f-!Il9hUrI$kE(2bN&;*+NW~Z}n?M;%mZ!N_u-|AC4SL5JW4qW@<)xbY)uiAvh
z*ILkO{OwaqbM6~Kk3pMlz<5UaPXS$xIf&+=v1A3}c18<1XCt0n@ax@Z8(f7o^K^vv
z2pv%FD~ONEi8>KZHX?iiaI)R8<rl&xlVO{5^!rI0VJkU4>w2qw-ax&<<SsZ_#9auz
ze~0axo%B3%Kz9`Ejc3w!^`0XRzT`b=VpGh1S5pke=@^XD12IkyMR|uL?C3|Z0ONFw
zqhqINjMMc(WcAvg+B8qrqgQP^KwM!HN97}1rGUN_fyN#$%{|(nH?AbL=@O|ouJ-%B
ze!XPhvk(tkZ6sS&M_usIvE^x~%S6~I6*f}Ou!EQV1#x(XvmA9?EvgQ}pAPV|R?JoN
zu2-P<izvqrXsawLV+#7vO2p;B?;D~;-F1Y+=e@u;5Dx#22Tp#xdKLLrFM9sIk9K{3
zEz)WHNx=9+eMYCzK0KvY>U8uodUjUUw#z0xG!Gq^A{I7wz|(lyz*)zZPei#>QJ3vC
z)Q56VUwd49kT`pNV`5ScH#)@&y3UwW*M3T6z}PSiWn>?kxeI<q@n0j54RSic2jI_J
zK?{`o`cC3-9q0zsmHOSwh|fVB)nU%<SPMfQ`y7@szSvj9HTD+k{*5pb{%~yhR?K-s
z)eO9QI<|aUO$>a|9K*=(1<H%-m+ESvKfhDTmY8;;dwwUe#T-vapVmeFhGbGO--#KP
zGCroG=rORPSlEF1*^ro&Ed%lVdj>f4EF6M0O%8mO@+O;7*;n1{%vR;zR&y)L`z~~U
zim(g8UN++20e)H+#Rzej@`dl$T`z5+#>X<?WGmHg)jKrGE10hQ8?Cykp{tN}r2x+X
zZt8)}1MEd*s##^|iB;wJJH}LV+<u*CW8D6kXk*-NBpQA#^?8-Pd|FGv52%iljXM4&
zggW+&PB~2Nm+uf`NJkEI3}d-`i~$bJE6lpZi-8~A37gY%!2S$4fIj;Z{FeNZ%9p<q
z<>U2jOq6$KW3$-U+(B$n>qo~k`7!lZG!JqP6<tye?@7aYAO1`IlinfLpq|t}-B_1a
zQ~$)6u&bx2+6@>T?Vb6kPVXeL8au#$D#XHV?ZJyaYS;BU=5=&b>7<AH0gdrDpf9Y|
z=`pOUJMzUCGZtwF)5Lhn->%ckG8L33(%n6<2R2h&BFhLH?7_3>I_62mv%Rr{cgw)k
zvHLc_$7}FRu0h|aJ~id=m#7cw-6IO?`|Ze&>b8jGF2dM@`_tk+LVQ2KUEr<0!8?=e
z<OJVB@KwV%s88*I&8x9~-mpu~gQN|oBR$6<MpsT0mr&XsXUtjdsOZ~v4T2p}_Y}_O
zAjUG>sTN1|)oZ9*iv4rio#>0S$6`LG^s_A%zH+qq&v@QBFa}!JOwG=o@6lL6z7VrO
z`@$(r(a4v4OYe1j3;mtoXBWX&E^e1{*Y)kh5Am?mX(&@C#9c&bn1h<>Zj6Z+VSRED
zo_j8bW8p5?>H>@%U5&NH7UUC;wZ#K~H2yR^ig_&X^$1k1djJ!DV_k3FhB%tLU|sgY
zJm9!8FK!K>mOmGGB?8Ic1n3xNm0ylHDSx~fV{lyUU7)2b?7b2=mEjz~di0^1)mN(Z
zL!RH(+Xjj(*saQ3=QX)fHy$nis~ii>xqSun#2@Z3)@MtMr?gH`dm5r@8PYLN9CsC<
zE`Mj>*$7nr*?`+dTFX!Nk>x+q{6anE9%g<Xq*Wg?^23<D0BuKO1kEEfuLEsG_3V%R
z3IRXWHW|3Wu~Ci-m;3jvXngjSAMJNL^y#&ssgw3-e!ep0@P#M?%`r_Gz5Wqc|4c+W
z%?*9&u*o-M6Zny`OH|cZ@X&nI<ax`+L;D$~%&;JO7tk6Bbr*QfBm~iUyOG`>>0csG
z@(H~T+KqYU9?W;I!+HpFnbC6Gq&W%3lwf;oiSQY{COQlF83<mCJv3$~1AiFLjY{+@
zDih^Ha}|09%eF_KUjv+;nbh_lQ#{5Ky=HnFG_`w5XP!$_x-4(c+IN6AK>lLbgltCo
z9SO826<7O@W6k$UJKFZ7bh&y!Hdwi6kBOfBTTcaq?YCmD3HfC`uk%IOFn?S33<8z+
zDZtcNwI(|i<#^KIn+^O?=Gy?cp_}5PHhj?Fn+p6s=DQcL;uN*^r#-2=4ZexM=^01)
z-VV5}tF@1;LL83~vX9>bTHERd;IxhzO%VRth<-rxkbxp*Urs}F7TMW>ew7LM1mJW)
z+PirLFxXx(l|hc5X?pw|&{Wq;jh}Jw>GD3Ry+{wu6}$EkS>ywu?%mYG_HkH8$~M${
z&u9nQhbVx~9H;P)FX-=G@hqb>57NkAO}S~Db~fxuzJce|%p~xUtxUdQ#@+(;>lxr_
zz&_1LKxs$VZzt+F95mH`7+^w-b)O~yaiq7po2ozgKkgK^^w|lBvzM{Uf315TW5J`=
zf~sF$N$*qoiiJDy{BLxMvpW75CD(<w;@Z!%3-XgM>e%_V6vx1ig7wcSD6{UL6M>(P
zaE#(m&Ia_Kr-2_vpgJ9*c+^w(zi&ay`gBzFaiCn<r@luT$>S>NxV<Dt`XIX=_?HNz
zZ#Uou;qM<`7<_jC{}=OpO7ZQ~dW!nTKMlScfWOCl?*O{n`}@b62H$nS|HgcO1$0DP
z+vX+2QC$S@zx)HVuFK27sqBS-&2j!c+m6GGXCTIfV0*Uz?TLL>$W%afHTul;fV5}3
z67Y|J(uP6yT6$s)NORa5!AE`M8ThyK#}M~7X)Yr7T6nDeH_AYBbaSmk`pMrHArESg
z9Prj3Z+_tr%Jl`x{WU_9>t)Q5tn2tg&URSmMq}SZ?Jtuot^J(PgNw}T=s9%+`3-c6
zeJLo1#v5o(hWyO6bd&2fIY-zGep(0P((*dmPtkK~TGzf$y672$zDi|GaCot%>_cn9
z_a7s<Xfc|`n<=BP-bFe+Lt<8>+&$3IdtWv3q&V7Vc?7)mPBEHjnvYT*yRqingMPn-
z^Kf8nq4ZSD{gK{-*4DQn4fW7+Gw%kCb!*Ui#J3Qi(?WdkeS5WEk9OY@lY;eNv^d-s
zww3;fKJ_=`4_~e8i8x<8$~ggaJmSfZF8~g?&RDM|-45TOwQjGKDR*yeAG`2TY6sN&
z3h?B#7l$$5suRFT|D5*fIZSpT+o!|UBZx0bY{^I3z&GNP8&HOgD1%yK1@7(7f#1wW
z2(~UA(oL=ZVlaoIH5APQ#zGhQCbeM=r<?1;SCFpPd4C|@5ZAyvItS);ijmipE-GE;
z1z)Lql=DgfelKuy9r;rn-i-#?*D}|T&E2q8M7?NTvU`N6a>I{K1AYYd@WM~4;aj^#
zsdb}X%MGABk=ED^YeKB!c48bSKHvHb{JVL5)&sn94;p^j*iEg^Qkh@trSS&y6t#we
zp4^E;ZgY@7BYc8#kUXuQ)cPoJUyI7#QrbNyNc-pnX-A7++IVE118c6pZ+)9r5Av<K
z@*O;9aQ16@5@j`?!7Z)1`s10<(wd9j1)6KF(?HXjYXRn~avqHN_f@c$x4js50U(e0
zRo@}+b3xPCHXhLNQIvd-O7pHU2Hzg=B{AO!ivK|IVeF9K<_tz0^~d;O>KREoIgi>i
zfWyD4K7x({gc|1+a&47yILh}faOWtjtyT}h+RFNE?U8x3zIr`ieKiz1>uu|+Z!reT
zy3(8<=>qGkXn#4X{)oH<XsYXR;1%ygB~o8}2hRa>Jwd*ga@<%;b;aBYy5&09Ei7wY
zdj51jLA#_P-E5avF(zFA-+x<|wL(;#1o_WU9^EFl04G~fIX?t+yctzO<$T;$&PJpO
zhcO52W$4|Y^u7ijt+xz#Jp$={1u)?aReyTlV%DFYhYiBe%lm({mZY*ihjgv;8sJYM
zkj{;Osee;`LGNF*PPyhp`(J;Y*CRBSg-!K((gB;A>q*JKJ*ukA<VW2!e;n#&^3yx8
zTah=-CmXiY{!y>mWYBs&S4(&wv4zsc02l4OGyeie{z~6#(3<s&I~+~)y$0F2a%Yrp
ze{$f8sExk9+1eU--o(Q<L9b<v+ltIe@Y~nBx}LOlHS0<9@gndaMtOZ@qJ0JUl=gc&
zzX$wB!2e$t_7Z9BLAHng`D7{r^SBf;N6kE1;hzfr#y%-q8au<rPTIHC>u7pc(--rO
zlWV_p_N)EMc}nfq&i=I@Vjhog_<d{Y4SG$z8sDv~#&;{L@!iU5$1_*<fS;kwqVV0y
zrNA#is7D=g@XX2uPTx;>v8PD%lb|2QyM{`nlP#zWG(U<)*`%-LimE??M}U_7AGp-b
z<JSSu<PY_{W{J^qm^&UsS_9<s;rnDm((m9k_Rog{*Vr!b>2i*TtXa;Lpo5jOrjxj2
zV1ig!gE>sWZK}W9*ER1!R@MbJ@dAGvf$H)m#jjH`qmg$t=!cIt_xUTuBc1%d9QZZ_
z;@?X6U5bAQ`2TG1T?_nA%=d!glVc>U>z_CH@Lp%#GtBoCU`35ui_yA;+Ct|$8~CHl
zw}IlHRDAS&dC=gS3j99iyB9FwNi{a<=gS(zQTyn13)NBPf%drrIMwldg7EW3j2(Ji
zpMt*eF~y^AHew9Y@%3*uXOTUxf}LImoQ1FoV;1=sty^0AUL$`y#t5wOYgYGf`crrR
z_Zp)HsPzo#q4mt${oA&l$wB+K^u0zQbcz#vuTh5d2JER`2q<l{8t>{*wlvVx?x}!o
z_AT>!jS-wqeMgQD81L=hYfJ+VeXo%SsC9n<-NRV+EQ-HbwXJTmfryiRDo)J_#%fu#
zSpslcYrY2^c?kM@jg6cAbAoL>L;GH140N^hy~b%sqvwKIH~qcFsYq+f_Zr=T=(2yW
z(J_cl`}Z1TH~o&BzSp=NG<~l@@ye&;YL5UX+mVebfw%O%#`&}-GT6T-vbR9B!L>g(
zx4I|dr2L?t#@A!9c&;F9)@2wZs^$T&Lm=PzgXZP&vIaDj59_Kr8f#ysbSf{}wib8;
z<ZnSgdQ8V7pIN}G5lG)dfR3eV45BgPeuFOq_&v<Gj^bDP$BeZGAD(0D)-d0#fE#YI
z&PlIFoE$UwyO6s<=g_<a^^8TB4f+bun82-T0-Oo>HsGs(=9<p;T?p@0T!D1z+vi|C
zLeGOx_w%YT=QH;z{(v&jdXU~-(=+TK(RhXh+q;;IJjrgfW>3N1#ZM?_V>hvGKf(#u
z9BF;uJK*eq_kQhbk6=IJAoep3V?U!wz7OR6%LnyX)~|{7H{L`!yq!cH`RE$pa=!vJ
z`6~Lhe1Ao2<|mLQ_bc%3j^<5Mo{hHcOZ3~9ig$pNR`ZNK?PO!m;^f*z&=ud&xA(w%
z7BqM0Ez2O+g1j$6dpU*Re-fcL@a8D7kJdlE>#?4L-#GxOO%LLICfREz;&##dNx*2N
zEr%Svm(0MLf1so9!oAL0`jP&z?H=y86M86)^wHkIZQ!j&yVDp_1su=4!)V94M>^A9
zOC07mYX4v@(n!ZPJa6hwN!dbeD*0!&8|r_5r`A2URQbm^hs>vUZF5@R6Rv$`qn`WG
z=8FNp1MH2me*@UZ=Bwl*Wbgdj{Bu~n|Iiy{H2v)gqER2>AHw{4kDwm@ct6#b-#gzy
zydmyKRNfqz_aXSHnfJLy-cy)g=Ut7wsf{RaJiqITft&ji@Xt8fPYU*4Q@`Vm8Js>e
zOT=7!E#71Q2lLW5uutIIYv_S@!Ny(#m5tiYfqAIjYp4KTa~9^b@F99{&HHGy)|KC=
z#Gy<i<HmbwN+%y%g|_L=@f+~2lj09L<IbY@+4OB)Cr;Z2-IV5z>U|se<#98A_~l0A
z8!vsc<NQNTZ$CH2jhf*pTXsYVOz&tv&c7E$?;rKIrtv38t3N>+*@f((-@DU3;UBn6
zl()1A_850SM?+L)zi{#o_Wp#%X7at5WqSM>(3FRK&1bd#*8UvWPJV0O(K~ZGaOvk*
zyGi*)QGwsupR`JSYv09t-oW_a-`bx7JppqA{?@(^($u>L^=%}bOA6&%`{5|Rex?oq
zJ{UoNJ3kgUeIHVfXGRYEdL(H14LH6vAlgmor{a0Q-vwq7jc*9(8Kc%T>RbDF5HFv#
z@VVate-nZ1@dm}O_P@8-3Yu)JzqS8>(m_*S+6J7)O8d9=#6#cOzo>bk&jXzNf%4b{
zn3`yP&OVMf%13`||1xO%xAs_91=!mDt^G^jF>U^13*XwWKiGV)^by;8O>O7TPqNzi
z6VRreJ0Ks^&PRwph@I&@C_S^c^0)R2At&tzo5TZOfIv2x512Z{KbM(j@bw0s%Y4+n
z8_raGwEnr;;OheXa^|}X&~c`9{WBGDaxTN~ZE`^Cwww-}=84Bq4{Rp+zO~P|#{ZnD
zKs|!Jx9J60`qsWDAbo4!9gx;P6@aa+fu>xk`)&WG#mJZ1q$k!ye>`2Sf$*D#a-KBp
z^tR2DQt(W)uYsOH9KG8-8#)`Jtlz9p!#s@ohe!}rgOHvREyk$#oa(*LA(V~U$sAXn
zw!P;hJLDYeFs=!_x{aR%et>0vr1*I2`sQm&hu(U88#oQ^srS2RpT+@wDYQ2Yo5(d4
z_JQdAtS)CWWbv)y5Alfm7wLu`YQtNBe~duo{U^mIDSy#xs=p&n_G$fHE%A^n`t)1C
zNyiGnZU}l!)p5Gv2RJ_v$~W*-1}a|y-pTsvfW0Pa2U!Q~O%YE$_E?_+)aAbdIN6QL
z|2W0>v6laS#L4pG8y4~z``+uTi1Xq*7GIuNi!Q*LnA-k1q}j)7dS6IsR0jK6?pvg3
zdsic!=CeM%s7n{}8~7{n&>kY~acG*_@a`b_J#9P3aC?w^3vE0VLGqqPJThNVbtTei
z50Ki9-U)UD-2h1Os%_(H$yQ`H;)w>X*Moa(-|y3RD_t>e4ovi~32!;<kbC;qe&70<
z@V8x&C-R^*;Zoq`2%~g424NlzdIV@{-*YIQcrh=)yr{<@(57#W({k|5(}6cY{&I{h
z19d!P{{elcfF^w>18(cDo-MQ{>}Bx12EOjhN4}lV&p(cKHuzowUkB!E2UyY9>VHR&
zPGzje^On}FCxIssWqPs;&b1)Chx8+$-vK1wya4Gfje}HXIsX{t9|uQ6E+2h94t|Bf
zPv${&l<P%&KPLSz#CO{mKLWo0pzm<W-}gdi1HKC#4m(jjXifAN#8KTSf4z_M^l|Gq
z75@THJl?^XJm2!z`Wclo7JVN5#+Qz9>s!oMbw45=fjy>Y0d=3h8aOV+k!@H5nA+r!
z?<??Itd{=tD$+=QJjULKfNS|_!0$&Od#(p`ceTzhZbux|E2WpR=VPFyEd1(D;M6DZ
zK4IPaXg@vX6`bK8^AdW6Hs(DF9VzBJC5%1O*fwjCMq`i9E=aqb)7BuZrSIPQ;F)AU
z_p>sHF8e;xk{~+GeWX4ZpU7_Jxba`qpT-S}SN7>sn-5&?H628HBhLLa<J?ap#*OBl
z;&4ny`p&oAP%nLh3On*TN3QYj13#^C65tP%z7uN|^?fRROVGP^olb`x8au0Zy4&zP
zqqTL+%A61Sbglo)JBP+Jb+%|Z%0l+*iN3L<L({m%-{yRfkNuCk(9ar?H+{Dw26)di
z-vKmq_MUe+^3h|`EZ{Q`PSSN8B&z-bx)W&fpBRdVE<GmUhv%j5RP(&4hn9oy2;dEn
zUx@sVfKS>CvKxVutw`Siz-<SWKWm+P5l8+QFV6?Y)gA+V6?D{e7V9=4)PtT4`V~Mr
zZ<K@Y325)+e?T{2+@bv>s&^LBUO?RUfTyD@_|{v-PX`@z|B25fy#yIKp1{`9A442Z
zs?knz{|RkL>x~}JL+g<otVM}FiD>Kx<nVgrJfe;DNFvdgCkNY~dI)J`FPekvb4iO~
zi{B#H&r?{=k9??}O~WB?KR@y<Wa*qp1NL9AhL?LUUf|uqn}c#-9IK=J?B_@Jfmi!2
z)y;l>WVcR-J!t%{?2ElA=%M#TzsC6y{62h~K3jp`%w9)lC19VR=MIK6JACgNMVxAf
zr%^t$UC6J@cKMiSqh0<^H0(ijX*{a*>Ae(s&J7`Z@jgy};KBBBnpe}=vG(`|ssql<
z#Nez?N1TU`!dV|D&JC#ZJ~aMGd;J%Apbyi#kASlScyHHyebmNEeSRP|@caDrD6ecE
zIzK?|vz_<n0Hg6u^4&V!I6trf&%GM>rTjMkG<=&6UW`?iZ}ab9Ir=t#BHDny(?|u}
z1>S1o+x%O>R}K5c;|_&As8co8+Z&=BG-k+gZywT9+GD?n;xT@$f*ud+u0Wro_(RT~
z*w<0#(XQdN4fK5q(rEmladIZdV_eCiIQrIvzD?<mc=Wf?_h66bWR!0#^dF?N46wzX
zH0v0gtaYINlur9aYTq#qV{p&fQJhZuj*WDV!O>@5KJ*^M`0n3#RA*t|_}1b3-ogQW
z>f4tLwD%OW`-S*sWirlSt8;M<_(>>d2Zrp^zHmy@&z(a1j^#Aexux$|+_07Ty+p9H
z1GT6#+HM@~MNnh*qfu28fZu{ZW6;fjshb`0y`>(rS0IkZ>=&|u)7gQQfO5=-{4n6l
z5J-LrV8RPl`9j1=c|JR^8nl!}8x#SjZ|YA4d>%H?X9qHN`R(17vje5jbE2~Y*CHKb
z`M7C-y8K6xZw6>8|AiF4$y$E0k1T(Xvjek{)|RsaU9tZn&`-5Z^x1)!PaM8|xEP`K
zt@PU0_q_q;L-ubJ=<ERbc}sIBTGx}G(>%sE{|a(;;7st?zolsH?7)B^dd;%~J%Z>o
z&kl4&`j;pd&B66NN1q+|F~qY231~YxXTh556ySXjyx5baXYx?s4`Z%SiFp&v!6_el
zPW^*qC|`^-D}nzVf!clt#bd0|e*X$+YIl8h;C)J$<;A@Qz)3#X*@3M;1b){*W2!Ef
z6SBd|MSEsgmjs+0ctq!mvRwlFAp|P#1Ay*3)clIp-|G#&3xTg=zPkXo-LCj(ZFq;l
zcOLLtnXeLX!+nledQQ<E+YJWaDByUnCG-6)#ouP_BV~x=F+#4}ZYCbK)gs`u&N!W5
zkh241XF5B8_g(Vrzy*LbuX_$K*xonQoys_5n;t(0G(FzYzjmxUL#=g456$(aozb?n
zqrkJses*91;%M!71$0*9I|5%{!WwTH-ec%Bo*U^oF=E^pKv{p(dk@N%1e(e{0&v3y
zHE+{?HW+baJIu3RpuJzcChg1dzPzw*`o{j9KX|JD+hN?vfI7b&$gdY@%C9G&<3`n{
zI=>jiQGWG!hErYxwJgTtPQa<HUV@Hk2>RUI8!!0BV>iCb2(}+;?*EX^hC{}8fEaV$
zHomo@GBgM=hMpy+TomGI@6T6flEa)t+86s~0_n83)_}OrQ9fPg+kk(9Kz05IF!f%m
zf4+%0s<RjOi9QMZRrr^g?|%?SdfixG`|>uvKkH>1dwXFG`7&f^+$DR_x8v7>rg;Iy
zE8p)``!R5u`w@=^cn#K&TX_vh>&HgCBlG2FteLm7oSCNA%v+IW8Sia2vagvp1<_?+
zGuH;uX|9=RPwye{>_J_2V;*IW*>Ut8#W1lD-;c|)B^fzttm*Wfb<gZX>(u9BU^Cc=
z_Rcl}e;gqX`AItt5>-8c=O9q~UPJN3i@6`|on?Whw#{LG&Zl&;IsADx@CL|FMSExJ
zc*r(G|5VVV?;?s{rTQd|qmvE3pTReg`BDJ4l`1|OM<*D3`@omXd}9Gq%lzZ$NP}-D
z_=YpzFu)C~tbUq+IN3Mx{308V0ev#c9u2uJ2u%pI$953#uYhxj{{&}4j)RZJK-%k-
zz7*nmHy+O+^Lq>2c_H6H2V1{>hcvQd4xYR9d^Y4i9mKjH5!!M#WCipHJ{wX-<>s>?
z8pn8%)qpk+b~Ypl{PJ6iAZJ6yk}ledfqzmN&9fl`NRH2j<UiuHeS={=8*&PG@xDTz
z@vxi?Aw84_eUm_Wq|&$ad^UvIj>a^Kr@cmMN6|t(;#-K%X(8ThdujuEF4o+r*0C{|
zN9ykvzCv4EkGYVUZmx5SP$s?3odf*(5WiQLvMMmIH;ue>y3VT_em#rxN&$W$aP#|w
zM`K$4K7q~?HQDZ~qWX=4ZOn5NHORjKZA$jm=N;%<S~?T|BGT}j^_`=rK)=v@G=}d+
z*n>T{r@=?<nTqyQ-!+Wcm%zLUd`^PS{oKxcv?kPgXdmz%ibuaY)aT)TG-szW(wg#K
zK>A*-rSAZiVEswoQ=Ra;B<En?S%{crJO{#Ah&<$JJ}<sSe+hQ}{Fk1EI2mn5XCaOv
zKRM2>?pgH|@FoQEL3}&3Zs#@r@sGv<&4+J0)_uo(-vDm7$~qU?i8wiyC#ms|bV^x_
z<-375Ag{Xt&p^;;A@-K|=Ozi`>74oC6Mhe5KKH3#oaijX{~%ppy|@if*P#UXUl6FS
ze+G1Ct1;aEKJFc){l9${;$Gyb%Q+c1*^0_p1-N0NdM?|~LOhN%(aKqf3h-#XiNIGP
zkly8h+fr2h?}Xo)wtWm~Ie6df^U0HqZ|AoKu4V56KgM`JKjuU9&c=axH=Uip^W9g5
zZoscXpfX$m=sr*RQISywc@_fxlK5jA&Q7E`s|K6=t(=`W7kSJ19qz27HSFH@G@kL9
zTckCN!*~5i`wH=*gLh^T;>f@0>;#R)mD$#HKdr$B-ih-R^<q5U_Z%KL#F!r%^HEyY
z+xG$*m*6|?KH~6b$`|h^e0Fa|?rh@kX7FP^>DzO_oZFsHfAF{E97Rv?(>V%Xd0IIW
z@!#T<!%oPw<s8Kk*w^xo$?&z_Hec(Fx$N8Em+y9DyY;DEF59h7Eyb(xrgv>4a5=vR
z&tl*^Fn9k#&E4;B>?{s9j#KA0kndq?^IaV#Zrt6C?jy0D*@&m_pMsv*Xos^J(Y|vV
z-{Ch1b|NpD12+QSgCLx0FXJF^%!hnuHhzQhJdF1ZmA1W&dv*DDi>k@M??#aQpW;b3
zo<B5az8SQfXY!ei-%~o;h@Qo_0B?YNKKdNB8Lhn>3F=;i%5MYrHeBG-<$TLl&RFOQ
zR?ZsZ%*N1WA>Vo0&urxBGNIf(f#Z8=S(j@7D~78vXEgF21$q(AB4h)~I)J|e@GJzX
zJ1#m~moQB64*~ylgYOv1dlB<ZA-;BskJbT`48EVhhkb3S?|eY_+3NX5>i}vCo$p@o
zjb*;kfT{ib&%s24?+fq^W4^NhD~4L1g98yq?IZZz8`V*_PXcfnQ{ID)2K1Fij9L0@
z2If>**HSu-1sMBuy!Z9yEVAcF*y(b>uOLfjHps{1nT^$f_xY0TXpCwc<KJhw82scD
zad?MufZr*9i8z|;+>Up}l}HQqo9-0Mr|kPI`kNF%b+Fyha69Jjv<Gt(`C0lpo)d3#
zS`*T!+?B7VjL&Z`#*9GwP~W6^_iIQan^O6G@Az%so9qHl4$f-)6;Rq6YsGTlcsDEc
zZUuA?P(GsjQXS$*ul|PbP0*JiU-Mb`4&v-(UUS6yeZd>x(Pgj1-bm$Gycc%#oL_-&
z2)s0xMOo+>qt2t_zBBOC9CaI>k&T1!{vvhMKJ4ja-Gg{t_H^KPvEH?S3ElktAlO|G
zZ{znY^g8@+z_%l;()tF8swCjQWqm6s9%a&YC<QI;Am6pd)!szuunUbTWWxr?_kvxD
zbUb7S0KXQ2>YWdm&{NG(w9cy$M>^pvb<~avL2I2Z;IyyO4e$|^Q}0z3#QW!iWSd}n
zRaxM_3Sls0=^MV&06zf4H)ZR-0wh~CJEPw_GOsh<?R3FAp00S;gL`L}cf&n}PTUKr
z`bNwE-8W8Yx&iuped8Qe-czAR_KkDe);Ds3^o_R>NB%z^I)!Zy@>}D6s1!=a9%LM#
z_5*6iSkP4NlK>rGsxeocWm5g)D0uAs!+w^jA7tq)(=qUB-A@C@MM+ZkA;5~ALhd2!
zHv9&0q}MCIZNxpmx?J#!?~q1q_z++cg75uL4}Tk045l`m0sBu!J4{1+OvO2I+&}A#
zmiJJa{men-!~L_qK90G}x9|bIfA}BdLGyX(=O`29y#jG>Adqdy=eISh^1ll|Fm?Y6
zY4-WNPq$lCeSmb*{UV^YjR*K25J>kXz-`Br?kzUmuOZE%+t>@NN1A=?(0hR|Bh9iG
zh`FBLFAetn%rilB+4lmU45HKA3#9L7R)WX;e&%e@^!*IQtNz)ic0F+Y{mdD__4hM}
z@P5_OKJaVZJ~x8T{vOKw){yoguLqB1{)zL@-;fSGlawBue+G|b&Iz8kY&^6MHf81p
z$y<MGNau;&LGoR|-y#aM|Lh=n-fpB{g7mM+=XiZU=Nk0;t}iiX{0irM=h9y4X#e+z
z8(&oZa@N<_OI?<~^hEdcT!VS09=o%FXCdH@7}XwwMAfUHyMZQO>`L+QeceZ$ps9~G
z$h&RhYWrw8^wD;}8zA2YKHE%r5Fccp1^!<I(uej~x9t;=N%Msvuq*u4$M+cUADHiZ
zz|;>EAI-7$8GQExhkc~JF9ElGDiTQ_&9RWDPv2VL|7N~_0YaagKhis^j}5+?fPcVz
z?-5^v;?s409dT4=tbOIP<ulNqVSa?~-Pe7M@F3_9LDO$^(VonGfYfh0lC6U5x!#R$
zYUo+F0em#(pM!Ts($7QObFIcWW$w8iMj2?&E(hN(<Y2GtJm{rwS%U4s-i|bC2ik*5
z;WKVqA^$go6YeF2aK^3iOTpi)s55RokQcuHs-wRB0rb<ps~5kiXFuci3DRhOvH{<!
zNWVA~W!qovw{IJMcY)F>58BhLXWU+fu4?>V1J#fA*U*Nzmq(p(dxi6%^F*9J^N)!8
z4xu;Zea%76xKW$7bjIx&$ThZb#?6g+CY^Ch0HiZ+C<uK|QAgu5)tAn=#lsKmXWTwU
zn%qys7*y9Y<?su9&W+-8aL#Sft61;D4j+D}>`;z)FYXj>MEM&Xxa(NNT)P*0i3718
z(Fi!i5p!1l>q@5a8^7&x#)>WeZ&%crxxF6?|F<jH&!l%$;hveh2zE1lpL~wWJ>`A)
z2*$`5;oo!4Kpjl~#WTxyX0Gx*#jp2;>*3#cZu$10w-IlMd(ip+2+aE|Ti!)R-ZgJq
z^R7nT&vM>aKh-?~+}x8sPQO9vbiQ}AxIN|_9Weih!91iR<|CajAMA|zU{qBT&WRqv
zInkeSPV@-&sr7eX^lT>k?06G-;`!7#0`{Tb8Ns(+7(?Y<vDi!45>uZtzOsYB_2%B0
zJNWEeJ^DTSI<48|*|~I-jr_>bRb)~6PK?W|ATyEUQ_-JfJf0;KKY`;b&<830i0|90
zezjvbZ3Dg)lQL=QTQVHFlzHsL*;MKWZ=gH_9UbRaz~^`1EFJuRKKcJHXWz4SLWcIU
zU&M2(lFr>>+#84IJLb`&4?AOO8%LzbeXcjQ`+X2|)2ta7t9Q^E4c~Ibpq%Z9mg}8f
z^AnI>gL8)U=<5})4!Lc4RLsTxGl!?t{uO!2J$c6|`wEb!K7%?QXHbRX$|JagKPv(H
z#v{#_|5hV^jLWnx-0^D4_(q%y+}cAdtUw&)r_S=x*;Mt77#5Dw78SI{qPvtF{p2@d
zhjErq>)!jaUw1tC`cmGglP~?x{`3Ud|4zpK|Hbg1i{M8Y@TV#8s|#^g556IDs^3)D
zVw8RF7QcKvzDX}Y`<#Y*SgwIzMgd+0sK1#MmFgL{;d=Fq-F~xzxU>IW&C_s`;;Hzp
zO543k(YO!a$5Vf!igT}2JgaY1aF4-LeS_jjU7^w*^(y*PgD3ua6_>D_^)USi&LR#+
zJ$z+asrYs-V_hrNyk`~o1{-|!OI7*?hR$Vbj_^ol+$C)A366I!QT*GND85x)y)$DC
zzIu*NSgiPRm#A_)0>1VJpLem6-&wBsb~FF0;5!N*(e(hIT>ES&V|^@lS~u@Z`ld<q
z)nBLbahEE-)z>Mw#;{%WGR2d+P^CS(NYNDrk9VnxODIu1X>6D444xdWlcQMi<d!L!
zVuJ_ek>%dT<=TFos&CYt*f%lC?Omq$D!6P;mYV~<mkhpo&ci)l<++;ef$z3`K2}}I
z^}CkqSET3+gU7p&>sP?_V_Qr#cydY<k0YP!SE%T522V<{irYC?@i^HQIKSd6Pdw+p
z&7*h*U8`hHH+aMX6}KTz@oX<t@Kl4RVZP$2$W>{(=PA0U!Bfw=-E$PrYPLZagQvPc
z$)&m#&!Zki<69|TnZ5ZcE+I$pq_GW-;QlA=YdM_1!=-p~bCt~Z22aXd6}R(h#p7f<
zH5xqeod33~6we^HlKHp6Bl1+-hAS1%cDBJs22aBr#Zz&G;@N$TqTe)l>RGq@a>cWn
zZSb1GQ=OyaQnMA$qgN?<i^1b{skns86i*u4;132*4(IQft$1>;P%=+~ho0U0S4U-w
zsDbjn{&x+0lYy@_@Dc;hH1I?Nk2Uc9s|@`HzRAGX8hD9;XBv2-fyWy7{t83Cfp0SK
zwFX{d;F$)VXyCC1zTa!;H}FjczSh7?3_R1o6Ae7p!1rHo=r{092ENw7OAI{Iz!MET
z*1-4w*3fU@n+$xdftMI~rhz9Kc&vf%Uuoz!@J$B3*1$^)Jk!7v4LsJs_pdPY8~7#z
zUu)nc2A*l)i3T2P;QN;w`VD-Ofv+|25(CdP@I(WTHSqn{8Tt);lYy@_@Dc;hH1I?N
zk2Uc9xFf;We+_(-fv+|25(CdP@I(WTHSqmQ4gChb$-vhdc!_~$8hE0C#~S$lB}#v$
z5PcmEylcZB;m0x0#D2QO{|kH=<4wRPGyXI1D;fV0cq!xG1HXy!Z-C>zSE*+&@K+fB
z3izjt?*{%8;|;+3Iu!rEf&Yf_&w%51JEfkFffqCWA@EAZ-vj;-<NpATIfLYX6Zk(F
z-vRtP#{UYu6Be{o-&cX3&iGc~7cl-Z@XHwA0=$Uv7lBtY{zu>sF}?}-cE+Cp{x8OB
zf&aw#lfYwf0EzN_4EQ;WZvc*c7#aT%@L7!i9(X?E>wzz4{CB{yUnTkP0*<{fiQftQ
zMaI_v$DXH*zXkYUyl|&{(LQmL7+(!Mk8v;Xjf}4ZzLW9mfRDyPie#4nU(R?r@K+gM
z2>cM^MZnK#ulVN!|Bi92$>IidQ1Kq%_>m~7a}Mxw#$CYIGkz8Dj~S=$mxo~!fXXl%
z_{EIR0)89gNQ?Uu<I{kD$@oRU@%^Key%4yY@kzjI7*7ShpYij7pNUOB%IjR<QyEVN
zj&Is!{21UbGCmUcF2-s7cW!6JgMJft9pgiRKhO9Xz`tR95b*I`6n{MMC5#UM{tV;&
zfPcw2y;n)-s`zRDau(xs-zm<8%d*ioEl)F!Y~pa%S;oU0ao;hHri#Paa2XHRjQauj
z^Or@*x%&PKx60q0NX!s&d?Py?#{T5x%um15wutecfKOta?n1&{7gFc9z-t-*5Ae;5
ze+~R~#<Aw>^8w>Kf$su-i8%GtAtNV<F1>sAjz6pSXmR-x{8cPja+|p2N&WZypK%FV
z-77ol=<j_$uXt1Jwfy%JsAHmoqq`%0cBU&WBXdgnOjlY~wrifJ+*PpHRp=?2SDr6y
zi7h6O)O^pf7Q}+5kj&gd_q;MQmw*Uera6Vhx$|9R1=o2@c1kr;((>K-KeM=SSz19!
zzNb`pigHVrm6VIQr5=x%R!~+}P&98uM$uw-VL@Izid7~|BA#ol<1%LJm`jW17Zool
ziZ3WCD371(E+|}7>Jc+Nb45{cp2t-@=UPv0xob(OyJUF2NGS1?mKBthdy2}33>}_P
zmcF2*eA$qp;?km02-s6E^SI|D5lLmP`19iv1x2K}3k&DCbLR_EdCvJN@x1epnw#&&
z|0BVM6wyLX`R<~;LeDwpXB3rtN{ifulM6hBd1=Lqs6a9gyCq7Hm!~|yKxLkVi(o-d
ze9@u>b6`zv1-7cs5SJEFIYolX*Qj!8`m77nrg2-?Go4Z5DVjBFYJ9G2s`w)Jf}l+l
zP^yB(zD9%ocw}HvacTM7<XPpVXlPO7E<$^tQR63^7oRab%QX!Pm$LFwS9}85GQG64
zxHP`ZQ(g|{_|()%VlrCRlNVoJ9G_dfprp`K?kQXruWQRjQd09gMV?Z(6m%~t&qrGq
z<bo_NiZ6H16BklyL2e5bKT(A_4XznbZ%)dX9gs3*T54Kw`^l7G%49-%*0gx)a6WsQ
zCDWb2r`vCwlG0*$9!x{sp#Xj9IuADiT*R}q1f2m^lv!|(@^{Qh9+ip6^Qf-LaH^*$
zpk52yxxS*I7{Qx|<>OWJ*gLFF)qU3PgsOb;bC#8R%7k*)NxFo=c>_vG4eqy%;W#>P
zb{uvJpL$N7NCR7dQY4<BTli9gHLWiZo}wGk7Y6}tqJT92a2JpyJEy;r!5lzm5l|I5
zKKn`{DP07+h36KOmX*gV0ec!b!0_QC%1U!b%qb|!Lzf+nZI!aJeCbBT0@GK4_sjCn
zgm{LFqoc6t4M?HlImse%OaVm~NXANO6`$`UO+qYXxSnAR!)%6?3|C;HMSn4vl+oX7
z*$RG>qhMVj!+ZrdV`52vgYQsK+@fIq{R%c!DY*Vo1y?-C^h5<8xJbchOxWlT`-t){
znid-P8-2Zkn-?iK>=LH8DcHzx%BzZA$}pSbY0^)Bl}zVwJxds_WmwHHlcATPlJ@_*
zhRf}bQP`9j3QlF1!*D%AJO5FRpMpsj{k6v5aE;=diitD*wZ@-QtoS}>*c$(Sui`(z
zur>bpwTgcY!`ArMJ)!txpH#3le#I5}H)4T^1tJ!RSRi77hy@}Rh*%(Efrten7Km6N
zVu6SSA{K~PAYy@t1tJ!RSRi77hy@}Rh*%(Efrten7Km6NVu6SSA{K~PAYy@t1tJ!R
zSRi77hy@}Rh*%(Efrten7Km6NVu6SSA{K~PAYy@t1tJ!RSRi77hy@}Rh*%(Efrten
z7Wn^;1-jI!y7Xl@m|-Hr2@Iz&%wm|su#n+WhBq)=%kTk)H4N(*)-!yI;U^6DFx=1Z
zD8rZ+R5{}q#xoqoFqz>bhM5enVwlgcoS~QD8iwl`KE`kp!<QNEVE7@!28Q1-Y+@LV
zOTp+bmSKN}Ll}-`n8I)>!)%6m3`-cUU|7j;9m8sdPcz)i@HK|-GW?ujBf|p>#h+9;
zyD;p_a4^F}h7%Z0VVK1*hhZVZr3`OixR&7q3~LzHF|23!7Q;^%?qRr};ZcUFwEll5
zZC3a&hRF;w8D7OOpJ6#eFT*tqV;E}9S8Igf1Gor|{^(8(^Y2-XH{&9B!~ziuL@W@o
zK*RzO3q&jsu|UKE5eq~t5V1hS0uc*DED*6k!~ziuL@W@oK*RzO3q&jsu|UKE5eq~t
z5V1hS0uc*DED*6k!~ziuL@W@oK*RzO3q&jsu|UKE5eq~t5V1hS0uc*DED*6k!~ziu
zL@W@oK*RzO3q&jsu|UKE5eq~t@JlSvJwfCQnOG8=HPQI*G?8=Z#4FNfrd}etr?^~K
z<P~Nv7MGOPw5x7v=0C?;N+?>gK$vko5a}u_cjwM`<>t?K&0FLy%@Ygjqt>S6Ei24J
z%Az^0IR!;|o>IZT3r|`uoPEXgq>-uVvo1`VmR3-b?<q}6$}KJ`D=%G?TV7n6zBoN;
z^nztBBT8JdP{;yE(NPzAiaezSxgpB>1xKqqCwX#1%hfMAhO-PqbZlC_8~<k(7cOga
zfs_5RZOhqa-%-;&OVVdvJbl!3chShi$%~3|%L|H&(%glGbI^7fMRSWYrjJ~lJZ84L
zaFHiHJzW{wreyTwQjg~sYZ;eblv}#2q&yr&)`kzaQdTWt*UGBqmsHE<mf_aRrY7u)
z+4PKq=Y`u~0o`UKE1OtYoI5`p7qDv#*I0HvVOz_t=$Du)V5kVUb^(gQu3mtqU*hP&
zhO<QWh^d~UaQq>N%5aSqL{->k3!>{6IL7Fr;yh1M;*2@hdUDGzD|MG7jl9g`p0CGm
zvKvP4q_JkC9Moqey7XY)=0~nKSw8+CXC3KUeO7BR+c*-koV`bdEEwRcAxj2nuFz!V
zOeutkk|-7Dr?}E)UY?mX!?nP(Aa_9tW<;eih)kb3)0JE3ahJM0rKQC*Q7Vn)Xc>W7
zRB1ucJXaB=^yQR!o^n5XJV%xkm$=G{T?^c$^NDu|N0)(D$0btS>`Yf$M&^|CnXa^~
zY?qn~kw9{g#PZTYN=gY#nv2;0B~1xTD)KC$l+3^sD$9J&GFPFeXkK|fF=Yp5DskuK
zq1MEa!yG(NOfD#L7rH!4DJkEYlu=Xwv&fVZYs#f1dG2yq+@(69V4kO}d{)6cX;-f!
zAX?@_nN$X*QAU)s)|%wcWxY<|*^XK0YFnC7>Ka>;U*RU5GHsG<HEsRPws<yuy^hYj
zIQ??f%-oVYEGb&eyOvleah1B4xJpV37Q<}RVpQ8tG?Uv?=1Llw?3$OmfZ`j>_>p7A
z>i9+-Pu{BBY|gSG_X61t`_05W*%<!BCY@NCJDPIvMxlA8OiN9()V<OY%Qau?i}W?%
zdS8@b>S|x4-^ew-xUz!lWGOdMjOz+Hye3U?7v&XtX5|)_c#=k@m3m+r6_uVjeU>Y^
zps3ta3f~-;QC3`tv~+2l%`Iq1OOjGPW~yd=3%rw((ic<uj+W9#s`Ph_^wH{Rk>y!X
zLWN06n(kSWfi;%9DA$vY;*ObGoa-*k05&eI7$sj?F6aGd<(8F<Oq%5>&){lKF7OoQ
zr4=tKDo-zvUeL0fd?J&Le6_U{AZe^#k?7KLQ5p@E0X#`b7kbLI;0bHA|AcBrqE2ar
z?y|D!@Jy?ov9sjR%cW^Lp_;MUxV}2bCi6P|4is30ahavX<;CU8N<3Dn$`eTiS~GL<
zVoU*MxmsG<p|$nO&Zyw5(U=@epOxw&Cm2s7p}TxhsRy+!Kt$4bxP@MlPxR!w7Z+e@
zP6?xD736u+=g!4kBnu@^&!nu!r}>(KoMElM0wWXC%W~Z%?m30rTVw|sD<dH+JIVUi
z*n{<!YC~vta?;4GV(HT93rfnDss2!7<rp=opsb|0%yVI3@f>#{XT8bFldKZa{bzdS
zdP+UiTY~p)Rr1Xi@#Jal`5u~uL3!q4-7G;SW{Y8EvZZCpCao#Q0gKY{X*4@vt#TOf
zCy!OVJZY@GW6C!4_i<nQll;4Z^2tGZwe;Ul0(eIz&MGWkg1%=F;V~e9dlYrA)IvCy
zCoi*D4v`r}Hc4zYp;V25vdNs2Reo}5@dBF$lHVUFkE{)UhrNxVZu+bw>G(d&%o^h&
zHBE*Z)&1qrNts?+J~!DqXlGuWORY#fQt`?rl*6Gn+Sl>NQEBI4mun38q@toSX%MTj
zYbpCmQ%pTak`iI;v_++G#&YG?YlAS2&dM(>UXs2v*Hc1!JJx#pDoI(a4<bFzpM`!J
z$VRF5^CqV+RnNB|<B#O6F?jWGHY%VAM$2KAykFUW^dxt=n|lKdhb5lU@@1*z7<lI_
z!ZVZ#yva~3JqQokQDgWiOZJ@ZS?npD>2c@HC@NewtHhn_QQd-{z<%-ZKKqPGr^&X}
zO4i}NKA6~e*}$!d?l44s<7%MU;5z;u+Tug-T~;O+fnz5w!oZ9D(kbpT{lH0=TX*_#
zp5!0v$#$Ovkya)@kyJwvsj*n0W6plU+!|T#V&7(BQqrYpvQZ<|^T$$Sqcc)T_Xo<3
zoLF3pv9Cx8TP6@B(G(z&oKdE-Q~ku-PW3^5agwu&`I&yAqErURjn63KvTzSHIM{8p
zePmx)ADBM=veJTbPmnPrw;;1X4jI*kkgvCK*Ogi~x04(0n5&?ZxJt|A(xtu~?b*9>
zm%7#dyUU%sa8W_2oWAa`r<HnO&oY_zu2SaTy`SqYkZZk9C}GZZp3-76asyF$g=Nd+
zgSwF@y=d4^!~$$07w5|6kR;Z&C33akZ4cwq#)WG^ao(arkE_%(ub>P=2zc@5aEW#z
z%5{b4mMeC~is;b=SW{Vi(!~!q3=Sf7x|oce2=PK^`369I+tn$K&J!XkN!;%Eh1(;~
zJ4O3|tpm~Qu)LuVe{x#4LB!tZAiD<Q_w8-l9^#G|`-X<7?<kydIB3h3{KL+$w%#6h
zwtW-pDQ9%_`Wqc0I{Jn?=-&r^NB=(kh(m-??vJCxD)+ym+g|S7(b3UIpP;h7_B{Pt
zxjC#7-_ky;65rXr?Ir$Q`{?LzwozH@-jn}+iV{b+**6Y$2y1uoXosY5w_jJqw7s&G
zF>t6oRL#x%=->LEWtESI)kx2F46Dj@9ot^+mpY=vH%Fnw-n;1E#~z3Zr;#4)oD}}+
zk4HO)Ro#u9+g{!0I!8x0JxUdAtfPOAzC{17{~IbDI8L^@P5O0L%Q)I9|KqXNakf=~
z=VOD6!>vmFCDt}hw<_^QtbH7BRpg(s(b4bT6djh`9*%9B-JWWz-ToAo-L|*cZtt|+
zZvTSaK7rk$qZ{PEjq>09^4});ulHt3t(5<+mH)1n|5nR?Yw)j#DqrdnhhpWMe%IVW
z_q;OkTzBCtSWKJG;=%5`4J{t+J`dZIb1;dS?~>bo8@oq~O{7O`mjBkve|L~h+zUUi
zGHP=){r8~^UFte)cC7F4mg7Lw9>;#idPj6za^BP_4>%^RiQduawe}A<8lpaT6y|S^
z+R@D$^R&Yoy<+JmXI+QNP6uM%f<ScK1CDjze5@037Utg&wLf-U`v<x_?RXcQYum-d
z494FO^`}t!*Y+pG{k?=Z)!`M<W2lruyvy{2af*)Wt<uZKD|!smPoJyk1x$<c6}^G!
z<P=4J1o|Wl)N3Xx`Ug&*I$6;R`Y8SR7c2TF(8T}wR7I!vRq6H96zySp({x4O&-9cT
zihhCVsZ77ibPm(sFuk7XPA4n<N0}bX^ps4c?|i1$GJQGIC6}o5l}tZ&m7=Sej=o0G
z?=s!M^w&&Jb*c2@OxH0zpr0yF&H|O5q3L2pyP5u+>19l3m8kUlnHF9}zs&T0raxu+
z0MiGVj;T=mJx@{jKgRR~rt9xe>29Xu*DCrtrq?iiH`520eu?Qxk177WOs{)F(a!!V
zzt|@gJ%H&-rl)`=f9PAQ(ywMZp6ODihcNvb(^Hx5JwVBqFzsP_9n*D8Z)SQw(+x}y
zJ5|ZYJf-rV!E_?i<xFQYeIL_are9&YhUu7rO5eLo&u01n(~mLT_i2^i_e@V<`Zw`P
zK8NXrOjj~p!}KPm4>A2A(~}dFd=t}mG2Q<eA^-k|=@h0%o~HQon7)bWO3lyo(@c*Y
z#PwtPW~L7?{Rz{3pH=w{8LapxFuj!N9H#%u^bJh+I9>7AFkQg(TTIt8y`SmsXDI%-
z=Tv@km`-MT6Vq2QeH`?u9lauZo8s?%rlKpE9>Mfxrqh^iWICJazOO3zQl_UcUCH!P
zrXL1<QfDDzoDM1QEYq<}{~2_iQYHWGGsH@t270b=h?}3w$R!5SG93Tt-yzw6^uY%G
zD(D-eCiM^T!^9$n5d0CCj(<#=^y%lrhpbQ2orYTVooS<I+vs&R`Xw7p`BQn4qwo*@
zba_mg%A=o8UqYVhr|D4T_4BOHSxR2hp~~y$-$g91X)T{+E5Auo`StU170YW{%bWG3
z_AqIZPfj802=OAzYg)^j`H{Ryle~T&?_+sQYxyopz0dw8P4ep}Du(uFEBk4B8feqM
zme}a+Hu`fLt@E#QD*Z%L`AwSg*Yk%#!&Ls7*7BQe<u_@PkG@bbJk0W%{tsxg{9507
zTX{^H^gVEq(%0)8RUS=i`L}H4F=>+5^Pj6(Uej8>oDlpGn2vu;n&kC-X*bJjn)s<d
z?LnYFEpO5!ujf}|hO6>xTFdWO;y!tkCV4#{yOiZMt>xF-<V~97_5AHtme;hFkG9F1
zG|B7v-s3E<X)PaTlQ(IS*Ym@Ame;hFPqxXMG|B7v<mW7}X)T{;lQ(IS*YnRKEU#%T
zKh-90(j>3vt8pV#`)OLsPqE3HG|B7v?QoXYw3dIsCU4RtKaA(Y87!}9EkDU7Z_*^M
z=hJIgUej8>i)}nLX_8+tOJ%T$<u$G4r?gY)L{G;*CQb6MWvld`SYFdwev+;Kn>5MC
zT&3iHlc?;kX)SNsi}E*VlGp2p-?F@>wR{dC_#;5_CQb5sy|IDiHBJ135k5ztKP_+4
zB(K*e@3Fk5wS1ux_sN?y$?Nq@Bg<=A%jetVO`7EO`lp%YHLc~73BezM>G;Q_N&cH0
zO2u3)N!ef1#836#(ScI^@+K|w=K{@P`8uYxJXZA<d6Sm%Y>-+l&$O0*T8aD0Z_*^M
z*L&Zyyr#9hu=&49OZj4z!6_qE{d1Vs@+)lln>5Mm_2ej)*R+;jYLho<lGp3ci&<XN
zT7DBD_#-eK|Clt%N0-WEQONR|CVpx^^Z8HmCQb627b*D{SYFdwKE~GnO`7EEuT%0-
z`29YbPik7rm)qLkq)C4C^-6vg%WGQ8zon9W^*3pf7hc8iAj@l7%kQ_zn>5Mm_5D_s
z*R+=B;`{P9X_7y{`G3yxn%45>^Kv>OO`7EO{=s3E*R+;@z*c^fCi%xI6hrUP%Kn<x
z@^Lo*H))dJyjsa$!19{b^5%F?<u_@P7q=++8(3b`T7Iz2e@vR>2j8LO-)4DDYk9N2
zl)p)nyxw2wiG4Wff2>c-=MaKF0wizJB(L{ll38BU#6K9J5P|-*yh)S1-oLqo<u$G4
z&GDM@H))dB`#smPyr#8$G$BU*CQb59RVuxT<u$G4OJY<y(UiYQlYIXDD*a=Y*R+<8
zvpv5}n&ekJsN~NatL(37E#JSrHGh*P`Sp*g^o1<1X)XV>O7_{`q)C3#V~Sxj%WGQ8
zXWIPVq)A@yr+v-xn%43wZ26ls$?N?$2ljo*|9mv$$bZc7emc@kn&kC<-6<@uX(UPc
zwYKt`G|B7zy~!-EX)Vvq@3Wstlf2#!yprWL9jd(EKP+K+O>23w0sRq8^*3qCU+*`*
z%JP~HRbKB;#w9EJYdTbUy`P!O@|q4+UhjYYf#o%=<%h`H`|EGgRDZo+`W?$_I#hYR
zzk1eqRew!~DzEorr?I@ILzUP2x1}tv=}_hMe($|3ujx?b_5Se7EU)QM<@J7Y``;-0
zX<Eyh{u<1G_5O1f%WFDRdA(o#2+M0aRC&F>{VmIDI#hYRAD(=!s=ubSyy>r0f0HKv
z)%)kgEU)QM<@J916D+T3E#I2`_5S?NEU)QM<@J94qzS72nhsT7@Bgo5c}<5ZuiqDZ
z&hnZLRbIbeNIXxKU(=z=>-P~iu)L;2mDletK4*DNhbsT>GirbweLnX;rbCt2??-NA
zc}<5ZuivM9#PXUBRbIb;IpYFVeocoeuiw`!W_eAADzD$~Y-f2*hbph%2gRnS@@qO&
zdHw!q9?NSwRC)cr=@pjObg1(B{ZzM9Renu}DzD#X<*>Y_LzUO>zn*1zO}8e06#VhR
z{}(sWN}pq+Q*HEY8(m_fZ?e%3f<B`&=BNCAtk#yk%SQK4vz8~*M&D$k|7@dww9&&R
zS@q@H=!b0dM>e`^x>bI%jh<<vT{gPRMpOIb(Lekb1=tO=e*ZU!=+0h|&-S{U>7`7s
zWqLi+JD9Fv+5uf8pUw2SOjk0!glLD?xBvPQ(|Z4tKGLIfy`P$n0uudA4l=^uElk((
zg7hDn&R6NZor+(t=dWa1udg>St=H@SVOp>MeiN<a^?K6Fv|gY6jcL8!>)uZB>-SmN
zOzZbK)lBR6Mf;f6`$ZG5PNe$j{i_?9*84&4Fs=8e`eR>``1O9di)h$8hwXbe(<MyP
zz9prvW%@YN)l83xQR$gXFJRis^piw)!G0*yFECxt^czfXV)~y<Z)SQIXf)|@)jC4_
zV56ftTGM;m=+kZVSQ|abMqg>8OKkLwHu^prz1c>8XruSq=wmiIwv)9!@iuyljn1&q
zSK8<j8-0U~zSl<A*yznR`b``CnT>9;(H${%n(f!mMkm_n$u@e1jlRZ47ux8hHu@$T
zeYcH%$VPu^qmSF@KJaC;K8ZHE$VNYGqxae9v%6aL&9~9_+2|cMdeuo*`C1$OiH-ir
zM#pxu%1^P;_t@xXZS>bRx=XB8-zXcMZ=*NZXdJPy*!Q&VR(ht5F0s*1+UU1z^ba;V
zt%p_ravS}WjsC($pWf3df0d2C%|^d$qkpi`{o}0q#@gt4HhPtf{=JQU!$$9xv==U{
z{`T4E9~D16*41AxSsovMFB^T9qJ8`mZ1fBpJ=;cKZKHE-^n4p#rfA>u;1*kY8cH$=
zfu8%55iUfSf{=l55yHg?QxT>iOh=f3Kzo~)Ak0LVg+Sk~T#7Io;WC75gv$}GK)4d&
zDuk;Mu0e1i<RG{a<{;!E<RN$v<|52P$VVtZxE5hPLLtHegd&7ugc5{>2&D*R2;~Ti
z5EdgWL0F2g4B<M2<p?VfRwDcs;d%rwLIuJqgw+T)Al!&>6T;01l?XKNxfS6ygf$4a
zBiw;-Cj#w_Rw3ZffVdlB9m4Mr?m@U0VLifq2=^oW9)XS(Jc#fxLN&q$ghvn_MR*M1
zRD^*D@dybBry&eN7>sZ_!Wjr>A`C$oif|Uf*$BfB&OsQCFajYFAqin5!YG8%2xAb&
zB8)@eZ<M@n)SzKJcz%O$F2V$a^AOHQcnINfgfxUn2<ZqBU-{qhm3V<`D^7f-F1(xg
zv{V~UX=t&wp1RO-Z9aRU1p`j@wR&npONMi-1hTeU^V)otD^Nw-kMIQQ2<t?fRAX)E
z@Tz0g5oUd?O2V&@%>~1&kxfaMRkCRb>xh?Zq=4=b{z<c-`oc4ky;NaZ$*v}RGX)F=
z;ngcZO_&u6&=bB>2OF%yJ=-ZgAc(^7j1@#tnC1$iDQs8xg=fZLBKtre%5$adm+7gD
zY~w_TS=swdh++X=8KPW}=4oA0T?@wN^IW+&vu8VvC*%0gp2YRJJ=<-10r%+12-^*M
zGLAA(SM5pCyfsfolp$T-m)F8gc>&RMvzk3p-jQIBq$|qoag>{JBVMp%eHWfgv)_Ve
zM(XR$%s9T?Ohx(cytC2jt~6UDsZ-^hBn3@X_IvH5C`Vd~!EvUnd4-*n;|QO5te4hF
z78&I?swBZ5a7~?LHt(nNMd*v^WCZzu<wiPRtmP^?8B2H2*)E^+ld{b6W;!;Z#C;Z!
zl&-rZ<PlREVd=)sFs_sfCK_-%Rxl=ciCoYGx;;)Ogm-OR3(_s$7uSM-e8O1nd9hs6
z68w%Ftt;?)wa{*eYgs<DtKnLf4|XS9%iKXPgKLpJ&{X=mvHweMf#Z_5di~o8`C9Vq
zkwGqe(~6K3c+;Da*rqGq{Bpm>-EMwu)=S+uzU{ZU*#v`M<7Q=Q@%}a|TZk98*@QyB
zvCSqJa8H<VJCwdE%y)|!UDc-L!@i@96@+{_n~y)}t!(zx5U*piiv_)hjhTE`LIvsi
zz5zV>*SmR5XWP~**H|v(yVe5uL%3v3%lxw2)ksSi*Q(jYTDecn&aN*Cvs`v%UfV_j
z{wvEuyg|(-bfT-%tgPmpX||NsFH5ruSZ+zvNdecR*%Dg07fo~fyx(^r8dBu-+ko`D
zB)9|3xEL+yjcArgeH9uaZFitqV$^S%@O@}}5t_OIO<#Q`@AJl;XTdK!3-}=vs!&qE
z8f!F78LfBgC7KtYNh!;XFd<1;_sl{P39^g}NzS%L4N1nnLJdJ^YSMV$O>(ZXvV8g5
z6vb-%qn|fPO2(tacdhO;PkDZEp53lN=aIO}v(*_?qW^M5b%Euqadg2xH4f!Hs$fCM
zxXEt%5u0W52UUV)q(<-7ZtNXt$qAIY-*MJhd1r4LU0piTdTFnv6jMiz()aPE@vpql
z?*`y<P5!Zf7AJ}JfhdTp7LcoE=2MsB@zeZmg3*+b)#6D3o*dx+zST)!ev=Y;eG;%|
zGYWU~wv;yJ(xTFqQ+?S5==9|lq#$~s6qqy)7X`~7Ny*H=_F8Ed>kk~sH!-*=ITvO_
z!zt5AcTJ=lA=M-%ZKU07z8OytmA)!ibMlwpGFq4gRLX2agKAV?0dYGkm9roiuRmw2
z4u96xcr$M{POw47;#NsPIQ;nrOVnNxRMOXSK_tiJ@ekaf?eK#cTtfSBX0wm7i;c-&
zKzo9(aJB?n-pF1l4j341+3V&}j+A6)_ZK7}#a9x0idhtC2W5*Hmu5}Pn4Uh#HTlx%
zX;~RFrn?e_D=;!il{=tchqI$SJh!+oZ}_jTabyc+Z1Z;Xi3=E}I#s%W@u-#I)GSJP
zvMuDR#?}+6*F$U@m|Dops%eyLr-0hD=|^wOGFb=6U+j_Aah3Ns+w$8*s%-3y7Hwg=
z4tJGbLzOC38=g$2q1!CRHn2S|!Zs<};nz|Zv~<6$iL6BnQx}&j*rSZ!4z%4H*>u0E
z&X&s=?zOX~vjuz3|1!NTmp9CYYT2k^D&!K{ClSB2)qgd8!OItBW!ZYR!iA}fOJ<++
zgnuKi#T9>TwJnr3oVVR4ENA!%TPR_et;0=iH)ELEWZAN22d>g+UXe9hZTXo?R=I+Q
zfaL+Im~B6P$B{vXNlvkOE63U^hG@Aj#6Pe_TvNyKJ^5n9rMTX|Y{Wcw>9P@%@XHp3
z^qUwX<`tCZFPd`>HW%>g9_L`=V}x<He%S~_j2ux|FlR&w{h|;i&?D5w$cQ<M3JUW^
z3?DwCtTcCopdaJK&#Dd2&HaBQo0;n81x6IlxpsKDyA*F(sbE|ZDuB+vn5ul@&l9=G
zS^_1e?S{ZcZEep8dd&Ze+(jc0TzGLiJYSe8z;z<_aSA;P@Ovw6vNnF}%vDfS2zIk+
zrWVX8r6x*q=jMCLWNVx=Z&}HRq_M;Cf8vOOqTIqoc^;WCVsUcInJsWHo8xhf9>saI
zP$c+38U1`hQMtc3(jXS6ZOs@`!Zr!X2w~?jh{K1Jm90C3BxCO^AqbslQ!vnD<PKb0
zetMyWCduWUwK9K;gzX@*Go#z!N3~o_uz}X1yZkaQJV(FGfg17!Ib;7{+A$4mm~fV6
zEp=i1dN_U*2tPMc=I>f93?P%+`n%TJa*_RBcxo#f6fKO}{vE1-EhFDHV!#f-|JHtQ
zKtbBH714qPg6xV~hVnL#QqsFED#Gedfoj@34O2C?6y^W=4e;>HZGDu6Z*QxfFb!@~
z(!!RpY8)%Czc<?AeY?fh_#nO;WQGu)NrNZ~XPKg^8AMsQdju^i470U@6pcFxzgY{m
z!QpSHAmYA(GpOV*egzU<bJ}Kr;WwpCQJ7Y@Yq50_)yOs`ztQapzV2a5FyE!%HA;)G
zb;2{LeS#eRCWfl6U0?WZWY-jCBL%3jwNm8mS9#laczMSrV7k@jHnQv}{aWf&=>jHN
ztxPV>qJ$^gLcWo=UyGA{A0L=jw(gOIGvQI%*c+{L#I`QPS}s_aPOVDS=GRzi`?Aeq
zYy;cWD)RQLuyBq$cYa3E++z6=mCX;?YC+~d;XJo2F7&JFY`L7_&Olo$>o3#Wa(Tn-
zOp&)=^0()Hne}WF%P^I3+uG+<;ZGbbuJ~)KZK1TkxO>~n8NR|6N*HGA{QvOnm+`s_
z`%S@K>$HA!)OCgYE$Dz5Xeg4%(K7W2MMmb<W+~)keZYsDRolgoSCB_o$Qgzyi(GA^
zRLD7oA&1=T{W#?8+Ac^3l7k*T4ti4A{H;-S%ab_rKV9nas~ETqn6BTFe{qPz%{b9#
ziYQ!K7={0Eoe@H|N*1RI$3IJO#}95a3+1og$K-p}I-K4niNY10>G9)>vafyH`^1i)
zyS$Mxqq<<~ACG_LjDF(Sjd4Ryd*=G5|Bzk$`rf(q(I3C}-u$Q;+3lKF)UCMg#?St8
z+mu^|J=t3Ny_awL?cy$9Uvt%Ef8U$9_t21KcMtnN+i~}7Ny5bL6HgT{zdj!;&@Rhg
z+bQVzpmljksN&aH<F`luNzZ$`Vyn)!IeYI2r5@vI6XZ{?k6bx>ap8&X2@MysubWz(
z-YO_D{b0uY^--2*i$!&+{w>$Jcl3zU<rTqZPcF`6P+PPLc-5kr{_GuLcLaR8>$n$l
zFH7@3y4SU|SUs-mF899^k$ZGbw_XlETJFAG&|i5{-NefM=O6svb(VYU{>C%?`z3cd
z8mYy85?QjYCS+><QbXM}qMm%-ci!wi@ZqZON4^z7(|zJ|m%Mozy=C?MqZik(-TT;3
zF1NH(X|hu8QpI3_f~JF^PyQS}7<X~Wwx9EVn8iQ&?WkYBcP7`)Uup++I*z){wlP*r
z+LIh)<Io}VK#5KN>lfEd_3b~DSQc%wxO|*H-jh)=yur!Gr}ZMC@TF8<by`t~QGD0V
zi{<mm?euFZn^{gSQ43g8{+H#9+RvEmsg#;eNWX8-4|}zqB{B9K*WC@0Sza4OzjWuH
z^z64q2DjUUE!vAFPd4BQ>f}qDkan<ARd(w8Q@8EnUtY>^o_Eu+CeL}_x5@5>F{`dW
zT+=u8(34b7n?1YcO3D3KT65}QeYj9q(8f1h?bAN*s<@@^-!^HQkjdWs$4BpoFia8a
zQ~JD6LFl!{)`y87YAk%hwx2RHDNMikse3{G6y=7xVAsvn0`J#V_FGQAdT0KzId_8t
zWZG}kUrL%H^jU7xcGGU7!)X?ul`l61w^}p{t(YD^PuJq&$zzF{)dBl`nJe#VmKZm@
zih7^auXRN2&)ba;yC>H_%5YuG7jf5aYwP34N@2ND^Xmtlg49pVe9ZGLK+Ka*{GrLc
zS7+njU*0x-y8Mfj)nBj3%;x%d$X(q%_)cx&tJ5qIDNklhivQHf%x<>9(CdE7{prW=
IsB3Hh0ErS7oB#j-

diff --git a/package-lock.json b/package-lock.json
index 839bb0d4..cc3cc48d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@garygrossgarten/github-action-ssh",
-  "version": "0.7.0",
+  "version": "0.8.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@garygrossgarten/github-action-ssh",
-      "version": "0.7.0",
+      "version": "0.8.0",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.10.0",