From d5fbe63b701a5f1b2f19720e842556e0855e6fd0 Mon Sep 17 00:00:00 2001 From: Tom St Denis Date: Mon, 3 Mar 2003 01:02:10 +0000 Subject: [PATCH] added libtomcrypt-0.79 --- authors | 2 +- base64.c | 4 +- changes | 25 +++ config.pl | 143 ++++++++++++++ crypt.c | 59 +++--- crypt.pdf | Bin 337482 -> 337516 bytes crypt.tex | 46 +++-- demos/test.c | 428 ++++++++++++++++-------------------------- dh.c | 175 ++++++++--------- dh_sys.c | 70 +++++-- dsa.c | 398 +++++++++++++++++++++++++++++++++++++++ ecc.c | 245 +++++++++++++++--------- ecc_sys.c | 56 ++++-- examples/ch1-01.c | 18 ++ examples/ch1-02.c | 25 +++ examples/ch1-03.c | 29 +++ keyring.c | 41 ++-- makefile | 148 +++++++++++---- makefile.out | 23 +++ makefile.ps2 | 48 ++++- makefile.vc | 44 ++++- mpi.c | 213 ++++++++++++++++++++- mpi.h | 5 + mycrypt.h | 52 ++--- mycrypt_argchk.h | 21 +-- mycrypt_cfg.h | 40 +--- mycrypt_misc.h | 2 + mycrypt_pk.h | 52 +++-- packet.c | 4 +- prime.c | 2 - rsa.c | 33 +++- rsa_sys.c | 40 +++- sha1.c | 3 +- strings.c | 2 +- update_libtomcrypt.sh | 131 +++++++++++++ 35 files changed, 1918 insertions(+), 709 deletions(-) create mode 100644 config.pl create mode 100644 dsa.c create mode 100644 examples/ch1-01.c create mode 100644 examples/ch1-02.c create mode 100644 examples/ch1-03.c create mode 100644 makefile.out create mode 100644 update_libtomcrypt.sh diff --git a/authors b/authors index 7938176..525e646 100644 --- a/authors +++ b/authors @@ -25,7 +25,7 @@ tomstdenis@yahoo.com. 6) Clay Culver - Submitted a fix for "rsa.c" which cleaned up some code. + Submitted a fix for "rsa.c" which cleaned up some code. Submited some other fixes too. :-) 7) Jason Klapste diff --git a/base64.c b/base64.c index 3ab94d0..a772b80 100644 --- a/base64.c +++ b/base64.c @@ -91,7 +91,7 @@ int base64_decode(const unsigned char *in, unsigned long len, if (c == 254) { c = 0; g--; } t = (t<<6)|c; if (++y == 4) { - if (z + g > *outlen) goto error; + if (z + g > *outlen) { return CRYPT_BUFFER_OVERFLOW; } out[z++] = (unsigned char)((t>>16)&255); if (g > 1) out[z++] = (unsigned char)((t>>8)&255); if (g > 2) out[z++] = (unsigned char)(t&255); @@ -103,8 +103,6 @@ int base64_decode(const unsigned char *in, unsigned long len, } *outlen = z; return CRYPT_OK; -error: - return CRYPT_BUFFER_OVERFLOW; } #endif diff --git a/changes b/changes index 4708da3..3185e36 100644 --- a/changes +++ b/changes @@ -1,3 +1,28 @@ +Dec 14th, 2002 +v0.79 -- Change to PK code [binary and source]. I made it so you have to pass the buffer size to the *_decrypt_key and + *_verify_hash functions. This prevents malformed packets from performing buffer overflows. I've also trimmed + the packet header size [by 4 bytes]. + -- Made the test program halt on the first error it occurs. Also made it trap more errors than before. + -- Wrote the first chapter of my new book [DRAFT!], not in this package but check my website! + -- Included a perl script "config.pl" that will make "makefile.out" according to the users needs. + -- Added shell script to look for latest release + -- Merge DH and ECC key defines from mycrypt_cfg.h into the makefiles + -- updated the makefile to use BSD friendly archiving invokations + -- Changed the DH and ECC code to use base64 static key settings [e.g. the primes]. Dropped the code size by 3KB + and is ever-so-slightly faster than before. + -- added "mp_shrink" function to shrink the size of bignums. Specially useful for PK code :-) + -- Added new exptmod function that calculates a^b mod c with fewer multiplies then before [~20% for crypto + sized numbers]. Also added a "low mem" variant that doesn't use more than 20KB [upto 4096 bit nums] of + heap todo the calculation. Both are #define'able controlled + -- Added XREALLOC macro to provide realloc() functionality. + -- Added fix where in rsa_import() if you imported a public key or a non-optimized key it would free the mp_int's + not being used. + -- Fixed potential bug in the ECC code. Only would occur on platforms where char is not eight bits [which isn't + often!] + -- Fixed up the ECC point multiplication, its about 15% faster now + -- While I was at it [since the lib isn't binary backwards compatible anyways] I've fixed the PK export routines + so they export as "unsigned" types saving 1 byte per bignum outputted. Not a lot but heck why not. + Nov 28th, 2002 v0.78 -- Made the default ARGCHK macro a function call instead which reduced the code size from 264KB to 239KB. -- Fixed a bug in the XTEA keysize function which called ARGCHK incorrectly. diff --git a/config.pl b/config.pl new file mode 100644 index 0000000..fd8093c --- /dev/null +++ b/config.pl @@ -0,0 +1,143 @@ +#!/usr/bin/perl +# +# Generates a makefile based on user input +# +# Tom St Denis, tomstdenis@yahoo.com, http://tom.iahu.ca + +@settings = ( + "CC,Compiler,gcc", + "AR,Archiver,ar", + "LD,Linker,ld", + "CFLAGS,Optimizations,-Os", + "CFLAGS,Warnings,-Wall -Wsign-compare -W -Wno-unused -Werror", + "CFLAGS,Include Paths,-I./", + "CFLAGS,Other compiler options,", + "CFLAGS,XMALLOC,-DXMALLOC=malloc", + "CFLAGS,XCALLOC,-DXCALLOC=calloc", + "CFLAGS,XFREE,-DXFREE=free", + "CFLAGS,XCLOCK,-DXCLOCK=clock", + "CFLAGS,XCLOCKS_PER_SEC,-DXCLOCKS_PER_SEC=CLOCKS_PER_SEC", +); + +@opts = ( + "SMALL_CODE,Use small code where possible (slower code),y", + "NO_FILE,Avoid file I/O calls,n", + "CLEAN_STACK,Clean the stack within functions,n", + + "BLOWFISH,Include Blowfish block cipher,y", + "RC2,Include RC2 block cipher,y", + "RC5,Include RC5 block cipher,y", + "RC6,Include RC6 block cipher,y", + "SERPENT,Include Serpent block cipher,y", + "SAFERP,Include Safer+ block cipher,y", + "SAFER,Include Safer-64 block ciphers,y", + "RIJNDAEL,Include Rijndael (AES) block cipher,y", + "XTEA,Include XTEA block cipher,y", + "TWOFISH,Include Twofish block cipher,y", + "TWOFISH_SMALL,Include Use a low ram variant of Twofish,n", + "TWOFISH_TABLES,Include Use precomputed tables to speed up the low-ram variant,n", + "DES,Include DES and 3DES block ciphers,y", + "CAST5,Include CAST5 (aka CAST-128) block cipher,y", + "NOEKEON,Include Noekeon block cipher,y", + + "CFB,Include CFB block mode of operation,y", + "OFB,Include OFB block mode of operation,y", + "ECB,Include ECB block mode of operation,y", + "CBC,Include CBC block mode of operation,y", + "CTR,Include CTR block mode of operation,y", + + "SHA512,Include SHA512 one-way hash,y", + "SHA384,Include SHA384 one-way hash (requires SHA512),y", + "SHA256,Include SHA256 one-way hash,y", + "TIGER,Include TIGER one-way hash,y", + "SHA1,Include SHA1 one-way hash,y", + "MD5,Include MD5 one-way hash,y", + "MD4,Include MD4 one-way hash,y", + "MD2,Include MD2 one-way hash,y", + "HMAC,Include Hash based Message Authentication Support,y", + + "BASE64,Include Base64 encoding support,y", + + "YARROW,Include Yarrow PRNG,y", + "SPRNG,Include Secure PRNG base on RNG code,y", + "RC4,Include RC4 PRNG,y", + "DEVRANDOM,Use /dev/random or /dev/urandom if available?,y", + "TRY_URANDOM_FIRST,Try /dev/urandom before /dev/random?,n", + + "MRSA,Include RSA public key support,y", + "MDH,Include Diffie-Hellman (over Z/pZ) public key support,y", + "MECC,Include Eliptic Curve public key crypto support,y", + "MDSA,Include Digital Signature Algoritm (DSA) support\n(not required for signatures in the other three),y", + "KR,Include Keyring support (groups all three PK systems),y", + + "DH768,768-bit DH key support,y", + "DH1024,1024-bit DH key support,y", + "DH1280,1280-bit DH key support,y", + "DH1536,1280-bit DH key support,y", + "DH1792,1792-bit DH key support,y", + "DH2048,2048-bit DH key support,y", + "DH2560,2560-bit DH key support,y", + "DH3072,3072-bit DH key support,y", + "DH4096,4096-bit DH key support,y", + + "ECC160,160-bit ECC key support,y", + "ECC192,192-bit ECC key support,y", + "ECC224,224-bit ECC key support,y", + "ECC256,256-bit ECC key support,y", + "ECC384,384-bit ECC key support,y", + "ECC521,521-bit ECC key support,y", + + "DSA1024,1024-bit (160-bit) DSA key support,y", + "DSA2048,2048-bit (256-bit) DSA key support,y", + "DSA4096,4096-bit (512-bit) DSA key support,y", + + "GF,Include GF(2^w) math support (not used internally),n", + + "MPI,Include MPI big integer math support (required by the public key code),y", + "MPI_FASTEXPT,Use the faster exponentiation code (uses some heap but is faster),y", + "MPI_FASTEXPT_LOWMEM,Use the low ram variant of the fast code\nRequires the fast code to enabled,n", + + +); + +# scan for switches and make variables +for (@settings) { + @m = split(",", $_); + print "@m[1]: [@m[2]] "; + $r = <>; $r = @m[2] if ($r eq "\n"); + chomp($r); + @vars{@m[0]} = @vars{@m[0]} . $r . " "; +} + +# scan for build flags +for (@opts) { + @m = split(",", $_); + print "@m[1]: [@m[2]]"; + $r = <>; @vars{'CFLAGS'} = @vars{'CFLAGS'} . "-D" . $m[0] . " " if (($r eq "y\n") || ($r eq "\n" && @m[2] eq "y")); +} + +open(OUT,">makefile.out"); +print OUT "#makefile generated with config.pl\n#\n#Tom St Denis (tomstdenis\@yahoo.com, http://tom.iahu.ca) \n\n"; + +# output unique vars first +for (@settings) { + @m = split(",", $_); + print OUT "@m[0] = @vars{@m[0]}\n" if (@vars{@m[0]} ne "" && @m[0] ne "CFLAGS"); + print OUT "CFLAGS += @vars{@m[0]}\n" if (@vars{@m[0]} ne "" && @m[0] eq "CFLAGS"); + @vars{@m[0]} = ""; +} + +# output objects +print OUT "\ndefault: library\n\n"; +print OUT "OBJECTS = keyring.o gf.o mem.o sprng.o dsa.o ecc.o base64.o dh.o rsa.o bits.o yarrow.o cfb.o ofb.o ecb.o ctr.o cbc.o hash.o tiger.o sha1.o md5.o md4.o md2.o sha256.o sha512.o xtea.o aes.o serpent.o des.o safer_tab.o safer.o safer+.o rc4.o rc2.o rc6.o rc5.o cast5.o noekeon.o blowfish.o crypt.o ampi.o mpi.o prime.o twofish.o packet.o hmac.o strings.o\n\n"; + +# some depends +print OUT "rsa.o: rsa_sys.c\ndh.o: dh_sys.c\necc.o: ecc_sys.c\n\n"; + +# targets +print OUT "library: \$(OBJECTS)\n\t \$(AR) rs libtomcrypt.a \$(OBJECTS)\n\n"; +print OUT "clean:\n\trm -f \$(OBJECTS) libtomcrypt.a \n\n"; + +close OUT; + +print "\n\nmakefile.out was written.\n"; \ No newline at end of file diff --git a/crypt.c b/crypt.c index 41d5eef..b200a6e 100644 --- a/crypt.c +++ b/crypt.c @@ -1,7 +1,9 @@ #include "mycrypt.h" #include -struct _cipher_descriptor cipher_descriptor[32] = { +#define TAB_SIZE 32 + +struct _cipher_descriptor cipher_descriptor[TAB_SIZE] = { { NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL }, { NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL }, { NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL }, @@ -35,7 +37,7 @@ struct _cipher_descriptor cipher_descriptor[32] = { { NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL }, { NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL } }; -struct _hash_descriptor hash_descriptor[32] = { +struct _hash_descriptor hash_descriptor[TAB_SIZE] = { { NULL, 0, 0, 0, NULL, NULL, NULL, NULL }, { NULL, 0, 0, 0, NULL, NULL, NULL, NULL }, { NULL, 0, 0, 0, NULL, NULL, NULL, NULL }, @@ -69,7 +71,7 @@ struct _hash_descriptor hash_descriptor[32] = { { NULL, 0, 0, 0, NULL, NULL, NULL, NULL }, { NULL, 0, 0, 0, NULL, NULL, NULL, NULL } }; -struct _prng_descriptor prng_descriptor[32] = { +struct _prng_descriptor prng_descriptor[TAB_SIZE] = { { NULL, NULL, NULL, NULL, NULL }, { NULL, NULL, NULL, NULL, NULL }, { NULL, NULL, NULL, NULL, NULL }, @@ -103,26 +105,27 @@ struct _prng_descriptor prng_descriptor[32] = { { NULL, NULL, NULL, NULL, NULL }, { NULL, NULL, NULL, NULL, NULL } }; -#if (ARGTYPE == 0) && defined(SMALL_CODE) - +/* ch1-01-1 */ +#if (ARGTYPE == 0) void crypt_argchk(char *v, char *s, int d) { #ifdef SONY_PS2 - printf("_ARGCHK '%s' failure on line %d of file %s\n", v, d, s); + printf("_ARGCHK '%s' failure on line %d of file %s\n", + v, d, s); #else - fprintf(stderr, "_ARGCHK '%s' failure on line %d of file %s\n", v, d, s); + fprintf(stderr, "_ARGCHK '%s' failure on line %d of file %s\n", + v, d, s); #endif - raise(SIGABRT); + raise(SIGABRT); } - #endif - +/* ch1-01-1 */ int find_cipher(const char *name) { int x; _ARGCHK(name != NULL); - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (cipher_descriptor[x].name != NULL && !strcmp(cipher_descriptor[x].name, name)) { return x; } @@ -134,7 +137,7 @@ int find_hash(const char *name) { int x; _ARGCHK(name != NULL); - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (hash_descriptor[x].name != NULL && !strcmp(hash_descriptor[x].name, name)) { return x; } @@ -146,7 +149,7 @@ int find_prng(const char *name) { int x; _ARGCHK(name != NULL); - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if ((prng_descriptor[x].name != NULL) && !strcmp(prng_descriptor[x].name, name)) { return x; } @@ -157,7 +160,7 @@ int find_prng(const char *name) int find_cipher_id(unsigned char ID) { int x; - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (cipher_descriptor[x].ID == ID) { return (cipher_descriptor[x].name == NULL) ? -1 : x; } @@ -168,7 +171,7 @@ int find_cipher_id(unsigned char ID) int find_hash_id(unsigned char ID) { int x; - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (hash_descriptor[x].ID == ID) { return (hash_descriptor[x].name == NULL) ? -1 : x; } @@ -186,7 +189,7 @@ int find_cipher_any(const char *name, int blocklen, int keylen) x = find_cipher(name); if (x != -1) return x; - for (x = 0; cipher_descriptor[x].name != NULL; x++) { + for (x = 0; cipher_descriptor[x].name != NULL && x < TAB_SIZE; x++) { if (blocklen <= (int)cipher_descriptor[x].block_length && keylen <= (int)cipher_descriptor[x].max_key_length) { return x; } @@ -201,14 +204,14 @@ int register_cipher(const struct _cipher_descriptor *cipher) _ARGCHK(cipher != NULL); /* is it already registered? */ - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (cipher_descriptor[x].name != NULL && cipher_descriptor[x].ID == cipher->ID) { return x; } } /* find a blank spot */ - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (cipher_descriptor[x].name == NULL) { memcpy(&cipher_descriptor[x], cipher, sizeof(struct _cipher_descriptor)); return x; @@ -226,7 +229,7 @@ int unregister_cipher(const struct _cipher_descriptor *cipher) _ARGCHK(cipher != NULL); /* is it already registered? */ - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (!memcmp(&cipher_descriptor[x], cipher, sizeof(struct _cipher_descriptor))) { cipher_descriptor[x].name = NULL; cipher_descriptor[x].ID = 255; @@ -243,14 +246,14 @@ int register_hash(const struct _hash_descriptor *hash) _ARGCHK(hash != NULL); /* is it already registered? */ - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (!memcmp(&hash_descriptor[x], hash, sizeof(struct _hash_descriptor))) { return x; } } /* find a blank spot */ - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (hash_descriptor[x].name == NULL) { memcpy(&hash_descriptor[x], hash, sizeof(struct _hash_descriptor)); return x; @@ -268,7 +271,7 @@ int unregister_hash(const struct _hash_descriptor *hash) _ARGCHK(hash != NULL); /* is it already registered? */ - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (!memcmp(&hash_descriptor[x], hash, sizeof(struct _hash_descriptor))) { hash_descriptor[x].name = NULL; return CRYPT_OK; @@ -284,14 +287,14 @@ int register_prng(const struct _prng_descriptor *prng) _ARGCHK(prng != NULL); /* is it already registered? */ - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (!memcmp(&prng_descriptor[x], prng, sizeof(struct _prng_descriptor))) { return x; } } /* find a blank spot */ - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (prng_descriptor[x].name == NULL) { memcpy(&prng_descriptor[x], prng, sizeof(struct _prng_descriptor)); return x; @@ -309,7 +312,7 @@ int unregister_prng(const struct _prng_descriptor *prng) _ARGCHK(prng != NULL); /* is it already registered? */ - for (x = 0; x < 32; x++) { + for (x = 0; x < TAB_SIZE; x++) { if (!memcmp(&prng_descriptor[x], prng, sizeof(struct _prng_descriptor))) { prng_descriptor[x].name = NULL; return CRYPT_OK; @@ -320,7 +323,7 @@ int unregister_prng(const struct _prng_descriptor *prng) int cipher_is_valid(int idx) { - if (idx < 0 || idx > 32 || cipher_descriptor[idx].name == NULL) { + if (idx < 0 || idx >= TAB_SIZE || cipher_descriptor[idx].name == NULL) { return CRYPT_INVALID_CIPHER; } return CRYPT_OK; @@ -328,7 +331,7 @@ int cipher_is_valid(int idx) int hash_is_valid(int idx) { - if (idx < 0 || idx > 32 || hash_descriptor[idx].name == NULL) { + if (idx < 0 || idx >= TAB_SIZE || hash_descriptor[idx].name == NULL) { return CRYPT_INVALID_HASH; } return CRYPT_OK; @@ -336,7 +339,7 @@ int hash_is_valid(int idx) int prng_is_valid(int idx) { - if (idx < 0 || idx > 32 || prng_descriptor[idx].name == NULL) { + if (idx < 0 || idx >= TAB_SIZE || prng_descriptor[idx].name == NULL) { return CRYPT_INVALID_PRNG; } return CRYPT_OK; diff --git a/crypt.pdf b/crypt.pdf index fe3dc997f849a6a7728c3e6601547346ead8f2c5..7c84a8ecc04ba085a59f34b17c4743285fcb7593 100644 GIT binary patch delta 109589 zcmV)9K*hhx%oOa*6p-eBEwgAFS0GVr-iCGvt|*%tLT$4~uLFt`agA3$7miMS9^>?y zeM_R-7AexSjX2*OcFc+Y-liz{E*%czZoDuISoSdMx_XtnhuG z;&`j+3RYq1kXUsYY6`Bb(NU~26CF5uc`^5yiVQ~C`2OQXW1QkndOx-@b_GocS7Sd7 zk+I8gBgk*`aRQa|l*B9$)Lc`{vtY5S<-35RXZ(MjPE@zUj4xp12i!=lc5PHlPWY70b-LtG#Y>DwigjtEcWs3 zhXr&Qzj=2ZP3G1-(3ALa;smx81mPsqfn_`4Bu@WSjy?S={`l@%djq|>wzRD$Hfbzw zE`E=%rjGhDooVeU$C}QW^upyJ)t!v~OBW6H@c6 zx#z*xvF5%{ne7{}t)oDFxc|xnW1MGg#b3!L#hI@F4*F&oCAojkO4d6Xq;PTv!v}*D z3er78FtprmL_nBO-Z*HJHm^z;G`Je7>XBU<6j4U@DK+~nsk@6$uySPyQGy91uDt-u z3yRtW6awaw1$qIvbO5-^zF>K|1`na9l68W?lugTX4i;);3OM5mK4%fQaUCmi9dZ*> zNuWHwD?q{zVu^nOmsWOqeoTO3xUXbl3vxq-p+wZf3|o=mvRltfoNua+n{ zpklReiW9p8c7$rr7z5%gL{inp&8ph&2$F0B<}L=u13WOXI>9JTm@cp}fX_{Zj*sXl zI|#2p543)Pjaqa1j#l}0hm=)S-Ga!SQ#c^!(6XIqHT-{VHwmq~ToDv4dsJaoA(}md zFvRYd;yPt5u>%udCbvWlBD@>fib##8Fmg=kB~@B}0VE2Sl#guM)r=K;g+fY-xOUu_ zwUT%C4Ta1M2s2o%dG;D@s2c?8ny4qbdD({un&oP&syQCCc|=`^TIIrji;_8kkKfdU zi&Q~UW+{Jf$xHt7DFMy%M#Zw@CKI(TO`Hhc?K2C{xGigA2Dk>&>P$*}%(JrD*Ju#< zCTWF|mS#@jH8GwRC`iOG>K(%5ticafYo5Jc7z}Wv6~~mbXR8LzLebF$5z%u#LJ4{} zv4HxgS*U8dDnwvf=teY=Uz8;nf5u*1H%rE1+uwfxUQc}-zo;i@?`k^Y2eg|4WUt*c zNl8aD;Pg&BPErw4pL4enMB*<=O!;AaXTyp^J)a>o`BLSHe{;JTv}sGp_`tCNs86bV;obVCtKt2<1S ztvDEeHyKkE!^S3)73rA;j!cV%3rwRwYM#PppT(9g)^*Z7J(6O?iYHbs>zvBY`#uy& zYTltBdl|kj+wfn2fdTxq0>Xnqw#b(9pjnSN55&r%=;POFu`dqTisX^>a$6|dJ|;~i z0e?brC%dN2M)V`me_u(z5h{GcXF*a@%dWR=02`=ru^ijGU2Hr(@} zb{7;~_iQ@ywix}My4!IqX2%^==;>tK5!dMN z5bpka%(daw0u!tArmc3H-V@om-DZ^To2&TEKXId-(1V{jx1TuyWd)N^pDKT?Sy^-2 z$Ps?muVCp3+%m^=;YyzDja{YPWY@8{dB}Rp1(P6&GD$E1WG(&c)5i=BLKKxqFT!w+ zp6;IRuMfSQU%h^B>?9RwWG3^~M9D}bQ96lDB&3Qb^X2bBB#fBO;y4aIOcNWtnd&(B z@#l9_70jnIV{Gtos*~W?-{yZezr4Gh{xSdQ_4}lwXp9lDO(&9QS;ZSd)$N%1Ei)bS z9BeH1&2$#(FsSP6bG~0x$3ye^YkvGBL%AsTaCz-E-0kaPz0a5YYq7~H9{o`4VgIX# zHf_uOnn%Tcnh2A5vfR66%93XViCI z6$A5|DXoOGA*e-(C}pPR8_>B8li-sw7PL^+)0qk~Jbd+Tex=|lIZ+c8!F75PDJvo! zPZqnY|6Kk4hny_0^SfG0ILxTp#iqCk7^nTp!a{M+GtQQO3;ArzUykT4HiUxlz1Sgu3zecm|r&feX zG_a2^NZ^Q967d>21h`6dkk$Mx&;bs24gOO2i@saS_6-j*eAjhZ74%R$;ouYuUaNtQZ;+-j z0Ls7sz7=U0CP<%1yR32!iS3)ixXNiAIoUc2WNh%o2PuEa8oa^r5n_o@knTgyXw)YQ zxVYwdeL@d8*>;A?0)gMA)*>E?(1slhnlQRx7b=nfOyMMqBG5?mOdModvmUWA5E_xB zw!IHo<>2)&5XJyZ>Sefdv>xM5ODXJ-xiJo!Fg)={m^e%!!C~vIR%9%@n)Tm4D~!tn z?{Z;NvYE zf5YQLwm^A0S8H%y5uD-r00qecahAA3fx#@V`M?@L+S71%XLx4Gk2}0$mp2uL4|IefP_%y@=W!a`=V8|~sLrrcXXkF&mJ+5l z|MD)0V$?l$xVr&WbJiJeQG2@uqc4j;NMui5R_IUnl6l?+xTYG7O94K3;sEFoi92;AdRIUq;x4diME zq+Wm4&J;5=K%E#!ZP5>q#J6JU?Ft71-#uZY$Bo@;<|Y`fG!!HRyga+f>J5*M#23DA z#S@%k)HTUT$2OfI!-Nj*YIhmf2npeSqOaaLM|PJQdKLU)6d6Zj%x1@kjogWG{R2m} z7CMQ?IXlw%jK^HY&gr_nkghA({G@zcha!K}$&<^SUL`v`(BA!yZ!1RUM1!g;CNJwmDJWxif@kef9AKRQ3Za-jUcd=?aDOEfRy;9{pmfYm& zHog?6tq~eP-%1V1mwH|#bhKtYVxu^1Ap}P4b*`3DX}NSiTl7)}*~5PnhZSReq1acK*4oCZ>PV-?pabi}W>A>W;+ z(n`7TAG-kB@cR9RD>IE^(k`;ZdSris1`4q#((ncLP57+0_Oxa_VyACyAYqF_)!v7C z^5GC+`*_MABok1+rZ2*vr}Y?v7LYAc$$&vNMtWtV67GEUK_{cok)8+wu?B-;q}ow@m<<;Go7w_;akitoaufSihN3r=z|{PQ!J;5&&^m2S4nJ&_O66+oo%>Pp;bl>Or4G!wlyH%4w}1JcawCu$1V*mz`MZ&jA$AD7kY)A2D=J8z;Joye0V!!M<%*f6l0C{HOUUS>TU6h01Hx8lwI=MVFgJuW^PZv>7VF)|p z)`l1yEd@s)u%i5=ZN=t%auDUzS zbqrM>K$}XSbb97Ll{~FkkJzY}8bbvcx7Sg)?DCra|CQpT?dXsIOU~DDxG$X|HW@XN zT)xv6cUAdxtJPkc$w5t-3P7NNHFC44GZlVu?q@Et# zx2Q+~@h$>4G?SqTD1WV3S##Sq5PsLM;N+#0CqxJmyxJ!xvFjX7Qd=`^C&_pyiIO;` zNQI>AQGb2+052VOo90CX7K`1*;@bmyIT^jU42?)czH3YthV*UW`+*U-zOZFrOy-|W z6^_47-oChWRmT@aLMq3wiQ(1N`KQUnSen;k%XO6*h_Mv}fq(h>&E@4Aq+4T4npZe_ z|Ngi056I=3?{NMX@4(@oV<$9U5$E}bUx9F;)%u2%BJw=cYiY%n6R;_u9@I(Gp&!^S z9nZW@)-g;=6n0mEia?n~j$hB5tP&jf=1rag&t?NN$4qKg)^mkzSTYoD7?F}cR=}K~ zK$H_IvnDyAXMe`iu?3bFX#PF^X!;D93tF4=UN`j3s@3WQEU#vEBv;IX>_x6Oe6c+n z=5d9*)pnicFk5QXS;m8hF-pr(d)-n(mY)HC22vz1)a^mil27tL6Xep;rj2o^KSsxp zGxQ~ZGpbcwCUd?<>4erat$A`sT6a82bN)6O@uI&-SAS`yXS^DhWsC&9X%kl!S*OL< z1%Gj4LO!U$;b3c8t2BGy1)iWHq9!PS(r4P*E}vwk;cN$IrHtbbF1aNKZU9fNU(Sm8UU5nKq3XQGQWC0ylGtT~}CJlG5YB0?E;!RG2X`v_x* zgOUU4b^67YJ|5k=N-~7qI@UpVIgXUM&1ZE=(5{XJnlKY|o-IH=n@&V_8!xSq z63@GsiaGOm5UXj%!9i+&W-ohknA0NRx@>5ggEkNDalX1mr{Zz%i*%0W{&H|d0E|ef zfq#I>iVhJvC+&r$vdK5~7M+$;o@2BHy@C=5U&*GRP%Vi(EDzHBG}#X&7eOjL!wVdt zl=pNjxk7=mqp{S;vUZ$~cYlOEO9r7(ff_=vOc*R&gpj-B+*AXYA$?#O zEH!?b%Ht|sbzol>_tDsvj7--p4dDgeXim}fB-jvGE!wK|?*ya5ZXtM<6%WsGs5)4l zte zeeQ60yszn{+8flkZaaV&Z&vx7Yn7)nED)}5&Y4msSzNaj8VDTvoMPE4xL?Cd`5KEb z=%J;@SnyZ3Ryu(YyfGqbUM;j)^M3}2vvP+nua7k+J37ufsY`%F@BWaw>#)A9(tLT? zp^zuB5kYIGS;{8i$^Zofp=D8~w0BJ?5dS6NCOMp8Q{UbtI}C&wRK=R{zs;+3nI}40 zW-GiC3WqcY=I1;aGGzrG1xLVDaoKPe_nG{L}$d}^ZsMr{Y~K#|27j%(O6(Hz5& z;9v6sMAVuqc*%K|sQsX#eSgJ*zd5Ho9<lZ|sV4d~?)jU@NlYeiZs^X<4%+p?x zg7%wQF`&1eMj}0`KVJVtuQgbVmoa&W%3i~)1@0%#AZQ%`uS9LnIXx0VGMw)8ohTJ{ ze*cD0O6kD}uM*1PaUJsnjmGbW$}Zhk!>2nS93pB90^~C$O!bSgSwxu!&q3FVpjq<` zC&GuC`@ddXjV!AtY=8gB1=oXpNlPit8=p-4J?awO0Yg?cW{SrjAoh4fu%@?m-v`0|+CZ{$@!$ zAXm(uQQO;WZm8U%z~C@VA+=Yv5i;0uZME34srn$K+!5ZE$A3Uw^g2BqyMjwW^Caq+ zkM&c%zcIA23i>HnKJN+MRdurFwVsvG!N+-z3xzK8y_WTU>_j@#PW2xuJ7+*JVWSV=n>n{AL~*Y+mClC_eq&9c8A`3q)P$v6Kx7mAMI26cXUb%AslV0{C;ZsG-_V&S90f{RUtwDO2cnIe@VA720p}P3GB}f=2`GQ9SWA=JHWI$;SE%L^ z%4IPC_^v(KF1zwLq&A+aBpat(9Eu~chN31UWv%?{(_c40kt5B_dhLq@G=T0#_ty{b z_4VxgcR@JM{45UU*SB-6Vn2Z^#4HE`KMAwBVm47A8zOz$v2Ao8=6G|}46qKGwll>ctu6L(Dt(Hr-j{YC2v*zS z@&{sjiN49Z%_XKV7G2456m#i+@y6wFHxu}o*5_7UmH(fWpD}UO3>NrO^E&^9k1~J3 z4s5>67886fwb8x`BN`CR$l2dEboCOTZe)ag{U7>S7*0&o@qq^C`wE=vnv@B$NCcI9yc9}H{($NYs6iHcMOzYhSF)Ph zO*yn*?Y1(#-_z`-2J1o&4L9aP4WACZ4@!r8a4dgZ4)BFpkB#hwnMRw&evjo+1R+){ z4(0v?>#`@KL_z9ZZ@@Q>ysg-(%h#5$s@5gIjxl_Re_VJ2bA#9KQ2m!*zjM6vbzU`c zA|!1rn{!8lIz~(ydj18tzN%|-r?NPpe`bk6%Lo4knyS{}awTgkn5WM%FzO7k)m(EHH%T;);?$3lWL|7%f6xB>OU+j^ zHUDX*{2)u`2O2A1XW4u^GaTqLt7q?L{~lN^9k1nx*=y9GN!5sb6NiI54rs0d!1au(P~oX9g*gtvb<%m{Bbc*!S7+7gN;raTzxiT{g*Nf_-r z0WEtgpcFvly$j`Di1)4J2oky4OK@2!p_jXJAa#6-F^)B$rCJN}d%NATtjl~XA@5|l z&Rcibk^13EHolO0SlpIC@8T%ex={fL#_9z6ufv4BQD(YHs2=~|Zho&4M2r)z(- zr3B7}Oh$3tS~g>rdEHqqw_KtNxguF%*K}hsAy;p!lS@T3{>0a4tJ?+cDQY4qSpL)O z6d1`);34ZaGnsa~CeS+hTW8?iV4Goc>>1c?0GN20mSS8a?c3yfy ziXdn6j3lT&hzhhHq-Ijn7SsyVOp!)^A50^+o;C-ST=$LY69L=fy@OAK2`PQ*o zo_IY>w>l1d9feLB7kNbML#0whC%%nRmeo^Ar3AXEQk>wqA%ywPGmg+%bY%sN=j!F^-l1j{=-p}Qci|S|U86GBTVnJyJZ7IJ_EABxkxHJ1X#$+jL1;Wr@VZyJFqik?} z4d^37*hQg>*Z3s+skeW;JNdui26A1tG9BJWBe|_r3m3DRjbA_KDi(Qj!E5c_p$1Rs zg~_b*m2G}+>T=sjPeu5NZH}R3&Re-P5D13~FDs0?zCwbuvjaM7PIY%e82UaDNogb# zttpOzvKTEt|EwGZDBAB^HCCDtQF^v`|@gP`TQ=UA=ogg3k>caCA~H@cit)6r2k`f1%sd zpc09%(@j#c=4U$+E*4|_#XzOQt0E1&mlE}dO~tinQ+^su)Q;~(JhypWm#qcLJ3PRh zT;BfQe2eg}d18Ora)_%DQXg1Q2#3K~n+uM8|HCUoYf+337RG(;F!HU$Sobc$f_fmK zjXsaqq?_qW7^KycW*LGIGiL!T6H8{z5zFZ`v#*oPCE0=zOSwe80AK-aa_O(}cr}U> zVvq%oX4c6|&NZ+Y9|XfR!q?#+UM)5H&!--5uzKp%71V!i^Y$q7Q5dCOv+FGtV)K@h z!`MSwav=Uk#KdNVJ3yG_WP(hF2TisWRTvjvAn=nB%&a`wNdE+rCC4f}p37%5S)$zZ z*f+M}T`xA5zKLz)5@uJ{wxHY)e+xGFHv3WtJHk;xSD~TSc3;l*-l?Mo(d9*y-lBI|{ig z6x&9n4&7Wgokgd!pVR*HoWIVq*IIvk@9+2i-tS%S_ZjK!@-e4z&`^khB0_VD1;qhy z@nqQm6bmxhnP_C>fjk>h(>@58X?ADZnzNG z=wh-!vIA&*2!q)m0(gSLaEOmeP$Yy!K^zMrg#vJ3 zwh#z~xG+MrTyVrh!cf5OQ<)=*_}q$uut?k#uyN6*34ojApa@S4aG)@vr5B3t2H{@* z7q-3>XNY(_e=m@~Adlztr!L5cdE$TdQGSF-2w{LH%7HNCOKJf0$(kp`fkpf;yG$X- zgV{8M%Yy*&rxF~=fTJPKE?CG82f{#JB(zwE5YCq-@Zc6LSo-et@}_Oyw0NS6tz96D z2z|v7{}x@~E@H|b7|#ZSqk&*D9xeqZ;_v6x-Y>Rte?{0R2S&Jnm5nU`Vi+hUl5r_3 z8yg^&0>B6diUy!)+^?ktf(r2w0FNXN2tzUA!f{gV0ZSBt7K)45h74E=521fx3Xa1u z=o915f9dRuM#q|4Qz?MC6+TO`CQ|`>TbsE5WcnenKm;-AxICF`w|Vnol`Xe=r1Bak!h)sOliL$pGJ@9>bQenJn-lHN#Q-U*Bp5|3{x9!%~((ZHuFTY{C z!1QTp;EXJLrRuQaubm$N$pS^*E24m<)GEN9f1S!GqA-kg!` z-lw_K*FWy~XjC!mspOV-`0A?up1i?^%r_)Mc}JJ8_m@*V0(uE~q5Dx?naIyOm)1N2 zHa2*NYxpBECn+WOY=I<9>`CfjA=^?aXMEL&MH9XgquW9RXVb?%X$_1O0U=Lxr~mb*ni$5WSStq3_= zlKt?ZU7fc+zx22%bHd)m(Ei}~w%0XYZUJH6$;j`zcrA?1K;5$5c4v>YH#X5tGj{14?OweG}idL%w{nN$Hcc1J;{R2E!)RGIZBMCY~ zE^2ednw6&$>Sf9oiBp8kxW3Ct>MCu;x9${j7561-Lnq=DD{8y>ghUEDTpd$2^t^iH zgdJhjQ7xfvKK&n@rCkS%VuSaHZ-l(RU)PYFLn%!hlRtR664XknydAFaty3A*xk%qX z<;B&hUcJ-XGs*wuL;OqN|3ZMxgFsA(@}$8 zR8LM(K})yYK>|nt0X37M2`HCNLjoCp6sc=4NE1VHfdEM$gc^#1h}aMTL8L1vN+0S_ zl#YrpN)5d^C?G`;MA}9icb;{A?*7_m@BQd5CuS& z?(WB+I5{%`MO~$DBrJfVf(#0YNCQlWOlOeF(I64s06d*U0hxZP0M5+~IP-0XCvXPz z1R35SSrvjr0%Qt_2{?dG6dDBn&66R`kq%(Lm&so4KU&@(!;@nQP~5Vq1aM4}=`=S# zfDAf9;HGrWG?3%vzhUcVaRV=ZH#buv^_%=wQh)0csT4QAKN)nYyB8B=048)Y$e{g9 zwFJMLGXcpIFY3=-LnhIULc-CU+(1ADiB?6Rzt<_A1{7bAY))a4oB>Conce3XN&u=MDmhzt~$C`4{Gd#Gv>BHV9RJ1Omw+a^4>+ zyPt;X(@1nOh2{jHFzNu2!65oU5F9BK1_Q8=0EI>deF4yy;~1_=qcb^M08TQ2fFqp& z`F5^Y1OPYqR{D;R0Q}^?5E7{Yzk@BzEvfEc`+Cujk)z}al-q79Vwi=LC_Z@LD*e%($UKg7hE! z{$#t7r_8-ams_gCitZg%ofB};GtO)NY- ztVg6tP)sQ;0nax}nzB95-JH@`3#BGSOtANkyO$oC?UnyLt#R8k_$G>q zW(D=@M!gu);|?o-TZ1JD#djz~Hu&D@ZwU6|(M#rwGOJE@ItHtS9or#Sj9YROnV9kE z><-`;8Oc5?ESu%slKqqtJ@ZDJUJ<+?l%0ILoL_lyI^f{32XK*$8Xfu)t|)yKZt6_3 zjqVGz#1ew@E_=LsZtmOPF)pN#zW6TBpcdU`r7ZJ)Az3_$W9Wc}B-HX83 zO_&05HclaufYs-|VwX1YykRwfUfN!NVhWAiWo@;(v?Mc4rOxbHoPu@>`Y2zA7+!7^ z<&It|KN({*in3aoA|tdMJn?&ug4@@wUD)Ql*I&bbx#U$*GB1!Br4V_Z#aAQ_^W|Bq zzMoR?1={nHe;};AwoQ}T@04jE>5ZxBDnAu%*56RtGqwy&OFnMQZ&DfE5$xl~?%k0T zc(aaHF5QjOO|tWTdq!K^PR5(hAMZeG6e!*~4C~O-+qkmrxV~DId-BfFPy>}d*{ny# zgTwNFZA`Tdm`QPw%DoJOtj1q*oOf9Xmw2x|9+VWg44-$c8L@%#X{Y*DDOB!0yo}3X zwQcO(+=#S6pOeo1#Vi6Fo2_=kGS$}9j_`1x-dP%#jwgj=$nIAcE#g-<)5$Aslf@; zAoA@)_37R)oy(H_%y(#bu`zF`deuI5pyKLjFrYQ2UF5TrA&M3~_2EP#=?X)BljWa( z(kCHHerBz9dsb=E1?E;L9#cc|#vhQDD|y>D9#sA^Nv42oHc^b|YK-&1BBS>`>vK8d z>OaXhb;0y%{^mIwf^_@LWZnCU*eV(DZlztvxV5HVi+xbXuS)YH@kgxIrDv>4#cW#* zt;eQmAL_sMK7!ZQXW4H5SXNS24z-t%x%~Nm!*x4a zQg>P;8g(ujQoAdak^XiGQLPcQ0Ax)cH8988F+O8)GL`?p(kp$rUhi8D&my7OHH(V% zwJWCy#J0I%1nEGo>#zP$)sPkWJJHM14a;aP$P*Wx zr>+KjnU0}s4MO@_qwxXjg>l)2_J*(H+1qZJ3#Kb1lD?AdG(Fqg+ocJ6=>3i1q&07K zisezg5XMD?+#MR>etrp)mw~2T1U^>Ennr=piwjH?Yy=Cwc97c#M;=XoWn&`E<1IK> z)@bOC;(oC+X?bsT^cB7|OU3F&#@ifxYHz5pDd3t?bQV51R`WTG&ITPlKJFVgGTt{o zNKno=e}1*chJs_@+`3~w9)xN7o?LwC-weq$&!;$BsJ0+h_c!;Fu+^vr!L(1vJVIfB z$n(W`l;yQ<$MFngp*4no50ccgRuRWDiyw^iAGhCCRQ8g4KBe-m$-~20VVtQ+U(|-OjhS@;oC(PCwgY-3dDh8`H{(UUZjs zT0j!Dxx}6UrFO2bIXr5&RyxB}zpE_TU)aK7b#z*X*MOW1(Sq0Sc$wClA$jWkF%qF%S6fph<6Vi|6Nl<0AiB8) znJat6Ef`WG?|x^0ZX=B#lM)WbGX$M0dkVRCrd=LKONr_4R1mQ8>Fy*8!=A1|3L5Bun<0X>&sNN zy1Ar}F^hAfd@K#G!90=Z%92H;D8|z>A2BCW;<@+aeyvffNatbk=49#)l-HkEHU*9g z$lfpaXl)sgh0AQLrk}%BZ$_0lBCWK7_VPrSTD3&sCDti%wZXb{?VHVo;TMf8>qT2i zQtaE4@`vDmER_?#N*L-7l3-OnUn67__Vh;J!G~Nf4~+Pys+RR};VUb-cc2~g2H$J% zPd%EO%glc;YgfYaY4ka+0o{E@Ii~Jq%Iu3%PZO6}U-IWvb?;ihE@|^@lXp)nNEp(W zGRk}Jun&6U(vz^z8y3Ttn8VRm`MsxeZA}AZK51PdIErk;-W6=fLHvgg zsqF}nv~oMq#n4>N38|!vios@3J5-X=lgwr&-Xdc@3&@^k00KdgYJUeP=Oc^ z5g-SULZiDwBoHEyNG`yde>D^#%n~E0z?CJ29YDz5o(#IdyHpF+=U`*&0NDa-KnfZz z6(S*_V$gzun5dg$FPwoOP3fg@rb0p!PS`n~Nq%s9s%-h6)e=3t4RKSyh9GD9b zy-?LOSmot^Ve4~oHwlmD#p2J&&nNY_K8ug=q#qe5KU^Y)g&+;(z(T?2)a~#Gb2ONP zNcf+3-Nh^(!gdyf@L&)RSrbUsAL@w64T*v|K8Tnd3UXOI5j!b?o6XqhSjA1wmW&^TLlftV&@mutoJscFQR(rmt zTAP0^@wv?Oe`$D$)$4BaiN1&mY=P$s$nK)S$Wctr@13)X{b2{1`ehoYIp)t&0p|HK z&lK2ysP9;VQoaSvL}iz1R|K7zSoTh4Q2nSitVc85{=4%u^^WvSGmA;MDDLAX0Qxb^ zRJJ3-e(U>dMbEWY5$Ym3ebT$UH0`po_WZWgcz5e=f9x{5A6Ch2DT^}X{dKwYqDTU> zKK4QT)qCT_qLWuJnUx-foeSlU4?)a|v$G8=)zydEhDht09F#w3v~#nE>b3T8ni+*; zWxI8(`1|$?4V%AiFbxhdu!`0Hsp}nS>dnqK`V+;C%Ybc*QeQ2kr??PH85J)oW#=$% zwA0ade_HLTzf>O5&>=AH$JoVYZmTA2da{BcD;UjiUy@9@8N5P1bRhedUP7Gy>Q-;N z-+r7*!;1&yTjGV$RT^hK9NM~#%zi~!`+@EWy4jdzeK4(wHZ{|7_!75dnrnVQRsrDCIe+z6ZELULEYy^R4Ww~9z9cxS9xTia^ z)}HVkryG@VdtVFzvLuCZrK+X^yUa}RSEZ2Z@IlsabZy^ zVWI3`c8xmry2u>wh8bN;p7u5*rm3f_e~)!qoIuHMX)cnF1za#lcvI(kDJF0>VS{*P z)ExVb?t<#flLIr6vwtL6y_}#B4joUj~1BWbhQ@U!BrZEncr~-9q2^o@q4yf*(3aU7czvDAQVmz-z=`cUm-qAqksp`dsP?vQOn5S&`%6CQ_Hz4TbBwO@;S@`= z-T?pgMw<$?+tWGku74jhs&0Z(e^V!JvnpSe>&6)kWHZUd7)%CmzAaM6b&`KA3~|>Kn+s z+mjqSGvwCN>+UK)|L~ODf83&@<9Yc*ea|}E3#KwS_h!;p>Sk)CZ3Q_g{Q-(LJ^65# z#o@$^64Ao00k)fG#aI=!Wq}L6=3eaZllRYuo!9B$a{L3Vo`36+Su;MY=5`eKti{9H zJ4+EO{U$YS+q&W}@|D_v2~KTSBZ+3JNIP2NcQZ>n_cGO@U?%%OC7EYcFglr;1GJug zMfxuv;2(ki3jsC{W(mb8pCt?f{sf0J4c3?0SOSC#Q%Fr(MNKP1O;kyjF_HrlmwQ

u{OwOP#6y1| z4CQj1Aq=qrBx`F+;J^<9L^2>!ZO9}Wl0*cYxKRQg8WxTLLnos(kri-=M0h9@;s82? zg(Hy?4<^J0eq1JsU;+YgV6%bm+Kw3Di^L$jSOg~ENF)HGObmn~VJHV@wua=+VR3=g zMj7Tuy>G=Lych`-FkHtp0uo4=%VB>D0F1D3W?o#$X^4d7zk#*coW^Ify`ac7`?a9{ z)P^Eaw%}g^Ze$c6LwJDBg%KWSv-BXc!A3`5lpndd>yANel0IA0~W-NLDuUC2i{B~iEo|5jOIcM@^LfXc-ZwG1422NzaR<$#6N$;>ub^< zYe_^rG!A@1BoK)tiBK}$&q6kx<-%cdVU!aF$P`Ne@pzB`N0eBRDHL#m1W*o)!~rBu z0&GU$a52diAPFV`u(&+j+N+YtL|_)TR>S@I4vvo8xD)19z?4jpc$!;S11kzK;oo%u z95kAbxH|(1k!od5-MAE!&*Og~9BlpHk;Lf+adRfTVBW6jTuWY$Ud4beVw`#8Ch)L1jrJh$KBU~kROiN~})-`}f& zf8*KbFC$JDC(euv&9!!tTJVAKehpaHYwKMZc~aKfGIl4GcuWM-1K3mEisd`5( z812gZEL&d)jj8L6Bri~ZD)Nl^=+kyR_rb+*?&O48 zcDH4@dN-)OnJ&;QqH84#_|-)lNBfs96m%d@6b;aHP+HcgJ~nt=uY4(W;!@g>^op+A zOM+YQ3asAR?dylZQ|X>xl$a`=8f~&2`y0#EQ@@cTY?mTSiIsnRJR0a~KSar?i;o$c zn%o*X(bsV91K$X8fJdE8Q*DaJ_1!`$zB`4gaC7xO4beUja(p%)nIOTy!ccEc#QQEO zX0Gjq=%sDr%G5CE_$H0*Z4xHRADBFw?-rKQN$+AXd`eAI+!z46#aHaR?2mRi^`5!lCG#6{wOcclz>I5y#QQC7BVk>s} zYS3q)lFEN5N{-(!8QKwN47>y`KK}5J-PuJ=+ON72TReOWYT8yxpVS-GXop3=R1G0$Kw&h85HQ|Ifl+pTA2 zPgP9cdj#+43VSYf|M}IYZ)IIevh6L3JwqO^IZ3_1^UkNkwV+X-DH#g#p15$AN!u2v z%G1b5nvXHqPbhIQaZM%3G)NOLYlQ#szt$@!#r|K9O*R4J1tmum2+e$^R`fdlrE5qn zJZ54d?1@1K+VG=a$g?Qf>QI^m!a3ie?1clz;QBbNUK*AwlNU=`}HStw^MP)Z@)VgeDS$Etw0m7X=o4&o5>Ivqtnqsa6iOoQSmr zP!O9)a=@Jg@PB~F8*0b@WATaf^*D)1Cm8YaElxRy+{xf4wj&stL+SSr(PG)8YES`# zt}Vog#?wL3NxJ3wlG-gC4{cUQzevlG-0n58o{vuuu);w|00EwJ@$;hCT11buY z>uE)~Zd4@##2x$cJ zzrW?|^&!#8lBA$sFvODIPC*x0Lm_<==UH?>lA=+IRoK>8R7p_EVU^SDPUP7D6yjN? zq(Vo8MA;yeFL=~978E(AX z0>$Gf+0dX9%S>*&-4bRifw~1)b1;-sl95Yx6-}WXA71%%q*}d>*0WjJ{%VOF3IB^` zfuz|kcg{fkl*HfEX$W=~iVs4-UMW&obyVz*rcgV<#5{lg93)6^~QPPASUnZIkd+mRV2XP6%i zX=h+oSDU3x?Ug1aAT+o@d*TJ}!rcj&UMejPloW9ykakxdKJ2U{@}vK!4K z?L`~rOpWJLeT#lJRc-&GGzM3d-nq@c6FPs<{L_Q6zoNtY(H07q&Cb; zfE9zY!mDpgzl`|5`So~Os;eZmm!&pqc^*Y9YEpBK4C6_7yb)Le@5Xy7XEHBWQ3KFz zUYJIFVH|phW#1155!ZU-Ea-pve4oMj`1840(tliPbDe(HWjAa`wvfUu=*x7ukKR^T zBZ2;_@{xIYv`R@ZwfW-x+=u3@)6P}}KyJHIRUfB!BT;XAe*d%G)^=P&TSkPOz0Ho- zKlgc%eaO5~qk01iEH3%nI~R70a-(>CkahGHGL(`u(B3J%&Efi@PE~AnbkxQAiz(Lc z7q_+iB58k~-8j50MKiOXheU57Z$BRoR#_r&+B-0R^X_h5F)}5V_El}MSBbT5Saz;T z0kb;3S>|g|xBEtbon<`W)BRYokCoYzio&Aq@T;0fj;YlbD5m;WPhE9`cA^NFDK4jp z+0h{9>g6$7b-7yt9tJYTM=@Ub$}TxcjHk4ZKSu?!Q*8+^TgUC)c!9VB?v6F8+V%JG zYbod-DVXeScYU2Q3h-Y$qn`%bf+PVI#L_l2?9vtuUm$ugYw-WAikTVN!Tm!H#@2Am zENsMSNY-GsPzq|=n&OIS0oGvF|ASkvt-%IBlk#C{($;Lj@BxTH3Su<|(i#%hz(7+l zqaavn)dF1%MViHM%wHHN5Kf>e-=o$c0#6IWca2d_(aNuhv7;b|E(1E==sw!tZ1Qqm zSg*WhJT_U6K4ixP^0c^r?4qR8i!;+^vQL4Y-#R1aD}hdBN>ik#pC|V5A)pp9@FBQ^ zu=)7#IHtjYZU9)bR!FWL;DfP-VD1rQ2WaGM2;j+j=J4cLj%fX8KW9V&v610}#oD0q zs37tpUSOifYXXxLVSKUWMZpcY@KT5R;@Jbm!BGZAggl83nEbJlqB7Ra)ZMQ<#r4z?Op@e&K7Q1>X-A+0uh+aM z`&kp4(b<6Y~-Rf ziX=?u10HVgIx`3XJmunq&ZlVWkl0_Hi@@7UoFMN7j)WRxHeP*S6A*4aP`gfy*5&|gEH98=9F>ebIqd|ic_agtqyON+AgSA#X5$~LoQu20KM zp5-SqJwrwOU;3^B8@r825`9y1g4L}iCfY6ox9W)e{!iB~534MkrTq<${_Q@n#sKU~ zD8XoCROCdnjkM`njDUlu)FUfJPIVzcl=DRqWC5ZY|MH$~%;vRzk3Cz5*yDY)rjb~o z?TynZLeYWCA8YcF`>qb$^iw4v8D#4_nM}UFM3R+&;)`E?yZt~ip2KQsCd(tHt4B@C z59?AHY0bi!nFE29mCFra{r#!26o|h6o5Wj5-SPYKds(DzAfDJ&Y0g^)dgKPud+QWv z4x_c&U4+eUbKT>2W3p$?6?ccb@sJZEdoOPT+*dJy7j?=;5-`_k0kuy1HK5aJ{!>!=7$~3g&U9K<#7kcHlI8bu4U6dWCv%A0cHh_6UbOXu5 zRWV1t)TB)A<+h-FU*{&Tua$q!7~>5FGgAIsug_9^yx;L)ag6G9goJwnGagquxoD+! z>kEE^PT4xS+un!QCAY^C(#t(^K|y#)Qxi#?o-E)!s+rbXdUsR76XRJ;U=6avuE_$+ znlo&5J`)%r{h{B?DOoPV>;cU+8}xI{Z-PUfnold1l-eo3Sc=yBoI5LoP9E|LYK9#j z50LeO8JL&a5A*u2A$GE|=l3H!G+M=b1@JNSGyfn&xMv2ao0FBi;+`91)O~t(D9-(H zV0w|nRMhAMh!tv1w?CrvcM$hl7d%w8YbH1vm#*+0u^T4o@190kCIRBz7MOC1;H777 zKl}nx&C#m`(*E+MO3Y5yLb`v;!WKc?TFNPBem4+6kF^S-`@l-f)g$lRC7PmE~1GdFFT4la095#1K31 zrf9T%wBICNoQ)02Jfw58+w@Y>OE?`HscPvxTbKyE!!vw&(p`sFTJOP5HaR*wzrucuV`HBC=e0Q#3oS>lGX$7WW)Ih45 zrfz>rz7rbEWhRucqsPCiEKnTJW}RLVrXQ>y7U@S&C)B?pEK`P2GnM%hd0 zTgg}RAN>c7rP|lbOkuTPsmb}dZ`2nsp-c_TO*i1=$%|f~wv*M=i;HLsLaZ=jsB~6P zpts;F&(A9$#`b?e+|@zwIR&8sB0;KOFvL5@`v+i+ErB4G6vv-RL*OVbARPg8lYJl* ztl@~WpnnGkCJFO*EJ4A9yV608A0I&;0KOeKMd%JNz4gG9r5D+SLh=jis=?v%Ea7vE_Yqf}0Y0{Q1{@I(WUmtoVFx4@QOrWV=aumE0Tnc$^gry8zA{pR z(^rG(hWh?I3W1#U3KMHs#Z%2HV?s34gKB21c7lE3LI=@*sepCZeyJMHDa|cmCRscm z*?+Q@SVMt{uytpDZrlSz&0nT1f(Ux}*zr_-0Vx?NDTvxIAD_#NMPE45aJD;^uwWtv z&uLJH-K@T@DSV15uFdT4?HDMj$V1v!#}(ffAK z4`D#HGuOUs%JNSDbFKnhcnN6eCP7qtkSKK5r*HIMKRrR{Y99gfS`L7;3k1s{KWZ-z zgeYJb72%!Jr2$Nnm=L(twN-3!0{v9$M>1@1c6E6{-wuEhx&+jOHgpT%?;S!jLBF#2 zu~iWeUTrk(kIBq|+jU(KtOh}dn$%~JSsKYtlJefg-Uw)G#*eUkV`l({=jS_75D(2K z$uW%d7p1->Hn1cJkyH0d6!f_G?}^+@0OqgQ(bmxDr^VHIpgKSa&2LTzw8S9u5ZwK{ zF?P5&A_mji_yt>-6Z{$b(}e0%xIFX00LHE91-?KA?iIcO%^e_F9Qb7XY0dTigQFbk z`TwKO5JkkYUKF0%2?H2{ZP>TMq(fFj~kFG}Uk4RnFV_oyQSn5FA~FTvaV z8v643J3LIl@0ZTi1}b|#i~WtqOC1CmyJ`zyTm%cw-Ux6`oMr9%{d@4K4%}hqa2E_h z^RDDtDkc~l1F#AvwY%p|3Xw^Un6g^hv1PZ{8F2 zLU;Z-r_1U05CyMp=ImC^rNmfAwO9Rgob|n?_>l0H1yZ&w&_~Wfo0>DO*0r)*-BWYP z2MNw?vTl0#Uw#fPVS2<346O;tXUk3?ViZ#PcV%p-YO-}fPaU7@=gU&byer*W+2~@ zV2J-5y~H1_NO+W5SP9Fu!o)s?NO2d6aWCN-9wC>cc+;YWUKEY&q`}361bWj~g0tKD zVM*3idQO`3s0ju$g!-X`A*81O;A2Qt`N%32cub9Z-a8}i<^--Kb$~DA(Tuq9Wf)Jb zUW+KYsBBmIFfgbaQb5dREAzZ-bJ~p<#4ZWZ?+G`mS#+2k-u;<7MDlA-JN1mFk&_zm zpj1LPMHDPuq*jD!>GZxoVm%wuMT>?2Z8u<4koVuMpjZ|5R1lLN!X-!sP`TGZSxfwy z5k?I#FDKd*SV7|B!uJH$jBl~VtrwFRp6*C5JJT6k*Q?v?PLVq5bbW4dvM=|>-tdIN zkKSjrB^+y)`$;@^U=ash-Saq7N9)z{TtjDf5I?XX4R_SC!>a1X5=1)f@RSw76?N09^ z$wpJd5}Ll#roE=JX9{~L?4dFE_z_Jo-7P!J4Adi*Heb~GRzVU#6iB9A;aNBuRY}xk zK5pqp`lnjZ2vz)~E~Q>qK68KRi8FYrg`2ZO?BHL9e|s zq8;;To{cq{b{NmkV}uswcekKOs@xd($=kk8fOmSNzpj2)K}9$MefrP z;;PkKw921YNfaKD)a~lc;DO#S+Ro2QgrJu`DQGcAq#r3#6A^8@BPU6Xze-`r?c!%u zyczUR%?kB?pmmvS`kdZ!kZW}Rk z5LCc?#p1#SkjF+er0KMLM|6NVrM)hx0luSo`93+QGb3ZW78g!Ohz=5V9+$T<#Uoka zW&0aaUYRaP=L|w6d8=3Ms(l6RHDyzoF?4;Vmg|f9uwJuC6(cX-xjtrPF3MdRk*-^f z`%MLl@y|78D2t))d2|7oh+f${RZmTE!WhD{;)GYg&GyCnVciMFS%imrv5P8YzGOoL zR!U#+xIEO1XDwkYBXn5LVALNotE-%KVO}Mpn59{DCejVB(=HX^LVK!B%&wbwEe2}C z$qY0A@q>&f4QFFdFBLhO`Qh(reM~!fSKqbsu5r5FC#H%!iL)_j%yHA0hE2o9M!w?i zOZ_6yI~R9)XEyQaQRzNq{kRse6_ zwBm(}f{ZmxXpd2?ffV#Mc9xc&;>B~_xmPltf+Q2WLgT!KcB0z!TaxOLtT>_kqkIRs zE7Zoi7Hy;MdkNSJ4;wyzt6_a$tG3y+eyniSIZV+Ht zTA>o-%9AbleS>qu&S;)J$ArM<;rB>%akna{-{cAsL7fA0Eel;R;p5wzd6R`3OKgbu z!gfK3N;Iz)p-RhekhQzeFjUmfGAcM^GS7QxU4 z;kJ@VpQKy_5^kw%#k+vh)9rMj z<-NsI8$~td05_Ce1LjA(q`IAn*W}!=PH-QxJSGzI@1N8WJz)}&tq%Lp`!aSvzhOnK z-HYyFa!ffD2Ni}G3^)cjr>tD^$&$OGnHBM<3!7w&kwP3|VwzAN-l;utR3G=ecyTOJMe}~Bv+3NBp&BSC z&rZ)vg4^@#5j4dt&?h2V*j(_oK+LAGa%{HSgIhfPPLjoE1&cF!y$V|SPI~9*jISg2 zHtKV>d{HMsd6B!YrmO(`SsGJ49#&yMRJ7p{=e97NU{mJpd4ZG@r%TOSyG+BwwJw+` z@adrCLF?qi5kZ=W74)2gOgYuqZAE*v1~~0t0SIP}{n{ zGNKg!I0t6%dB_P`W!c*r7lB_O7}OG%UZNkLCJ<*9_G3?&K->dJ0*9tu6qh#7lU_Yo zj}v-E!x8mOp}SPEWKzalML2W&qyK1Rc^gPtapcuhN@Qw3WZ;Y;K7(rHfoX)>yPMto zd#;)HWKlm{pvlT_AZMm$a?$N|0hv?cxqw-bZ2hGL%)MB26t+pJw=45n!hf2t1Am)b zU>ok+KtEb$Y?dtWy8=(6g2xwcMLNU_UZEW?JP+TqZ`kR??-A9el9+RVQz}~!nb%qx zlaIT)aa?@@kxKOaP)F$*w#}XCexL3@ilXtfo9S!8`ammTo48_3th$AEz4q1gBd+D- zFj&@MR3l*_%<{8ZZ~2drbp$EN&{#%rAm#g2YZOz-_E8J41h_rn`qe9YQI=A?pW+l{ z@du+KDO^K=cfaMkZx^lW)f)zX;#w4JE|j6z%oLzQvDzhtw{q+J(0iQgcf4sNfWv!d zo%b-2Tz@JF1jCmrd{Wh|Pl+tYc4Q7q3V~im$AU1qCa~X7xc#M^K

ATp~8|dH$L| znzq*et)?ANdz}j&o#tr2tH+y`@lfnS5yJ|sGF#a0i5!aOuB1PZZbJ%+N>*HFctEaK zxY|wmq569yS?LF6Z;95&3W@o^!K#CWeAh-!G2KA))!1)Vi!x^fm>KRJL~{3qe)2ne zojtCp$z$zUXRmWy_9wJv_Mz%!w+^({Pu1UZFua<8*rkQ(W5+8tq3dYzvYHZM$Rn9* z3<-=l2IAx3!Eqb$wfH(9v%zuQC0HR`olGRpSA07`2PBT3deZSK~}y4ii_Ia9Ap$8!pwsUXqE<8Y5<)vF*0Wkf3w6c|H&o zdk-#wm4`7S#G;V{2BT=p@A}v$gNmQ2w~K|CK3L)}0e8RGPLo=!``Zu;=gaLv<*NF9 zL~ymXOj!8qG=?c}vHJAXR$I!GqSGV1n$8pG?7}KzKP3xG#IW0cOV9L_U*Y*Af%fR) zI8!4;aPTAQ)4r{?Mv)t7>giQ@jY-cR>crFlBzXy0#b;I)9<8nq@k)c^QLsbI^m|-b zV+yEHI+dk)lEH$Otst_*bv*8(~0PPH1p;>7-c4A?$}#MU@NFy9DKzk-+nW!O2>E*zz;zR z#>0sJlj+;iN;N26n*y7{U|nmf`pMcp!zvOLh}6Au8@$XnE=*??hQ(bTx^Vq72Yfb( zKTst_d3|U9#^*TRR9Q;usOmUHpr_3N*EDfA-7&)Su|kcne#aEvFX~U(QFK;_H_;$& z`G=dYOJ|x_jHnQQ$b1}xi4%jdaVX$2w`di{vRc#~|1n`V9)L+;W@lqeLLD>HqH&m3 zDzT1CoEJFZUe4TgG^^R&_Z8jz*8J|u$&WNU}7hg2;a3|t=VA2ermj4dK z`Dj0pT(A5739qiOFNC_l|`uNPtIr;^|2mN$y*SzD4=>y9B!X=trIE}rbe9kty@$!cGAHQ=15s*%R zA%N6?6+Js{C8X)PKm6fDt6LqZ|xB+ zh0R&I9nDCiLKwk;eXrN>Ji4!yR=nd$fQfL%EET}@(U?GywN_rJirM#IO-3c!5t7t( z!qhZVGq%h3X-g!W55Aj#pF~-8Hb`lR%jTP4c-w~H7D+G|-q=J!gdqyl#j^=X#y;Q- zRcx9+79PC(40`P4Eza>g=Lt;5U%VGb}f1jC;qf+vJk#d-;N09ZLW-MWCrlhm^E4JsPMtn@^MKJkcZ~KGt;6y2mpey+T zv)SDG^SXAhD*9wDbyzYwxUytWF1ZdXFFTRnQ+&;S&=G3Z&SDwRxS4Mi5ILt5Uy4aN z#oZ!NG}Xqf!`kM*iCUnq;v9P@m~qwMc+y#P#BA z*#=ZEl{6k5O$O%D@Vzk~w7rKQq(5&j_cUAn>sYE&$apVtvv$F}*vQkH2aDwb6wQ$( z+#qQvgTHse?;V;n)Oa>Q%@u+4NZ+gjf`1=Q2l7i+Hb;Q-CMy!RChS*Z7N}oLa9x>D zJpFtxqxzxY?efR|()&hAIYHcuuq{IdqQgzkjiuJu!=L_x<@g5=Z|yL~;b}FS)D`n~ z^r53%euN&#kc5{yca-aMeGgj{7A&6d=w0^*4PKXnbX4>C{t1E#ND4L%ElHk-W4YYv zJ<#-LGCDvYB8*&_T*b)%?9z!!06ECRjMaFN)p`k`#=u}b*eN0{-CrWR&Tq!fX=J#V zHo zW6#GbTdKLVuvv}sN9g2LKMnf^vTc-Qi~HVTWr+2l z;eclkPu4=w*x0XNzfk!H8H{C@A#$Lg_bL1XOE$Tpha!>n?8Af~K_Ul63r6JZfc?Rf z>%Gk3C5kqCl*8fZKtv^&`XZuvS=y_sG5CrxXN54mIkt026{j^i$>ENBcs-_9d>f_u zJ4!e6(`+n~s{~G;| zKgz9TV?|)Fn)UQu)R!3b%rqs6b@+IR#10^mXW={GhT}ixc`>(C0nkG zFY`A23)NNVIJ*ZgrY~st~XfEMl?4(4Jo27a{%gi)x9@g3UiB@Z)Qy@(kE!&B5YlZyjVisIWGw{$KrXU_{^XcqyAC|+cM>_ zpBidJViv@V>+&^q#h)PnYZBZfWMd1*z2eAghv@B?Uq`Sbnh`V6x(mDJi}pn=97^da zAiz3KLrRRBw$zo z2TeFkk)#9XI@rz~MRwJ`9u2Zzt&N3gS4sx8;>f+2$J%_I$3s*FA`e)?lz?woJ$yWt z5@BX7(|!!jCeJ1ihCIM|2q3-D!Mm^>HFRE_SW{WBjJDc5XDLSn4Yve{RH18ph1Tc zzj5(fpD=^lRx+*nrt5n8%c$siMd;^<5~WUSX?V(^XBHU%!S{xNbOVdtHg&7ok+xSg zSNB>P_*3~2obwoyH(S~Q_W--qL8Hw|!j$_v*lWX<=_DLqxR??|iH|2^Ay0p#i(65_ z6ZH4&qfniz-ldt5UjFviTC8~9OprScUC_1S-+sQx-G4{&E*aQ#TM}QZfcD@C>F8Ak zVWO$o<8MBIop#>oTYdBor-=*=g#8e1s;U0L;((^6bz4ds^J(6F=Y3H`DH-=&*~#}f zmiyZ*FtoI{f;`g!ejHb{J1DrasgBGyn7hBO4Mc*r)3*Z==lRmn%+^wC1_vGvt*a-- zWVGcnx%9^hThpT6);lfH*l)Zcd?PDt+h`?PgEDHs(7~$)`&37iRiLo7s03A~pNtEE zw~@PtubnzkrQnvRUcCve2SRTD4OMcMvx7^Q%R9smAHiiEl~+T3*pIESFdB`|9ja6o zXT5&7CQ60yelXILE9L>OJcmhrC|d%`i@%H!PW14~X;duH5qn2y+sO+HF86vOleJ#G zMwy=gOT$*Y#~8#lT6J{lt*xs3mPmHaWCkuhcUv%2(1qBq#^Lhu0(dka``iB@bq-rFMCvY3LUv8`-{E{<3$< zp)k0ITDP^yt4P_`c0tT$(xgs#>G3&DcB~C(xlppc2btW4thnDDJQNjqMu(gx92e5) z{>oiB2ct)V$aM)eFsV);>JtBp)e#b!eAv6PE8RO5THFYZXOct=zQQ$Wg=0ceG;|=@ zktmxYbmjQMVj*`Rxa`0rr38Vly6n2>chUUo z7v7AyjcPcB4c=Bg3sRPbNa-9DmmeAsw9)8s$JpBttyy%O)VG5@s;1@WQehucam>Tp za^m!SQZW{%qxzB&E$}zMMJDv`zC1I<`%9>IDjoAxqiX7y^8mF);t;pZjk5W(_V+XE z@x5LD>>UV^o!JnKY3Jvci(d`pc0z&a^S&fLm=>(oDU5D}1o-N9g|0@REJba=lSp%6 z*p`M*u-ONZ=$RLi4i_25WDOf*!plkPUWAI;X;GNNmRqhJ`d( zfod?@@O8?)k*$eP^2gIyXdRp>nj6@ju`DIrhNM6;7yum`agN2vPd4i7?N#cE1`QoA|hhw?id}o(X9_VG!MN z&bo1Hah{#Vo06VHy*X-ynCBDocC4!mTMd;}^TihYSE$?32Y&Nv7s`rXKg374&cxog ziJp^CvSoKr{TpBBCqc4jEg29EQ9w$LpJ}wV9|a&9e#%qYsq*toX5^0pap%sQch~f- z3-(LQXVXH3*1E8~$j%TZ$vt+7+$X84^;VY-U4JAI!(TTojVIK1D(Uv;rzl3`>vtY+ zVgmGJG<23nZq=g4C;Ey=zD4JePG^iZp`{UjrX-iTMa~m2v>QBwaT4L(nnUcP=Uj*=Xyqs)=GZy)8YP#1d~0u!N@{ zuB7jbUKM+o%DU-*)QGhxY|!*eWB+5bxR~#y$UxQI9He}6g{rqrekMh_fyFZRcrwUBC&_)E)lcdV~Frs{|SZGxCBry1No8e_;ju#R6zIy>(} zYo!bCy4cGl7)3m_Zgt%JXq3TgK6$Vp%xm`*BN0fG!CWHEH_a>kDuW=U6eIIsM7UT> ze|W*YNxDV@_FZ*c@sxFj?qgMi>vVGrAXy>99NBrez3_!4)*>M?z4~M(0~%9j(qpEN zn8sG32_>@@HL)jsDlEb8#{~(|`$n$;u~wn2Hr4=%bqVoU zpo}-0GVb=yHx)sXDDuS|sYfyib9v9)vDMg{vn7i_Kki5@&v`AEAqSp< zljRuf<_nj+GeZ#+zJ{k?D4Y5u9=JJ!i68oX0BUm}=SF(A2ob0LebdQF=1n5#4@{k` z#wA+QMnC+KUWMWcjRF=Rz?c1x(3&_ge{k(U>{1aZY2;>R;}B*G^_qbhcj6|6DJmDhl@DpCQ~;4N@6%9t=5^s;JjxF1r0wiM zCm3wDLgf7bf5pmuz%U1c%Nt^^6%%C2Wj#w11UGp8ZRr|TUaTfDIL=VcXI=VxbsH-| ze^Ai4>->&KBIDNhnxAkZ(*)aaIaOh%PI;W;ouWW z)~~-@=KsmdB)h2JngHT}XrrCVDf~-tK%0$Fi%cpYxA*r{uHG!}t$^_cp5~3+YI@S* zX!n7s2kexn_}KxSiGU5^Z;kZBgpce34;h^D)3Ug}U`E5v?^4EGdoH>^1R3Z;w!6$O zM9JhEd1MpQY4P`?i6mJwK^pjg&_JFlI%cEJit)3IzIpO1V#e2`^HT0z*RP<12Dy~) zKE1AQPTp->HBiDEI-^|V_{$9hctg3G9lt$A!Rw0%8!{MDQKDI$Tx9fB322PyROvhB z)In!-s+aMXN@xc8*B1YIFV;|POTlY+_2$8aIQ?ay?qiH1{nqLzn+d#tGp>~jiVpq^ zBe$(|e-y($#J6DhDAre$5BRCvE%!Da!w;@xV>+%76wG-0zq*xi`f^MgN(K?G#Q!vS z794yjC$5tjB}UdjNP8AB@*>}JW{C>_asYecxu?+VFO2mYtsl|N&KEt`ZPLt|2!hoY zdSHLY&Uhd|q`yFfZvs+)?c+hd^;jpHe} z^1e?EM!biq0xQE&%By~(uQnJh&WV`-aOe4`)E5SjOE{x#Vj?*_Qw#}pa*fFDJJx?$ z6Hc~oHh6dF)8Q!)UjzEbQ8b67Vi~r^Z2cYr+1sy+O*Zeltw=5%t zslk(@k4_y|M%0vzx$~eWt+1?8N~UfYfIxlmn`f6Jsky&vICt4zpiOl8$txQ6aok{A z{*5MxtF%R)?Nn@de_j#jdj-&iOuJXA-{>F-YvuHm1MFzf=x6-K#~FUDl+j~smp*k3 zHC(nvfL=o7vA?6fB*gS^KM(L0-Xag_ z$P%ZNwI}aoVCC0S4@?N7hj&3CdIuxu$zt_PWJnTf!VssdGpHQyRD#T(|;a6 z++$exnAIW_IF1cYERilVB#~J3EN_ ztGE9P9g*%l(3}B90-6<@H~9lQG>*=va+#@7#YHV z%)lJ7RDfb|)Wi0Ashc8b&i$ZF5&a1wL7D|NZ$?N?inuaNtn`Be8&-49GT`hS5o;T+ zQOKNHQhZ?6GC-E10aTDF0Inaw{BGsPCqmyduiPQT7j;OGY$_c_y%d%+D{+*hxeyz` zAO!Vc1SOB4#i*FN--~*x;i7{Sb0}Io^LN7hKJ9yge2LSSlErK=w{1Ku7t0ti`m5S0 zsDIocOk%~i*E%&`js$TEtskIlC_;W^|AIxWxg;qSSIObF6^a}BxCwub^@hgB*f9hJ zV)t+0I@It!Wx7y+CBQXowDo_nSt4}PZ5d5r;6?L6zl%Z*f->o*E`z`_uQbvI*pe#+2nNGu`N@*0^aX$h zHtl~KDFgv`$JwJ2pI{1s{fq(w$9ZPun#}u&YS@=pk~0ht1UIvj@d+EWRK4Q-n-k*M zS;OF%C@Fn0xQ3OJe4CvX|3etU!oi$lBK3_D{pX5{4;B6m^0`6^KMYK0F!{=zJk&TJ zL%f04FD7pvd7Xp-Ebg;_O4G95Eni=emuuGCfBTn#eq*V%&I%`D{gEZ$aNuVHrQ6ke z>@b;`;oBv%I{K_|1u9-OeBbPb13|i5)^O!%xp>&Hs%6 zr_NLD=>VoEwCMYk(xi08Bd*W#XDk2d08%#N;`~kWyi}P|I2D@5DPE1tB*2~FU*j#U zP0F_N$6T|Wgd5S@m`0Xlx5Z$Id*deG!p&4noQ>siDTz#ORjJB?@=2@CA;$jXuA<7i zji@50#7Y##LE-P;d$FFEM>bFry~68yedoK&v}4K}IHf0=B7v8Ncpp;oO-DoZRBT(En?KP=6ie1az_3k%j$a% zG{@W?-|k-ZtJQbTQ?I7sz=Glw24^K6TDFv-iEkJnoXaoCx)qS)#hDzthA*Ywt}var z-gngt(~Q*?Qd;s7`nweCIp9Ei4%6}!U6_8c`lF4y0rWJipPwPEM!*mtug!G+h?ymXj<$?DP@_S z#hcq?FywjK9J~*wkg%5vofVp~??pldADbSXnRG~43Fl=Tm?h*;YrT>kZ!l-Kj@lk3 zx)%{MYe&e~sRB|*r+_GoM-e6rd%4GieDaUsZ(Duqfe=y->T?G;hTi&3w+OnLUSu-X zE!-B|v;~Q~R|#^KBsP9`&FW6E?aGg&o!UhU#o$|_Asu-><8};cOQeS&_%|`|;6g}!}DKmil3D9QxIaY+o*G!plnvh!PeJ=VZ5AbJxq?KKOyh~=E z++mRT+iw9QYyigYY8ycRPAytV`y!B7R49sVw>ZRPD;7V0)cocPZIa4=>8Y7HG|t?Z z(Nb*Sg!uQG7zgUnDWHL|}W7QZfipFt?BC5>nM;@3$BN2^&Ry?pHr5&je;YoSQ(A@tDE^^`MnB3%}+woHhaD!EAsf{AR|pI!c#675DTtwAhPJtt4J%HDCj zfZiTAZ(jakx79UzW#Un@>BJiS(-$;U4*C}Rd%FONM|8^0I%5c^d;3&)#2Hi_ zZLHCi7e|F3+R+t*PXO0l$u{Iwz~8VsJ$#1yoL&SnOmy(4^7LC;?eDrT7wRX$w5N`C zBsPR`@Ie|%XKuqoL&J|WYS4heEza0F!E6O~Tj!VR98|$k!`U%su2S;FN7#{#X--vK zI#6pc*unWFJHD~rX_e%;JxE4BvFAk3I82VFd`X!>o2Hrl49!=#Kx*nq!y|Pp9T|sN zbIT;}zLjVU0p_Ihy~G&#;Efqv(kZSi$8&Px)C%s zGO80H_r@VjV`K}Kl`E*kK>lv0z^Qm$25nPz+AoR?-o(-f+jL>N({W(BuO+jY*4o}F zQQXRJipn;V#zS?oIMq7`b7;++812@sYqfa%gC*2*HQ$Pt8!2`e`Ouhjwq4&O4uEYg z9Mqg;-b6*@b>rS*t9$A5xnzrJ71JQkEaOeOwl^{R8!;ohPjnBUViOY(VqT2juqYigXPUC7 z9vLJrw6mkh$l+LXudWfxU)^TRF%GN@Ta&lBt={4B;k`92Iz>St`OS)cgb|&8L4Bb^ zk>g34HsZRHvcf!4B|7iZq(#(#1wv^lsws#Fr=isT<5d6QR=-*>Cr~i<|BNTCIQ3v= zpn$5Fys&Q0;nu`U9fuab3N5slMpkdq=hBP8p`E2QUVHH}D0CI=h9Z8(zhmKO{~iGP8(3Rf>b*yR@+Ph}CV+QwR`!31n_9mcvI56qZ=q*z z@*aNyj>HXMXZ;=k4#L_B@Hevo?H!!o+u4BL4kmVhKY9R_jjSE*-UC2gBU7h8dH{9p zfs6e&1I+;c7&aSF%*yo7vYda7(8BtCIBY;Mdw`|sKcnnGJqv*S`_!-l{Q$O(dhhGX z4)inr>w*EiE3&ivwNwE6zb>8kAW&29-HCr4IHiK`1a$uLPC#FwcLK@^zY|bYYae~q~8fxPv&pp1Wt(TI|1v-zZ0;Y!aD(n ztN2d9>Pqhftgie{z$slO9&wEA{>2Ic^Vf9!THpocy%{LjtD#qxi5 z?|+^GE})Df@Lb#38(7=DZwfB<{~WM?<_6Bq`$6CWy6V3Z(AD5?Vqyf!8vcQQ?Ug_9 zuZ{c%0_}|dK;U$l{DDA4(?1ZXX7&dHoy`A0pp?ZQ2()^?jF^~!R#tx?(8~G`1X|hr zfj|wrKM<&4{|5p!9R5I{hT|Uy)Np_L1A!XO?+AQt8C?EApoZ%o2-I-<1OKyh|6B?t zX14!?-`Dehe>c8-v37B%V<)6z242lvk=K6CEFHBgKEmf~`*Ydzl48HPS3!TDLl)Jmx}W$Gz%+{5F6H^JD&! zxzI3S#v7bUhfl>cuA_z7uc}L^cHzEfW%V4(HDAimm^U(u?$~&8JJn3SP9tmn==4*PWEfb4Cwb)%C5B~B6jd$kFS7O9XrukozPoX)Kc+E%l zdw}K<0(24iQMl83p4p$@QV+_kvx&bfA1sO1OPD_+J25~8T%kXQ#SqSgOxdUlg`wT< zu2oVe3xx3)>cel_Q%iqUSVH|;^kN;*s=zvGYlcij*F=_U?fAJKK~=!*53;qrEv`C6-g07CmAzXPEEaU;D_ zDIS865n@zamk9D8WM3z&x6oEuHaHVJvh1tOrt(+rpS1Ijjv`)P6WiRwx|HzBug!Mo zPEWmte6@d;S2iPZ^2rYo{q)X?Ro9dIFZt?r3d-@ul<53aRgm}Kbi>R}XjTPlRfxaf zd5CxuWvvUHi?^)qE0PE&LgUfZo$BfQ^l{J4*&yAgv>5&XkAmc>69`Ar4QYU#su_b$ zLB1)rBQ4|BEv<*vNcm-Ah_d^}(}w-S**B+wJ&=FPt*goS!xcdaB@vz_8Hew(hlUOl zziSfOk%LS}mFpby5_G(KCB!c_WKa!RDw_|~&3)2FKhEw*iMI?1K0 zQ%|62(PP*MY9-NEU}1Oay(0FLr_HmRoT7VQu1k>b#v0`{X*b8(7XcQrWxDe##w?LG`3-ZtGeXn7dSPAc zeJ+bX9;qSflt@#xLoF!pB$4|_*z3(BMTF2Upp`jWE{y4-5o)r_r0_-uKZbzIXtiP( z>Q%R-yJ~5I^(BQfM8i;`)NTI}?cRIU@#y<{v-(nZ(5X)IXYH=_ABvdSS&0>_AHVbF zynZ#rwkSSr81Um;oJwIh#@aJ^5_NyZQi+pFY2)^5sO(Ipo}7e+SJV`R=&lM02>JB9 z<0S}d18Ddfz37fQgVV@dd{?7W^I3c)&Mh9iA3a5Y-$iz*-c>HuGmK3yqB08bb)ILA zL7Qwg=J=xy?dmc-CZwx3-Ko#j9n-H_7Xw!dr|mFXH5ZM}?`N&j9=CyY1sVQ9-<_sVTSUm1Bf{)!?5Iv5(!|aM+zpVZ0n;Keslw#H>RnaB|Zg$-mC& z(B?_SNgWn(!r2q%{hAh=8Al#}@kMbOlHO3X3?!s)jn)$rsoJJIb_Abs*^6lBW0m8= z7tCy4B^N8~M~*XN+Q29pyJ~+yp%WbKM>Q!H`n?1uH5szCgn1^$?v@ZH{#9&gB}ql8 zyrD4GqhNbD(po99ZcydvuO!@k?*;>?z@XDpyg00c6-=4&vR^UDadAQdxArwwAA`;>B7p)}9r4T*hx z@IL3&f(EiPY{!=o)84%{juY;)Z4nO**eU7@6Z5AzF?4RDC2rky2d&c2@w_8t6=>Aw z(7J8B_mgcu>nVyr<>`M0r-e>btw31!*a9*RIZ+%%zY%SzU~PL9 zf{>s`^JCWVoJZ5ojC+RRLN^$?J;F1Ww|N9GAH^xl*<^_lw4Te2x+!bA7^}=sPA{6? zYE%GFMqh386$CC6boo9SOh`_*P9%~DB;oxqpv>C3nSborrQ?5M(tN!eO_}z|w`XqI zv<7P=%WnL9I*#h(49FB{inpFJ-FsLuHHdBXfM;_jJ2jy(u7yLk1MfzF(Yne>X~O=h z=HdN|KW7U2(=yF9y=7ts*s*^M47Ui29=X+G*WKXUb*{?FC^{`J%P2}*!_5R06crpT z?P3_0Y>WRAf)RiC($dPY)H=I&5p4rl4RJRW;zkkZS-OhTTZIqFPl6W*UPVLiPN-;= z3{-Z)i7q=XwxeRv0qD<(nRuIS9q9){M8?$e!KjiFR{hKh2}XCUbN5K-qhMZ_*KWu@ zFB)s=45x~?{j`p};-L^KybZn{8MMZtV80#$iNh8l^e2Duf3G4NJ{OS5$h8(kYjQZu z*DP6*JCHxnBvEwEfI`>`8hcdBS;7eN_K58bCOnbw7rsgrZret7e{ zozf3s7SMN^K~P@s^)=VCYPH4F#1}pZdFF}>vdW25u{BA0|HQw6jW4c*Yejh3Iiy@c zzd3()_&|6#_X~`Bl0H!PgZ+j#Dh=GYo3=NB`^@Xak0R4e3~cgi>jG>Xb-!JidpyEc z%jIf;@JE+XNmoBIc~*kXtq5Z-@+u`H<5%8>JxZ}(rzH`2S}t8slZB^*n1L|*@eF9!+Y;l*Qk-K}1)`=8W8^f9-*psF6$mE+Z>>RIKM4e^}WymTeBrlf-}e z3Be0&c0}{_$TvXuysY?Ukvfi&Z~d?~=oKuH84Xp8)>$FCeb|lvuyn8BX_?G4W__95 zmgB4g^rmgW$Lqr1#+#ZaAoFw@l7l#bh+BDJ3YRq+bEe@ zZX_t*R8{eLMBh#4{SnG}5> zHrh|1C9ep3C;G|t<1$N`$qv3B`kM76_jgV5GPP7=GkQo@x!l|+5|)29St5$Ov~Q|# z+0dsc^_#0Sz^_D=%ld1p@id_|bmyX;mNwWl?Sy64PSIDER99lTK z9yP)kf|M+{dFRQ>G@ae7n&8o|+2AE~2uEl}f@ZigF(d2{?dJ;Xy8G5yG%~I~-;=~z zI#Jdhut3Vk!$w!>g}SAa_*&9b_EedhfHt^NE9+I57AEd(#&!9vu&Y9xG={lvciYtEWvz>EGw(Jq8%sL{RhdbE>8Xg2?P6bfA5nc4KkU47t8O7X+(+iO*}RcJM` zKT-jp=F|u!wjZy?&W7vx%bAk<76@L6D15z$S~R{|WG-DOQ)*vwIo`?F#LfX(3`G+` z{>4Wu&!tyaD86!)>-@;zm(AvyZptU0>xjL@K%9kEdv#?r61Z20e{6Bl7^;dkA_C0P6!bEY(uCG2R*Jxy*SNmD&lUALJN~|JaBbaz40lId%ODEa> zc0)4%`VO(JfZVo5DIPaN;kD=!_3kx0jO5V>eLX=N03wgA=K1k3hxPqIM`Ln zwqJ~f=-G>Sb$KuAxFZctrqESh%1WefoQ89n5KuO186!I!5S(i>xb!-PECp(v#QuNG zlKxrWx-5z>vS8D1DB=Z4{pO2jWzvHtJjV#(k*(q!F7%ecD>K+x3H8!s{SCIrfbqDa zxQzBGj(+boouTj?3u4p#5=u=Wn!eTAmFC>ZaufmDN-c^&FIWsa2~D%v_|%^XnWfBl zGXd#V0_BS+iA6DtUxr5uH&(3-RttZZ{P0veo^>d9X8~+rp=6}3Qy`z%qc-B+;%Z?j^yfiWXNOXs;;z;dE<3+H)L9}$9uRpm#`lS+SKG3Lz9Ff?L|siC@gtno64puFkm3$$BH>=O?p4Rcm7 ztF%?#2+9^PY3br3G;DZc6wV42HDdT$=8(=lC^m+sSgP23_uL#f7s58=v7$3a??AnB z;5**iIy!3e+&64lXV`MERO@S_OB9SA?%zY3*XUhrOlIFG6GAY$JClFEBF^H3d#alr zw{I|7O{~0@c8XDb>ZMj8vkyS6^g2RIhi=hczuR3qBqWT3a9co7nT@a1^y%#R<}7NI!)swU5pydP{VUOs;=NAy87@ZmQgH~QFv zEPhIM_4#ogK78zWe;FSPBhD+d9ZlVqm`nIPZX_5L^Lk%-^T?X|99;1M{S}iq2=Wb* zG~WTM{IBRICyt%9*(hz<2L+z8-#y&oM_$Drpxb-aKL8Po9%9i{$49Zi5+@fo}WE=lb5Wf zz@KAZ&Z_$jzVVxTk2+_uh;FO!23(+%xGsj~UXX87@hbei_^``;lTb!tSATZ8)dsWs zD{~Y+UMPQFytjfzpP4E{H2)}|(ZK_IjlpaMH^!Zu5?W0J)}u01qQxjarLCgKt+oao zHLp+*HL>yw$!gR*tAJOr6$QoptrFBFIeSpwJz|n86(<{f#9WT2`n4{B3~ODPUYWkZ zWfcFi;b(ulwtbF3MI+lygka*Mi`E||7d2q?TZ4aCXus95ACTUj5)uMjzkMjupDHii zU{PW_CXp_%Gg*G(-^S+|M4&!TS1GDCJ^N*Fwfpg-Z+ zA)S8!W#~z3nq89I{6Ht&nKyAFh(Jwyj7!7kXE;@=MEIKREPpn+XiZjzwy8WRjx(|7 zRv_l!_=PyDi>v6zTJ_OHO-QzJJiL`X2WQ003ALrG38|nOK_u0HB2qdJq59j<-BaTz z58s9P?{~}Ql}EFAZ1HwF*ag_(+~e~HQ8a%H>rg0-@Vca@k4X~YhYpLPj`{F;CDTmQ zX7(&JR)@P9iI^~HriWm8U^!r_YV9jJH^==7I6A64@j9#zas16~r41#NfTC*q2urya ze9}o5Yqi}d%7-tQiIN)%mN;0Ced}IK=y{)=`PXX9&C8os!SN2L5;dAE2Eq%~PV;|A zMPxf>4f@BKItVZ|`({S=<8m}!JHufyt%cuaRimsKqFT9~@T`Xk%xA;kKZ!873I?$% zV^rzDY`ES!>A(&;oO|eGMTzWD^ZYziLEio_u8@SN$bDAyCE9&xdm^&lA&A~0$mS$e z*Dh1RC6W_dDNu?3CUYg;yVg(JA%9e=#A zm4{NECpp^^Ms1pM6wEXJDvndzt?X8=X(68Ic9Xi@veVIfLk-5 z8YzzkB;fStRlYX;j3Ws>Jom8{z-6S>zta#gMOQfYD`^9l{v$JvjB4JI&=0)|v|$9( zPkX0zYf*Mcwg7Y)a1%?z+QRH2hNW%3R#vJ* zYjrUV&U}h9fhh$m36S}LaeaRqRc{t&e5@-uue13HaTWANrOMPjH9ltM+8YegB0Oc*#QfW;yQ?ncVnN>{ zJ17qEoVSaF_V%ZjE}{D>H>j*F%p7a>_ZSRD#z({A!N>W9AcnXqT-kq8HChBz6t}DS ziRB=W$&auFZ|k1(l=rT{$*~J8zBnj+0Xli1Ak>lk=Jn7-Ord_0J*)1s!n0 zK9!GP>RI?xpTyqaKNbvEUEQK4KhwFbNTk`W>ejZZDb<_7g69o6St+krEtJAha~C=d zDNpl6-@VqyG19MYjrV``;2(Ahv3;m+n(;9OwGpIzZN8{h{FHL*Nx>a6ovnY!gu^C< z>&828rkmy@+xg)LzIUZ_fTZTGY&2eQ4IB0sa->-e!7Y?BMc#|o(L_!oZH8M^y?VPh z{UucJ5B`ED&L9X#^Oa*0gDvg?_`zb39WEmljE7uhT?znF3cr@ii`2gy1dhI zGgDl}T8V*4jDSY07O>dZ1QE9x00_y6AL1?)r9--lh$Ck-~ty4{ga`>1YfhICh4L*Pom#S~w|2&mGsm$WLdJ<_KKxDcxzMITh4ELN#lo0-QQ))IKCAv zd4@=?&2_~O*eB~%I?lMG;FLb3mqWd(Xh`akloHpM$zc)XQVGct&Dw~8+fDK9;iIwf z>>7C?;o=`}9MXR4=}uREM;_`S@C9q>MKc!MKgWMxq=niOt=5)oi(C{hIJlwY?mnr9 zB89hL$4My3785AvaaWC8#>L?|F_QF>tL;**)omw1v5=CL%GIuVH6IO8!9Jb0dN3C* zP&Rlfvpc5o#&kMb+zT1e4L^AsTW^hAW5U|NysedP+6$%gqS_QYf}BW#D$F+(_5GPo z83liG$Gc<-onDPPh(I|4d!DE2r|S2J+*8QWqmpm9vN1G5A}&K{VUpMg^WHD~jD*23m(NU`gff5M2Lvc?)r@l*z-_l)w8U!E-9AbZ`D=Z3 zmsV2wi1}?OL4J_pJH58e?cT^Nmeoa?1-DpcZj<(Ci7|MyYQI}OnBpU*Bh;qHLs_ah zk@TWxOETB7$EyDiQkX7#I>=m_RDkP{SgB7I6e`cq{tpn@L59&-R%-Wfu1P(9{i}ah z?9Kiu*)$XtBJk!!%!Av$66Tk2fjT5R*D>M@X+M(J5uJjssdvIZwUXQ<3L_H8gg=%) zpUAFXb(A8j9Z}^S`!Y#}mgzWszo66ypI!ZM@+kquxCcBuFNODs7$W}I&DE*o2;Ov$ zwKSPu0(3A`8qJ*qBY<*h(}U-v5Tk!t8vv%=68amgd>))m*1{iWhkAL!U^othKD)Y@ zE--M&uuKwLLM!}!Ec-y@2@#T+33pvTG9gDK{kvp<>9#(blG$Cn#6b9G56ofpUB$_o z)h-khw6v?IvIEHi`QN*$4xzuUf0fQQB&m`a)-)uN70zN9zOF7ZNQG|=9=(4ZIC|rG zdm*jfR9>~jKY>ih_--*&csSt1_qx?!kz1H5GJfo#Td*(>fr1h*#|ctcI)GU$U&v^( zj;yJsvd7%<$XFYY*k*@;f4umBh64Icn+}np`3ZxWeVk4ASwqOj83V!lFq1edP$$d|2}GYL&U5IqDLdy&*8tcvev z&7YnwL@WDQSZhW z0gp1Gs7PZXQJ2)Ouw;L-xc$*bReL%wERTw?4l1Y+%832tqVXMx8HZ zr9`PD2<1=**|OX`!s;E|ri>u&f9%AU24xr3K5gTm2DR6n47(!4|I`Rpi-CYh`YaIP}h2t&; zXZ_|MDTZor43Zf_3oRuTm)Flwd;`z6-&cPYWOc*fxB7j@uTEwx_!{RVNR^MTOfp#r z+P9Eh(tDa+5cz)%bek`3@uz5-EjGoYQXh35S?#{=MrZXRM9zZ=>w)L-FN?iG5lonS zeG2>4D46NFfG}>YBhIXd{gjQ)`>8J@LB=HhONVNxtuIY{c$BywpCLMgvkh^+zu|Zj zmG-H>o{=sRbhRUnHN+m8m|c*b{)8|3a*jE3W3g$I`t^UquU~PXradOGQFV4xWyQ9g z3n&G#bMz}uYm?1wO@VfhMSr8=pTG;pHE2Doe-(LG2)tQhg^#)L+k7|4b+{7*q zZh^vFl43AY(9XfO_$56K9_=6tB>Ut%nU1N+lfs>C!k5(Qj8u`;+%Ih{%<+4qJO3u3 zouFD=;?CZ@w2Osb*>Y?xiQaP5V4~Z->%er#IQ0%Ybg0!F7>0lBQ0N!jScyi~0v*i8 z6YhVUVt5e%5Ym|GQ1#C;VaX{PUz>NgQOM{He$Hk?^3i8;=SuY4v?n{k#?&r%Ttepq zJtc?LgM)QM!cGY>pw5?METE4R3gud0+~%qh%RLa9nt7Z*Epo==2Z3Z-@Jll%L9XR&y#VnB(8ss>^rainP)H@;c?Sn!-l6sM2LfhFGm=K z$exWr0v0SU%W{9x zbSiS4H;6>u-DJg}|Eu2~KXByg1*R;IpeWAxaG4q}} zp*FK5oejAOy88PVCj~Zky+qFnL%V-M2VPFB6Dlo~=26uW6qu`4kN}WD*q%jgvt9Os zI7~y3ROk}h)%^h`VX0UnsnSfBA$cFIY9jsWk})ARNjeBJzetW>a@{EFIGya(?NZ5< zE)bhVs4bnbj?D!hjX#|@pF0Tz9w44oDl<@pbGPl@^8$aJk~b6)@1VHWZX^0@vXt!XR=OJ@Qkvt z>RWG70YTYEvxl{z2wd7})d(Q1r4hF;HW&!OHVDw73uM|jH4aU-Lb`uN_no}Qd@qWC zl$VH^ndk9lq_((%-^cW(Pi=aW5b?MUBjKuf$tEX{LE_w-=E4L&d@LN|Ch!7VRRUz~ zM)gPbM^ZH%aFUBX4aKR<2os_p&H4KUnB+(r8@FU1&6Pd`5TJqmbV9nM%iW(HG=@cH8XJv%EZ^_l{GZcBGy_H>pa&?rSrHAWOyG$rNzazG!n&pTAQ}Z9_Wut_TLOqO)cXI^1CQ)nDhc>iBfIM&XogclR##% z7g)*!+7l>QSCt0@!)r1kd?_Xqf6Oo~#zq4`%2u)(uqe%$4I67qQo9`86hE-=wOwe6 z!rtXy*G&_+CJTQw5u_Nje_F=n4oDolLORNb34_L62)D$mtY=`$s~!U>n?d2 z@83EnNaN-JP3;~!V_AIC`F@cG8xalhL|+ckTH$fi8lxdw!cOT<>XHMGw5*ZKO$G5$ zcKdeGMkmM|pUZ&?3QbNS9zOVk0Hc05mbUrhjE!#f45NRX19k1Vi-jWGbWRoY=b@SH zpGvdrWKwO`lVdM9!gepObgeMBw2xnKY}?&=cIAp4_eO{aQKwA1i+}8xn}mJR!z!gq z?e9*q>A2$0xAS8;xhHfRgVB5wzFFHAiP>oLx-4x?^d0j4XMfS^9A0wDF%CNlfWlI0<7_2UEJ@?kIocbdJytPJa%@@ zmu=#EZ+Or8TtE}Kzm`jHsDBxJ`8fRxZ7jnG>e@lr)YRA5yCHNh{IJdOdS&?8&4A3!zMVCe=8~0cO%ePJzB9cCE(-33b{IA#f`SyBa69?6DrormS}6z6a>Pm!H$- zwfEOFn$%yCae1_Soww0I=EapgkB6hPZ+?FnyLYulx_o9%kWqxIFqsu~C%~G=FO%<) zBV+!?~aI#(>KI4HZ> z#<)sr=w&}8YVd8lI<`#fA4?4Bjh%n)D>1!g&y;t1@3x~47N{Dl{(dWXa&7MJe!wtY z;qbRI0I5sQ#NOQoi8*F7T{y%VCSdKfU3OE+TXNl{r0QhQz?jLMCdYRPz1vEh1|@4u z-6ZE&{m><%Z&aROhiBhkrZf{rNe#xvxl`)aVi1>e-KH{z? zLmis^BUOS4bO=)D6^3-5^TJtOJ%wXXrM~!(`x!Ns5{${CG>Hn;PYNY*Q*Q-Q3knB{ z+Yzln+2xG7=HHaN>#7kV6-PnKntqM~$hKRbU9DM1wl)UBJ8IF-x8K%2=W~F-<8JC| z>Ng90bZ-qCzmSxWNd^7*HoAWWYQp_Gy@YJK`faEdhW9Hh?;6%~fL<7d?(dO}p$`+H z$`1>ZLP~8jt={`k-(c=-7GdG_m>o}FqSrjnu(;|gyR#m9xjjKpI1DF*fd)9((+%RG_=)WC90Mq2fYXznpA1L$bX7M)NT(5GKo0=a*&&S#| zZt_Lc&+od^a}F)jE3bc1b5wJ7td@=r_rA4cMkYrT>(w_StyUs_VHs?W7|*l&M^01p zfZaMZoGrCYOU;S$4%PZ^;MuQSZlJ~KYEBI{7sDa5S-Zjme5)5%IK*6e?gQYRe@s%! zR^I4R^DGqfcX6@7^+e~}w;wDUAC$sv!+-tuc-2XAe zje+REjNADUCGF0wCGOL!2BYG-ie?DrvFN)|_j85W6%_@bfuJ@=Q4TMBNK$#sHN>-< zPX9Q+l&#{I!Jfl=cZS2lE{>42PKfbop}a+ua_Hcd_TFBZ6}rElFhVR>ON=C)eNZ0Iz&cXjJwnqvItChmHXIi_8s z=Q1n-zrn7#i|AS(Ao%(oe|xqFzRB3aP>$ju+OOcrL#Tg8{3O5anc~|`X>UA+BcA{L z^+~={1r2cp-Xp)gmuaQmaih6w^HHLR3qyCiy9l^0o9(wXv86nw!)Zi=p~Pjq=M8x5zn%SPB)4L_j;<_AFPRk z3k%DAv3`G{P{t-|H0zNwn9;$u1g&?@cJ6ETI=)-vSyI7e*#vEmnWrZ| z1TBL(u90oZ4EqlW6trA$BQ_L9&X4u}e!^1;%{j6bm}ty4x)YPN})A9N__oyi2vM8WZ5PtXuOKMsi7Yl+UW!IYa>S&Xl6L-fmCTAh? zt?S4+Ijyj1$)J{cGRCp}Uq?^GH30$VtU?TIt*xr%7I;y9MUy=YzV&Fa(z+!ssj|BF zn8JU}_}yB2c)OipuEa1KbGAWLrE?6z`CoXbP?0NE<1rO+UC#Yk$cMe;YPL9Bx|n1= z1M^r9KZ38y+*N2oHFK|xt7O$fO9pl05~87I_?V+q{+e%qk8NI56IW=vAXS!MDUn0c zWzPG^$8%)M_<#6;`Tq(2pGaU}0noE^u(k@+vonYJU#b20sh6GR0)hrcS5ZqzT9+l~ z0%#0IS5ZqzS}Q|MR8%>a|Gfkkx3K2|3kH9QcW7iSDISb6)|s)4y(~jy-;#aIJi{<% z7-Ja9o+Xm($s6HKA!Rwp_L3rmh>DPq-m(}E0!#A&{aGG3ED5lq;D{iN zp##<2Kbji{lSr0W|F8C}9{n4O^(T@Tzw;FT zfM6O(1uQ6dkV^hhdJ6m=%>u*|gZ+PGO=(yX5vNb~CV>FrJ46gJCWeA|Ya$Kj0}!yJ zAn+RwlJP%=V72XA1Z8_uLu)IH{I_X-qpYz+GR>Y5@Tcil?YA2FSIz1Tl^A~txFD1e z2qa6$djI%x`{61K8Arhr$*gryQwOkADwY9Z?FFk+1HzF2k&FjJ0Wg%6S6PWnp|Oqt ztd^Vw2ox&h>o8RjfN}tq3X(}6f%cX9jv{|YzYp(ESOZWF1F4k108K!dLI(e=)mUz{ zkiU2}mJiK`3jR%j0+b1qVCsKgfC>vB(*LGV1(btWKmTW~4k&~F5O2Z=f$i%>4(A0<(8G%4+exC&{n9BNR+P6(-4fT(j zKxC}|2!?_<$mmlFPCL#wr!M|x1g7|L8K)e(fp>kHWlh_Y7M|GWm)L(v*LzL|%1u@~ zG0XD=p>v#b5+Pe+LFb##*z_5{j}A=B9odduWi2)r;c_q&LcS_oU1;fB5AuXH}Gbn zYQjXwzRdL969cgkz6pQa4e~FRDb2wG%wq1sj2+ic4LwZ-TcnQVx0R?B)p^gIvooey zRTW=s4N{AEQ-`;MW-?sohoR700d0w47;&+K4^1j3^)Eeok&IRKcpR{exW5|wT>ruZ z#spquQ?qus@=RikhC$5s(|vNkE$vL=O-}hT4@ev>i4nQk^9+CCC`6nMt&U%jmR+fg zdw)Q8mOuaa(ZC|pvUaAu8WAEpSWAoF=lPIr@3B|EVgz+IOo~og#o@2(yklR8E0fx0 zbEm~cup9XKq-7mEJNOCWfjakU(`i|v>jQL}vUCP_IrSPUxjXLAsfRxq58c~}R`oKy zj$io9UDVHIt=@lMs#ee=p4PS&-_dk*iHR9GvEIUEJ_q&kwTkU5c&lXx6VwV-S4N~> zcoa3kYx)Y^*ImKgIFlYT?Hgv1B77xl0`%O`j zykyZGr;}nrZBUwLQg2m+Pn=u0UZD-=(kym{7&#E@+UjrInHfn^~I%j*+T3VzE!r+yfyFQs%2LY_#s(*;er%F!OcKp!FOPUdu1uO#EX ztO~q)R_#rR_-?t!jfJOcHoT;Fpe zA{`U{?*{e8LPqWSkDPD#m3l?)R%~f2bbkV-jc(?ZbIslGBAU2u-QTLJYR|V+7qq|} zmgQo*BR0-7&R)5_c|+XFFT*upYp;v!F1RWEaXds7An9rpUPEB~C@+`3)6 z?%r4A_Z~fXzf?=8>TXrVHNW=T3wD{=E!*>t^zL|EER?(OptnTLPk!Xh2b7|fLvnL| zi9_xQi?>C?DYJaC%!Nky$&e_sSo9U+J=}kiiO2j8q@NDoOpessWze4bkg|?D=rZ+X z6~&pf+us1_7O|9|mVH5U*B2hzG``Fi6n^$DXMH*&&ezf6<;3OOTcMcUTTlDC&$TkF z*V;A}O2Wi+&LkyyAmv249@q%^jKq2{^XKq{#fj#}b?$|CtXfYPyuv*!8_JR4L0x|| zn|uNVW&+^cg7&-}E6x(-cB!x}i`XOg)}}R`_T`(mzk-A>9O4$289%kZ6hFOK3p+}Kbdi7Tpxfvu;kudAR0#~w~slOf7mc~$wB0a2z=YNvp;U{Ic{wH z0)NM4NPLI5uG&v=nbJKE-fwAs<_LTbb>F8f$F?GSxQ29+SHa^Xx5MbWpe=tp>4(tL z4)>Q?f%j=k7p=6(y}nOVKMGk**ZgvuUwk z6Ua8(=@R79yVT8GRh74{5ksykuf;kn9NYoC|%oI54f75T+V~Kyy ze6xQqf+tn>eKKRFt5Tx@NHOG6^54`HqIKtrkL186J0O2AHf%+l$IaJ> zht9nnJHgbd>xr;{T|OffzTe;G*hZ?cfD~gwOqyvsHG8!pg#L>_TBQBjg_>X4oJ~bw z&moDQ&pV5h?w^W?R?^^?l@tjB;0ak(7GG|&We7hHJ!rNAwQR@4``(Vk#@6nv^(-@#10wvpEN*t-pG8diL%ZzoMZ@(6fBMTjnr>dflt z!;)4~b#13LJT7~LM;nb591eFoUxrZ5IOkdvDKM_EsPlXm&!vCYKD=EgzHIK+o|>u_ z-w}Jn>CPYGMNHB)|6EwG%WEE4DR8)^Q-@oln8yp|nk65RNdMC3DylLSRA8Au*g3QW z^M{wu-jspmp%b)vMT$3KO1821P`-o=}19OcRLrR)l}fe5Wtq8Fp?BO@Qm{H9H-SufJ| zhKi#^gzGjp>Y2ycv-ia4j&8p^5&ukVPwKnK{UcND{$owpk5P6sfdX|6N)_O2VwIY6ab8l6cJaRvN zon3CV(D5PaC8>w^bSU)Gz*C*85A-7M92g64tD76!d%8h{IU_*$kbh>*J@}qz&@@N* z>syXzo7{!~LAyzwT*4uVvgKz#6}i5u(TkfM<7X7|qYXQEmbvVQ z-y~8uxa)tus2D9HUc7V)G@VmmUTw6klYB{IH8$GVwr$%jlC)u^#;+cp~8w%vI5 zoPY1Taq+JEIoBBDnRC(|(HNJ^#e5t1-SM004`5`*oAvV)dS|02VYO;wjH>6o1t-55 zGoX1YTshwij$Pi%u(GLf_i|Q(e^ou4f7ex8^{Od0sGjmrh|!78_L2&%E+A-7`iiDT z=g8_M~RGt!D?kX~AfE_aHfBA6WfPlurh#5?ZFzkAYM+Mz z2+)}+6!Ro79W5d-L&T?LJ#^eM@Vg2m`MPj6k-maWY@Fn8pGP@f&RE;TpvMmsNBnf| zCxM_JKwK!e(I*Q}xy=#pdZ+I|8K|5;IpDk_o5LI0w_ZxvtgU3>L8MTxubwO!Rj2Pl zA}_$A;%L{4ZlBGSv=8l;^>gHQTVw9v3#~ezyW}F9qG-Kr*UNciT8kv{X;IKQ^7!>R zEzc+Jr`$|*L&P8ZiT9>}y)8+cB%S})q|`SSfPg%iz)IeH`A5f4l@d`@5KA_Fg)oQz zPybu9lsW#}vMygCOhAAlF8XQn_jyN)vcMGdZ&d8U`9WYF3WOCiPi)DkB1HiQVPHav z(Ib^^08MD-fy@r8kn)Y-_bf!lkX}~ap!l!hgNBH3k`aETU`0Pef*~TzTIu{`#NmIi z_Ol?U?ZX98$H^d>AoLhc4MM?ik#U<^1cf|?KHc5ssVs4}6ZZfsa=g$vC1*Coza<+0 z3UTEhakww9U`zqTPSd$C4s88`5d_{Ex~^ANIHL!MM$`iy1WOj)c8jM3Tjm-?uSt#P z9GKB~7QFX0CVy5+&`x-ygz@O<^=;6mE>EZ~_`9_1e=l3%_)TpLnMcd5qQ~LQb*BT@ ze~0uAlnl-W8Uujremd4OcDwAq#e0#2fX{4PKpsO|amy038$8D{x6A#S8LK=cIiWip z4bR=$h4r4CdGNtR8o$=85>t`WfH`K`q`_M8L*~fx3?uTDZ5Qf3L!;ueZN?0Bx&VI_ zk(WnIvvSfpv-H_47Afzs1?y$(Ft_F1Rr2-;T$Fem;aA6@aSv}!)sDi3TI~Q$Eg086P zNIIcO`IC+RDdSRGBbDb=uA=n$CZy-9Szpu@ z7rWV4jqd6tpTSpOb?^R&WEgKepOC6s>{j<_HC6f8_iWC(>&tLOLJQ zew!n()shL{_*QJsu*Mogv$im2n?^Oc+zQ=i1v?9j>F=HZLuv zHpYDKB4t>Nw_HoEo>CHTd{lcJTEs5plQSS(_NMnzM~=CgFt{lHTV{D|2HIbD=Bj_tr`hp$_52ph8*qzHThn-A-Pp za}3bGfGekrK)qJSI3ue2EbGxKboZ>iMNv4{5rqfM{N?2qd8+w>CcRz}*h!ycb+p;u zfqfFDfTGY*9ZnmRH%+5T@Y_lss!I4Q6ybo4{tPp{Rso0~BwMw$i<_&&z`uZpl& zmgjF}lvHHlyr~&K!UAfVl7(lMUK^5?T{@EZyGgzEI9xgAL*sp-up&HKsQWD$yu^E# z(;oN59gFBWl<4Z;73Ux@`cUltS-424{dXwbFT17xM8Erlchi)yDy5e z3gYSt$(%;&pxFGP@nPFrRupdh+g`x_ah6dM2cC z>IUQa8pcS%0ExM>GtG(B6EFQh4pH_E^H*KnExI5ADzyJ70_r}*c9^KdHV+e44KNJS zq`-pM3>FmB0?&dmAl(iM{^ci^wRrcP!fzlD5+4)vr368Vb3nzi23waH%*c`WHzZN1L%|Ea5mTKbPE7s`0V=BpI|p>D7y>yM1c>H|RuKq8X`U&-cWwqrCBYO? zQNH#VsJIDbcPf#@emnHpc)(<8!N-I}+7tF8m;{e<`Kx;b)5*z%ay*P$+Xv1bNE3v4 zih|&KA&RjTfE5gBO!)H0-eJ~gNYCuN-An5Ch+-#oezWKV+R?7QHq;l2Zo^jK84GHBS$j) z1~LDp4m$}JQmu^uF}Z{#&FMw!7ygVD24akZ`a4{Ge=TVIxVC}@&f^teMY|Xd#)(?v z_$iMN#P!>FBpm^zW>Vh$2$-_08-M_Z{DtYupcY`jn4S+u5MWGA8HdM%y|weM0gjfWc!q#lh)62mNa4?sjl^yGv`_%0v2+VT79sOR4q8u znhF}8ZvM3Y4GSayMVJ-~jbl+Lwcpv>P5HZaolmuKu+?Eu38N2IzU1CYb!r70&COkg zb)Srcojj{P5UwOCtZJTNKQa(d>e>aRk{;9Ew1Z*MnG6rdyFEqD?%QGn7Rm7Y-V(uC zrNi)V<`5TncYNN_10;f6hY;GT?zCiu6;^Cq0ff9aw8M297Os^;DxDQ&>qFt~VcZ|e%!yjNa!7B!wLdrPO~*<1mI|%}-uI7ic7A@M z-C&{|_?q4I_{WmU8DA7v-B=Uu#t}Y@4(QCW)PH1 zYb4;YVNVUD1B%m5KkXD#kIZ!~zSPgun(pp8mQ{kMWtDcPzcE)z^Un(*=N;%K;cC01Wda`4DNEciiS_`7gG_*v{9ZI<*M>4I!iFU8- ziYt)Xsv>`)kyAfv2xA{7y<4$gGQXPBcQsUEt3Q^H2F_PU4qSb$OQt3qC&1Z)@T@uY z`3c%N{1=lBS(aY+GUTEksv{(lV68aPAS2TY$-*}gooF2uO8M(;Q=7=vt)M|~@wCQS7TPTX+aCtRptk%D&EV{lAN2t0!B zvFx8zM6gEp{FOVAIYVtuB%jcf=Jg%To$S0`MH4Y<)dPYG7ZN_DK8YU_m6!7r28Q zaAVda&FU67jv8Y@TcdLOUYr#8NT%PH3bQrzqlueWxv|Z~roFs+1vH3^BxOpx2yCqGIi60^+|Y&$*!iW z_RGiknia)Di$pUxr)p|7M2dK}3+}7jaQhEiu_- zF(i-${D1o2LLn!W%m@j>ZJtE}34)+&_SmB>D4d#czJl-&AlEA4^O89UK>=UX<&-s5 zM3Z|6|IHZx>1KK&P$cLJ1ysQjjYhyxyf{@~ zarqOcQ`Xx?d|Jtj=&_gP3HR!XBW2L?22!*%|4gLeOvK9Q94Lofq>f~8$F@bP;TD*$$M0Nm(lpI%lg#S{p7Xu{ToiGHB~bKb9c z9&$(6#3fcL*>uPE8{Ss*^!$zu6x@&?tz`{CSAusWVh|F;1%UB__h@ORZ&$!#Qu6r? z>_iw+Ql=oE6XR6G(t?q~2a#|`Au3wD8O8=%Ok2wOjpd3E8w7!e$&%Lq2aw3i$hU%= z_&*F4-FbWbj=hP&5CWDd&m+Du^TdKQy`@ZPzXv+$!?_fc%n>Bx06(Tpgg_QD zZwTV7Z{Hzt>`<}^5g=z%cpcb~>u|QTg;txbAkTL8q;DHo-khq+bMO$2?~ubKjKaMhgPe;Gi6kcBw}LkzJbMXwW*6a^!_!2laD z^AiR`CylPfW)F?Q2ajD81@}+pNdplAVX(p&jL#@oRPS8o(KV?Mn+9aG;Isq*C$bJu zFVr^RhP{m7=<+53Hb3OLMo2MJh+{$xN2I-t_E1j1aNpScB~JTUhfa6@S!tV2JUr2i zv&#c;j7`iEo_@pWAWY1llJ2j3%Ze#r-`7Bp_(nb#{88#a z#FUUHC0+VR8;7Ejt{0`{Gf0D(rf0QyzE~O^m+@9ynnanSe^8uB$F_DTsU;^ zrn9t3Jh5F5*lIXZBBFYD3P7Ys{vIz&8Iaam@v@x&TQNH>RS(^nDNoj4TLI)G-o>=O zF6PGRSw_pmjW+8eWp({?%+ky0qDm0)eQ^{1xWZ)Sv`_u58wKZ`{dZw~Mu%m}K2bIMeD)+k$o+9HsoDVqz zgDpg7nj-x|hI-F7>nqDwXM)qOR(PX_9|Z*ge6{jx&=7A|+)`?Q#=Gm5VCK)xOpDF# zh7#ZW6Q!3<0cyA}gNRlAvn}4sr^{=gr!+C!G#poRZ;CBse5d|Mq6cN-`Ay<6oxVp~hHUG!ZXw@rf6H6|_Y zd1wox=SsH~J08RUj#Vm!fGC#}XEi?UpKBhO-C^ceFUy9WZeD4BCwYIIp_uQl5+^rS ziT`ztY3Q`OtnjbD2>q72$)`6mUKrS@`c5G+DyL-v{w=Jq*{L$UHe`I)5beFTC3(K zjS8ZE5yQ)1wi+K(o4s=G5tG>@{5&`!ix2A>Lmkw!$Ua~zuAf5H!PbCJJiww81gQb# zftl(!=<9btEwTE9NtR5*kDIg2H>$$>jf0!@D9P!bn54=h8sdC_ufv3 z)^5Mf*{xYsI2n@pe%{Oz*-3LZkFJ&89cyJfhHAI~mB7mPfGj48$}$dezlMke+p*Y{Y5$oj-eFz zqaJrc=jY-LUs9@MW`Lp9DoS*z(b5pKXd-t1_jG?a%_=E3@#%u`k9q7Z+qz(WxC|Du zhq_fW@G$wh{?!)eoqoV$3EIQ}V=L`tulPrPw#UZIo10$l1~<+03|#l-WP_vgzu(*s!)X>x;`zf$zplMiOac3-_i$ zxW#DEG=#y4JKGycdK`GgEU#y`zfKjFIiu7L0rrya@rXi&vXZ!GXxGus23egJ=n4If z+&9UYl0bHQJ%V{sz$hVC`*J>ybMu~kOT;&~$1T&eyP^9i7&;}wC#89Eh(3RCC8@4& z-|4IA(wO63x+Y@E_=nPdrxhQe7hFm7Mv2WZy?)g0K?8R zaBd;fkI%0lR_U-IkUtlr+v%xXWLR4M+Th%#mYs^_B6C$qqO}nlIW$L`=yxqWycrSM z@axOD{)VGYZMQ$J#2EX1LSlt3yVHPDKuVp9WYb!eLqzMZ6qQQ~Oy{sTPy=-ldf~7kD{00rczZ)-n->V!rLUZad*1c z;d>RHqiX4>Qn#{eL~9j;-Y{^M)!}`i*UnY8`1pd>V8%riBAh_CW>?8r+r`l7o^LS1 z9#saVwBG5jYfmfi+}_&g<0!zH5xex@_;ani*eYM+8y-={t0-w>`zh?+dwrTbVVyxB z7UB~Tf5|8On*t2+6FKgmqZ$hb%G0f)d~X&wskvAP>Y0 z0xWqGeAb44`)oDSn!}c+kVR$+SsGWYn5N?()H6o;$R!DB)nWD}lF5iMC-@YLeUB%T zDc6G+4)!|rta?3dy-c3EJALLo^62919(H^KhOeCPfoG8<_Av+688oLfNn#oiRbp*F z)UV-w;P(cMDJuG#VL>;WsgJf`n`0x}m& zfTxJ@^s?ZaKs`(yG}5mCv<^pXL7coY2=#ZC=uQV*yZ|8`<55bYo^g;H_#I6&NzUg< z5Pz2ezu-}WQeojABMrUyMF;p`}RdKVL^!C8NJkoj6wR6z~>9k zXN-O^3?(V9%=MQXt5ZMd@O{)V*diIBg?T>*7(cQcCK536AUo`We;2_|B*0z_Nx>ON z!|#sN7g)h!1$>x9@2CD&$F|{u1$@e#f{k2n6@Y^TA3w=opuhx=w@?5GKgMnnJ(yR# z*{PTJko(D&ZdBo9(zg)Bw(2cKG%%=t@gh&h5qrriychUSC*+WjfmjE|90axe7$}H9 zFh(|qeSo2!%n$^@1Y;tISOLyc`VU7T1{EiX4e`A6P;CE~;jwR)0qP4{fRLm7bQt9Y z=a#OOu<3khdcPX2G!{@$r8dB4`Kud{(=qiB*SUr&y;227Tn*rKe; z*vbdM#T+9ygAc~Q-`~N|B*ME zkU~C&4p=ce9muR+dL|g$&$Yr<@iwf#;!oa*O_;44+C53vSA$IXr>@z`X!Fw zNAmA&McJ>NyRAj3%0ax>%#u#(DB9BTbJQ)rD(lk-7OqB=N=c3zIX04>7J5@OE)pDd z8c}Fkc}xC8>RGv!_gjl(Ii-^CDOZsohMN=0z;`-n(|1Q#DAb6;!udIY`=B z!HA~Bi;P^J)oR~0@!UIQ`%Sttpr(gO+t_&JKsF?=Rti{av+;*k=LeNZSB{0(+HACb zME=~BG2*CZLI}aK;_M=*Vym^8-G6y&6+2njNm@&y@!@!tM=}rLqUY?wa$8-wH+$^f zB{ywNG-K5T=mKkxkn3BACsfxA`U7RUMUo?0$amcxNF@=1^){#u?uO}J_?29(4 zNYpBK{1-Zee}dV^5^IrjSIk!)DCl9TP>Uqn8x0FR5>C4NQ-sWNv!3eiES00vZ3;%% z!Idy_W-vee!7KJ_;KNZSe72O{+n9f=gIM>I&y?xW2L87P(%DcI@nK>rLPW?& zTeyK0`=2L{Jo&#xyx6~XslHrueEAc@O)v@OvSv zs`h=QHM{(ISnK?IhD(C48cO#qAlPp7jcE#ahej^Xzg|omp98&%UEtUtXVAFb>W?RZ~ z{6)$UET!g2Kp`##gBfel<@|xP{4j0!T8A0a*7OS}V2n1Gx%8fwb^0N(__(mIF_;Z_ z#*Vm)SEjp)2s?+-K-H(r=Xd)(O;#$=*vof&6}@pY>pjp>?56bdNL-sAYqRRk^gZ_q zjy&#$^3<+;+aWg~cPF+&xTaWy={V6~7?x)#aL8#&p0XirsM$tYq+~EDBAfKdSSdSN z#yv=%siJ)UhtU~`k>z3` zLkH1ux$I_?W2`-M53$jM*D^Iww>reAJblug^ zJdQ~>d1p!PX1a3!Fz=K{MIw-86uQw2mLDs6o)cCpH+q>cR9~xr7XYa~X`<-~Eh0<^ zlU!bEG7drKR*84Jw0S%_{VV+O>TC}!-ezS5dIIO$tcz3`Es5k><*hFFoa{KU|QwXmzh@4FJZw#{e`rx#9+ z`5mIm%0vlfYPqL5Yli?iEx8Aj@c57I&3uwVs~)MOjZtj33rSagqN;BrDCpere%So@ z6nF%5vBxofUFxRYq#o96=mjta>E$i4B|r~Hcd+HQeBuQrSj(mRAnAIQbT#RMR;AQD22s| z5oXV~D5~E?Q1jX)6p6*0Rs4+Cbu>29*lj$GjmN0aOm?kp1bN1DyXsC*wmYOb_`D9) zQ6k3$l4qU;r?c3R8$V`UuTbIhpOGJ_p+PQU1tBQX-gQ-IK679Wx5**#rLsELu zL8Z9H2y12fhYTBVQ;CrJki!*&UlJKic3g{Jv)6?!J!t{;;DoPLS(fkfhK;P5z`~s3 zkv;6R_b2``#aSxj`4O2fxs#!x~nY-8%@|B7@^Wj9j%9NOSGE9mNhLFH7z*$#a$|bsMMG&EQKW@wr;!TFSXU994+nCH*lxJ1M=@r5fqydQ z(&@7T<(}bh2ap&N5o!KvDN;#zlkR5$yH-;*p12LpgYtFnxf&y@g+0ZTa}o8Pm^w`} z%tKGJk$<7R!o*#ondMabt|eJ0&GJ4#k1@Fu{#3v-az_2{t4g{n-jK{V$;Bvg$tl=~ z(39dVt3z()ZxvZ|P*%<4FFt&HflT2ZHXBaFmtc2&$ZPBQ_`Mu4mM=K0J{KJs6x7Yc z!?fwa35L^n%^26Lh^ue6yY-7wNPm_tU2~;owu9o~*X@!5OG~z+Vnf3F&t@8H8eJUX zK&wEkCzIj8_4JEm{100eEYmCsuVz-7*O7~rZ*m8#;a|@yqhdzptXJ@hvnBPP51V__ zr={u@Dp2>=*7++~*S^V}{QI}6i92rt@Jk@$G%U@wk*bY z;#0fz)AQ-A3#*Zm=8426`8NL+>#w0N1iP0N8P!ht3Jo!C?!p9Lk|D)>)n$TN(HV7t zE$!-w*T=ds;F3qP=Se!foNdT>F!v&yo!(I!*RZ6Xiuxp zL0g&nu+{=s=@88`hk=z6^LgAUju>I`5zNB=h^XyTB++-i*1CB{?~{q;`+Yi*db5QF z+k&@b&#zi>yc@ku+2s%!d?)&;gUc#F_;iz0do9Xeky;ETu6MHBjPPr|F%$t#zCkxz z7Rsgu>ehXEBk3oRyH{I7CK==D4hVr^!k{ZF%gByv6$yhx_hk{$5&DiY!S5kUw2ntN zESbr&v1i5c2{#;BRglgRghcX8UJS2x>Q;`@o`a2UQo}M*hCEhBp0N%&%rcUaVLf%XRnxTzliB2OLNOO=p>20 z1#E>io0Xtd&YIwvmgE&NXKYs*eB`hEUR32pJxpW84UjQ>!Po@4EY&}Kd}uy&q&WP@K#p3bS_%-gd?BL9Wwdkvc77^g{N|lTQ9F(2*e68_u>%y5vvlE(M2OJWq1~LOr5M z`|LlOM; zOFxA8vijp+EgDPFqWLvd;g9@M0_W{h@n)x`-EvqW_Sf3jFCTcF$~UShx`GYD2QL0O ze!6*wvWtiqmhUqphzl_LCDP_eZr3|H3rfiTs%fiKum=ZX;N#FheZN2XbnksT$Lr1;2Z)_rLv(VJ5m z)A60^C@k}VK0-Oi`q*HvW+_8?gRJW(NlTn8Kd=FxL?yn(oibfSO!ZJ#np&g}$84TC zjjRQ0=JF<~!}f6CA{BYT7;1@gg z{Z6x&r;J+h-@;AFQXH4fBH8B66e3Nls)2{fIt1T}wUAPQwUlp5j#jU5&CWRuzg|P- zxOq!UpMEW>W+h+hL#Z#(Sk>94;@(SS*w=?L5x}vy4gM>A^5b9|h58ITKSl&!xJgHq&fc}f;Uhv!WWlGTFKWXxU|;O*jT-)%-?dPLsT@+8DN^XgrB z^wrwyX~Y++JhX~}S_w+!Q9ODR>*|If=MMy8&;B*gUG~1z3RMr)>DO7y&RWroW4n38 zcO95VI(ycN_>!C`LstF_t(eZX)kYK88PZF&#Ny!y#8XktRERaZ=1=FcjN6mB+y30? zfBuB{q<~c9jD!xC9q@{ME<;5dPEu-*w|iX8M1& zn?wsp3j&-Y9-Nh`d8`fO3=ZJPQHhC(9e#4Jc4IC4Ay&kqQ-Egl+f#Vh`tux`oxTrw z1BUHTw=>miIqKNFCOpJ%`u|slYdX;%kzQ*javote*k^nqtzzp4L0vtYc zws!!`te82%dkN1f@YR1Y3VkH7cDm)2=a}n`_yYrxcW>IyMR&0CuRs`95B+oKU$FCk zs9FzDDuA|C-+E583t2P%o@=g9C~$vX`WBkSr}i;@=T!2M{x_R%;bYpVaFWQgYW|&r zFNWnc8ydr1pXE~o0N8dFSh%v}gg$$Y3bui5gU%0V{@2wvPi7MIm2hZXN?{*Vi9y{S_$IRi54KPk*4p@=N@6 z~4S0V!6gbP2pMw22J@jlY1TGZ}z|o7j-zx&7*Dm=Q8yf$^#tHdg}X^ybDPp-|j{s zE)L3cpnn2|w+ixI-n03X1#v4x-Ba&2Z{5`sCPe`j&GAf;KeZF%dse;5Yqu_u4$k4v zj|7n8u!{`7@=nIPGAOLlc1og!O)3dxNTGQM9vR-&XnscbrW%Q`Rj1SClu(6<_wrO` zrhoDKhL$Tohhb}{tjs08mSOmHxj?=@O%>)=E@=r+atFlp(?XGHNt!W!zskZP|HI^6 zHJ}B%2HUHZLhr1pMmdFl|H;itK4Y1(`BC)xfE(g$#Ii;@!jACltYp!6aB|ZkAYcMoL279Y966Vb4L`bUEjp4>66A0!#d+gfGN16?~&| zy+{v`C5wq=w-#9vZz>LfLzK|4v9J=A7h*0bLpr^_~=vyU#5>SSX%tZ#)Zyl9`_ z1^1Lt848JRT^U>D5Y}=R@$5fL29OGWs!RcnAGfRiB*r1=u}R3~o)L0d;mT4enMbK$ zp30?y3se-wRSK`cqAJ;9(JHh#aZ00~w}>hNnWGNRsql6ct3F*+>G4^bI_4bnux)CN zXBR^YkCQG>j}Tfu>(@hoYEl*keKyHeHBPFoPJiNxHAKC z-@e>UZ_G9vtIZZO>EWfmkFaM%qjXtiF`Hgs^=Jf!4rFI^oAPCUCF z1UVD;RSHS5$P7IvgQy|-;IJ5SK@&(bMs@Vg!QIyIag8hQO@{+#?xlJO_P0>EY4>o5 zP4?R;Nx$tT;|=WexS`DCM(-AmhWvnmq}%!X>f1|Eb&5+}5KKr+UKc}Cms+i&2lKQn zGg++z$C_pmUB3dIYeysuVSILK3tEce1JQZKcX1vL*M83Aab7wH5rqas)NJF2sjL

V7Fx>1`oyzi zCrs|6ORD*xTR^w#f8{gIR_y@tZ)P;Lp(cghb?8K7?-m~Fk?f4r!hTsP4XZ*)Wpjic z&$bUj82U`yQ=ZZ&xDEA;MGNX+Bn?AHx2|Y3T1*%i6`43%|QCA zQRquYxUy^rqIX-kLQO5gZv>SlC)!Q2<>ZNz*FNzOdpiaovXY3`B{KupkCfBl!6+ru zU$8t%c)NT%o}@2;Llrh@e|v=CUomG9 zdLyJ_-}Z*#-q$oYfJ05HTo_>j;+OOgOsLuBo8ERI zJ8$5}ncT*z>xp~nke!^*p|BT&v#s=evp=R49WNIyWRvcGil(aETim||9Zb_$r`voc ziXD#(rQwcC5!3<{`;BC|=ef;dd@n@3(n`#89JCN6cu)G70ROYjr<4S{NmyT$C|k`? ztbO@d%sld3-i&{K4=*;qR_2X(R-~Hn-LycmPylQ5wy4t}&Cy4c?*>)e##I)|bn9p% zUBJPPkl->57iBE{R>Z$(u4RucY3N5+{)XCZZzRCUrDhMH8KvviGAy@=(Ug5f3a}zX z2|A&LaQ(#^l(Oh+Ja?&yX76CmlP)E8(voFRTsC1?$(4=++3C2)FsF6=xwQ((}Jfc7Cyg1$5O2L z0CJuBVe%W`AiQfY)(=YC#;PJ8JqTtNTmvf{i#_H$RRQx%f*eDX3b^hafHykdau65L zQdGisjrp!7a=KvqR)w*Yl-vv5Ey&ZmtElc&n+K=OLxI7Th5)2S#pxfH2; zK1Y!nz2R+8hvmZJVf7k>j+%H%2}Pw{%lb_&a)|}_^3u-)uSov&ML}>kSOK&9=pauo zx7^8i2DPO+(2-+Qap?tbhCIcxG0ZVm^EY&E_HG zMvd3DN~k`M=}`xcrLfS6Zf7F5D}57FX^W^p1@~Hnt)HC+5LPAUHjafz1EZe(^Bro* z!6z9Io#kdJODm}yKh~t)_Kdi74fC#Dm^4zFIyx^huII*ulSlJWqMqS+(^EF4f9j`C zF4Y)d;GTo&wi8R$CF#aJ|Fd_I{ud3df%t)BTPEUi(B`G{E})v<4qH?sRgUTYhKF>3 zKc91wjdg-IQtzES5{`mEcHNrQ^_vn_ss=7UeCP?1(A`v*OZHDS1u}Ay~^6p2Za4svsqTAouImdDs;mNiM)!T{vrbX%cPE`CZ@=pJTEle4 zzZc75lU*QY*tuse#@=37Vb_pmK`raKGO3k1HE0y@6enmnxc5q@4*7gMm?LoLUmn+- z@Xqgg!qDiR@X}y-6vE8}K^BKVAo-g|L%hw%4xyNm9?Gl+oFb~4tl|K~PC<6wX(BA{ zShQTrDv*cnFc)9+W}cYvmM6BqZMH+RAI7#Cd69hfJ-k1|>4|_kg&$n`KUfCJrg0~J z+N%AwI#p#q4L_H6Y< zXZl^CJEHL}(ic2y9g9Aq2RH7`p0n9-YwskCcbbPmpPpFqEw=)|mE0<;^3O)Q@K;zh zXpa{70HT%#_xeE>FgUE!2az@;g&)vKuWmNq`nj(RwC_fTQoUdy$@l0EO=?I%F!^qNi+Lq;0mvaqZS=wg^16c~K@f@IK-G6AXDS5s`2TDhS zeJ1)!r|jr=-7rAWeTp8H0&M?~V6Fuv9oFUNz>hgMV;`zcs}bzxoeo9RtY6dp69`j<3!Qz>W4nm#W%VqCY9{vXb%L>xXU-( z!%O_L^e_I%+>dFE6b$$3I6;mZ4rkC#aQ2jdwSpNW@jmJyCzOQc&3ByAIc({FOx>05 z6-K>#4H9Ae@Wyva4ue|s)p4HHOt5`EO0>|86$<%ISH>a?m(vIV8>sCplIAj}0e;5> zXZ}xp{K!f?I~FC-GqGy@QS3>D2;9zP-~GJ%$N<9qAV9!r^%MD4!=&V z_$qb!bVG>fDhIb$gjjBBaYZf@1BfpGYSy~L0=!@7+_?h9+9l<5|5V74~WcIaB;Z<3bPEiN*UUC-wSn&9oHO{8r@tgD6f5gXr zGEsfo6wp-ltbYt_?LV-QoM_(Fh(h#;FFfk)?yPR!H#!iX9RE@UxSr_ z>R3mN&jW`&DY?~gY6AloG7z3paB)fT8Nb6oil7eyh` zxy&Su+`V6a>mFyXUn(n+FVd8CC`Hrk{VU`dq+m2N$arO&HO}Su+ZFEu2j>i0Hev;t zwi1T@5HIEM*H7hY2C`0T3MY(BAPA{go6;f-kzV1_$2 zvjIsO*13%;F_tqKN}bpUiKS_q5mzA@BvmAAHy_p^LPAJV`DH_kg&apDsr1jEkvJcj z^9?8W1YP740kS<&t^41cU?G1g5T7GWd?N%rw}pO>FlBcK1pG2gi1;z<4j^pLlC{8} z*Tqb~)74#Uiu<+{{)l*XJ9pMI8gLgzlB9d3R51+@g+D1>QEJg4<2=9ZWgKD?_>qWp zyL^D)hTHu|wqViA{c&dwk(PWK@Ar}2Ee$BHO$yy|#+vF7v~lcF_ZFZlyadB>?!CIY z8lnh`U=OuYwd^vOe{mgp2wXHFE_6fMr;;}K#)w%BdT1pOt>(|UR=8Pk;?$fhah+Io zi2w_~|4dl=CZ2Fe8Mzy?Y*>YGeQ3EsH_zt;rRp=qk6o%g-V|YfH4R)e`UoAd`^_=G zM*^yUwZtDiJ8x)C%a%VFH>$5z1;AD!Vb#(HS2vZ>xRs!K`NZ3+fDhqsJFO5suxrFR zD$AeFqy^mfjx0~XsLhd)xHepL;13$#o^p(TQxk4k7Z#~ z#_mws`yCZ5=0Xf)ztETE`0}9R(Uj<`g}H}s-Z*3XXHAXh4x!VqL-BD=-EpuXmBds_ zQyK|;A^>isCdn!jz^(`(%TQ*=Aw3z6ZYfQ3W-9@&teO+T@lzou59KM02*3<gxMy?7D#x;a z4`A(IKmx2WuWixg1lo1K%Er*IiBd$kAFz$R2v4*5fyNBF4V%>xd=o-3#&0~IDc{Px zN=&^8V;eU7M+F;t$H5fu`#g2-e?U(Y1d{FUJJ^b63V7z{UV3cGyCNB#!XPVteE)m| z4~hG$WEf)yfIUFq8m(0%trIyK%5(=FFq^rGrfA|zRO9^#Aos$!mNCs`qEUN|%T^8# zvE;s3vh2#dxh@xL`KGZG=0G0lmqF5=FfY_^0c;k2Acyj zy^6+9A#p}DQY1k*l13p#YDs~9Q}t`LD1nNuNsxC-T&oYyNDPY?Pb&Rcf48m4j*$ZH z@n7-QKO#o|bY%@De+ZtXOlB9$@@>*DPb zeVSTh4WV&3cBD6p*jePMkO$CEFd2{Qd5LinQbv7nu zEhhu0#reS)^7yfm`7F-}Tn)mzjqa4b?>`2Bt4oL8LyB>TMhFUnU9kFXT-g5XX3f>FgCyM@>j z_~9$dh1q9f*EertRWH@efTq|p%736;M@#*9Dd=lwZq)J~cmNX4hisl0sw2UBU2SFq z)rARV*m()%GXxr0Yehbv!fd*M>WXx9(rE0h%CE zvOU`rPeBdvZyv$t+E#U{J-m8R3T?F=jod{sbtTmlh9nfv6`4ENdIqtb^5LzWByfq^ zIZSV|VFUPvxQ2??vR2o+_!;yOW(cXk3LKa^A4+&b>aRgz?b4g%Aw-8iyDM?Tt(jOF81om6<7N~R^hj;YF=EdP_Ay7;g!18ydB zN+A-y^WSn1Rr-cVvM&uu@5wYYtEMw2UYnhM>Wu5XSOu~qtyBjncD%A*oE%ucXUshRT|#<0T##oE8}nRwll|{N0)`?NWSEoOW{4 z^4}`$q0HJ}6ouu|dK`zJD-;QS-Xz*oX@Prf19c~j49C6Gcd2>AE>q3CKo6>mQ>H1z zfVHt8UF5M$ri6G}3(=?RSJb=(X0O4_=yAy-t0|ceJL5fm+dmL2rS){4txW3R{+uV| z^R$`vVTsA;?f(_+5AIZh5xN^JmR7Y8s&34h=3LLALCt|7qbMhXDc5kr55$AeY^nfV?f;uY9+c*o}ou0}0@KuO!n1EQ5Dv5*`&v zlP3X8j}}F6UGIzU;q3FRp_vw)9|9B6`24N$)oQ8dH)TyBV%}3~Sc*><_{T_5GWO<% zJ_psp1rE=WCsRu*%IC+>_&fR}&RV11-+wDB@L-}$mi1xh*8JSXT502jI$H-#=Q}(#aWH(}72UpwGBY%oelfEay%s=aa6;d7qo~ja81hsD2{xVY4 z-3JEH72i#O{f?~_Qdw>Atgo;6yScnd3-7f|(9%!$Mpp(?gUDVNm^VZ-IfgikJo3P$ zf!M~JKR(L*dKCamtT`Q28}pRvTI|=@rl&eyw114Ltj8Pz2Agq0^ZS5op4!D%7ztgV z2TP5y8Gc6P?WZ3y0Tl3QW_5=4~B+=K7R(~4{< zHKdwV=F~UIWf3VN5YxuO|Dr6o#1bQGv(YoJ(7DHHx>F}RWQ2umv=zAsWrH*+sCey= zil*8Ni(sU~I7*dGD<51xh1LXTU^;E`j;!yFF+$t^;Ss6>7Mczh12DGrps8B=2@gN| z=9AVGTxY-W?ZxgZGLMwB6mD6~xlbM#6zKg`<3tJf6{t^XSN2)UocoQE@?}HEGd+Rf z(J+i||HkWL*k5v;%JTr<2qPhqPBk8!mvQB(&frnH5cIEb3)*=Z%Y7%xrE6%5y}Xq^ zB%#5NzyZMyU~R~tp3h4<(h?J)Xu3q*Jh0hPI87lhLG`>VvM+(dw;2xsJZeCtc|3LT zqzZ5B?Iit_&T!YYF-)It=w|i*C7K2D=sO$m9W{QFp711|dH;w14?Z}VoMlC1tx-0i z`SW`%Q;&gk_;1kJ29xR=qzfsKG}Rr1bdR|CR$9yiz^M#<4@aegZopM;@p?!mY7^bS z?ZD3(6a_H2A={YXwhhSQtLgdsEOx>XHSvCuX*?vmtX%4{c~G$n*41kqXqo<>n_ii7d<7 zzj|9fz%l_(#UJUP4iyJ6G(vN8N@5l+F{LHWTQxuNsKyVmXeJR)Bj<`VO{a#1)&s-u zxPAxxVWsWBq(uqAXSU9?bv+%TQz4X8iSY{bgEJEQT^fTme{9!6CEw=@rfLy|) ztaBJNAc}J1s6D{RXG`H$^SfgzoYGh@PU4P%0IS-a-t0^6>%~FYnLNW(?ye`=ws8lk zg%lrT&BWD-t}~roG_61PC&geLqniUJh>#DUiO(Gq` z8)0Q;@fu16hC(PwW00dwoU2nI0X1R6Q|zCw*l)+Y6j4v0JLU#-Cl7O?#ZzlGJ z%=j@DaHI*&O}bat%Grg}%VjOJ1LmBw&6e-HPA}gfoqF*rG(wap!xZKurKFsh=`DpG^9lQvYY>|>6^*;T@via}n${K&L}xy%cNnG3vJQ$eiDR1h_NB*y~Tlp(!v$Uw^gZc{2&K z_M@C~SgEnOsb;YyKhTp{(+GoadAWl)8W2DBmNs;^1bkThG9=&0=Z5IYq745^@&uI< zxhN^%EG972I7M;+!7w3$G~MvHA+M2*mDi@@(8-Q>odvbFCBImdfP&bTPCvTJYAqWv zy6q9Nt28e{v%R^gCJ^u*lXhsuGjvMPd4vw- zUARQ0)0XWMUj8@~0bdB*$2rM1dT1rZ=epEC8=ik@p9{)Y+1tu+$XH*uLHeUN2(@@f z6r)zI>+fk~ir91L!=yX#uowd`;569iI%%zIo zgLP-rchgNj?wl|GgsMyy6$IkA9;L5>Oi(_en(hS@$9v620@s;?1s*{mzBib1<@c{I z;Dp%8+%q7A`8JUT?HMkdr0lqitgDe}!eGAx%1Z?a^U`?(d3jzAbeXRPYXWQ@r)+x^ zaG62iPq{|V)j|ec7_Nu<6ni7wBR+c(20odefF2NI7$!U0>P7~;n(ikp=kUmt|34=G zA8DOL=gn`9FoN>@Vq#+d9gnAr`G%4RyY)>L?tew;X#d0S{BHE!`Zo6sunFXg{$)Yh z|JV3>M^imS&5H-GX?917?Bb$-J-?|HjSRj&^mXF1vL4N>(!*t9-bKnb)+vnc@G+e3 z5cY3=40&x3*&O;8y;QW3H?JO@`LC4n(E*ftJn( zL?N44J1Q3wh6fxBwCJtA2Q&-J7G#;-S3-r>i^q#>sSimTmL76dyXs?KWMBaH$JVp( z(%kSvr~Cw-8)On02=>??P7uTCpQhhzz9spL(JFKE>8Ro*#eQNI03UXCq9jmzxzYDp ztDl_tpYhB!5d3Q&DxmcZ4z}RS-+pEl;JKxKQqF_F_ojgj{XElu&s6y>ObE3k&^Leu z21a{ZV{Q9M2DM&Gal$J+x4ncs? z+r3fTN0MG;P6JpwojvLxiZIM-Fj3=nL70lr>?%dac1N6Ez&y4-f(QH+m~u8#7C?t4 zF+07_I{97RuC5C5UF|!&*F5Zr{wLO!*Y~c8PsMI%Z3nOLBQ4n40}$H}W}_;bDxZ%) z4{98cQn;thFzeo5!5k>&-bW1GA^jQ93$afO-54=XXxCjU(eA{`404m;W&$tC+8RR~ zC=wbM$=WA3UuQ;nC1>KKmq8<+Vv3K@jo!KV4CsQw8wpy@c_W{2iSw_lldq)3ucVd( zhVHrgug@RHT759`iyx^Uk0^+!{w=PwcD3J-Qbn-$1~v_^&@fi;a<-aFNE6})Hz{GckPM4Sx!-&p+c+Afgr;Jr=$$@*4bkT z{7z-Kq-c=%wdDos{daphP1!7;m}BMYjz zpTU&kHyaVLyh~3J>7r44XPgDC5bTgwQfK8HyxC&xc-^vzr0h1XP#eLmFzt`7t?#+^BF@bt$E^o zDconLspNp%{_y89P1nsWO*f5iw98Qywih7EE+04LnPw<=O3it!&1r5Q*aZt&n=_;e z*4WQ8x>$I$x3#)F?^nem-Oi`9oAgp8rGO%Sg^_#YcRU=9Jh|( zz!WPIEqy_kcSOIjwkA13VsraV8P3ht+K;=VFpx-(61w*!olbKlvL(nU%3`4{%?se$4xScRuye6|2uJVREqv*~&zt%0= zHDC2LtZ2V7>Z5>a*4;t`(ll@g&h-n|FNKzS-ntYch}y^F)u%0@S>z%fU1v|oU@vy` zL}B;~ZEQrEj0s^deqD&wbzw$A*MK$kHFlJ$iPv2? zd;U`cYY9w))16YVCNG{};$1sVx{ogHBbj?IV=RljtSjl4YU>YBRx(Gf+u7lrS6jN9 z;}_rbEGXE~I_<1y&`na(@4d`cANW0fS%>`EI$y-1*m|4-juND;q1{8Njq;b`5cR|j zl9ik(vcMHOFZ4z37Zut!2c+cOcPV%A6OuyIEaOrrN&v{d4;2>MsGpexd<5r3SD-4c z33C4b&T^6FFO_FKSp`2QYq}%!vw78+71xy*q3^?H&Wd5@ruk-zVfPkU85^;MH(v;H zuzd=!MF(90Lh*A_YRFu1fTtLV;Ku-DJyR2eGt_UVH53IBuqiJ*fu>z^B<8ogtFR{S zCNa(<{i1jF@z?hfzoc1TnY|umcC?Q??v7aZ065Ys@LWH~3ke!dM^_pyFk-S!f@r^e z8}n=(>cc91m?vZp#IO6OZ-nF{T7lhF!gOh%Mo;45 z|Cy&B4bNV8p5%D>V`O|5>{IgnGSMW2t-h89hMz1LalwVXOClNt!k7s#ZRpNcgNJ%@ z|0g%+Jt3R7%$1|%@|`23BweIZ?`X`%3ExJXsr^^ab2Br-U1>2geh1O&Fy^qa);|Zu z%X(=*#F$W15W>SP7MVDlt--3Fcc9#$Zs?&Gxtk=smWRWAyu4OA|P^?4WA!3zJsH?AoEYs<#D%l7x|o zi;Qq>J$CAZ;nVBzv8Bgmp88@n);XhVlpq^mQ1(P9^C}TCU~ca8dqBzW%Xmhou!m+W z&|TU3;UGx5X`&V})9v)Nnx9v}r7Zwu(Q(hG$#)sO6pCjCeP7AzIGMj@|IzkxN#!W) z4u`-USy}Zn{`d1@=G2sJ_=sepmeh4^tJ?sS5FyiCh_mJu3JQh47NA=+oi zFs_Z^Bjm!@{vxKU<=G^qB!^8>G~>=2o>h1D{BcD>Z%J5~>a-nhCn3`4 z2-Cx5RAGZ#0`&F$> zUayp7-;DEzWvM(>5XIFE#{$#OmK?=xG$0vQ$ZCs$OENR_A_{HFlPo6Wf|Mv2C&m6B zcfO}{@RB+eJV{}4*j+0&T=Ine?9cCf=G6-%oDh@Vw^RniVWLSY;x*Z7-WvOW&OlZX zF4j^BpP5Q%A=#o3<0>?Vbm=b_^tuq!JTL>vSjf->=blvmv|wr?vCjRb$+Qjj0y|YH z?3K$WL7iC$Cp&`!JqsND+2##3kadwZ*s|661>sJ;ztRZ_f5#QJ=ed@D?qG&mt)0I= zGvYLQ#@1-~KkG_j4Qq_L;sufdH+47SdqFst!HHbuQU}|%_nF#te2p&fjskwXanX}_ zSkGk6m>5~CH+zz-Ybb`gObg5E>E|`dPa2iI=HNEfdQEmbHV7k8J&%Yh27jmX#7rau zh3RwC|0(rTrtw;NWXVZ#xQ)ZQ+O}m(+p`UrhJ&n zY(!J9&S<%2C`-s9XA3t}&gDb1cp2j>^-S9q5z*rr8yT)zgl70D+s5Ava)S6tt!E-AC}e1%W- z4E+6wm{nYDXoJN8F6^;kLR5`jcIKGk>#Oqhy-d33<+5hZ?6Tto$;QK~;FhNv^&w^w<`otX(wWB#5O1TTH}{e5W`LGmkH zUZHN~@7mr0>EFskAFloN0TeoYrhx!-E9Mcf#2`yJHPCprpK@af*F~G-?Eoys7{F03 za3neMfe17Mr^=4*!a<5!)n3d0*v5i2P8bfJ5=b_+sJ95R>FO9z5BTwHIe8}4_0<{W0xAV18;VCu&o~v7w*#Kaf+!o z%Ezm$zmFy+<^;Kgrcb5VV-Z<&&@()tJnDSHuIxer5cB$Hgvg5of&%h%g`C+}DkdlF z25+j=l8IEWTCb^B&efEb6kb^e4s&OTM|w#wp|y)sJDHVlxJ>9BA>ebbgX#$>TQTuO zo}5kmVy{9he&7#%unpIf$s1IIcEMwJos)@;S--Mk$T^-kDj3UNgEuQlP0z6>7CerZ zFnkMv%1;f1dEQBx{2bwV74Gh2+V`PJC1;{Whir*X?-RJy_~3c1-(=^STTDWQx6?_^ z_58k=YY-ntutSn(Z=_i`TFL7kbcyvzs%){Io<0Si4#ZujONy#BOPrCUpiPAvmc$_; zI5@5$HfRg^HNutZ#22)K7U(NR?cK$*0>vu8V*sSu!^|>`)@u1c4 z<^+5e%NrB#Y%ZT>a3ySW>+h$7Z&&#S+Gey6m(t@i41XZyU~xy;xEFM1u%ddBk|sxC z$%ztXkq$dh%y*in)Ed@tJhti%}L?;FQt z_)cj`+i+hv>8UpaMH*RSm9wI1EGe92o zRNZvpMVfF=cw*9YRCucCU~8DD?uN+>E?u*KiS~$*`sgA~zILR4kG_N-I>@=eDr=^@ zL^xWeQGrfJ+ApyWM0Ok#1{ntsue2kD=;#FWDLiw=+a4rT|B*_7!qS%#BPv^FldxX2 zi|Ej(VWy=_U& z@{XELtjTp1f@*Cyask_(C9B(-6>lS!+cn{l6THRVH^_1AofTyiWBCV2zHs*%h1RN} z-&{wGxZgTGf~!;0R(}{HuG0+i(r;u4uWT zX}u8DIGN6rN*&=RCW$PznN2GK`ZUDV<1s+&vARQYgY^OsNt3zJ+F_Rs3tLc33x`fif$?$ z7d~aukf)S_?Gj*)O#7-#!||Sn51;=H#wvErA^p44Pm29x^_sWnVj@w>csblm}?+jCk0`bUtuRV%>#3F^mvGETyKVTru->VCEo zO3CuuHy${v77}P~#{={(zf*s=-}5oQt4F8KXWz^^A1!6(ofe*puhl}yI|-=7pL8(= zB7QJcetS6fn08P;x)pT<*kK`tHgbR1v~wgh&f=F_&KusEX)u~Q39(LJGc+;NC)x?g8VS8K zRT?rLD*Xs8iwme#!YZtO&Rv<@cy)|yh!}C0Y`>Sd4%%D4b0cKvHGKNa8Jca0(y6jQx(b{{fY zpF(kfH0Ae4dic`S_sZnI3$Ovtk^`ia@(JtbP~`pR+trs&CvDIV(;@OSvcEPc1MlC+x6u_p;`BAUk(w1Mo0MF>2pdq-Z&!L#3L<;&uX4OSba6dIm~AE;s3QYIFC)_at=&(a1p;ocn{ zT5t5w?ej&6yq!mj4mF#ZUR6~-1wHP8BXU3HfcfHf-K)o+7V$hXeJ?PV3>y?30O19rB|Q^*8tAy%3ya6untW1+q{q`<`#Zo!&(&7N`CL{H0Bn z=MfR~_HBv!@;M|(A>=j*Hy_0=Y6RMIs56V1Q3RD`!K;7q@SFoF90nz;xkuc0#Gcbr)z3%9XtCGC`&u8A)GRzC!OyECNIKlQ$D zdv-jWgpSlj;j3SR_hg8)s`#Nz+4mp)OXdmUGg0X-`!V_WgXeF3KZd^U-|ZsvN(U(6 za90~39FC5A@TkQ&NJxZZIMCM_S8N9e(w$Ea4q6{^SEs-e`wd;*|7JDaTRH-MBoP~h zFmRUqsM+uXhSFW$&8hMdLm<;N5@z`b^$>8QvlnOaKI$n9v3T$P%RMwKsaz3{VDXyS z*N3>_gjp609Ha~5C4mSnfbJ2YQUEtg2tG%9AypspYQ__JEa|oUQs+C|Q2dt%lL0#A zRYav{N9w!*LiAHf=$#p&n(y~%n5zsY0d%<;r%~j~SSF8L3DKFQaDyKf?vdvCOH6KS zQgWip+!*>Jg9@u#&kCfxE_G_Pc@2D@8XKJZHrGPIH96+OTaPG8z`ozS>Jx_U5=Fgc zb3&C#i%V`21o*06p2)(*8wc!hPeG!>p3`$~)M*NV(i0m8MXAf8@1nPzm{8G4anMcA zG65!mhS}QKz~9?wv~rYlVfWF$tndC$rfvrtNA0tY%_`U5tcK7vTZ!5F=sQ%A1PQK3 z8`Rx5dna;w3AK> zucY|ml+BA;`4S>(Hq>?_isy@N{R<_61hj#z)vk16D;4sd8V}H97nUGKh~B=`R}yfx zwePr*xVVajC?@*Mp#BuNehULVRr&X#y;<%Cmk&`NrCqq*g0eDSV6sGPEI!qb|H_)3 zaonc~F*zs$IO|$up8ZRdGMd{yNF;8V!TH^9XM-H@Ic<&0{y>(MG0YOrls{l)&!JJpX4ULm%s2+)nY^S-HvK`u3LTFB2!ODv~btURTHB4$P(<_lv)Y%PWH z$S*C@RK3Tf+mSI|*WKOwbh&?amu2`GRBoi3-<$3RHaDZR!@oCH;kxlJv)YVmnh;)t z#AbUtNfO+o=4E3zerlVS@(2_$+8xb7ykh^M;IPMa8-rt5s|xH%87{v&%RLX{WIMOj zw%TYE$pl#=OOM}+bBKQq_I&7fBD$Yj!AX7TY?9X9TVPa7l0b9G3z@l!w`L@2PS@fl z9XDeK&_85U{^Sa|@u#l{Gn)!+U*Ps{*~{OT*gZY1H_lK!URwRcX~+t&$&F6jZpyO6 zOfFgSz30m`;G&*!g5;9QT&Jg~+!ZC1kjEpE?rmU}gy|1T+Kj7ya1>Q*sVu1AT*Rod zjP*xa9SisF@w1g+4HN`F&^sGSCq0|!?!31L!sdT`HS0Nn3Z$2^Xg3=SfqNuqn za-KUfkXFufs9~GrpUa#~cDWSz^Z7Qec7O5nRJOd$49R_eOtf+!T8E4yt7X^1>u6B> z4yoAUOw5(Czu22m_q(b~v?3p2U|JPMMu#}uH9OY5lj){A#Rd9W?(vP>VpxAOAB>?N zD1#Z(Kaxx6if?(RMdBdH{?1k2j0206giWL}lSrwWXY;O(4-}r{ym(ku1>oT$SNnc#u z{Xt5Q1z&`sCgJjP>gZKhylRUk=aGB^6C@#~FoI7->n$}NpFreu_t)SMKJDR%PD1@V zh;Xsm{Q0J)4j0R>#qugmUp|-9$xO5JA}#_)<38zJ4fg4VK@^tN-|n3@bDIDH@U(~v zS#HoU7dK;}r8PLMmiIuC7~M2~yTHp=la=S;o(BCq_l%qNcGi0v6uMB<%i23MNijT0 z1y$Ry9?&9^o7wMCW*n+mG%-o{{cBuzLId}EsR%_?3N0lxkf_sPSP7w* z6PNEd3{*C))=_xXNBDX3fnz!x@9+_w^(QGHljzXAO?YDTLV5cqRxqO6sxK(ce|f6Rz@Yz3hg&dS@GBg(~4V&B!VwA$a$ zaWf1>YdHlzaCEq6Y!!Vm0jWvzpYb$K`I;=YvZlhnd?$LJoO zpj=y^mPSHwQO3Figz3A*NF-(`3nv8HCQpoJ(x6=+tli3cqJ9in z@2ZBM9@qPnd}LDBiV2`{e*)X>VvQ~u#YNvbPMd0kMz7enX{_wcJS9QHcCis5i%8#R zM9hR4Fym6yOi}b_tPM_%V`TPu{=yN5scEUoXaAbsUAcORCmGUR6i`^XlO_Ra_#ez; zbL%r0P67{)&`r3gKDr%s004dE;`rKlzJq(is0xUSOYncO9r6;1|HF2uLV(Lc{5RTI z4FTQ+4v~XTLQ^r&Xaxg4N)IlUm>HkQ#RcvIBcmWH&MWs-$*26^$_*}X+5Z#Giuqzf z zub&fRsbgc?kJ#sCz0gkOC$1SK|2pe2LZm~;?|O(Gg?OOZ)r?#XAq;VlWnGXY4SyjU zLJ))h_#rEtm0jzfUY?ZA5EbZ`oSK>}u+$&s=O65s>>Cg{vddHV>=O>Fc|_l&J2 z`-#Q9Wd4yt*1^om^{>vR3U14;Wu1ah=v|sh5$K;-0y{eE<{>b*kj#0TBuNvA^OoWf zR?33@2FAb;9PD4s5R5c6*7M8z8drFxp}_G^+9wi|P4#D`cmMi+_ebX?GRi;J z&!2rtV7g~{DXnjAY6beKl4WXP4^RaOKi7glub-b+i2rH)dF%Ocnv;|5UtU`h_})4C z5&KSK_|cnn%%a*9dqhh|OGoF6%-i{SpSbafh|>7CfuXwUI~4%V4jG)Co0|;@X3W6T zC$-Zrp{rvCW={gz;)}&VzqG>Y%f$zV5sVOAoKD!o-H4(eIz6|Oxdh;0LVfBgBCbEBoA4{8&U~B1Zn&X@#@O|4!XilHLMBpThL)(7DZl?W|J|(m~(ipj9E*W4ZCE zk%gqQa@R9Km;vbAbgHY(G58sK$5*>_?7Rc>3#d1W-Au3Irx7qKHsc%z`i&U z{HTl@T(INfH~cBAf1ijV8s`Y!bMyaM>>_yI)qO~=Q34OAom9w2D&59UfjkM}ABaVM z*O~DKU@lD0Fua7{KKwt;`?R1;d(LRU9dtg>d{&-LX=%MBl;8dF&=vsvp@4B*eTZeC z>K%rc>Fk3q3huQNG4J#V?W5KYz&G}s_)p5H7F5ml3!0C4(>w2!oA>lP4fyia(^mn< zr~l_`G!cRB;e{Xq8|@usmT&*q*a(~|IdSG^Mv5#&93 zy|vJvTLaISdY>YVdYnWWI2G7uNdqp0l)fQ`f{gY7Z&M6o6<7fgc${GYp0ap+g9G`H zhv3~Q!=7?zCB59uJ!u&c?=ee`HP-TWO(7jECUH-4_CivniM=?m5rzj3NJ$3Uo7GQk zxr!}Fj~Exj8|av4V_F(-B4;rbfOV<{^wiH(Xe>LlXmg-;?Gtx+crzx;Fgr(aN6Z#9)9T6i*kZV({rv?9;# zF(Cp262Y%9`2pmPx1X!-vQ!;P;2*a*Bw@?$|Mk37&g+q1x{Z zXK#*`XF^1_@W3EDU3AiXlh{^>HZwrmSX}+)9|LT!1sK0ioo)#OabbH_Px+O$i<(#; zkK@eoGjuyx;E}6+e@(qw+iei^3-B0JK*dbiK}CLnY5e81l?)HM%DfvZ`0gvt2Z!q5 zMTYdpFjY8Q=0m-C^lu2V<6)0vz~r6l54xZn+7kH=^CxgKusF;1O?A`~Mo3?)+R80~ zO*|R92F0!%$!G*bfFa>V9D9~6xmGgqZ5nE2?onIdmL54UwsYr_eUBEu!z4wMy5a=k zWOplevc606r_9)^m~9G{5$s~N;OnWTk|L*yI65xf_tWHSY~i{-Pw1iR@xrpHraR;- z*{coyWV2`gu|BRKRE?IKKH~m>d)1c43=67cD(j4hjM5W!0PHb;3LPN6P0~}N2w?T^ zYs~9av@qT7scuQ+;#~Gmo0|1r4gsZbWu6R9_~wo~Km)@qZ%wPxqc*gO z@0V?a<>W+O3wU3CdW&3R9i;*psC&-Z&-nyJy^05Y2`I}Cnoa~3BH<8a6jFx)J|j|Q z{ztyN`u3^AmmD7Fw#o>{RC0v|RL|;jR$(nNp$p|_vHXJCebRO2MNszSk=W5H%uA{N z?z*Ib8^rqzFv+cuS2fSMU#g8CS_2*J`MeFk>(6jT#=vUl9llK3!|N(eIF(J_R#Nb_ z0z~{RVdJB1p(TzcNR-~?zt@XF5F%c@7#th)oSt^j;N`tKwwV3gw#VOXLvKyAc;|46 zPl-J@b~|joK7|quRdxt{rBo325(PL665l$F zXHBBagnzMHe0!XPBN4>&a%6F{#jYF)VUK~X$R%W)D08Skmke)^Je?b^4@FFjuVI`t zd|c)J*iD*oq*)qXTaWgxOOm2qX^VNz5D%vik>znrjOVZHmcQad_hzh(@0B%|R(UJ~ zD-<>!$YO!y#%YhQ2uW%VQ%Mjnl(pB$vYEeGNs>>j3mcb!jx8X!VzEDZy*{BmW%VF7~; zIth??9UncHy)hVpxIj6c8&U?B)!d>Q@#*UIhD1?;*r`%l>)QD(Lyid*2;-@gxB7H-@)t zPtSXWxJmcf!ZHn&-+3sq9uArjwDgKskcB+;Kg0I6-Z5xo7Hrk>=T4JfyFx!VXA>Oz zyKf&Vj=JUC4Bo`kO)$?o>~KFFgp;M39Dro1pNq@46?!9Ppy?Cy+^hE3mW6c3%WS@0+m{ZybbgLb+)FmL1wx<-|IjK-F($^i5pXbc#WKtP z!gJ)OmG?dND#bZQww$M->bE{rn{Gl3wS+_8Z!09fNxkK8P*`5=hBgC%JR3Lj<4azv zSJsmCG;tMY9{czLiBD{II6U!>J+}|)$x^sXZFbuz&%E-`0&?J2I za4Od<_M|y}j~5O4YE)KX$B}?+w1O19;}%F@ zvxryW_e`PMJ1CoXFaC~!|53om|7{HR@J$y|V9|b4QVQ%1N3;Krx^xSIWsl_qoi=K^ ztE&m33sJPf`bwl>P-kJeQk8?F$xh+)*j5jh@IxJwCFG&MwCp`@Rm800iB+SgWx|K+ zN{1h>ndd4<_9>q0_6Xkj#ft5ttbp+-5T)V^<1k-ny*AdoH4OA~gCZh@^mXMV$6 zy*ag^aev4Qg!UO8@@fCk`h_db3Ylx3qw>EFP(gcVhDKFFq6LkarJ0)0rtNY@#%8{f zTcREk6ns~mi{&jrd}2oK#|)*ytfGY;0Hh2kP^E%s@+PBsLnm#pi3Q^8=*b9YOy=p#KH=FXys2e zv4)b2ZLLKN>2|7|aL|JOiD%xxnuJO-B2YPR>4mWPcVhhHt>LjEa^OoI=OHKYEputf zzN%Ok8~}TFSd;jm=kf*iu(Cz?7xXK>O((PbHJIBb=qP4pJ(Ho&L$CNcVoNtDu{Bdo z8P9M|o&JbGV@MgRxFn#P`mlD!_#nOI7;q_~oF;lp6{ed{qeU4`WRwFZ1VCKhwhxqb zwxp{y|1{-eYHF4xFAupNMXWuW;-b3<9URSM4=a~?niQuUid|j-gQ*&EF;TEhrxEpLy zF&ng?6n2-O z8v$QcTI{FeUgIf|!5wMs34l5G%_mcr%x);xMb?<>amH_6?9d540k&F$&XKG3zs+oa z-=h$`sGR(o$aU3k#d+eFZ)Ok3Ebnk~VFDp?o#0$x2D&ufE*=r~q?}BCR5q8%RmybM z?n-@uXJd(eYxMEzwF-0dqZqEj>7-_oT#8BXxpaaVW!}i`(inc4BuUs)Q7hf~wj>xhg7?s?${&qby5$<>6uYjBI$#jt@!CZ4Emruc&t8K$RTpD_K>+g8}y;L$4aU zisjv7?z ztD(%Dp%l5?G->pefoR+II+VXFWVyb$c13O7eULKFl1#GKG4-Ud3dl({x+@^6+;F-lnpcl*~rnNxfufCWPV6rh_9b7VPD(-MW+ja6$f zKzS=|nmP5cWXvZh=^Ww~l#-R*MIcfZ?USLZ^%hON%#l}GcAZ-&0^$U_jghtUZecY( z;gq-5#P5F}JoXyI<}}rm{upq77LJneCw?SG^T)oqN~kGZV`#27hqT%7qwv@HQLfe1 z8VSv81^@e?DSt+G#+^#XJj^#0x-y7jb%(ehTu|QVookfz<4F`mMtW94?D%cGVWVE1 zm}~jfNg1V@NeH4RnSW>kQ%<%ChHt7+l4AESTiJiUFux1duSmgwlp{iXc&A@(ea_Xj z{w%$NN+g5@J$kYt);1pOgjdL0dian+agI<5I4fc3-Jh8nQr#g>DUo^xQ55M{Gqqly z?PWi#$BnS_j2GcFOg|!hith3-j#>!Zd1sa!DdeT6Q}>rlSOi)DYL};21Uey-;QKXW;>|_niOa= z&y1(@bNCe-qo-UXDg$lYppE=dkY_7=^^zkgLTJqd7bx0ZxiFe64~5yqGRJE092aaD=&R8a8S ze`(6}+Mu&3k*^DH|Dd4#B0y36q4xu1VA7pwg_uWp6HRUb&s}k_Q-k!Ya^3?c`@H|X z9uh%{gLe{_H55uIhAI!h zzC%wqI;?lFuVuVyF73^+*z$QUACdNMwXX>8ijl|TUz{6o~o8*@HC~WVs zng);)`v6y*#H%m<9BxWOLVqLUEmk{VH;w+@B@*TLxf)=v*R!FMinMUDHqaI?p`7jO z$#msMY3JNA7o&J$pYZ5|YzqAk`ks)P^)^Ilk&wd(uP4fy`%y1K7Z(&bs4bGDo~tj z8qClBEuGUsN@bNJk6Vo+qY_wwIg>zXO4HCEZzsFqp#Q!n(oD$~PrX;x$6+wE=obcT zefsqxy2^3N;r8mZ(Vw)8%cM=UrksipoR5j`>+Q!bdd(|Jz+1zsDJfGbb8JTKCPm zXyblsI;!Pf@quQ*%(S*Yc^@m~mX!wTQyX^V&QeQomC@a9a=maLg2y-;uB{V71mSn}K7>&Fa2Si}B z5Sr%5?WOCmqD9@;BtDk=rJn|o@UA$`Yc&Tp0*1dU7q@%bcOjd7tM8Hxzl33&h&rzc zcylsPBpOhR3HaEaj1R?E;irRR+vtA~tS;(hqgQL2&iBWko;UyL4Vv;YGoce7NI(cFJ>~P zg>DrKe=sQIndK6H9`|d|^_-~?ue|Bm%6jA6CD?x&>|mF{pt!Rm(@IPhm-+;8bXb0? zW;p|Uuuej~VNU=XUWMwT#`7|z(l=I_09}60?X%tRrQi3Tx~paB4)_hq9vH?Ik&H6c zeeYS(_}fTbm3vIb{Bh)55|Iv4!9^XvaHk^p|6BT@haA~|XRCzieU{L!6kKubk3%p7&wIO`{sNsj$N4!j| z4E=?83x2|n(5PA+g?GB%jR*4=?lch-LY;pV4Itng;>$=%i0!UqqESOe% zX!dB{OxNf1E&vBS0`kq7EdDXM_peaR&@DU4+6*H7fnnt?G^wL-xaFJ%ZS1ancdLKi ze0VXdgAn3%%)^z# zK2>|Kw>3`UP;04;JX+|cIs!`Y&@pzcrcN;DOuolDrzpVlXaWSLz|kt3e#}P*kJML0 z$&NzF*|^7`&s3UiCKD-%n}UDQrOqnQMRcntSL!tUd);Z8L{clLovJ+R@mWO$@U(Uw&#)64rX_#s{Z--|M+&k3)Z}1O~312*s4P zDXq9a8`_ZKs8&tKa?czKP?*R;VxILM{mf!Gk{P^IUtC2a&$L)NBBt4?Yc+VXW{qRM zYg1>tnSUTnw?5k|C)Dj-el5M=lT=D(=cTBO!Fl7r(2puWpfN55+mFa^nBPo5%CW|U z4@80G(Kl%3arvQ&SNVTtb#brV6giLk^f_7KSGI2wIjbi@6RR9*fqRsx^Yn|sZ%vvi zYuNOUm);|$N$Abj3>Ci}XaPwX^P!kRXx_fV=+hbyUCZBVhnB*!_{P$U!|L**H48>x z0U;SQkbH@*J*`Pm6hPHlx18PbM0S)Juxje$=|x4usF2bjVFX5N>9XT4Wqdz7*K%aP zXyO`o&M$llgkHjk##}?=v?{DrySJo#K?}l%}hX!GnNUN9j_O9XgOMSOf!)$@v@vRZEf=SN%KGkLkd(A z&5V~t=nIh$j`^T`Wv6}$|9sDg2Qx(QS^1O9fu_1VE<5xU*hqqjQ`K*4a^nQN8_5TU z$LB{Ul;59BV^`Jq{I6B~yR4Z@yru+f$LWY?A`GHqdSrj)cU3EDAmtSkwXLZzGCtSa zl#{@UG>#w#dS+rBu|!Tjlp)TXl~JYeeE$#DS1rki9;>&AIs z=Cin3LJWUsXZj6Krz0z4f8UrK5Wll$)fRjVuhFsApX=a>QMRujK13MJdQoJ!cqTk3 z+VqKMJ>}haRawHsJnRsDMS^Lrc**al4G+Y3{C>TQfxaqZh^-FgH9yD=80=xP1MZ5k z3(YlAVt6`IH{5KYWUVh(y~b&rU6=y{LV}*XO5%TVm4(s+-7vZ|r+A>g*Ff~g9B{^h zOMB2is%xtQLXqmpeTCh}f9SSxL@TDgndoP4jHZLPG?}(G%cLIY1f)X2&cA=Ut(rgG zBca`LL)pB$CpO98HCJ~Pe5sc>^t-oLV<1fHwbsV)4 z{*C6TDGJQhL|af(`Gvp;Q{Z&+J}vBrqx19Wq}_DY>QoJ>b%xo;al1{OsizOkxv?t~ zkq_n%VKB{~Hm)eBgc+&$Trx-1M7gDXMtpxZ7YRQV{0M9f&m(?deOLd5sy!o9+im__ z>$wSsgpJ)00(e#Dq&KQx+Azt^_IaB1)xUS4VMC<@Yb(OAUX;$<}?pR}|Dtzg6A0JBM}GNfDcwQjP=dfOk8X11EPP3YHO&?fjUSsW}dzg!pieJLmly_G8FeuJNF3tgnv<1g@+WyYE`*yynMM8J}!5wm88%Rjz%r zkRo?*+!XzK`y_SQA}{psutHV8HkLgEC@ghh;AKemza$p#Ga{h1WMaHScfZaYs3%e9 z^)N}pwJivnTwYG|BCSA#NNt9!#%{Rsw|`J7x6(V_Dv{plp7U>*4A2YC+qt`$iw$08 zT%!9bBOF!5UnlE`uDwtd+5Z%3FKI5??|Qg|&<%DT3;I@DNLmOtI;OhAoT>K(J3e)g zT9+_Le~B_K%&&%r>HDr0R#UB|L*I>pw>{ue+gv_YH|7ZH9;H4?=3~v)V5Fd<<9{^@ zhvLSq86^*9kM;QtKi^B^1AMYUNyo9}u^bE)hjcAnaue%+t74|jJ6m$ z3QJi78QE(E4nvY2dJ<}st24(Ump%B$zWfb*3~9B+O3Que*rpi5+1VE_3s(8{*3(P^ zVebX^+PK4ja$9t>!2K<<`%=|rCVy5FkD-@)W+JNm(HWAv-q8o_=7T6y&ZCS^=M6XD z;}h93Mgb!wj_Yfu1JxSX2EGU<;VC>?KOT= zRQz&=Ve=0%hQknS!Lm^+Nk?HwcuL{Fk-)yg^+*BSrUI0Iq*XyY4BghMqz~YK6SyNp z!n_=(QtrW`(3jzB1RE(oZef1EJt?RXM{|@Q!>jHm(2X@hq^RWopno~e$zx9?Z6|3L zDNaeMmnCcjBMv#1$L*%DKP-!DQ8GT+msV^9Q35Cem#J(7D1RqujY3y?)Z)W9%-Ywu zkqt_WRECC~n=l%U6WzFp3J-^G%08xCzsP>e(S{}+39suHxA6>Z7!)X^Fm{px>pl8( z+@11HE3atFl4(DBsy-WiHQw`noHEN*FCaFb8AKrVVCQ?gXx%AFtVXZBBm+-Az1QsK z^*L&gJT$W`Eq_L?dp|jf@BI_B2$j0tHRMT-GgYT}(i=axEyBSXnh~_^U<)$za9RyzRF~?tPw#ItT{ibLB?s+Bbjn6s4|_0mc}4mt!H)Ao zewXU9f`3pcVPM!tzG+TTiAdFa*koX7Wb!)UUPMqy@CZvbti=|M79PbZfpah>dySS- zN+hxha0uYhwZimAA3~9r^|YvL=QUg81uN<2GvV4DVzru0W=%>ak9@>WQ{AVq*V~p> zqKCux|4v^eYo_tMmKdS%vu4q-sP){B-5Qb16MvTKMl$LvAtR}x>hyiGu=tw~oW!&^ ztViQdtfn}%nE)0JvbEj;OysDZ`ymb=G*|_j#DM&Ly$;Il6nHQLZ)Lh8Qb7*vHfGtk zn?e4E;I>a*)7Da=CM|&c=`z8@-o4@C%)KA!MNzQiLdPc06{r~Z#ZMNEXC|+=w9oK* zK$lE!1Q`L+mu7DSI0DF`m!NM16%dB>h}>E}Cm~ZEo5$?Dk*Al%Zv-s?ikd?G1rFm~YfJD9SkUd1NTQXPMs^nCQ$AJL5Ju5q&|e>URX%iuVxr*};_X~r$z zwo0TI=(*Lbg)=0uVDty+;E1q<;tX)oAk8i=9vk7^ALMhK&YyIIefCy>YSGlYd!4)N zW>ow@{kh0B7S>XSG;0YUIX#N~Gr_HquLMZUO{6~cgiV%~Z?vFcH#5}BIk=Hud)XW?uQt#Bb-4Btowr-)(Dc zkS^0FtT|P`BUWuGXul0@+(=rqQk?I+hJ4a+>C#YSIqhXC4xmy`@i#+))=WQz*q5DY z6qiz^$L*!D_4eQ*&{d%z;o@<#7?2f(C5i zm97NKmBy!-Uj_X36$q@12!gp|B1=`@O^1^7VAPxq)f3#z&iyU95Ww{R@dx4m75KlR zfUz~u(9zk>#?a9U;r{?(WWA@Cc5(!Q23l5CR8dZs{&ECq23l5CR8da1ZF2;b1_n_v z9SK=Qw+MO!_d*1|vaIo!;RXQ{mlnMQZwf&|Swu-qD??3Emobt96PKdB1W^h>LRmyf zO)Eo9QkS5T12wlYz68Ssf26xxKuSWoC8ebs6a;B_=XsvkMD!xAt1= zzW3UD&jkamx)!U110i;wkIk^CwY#i7O3{p;DptB7ODh+f73jsI< z1vvo{E>-|84ge>g5VwF32QM}QKnmvI;bdcF?F?X&V*V?MA0S~5e|E9~0iggDptCjD z9?=5?gaEW)ARDl=2OB^F0s(0LRRITRg5h8%SFi;eHYX>*!Up6FFb7-NK(X2XGNb^t zgaP>f30t^0{P&V8*a?m>1z%R{CiCu zXajZD_Hg*O>tD%#Gv{wcOvlN_9bm-4#=*gfNJRYo_cxROf6$VFf?yUlP{f7c<$3CBMh^%L1E5_5&&W*-T+IO6ZT)n$-@I+2f^&^fq#Yn ziSPp0tvwv9!O-6!J^;G|;^1HwzeD^0b~pqGxBeXw0I++4onXHMf&g|H6#Osqasb$! z-F~n0aw6E;e+m3Y2Eq&+vG0Ewq5IDv{TmVZ%Ps`=+Z!LE2KYOH58+{`DGVO0BHLc9g` z-!m6PcrpJ?2nEo;#L0n>u=oQJV*~$z2obA45TRoIe+MGAW%CCjbRd5qLdgC%aw3GF ze;`5#_6H*N=I{q1bRGXdgs#&ch|q=qfrxoJ|AC0jyZlBjgpkMI_&=YKq$JG!Eh{$< zfRzhzUjzjN5GTdq{lDkwKy4gdzzWic8^*!GFUa$E6y)OM1co~Q{kw&Dq5sX6Hi-8O z2D^hnf7tW0FpzMdZAxQssgF$lmol`Mk0h-=#;Shkoce?lFc>dgJN>znN~&*rE4r)er4TMo}J0uJz78>i0>c^|1w zt_+tZ8Wi+q{^&c%RcDgc-oaR+Md~tgt?xy;?khwYd;p=VRt1+#8?mO^O?lX3X%JK*wgjTF=@;tbq}c@~?Pk zBJ-oun_F(LD>K-|zHm1(#->82MKThAd@@aR@iRkflwS3jK5Xxnrh|ral-;=4>b8qB zf8k3Mss>$vyoJ{E3pSQh-DPNl>S2q%|D*DG?gp>j{G16pCXKHOYH%$3bKxb+*30CE zkZ;LSoZe=@$McvmsS1QJy5&`li#oUE_h`luPco`9-jjs)tf`OQvREF)AJmUvy)46s zTr-!;G7;~z^t)wa68&&|RQ zayL7RwNA_!@i@J#(wn(RZ|)s8Ju*qvYfkn~PaYkI&&--#7+$wp!o|s3)-4R2e*gp7 z6L1ekSH%S6FYfgRc+6yxAu+QA7{__bwG>sMy*}gLl^i#Tv3ZiHmUyj8ln3b?i^Gs9 z34|zl9MtcM4liQGtR{)59(&0t#%cvaGeWmbZMa%Oiur=~YaS(pU8<0zV)dj_dvY8l zveiAQ!Rj#{zyLNM@b2jd`f7ZB5;n`xf@_Tat^Kht}Lz0``_#C#`B+BfUSawIF z9C@pWE)G#JzWh}{V^uxg!N)Nub^U}|c{DW~4!ZdK(X?8hqeej%5BC+fN9c)qGdWvo zmYaI-(-M)Nu0ir*!4qfB?xA90wo1OPQH5n;yC)#zv}MJ3td(#zCOykee`tvTC_R2; zbm%<&*{i0R&>QCSz*+FaRSJp4 zr93~b`kmWJ8zcX4OTu{*H%5bqxiN7|_7Uz*z~^@ms_gZz327wsv(~OiDp^si%dEy^ zz{UV);(lBv;mM;f@p$LBiqUJk z9J0@ats#v=GsI)Ee=QA>XDn8#z&vXMR(r~WUWOFk8%NVejK(fTI%4xsLq{ahjo5mU z>O?#BWp}7B1)&Pb%6$_HQPz*mm_YDp8s{J4_I957#=OOPiE_WF_W*R=0E?Pv-yJ28lMT3De-TKTrTW3k!FEzFl#a)w z(Yz(V>(R$MOA3SG#8$EhRse1;Wxh1V*)#i@elADfTpfNy7|M&Pc8 z3gja<n%QY~w)d9&DX~)Kxuh??F=j^Ll3OOWHn-<7Fi_ZS{VY*1 zKW~AsFBEj&Wv98iXLaEy{)5$P@w4tE&T!)!nh@*6v(kF`3l_ zSYAP4WkTKnCL z=^5J!WX(~uVZ^W5$?5oMq>Z$;IMj%_l6fSm&@{6g+Y7}=C|IyYgGyToIt74Vg+E&^ zOw`-6q3i|UK93hRtnbORycrYeuRnT*e_h;Hm=7GJG5+7BSBn=5YO)5=!^wpe=$SfI9jv*^J~v@@M0>+1ZzvKyBkf0p5) zkkgs$Z~DO1suNwR*78{7_YJ0^v*vKkJLBNNEpm?xrW|I>rGZNeJs^ns=xce_gVe|k z;pERSca6qibbHOiE>>X7CP5~~M+P+lTM}gQr|2q_av0K>$*;{gOuG&Fp*k!O8pm_q zisJ%NXM2wqHMV^Ne3II_4UE8Ie;gNc57z2WmEJrqqxIQNw$bS`GCmx5Rp-6qwMxWU zyjBi<_?jMM-)*S`X%)1ow37P`i`@-&l7Vjv%a`*kM$&SCZ&8PQKMo>?&XAhR#;=K< znHJy~XZfL5hy9e_a%TS&%eY%8D2d-EG`KD+{A96tRjXe*_~N`XqZA1mf8_5%P<0@X zyZu4?yhO;~Oc%y9t<6!`{)S>Gf~ds#ssTh4rBr-rQc{5n;otmb1tB?j=#}>lXy*M? z=C6T{erFQN8$}R&EX|&HP%%SyTli6i?xXa(Ec%PtRzG)^clY+bassxDZF=NU-TGa< z*J~c$`kyI~l>0|~%o_;rf8`h5-iAzDMR4t!y}|b22tH>sDL3-?*>dERmMk$~DCuzU z^?bT0!B@E!lem0`e(|K|1E~6E+E}P(^e_!_yN9ceHpJZ7@jWMgSQqTx(9)?WxRpLt z?P!0iT$N+|#c2a+BWc2R%WhG4fn?yjIhWVE=s~K>FYJCen{LoCf67s^9Gkk0ALW;< zg?o#j>sdRSg)_I!8>sl|JEIjMMR)GVGPYHz*r6)tY0R0Ju*Xc0I^8w2fBbouwuY&q zEswESwL0BBbzwDV3}1^dJZG^!bSj?-cT9lOQ{{}2nA;yR!~BtOD2zpyaTIf}yAPl4 zFXhJ!V~=qHxpyKwe}ppJnXGyaTb?e;FzS0OQq>ZJ$XFb56n^m|dy>YhN;~k+kab?6 z5$-=PdoqwI#k;#!FEo%)*TjF06i*+WpO)>w8N`koBf=3EULs;MLhqaXrE{Ua;DcPc zR_iRdSy3rzMV)CB?WGSAC(d>#?&|FF{H?2_@!mAzwc!~Oe^c%44RAwxmp-FZc~G1? z$Wjoa>@HLcP;UV#o!kl(2~zB8NnMFi(Y+5|GNdf3<5uS~!@pWR+-;%ZY)GF^OS^wA zSxYWp4N1VhE6zPb<47FovY(z^cV)Vcve$(I>6dj+7kSlVG=@w)-nn-0-iEI)>PVdL zYMsMzAQ_^@eW{W55q*n2#~0-t=r_ZZwZfs5~6aKNk9QKW2IO_%U)Zk*_G z#xgaB)Fo|Eu=@3ue|;N#8lX2%h#T}oXuXky^}`%C|NGz+e>M&cFi}kZ&em005NHPPNcgw zh|3K-rTf-wbm29ZrfM1>e}-NmG}^yc z=8X&}|8{)JbT(*sUisC|V@;^tCvyElSlE>(2$OX^wB6$Dli{FqMeC-}*UF~F!?Du<_n+tUQ6YLU@uj&ED_V)WJ)SOy zZp+r6yq_5lYP=G){v0cQ)TC@?3U5^Troo+r_hF{DJfm$))SQ)l{8BebfyGLmFPHNt zYWubG&rIeQ4ljkZN7%lQtd^K3>dGb0oI4o(%RFcG=DO7)dYLA~8|rmOe@=ht zdEDZ8aH5`9#%6~JCxRhw=uAfSO}0sN`!@N-NGDeG3*QZs=?F~P@KXgoyeoOT6ByaB zR~qKPj!)ohYFG2k!~5xO4Hd#;zBrTabtA_M>k45|N>wok-pTmW!5CyaHQY z1kn@|t*rpvt;Mq+`v%j<*O8W#R1aUCMKLJE@n>gXxxQAdw&I1F7);jQfBcfrc23uT zjDI(8DNMVpd&T(fjr;+t%MDL&!*0q?D84vp+v#clDe2ZA-e=b0eHE^MS6H3#}LBm+OO za60Drj9s;Zr3XwzXGWh?KBFk-L`~D#j60TXVbXb0BPS^@wZV!i%_xGI7bAkK*I%@_ zZs852e-t{!t57K1;~+~@sAFtk#;;$xjWeZ{ih?(On=yFTf8y&$1amk+S6;`v`cb5o zp0dKAG#NlPOxLwlc9}{?sun3=p+(yGY2v#{qs8hEW*Uq0Z^cAr2{qNE9#Xn3QcIjx zDQ2j79kRs+QD9=rN}rie`a=b|tdER7?}RY=Fq+VfBt%Z+&ft{zFO-Ht<{0GH}R^_Y8E(l6~~YMh~mn}LS#ZF(d44SUzwCr zsi`15O>FVRNNtQL6f%l4Xd|<1?>_-n4zwG8q!CFMe&aTN9H-doZQaK#1mG8GPikf8 zs$;BplQ&rX4LknusDx2$pn?SZ_5*R5_7W*;+X^hfeB1R;k^pSqV**f>vtGlypcLHM`RiX{ z_f1O-f8y_B;N5XL1Hb4c_YD9HSy+aBFQ5WEi;0%CSo4C4L9Q?NrRTks)rrVWVzE@u zn-@kq6#H!P9OWQ26Cwh#kENgEfw%=VZgHmS8Z~!yM%UevBOP!*U${~&TytMt;!U_& zV_-k0BkF=P7RNq{*>=#I>nBB?Oqgi8hfJ^ue=^)LkCUz5Ej`AQ`;wvKgasn3|3*fj z8hTaFuO@vJA5P|CGiYrb!>3T=ngc|JUT_HXb#*=F3~H}k=k$QtT#ZZqYH-n+_gxgxbj;6Z__qK}U3C;w`w!bc) ze}*mo3WMxXM?DHfpj@FtL?oL0*H}vK4`a;189VB9DbLk4e0vsqg{FRuqRC@3ukYg0 zv%9hM4Q#q{eA6jf<4!L-Runm*Ld~QL3^SCGI2f{w+hlXe^M>a zZ7dy3b#pwo`(bq9F z!Xczo8p6u$v?(tW3qEWI3}DUt=#dO5Sb3`Sxl=Y!`MH{37aNH}Z8O~16UJhtJViiA zNy6fWDpUjRwlMx~y4X5h7L?whf0G|~6SFGt1<4IBA`!e&EQYz*=`u?40i$PjY(RcE z8;(MPe%hsMMr8)Wk1XHNON(+n^U6e}5cVG)F#1}T{#b)tz*}h4Z6(h<+>PdW&9AQ@pQg>>18{ckGv|;Bf12aO$u~|A zg&^;<2hdZxT92SpV#O?{ZNc`X8WeT+UZEWh(1C5r0{w4jOLnD?GaQmzQVRi@*@)oH3X@ zrJieT2^Z=gG+7s6e--UJPk{`U&`Ou=06syV;sQDJBz?B=?b%95wMt2RHzKl!VHkG` zSIE9rkZSI@^&1O)e>29ar`b@Z`Di6f>?e~=03%g6&Z`%yEOT`2g%N=*g+JvN4hhUX zv!&i+=3kPDo9gBr`42rsnNT_0WAB zTt`EBH3CM4{*<@7mZ+5ZoU`f2Uu>Q*qo}2!HD2^K!V~;ie@@dN%@qDoEst%VXEMy* z5Kf3IN+4e_SU)X>EwZZiYEdu{uTY0=){^qA-al3Q#oLD`e?IdvOft28j_XCwa`Gl)T9fdV zODVbmGvjpoZr8K$xS=t>q??39is}1C)>>x5D&YH^7gnAX)oNcHXGMx{gSBP`HZxJ5 zYKgc0QqG<2XU$+HE|o~uzbWFWH2g_>Z4<7#sX(_VTGJOPe-^({e3Pg zQApEbt((sS8%TIC^^Wtg>2*0Po?&-31;>cu_DMc|NDaN6N#Zu33mw;d)gI6+HTUXe zf9(SWn4}xKOk=8Mb3`i=-$`DPUE$EMWS5o0GC)S)D|Xl*Rt2}!UGA4Rr!k#!^-vL1 zJ}!5WlgmNvdgOzP)4H0eAhAaz#LT3oBTgPcF9FxSx8%=qw3&9*Bb}?-{j9%`@^M}X z&}l6QnmunN5_zXnfn(f988vLcrtQ%_`BQX_YklyMn-bf~x(1i@rj0 z38l6PpQvB&?f0D+M)4g4_0da=ZlpfPbswNroj8c$N4i!sXw$Il1bkx0jSUr?!b(O_ z*j>?DZ8pHNj8t%S7W&Q?tFR<}pIpO&Ggvdmaa1+AUvt4KL8q{LhucWFOu9m|f2W|{ zjd2A!mG*w!@YzdGwm>nIr-ZMc3G&Q54V5eM`izcjWfxsez`Mdl)Bp?1h39+t_p81; z`-L@WCF7A6>ydOQjD$Uy+sU9jMx4s)4rE<^WEPIpd)$->Vc!ppNU|11B1jBs`~Lb8 zHwSx!X;BK8h6S6x3B^})ElI}8&_H?@AFoKl+`F&b;(}R43xj<}@`Gh16j+jT7+afQab&U{m2_t4Zigm*tXaMkiNzLnlqd{F z-Cq@b(^ZPd_D7eWB;1NGuv}N1jtfq4{2zX>|9^x3CmMhtV4#yT%pT}uhy7n^9U_or zZe(+Ga%Ev{3T19&monu9bOuU7T1!$_EF z-<ga#brh|tBLaS{+oh%!*i1O&9O2pA5DL2JWs2xTBd zNeKdf)WACfrNKamyt0gu|3P24M0*iElp@AkaoC^X) zsNn>22VTQCArUxVNuY+iJMiky6Q01U2u}po3jvn|Kp;Rk(g_E2L^vbS0I8pb4A8eQ zK!v|$INsymAuj~hlVA!cOfV?|Bv^!F(C)r}Kse$SK*|(D=!GCS`QI@0&*HjxcXv}5 z>Sy_%L;8;}425*}{Z|48<$=c`us{J|69EnH$Girc?xg(u4(9Z4% zAoy8XqKLBOF%oRbUi7R=of@t2N3!~bc5Ft@)fNEz5zXlZDP{e7Q*#h@@G8fWf* z>+!4V&*Z-t@|y|M!6JQtwqQvx7(z%SeEt=0fKq5A z8u3ezC!}cnCPG;27by^08vi0if+h3cM2K1bBEr5&{kEz^@a6c6AcSd3A^t!@N8}%< z1e8MkMhM{%(0?G|EanfCCJf;ZBv``!fj=Mj4p_K1m_@67JsfqD_@t2U1 z0ZK>{W~d}92UL(%3jFVR7HH&cJiHC@XY%AlT1dM zRkBrH?-NeXsMY|p0o~7`w;!Z`PyAT*a#+puYvQ#2l4;_*;=y+qwn5ucKfb>yM|@@U zLtkmKO;K0Q&g+c=sIa#A8pV4M(Mwye+Lu}3@(R|vneG;m5zho=Kv(I~Z_JfENR<0gfDegS~FYKv@wB&Uc|x*DB-QaG31_fJJq zXt5+hg(zj_nR(`!X;n#Rk(MtaJ}Q)wwUpAdQ%Z~SXb~x7jY>pOSqdRril|T_iAsd@ zJ6e=GKmXM0xc8oO-)DQD`zWDb_T(kh-mM{>Vl$SVFx<6q=Q|tmkrOvq=5&3%)UvVJ z=-%;r2QsrC&_Ifsj2rx>d(7uYY%Z=$HYa2l;AGAY?s-+VF$WhvV!W?{2bR++Y(mR;P!CS50M`g{3xOAGOf>&DB6)WFfJ=1^rd-}qsOAYFRosz!NF8dEsX$ zD?RN}dC0@(tHAfHq-jmit5uU*N2_GqOi`)3rFbs4dHA*O@gY%b3a1rR$mCV0r>o0t zR*$p7n|OLr%P%}JE^eK*)aSbT0dcEn=X1jx@foWojA}V7tre#}USOB-sCl7fYCu#^ zY|>S}7dba`+qQ6CRoF#wrS}i><^{9KYcD_1oj7-+>PIzQc5=YYCy({&R~F1zBC0an zPt3gH@k@mQshCM4UoLXaITIlHSw;Em3HN*pTYlP#A!ig$&rfS?)pFU{F+syJYPv&} zcdp)|+heCaUnuvUS*Nknz3Tgimb)?jMmG!`WS3u?zJhi6pq-|&I;!y1q1B7?UpZYa zVlB$fY~1I2OTHOn3nm&j?p1QNa#?lUc!$c`>C+C|Z?#ib@3z6ECpR^S1qhevFG5fZBu!!{<sXFSR%+hq^9M_^Cob}QcFVHk z%{L35rlN7wciG(GBP7#nCPaLkv{X^DCg@Z|&ebFNR;7mJ&s!_cCO9hlX{6fgA6K|& z)<_+mOx$V$F=)x`stphrX1Ew|;oYWTk? zf|lRN2zK<1k(DB2=Kp zuKcj|rG`XRKhlY(LsL|8~%O8J$T%I|m1c@MkcVlUh%kXk1e; zmwEGF&%C(VC1&xeUnHV0YOauQ$=PEnBVN^Vw*CH;+ktGz<<`s7Ely@LRn_~P-qDRy zO{DLn?nwFcuu1=tL0-Ghuw@BLAGQ zu9M43uTN-B7VlKtH2mzkO3K$Yp=4>25X82%iT8>Ckwy#LRNom-O7=#=!ic z5xEX4PrN2$XH}ItxOS%>-ep78&fdOw)a)jk+{Y=CGio+z`*%{cDf5`^waP(<*L9!u zIJcHOlYDf4$_TL=?rT=Ed4z4XQP#f23pP?KUmeSgt-E#XN=n_)lpQbQQ`7d|SBwc- z>>IE5BsJq{yS3%i?%54KAA*nimv6lynXbXxJu6zv|DCU%rEcx6f;j(EDq%c7yV`C4 zH8y+FHy=q(!VBX$&$D4;Ixhr`ZycBJrc>@K@o-9I&1zf2SkbWadIs=cH@(FN6yIr5ZhTCMunyHk?zT7rU>|Ua5Hd=wd(q?zIgMVr5jaiYnDU zTwGofSz$l(%r>v$L4~SuKL+hy%APQKaf9bL{h7*+XRXh!X)*ie^!Tl{4LcOH?8GTa z(@x73Gj8r3E*_O1KvVSvtmb_W_cBUk*P*v6K9OHloZN>lDXrapZv2r#zm`$C{>S#7 zkiWC*YMx9&rp>mVoa_bhyLFPjChry+^eptm0+SL}`fFN$dG+S)`mgHWN1t<8HJ+{3 zZFE&|tR7!hmly6T?c9)5epUAPlh3UupMJ2KFp-Fij8HW>(LK@M-mAO%m`dCbq4T$` zwz`r=2O>+~tDUy+&NzH|ywlV3_FZ0E#<%O`Vk073kNFin_Z#AxZ~oY^?!#xt1?}FX@ z#}2%{TIW=Agfpf#?Rrw;)00zkKTIVx*w4yqmnY>tv-==F{XlYX(&CrK+6fZ+3On9f zmOdP+B<(9gx^@p4P_p~I%$xakRmFx&lJ%RGEOj*65}BH{UMM0MEB110=IJhnJtfbT zBcgdaUsw2LRsO2`icvaA%yPZ15GKTQY01Ep$x!$=C6d985j$ zcdk4*Z9hwO4{Kf=r5CY`f1B3M3o{ju5*r>|(ilGAWn@RkxalSauY>ZQy0-hK3^D%r zDJ#(^(m$R`@VqGJbEbCrgU@4ZxA<-Nk(3adFbUtWKt59`BW2MzYMh6uRBEE(gXUIU zvvFN#%jc=3u9axmktSnO5}20sY{ugiq{C?u#)@^h%tq$l@i=5qm!M>_zuvCA4OmVX?6WmmSy+2tjZPqwFQ$Q5f+(b{>J>G)JCWxMN#vclFdcD?M`4^dh^ z3PJLLSspFC@>|(av7e?q&PxBGmA6dw>C7)89|8{$6JNC)_R%==aPMSyM~#lzYA25B zjq(}Ss772cHehMR@Vc|2kBbZ~<2pPo<@Ewqwwbm4r?oA)?seYT(9XdB)mQH(gnsX1 zi|{R9GumrDKHPh)!7Fm$p=z1!29*}8nIxaV19he>VQvheD-6oZoP}eumae|8=wNku zXnM9=lEST$oQ}pN&Xb=VHV=4~sLkv*I+dJFK6i?I8Xxg=4f|%HS;G+hPLJH|rs(+S zAinFR%#ggAMLzo3Q@Zaz^N{&AC&1A$WS@bQLP>>hQqHREbWu5{VG*}Q+>T_f&S?!7 z*X`W-sQGKnX1B9e`U&elisuU-?L8=VP~JXh{L4E|ezm#_{l@S4TyeG}(`&h9n=oMX zmeTB15?)771eYBWjbQ_5W94%$Q@4K6@)`c+)%Em}2Va#srMFv^TA0dJr{|wO*|Ki; z<>y&lVJh}fCEc#eoNc6i>n{{!zO@$#Z9VdR>cs6??XK#oWm*!)i~lP;@$B~I-GO-- zhSeY47Rr@wGWs~?!M<{fi-rr2daju<#r4Xvdn|8})+Jk=nNDS|wW|iRPYPnbzLiXy zcmGMvNR2guAK`DA{U?*>R!(_czUrdQX6?(tO`lddkH6Bcl@}t6Xj>K@_-3!wSa0Q| zYj2knhgt`>9SWN*tL=AP{vhj9SPJux#n&+NtXErgDAla*Ci3Q?3-4|6w>=be)0dk2 zFz3mj5%rQkHC73rbqGZYJI^U&yW# z%3VF+L%b48a6gu%<)5elZ89S}A3ihOw&kUW=9lujXK0LC>sF|pIqB~6^!g*E8>Ss(<3IU}rd58Q@rnOJ-p8Tfnq}P$-Syj? zbLO|LdsA8IaYGOyC!sxeEtoC&M1Mb#q*)1VSQvRte^E$naPJ5-4OZmU| zsW1I3?VA*(a$mZmF7J+`(`Ju^WP?=4)p|sFR?w}tGb8csapxay>Ut8`XwXxcmLmSe zXsfg0w;j0U-PqUl5-aYKC(26;pXzi{dAiY<@QTgL_y2u#(=g5O-g;rB`N!zgIYX>H z6ytAsR4Z>|U)k7Pbn{BSYW<|iCAz0=t);YGMl2DUR?((xYLMvsKKph@vE3zc(VC6n zTh@-YiH=bzs~mab-H6y@IVMI%8)FWo#(%3nx!QTS=yNyoY59j=%vAY2*wEbRmQV7? zT63k92ai-WXKur^=7q0``LRQ+O+DPE@`*;=oiFQNlFQ1*vRilWdFt|*Ftnb0$HZAg zuY6(W-0fFNX3Y&~kjmdVXilSMdW%M@gWS{9!>j9E$4KkzT*!=%v{mCPj~%wxBt<7> z#8i!js`opnnd6@8^65m3ZaU+% zXXnJLZIMg|+ab~|$L{?xTJ*w;k(jpB{(Ux81Ad6MN}MkezUUdeSIp3S)%>~hh3kF{ zw)^w?rnQsq-R)3!LdueY^RZT#)n_^S2av@sSSyIk0)SA0p|>yq&e$oo&dQVk0L1^hUgbQ z86zqq3>hvuo27B|n|zWHAUEex1jR=U;FB1Jpvxmkg5)F0_ykRI))4~i=Q_2&uHg|h zgQH4Ff=^Pyy^^9?gD4&@G?WrOEYD!bDhwwDG$m}164hW)Trr#?dB2>|7X+}LVNjC@ z8s{;H=>(t8NA~gv0V6;mBS?(-1sU6?goo371~HUJ5DbA}i{T7KA;y3VywKkmxCq5Z z*70xwf;Wp{JdBU=5hbt?=R^xe@;Q#dFad+!7$XT9b!u-WAu^nyF^uJG?zOxBO(2OV z0)Y@fz)-isI#Pg~_Y)Z8ayWzcMHu@h(P1G$a1>(%8t%A&!qD8pA;Qpb#|3-}O@2Th zqx?x{SP?@Z49xRA_Qo+!+_SH zT?}NvYtX%X$WM-p#8I>;f~9#Js|6(5OfX775NLc*;1e{spyeXpI$ z``{M<8AOc{@Th;`f*lw}K^k+`0g*#d0G5oFTTH-X`dzLUe}Es_IbxxJggoKM1Sl!N zz)2{dhN6t4t-QBTbIP)S|MUJoFV%+vjq^EWl*UPpn*`uFG;?T3610BMBy@P>A~bNE zU#|Ph|9~0rIZ;hhoaO}c12^DkKozZeH1seuWF-= zbp(zEAxtaic^Jc^|EYREiyj7*f?^S9Krv8({%`@e`hS`Za7;9+84_qt|GgMPVl;{j z*!-td_whfB;q&-t>Hw-J4}b#+l5-$5Ebd+ohX5VG4*D4g_%qP+5fnhi<3vA0;mBs# z%fJ-W@4#Lem;W&kG>DtPbtHiy{0}yBh6a#<*&HPVIwivI1Z2>j4>AF#=QA)b{z>gW z{13PgiMC3R5$ME-_l_$F{5X_HG`K*<;gfJ4A9WoIjhu(}a*$y(0xKLyquc<;XaU-` zLB=V|y*g+lSOI?Mp9ufMaU6-$x2GdWUJAd;(*vxQ7 zCwMSGIX6^_@-c~Pqw8Xcp-cbpL%2M&x5DFNzk7fBA19#C zqEJJB!MREZboj*KDTjj$^c=KQgANXL$4P>Prux^K-e3eFP#RPQ zzCyxz)Gx00FVet}exeHZ{|i42eFss@$0@XaLn`t)#_)k4{R8XIi+~JmY_L;+{aXop z@dqJ=J{UnF0y{&Ep(&Jx;qa5PoKg)k3f&7twy){@sTJ_Nz@kGXkTodGh+>d&{0{s(#UDhsyRg^R51J0bf05Sq) z%kUULpko)vAoGxm2;d)5{g(CdzuwsgB@yuM4#|UTW`LO?X$Nl|Ko0t^0~rr}!h;VJ z`2Q9k@HE@|2?K$?*TGv3)}N>MPDx-Psu-9yg9IFOA&3UV80ZHmyMlE%L&$Iz5|}{P TrY^cj0=y%kuD-xnU*i7&p!S z7b$bGHx;j$WmjJZ`qevF3btOe>j4xp0y8<2kyt5{Dl`=VW0OEM8h_}v7ZF%2_VMk9 z1#}s|d3O^{=GHvWllW=k1hy3f;Uv_7Wjo;{PXAPnJ^d^G`0hq~1HHMnw5=yLXUOwb4 zIq=mFM|&HLG=cSJG%mYlPprC0So*_uydtyqI9a}hEIrp(e@r9YMYF-BUDINkkeX-B zJrBN)HTQkWY}bHo9R=#c!&e>{<2-9C{z^6}&U^)M&^N;<$$x!TvfjZUg_C<2J{qJ@ zknR|Qq2+ch0>Xsy#zC93c~!!o!PQVzPwdj5h%&NIso5t<-Culym1|3g5=sXQNkeirF z0_E{t0TO-?OMes~UpyboY(cmsyGt_L;;<@3YY+&|4Gf;I6^5MmWWr^pB)Z~xwLrlh z6{}rS9N8tXBUC%a7!YS6lBzatmepoUkYpn;cQH5~;DL$N2}W_mbb*Zld~Pdrd_YIp zUU&t1p!ExE)SA9hi8Y+yXU-@NQ%)A~l}E$T6jtRB8DPNE9w8AKA3687uY*g_IO=?XWg$ zCGYGT3Yi%YX0TfG>^0g@Hwe@XQBQR9vJVk7%jH;Ab3ADCh`JE9$}9gZO6CMUep3@J zQUytwrGLC7FZs)-1T;?@70V9mOw_tGaUyuPFD$&^wycdA;2KD)Gb!;g&&p<3qe0-C zq!mh9nmL8n#CTeuAQ8i;cLdG>l?Fu;*k98=Dotr|EBMMoDzM9=vMCFtSE z0_vY;p{nVs5P@l-Ytcl0QI=r*1$%MbEE$V!e}4mbJ@s*XR!`90)^x=8Xg3AOUb|_M zl8$D;=^c5Tq#~p~=Y$=?*ds`QD1wKX@2j8L()1}L2frk5K zJGia2cY08yghY}K^8a}`hjKXszU6cCANTAX_zMEAK(#X`6C~6{I#LJn_<-*!-w&k( zdHF1P4D`CpVf<7T1>b7aPggA6ntD2X_dXP&jf^9V17DR)SyCrDwfS;aBsH&AHGxwj z#l#cp*CQoaX9fD;X9^&^k)ot>#}*JmUoq3*x}y}RpQa4UlaM$R372SeO%Y40+fS3N zI2eDo8B-O*#wL>$>4^o7OpApJOrt+)p2BCJ#g;Bsb<#aOl48V)Csr=&oXXDoJ`_o6 z-k~5n58sz<_%Fb~0Df8l;n5&lWD9xFtVWy%V&$sntAn!g%Bw_(h0+vo^QH)dV1rl+33YR>BZ}$MKs3vu}#MTVOhllp=v3nj%2E1o&&;sUr(l?4!yF<-Y@s_^8Qf2 z|G2z=7lgsQ*u&wK5Zvyoe7#>T_}6@sl|1?`-vj;SLqywRzvfZC-!2jC64@Fn6Z&Za zj40)&VMvUegfDJuhi^~fBNd#$@IepwQ0~`%@2fhimqLmYmyRtF?hbhC%%d{kP}#uh zP(Kj(v|(NwKUG5|E|&jJiITs$e>!(4|9EXgu9Rr8;fVVX9 zZ4^BZbAok_I~^$Bf+2Rf`-sn&jRTc`fjW)7)h+P5pVv9q3r%G6IjVPgsL_5{@fk0X z-tTw2C4TD?*7G?N2sV@93EO;^*Ju=fI8hh;HJVL1wSJgHz1Q*q0q*fg0Uua~!V#SE{hWFuI zj=DMA(v1>%BPW63Di4``q+|Ax5gmZ#64uZ;^t5h*)Vs^KTOI*xIHv* z@ow1BN^wyIBcN3CXqR9CS(EC z(9^-I){z>AaqJuQL~kNk(+=3c*XhL9VRIaE#?j_MR|mc`0mt|(%n8<6=D-ohY24#( z=;{o(g%z-Si&sVtuEys}&kvRk6G%?jRM9$CMY*eZg*^of3X~S<60fL#z_-EOS=&7E zsnPsk$tlQzpC)1CWo4dyfXS`k2*O|Eh{F^P{ai<A=+^S>pl;e~;gUwS*JLFQseK zoG%QO0x2dvYDyg-S(LYbgrmH!c(83e`MO!dyEFVaJD#TR_Srosh}DoxKn~>xplD>{ z28G=r9S*ixxkVq9q!g_1Te-FMo+m(W;Oher0M8<2tz=KeE2zwj_HAU#s$GW<9k;C5 zpRbp^sf{-Q*d21eE%1apcRpza8N-Xe!=<7JM_voyD)EF)*4CJRGIVV^F_3Dani1kt zzHoZN0U9&RQl^E3?P?|y9EUU%2sL5Q>?W%=Jh~^o(0!LY!Io21Bqwd#v=;*t+Pkgf zFfbkxLVofy<=7~P8oCwy;#(N{Nz6dmC>m{oQ6YE!upWV}+Cs31hdDIjyvJ>lL38?S zA4#7T5TCC=Bzp#bR~sI^^K)r;Co?BA{HF5bY$@Rwp;F?3TH+I!_v*f@iLa?8U|Lvi zRCk6NV>{rVuFM*azQZc&RD}dEr%H)V!Q@Jb*I41wL$>iF`IWN9*RdMgAoUF>>q&7; zu%;cbK^(IY1mfnn#;gb7)j}fnOl%3(S+=6s55ly^7v39xhBzBZcm!o~s*F#!<`s%_ zxUfgpP*WMcKs&%m@gX?;;6g9WJGj0p1vql0@Xh#hO56zVyR&gCcTip8F8(4nX?x)fR2oFc`8rSbO98NWg zNmM8DJOhP)QWRGW9`bXeyY zwBWcRmGl^7W29R)D&a;`=bq;oMTYc95C|n0^CH!82}bgmmfGcm`MW^bc_!r=(Dmy# z!>x%nW4K@tdIBbGQMrf#awc8lo5*U4nnJ-9k^r`UqV;_{;_9@ucN|M7h7rCLokqRY zqvwL6L*_K&_tj9jr@CI2JV8={^SzLDiN`4jK*?vywLO0Kl)z2DG&+;{yx~R;sT#4% z6IBnZ%}S=Y%{iUL=+4(PjJ(AoT}yWX$307}*|pcy9pc(?dBO9C z3~e=ITdC>6X^JZZZsLB=UIkh@>~DS^G=gmCTNRFV2uViz6&Zo?E#N=g2@ zmmzHvKM8enAhGqwt6xB#YZT|lfr6~{O%RC$mqQUje~CINpi$uUP4X-PI;^t-LU|5< zc~RIG@GXjV{pUo%CBB@bp*Oo4$O-ge?Bp!U2kuh&K^mWw)M6LQ#?K z>{m(JV>FEX*gTKTIjr-HVg?uYZSMCsv+G~4{{pkS`p+=^H$Z6u)9*;+>J--L1({7OeR?flIFKUNuajw;zz@b^S2uVb)V@Np{9kbuNbYu5|bv;#Ki z*T+yz#?5gQI@=tl`yWu8G|d|lV8OW?4)=v9Vv|wNNOGU9xU15oUXAvetPbkS)CV`z zvqtUk!B@-E`d2ifhZ?7c1v>Nz)q)Q2Q079{5$*+`V4=W zD_WcLUOx`)rq`+?me(>nk{jkh_NtT(pS-|>dD{;`XXT2VIuAju#J&Zk9C5g2fX*Y=znH8hU(I34ir<3Ij zguU1c7Na89^Hi^oTtmjs)-|1Z-#}wrZIT~jpvZdEKohyzk9Q4ZNX`&3d=q~yLJR@& z#N9@maeWg~#OXM6g9tSGz8iymeaQI|ZSP?W(NJ?(z05y(D#X(}=UIW^Tcr|uXXC`! z>vGoS1n}lq$Z74Wz>tzxxGmIng}$7Ve3%g+@S8QQj3^Rez^XIOHlUjohswTQW6*%! zN<^Xo94%R0rUi3R5RtMQ4l;iX$Izz;%-jVewZQkbXoi(rOfvZ@Yj$FU{hXGBU~NxR z#zZ4AND+}y@L`ZN92lvr2*!DK4f5G^BC^|fX@!(@zKyJu^G^T~n-?4+r1od_a-eqI z3~3(HC>olVpe=xVoG-7?sd(JGDxagdzZ_f<03$Jm1elQTX|kk4#QJ|hdts^WvQE23 zrdFdLlqA3+q3jQn{b=$Lq$;q2Fm`pQzaCA#Ye3o2XzFA+17Q?R zL+gBq_bAZ4LNxOIn*$eV<@y-4?A>cTzuLkk_U$R8S-ULju8KSPOo-`r{j^J+QAxhiL2z zMV7FlyFA$y0J*hnURdCtAghp`U=W@E@cH#j`r-B7A!q+FuL zRo@4sc(W$tTx$Z!ut2!DJYhRCp8|0Y{OQ&&V&z_aJK}JKlLvc(rapv;tEI%@2Qwf7%P*b^2{xF0PuEkU@M% z5L4yU&~6?Q1ACb^%VQG3MK|bdlEzNrJOEtXxwP*lN*%a%p8W^c9`)<4f5`ja=GcM9 zx*H(_9z4}fhz?G;m*lc8I$)rakeXwFMc-FzD4JN4aSeMQnqycIoLgRi2w8DOt~qZK zbr>YHueyKcZ^>}AYoHS91R9>?e?6f(QO;J@ z{tJH!9t+Sk2Awwa2B&O_qkYqoz)ceULrfD{hV7tv7m75J1 z9408F4(cz01$(Eph^@Q&4MOS-A#HIi#Z-TTo=u|G<%}+m8wH(_ZyxN727gP4u?9LL zSUwpD-ZX8t;Y3x zZX|$igr1`v{jq+dvz_{l1K-_cb$-1$^xh-w29QPV(AN)fFEPh=UDEgT9^!u<<4txC zEA-8GHC>qO{soxxg2uOve*xzh0x>X`v3CJ0e{b735PtWsF!Hi;5ve3~W1rfhMURKY zZUXGl7J(uwwh&oPCAnVb*Y8}ECEIn|ZC@;MIGh>I@p0(q*ORBO{9u}TY2;6@@1|Ns zUJ|9#*pED=H*@1Sc3!@CF>`%CaNfldk)vKxF%*AFqU;Ub3+q4MV{Xjb>8eAx|{oA_d$g!U)P|j z6^2dSmW#TW^DJLx4Ue9bHSk}aVyf2lf=9qn6(Fp>M7yTi54|)2OSJaVFeFR9D1W`_ zK)MElfCmjaso_agh;TI$`_R;jo3_ike?s_>AlCMW--6gv^kvpAPYFe5!I4BFyG#E{ zjBbB6<9n&r$6lTn|If>pU*P~hQ6Rp}!2{1xa9DhB=4hjIbG6Z)3PKnF&9H_)mvE8- zbF|?>V2txY`$36Eyq}qbS9dVGz*X&(EpufxeieA?0TwqMueQ6@3O5uT3M_Nxe`P^C zW?A3y7d5PTNL$te6FRhuHE72-{JljfXh}ylwODp4q3UXp;7T|HFAai`BU{=~q>T0dW}c>1t`*=>cQbKcaSm^Rh4 zJ8(WI9ni+1a^64(COekQi*6b)e;ucE3yDN#MFF25vb5;HDWRV@*GrTeh0cn7)n*GJ z%*#cAxr<|rC4TY1OLRBN`U_3}?T=rq>}-*hHSY+(8WD3GXrvA^CJ7vGWOhVmKdUMT zr;&j(LG&;6XTQ|aU4EWSw7^$rJ9GB#t_R3f1XM5^eeO} z&(Xli%j<~-E7epJD4RH(hKce*-%Rt>U;K)b#B{d48Hqw=hX8UAts2ye_VqUv?&!wN z`H0|!b=?lt1aujTO%{q^{F#o?ly@^cC!2|&Ao9oPvOhEPTs&2@j!%k+oY z-#(*D7VWyh)R8Ne@7Lff_p3A+r|-$K?pq9PLN7GQ2#LPZzu2oAj(+kI2Cg6KV6ejX z^s^0$HJ%!jW7mDgf57dA&ij`B1jwSh_x2fXx*=?D^*zms1VP4xYN8(;^nI<`xqc?H z>? zb}ByKI;g-?;96)^J?;P4-7KQqy{x0FS;6^3W3}P&#~6Op*cea!9OGEhIokjplun1X z?Gp=n3I{D5f8-WMc3rcB?IEyLwy7X7#72?Z3X?!ZjY7|X)rN92LzLOjJqZ*FspinZ z>IGA&s~xl($idC6mJWtDb3chg+&@fbI1OY+;K$CJPIPl7wR?WVI8jLVFMR3QQ@fAU zw>0a$n!6KN*uM~b=|T85$~x?ZY$Nc{8`bvif=YuLf1vL`6V{(x+$AG1?#F0kW!1{9 z?MK*n_(6oB1alzVX%NYO9l#oZJh+j-6V<) z+|xlq3@#e3qTYo7QwM(|v`pk$gF)LhMZK_Re+B}zmLQ@xRK;J&eOM?(9GYCNELUfr zged101F*ANPsn_H~lB<5ZEa?_n z7N2_;HN$g(%vDxZMI(vw3Ln*0FR}ldt+4znnuu5`aW%-)0}nD`+dFG{;+1~&`k8^X ze=x#7A&mV8!|?wfM#Af&2xx(rHu%d!KsVK=au8PcmZeyPII|wWWe`cCsbUFEQ+aWu z7G!hESill~)#C!TzJ<5I2dPm6h<@sS5m`sCGuyf1c*{8qBm4vR^)pvv|9S2~hF(vc zszh^}tl9B=P)3PUuREcl+N>dP7)D4lWCr4QK#Td~f2{(+bFC@@2 z5QT|8W`r-KiA%ML5zqLqFkS*|`qKYq{ac-V&K(o^#sX$rRC1x*f_zCzyinHmcIw~s zqc<-Zv5 zDqC9^J%ycNr<>dEDCDkCY#Wt2baUNw7M;$1PW#Vu{yNWIYyI)Pzu)_NzjwXgXQa2& z*PO;dLm>u=2+b)L6bHb?i)8~)EXZVMqLGmc27y8tMd+XqasVjy_ErD`3dI-r=U`)h z<3P3|8UZe7gcyUl;X+`ei^&4X4xsTN3}%A}-~|f9AwI6b26=!l%7!7K*aD#OcmQi* zA`)Ohkq{OIaV&@w3c!KcLLe04!U)lF!4VS)Ljk)_WsWG~b1MqMB5_l|#zmVZ0B(|l zB0Mp`fx?KE-YC8sgnRj4*!ohOA>#3Wyg~kgJf72^x*#9siT~9{`4J)^gaKYC2f~mq zsR7U@YhDls7V*FAGKC-yX44QZ4+6-aN^m3tj)pipVIeyl2m^VM&|)1zIA5B;gIly< z>E_3x(>ymVp6Ft0CkP|LUE+v;i!N{%G35`8XM@4fKrk5(mx2@V_w#D+7hAc1B5afc zBV54B#uflE3=|W|xRjNR4G>EKV1xrj15h;X*U|z(h4=`7M-m5wp%`)DIH~r4C5k`` z#YJpG1}ue#&_6H*$Ke?CiSg&ZbaqCgW6iCp6u{gHpQTunserw$P27Jn{Sa6nf|zt% zo=mpeym_(87GW5K2p4Y_9^q$y90ucoLr^rtCO+;&*;|et_`W=;Fy1xqQIVo4!I>*h z^DevFcI#_tcRGQW->_X^`m{7~MwY!&by#s&_t5X!k;khJ`!q7fB!aZ8j``uJkm2l@ zO6|b6*nUvDCuT-`}q6t10GD5jIh zHD}lE(=txd@6%7!l=UfiJq8_nzgB-s%j_ZcIykD_knN6R5>j4D3@+FMW>qmqE>xDS zESL_ROwO_Mc*Z*S$j^H0dx7(W+f~cmqMzfb%d}R6oGr|+C?_y|w zaD3bA8gI9Nu+4zhZjmR>ZgP3yIJ@kJ*hqhq%-%6^ zzLW9ghd-L%l5eHWde$}eFOhJst7J{J-?`OXA8Wy!hM%v;bTcH*Nqw8v3^uK2s8X1Q zd0iwhUD{li7SbJ6;@jVMFtq&4L7ldyGjr;< z6wm7n?0-)u&mMI2bZ_ZqX9tEz9Hs%Y2cY`;}=_+~)qRUfg= zAY-}r#g5dDndIo9+2Rik_fq4V9&FxX#%bLqGe}6vVRdI{S=R@ltox?I+mabirDvzKtJX*gY3bF9RNohk7Gsy-)%5?OlW=vGd(0J5c`sj}^7#0_;eF&X9}RT(M^5>4bWj@5R1H0^9ywu07nZ7@9)<&B$YKljq z0PY%rfG8>HGeHuI%AgyNSfDn5)Y8%fPJ6ilC@g?DqK(07V}CFZB|x9y?#HA$IkNy| zeU)z{EP$hdOe&c~2TVyUXOPC#Ad}nx0)tEiS$^sO&dm)t`)!9Oa2E6gncg5p9fCvx z6e^hoIDk%6It2dB6Q1tK0I=W76fgHbTizhklWPi4-m<9za7|JebT>bM0y;wAW(@8$ zkn82YVe3b6BY!V9H!~9LoBUQ%f9sQIR5!mr7z~=b7Yk$prVI+mr2j~@1izaz1u0Z7 z+K*j4i{wTnr_u8sxL?}r?SY-fFsGx6WpqUbjpuTxcP1QfLmD@ zo!2uy^vBU|HO)y>I?KY(9Rv`6v9~btFU$>zN%aM65P#|j1d>bSzJIRlei&v*Co?Ei zx)XrHXaXcAljH|MaHUWf48TSLR5}Ip1wdb}W4JnSNTe13_t}Df|3E!GhA&%90|BU^Fx-I%lqP`1AOioLc#cl>@B;A$00wac zt8qkgtA9%NVlqKGYwOqIhW96Sq;m5HL0^yz;dC*`N3XcVm0ZmVGJN>!)9osra`zu! zX{in?x_?xCYVfFd2eY)z0#x`U7AEFGeI|PEqj3(L;)ofRF2Myfu?g_79-<^WUF!=$uEB4H zIfC&N#dr50b}1Dmu^{pN(4E&`r%y5-GB_E{lC}w-cW-c{YX{!C_6y(Fx{+ea*Y#x1 z=44*%ta4TZsjol2KH&3Na~^r=51RCnb(oH}sL)df@v%;h)*a8_TPPZu9n`NM^>WC7 zH-D^b4VEMl-=P%Q;Cr{fA=r=4AXy;lOm(u;F<33^*baqa+>)Ev#Eeg8cYvVSNcK5V z`7H02>}S;Incs976~PN4*~xdx1yvWP0}dX02p7w!(PJ#(iqco%X3k{W=)O=(EHOCm zipT30=Dz(M<04Awi|_J`YSC?0s&elal7D5>3NvCbMC>?gPf(6&T&K+3llw*b;UnwO z+9>Vy%wJgB(HWve?zRvZ#ea3-op#7`lrYDMKz=Zu2=_~izeb*oV_y7~QNoVDJaP)Y9`g`Ws4n#+HF;=_if(O=_b%f_?lry*rWuZ`IMuWxH|u zNp{|E&+6*h$$1O-6CCJ`Ld83WVI2kr8&|g-H`J(dPu@8iYNXaDpY_;eaDP~_jis>x zGc7JsyPsi{)%a76^DZmV67RJqgVI7*;Pb9EBQ{V0-BjNyrOMrhmvK4lwvD};8<95X z^Rn4Lor%E4W^3HEOtm$$BR(3acb3Ja6UZSM^7}Q#O9d~=tBphyCXZp1(qF#U~YwyF*Rgw!U0)@lDB>1LFKQKGlsr?RjIywVkdc_cKuW>LAmcI7mY)HXMa zARowe{n;O?9YRRO@CPXP0Vipi5KVL99}#g4~!K<#h-}u9>NX9;n&F_PhIq$xf<13G$q+&6A)vTuHnsG4!%!fKBV z701N6b;o`@2-EgGx%kSz8Io(BPj$9XZ$Yf?Z|)^yt5FTYX`hgJ#KHiv7mM*I%j?~a z;~B_8Yk!OYB&lbuB93pCFc|4SZojLj>=o~PO65J%M~AbBP&0EA;65!|(*&}`3*NlrXIXECuI!bxV9JcV z`+t?SjXZ)(N;nwL6n3ucDdgRmb^|zeBLRJ8N9G~*<|g2cXwCvL$d8AO)~}VBGymbN zT?yZ((HFP|boW`+n7UUfvoB9QOI&7u$)8i#zh?ovtjo7e(LJ#sVaQO%IPbl~KIqNM zPs2iQS`1%i4M$%S^q$VOH4Bvcq$G3kD6$QEPq-lm@gF{r{|o$22$0=C5|hQCk(jQK ze*)NN%37C>P6C4lSyV>q6Ew`kwq4-g#Zc?;6j3;z|)vaU?9n05|)4nWl^z|y090qN)-?V zs~`##kSel@tR<*`s4NoP0#w6d1M1V~(x3PKx=&~3$9LZMeCIuLzRyVC!wYZ6LJz=B zC{Kuo2#_^Mq0*co5(p7UBzwTfe~7||8A1f*IWUBUSDD-7lf!`m(2CGiD?5jA1weW&+|KlxdR?lyT!o;bF(T2bZuoflgL_LQ8dGX_gIP zyx&H%i(lSGgLU6(Bx(d9Me6AjyRQ&gZ1X|w8+M28MR^eudo}Kt{~we*iTvk z=*M6^@!njkT_3KNj;QGq8pC=#vU=TAEc5dZ{-(Yms3Qowf6DR)eTfA{DOWPsSVSug zC-^nRJ?Of8Z<1Jg`VuCu#$|oaa>KH?1IrI)q|`y z`gO9b%Pda#eb>3>9bY%=`3Gp5#;y6Ocb@eA_5Rmurpj7Y0lSsbUoNMm*%K@1)nhf{ zGZ-goX5^g?f6KZrWk-}X2=x0=mT`Hz>j>MQuBD4h-sC#3OrhNLUn?1nDY&JT7{6v? zhr8u(Kfcev3x_2;6Zny}$~i99oqak6zaosoK;IP2;H^oMKed(mezyJS1$Oxidjpo_ zNLA^nzY9ce3$1T{CkaQSCVD$!ZrAcF`WwSjyT(+Pf0-Mbti>pp^Y-P4i+X`OW+tBT z&-UhTI^{V@)2U>6UeE2OZsjU#pGwJTFWPh^ejLmt-1E>l&)T*MYvWg`;I!hiw#|>{vSvjC5GiCipLI6E+oc$r?>g*D)UyJ5 zs@RUPA+>GF(<&QAF`+55y_jC&3;%DA4X4uo)gwx6cYAs37W&#VyT$MeZde6oC$~=a ze`>f@#+A-+y}VsjcU~X0vGVOdub>|18W^v@Rc~+)rffZXyz^*B?UtE>yg6yHl4@AO zO3eIataFKI3-@ut8jXu0We3^NsXhBwKN|2QKdHD;=Wf=L_;g6~mtxZG)mCMO7)`sQ zX(k5!KHgh&wqIB4%3{r5`#$Q8qAu!~e?E1aQS-7&GhSz?z>i!;ZZmdWzvp6;MF{I! zs)@U;BC`Seb3(F$t!%o`8PlkVx~$W+``YI2v;5%ocgT`wuO`Da4X~Bw-g6h1MZdeh zS3sGJ?vzoR9@%`zQs`6-e#G7$kaYk3zLcwV>mOc`_D!&T8@heQb(2mwYEKLLe@k7= zZ2g80{2_TBsdf5(n^;i24{iTy>>brGR%_1=;HUD2kTbt;p6d%=`>T?{r7I_nJ${qX zJGz%rwlQaNT#F8vJ=YynZJTT(g}QeI(gSUBo0 z+rUuX-A5^Lv!hP!{mu@Ovky}xe}=~0-6K^G*SI!XoYND-MK_bbQZ!Jg=qxEr8}yNO zYDva>jgKbfmJ62m4l$ivtKZf-wlA~C*WZg9fBIo$+-|c5uF%`ZbmUu?y!y#;1*hY< z=j|?L?)lO<(KqQCyEm78Q7lsfba4s?T1ZqqX~yw-ubcU5MHd~7OJ)mVB`RHO{n6>X zLZBn_CF#F>fPV!3F9etzn86pKTn0ZF_!B754a=AESOSCwNJ>ytPehk|SpsVYNJ>yt zPeixvSps_jf0X$i$K6&n*<7Oz@k3(?V`dlzr`&JLFs{+A>M_qVJR0*b9x|I-vJ%_4 z&LX!8yJ@y1uYZh8qotr(`mLNOa&Ke-MshTt^5;tN_K*(j3^ugaR@Z zkm*)biWNmH0uERtpNEEq;XvQPU`=EJ>>>~z%7VCn0pVdtgxG@xaeyzzLJ^!#0(Kk@ z@LAgt4SbMjgcpmzBm#v3V3dV}5F`}k5=_>R+_-EESZtKxn8^37ScDfXh64KQmdIn_%LJiBChsEdLFx&F0QA9F8Xxv1Y#()Suc=1j^z6OMpd0#^4AKFfbV5 zaW_j3A{%TB1V&>bHh0}{h=a21xS<>b7*othWV4Mr8tsh6AutogSz&+;aiWp+I>LoF zlZfM6=P+>ybaM9cGTeCB^&S&Kxws!c5&`5tf5hu+${%ZSL_9POd_pFX$rQ0rJl@ZO zH=X6gWnnPN4Fy!1Ie>UPh)*Dkt*A5_I6(m@7e?X$5+?>WA#pKWyakAZNdRn&M_7AR z3Y82@;?`<}Ki|RL9*a9+Y5|O?G_j|tnI*8GkrV!1=g&o>Vh}e+KqJ#FOz9h!V#V-y ze+U;}|98akykE0XaiRzkhp-5P{TRzSHN2oPtvb=E;=yIvA5XuFVpU!II-siXZEdXS znUTyo$-W`yk6b@auB0^93^mW~w>#Kd^K;@cjnDV@suACK^!Z7N(nX0gBSUkoos<@0 zK)i1Q-u2pYS4N(M<+hC7NhR(RK@7g5f1y!EsAIyIb0JmHX&|gPXGZt%r5%kDmj$}X z@GpM)wqJhV>hHOF_K9-Mo1Sj+Ka28WZmvFC${neCM=u!d%KR)_R{)Kv>Wm~W(0?lO zi2mr)b{)6D#W3vjeE#x@#xUhf?d{WL&US~?1Mg%vX(lA}NUG4(JoXVw_YpLKfBZ>F z=Msg1K8xDkp4>01MK;RD)fEjvwQrcC_2;dJ>krMO=m+m^%X0B*Ppb}HDsc%;oJv4;Z%S3I;*DI z6!+`91$1I}3SI8z>V0QK^FZ+N*?eSz0s}LBojD=zyQJv3wj08i){QGu!=U4vG>(^1 zs4#zE@@&3~Ohx-Z)UYMfdRla5p7F&{)=*B(sFsb?(FcdK+oMNs?SCs}f8?Yyo+B7# z($BkPHT!;8VNDpNU+s7){Z7Vk^|3B@ON!hlB0J4*)hUBkCSSMVS9wRKY3IIc5*VG) zb~3og8W3K-yIoizGV$CxLzB}t8rP1BXqFvsGElb({`d!7`3t#=?sudrZ>Ji`=U}W+Ovb^O3Qk;EzT}zEi+wv?#sI74OI#j zY8?iSF3QD3X`>H0r(Q|PIhmI^9{Bvgu5CZf3!9W=6R@F2kYc@;eXD|bjnMeR*rbO^ zXwcwF@6iwXy?*mMZpdsdR;2*oQi<&fFbtSgAd+XJ-t&~2gH>lANey>$owJ1zSndfv{cnWlu!EvohY)Nm2 z-#0Xc5Z_lSGH&*V(jtFeGE~cusuEm_v0Z36sW9%^9O(H~Ke7GSRmr{80=Jwae^D1c zQVPV)cf8ba;IGbie`Jrx$pLb?;@q6g71pPY*QK{x&di>wn7;Q2-qRKOT;l%ot54rb zyOdho@O&OZ!jwNDuvp#SNG#PH5GGSTg30lC=Y8%j;d!1fI}L?5MNpEV zwtw*0SQtS^l&ZYt*%|B00jYJmQ}dpG-PWLfX(y{zwPB+8e>F}OvD2n>B^0ms*ApiJ!sbcpUHSAu7K4!vGPCNvbXu~8yO>@vyGq;R%OQI{9lp4_L+o3JtBsIKU?5;vn1~=&T&T-5WEa>>c4RE|kIB!6Ra8q{LQyf5z!b#hf4Vi+ z6hsG@9Gp-TUI0dofQKFvD-!8$Ee(kP99Gy)$;xv~l+Ap-JCJ_dVJj8R9E2Q@@`7;+ zVS|5b`Chr$4S0H=X+Qp1Hl1G*%kG67szF2-NYO*?ll1>w)Z=L&pi*b=o>JzJmQm2K zBW#SBgo1*QkZLBu!l7=4`$5RG$c(%|p^G`@#4J)U=;B{=q)m`&g4hD{$-;%3wUvgg zjLJ~Rl(2xCAsC=EX@tAn!XN-cqVPp7L^I~ZP<_yHuq;Lt!VR7pqADuFz_((!tL3@E z-0>?+C4C?xMT|yt2WaJNKzKA-U0RXcuq+B+@Ty6}g|0H@bQKK~x}x6D66zrfH<*Dc zXg$53 zZKr)1!#*7d3dhr)YhEv{2Azx4)3)x&ZOp=I*vARw)%X|LUWGRaT0SKecBOAW>TZ$lK6xDs zehw_pf|{L4S9d^2x1`0tm9{6mD128t$6QiwLKdELj!pKMy}z$bS&!NLzNf^sUDv@9S>qEVtT6T1QaFSAR z={tj-IQ;?b`w`p2ABbS{pch?{RI##|H6uMTU-NJFf@GUh9^NF=O}@vz&j&`ni|U?B zE;B0!EeYk&?1KJW|1gj`s;VXNTN<8_dHZUW1v9!Ix28Jpen`vMQ$Wa;3vH!YsyEUk zABex>FMX|tl_S+Sh*%e#m_4a)mG^(j+taT5PD_BrU1w_b-9_>JVp zy3aATnt+ztora3qSpQJXx|5K)mL}rrm%Z$NcO{7-TjCe!BrU~QkbYUb!#y-A3Ptv!rLs#)Gx zq{dl4h=JlxxL1ksEg533JgO^aeta$3x`@YUB3_+e*-Bq_30V4h*Z6FJ`wd^693hqz zrH8%avsD`$Uv0eTxPy}=XA0sA>ZsZ0c#Do>>hnbwM$2{+o-*)s ziVS&L`Xv%6Qfwp>CzNCs(DZx)0v{QOP%8k^H3K#KYUmeHS|EObR5}(s{2;J-*f3uN zxL!y&){!vQ&F>o~v9gstVUU~j@Gz3LDU3EKus)A3F}54=0%RvRkWCaTHlRX2ybz*% zDv7$x)}j6vl0I+5!Njq+YAi9lY7TI!dj|S|4N|%RFcu(E-ynR=B7)y#)gPRC^cVn3 zSuhX=vaD3Yu~QE}sc;xGLM#&FA~4CJK3ya*!729_lQc>a(EFruLT*C!(IiipFk>j?h*hnOVqT^248{T23DqfM ziBv))J>Rs3HWShO|9Lw*b@}*9Mx+$~wmpea-J0l_>7`S=5U3`mvb&FNxTuCoYtJg| zl_@UXa6O@?e)F8(=YL+Sjg`n&aqU(e##1{Q`VxXk8@o+`7sKh5##`xh`VE*ZHB z>%JV;4&2@47F^-;oew)`@lXQ1V|z*aDaomSwiiuT0lCK-<$hGcxcD?MDkH0B4aCzT zA~&+ICj;c85mV3AbRVOmY{&p<ljS~sd_&gr(?mMw_061zziJec;Cm{%}?aP4I*EoLOOFYSC zy0nYdIMJhPo2^pSYXQ`iZ)Z_I@mJCQAUECwSgiOmvLoQw>bn)(l^R@5BpB1s-i_UW}t1S=fOy+Rob1 z^~|n7gB}N_cJZgXNG%J|0=qk>Q>eltCkB8Vn4Q8(&$n3hV3RVwm9d4iOadzW-XfezbMLe8)5CT0MC^}oL@GLbzEKUq`0 zuv%f}w$nYQe<3ERsMq$YLZeYQ%X$YDp4*lDk!w&p@GXOze9po;YcqPmwb7p>xxSTn zRQmoWsRvapV@HN3F^ZIIyt9w#c;>NQS&%WfXn>ZB!%?>1Rm@c5vpvs|eW$vnR)pbl zQyo-XmNPrww+;a5x^zam$1^f6!byekGm$YE=Ur*QhBVV| z*EMhd`j7s`qz8KbHldk_x3w|K*=)8>955PGSUfy^7F`8YU)969Gei=a@m2ZRvEWzB z=;Rn!m~}5_)js$u?QYod-QR`H0Jo-9;7uwbnPuI`yGuKJT~_Ln8s@^oFiP78g>Fs@ z!8Qh}Ji^`9jxGA~spnZ;vSxS|!IV|6@8(u2d)<7AU*EjdZ(48C*sYkQui?5Qyuxay zta!bfVq*Z9oMgeavSw^vvU)<52&#^st%(6c>dQg9*cuoe(Va6ZdVQrOxB1t)#>QR0$Md%xpqz8yg7K@)91wcc!+AvW+(iC?tKsI-2S z?Hww5FG6c4M~SYYhDvaagbR#j?#icf%b&H)dfgmaQU`T%3!I1Ci&$Iu9BQdx!UKz3 z1TuZ*NBVZ5j@IG)r#^Sn2W;y19 z;SWHKo~7=^hP&;gj5Ip8W-sW=^Q3&K3d^|0PZC!6--L8_{Y+&kV`w)s1G8fRmdst| zW5h{>EW(=jC@P}^uVlKI+(>cVvktv(f!_l#@h2tgQ5`{Jv9Z3>F8)N|rQI3e1?h|N zMv%A>3>M8?7% z+-G4pB#{N8D@1x`5O8D(l5HM;Q&@XBzR-3*9$1Jc3+T|r1(3~m+W>eTgex#lCop}Q z^4b~@29XO?ADk69NMYT_pd^CbDbU`l=GwsWZLf-hkR@grS^x%(G-Lpc4p+b>A25cH zEE)zmU&q$$0{q2_0H*s< z3ihz}Ro+KZLQ+dzK6x{1{l!{r0s|t-#)tpC{Qw|r{x)k7gyYAxjE5A;O-@fvhS!1m z{90uk{MM3zvAZ$?1`&0HWN-*5Z)_~5gn8%*K*8+Gga-oA1>y%1LM&s1WnBXX=>`Mh zM==a24rZMY{5{?eZRF(a763#)b@9bcZS|Imtzb2>)xWdzpcsPNcL0^06Fi)YgcvY9 zJOfx7ep3v=>^lH=b$>zK1Fho<2>iBS&;WuR`c%w`f}dEK>FcFg1ExzssF?wP;LQPz zUDm>sWx_rLd`&B{?g1K)gCYZk0rZpb-9rzGIhn9LnSx-|DKDaP^ip5MWxY$i5s)^F zpJ90>&H$*6p)f%(HaU2_aHfS*IdW}zjC47!cUEv85q@CWQSb3`vvg~cPL$adAY$Vo!bmq=O2 zr6E*v-8*bP&J!RWz5@8`Muw=V}9%yO_hp>+sS5Ld2}R1~4vx1!w66Iw#Iq z1|%nkT^k~HwO2N>BEh{LpQFD~yfU_c3Gea>k$o6v|pLl=c-+KLX+@U zwW<46skn`*(c0Yj;#C3k`}4X`KW&m{KA+X_9`uK{Td(5C7!v3ODo7Vf0~P8GEpt4! z<=j=faim=tRM7c7@TeVw;+QhdOKSa{`e_tv5YQ>l{ymyyJrek-<|i+$i5ipyoGy7( zp31@Q|C>)xXkLVat@fT3&j0yQ;hh zu?(&ZmR9!rc))fLy*Zi6daUZsZnjoyq60nNJlRTX8YvllZ*av(aEk4Ct~cyo6gh=1 z*;0X5yJZc=9TH&2_MZ}-T+A2U-NJ6A&K%DQo~(KZYzPfw$}8A2G$S8yWR=txoQcgh zlAN`AzMM*i!h8p?%abF^H^uqYwf=%dD-W z^(W2#4l#QDY>u0ml;%XS1I#v+)^=P2ZqEg;b{*v+llYm3Flz0mqwx4X^}B0 znkT-3fgB+wB4|Ss{b(Vy4_OV-H(NlE1q$Tq5=;asJ2VEwkXU=gQPVusaAU_A)ChO6 z8u_SL8ojX&x3xg3R$=4%Gub%6=()`f55rW20A-lUggKsZgFg~lm$1xXEOTWx;IR{nkkN%+nhv|3MjN9?G$WC(!$|oXvK0g{CSL9nJ!-cvo zAB*5B>_!2Qgy9;MG}Wf;zf^wsVLw|#0HK6(U3Jqx_48>bdoR5D8w}ZF-XEo8qPNOV z8yqLgDiQ=A`r&yQf8>h`YEsoq_wM-;EA@Ott?iK*aeK?We zD7Hv|xWp}-kHn95UH44w2Ix^{gwQ3^;Po1jYq8!UV_dVYGh#1#FLH^+KA;n+t@etBiDcf`C>)}V zxwQfy3pGl+;wKywxz6LW4K^vC8V;!1ACvnLk~zr^5m zteAV@z0aI(l{?`7_FRx3{@b z{hYxkSx*03my^+AKVRDco4znF8Q_KT9wrT_H1_xe{k5CtCp^4pfoVO(f%Ej{7Fm!j zS?~cnH5|rgAd1;bl|FTea*yZDdoz5^-HxUbtQL69EXNP({xQPl#&kqQefVW)V?te~ zpEkHj$eQ7%zKntzA17nDCc2wE`8XuT_gBenY&)LAy66D>O*6|5c9IdIYfZ1~uZArk zr4iYLqGPmvi4rzsOqmlxXC@_8iM$Dmv0YhgqPcenu9YMCJBX|jaLhhepc6lP}z>u5;m(xfpRQp2vX+!i)5`rq6yRi@r%Z8@08`_Ml9+uYzT>IC- zGv5^!zqt{46`Ijaat5DwuZp?SzH(215J!)S$@mBB&YMp(PN_V~Kkj395C;}54^!I3 z?9M>aIr#GZbXzphY*c9d&ey05x?7AfFK;pG;?v`*0zzwh*#vlEMXmm|f!0BSuM}p) z*P~l;zc8r%w3|}6+X=&YAHi(0cgInzETm@{#TOznf0k)g<9uu{wvMW#-!`j&`lIt@ zm(l()_|rV3#vC=7V|NenB1G>%Np`x$bp$a5HaZ9I4fo2mzv9{H7z8q8$>qfzDOHPW z_Kjv%s}&OT73bjVHEbscw6H*SCxr9uLnj2a4ZcRv5yu)~@>Asd;J-^rF$XX1YSS8E z6Hra9#jeGBbnY*&AYM`8!iv8DG5%`TjJoclMY1b>sA}X~0 zobt_wkjauUm-V6LznUYSwzgA=2F!a7mFH{C8HFUyJ=yVq9SGkZngcc6UPYM(EgZN8 zif9%JGg?maJCJk|Z?1iDM%#RIcti}BU8ma^z+IyGK81D4%~>-#?;dXe1^(@yL79l0 zdF$Ynq$cFDCa?Rt=TEKor*O+V&rL-TMko0H?vh=B{Oi+~v6oZ6Ct@Y*Z$rRT56Ni# zipjNKy9A}pXFUJzn_U;liulYe$25~nt}D_6)QT3)^V9Yc4s=UB6Mr@iIy(_7tgcM{ z;)j=@M*bnvU&d$S$w83-Q*3S(`R-w=e-8W>w=pR67r9sJEo$wiq&8&H=QjUb&h5Wp z9MTMu+!*)vI&%1E@E&TFaZWSv8fxQdX)ZTvj`e#jqIujLb&n}~j@4wAWd(RnbG0;c z_Uo{BEfhUQ5l$s|E-S~L*Tx>s5pL65?SgS-e!A;JH~oswfFZL6+_#qC21_CNw0O&~ zdDqI^t~|ey)N)E6w66;dv8q{)a^4;`gyv?<@7}}1 zD^LY2I;mMm2h$P&JQ%O1q9g$Bak_mvBw40&Xu1oC5oXIADWiD$UCW3sCtAked1B#- zCoY~vzux~1_Jyg~62A{0aOlr_zRI)WmG@cgrz+v)>5;eKBBDZPi>;Tn6whfE7Byr!BZBV+E0UEcKgFToP3QbPd-2`|v10Z#ThUnQB;W=Q)IsKYR_vxad5YsW z$kI;fmwQ^CuaV9t$;7D*5jF^`!l&p+3TaMFvUo{$q6=$Mbx`mQF-lUQPT2c*m1~Jx zL?JzizxU%MhYLkaDPtBCU5AONZIZm6)}*b(zw*(Q5L(|)E}cWU8usVu*RQTh)6w!c z`sctuLLVyhqEBmtlN_8&!)$5eSog_WcA2)gcZoOrv#a(SO#ymy9vR_Xt-k)N;gx7@ zFS92g_pOhlt8GT0=wMoD{q5=a+41=}R&?p&t$Q{O=%7hw>Gqr`7O;^Yr8C!$QOzqiaJo}W2e)YZ)&x44i|sV@(wShgV!^7OL)f~m}~ ztpCIg;JjxPswF#qp-Ro2`;G!-2m%^Wn>gGJ`zTpKl3~n0yD=$%ATOXq_Q>bB@(?@) z_bMAJa>_kmUpqj5pqbU6!QJ6biN6UuZ^==u(00F`n%zBxoV-I?0c7QFUsKSg&&L7f>9oT!pYKvm2ay|2Z6B%XHRryzwm#f8*cXK6&X}0a?x4bSVmLd{+&>&F#Zm@ zfJ;q}+Me_Zn*;Bx?XVEOldaQ zVZGDqFc%F`2tiS)m+_j%xd}bEq6a;U@JMS`DBYz8LDgzP-2qYDS#*4DIZTvT!Pmbo z{ojOW(Sa9|T(xz~E@o>GeSO>Ur{=SC0mX#;o)>mWyolBNU9OG>NtKFN4QU zg!W}F(;lrq)hem~=4mQTwn&h6UgxhBPxvyXr>|yFC4Ne!I8vm;2NNevV4Yh~$17s1 zr^@>Zv{}Iu`g5H?t)7;~z0rG&0$L;yY_ZrGJfKa*ME5(S5P#pb{t2U~UTb8Ukj&CF zNXczdgBhttMwhf_snUJi#T^@a!%I5#?xErMGD6r=Pq2^T8xK!Uix7uFZYj4Q)>y$!?TwYGj2&)%xs4#Neu{S(ZV3BZp1}c-(-ge)GbXnViQ-WOu zyB{Nt9CLSNA|k7YTBO_EMkf9}A4B5<`L$PE1mavW8@&IFz`6YqakJuTN_zAbwPdO# zV{;9WP~hb`z|ZW04Twyd*gecy@q^>y%w#9Ct;nPT=J&!Nh<}#GhaL_RUeZ-@1bam! z?bu354s=XA%d&yHw;e~6_A>r2!V zhK*o3LoNKn95G>{^1b@#J8VX8zepdd^>jK{xOK@{tK}WUKo5h$aOo6Hjrt~lr_gI> zHvW%;hF0U%rF&xxI>lk1%#mm6!iAniFivnY49P0k^Y2K}_}N<>v=#)s0a@A>qbQ!~ zC=-c&^*AK>Jb;$$5joLx8`7zwHJ#tuOW=py+@6r59H>UfRoh$q16s+(*1REkm&9{D#idyUCat?J&>g^cVV3!I;vgei_;RC1u!#m9wlb6q= z{0{~imut%Uxh;;%#7CFVZy)4MI8q5VwSNey5fzz%t_^%X^r&WCvPvYA19ZIJPdrZn z@nW8NS(cu6YNRefL$#?gsV}&Qhjrx9nHgBpNB|jC>9hH;7R{yZ-5f|I%XBZX(-b`; zf1Lp>;@AO*k2LKX1RpWzXQkD`ZHQh<85}z5boAx^2QxlM2M5p*&k^c{!l4VK2ocoI2ksv)i2I zpjl7%j$+k7QE@V-$nkw#DHV@zf3C;-{{Xo|!Kl=U&uyr=ko}zv*vvNA%@q(D zwTxH&Z9}qhy@Ru>J;yCv`z9)xA8A|9N3y~5c<&@6dQ8bgL8)gIRST-4S+%xT>n}`1 zKCPttZkyj{2}hq#oq-peAT==#9lN7=_s^g2cfVkfjklNk>X$=UkRzT<3pWNfVgMfe zs0;YX@WC|4gza0QNp~;ZB0g;%48x0Ol6=D%npMF!hZ!`=wKnc&d`zH{2OW!dHgZmO zo2QT42NPKT;--^9*YCO;X?mV*RcqUSk4Wy)h(7Vw#4!C@sxO&TjQUFe2Fe5~BY2To zy{@o$PJC0>qI+p2+q7Bt&knLPJ}TZckf+!u zN3=fllE2x{>qH@Y9xlf#?jA%hmVR-!dLIMalsVR-vy5QcdR-Zsjz%l+WSO4&p4 zh5A>oauF#NZD3T4ENRyU&x%ovVkkacN6xNXIL=F zPfyYDDVougvA!;NuXPIdWf+h_i*0(!eVy&pkA^aOy_(i$KpjHj5}SL}L4xm`YE()z zdkv{F(h-K2A%+1u#fAZE6;!`jzuIXrPZebRXU9P{*l4E?!CbR-r?+^R6eAqgJe>=P zMy;Mm2G_3$v4+fL?qZh3M*iNE$%4-?d-_z_$ZVruK(zFYJo22`BnvRN>oepJOEICg zi87x4_*PF4Stt=g7n1*am*LF^_qEviF^oQAdfs|ZD53&NeHq@oBICu^7<|QuzfO?G z9@nX!jNKZY=y=aPycON^`w*#W0=1jjWi^~3_rZ4Bil_|nlsDp(r3HRZ*3^ZA$qhJ% z8Fj@};DXW=;q=)FO&0JfaD%$ykLK*yP!kxeZZ~ru^DX`om@VJ;&68RjFjHOT+eCt* zIXt2+D$}bW*6Dkk&&)~r_^g*MnwwJ6x^(v3>bH-)|j}=?R|vHiG4wWDIJic4}x#}bSWc&YHGZ> zNRYXLChWbaxy|yd@Pk`rhE1gAwCBbTX3~{9u*yU&X!lJ-%wU=_{Mk7;9qZ=MdCUTF zL`do*)X@}%Tgm8UZkXD+FO-|NxIA5JVGF^?y#)!<>FAC&TG`QQyJELANu{P~UnaTt z31DLF(5wo0C<53xHzjyc&9}vr`4DPZi9D3V5o(w40V+9`74u&`?YT^h)GJj()M?`X zXm8=u@lSfEcek9neUz_#&%L$NiKaPnOox&`{VMx>6lfr)$!9vtF_=N}Qd=^sAElZtFJvq!vsitVT=p`073{r!j_Y24pZ zVR~uQiwszh(hTD@?0BI2ptzMs`ACE|f22^dJwR<$q}T|_3o)T|HVfpuX2kiLsbskX ziZ;W|hEOh1)Opt(xlwgJlHB2;4u>j~a^%zl-Mc5xst{;XBJeg`of-3_W>(INK8?6) zDK@-5Lsvcb03*uu|3EOtB%&|iW79Ss!)0!BYXczShB!`rDMAynePkDP6X{>r1Y-Bd=sHvEaw!aaH+C5E^V$zr)(Gd{Xg2c zCt)cYf@zpX%BbxX!=xQmvTJkvkcv1KBBQ{wKE{?H2uuQiDWdB%zGpYlS zQ_nS*+0H3SpkZo|@v|?UsHdB+L)W)&>ka(MzI;)=`eUn?m^~pzbCnzhx~Fev_EEtu zKlL2tPlL6|f7Vw7C3-(ZftJje8#wJ04qyKpYo>sUkiX~-F>0S|9gB{yQK9n(!Np&zktwVGeta$@ zGfJIUNqwlzeg}}ve`|R4FI&ZzrCF-)zb3)HtEJJP6R_CLX34R2ch0pm=Jv!ZT0Kw%JU^dya#(;z+#vI@Gn-kQdhb05gjWF*8K~*~ zn0SYbLmZimwS@RXrc>&%Vwm!K1#ZI@m{v|iH(9tJXQnY9d+ZA>@$_s(Y`w!6m~Y}7 zWJmaOSeanheH;D?+fcCBB$>(^;+H5Q;H$+U^Vp>K|;E9Hn@kf@Y#g$mulhuClXbGkkTbO*5jF+V~H$!Mov69$)a9p9ral zE-PwZE}sxdXyQo1Zt{}bs|K*Jlecy)60cefCAaXhg>zo&W;pZ#hm-)~HF{pn-aFi= z8}>*6Xgq%>y(4hV8u6}M)Tjb#SJwnTZ~tu*a}R45woTD>3-+#D&R(JykLe?&tNuaI&l=ow`A^75_0`{bGX!tN6zaV zs?op+A~~jrjOaWyy8_O=(|hD@oY0Nr|MFmSei?9Z)oa#X!64Hr)@EI-x7TPBBwJOT zJfK2fGc=TO`Cix_Kms@w+J7&FF+S{)OQ2K7v}!=NU=tbvWF!F z&iKNW=d}8n^r8g_Z0y4-jN4%UJw=gUETNJw<7cw0pH3nL?Ms1yKz|AjOU(i|-;IV) zc+#7cn@^M|gD3!o4U^kbgRNV!o$8}iyr2;@PUIJSWBbtw-W<{vMY<(}6z#pYI;2a) zHa>+B^tz#y4e_#?$5^`kzc)uYL0ahb?e%ddHJL{kLE|8PG4;T3SzgUX>IJ=Ms^Dl) zM|!mV?JsR+qb}YTix;QeR&|#tblM8bopgsx6zk+bN)K^88j4e9l$MlF$ z>~C1RwO)!wK8f@lrmU`DOu1JKUCmk`SYpkKow_niUmG>v)-V{_<1F<;y!iq_qZX<| z@^zm&Oj{&K(9^}}Iam7ClIcSlbEP>9T}aJx@|4%0Z4*3E^6z?KCCqd{z&`BK4<@xn zErC|d(fbfkqoJNj*mp3*Aa`JwS+U6&m3DHx^(-LlN38X4buVz|<6;x3G~X@t4dz3! zl{bo-fVH=%%S|cpv2zE!a$%T~|NO|!oy59LVwBS}!()Q@<}eG1 ziMfKHh9POi&CjD;I^}E|T4)DyKH{eLZ*i=ql#?-l0=pcA9E#^?5@LNB2jjLK9=di$ z@?9~;^=yli%NLCjrpva$qSi{KdyXlo->a`s)vt?<%tSdJIk#8=Ih$u%hqs)F0H4}>HA}b> z%oKHoc4ov%ISU4vFta}i+Wu5H#1S=H=L1uEQrcww)ssNysJVHAv#v^GhnUhEd84=iCUpjN z>|o{&6L9D{v0PkaKO_eYf@#4pue7`|d*_HY%#~8D^)>$jdbO$QNof}HhR_eCuk-;G zL+i$@+{;q7`_06PtIpE8cyTk1ACV6zB$iIR{T=2fmC7_`gspv3;q|N%EiHYH=Mh0T zzCz^^W#nd)y9CnuM(Rx{0i<)x_K1&ixQ@NkngPY>;W+4DF4_TU^V6ZF$*@IyUxJf{ zwiG(NTIJMhVN07@kcuj%4yk54QS#T=cFr3y-sik+qnXFrOjHC|GDtSLz zAOg*n|7<3{`nVNSFv^bLuIKDRB^YeJM(F(rd(Fyy#4rzq%^Rwq9n)ooWwS>e#4>n+ zw|oPwAYNV2-D)K7vn4}Q)rN}SAJld0y0Gt&$hbSc*=<>l3~b~*L_1j*qpj}yeq(1@ zTo!kZ#)m95slRVHz{u38j5G#_SEG)6#kIoZ>^^5@b9DITA-|aVi}=i3#L+Rj*fXUxeGnwIb$tqnRPh8=HNYcRj{0e zmPVetpTX;9z22LPqDEtD^_gPlr`T@RLl}>G!f)HBApuaZ4XT z{AXrr5tbqcVDqvRr3BL)mr?gEZM0Fkb{p?bO5D!3Ykc$Nk1zUHEERfo%=P8>aR=M9 zWTr;~6qnp=Z&)MTXmAezC-$?yh}O>EmSzEvzazHJIneg1jpZlrM8cm$wW3ByZOLv| zA60wS8{zpxcO3UgT{k=-%x9e`B`k|){wvo_ctiM z7m$|fM6%zkJfr9jM+1q76S^xhY=6lr2gxGZ8zg340@(_IktR(6SY?eNR(u0q85+PQ~U`>-hfl{iuAkswtl zW#H42$Ks8XWw1s3$7Cr;7MFw0@;M^!Lu5<~k$P&qv`*+dpqSuV?Tuv@crDU#1V}J> zSz-L#qhT%D)hpPzO0=M%8_~@j^1PU?8d0FU2Sg$?L@gLVtiaTuJd9@5l0m`|!*O`1 z-cX}UXbajhJv4GyY3JN_%uZDR%!U7Bf$}b12AHee9Rc1`TvWVU5tJ5Cm_(*GQ5uf|L^dF%v`Kwzq02bSSu-Oh{|%LTeNcJ*Av z&f;I=r0$r%e8a`%aE+!6ye`rLHI>CFsIoX3V??NzX}~?3Y`Bn|+EC&Yx;rI*z&QG; z3kCH&Rev{da*ab@SE!6c2rs9?1!kr@x3=;*?MMw6-*`F+4)i>okmlN6F+X!$o zkIw>X4dVp7$Q~|VsT*Blq8t4G(E&e4>?Fukw_>TML@S89m0h3iMu-7$0S5r~q=i2p?g| z=85_eDcif4koSDbOWpnPLu>a|Iwkq+Jn#aJy*!(}x8j3#3{}TDjygKiA?ANSyvB1u zfjBRypvz4dbaFpop7-pz#U1Gep3HnaQgi(6QVk;@O*DO6OyeQ#;fn4lxir(M`!TtV zw_gheN?PmXD0vp2VjsV6g73a@KLqFdwh*k&;GF6>-CD$74QceQ_Wy@T8r!Gh<$`!Y z2rJ2|i)p83=7Lzl{#XB`3skuN(+P;xN}dP81(wRJ{8P!9-xqeK>lhF^+;QY}s*%U9Ui`h59% z@AvI3c>Vc)+*5P?*x9ps{QgeTbkq4zE%g927mHB;FfY}FZFKneH|U%c8eCwVaR3-b zD8f35RvtDWfP-BeRO5o^$K0OdVii?oMT7YLgFWQqL6C<}fpDzb<)C7NYOuu%6QdCI zMf8ybvz0?82!XrLN1(+I3xjB=(d=<}1Vgt4%EcoiB*rtb;Sec@(-8r|6$mi}xAQ$I z5#cj^DI~4s3(D*h1yjR=+a>2kjPe2a>^LKG`nki07$8+~SyqJE%Vz++w>KRN z`ILItHv9Zxb@biI28pmA=#vmfkgMWygXyDZ1^Sy8Ly&_itR0pRgP)ME@3jNnBQF4j ztU#s9aZ%EV)e6Fx-qDFR*T)u&QlDc^bH6Uu#Hd}f^Dp;X*lKXj=Mc^9DY-supY_{v zf`~9$PAr>t`dKJi1r`}J2|7hVa>@%XG~BGRU*gZNRNb-FG~=pc(wVpTfYrxV{<9#5 zEW)Lo&$KPk!bIrNB#$$kYS|gy1TR3dyN(J4)7px)RyQ#_sJ9ul6zN`z;XL=U-}U3! zNkx^G*+-OQn68Vd#;n3+qroon=Fat|(xNY?4zJ`Q6ybVuL-S*l-exs6pGbq+mw(cW z#9`{1#yrgaWRk?E^P#avh!pN1`&9l^M_ntt^g6J0mc2o+x8UMG~KWcPSR$lvC6(=V1*}tjmD)oKQg2hM~hg*)OMgFtMy# z-elQ(-q2_qR@z6qIqjQd;}t-v>OLVRti`v_1KcaUI|V>sM6g5dI+8Hz|G#cnAkQt2pqv@ z_tK`BOG(5vZAUFJ1@G*JuJ{&sa(nmiOizJ7njQ1H)RLfp?M~C?ZiyM2oFgzmUmL#P*; zn$$nke;(r%jPUbL>R4AAPvvjKEJ{b(*xH0dig@LEzNjMr8__PBt{Dq1nP0z+XNjj4?j|=7X=OC z@XOUanp~6;qxZliR8yyqYG2w1FA-9xj)YBh*&GF_54r*CBO;P^731BB*>Th;H>1$(O}2UWp^biFT|0YB+m^&|3eys)(WVTu+^ zN{ze1v5kXZ!_Q49Z(KRv3`LsFs9{#F!Gt%&zQSpnS`nV!SGld>E1m8`2{7bWxac(K zfAlJ@os?$;wS8WCD2a!@7*jN{C^>P6j>(^0JHpDL@7e%U8vi=)svheukcFlh=9$Lq zC$C(B{Z|SFQa@{<-gnw&UuS!-$@G{hOWiVS$94~prybkRr~S1EICd|7i^L#R@%UMF zZnsOnS^U9=6z7Na(U6MB4S~6;fx1sJZtWzEinkY?nrv9hbs4|8F1E z1V?!mOssm7R44C75b5FK%@pv3bO?tQe8w!N34@28+kepag=;nYz@uGs#~nnyqen7| zvEP8J{CNF=S*H!FW>M-%k}|(3!nNx2v?QPWC#}Ewu2vl1TiW1$6*hcIAwC4L+&u%Qt3xEQUp?nHxZ1*~|wngp~l-D%(bFk(a;OuK@@7Ncu*s{XXp+9Kxk_ z!|`33qJ<~+tycK@YET)Mm6x3)s@NvKOw}jK#t#~TK!zr8YGF&`n8%~okM=@!MAvIt zIVl)ujs_gO)wuVA$Vg2G_`P;0Dz*@kvQj1nU|D!LB@d~k2QMk#GQ`undm44H-aYAJ z$es-#9U3hsg<^ReZuj~TGs=F3tk3_CyGwyX!(n7g7=`qGfq}gI#Z4`&1_^|alvEK> zQc0z$`I)T#tN$}uas0P!xv}OahyudF^#4heR+c&tb6|k-TV-S-%ye(+y`g=BcZmi< zWDN&^^0V^3H|;b#Fv-;NOr)$|YIbZ4>;mfJJ=am^TU~Z&qHkkv38sy3Z4LVI;^INi zH~<$^$}Z$eE~G@`HxQ;s0PI|9;LgMb@C&NQ-XBjC9PQ2ikLCTy0DM@8YcN{}MN~em7(Vj>X;QlC04f_e>Sr`)>xC0sb*;HlUc5>7Qje z{~Do%_4{zxfMWIlOVfWw*@1c%0Q>i;VF&sFY#sI9*OeXUXZ+U%19(?tXZdTX0QP@f zI`2WCrrx^~e>-qW1>Xti{Nv3CMmh`$rCp2Rx= z>q)*7u%6UA0qaS>6R@7l-^2-=5ZQME){}oHU_FI*0uER4oq*Mq-U(P;`JI6ERNo0$ zPwj8w0@hQ1C*WxH?eq-H0S^Dz?OZ?)ePH;Xn~#g-fA8M^JOx}p8Asr`wzD^|wtL?c zT4`B4R`{~lInwsy+m>+OTei?zZf?}e@oYN&a}b$FT{Xa6bwt)Qm<93K9;7U zBJ6?h5ja2N*oU@y$c>4f``Sh)|9ahX(%nmSYr;{zN|kcmwIROuKSpe+pS?L@1C^Ox z8!3)g%j?Uy=s(Vpr4&}&hg=~7>C$kj?Me$^=TH?*wNMHUtR`n6l1ECmEe>G~UUf!_ ze~$%Qo$&WE3x;Z>S-!Mxbwqj0h02b5)dBf!01@WL{3UatVZw|zIF$~cifLR&3$tHU zmr(7(eb373IhJd_l%X+iWES1A@#M-C07tdUgI0#XMQtP|))gRud(uLu`D8a4V{WXO znu^bMNuF46NBQ-$?zaRELz4|FD)qU0e~aU|jCf==W^mXH_30bz%%^zL#UMQr)W*!$ z^iW$S7J+K9yFecNpV%_9WpBJ!hfr}aFuKfk3O zlv!sJe_1|Q60Mgoe@1p@!=7NNm^0!f&#Yr1xfdEqh%zs>02o$ZU^R7e5Ts~u z`?|v-czfiIKr?j*IURDDC$58qylO*k3?&lz&ae*10CdPa1W!GIRXn6C3aVzEU7&o zT|B8g9MOkqv;bKUFw}0h+%#2lhbHH09mJVViJardm-arUBNQZd*%)Kof9*jtONqXi z9?#JaDj;7})H6uQ=&V4CbU75_q`dNnyV|AIr<=h%53ZAWNQ!dg2&y7DcuaR8Ep`|| zIU0SmTRTe{(^{CQo&8l3wmVIk>Anoc<-*K!ZM99O7^i)Ta)@)1AtBmMloPBw#kKwl zIK8pt!ZtK#90K|9vsbTTe?L}E}1^+BSG9M(0 zWF3;4IK_brZ=IxjZo-K+96|H7R{sEm_CtOLK>y=LdZki41S2EFsJJc>3PFQcD zt+H%zCU|7oSD8)auiQUr=N}zKyuK#3xrcQr;gw&T?a-Z`dJXw%e=V0D85l)20 zqpLgB)A{M+o}05lx=(2_`~e;X$x|l~j-(sX06SGP2AzU@Q*1|C#;sdg53P~%%ft|6 z_l>6w`-ih{P6K-&f0tWVlktZuf)q+3JWDbT-(?RC9VUL)B(x(3nT{&gIp!tkc=t+( zUu?*r8nRS0p}Ob~VKaY_r!?`cXH}+8R|#5d+un4NOIN3!K+~efuo2WsqOZWh?$mol z>?co~XE`}jiz#$A{E#VXboe9oD1?VWW|Wc@8TvEox1fT1f3;TZ z%gr3r&64JqF-i5(+8|zfa0q;~+;s6zr}VU#TtCWbx)F?o#~zGTQ-n;9i!ez2!7K{_ z6JQey#J|R{f8u&F_2|tHy7}KGojy#dKo(hY;vX3rcoPNwY=_mUVA0iiJ0bSTb!a!R zoO7hIcc1-~J0OGVN!Q%gwJtDssX%FxfGMXj`v}_Sda_&JIfFd52GZv8OBwotWH-1a zPJEJi^rvzP6-Sv1JPbdP1#>acC>nKaV$y;0aqvB-e-!#$7JocaL)0merfP>;P~J%* z_mQyIn@5TWpE3TKFhp+u?M z{v+DG_p0O3_w{D=rS70po#xNlUF$y-F|)H0D_B2%=goQjYKU!7eA+PJ$G13@!f=eW zXYwTKe~hIPCzaC1?blG*nM^%72@S8PDGJeD6%r8g>3PRX5Y`6J@HKkT9d!n$k-7M; zMyKYp_)45xJa|8PiU7Zh>{7j}T&iann_fg^6yWPT&m4m`*=)@5M;+SLWq3?TS8uvg zpQ}5jU$ZU-t`<()VYX^68lB(ITBXSmzD^+Ff0fYQ!Heh$#$9bZHcvVwVZqX~p z2>q(TKOoztPslZul%EaHT-C(QdbEjBZb zJpST~;xr_^p=cRMNZ%T*Cni$0O?m7HKI5_%(ay&z$AvGL*}O_FR@jdmXU4RFQ8aed ze}Y0MINFbDQY`d)2~27-WNQiYOpM(vAx!+M*wRXpic)z)VXQ~N_Hd-NQe@qr%JV&k zPoe6@)XZDy7E_#hyqQpV&Sux|Zk*zm-r&h4xcflZMehe`UCn-zKBJSJ)lK&)xQ>}} z&SN+fGHE;ZKIemal@|vcD(qQt5iLdLf5Zbri5?y;fRRC_=z>yE(7}#WEb-YzNQlo^ zK$idrWOmKhU@+&G5okdwW|&SJ#5(sW<+4I)p2-^$`}p8}&Z`9tWM|lpFC(VCdu<#i z+-KV&9vZMy)E6e^Pjh1E+(t{>y6X;FrJv(@N6ISDsL!Ew+j#FM+kVzl6oJaqe+^Cx zov2!YuG2rk@%248w(P zFm!u_XD)B^2w*;nQ+BoRo$`(Z$twRJQ9*t1K=f5oKvdN-Of?UQfM+_Gs6)<~A!`1y1k)yWxo<5f(jitHrLn!MW>Pm6cI+T3nVeQ2`VTmI9l4pFfQ2^|0M(?fAFQHm1C)O zcJCtE2Cy39ZYso$BG9vR6{oifACjL0FAltlhTfe}(JC3J?1U3tc3f;n#i9eypA$3j zHr+bX4~B@0spW%FB_*u-nH3U@?pWvUk*3=nJ6>YmEkfu|f8zgMMK*jcAd``6Er{0SaG0-IvLtsPf1pXC=$r+A*4c|@ z@;*RRx2MY)Ias-%9Du3#^c!WK-ek`W?`cJbdiI)jYa&M51q8G?g_2e4Y<}bAc*W6Z z>Ryu;k)B{$Xfj}O-0tx)2qVmu8+9rR?4&ZA9%^8OwV6HD11B@@e_~R)9NdF@jRZ(z8%wist^umg&jxf=NHHJ*c60a47 z9-b)AS&B>@OMO2LEX?UEaW@Qf-`zNdfx3RaaN29Zy8w z{%6X8_5mCkedZl=NS6?=~+t7V*4s zoRxIGfucaHY%d=m1^6&GZc6Q^QplJx$Ge*+s|TnX2T@UnAAxq^Okf9&vq@Nn)I822Q7pza6z z4R2H$xN$daZvyw3*NGoRrkfbpZzLy; z8NsXDmR$NqfBS-S#X2Shucp&xdKG*Hzh67qeiZ(3m{iQ87D3P(uv1ZNYd6|c zLl;F?rGbl}dO5CnZPB117h9IfQxku2ZSBOow_!(vv|f|w=3Um+0dPE;)Q%~Ozi)$x zu8_?cxl#Yx12a)0m;PNwR`RG=&o}@R3ewA%f|&Co8fhq;>E|J;WW5e7TQM;Cl+3yw97aV{7=R_;~yvcm=HF32HM;j7MXY#+RA96J;*Ke`_H>nr4F-7p399buS_G< zyWDAs7_c1@w1S8i3*NeYt$m*1><9QX zV_%l&-ryZtw-Jo2JFo23J50xBY>()2wOx05d{4JgGPT@DP`;_E;`4~Uo6h?ql=CF2 ze-eLR2%P;!VeNY~gwQ9v6k`TnQ1xfx0r_4~YCn|+gAi|d1qOfY=DxW*A=l5)qTFG% zoF2LTzH$0`I$CP%Ujt*4aS({#3@~i9(SJHYg%BBlk3N2mNJta zd_VLx>r3wMn&f3_sm5mXkgjsMxltr6e{Hfv6nSaiRN=CrPgCkQS80G>i7J=%*H+_c zLTl*GMLjKTuxZ)}%dDNEuPm)%UFUT3tf1iOexW(EaCALtgfRpuS#a~tla*;YyID2C zqhGVZOXv`e(2NAlaA#sh*df}_7bYgz*YJU^_9{kk(6FqPTV>;7g~@}T4m-Cne{@AH z-4z@PJQ9;@!nyL!uk|3~8l4vI4=!}~t+QxkTz|eNiM4d1tUX|Xl#hpvuF?y2ODFNQ zq^azwGB*KjaHUq(t1vB0+}n)n@>^k7g*a&pbKmgVLAZrY!P~jm?i&A|+O0H2xxh5IGiz?qcdhugQ;s%)#!YGi+;0zl2F5lU=7UX7g%*YlS% zCHE~5yb@9PdJ(l~e6`42x=^OnzT|Seldp-L1F{&3CW8Ensb<3<6qhM6e^tMnxS7Ef&_oz&Bq`$LPy8n|u#c zlD(-N;oFDr`f08@n+4BJe`cu=R4nuqr#SMz##ztWZ~IPd+FU|{yALH+GS6TZQErld zH-DLI)uhU>7@^Lh#sRw|SetDE-yPkg%eYP=wiX`ku;uXki8QOQ^ndEEt+N3!e!+fgNT5{Lc6L8IyOKDPhf z@7F1*hEmuzSu2$@ou!BGSnb-n7Dl8QpYv+3QASDiu@oQ7FKwvoRpCT#m{?)O2a|_$ zr0%b@$lpSi>^n_Xf6@=}$>}&w^`=hK*G(J}b+caM*dK_yi8dwHo=U^|;uP;mA|c1~ z_f}5lgNQ93C3vwcHR+a#1H}y-p}B@gmaaZf8b~^F3~ATN+($A-mWIEDy|SUTnX5o+ zM^18eT#c14J)&k|wT=kLZe{s@_DJim_$uvt+#H07{7RXje+F}fW&N84y;O>&HuP6T zNugX{eNwK`$Uv|5v(zW8Iv15#MZiWd@k#=8?Q)k+viZZH-bqZid2Z z(I@KNYjzmPqY?Ugf;I$Vq5FB40Rv?}MmX<#2|9S~Qz%tCVfO7!A?07xC)yUe<9(8k|g_ ztGtwzNZ&XO=QJUpY}7JFb~qq7*Jg0(bqrYw)H;d%f0-ryv%Ym%6klY)rr%J+3zGWH z7thM12Tgd65yB%|#W`H)ErVBPu(J~CrOEmmY>@%uaYu0(?Nc26-fKET;W-w>ru!w7 znnE;vtF;+j}~sM zS{bYse=hmqsdhZ;Q0~qG*uX-`NL!~qrja-|a5fPSJYB06TXvlngkL3eTIb?f0%!;2 zoF9pw1%LQe(}%$HR@KGyY^f>urE>PKmnn8Ce$$W&wV>D~1I?LJf>OBcV&ojj)$z!X z$I4Y*X&>{(>*j9Av}BL>aBnaXl2$JSqjD+GfBS*$&O^g|iTj3xDR^p4-6XQTqT{8D zd^jxUTWt%;b(c$0Lar`r^F%&8;aty`RE%>DdgbWN#=$uf#^zmHn&}a zC{mqrG8OSb@N!`We`Dm)6o}bx0cu^9!MJItYB7YtGp4EEnw2p#YJe?@Wd#b z6)I}P@U_e#oqbSj3{A0AvH9+~IdCq7ZOCIqXO7;1dgZ`(ytj39)aJQw*s{*BU#yV#h_zELKGV03pTe}6@s#R>ORH$86OV6>W8c`fY}qx#fKzeLZF zGIc45)W{H@g;UIPaUInJ-Ay(A-6ks>OSF1uD@V9O2Zf$Fvh4#LPjb#;)xqZs$zp!Q zHulbJhY!VEUcLFChzu|q%q|#5tlieIQ#llxaHAUnluAdHy)Vl)HYTk38QrdPe_W6| zm|-jeo}>lqsPf&U!l1%WgR(90a0=V!ZBm&{f z@z|LkKdvo8ar{+Ho+Wud*jT)Le_W2}gJ|HxZ$NJJu?JcFlKtzVhagHT5~T;sg3CCUFqt8zgDI16KKMcexVk%PfBg?tUA3 zRREHgB(qMhO+SQPdH-m2)&Uk*C|jSn0#V0&V1*{Z0Yp&sU079}Md86Sf802x1Enzz zUxiN`J8QF1+Oo%U@9~q6+DBE)z3NIGFx)MDSa#tXR@@_MOIZ(V;~yOQX7^X-D15w7f4q2a1&uy4RfcH( zQ9z@E2lg6+*$QrqJ2@q^nh2~%WvE1pQG7~UMUh)=4LWLGp&)8v=@_x-z{oeS^y={$<0@{&sEq9D#~PwwnmS z#77scKTIxa!05LIf3eVht7AVPy*(u)1h{_tP^3RqUb?}e#CA*~U0`Rj{KUVF&ohWX zefG+%5bD2IWej}jD>-JM=#8`EyKKW&a?8KBXcoac@!m~ptPE{ac~Tr_V$rQY%)#*saaI>s(T}z2qluc3 zY~y%%D|-&kh?x^=OIH(8K{bL%ssTl$bRI(Wx1qbI#!()=3-jOamdz`VX7kwM?R2mU zu*12>=MSQ2e;C%GP#WQNNlzb>B*G6J7DXNN;qywSnW)X|S!k>dcQq0*VbV+w!ScXz zz*N=RS9ETU`xS6>RC(fcSRdl}o7+koN+9Z)4|G+7LU7pk4+f02sFcFY>|k27@;U~2ZwjO@qd zXuNiY!(v(szs;&fSu;enay#K!4-=TrhQWUlVQ>`;VpYbd(t+7-%o9dtPN(8-Dt z*`wz9d8mTC{b5`o2~m;ztmsR$`_T48WW7TWy+x4CNvN(}rh-c(C;ax-iF8$;5nU3) zCdZtZTcBU5_)*< zV=aKoNUMLRA!3TIaPC*q1}^dKGBH2&SL*PV3g9?2v2$0P&HTU#hkk zRJK%g9+);7b@aKWYqHTGMyB8TX2#wXu~skg5}PjyvfJ1_%+hN4l)KFTRgDqsDs-5%cAa4oQsF?XuoEYA2?S8`rw z^AqAK=#5I1se5XC%*?en7^Fpb%B+d`w^esnUCPCRzDIUY9O5}|7YXg{PcL0U_f>9C zSzDMn*6i;w7>taMhQ))A^9w-?aaFjof2C@)2&gD-SMw9gK_HVKVGG{eQ{!P?qxlLd zNA0_EYz}wc8u1+`rydaFuSh26H6Jj>R#oetMGgu&;DmiDAHmeK@TWeBy}^Gh7_Pdy zMNNLDb6b%}vt8A#ZBt-f9t_N z>=a`AP~9}+V+v{`Ncq})QLXqX<<^seJ7zjt|BwlXO$yhIciv1l%}KWN!x4P%O6LGc z&0X1Oyx@Vav|`DZJmwD$5gE;k+itGouZ~f8|}6O9T}cIVTJWh;NsI#I-tbpj!;XhZ%<#>n8Q?s<6S*c7Eg51 z>3rPv?IOKR8}cHB0eK(VlE2c?7({UF3>B|GN$qrT0X9~n0Q|Pbd4&dMf5%_!r#J?i zTxFxp$lPE{SeF~l%!I#7!lOVfW{gpC96Z-dwLOh`PIQ&R6i!$9iXIieFd)s<$}o;n zp6)z&^}TTw=befvzJ?J{rDZQ^RbYFh0eZfrVeQe2@%!wWRl`qJP83_Y~QsBHBe?R-KRiNKMTTP>8jm(e~GZ!n;#f7~yP9aP_C}1mlH*s*c zno;LJ#0)wf<+LwU2AR+uh;2LJB4Qr2OtOfS83&NsR$?mpT`L>MFqfsUShEyP-_w<) zX%a(C`D_ZglkzAYWiXX5~)~j@!aYw-^ zeMm2ddR5Vo)Fmk;t}m0rBFLo@k|mn85d*iI;@iVVW8>L1@sL$rL)h8g&qXas>7~ zPt{M=?-9ADkfTQ>-*9DPXoN&uhS0(!u}^v*zww?;xMq@U#WjW7?sJElBlNa*()1@# zk>KWpx;Ix<$u;CEU3wcrW5R8n9DP2ne(M$8;LTKAjFufk;%SZf402D2ONQpXU-%gb zgJCY8nK%h$f4&b0P~55+=QM!ZZoO!U)u_9DlqB-k`syyNr1BB-+fai1AjNljZJXP@ zky$LOi!=*vvCP~i?a>lr@MhJ1w|X$eM@&bkO^=7NRC6NfMbDOGu49i?{~x3Q^^s$=^kroGQR}qV5l^jI|)Vr<RIGwD8Kh6&I@`S-~90+}ObunFF;E-XNB({WB`2AS+fyfgg zBr_B4x_)Frj!61<$pF)BeKsYtyLgF#@XsEY!|J<=lQpYdC?;rWS5IXJk_Ga=cU2ui ze_j77ooz@`B{QsPNF*zq#V~wbU1X37-x@r6e>-sW#`E?pbq_A`Vvsk{6(PSN2Q%z-$x#N+sHXyOh4g>#q z@c|75^qV#vB1Q8P1~dCO${YO^+VDF zf1gBQrMbm?h4u(8UF(rATQz4AntmX92r~8}sZCfF-_M#qJza=k9KRig<#Wd=Z^cuT zb}Gt9!+3CT!ULY23&NF6<@jsHRtp)9k3V=lil`#D@K;pLh<-2GM4Pu7IJqrs+0r^a zIWGS({8~4w8NPew(1!D{E{wPihnsA#e?TnV^D(`l>CJ6Bj>{Bd$Y+Db;&Abz0Wi$Q zqjK06U)sfg!pIzkBNMN?0j7pHW-}2;)I@Rkx`prCvru)~!u$(b$8O*^VihMQgt}fP zPxn|3cO#i0P7#{noiwyEp?TTrK7sY3JclG>+zX=KjWGfqWkgYt#zdknsb68qe`Im{ zqmQcgbY55<6=5AzP$85N`^!b+UGAjM+DmOnYIA7+4X-iu8a4hhZX_BrH5B6mh~qb% z2k-t7w0)w>U{Bjds7p1^gkcuKGI~2a#!5WDCU&=~}Qb`cXp$@WTxp{=uJGf03 zv#%10<&Pk9eA77bdvJkXyA-kmaG`k@3e;epFU)O8XAecg@D>P3j02NTu<&*NVfdxavHF!%Zt_N!4a({lk~+*(JRSrPjw z8=d!4Uq*tAN&J@%)lgesn)vW2aX&sobO>h~;(UL@@g^$mQ-3`pT_osgM;vR2Jv1@9 zAU*vFU-ac1bLPfk(xr2*^axq1u&52eFM^gYS$T63wD?NuDC$qGb&`wT-(o3@n}K#5MuI(isP7upa> z6h!P*XdpY>Jvzf3&_*7;s>kcN=vm zjrgXnPj2T-qL46Q7+b3*P5Gco@3nm6@mJ1c@>Yt2*;6S!N_m5w2kG?c3sC(@Hyz&d98Ze$Y-aU}G^uem>xJ z_uaA}Nc6R^@5@(4e_y`6_B*OGAyw)PphzFp_z1X(T^`&5g}EffV5Fd(gKhCkdK^63 zK^92%$$2szQ&BCEMy+FF?7_egjCO+q_CwYbEcy?JRD3%|1E*jf_3 z<*30#w|m!t>5y^i9d_tYt2rFSxN1jjRPan2jgge>uhQA^;$yG1H;ypJl?5 zQ#8Id?{1@z(H;Dp&4%Qo&*ILN=(%Z6c7lzmUGBJq&Ifu*4yy+T>xhJ%5@JA|FUeRy zA1M^dwZOQ|RV9{tAT%}eIDcG%5+RMJ8$j@;O7%8g!!~^8EV$lON5jpj>f^t81S2Mb@0Fba`98-WBYb{uMi^b?0%z5`h` zODG*oqpUqYX-knBu{U#L-hy3ZGjzv*6D(w4bhNdDHtsk9%U~J#|8DW=T35auam*_c2ZiZ0vf8 zo)w06e}xXboLDDRS}4t<4j}h9IfXCAO>k15CnFu|`s* znJz=}K3dg8`qd?4LTr+B5M+Ll9KYncQPy!f*{j>7k||vvHj7YOI%6H13qBfuI&nUC z5(qp%JgZb@jwYHM;-2K-}qF zUz+OrSFr2TaloSjyjS}()5rGFe~Co*IKWQ=0^mZwiD}yLJy52)>=!2&kxt!8P1D7Y z9e6#^AD8UE8KRn6#uMasQQ9!+1nll?V)|RApIl3u+VBu@K&=iHe%fGIhCU8v_e`q2|F=+p^ zjLRL6ICzD0lo1mKjk^%c>1#Js@mMdxJRXxt5>3}#@-p7Pbxx4R%>kO)J#@yh_@wjw zA`Lbo8sdq*9HOL2OeozBbS>B;-l>L?V^oNkU2h=0~HjSoI*T& z@CN}#{ctR8^T!z*-Rc=ee>n&0+Hn^PMY!plD(KHcGuuCvX4%Q4+N>wXUT}o%US8>1 zVQ^_5zu?%myYuYI6+7;Y5D}tInRXZd*fBQ=`=p0eN|)N-on+H-#h-8I$8vH{=r#tU z`6hg`+M`Vx;t)K?699EP~zz~+jXk-U{S64-iFb9V`e>lJ*A0^KaeLyq- zG3Mt2CMBx|XIViB`)xpl<6{1K{bkNb{^WB}R7n=p>;WFyWtO~BxJw8AC=DFo4xZ9^ z3VIcim2CN~NrN=bmaXu%^rj|~(T0mOedX@=FY45Z(p$s2l>uO}({0!b{nZ71e z2>}H+iQX&uio8+Kf0Dm2TD|97%qllDc|A66>>SCpv5BH6qO?GGwV;L$F$LePIz1aw zli}wJyl+zs_ShzYPl5zkig=RupzMPHfp@J(NvZ?aX}-(0?yKr_F2cuW2-?za-=GX!$yCqk+te zD|;RfM`z#se=>IOYK?UH%$y*j2v=b;E9y>wHIH8=-y=uH{Ef$N6SLuDy*_-_O%xw8 z?J2A&H*1}wbkAFUIWsx6RSB)KuYghHnrd$>M@ZbKmdAQ|Y27~*UF)hY9o1>@yMrB< z;Fg2mLUjkVYzVq?-5N4ArcJ@|QAdb+85Ni4JOlFZ42EAF4Z84bw176TfAueuf}iZLPPC&+q1MAK+h* zW+G)G&rjobhx=Tsb$)JHTlRHh0?-F{ql{gJb)|k3U&awKTOGMwOJi!jnzQ0Uq zCXSSR)H|m&z_&AeVgAP6L#_OhS&b@VB8?I8e>Z)^T~CHOH2X)Y1QX~Gq|hr2=|1O$ zv$}c;$Dm4m@ges!YAhuflSgS16{?>UO5SZxbk4ivW|T7$C78FkISDRz`tfaa ze+$%v`*nH=*>v^WP%RAaS6JRPtmgo|Fbdt@BO5~>CPbAV7AA$1+Gbk4_o2SQ+}kX| z!s{_Rp1wq{d7fc$)mL_BJ@#^Yf}n61P6)|4!gN?5_gnb6Ya`6_lo2}V0%uQe@jqG`^^inJt&gr28d|o#8_p&ei)`S@8isG zmPg+r0fYTYSx20`GY{qNZ0#D)218Zd7PU9(Q;ZQJMTvcrOdC-IBRTtd4JG%i1>Lw| z#A?ugJB9$J$&1$tOgTPK=F`pMZMwN$4@wQJnui>RO9b*JYXTBcWCf1~E8 z=ImH49Ubm{YsrjEjwsfvZ$?_JMEt@s*c>sQXZMesrsx5?b!s?UYMYjt6XhMM_20m= zU%A{si__Jd8f-3xLuRvfg$MXnFRpNix$@ixz&rn#q?E0^(WT~DDCqCvVuS06&bMzr zST;T=h1-Vz`t9+mljQzLb}CpXf5mf)7@RK!IX)FYu;v;A(SaGa^CL>yom)%Xr&kR| z#dQ_U5X@uIccbp-3bQLJ3P1xvZH}TGUigrt@|bIgXE&YxaegUV#V>Er+!UG}ZX=~Y6(N=KQr4Q&VZ0$T0om8%8^~;$n(SXJ za8*m+x^cqt!eGp8wUXJ;X>jlA*26T#_|Hw;^&)djyGGAtSOR{7U2_-FwLU=b^*#Rf zY!Q5uv4x==#Y41T!IOtje~G3GkaYnGLBW0Roys*Fm}hziZ(bpSJ; z{iD%{LmF*`G2hTj9v?{ssedA#Wf7fj6btV4RJlJ`69*R-miuD;e=?^YU7UkQ-cF&6 zP1I=CBWEz9gKY^~@0{)2*X(tCx5%@kg3GcA+8#4cPksnm26J2^+msph9}*~Nx!^`@ zD2$vR>;3(NrxKcTWGyh!m~C_?CeP*Qhnmr5A@0bn6GpE)msFX8%+Oq3ETnl#a~?Ub zyfEU4#grz~xYu){f4#f1wgrcR6%kdvs&eweI($RNZuFgJX5wgk~ zQO0FaK&2r3@C}yKv^Xvn1WC%SHSN{WCOaqYj%Q5HLgZW5k#lldVbhX9E%juKWBb33 zo``D#0?t{57}#1{Rm&~#qWp>`dl-D{(PE`_OI%WAb?-5Sf1B~Uwf69KJHuRwVK(M$ zgQ!a97=-h`@KB*5SFFZkD&o4F`?HV_d&$*oakz9b$$AFnu^xT|UzNG5(1dE{UK>}* zs)v>g>c%BRL(T9pN2&ZZ-vA%myr?Fw&~`zpEWc7BhosA#_mPk1$d>W{@B{Pz6Z}7s zz`z2aXXjvT3#n&k4)ebNQ!)6tm$v2tf(BGhM^{x>mpx2)#^C|PRtTPkFUX~%UZ^=Gpo?#d>j4=#FmMkeLlH`r>CTpRCY%d8#h$w_)ealiP z%Y@EU?{+#L&-rwI=Xt(7_jO(W>wi7>eap$%*ee_0Dc+z7g-laMsvxxiBTG9pfK)+1 zDXiG(g@6{#Aqq z3<5wZ5r-uMmROoE7{KztVM%~J1xEyF3>CnDL;~!-o(Kl)z+jL{2k|NpBoe?AaWudi z^dXWVs$cV%kqHz4{T;@K1pYzML25876d=zE2?tma@f0$N0pLLbMAeGIx(k0~CHZfJ z`qA7ZghaB!27I+=_2}PNYygqO_?@Q&1cuN+Dqu;$gH-a5(v#r#XqF(J7!vR!YevJ8 zh&ThX4+#Vi-yveK2{8=B+Yo6uUx0um1%uykkc|H^1gmY|BB-7+u`$OSSNt~3Z$}`BAK-g>KXu+O2slD zti51W>Oce%Ad>N57yyQ`@~WzkDKyp*fYp*S0D(ey750#FUaQb95aB+$N6-%;f6 z==b6M32OqX;UJar7oY{GQpn(+wK~g<7Wx;j&hnx8Qo+9|P=G3d5<-9d3pm08i1fcH z)Bx3B*3bW0YXGX?zr;{S1FB@=@7Ml&;|&cdVG+tGG@y)P2~LdAcgTtXJ$#3Fm#r4RyuS`GWdMMY1?j-_t8PAnS(pC zbg$X0@CTC4D_NF|nLyd~*m;5a>Vc07>g?A2<6TARrwZDB{?I;u%SPVVVUBxLhONbw ze!t~LoCez2B#Y#jaIW&u5gEHZnL$N~Y6)YZd(yA$9_x*b^hsa1TnOlb%aV&?PY zrtP?Ws_m@L*&?+rzb!|tsLgxroS8DaT2cDN&M+m9FJ)jmcq+|pegFzB3v5md$4E&^ zJT@&KH@N)tRWer1^I70F;?Zizkio?;SlkJn>1 z{-bYx#R%(enC6|Zj>F&9eaF5KS1h~D=0S^#WHo1J&ZTMW z6fvqd)~zYPq{H!`X$svJ6|#SAnB1z_Saxzy$L^DwKxxhd#;*^_9%HCh>0QcKQlR5K zKcdBOEhp_lE|Ttl$Q8pPd$yW*FnXhO3UkGvP%BTKc{@?ttq6m z_d%W?Y@rLAahISyf!=OH_`USWjxHI-Bl#onC)4V41yZ{ep4H`^s@m{Ah&@|nd9-Kf zh^c>EXkE9df>r))`Ua2`6B$lOvlgtA@DXbr3wYP3KN31@-*f1E?XT1u3T3f{P0+mw zm}a`U_qAIdMwigUZJVAZH8lr;rRv}X=72mm+dauqrb))i-OW2v*8XX3fm{5p^1I+> z^b?=@=#8rnha;lKk)VCFyj22EMJdZ&nyeW?B06O{p4H|!)C2{Q>h?aQulOHk|$C@oV(3d#CI^(lbJn> zCoGONJgfG|y=UEY-0%(VadH1OIbMI%CG+v;P+%$$&Lix=*Sg{&U1FaC+p>&3^l)ub z%bDvM-BLOs1AaW&N2BEV+LpY>C0i5tOb3%HOX}?YC_iId3YGmuG~S-~WOhR8C-EfN z2vJ2XSVF1Wr~BZ#xb%aaZSS|VK63=UhkEQ$ zRbX3@KTt(F!KdVTg2!?AUGRUF{lUl3!d8#hSA!nWmM&TAkh}a|qyp2SV8xXke3 z)J6hBl>>FT>kI6{#p)$U*$-dtklD1^ZwY0X?{o-r>tBAtTvb!FsggvltFFaNOo^_) z^Mh-oNA3c3_DSFGrL}N&g;LL}56ryRDCw@dELe9vIZxPvi1aq(CqdFzR+<>E8_BkdoX zNdcQ$BD5!&QiIoEE~6G}#Qo>qjvQxdS9eBQ!mgi|jo2GtdvqhkL`aq~ zCV7x)H!*#)G?e~}P->LJ+Qq70*<8%TU_+3^&*xpl3inP#MyqHF%FBp_1Mq~a6_#J_ zvZaX*g-Mw2K&@IZ@qTxsu(9`d);bp%p5AtE2`}B*Ws>H!t_XkU%EH;+Eyg4ZE?2D% zQwR@ZM_wddAC?+*H}0NPuKy(|aJ;4PBkW{jwOpqj@N99hmf3I(rem;rb8`B@h@i5O zY4FQz|1t}hVU6C+cc6V+Qah4QIXwhJy@^SB7N2u-c6rYu%Y_b9wd?X| z=JR^P+^#A{CepujyNMr}2+py}?rZN~f(5`!rixUum?;VdH-k^X#Y4R+CO4rw4co&BMG| zew1Aywh)oEa`fWaN64tha=+=&s@C&#e4tV&G12PHjT+`L_6)8Vz2WWG$Kzj0a-}>T zE+}LkmeS|?2Zm#Jjm5yeH5-?zl*4tY=mW>nE^%z7)|UEr>3Q;5naRFA^m@*$H2t%5 zLev3X=ox<=JDa{>wbJ;3P5z2-MdV)mI=jMZuG3@GYf>lQsW9lL-WR$z+w`OE?Hh?` zuAUv?KUFKnoDw2@$UZ&m5%N$xc#)~UL0{YepS>udRi$v+NgbJncHDtE|I#yQ~iJCi19Mw)obT)?Zn$y(GCmRi_KJ> zQ*>t060Kv~HafO#+qP}zkDX2jojsrgd9H zXMmjnBWayUy&<11rBQT~)*0^(PDW=Bk=a{`*ri-E*J`4kyvlNvkI_NhokmyQ9(-)U z!tGh?DcnUp5=Jc)Fw^3}y)2Cz6ASNhS@C(Bg>i8-%YXKYGEm-%gas5h;MXTEZFwPz zKH9vGNvxvcCukLVq1sqL5vwEt)jwo{ z*B9fyTN6zYhnHT*-63q7`c-66a3p#uFoBUB$Zjah;a#dG{-lAeL0>r^gBD3CmS-H% zp-D2-zWeErz3Rx`lHuYeYtZfQLKWsrsnp!}>AMlHY2ge1;QDpl9QI?;5A}N&{I#d=I}G$EglRduEJ*4Z z@+&pz`y?*#`RyMaLq}3sRzeyW_zq_EKizu%4h8@RF#q-YXB$XH^2?D-RpW|QVB*oh z4g`GaB)6CKB@xo$Qpv#}M0m(rw?3;0JX4v%=OJWC0evr_B zm4Ky<;bOu4$T(~PVZ>$lHH$FK{ExhfQX$RA6UPD)Du9hma*%S8l8=hFM!YpW9;;}u ze-Q!#u;RKU2r8&)3>GJw{mRCXNtCfYxdtDE37HUyBqP!s&-nQvfdim!Xq+jVRHEe5hJLcWa4E$uVDpV}Grhs+$^T)ehfxn})wCVlDvP;6W z(gH-#3qO~K(?(6&QU2TUt8X9Q>$g-uHTp6fAP}i_rfU69z+Uc8Hs6m&89BI^?vtE7 z!|@G<4de5LS*Ofd?))_Go#v{G38&WDc&=>BR4%(Wa~Y|jv?M*#U74U?9I%sP6X^8 z%pOnhR)w_Kiov|AIR4bEZXVCc+3ISeiuE$6Ve0Juj!9}abrncZxQ}51sp$= zon^gq#g<=0bk~=syGb=|8tPds2`0V7bZRS=I2d&cO5y&S{#?b^Gb?&x5AZR*Z@bVD z;P2)F3?(!(2vWjJwh;dUmRZ!cKwD_(LGXM3cFV6=IDYI+AxLOxf4H^s@Wj?re&qq`ik9UekW9@_=vrYPQXIuiWF zIT;t?-)^b3pA!8HcjBENtPhT)-hj`>$Z{5OaQ&ATTsXvRcrMxvqHe}3pH{vU))!0V zoCg`QGZh1TS0;DP?$VTW!Nm$K^{?9-xhU61Lu;$cnRyMnccITu%s8lG?5&}*lYKxv z4_iLZdV>UMtK~lue~fp^p2StgKvjh6WE9N$m?@A=BdiFrG5r1EfX~KakW0MlSLwe_ z+)DdgeN!xC0Z$2Zjn{|DyNllMv^m)~@IN39?EHrOLI?XpV2U6|$4r&@jJ>nImj_e= z2M>ml7n9P|kOwY-gImM@SN{X$sObP_kihX;%^<)PLH~mwqyuh1f};Y``<%@p)5jKZ zfGHxamPc78tZq|j*l}bM?1r3}i*Xd~3v2U;gx#HOk-LH$7LrvFZGbnFx`$B)yp+pNc6vdZ$3s)kA8Gp9od&c)AQ#sM zK5_4amE>ryWT``bP+l zzQ+j)26(;7*a*xzgUxk$#X*v{t;w+jgI;3!hp4LF=dPVASJPSg`j}Mz+50-_Jkmt6K5C&+jVK3;ghdpC&3H7#@XCogh`Nt=J#0k!cpF7X8l%I*w>)u9mX6-R)u&6C3%) zSum$>I5G?D^3qP;!8}S9P<^?RZ+(PkDHHVtSn-cJCQa(oZN!oQbn9*B zOq^nD`g1DHOx6v`e0ijK*xGr$EbiU))f1QE*`q9^QAZhbqT|c8s;+jqC#Et}%q_rZ zsu6zo29-7JV;fJ&W^M3|Y5d4oiRm-NjGkJ6rC(rH^LWdr#_L~Rk$p=uV+J}t>^|Zw zosDT$nbFP9J>FN9x;Amp5suaLY8Ush83xo}Z}y_S`@gj+a=E-;sThg6Z-ac`2cqg)A{a||uA~zq6=*WpGe3ItPa9vv)rgMF4O%7=TD#z6eOuD%?-T%-+063j zH@R&7ggC+yvbQLx@xp3!dPC7!tX*yE1prP*pUWLbXysbH>IrSu;M>XNdiUFp(|_`f zv2PtIRxA9K5BO1O!qL9K8Ue++%9)G~Y`nS3#7 zugcUX01CoqMKHWVR`Ke4+I<1uBAGT!BlP?4szUAyFN+H+mPHQxLMduXR}Ur#!#XF= zb-zN+S2XwrD(&zuOP5a^@3vQrc`d24r{*@&*5zUSOPSR!j&eu{$-Us+2x2k7#1#y*U5@r{JPl@9|a- z%PHypFacPl*G5t*^iSSx&ZcOk#qR=nY!XpKvjK4UN(c;oRjv2KNCLSRj=T-(YbxI@ z9#pearoNT0bmZ&&d4hn!GUZ|;>j0{t=BM@~`A0-{{)UGyyL31S0cA#$>In z;?(WKXQ@n~p5IK;3Ee&qtH6bP6TBI763QTYegN zvJ>O>gcLso5g%F|yL`&%B*mAfb$pT|Ko%A#}7GYJRk& zTboV--UD6nc?NM@crakScC(fFm#}P61d9$cd8-;feU2ph9GFYOajk_1o-f)`{4uV@>y1O z&4pShCWf`uysErR>EkJX#wfLDVF##FEjDlb;7XAu zyGt#`*SgNv3vhg%e*QfF>^%N(%Q=4k49LCq$vIBQ%}M23OdH&R2>D6Cxs8+1rw8hZ zQNct6y~Dztl9NM-0GNA0iF8of57h+OnnOeW1$j6u*3 z?YV+m^=kqY4L*#NHy%;h`UB-xxb=*Ue9&0F7>Q9BsI)v)ozo!%@(T2wFgKXFv9dRR zZ_tT92?|2Q%8!c}a#p@5@HBud8^p%6G6c*$idrwyU=e7LHo)9@MIN;mBve^j3rQ7T zJnMr?K7j7(hcT;xO%>+rBI74wX+25Fi4s)g5ax{t&cB$SWa2CJ3_Ork3KaKO&?AHF z(R><8_8^jFND#{wMkpI;AQ(vwIRymn6-q7<7{qKEzcUAN1Mar2$Xcr{#Q8zT^6dQT z&2(E$$Q66kB;XmtMFiyecNgA%&#*MmSQ>_4(8QUWUsQZ++9+@v!_9b}2O)|O0VT>3 z1Tn&f45L9rS{$O_24v7ONE8Hv>}Nd=XJi5a=&vPla1jEWW>!stAPW(DP$$Zcj9zeU zMpincP^5-LtdKY+7|?vUH2r{u@!mH>smA{5I`zYpF7nbumDU>=sM#+ATfC? zBAg9WM&_vS^1nvJn9V7>>s+GTNf5s>ddVM6@XS11G?M_=ZPg4?I2Q7C5OEBXzle5j zErZ&4Sl(*InK&^RK}MfIP$LI)Py`W!8G}p?ytIIX>Bq<1FruCy5aA?*i`ygldc??+ z<$OMr!+`vvN`C>*f$P07txwhJcYM=3Qc3pT-dkdHX-2#%51pLN3N%%I>xS(fOH?oI zt}*AQ1C2wOw6@7iDVIX%QuclPCA86d$&Fl$_-9JL*898Mrn9|kY!|^2vJ~c6&TVo*qIO>M}J&x0PEHChC06+7IreKWdQ|!z#iLfhp0)L)_f(Qm&x#pnn5@D zrE8=$26S$@Ok#;wNC|f@eBZc4M?nHWpgF#o%+{s*xX7;EqxdC67htm>74|sEOudlE z!?`%c7mZpi=ICd;gK%@%`WDfJE#KA`K_=GmLe*6P6%h-pjyfuSyQLG-Fk*UDHLjg< zHvpUWOd|j@_r^tE_Rw_VomF?G?M>d}eK~O#m|>6AnW9?2GUd_M?IfGIX8xAZvcq-h zv*HAN^4o=4eoq>Oh{^L5>>#D^K&yN(9eW5g0;-)#6Py!UABGeX1wNKxaAoW_n2$|j zin=KU*T!0&Le zJ;_#78+}lFpNIJ4O)QlT%aTi*o^r2HsZADiDSwP8k7b#=)be(!a$Cx4)7+FH#0U6H z7*@&#w@V;Gi_f|JC~i*EA~Uuwi)-Zu=s!WqC4_&AHwO zz)jcRvwU}hBtf;3T^666)F8c&4*~~k=$HkE-6rVfQ|-^ZN#DlxOtbGUVO=Dakkr30 z{Vs->5%&4SHV>X%i~CX4Ri^T3)E1fAz-r_Hfof1rv}CyuWXIq#1)H1%ND=AEFA7b& zOoyMIXu8W>cD=e(_noW6#JA9r>ZqZk;aVeL+384A;KuKfY^4;VS5a%MOJn9G0p?W**jhD;+GUzGH96z<^mk;l8^9qw1Z`dFsD%(HMdAT2bt1`k zz?GhqPdSzmdE_fv{b}Imo8svzz98Vli_u)ksMh4F;gCon$pAq_Y|bNSLpIiRJH4feGHr z%$U-L^Ti%%jGZ8<>M>(s3;0p)h%@De$#sO}J=`IG;jHr!bT?w(%+>~5_tOECgJbNn zvallclpGum8#wD*_191+JA@m3(zU7K9%%q9!XP+;&zjxmwqN9$_VTGa9Gpu+Z@3%Y zWA$-sMQNzEWp_meu$opX*vbJQSa9xWRi^DE&-^NgzYAlQS)_T3%HZHs+Ul${%~WCb ztPnU`TZEE%7&$ecPj4D^y$s$ftgglb=k>Wxu1mWaU`VokV-<~8iypy9=pA$Z>lk~5 zufV1Q{s=jQI8vQGTzQALxNSKyTdJ-;>OXDZ%0xeheJ$z+z^ez%ez z-lfx0{ENW|@OsWlnyS0tddzn`?ckxW#LrlDk10mOQ8`@EN>2~$3)(E@Ga*M}R^FFh z4a;sy`8{s(lUMeaYAe$C(+ZXXn^&SM-N#UfqKa&urbU9xd;G(p`dA_Bg;*eXYsvkc z;;uy|josu-D!SeG4tUGGodBF!%)QfJjzuacZ3f9f07s>tkxz=y4j*n76@#N9ive$# z#ARYgs*ivgu%`QxS!{7t-!E>dsxG$pm-%?B9*um>_4JR`6XJG-LSGdOfEV*L_PElk zW1s`z0~u-L&;yyf?RrtId8zWZ0?eo%ed3bZXWH$RjRW>-&unDGJ2LUYzorm1#4kT| z#3MItSaxoNN2gz(^%TJ1eDGj+DIHl!b-Dkxg8r|8A}Ih@LHvJCS(t&dNZ`1wzyfeI zaDbM!+IdR^=xG-hjT$Nnq$-4HBuGp?_NlZS7=$WGgrS5iO0l$tu(3>HL5Q^QX;&Ex zSt8kx>x(HJ-E*y|J9I=}Zx`1<21KFis&QeGvN@?3qDh zcG+}7Fi>S23fLRbcjKFjyxde2ZznL2ceXekQyGqTV-#5PH~Nx*f+rfph&<4$9@HXiQ)_@Lcxy8Or19){vjks zI0NuylPY8u`2(;-rBI@Wf*pA`o()11m%y#Mvm$WYMWDinZ|MK^t2?Nb`U&h!iy&U= za~{^gzsEm_U~+0DGmG!_*c5PB1>k4#o@=WEVF&r@c)=F?vRsRbN>lEItU`bivkq^1 zuI;)1KJmaypvYtPCI+dffbvF*&M~<#&cIODz>Eq4!QqD^gv%4Ni4Ym{28;HD$U~%p zyP-l^1vqMG5Q0F?V2KHT#(l$;mxGbKY!^WVA$%#EF@qf3I29OxfP}pv0!Tq%KJn+m zn0rVstG=D2&*MJvN!e*WoM4Jy-w-)Kl>ctS6k|qyMKpDr^xOzN8ygG5#Djp#Dr>B1 zlQ6@8s6k47KC|-iQ!&HDGlQx3oz0#s16l514Q9+H@WLCdgurmP9`ojZ#fEC zPrFKI5HSWsRU24V`O9psM?EF@@CuD4Mke{>4g_|Wt6K>yH`pX=uF%!sL2uo@Ek*TT{?C@76XI00;54^4^b~o*p3SQ=)O|w`U z9Tr(j3}LcJN^s->z_YHisI{46f)bz$OXNw82|e=@G$b5&s*=7_(tPE`xh_9eKOpPyWwu_B@QpxJG=&5q>s&&nBV1FegF26D4=FqE(B zauV%2yTkq5jEt5B@IC(P_o2D#l9;})CL;R_MMVvC>FyHy05wmKRe$8_0BCg#-QP)j z+U;)OCl=zs0Vjh}{J0eYdY}vHg{W3|>{5?~aezc%ukjy6(PAXPq5~ z131o$2K}~tlg>56bym9?sX?tM*4*?YjvEO-1+~>0p*zQfFvKtb`_z z;d#T^v@ENK0PvhlTO-Ma7$&VdeerOKYW~#BOZA!$rDVj}@CKu7nLJ~?9$u~|XhyAu z;~@OzcHGf?d1VQYJ~32@kNYiPZE6b2E~MK9B%;>>J~UHB;l12&fL#4t6W9C)Zh@C9 z$vu|7>Wq5VX+1 zS!NmPQ@P2Kp+3u|0;92kTk9HA5FmJr8{chjJk-0QdKfsVCZop;v%!Sx=cjp#tqfams!7 zYtx{!%rqkTza>e3mnJvs%>-kHp;#`rWd&T4|78FEOYqy+P6{8Od5yg4+tFBCGDg&P z$UEbdY*8{>4p+M`@i&^(-*gf2Sbi>|O`g{2h<;Q#R9i zf?hpYXqWDm>lOR^4_Ja@OauW%EQb;YujzhtEwIED2ruslg;&Oyk zC>!G*p~F^LYjkRGj_=RHewYW7lAO_nD1bBD9dUcXLc`OHoBx~{^Wrv8u+XAO$gC#K z-&2mCy3Fkkd|9AdM=}9c zVKB#@ey8r&F+(JO8`ih(|B^QZM6bU1vV4m`SGvPtjWg8Q{I2gQf5r8J8FXWL9CJN^_;LO zBc?c60aqDR-#`*GSgTxfR{z z;>`UHhg(YJ-=1k(J!0D|{bK+{ZLu%hkX+!+i3(78){0u@+EV_HhrTBdasH$dHUVd5 z6b=s_6CwHl5F;q4ThpYAHqeg&fdbhmxAxDkBCo$pJ>e!hj=wiKLH=C&j*xED%G9J+ zvN&zGsblA-fN{iCu==-V@vsbev&L_{anqtVku{0YTS6)Xftk~esSN|h8KKAOEb!mB zu=!V+$z@LOI7`F>4%8g-vs5!IJD!xc*SqUP0$#Qro|3Hi2g?rE6w4YMV*MsHQi|zv zRsZ&Wa&pcFY~dmoD=e`Lp{3SfLS<3kTbLW%c4jX~v3Wl`L;Z&g+AWN ze{nE@pL#(5imZf)7Vk9f#Dwzk%}TfKM`ezKx&4hih>LTij@Ntqui zM(wrkkKN5GwfuX%q(?e(r`1J2$^Q4bDihCciyiK_ZP~1li9tK{-BJP{hjYKrOAuE? zI5exDqF0GG5hr2qG$vPrJ}23+lME^GeSC_~S9GDkz?;p@ord4-lhjuJIWQ!LOo2|` zouT#8v?%VX6!#A42?gOit0?2gOX94h@`d>)^aSyM9{4<`;Y}b zW`0w7nNly3mPh1T*&Ubl>nBjOQ6pm66dN_t%z$n;^-E*hB_|8X0}tvqTg#(IRsBH- zwXho94MNWU^3%Repbfr7-_<$Td(40CPH}} z;=XMLN+!=#RIn#}}yqNZSpDwsZa*G~I)lpMR_`i2mt?2i<5;{=p^zncoMd~L_Z zqRo-%CL>m1$1EAm{!RaOycHUMSBjyFu7?hu=wh2ujn*v-2Peqx?2}F6uSS-tj0FHo zeo5aSheXVLm0Px|HrK#Yvqvdv8M2S-Ww(3bTHLg=Lp!QdhECi$LVhtYx_-mbbmbxB z>Nv@=x!n5A7Q{vmbJ$YXnmRa}`AZFM!ePLZrm9SE;crE|yIgNL7XD7rx-{|2ZCVqy zPFBR+>_l4YZcPhwpZ)c!r>-*CXFkB`&v38_a1fW0;-W!-&z_`VgJEIoycRT_VQ3M1 zK9udz+CH5Wod;Is^aQwDW&N7!))v?1O&r8T1A zybce{4U>u3sJ~*kRwa@8ii6>0UWu=>a~LIs_^Q&%^aH@*sJj+j^dIy|*agrXs4^IP z__DTUx)jfL?i;|HF2L0Kg)5Xu4SpXnzWZ5}VW?4WxczVccZd<=spezf{_CZ1uCb>7 zr1wiE zWxXF%n`F8(if={H%@ky6dk(aM0Bc`t%%+yr%em$U+d1Hn34c@Yvt_L~7$g-s4!M?3 zC=)j`FpnkELrq83$zI!la?W4AjcuIz;NqrE0F-swXN607_ePwKI_WWw-dvZq?#lN_I< z?GdBF!g-lGhHcMSY(7h#qHl|kENwG^Zm+AY2t&)5WH0zGjqzSuqlOo~(X69c8u~iy zdNaLp`iuidV{Pz$Qv%?AZ-yo{1h=70UhCcTp00LfXc806zqtUyS6bwH*d|;#{Gxjh z%Zc+a+xp%@X7#uiIdj0;SvY$LDJx=E`p5!w$*vyXD)yTGY5snV{#*aX@EQi ze(s0{Z#Tn;NV2$ONm3MQMz6?A`F!-}>4+>-B^*cU+#s^p^wAw zeD4l?eS>}f>-%UoQ74M``k;NTenXbE!BGQcTK^?(+VYZ`vg*Lu)_>vNe|4+SA8;Qq zuz$Y-Di0V<>wY`98z_K7fMM|&Z{pjd3BXj5E|SNnn}cKwGLn1NlYWmZ#5D@L2g?U;L3*!@A$LDodk4Ph z`H4#fP7)sU!JEF14LS)xJoV}t?}>MPsK^C zSih;dt=v|H24RhX?_$$AvVfCSwO3>Tzlx9i<74Gdu3I6$iqHIG*=(T){qlDwUm~j~ zA!OQ{PRp;zFM#b}uB9t~X2@6Yv`pW3Z;$UMvj0=_E3_c~`WJX^_T|^kJ%7E}ckuMo z(|7N&CEo{lE|=>Ev@7^Z_P-LscQ?f>{pl&9?_Mjb>7HAFVp~yBS0vZD9wP`H_VoRN zi}SruYwo}^fXN>@oVz^)vj~)*;KSeP)#pnyxJFSCU|cr7-NQ8PGy`aaJa{bz4;APY zj(a7363$0CPl>2Q6G{)cRW+xwifJnNmH2a}ot?BL6qEGBrgWHv;il5aJKuZh7wg6W zc`?%k349L6929IWsFT9e3{Ph;c9^`+X+{}!FSwXlSYOtcBSA;i-%XzihDgbyWXQE~ zjaH-sfb3yzmj7#!l!`QEqflV(`|1n8D04&}a@LXB4Ckp_*TU0BQ74lf!BLKKkV#()D7^WK>10PH))sZ7BYRHAAktr~-nOBJ zyM)`WP(|)c*+rTWx$e%S@Hi}-LS%?c-1 z+4r4OvA?$|$e`J(fWeWH>B9~%Fa&8#_%9bpUF2(YAPY`!GFYUOI4vE7&OB+~y$25$ zk{QYh9b6i_X5zGnRda29j6@O29+u<)_CF4r!NmpRbM08R+hndrRx_ zm6zGD3BU3W_lv9(hfAloh(DF4EZbf zVS1rSmZ@>~Owj5uz8H*#qR<(H1q0>=CvbpeEDF2EcZbR7L)A68yXokb`Q=`Mp=qkmHHYgMXVu=7F`+!Q*{5$i!baPqL zUB{MsdcBBT-3xDARDLQUHWzB<{4=2y9ho>!$BPITMxc-GPDGA1KAGUqS+0N!8;p2y zX~8wDp1MTPq-)HspUjO-gruuUnw;AG;@G5SQn!}u+%~Mk3F~V`ng;^lx}P_>E{5ZV zFfxw6?Oo2sF`vJR5zt4I4bD74@N7Q%y>yj?b~dA@TX-6E!pg?;-&A}zf7fuoTmdXtrDA6a z#-(L@@Q=XR3%HzW>~>f+Cc4cmJ7I}xKd~4A-b0!PG&ZSBoIy|XzJ|g3t zvX6OwY!BK2MJ$EMFN#|P2PyU@uJ|oyB9$MxR`(Y4i>n{}g-Ldwmvt8D_Q`9{9lYE} z_#MB8Ue6bZ)BAq^L8gR`F47*}JM4~|$jX%RVVq~U9>f85DV?+GAxz&YnLkkVI4sfF zYMyhJ%=Dy|iYQeArn%2Kfh4T6+mx|HOi88GLyIueobEW-M*;_AQs*X`e;XGfpMH$t zrFGH%iZ4tn^5M^S?bggA?G-%!qAI(AiQeuRmV6rpBq{Sm@6;$u=4T7!5a1t$=lGd| z&30`EArjkrmpf=L$e8AOc63|$2a|X$B`<%Vj*HL91u-B3cJx`qBfK#CZemaVjYAPA zetKelI%o^iXLM>m(-p2jH}ZcoGB^dw>wk=iLON9>X@=uuKw|xlLq(eGeC_C!bMS`x zT+VE7zMQ*djo-|8n+Sh0JXuRAa{^~r(Dim@hp}(_%TiyK@j@B-LIhej*b+EhfbYO5 zOJaTOmIvhwPy$U9xD~%HqLY>--)f|l*pHcw;(cQ{{DFO7{;n#AFxv!9jPW{euw=1TB5Hf0XrQMM&dTh6hpS|? zHn}iu9rU~+bkL*5exPaSJ)2XG&|KLwDLNSlIRs?d@4d|B3A=FR#h{fp>RBr0pFv;b zj1H3locNEtl)7Lz`k3?;lE&dJf?7ajf0NGoEtG;h(8H$SCqe9nMq~G{^z6n3Hslp> zUl7SuL@ZRUzZlTfFffH82L^kF4CPlHnMzz<<~rN6(}&z+oJB1)RVEW_R!t==!+e5G3{c}FaA}^XVt3HHtw2)Z8v%D zEk)|`9GmiCn+pq>YxAY^xX`yZQ+0_B)b?n>TnE{#`9d+syh>%l(?qEfJbZ(%*?nUK zL>GBjs&lC50cY#gdmk|lFHv4iE3*d*a;8@mhAchUF|w%M3e*dnUOI{f^{*lg7}aW{ zjND6512+e8C7R?T=9&#-#B}NZE-u^guk-BC5B##xIlX%u za7vQLF9kpiLmAOio|Ppk4c8Cr;8AsAI*Nx?(IeqhmzBYLI*ge9OOq#3 zM?|55Wl*(hd77vP(W#4g6zL8+z`#6S_%|*5Y(UIqs!vZ)7i}H zA+i)+hktcA{j7pY{(zfo=44*}@(&k&L$V1x!ICVGv%Hx~!EF(z3XjW~qyJFl#}&}s zOGcckaj5amKufw%z%GGCTKQA~JWVi%#;;kRXJwvh?oW?z>-3N=rx|A$pPh|zi6s60 zMBUqa#w2H1ZVjdFJ3h$#7FYV33Y={Yo6XDPT#~JJ&O?&`okn)xvR#=-@tH97iH?S~ zzSisOs5AP~RwCYVwuiN|S0E?_?l@@4cdwh|8A$!%6@|jI%Mi3Vsm-(jg!XJmI!Qe7 zlC#QfWdEHGyn9-Gl?^5$3T!QwH)~wiaeG$xTBUTr1>>((WW=DYOg6Iv?WC|#pvQ>A zQ%nl{oy(S3_^xI-$qE^5MUy=hbj{e2CQ=%DYA=XllHE6F5mg+{NJz;+JxqhB#Z(s^ zWjj=QqVG^Lv5T)BP}aT+_{DlVTzdJZGNH^mFl^u?yt?QZ&+B;JPvsTc!p{}8HC0A2 zomqAbpL_F$x0>{DeUaH%f*-!FDpZK==q|^MyUq@`h2{ zwXPIq;ud8MvAy8hjI%DYPpZ=k*?xl5ZQx1tEByTZ9oOn=AI3XYC zHq9QDca?$kedA2@1r40tNb#!OihEN(4bX2I1$kk9-nY&T@V%AUWK(otyNULUUV(Jy zj13{=Y;$WFdk%uZxNsinPMGr-iT?R|MKZ!;tEcHGIiBqq4Mu)gZ(_vQja1Ka3M`zW zBaaOKE=Ti_XKxp@jR+-8-*;VIN<-5vifL|(JN%13*Ol4{s;=!HS}Z5qmv&cqului= zzV5Lg;d>hjApa)EfJ_nO?<8M|3n?f1*+JB3$@Soys_)`27RLdfd@}xfx3@o2!%x0N z?Mzd^_5RweE_gl69^E0Kqr61nE&s&Ax&+x?*k)70Ifb&6VHl#-X1&T5FD+l*bs1~3 z(zi))YPZl|79n=>f{R%jyqkW4v6aO)H4Cr7$z?EGfbnjpeKyu~Ub^g(tHij!uw=T) z7C-ms^6!)e@#pR`HHR#yQmp(6pQ#NL;-{>VNXX|Huj?RthU}? z=XD-gfC@sjnMaK5e9l~?r^Xo%lAeGS@aT!ji1p}YH0+&bwz(?G#{N)Z!sL52ObhjFvFa|N zyW);b=nhjl8Z6j(*G&l_+9JpMyVo;sk*`&8z;Z;$B?x_P#9kw@2f6I{n@qO`)52hw z_~XKgdd5y+Cw`^Q;Sr`vnZv#Gjr6>h+l+QqBSY&`&DI5XwtNBsC&xK%7N|B;Q_NVT zg>$*Jr3zC)^3R5@n6?Q%8MYiUyi+%8(AV7+PaI9C9w)Ns14|wKtwoAFInR!LJc*|X zfV2XKgS}Hujl4!h6Y%w#Y2Bl~IF;{W#hN?Y(6_U&{4XIdTh4jBJV(^wjLH4W)+A+e zZJ;?IpW}iL*Vd~BvC@rBEj_8~8wS!`8;Q*sj?}h+^t{D3cz#?rY zp^r>pu1M$HF!O}Obbkyi+g46vX;)g>bpqkm9j8LMTGi!CgV&MsQ~06|3AwQo52f!B z3smIHeLHKlZx8IJFCO#F1MqM20(O~Y!2)@V#G^KLW9?G@JCCE3!(S@WZ!=ZN zPC#ARgXJZ(TjcoauMDT5T0HzaD!J)UfS-}m=)hQf77$S%dW)vW6ivMdK(#klV{Y?n zXazdqQQ5tU)f5`Kk_Y#Sg@aw3Gb+ z@%VjLDiG*kS*xLvEnlCuqe@*DavS;pliObqYqGV@4|LljyX0JBV_iZ{!)PSd)@6fUnj5ro?y=@?0^+V z@#`c1nIe*ntU+rB%UHL@O{tRzlPn*;QHJUhDatRZi`d?1DbE@~ua=&kNco<+(s6wA zqm5_|AUho0a6;|^f^e&ZcZWOjfdP2v4JAu769hm)V)y;P94)#9;Pe*DIb*L_5a++^ znXh-ne>lsHV%%S^oVNEz-G&kT(tT1X8H0$%np0~mbZ(V(UO5akiL(p*OUranKaP9F z9+;jkUHyD>F;I%HEuY6lHobYE1x4YJ{9~?QS#<)sefHk`6|ya?2Gw!pwW+xoF&_>`Bg!l zo;m+PJMWa#e=}&=zKG!V(RhXASS|v~)@4fdd$aOlUx9^U461tI137V%%&BZd49fC( zo;zuI)y9cKD0>VzU};qT1=4_vUcnjL+*M5FUH}*37w2gJ_zaiqcY_Q3Z|5xW=*%MMEEHM|6$8c$#&GdV0{k!Ex@8oGN7^r zGA&ar1{o#vXrM0g>G^|GQ@N`G)C)yx_D>ES)M$TsnSEJ3`En?q@86Py7o)0bjN}dhM%CDm=sdF~*XfUo2AU&&uO3 z{3JFV;K{+(p+L~QlkmrulToBRJ}9}t(cQH;UciH-*yep__60%z0xD77hs@U{I0EHu zVK31p0OSmky}w0=p-pJ7H#HD?++yM)in*Tqry*Awq{0*J4scA=Ota#NQm7aWao&Bc zcHWx0NT~W6nu81al(}LgsTQcKrIA)L5kD;oXW~xdY zawM03D>Q%h(7|md&s0J~-O@?)xU2i>y7uz^l_uZ474G2Fe=P zQ~eBog&0d?KcUR|$bcK#FRcXmmoi#`VO()1(P$aglFA`#qxg0@MyflZVU!|RY2(t? zbk&V3QcDvxra~s0N^$ZZd~C4-&Gq_pa5f30-psPK=;qb>iq7FW`pYYTimxS6TR+_h z(PD16G-i@_gtp>K>i{;{G&*fD(po1X=gue zTinxF7~54@@(nIhc3n$_sHQv1qO@O_LH*WNVqG(+_oQ>xu4c<2a7QuN+2n*fq6@)) zP5MY=h|MZ9)#nLa22<4cx?iUIAc(-`gBXl<47~uH zqJ+a&@DXht`1=yu!QN=KgoDN)sd#67Z+}oFX;oua%uZJFT|dR+$I2#ury6&EPZ}=4 zL~Zz^7>z^BKFqA*qu%1hLOf+0*B&;1wHpMugeDqoH!Y5jz*glmks<0x##6lSKjrY>1 zuN0XEs|Q3OvWSsSLf_3$>QlPBV52{s_jB(k!kWkQ-wt)|THGm+v^5{PG95R6a@Bxe zCQk;sVzhy4!(u+IIQs9L((H4q3GDm z1kGcQOzZNS)Sas_%EiFT$^he@tS<&S2tW_T7jP zEjNWR+p(l?AI=guIM0^i1~;1pV~82gJ~4Y4Y31Y1JRI1|l? zZ*G=?wWYDoH853qvHIvgcg}9Q3AV<^RPY_Qp6W|BO4)@OjIfS>@nJ8ui@xS{YG_($ z>kkcMQt6!qGA3t@vbJsgYHMX{zO%Ps900RLbce^7(CTqGR#w|UGfHxA~1-A zIksqW9i+4PDF}yuo(UZPDD%C;`1jJ!Lto&xmr|lWW#O{MRo*%*iXfam$sK@6zaDj0 z&040hddSj7agb0&l)yMbmMiallrA4x zP@#KIQ5T*Vc~-I1UhVb%jkt@X7k=YN(c$RRH5PfRKt{NK+Pv!AjThu<12(_NEbSGD zt1-E$^ri=d$S2FKZj@DZPr=`)`JT`q4sWT=tS$5%pqMbGR zY?CqQ_=EDyidEw`f$SY_7nqPbTbdI|J>mVhX8KmG5vxwY6Y#P*_{1UefRVv>T6bj> zEo})!>K^8Qa%??as!1`?zm$+xaNjGw&EvqS)-_dBEBxqD=~Np+;+hrz`eXy1fc(Tj zoKEHG=9&nv*gv|#G}Q9tW2VWfF4qo$$neU9&~FExoc&Cs`>R5#91=5CaI}%QZ=)=8 z{|jbqgv*{9GXkb<(_-Z#+?@b8wZtDf`zWh-VKyv(?^rR&J+gdbjP<0hfn$J02o*~vBsZqVupp%Wd4;$%y zG7L#_V0<@VCKN+%;6CN_){$efMw+rF2_=kxVe-6CCwxW-&3Nn-)Rvy4!2c!y-WN2x zdCF`dl72k4>>H*+ojziR_%^84U)pG%KbQf3w!wY_cd+@oQxQWyfs$MJ^wh!RD9txd zSNv0QO=2(gq)((fhPvC^wCP_Y{gleWuOCp z@^_|{tHM6wG+DH#4=-|}dn$wG5WYw#1^UUQVjb<&(}CE&D;+7zVrGlc`gUNyAu&u3 ze>|-uxngpp3zvBuB+avkr3h0diPQ6;b5uBD5!O@1qDO;dri6Ls%Z%#qzvgpFtJ$#D z^GUUCC7g}FvHL1Jc$CmvM)Rn(%ndq!j{L50P_p-3*9(PUgI`&FWTm3ekJOyMS5%n| zsEuBOq8ciaSasft)sund9p}BgWlMBRsm{D`E~3GEq`W9y=g~>1H)Hti3txv}rX{k! z!>-cql876*PNM>~Dkc=6Q}jf{>qkAAf$b`~-d6IwID81L-aA zSUEHm8-rBtcC%X;!l2j|+~Q82f*dX?0ZSO$DDPxIz9(JTV|r|ItxlI{W5K-A9_<=$ z8K9;?Y*&ep6rgF4It1Ym7PeEGN(v&ZZ&e3{9n_gx#UZD1=V)i`W zaACVT0gq9f*8|h%4ZCf&$`X=)61-Z8nE{7?e@+ojo!8CeaQUF8<*C{+iSXhwY<6rv zE17W!BAk1^WA^o4r>)oDv%fCPZ$#M_U9%p(OulG7r_puu9f~&#J38YoNtu;FoZoaj zk#!8K$hQccc5(~HuzEua`z`@rPIwXcm&5IXtq7<_q;F$7l1lO^+sT)IWepiB;0kpO ze)m+qeScs;dz#bXySV;_j7Hj%(~>EJP($WC|4nnLX349F*ECi^MfAdOv|h=GoW~L- z?cDoFIFfQSCz*PN&M({E7dA1}#2v*Ik&Mos4wx#l_X@|=`17z6jDM?PGBrZw8hwu~ zWW(Qz_bIH9p#`i43%Am%*O=CN z(M4MsoS3PhbCs|O1Jozg9LoksM~^+a3>3(*y~V(Z1aSyGoBCC#kz-gP&1#x}5LZj` zuBbe&EoWr!9)1227Zi(Lf*n2-_aARx-Y5u zMmjQoqya`s;~vX;J@a}{c0OowwjVi<1TqX;SBpkSJA)2`fb`A9Zs3n)4dd>i<%Fp| zZU7wCeU{s|6p!;};*p81h8_7F|A!xp|8MaBgaObNZ06)*Z)fIYgYmxr7le=#Wo~41 zbaG{3Z3<8PE}GXLrqPWfLQ_*mm}ZXIixbOV`T6?kf+Lz~C zo#!MsdB+%Ye%}~#&QMb-t1*k3LrpZCeC1} zorH-qhz|hd4i1Y24;1L(x*|0?1Eh}wc2!Dc3Q z07VmLE08U04>J=8Kn-dJ2044M07M}Wfa+f>oB*mICy=8n$eaZo2n3je&71+IAWN_v zI_qDKWbG`V0G@w@&0XyOJLL*;bb^@z(7{a717H@-p>_}tfH}wlo%I70rUimI`M+U* z>OVJ^a)CfTnArZc{ohmiUwIQ-FvR1Z6;NAy7iW+oKoM#Va0K?JOZ605dNOC-*}+NQurPr*f&Pwz?9Bhu2yA$N+hEnv z(N&a_W&G!<{+(1d0oysNd)R{jY|qtye>3ozVKZ_By94ytSlHNrutM1PzkeD0hnS?D z8PptX2fG$r+yE0tM-vZp*!_SJ7r+Y$0Na^^+yNkWm}6EJJE${k2>>=2AAkka5&f@2 z>wZu=f6__hywo^{l_8xE6fF8weqmH0@*!>xM7vBlZBc;hu#B!SUo|G z(B}XzfE8*7`WJJ-G@ad^^IR}BXDdh0zg4gUSS_F~j?V!OSODz$Zxx&XRwvkq{>3nB zP9WERa|Rm+E9igN=i&jd+JXPg2sdnz=rh3amSp1n_JxM$htRcyN5f7{#sb_*U zBmGRUMr57|)`jdd!PMoS38t=p@Juju#b<)4e|RRCy3)VsJxpEsnP7UV&jiy`dnVY( z)Sn5auJKGTb6E2ll-Fn=Qbw2MGdyxr5Bm7iOVm z{6W@<^&!Q+lDXsGUeG&{B^L$_w+GiI^Rw))@V}gPY#37qQT)LR#O;3gc(m$8~# zaQz~#7xnJ*QezFC$Lqr)pwCWGLpe6v*EdAy&+PqyW1Aknv+!oqzJc+0k?LaAwf#kf z!XA((hxjl8sd#So;mp^6=Htk(1&kzfs;vZcgUl9%uOQ9c)z3q>2hz}7=t6$~EB%xU z{Kp02AIp@EiJkBN33*9W5rMxANwL}N$y$6D3fv9&dE(Z=ssM+)hD`t4idITaB_OHxeKUP z6yUTAaS1VOsE>u#X}ej!?Q`wRsw>f7yAeJ9u`t->7~dh{Y54|s)0zKTj6hh)=W$!S znZGTvY2%Mv>)1#1)yRA}Q%rwEq4KB?f4;Ar^7Xi!*0j_^(FFP3)n7I;T0UikR%pFu ze9Lz82j9VOP`hw{p}PO=6H+^5oLszm&|bT*N$ql>Zg!7i=$rluo=)XfTHw#JgxUW7 z<|>{Km#Pz(I6^zP5{?7WQ(6oa%#wu|SI7j?>l7PZ9aO8lKPGDQ#70yT+uLmhl)Te> zw<&skl`I`K9~Y42r#9iAMtQn5V$ zsp|#a=$c@E!}0B*w{%_EShO_Ug{RR(?N{T3)QfH<9$6k_vn*-XE7|3_I%MYsc6Bj` z{PDVZ`;I^M08dauC&@?p;{|HzH9jVHm7E>4yO~CJWjTqH7|ndKpT8U@?|Py$%&pc+ zf}^`sMK-X2eWm!bJwA-}ob7witTmh5^G{X#l&6tBJjp*f~*j3@$1!|f`Z%ryW@tL zWlFy7{2r+PxX6Yfs0B=*vs89J{b`lL0A7bj_tpugfM>Q@I-o6syro%MrKOvJ+TxJE zrxdDx8ndjlPjI38q*r6QCBsP_tKp~=C6xYE{2r-E9p7Pe#)r$r!(%$&7a$7ngYwks zV~~l(-ZRhwQ6qQi^Uf^i4*!paX5|iQ7OV zn_Pmex5S6wvblp2a#=5|L0$-L+-+IQSNhjU;mzNUC4X1`PU=2yQ2mqAkoDDlP@Z<@ z+g7(D!W(3|UU+EJFFd&TceDGzc>Ag!i{CgnX-u>%&U(Og?fVh_3)saA@Q!QFmGFCi zsC3IGxC8;km$TAr%82o0a?C5dl~4kzUw5*khHGkmZ{sH^K694y5KB&dU2c+|D{goP z#QIq@a*&*mDoP^btSItAW|mTwRs4eq)$e%oetD%JU%4=6vWU>F8=LMcn#2Z18TK>= z>MugmX$<7oxiq((N1ywmzc__XJClxo^~RJrP+SgvDfb!5GvJW7{A)cw|7Iw02(7BrHFPqpl-)?_*GJFo)!je8h*P>SJJDSeOVMiNrbS@ z+X-fhnJ_}N`%}9Oj@WWSz~`%$rVeq9CC%{{`@}2YRb1mjdL2h+iMtE=x@6aDC0vkq z^FY6vCK(=3x}CC-g8E5KZ}nb(_k@Ht`c+Km=QpX5GALvFHXLN!+9r!^->p%KzaS+R zCavW(e8W=jdQ;y;F>mzJC}*q>e#RZ6fS%ej(ERl|d>JUC028r)@|SmofJYaXpbmAs zjaWd-c9(HNWw;P2Dpnf&!hE>Mf~y}#LgID4mBifJfDfIDVk+acoVfNQ7sQ>+rkKS5 zlBU?eLJaR*lC8j(d&jOqXQcNK;ggWEhEL2de*KBaOLH&SjDHNw`yNaNC|e3yYYSlm zi?V*=(wqSBZG}O&CcgoHb8U+&_Os@)fIkZr{37*gEcjI34*00s+&%@Ys^+rPX+lgj>0MFBFL>~riVwB{c2!{(Kt$x_*!XWa9F9=&<3f_(eX!&CDrULE>BPj>-Y_8sZSv=~l*J(DIxWqZi zHMpb)c}VeFIPJ2!SaOw&meV7d$=(Zxj+e>ZDgM>Clqv{HF6|2?(o( zSv3B;i@a}9#SdvT!8xGy+RK>yRs?F*Z*yjFIpM;>&PsfCA1g2Y1}^eXg?~ zFViAzpO$Jqm)=VgHI+Den-aMfxd@f988cv9j84mVO&54;nXas*ACz2%t$ zs;KVP(L#~8$Z9#qYcbTI5(b{OBjrLQ@(=X}hb770{@jgLK5_bb$~~=iSLCh+%$mS# z@rc25rukoE6IT~yWE*@jeM+I*~X2Q_?4iOf>`Ibtk79G&LxH5G~)nA_Jz2#5`> zdjEp4>64MglfPZvdU}_*s$@_S#SKs8eBGRJ(~-ZHV#}-2-}`shA~YE zw_gfzHIbD}$>wtJdr>e8MhMyYQ-6dl`%Q|K64=aU$+deHAner|M>=TJmeSA%a*X2L zjI2x5c9#QjcxB3F-`euQx;=B@X#IXz)!|JugY7(^jj5KFNv2F@9bNG5hA)>td7G zzHo=~;y?p%_Ym3qjZ*=sKEb2ixM&44fS00}dyAdWmUJ9BeZDFyOo#ihe+Kn`QG`J) z1?z~!y;up+T-;?(C~8)Q`c4JEj!VmJ%kkI#COlp|i^mEev}GM7=Ox-0hT-DuHMHdC ztDuJshEJlw4MB02WoEc!6o?vTz3Ii(}W`VQ<}+jjb_%cn1XC^-vx33{@$4RiE_}oC(v9{CtI1dRrgC^c$$r zxLuW0^NEqt0SC9~O9mf}nNJ5atkGlOkKTa%#Lo9Z>hYD?U7We>#k8`SjPnyz!%s88 zKF9VlQYD`GM2WyXjSdSj6tt*_Q}nyYF4aAHm2wHEId0>KKHCjWy=F>(t@<}SSo$9q z1emi&loe#X#*c4@6U)4QOZ|3r0)54A7c@UA;+6cwkhhzOZ#e*8Rt~lWqx1gMDmz1R zB1QMNt`B4_Ad2H5C;?ZbTMQC~Jv5WiecimQ>Kv~__ zk8PCa+^6PX%E432a}Je%59yM)!3H8?p#}GtazSP$Wh9J5gx=Wc{gzImwy_GTOp^G= z(Nyo(#C5c23Rb4YzT?#00>kLC5h~_!ea{H-mg|)_`0iZW+~5wE!zacA%D@jlY3KrG zy%WWEv_ILoYYWF-@?@Ls`_g~MzS3BK5$UXejpr?JDxpbY%#zc8lT4r%0=BnY5BE7< zz!5faMX5F$n8Qv(eftU@o#q_qzh@=BP~&RAjzkKXSN0$+)d;Yv$I#4bxc(G!SIW!v zvJS9gPHvH~ij?3*YKws;uXe5=+J1-z(#5M@lf zct}K#0QA0J4)c4Gtl!K5y3lRB(8=REj&t57NUUqzR@#24GOu+-sAuf_UGNcpB?3Vy zl;?fl&VuMSrx%uDo*b-saqkc4*)LfMT@mH0^@kF7EJpx;EfDZvk7fxmM06`*qTRCY zOh!#8QV|TYs38zoZlxzV?!8E7ajaMGLkz4ON{I? zSv99&P7z2`T0Ue&l;HDvnxTSTpe^OZ_KXmA`_1x%z-Lfs!)KKGOr#~yfTWA(J1fe? z42GwZX_T>ltD6mfM$MMwv@#Un9hC7YTv%*ES z6X&u~t+7rXRlvk`#Gq&Lhbq+kJ?aX95e{cLT(M>0VOg5cxK5c>c(G zd%C>8q`-5nBbTrd4QbfBBc51d7a$-Ywy9^D6=bs4-%1=fGmBjuifk;F~&L@T@~_^*~ZFQ{p3Uv;1|v6?ZHv z<>_3C!jZW(Nj#a`%Q54}qTubD-nja!Lr6?XzSti3;Ck2r{Dq|+J)1-9mER`HIfow& zyNV058)6kgFe~lFL4iWOC1Fz!d|GXg@c!1NuN&o(yIy{|Hrmy98BqEt-FzW4p zXFhxc#fB^|>;6-Mps zsMOY z->LT_*hei%yF^}iv+zYbE(50vBY^BndZ6-4N#2nv?i1!X-k9v;WV7U{8}_}+bAe5|^XBSSd96!6=c2Eatdtx+j2Vm4!S!H{+lde~?IkB9VmgM~mt?)VSst}_1J z-iJ!1&K{!_1%mTTefm!hP+a#%kD`9tKu%+_>l9X(4KvhLNGLw3^xz6DV#ZtougAMc z=x7FCD^@FC!?0^Udkys0+3%_kk3<=IE5pigSDRT(P5WUASxY}EgpwFK!R+@8#New6Vo~Yt(PLDV{ z#f$CX4eRugcA1BNO{ITX`PC2)W7TpM#H}JyC=SxlqtN$C{<2h~vc7<+Hw#%z$y=WSZ^o033}!5 z_-Dxg`n?g&s?0Y!yCb46ar7eEX_V&dR?!%P#q*+6>E29>%iP7y8c6$W~1 zOf5_Vy!cQgoOf_nCB+;}w*wN98N2y?1aGn3pF#kmm2!w1+V643X0zRrha4=cmaL6A zZs#XfK$aSRzCBXznzJ-~Y}=aD5vL1-xX1~doE*stU^MeD)-zTa#9KEv-~9gAM2U#a)Xw?z#JU%T5@0 zL&oshJ;^Da@zshL5=mf=_2T;;b{2z}3mJWXG@(Z15d88S4s=MV<=$8;yK8yN7cSDT z_lmD#LzxmN{fh%9NjG$u5W_tM)!}^JuGgo}Q#kN0AL93pE_fObf37lT`(h4!F%`lN zl+{64hBHvvKOtVfb+2A4^_}ObylV|n)n*wgSv$Tf$MWasv~?}4sR-wFhODA54`C>O ztma#oGTv1XcClIXbQh%?)wXsG9cR4Njt^HAiWYu55ojo0XUOuvlvpnRHsN%++bU6^ z74(NY*JPP5zVo2OHY+Zh%wZ015Re@&^~2zH3Ge~4^*IAm{cRTvo0;|x@?QF ze%)Y2FuB1<7H*=6*j-Z;AX82C(x%^p5t~B$77M%J&nw^aMXfv*RsE(kvqz_Ypde#{ zH5S~Weyj}@*Q6~+<&C5R42DMDHOZLIQpW07{e$ss0?`pN%n?%??01mtsEB>6F%OI= z;~olICXceS5B4*TXtc{Az4@PG{DX0)^j1<**Hz~y`q>xXl{Qf8dTkp1;y#I!U(;M+ zGGFA8E>6c+#@3SJc76SzJg@72Wc*!qk&GJk4Ru-{-KYhHXHYDI%T4vGAH&D*K9_BI zetV<%umv^#IvR5sg$wGoldXycG;oj@9Go(d^_8n(Y_UMNAt z_^g7tw@cdEeKmFMz1E0%n<9+ZZfOb>CX{E&JuD`$9Akg+1DV}5?6-k`o~e2vrGfUB zAyvwIl!egA0vD-!1f&a{P1JzbGeWyv)J4H}s=fx7cAi7ERI22S-*3?c3~DMaO{`UM ze+AT3(TN~WS=tY^k znU@eR_0O-;m(2FvDlt-jExN!=#%|?_Txr`66JaBg+ThdL>%owL*-?^(e458@P=}Oa zSCDM^G{QS!fSR{Ulu7cqo9$cz%VfqWdL4LFBTkKWW8Dk8YfL%qowc+U(M-Bzmn02& zF>a{rs&Q8CZyqvOD^+>jN21qKWGjt-hO77mU) z=|HG>&k8f297eNK!sHH5PcmUSMOdxia?(T8k9Qc$irzQUg(yiMp=iWp70i+I;&_#9 zIhjI;udqtyXx*46lCopx_`!WU_rAX+)G;^=g>(L-&`K```SBvIzl7BC!uO1qDDuCj zQAQ74+#AR(J8unt24uKp=H>tLkeBig1voJU! zU|qbVMnVHAbD|xK(O!&^T81h} zZ{^K(e093GoNq}&&GKVHRJt|I_7M4dg!%lKSxs(#I0HAHK-4vwX?eC8G2J;uzL7w3 zE#1MTQd@@V&)$x@#fk&r&aUZ|I6^9!`<)m%xL?^Kc{GgY>P?0)Ib{bALL$YsqdJN| zVeT^>Tk=2cirDkKw6nSi2xlgE{qr4126ljilO3EvAUADNoDURti&vaX_hPH_kHwLC zk@!e|=+7Aiq$BWG2F9bj;?4U|TPbdNz7rDyPrGE2d3ek^VUdS`$~G1;=dP_whg$sjJ%z8r;hfKh?*5J39KmQRGb$_0<4lhZ7B=1OGP_GM9ao^Y%@~! zX?m=2vt*rsn5Q*pSMF>+V(%*UGfmUT((rYuWwxC6}`ZW!NQK*+xh)9FDHd-g%!drSSW%zm_*yN8Jg3 ze4}6cYYJeR;Dk6pMH!e*S~r^2sM69}mnfT#E89Sqj3N)JZ8T%t`q-8RwfZuy3vXB_ z^+Nobh)S3K=>)*`fA~TF{~P>2v4I%`Wa8)ywKZ|HLH{qVPds>+(gg&83t3rOO-e~C zLrqgmmw{OV6qj-a1W*Q9Sz1j>Nw>%b1h@nSEvulds>!#83k1tD1dwE(vX@mp1cC-v zNK98zRhQj91Zf6WNK98zRkut(1f>K4G?(H10w|XnL<9?eKnHhscZc8(!5Vkh;O-FI z-Q7J{aCdhC1lQoZ|L@Ga$;=#n-_gD{oN(8wuIH&*^;@eU|D>owFKl9G1eCC|b*5)# zVCDgc%8O_+vjCVGm=MUxMIC{L&K7pIVusE@9sn~pH#0!k#SFm01YqXiVP)fCXG0(d zh}zkEI9iy0nL7ihM5+Ht;sglW039ui4Q&DPhR)_d8&C~nLu-JFov{Vb*@FQfY;6rt z{^t`;0A-*P(9soW!hpcc3^1`Ub_N&$%`9vY82@o3ZEI==;QWuUiHrSzU2+9FI)O|9 zs6ZyE0U(PecDB|Y0281o0;7T*NDByZ^8bga|5;p@CPf4te}KH53DD8@f2L{x|HGV! zo%R2ck#;t;wlEg9HM0f+nEoSV;Ur<<4m44;a5gpvm>OC;0sj>T+M4`N3!t(6%K)RI zgrbs+7VUrD&wpK1G__T}JrF>f0U~yQ7c;=Z)&%Gd0J?)5GcwrPIfFg|0FA^4U~1=x z@Xzf8*;YxRw8Pg^dZoXm98Uw6zAB{uO2Z&*=Y1 zW(P2ud)S);ZU2NgK$)Orurv7+;sP*w0v+xC1h@f=e|EOOe=|Es)7kCMb#{=Nv$-Si zuZ(}%v2$_!6JY(PKi9u9Kpi=OX8UgjS#tuq{^blbM@Ha(v(L^6V6?UP%LoVSKVtzp z{c|q=1VNRA{}8B($R7e#5dA}-M#cURs7vvG6DO!gi9ZDDQ1TCfx|8}tAQRGm2&69i zhd}Cbe}4$1F8_x>>I#1dr2hHe#064U{6io;%2`U^oWtp7rg4Vyp646L-Vp!Wi!`(FsM;qe!OY-E|Aj_2Ikg~7h1=HowG~gm;EpZAB-{-mz1DE5$t&2xx9cVV|HJ>WdF;Nbo4~gAg z2%I81y_F^;F8m$hQWxG1T@4P?J=+L0uhZo{4(v%D0)L@)G|%6jvV(t~-5e|Xrd2qY zb@}60o+6c)>QC79Phh<|u8qAJK^&Z#e-i1|YN5gP6s(_=(NZ1C!q`GL+|a%yKy6F~ zezgpRYo%Sgvg>rgcq)L)O?>+TX)>X1@F07h?18+e{S-I;fKlhCR~oVBk}IF46;t(M zq_a+($*g029hEUpc|+%{n^xUzzgj(?U8w!|84i!FTrymS6WJo7y{qt(8dzOie+`B2 zRLe$wr@4W)!adP=!6Ko#tmJ!Bm?!VqcH)%3_TH6p@)(leVD3@!;ZRMb&Ui6AlCJZgmU=gM8Kk(aPL7j80q zrq@%5K@^2io$_VFCs-4paO?f%s!*jl7<`+31td9Kd_=qW3&y4Rlq9yiAK#p%dMTN$tmw=Cg_a4ez%P(Xm_Cc)Z(v>GRDK@Ov z(!KR;YsqYZ^K|rFRo@Y~e=mi`_%oTu9NStk%qalhk`7z7sf7#2>R$TvWEV0*PX}fz z2CV4aJSSQXO0?`ki7^(Gj@_RD{u7tsC=8Cx4w&r0zC@&~-Y!3>?THc>y1yGEt@|n@ zIkKL@KjIvW+Vg!)48l%DaS9UrVVJdzGc3ttLqL0gMgJ>5xGgqse_Y>WwyMqlP?Fjq zC`c(^eB-{HH-P-OGDd=__MK(XVn;~ z^Ss6;hJ1tLM|wERe+id}*`kL$EHeWS^m~+yquWe==jm&g!+J<>kvJ`D z$>*YeW7LIOv~Fde94Z1MexhYVMW9o8?1;>|!QQN*2Y!-=f2j8qXaZN<-}0lj(7N^i zGWP8)4YJLsW%p2K7MQKB%S454q;*yA!Aj%T)(rVFL?U!!sEm|LU_y63x$2)Ps8uo; zfpFI^OD_{%U-x|hA>FsrU84x63mNCd*u8A)=eeuYoNPziJI{?@M@U-4s$1M=$vRr! z63Wl-J?b3Jf6*y!cPzx-KZ;LS^vC+FO4XooGDzB$?^W_?Sv3hRMBX!^>}XOgl|nh4 zs>fqVd4H%Up_1GxWw>;e4gi-+y zrr;-OlB`*hLdxUZT&g|Zx*w7-?8)6s&YHUl+n24qe-hURP&iaUk5w%g8aEq7y&# z@;a+%M=HC2I8pju3#EYHE%N&hst$9%B>7eMMwXW;X3iZ7o zPq%uU_xr!>T;FudduUK`r0{jBiDsf9PgG~7$FWvgz@s=7jaA-9{<_4Y2#yzxPz&y_ zg)6UU_I0$_KkwQ!;KVP=v*HFnzLD>Zrt^b_npH$9s%h&6UuTlaBW#$MJ^`!pLZ`k2Q=eoG@$IDw4dHL40+G)I7{(N| zzFwKX+)E>dDM*xN%D>3m)|U@0oC?i4jTH`TNYqTYZt>Ay%2JPeHau+zB%gn4e>$tN zzw+7c59|;2U5#S+QO{%$Gjw7}nv_quxO?LaR+nf*8K^zFW9tjfgXq%)ZG@qE7kPOc zo}Y^2uENj)Oi2Dr_*xXq8ag*Bj35Z7F{kF}ZOl;_xMf3o307it_?$MvId$f5=ydSe z&UY9c6;crCsB?A}%+J7vX0WKjf5J=#E^Eq#;sw*-n8z!38~GDYMln=*v{tr{84xA;}5Mk&Fx;iYj;Oh)Y2L)4_ zp#f%wbAGV{qHDVECMN-Y53gbpt|#3GH(@vD7_f>?J-sxDypl+&ZtX|Jf8W#AE7&@_ zH1X4DW^iGjBYRpKw}bP-r>Oc5SjTBQ^|xC;H%os#ZC}EmHNS0u&~*^KaAlBocWt@* zC?d2B`@xpnR$QP0?+GFQL?W;kN*W7aNjd79Md)z$hfuYJwrZ9kSIWJJ+?!!64tXKj zS3w#s`=HB>2=yCm#t6)5&@)_z)%E9f1UDLVTmh zo(jTDt$T4GW1`8yA*scP!`^vZAXY7X$}^-bKG8h1;DL`R;uQXBPy}Fs-b(6(BAbCk zP6k=?bVK1?yNi?s`s=uv{AGLw|HwH)NQbP+TnC~vacat_!$o{kZ*th7WJobwoj|jn zY_D{3TcFXTd!W}994}@xsa@YiVxaxu@HG5U=6Q_sP+6i&_&1MYsySgMz?V-_1S5Zx z^!UTgvBJQgV!cRkOE@UZ|KTKnRLo_=-X<`8DqHoxFLL) zcGvNhfw$Zg>0XGsG6L+wru!Wlz%v(#j|Agd4THSP)b@M6PKRk^9Go*SsDyYK4lMOW z#@!zAF~ukoY+qd$$NX>usX~1y?g|?&v=5f1a5aV6wu%9|sD<%Da<6^E7S(^jcM;nq zV9N(2!wbk)irinH$F(W+NOwK(ho*9O3_n|a@A7N_O7xt2tZ)8+yZGJjAIP2V(iC2E zS*2c~erLy>CiM20FA2G2D!FEMX^o}}F)|z~*Fdar?iac2ZC3>GU2)#})JD{60 z63|@mOD(KY&o~UlGO)Hh;Y5E4!%QKoK&RHk9P1Y+S5l3qF;_?@+9|uk_YpzHX&_Mbg{^@8(oZ20$pCtK6DGHpAq6&w+oR>RIo|cmlHK zR*cmlN4j-HqtrWoQ4RzupfxqMmue&MOIkPzvi{W7*>(O*EU%HYH)h( zg=3U;;PA%$Fj-k6GOHT^+$Xg&|;dED4x#HAm zyMRFMJ9UNAJ(7yGd_sRxYb~aYKOg6Z7}An9N-2c!M0ye>QqsJqZSVByjELOjJQ%D- zlQNe|k@_r1Q2M_SL30^-il3?v_qkZvzwt@7LPRW{>UmXv|BVGcO1`Frg`h}S zUm&8q;MY;l*K8UKg@LFA>CI8k%#z)Pu{}m9E8%Yc`X_Vpj|8w_D3k^0ro$XrPSmtS zp>|`{8Vpe0N}Fa*eJmOC2}(MLxCN!8Wp@#X6h-@_sA|1MQ!jI5m6l!S7K)T{g5Ac* z+IhFI8lP~=TWjKf_YWR>4PtYeYD#|$xIYU=N%#{#5~KNJ-&`fs6s|Ee*PBDyZ1|D; z>-;F!>S~RIX10R=ebAIYBRk_xrDGoEn+jbSM83L1To5iOZ}iSJO7ig}3L+ytDSrKa+4|c*UItd6{;tjUlT#Tw9v-p}x2amC5KYFlch$J!t59 zeK;8S64K0nqZmisoSW!vM@3kl8VPTxV>n!Q8coMS8d{U#OIvbN(C)jC$1xi`8>N3C zP)l!E$uU01TY-cvH6>6eTRWgangAw~#7eB!);Z1e3W5IRE4nAYhQI%&D!9N-{c?l8 zvD8+Z6>_c znIa`7=dsV?o4|=zAPm0TnVrcI;ZS9=an;LMVe%<#pBYc*=kO~wMo+m&R0i6(K^ys_ zBBL)8T8W8Y=(@tsMtTNQTad~V1rPEPCJS|$HU!`B3IUfKS_B{gf|os71R8$3CRyDQdHxfr`b*Z z`AU0>X5`Znu_%Sui6;Wf8`h06U>gIpV4k9s*;QzBm%-u^*B z`$d4f_(Sgp$iSpK(+V+<@Fstn+yb7v;$Wu+=~v~v2Tt~R|9d@VU&s?OQKRb;{v#Mf zdu$cnsY<6!kq2s`_Ij;@ZWRli5`QBk@5zcs*^X0m!B0zsCa+BWnqyX*C;QpjL&M(S zXTfcr#^~i<(72)$#H6(gqTg0sMEfJ#Q|#HE*D!ypat&1;fPIIaaCCoI?_gicc-36m zn`5!%^ISe6>D_8y5#ALei^sn>V-&UdgcIIMTg^AgE%Q;>-eWb5QcmmxTyYYwzW8&v zDGh)|##^j*z-}7-y-Os@?{hV!yqT^xP%L3zE~-a>|DPh3JKYQFGXYT07i#^@G>|#h9)s6y!!ZL@( zun|4dYI2`l$CYkW7gq8h>$!g*p?^DQ0D46zI$8Hg?|v0H zx`)YaU+C-#9+4_FMoC>oH5)^6^e=srr3p3(TgnmZf7yk!*IgfQc~i4*+_EQ#-1<1t z(QKsze~5eWDf&LLwPH)S_G@d{bD7g(z8l*Txz%%DDYWjJb< zlk(#UMif{hI8K3SHdJ#T*9r)iEMEj36ag$&v`S^S!cM{6*fw-sdR9gwx0haD1TO)i zmyTZqBY)|`((sP6nB8u+HaMk7${rCV?Q|?1Vn`A={B)bvRZfkJsL^hHF?vuE8ZPv4 zkvD#dcWWR^8~%c#OPXssH@bPnO{13uM?a^Sqg4$2SJ)1}p~m^Dm3in`gz6-|n8}zH zx>YRv!Jv?5mP`D3+^<2`bEZPP@}_4i>y2}lV1H|{gIxxL;?9mtD=}GI>J!A#Vfn3^ zItlfLJppWZ6{?RK&&w1_-&kb=bon{A&vwI?e&2uUu9l@c;5R6HU>H|KGRjo< zy=O(^ZzFM4?lB$n$B}bML^?B*5jk(rWO*yqjf^E% zL4Sw&x?BT_B7T4%el7L;9U<&(Z2Q3*2ctm#;u(T63qaI-B|?{vKz59Tl2X(A?sI)5t~%7Al-FC!@-w!4y%?y21#zF1Qk(}&S& zLE)Q=%b6wap_70wJ5fZ-R=rv310`VOmr|D)3(d|bl(cTtygHXU|Q{= z*`s+gU7yptP&(idkZsOn@sG*9e}!s>ZrM@RW)SHQ3@dk`Ngaj5E$1|7V|VSlTYvTD z!;4uRgb=S|9?pbpN&8Y_=4aTCWp4RFJj(n!!L4;^KkRj@yrPrME{825%a<);d&lWH zHfp@S+z6Xr%)is%QI!-PaqamIcklWX_aX!B?E+%6i?tGZKey%aYu7RIFLKqI{7B>9 zLw9xV94*`G{FlRVn5uU(H%Hm1w|{IMv_7U!=5KZkIVbiycVsq>e6y4v+YaC!Z@X;4 zg#|C#3tfB_^Il49g~F+SrDOUdKNKtxZM!HXZ)z4CZAe@^?afA}m3%W)n`OuH-YVt` z-+YIq%-}*@?MEJV&5YS#PV^t%CW>O}rviH0IHFMVjKsjG>kT{Gk>x#xt$%z;DZN)U zVL-=JL5g}{-SZQnIP@h|R~I92Cdb3{rtSF6?qqaz>}%G}88vzagPsn(l4`Z-;8(ET zr)ux@w#G>uYAv;qM+@ClM?e7{I>xTm)CuOC$@f_26h-+wngD?*aJ0&%AM+8yBlQ(g zvZGLPHtsR#GnHnW$wW%xrhi~`sj~`n5#8#^l{yXoUU!-%k<BdARK}C(S?qSMca@ZxVj#wjhm=iiMBceTYWluro+SX&B2%KCse&a; z|9j1VXlL$JSX&zKhY)F?#q$Pqj4nHEb8l~tp-oltZ~eD zZR%_{^A9BH)@OU=gu1=Uuca4!l1ju%JxknWA!9xVwFQJaE~%|o_;a-tw~d5 z4V(V)(tE@-3BCE6q2jj#EoD;1d?=<6nz!#T`m_c_*Yfw;p{1}azOnS;u)6$c&4STa z%8(2iNWMhZp4Ox&a-eFhTh4BIB0I_qST%L>^rE6+R7mNNFh_#5blGv2GQOXkYdNxC zG;xhP=NCQ&LN8%NW3HibS`}8R-CGjApao@psH)D?3p+kEYVTS)tfFM*SO{uocGHEr zXFvT!N|)_q1T24K#*`6ho0*h3&R8a-cD!Ebq2*}RG0jB2#LIHNw6)3OC(Q#H3@K1e zG&5cnp)W*2IOc=$m7V%2{PR5{9?THIXXQ^a2b${gxa`nZU?T}8PF26H$&3^5ZX_QZ z9-kkbP=0?hja^ma^S@T{@3Lkt@tP8_9j7Cni7<$c>5+ex-&L)sfs|KF)V8L=$oO1u zQx1R?X&gZg^vuLMVu_r5C_|h%Dc6I^b;t0I_vT;R(Z&~{dtz`r3@3z-X{OQu_c*x~ zf}0ZU8G9_K+&$o~PHceO-Zy*hA?v^_)gTxkl;p>892}y}c)--Rlj8u2O*hGy){XPN z%x7`6gcyI&&h#6ePDfV8{=P9eAbw}hsx9~!UZZ2JKi9z%qikP6e26fb^`gjd@l1G7 zwCNMiddj=;sBJSrOC9lStj*BCmUfSwKGKr}NuKUSCd5aZ-_O7@Ji^rgVp_Kk@CN~P;1uWT)j8cID;H=_%duj8nd z@NYCvO;KR3Cfb6U$}a>)m;$Gh_i1529G#y}C+()IR;Ox6tTW6$j@xbOOg(*Q&W&A} zh%00dRP7m=+HUjb zTF*^5By8-?dha^9cgU>vTfOW8TRzFYmJFQVV%j8O`Y7N?u+@#q+pprWyF8U({d42z zTKS>3floF=KzJBB+G&(2h^8+*cgBcp4)MB=eqxx5>@Y4u7>0H43#M{beg*ZR~i0Ej>n^UNEWs9+wxfq&tBukH$fg4rM0|$u(GLh&jZ|tI|N>!Bv`e z+-q+R-g1l5+7||Tekk;(I|i6(`NB*+XL9NR4j(79OCW<_AGMkwWoTush-H6M^J#$X zEL2p$Hmnm(9h`(j)Tc4Yy_axTy217G>>c0Q`Vxe(c6{dkRR~dtar3fd%8_;|x@WE_ z2*#9LbTaRPge*e20~`;rk8PCQp+wwCls;19Q6?I&n??B*mF`41xg5QD_X6}U8-jE!5{&r*{Ayv+i5M#;20?L3INWxBNLFn^^$^;6Rt7!xr z0sNQ9X#^&J8t}yaqGCdPxW}FI{tf#vWG&ZtP&U@rM+5>_R*T(tt#n@V36w0mij<-rAce>~N8zuwvg7bFn zZsuZxml>DnzRCzkRq@x!I-+YYR7Lhbh1yG+i}t%7E+KS-oyUT{)fSQz!i|op?l5QS zeZh`T9i-MJ4ANhshzs+p;bHo|tA*86Yw6H;qu^~%d8utKAFCU41a*&6A0_j#W@|7~ z(9!XK8ihk~}4~tbvsDwE~ABNe?{?}<7U_MdYBLjmtBJ?Z%RMs@RsQG<;I4P{0lWDi3YGIH zG2DSmQ65AE(eD)joH&Z)`!W?KA%Gq$S3Rs&lclGjP z{HOLBzbPtyIm58|2N}a*2)1C^sFkFnFeE&s@ZU&a-{E?sDBY$4lz*gEK|BoI)~ckJ z>T3iI0wUL!`D+9lDLZaqe!o2_s1iqWlpw{c?kCWVH9{n>EO2ed|^D?MuQVH{@dYuv~N zB}OVk!_G|@jmC*?+(d<*FADo6ig)5PPumyONZ1V$Mi{tz^X- z?5?v5X=Pzj^HJQWmvaGRdmPi$&w)(*?3axYuW-SCI%VM1sDp%WA?z{Fk^Tk+g~Yt( zGJBhoLI&mxLGq6y+Hl1xf!_l3g*StgYMjL9N%HYyk{6JM6(>EZ!t(uj6(YQZ`1gb- z7?488#Hl5+DiC%D!w5L7hBB&4_1dTRx0x=RdzzAib|X4vqpgQMn7X_oeUxCw`60hc zby-1wsFW};>?7Yar>I1vYCdc-urxAxop3KAs3drVB^%aai$)8N;*`KS7?Zw6ODQE1 zSp_%*@aS4$`lAn_$jf?KRJQY)E%Jhu^z)f;?GCY8%_g%ZC6h%y;-{(ZliTZUODoaC z;roB5uaY&>cwS44Q21H1Xjs&G?#FJ8Na_h{OLZd|^_7s3L{WA6K3Q1&%?D0mS{&A+ z@h4VOoZ3tP3kT_1?*JxpRL}hohYuR8f=yyT{=QxZ#dZojn1Q!4-4Tf(2X-5??Ay&C z|3h%wC$DL1DN&Oa%KYgv!NlIZ;o{7_AL&I=uw<7{Zv-v@l9zsO1UM&1qajW2zBPzP zclivRPBE}Cm~ZEo5$?Dk)@a2Zv-s?jh72>1UG->!$$<6&W9CA zdKmdeq~_;*aEBN?7bbWt=n^!P=EfS8!T!GMR({#+yB}iPJv^v-pJ?_1o_}DU_R5rx zob|TmfXQV*XDOc_<1&6!h)ln4WC$`&dR--J+C0|9-xVP!q}&YzGbpyyVz z7S52sg3%wOgCoKciZj4TgEYIicx;4se~`~{I)Bm;_Sstjszp=p?se|6n^Ext_2(kj zSXfIPlB^|4$>~w-p9yY_d?i3)ZX)%mCv4KRe4_;oyP2V0&cT1(sn<@Dyhigc`ek$~ zzSO>wB>7^|WyCJy=L4yI7;UrrihB%eWQ z_;6N7&3!ig1$%!;^j;leFI!)^F+8?@wyC%8H}lGGCVo4YBoTW3_-(-E=5P4@S+|P(8uT?A+gy3js|3AAb=3UxEKC3K&}h4IQ2B zYz!T(5dII2a=nR{j&cNo22e&&QA$~t7IOq?4Nyi( zN?5?m!Ll%@Gb<+>rw~9&MU#^Yz{$pe&A=e#1O__Wz@XAVXRr`}Q&5l-AmL&K;Nk#q z@(FPZ2yyUYGXSJu4jxW6R@Tk{CMo8>lK24<_F#V}8xRl*PysqygY6MLKtKpU3kI?Q zJA1GJBp?ug=3f9Yc5($>XU3!A<}bm<8Ag`k$$K;D5ZSfGuoX?EiCB!5Ij#0ZBluAYcH;KOq~q ztc^R^Lfyt0WDT$cLg3)P<6x-8f0{td?QaY0lIn_z(u%MCInTe>)PXioXKfFMf4lyb z{5Ny{X2f)yY}^4x9BdpMoQOok-+zBI`44|B87K&5VFN{62wpw_(8&qtfsMEs2;v32 z!-P!H;Ixi=Jt(||s ze`Fxcz!CfYml3-E9MZoLfxqlRV86ZbA!>lX6ZjDBC4Lj4f#h#Oc$WH2h*r}75Vp}$UAVLT72O@;*eJ&igkXOlVs8$A zAVSyi4@BrX{ecKw_#cRvr}H0(*u2Yci+Z@a$PPV;Pfs(+fM;<4rM{3750zolX7?2z}7+QjnE$3%nto{S&8 z2RZ6Y(%L&1i?m3cMy_?89|C{*`1NJeAUYvIHH_S}ngpqiA47RUmfQ#u<58E!0(@*k zFdJVjoWNRL2(R-nvlH%(&-Nz7jY!j{`Andr)8DLT>><{`h)DTYJT#Gc(I1+cZ?DVK z*~PwcH!#MgLZ?L16M%d&jdbzTgKLytbs0Wv?-r+mhO(92xY%m8i!y)UixjE`oq*i= zmJb(fET_6l(0bLwW_|xhrE}c%Ub}hO<919M-xSo~SoY__ipKj4P(75!H8Tlm&@TcoaCDS zs6K&`R3xCx{ou5pM`?c)<_ZOw$#i#Em;3Bm3C5uKS9vw5Fh5{<8$7%RjwgMT-H@3zgF@4zM z^s+*4`r<=V&zR|vNvd8`viFDNkumu6jM;_Zb&DljoVJyCBWXG_g=Q}20NEb`Me zNM0;>{LI-sR7}iP$=5Zipd@Vf1caQnq!^F29InQsXW4%NEj9psh#wvqJpb_QRpWH% zpodcMqftuG}iyAqG_k;g#34N5LCgI@2pLj^B78Fnu^H&(_<>+Y$ zgiJevuOBxQrb|nXR#mWUMXS=JZ=pvE41mQ`pP-9LtY?9U$F4g4we9Wc5<;pOdH8Z= zPzoSERGZm$T=$hGx~*F}MqgTlUe&9V7gEYiQ(}KA8#dQ+=KpY&LSk_#&5Nsi=XTP{ z$UoGaaNfv`Q7>X{Ox&Dxgu4^)Pq*b_^x7_m?6YBONMq1+ z@tA)sOGD&oi{%P1&sx9Lp7MZ~A;tHGkq^U0qZh;NvAL+B!;&IqHAovuG^Qifbio}i~4x3!{l;O``jukr>3e|4w-MqQ-6<&w6a}KY) zohMhAw^%Px?ichPfUX;0Q4{UEqXcrYe%F610x7dpKX@tFPU?ly@u)PKw*;7d9}kOHspTA8;vRq)(n^I;wE?Tpkg-1Sg_eE5bu|2x}> zM|B##*^=2=uKQtNi$xJyP%drBEitcqLye2%+qbXozg0=>X9j+Q1xXJOs0U5C+rNK3 zv&_sFo;6Z4JI%`S-jY8hR?0Y+^u;&EOfOh;%fQy=_B;j#3cIbJB?{){&J*^Ag6=!* zG*|bmE*!<5Hu@@|Q2-aWvNJT4;T@jw`fVd|n;Xd38CVTtv{|v0Ml=Uzsl}e3W|ea{ zOS4xjti|Hx)>kh-24|yR)O;+L`R0Ey{{Tso7PWm}&;cY7ES+6L-{?;dL(|G?NBh~z z?o;3f{!A_31&SSfOxXtGoFZfG*c}6b^?o$o)%9ZbyvkJ>{OswB>+`%{IPl@?;*2o0 z6x_W1*+Inf3h_amRszt1kZWfcjmBhzZ)I05NL|(w`m+?eP_U7Dp2 zWSBo%QP8@t!%Q#4QQA#%@wh-y(cetMd&tUU*EpQd%41+Y8WKW-Znaa>n0_8*gZ>A! zV#ya?fX{}0RpL%^vAOYfea&C%4j0t?+2jKs{tL->PCvW;6kLPxUs{U*~5^ zjO`0KP4Y)G22jf`l+iVb4=O(*1+m0YiW!c&A?B3*EDoxx03M^klUT4pSvKM^& zJYLwat~W>loF?&yCRc2RFZ9=yn^*t8l8+tU8*F!6=8iZ!po(E8T;NMJ-f>x+2Y z^;Rg-S2XsQtuduPx=lUJJFE0dJ4>4YCfS1@p^_y&87hws12xg^o?qPN-8PORNhpm- zmuB73)`F~VuDFR$%U|`|V(raifm-*?q6aR~&U6;7EAx6wZd`x5S%wBfPN%b0^nt4t zC%RNErLoBG>rF*x%;B1M#=!$y55b{X) zYav_{qd!c`_;BD=ocD}XD-mb%S~>LMYkH7< zx1|!KRnVr=O71f(ayQsX2EHvQUCOl>PRjP1zb1NSnvZ9k>4#n! z_EUb#nf-Gt<8FbVBz~{Zz`CsPlZB>Ltv>1Ci}Q~3k4S&eAb%HviUWb1?ON^gVj+Js zT^Q4pHb+6*8;ZdQqGIQ(dJs{RQqiSJaTzXze{;nOLUQoXBkvv1#QV9#UjrTe&LomI ziXiw{nmzHLY?|)2;FAp9C+T;Y^cOQNe(o&q?(Kc$1Z){w^~j^T^gDa5*F3!Szfd44 z_YM1)*Asu<%P+XS4Vkiv;Mz5NgYCf)e9mT4YUJ^=`N%0PS)$)i(&6CS`BY(ouW~ge zap?~I!bx{6sPbppXsBoO5DjvhhpUb@#N65OJtuxxC+yzP(y1`Gg+5j7Xn(6zm1FG1 zX+3EJX~K5%Zee)7WZ=75m)E-JL8?nH?0z_#ZqR=*%2Bc$o4So1U%6uRTG2ASRAqye(@uFlE$k_JMd4FbzGql?msVi(w`y4 zySr8=)Spn($bXI$PamC^mgT@1#Eu&y!VwodeyIt*fK)-W1}s;TeAtQ|;~bb3=L-zo1ljP@Fr+QV^r;&X@I5 zZviQt-0~F(QtYZpU5QcAy$@b8q%5f8R^~9nzga!pZK2_8NS{whyMHNOOU`EvNx;4< z$~i;hNF468pPE^BWx9^C*M$P7swe zA?_bBOg%CBWY9LT_jrZ`KKp|2F}Q647v8<#fLE-eNZGWQF5=zXIML&bW@rwoOWLAf z_317BS{Zm6pf^W|8}vkIy@7u#bdd5c)xRu&oYT#tVSf zkE@deu6$x<_@>^!ICr?L6$Vp~tu+kSsA0Zo6}J0Mgd*8<#ADb)j!)R4a23+- zNI5@MK`dWPg|FT(1(~#qS{L1N&GMsZTVqbU<{RF(Dv1(+m^3{n(p?+C<%WMA+H^dr zon#W0j>*WQy+z&LY1b}xDgc6r0wm;?aZ~2%3Q3puxJN1@CKS^Q-om*-!%c5fraHa3 z$tN>7l+D$C^iG~j;u!9HH;Kv%-fv^KHT*E(DS?qh^X7_YdvGoQ<1$G0X4i{@IVBQZ zPa;Tzw*%GEeQPGV;F?QQH4T3dL$~ODZiiRsNxc^OQbg!*sa@fG9~|Hc8Va64K7_gY z%_VWu8H?VL-$RGxMleVGGMrsf4p%EQ9Lfh~*|caVb_(GB^L#EUL@y@(V~)hKR^o2Ar^}(+lJ#frXT}2> zuSBiC#EKs^Dw~B=0`6HQ?$h?!;Z?4o!2hAX8F~diJcu`Os)N@PN z>@eX(FysxLiKyO*R*5d(M!y*8#Iio&yCE_ife9Oas=$YL#cy{4BkT7*hB>g~6F8e1 zR>PQFp&{=(y);)Mw0?x>zIX9TUs>4unz{$xj9+O3$ymHG@x)+oHTIAm+&^}GDVQu$<%-*y<#RrWkK&0qAZm zoc-80m_ojew4|hZ`1&l0K_QMmD;>-AwQ8jmFVw_fqWXX4mxQ+S2Mx&Bck||gw9A@T zjPKsaAF#UI@buL0ru>BBi<7pVp7x!RZVm8#%_;>uaH!a)`=AKuF4pDJtuH1&dH;+v z$|{})}(=W|ba6oq(WHe-Fc-l5^DHm+kkXxcupKi7KMl?NNP+Hv6^s+(37 z<(y0-aJ+xF^G+lBxn%P>OFZS8A>c$XO*)8>vCiFq_q!v@H8%Dg5m0_RdcgJ<5EBK)3%P>%fL&OJ|!?w1Vu~yB)EY2W7^SUtM$Oh zdG1;t4ZPYGH_*`LO8JSJgi5Spj}e0xCmiF=GVp(c06kX!$v%=p%j~?qo1YAEYIx>l z56!4b59Cy-C2wVWt4hl>GNo08CV4={67Q zC+&XF4Wxe*I?1b0 zAl&UBOH-g@Y+%N(|8W~q=1DMX~XC7?29y-LKd;Nd? z_5PT5vTA&#))`uh18Yy>Re{wEaP%sUAN>)HA0iK0K%WAASLB$}~m;2Il-pcAkzZ*KxuE5!S7c5vYb<)$yxIU&V)$ zx!4R?8^`b|RJmpYk)anH0==D`k2!Ws zLJ=re;1CgsCjTv#lDl@4IXHbsoi63Mx`uD}LXXhouMsqPZ07Y{TzYmlmfrqNSB@1e z^SV(b#*L6%@Y>>A=uM3y_N5bVMs&|=Fixx(0HZuD2N#5vxtly*VtcR{Jt`_&2 z@-C)g8dasFBEJMz;#;uixUZYNVc;68d^%uHlustkN8?sT`bK}M`MHgygQ;$|=XM-D zIqlmE@32d>iR%GetbO>7|B*kQUm9^hcL|3rzI|u7m$ro*t~vTThDJDqluAQbxs5jE zWnzBqc0fPY^p9@Iko@JRN?$r;1C^hv`E|09C{#DWjXhy3R?3qEgp?#KZm2?4;4TZ} z@1_eaQzbzk+I4^O;%;JA1->G=;YB2Zmy5(O7dl)pkPCPVjkqo6numL`WyZ4E@*@6~cvyllG|~t_ zr_9H>OS{z8sP!f-Dx-o;H>ddZ739;jIeY-l&b{UwQbB*SoH%*L38E0>ef9u)N>}S) zGz}F!bj1@+IO^wdaK~;^-!{kMt9ROARY_B z9fqvoy3Ge>=3cKC`WC)4N-1A>j;c;OdS-$X;DLMkE)CDFx!EsU2k1NBCXv7>=nAcf zepT2-CzOBUS!+$-Z;PQViL@H6vdN2$+rQedeby6B%W^jgf1xWaT<~E|uGU$SaVrbL+a&^1S$NSKp7ta_E0o22Vj3{REgBqyP9t!bqTR(;%Vf z(fnT7^rrs-+Q#Kvd1HpMz7z4+RqCLjw%&rHdw+R(mc0lJan5OjiBsy?mgaDwz5$bU z5%yQnzH=1FUk!*9uZi?YDlT zp>KaiS@ksQOEe!Xhl%}UvI$_M3dec%LX~BfuB{*S zuVs%C#|ooN24aKUhSh9SU1UP;scq4ZJ=_VYX_I88L|WCnov9wWj)QAxD6fXW$k3ni zcGnW+GGDSc{rHQ_6Q&ilG_=MF-$r#^1p>8hWs(easJ`(UG6#R* z#oQiQjrgY;ac}#X=bh3yS$X|*uPeq1zEpNb=;io*gFIWp%yg-R&lx81&i6L#Ux-3` zlhsh+CimJ*ny@Bz8nXw^Pqwk+E00vZOd1&(S}lRfyb66@Z%CvQS7h~wW$$kG+?H6w^p7?+C%P`5*x>>Fl-Al=vjA@O+S1upX4VW3H+IBmi zg~tt!`X${YBvMS>H?USS6IKANq1(bQ`QS-M^WE`czB2<(G2KOdo4H zGx0}>Wc`~$o^r#VwAVJ_s+$UQ3!+uMk@9B&qV2{VG>Q906U(?5Bkm=a-qC*{DkW9H z&8)CKN;Ms;B^jTx1nZp8npof9MD+@nZqg>*c{7K#2A1Uq>QS);pM8 zzfE(yvgXIjA-#b~_nt*_U7sesAKZ%cmx21fE4O+SxK47#H7i-+$+I6}~ z4>O{oaUl5h;!yTI#V6No2045}-BixJXV>IwYF&!f^*t{IpVi&xuo8tdE>yeuJg|X; z2U71iADdp6vf>$bWl?YpD{i0U;fGYw+nFS813J-h%~$OKO;WS3URHlUP=HCguuC*1 zt2T$VBJrK%71nXAyr9|h79x>% zI)#pgViY_C;e$&7wKRX5YW+27>{-V;>p2VC?Pm`fVN%3_sGfl0ln>WhdY>J8o>K;3QTuio))))@qXhmSv=Z ztFzE|zF37t>HFj=7My{qQI4aEiT$bzRtY+V-8-sNV zdb0V7p*+QWeN2#N<{>9FxfSuT+dW%sC`{o(luN%nmfPK##0z3Na6%wzXhvr}5_v*l zE99Ps5kwRWy|yeFW?jA6o}}?Nq$YjJ?co{35xGoC+?onpUq$j?C4FE?0LGS?Azuf#Kx12)@ zu8w*O+-e%_%W(0^A;fC&maRmyYM4~QF;b|-aMJB3UA@d6LKogrH^g;~vRZvs2RuT3 zQp5PJh}A%V?~FIMQ=2qs!-@&-cw!S)tvCDP@=2T(k!8+u8Kvo1wCtzXDmtDRuX)-P z+~ZxWcC>#Fe)P3|f!I*FBCk*D$d-4~We2<~SU?T1u$+Ishkw87yR%C=@|rP}}#{m$*6DBTS1@z%PlZ5o(KWiq;!7_h&)_VF$<3vkXEU5rw4RLvL9uybM zDq0ZiJDe9RE1|%WoXyzM2#X_=^(dz^Lw7qg@ng;OrAREYu%kp_FzWiI==(vXkZgZs z=}E$^_&m#X+3A?zB**{Z2mAjw_UT35hOq%{s;g|J1UDSY3Z)Hm{8|3zkp5d3=7>aj{wo3F=;Vq+ zU;$bfI0B3QXR0ycFK=21IMUVepHVd&4285-K-;1a0O7wRq>BpD0|D1X;;iieHZYV6 z;+Kvnv;{eSd=psg`*B$}`g;t~KD77O#FBy0wO!~xzQ01^#HcmNO{1j9ffGzLdF z0wB!97hr?IQvSS7F<}7E35G?WQ3xB{&(L2g=wIqz*Y~$91^`-P935f56$wHj;Yu;^ z-+z)M0O*ClV*VDy2`zB$f3P?J=z?%VpnofbDv1B+Btghg_)TB{Q0Z?16S6h`CP{)P z=x-v#jQ%FV!U2DKl_D6k`kO$6aRL#4AfY4j50nA`9e*Q;@C@ibkZ>0B2Z|7;@COns zVgJCN&-(`wEdG8_kO-la=P&&4JEW+H@qh3Z6cq&siV%hFkP7 zQzndASQsoN{!6uX#S$(L_v=ebSkHg64U(|T2!sd1n)1Uq#`^Xn`)4(ei~JzDgT-Y0 z#EQ1H(c0CmBTZC66EVc7f<6sr{!djVM_ly5 zZZFzWA4z~sR8mleA;DGLqU`!tlAMb|#X>&1Ux|+;{rE1(&pw2_?$*>M=9Me$Q7(B_ z+z-nO7FpSp4ES}jF_QE=W|2yCLVxbtXIy!F)n;X$NZJ#TNNL_fOy49RKk4&bR|~&~ z2gFTy>eN(nhpC12caNB4E4p`ib=L1#%Lg}T&z{(yLnkJV8M>-66L}xr$qeOf{C)7Imz01>~Ik!swjgqz8^3kso)~4!e|C~+YIL9 zX`xe$T(_46&OBPUDv z(fQz#+bpCD#*Y4eUy>24)IlHOh0Jajy1fQt5}MDsn(D)?xi=J)-uOOD9(Gyak`Hh; z^C*eq%#h^X7?;Yk%Rw8%Bh)38+awe>UeV-(Q)wIJ@g@D^MRzRf>ouJXWFWE`V4 z$T_rmiQiqK=)pdJE1Qcn%{fVt0lQwET{`S9#{A zKk_*}&)LuSob!Bo>HoHR@B0Y-50CrPqb0l4mU(R5(z3F0rOo_(`&!wQO{&Mj5A=5q z&y<@!%IV;%_wM@RjbjQS4Z~e>#n_DYY?BU!lX%}@#nata6poem!!Pg>ZXlxm?mtuY zJ|#XkRCd&k#PP$z^S7VsbvC}Q@#;?hjVo!Umk-_{z97 z9tRbQ=a{~XJyGp@eOD8QRnlHMAZ9@-Z1W-n6qE$*2^n*2dK+`++^9j z*}VC)nrz_NqgOxOjXblWd5nwFt>zbDqDrlyI#wx#4-&qf_uc*|(GvUKzhfBtXLILH z)sF3d_V{jG{=DaF@9c8V#*b;%8@`Q86Ph@_ExT#&%@6vvW8_=?sx>1&#G0zidlPUu zFX70f*aX9h<0g^k+E0kpI{K>wp59{oNs-8GX#1zl_;9Z7&6Za$?=2`(^`MIz)5f&~ zsFSHjCaN#Um(0j8s=if4s1zvOS}oW zqWbTSJ+|BU&(wakl)gu&-({~c{o`F#+}$w6mgLzp#PR~iS7pd$gh@YLSN6x`{8dky z){SI^)QU@Yma7KJzUn;MS;DSxw&;qnHeL4cfy{;vmlwBfEOQdS^gQ?a@wxYA$kvZu zoD|EFx4ZtTGqqnK${*vfDCDWx9+$D*hxKe6&l$qH|A8_-qSjLhf|`dL=_P*>D%q)U!C3E59iDG`K^?`r4%Q+A(*LhD?Jvw%{g*DyD?XT+X$9C>i{A5&DI4Ab; z+J|yWVk-4ng&R%Xn=f|PZ!is_S~l7mL>r!2afhg-oTXM*wf8#2bWP5GUw$#*Qt;BC z;I&hZ-k)|ZNA-OCM<#r4*sOKBevUO(F@pHA1A1m#BK6tWTf$dvJC@(f5x$eQ&+Da( zUh~)%sn+aA=cIOTiII-$H@RWub1kKJ=^e%Dsrb?TirLqqN-UatvPkh40eG%s!-~as&+9ZE z8sXo>7y62_O?RnLlhH~4~>lMKjl>@(Edg{gAu z?mU=p(`pxc@|<_Q-PWMmLrS>#bdh?`QlVn!6V_S5dp6#mQC3ySc1KLe_-f^3qkafa z%v||QIjT!{*B^-$f5kLwcsVUw>u*h7mZA9>@n>|mr5rOTu)6!`c8?tI)Ta9Ikn1gB z-aTY)kaL8@x_EsHDK|lAw)@x(OW*FAZIJ^%-DA=I7tUXu4?pzC`^-db%XD6#m|sww z`68Q`{yu7yLQCqYu!Q?;me*&;E&eDqn33yU;K2zaH&JX z!*_jetHYx*7DYPed5DDXnQs&GLb=~V#(v_2XUw%x`evOkBo%cFZEdYrz3tj|C%0R$ zespB?+>)fnN>&%Q)U?mnK6^Uj$o1VK;}U$^rnDX`c%2{M^eE2^OWPAMpQX~xE(UfV zsp?B>KdYuy_Cfu}q_(PNr($f&%Z*cu4lT{8u8tkk?6#th*d8A5^x>#eq+eEB zN<2@ku2Z?W*>JCM=|sKURu}afX?uF|f)`wqj~ezS>ebX2Sq`5pcEt9xd)ghs3hGvd zBx<#q%6CuSJYki`o|6m3?{4NDe{x@P!?LVOkvE-bwHY>VX3xNaXI?j-n3OpuZL&I> zx?n|yi{ZEhcY|}fo?2`8bW$OYue+9*mF%)^j^oXDeROlKC3n7>ft@h04ua4t>?SVQzJdO>a1A6cNA4i16$%>HYG4*2D)=izB`i z$-m#%cuR-2@F;&S;d>#zK}uzWTl_s<*r>^tU8kfvltdp&l*|-gIBBeRVTH)^9-`bykd$A9_-@9a|NpY4EYgMnedCcks=k6%(KR*GVJa=w(Y_N@- z=Ocebw!K_URJ!xci{VcnJzUTjJtgsoh>*`zjgS`HXnsYTe*dNEPHba|)xqc+Q3)7t%o(kJ}( zridDK`#a2S%6!B|^~FSW+>-hFsA&8d>P>#DK~>zOlk4mqi`CxTatpFF4z`^ep^&(b zl^?M#IW&)|HRvcw-mPMwLJ2hvyZ5o_tY@ly@|lE5y?qbQhy5j--mi$Fw5+vs z7xXq3Xl00hZEk4Om}N11^(9};nUmaK7M46-hNm3;DTl>UUI)yBu|{4~uXO_a`G zE8G!(N@VtvBKDK)?YKM9Pew+oe9;OziHlwQSeB9M=sNo4fxz&)y4ul#tM7{D8OfSP zYJ9ELnj#hC*qd?GK8o;U1qxBpN36_!4|+~>4z3c*d~nL(eWmBpg#6-r<$^!<`W(;H z-6rc^t{BCnB^Ms)ewXN*C!N0Vfy^Q`y$MFWF&DfwY_l>F;CGvTG1wZ7& zvQ+a9S4$Wsr{rItmL#h_Jgu*7R&e&;7EQ&A797_!KVhrab6PWT{QO<)7n5MVK|zCq;*(L#}%qzrb*vumc%-G}0grg(}?a>vt)?A+{XOwP(bY<6pPXnIh! ze(mAXU2mCd)(^;Bl-{h*S zVVyFYmRpcuQ^j5udKr*9Jq|uDZR|6yaEhPX))VFaD{bFf9?8=3rsC6~ z+jo03*DI^L9BFXSyC!Sz>v~|W+1;Bn=MAO^Jf8dkGFR4<# ztDSA*+Z0akl;<}LpEyepb8_*uk@vf?h0du4iRaE5YHBWInH(p_65%%nY+3`QIc}m@ z$%*jIJXYcQl)F!7yYd|GzjJB(__=BO1hLS`??M;$2)RV{E0-w;=!iKM_}^YyB58TB z;Z6Ch$J>l7wXn+dOMLp)O3xeZ;iNQKB~EB>;*HIjJqb-YQC@QQc2%5>i#c`Ww3Oj> z@sRnp&9}q;%xn*RzBJ)dUqqH|E~}VcHp_MLl$cFBDt#yHpQh?K&gh>yx8Yu0Dz6fy zyj}hNmiAj0diHd&V!h>}t~;9w=>6*EMN2f3dib>!QqOE+_tT+G!sgliOHO#L@yqb) zm-N8(%Ts73Ey6MLX(CNVJYaf#nTZhJW!4!SZ4q~= z-1@qaX~m33^S_evn`?)eRgG?=Hg?`SFPW*a8>bKW#ktohBo|Q9JSdmdf3i70)l! z8q0QcUYMmHIZn>N;oH&Np!#rAi8W=-=?l(YuXXxsh5v^Mf0^INmw5GUn04pp{@A>Z z5bK;{r*AxM$g4Sb`rNaeqsv7%CEz-SZ@pIXUT$TxeQhfhK4dXgI$IxDOn;_(q*1H# zc5FmtUfr&U1Y%L|1???SNsYpvif>eRo_^!&eYPuhtXKH#&4P}uFiXdmHMyr=I80c& z{6*LFqJ}88x$r=V!%FA;xGhP4%Knr4Y3J1%)y9IG-OKe4e$VK9F4iko?0wJ|AaVU1v?|*&BRd~-wrDt{;)213Wxp>@J8zx_6 z6xJ%=@M`1Qb2*YvJvw~W73o|jD{_0EM9T~NA2MEG_uaUF#oGeAla0%@qoef;H{Tp- z8vW10Z|&42qLG)981|vBX8oFwl;x2=jhf>XZhE&US)5C6o%cOVUT4PnKX_l>wnUiE zw}|_4wbB0GY8A_($yZNw?kRMe)H|y2{PuBu!f#*eZw*vWcr0NlX1%AzDeZ=4--_a! zmyTWhUTLBlIKj`dnLXI=>t=O6<+j_RJvCWxG|0pD_de*m-7=C?ot|M<^>Fy{8OBWl zky?NE%hr1;P4pHj)Elo?(ED)kuhQ+Rb0%b{o}H;u`1P26LDXY^Sy9&}wOnO$_)zBF z(|@agzBPB1K2TC#TmN0M{zT_@u`idD zto&9!xJ93o6K`4m$ugj#tU9Rk+eoibdK+|2G>n4WzK^sO`}zIA=iu<5w*KMM1BVMc z3)}42Znrn^fbf1{lF!IsiQU5HLO~A%r3e{p;7ewgjOf7M zJOXD35~T@9jE~YVMgV*Vz6S5&1TNqqGyA~BFA)sE;3y*; z;|EO?7nTT`ATGR=C6Iq61Pn?3e(GH$ zE=;ll8ok9Q89s&>L&2Lisu`ch&^U6AB*FOzjnAVwG?GXCygT=o>j@rBbCe-@e1Zsy z7%QATf=>&A9L5PBn?}=!Lol2aP;`*kcwq$=eg?^qfMPgBVn{N;c}DQl3BMf8qaiv& z?-D#dpJO%;qQtpNV$@H$>@S8m&8JY`@^}o!QIMffh8WK9d59mu5QqYzAmr*$-?A7+ zV0?@~gg{c`oHW8nK7j@r!@!e>5DcP)C__M%VF(R}ViK^Z#TYmnsU0{-p{@plIU#{_ zB#H2Yb0n%D&fxTaVQ2p<e;WEX^U_wCPNG@Q60Amnu0Ye7GbjWCCXr_bH35LcH zud=|9M0B_Ww((KO`2ts}%{-lA$@H>iz3c(?%(Rji+0!J_a zAOPbiO%e>+DlwJ>06{G#DM-Yjf}!R(Aps!-2MI|5!?jpI|FZaBgGuT~-~QqMLHCn1 z!$&iigt#MKz(^XS(HQeF3LPQp}D|k7>;$+K>iQ9^{3K+DF3$E-(`^GZ=w4Ue;&bbFdd_K0u?#DU!Er7a1 zJtKgz4RtHDd`{&E00=pE1q=t41ti0AVn^eA0*x_^lbkRKXy{`|=x7pJ7Kes&%9Dm6 z^JnOO&417h09Me;kZ~wF(j<>lVl)HLh2CX&0xmzkU36NDK+%5ULEcK#qbu z{J%kVaQ=hMhd{?=py3<{hQW+e+YB@;v~R$G%Dv0yA;=2;hkk`~E1R5K4P7Ld!ycQ^-PP{Cl_ z?+gd{4XlDlzQaw}mXNyyPO<0~53e_T&Qb-7(O`ZKJ`phhekem2a#8pqNE{ta240B% z4aqOG$6>MLxEe4L9WQW#B+-!+V1NUA0FTDd(FEtg;EN|`iy z;Hiy6<8hK2-d{Kv2^EI%6wu2wpdUix<5ZB>>;bGI(R|{QoE8a#0=(^@EGWQAE{&6) z@IuFN8Xp4lL#5xbio!VqB0PuSXiLLkTIIllfPhR!l!1MOgH-}p@P99sA6UiUoc;<; zjz)6~Ac*s_05q<3FrK5EC;;E!Yt(;j7+gxRXa@o!ta?K&fo2E^%AvvAH9~_9fWFNP zz!KWM2p$O|#gDtcunLHrmIjZn)NgC-k9`YhKt%+TP#K8(;pvFs7y^aM45@nXKLN>w zPM5Hca8@CpL90Oo3t$-G(7^jB4W9ndRslmT2AkPXhA{8IgDQu{d4YfjR!&O+8V6vZ zTf*Xw@FN6+UEboqWB>qzmtpiE3{gns!f44E2Y`m7<1f(Q%`0e{g0PM#V27x@y!tu~ G(fID, buf, 32, buf2, &len, &prng, find_prng("yarrow"))) != CRYPT_OK) { - printf("kr_sign_hash failed, %i, %lu\n", i, len); + printf("kr_sign_hash failed, %i, %s\n", i, error_to_string(errno)); exit(-1); } printf("kr_sign_hash: "); if ((errno = kr_verify_hash(kr, buf2, buf, 32, &stat)) != CRYPT_OK) { - printf("kr_sign_hash failed, %i, %lu\n", i, len); + printf("kr_sign_hash failed, %i, %s\n", i, error_to_string(errno)); exit(-1); } printf("%s, ", stat?"passed":"failed"); buf[15] ^= 1; if ((errno = kr_verify_hash(kr, buf2, buf, 32, &stat)) != CRYPT_OK) { - printf("kr_sign_hash failed, %i, %lu\n", i, len); + printf("kr_sign_hash failed, %i, %s\n", i, error_to_string(errno)); exit(-1); } printf("%s\n", (!stat)?"passed":"failed"); @@ -1542,7 +1428,7 @@ int main(void) if ((errno = yarrow_ready(&prng)) != CRYPT_OK) { printf("yarrow_ready: %s\n", error_to_string(errno)); } - + printf(crypt_build_settings); test_errs(); diff --git a/dh.c b/dh.c index 44a237a..7683deb 100644 --- a/dh.c +++ b/dh.c @@ -12,10 +12,9 @@ static const struct { 96, "DH-768", "2", - "2893527720709661239493896562339544088620375736490408468011883030469939904368" - "0860923364582982212457078989335831907131881773994018526277492109945959747917" - "8279025394653904396221302707492255957231214118178743427870878320796645901947" - "9487" + "1tH+dRFGpEYyVLe4ydZcYyGDpeAxnChz0yk+pNCtkEXwUsOORyguBtx8spUD" + "FAjEDS8PutUBTEu2q4USqu19dUbCLj9D2jY7y3871RnSccurMBsMm35ILcyQ" + "rpN0MQKc/" }, #endif #ifdef DH1024 @@ -23,11 +22,9 @@ static const struct { 128, "DH-1024", "2", - "3477431594398766260792527967974222231775354473882066076071816639030459075912" - "0194047822362172211817327089848758298713770865641434468581617942085516098634" - "0457973820182883508387588163122354089264395604796675278966117567294812714812" - "7968205965648764507160662831267200108590414847865290564578963676831229604111" - "36319" + "Uypu+t9nfUnCj7xD+xokM+Cd6mASW4ofg1jpC2BpQasC5edtA1dJC+RjbOBZ" + "z+5mvq5VYT8Wfjmlpjm9tQxHOYB0+3Myl7gbCQ5SRljWT2oBLukLNvgFjiU4" + "wiWkmu41Ern/j6uxwKb740C+VIgDAdeUY4fA5hyfr3/+DWYb14/" }, #endif #ifdef DH1280 @@ -35,12 +32,10 @@ static const struct { 160, "DH-1280", "2", - "2618298020488323341377089635550383393554460131909411928885489146533597039863" - "5379029297773089246854323581071445272213255646852180580463169755159411503866" - "4190218001872082125570169842848154404911652982668791288605239288293106162305" - "7236093554796242806887062958692596037823904832542385180840218330924392268465" - "0197244314233248991982159235832322194332167923655574170280697353556560854901" - "280047" + "520QV4Tsq4NwK9Mt5CGR9xk4slvaikgi/ax3OPky5GERKTsoqEXOlFyMzURP" + "P8jYzCVz1izKd2zTDxbFfLxrJry0ceaQ5YZa5N4teByCPVlQh4v6iQl+944+" + "/NDlKzvWpx7HG7k8cGKhva7aFF8bP/CvLpaQhrfXlOX+X9pcmML9QH63tUjq" + "B80l8Yx9KN0dC3iNnsTV3DnqnEvFQkoqql" }, #endif #ifdef DH1536 @@ -48,13 +43,11 @@ static const struct { 192, "DH-1536", "3", - "2992593690703251306835100868059076484222548092264611010748654597096560864537" - "1704684310938824733433085888971827086341295918925237859522548192211945291282" - "1170570153374563548621496076860061698150233114892317627457427359445435608693" - "5625000902194809114890745455404045166957722404567939575618007347432055137282" - "3291711752537781447636541738638119983678441628437171377508654097130147131310" - "9209393805685590941710151477648542896503595482724205166251069428524927527085" - "2602467" + "1FTWXrPcY1w74oZ0ouIzSN8uZcRiOf6U11fx0ka6+7fqIAezPhd3Ab43QnDf" + "KFg+or/fFRGEWAxF8WIE2jx8iTOu010yNEQyH14CK0RAyy2zY4gRs2MpnU5r" + "/feWf60OkLtnPzN34+Xnlg5xf7Jl00wkHRCeJG17L3SklOidAPxWnE+Wm4BS" + "SOzdQBgiZOjlhrYS1+TIU3NP5H7BrtKFcf+ZwBULibf29L7LkDOgQbie1+43" + "lU+8SHAyBwAeGYMfZ" }, #endif #ifdef DH1792 @@ -62,14 +55,11 @@ static const struct { 224, "DH-1792", "2", - "3210090394251532205679207425273650879078185529033544241951292722086520015900" - "0402371844205168176419829949232601235193754977706171541009393172204470047690" - "6659627844880912479392592056697278305733615369406596661203184035142652643118" - "1379603333858737848321053048184938839622944591194935387992479717305577175500" - "2554620614907177847128950276247571809502831255425929468853285490357704941968" - "3407102520889651917659577334897408316217748346860775479727332331727022096550" - "7718799868459391361770854814013613619048768630587629568449528005570971478547" - "34960319" + "IPo3wjvfS7vBYnFHwJHmesA51od9fnR8Aenezif4qLE2HX+YCv1tpvHA8yLH" + "yYbKe9QfSHHtOgVjK8AYEyPirpXxlmdykGuj+dX7EiWMRGYc+v1kKkqmCn0o" + "5tU416O/1HXTpQ2Hps0buchUD+HlCMrSgnIqRxK6Fjr0ZfiCS4XgAD6sLgi0" + "BxKFMxDsVzpGMNwF5Lj2R/cJiTi0cNDDY3gn4lK/PRUsJtRKU+9sxy0q5Yof" + "aG5VO8VcHkZJVwUKhDFHkZYWMHV808TGHXM2RQ9kRa2QvS2mXxMrDSCloQ/" }, #endif #ifdef DH2048 @@ -77,15 +67,12 @@ static const struct { 256, "DH-2048", "2", - "4726642895635639316469736509812041897640060270607231273592407174543853221823" - "7979333351774907308168340693326687317443721193266215155735814510792148768576" - "4984911991227443513994894535335532038333186916782632419417062569961974604240" - "2901241901263467186228353234265630967717360250949841797609150915436003989316" - "5037637034737020327399910409885798185771003505320583967737293415979917317338" - "9858373857347474783642420203804168920566508414708692945275435973492502995396" - "8243060517332102902655554683247304860032703684578197028928889831788842751736" - "4945316709081173840186150794397479045034008257793436817683392375274635794835" - "245695887" + "5sR1VmdsQQzzjN0iridVVyveug6sAC3+/jTIHSgEoimPOREXQ05r2WJZJAF2" + "CRu8kuusiPw2ivRli+fdLr63v1uZG5nQa28uLwNxZEsu4gu6TrGjepXeXm4Z" + "CVOC1HMmi660fLZ2ruHLa4v2NWex2Zx91/y4ygPlZM+K//iy+Gft9Ma9Ayn0" + "eYwofZeUL9vJSfutPVp2ZrIEUQDBKMvMm0SRSLiUjDtzXqrH+b/wuwIFG1K4" + "var3ucsT45mDzD9qb3tBdksSPZbr6yrELV8h+qmjiBr15oHKEglS0XwSvCap" + "abUn5XPPVoaKv13+tOnG9mGgzQ8JeClVXN63Q+GGEF" }, #endif #ifdef DH2560 @@ -93,17 +80,14 @@ static const struct { 320, "DH-2560", "3", - "4364638085059577685748948703943497396233464406019459611612544400721432981520" - "4010567649104824811014627875285783993051576616744140702150122992472133564455" - "7342265864606569000117714935185566842453630868849121480179691838399545644365" - "5711067577313173717585579907818806913366955847993133136872874688941488237617" - "8558298254958618375680644901754262226787427510387748147553499120184991222267" - "0102069951687572917937634467778042874315463238062009202992087620963771759666" - "4482665328580794026699200252242206134194410697184828373996126449788399252071" - "0987084027819404215874884544513172913711709852902888677006373648742061314404" - "5836803985635654192482395882603511950547826439092832800532152534003936926017" - "6124466061356551464456206233957889787267447285030586700468858762515271223502" - "75750995227" + "G7UVKk+N6LfpGkdBP6XLB4QJ3wzee5YH/3o6tBDMwr4FS8YjCmeP6l4gu0hX" + "dzY2Rive4TYOu4Akm4naZuv32d71/2lQeNcO23BNYOEPxtn9BU8uYfaHP9Mo" + "M+m76oUCiI5uqpag5RH3BO34FyE4BiKkzjEXq9xxc8ERacG8Mo8DNiXu79p9" + "Q/0wsRz+W/lIN4gYw3w4iLMooAGnDrhcj5cZb0HysHWYfqmFo+jTBP6Egi0g" + "cmVO2qWQh2cZIQMfppaf1Ffq0XGIJpgDFyOHPl3NVxDabVK1tkVct+hathxJ" + "UTdqZmR2VFwMASXjfgj4VFdvFCUxV8Xr8JcwXkwlMjOJbAl0LoCa4M7hpYvz" + "G/0XviGCpv7qQaONKtsiQ6mHhMcyo9hBCRZXtNPkfPMZkPeV05akvaDs6Ek7" + "DZ62oKR" }, #endif #ifdef DH3072 @@ -111,19 +95,15 @@ static const struct { 384, "DH-3072", "2", - "1142416747335183639807830604262436227795642944052113706188970261176634876069" - "2206243140413411077394583180726863277012016602279290144126785129569474909173" - "5847898223419867427192303319460727303195559844849117167970588759054009995043" - "0587724584911968750902323279027363746682105257685923245298206183100977078603" - "1785669030271542286603956118755585683996118896215213488875253101894663403069" - "6777459483058938495054342017637452328957807119724320113448575216910178963168" - "6140320644942133224365885545343578400651720289418164056243357539082138421096" - "0117518650374602256601091379644034244332285065935413233557998331562749140202" - "9658442193362989700115138825649355387042894469683222814519074873620465114612" - "2132979989735099337056069750580968643878203623537213701573130477907243026098" - "6460269894522159103008260495503005267165927542949439526272736586626709581721" - "0321895327263896436255906801057848442461527026701693042037830722750891947548" - "89511973916207" + "1zsV6XgY57R/hu2RR4H/BjwRqmQL9h+Dc5rgoWOcqiTS8qpVTWafi1KFV77V" + "rUcjcer1EDgCV0tpzlemtyrC2pHpw7hr3EEl2evfWOvg05FRI6mKc2UPNv2c" + "2Bjww4LD/tdsLleX7AHHXCXFSSyd6C3qWq7BqABZriSpQeaEtXbWfeC6ytFe" + "2i3VeQsLa40XQ21UxwhPAjamjSOfYzkW7xi0fwI1e+4OQiFcWOfOuvswoaEf" + "MIICyAmVp67vjGo66dk81dMemyplipgXAWPdl7ppnDd6cEjyN4N90D7kQiNg" + "lVmJlKLecldOUtdIqMnbJCbiN/t/3/AEFaokGO9om5ckc6M9gG5PG0T7Oh1N" + "dSx/PstGdxwvs9DOwjyo5wl5C9QSLtUYJl2+GZYMj6WfsgCrb6jjRJJJQe2C" + "y7wUcBILbRsP3lYT8s14zm4xFBrfMUoLN287j3wQ1TNUXjYSCi4ZLKT1XDai" + "93345OiutLOqGGikFg6ypnymJK3yeHuul" }, #endif #ifdef DH4096 @@ -131,23 +111,18 @@ static const struct { 512, "DH-4096", "3", - "1214855636816562637502584060163403830270705000634713483015101384881871978446" - "8012247985361554068958233050354675916325310675478909486951171720769542207270" - "7568804875102242119871203284889005635784597424656074834791863005085393369779" - "2254955890439720297560693579400297062396904306270145886830719309296352765295" - "7121830407731464190228751653827780070401099576097395898755908857011261979060" - "6362013395489321661267883850754077713843779770560245371955901763398648664952" - "3611975865005712371194067612263330335590526176087004421363598470302731349138" - "7732059014477046821815179040647356365184624522427916765417252923789255682968" - "5801015185232631677751193503753101741391050692192245066693320227848902452126" - "3798482237150056835746454842662048692127173834433089016107854491097456725016" - "3277096631997382384421648431471327891537255132571679155551620949708535844479" - "9312548860769600816980737473671129700747381225627224548940589847029717873802" - "9484459690836250560495461579533254473316340608217876781986188705928270735695" - "7528308255279638383554197625162460286802809880204019145518254873499903069763" - "0409310938445143881325121105159739212749146489879740678917545306796007200859" - "0614886532333015881171367104445044718144312416815712216611576221546455968770" - "801413440778423979" + "Id8ukxZdao3hS0NGTKAXdt3c8PpiyigIyBY8lwOHjM2cqkaZgwvr1pA6OowS" + "32kJkeOqKB8gNTZZZVqOFkPXgvC4WveUgA5a7rhTj28pDidNROmMO70CCcSw" + "aHI3GLFuEMz3JJyvQKGaGwpV3C9gS70dFWTxEfNRzdYEdvIic8/SXI79VgNP" + "LGR68nzd4qxCgaLpVBnWsanRp7mfEj52S/7Kxjs14lrbAOMjCuHgN4F6THWh" + "PNhG0VXfFFIwAMW2unrfpdo+gQHNclqCf2N1FALpABzvUesgs3wIP+QTMqms" + "os/AkuulG7MusbeFl3SoCtaoW12CF038ZbqW+e+DKI1zObhtsLanvaiZm/N4" + "BsJirW7avcWNQYm1oYjZ2bR/jYqfoJ0CLXLO/vqHb8J9a5VE9nz7cqMD3/MH" + "k/g7BapsOtKuol6ipbUvxQPtf4KCwqQQ40JeqgS6amivI/aLu05S7bAxKOwE" + "Yu8YxjN6lXm3co5Wy+BmNSuRlzKhxICyHEqMfKwUtm48XHzHuPaGQzHgkn6H" + "3A+FQjQGLHewADYlbfdTF3sHYyc5k9h/9cYVkbmv7bQze53CJGr3T1hZYbN6" + "+fuz0SPnfjiKu+bWD+8RYtZpLs2+f32huMz3OqoryGfULxC2aEjL2rdBn+ZR" + "PT0+ZAUyLSAVHbsul++cawh" }, #endif { @@ -180,9 +155,8 @@ int dh_test(void) #if 0 printf("dh_test():testing size %d-bits\n", sets[x].size * 8); #endif - /* see if g^((p-1)/2) == 1 mod p. */ - if (mp_read_radix(&g, sets[x].base, 10) != MP_OKAY) { goto error; } - if (mp_read_radix(&p, sets[x].prime, 10) != MP_OKAY) { goto error; } + if (mp_read_radix(&g, sets[x].base, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&p, sets[x].prime, 64) != MP_OKAY) { goto error; } /* ensure p is prime */ if ((res = is_prime(&p, &primality)) != CRYPT_OK) { goto done; } @@ -276,18 +250,21 @@ int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key) if (mp_init_multi(&g, &p, &key->x, &key->y, NULL) != MP_OKAY) { return CRYPT_MEM; } - if (mp_read_radix(&g, sets[x].base, 10) != MP_OKAY) { goto error2; } - if (mp_read_radix(&p, sets[x].prime, 10) != MP_OKAY) { goto error2; } + if (mp_read_radix(&g, sets[key->idx].base, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&p, sets[key->idx].prime, 64) != MP_OKAY) { goto error; } /* load the x value */ mp_read_raw(&key->x, buf, keysize+1); - if (mp_exptmod(&g, &key->x, &p, &key->y) != MP_OKAY) { goto error2; } + if (mp_exptmod(&g, &key->x, &p, &key->y) != MP_OKAY) { goto error; } key->type = PK_PRIVATE; + + if (mp_shrink(&key->x) != MP_OKAY) { goto error; } + if (mp_shrink(&key->y) != MP_OKAY) { goto error; } /* free up ram */ res = CRYPT_OK; goto done2; -error2: +error: res = CRYPT_MEM; mp_clear_multi(&key->x, &key->y, NULL); done2: @@ -304,10 +281,10 @@ void dh_free(dh_key *key) #define OUTPUT_BIGNUM(num, buf2, y, z) \ { \ - z = mp_raw_size(num); \ + z = mp_unsigned_bin_size(num); \ STORE32L(z, buf2+y); \ y += 4; \ - mp_toraw(num, buf2+y); \ + mp_to_unsigned_bin(num, buf2+y); \ y += z; \ } @@ -329,11 +306,15 @@ void dh_free(dh_key *key) } \ \ /* load it */ \ - if (mp_read_raw(num, (unsigned char *)in+y, x) != MP_OKAY) {\ - errno = CRYPT_MEM; \ + if (mp_read_unsigned_bin(num, (unsigned char *)in+y, x) != MP_OKAY) {\ + errno = CRYPT_MEM; \ goto error; \ } \ y += x; \ + if (mp_shrink(num) != MP_OKAY) { \ + errno = CRYPT_MEM; \ + goto error; \ + } \ } @@ -374,14 +355,16 @@ int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key) } /* store header */ - packet_store_header(buf2, PACKET_SECT_DH, PACKET_SUB_KEY, y); + packet_store_header(buf2, PACKET_SECT_DH, PACKET_SUB_KEY); /* output it */ *outlen = y; memcpy(out, buf2, y); /* clear mem */ +#ifdef CLEAN_STACK zeromem(buf2, sizeof(buf2)); +#endif return CRYPT_OK; } @@ -436,6 +419,12 @@ int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key) if (key->type == PK_PRIVATE) { INPUT_BIGNUM(&key->x, in, x, y); } + + /* eliminate private key if public */ + if (key->type == PK_PUBLIC) { + mp_clear(&key->x); + } + return CRYPT_OK; error: mp_clear_multi(&key->y, &key->x, NULL); @@ -469,7 +458,7 @@ int dh_shared_secret(dh_key *private_key, dh_key *public_key, return CRYPT_MEM; } - if (mp_read_radix(&p, sets[private_key->idx].prime, 10) != MP_OKAY) { goto error; } + if (mp_read_radix(&p, sets[private_key->idx].prime, 64) != MP_OKAY) { goto error; } if (mp_exptmod(&public_key->y, &private_key->x, &p, &tmp) != MP_OKAY) { goto error; } /* enough space for output? */ diff --git a/dh_sys.c b/dh_sys.c index ad94896..ff73f45 100644 --- a/dh_sys.c +++ b/dh_sys.c @@ -80,7 +80,7 @@ int dh_encrypt_key(const unsigned char *inkey, unsigned long keylen, } /* store header */ - packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_ENC_KEY, y); + packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_ENC_KEY); #ifdef CLEAN_STACK /* clean up */ @@ -93,8 +93,9 @@ int dh_encrypt_key(const unsigned char *inkey, unsigned long keylen, return CRYPT_OK; } -int dh_decrypt_key(const unsigned char *in, unsigned char *outkey, - unsigned long *keylen, dh_key *key) +int dh_decrypt_key(const unsigned char *in, unsigned long inlen, + unsigned char *outkey, unsigned long *keylen, + dh_key *key) { unsigned char shared_secret[1536], skey[MAXBLOCKSIZE]; unsigned long x, y, z, res, hashsize, keysize; @@ -111,6 +112,13 @@ int dh_decrypt_key(const unsigned char *in, unsigned char *outkey, return CRYPT_PK_NOT_PRIVATE; } + /* check if initial header should fit */ + if (inlen < PACKET_SIZE+1+4+4) { + return CRYPT_INVALID_PACKET; + } else { + inlen -= PACKET_SIZE+1+4+4; + } + /* is header correct? */ if ((errno = packet_valid_header((unsigned char *)in, PACKET_SECT_DH, PACKET_SUB_ENC_KEY)) != CRYPT_OK) { return errno; @@ -128,6 +136,14 @@ int dh_decrypt_key(const unsigned char *in, unsigned char *outkey, /* get public key */ LOAD32L(x, in+y); + + /* now check if the imported key will fit */ + if (inlen < x) { + return CRYPT_INVALID_PACKET; + } else { + inlen -= x; + } + y += 4; if ((errno = dh_import(in+y, x, &pubkey)) != CRYPT_OK) { return errno; @@ -149,6 +165,14 @@ int dh_decrypt_key(const unsigned char *in, unsigned char *outkey, /* load in the encrypted key */ LOAD32L(keysize, in+y); + + /* will the outkey fit as part of the input */ + if (inlen < keysize) { + return CRYPT_INVALID_PACKET; + } else { + inlen -= keysize; + } + if (keysize > *keylen) { res = CRYPT_BUFFER_OVERFLOW; goto done; @@ -223,8 +247,8 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen, if (mp_read_raw(&k, buf, sets[key->idx].size) != MP_OKAY) { goto error; } /* load g, p and p1 */ - if (mp_read_radix(&g, sets[key->idx].base, 10) != MP_OKAY) { goto error; } - if (mp_read_radix(&p, sets[key->idx].prime, 10) != MP_OKAY) { goto error; } + if (mp_read_radix(&g, sets[key->idx].base, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&p, sets[key->idx].prime, 64) != MP_OKAY) { goto error; } if (mp_sub_d(&p, 1, &p1) != MP_OKAY) { goto error; } if (mp_div_2(&p1, &p1) != MP_OKAY) { goto error; } /* p1 = (p-1)/2 */ @@ -256,7 +280,7 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen, } /* store header */ - packet_store_header(buf, PACKET_SECT_DH, PACKET_SUB_SIGNED, y); + packet_store_header(buf, PACKET_SECT_DH, PACKET_SUB_SIGNED); /* store it */ memcpy(out, buf, y); @@ -275,9 +299,9 @@ done: return res; } -int dh_verify_hash(const unsigned char *sig, const unsigned char *hash, - unsigned long inlen, int *stat, - dh_key *key) +int dh_verify_hash(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long hashlen, + int *stat, dh_key *key) { mp_int a, b, p, g, m, tmp; unsigned char md[MAXBLOCKSIZE]; @@ -292,17 +316,24 @@ int dh_verify_hash(const unsigned char *sig, const unsigned char *hash, /* default to invalid */ *stat = 0; + /* check initial input length */ + if (siglen < PACKET_SIZE+4+4) { + return CRYPT_INVALID_PACKET; + } else { + siglen -= PACKET_SIZE + 4 + 4; + } + /* header ok? */ if ((errno = packet_valid_header((unsigned char *)sig, PACKET_SECT_DH, PACKET_SUB_SIGNED)) != CRYPT_OK) { return errno; } - + /* get hash out of packet */ y = PACKET_SIZE; /* hash the message */ md[0] = 0; - memcpy(md+1, hash, MIN(sizeof(md) - 1, inlen)); + memcpy(md+1, hash, MIN(sizeof(md) - 1, hashlen)); /* init all bignums */ if (mp_init_multi(&a, &p, &b, &g, &m, &tmp, NULL) != MP_OKAY) { @@ -311,21 +342,32 @@ int dh_verify_hash(const unsigned char *sig, const unsigned char *hash, /* load a and b */ LOAD32L(x, sig+y); + if (siglen < x) { + return CRYPT_INVALID_PACKET; + } else { + siglen -= x; + } + y += 4; if (mp_read_raw(&a, (unsigned char *)sig+y, x) != MP_OKAY) { goto error; } y += x; LOAD32L(x, sig+y); + if (siglen < x) { + return CRYPT_INVALID_PACKET; + } else { + siglen -= x; + } y += 4; if (mp_read_raw(&b, (unsigned char *)sig+y, x) != MP_OKAY) { goto error; } y += x; /* load p and g */ - if (mp_read_radix(&p, sets[key->idx].prime, 10) != MP_OKAY) { goto error; } - if (mp_read_radix(&g, sets[key->idx].base, 10) != MP_OKAY) { goto error; } + if (mp_read_radix(&p, sets[key->idx].prime, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&g, sets[key->idx].base, 64) != MP_OKAY) { goto error; } /* load m */ - if (mp_read_raw(&m, md, 1+MIN(sizeof(md)-1, inlen)) != MP_OKAY) { goto error; } + if (mp_read_raw(&m, md, 1+MIN(sizeof(md)-1, hashlen)) != MP_OKAY) { goto error; } /* find g^m mod p */ if (mp_exptmod(&g, &m, &p, &m) != MP_OKAY) { goto error; } /* m = g^m mod p */ diff --git a/dsa.c b/dsa.c new file mode 100644 index 0000000..fce0b8b --- /dev/null +++ b/dsa.c @@ -0,0 +1,398 @@ +/* Implementation of the Digital Signature Algorithm (DSA) by Tom St Denis */ +#ifdef MDSA + +#include + +static const struct { + int size, osize; + char *order, + *prime, + *base; +} sets[] = { +#ifdef DSA1024 +{ + 1024, 160, + + "PE6GbKzFwpeAAMtC3PUsqsRQMWl", + + "PyhJv87GTec3fBvC8BQT4yQ8gSYB8rk6DfLRfeirnZsQaQBVwh8PZ7V1hKfD" + "SGGUgr1cAb3YrnZw97HvyaKmypY2dM19OxeNWNI4f6IyYwj/mcAiJpkjxMmZ" + "mYVrTbGxBG8OaKBD9vFd9/Jif8djJ18GnaRsdRoCBDec+W++x6D", + + "3uYLnHhrVRR6hATv30lj/XX5AecEE2tJVgtWcHkbwKuR3WEqqvP8xBUG70Ve" + "p6kUchz/E/kZaGIJ0mrqme6bNDIxoNqtshyDfska/Zfm/QHuDZWljVGbPx68" + "eSBw1vzkRKFCmR8QgpT+R887JufEgQRRIQOuLK8c1ND61efJH2t" +}, +#endif +#ifdef DSA2048 +{ + 2048, 256, + + "TZLgPgD7D46uoATLyNSgKsgh6LglcVDwlPFvT6dcOdN", + + "EUlAFvO8lXjhXn/6BobNq4bo0st12+zwgpshNJgoUap/LFCQcGeVGt/s/ocD" + "M+4v+bU3dNKjFJEYzb+sxmy5dbzQsa15+Ud4v1UJ/7D4p0IyA+h9aeU9i/C9" + "tJQC824mQhmL5cxx7SbQPMD/2+P04hLyeDOir1L1vmvE1tWZg43Jbza2LTQJ" + "52wi/Sguai3vFZVMObEPBfbXzg9b8pH1i75Q1os9w0LtfJ4pYQJD3Xn66jYF" + "mpLVqK4yuMXOOq07bkM5Nx+jQvFpGuRiD5e4a2FB1NjXbCGMtRxu6eurPAIY" + "F5dw3QWXkZm74SFmLTi0GW+3pipDWiBSUu9pUpp6rr", + + "79PG50FKgZgffOnFiUuuZLhWicqFZ6EwvWXQi7uBmvMQUoXNEBschAhRtLQE" + "ev5iHrR2g41rEEundwwFTbRdyq2txBS2bClkFjGlojPwayWvXLAaDltfkhws" + "TjS/gNKch4qD1nPu+Kd1RmjWp1B1JzBXnlcj/z5qMaF8oL4bk9qGGEmaeOLs" + "90vW0Z/7QWBC8h+65SohFBmydUWwXhs4rAa7NwHbPltnXdF6kZHpQOtT5h+4" + "hYA83eYzdeOl5rYrFDiyJ+nfOptgLiLIHB9L0wkOhFrb52+S7qKpgYe1+oof" + "K1/Rd4D8fL5qvGyXWz1dB8W2iqAXeXKlkWZrvHQdMM" +}, +#endif +#ifdef DSA4096 +{ + 4096, 512, + + "4GO4hUY+2MqiwNBYFx/JqRejRKXXJfcaY7mIBYksn2Dwn6JQZp9Qpg3bbnOJ" + "kt5ZqH2dtEjbV9B/AXF51jOkW/", + + "Jddrq1iN+f03IKVqcDSOz7IquBVxzb34Cwzmc7rHpIOW3DqW7IjMz47ETtWu" + "KvG3JxFdYaiv69lAE+X38DEqQSTE8Ba9jfNYs9PYeH4RfsT5op/u3r41anRW" + "jJTHMhnvwwQ0eQrZ+9d7LQePnQSUs3eXb8ZdNsh8/h30b3gIMk+08bZoJejF" + "6Y2vMtMQUHmmoM/+IlrMz7TZ4tu0jkYWBp1y74WLGemXkYvU6pqH8dTQX1MM" + "oG93eBKQ87jHbtBJ+L6EbcqO/jVa6lwUivEbBs9UtKf4lC0pe3SZqfFhrJde" + "2b5LfbPBLk2pNdC5MJCsIVz7TUL28SWYwx7Nx7ybxtKd76L8kgbLfoOYiJRx" + "WIFGRE40Q9/0zuqzz6D1WHKQE4wg5oy6WQeO3Q5BN1UC6O4EUSkD7mC3KmWA" + "MgxNDZYMA+BSCTirVL2eS90WCA4LkTsHhoLgafwZT5xanUKGY/cZix29sy21" + "J1Ut4cbPFjxg76OVu9obONitMLg+63dz3Ho8LMhXaKN43yl5Kc4PxeUCQWVU" + "gHXg8RSldQMOvhwohHFibiMUrRkkCs2//Ts6hVdS3cEFgfYhpnzeEiGBCuat" + "ZZYpaWKZlmrlcUYH7Rg9SyHH1h4DLrki5ySIjGxozT6JhIrMme8uQcN9YOiq" + "GwRhjR3AM1QiOUfolENTYCn", + + "3VIJLic34uyamh2TbNHEjECeH289m938S2wvHYe/3xPNiCjVhBxl6RAgom+Q" + "3X7+r8EII4QQKXXdqR3Ad/nXzJkgMUJVvt5d5lIwwKM7+ffbLmhJWldO0Jkc" + "7oZQr7t81khBUG4wgPVZO8OwjB66v9npPCcBLNLO6DAWE82CM8YfPJzQt0tr" + "JSHwcgixvkFft25SdI0V9zg2H6sj2Q/yAYUEAPzyDfQVvLzqEN2tmIhturnR" + "wUW4WLy8PSls/tt5eWjdI++ofdGHNJmKaZjHgym52GhNQmWZYWzK/hcllWtC" + "U8vCw7GY3nE4uF74YuTYC6LGx7wXS5ivj531KTPe4EarZ4j+aVw9ZJhfy/h+" + "K0esj9ALQP9jSz3OMDKeYaJKjj/scC5NrPdSjeJf7EvlVf41ufZHNGrFVmVW" + "kqaEuNZr+SmC6/2buPEmL4UO94H1z4QItK+rHqNWEQP6ptST0lcFwHO4uESR" + "qp8scA2/Fh+G0TfJ/rg8wImqbWsgrUwGnmDmKtFLRiX4aMPIsyFIsJvPQECT" + "EIR6yd6QIRVGZbCRiVsCqMrHsn0KZWSeKdtW9TRt/yNu+VKcgRZFfU991Nab" + "OBxkAS1kw9kyj/HZYxPG4NrqL0j5bnb1VjqQZKEEQMSBAyMMfDuMyWhrmsxV" + "ffmF/sYGxFHCbacGeu06C3U" +}, +#endif +{ + 0, 0, + NULL, + NULL, + NULL +} +}; + +int dsa_test(void) +{ + mp_int q, p, g, t; + int errno, i, res, primality; + + /* init memory */ + if (mp_init_multi(&q, &p, &g, &t, NULL) != MP_OKAY) { + return CRYPT_MEM; + } + + res = CRYPT_MEM; + for (i = 0; i < sets[i].size; i++) { + #if 0 + printf("Testing size: %d\n", sets[i].size); + #endif + /* read in order, prime, generator */ + if (mp_read_radix(&q, sets[i].order, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&p, sets[i].prime, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&g, sets[i].base, 64) != MP_OKAY) { goto error; } + + /* now see if the order and modulus are prime */ + if ((errno = is_prime(&q, &primality)) != CRYPT_OK) { + res = errno; + goto error; + } + if (primality == 0) { + res = CRYPT_FAIL_TESTVECTOR; + goto error; + } + + if ((errno = is_prime(&p, &primality)) != CRYPT_OK) { + res = errno; + goto error; + } + if (primality == 0) { + res = CRYPT_FAIL_TESTVECTOR; + goto error; + } + + /* now see what g^q mod p is (should be 1) */ + if (mp_exptmod(&g, &q, &p, &t) != MP_OKAY) { goto error; } + if (mp_cmp_d(&t, 1)) { + res = CRYPT_FAIL_TESTVECTOR; + goto error; + } + } + res = CRYPT_OK; +error: + mp_clear_multi(&t, &g, &p, &q, NULL); + return res; +} + +int dsa_make_key(prng_state *prng, int wprng, int keysize, dsa_key *key) +{ + mp_int g, p, q; + unsigned char buf[64]; + int errno, idx, x; + + _ARGCHK(prng != NULL); + _ARGCHK(key != NULL); + + /* good prng? */ + if ((errno = prng_is_valid(wprng)) != CRYPT_OK) { + return errno; + } + + /* find key size */ + for (x = 0; (keysize > sets[x].size) && (sets[x].size); x++); + if (sets[x].size == 0) { + return CRYPT_INVALID_KEYSIZE; + } + key->idx = x; + keysize = sets[x].osize; + + /* read prng */ + if (prng_descriptor[wprng].read(buf, keysize, prng) != (unsigned long)keysize) { + return CRYPT_ERROR_READPRNG; + } + + /* init parameters */ + if (mp_init_multi(&g, &p, &q, &key->x, &key->y, NULL) != MP_OKAY) { + return CRYPT_MEM; + } + if (mp_read_radix(&q, sets[x].order, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&g, sets[x].base, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&p, sets[x].prime, 64) != MP_OKAY) { goto error; } + + /* load exponent */ + if (mp_read_unsigned_bin(&key->x, buf, keysize) != MP_OKAY) { goto error; } + if (mp_mod(&key->x, &q, &key->x) != MP_OKAY) { goto error; } + + /* calc public key */ + if (mp_exptmod(&g, &key->x, &p, &key->y) != MP_OKAY) { goto error; } + key->type = PK_PRIVATE; + + /* shrink values */ + if (mp_shrink(&key->x) != MP_OKAY) { goto error; } + if (mp_shrink(&key->y) != MP_OKAY) { goto error; } + + /* free temps */ + mp_clear_multi(&g, &q, &p, NULL); +#ifdef CLEAN_STACK + zeromem(buf, sizeof(buf)); +#endif + + return CRYPT_OK; +error: + mp_clear_multi(&g, &q, &p, &key->x, &key->y, NULL); + return CRYPT_MEM; +} + +void dsa_free(dsa_key *key) +{ + _ARGCHK(key != NULL); + mp_clear_multi(&key->x, &key->y, NULL); +} + +static int is_valid_idx(int n) +{ + int x; + + for (x = 0; sets[x].size; x++); + if ((n < 0) || (n >= x)) { + return 0; + } + return 1; +} + +int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key) +{ + unsigned char buf[4096]; + unsigned long x, y; + + _ARGCHK(out != NULL); + _ARGCHK(outlen != NULL); + _ARGCHK(key != NULL); + + if (is_valid_idx(key->idx) == 0) { + return CRYPT_PK_INVALID_TYPE; + } + + if (type == PK_PRIVATE && key->type != PK_PRIVATE) { + return CRYPT_PK_NOT_PRIVATE; + } + + y = PACKET_SIZE; + + buf[y++] = type; + buf[y++] = sets[key->idx].osize/8; + + x = mp_unsigned_bin_size(&key->y); + STORE32L(x, &buf[y]); + y += 4; + mp_to_unsigned_bin(&key->y, &buf[y]); + y += x; + + if (type == PK_PRIVATE) { + x = mp_unsigned_bin_size(&key->x); + STORE32L(x, &buf[y]); + y += 4; + mp_to_unsigned_bin(&key->x, &buf[y]); + y += x; + } + + /* check for overflow */ + if (*outlen < y) { + #ifdef CLEAN_STACK + zeromem(buf, sizeof(buf)); + #endif + return CRYPT_BUFFER_OVERFLOW; + } + + /* store header */ + packet_store_header(buf, PACKET_SECT_DSA, PACKET_SUB_KEY); + + /* output it */ + *outlen = y; + memcpy(out, buf, y); + + /* clear mem */ +#ifdef CLEAN_STACK + zeromem(buf, sizeof(buf)); +#endif + return CRYPT_OK; +} + +#define INPUT_BIGNUM(num, in, x, y) \ +{ \ + /* load value */ \ + if (y + 4 > inlen) { \ + errno = CRYPT_INVALID_PACKET; \ + goto error; \ + } \ + LOAD32L(x, in+y); \ + y += 4; \ + \ + /* sanity check... */ \ + if (x+y > inlen) { \ + errno = CRYPT_INVALID_PACKET; \ + goto error; \ + } \ + \ + /* load it */ \ + if (mp_read_unsigned_bin(num, (unsigned char *)in+y, x) != MP_OKAY) {\ + errno = CRYPT_MEM; \ + goto error; \ + } \ + y += x; \ + if (mp_shrink(num) != MP_OKAY) { \ + errno = CRYPT_MEM; \ + goto error; \ + } \ +} + +int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) +{ + unsigned long x, y, s; + int errno; + + _ARGCHK(in != NULL); + _ARGCHK(key != NULL); + + /* check type byte */ + if ((errno = packet_valid_header((unsigned char *)in, PACKET_SECT_DSA, PACKET_SUB_KEY)) != CRYPT_OK) { + return errno; + } + + if (2+PACKET_SIZE > inlen) { + return CRYPT_INVALID_PACKET; + } + + + /* init */ + if (mp_init_multi(&key->x, &key->y, NULL) != MP_OKAY) { + return CRYPT_MEM; + } + + y = PACKET_SIZE; + key->type = in[y++]; + s = (long)in[y++] * 8; + + for (x = 0; (s > (unsigned long)sets[x].osize) && (sets[x].osize); x++); + if (sets[x].osize == 0) { + errno = CRYPT_INVALID_KEYSIZE; + goto error; + } + key->idx = x; + + /* type check both values */ + if ((key->type != PK_PUBLIC) && (key->type != PK_PRIVATE)) { + errno = CRYPT_PK_TYPE_MISMATCH; + goto error; + } + + /* is the key idx valid? */ + if (!is_valid_idx(key->idx)) { + errno = CRYPT_PK_TYPE_MISMATCH; + goto error; + } + + /* load public value g^x mod p*/ + INPUT_BIGNUM(&key->y, in, x, y); + + if (key->type == PK_PRIVATE) { + INPUT_BIGNUM(&key->x, in, x, y); + } + + /* eliminate private key if public */ + if (key->type == PK_PUBLIC) { + mp_clear(&key->x); + } + + return CRYPT_OK; +error: + mp_clear_multi(&key->y, &key->x, NULL); + return errno; +} + + + +int dsa_sign_hash(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + prng_state *prng, int wprng, dsa_key *key) +{ + mp_int g, q, p, k, tmp; + unsigned char buf[4096]; + int x, y, errno; + + _ARGCHK(in != NULL); + _ARGCHK(out != NULL); + _ARGCHK(outlen != NULL); + _ARGCHK(prng != NULL); + _ARGCHK(key != NULL); + + if ((errno = prng_is_valid(wprng)) != CRYPT_OK) { + return errno; + } + + if (is_valid_idx(key->idx) == 0) { + return CRYPT_PK_INVALID_TYPE; + } + +return 0; +} + + + +#endif /* MDSA */ + diff --git a/ecc.c b/ecc.c index 2cde908..8b50504 100644 --- a/ecc.c +++ b/ecc.c @@ -18,15 +18,15 @@ static const struct { 20, "ECC-160", /* prime */ - "1461501637330902918203684832716283019655932542983", + "G00000000000000000000000007", /* B */ - "1C9E7C2E5891CBE097BD46", + "1oUV2vOaSlWbxr6", /* order */ - "1461501637330902918203686297565868358251373258181", + "G0000000000004sCQUtDxaqDUN5", /* Gx */ - "2DCF462904B478D868A7FF3F2BF1FCD9", + "jpqOf1BHus6Yd/pyhyVpP", /* Gy */ - "DFFAF2EE3848FA75FB967CEC7B9A399E085ACED8", + "D/wykuuIFfr+vPyx7kQEPu8MixO", }, #endif #ifdef ECC192 @@ -34,19 +34,19 @@ static const struct { 24, "ECC-192", /* prime */ - "6277101735386680763835789423207666416083908700390324961279", + "/////////////////////l//////////", /* B */ - "64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", + "P2456UMSWESFf+chSYGmIVwutkp1Hhcn", /* order */ - "6277101735386680763835789423176059013767194773182842284081", + "////////////////cTxuDXHhoR6qqYWn", /* Gx */ - "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", + "68se3h0maFPylo3hGw680FJ/2ls2/n0I", /* Gy */ - "07192b95ffc8da78631011ed6b24cdd573f977a11e794811" + "1nahbV/8sdXZ417jQoJDrNFvTw4UUKWH" }, #endif #ifdef ECC224 @@ -55,19 +55,19 @@ static const struct { "ECC-224", /* prime */ - "26959946667150639794667015087019630673637144422540572481103610249951", + "400000000000000000000000000000000000BV", /* B */ - "2051BA041508CED34B3", + "21HkWGL2CxJIp", /* order */ - "26959946667150639794667015087019637467111563745054605861463538557247", + "4000000000000000000Kxnixk9t8MLzMiV264/", /* Gx */ - "2DCF462904B478D868A7FF3F2BF1FCD9", + "jpqOf1BHus6Yd/pyhyVpP", /* Gy */ - "CF337F320BC44A15C3EDB8C4258BB958E57A0CAFA73EB46E9C4BA9AE", + "3FCtyo2yHA5SFjkCGbYxbOvNeChwS+j6wSIwck", }, #endif #ifdef ECC256 @@ -75,19 +75,19 @@ static const struct { 32, "ECC-256", /* Prime */ - "115792089210356248762697446949407573530086143415290314195533631308867097853951", + "F////y000010000000000000000////////////////", /* B */ - "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", + "5h6DTYgEfFdi+kzLNQOXhnb7GQmp5EmzZlEF3udqc1B", /* Order */ - "115792089210356248762697446949407573529996955224135760342422259061068512044369", + "F////y00000//////////+yvlgjfnUUXFEvoiByOoLH", /* Gx */ - "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", + "6iNqVBXB497+BpcvMEaGF9t0ts1BUipeFIXEKNOcCAM", /* Gy */ - "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" + "4/ZGkB+6d+RZkVhIdmFdXOhpZDNQp5UpiksG6Wtlr7r" }, #endif #ifdef ECC384 @@ -95,22 +95,23 @@ static const struct { 48, "ECC-384", /* prime */ - "394020061963944792122790401001436138050797392704654466679482934042457217714968" - "70329047266088258938001861606973112319", - + "//////////////////////////////////////////x/////00000000003/" + "////", + /* B */ - "b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed1" - "9d2a85c8edd3ec2aef", - + "ip4lf+8+v+IOZWLhu/Wj6HWTd6x+WK4I0nG8Zr0JXrh6LZcDYYxHdIg5oEtJ" + "x2hl", + /* Order */ - "394020061963944792122790401001436138050797392704654466679469052796276593991132" - "63569398956308152294913554433653942643", + "////////////////////////////////nsDDWVGtBTzO6WsoIB2dUkpi6MhC" + "nIbp", /* Gx and Gy */ - "aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf5529" - "6c3a545e3872760ab7", - "3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e81" - "9d7a431d7c90ea0e5f" + "geVA8hwB1JUEiSSUyo2jT6uTEsABfvkOMVT1u89KAZXL0l9TlrKfR3fKNZXo" + "TWgt", + + "DXVUIfOcB6zTdfY/afBSAVZq7RqecXHywTen4xNmkC0AOB7E7Nw1dNf37NoG" + "wWvV" }, #endif #ifdef ECC521 @@ -118,22 +119,23 @@ static const struct { 65, "ECC-521", /* prime */ - "686479766013060971498190079908139321726943530014330540939446345918554318339765" - "6052122559640661454554977296311391480858037121987999716643812574028291115057151", + "V///////////////////////////////////////////////////////////" + "///////////////////////////", /* B */ - "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7" - "e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00", + "56LFhbXZXoQ7vAQ8Q2sXK3kejfoMvcp5VEuj8cHZl49uLOPEL7iVfDx5bB0l" + "JknlmSrSz+8FImqyUz57zHhK3y0", /* Order */ - "686479766013060971498190079908139321726943530014330540939446345918554318339765" - "5394245057746333217197532963996371363321113864768612440380340372808892707005449", + "V//////////////////////////////////////////+b66XuE/BvPhVym1I" + "FS9fT0xjScuYPn7hhjljnwHE6G9", /* Gx and Gy */ - "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe7" - "5928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", - "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef" - "42640c550b9013fad0761353c7086a272c24088be94769fd16650", + "CQ5ZWQt10JfpPu+osOZbRH2d6I1EGK/jI7uAAzWQqqzkg5BNdVlvrae/Xt19" + "wB/gDupIBF1XMf2c/b+VZ72vRrc", + + "HWvAMfucZl015oANxGiVHlPcFL4ILURH6WNhxqN9pvcB9VkSfbUz2P0nL2v0" + "J+j1s4rF726edB2G8Y+b7QVqMPG", }, #endif { @@ -251,7 +253,7 @@ static int dbl_point(ecc_point *P, ecc_point *R, mp_int *modulus) /* s = (3Xp^2 + a) / (2Yp) */ if (mp_mul_2(&P->y, &tmp) != MP_OKAY) { goto error; } /* tmp = 2*y */ if (mp_invmod(&tmp, modulus, &tmp) != MP_OKAY) { goto error; } /* tmp = 1/tmp mod modulus */ - if (mp_sqr(&P->x, &s) != MP_OKAY) { goto error; } /* s = x^2 */ + if (mp_sqr(&P->x, &s) != MP_OKAY) { goto error; } /* s = x^2 */ if (mp_mul_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) */ if (mp_sub_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) - 3 */ if (mp_mulmod(&s, &tmp, modulus, &s) != MP_OKAY) { goto error; } /* s = tmp * s mod modulus */ @@ -329,59 +331,103 @@ done: /* perform R = kG where k == integer and G == ecc_point */ static int ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus, int idx) { - ecc_point *tG; - int i, j, z, first, res; + ecc_point *tG, *M[14]; + int i, j, m, z, first, res; mp_digit d; unsigned char bits[768]; + /* init M tab */ + for (i = 0; i < 14; i++) { + M[i] = new_point(); + if (M[i] == NULL) { + for (j = 0; j < i; j++) { + del_point(M[j]); + } + return CRYPT_MEM; + } + } + /* get bits of k */ + first = m = 0; for (z = i = 0; z < (int)USED(k); z++) { d = DIGIT(k, z); - -#define DO1 bits[i++] = d&1; d >>= 1; -#define DO2 DO1 DO1 -#define DO4 DO2 DO2 - - DO4; DO4; DO4; DO4 - -#undef DO4 -#undef DO2 -#undef DO1 + for (j = 0; j < (int)MP_DIGIT_BIT; j++) { + first |= (d&1)<<(m++); + if (m == 4) { + bits[i++] = first; + first = m = 0; + } + d >>= 1; + } + } + + /* residue of multiplicand [if any] */ + if (m) { + bits[i++] = first; } /* make a copy of G incase R==G */ tG = new_point(); - if (tG == NULL) { - return CRYPT_MEM; - } + if (tG == NULL) { goto error; } + /* skip leading digits which are zero */ + --i; while (i && bits[i] == 0) { --i; } + + if (i == 0) { + res = CRYPT_INVALID_ARG; + goto done; + } + + /* now calc the M tab, note that there are only 14 spots, the normal M[0] is a no-op, and M[1] is the input + point (saves ram) + */ + + /* M[0] now is 2*G */ + if (dbl_point(G, M[0], modulus) != CRYPT_OK) { goto error; } + for (j = 1; j < 14; j++) { + if (add_point(M[j-1], G, M[j], modulus) != CRYPT_OK) { goto error; } + } + /* tG = G */ - if (mp_copy(&G->x, &tG->x) != MP_OKAY) { goto error; } - if (mp_copy(&G->y, &tG->y) != MP_OKAY) { goto error; } + if (mp_copy(&G->x, &tG->x) != MP_OKAY) { goto error; } + if (mp_copy(&G->y, &tG->y) != MP_OKAY) { goto error; } - /* set result to G, R = G */ - if (mp_copy(&G->x, &R->x) != MP_OKAY) { goto error; } - if (mp_copy(&G->y, &R->y) != MP_OKAY) { goto error; } - first = 0; - - /* now do dbl+add through all the bits */ - for (j = i-1; j >= 0; j--) { - if (first) { - if (dbl_point(R, R, modulus) != CRYPT_OK) { goto error; } + /* set result M[bits[i]] */ + if (bits[i] == 1) { + if (mp_copy(&G->x, &R->x) != MP_OKAY) { goto error; } + if (mp_copy(&G->y, &R->y) != MP_OKAY) { goto error; } + } else if (bits[i]>=2) { + if (mp_copy(&M[bits[i]-2]->x, &R->x) != MP_OKAY) { goto error; } + if (mp_copy(&M[bits[i]-2]->y, &R->y) != MP_OKAY) { goto error; } + } + + while (--i >= 0) { + /* double */ + for (j = 0; j < 4; j++) { + if (dbl_point(R, R, modulus) != CRYPT_OK) { goto error; } } - if (bits[j] == 1) { - if (first) { - if (add_point(R, tG, R, modulus) != CRYPT_OK) { goto error; } - } - first = 1; + + /* now based on the value of bits[i] we do ops */ + if (bits[i] == 0) { + /* nop */ + } else if (bits[i] == 1) { + /* add base point */ + if (add_point(R, tG, R, modulus) != CRYPT_OK) { goto error; } + } else { + /* other case */ + if (add_point(R, M[bits[i]-2], R, modulus) != CRYPT_OK) { goto error; } } } + res = CRYPT_OK; goto done; error: res = CRYPT_MEM; done: del_point(tG); + for (i = 0; i < 14; i++) { + del_point(M[i]); + } #ifdef CLEAN_STACK zeromem(bits, sizeof(bits)); #endif @@ -412,8 +458,11 @@ int ecc_test(void) } for (i = 0; sets[i].size; i++) { - if (mp_read_radix(&modulus, (unsigned char *)sets[i].prime, 10) != MP_OKAY) { goto error; } - if (mp_read_radix(&order, (unsigned char *)sets[i].order, 10) != MP_OKAY) { goto error; } + #if 0 + printf("Testing %d\n", sets[i].size); + #endif + if (mp_read_radix(&modulus, (unsigned char *)sets[i].prime, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&order, (unsigned char *)sets[i].order, 64) != MP_OKAY) { goto error; } /* is prime actually prime? */ if (is_prime(&modulus, &primality) != CRYPT_OK) { goto error; } @@ -429,8 +478,8 @@ int ecc_test(void) goto done1; } - if (mp_read_radix(&G->x, (unsigned char *)sets[i].Gx, 16) != MP_OKAY) { goto error; } - if (mp_read_radix(&G->y, (unsigned char *)sets[i].Gy, 16) != MP_OKAY) { goto error; } + if (mp_read_radix(&G->x, (unsigned char *)sets[i].Gx, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&G->y, (unsigned char *)sets[i].Gy, 64) != MP_OKAY) { goto error; } /* then we should have G == (order + 1)G */ if (mp_add_d(&order, 1, &order) != MP_OKAY) { goto error; } @@ -509,14 +558,19 @@ int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key) } /* read in the specs for this key */ - if (mp_read_radix(&prime, (unsigned char *)sets[x].prime, 10) != MP_OKAY) { goto error; } - if (mp_read_radix(&base->x, (unsigned char *)sets[x].Gx, 16) != MP_OKAY) { goto error; } - if (mp_read_radix(&base->y, (unsigned char *)sets[x].Gy, 16) != MP_OKAY) { goto error; } + if (mp_read_radix(&prime, (unsigned char *)sets[key->idx].prime, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&base->x, (unsigned char *)sets[key->idx].Gx, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&base->y, (unsigned char *)sets[key->idx].Gy, 64) != MP_OKAY) { goto error; } if (mp_read_raw(&key->k, (unsigned char *)buf, keysize+1) != MP_OKAY) { goto error; } /* make the public key */ if (ecc_mulmod(&key->k, base, &key->pubkey, &prime, x) != CRYPT_OK) { goto error; } key->type = PK_PRIVATE; + + /* shrink key */ + if (mp_shrink(&key->k) != MP_OKAY) { goto error; } + if (mp_shrink(&key->pubkey.x) != MP_OKAY) { goto error; } + if (mp_shrink(&key->pubkey.y) != MP_OKAY) { goto error; } /* free up ram */ res = CRYPT_OK; @@ -551,12 +605,12 @@ static int compress_y_point(ecc_point *pt, int idx, int *result) } /* get x^3 - 3x + b */ - if (mp_read_radix(&p, (unsigned char *)sets[idx].B, 16) != MP_OKAY) { goto error; } /* p = B */ + if (mp_read_radix(&p, (unsigned char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */ if (mp_expt_d(&pt->x, 3, &tmp) != MP_OKAY) { goto error; } /* tmp = pX^3 */ if (mp_mul_d(&pt->x, 3, &tmp2) != MP_OKAY) { goto error; } /* tmp2 = 3*pX^3 */ if (mp_sub(&tmp, &tmp2, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp - tmp2 */ if (mp_add(&tmp, &p, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp + p */ - if (mp_read_radix(&p, (unsigned char *)sets[idx].prime, 10) != MP_OKAY) { goto error; } /* p = prime */ + if (mp_read_radix(&p, (unsigned char *)sets[idx].prime, 64) != MP_OKAY) { goto error; } /* p = prime */ if (mp_mod(&tmp, &p, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp mod p */ /* now find square root */ @@ -593,12 +647,12 @@ static int expand_y_point(ecc_point *pt, int idx, int result) } /* get x^3 - 3x + b */ - if (mp_read_radix(&p, (unsigned char *)sets[idx].B, 16) != MP_OKAY) { goto error; } /* p = B */ + if (mp_read_radix(&p, (unsigned char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */ if (mp_expt_d(&pt->x, 3, &tmp) != MP_OKAY) { goto error; } /* tmp = pX^3 */ if (mp_mul_d(&pt->x, 3, &tmp2) != MP_OKAY) { goto error; } /* tmp2 = 3*pX^3 */ if (mp_sub(&tmp, &tmp2, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp - tmp2 */ if (mp_add(&tmp, &p, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp + p */ - if (mp_read_radix(&p, (unsigned char *)sets[idx].prime, 10) != MP_OKAY) { goto error; } /* p = prime */ + if (mp_read_radix(&p, (unsigned char *)sets[idx].prime, 64) != MP_OKAY) { goto error; } /* p = prime */ if (mp_mod(&tmp, &p, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp mod p */ /* now find square root */ @@ -625,10 +679,10 @@ done: #define OUTPUT_BIGNUM(num, buf2, y, z) \ { \ - z = mp_raw_size(num); \ + z = mp_unsigned_bin_size(num); \ STORE32L(z, buf2+y); \ y += 4; \ - mp_toraw(num, buf2+y); \ + mp_to_unsigned_bin(num, buf2+y); \ y += z; \ } @@ -650,11 +704,15 @@ done: } \ \ /* load it */ \ - if (mp_read_raw(num, (unsigned char *)in+y, x) != MP_OKAY) {\ + if (mp_read_unsigned_bin(num, (unsigned char *)in+y, x) != MP_OKAY) {\ errno = CRYPT_MEM; \ goto error; \ } \ y += x; \ + if (mp_shrink(num) != MP_OKAY) { \ + errno = CRYPT_MEM; \ + goto error; \ + } \ } int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) @@ -696,7 +754,7 @@ int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key } /* store header */ - packet_store_header(buf2, PACKET_SECT_ECC, PACKET_SUB_KEY, y); + packet_store_header(buf2, PACKET_SECT_ECC, PACKET_SUB_KEY); memcpy(out, buf2, y); *outlen = y; @@ -765,10 +823,15 @@ int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key) /* load private key */ INPUT_BIGNUM(&key->k, in, x, y); } + + /* eliminate private key if public */ + if (key->type == PK_PUBLIC) { + mp_clear(&key->k); + } + return CRYPT_OK; error: mp_clear_multi(&key->pubkey.x, &key->pubkey.y, &key->k, NULL); -done: return errno; } @@ -805,7 +868,7 @@ int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, return CRYPT_MEM; } - if (mp_read_radix(&prime, (unsigned char *)sets[private_key->idx].prime, 10) != MP_OKAY) { goto error; } + if (mp_read_radix(&prime, (unsigned char *)sets[private_key->idx].prime, 64) != MP_OKAY) { goto error; } if ((errno = ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime, private_key->idx)) != CRYPT_OK) { res = errno; goto done1; } x = mp_raw_size(&result->x); diff --git a/ecc_sys.c b/ecc_sys.c index adcecdc..e72142d 100644 --- a/ecc_sys.c +++ b/ecc_sys.c @@ -84,7 +84,7 @@ int ecc_encrypt_key(const unsigned char *inkey, unsigned long keylen, } /* store header */ - packet_store_header(out, PACKET_SECT_ECC, PACKET_SUB_ENC_KEY, y); + packet_store_header(out, PACKET_SECT_ECC, PACKET_SUB_ENC_KEY); #ifdef CLEAN_STACK /* clean up */ @@ -96,8 +96,9 @@ int ecc_encrypt_key(const unsigned char *inkey, unsigned long keylen, return CRYPT_OK; } -int ecc_decrypt_key(const unsigned char *in, unsigned char *outkey, - unsigned long *keylen, ecc_key *key) +int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, + unsigned char *outkey, unsigned long *keylen, + ecc_key *key) { unsigned char shared_secret[256], skey[MAXBLOCKSIZE]; unsigned long x, y, z, res, hashsize, keysize; @@ -113,6 +114,13 @@ int ecc_decrypt_key(const unsigned char *in, unsigned char *outkey, if (key->type != PK_PRIVATE) { return CRYPT_PK_NOT_PRIVATE; } + + /* correct length ? */ + if (inlen < PACKET_SIZE+1+4+4) { + return CRYPT_INVALID_PACKET; + } else { + inlen -= PACKET_SIZE+1+4+4; + } /* is header correct? */ if ((errno = packet_valid_header((unsigned char *)in, PACKET_SECT_ECC, PACKET_SUB_ENC_KEY)) != CRYPT_OK) { @@ -131,6 +139,11 @@ int ecc_decrypt_key(const unsigned char *in, unsigned char *outkey, /* get public key */ LOAD32L(x, in+y); + if (inlen < x) { + return CRYPT_INVALID_PACKET; + } else { + inlen -= x; + } y += 4; if ((errno = ecc_import(in+y, x, &pubkey)) != CRYPT_OK) { return errno; @@ -151,6 +164,11 @@ int ecc_decrypt_key(const unsigned char *in, unsigned char *outkey, } LOAD32L(keysize, in+y); + if (inlen < keysize) { + return CRYPT_INVALID_PACKET; + } else { + inlen -= keysize; + } y += 4; if (*keylen < keysize) { @@ -223,7 +241,7 @@ int ecc_sign_hash(const unsigned char *in, unsigned long inlen, ecc_free(&pubkey); return CRYPT_MEM; } - if (mp_read_radix(&p, (unsigned char *)sets[key->idx].order, 10) != MP_OKAY) { goto error; } + if (mp_read_radix(&p, (unsigned char *)sets[key->idx].order, 64) != MP_OKAY) { goto error; } if (mp_read_raw(&b, md, 1+MIN(sizeof(md)-1,inlen)) != MP_OKAY) { goto error; } /* find b = (m - x)/k */ @@ -266,7 +284,7 @@ int ecc_sign_hash(const unsigned char *in, unsigned long inlen, } /* store header */ - packet_store_header(out, PACKET_SECT_ECC, PACKET_SUB_SIGNED, y); + packet_store_header(out, PACKET_SECT_ECC, PACKET_SUB_SIGNED); /* clear memory */ *outlen = y; @@ -286,9 +304,9 @@ done1: } /* verify that mG = (bA + Y) */ -int ecc_verify_hash(const unsigned char *sig, const unsigned char *hash, - unsigned long inlen, int *stat, - ecc_key *key) +int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long inlen, + int *stat, ecc_key *key) { ecc_point *mG; ecc_key pubkey; @@ -305,6 +323,12 @@ int ecc_verify_hash(const unsigned char *sig, const unsigned char *hash, /* default to invalid signature */ *stat = 0; + if (siglen < PACKET_SIZE+4+4) { + return CRYPT_INVALID_PACKET; + } else { + siglen -= PACKET_SIZE+4+4; + } + /* is the message format correct? */ if ((errno = packet_valid_header((unsigned char *)sig, PACKET_SECT_ECC, PACKET_SUB_SIGNED)) != CRYPT_OK) { return errno; @@ -315,6 +339,11 @@ int ecc_verify_hash(const unsigned char *sig, const unsigned char *hash, /* get size of public key */ LOAD32L(x, sig+y); + if (siglen < x) { + return CRYPT_INVALID_PACKET; + } else { + siglen -= x; + } y += 4; /* load the public key */ @@ -325,6 +354,11 @@ int ecc_verify_hash(const unsigned char *sig, const unsigned char *hash, /* load size of 'b' */ LOAD32L(x, sig+y); + if (siglen < x) { + return CRYPT_INVALID_PACKET; + } else { + siglen -= x; + } y += 4; /* init values */ @@ -350,7 +384,7 @@ int ecc_verify_hash(const unsigned char *sig, const unsigned char *hash, if (mp_read_raw(&m, md, 1+MIN(sizeof(md)-1,inlen)) != MP_OKAY) { goto error; } /* load prime */ - if (mp_read_radix(&p, (unsigned char *)sets[key->idx].prime, 10) != MP_OKAY) { goto error; } + if (mp_read_radix(&p, (unsigned char *)sets[key->idx].prime, 64) != MP_OKAY) { goto error; } /* get bA */ if (ecc_mulmod(&b, &pubkey.pubkey, &pubkey.pubkey, &p, key->idx) != CRYPT_OK) { goto error; } @@ -359,8 +393,8 @@ int ecc_verify_hash(const unsigned char *sig, const unsigned char *hash, if (add_point(&pubkey.pubkey, &key->pubkey, &pubkey.pubkey, &p) != CRYPT_OK) { goto error; } /* get mG */ - if (mp_read_radix(&mG->x, (unsigned char *)sets[key->idx].Gx, 16) != MP_OKAY) { goto error; } - if (mp_read_radix(&mG->y, (unsigned char *)sets[key->idx].Gy, 16) != MP_OKAY) { goto error; } + if (mp_read_radix(&mG->x, (unsigned char *)sets[key->idx].Gx, 64) != MP_OKAY) { goto error; } + if (mp_read_radix(&mG->y, (unsigned char *)sets[key->idx].Gy, 64) != MP_OKAY) { goto error; } if (ecc_mulmod(&m, mG, mG, &p, key->idx) != CRYPT_OK) { goto error; } /* compare mG to bA + Y */ diff --git a/examples/ch1-01.c b/examples/ch1-01.c new file mode 100644 index 0000000..010ccd7 --- /dev/null +++ b/examples/ch1-01.c @@ -0,0 +1,18 @@ +/* + * Name : ch1-01.c + * Purpose : Demonstration of a basic libtomcrypt program + * Author : Tom St Denis + * + * History : v0.79 Initial release + */ + +/* ch1-01-1 */ +/* Include the default headers and libtomcrypt headers */ +#include + +int main(void) +{ + return 0; +} +/* ch1-01-1 */ + diff --git a/examples/ch1-02.c b/examples/ch1-02.c new file mode 100644 index 0000000..9d41f21 --- /dev/null +++ b/examples/ch1-02.c @@ -0,0 +1,25 @@ +/* + * Name : ch1-02.c + * Purpose : Demonstration of error handling + * Author : Tom St Denis + * + * History : v0.79 Initial release + */ + +/* ch1-01-1 */ +#include + +int main(void) +{ + int errno; + + if ((errno = some_func(...)) != CRYPT_OK) { + printf("Error: %s\n", error_to_string(errno)); + return EXIT_FAILURE; + } + + return 0; +} +/*ch1-01-1 */ + + diff --git a/examples/ch1-03.c b/examples/ch1-03.c new file mode 100644 index 0000000..c749aa1 --- /dev/null +++ b/examples/ch1-03.c @@ -0,0 +1,29 @@ +/* + * Name : ch1-03.c + * Purpose : Demonstration of variable length outputs + * Author : Tom St Denis + * + * History : v0.79 Initial release + */ + + /* ch1-01-1 */ + #include + + int main(void) + { + unsigned long length; + unsigned char buffer[512]; + int errno; + + length = sizeof(buffer); + if ((errno = some_func(..., buffer, &length)) != CRYPT_OK) { + printf("Error: %s\n", error_to_string(errno)); + return EXIT_FAILURE; + } + printf("Size of output is %lu bytes\n", length); + return 0; +} +/* ch1-01-1 */ + + + \ No newline at end of file diff --git a/keyring.c b/keyring.c index d50c27f..e8e6080 100644 --- a/keyring.c +++ b/keyring.c @@ -70,6 +70,7 @@ static const unsigned long crc_table[256] = { static unsigned long crc32 (unsigned long crc, const unsigned char *buf, unsigned long len) { + //_ARGCHK(buf != NULL && len == 0); crc = crc ^ 0xffffffffL; while (len >= 8) { DO8 (buf); @@ -587,25 +588,26 @@ int kr_encrypt_key(pk_key *pk, unsigned long ID, STORE32L(kr->ID,buf+4); /* now encrypt it */ - len = sizeof(buf)-8; + len = sizeof(buf)-12; switch (kr->system) { case RSA_KEY: - if ((errno = rsa_encrypt_key(in, inlen, buf+8, &len, prng, wprng, &(kr->key.rsa))) != CRYPT_OK) { + if ((errno = rsa_encrypt_key(in, inlen, buf+12, &len, prng, wprng, &(kr->key.rsa))) != CRYPT_OK) { return errno; } break; case DH_KEY: - if ((errno = dh_encrypt_key(in, inlen, buf+8, &len, prng, wprng, hash, &(kr->key.dh))) != CRYPT_OK) { + if ((errno = dh_encrypt_key(in, inlen, buf+12, &len, prng, wprng, hash, &(kr->key.dh))) != CRYPT_OK) { return errno; } break; case ECC_KEY: - if ((errno = ecc_encrypt_key(in, inlen, buf+8, &len, prng, wprng, hash, &(kr->key.ecc))) != CRYPT_OK) { + if ((errno = ecc_encrypt_key(in, inlen, buf+12, &len, prng, wprng, hash, &(kr->key.ecc))) != CRYPT_OK) { return errno; } break; } - len += 8; + STORE32L(len,buf+8); + len += 12; if (len > *outlen) { #ifdef CLEAN_STACK @@ -626,7 +628,7 @@ int kr_decrypt_key(pk_key *pk, const unsigned char *in, unsigned char *out, unsigned long *outlen) { unsigned char buf[8192]; - unsigned long len, ID; + unsigned long pklen, len, ID; pk_key *kr; int errno; @@ -653,20 +655,21 @@ int kr_decrypt_key(pk_key *pk, const unsigned char *in, } /* now try and decrypt it */ + LOAD32L(pklen,in+8); len = sizeof(buf); switch (kr->system) { case RSA_KEY: - if ((errno = rsa_decrypt_key(in+8, buf, &len, &(kr->key.rsa))) != CRYPT_OK) { + if ((errno = rsa_decrypt_key(in+12, pklen, buf, &len, &(kr->key.rsa))) != CRYPT_OK) { return errno; } break; case DH_KEY: - if ((errno = dh_decrypt_key(in+8, buf, &len, &(kr->key.dh))) != CRYPT_OK) { + if ((errno = dh_decrypt_key(in+12, pklen, buf, &len, &(kr->key.dh))) != CRYPT_OK) { return errno; } break; case ECC_KEY: - if ((errno = ecc_decrypt_key(in+8, buf, &len, &(kr->key.ecc))) != CRYPT_OK) { + if ((errno = ecc_decrypt_key(in+12, pklen, buf, &len, &(kr->key.ecc))) != CRYPT_OK) { return errno; } break; @@ -720,26 +723,27 @@ int kr_sign_hash(pk_key *pk, unsigned long ID, STORE32L(kr->ID,buf+4); /* now sign it */ - len = sizeof(buf)-12; + len = sizeof(buf)-16; switch (kr->system) { case RSA_KEY: - if ((errno = rsa_sign_hash(in, inlen, buf+12, &len, &(kr->key.rsa))) != CRYPT_OK) { + if ((errno = rsa_sign_hash(in, inlen, buf+16, &len, &(kr->key.rsa))) != CRYPT_OK) { return errno; } break; case DH_KEY: - if ((errno = dh_sign_hash(in, inlen, buf+12, &len, prng, wprng, &(kr->key.dh))) != CRYPT_OK) { + if ((errno = dh_sign_hash(in, inlen, buf+16, &len, prng, wprng, &(kr->key.dh))) != CRYPT_OK) { return errno; } break; case ECC_KEY: - if ((errno = ecc_sign_hash(in, inlen, buf+12, &len, prng, wprng, &(kr->key.ecc))) != CRYPT_OK) { + if ((errno = ecc_sign_hash(in, inlen, buf+16, &len, prng, wprng, &(kr->key.ecc))) != CRYPT_OK) { return errno; } break; } STORE32L(inlen,buf+8); - len += 12; + STORE32L(len,buf+12); + len += 16; if (len > *outlen) { #ifdef CLEAN_STACK @@ -759,7 +763,7 @@ int kr_sign_hash(pk_key *pk, unsigned long ID, int kr_verify_hash(pk_key *pk, const unsigned char *in, const unsigned char *hash, unsigned long hashlen, int *stat) { - unsigned long inlen, ID; + unsigned long inlen, pklen, ID; pk_key *kr; int errno; @@ -785,23 +789,24 @@ int kr_verify_hash(pk_key *pk, const unsigned char *in, const unsigned char *has /* now try and verify it */ LOAD32L(inlen,in+8); /* this is the length of the original inlen */ + LOAD32L(pklen,in+12); /* size of the PK packet */ if (inlen != hashlen) { /* size doesn't match means the signature is invalid */ return CRYPT_OK; } switch (kr->system) { case RSA_KEY: - if ((errno = rsa_verify_hash(in+12, hash, stat, &(kr->key.rsa))) != CRYPT_OK) { + if ((errno = rsa_verify_hash(in+16, pklen, hash, stat, &(kr->key.rsa))) != CRYPT_OK) { return errno; } break; case DH_KEY: - if ((errno = dh_verify_hash(in+12, hash, inlen, stat, &(kr->key.dh))) != CRYPT_OK) { + if ((errno = dh_verify_hash(in+16, pklen, hash, inlen, stat, &(kr->key.dh))) != CRYPT_OK) { return errno; } break; case ECC_KEY: - if ((errno = ecc_verify_hash(in+12, hash, inlen, stat, &(kr->key.ecc))) != CRYPT_OK) { + if ((errno = ecc_verify_hash(in+16, pklen, hash, inlen, stat, &(kr->key.ecc))) != CRYPT_OK) { return errno; } break; diff --git a/makefile b/makefile index ec3a503..0191ef8 100644 --- a/makefile +++ b/makefile @@ -9,62 +9,77 @@ # a build. This is easy to remedy though, for those that have problems. # The version -VERSION=0.78 +VERSION=0.79 -#Compiler and Linker Names +#ch1-01-1 +# Compiler and Linker Names CC=gcc LD=ld -#Archiver [makes .a files] +# Archiver [makes .a files] AR=ar -ARFLAGS=rs +ARFLAGS=r +#ch1-01-1 -#here you can set the malloc/calloc/free functions you want +#ch1-01-2 +# here you can set the malloc/calloc/free functions you want XMALLOC=malloc XCALLOC=calloc +XREALLOC=realloc XFREE=free -#you can redefine the clock +# you can redefine the clock XCLOCK=clock XCLOCKS_PER_SEC=CLOCKS_PER_SEC +#ch1-01-2 -#Compilation flags. Note the += does not write over the user's CFLAGS! +#ch1-01-3 +# Compilation flags. Note the += does not write over the user's CFLAGS! CFLAGS += -c -I./ -Wall -Wsign-compare -W -Wno-unused -Werror \ - -DXMALLOC=$(XMALLOC) -DXCALLOC=$(XCALLOC) -DXFREE=$(XFREE) -DXCLOCK=$(XCLOCK) \ + -DXMALLOC=$(XMALLOC) -DXCALLOC=$(XCALLOC) -DXFREE=$(XFREE) \ + -DXREALLOC=$(XREALLOC) -DXCLOCK=$(XCLOCK) \ -DXCLOCKS_PER_SEC=$(XCLOCKS_PER_SEC) -#optimize for SPEED (comment out SIZE/DEBUG line as well) +# optimize for SPEED #CFLAGS += -O3 -funroll-loops -#optimize for SIZE (comment out SPEED/DEBUG line as well) +# optimize for SIZE CFLAGS += -Os -#Use small code variants of functions when possible? (Slows it down!) -CFLAGS += -DSMALL_CODE - -#compile for DEBUGGING +# compile for DEBUGGING #CFLAGS += -g3 +#ch1-01-3 #These flags control how the library gets built. -#no file support, when defined the library will not have any functions that can read/write files -#(comment out to have file support) +#ch1-01-4 +# Use small code variants of functions when possible? +CFLAGS += -DSMALL_CODE + +# no file support, when defined the library will not +# have any functions that can read/write files +# (comment out to have file support) #CFLAGS += -DNO_FILE -#Support the UNIX /dev/random or /dev/urandom +# Support the UNIX /dev/random or /dev/urandom CFLAGS += -DDEVRANDOM -# Use /dev/urandom first on devices where /dev/random is too slow */ +# Use /dev/urandom first on devices where +# /dev/random is too slow #CFLAGS += -DTRY_URANDOM_FIRST -# Clean the stack after sensitive functions. Not always required... -# With this defined most of the ciphers and hashes will clean their stack area -# after usage with a (sometimes) huge penalty in speed. Normally this is not -# required if you simply lock your stack and wipe it when your program is done. +# Clean the stack after sensitive functions. Not +# always required... With this defined most of +# the ciphers and hashes will clean their stack area +# after usage with a (sometimes) huge penalty in speed. +# Normally this is not required if you simply lock your +# stack and wipe it when your program is done. # #CFLAGS += -DCLEAN_STACK +#ch1-01-4 -# What algorithms to include? comment out and rebuild to remove em +#ch1-01-5 +# What algorithms to include? comment out and rebuild to remove them CFLAGS += -DBLOWFISH CFLAGS += -DRC2 CFLAGS += -DRC5 @@ -78,6 +93,7 @@ CFLAGS += -DTWOFISH CFLAGS += -DDES CFLAGS += -DCAST5 CFLAGS += -DNOEKEON +#ch1-01-5 #You can also customize the Twofish code. All four combinations #of the flags are possible but only three of them make sense. @@ -90,17 +106,23 @@ CFLAGS += -DNOEKEON #_TABLES defined: Very fast, not faster than if both were undefined. Code is ~1KB bigger # faster keysetup though... -# Small Ram Variant of Twofish. For this you must have TWOFISH defined. This -# variant requires about 4kb less memory but is considerably slower. It is ideal -# when high throughput is less important than conserving memory. By default it is -# not defined which means the larger ram (about 4.2Kb used) variant is built. +#ch1-01-6 +# Small Ram Variant of Twofish. For this you must have TWOFISH +# defined. This variant requires about 4kb less memory but +# is considerably slower. It is ideal when high throughput is +# less important than conserving memory. By default it is not +# defined which means the larger ram (about 4.2Kb used) variant +# is built. #CFLAGS += -DTWOFISH_SMALL -# Tell Twofish to use precomputed tables. If you want to use the small table -# variant of Twofish you may want to turn this on. Essentially it tells Twofish to use -# precomputed S-boxes (Q0 and Q1) as well as precomputed GF multiplications [in the MDS]. -# This speeds up the cipher somewhat. +# Tell Twofish to use precomputed tables. If you want to use +# the small table variant of Twofish you may want to turn +# this on. Essentially it tells Twofish to use precomputed +# S-boxes (Q0 and Q1) as well as precomputed GF +# multiplications [in the MDS]. This speeds up the cipher +# somewhat. #CFLAGS += -DTWOFISH_TABLES +#ch1-01-6 #Use fast PK routines. Basically this limits the size of the private key in the #DH system to 256 bits. The group order remains unchanged so the best @@ -110,13 +132,16 @@ CFLAGS += -DNOEKEON #security so its by default not turned on. USE AT YOUR RISK! #CFLAGS += -DFAST_PK +#ch1-01-7 # Chaining modes CFLAGS += -DCFB CFLAGS += -DOFB CFLAGS += -DECB CFLAGS += -DCBC CFLAGS += -DCTR +#ch1-01-7 +#ch1-01-8 #One-way hashes CFLAGS += -DSHA512 CFLAGS += -DSHA384 @@ -126,29 +151,73 @@ CFLAGS += -DSHA1 CFLAGS += -DMD5 CFLAGS += -DMD4 CFLAGS += -DMD2 +#ch1-01-8 -# base64 -CFLAGS += -DBASE64 - +#ch1-01-9 # prngs CFLAGS += -DYARROW CFLAGS += -DSPRNG CFLAGS += -DRC4 +#ch1-01-9 +#ch1-01-10 # PK code CFLAGS += -DMRSA CFLAGS += -DMDH CFLAGS += -DMECC +#CFLAGS += -DMDSA CFLAGS += -DKR +#ch1-01-10 -# include GF math routines? (not currently used by anything internally) +#ch1-01-12 +# Control which built in DH or ECC key paramaters +# are to be allowed +CFLAGS += -DDH768 +CFLAGS += -DDH1024 +CFLAGS += -DDH1280 +CFLAGS += -DDH1536 +CFLAGS += -DDH1792 +CFLAGS += -DDH2048 +CFLAGS += -DDH2560 +CFLAGS += -DDH3072 +CFLAGS += -DDH4096 + +CFLAGS += -DECC160 +CFLAGS += -DECC192 +CFLAGS += -DECC224 +CFLAGS += -DECC256 +CFLAGS += -DECC384 +CFLAGS += -DECC521 + +CFLAGS += -DDSA1024 +CFLAGS += -DDSA2048 +CFLAGS += -DDSA4096 +#ch1-01-12 + +#ch1-01-11 +# base64 +CFLAGS += -DBASE64 + +# include GF math routines? +# (not currently used by anything internally) #CFLAGS += -DGF # include large integer math routines? (required by the PK code) CFLAGS += -DMPI +# use the fast exptmod operation (used in dsa/rsa/dh and is_prime) +# This uses slightly more heap than the old code [only during the function call] +# this is also fairly faster than the previous code +CFLAGS += -DMPI_FASTEXPT + +# use a "low" mem variant of the fast exptmod. It is still always +# faster then the old exptmod but its savings drops off after +# 1024 to 2048-bits +#CFLAGS += -DMPI_FASTEXPT_LOWMEM + # include HMAC support CFLAGS += -DHMAC +#ch1-01-11 #Output filenames for various targets. LIBNAME=libtomcrypt.a @@ -163,7 +232,7 @@ LIBPATH=/usr/lib INCPATH=/usr/include #List of objects to compile. -OBJECTS=keyring.o gf.o mem.o sprng.o ecc.o base64.o dh.o rsa.o \ +OBJECTS=keyring.o gf.o mem.o sprng.o dsa.o ecc.o base64.o dh.o rsa.o \ bits.o yarrow.o cfb.o ofb.o ecb.o ctr.o cbc.o hash.o tiger.o sha1.o \ md5.o md4.o md2.o sha256.o sha512.o xtea.o aes.o serpent.o des.o \ safer_tab.o safer.o safer+.o rc4.o rc2.o rc6.o rc5.o cast5.o noekeon.o blowfish.o crypt.o \ @@ -199,6 +268,7 @@ sha512.o: sha512.c sha384.c #This rule makes the libtomcrypt library. library: $(OBJECTS) $(AR) $(ARFLAGS) $(LIBNAME) $(OBJECTS) + ranlib $(LIBNAME) #This rule makes the test program included with libtomcrypt test: library $(TESTOBJECTS) @@ -219,9 +289,11 @@ small: library $(SMALLOBJECTS) #This rule installs the library and the header files. This must be run #as root in order to have a high enough permission to write to the correct #directories and to set the owner and group to root. -install: library +install: library docs install -g root -o root $(LIBNAME) $(LIBPATH) install -g root -o root $(HEADERS) $(INCPATH) + mkdir -p /usr/doc/libtomcrypt/pdf + cp crypt.pdf /usr/doc/libtomcrypt/pdf/ #This rule cleans the source tree of all compiled code, not including the pdf #documentation. @@ -241,7 +313,7 @@ docs: crypt.tex makeindex crypt > /dev/null pdflatex crypt > /dev/null rm -f $(LEFTOVERS) - + #zipup the project (take that!) zipup: clean docs chdir .. ; rm -rf crypt* libtomcrypt-$(VERSION) ; mkdir libtomcrypt-$(VERSION) ; \ diff --git a/makefile.out b/makefile.out new file mode 100644 index 0000000..1c66b3b --- /dev/null +++ b/makefile.out @@ -0,0 +1,23 @@ +#makefile generated with config.pl +# +#Tom St Denis (tomstdenis@yahoo.com, http://tom.iahu.ca) + +CC = gcc +AR = ar +LD = ld +CFLAGS += -Os -Wall -Wsign-compare -W -Wno-unused -Werror -I./ -DXMALLOC=malloc -DXCALLOC=calloc -DXFREE=free -DXCLOCK=clock -DXCLOCKS_PER_SEC=CLOCKS_PER_SEC -DSMALL_CODE -DBLOWFISH -DRC2 -DRC5 -DRC6 -DSERPENT -DSAFERP -DSAFER -DRIJNDAEL -DXTEA -DTWOFISH -DDES -DCAST5 -DNOEKEON -DCFB -DOFB -DECB -DCBC -DCTR -DSHA512 -DSHA384 -DSHA256 -DTIGER -DSHA1 -DMD5 -DMD4 -DMD2 -DHMAC -DBASE64 -DYARROW -DSPRNG -DRC4 -DDEVRANDOM -DMRSA -DMDH -DMECC -DMDSA -DKR -DDH768 -DDH1024 -DDH1280 -DDH1536 -DDH1792 -DDH2048 -DDH2560 -DDH3072 -DDH4096 -DECC160 -DECC192 -DECC224 -DECC256 -DECC384 -DECC521 -DDSA1024 -DDSA2048 -DDSA4096 -DMPI -DMPI_FASTEXPT + +default: library + +OBJECTS = keyring.o gf.o mem.o sprng.o dsa.o ecc.o base64.o dh.o rsa.o bits.o yarrow.o cfb.o ofb.o ecb.o ctr.o cbc.o hash.o tiger.o sha1.o md5.o md4.o md2.o sha256.o sha512.o xtea.o aes.o serpent.o des.o safer_tab.o safer.o safer+.o rc4.o rc2.o rc6.o rc5.o cast5.o noekeon.o blowfish.o crypt.o ampi.o mpi.o prime.o twofish.o packet.o hmac.o strings.o + +rsa.o: rsa_sys.c +dh.o: dh_sys.c +ecc.o: ecc_sys.c + +library: $(OBJECTS) + $(AR) rs libtomcrypt.a $(OBJECTS) + +clean: + rm -f $(OBJECTS) libtomcrypt.a + diff --git a/makefile.ps2 b/makefile.ps2 index f09da3e..be78b6e 100644 --- a/makefile.ps2 +++ b/makefile.ps2 @@ -32,6 +32,7 @@ ARFLAGS=rs #here you can set the malloc/calloc/free functions you want XMALLOC=malloc XCALLOC=calloc +XREALLOC=realloc XFREE=free #you can redefine the clock @@ -40,7 +41,8 @@ XCLOCKS_PER_SEC=576000 #Compilation flags. Note the += does not write over the user's CFLAGS! CFLAGS += -c -I./ -Wall -Wsign-compare -W -Wno-unused -Werror \ - -DXMALLOC=$(XMALLOC) -DXCALLOC=$(XCALLOC) -DXFREE=$(XFREE) -DXCLOCK=$(XCLOCK) \ + -DXMALLOC=$(XMALLOC) -DXCALLOC=$(XCALLOC) -DXFREE=$(XFREE) \ + -DXREALLOC=$(XREALLOC) -DXCLOCK=$(XCLOCK) \ -DXCLOCKS_PER_SEC=$(XCLOCKS_PER_SEC) #optimize for SPEED (comment out SIZE line as well) @@ -103,14 +105,6 @@ CFLAGS += -DNOEKEON # This speeds up the cipher somewhat. # CFLAGS += -DTWOFISH_TABLES -#Small code variant of the SAFER+ cipher, uses same RAM but less code space -#With this defined the cipher is slower. On my x86 with GCC 3.2 it required 50KB less space -CFLAGS += -DSAFERP_SMALL - -#Small Rijndael [saves 13KB on an x86] -#With this defined the cipher is slower (by 50Mbit/sec on an Athon XP) -CFLAGS += -DRIJNDAEL_SMALL - #Use fast PK routines. Basically this limits the size of the private key in the #DH system to 256 bits. The group order remains unchanged so the best #attacks are still GNFS (for DH upto 2560-bits) @@ -148,14 +142,48 @@ CFLAGS += -DRC4 CFLAGS += -DMRSA CFLAGS += -DMDH CFLAGS += -DMECC +#CFLAGS += -DDSA CFLAGS += -DKR +# Control which built in DH or ECC key paramaters +# are to be allowed +CFLAGS += -DDH768 +CFLAGS += -DDH1024 +CFLAGS += -DDH1280 +CFLAGS += -DDH1536 +CFLAGS += -DDH1792 +CFLAGS += -DDH2048 +CFLAGS += -DDH2560 +CFLAGS += -DDH3072 +CFLAGS += -DDH4096 + +CFLAGS += -DECC160 +CFLAGS += -DECC192 +CFLAGS += -DECC224 +CFLAGS += -DECC256 +CFLAGS += -DECC384 +CFLAGS += -DECC521 + +CFLAGS += -DDSA1024 +CFLAGS += -DDSA2048 +CFLAGS += -DDSA4096 + # include GF math routines? (not currently used by anything internally) #CFLAGS += -DGF # include large integer math routines? (required by the PK code) CFLAGS += -DMPI +# use the fast exptmod operation (used in dsa/rsa/dh and is_prime) +# This uses slightly more heap than the old code [only during the function call] +# this is also fairly faster than the previous code +CFLAGS += -DMPI_FASTEXPT + +# use a "low" mem variant of the fast exptmod. It is still always +# faster then the old exptmod but its savings drops off after +# 1024-bits +CFLAGS += -DMPI_FASTEXPT_LOWMEM + # include HMAC support CFLAGS += -DHMAC @@ -175,7 +203,7 @@ LIBPATH=/usr/lib INCPATH=/usr/include #List of objects to compile. -OBJECTS=keyring.o gf.o mem.o sprng.o ecc.o base64.o dh.o rsa.o \ +OBJECTS=keyring.o gf.o mem.o sprng.o dsa.o ecc.o base64.o dh.o rsa.o \ bits.o yarrow.o cfb.o ofb.o ecb.o ctr.o cbc.o hash.o tiger.o sha1.o \ md5.o md4.o md2.o sha256.o sha512.o xtea.o aes.o serpent.o des.o \ safer_tab.o safer.o safer+.o rc4.o rc2.o rc6.o rc5.o cast5.o noekeon.o blowfish.o crypt.o \ diff --git a/makefile.vc b/makefile.vc index e8deeb5..d3536ee 100644 --- a/makefile.vc +++ b/makefile.vc @@ -8,13 +8,14 @@ AR=lib #here you can set the malloc/calloc/free functions you want XMALLOC=malloc XCALLOC=calloc +XREALLOC=realloc XFREE=free #you can redefine the clock XCLOCK=clock XCLOCKS_PER_SEC=CLOCKS_PER_SEC -CFLAGS = /c /Ogisy1 /Gs /I. /W3 /DWIN32 /DXMALLOC=$(XMALLOC) /DXCALLOC=$(XCALLOC) /DXFREE=$(XFREE) /DXCLOCK=$(XCLOCK) /DXCLOCKS_PER_SEC=$(XCLOCKS_PER_SEC) +CFLAGS = /c /Ogisy1 /Gs /I. /W3 /DWIN32 /DXREALLOC=$(XREALLOC) /DXMALLOC=$(XMALLOC) /DXCALLOC=$(XCALLOC) /DXFREE=$(XFREE) /DXCLOCK=$(XCLOCK) /DXCLOCKS_PER_SEC=$(XCLOCKS_PER_SEC) #Small code (smaller variants of some block ciphers) CFLAGS += /DSMALL_CODE @@ -113,14 +114,49 @@ CFLAGS += /DRC4 CFLAGS += /DMRSA CFLAGS += /DMDH CFLAGS += /DMECC +#CFLAGS += /DDSA CFLAGS += /DKR +# Control which built in DH or ECC key paramaters +# are to be allowed +CFLAGS += /DDH768 +CFLAGS += /DDH1024 +CFLAGS += /DDH1280 +CFLAGS += /DDH1536 +CFLAGS += /DDH1792 +CFLAGS += /DDH2048 +CFLAGS += /DDH2560 +CFLAGS += /DDH3072 +CFLAGS += /DDH4096 + +CFLAGS += /DECC160 +CFLAGS += /DECC192 +CFLAGS += /DECC224 +CFLAGS += /DECC256 +CFLAGS += /DECC384 +CFLAGS += /DECC521 + +CFLAGS += /DDSA1024 +CFLAGS += /DDSA2048 +CFLAGS += /DDSA4096 + # include GF math routines? (not currently used by anything internally) #CFLAGS += /DGF # include large integer math routines? (required by the PK code) CFLAGS += /DMPI +# use the fast exptmod operation (used in dsa/rsa/dh and is_prime) +# This uses slightly more heap than the old code [only during the function call] +# this is also fairly faster than the previous code +CFLAGS += /DMPI_FASTEXPT + +# use a "low" mem variant of the fast exptmod. It is still always +# faster then the old exptmod but its savings drops off after +# 1024-bits +#CFLAGS += /DMPI_FASTEXPT_LOWMEM + + # include HMAC support CFLAGS += /DHMAC @@ -216,6 +252,8 @@ cast5.obj: cast5.c $(CC) $(CFLAGS) cast5.c noekeon.obj: noekeon.c $(CC) $(CFLAGS) noekeon.c +dsa.obj: dsa.c + $(CC) $(CFLAGS) dsa.c demos/test.obj: demos/test.c $(CC) $(CFLAGS) demos/test.c @@ -223,11 +261,11 @@ demos/test.obj: demos/test.c demos/hashsum.obj: demos/hashsum.c $(CC) $(CFLAGS) demos/hashsum.c -tomcrypt.lib: keyring.obj gf.obj mem.obj sprng.obj ecc.obj base64.obj dh.obj rsa.obj bits.obj hmac.obj \ +tomcrypt.lib: keyring.obj gf.obj mem.obj sprng.obj dsa.obj ecc.obj base64.obj dh.obj rsa.obj bits.obj hmac.obj \ yarrow.obj cfb.obj ofb.obj ecb.obj ctr.obj cbc.obj hash.obj tiger.obj sha1.obj md2.obj md5.obj md4.obj sha256.obj sha512.obj xtea.obj \ aes.obj serpent.obj safer_tab.obj safer.obj safer+.obj cast5.obj noekeon.obj rc2.obj rc6.obj rc5.obj des.obj blowfish.obj crypt.obj ampi.obj \ strings.obj mpi.obj prime.obj twofish.obj packet.obj - $(AR) /out:tomcrypt.lib keyring.obj gf.obj mem.obj sprng.obj ecc.obj base64.obj dh.obj rsa.obj hmac.obj \ + $(AR) /out:tomcrypt.lib keyring.obj gf.obj mem.obj sprng.obj dsa.obj ecc.obj base64.obj dh.obj rsa.obj hmac.obj \ bits.obj yarrow.obj cfb.obj ofb.obj ecb.obj ctr.obj cbc.obj hash.obj tiger.obj sha1.obj md2.obj md5.obj md4.obj sha256.obj \ strings.obj sha512.obj xtea.obj aes.obj serpent.obj safer_tab.obj safer.obj safer+.obj cast5.obj noekeon.obj rc2.obj rc6.obj rc5.obj des.obj \ blowfish.obj crypt.obj ampi.obj mpi.obj prime.obj twofish.obj packet.obj diff --git a/mpi.c b/mpi.c index fa8a777..4293f6b 100644 --- a/mpi.c +++ b/mpi.c @@ -1635,8 +1635,159 @@ mp_err mp_sqrmod(mp_int *a, mp_int *m, mp_int *c) /* }}} */ +/* shrinks the memory required to store a mp_int if possible */ +mp_err mp_shrink(mp_int *a) +{ + if (a->used != a->alloc) { + if ((a->dp = XREALLOC(a->dp, a->used * sizeof(mp_digit))) == NULL) { + return MP_MEM; + } else { + a->alloc = a->used; + return MP_OKAY; + } + } else { + return MP_OKAY; + } +} + /* {{{ mp_exptmod(a, b, m, c) */ +#ifdef MPI_FASTEXPT + +/* computes y == g^x mod p */ +mp_err mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y) +{ + mp_int *M, tx, mu, res; + int QQQ, QQ, Q, x, *vals, err; + + /* determine the value of Q */ + x = (USED(X) - 1) * DIGIT_BIT; + Q = DIGIT(X, USED(X)-1); + while (Q) { + ++x; + Q >>= 1; + } + if (x <= 8) { Q = 2; } + else if (x <= 64) { Q = 3; } + else if (x <= 256) { Q = 4; } + else if (x <= 950) { Q = 5; } + else if (x <= 2755) { Q = 6; } + else { Q = 7; } + +#ifdef MPI_FASTEXPT_LOWMEM + if (Q > 5) { + Q = 5; + } +#endif + + /* alloc room for table */ + vals = XCALLOC(sizeof(int), USED(X)*((DIGIT_BIT/Q)+((DIGIT_BIT%Q)?1:0))); + if (vals == NULL) { err = MP_MEM; goto _ERR; } + + M = XCALLOC(sizeof(mp_int), 1<= 0) { + for (QQ = 0; QQ < Q; QQ++) { + if ((err = s_mp_sqr(&res)) != MP_OKAY) { goto _TX; } + if ((err = s_mp_reduce(&res, P, &mu)) != MP_OKAY) { goto _TX; } + } + if (vals[x] != 0) { + if ((err = s_mp_mul(&res, &M[vals[x]])) != MP_OKAY) { goto _TX; } + if ((err = s_mp_reduce(&res, P, &mu)) != MP_OKAY) { goto _TX; } + } + } + s_mp_exch(&res, Y); + + /* free ram */ +_TX: + mp_clear(&tx); +_RES: + mp_clear(&res); +_MU: + mp_clear(&mu); +_M: + for (x = 0; x < (1< digs) { break; } + pt = pbt + ix + jx; + w = *pb * *pa + k + *pt; + *pt = ACCUM(w); + k = CARRYOUT(w); + } + if ((int)(ix + jx) < digs) { + pbt[ix + jx] = k; + } + k = 0; + } + + USED(&tmp) = digs; + s_mp_clamp(&tmp); + s_mp_exch(&tmp, a); + + mp_clear(&tmp); + + return MP_OKAY; + +} /* end s_mp_mul() */ + /* }}} */ /* {{{ s_mp_kmul(a, b, out, len) */ @@ -3763,8 +3972,8 @@ mp_err s_mp_reduce(mp_int *x, mp_int *m, mp_int *mu) s_mp_mod_2d(x, (mp_digit)(DIGIT_BIT * (um + 1))); /* q = q * m mod b^(k+1), quick (no division) */ - s_mp_mul(&q, m); - s_mp_mod_2d(&q, (mp_digit)(DIGIT_BIT * (um + 1))); + s_mp_mul_dig(&q, m, um + 1); +// s_mp_mod_2d(&q, (mp_digit)(DIGIT_BIT * (um + 1))); /* x = x - q */ if((res = mp_sub(x, &q, x)) != MP_OKAY) diff --git a/mpi.h b/mpi.h index cbcdc4d..afe2486 100644 --- a/mpi.h +++ b/mpi.h @@ -98,6 +98,8 @@ void mp_clear_array(mp_int mp[], int count); void mp_zero(mp_int *mp); void mp_set(mp_int *mp, mp_digit d); mp_err mp_set_int(mp_int *mp, long z); +mp_err mp_shrink(mp_int *a); + /*------------------------------------------------------------------------*/ /* Single digit arithmetic */ @@ -149,6 +151,9 @@ mp_err mp_sqrmod(mp_int *a, mp_int *m, mp_int *c); #define mp_sqrmod(a, m, c) mp_mulmod(a, a, m, c) #endif mp_err mp_exptmod(mp_int *a, mp_int *b, mp_int *m, mp_int *c); +mp_err s_mp_reduce(mp_int *x, mp_int *m, mp_int *mu); +mp_err s_mp_lshd(mp_int *mp, mp_size p); +mp_err s_mp_mul_dig(mp_int *a, mp_int *b, int digs); mp_err mp_exptmod_d(mp_int *a, mp_digit d, mp_int *m, mp_int *c); #endif /* MP_MODARITH */ diff --git a/mycrypt.h b/mycrypt.h index 02d6ee0..dc6a107 100644 --- a/mycrypt.h +++ b/mycrypt.h @@ -13,46 +13,48 @@ extern "C" { #endif /* version */ -#define CRYPT 0x0078 -#define SCRYPT "0.78" +#define CRYPT 0x0079 +#define SCRYPT "0.79" /* max size of either a cipher/hash block or symmetric key [largest of the two] */ #define MAXBLOCKSIZE 128 +/* ch1-01-1 */ /* error codes [will be expanded in future releases] */ enum { - CRYPT_OK=0, - CRYPT_ERROR, + CRYPT_OK=0, /* Result OK */ + CRYPT_ERROR, /* Generic Error */ - CRYPT_INVALID_KEYSIZE, - CRYPT_INVALID_ROUNDS, - CRYPT_FAIL_TESTVECTOR, + CRYPT_INVALID_KEYSIZE, /* Invalid key size given */ + CRYPT_INVALID_ROUNDS, /* Invalid number of rounds */ + CRYPT_FAIL_TESTVECTOR, /* Algorithm failed test vectors */ - CRYPT_BUFFER_OVERFLOW, - CRYPT_INVALID_PACKET, + CRYPT_BUFFER_OVERFLOW, /* Not enough space for output */ + CRYPT_INVALID_PACKET, /* Invalid input packet given */ - CRYPT_INVALID_PRNGSIZE, - CRYPT_ERROR_READPRNG, + CRYPT_INVALID_PRNGSIZE, /* Invalid number of bits for a PRNG */ + CRYPT_ERROR_READPRNG, /* Could not read enough from PRNG */ - CRYPT_INVALID_CIPHER, - CRYPT_INVALID_HASH, - CRYPT_INVALID_PRNG, + CRYPT_INVALID_CIPHER, /* Invalid cipher specified */ + CRYPT_INVALID_HASH, /* Invalid hash specified */ + CRYPT_INVALID_PRNG, /* Invalid PRNG specified */ - CRYPT_MEM, + CRYPT_MEM, /* Out of memory */ - CRYPT_PK_TYPE_MISMATCH, - CRYPT_PK_NOT_PRIVATE, + CRYPT_PK_TYPE_MISMATCH, /* Not equivalent types of PK keys */ + CRYPT_PK_NOT_PRIVATE, /* Requires a private PK key */ - CRYPT_INVALID_ARG, + CRYPT_INVALID_ARG, /* Generic invalid argument */ - CRYPT_PK_INVALID_TYPE, - CRYPT_PK_INVALID_SYSTEM, - CRYPT_PK_DUP, - CRYPT_PK_NOT_FOUND, - CRYPT_PK_INVALID_SIZE, + CRYPT_PK_INVALID_TYPE, /* Invalid type of PK key */ + CRYPT_PK_INVALID_SYSTEM,/* Invalid PK system specified */ + CRYPT_PK_DUP, /* Duplicate key already in key ring */ + CRYPT_PK_NOT_FOUND, /* Key not found in keyring */ + CRYPT_PK_INVALID_SIZE, /* Invalid size input for PK parameters */ - CRYPT_INVALID_PRIME_SIZE + CRYPT_INVALID_PRIME_SIZE/* Invalid size of prime requested */ }; +/* ch1-01-1 */ #include #include @@ -63,10 +65,8 @@ enum { #include #include #include - #include - #ifdef __cplusplus } #endif diff --git a/mycrypt_argchk.h b/mycrypt_argchk.h index 9369a8e..8f38e54 100644 --- a/mycrypt_argchk.h +++ b/mycrypt_argchk.h @@ -1,26 +1,14 @@ /* Defines the _ARGCHK macro used within the library */ +/* ch1-01-1 */ /* ARGTYPE is defined in mycrypt_cfg.h */ #if ARGTYPE == 0 #include -/* this is the default LibTomCrypt macro - * - * On embedded platforms you can change the fprintf() to be a routine that would display a message - * somehow - */ - -#ifdef SMALL_CODE - extern void crypt_argchk(char *v, char *s, int d); - #define _ARGCHK(x) if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } -#else - #ifdef SONY_PS2 - #define _ARGCHK(x) if (!(x)) { printf("_ARGCHK '%s' failure on line %d of file %s\n", #x, __LINE__, __FILE__); raise(SIGABRT); } - #else - #define _ARGCHK(x) if (!(x)) { fprintf(stderr, "_ARGCHK '%s' failure on line %d of file %s\n", #x, __LINE__, __FILE__); raise(SIGABRT); } - #endif -#endif +/* this is the default LibTomCrypt macro */ +extern void crypt_argchk(char *v, char *s, int d); +#define _ARGCHK(x) if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } #elif ARGTYPE == 1 @@ -32,4 +20,5 @@ #define _ARGCHK(x) #endif +/* ch1-01-1 */ diff --git a/mycrypt_cfg.h b/mycrypt_cfg.h index a70d619..daf4f63 100644 --- a/mycrypt_cfg.h +++ b/mycrypt_cfg.h @@ -9,18 +9,21 @@ /* you can change how memory allocation works ... */ extern void *XMALLOC(size_t n); +extern void *REALLOC(void *p, size_t n); extern void *XCALLOC(size_t n, size_t s); extern void XFREE(void *p); /* change the clock function too */ extern clock_t XCLOCK(void); +/* ch1-01-1 */ /* type of argument checking, 0=default, 1=fatal and 2=none */ #define ARGTYPE 0 +/* ch1-01-1 */ /* Controls endianess and size of registers. Leave uncommented to get platform neutral [slower] code */ /* detect x86-32 machines somewhat */ -#if (defined(_MSC_VER) && defined(WIN32)) || (defined(__GNUC__) && (defined(__DJGPP__) || defined(__CYGWIN__) || defined(__MINGW32__))) +#if (defined(_MSC_VER) && defined(WIN32)) || (defined(__GNUC__) && (defined(__DJGPP__) || defined(__CYGWIN__) || defined(__MINGW32__))) #define ENDIAN_LITTLE #define ENDIAN_32BITWORD #endif @@ -53,7 +56,7 @@ extern clock_t XCLOCK(void); #ifdef YARROW #ifndef CTR - #error YARROW Requires CTR mode + #error YARROW requires CTR chaining mode to be defined! #endif #endif @@ -62,12 +65,13 @@ extern clock_t XCLOCK(void); #define PACKET /* size of a packet header in bytes */ - #define PACKET_SIZE 8 + #define PACKET_SIZE 4 /* Section tags */ #define PACKET_SECT_RSA 0 #define PACKET_SECT_DH 1 #define PACKET_SECT_ECC 2 + #define PACKET_SECT_DSA 4 /* Subsection Tags for the first three sections */ #define PACKET_SUB_KEY 0 @@ -76,33 +80,6 @@ extern clock_t XCLOCK(void); #define PACKET_SUB_ENC_KEY 3 #endif -/* Diffie-Hellman key settings you can omit ones you don't want to save space */ -#ifdef MDH - -#define DH768 -#define DH1024 -#define DH1280 -#define DH1536 -#define DH1792 -#define DH2048 -#define DH2560 -#define DH3072 -#define DH4096 - -#endif /* MDH */ - -/* ECC Key settings */ -#ifdef MECC - -#define ECC160 -#define ECC192 -#define ECC224 -#define ECC256 -#define ECC384 -#define ECC521 - -#endif /* MECC */ - #ifdef MPI #include "mpi.h" #else @@ -115,6 +92,9 @@ extern clock_t XCLOCK(void); #ifdef MDH #error DH requires the big int library #endif + #ifdef MDSA + #error DSA requires the big int library + #endif #endif /* MPI */ #endif /* MYCRYPT_CFG_H */ diff --git a/mycrypt_misc.h b/mycrypt_misc.h index ac4ed07..1c759f6 100644 --- a/mycrypt_misc.h +++ b/mycrypt_misc.h @@ -11,6 +11,8 @@ extern int base64_decode(const unsigned char *in, unsigned long len, extern void zeromem(void *dst, unsigned long len); extern void burn_stack(unsigned long len); +/* ch1-01-1*/ extern const char *error_to_string(int errno); +/* ch1-01-1*/ extern const char *crypt_build_settings; diff --git a/mycrypt_pk.h b/mycrypt_pk.h index b86bb7f..f570741 100644 --- a/mycrypt_pk.h +++ b/mycrypt_pk.h @@ -17,7 +17,7 @@ extern void mp_clear_multi(mp_int* mp, ...); /* ---- PACKET ---- */ #ifdef PACKET -extern void packet_store_header(unsigned char *dst, int section, int subsection, unsigned long length); +extern void packet_store_header(unsigned char *dst, int section, int subsection); extern int packet_valid_header(unsigned char *src, int section, int subsection); #endif @@ -56,15 +56,16 @@ extern int rsa_encrypt_key(const unsigned char *inkey, unsigned long inlen, unsigned char *outkey, unsigned long *outlen, prng_state *prng, int wprng, rsa_key *key); -extern int rsa_decrypt_key(const unsigned char *in, unsigned char *outkey, - unsigned long *keylen, rsa_key *key); +extern int rsa_decrypt_key(const unsigned char *in, unsigned long inlen, + unsigned char *outkey, unsigned long *keylen, + rsa_key *key); extern int rsa_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, rsa_key *key); -extern int rsa_verify_hash(const unsigned char *sig, const unsigned char *hash, - int *stat, rsa_key *key); +extern int rsa_verify_hash(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, int *stat, rsa_key *key); extern int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key); extern int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key); @@ -96,16 +97,17 @@ extern int dh_encrypt_key(const unsigned char *inkey, unsigned long keylen, prng_state *prng, int wprng, int hash, dh_key *key); -extern int dh_decrypt_key(const unsigned char *in, unsigned char *outkey, - unsigned long *keylen, dh_key *key); +extern int dh_decrypt_key(const unsigned char *in, unsigned long inlen, + unsigned char *outkey, unsigned long *keylen, + dh_key *key); extern int dh_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, prng_state *prng, int wprng, dh_key *key); -extern int dh_verify_hash(const unsigned char *sig, const unsigned char *hash, - unsigned long inlen, int *stat, - dh_key *key); +extern int dh_verify_hash(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long hashlen, + int *stat, dh_key *key); #endif @@ -140,15 +142,35 @@ extern int ecc_encrypt_key(const unsigned char *inkey, unsigned long keylen, prng_state *prng, int wprng, int hash, ecc_key *key); -extern int ecc_decrypt_key(const unsigned char *in, unsigned char *outkey, - unsigned long *keylen, ecc_key *key); +extern int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, + unsigned char *outkey, unsigned long *keylen, + ecc_key *key); extern int ecc_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, prng_state *prng, int wprng, ecc_key *key); -extern int ecc_verify_hash(const unsigned char *sig, const unsigned char *hash, - unsigned long inlen, int *stat, - ecc_key *key); +extern int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long hashlen, + int *stat, ecc_key *key); +#endif + +#ifdef MDSA + +typedef struct { + int type, idx; + mp_int x, y; +} dsa_key; + +extern int dsa_test(void); + +extern int dsa_make_key(prng_state *prng, int wprng, int keysize, dsa_key *key); +extern void dsa_free(dsa_key *key); + +extern int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key); +extern int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key); + + + #endif diff --git a/packet.c b/packet.c index 5ff054e..84df77e 100644 --- a/packet.c +++ b/packet.c @@ -2,7 +2,7 @@ #ifdef PACKET -void packet_store_header(unsigned char *dst, int section, int subsection, unsigned long length) +void packet_store_header(unsigned char *dst, int section, int subsection) { _ARGCHK(dst != NULL); @@ -14,8 +14,6 @@ void packet_store_header(unsigned char *dst, int section, int subsection, unsign dst[2] = section & 255; dst[3] = subsection & 255; - /* store length */ - STORE32L(length, &dst[4]); } int packet_valid_header(unsigned char *src, int section, int subsection) diff --git a/prime.c b/prime.c index 59774a3..f8c8a12 100644 --- a/prime.c +++ b/prime.c @@ -230,8 +230,6 @@ done: return res; } - - int rand_prime(mp_int *N, long len, prng_state *prng, int wprng) { unsigned char buf[260]; diff --git a/rsa.c b/rsa.c index ea4f86a..8a6a3e5 100644 --- a/rsa.c +++ b/rsa.c @@ -73,7 +73,19 @@ int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key) if (mp_copy(&p, &key->p) != MP_OKAY) { goto error2; } if (mp_copy(&q, &key->q) != MP_OKAY) { goto error2; } + + /* shrink ram required */ + if (mp_shrink(&key->e) != MP_OKAY) { goto error2; } + if (mp_shrink(&key->d) != MP_OKAY) { goto error2; } + if (mp_shrink(&key->N) != MP_OKAY) { goto error2; } + if (mp_shrink(&key->dQ) != MP_OKAY) { goto error2; } + if (mp_shrink(&key->dP) != MP_OKAY) { goto error2; } + if (mp_shrink(&key->qP) != MP_OKAY) { goto error2; } + if (mp_shrink(&key->pQ) != MP_OKAY) { goto error2; } + if (mp_shrink(&key->p) != MP_OKAY) { goto error2; } + if (mp_shrink(&key->q) != MP_OKAY) { goto error2; } + res = CRYPT_OK; key->type = PK_PRIVATE_OPTIMIZED; goto done; @@ -293,10 +305,10 @@ int rsa_depad(const unsigned char *in, unsigned long inlen, #define OUTPUT_BIGNUM(num, buf2, y, z) \ { \ - z = mp_raw_size(num); \ + z = mp_unsigned_bin_size(num); \ STORE32L(z, buf2+y); \ y += 4; \ - mp_toraw(num, buf2+y); \ + mp_to_unsigned_bin(num, buf2+y); \ y += z; \ } @@ -318,11 +330,16 @@ int rsa_depad(const unsigned char *in, unsigned long inlen, } \ \ /* load it */ \ - if (mp_read_raw(num, (unsigned char *)in+y, x) != MP_OKAY) {\ + if (mp_read_unsigned_bin(num, (unsigned char *)in+y, x) != MP_OKAY) {\ errno = CRYPT_MEM; \ goto error2; \ } \ y += x; \ + \ + if (mp_shrink(num) != MP_OKAY) { \ + errno = CRYPT_MEM; \ + goto error2; \ + } \ } int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key) @@ -371,7 +388,7 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key } /* store packet header */ - packet_store_header(buf2, PACKET_SECT_RSA, PACKET_SUB_KEY, y); + packet_store_header(buf2, PACKET_SECT_RSA, PACKET_SUB_KEY); /* copy to the user buffer */ memcpy(out, buf2, y); @@ -431,6 +448,14 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) INPUT_BIGNUM(&key->p, in, x, y); INPUT_BIGNUM(&key->q, in, x, y); } + + /* free up ram not required */ + if (key->type != PK_PRIVATE_OPTIMIZED) { + mp_clear_multi(&key->dQ, &key->dP, &key->pQ, &key->qP, &key->p, &key->q, NULL); + } + if (key->type != PK_PRIVATE && key->type != PK_PRIVATE_OPTIMIZED) { + mp_clear(&key->d); + } return CRYPT_OK; error2: diff --git a/rsa_sys.c b/rsa_sys.c index 187deb2..479cfca 100644 --- a/rsa_sys.c +++ b/rsa_sys.c @@ -49,7 +49,7 @@ int rsa_encrypt_key(const unsigned char *inkey, unsigned long inlen, } /* store header */ - packet_store_header(outkey, PACKET_SECT_RSA, PACKET_SUB_ENC_KEY, y); + packet_store_header(outkey, PACKET_SECT_RSA, PACKET_SUB_ENC_KEY); #ifdef CLEAN_STACK /* clean up */ @@ -60,8 +60,9 @@ int rsa_encrypt_key(const unsigned char *inkey, unsigned long inlen, return CRYPT_OK; } -int rsa_decrypt_key(const unsigned char *in, unsigned char *outkey, - unsigned long *keylen, rsa_key *key) +int rsa_decrypt_key(const unsigned char *in, unsigned long inlen, + unsigned char *outkey, unsigned long *keylen, + rsa_key *key) { unsigned char sym_key[MAXBLOCKSIZE], rsa_in[4096], rsa_out[4096]; unsigned long x, y, z, i, rsa_size; @@ -77,6 +78,12 @@ int rsa_decrypt_key(const unsigned char *in, unsigned char *outkey, return CRYPT_PK_NOT_PRIVATE; } + if (inlen < PACKET_SIZE+4) { + return CRYPT_INVALID_PACKET; + } else { + inlen -= PACKET_SIZE+4; + } + /* check the header */ if ((errno = packet_valid_header((unsigned char *)in, PACKET_SECT_RSA, PACKET_SUB_ENC_KEY)) != CRYPT_OK) { return errno; @@ -84,7 +91,12 @@ int rsa_decrypt_key(const unsigned char *in, unsigned char *outkey, /* grab length of the rsa key */ y = PACKET_SIZE; - LOAD32L(rsa_size, (in+y)) + LOAD32L(rsa_size, (in+y)); + if (inlen < rsa_size) { + return CRYPT_INVALID_PACKET; + } else { + inlen -= rsa_size; + } y += 4; /* read it in */ @@ -94,8 +106,9 @@ int rsa_decrypt_key(const unsigned char *in, unsigned char *outkey, /* decrypt it */ x = sizeof(rsa_out); - if ((errno = rsa_exptmod(rsa_in, rsa_size, rsa_out, &x, PK_PRIVATE, key)) != CRYPT_OK) + if ((errno = rsa_exptmod(rsa_in, rsa_size, rsa_out, &x, PK_PRIVATE, key)) != CRYPT_OK) { return errno; + } /* depad it */ z = sizeof(sym_key); @@ -170,7 +183,7 @@ int rsa_sign_hash(const unsigned char *in, unsigned long inlen, } /* store header */ - packet_store_header(out, PACKET_SECT_RSA, PACKET_SUB_SIGNED, y); + packet_store_header(out, PACKET_SECT_RSA, PACKET_SUB_SIGNED); #ifdef CLEAN_STACK /* clean up */ @@ -181,8 +194,8 @@ int rsa_sign_hash(const unsigned char *in, unsigned long inlen, return CRYPT_OK; } -int rsa_verify_hash(const unsigned char *sig, const unsigned char *md, - int *stat, rsa_key *key) +int rsa_verify_hash(const unsigned char *sig, unsigned long siglen, + const unsigned char *md, int *stat, rsa_key *key) { unsigned long rsa_size, x, y, z; unsigned char rsa_in[4096], rsa_out[4096]; @@ -195,6 +208,12 @@ int rsa_verify_hash(const unsigned char *sig, const unsigned char *md, /* always be incorrect by default */ *stat = 0; + + if (siglen < PACKET_SIZE+4) { + return CRYPT_INVALID_PACKET; + } else { + siglen -= PACKET_SIZE+4; + } /* verify header */ if ((errno = packet_valid_header((unsigned char *)sig, PACKET_SECT_RSA, PACKET_SUB_SIGNED)) != CRYPT_OK) { @@ -204,6 +223,11 @@ int rsa_verify_hash(const unsigned char *sig, const unsigned char *md, /* get the len */ y = PACKET_SIZE; LOAD32L(rsa_size, (sig+y)); + if (siglen < rsa_size) { + return CRYPT_INVALID_PACKET; + } else { + siglen -= rsa_size; + } y += 4; /* load the signature */ diff --git a/sha1.c b/sha1.c index f27a536..2ad6505 100644 --- a/sha1.c +++ b/sha1.c @@ -25,7 +25,7 @@ static void _sha1_compress(hash_state *md) static void sha1_compress(hash_state *md) #endif { - unsigned long a,b,c,d,e,W[80],i,j; + unsigned long a,b,c,d,e,W[80],i,j,j2,j3; _ARGCHK(md != NULL); @@ -47,6 +47,7 @@ static void sha1_compress(hash_state *md) W[i] = ROL(j, 1); } + /* compress */ /* round one */ for (i = 0; i < 20; i++) { diff --git a/strings.c b/strings.c index 6ca2749..d454e65 100644 --- a/strings.c +++ b/strings.c @@ -38,7 +38,7 @@ static const char *err_2_str[] = const char *error_to_string(int errno) { - if (errno < 0 || errno > (int)(sizeof(err_2_str)/sizeof(err_2_str[0]))) { + if (errno < 0 || errno >= (int)(sizeof(err_2_str)/sizeof(err_2_str[0]))) { return "Invalid error code."; } else { return err_2_str[errno]; diff --git a/update_libtomcrypt.sh b/update_libtomcrypt.sh new file mode 100644 index 0000000..9940827 --- /dev/null +++ b/update_libtomcrypt.sh @@ -0,0 +1,131 @@ +#!/bin/tcsh +# Get latest copy of libtomcrypt and install it using "tcsh" +# +# Tom St Denis +echo libtomcrypt update script, Tom St Denis +echo "http://libtomcrypt.iahu.ca\n" + +if ($1 == "--help") then + echo "update_libtomcrypt.sh [makefile] [sig]-- Download and optionally build the libtomcrypt project.\n" + echo "\t[makefile] --\tYou can optionally specify which makefile you want to build with. If you specify " + echo "\t\t\t'nobuild' then the library is not built, just downloaded and unzipped. If you " + echo "\t\t\tleave it empty the default 'makefile' is used to build the library.\n" + echo "\t[sig] -- \tOptionally verify [via GPG] the signature of the package." + exit +endif + +if ($1 == "" || $1 == "sig") then + set make = "makefile" +else + set make = $1; +endif + +if ($1 == "sig" || $2 == "sig") then + set sig = "sig" +else + set sig = "" +endif + +rm -f latest +echo Getting latest version number from website. +wget -q http://iahu.ca:8080/download/latest +if (-r latest) then + set a = `cat latest` + echo "Latest release is v$a.\n" + if (-d "libtomcrypt-$a" && (-r "libtomcrypt-$a/libtomcrypt.a" || $make == "nobuild")) then + echo Libtomcrypt v$a is already installed on your system. + else + echo "Downloading libtomcrypt v$a ..." + if (-r "crypt-$a.tar.bz2") then + rm -f crypt-$a.tar.bz2 + endif + wget http://iahu.ca:8080/download/crypt-$a.tar.bz2 + if (-r "crypt-$a.tar.bz2") then + if (-d "libtomcrypt-$a") then + echo "WARNING! Directory libtomcrypt-$a already exists. Cannot continue.\n" + exit + endif + if ($sig == "sig") then + if (!(-r public.asc)) then + echo "Downloading and installing code signing key...\n" + wget -q http://iahu.ca:8080/download/public.asc + if (-r public.asc) then + gpg --import public.asc + if ($? != 0) then + echo Could not import signing key required to verify the package. + exit + else + echo "\n********************************************************************************" + echo "A new key has been imported to your keyring. You should check that it is valid." + echo "********************************************************************************" + endif + else + echo "Could not download the key to import." + exit + endif + endif + echo Verifying signature... + wget -q http://iahu.ca:8080/download/crypt-$a.tar.bz2.asc + if (!(-r "crypt-$a.tar.bz2.asc")) then + echo Could not download signature to test. + exit + endif + gpg -q --verify crypt-$a.tar.bz2.asc + if ($? != 0) then + echo "\n\nSignature for crypt-$a.tar.bz2 is ****not**** valid.\n\n" + exit + else + echo "\n\nSignature for crypt-$a.tar.bz2 is valid.\n\n" + endif + endif + bzip2 -d -c crypt-$a.tar.bz2 | tar -x + if (-d "libtomcrypt-$a") then + if (-r "libtomcrypt-$a/$make") then + cd libtomcrypt-$a + make -f $make + if (-r "libtomcrypt.a") then + echo "\n\n*****************************************************************" + echo The library has been built and you can now install it either with + echo + echo "cd libtomcrypt-$a ; make install" + echo + echo Or by editing the makefile and changing the user you wish to install + echo it with, or simply copy "libtomcrypt.a" to your library directory and + echo copy "*.h" to your include directory + echo "*****************************************************************" + else + echo "\n\n*****************************************************************" + echo The library failed to build. Please note the errors and send them to tomstdenis@yahoo.com + echo "*****************************************************************" + endif + else if ($make == "nobuild") then + echo "\n\n*****************************************************************" + echo "The library was downloaded and unzipped into libtomcrypt-$a/" + echo "*****************************************************************" + else + echo "The makefile '$make' was not found in the archive.\n"; + endif + else + echo "Could not unpack the libtomcrypt archive (corrupt?)." + endif + cd .. + else + echo "Could not download the libtomcrypt archive from server." + endif + endif + if (-r "libtomcrypt-$a/changes") then + perl <; print \$a; \$a = ; + while () { + if (\$_ =~ m/^(v\d\.\d\d)/) { close(IN); exit(0); } + print "\$a"; \$a = \$_; + } +! + else + echo "Change log not found. Is the package really installed?" + endif +else + echo "Could not download latest file from server to check version." +endif