From 7c5d3b22407ee08f09bb4cc388f96d87f9b6a0d2 Mon Sep 17 00:00:00 2001 From: Nicolas Boichat Date: Mon, 20 Feb 2017 17:01:40 +0800 Subject: [PATCH] futility: rwsig: Add support for images with FMAP If an FMAP is detected in the rwsig image file, use it to determine the location of: - RW region - RW signature - public key in RO region futility show uses that information to verify the signature, and futility sign uses it is correctly resign the image, and replace the public key a well. This also adds tests for this use case. hammer_dev.bin sample image uses huge RO public key and RW signature regions to make sure all keys up to RSA-8192 can be used. BRANCH=none BUG=chrome-os-partner:62321 TEST=make -j TEST=./build/futility/futility --debug show \ --pubkey hammer.vbpubk2 hammer.bin TEST=./build/futility/futility --debug show hammer.bin TEST=cp hammer.bin hammer.bin.orig ./build/futility/futility --debug sign \ --prikey hammer.vbprik2 hammer.bin diff hammer.bin hammer.bin.orig => identical TEST=openssl genrsa -3 -out hammer2.pem 2048 futility create --desc="Hammer 2nd key" hammer2.pem \ hammer2 ./build/futility/futility --debug sign \ --version 2 --prikey hammer2.vbprik2 hammer.bin These 2 commands succeed, but show different keys: ./build/futility/futility --debug show hammer.bin ./build/futility/futility --debug show hammer.bin.orig TEST=make runtests Change-Id: I2cebc421eaf97d1b92c9a58afc238d41487d0f6d Reviewed-on: https://chromium-review.googlesource.com/445536 Commit-Ready: Nicolas Boichat Tested-by: Nicolas Boichat Reviewed-by: Randall Spangler Reviewed-by: Vincent Palatin --- futility/cmd_sign.c | 33 ++- futility/file_type_rwsig.c | 250 ++++++++++++++++-- tests/futility/data/hammer_dev.bin | Bin 0 -> 131072 bytes tests/futility/run_test_scripts.sh | 2 +- .../{test_show_rwsig.sh => test_rwsig.sh} | 24 +- 5 files changed, 253 insertions(+), 56 deletions(-) create mode 100755 tests/futility/data/hammer_dev.bin rename tests/futility/{test_show_rwsig.sh => test_rwsig.sh} (60%) diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c index d0c053b4cc..5b68634211 100644 --- a/futility/cmd_sign.c +++ b/futility/cmd_sign.c @@ -479,30 +479,27 @@ static void print_help_rwsig(int argc, char *argv[]) "\n" "This signs a %s.\n" "\n" - "The INFILE is a binary blob of arbitrary size." - " It is signed using the\n" + "The INFILE is a binary blob of arbitrary size. It is signed using the\n" "private key and the vb21_signature blob emitted.\n" "\n" - "If no OUTFILE is specified, the INFILE should contain" - " an existing\n" - "vb21_signature blob near its end. The data_size from that" - " signature is\n" - "used to re-sign a portion of the INFILE, and the old" - " signature blob is\n" + "If no OUTFILE is specified, the INFILE should contain an existing\n" + "vb21_signature blob near its end. The data_size from that signature is\n" + "used to re-sign a portion of the INFILE, and the old signature blob is\n" "replaced.\n" + "Alternatively, if INFILE contains an FMAP, RW and signatures offsets\n" + "are read from that table, and, if a public key is provided, the\n" + "public key is replaced in the RO image.\n" "\n" "Options:\n" "\n" - " --prikey FILE.vbprik2 " - "Private key in vb2 format (required)\n" - " --sig_size NUM " - "Offset from the end of INFILE where the\n" - " " - "signature blob should be located\n" - " " - "(default 1024 bytes)\n" - " --data_size NUM " - "Number of bytes of INFILE to sign\n" + " --prikey FILE.vbprik2 Private key in vb2 format (required)\n" + " --version NUM Public key version if we are replacing" + " the key in INFILE (default: 1)\n" + " --sig_size NUM Offset from the end of INFILE where the\n" + " signature blob should be located, if\n" + " the file does not contain an FMAP.\n" + " (default 1024 bytes)\n" + " --data_size NUM Number of bytes of INFILE to sign\n" "\n", argv[0], futil_file_type_name(FILE_TYPE_RWSIG), diff --git a/futility/file_type_rwsig.c b/futility/file_type_rwsig.c index 9561f6cf64..1323da41ea 100644 --- a/futility/file_type_rwsig.c +++ b/futility/file_type_rwsig.c @@ -22,6 +22,7 @@ #include "2rsa.h" #include "2sha.h" #include "file_type.h" +#include "fmap.h" #include "futility.h" #include "futility_options.h" #include "vb21_common.h" @@ -61,12 +62,16 @@ static void show_sig(const char *name, const struct vb21_signature *sig) int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) { const struct vb21_signature *sig = 0; + const struct vb21_packed_key *pkey = show_option.pkey; struct vb2_public_key key; uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES] __attribute__ ((aligned (VB2_WORKBUF_ALIGN))); struct vb2_workbuf wb; uint32_t data_size, sig_size = SIGNATURE_RSVD_SIZE; + uint32_t total_data_size = 0; uint8_t *data; + FmapHeader *fmap; + int i; Debug("%s(): name %s\n", __func__, name); Debug("%s(): len 0x%08x (%d)\n", __func__, len, len); @@ -82,8 +87,55 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) } data = show_option.fv; data_size = show_option.fv_size; + total_data_size = show_option.fv_size; + } else if ((fmap = fmap_find(buf, len))) { + /* This looks like a full image. */ + FmapAreaHeader *fmaparea; + + Debug("Found an FMAP!\n"); + + /* If no public key is provided, use the one packed in RO + * image, and print that. */ + if (!pkey) { + pkey = (const struct vb21_packed_key *) + fmap_find_by_name(buf, len, fmap, "KEY_RO", 0); + + if (pkey) + ft_show_vb21_pubkey(name, (uint8_t *)pkey, + pkey->c.total_size, NULL); + } + + sig = (const struct vb21_signature *) + fmap_find_by_name(buf, len, fmap, "SIG_RW", &fmaparea); + if (!sig) { + Debug("No SIG_RW in FMAP.\n"); + return 1; + } + + sig_size = fmaparea->area_size; + + Debug("Looking for signature at 0x%x (0x%x)\n", + (uint8_t*)sig - buf, sig_size); + + if (VB2_SUCCESS != vb21_verify_signature(sig, sig_size)) + return 1; + + show_sig(name, sig); + data = fmap_find_by_name(buf, len, fmap, "EC_RW", &fmaparea); + data_size = sig->data_size; + /* + * TODO(crosbug.com/p/62231): EC_RW region should not include + * the signature. + */ + total_data_size = fmaparea->area_size-sig_size; + + if (!data) { + Debug("No EC_RW in FMAP.\n"); + return 1; + } } else { - /* Where would it be? */ + /* Or maybe this is just the RW portion, that does not + * contain a FMAP. */ if (show_option.sig_size) sig_size = show_option.sig_size; @@ -99,24 +151,30 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) show_sig(name, sig); data = buf; data_size = sig->data_size; + total_data_size = len - sig_size; } else { return 1; } } - if (!show_option.pkey) { + if (!pkey) { printf("No public key available to verify with\n"); return show_option.strict; } /* We already did this once, so it should work again */ if (vb21_unpack_key(&key, - (const uint8_t *)show_option.pkey, - show_option.pkey->c.total_size)) { + (const uint8_t *)pkey, + pkey->c.total_size)) { Debug("Can't unpack pubkey\n"); return 1; } + if (data_size > total_data_size) { + Debug("Invalid signature data_size: bigger than total area size.\n"); + return 1; + } + /* The sig is destroyed by the verify operation, so make a copy */ { uint8_t sigbuf[sig->c.total_size]; @@ -128,7 +186,15 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) (struct vb21_signature *)sigbuf, (const struct vb2_public_key *)&key, &wb)) { - printf("Signature verification failed\n"); + fprintf(stderr, "Signature verification failed\n"); + return 1; + } + } + + /* Check that the rest of region is padded with 0xff. */ + for (i = data_size; i < total_data_size; i++) { + if (data[i] != 0xff) { + fprintf(stderr, "Padding verification failed\n"); return 1; } } @@ -137,11 +203,18 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) return 0; } -int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data) +int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) { - struct vb21_signature *sig = 0; + struct vb21_signature *tmp_sig = 0; + struct vb2_public_key *pubkey = 0; + struct vb21_packed_key *packedkey = 0; + uint8_t *keyb_data = 0; + uint32_t keyb_size; + uint8_t* data = buf; /* data to be signed */ uint32_t r, data_size = len, sig_size = SIGNATURE_RSVD_SIZE; int retval = 1; + FmapHeader *fmap = NULL; + FmapAreaHeader *fmaparea; Debug("%s(): name %s\n", __func__, name); Debug("%s(): len 0x%08x (%d)\n", __func__, len, len); @@ -150,25 +223,56 @@ int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data) if (sign_option.inout_file_count < 2) { const struct vb21_signature *old_sig; - /* Where would it be? */ - if (sign_option.sig_size) - sig_size = sign_option.sig_size; + fmap = fmap_find(buf, len); - Debug("Looking for old signature at 0x%x\n", len - sig_size); + if (fmap) { + /* This looks like a full image. */ + Debug("Found an FMAP!\n"); - if (len < sig_size) { - fprintf(stderr, "File is too small\n"); - return 1; + old_sig = (const struct vb21_signature *) + fmap_find_by_name(buf, len, fmap, "SIG_RW", + &fmaparea); + if (!old_sig) { + Debug("No SIG_RW in FMAP.\n"); + goto done; + } + + sig_size = fmaparea->area_size; + + Debug("Looking for signature at 0x%x (0x%x)\n", + (uint8_t*)old_sig - buf, sig_size); + + data = fmap_find_by_name(buf, len, fmap, "EC_RW", + &fmaparea); + if (!data) { + Debug("No EC_RW in FMAP.\n"); + goto done; + } + } else { + /* Or maybe this is just the RW portion, that does not + * contain a FMAP. */ + if (sign_option.sig_size) + sig_size = sign_option.sig_size; + + Debug("Looking for old signature at 0x%x\n", + len - sig_size); + + if (len < sig_size) { + fprintf(stderr, "File is too small\n"); + goto done; + } + + /* Take a look */ + old_sig = (const struct vb21_signature *) + (buf + len - sig_size); } - /* Take a look */ - old_sig = (const struct vb21_signature *)(buf + len - sig_size); if (vb21_verify_signature(old_sig, sig_size)) { fprintf(stderr, "Can't find a valid signature\n"); - return 1; + goto done; } - /* Use the same exent again */ + /* Use the same extent again */ data_size = old_sig->data_size; Debug("Found sig: data_size is 0x%x (%d)\n", data_size, @@ -180,7 +284,7 @@ int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data) data_size = sign_option.data_size; /* Sign the blob */ - r = vb21_sign_data(&sig, buf, data_size, sign_option.prikey, 0); + r = vb21_sign_data(&tmp_sig, data, data_size, sign_option.prikey, 0); if (r) { fprintf(stderr, "Unable to sign data (error 0x%08x, if that helps)\n", @@ -190,16 +294,16 @@ int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data) if (sign_option.inout_file_count < 2) { /* Overwrite the old signature */ - if (sig->c.total_size > sig_size) { + if (tmp_sig->c.total_size > sig_size) { fprintf(stderr, "New sig is too large (%d > %d)\n", - sig->c.total_size, sig_size); + tmp_sig->c.total_size, sig_size); goto done; } memset(buf + len - sig_size, 0xff, sig_size); - memcpy(buf + len - sig_size, sig, sig->c.total_size); + memcpy(buf + len - sig_size, tmp_sig, tmp_sig->c.total_size); } else { /* Write the signature to a new file */ - r = vb21_write_object(sign_option.outfile, sig); + r = vb21_write_object(sign_option.outfile, tmp_sig); if (r) { fprintf(stderr, "Unable to write sig" " (error 0x%08x, if that helps)\n", r); @@ -207,24 +311,112 @@ int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data) } } + /* For full images, let's replace the public key in RO. */ + if (fmap) { + uint8_t *new_pubkey; + uint8_t *pubkey_buf = 0; + + /* Create the public key */ + if (vb2_public_key_alloc(&pubkey, + sign_option.prikey->sig_alg)) { + fprintf(stderr, "Unable to allocate the public key\n"); + goto done; + } + + /* Extract the keyb blob */ + if (vb_keyb_from_rsa(sign_option.prikey->rsa_private_key, + &keyb_data, &keyb_size)) { + fprintf(stderr, "Couldn't extract the public key\n"); + goto done; + } + + /* + * Copy the keyb blob to the public key's buffer, because that's + * where vb2_unpack_key_data() and vb2_public_key_pack() expect + * to find it. + */ + pubkey_buf = vb2_public_key_packed_data(pubkey); + memcpy(pubkey_buf, keyb_data, keyb_size); + + /* Fill in the internal struct pointers */ + if (vb2_unpack_key_data(pubkey, pubkey_buf, keyb_size)) { + fprintf(stderr, "Unable to unpack the public key blob\n"); + goto done; + } + + pubkey->hash_alg = sign_option.prikey->hash_alg; + pubkey->version = sign_option.version_specified ? + sign_option.version : 1; + vb2_public_key_set_desc(pubkey, sign_option.prikey->desc); + + memcpy((struct vb2_id *)pubkey->id, &sign_option.prikey->id, + sizeof(*(pubkey->id))); + + if (vb21_public_key_pack(&packedkey, pubkey)) { + goto done; + } + + new_pubkey = fmap_find_by_name(buf, len, fmap, "KEY_RO", + &fmaparea); + if (!new_pubkey) { + Debug("No KEY_RO in FMAP.\n"); + goto done; + } + /* Overwrite the old signature */ + if (packedkey->c.total_size > fmaparea->area_size) { + fprintf(stderr, "New sig is too large (%d > %d)\n", + packedkey->c.total_size, sig_size); + goto done; + } + + memset(new_pubkey, 0xff, fmaparea->area_size); + memcpy(new_pubkey, packedkey, packedkey->c.total_size); + } + /* Finally */ retval = 0; done: - if (sig) - free(sig); + if (tmp_sig) + free(tmp_sig); + if (pubkey) + vb2_public_key_free(pubkey); + if (packedkey) + free(packedkey); + if (keyb_data) + free(keyb_data); return retval; } enum futil_file_type ft_recognize_rwsig(uint8_t *buf, uint32_t len) { + FmapHeader *fmap; + const struct vb21_signature *sig = NULL; + uint32_t sig_size; + if (!vb21_verify_signature((const struct vb21_signature *)buf, len)) return FILE_TYPE_RWSIG; - if (len >= SIGNATURE_RSVD_SIZE && - !vb21_verify_signature((const struct vb21_signature *) - (buf + len - SIGNATURE_RSVD_SIZE), - SIGNATURE_RSVD_SIZE)) + fmap = fmap_find(buf, len); + if (fmap) { + /* This looks like a full image. */ + FmapAreaHeader *fmaparea; + + sig = (const struct vb21_signature *) + fmap_find_by_name(buf, len, fmap, "SIG_RW", &fmaparea); + + if (!sig) + return FILE_TYPE_UNKNOWN; + + sig_size = fmaparea->area_size; + } else { + /* RW-only image */ + sig = (const struct vb21_signature *) + (buf + len - SIGNATURE_RSVD_SIZE); + sig_size = SIGNATURE_RSVD_SIZE; + } + + if (len >= sig_size && !vb21_verify_signature(sig, sig_size)) return FILE_TYPE_RWSIG; return FILE_TYPE_UNKNOWN; diff --git a/tests/futility/data/hammer_dev.bin b/tests/futility/data/hammer_dev.bin new file mode 100755 index 0000000000000000000000000000000000000000..d124fb6b0577ff52086ca5a8b8bea82b4fbd3429 GIT binary patch literal 131072 zcmZ_03w#^JwLd@*~b#TH7nF?KqZ`$Z;M{!b6sVV@b{f5~%Z{N*vlv2w(_p z&EtX~(3(eYlPExJg+~e80)hTggSc%W#l6t}Zb~28Kzc(StwJECP+&`-@=My^cVwr~ z{{J`m9Pem$c6R2>%$ak(=gbcAMEaNz%M$t}9lK#NP5$NI_iy?#|JkYZh3AeLzI?u_ zm{?jsArQO2)kG}61eKV-EW`4tFeKa zp4~iqfp5X0S(~rfJa@su`QEAaf8)xfzyI2*6)TApJ73=S+W8xPK%|mTY1k6wn|BAs zPnL(Kg^5(4l;Jl&m->7SBPR_gVTsy1tRY+2pzyweeA&^H_KthodF{6&x#5BivTUdw zuaN$`Vv@S16X~U=h^1#){>2t{j}Yn~0*_0;QqvOE9ej$ zhkKH)5HFgv{;bVyG)hSA%@zjFxFyj_P1?UB*Q7m=wenx)-IKM554-OpChgAb!)}w| zKEj^51-TcY?6AR)e_xzil+C|uO3*rHX+ zbAd6H3mcVE<)OfN)pwXQ5Pt(GlQfBBw?&*AsuHK8zGd0wNUU;S!1#`@!xw4}ua|kP zcas3SYEAB-#Tb zLvA5#H94X!7zNGU5-n4##)4oBV^bEnk1GpTB8QDn%p)sTkg}j0)nz(R7R?;?2a3s^ zms29{Bo;d;0IEe_Eg(Io>vmjYKhEhQu1i7XJoOV$Yw|a8VQ0~D8U2)_jfy?u^fyNB z;c1E&y($P7L?%-)k1eu?b4K+{r>>)9D|r5|^|ShPJ*%_2%}J%5KC5T`pqmdnk~g>a zw41aYx}G_&vk`n!cO1qdPnLKL5oeTW!U)lBAF-fLB60q?^7=qmkVb}to@GVomnAtD zqun_{BZ8BasaZh?cmj@KoC9U4n7brwH8Rfl!Kva1a)XlF$!0;&88vtcB6j?;q+^m( z@pByV*mD!9cZYHH+Z)H#o@Mhe-$gd(w-Y~)t2t>93xbB!wsv|@&z#HM^m5VEO5yPi zKEGzlqQ2L1!)S94@jE^yY0`lewfz)#_aV|iQ|5>(i+M6B=-ZMi}yQSJ(sM9tnWR8|)&^V<29KcF6iQWi8oN)VDsnq^~eJ7&whO1Z>~ zbPx4x2o|nEC?&#cxhhs)X6pzXzSjO_FaA{PoPj$jAcGWonEX^yy* zgxPY8NP6Z&osAUn($p$t-?IGtLfuUMU6_+Ib9(0e{G9B{u{r5T7KREGyO=Opj#1Qb zM7M?G`5IEFK~@q*%P|i5hgr>A^EGeXw~Rgc&-G@rdgh&cy-oRgTa$)b+wy|Q4~bLZ zA!TUb_odsz}QqMe;D-1zikBwohx`IsV_KoqP6+Av^HXoxGb&JGn zIBk=R+B4(lhojX}aHu#&9C>+UM;)1@Q7nR#dq?N1zpge%J{6Yqz8Ih?sqIQH?wcJM z$fxJ08^b}85Vp0udUvj&K1;*j)sKodR_gL~j@4J{nV;inw;GdTM9NJ{`?b_$T^n$> zOm%n)mwQo%H+nwk;;Mr$4_*@UDslYQGyjGX9P0E&NtzcWF~{cVh+d=Xm@DX?mb~|n zVfS>A+ofmpEb7PHXx3-0U=n~zm!&0f2Ke{M=$HKaV04~LJr{|d<#d-9lD;h15;Y`T zu5p2Q8&6a1$sED`nMz53PtpDd0`vrJ$qaJ|ckc;TOm-QM3f;Xf?oHvq6|5XL?_Wz& znT@+ywLuP+%g#V5_48rOr8F;5PYZh0g89)BH6GFqv-Y!ngN>7x{N5omT5s5`XVjbl zGmCh?rp}W&&&A^G6>~aUrnqcKj0@{s#OpsDb2nfw=d^dnNW*+^Xhzs&{75K^Vnp)e zLA8r>{4++aeViXKCd81dqg05rkv%ltg1N)LO{Esa0O?(oW~ExjjS1S%5A+B4cOI7f z#Hf8f_Tg}U;3JhJ;(;%Y4-Xek^~Z#Fx#-8j&!&3C;eBz8e+;{l8NC{6Xa8fDko-T^ zH`dQ`5X;w+4;-qCn4Wj_`s++_E-puCy{p&g?~WSc?ugIt>TL)fi1P88h^v?GIvX{{ ziTr%~JC0&6Jw*rD&VN544c3%-h9I{3?`ijm-)#S>|H-bqgO>Ea=5fLM2yNNCO7fmo zN!_)Cd+tovTU`%eTpPqAgBG8j>B(`JnSWEE?V;rs%qttn4k`kTBzf&;IbP(n2gi)i z4{jMD4I%XYBoY0Wsg`=L*y5K`hWgolI@_Q!U1FC$52e2~X7*4wk@vP+{LU3899NJ% zmEUZy7E60C@y~557HRz>!S4lX)I_Dj`-y5xi{e47WjycZ7U-G!oMZNgN^6N090{6C z$Ef_A^#zO5U*&&}t<@$=${-P~EXSuCM4zA2CPqKNNQ{8*to=MjiONheJN&^wR~wVd z5_oS3StHi43%Zy^X$y3;nL{!1K)|4~_3xL3;6KVu^`GcOH%i!HK+8auq!H3<&4dYm zFP|{u?}`aaUWb@)^Wh@~NO|moWl`$ZGne8H+b1$fQqPOU;xv)&rU~LTr|2^#%{*d| z{n$IIgP#w77Cftz`JXk@W1bL~-fHHKxkJtVg5cTcM`pvZ1AR+^i9wn^(DzF4KulJg z{%1|rV_p+I_M=UP^tHGy;SX#oj})Y5;>nhv9JQuDLarxjOdm8Djul0!{T0D_>~rgB zRlt}k=&*?XgFrW-n0a5K8Umh>6+m5{62Uk{ym3(J<#F0K#zggo^1y) zd1FL>rdRWd?F8%9#psn$+pkadYCn2K6Q*q^2Muup?v|tsxchy**t3%i_#X}~76<$n zN^%&dil7+$5KqkB?6RF4ynfr{Q>FQ*Zu*y}EI!7!{lN>*{bl(2%}sepLP$@NXoWfI zE)E;TGQ|SjsSMKd)^Re6s(PkLC$+W}2P#h}yLt25$V&~m?+OkBMwv9sO}WCQieb;gfmtW0Ry9#mD}-yEWg889h}W8W5qqSIj&+$ONdFMo z%V~`x29F`}Lre9Q<^E#NQ{+kiPo<&=F&z=^BL$E$+mupakL^i+Sh`1bcT9W5)T3gXzRRw96hY>?~6XmnSeTu(U8T_B@Y=a$ZH+K;!!YpPw*A z?j~<_?OXQguxt>ntS(lk9dtow`NOE5IhNN2a-)uaXxDEb_c!_6^IysR8FF9C z=YD`(0-Z|F92~QSjM`HVYjouiM?cuT*BkHlE=gj`OTDL`tB{61;h%s-U7_>&3V%1TTW*RG&dJeNXdDcHr z6Q~@-`hKC$95`pvo)~Amb%3Wm?OWR^#^i50J=~g%xv5l=*W*bYYcGXNKR(LCLMsf* zvBF5z6ge?wPMx)Bn&gZXpw0r^ll!0tq4r;nw&wdsP=6;H!{cfJHG#@Ob`X0v@lZV3 zv#b{B3wqity)5!PM|Zs^ydlX-j0k?0+TwpPP?^#*H9AfFU*|`J#L0jyk`P?C*un{t z=z2WBy|qQ+HJ5ITkOB5P{T2_6gG#x>!W!_xNTlOf4@@4{Me0|&6dI?A#{$8l<+V2l z->bX^J4S;z&9~Dpg_&)`sgt8cX7Q@SEl$~5)LkHP+S4QdEkCJH_j)oAu&2gk;!YrC zPI2xnjeM#!WRa-0EXTQt)U6bU9i0Qh9?lV6740LEFr=I$j!jf@z^?t6yd_lLXp1Zm z4zBv?aOUuuJ0WX9Z2Wv6`#r=m4a=9co3-CDgAk@8Rf$wCdd!TS*AVCAYQJ$ezlT0d z8m%gsWlo)zw}h_gsBOL`yq*}ek4NoT=Qgzvf6b{^<&B{z?p+<$TMXKtN0|&Tr8Y!1 zhR1~jcVZLqtc#LaRr%7+RLpZ#C5P(K61tbAD}KCcU9b-r|#J1?VTeMUvEvH6R?;)iOfWn0=?Me=J~_eT@8c6j{M`>72X-NJ96j^! zgav=&&}Z1%F^iQEQhUCO#;x-7a20()*rw3_`vcR}pNpLOoKnhj>09%u@?c@wDOwl* zJYZF+$S%d{l! zN|j=j=oIg1FIah%=%YiGOO@vXG$r4k7>p?bEc|HuEhLoioIUSI zTA}rk220A?VOKcC6Xc?TVpF&vmv$;v<$fSB3|A1azSus=_B&t@9#h2JS*bWGV_O|_ zX)x9}3jMe;s%QQOs1Ym6>b5{u63=}`9+v0hImVyz8Owt8%m1x%_SWqRnN8F!^)mL; z|LI~D2bpuRO5F|6Hcn2=h~_el`WE+%L8Imw@0Mxn6PwR&mc?fkv4xvSPVq~qrvyDz z+%%nXAEA}egUVkNx+FnZuE7Jj<{9wE2W`;#27tkV4<31Q_x4h*EJ!_fxx2S?Z!HUU zZ;~+!QT= z6f%benbVHwFDmwy1le$TPrjZQ#-|5#0K}d$04dw41oCC}b@eP`@9IewR&$WqJM@Zl zxf~4IRuqKqAwOK3fKEkb+Ec5xTSC-NrOUTWVmyMv5X{brr|}Nf9#)5br>@gTj0~Yp zmS+%+Qkl2(IF+nn!N1;;5E4K$2zK5*gI2yISP6u|kS?{C@(g$DSypZ%j+!Jd8nsI% zh;+crALF&lN0_7%g5BUA_GqN2Ec!XfFBj5x4YHN-rcRn%DYiB}BKM5pS)=xgaV}w# z`hk}m)(we*eCnsVyVs7=FX=HLbN2xWV>@PU*bruzBE#kKmas}42n$BC0d-|Kq1DLxLQ$?f$9CsS!XYyGri&w$ z3Pqnex1d;nCN2&w#w?foch}Z(PXOJC)mfD5xQ3u5TBywLXz)u&#iW*ypSLS5p(>?F zsZ?t1tOkp_3~ywuCy|);^}s3(ACi(jfTRY@M_WnTjbV>Q%4ZUsVmP%qqZ{JdYIKA zn2E%m^SjM>>H(%xd5n>DQ4W7^dbv{B4gPO_8FnVhvU03^Oy)v1U?>wQ%zNZ>XnRZ+ z{H$FUe#2({$8QUCQ%grKb4!-J#Q?mLy~i}Ax8yRRY%bHCwH*Ec{9wr?O{4bV z_$0Pza94zBZJAOHE-|k{dHBfGx}k2WWyVV)B^^%XNhX(}iBV|Eh0vrbqebvN#iYp` zAnSQtUC+q63)1)g33Eiu%Wg!IcLwzM_9&7gy4USsr72?AieP0M@~J ze!ZRLu-}$sZ7Xrd6siqj$Fn5Gsb4?CF9+m^Ec)ES5|?5EdJM_aXY>0S$5WDG(Cz{< z@@XEUCew*yBMu{@hI<%O>$%*c)*@1M%n+ZOx;(?z#gx^YimU$p#07`t@DLJl@zYN zMz}uKzV*B_F?cZcx^k(P9$(KH($bQm{KD4eU3gHh3sfOQw8!-)6k{!En3kg24I_MYiCU130$Jd-=~yXSLowf`qt3q>X}U6F{9LXVEGk)8lH*~W1fqK!#i93kpub>Mu=|>n4c+l1h6hD^7=+W1aWL>8RtJMze!Won!dj_$ZJf5htuR_{0D1pPj&RwIB zS=FikP!?AE=aAF>8Lo)fF;g6JE`~Pr6Wtm4`QWsN*n@Jsa*uR!p zU(opESVg+5Q@(}s7920lTf+@vK?po)Fr2ii23fw*1TNVkkbHP9;x7ZI8XylDkG>23 z{L{D~kI4cy-Xi$O@GRn4wX&x6R(LU2hE^_rKs@<_#v4U{k=Q8Grc$-9>Wv?~H^?;= z9=C|0$dknH%a2C`IdN;6HjvaE>82ZRhZY-LegtT1Ky9fy`GZOu-ObH3r3^DIDLV5T zYH967p`!Ffp^H1WIBn^ZgGTR$;|AyjB?^~bgdX*G*?U_=OUub0><^IBqIhYO@pOUc zzv$Jdzt-P!TeP{uBl?_qJR-qC>u3x&MiR~)v8KpVgBxOveO`E!y^(ePSCmPfm8WCg za+N#SUqxh32j}rQ3$TXAbDXCpvJQw!O}NZo6JG6)d6arQVT*?ZY z(VpfPod1E-zZhQevhZ3wQ|2$l6W*99Z3!3Wd0iZ0yk@A}P&?x{oBJ2|nqLp#{XWdg z4?)|(Yc>vyE`<#C`3P}HaPuw`iTpLoo#YeY z6=1t(*8OFT)plbK*Yfw_v%*mz%C5ea9xX2?snoNKX+1H*^>L9hzX9u#Ov!Rz66$P$@qj>NQM|$t4;W5tB%P~i%jod0VHq7IuM3V~f-v09$M%t_ zcC-3glcd3|dY3mTq-jM8@Y893Z39Nf;@k?$C!DK~Jc-%7P4OyqA(yMX(i`0#wfD*4 za=*{B#=kDGuC0{w1Z}aVw6U+c^XWj7+E;s7-&6GIzzp?`zRA%qTTWy@W`F~`F~;BL zU!p{dJG@bgvqbb@%}mb~MhZi0ENoF`ZT`OipyA`*%F0i_-I~rAlI<$L6Tulwsx?cf4vKM?A?w&bHw0Z z>o39Dya?@iVv460w1>5gtx4#3(1}I80D2ek7N=G#w$MrPreF=NcUnVGUhJcD$fYN-1ozWaIcQks2oQp7PCMG<6My!l${W8YDKE?M#|KL5tNUjEd z*f;w^{O?zG;e029CyQC^3UsjAg5~xVUd7-}3%oWqwn|mIZo#p;PnRzaJUn^+ujc!Leebq+Vdl%&LkFe+9Ue|#YbC3w=x&G)=|=60^Vp< z5s$Eup=foYW8Pnf5kmxj^T^>Xw z`}w#w+#F)R%f>HHE08h=fQlK_ZAuernLbWy+tWLN{17iuXGVxL6S?;Bca`$$#i<$j z=Zxd?(qcaK*_dm&7%{rnlpw*$9eSEXElGm;tE$iI8o$U=o zD#hFOj}f_h%gys=!kbRC?~OIU`u=bI!1m~todN6VN~eUmya2y9Z?{PO*f)K8_x1x@ zm@ND)#-5FTr-?|``|@jEtD9i>O3ZDL?lTe(ug%14){;Lslw3|`c*SJs=9X5mriW;o z#$N2i{J?BlF=p8NlTL%SA!`zYB2jDKEo2c8vaSB?7Dw9FU{ud;2i^zd@9dV3hS^`& zY+jW`>RHv|?0I)s7FV?hy`-TdMO%#xzT>=hscx84JhQ2OJ-p1aXh1n%dgW{xX%o_o z>E?Vsk92LiC7(7TU7cYY8`4#dxJ_4)!CvWc~>2zPdznR&{D>&0iRr#M_aXN>sUc!tg< zsoT#u&e&$(mf}uXW=B%rI#Yl<^Uv6E=Y})a!t)SXm%=VX3r z!I|#uPi~K+bn7tmcg&2tM!UDu7T|;6KT&55Gi-NOZqxPy+xr8>soCPq3vPr&Alh}K zn~}Gw`X|DG(X(DeGb~G3Cu=!J(yU=#ptY?bxi!M2^<>@qw0pRhAcpa%# zo|)p@6*o7xD88!I!6C>W>j)w)++C0$$&u#hrfW$39FabJ^TH*)h@*-dv^#Q)|4Vw| zmjKSse8<3l7cA+qr)BJTEXSl;XWLJ`NQ$0&OK4b96QweR=YTFG-cu@>-I3z=0n5&s zt9h(Let>8dqnDsf{IjfazyCPm zWux6<=zn5Mbc=v>^4iFa=h$i`>UHOc^fi=u19oNimT#P!9F@(;y#l!hM=(}PJ{x8u zF@Q0=>fC^nNXv2O`H=(L&kbJ~+c3&^AUDp+x11QB98IELa&B#YrMG1-jFg^Pl5G^b zx8FSXz?QG2FY4&Nj#J{;7uh(i4)VSs;pS$8wovcBjxH%X#>pk=mj9(p9V^qqdC6(C z{F>->dS)%PgAnZ}BopT4aukez0Cf;ZBVPaykP35UM;>`!jLWqkCPSGF`!47K(1kHX90w4r*Zo8~2?W@JHve{v z?YVZuDi^(E$Vcx@-UV9xtYIJBjkb+(hb*re4hg`GSh+iscI;cV*tg`6LEDNx8&o$i zhjr1#u(u`TeLbHiM%F3Ls4q=CQN{4ALHl;rFknCwOo2oi>);m=g5|*49AXWua6}n~ z^vof>ctz=QD$P|4;=BF>{zf;4v6tLMVY2&&_KTd z0L-s>R7Di}61s;l1V^ek%wlpl(2gXn6FW_!5m7+bjmsDls#ZqM3YCcSfuEr|-gXf2 zhdwczSqja{4G9Kmp><7_EJn%Vf0TSQ@L|dM;xwMkyq{YdSlZ@V{vP49x_lj#k&n?DuR`i4 z+am@^U9tRP;JUVt2l*Lf7W{WJSo@yJzJRDMBYY0)*IpE4-da9Q-D z@v9|tMLzvK#GXD56v&62NzcS`GGdO1G@Ffo?rc8Yg!DIZ-6odbh;%e}AfMlW^txPk zK3$LWn%voZnOdY*Rq}IJ0dKbnukRwtJ@-E3$uc%o`n&9gc7m0?nS(5ym z+Kdv-ISIU|#@eCk^bkpdBsSCQa#GVdmF=5|0YEJbzsv!TDu#a41PX!Hf;NM02E{<% z2R#IO4D>XJ=}<4?%5b#o`y^-7dWiX!sKN)k%CVeC)jF^zRLlfik}c z-=bf3`sp4nRfE;IA7gkA5OB7FevxCI*lf-!?+n&LAMs0cAdaUvze5y)Pr!$wXP(Ed z##R=*^}vs6V5<`;n^7^FST6sMT#DRZPvtg1OJx3GgIF$6@66M7u|p|`Txl6+yx}Di zEd-2<#;;rsbpgdg|f}GLZ;}q>+KDMYrA$1;x{}>VnzJA(IrAT#uTL}KxoqEOL z0r25nP#Tm;(p^Pj4Lod>o!z&xxX)U3hiFL2%43MsBk9e`HOe&qLxD=Q`@R9hP)Ulz zL*|f_Q=Ex0yMJPnA}KTdWDZSvZpE7RToK4-{xY#cG^>pmH$GyYSKG2bpuPpf5m6b4 zE&4u_BLyOb7nQZ=HQ19}KCWsgAHTzVtQ5bQ?~kPo`FpXv_0I5nmZv4Zf9O|(yvVGI zPa$8H!oJ96JlS`rUxCvh1-oiOQsk(EG&oXy8?bJUS!(H$Ede=5TTCLYt!|TM)CbDd z{qT$xr~mg7hSYxl6T!wAeQVfzlDa)&-Nn{BG?q9YH^xnIbKDX)hYALk_a&w`|w`arwo4^0@nEq#))B_R1QN{T^rRid$6~z(U(O!I_X1a zoe2kQ&|2;pPLs0SV}{2`Vt=6GL?CGjcXMxRj5z`kB0ep#X^ zU&4VBA^kt1!%^0TKTWV&s+U)Fas!4$t+2f9QM}ox?hP2;ad(o+n3JtB;->rEQL_Js zf$9^a;qlWI%YRF@AkwK;sTXGlOH&5}#mA}oWWav>*VA8WpCi_bFFPM^d-XEzIIkWG zaPK^kuZ1?B9)_Gcb?2}_>&@Lhj9A(qVn*X1xuA8~%aL z$!Mzqc%%!UXSymkD)$1vfW{A0=QGTvOa2l2RFgFACwtBN>0ZlzZf`d8y)1u-%`=88 zHk_Qc{0%~8mZTag4cap~jL(F3D|Chy@229sCzbjCH@|Gq!V{%wtR~#0OT36IF{!-A z{1soTL0dGz>UcTtcRz%FFrO=ntul%Qz_o$PgWsdDn^`RHFLfqU+OdxruwJPgKqRsd zGWePFA0DeoSFD)6G6!EZa1=b18k;U(yA;wv#(Iq#5LL#-5!;8dyRn80>Y_YG`Q{ir zy!nXJGtjY^kNe+sQ~s@o##qEq6gt)oAht(6h%4K>SPUm^D8;#jib%!sNuKTxSdNy< z-NE&hUGS{ynMZXxkF8H3-JxKnLtb1wVn|R?M4SR?DuhPEp6ky)6$u){s?eeIcj=kC zm_Gy&pBG}#;Op#UKKn1=xwrTX+TXH{!;DW_^1eeAwZ&pJIKv$@itE0`&KhtB-xD}! zRtA}iPm{Ul5`q)^IykVG$+>Cp<{Njhl&Bl`k%l6iqJRV1FZXVSjnAiCh%TEOHSXim zEPkaWYDNFqSWK%e61Ok)^f*i55fCfIql21}9xD@Vkc`+fW<1%`-J@qd%Nb8G5juc|C{yO!fA*L|erR?W(9R7O!85Q;Q<0o!hem^&CPQ=AsRYu)~wR zG~erioC#P6YtIjJzNuEk;Y%s6wd~=so}Nq_cNL0#iuGAeyH>YCraOD>wXh0P52ZiI z=SGps?{fAQ=5y~)H*B>&JADQRsl<9=O|McwQ8x8PA#UoL&9$z7_XZs!buw z0I=TCFiJI|)OkeG$tru_|D-Gl$@}(kUw)O$&RG(+7uXzF3{LR<82yKs?N^aAgAXiK zmAj~VhT1AtqDC)%hejpTIURK#fqrDo*ZD$f>ir2O?}~BXf%`wp6~K2nSz`ZJO8gZg zjd)p%@P7gKeHiQH0O&`cmq0%Q6=41R3fETPjC$tfEMIL>D`azrIb=Z$B+)iz58P*j zW&|us>b}j}!!WQTC@+DI{^Pj;JZDz-$mWo_LufVw=Ovo|D^JS#C)qRXS@xVIIgwd3 zF^03G2CaF7id=_5n>E7XDu5u@eokW3hy=T#u1PFiS-OJmx(%4YG-$(F#6S7^I4wAu z&D=Gy1iR(g4MT%Mu%*&ch?iAA)5i2ER%ZibFwH&VP-P0h%av9c+Vrp&D`Wi9c?P9LM|a9Q`Q2_r8HO{`hw( zR0@Wl^N6Uki8jd&o&Bbff))0ah4VeVHrTF)6vNCFU>;0sziNcedp__t)fi&YJ1a*< z4uAdwVlnPQ{1&dvUUVcYI%$J&N&;#*&4+kQ$eXf|2dUp8RT`Ru)c@5t12b{pT^Eg< zy_Q9-7KN>lV{Y-HW=@-zW15aBb$S?HU&)G6Gl7~g4?gQR^f600s0P#sS^;_ap98oe zJ(8sL^TjpQPqy9bpB8z0aDRIvJV%?B7T>zlzt}$zs7`ga|C`^^Qg~DGazQK(&4C=f z3lUwDv3=J^4cehG7BRY7MYyGAw7sydD*y%y{+ zZeXi83xS=?EzT8-(sRX;{1dbB1Sh(B3z>DG(nkI`E1_qu(TT)7m$#xntZxtC%KDVe z^o&o=ypb_aXPr20K9g_*kh3$zLXXGCX+O$R?F4L?IV#omPwX^vZy)SkZ*DktZ99yoT z3*t5ky`!obys;rp0=hF06Jun5bke`d+IR|cEsl1wanO?SLocmNhFTHR&DxjEd>0<8 zdAY(zNZp~36*YWYXV%uIV?SO|nAo5Ivq;(C3GsmMTM_$bRk{57x_2y_IXw0sh#cP(Ec)7CmtUrwF%U}0lu8eFtf9nUm$vft<>n) zu9dgLEBXty=ozYI^`e2|MA0*jJtc9f{ar6Y{PPl^Ts1i3wPXuPU$o_c<@ZFIMA!D6 zVH!^$&S&X7Za@;(ZP7Dl;cGPST37wV2B*j*ePN?DHB(&LeEA0IUs2s0AgNcOSDhcG zEk)js)E$wV!mjN!er>z!7P`lPvt&1imNs9#;pWiV4LABLQad_M5x$a0g_t46wrPmw z+tyxsn+e#@F$E3jf>)j$eb2?+@3hQ0kwKBNs+p% zBkz*STLy%yR$RWswx<9(&_RE}fT4fs+|rGefyR`rpW7GO==9%5ZWKb>+niT+kVcyF zV?D+C?g}{H@`-bNbYp*zUg^WQ(T%2E7E$o;3KXUyep7$JmDIgMp}ScO`0DC`w#nGZ zp;5L%CD;MXb%|KQbH{UU>g*JNC#H|#umws0J0S8^2HuGb_|-^Un6huqtLjs^#GO%VqAsj&%TW78Z48K5q@|2#PT- z9WPH;!7EE!%A#gq)P*TWf5|{q3Bjk^P9Le#_ay^?lKQfWIE(?Dg=JcCmRC_Huktv>-$o$&~ z)qbR77e@Mf*mq`4P;C^JD4&`ZDnZZBWDC<}`PAlYY5saO*7&PqC6Lv*Oc&CDahwB& zU&tdGM0>u(dc+$(fH<4?vqZa0x8(B<g+kK!x5ZfDmiR)1ilP_kR)TIsd zRJrtBNPa`_Y%fXOndY>uV;p#OYkG&WzE^?gatCO$w@1av#5AoXX+tf&l+HPu;ujE4 zPhPV9a*WBsNf{Z1?+MoW96og@fA7UHx{K7a^B>DnhNeZwnWkGb#uYj14AOrRpWmR~ zT3Ls_jZECSmPm4_9thQUrt)i$|JR9I*AuBa9aannZlW<$m4nyFj? zxqr;(mWk4ms}b!6-(b2Nxo=M7G8?n!5!1x0xy*+njt;6F&e8=h4Hv@-$Yox^{pCO` z4Y0E*BwZZmu{7*6AAnDvg1!K;y>%Q{oFucDK+I-lb^_C#%j;>w&8Le+ZWjlegO^D? ziI+`rG^27jpTjkrS8oG1H-nP}^@?|+O6$ok;5PN-;T>Xv(D-*OE1?UsdmOk% zHgoS7G!EF8j$~11QN(k@K%hiD(3>#Rx9x~6vxn{Z(fEAa)WK=Pp#$eK+yn)d%W0pCaU#3N^!LBu zUV%C-LgTs2XX7;CR2rb&K{h~FaG*>H%KQ%^QHh!xjw(g?mBKIhS+yM#_-YL7|6ik> z{+-a_aQz+VJI@{vOo zqH&jLH!MQ%ov06zXX8X|)KJQl2*re4%LpJ%6?P#^r7qHoE3(TbQxKEbdN-;#N~e4H-$Y&a(K z11E8^jJz}B%KIM(Y$GQ;LEp{DJ}0EBst;58L%#PCvimrL@x2_+{=KqJEs7C(6ApYo+LGwtDG1Uu&rp zFL05hl;L98(_7~M|G&F-n9e)vdJ#zZo9R=-+nY%0-LwVrwyC!|sEBKtDpZ^we%OK? z@0M{(!n)rUFW74V&(_p39-3zG={0!f`7|qq(^zS4xac<4Pq;6W)RsNHz!`fxjox6 zHa7>at$Cp0V8Y2Q@%e488Uw74~aN87;ny#)^$#VxhfX}*po=)+#WQFO3zQ9Z-lfNOI0crbE% zw%~gf@YJ7VtDwwpt7nk~mkxX7i-#x2ZKKRLZ1{^{_R zCiAJTCM~rYHM@t`H2p+14zsp$XzTlE>$B>+!+gSAjX8Ys_Td`w*5T>c3E$XDEU$vt z_gTuZU!KJ214nWTVw;Tca{jl#L&iJ`yIT?`GI3y6`kl;MM-aO;k@->9zzfbT82v3H zu|XD_#EXR}_a?kfCD0kS%rdGInY~#{i1{}8w4QlSXDK6Wk6h*x#6j@+)L%wg55J8z zq(L8ocEIk&`JM*TsmA=S@y-bJFn0%bU54CKpr;gjsEb)`UO!@|EX>$3ARHO9A&OV1`YG6Eo53&g`^w z33fyoZF^#bA!8GnKz0k_X_$UIktxp_(?87n8*YHjw56WKd+C{bv6C=A<`~*-1xCVn zQ;6$GQWSUM9CERkaMo30{k&5po>!W;t_xlpyiaI_zHEXVeH!@TXUZ0rLsWvzTU&+A zL6$pmm{V3O4n=UX9rqsC#u;65vhQ$Bet$&+p7auGoF_KIrY}>@;!7Qh5=2~v1W(6> zQt$p#snsa88l?O^pi&z3f2xQk+osF&NRHqHvIV?ZNM4zna0!*xa49HY$^5yp~*b> z!M>8GB_BFu+)aRMmhN$|(~>w}MYY8`nPE&+E8R-0@|HGkmti+Iun7CZlS)}!fDQ$n zU0)({1DA*~VQrgfmwC4_k*Hj+z}Lah+=LC+g1Bv8L4O`MV&6`2bFd)~0&OlGU~jPM z%mcyvEwrEAIZ%0ADa+rP$e9y%oUty9+Xo60tbQ(0gx|$+X8E!wOnc066TZtba5=wV zV)id#yBP*5Me{y(&)7fFY>N_aHDU#Tw!xRNznwm6OnkF){n}qB7PQOpur*HVEd$nk zT_q1Y9xHi#kL#5-<70w&)8+j9ccx!+**SF@c*^voynP!-i<|Xk`uYR-c2&7}m8dV^ zf7=S~Q=pAk>n{Z|IC~0RBdH!L-V^hPqEWnpIIv4yoQ=U&Opvp}H`vTuu=3z{v4hm~ zuIs(jRLU<7_V@m|*UBvp+JgKLzeF4Miq@6}_}ifKwlKdYW=8*9u?3_2GaX3GKuaDM zeo-It5GbrP@uU!kkDq&e9FcFVEW>IlbiZ5_FG|oQMX;_Hf)DJR`MIuZmFJWlK>;(1 z@jrww_3#hF!UP{lJ>xP>Sa!29c58B^<5!5PoMWxdzrYk3hoVjH|3rHchqsPQk_6X9jW_Ase0c-Zz>!Q(O4&)Vo?+-_~v zk?DMkVfTT+S@r0!L*Wi~Q`}Fr)f0h0pv@s(j(M;P@~tQN z(jlUCjZy5JcclZ&8`475+tYqns9D533`z9a7^Z-nw|_6n=WfbvPcIHH!Kobh>eRdC z-CJ=Y0XRvCv@q0?UKm*z5|pd9_5}p&q5HOmNME2#-St4_gMEQwRefOHgS!I->V~a` zCd)gU#93h--&ZsoKfSdn{1AL>C6YH(lCBRwB|K*?P@l6jz+kxovtfFwq^eY*bE#?* zGs7jYL9@Wm<$QZ8b42?y+J_UQ+MVNcAJIM>b)~syh{lZy*a=w5J<9%GHENG=*ab9! z&G0x-_R}e5$!9Z}EGH4|gYiEP&&$UR@q}8Q0)KuEBJUB)Rh#FoI*xSh7-i|zr;LQu zjuG-cyN|Ns!^DEow2a`lmVE0FP>x-e-PS$q6u)%<5r-%L6M7ey=%<#%T466KtSs92 zY45?_1*S{zeXEw>^}VIfEWm+%I=6n6qY)^dd#O;=_2jkJY%81bLS==RYb%-YQaihT zv%Oon!@tLNmH&mxQcpGJ{U6)Rp8siEES|L7`2$#$aL|1S3&&|!6g5= ztxP=MR$2dbKf8Y2|A$H-t^H;G-NChfbK(}^i16Uj?)Dj?Dee_-@XLO)|LcB}SSbIg zjgwz$H;I30YZ1TEezhNMmoNO<;U5>ULnNMR=UXVSAo`d&&ZOF7hy^hunnc4M#DK&t zqG=!rO{W-$pebS7T?F}Cu*-o}Y=5Y5?_|$x&mHYD?7{9a@L;>KfAiAc$V3hnS&>h#}&FHT~Nv^e4z==|=@^0pV~ z#>%?QnZqN=OY0Zb1-J2HwLcknxsBU~D1`uB@Sn87_b5&VjyWalvx%{or+eGSki`v% z#ywlfY=UFonQ1#wrG96iYNlQNj$1Ug%qnVVKK&gD?bI{>2iEliCBaXr&) zh$`-Rre&I)ww4yrW@C@D$1?L{cwe6JjpX$JqAeW7R|)Z@NA~?v_6@o(bZdyiE|SfB zGH&j)ggo$6WMThrR+!f|n>m|D0*2aKA0d_$@aF)oouEnGl6@=3DBlw(Iz^i7r`aiB z=6^AT%A+%*mn%O+Y{Z%PjU8iZ5oIgB*7zWdIwPq*-U{>wMQq$GIR7N@TI}Y zI>X<(u7{lwV2EAuX=u4_8)k)Z6u7*|&9S81*#8bGRGS!q_6jdY6ZSSKXiAy$+A8B( z$2gZZLb5F#pVU>ahsKN%0EXoPF~5yjwA2<>{UR{`L<8^%s=Wl+sK)(i$oYOghhwMN5hHB# zm8R(ee*XU*o{W4eM9cm%R+t~(_ko$-J1&Xind8u$M-JCMMl5Y;V>>7Ux&p-bycXBZ zAO!?VAjP$^vqpx9KY*_cq+=2>;@lPFCp&vR`9-NoUUHExWv4O(&3W=SjqJ_YWcfkNAbgo7FUubp6MzuPV&MwvdD8zZzS>uq`g-2xEP<|%7>Y3q zqEPy~nB2c>3|im3(x$(tBZpbt-$pxGJX{avD$aRtz3>jig2hWC<>EReKfZOO(U~fa zT)wqG0NcGzZz?-wknl~)y2`4v;?CfkLOjZ156rQ9dVbyWJbWp<5B>to24;~k-z0k% zn=hGUX=J@3R#&GgU~@q)t4-v;#Irw8enQXOt{dE>^6uWZ#0P?Wi&$ysdnKSDs+*+d z;=437^?EP9xl+YEKkN(zs}pi2vJPM0V(AgY`nXKiP)eY3AJz!Y*o2PagwXE5`nL51 zC$`~5*|+`wyH;4=9Z9)U4n3J))mh-y%XN2t+yNJ6-qLHP*1k3>v+r%HBCtU*%+8Et zGv`KK`Rm&#Sq>Y)0i;jB%=zu8j4@*0*qDZ2zZ&hvlPvBJU-<%>p3S^E%Fb$JGd~^m z+{XN=L@LIw*N}T*ecg+(nTfGU;CeUc4$zN4FM?hHy$<>v=oE^ZH=%ZfS~vO_VXE3Ic7_+5@@4En4Gr(tfNvitG9HPsH;$Gn1X0^{A7=gr(Kmo~$L zQGhvp$>BP**$N!=*xm3WBhC8Z!?h`^(&-Iq#Yfm5by6}~zew@CP#fw^;y|Q?5iz|QMBVIDM zq}L-_`Ag>(1WS6Kt71o)4>z-pOk4!nb|$&dFMM%r4Q#r7ax<)C0Nj zuXADuW;p9J;=JtJ53Wvnt|jtb?UTDN<(kcHl)LqlJYKr&?-Yq(ln{k zG?B55^}g#!CM5UvzTfBle!u@LSU!6`d#}Cr+H0*n9PX_F7Z*~%DxU2%&|P1q%`I5V zFd9rO{I@IAAB6jMtQX+asm!lQei@6jj}YctMyxrH*hb&1#LZNh=J=cs%N7eKUEv1# zUhL0+?K^gVUo`R#PE#3p?9|7dHjt3{%v@Em`pxv3410!Sw;8soG0ym?HO;9J=mzYW z!S@)S^_uI8K$z@tcAKtWMj5BK-C#+pB#BSbeeF3X4$V2%j^OE&xG!l+t zS8(`QNCiq*&#)gpYQ&nq2J@`GhA-1Qj-#{{V+{9gVXgMEN=!P-g}*)mjTiT(w`;pz zP)cS|iJEIdqqqmrpYx>cgEv_5UvZ}-z0VzgA7m!j_paM98u?Ll;g0V?lUxY*P*iXU zyxTQ$irR9WY?CCrtW-_sA#e@=_mfBbkhRbWW&EZu~ z%6otZmHn^~_ZLFHg&hE=Cs~mtz>bbbE{@L5FTwqJqlUv0cl32>zb*ZoBB(sN&o&LW z7S6Jt1eSEtfT%+&{Kof(5;c%Q!4c4YJ((d9gk?W`ZOn6VbNFn@$R<( zbg$(pjDI>KoH3kS!#%Yf?YVPIS4+D`pzUBU0UOj}=Z`2c$=n8+SPX5+g4uyIN1BIWZA_A?3{;B8#f)h! zo1}YD+F0btv1uW4a~EN;3i+{G`fruDd|-}d)FtLOC4af5yjm*3Wc6Q7Xf#v{Se%2SjVx(WJ%&LgP! zw%muR#v*lNN}=5*Sm|a_6>r4)21!nI4&)ZJ{d1JRY|PxN6zF^ptpHLwtVUw}li}W$ zE0>996+>FrpW4?-GQe15HtMAhB;qcPHi`Bjv+!cf-*h`!ck~~ZFrSQlg1;+pM^UUz zTIVs(X3t@pHgLOfz%yXb-#*~s%5~O(7OaqCKM%>tRCgcdWoAmZ=V;Ct(wylvv}UMu zr8#*CRy~|p&Xs2I-^XmNt;n6dNcuj;4DEPUqkoRWN;Lzk$Xds8^LXUv<7(L+U($~A zEVv8eA1J#3&-RCKXCQ#q^f_~eOWdp3OZJmH_iC>v`^nGuLaWov1b?j%i-W9i9&WlF z29DH$>m4(M>+PB4JIyzQDsi{C^4E#kqmk94IEhp+Es!nYZ2plZsoXx8U5Xt>ndQBx zg@0UOHhb5G{3hIztj6t{FPdE{^AcB0Xv8$vp7Ub5=3#?Q!U&pY2xQo%wEcqgmR9`DNDv#Nbtti`w2G(0EDkW zJl_E*zsvlw6AQ3A2(H=t5e1Ic_r;k2H;A1+HRqZaU6eD1#?#xTRVknUnSa{siUA zJP5llX}4*Td>+9o)0{v1SQXjOO*pT>3KhW}&ZD-}H_f-w9lRm*h!T{Tfc=c`x)|E% zwwt@gBl+VLpC43zFNTw7{xHObV) zg_i8ic~J=))B2i0mGUXAso0{z%KSISz7=r#$Hra3M~_nuOWOvP-_ZFnx|S@SonTuQmvlBY;y~!qRSb2 zS8DZGq+FQh4Lm`PU*EsR6lvI<`t9(iYEK#e*M-}Ff zWbVRU4ADQ!d(lTgTUKW+dk6iifh1#UauOK8z}`H9r;KB4G0|BVqpy zZc-oIn1fx#23Bw>sK6-3*phFOj_od4+DrNVBf1bb(UU~<8t&i47f^yYZ;gEoD52yd zNJ^Av0_#$=N{V_13`qGB*05qH>!$OpFd^kAEJM74(;Iuy*{j^V82B$J!C0P z2>N<^i&BE0@;~V1`t|uKkh_wCB?x~Wsk(bP?1X|v3^#cf@VfjBIInzvHSOTKuI!l= z^NWRx^Ky0b*hQVmQjRk)=S}=B(Xx12$Xc9n5%+}1{_7Uw#9VRG#rBnnvVX(k7YuZI zZHbHT*TTOq4~rvyguD626b|x`6el{;MHj)T9qId5_^J?plsUo`-C#obw7_W!-Q1fvD!o zP_H!p`(mGsolD`L#;GQ5NmegT0eeR-9fwb~BnzuMX|9n=`@aFW!%p z4@femY_BGijJ;-;1E_r&SMlj3y)5zK#074aVL17vaEUH0?+S@h0%lxAp*DCS;Z`l~ z6LxWfOmLmTiHVxKoq|;A3SWP}zB_4g1W_ z+igOK73Si}a36lo2trR`#+PH&@lgE;VoytJuDb-$DtSYSa9&ldwGJ8mc~ z)&$=5XhLlM65LRfix3W9hnj`A=8m)c0-P6vguE~s8H}n*BEjvswDL>-{-_Rq@+E?M z+#5}TyA`6)KldguX+1+B0}7_C)>;vTsoO6VCTd?q>|$z}V>%}ZCbPBUu#E^6I|TARIU=WKj|DHkvc+V2FH{6qitx{1J&Ultf*dHePeYqT-&R^U9E8Gr0{ExR6kWcRQ*zQ__h6?CiZz(=^P64 zigIQoA7`Sk=N-UT^puPV zHdmVKT#)mg{w8qHRQ^5OF8r}PKR#nN)tKyNoHWAP3%+2Hc~SA?1Z*m_l3&1oFq1|O z?M7NFr~aNft7fKsrkwg8qZP9-uVS^0nY&(?fwQl;Zw&X{P|Y}4ve+N5oed?w6Ar^nk2fL5^eNG6-SlFmPnPg4^@*M zo-b|17cZPu4LQ$OxvQUcedszN39c3wZUk|aLZ3BzvhiiS0o-0w;w*LiIlI*Px&CJH zdD!~jl!`G%Ye$P}XvfnJCddks9DpqhGB7vCswlGX`#LxYj?yv@PJFrFas) z$)>O)s>D6d`@q}q-3;8NMS0mD>3cMOnhn(1u$cj~Xyg0Q))%y=RG1HFFPc<65y8ni zoB_lA2~mCJZ29IJKQkD9j@taZCB-?|$%--pspedKy(blSrt+;@T6GvF$E5R8yJ3Bm z%Atn^A}{;Cs)t+`T|SH}sx#I1IXtNzKIrH4o(CrA>~)e{Vj4;`g9D`mv~}9ra*xkL z{pa4Ex1H=)7S}DV@)lo72ouhKP3Ma?IrVGl5jX{zkaB@WEa_nu~8Gnu6{}n%bhlS`nBy^X>^ofJkD6k(j zlikw_yC-p>S4T=`b-hpl3ugr|-1P$N2+&kuB@~$Pv>J9U*ijVtMj6FbNGIe}-cy8+ zjd7e-4(pw>B+#mPg+x|ThI((0q(QMSstx<=Gq&~cC35io*Z+ssa4Fe*OuLFn0c20?kszsLG5YS z_)K-ek$HT=w||`7vI2K8zme{EoF$h(jl216_%`Al(k~?wuR5%FK>1*bUHvUk(1NkZ z$k-U}wNMxTMz;1%mr8RJR{xvrZQMn39(}zF?IPS$8;O1%ho8nX&UNCB-)EvGJA-!p z>ew8#aof1ye1eT_oV}WEcA>K)CWO8^mhBwd__={wAQXR$uP0>7IZln8#0t~j4V3$b zV^4dq!UWgQ*!0>N_T$^%-A=xfV>If{kIR0HJmNWI0i!#u#v%`m&GYQ=(AkBt$b;CK zFmdV(>Q;+!M&s=da9;wbA7xrIfW~qap6!5d03yTKouZ;0ceqEjrl{6ZUTdjiD-BO% z72UPCrC`mV_CnT97+n9;aH`E+eWh(Wf8E+?8<)45>b~A)syhYE!TO7_OV*0yveyku z3*QdrI%luW=B4t1Z8?sCt+Vj84QQN@pfX&%!>X6(r#$5x?tz22VUHVZWdnwc-VME3 ze3|tO)08ddmGjw~N>lpkLG2)G%36qX;P+YYw$7Hg1>X}FW4ynEldIH*$$kh&qc>!A z$NJ*AOx$I68`k6jMDu>oIrcY&$ksd&Sv*cQ8MR$gqjNc3YJ0Ec?$%$o;x@DKXAxxK2IJwAla)?0YlvI#vi?rc2>nUd~8;cQC3j z<8*pI_US)h;^)a>yJ*!)UhnL|&d~&%*{8hfXA8VfA#b8i@_yh&Ja%^A3}>FwjQwE! z?0)RczF$BIu&qYbkXLEkt;fDZ%8z+OKI=*=WlQ9{{Z2gh%IaTWZ7lT^&dE7)ePvZI|HevP;dTT zg_TQ8JgS^qFX|2@9MwHtU|5v@tU+Pw6_XB~V+Dqly$i+ZqIN+2@LF-16{4e9ySm!@ z6z*;*i+GnEajYwY;{&=ulm?>oH?B)?t*PY@48`*Y5+GH9#P|OxmA5cHK4_< z3(}=#AMWNUZr)vxJbZx53lazX~QV^Y!qiNi!n|+a9;6|J2_^B+XdNvJ)R!G zoq&4*4+Dk)(NxAd5U=2pI31VBC2$%}%}r;iT#jNkhr3hmX4?Exru_g5ehyT8ErhOH<>z@G@tT#Q-5{plPt=oz;A1uH+GoA+l zm4N%;cjMUw=*C@mJLf{i#65VY0Dr~4i;@l4rv&>`51<3_znv2+?*YVbL_3dFGVS+q z#_%+t9{x>>Q5M|C0q+4;E@#>V=+s$&zrw$M8PgWQy&Ui!V6O;W8|&SF04zoOK3f?p z--`DA25@~X)6T{I(anJ0qds?`K7WFKJ`ME=A^*=-;7kSb_5m{QKz(v?CnKIG02ZWA z!=5+7&y8@806yCk^WTa5Z^8db6Vvi=UkCUN{J)5&KZSR^f;qctcP#zW;KO;q=k={I z|2W+5A^iheV*X9YUx_etGt-s=*8*TChk9i&mX#cPUQENf1M2eGte8KDwo?4FPVDDE zcuQ)`|Mra7^RukjbLG<5a|_x=>Gz^f>G@mKot}2|iR^cy9L2LqN>1f3PgF6ch&D#m z3F>_cE7K*YIXqaRiesFT<5;4R!DT983F`eyEfjc_0uiW1JmPm;g8G1R9<^?@fObp3 zZ63ZghIipx8(RA{{*u|~clbX*yb%K#7*yV>n`Ac<@$KjHQvY2Hy># zCw}b!a)kX@N_eQ^)N5WYGK{* zF}6S{!Mzjz+=y>xyIC1FiV-Zr<;jcK^|)HE6>+Vs9KP$=LKy5Ao2IO}CKvQ`*ai2HAh z`zes(o8x{epZrqXZ;ktJiTkO(6n|^nKUw|(@>BbTSp2=@$Jck5HRgX{((jM?A0~e$ ztC`IIMBG1F{&SP*-|JvEJR5h$TYXp>1gS~-a#zxxjS0+Hv5DkA?E7w3G;=ojzG`dalc<1}NcUF|oZ|mr6+flN$w2iTCUQcH;6}YvdWt*?Lb#F5;zk@MjfgB*r z5ein-+t(2Oo2#2^*K81O6RruUK@AHFuPvJjEZJ%)=|JggcDuW}Jnf!c+k||du*cIa z(X(@xuyW%%dp@xonRW`ufuEAo*C#3~>NC@A&uNr;mZ&Ua8L2is)x6nL-qzf^6(j-v zTP_N%E$xEO>vp#b`R&3Eo7cxWd%A_&ZWD}nq8Z(8-?g)UXP2DPvn!rZ zemiK7#tV%Rj05kUoibY5d%E{hbb;61)#l#SEi7LqSPF$Xz{_OF(q%%K#quR2AU9qk zd0O3FyIQ*4!miG4!Pn#Uc6N2U+lvKXr_kkY?dDbjtX;sQZ)%r%8;MwKr7TP;^xpl0u zWjA3ymP**wvlF$^v5wA`c2qn-?WkcKAJ2LgI{RDXb#33}iJ+la;eb|8^x7Mj6W$jI;Ce*xWhq ztX;!0wbQec4S&i=XASl1ckS5Kxo4NK!@XB%=>|c~&u`bETy;vK>QU|vF46R;BGDGF zF}F{VSiVouqe)zwKYO1-oiZoNdXf`s5NwB+>q%Ze&7GDA#xdv4oJQ^7y(tyY@24-Qfipunzc{QzntN&Ye3!;=aW&EeZK0Wea^YNNQHr)(hh5 z6~Z!s@(_oEuT;mxSaM-*zHhF~1h#heV1RUX2`xKYJ==OZdwfW>-q*6tO~Xwdaa8OA zU#!epJBHsfVP|KT8zXyb=MsVCH08IiK*76wogE1D3GQ7jtsU<6B|`UJuUn9-vK23& zilFSArZSP$w{*4abYngxX6f05@#+DAZ|Ld-dx-G`p>wO?rBrCmWTm^@-925qz+u6} zQ6P;8l(s^yfyk1V3#`7&1CH1hugfIbngl`^=82`d@YdzRmaFMx+{ra#Yn*Iy*vZAi z=h^A)aPI_ABvM9hXQ8Mts*3Oo$c5?XI&>oOW%dTx5 zZnhIsR_88w<1U|jm(R^;TC21$OnS`c^)TOFh;BPsH^~v*ojq-m7c)+`R=2~hfmt$jXjCv5w?j&2xxpUhTMX7!D%Df#S{a-9AFa) zJnin54x(;bp^mNWYVlng+1-hll2%W*50Uj}XuKUUV|SUI&@05rY=u+T@!sfRJP{(^2oU zrM5L|YFAd(El0m17=KZ)?8cL=?risL-7CmQh)<*5SbgJTC>9gP3s6(TG|=O6;ezaP z8V@ch<|b)D0Xr+Thz6vRak04b;_2rMvzsDEbFl*iil6} zB>V~Tj9=g@#QD>&Gwr&sKsWpZ2mc?!y-4?e19Z>rB%p20zV?>ptzDfvWm%Dk5~z^F z+dBSBIOtrKCh?R>yb*N1OBPfyCVgzNK>3AMFd3nsaYfa#e28t3-|;M@p0xCm5X52+ z0W5ioj&+qm$wl~r-pPOt_b#@grMm^hRyt48u{}tE7dFdvqtV&9Yd-uC6-lJ+*|o>r zzRfLcZSjDg%daE;-s+}mft|Mt#1OAd*#?>cdC7t`D*4|hx>_6(__{rywyzd*HHBDv zO^UAhXwdvFv|;|9`KWmeBQ5RiU6?Gk64QwZexMeliBm^R^g|t~orGASi5d&mMQ*A) zd3^%SQ0?yB9^7lZg6cz{LpDbcPwVI%!wNtOISMu=bl|{ zXf{LY-885$tm2`-6m!P8mmt5s-6OLOnISHgyR8zk>zC8WZxg&UnaLD@Ind|X+0#KY zhrk-II*A=(;!n&6iC{8B)rd97Vk7ZeA-@-z1;p=I?Ge4F#RI{?Cd4bzOf@1RlXWbC zc=a}S`(&*sp|=xEK+f2;Gp-_#_o^bnn%X)$z?Sw1P4Xz+0>s9vN7eWe`h+HkA-7Rq zA(4bEKzVoPHn8z8nuf3Qvkm+^tL9PBD5E!^I9%`D9fE!<2RHfzFS4T89a7quk$> zz0~UqdgDO?%Wq>h#fDuMX&M-6UdTqVA&AlUl`v9Qz8XedAEVH(Wd1LKl)I_4^|n%J ziy)Kymy{e}GM1x7*wfiXB9*Yy4Iyo>(CMWK62o#YX{T*q=0s7L`~)9x887m-Qr~2$ zZJ=e0j&@*nvIv>C`ilRDqA+-Nwt%_C=lA9|%y$xSD0TX}n!!XX`p;8RXh3L8DRsJrN$s_?l>AkVjVl}0 z+1Jzw)m8S|^$jay0x!^#?<**jbt>Ot8Zxn|RjxQ#U#yCd?z}zS;DJ5up53>)yE<79 z5a`(k$&>AA>28zSJGU_!Doi(To={&^XBT6tsh29;?CtIS@CS02~WY$06wW zN|u9{cp;j)G1_|L(?#WugN%h*o zMCyQ8FUzuzP(b_*CJ5pug=}R*!|{{W(ztno1dWoiW%2U1z}JK#grzc> zEe8WxdnbkTc1uAsdR1&cEAsc*S+M{Kweo;m0owf6(;rH(viq+9#VH+keB6 zvp4f6k3OAnj%zxQ{?j|k@_zm=$?Lnf{IqN0`+x91p?Pbt`;)<+{me7?-kqy{`nO+x z`)8@Yc{Dk%v-pFOrw?{J-g@e}o6h%L-rcZv`O%%fEPL|Rxyt8$b^E55KTQh#a@FA{ z&aQ2HO|z}AF!K)G59d}Ib4tf|7O&1oscc;5)45;LZQosb=HK_-QQURp(f40I?%bOF zr1u`@zn@s!@vE%&j|B5H$NtwH3#a|V`^a|vjGsN0rR}&bw{}m>+~J=*x8V6?{(8sL z=jztH_E6KOou$&p`@h-U+4gvEX78&9wTfTeI~x7zp$|LiAB&v0{L{bp-ttSI1f-+O z8Zjgm=Pv>st@mNBkzK1>dO>y+7E|DS&?E*q?a? zcbC2h|0{ss0`_4|DDUCedHXlve;4pE;O~G4U^ntio}YalYdk*!U@9R4B-pboT9d*c zPc0w}AJN1Y(;f7vy*`<9)x>RS#7>Eh^4m-EEsJ0Sg!X++6u7CU0|RsiCONR5Nl_k5 z3KM5L^L1|RW-ZV&r#bvhk5k!%@adm*O4&K8@| zAcK>}Kobviw*u(P-o3Iag1XRgdYaOSjm9+#e76yeC3S+h0tA;rCQx%rCWkl!bBQO3 zy`31QPwMGzhf#|7L#$Y8IYzlWu26nl&AKWZAeuF-Vevxcio|ooDhjB@Q)HTgE zl!HIDK)^NZu~;CDQ}ApRHq?`ZdleB)AjJ0DsFSupZj5&foUtB*Bi3gmYs!)r&8sU# zNE&Ov*1##COp$m>EL@iQw#aB8thJE*01U%u-KeDJOyeUeemq z4Y6wPRr+fumAC{2!Mwq`+S^%IYiBP^ylp*Db@#Gv*g?9QWA^@-J5IkC<2}9(w;Pr! zIXphkL+>FkW>8P}PRQ8Zz8#)+tOcyAYIHW+S2T-j)&>mYJQnt^??y(LE5Ws5p` zAz$T}E`sI(idcu@Vl+VnCCBzaOvx`Ri>Fut39Q4j3yH2KC|UkRd~Du@&a10x>-NCJ zA-^?dNn1zKGpr&1UCv1^B`1fd1*FHi0hs9`i#$ch=AaU4tjryD0&n0Q&)adRzW>J37y<%`jDvN>+` zbb({E64S$C2nlUq7uTffa<_F729PwSd{7tDpt>dvrl~ICJ|tqqCK3o^uvuM`gqA^I zS9JG65+_y8+X6mJwz3$DBFtZ#T<(y?arIkf8Xc%1swT+GNu|VF8LX`kMt9O+++9`* z(zh(SzNFRNTE6JIg+)TSrR=&AOL<9onNYT1ahYXt#R8!n?brcn$2#dK?e@A$+d8|v zrQ13?p^m}56UGBeS6NwCS-HBB0TxU!zaZcGxeMhFO|nBMxv1`5IC1TScyxtRt=vwJsmh8G{jo(sUQ0lx>l1!!*e z?QU!SVjPg=PG0d%UEyz}eeffJHReOXuScyd^s=^C=4$6HL))3wV8V<9acM z16^Y`x>F!JAwx0gU_c3_$55q*ubI@py~x|<2D`ypG6JbL3-W!1g1Z+6#C9VCQ#3BS z$`$Q(H&)f!SHzMwP6(6`%rz0y5}Wf&41i;T2MR?L{$Lx%bM2JZxJLSQPAZ7yI*s2_3Enn=4N@Q#WgYo!+@aRe_C{6EGEn- zC8WcD{!?E~S>4dQy2@VnPm`+ID~J;S5b&xSFk1fE4`rTUYzS5UA1jIM@wbDiV6(&j zsh;m4Loy?(`5%)~nS?D)Zu&O2#YKWB-yzhHgAtu&c?#ZpF?fn7jUuzi9kN2}3uJ$iCC3u$vmca#mor^!zC4 zeGoY9f6S!7&!Ue-C)SU?hVz~}kHy%0q z^(TCvWR&i?bLrs8S?Zf7HL+15Jey0eQ5qrz z6wN+7@{>br|Mgw%rQ6pgU0<1gv*F#PrO)*w7k%BCYcADlo}B%`iHcXGy65t*{IdO} z=ii;Hn|Y}GCpY{`+o55Pf6Z6tX5$~u46gY0mcOQ~D_wlg%4drDf4#Myf9IP|RI9qp zTQu$+_r2HufdX~?6XaE1YFQ;U)|AAAVl)iud%+jGh zXCE#r)jxi*eg*fpH(%v%9{-Dwwq5_T1z-E=y??1V*7%#gH@<%8uUQ8M`loNb{o{{`)yHwUE;p;CF8Gu=<#MRY#aF2Uph~fj`dcV*ZrXIhVui? z4NbM~7w6~B%isOMW9|LjpMU+>3p*Vfum4zQf1>2``!>J(^VxMjv7Np3_!A#=KAhC_ zgz^v1{>ggg=2u3lKDyzh^!q=&c(#A^YiV8ow{$m^Zwdob7?{Gq6b7a+Fol6B3`}8Q z3IkIZn8Lsm2Bt7Dg@GvyOkrRO15+57!oU;;rZ6ytfhi13Vc`EC44hUm;UmUrmvCRe z+0K|7OMGAY-PiR+_)~HBWWKY?FY?by<+K$5JAmRn8czE&Kw82VX(*i2f7w4-)+hfY zd}Yp;)4w?z?=hwQ?w@`)B3}Eg>sS14Lw(&ECip+i?0fms&Tldy&7SVix>RL{ZDSWQ z?b97hNRl$(SCw-XOTowmB~oZz$u)^~okJ<9EJzx=;W!OArEt!uc4SCN;%Q@sOX)bn$erQxt}^Hq zR!XZM)|pd{Hcdn7W|6b5HSAX$flH;#OHI#uJ1>uG74J4wsqCpv5m%w78VpO#8%4cA zf66Wi?0SG4?t#=Dp%eEXFL zjT+@$jB@Qo=u)KZxl$@FHL4X9)`>96zvIe6k#Pm0_tfd?NA6|JGMrGG;511JSGJ^c z&61wBjRqACwUjPBVEZ&^ImHT?wEz$q*6{4GmM^!@;%B0~RaeTK{;Z=m^_!L&i@nUz zWLAY!M_)6~cUWpOT#e=omr*KpW?79c?nsG)Gu~hAs%BD=Lu(riq)C;0k~PCs$VVeD zM=PahWNY-!tOALJ9~xnU+4f%;3h;&*S7zE5$*#03Gn^^>!#3_s-ubz~f?V69*>x6I z0nftsjGQ(a9Elpes{*|cHdeSYq(pU+=ttjVIPX$qII<8z{o^;8r3RKEnq5&dH<00q zoU+qjshzgkjCPt` z^Q2^FwsoE>*)d%zLaUM-NzRzdZ_+uBD6(DANNqHVl$F5wSIejJqR}f+Dm!6Vs^*@G zM*bt3a7sViUG1&bgniLy;67ur!_H+$3L!=zItM63rVdT`wA@Gfcpp*U&#vQ`9#5hNE%lGt zV9mr>jbZt8wH9^J4>NOS9w(T1jBqA7$B+!hDZ4+m;vz4MiizqVKZJo7g->;6uYk>Ch@}K|=9|L5wcc zQN~An?3_h;7v=I)@$xcO1KWZoym`Dx%F(FK>YaK=wu``T9%Q^NAuvzMwyA~jR+h`T6V(!r@8q0b?VO0Ul+_se`@A}(swQ%c)qmc(DQtaT@qoe4n zjUsW~zEKsQ2pnHXNI1(aZR1&y@}f>qho2n#^pY!A5KpK2nO^2c$tWW-tmdbI%e@&@ z3!bD1zFz4(Bi&Q=YZ^97@Fr0*`Q&2bx!Yrb(}?8@OkjV)Gb+2^Gl}%t{v49+q8vvGAmF9 zxrN%2&w{UAQt_;q4@OI04#dj339%VLy(wjN5y~iXeJbWCa>W;hmivpOe)yx2e?bZb z$}DoRkct=h38K@H=0gh%c1VY^nfv>>e9;o~wvl zQVbe<&*%8fIqKI9ZM`{)UmH#|P&&neucqY8)b9yF9r$3TIolQpym$$;6jBMCsRFI4 z0DV-r)X#-aQT=J&pneJuf8)6X)LwZw8VOD)L0PP5LvVpvVOqwQ*3GZ2h+|nfIA&*9uBLzf7}OtU0{};t7|kf3`EHmpk;XOWn`R&s4vuPc7o!;s$8uzZ)NT zO$;Q=HSm?zgVh#(TlJ5u$2aa5wV|(uDa5-NSJ7H86kQCm{2fg3^xGTX*mw{6wSYe} zq_spN-U$UL^OGQ?J=9zay3zrX0n-2@!>aI)Cse#5eDA0l^109PHf4~;ztwCIucnK)pG8?zEntQLtO96<)!<(1#x?l6c02)p>&CUR3^8t0 zInF4-wIALMQrO5>NQeQnvLeP2$-i4R`j5 z7G-D$o=a3GS~8tUp+e-W5Y4W{(1!>$xzwSPO6A#U&RpvZaSrCWCT^BZ9Z0H4wkJDo zH!H)T@ekF?vpUR8OHk*NaBJb7EzXqZ!S(n(jh`1X+(y8|0GhLt0mN_AXwS@Cm83gQ zty+dwslyLNW374!t>OkX+b;|$`;~}I3n&qLUo_QpfDKq56c_UY*2$C#^wSKH7yp7B zrL8%-3q!lM$8x31xw^iROKTy#JtR)%`{2^9)?%5H;9JMTESxgI8B-lcuR!5~V0DUs{59&I7op*X@#?iw}sQI>{(Qc{~) zL3tp@kuE8ZJZLL9&xL1=&(1SA^0G6wD37qB#K7~IBXhXXjR^v{zn$H$2+tc)nv{c& zYIE0TT2oDrvE$Ys3DcZRbH;ENO9GeKE~Oie=#E=6#6(AuD@{5n%UjHB;EA779khTE z%-zH2GliAuNhY?SUdfJ>+6*aW^&t8MnihH{S;q0{i6Tk3iR(XV`^R~Wb3c1ya74wwm{N^S_zm*G3D^Le?4t25S9A`cO zKf+mpgA1`DZGaUjp{Ef=Dne<}F-Wv}na)Vw_YQM;=?)`kR>PY`froCDAC2UWs>~m$ zi~P)-?8xvFaHeFmob;cYqdI4*!25Mh-e1(mi;2!+f38at){LeK-cwYjirNP#24n)L z?UQX*0CSq~BV&YHJ#gx+_EdA|lTV`Dsmfu$krUEnIiBTHeL3*-bC*@n&{7;`e~NQf z9J0}8*-@&~bRpZHgff#5XYPX>gwlU@xl(Q)L;1C+j0#UJpcs$|NCwcmnTbPA@2Whw zC*`z~Xom9{1$XE@!z+SW@-u@qCs<*9-j)@JMrKF3!Cz&6$XGuc&^ZSUIeT@EK{mMY zJ2u4|?Sd+t6IDCe0Qp02s3380!o(@VI^aUhgmV}V#EUTLYtK8(AN$ajwtl5dRHG445y_FOy9x@dg!$uu{R7^x9FUU z3@7VR!u41aVv8RJ|ROu^rTz)#Fu>@LLJ?1)w<#2PMsa_n{ITz&L#}%!50+SV#?r!p&V7V$PI4Fy{D>4BfD(Q zsvNkKgGHh(0GXe=A!K)|2PO<3B5j7qOex1+P#ne_%N=v%91f*P-ciemugVauNYJf3}&CSC7rM26_`UK6RO#Z7I)PiR3U9l@O8*>uAF~-NdOdjVlEBC0LFz*j`f~wbb-Z6I zZ(uBAct`bHvy70KUK@)^yo#XE8;$&Ie8#CS;vV@@-1CU5giaHUd<;E=1r&J&aG#IT z3?+z_r_>IOo%GeWWh=p%xJC~7Wg};;FyMoRctWogqLC-ZNsoMdT#3KO$5r_IopCk( zJ_H#DdLd+-Xyn0hE&ldHo}samz-KvG-lrS6{zUUk$1Lty!*+=~cDHS2@I_t`d|FCZ zDMGi(u1ql{l+7nDe$kc~xUB|^|1nNAh9M{Qb;CI;W9`%Ng*mi*;1l(H!Lw^S1@3F(L71> z9c&OLjWeM(OVVfgJ^FG^^v}Bt`8dlJjr=F9MwC{bXTd9(=`OVjn&)>W2tS!~SBZ00 z|4UY>r$b_;EZ9EBjQR9GH|)2b!Oius&k=7y-L=CcA+veP02mV5bOJUF3il3^ zHAcHSnXk_3k=hH@Z)$2Z_5_E)tO%cpJ})I#46>WndgXHb=pQfO1b}iWVJSNx+2k}w zH+ommyS&3GxeD-XUvx$&(=3X*x+KRz_UNWT$W*K_IZ)rBwR2WZSlb@6@faksVAhU5 zj(1RfsEp|C(J1Hiv(qS(!j!yP$S6ub#|eoJgSAOJXc&YwgJI@9GL)!F6SH7pP=?Zz z(^X`5^RCL&G5zde6|W92A7{de1l3tpc|u_Ei!<|91^8DE-1~-TWc)hH zigN-qHch?Nn7%E2Vr^`oeRS@x)NJn)|&z zj~72=+*tv3n<9=otHo1c-p;YJyqJseXN6xKV#Uhf&S}NGJNKEYdb8PDU!=sSp?VKo z5qM>IFgg>GS(Y@znV6g{CGkqo?dwCpM3Bv!7Vr1d3>p5stEG2>e^Tq|XJFv*V$_EDlgvXf5Almck5a@cB2B#FQ}EvU%T)^xp~ zmhwfltMvsa-Hf4ZTZRjnk zFdJ8e1F}3hS$0f@R)=32i`h2S;lGT{%~w5pKlI1?W?oRJGh#?qW= zHQCZ};>(c4I7rGVkfgF))3EmB7h)l>tjl)wXv7@N0r$OoJi*D!e4OMadEE$gg>j5& z@l*i_uV|kmN0HVCD)$o}H{JyO0NO#5swtU5$gdsFt7JyM#Dz~|#?ub-ao>;O(}Rzg zd5h7oBuCP~dJN9fr?Xn-jRgcr8QurW$lqieHJi!wBg2+_QJU*e@sR#ldfz-)E)0RZ zx(n=BlgVRt-ZgaEqYQsI(kAU6y1+g)Z1&R})h1=jnuOnN~oU9#jKyq=Cn7YGIpPd)22cu(GF`IqD1Y>>Qfwp8wlZv$e zEKUA3X`qkK+2@(zv`N3so?iRxP>`iGx(&Ph)t*nY2Zv7je=gln#GPwWC_}=MX{(#K zBC*{7S$gPQzf#I_B{_oz!3^0_x{EbQM`S*6+RUI;4RRS`lHYrZ>MnyHmQd77Kg@+c z9Z4{=g7g4c9+~+t|H@6t{#R}SX9{o?in83I&x2e=6U*=_&5d5tnQ88)bxJ+>Zn`5; zl_3f8=;e$P5#JbR6d=n#JIV>kwSph=-v~1&K?}<8>m0L%48JCs9bPzQ8>Qz&dApwV2-u7x{JjpA{4SkA=zI9w# zZXwA#2}rdE`mgpm?t?Y zw8~Uxsy(|8eIKrfnn3|c=TkASD2o!#4YGG&ITOjg&Ma5^3_0JgINKl`Rnu_}RMO`nf_AGC&e0I?~H^<4> z6!NFD7egBQel*+p;?QRQr#XMgI^k+{&8#&zjKp<}4(le;z98|L{WC%twdTEwqNH=_ zvNl}6C)t6M0_BCopweuTd|6{#=d6tJ^Y1l&bx)TPUGkCTyc7^Z`Lc{d~ZlmoN`Xf+nvXm)gt#t0Xu(d zh$~=$uZN0nxeZdRxcUsNt+rsrtP9`F(s73sg_?k}P#fS1w+7SmmfELLE=ZFUq3hA2V;hruD|l_ig>OD&V;6b;hGO-_B;LC8CoXHAwc=~8vKkX_ z$(HRAg9=C;^BnV>gV{cRvGcK^oBZ?oim;+w^pVP32V%vjStV zXmzo~it7R}KV7uu6`*&t*&b*@5_SIKkh(9o_HkQrurF_A-(%e4wzTERq1?XD^Zxbz z`6i#^Ip@roGiT2FTfV=aw5D{yj5RYQmf}ir(#Y%kQZe$W82JimwcR1FmZaWNi8y60 z#DOa%y1N!*^Yu4O&i`F%#%_+o$RL|$YROwN&D|~)3Ty2v8`|A&$+&okS&iB%t=X0b zz32pIu@;i%+|Z}B_1U$-Ht9Tj)wm>giBA4? zd638MHuPy+3fmf6I@acVwCCt#pK8$_Y8$Od(0HJUg?JL^E>@8iSSjh9m)KiIopYT@ z=k%XV+D*K!wohTRiVj;6cHc}l$@somAJs*5ChAkUcyW!SbiK*e7`5hjWDH#FKg#2M z&C@OMNH+MxU(sGasBB_|TC>)w3||-{zD_H*)i9VOq!czdpqp%Z(`dEo*0VBIFyCnw z=rp_|S{>2~qIKx3$)zbx0_PT*+h@ytko3)*b7tW^L_JW3RW* zJ|)0Pl|jF;zbhVD5I2OlYIXVFg2^GHptU|`e8Kw^X>Kq>eO-SYrh8w?v=_B={o|aL zz8U8Wg`T zg>%qKWz~fmmloP^ZF9Q&hoIM;3+M!UmF}6$^&izYGII1by?!xsHc{{lUJ5J_x6wM-sd*Nqb0E z^<|u!KQavN2-uAjfiJx^*d*11M)@@;mZ`yFVJ^u5byOHWn@$=Vr0+&&I>URZdE0jxP^M*kz7GDy9nFD^;SFDdSvGV`vW~KdgcU z%Unz>LvHf;H7P59USOL1oNBx_B*?MP$MO~nE>+<=ywf<9`IO<6W2{Ica0i+Ay4`dU zrNW`HVnJ0x?SbxVpn^NUnu$}K+yWN9I`(NUoAI|`mR#4{V_Yo@ZyvuooQ|h{J(i%S zeu?@>ga2?Jr`?5cv!C`O{w%_)2*j&i#+An4H&5YwK)eTef5WwIaG6;tJdur;00uKwfj=kK1`GMKAWK413$1RHR`U$n*5LmG2S_&Z`Ec%k`9fpv; zR296w1@b;f{;qfYd6@p@%}@p{0%u-UWAa=Zwg}5=j9ymS6yWMqrPd3|@U3yh%(Sw~ zl6BBBTLcBlSwl-_SP)kuULLBF^OcAfg=*xu3i13<1Eg>tU$xJe8gL-?(ba`Bbiog= zHqKB7uU~xx<*wl`3tqiyMGv*a>Ai%t;LVf^-9(AWbHCkpl`o0UwqS3f)}`W3_tmn? zYFux*s=LhNYQCz%-}0;63>J9!s^O}B#zO)AvUY|mu;XeH?##NHj62(}Zk1=oFGgux zda5vYNB=Pf+hTVQ?}EnYh@Az~uclvqbVg-BaoHf(yW%S8lITv+Ro)V>p;*<`+pg}O z%>6XPE`~zt$vc72o?5;}k(EQ1W-E2Eo6_2DL z#nm70_+E%G07|4-g(0xaTqaa6>8YxbtW#GyhOqzWMu4~|T#X%MaHPuJx`~y{6u75* z=G1$Eqw*=jkHo0|>%GuRK+aFPW5|DJ*L#vf7MysLqYmn3Bwv1+rJj1nSXy7;<}4gE z2izQ1aXH9lGzFB0Aj_W6;oCGr9n6Ql5MW*eO20E}$z_T}Xpemey^mvm^wJ zUA?x#bU{B4+IweyD6t08F!%Q(&^p+MYaPY0E@*u&oLrl?AdiVz<%(cCdiLEBKGcTm zA4gupUZV`m!ydH}>EDl3&}i2v`j2+FJB(N-zZkji2CY^W+7kncOPOLSQ^QxVD`@#9_ttpi?1cITt)jEwN3nKp9N)5}g1sO8h~`5ynrKs2V5ZPB zXQw>F=8w>K{nWTj7%*|wbw)+_zcFiW?nuMY_AP6LwvKY4r~3D+Ft=)scd)|Xs&_w9 zf@cnX)LWtr?J7}+lqFR+c9-xWb;YtiPn$LP#W239%s6@`r6OWcLD_@v?xw-0R_a3salfzUSF@Fl)K}WuSAp zTIg@$ityesQ{^zuZ6&z$p~f@cfu0`i8^rY-!n+7Igw$7RK;)-tD4^h|Ae@&e0E75CKU{sm7$DVX)mtA+M zw`ha$1^#<><>g!lH!t1R1eA>xXTK8qn|S0C)Tj%v=?apxtF9X>AkXXNS>8=bJabTK z=1wQ0$nAD z!Uc0(*NwTr`9RN*?`t>>{GnBth%5wURfru7yG3~QWXUv?O#8azv-Up)G$Nax8sNjX zjZ;k;*N4UtOP(5(Qz3V1BGQbL@Iv5z^z+AzgL*w4Kl!5{pMhS?ViK8;^G!rPiY>G+ zY{*;uA>+fvaviy@PtlqRiIpVUBRE)bn&oBt)`m~dDyOmO(BDm?_PsFi5~Fi=bK|-- z^BttERfagry^SlE&xg*3B=6j8aYiVph6F^3y}Q;i5qWw-bi~emvn?Zo^PIhALI4hc zo2_$ZVszq>1F>E+XPM>9;3)N7q-vZic3m!0g!q!!aXD^AyeY{2Nf~Bkyx=vxPpa^M1(Z&a>P@*a(qA&8XcDUdaCkr8nG}DV?V&#n>otwY_pcax} z#vqSM1ASD9;6zx1(1y^1(2MY0go6l25Wa^%G}Ozu5>53V2>*T%vLVz#So}1+J1^b< zX?Q*K>daRS9lKI6*$z0^K&DNAZqa5j*|`0Dpa84!FvjpPNWf_Y{X9mR*om0Vvd2*b zdc-Dj13o;(+YExyaTGd~c;rQ#YP7PTt%v-m0K7UACn7=2CdyTQoy#HjHmrL4O?zY`-6o0EDClDihxBr z0;C=bwMm<#Y}-M5Zm|7{0br;^$zWzPS->QeVa&c0ZIwi+%*JMN0rP`c)8-ZSiO46> zZb1_)$G9n7$+bl_hwZ_4AaMjL1K6VP(ms+TaL}Ssdwv0al9zE+Lo$AcbgUfGr2C_| zLcZ54bMGX-r@ZjschCI#tWqGZ;xp_o3&CGZM9dS{rmTQwuux-eqK<6?q{r*X!<66FY#k);iI!u&ogMRR_2GE zigN;;or|yoLsDHURDK#P#y5G+bwel1mrlFV2Ru0FQHaLGC|y0Q@P*--aOTJb`f{ zStn;{#$L7A9gpnC*}5uzo2#jXJ9ypXH-HB%;!p5lae_ahc#ioG+jB13o38^go-3^d z+R)%g4m@M$FX)2*YS+BaFsF0fYu$62kIQ&EuJ)thYN1}3-6Be@QikcthIC+0_+X8T z(8g)l)z-#K-1oSTN>{;O*9-qBQ7M-&poBC2efO}N+VICH)snw>Y70N0@D~~3@eyxU z1rOL2?-#bP++Gu{F;>VOE_AcQ&)f4aveM_S@i#?HTgRIY`qx-yJ?>hhz*im*5K@G!8n&tpd8ANAQc z`_KrwqX74A1zwNJ%mI!fs}TBumIT^r02=8e(3yF;8>DYRegTRfQk~B+n-+YHeJU7K zA7%$Mhq(jV!~B7X$hRkyXK0?0T(R_0_TpbLR+b(p%~ga?#4tY5icZiBH5ILCvL==E z|81`-!p+f)5LOfJa`hEJmZ*bDv*sJRRz-MjlCe zp8}{d-UnXT}IIDVuB8BzE-K>$vH zRi=QVq38PLr(6zIbI{l%^{BYA;PcJxOMn`8jI|rRAI|Pv&WPHjew9VoIe{@aqndc zdhCoiGo~H$w0q)_&tnP;Fd9De{xjS&^p-2YtIw5BgbzVYP;bhuo;Ia8U*J#2jjDZI zp;DNKXWxzSr$03+KpXMc98SYsJ$tlx#>`L?%I)9zVS@n=#Ll0$Cvm<@xX}s71Rs4;=MpfwZD~Li4=fhWoX!DC@ylu`yT; z&5I;e;W;&)OAh|yz7F@71}mM~0mynsn^CG9rM>`?&Jv{e{UMcWCg>xbT<1%H$@lwd zze~e?1MdGcmIU2pqQv2El=urq8hBZZ@P9z=`!v?cafBZryn^skge0t=U*lQ_Ib%HX z>Vz_19n7(4nlw%=Fpw;~VdD4`Do{p{MTzYXRd`4S_9n`U24nR zrGcE6g>Bz>(jq@e&(O28)AnNpjUQ7nf-Zhf6BzbAdEVEY+-c=DG znYjd+2T|>JjBvFt+W!_*ISIY9bY$e*m;c6TReOQo!jnHcb{`6Jgi6KXZJS%-bBP?%rEhihX*>8Jx&hN1NpbtqK^ zsR?QD>AQ7!R~AA6LOH?`?3X_oz!mY4L9S$$uqyvp!?$eNu6NHKZY+o9sC8l5gL`cA zYyCTpT2~&nAg|OA&a#jjpN^g%^_Ay z$V@DP=A;6ssh`HlW-J^e+XzKHS262CVoxVZM*-}rNtPm11d}VvF8n*B z3*cIjuM+ZUub)v6)J&gx0Z&$Fal#ZrwhCJaoMeSUwU8RB7DnVJX5a~4$n&NUcM#;t zl^3W)JhCayMABS7i0`3qdlFarriqAWJTdb|#>_3nLiQ}$;RdkJmI*0lvy~73V1f%@ z1P?Pa$b}C__h|TcPkYyCO5fYu2+45K6(PH-6eanvZ-SdvC}g;rS$fm&*Y7r--mt<8 zTS1_C`)odk(sBBBu1Zn%*C4a}X+0~~0=JP;F&fmMZ}h-PfOdw&MCCf{PUu&ujh8Xk zd}t?)LwL}4=9Q&`&N^VaseKcX$Dy&Rjio%piqAN8sNw!Naa*5_{cuT&f4u~mML-Wt zh#CFf3GAOP$jj^NTVoTEb7S8Jf>aks2iiD+Wu1uZ9E(LB7~?~0q1y){8D$mWPezM{ z3&X6)kNVd`m$L{ndm{34phsw>y2th|eHdENp9fPOh)5^@L%6x{nM0J)R2u zb3LS71+ej|?_i<%9ZxQP%vCAmZQ0Yz`TW57EUe`RL}6`5JaQenM$O)}`A65A1ls9S z%5{MU8*=UC z0ewGz$hpB}dxG6(bZ%)d-QL8?xquDpskd*J-Sm!Cm}%uU^gFoQtr$0MgL7KHULLNP9@vZ#cz;Q*hq0z^gYh7aNZJrH^LC=dsj*iYKg~-w)Z@MWdhu zwT9SvBT%D1jC}yvCe8C7V2+SaSH~i&5x0-S4j6hNv!D=?@v*DMxo=2elMFUG+u9Ul+B|eUwU*Vlm!2*wl_;BYKkG^^^)Ge*^ zO3++(BeYd`g0M^saYZboDB^DAW?l~{XEU=$-r0URMtfmmk90%#1a5t%GH^z|_wpFG zmz9wH$87;c<=hKI>86hHsitCu_!DNeDS{8?7USDSq7SZNqQzMP3DpCW`31=TOZ35Y zOw4zhLTMtE?#j(Y?$v152Iyv;X`zD2TqAOSFXv_oV*On}yFoV?%0lj2(O6`|#23Ic zDTA@dpGFK#T=?7sH~W?0G;jg2$ZNR27!peb_-qb4oe%a{VVpA`qn|!Q_zHo})^S`F z`#G%|fp})(6Nq-sD&b0duA~Y4ULHJ$(!xrZFLSa-BS9YaIeh6C!H3YBZRp9Q5~*TC zkSk$(A-5@EPj?G`#`(rqt4CuMt$f=jhl_KwF(V6ZN(3c52i$e56 z3c@UeyAYfRp4$wA$@zLn8&kk%jbbIN#_S%4Tw@~gtuas>;4ck>sV%84^Y#IIdhoc{ zui@TJ2DU7@IawZ!FUQqQe0X@AHy;PO>$nG+FredNk&nme>8EaG;<9b+h0A;i-R+&Y zZb2ZtC~%~)LN6N!^BBCc1P4UR@aVk$lo`Id(Q>Y()53pLY1)wItc~paDP@>GcaYYl^lgy8j zEafoDwcq{HALk5mrOmPou^9Apx~#poG!;3EnqL6I<6^uV(nQ#whLxi#P{=Xt3)l-q zKK#xY;RmPUPGm#{8aNi=qa0+peE6?pyg>Jee*Xmbl7iVT&KHY(KF;|~QYolA>Q71MQW`usTv7B2GD1NZb!2M_I%B z+ON{tHyucK&hm=)D}nP>RI0GPxPeM9ETZ;vv#dyi7yde3E?cS&Ma3=|#P> zlw|FM`k>boto5@59WaebKgmX{^|fB5kDLAZaIZxtmgOAsrPE= z#U-zVq{{Mt9$H(?K+b8uiLbX>jh;+_tNH8j zoN3^WjT(R4M10{43wLY1NAFJ>0O~ksl~bCK{zMhlz~G3kRD0QKt)u(>+^rA7<``TM z+QS9sSicy))B3kzg+GU=edu)-2zd|Hdl;udNfX+EKDuMrTRAu2shktAE}kK5yP*|Uhge1GMeuX5rqijPv=@VlTV;Q?0sVd; z>7YvJD9R5hi#b2{bcIbN7-(FA=3#yyFEM+}7`go&@Mi%{{UurjnKpe1Aq#FDuCUxP zoEX39mO43RD5)9lHD{=O_AdkL?0Vm&DM`N1hC3=XmseMY18u0eaClYakAtdVYAcVn zeuTE33|<>n`Zf8O!j>nZB@5@}C0HLA20MUlQbEi4TcZ+t z%(LLTMIjpTL3R~?l(cn(-HJwjFriQyO&u8hj*;H8giTTkDJb_Av`*=u89Sz{g3-u< z39XZKo61l;@?o4}D)1h$$X|hjP|C4SM(WPJi#CK1{)EsCz8m&ErRvM&@~QFu219oZwu-LN$N2LNM7jBC2*mpzF)^OpDn6LzXt3pSS0>(DH zKGp#r0-Qftoa$xMEx}jpg_j{StW;bqL#taRvP0=O5iMxj(Gil2MI-i!4&Z5sK8{AR zCRCy4WqreT@Jt;gg!hU^zJ-&7^q6C4w+=EA>YEf?M+OC95A2ZB1iz^`AM5A+slpdh zRp(mAX2%o8I?&5%?4#d<{P1(BBhMg6j;hW&W1E9=N6zumO35G@O?2Wu2HrRl7fs}c zE8%}740+NksIgWk2Tz|VU5BR*Npb*}Awtt}v(&Z!QEDYhtwbrsWT^N>(W-_T@mEMsl`)v=bZ$TB_*h>P6&Ict zXVX;ve5qaP&E46+?^W#M2j=2@I3{KKjG&=Fv&ZWNeqe#nYh2Ty-mBTC^80hwNziqW zG}o`kHOZ$xl+-WFjmUROArBt%G^EWL1M~)6oHP)mZ{hms&hgv}Ql@+-8q@fbVPl=* zOCCt^Q~kU@73nk|alZ6~dcVe}hF_L}<;vO78NUSYrWnW-G>7P(sy|w#ce9FoUosX4h2Xt~>=}#Muq(8Sm@3jWi5u?zxTsiCgDVrAE z2xg;CiB6LFTOV3n6|dsncoM#=vV=Q?_-y6db?AK#(#E^uuh=87Jq4{X7(A1z^P|kDodq42%_<0V!Lph|Z4-Z!e zx|&kx+d%WykX{orqrY0H!6^SU4oS>FjVu>_IX+}&h5H%jKW6kn$Irhp4&)n^C0R{Q z+-6DjrTV%0RB+dG&<|v1eq;4!>6Fy%Fk)s=|2yHSNBJ~3O!OlwpibJD?}cJ4}!md|Ani|{$rS~*NhXj@!A&}GlkBn zP;bC*%42r^yy0}NP!@vz`+~AwIk$b$=RlvpLZ}Gd5HQ1FC(%zDvNu<&F&{Pi)Q2?v zH2eN)d{xpv%}SD<)*nfFt~c+e4crlaUwGM@Qxv*QG8NyF=-z$ZEm z*wygO)N~@Pp9`;y+U@oRgRmU)U@!JJ&)_R(Sa|gqStjfX*-0Bx!-5ZoY~WBQfO!}a zxs$z^0v4J7oiFFM#DL30`F3kHz#R~qShPh-3Eh;6_A4%tkRd_Pdj8@hYH^}~B!>-u8b{CQt3{obQ1QkOp^sr;wk-&2tLyU@DGpbZ!p+r8wy zD9@BLd9IdPMI&*WT=?u*`@MfQk_}&bTS4e_-Y;@Xgwom1>IiATLH9|zIpXI@Q}Ai* zR#1m0Ig@QCJWgVa!am>_xLNIOmU~~~Hslt!Mb3>3-dZxJ*m18?$hQsJUv1#;1xmrr z&Hf2jYJC=#fnz2S=d6FM*W7;Zr`U^2fyTX_OFY4Q50vRIP7OXVFtsc>_&}kcs+pcz zT6N_C5$%jeegy9NNp@}Zb)!)@ZRI`LdZ3CuCu*{jxw?#0u1e)Gd9-DpLi=*UIwI2n zEIelvUJ2ppk^GmE54x}7Iwy})WFqp{aZQWXX@;g^0{nlQL|WU4$aPr~Fw|K045tl1 z{%ps!1tCFOlCK<<)%m8iib5;Ad(Bg*gAt zNL)BN0_qi7j!K+uqC*|f$kZzJTGKcmQekIXIG&(Yw}E2D2tbCFhd_E8ji4<`nfi14 ztc#_PPjKN^AUEK^dl!dFWx5&G3BaY4LPEiXzmGVNdxsr)xNAbrvm=mvm8Ri75c=V# z<@-4c;o^o z=aF+oM>uW6Ax_(f;6hk|K>fT1*ER$R0h~a9uOnL{h0A7#mw`~P$W*Yq!v0CN*9nhO ziN54rtED~C5GdzFnsXhJF;G+|?;3!A$wQb4iF+f1>5ETe2Ej9pyq7;SW`u;$BBU(g z%*Sje;k7R%uuNhy*OT(d08RCCuMQ&)a$|?$6H39o3IC(-p4$@ z@w^CKiqZ;w0cHbnB&3_9chP)_3}(32NkV>pAO}1b=&~Ze?1|^FJ?mmT@^D;H$Z~gk z-w~d4C~JgVMc-@oFi_nrPz}E{T;L5ae6CC-%@5g7P@ULkTx;Qdi{c}|`sAr~&VZ4# z^kI#_#>ROb7DD^%>l)TESZqU!a%ju{bFI*~8wM>c7UwZ}RZl=}y*OSdk2}PLk$2(+ zlWRXbY9W7{K>@Nsp_yz(CL%XR^W^KhD47Kw!2n605i{rQQ47Y1d~9SR_3P1gJW04e zc=>`feIoMuDA{UEME-r${1E9=nV5#uFOYk4eSHgKQ--ne=j!Zwt|-ap1m$WxJ5#rX+&;%RgkZo z85CUW(83Drg22zi`=Ux*D-;Dbz$?VFcJUo|KIFiq+6!Fx!I+9y@vw~Kxlq`g!M|gq z5^3i_hgPx+79mOQ=YcJHd2YTjO8UW}2~Mm#_s@G2jT!ZQ4DE(Z6ma=m*cB7iT4i!Z z4pWJy5C@zY*}NTyXN9N_IqYA?7;tIW4cE5nLK^uU`_N|`R_4+el~34DQQa9JJ`96u zm+2u$NYTUTq7prvIx0Ryx@Lnsf2hyq48r4V>8-$~HDOO-;oayN>@lJm=mWC&c@SwO z^nvlnGDvMIkV}@<+mZWaK$3D0?*t|S5xY z*!xH;_!eZm8|1#Jp5Q|oXfTp6rx%GkqL8P2 z!t|!G)NHh}@cCHVBbG-pfWA5Y$kj*4Uz1Lq>)7lqhi}hJ$0=_HygmKdn+GpV{jk2Y z2=i-9UW;%`O`d$;EG(!__nHNr^497kN4odaRC@aSqnoE*dX#WHf0}y!QL3Q=y6sDk zCTdY)b_rHKq-|md9_$PMJST>*H_|u%3Rl8Rk`Irkj*zT-Jdz2d?Kpg(DDgKtW)axl z67(jm!6KX+MOdQ~k%AEp<0N7ACQj=qBQ$RAc>ZKMZDgvvT9ZZyg8&&^c>Y9HDSw&P zY(a=Cp0dQa)a-@jR(Vc9EZ0CvlZ2Hy7jl%(al#d|*_TwF0pQlh}BQ~4Xi z20`zP!pBhp+v>oW-GR_fV~6lB2xQMix|(m}O6%1#Sk!V{x&*(utkB#iO0YTi#Lo*!y+xOqFGsJo6#hV&S9-&M$a@&w%VZ;lD2) zxdv-0qX48neA<9Q7P9h{m8$nMnlhc4&G%a%s~YDDpSPvE)FOGno)Y|!3Ax{Qf8_3Z z6~1g7M&S5zH-Fczc_(+XLBKVrg%`!McEvlZH^VTU)s%P- z_I{_fDY;79+=n-99_K9T=Hs@mR}-H1+FphB1<%m)H=iZx(^w=N2P!!H(g@-7Xy59M z7eeQ+#yM+f5~>W%$57kCaRz@|(AADA9ZBzT;YUWm@xpIFv#P}+GJ^y(kc7X5~Gn)=-*Xm7|KZKTSED%QEF*ieMIwI?&3=H z>L~UJULeU7$%e9>%Kh-B`!x3qVQd*{&;ZpLjU0-R$42s5YzSOue>M(Cmw;yGQ$LICC($i92~OzUT3AeG3D6 z1l$g=1kA4m^2Z@D$_}hdSW%|ts{RM z(s<=jQ$rNzu0UcH>IIT*wWKqx zmJBsUV|wd&X(q$0Hw&KWc98#LToE>-5<_543d-ojqnW zJiryVx5DBRv|Kb29IHD=&w@9>Sdcw}QfSXV+%O(lGOiFi?4pf4iz)@upAzLnb|ClR z+y9RGZyC3E6(ZU9kOq*-K^qDECxhRXiBa0KDnYFq&h2U=8elw9fOZ)Ix)w8Jp@c(b z;dwZ}$vat3{L5jSC*yy^--Yl|l=vpCtG{z?=RUhO@Mz&c=YY}h=s+h|t+x%dLPHKb z57Eig_HLZZ%$(uOQ@?3UcV#q@&QRe_cL@@tdazi|m!=9o#%Zms$uF2K{TOS85YH-% z&oM};a-c=lHZQP5BX2}ivOIoz2kcoM<+NX-?owPk4#Q_40_pTQOQzegQ@xYqCy(#c z&L#QD8#}?(si$Cnt#MQaSy?$e-43FURDrq8IpSPrR`piPt)V*j7FWEbGmS+SkHHeD zG&Nw7V4J^xomB1gn`QuElvV9TD|(~6#o}2W>NUelvI^cce`awjE%olE(1>}OGw){^ z>LW(IgcVe73}nJ8B>SBeQg^P;o_?V)R41r_y=UP8NTy~6RF)jk;yDH%fq7^{G_o>U z0&6CVCrQHUJBYVqRjrc@%?iAEFUmq^5zP)w6SQ-zkjKu$j&Wd=mA)HLS~SfT4?UBF zdJf4Yr$<>x^d$8C)Hiz&sK5NUUPDkk%V~dsD{)$or#Fp9>SW(kb;wWft6AtTHa+c1 zoy1Lt-5xY2x~Mu-o}XOK-cL4Dx;~nG%csN1Ghm-EHMv$F(mJc*%^(_C7lj6{W^H~3 z>@5_*<92wd7K!F04B+diU*3a&z9h71l5CIQk>^~mslS0_=w{d}urfZl*>%XC_P*so z(1d{yMnr*`r~#hwx|`t}H#sd`(MWNW?iUADKT7mTJaQBx%Yv_j?t-78Xe2vYR-it? zpNdDqF=&&qukhxFBy$%Rs^6LSGX-Q!w>SBfij!J%rBw;d{J)Jq6H-*@g3IKm|2`g# z2+-w^N4DdaTlk7wf=bwvlnYj1G=M*WFLZd|`B|e&wI5zigNs1hTp4E;Ta)5srL|m8 zpuT&?6&4Ya(`Y0xPAycSB}>u5j$rciHuS3MP;wRfnX*o7jYS?per-@|4oT{hZLKVP z0Gw1?r{830#jNOZg|16&omQ#e$W7;gF|b1}K*$mAczdV0^AqD8d9AG_t;K=l>9d2^ zB-M$ak!D)gXh@1dZ-O`ZldFuAZ)%ihzqvC{{>nY$Q$zoF>zc3Mnh^>~)N?Ci*QKPU zJg?%U61_xU6&>R(A<5DOUkvdZG8TOVbIayxVb?IeYS5xIkEY_9e_C^<4A;2`s}T}& z%`MxKQkg{h-hWE>e4XZjmO5nOYS!fIu)~ew7eL4Zs0b@9@|(FE(&3c))w2I`(Q?S4 z5ON{YX{aZO50$(NDe>!6Lw#-qyC7OUw~_8C6`BifuVVj9FX2|h@mepxmw19d$9X{W z)9_maY$i@5;BVkb-M=~ysA3~49S-tX#aLUiC+P&bWWJZ4`|tQHc%mnY=s)3q7r%fK zguOLz4X9!Ir=XPRnHcm^q$NeW14fj54LYoZWnH$w$~1vGw+f|TeTeaa9omsvZ#Q%) zz*__}Le@%6u-ogcNC|!+yyE42hT;^^T}i>|$bT87db}KvP>_hhlXt10FTNA@$_E+= z!8NDq#f38~#Vh6c`f_$fZ?;y$2Iit!*yga#OAXm7Gq1o;h@74?4;FKkNmn`+>E!gC z^IkQQ^;*4K@NzYmhaL92Y*r)b0pYh&n1WvpO8oLd8Z^S$P6aeFE6{RnfV{Kb7S~#M zK`jh8?#3{QllOMyJA&hb# zu2$G$L2nUIY)IL_)vn7MK_Ak-VufCGw^1P|O0oo(?G;D1Py-#rp4^umz=gas6*CC- zt>;s{@Y&_zYDR{SLq8+FDZVi_>_dJs@&!5H1By{$*=@{$*Z*W?3SaCd>K)J0F{qWst}ejnq!2z`|A>zpuJ(uXTC{4DDsN;g6)kJZk2zto6a$CSdliC;L<7T)yX2+bCx!EyWrS1ro|v*1%yK){ccg)qx5+U&rYU3A*T z5G%{amBAl=-UxEf;l!8kswQ&{Be;8x?kC~C951_hk54=S9x)4Y7A8y5Se5eK70k)F zcl+#P7y9hnJ2rf^Q@cWo^RLm^=(&w+Ven?im>ayKVQ{&_;ds-iNX|-bm#@8N_n%$q zSm;>hVCKBs6%856CyXX#UNY$`2_KLR8a>-(tyW@8)_Qcnf986Da1s<2{k*k~H0P7X zC)Tg^rZ)M#6OoQ6aknqAlWUTiAVZ1rAw90nr~;<9hoMDH$QC9dwkWN$7Vv~2tgkN- z2t)P+cyE$-68}xV8^mu`PtCM(^&9OQ8z4)3<}q)UZMUQg)LJpZGaUi56CO${)q(4s z>JXb*4-ZB8$l>toP*d^N{3t6fg}oRkDu!ko+9* zZwRobXwGq^Z_d1@$MVkIJiHl#I`qIBlII?DvW{Uk^-^RU`S-@WMgvEV|ML@ zq^9+-)l}9f-C_mC4&@0m_#iNm{{`AND18L`zMFW)(5;LO-3r?Zm%a%aGvTu@bh|$L zLbZEyV{E9QvAJ<&$Y3(8^Rb^|cC*4B ze9dbUT9*Z_zK&M6qtzCV%2j}0V9H0B3hwtG?>~UL4kH{zuns1%2S= z*!259nI5g{qQtxNI+NTuA1wIm&h%LSsSaur&L)&6*)7@KYR{d}gP)MSoDMZo9N&iT zI@lO~Wntsu#yc7}B6e@%vyHr4FNOc}XyeJovyHDchW~T-7rH*rZTe>3vap&JQi?Ov zujlQ-ujnZl6De+Tv+zvFD(U-;z+_v0F)`c)|E}cY75&#c1RVgK(j~5GE&0+kS8d*h zhV|G%(}WMe4;Hg)$gtWmbe8y{Z$4|Z z(C>R;#(^@S`k>d?PGu-geE`JqKEk!uFHIufl=wzZoIj-Kub1jt4mT1XUM$^>U%YTN ztjK%0VN>HN_n+OzCDGmLhDQ+h4Dhp-P7{6^ZvftFrn_b|-!RQ^{oQbv<7LSD-~Se86YBSN8d?4(2)Y zo5ZU8=1(o~`!FVfZ@zVm_GY7H=R;+>!%}~kn4EWNbXW0kzdo;at8mLT=nW1O#jUUI`Ue%sc;yfTMn$#GJz_JcDVDO(1 zH`Eo#o^N`Y(f9^h^G0im%fFpfWCqeK`S|soH26#v+BUT5u}=D>i&BU2_6B9M0TPHJ z({~#VyRW#rv974i)ZR0=QaifApVNB|#>nT zm*iJg_kHf_*6!Bsb5xI9AL@z>8jBV>^5NZ7$d!LB2b7^E=(U*en@!fLJlN_%k2R{S zB@cS_4h!aVJhCQ+U(O0}=CigeSB{{p>3Y>9Rl{#E=DW!G{oD80(*wQcRM!ghP%`LA z6=Wt=0(qjh#grjh541P44@f_Ca}4H9_B(wW^&_xWkhqkh*NK@ghP{)<(SbT19Zbb8NHatmqxoDdd@-fBm}bayHO={ApvG8HnNVm; z!;UmEp>$B$&nK9lA2?)!7qKhwCVUxwQs6+#ESz#^0_1g>zA;xySUE$NYD@Thp|%!) z8{l1>0GTdkMq&*T6#>f;d6#2X;WPdl>E3@zvui9wze7U4EV5&d+2ZK^xP|1NHpo3` z7y9kUjHz9()C7u38pKBqe3=Q$RG2ZzMtU44v&Q++%wa7W#)B@yOp}e_lw`i^nR6Gp^yoqa}C=Ze)YHfr{l z3z}ztYHD2wU(D}hG=GmJSD%7!emi~}@mtbwB(tF0#~)NYo#IqIgBesi9vK-QhhGa- z<=e8fFI$?CuUY&<`&Ia&xrnjehVP=jr*EYB^F5?#J;SaOK7L<}o1F~Y^>4>Z@QwFG zMb{75`09ei_TlaQ9UF+6FjIP*9m}q1k4T&!-|q33u=@c-Z6oZEV1p>AlmND^%IuWa_GU zf?_6nUt!Kz?AQ9)y4+c?1OKk=JGKIetNoE<9@hIcSgz7H+#H8+Jbr6#Phu?2WWkr+ z!_dhi(46nZJO{ohM6%{sWL}hHGAgIKN$+;KRZg$EtbmjO3#ShWfX~#IN3Bd~aUQW@Lg`$V)Qv|n%E2Ob|EY4eCo$dop|DahY zm-Duf)=JiQ?f`OB1Dkz%R`pV;=Omuh=_Su69^41A12&vR3JdUHK6U`u>;ocdfNV9c z0=-J>?sni3>3N(ZvaKs=%Iam`e#g)JYVoh3TgyZnu8s8;&Mt96A4}Z-P!sGUF{7yd zS#ka8zr*eyDYE>>d&&zT0eE^GcK$cp2$ytync^$*Y(F=qJjg1S2lt3SUTkB8d3_96 zUuRG&o)qF%;_qQe zK|<_XBA$&(K zO5cUjDxmjNqK=cF#g{(`?{OCNQX6zlqmfM6iW7+DXyV&{5;ISJciM~e-T37$@XzCs z=V0}Z5{P|2#%3r356W$}jeRhD%)0@<4)lPWt{eNq@a$qed=G#lFq2%xI>K2hJlDMH z{m(y&Urr2cH1~@7)90}gU|H(O^tj+pDO2o3tA9A!>S}Gydoa0L=SEuJ} z-*%)qe&W#&{E>0s_SqFj^K4Q7k}db~T!ZkHS8HQjicRIn(0%2pzR&EPU2G8g9E^Lc zQGa5((cO5r_XGA>uGR7Lo!?$ItIO>ebsa@Y}e_hyH$cw`u=bgFv;U+A?%> zckI5TfjDG5aWhvquS+>l+O(e~&r{WMHM^E&hm->;{gnO=elM1lr37Xd>VNn|uA<}$ zTb#SytLk3>o6}UsHpn&%?psTg1Mq0LUxmNbHr0ORfEHdCq~VQ)kBa(JPZ;%Hg>AQE zwg`IPh)Hg?(hEsDYE}Nxsd3*r}-zo5;Ry>2#euAqCKB$^t*YsW^Xg}cbpG62G@0=C-P5k5F z59ec~zgx{|e+%CA27(p(rh~1C`zerh+fe3{TIiW^eGH)v;k!t0!nF&br;pQaody~c ze(=sA`~|p+>30IB1o_hrge|!LyOKnG2XTKjzO%oM)BYGXhC>L;kX|znbs>HX;X{N) z3plL?JasO@Uy#227EW7%_yU9v5q3JjYeV1tM}+zKzOP`%M&Dz@_q~lUw}sPA1AcTZ z!n&Rr#77XmT9ZgW zj^{5U{kL_%sUkiH;ccXUJz4%7-tjA(*$ww6%AdkMT!j9d+m=X25&sb74{k`L*Wmd& zND?NO97^xk3--z}kUi||`xcvngxY$m^v zo?d`)NBR@oFU0-#%xFh3>?;xHQKR+IL?5v*5_l^b#?mR;gx?LJEBM2zKMP{-xTdcKeAV+f+6k#({zwv|1=T5;XPM7D!@P**GKL5i_jg@pK4{NIH8 z8`=G=3P3Rmv*A2>Hk%9AdTqGZ#;TE;!)8HX$5^VO=^IahKUdtww&VXj_|a{8hm&n% z?WlwP(YXE13k(*pLbnVUiwnTdV%`_^Y@(U-^G(OKGET%L@M4U|DF`1@Jy1#KU zP4!b+noQd!)AvoLsl9an!O8T^`u9+pzF$n-e~QvT?l4;-eehxeAKNbx=gEgd%b+6p^c;$k+AM-K=o#WTZ-N8p>4NthuV1EpAx3YSD^~ z&T7ZTm5!GGkzClo7A@JhY*|f>)w*%jvW-g@wlLSCHTIN4GdrT)D`xbjiXp zalTkLyA~haE_HflcK2+psh-)sWqbSP>37d)XY3wN=k|?M;oVzW@9EyywsRwTeluf* zrE-Q?B9`8^%(;~Me`DjumZf)!4~yT(XhI9i%D!1QRXF`_>+~(Ced+z1y1F_$I=9^; z7I%veboNMe-M&p+w0f1Zn6?~w?vzpl{}h~InNCr&EGxr)My)U~ouZ0mrr8bD@{OI< z?Hj#!V@hEEt#*iQtsP>wXVaz*vA9FrZ1;4t?K^tJhaVOTam8o!Z0i1ItMK%6`P=Wd zqFtTaB}j+bGpV5RgsN%#kAAZ;$fL>{Nj;ArJAThM4;#yE~wU}1J|>gsIWvTZw+RVsAK z+gIAf&TXANV#oGvoAhjD>;2U8iBjUW9b3^FJ=?OqwS%?b&;Q}xO1Z+xqVq6TdbVQa zDsj;=t5|HU^`go}s~Q#}UX3_aG!rvNTz7x#mK~cmuoasyCav2##0R=M@y*nl|M707 z;&kfgIh7_iR5qN=in$%!LG3R7Ah$!ii#w>^f#20EegSt`*$cba5Pj73c`C=Z)3Nj4 zK%(pxy^STYT01M>8>*N;ff3cMz^3e1D+#Zk4j-HAF|oLGLhh+DUJZNkdFdwade^41l1EJVfIy0>pZ zX1BO$TWi~vO&#@O&rZ)KQEtlJcmXv8b?2?CaRaX6|e5-1*(_e&6r=CdrQ0`w8sC%-CQ*^S7NC9wnnt%IgK_ zSX~pAV=Ql0Sjs5q(CDnsoi$gi@iO&cU1ht*I#pG-ZQi374V)B*mK`!Hy5;4&ai3WW z`WKdF5qz~}NL@%5BPEblBdtYJk#b0Rq%zVKNSl#vM7ka69;Ew`b|8HV>AOgKkoF_} z6zOTCgGh&v)SOZznX#2gP+*+|NoRaMUkR(q=@sMM=u*`40Tx^c>($a$F#O_u$ZOTQyU!ya+6bM^nK`y{5=z$An#N23in#E?6K^2M8mWvf# z8`t@mVnCmZ%aMN1>NG8=bB&WioZ3@`%s{*ZvBo4nxKn*Nbg&%*(sukX^&Z^=Q+im< zxS?hX_t0Ev#>`zr6iu^WEXGLbxWo_AfAr%; za+x5!)YCg)C!tXh7B)u92o9IvY0y2bo&Wl}TtNGQ!}Lfk49d zULz4IcP5juM5=Ev&M)lj8yHT+T*3=jf_A7;_*8Z~Z5h|Jiitz@xl;tYE0rDSz_Mmc zUangvD+54d9L$qd6i3Zz<~XCR!U78x@S)ClU$^U;mT1D6l4FHCY{x3AFaW@q!yO0F zvBMqEB_&W(9lNdSnNI?NlZk+3Bkf^;fV+3k((c@_W4vh~=g)|;{+y8aXN4@yYm{}< z0=TOzxDOAJenSX?^hqO&B@%-PtWPLDJTL&838Eyz3S^6MD_Srpya|!_bDqioWML+Q^a%4u^3H-xB$AzOp(dm))>A(X zJd>gtB2au=^R-c@d3p0iyZ^lJj=dlK>9*Ntn@z8T zAKd6%{K7YOu08mrcP107I&LfMi$1XboasBCymHOsZ_PTi@1mRTe}0vEV8(c3zS?+O+s1e=TiYf9l8gZvW)W{E|-(RC>>OBSHJCO&xJ_Vin3 zB=`C?Uv*6N-s+s{{*5!IJ$c=`M|R)%YJO<@+xNV)`_1ZQ`|KP*$9g5PCEA0nkfUK6 zwnpSuDpiOb)wvFw4bK32-diQI0yeu1&sXk5dH`t`68+8}eXstX`0di~qx>VJpCMh1 zXF~M7d-}fpZ&7{;>2;(xk={n4@3Q;fpM4n5c)o`OQ$hhqsAoZ~$zc$t1%hFdOdK_L z@S|$B&|JM?1Y24W1BCZIr3u>9$YX;}z{o-U_*5QB3Wif-wmIf7r4)uy zWU$5L7Lm==EjVkv@OZ)qV$qy%m3e_c0GdcdhFA?W1#vdlqJe{x$3TV$zFP?Xa;YX< z5zK|YPERJC)TrlK;O{o#X33o(tpMWE$T;0@*x%v|%EjyAUY!)Cohv&Uf>NX(++pd? zvCGB2!uXz>Rp$n1W{E-O4Jsz$o#9RtemxvNnkPnbh;&Z3UiB}*5R$CbSO;tfUKsY#A4BpFmE42fe|kh3BM zEJ_rJ2t%3?sSmr6dJ;>~2?RWxRUFW&T3!A$a*4wj2;mK8X&SS#W)&e`wG3Cc#vH^! ztc)A)ck`b7Vvm>YysjfsCF(sp55I?su%L!h0LOOh2}8rPfK+F)KhxKf=^h-0i|Y9x z;zY8*wura5vK?*BSHZ7>kydyfkcbq9b7g`AO0Lisoo*nakSmF zyYP7fovLFX#38QgM$%Hmo)HcCpfi0fCAx!Z0d#j6fQ&^Ed1?^hpfKI6&<+LQ2HgRl zP{g_r$;TzJ7KkrYGG!tTdYvf2gll=MA!BefU`b)G#7T&&h?6iNVs`TaUUTudX1`vi zpo8$;V7Dlo1`w)|$hmaz`?y#3xT70YTS4vZ@9Q$vM!NAge~b|kT!)0wH7xQV;CFCb z2vZM@7)2-zstDr^(GGSh2t@<#jr`;lI8r)GVJi-3qVIO( zsSlmA4&~)z`1=WX&b=D>Tc)&~iSqUFhMC)t)}sE~NPc-EI6?|#8n=pc;Rtu{ydAer zF~>2(g2u>_(!;|LB5hC?Q+iptY7zqI>N+2^#I&iV^nsbONc#}Qa19B_7-Cjay3k_~ z#1-`_m^is|B?WqzVr8z1BIKub7Yowvx!*!*Vr0&T|0Xau6) z(z-O9)w2s*mn=S)FKme}3AZc^FO2f&qV{M@`+1AFhWnTR+gagfB2Gz=IB14$enoj zB?5!+%gT;k&CqH=DDYZULfo7L1h01%<8v@xzM*zBA8f?>(-SMaetdyjPvd&(iOs{q zH~8DYyj&uu1=*?-!b3E~OPleAVz|)KOs7CGAry^!fv(Rahr3-20!atU$w^KqP)t4; zAff))s&ue3+i(k??(AVR3P0;B) zPBAh66%&zCx0HfRa>T$mPdXDsuCPN9Ql#KoINAymD7BJi5?VEg`MVUnX!w5Ci4QBJ+8>cY*ecko*2{%iz;)SO;# z!VvFkrF|u~k6D!L*2^-g3Wv&;pa-pAveoHm_Q@P2>})o zmqJ|5EkfS#G`yH`@W>bu29m$&NWwyMYf^0I@)(9eWWj%^uzF14=C_o;H|sEN zm_83ThbsSeWc!hS4ZnK;{i$eiF24UlTQe5#`6JcImqb7!AQ6xVNCYGT5&?;TL_i`S z5s(N-1SA3y0f~S_Kq4R!kO)WwBmxoviGV~vA|Mfv2uK7Z0ulj+Tfc4iJ?b_b z=_QURufB)jPo+&`mw)k@8SlcU)%WDRoC2l{k0ADcYa$qbML0Rcv$`H z^TAnnKlS9cSNBYNW%`%ioUA;(dFi?%k3DzdX_XfjoN?a1AKbC4FLdXe)*G^O-d%g; zUCZ0Q{CX+da_K4gBah#D(~p1A`}NtQx8Bkb9}a$M-y_o(f9#o44otijxj)`I`-Owy z`QM4D_uaI0$9=`|#33mwj%=xjW81baiA}YTG+a>yrC#c=ogRo;<(l zsg9G@%>K*J*16wGMqj$`{2eO~9p3l*KYZln16$^vu;uN~JbLNY^S>EN?W{FDee*%H zuk`5QFRr@fwQubF;r?~`S9d-A(68srdFHM4uf#vGpthso%-h#L+&J;#NsG@~@rA(Y iH>Mt%`Qk%2Uh~Vx|HN 1024 bytes -SIGS="1024 2048 4096 2048_exp3" +SIGS="1024 2048 2048_exp3 4096 8192" HASHES="SHA1 SHA256 SHA512" set -o pipefail @@ -24,20 +23,29 @@ for s in $SIGS; do for h in $HASHES; do pemfile=${TESTKEYS}/key_rsa${s}.pem outfile=${TMP}.${s}_${h}.new - infile=${DATADIR}/random_noise.bin + infile=${DATADIR}/hammer_dev.bin outkeys=${TMP}.${s}_${h} - outsig=${TMP}.${s}_${h}.signature + outfile=${TMP}.${s}_${h}.bin ${FUTILITY} create --desc "Test key" --hash_alg ${h} \ ${pemfile} ${outkeys} + # The input file should be correctly signed to start with + ${FUTILITY} show --type rwsig ${infile} + + # Using the wrong key to verify it should fail + if ${FUTILITY} show --type rwsig --pubkey ${outkeys}.vbpubk2 \ + ${infile}; then + exit 1 + fi + + cp ${infile} ${outfile} + ${FUTILITY} sign --type rwsig --prikey ${outkeys}.vbprik2 \ - ${infile} ${outsig} - dd if=/dev/zero bs=$((4096 + 1024)) count=1 of=${outfile} - dd if=${infile} of=${outfile} conv=notrunc - dd if=${outsig} of=${outfile} bs=4096 seek=1 conv=notrunc + --version 2 ${outfile} ${FUTILITY} show --type rwsig --pubkey ${outkeys}.vbpubk2 ${outfile} + ${FUTILITY} show --type rwsig ${outfile} done done