From da8d43d02279d24e958dad567791267ceb1a1cbb Mon Sep 17 00:00:00 2001 From: Olga Kopylova Date: Thu, 10 May 2018 00:04:20 -0500 Subject: [PATCH 1/5] Mcrypt to Sodium migration --- .../mcrypt-to-sodium-migration.md | 54 ++++++++++++++++++ .../encryption-adapter.png | Bin 0 -> 90817 bytes 2 files changed, 54 insertions(+) create mode 100644 design-documents/mcrypt-to-sodium-migration.md create mode 100644 design-documents/mcrypt-to-sodium-migration/encryption-adapter.png diff --git a/design-documents/mcrypt-to-sodium-migration.md b/design-documents/mcrypt-to-sodium-migration.md new file mode 100644 index 000000000..e00ddf78a --- /dev/null +++ b/design-documents/mcrypt-to-sodium-migration.md @@ -0,0 +1,54 @@ +## 1. Goals and Requirements + +1. Target Magento version is 2.3 + 1. Possibly, 2.3.x patch version. The implementation should be fully backward compatible +2. Use Sodium library for encryption, as this is the latest encryption library supported natively by the latest PHP version (PHP 7.2) +3. Ensure encryption is possible on PHP 7.1, which is also supported by Magneto 2.3 +4. Data is migrated to the new algorithm if necessary + 1. On-the-fly migration (data is re-encrypted when being read/written during application run) is acceptable + 2. Upgrade time should not increase significantly on large stores + +## 2. Strategy + +### PHP 7.1 and 7.2 Support + +Magento 2.3 supports both PHP 7.1 and 7.2. This leads to necessity to have a solution for both versions of PHP. In the same time, + 1. Php 7.1 ships with mcrypt but doesn’t include sodium. + 2. Php 7.2 ships with sodium but doesn’t include mcrypt. + +To solve the problem, we can use polyfill library [paragonie/sodium_compat](https://github.com/paragonie/sodium_compat), which provides Sodium support to PHP installations that don't have Sodium support. It uses the PHP extension if it exists, and it's more performant in this case. + +As we still need to decrypt old data encrypted with mcrypt, and Sodium doesn't support same algorithms, another polyfill library [phpseclib/mcrypt_compat](https://github.com/phpseclib/mcrypt_compat) can be used to decrypt data on PHP 7.2. + +### Implementation + +Include both `phpseclib/mcrypt_compat` and `paragonie/sodium_compat` as Composer dependencies. + +Create adapters for Mcrypt and Sodium: + +[[images/encryption-adapter.png]] + +`Mcrypt` implementation uses `phpseclib/mcrypt_compat`. +* Old `\Magento\Framework\Encryption\Crypt` class is deprecated, and reuses the new implementation for avoiding code duplication. +`Sodium` implementation uses `paragonie/sodium_compat`. +* Use `crypto_aead_xchacha20poly1305_ietf*` methods for encryption/decryption. See [recommendations](https://paragonie.com/blog/2017/06/libsodium-quick-reference-quick-comparison-similar-functions-and-which-one-use). + +Please, see [Implementation](https://github.com/magento-engcom/php-7.2-support/pull/135) for details. + +## 3. Data migration + +* Limited or expected-to-be small amount of data to be converted during upgrade process +* Large amount of data to be migrated on the fly: the data is re-encrypted when read and stored again during application work. Currently used encryption algorithms are secure enough to allow the data stay. + * Additionally, a Magento CLI command can be implemented that converts the data after the application is upgraded. This should not cause issues as both old and new data is supported by the application. + +## 4. What does this mean for extension developers + +* Extension developers should use the new `EncryptionAdapterInterface` interface for encryption. +* They may also implement a DB patch to re-encrypt the data, if amount of data is not expected to be large. + +## 5. Resources + +* [Epic](https://github.com/magento-engcom/php-7.2-support/issues/127) +* [Initial Design Document](https://github.com/magento-engcom/php-7.2-support/wiki/HLD---Removing-mcrypt-and-adding-libsodium) +* [Discussion](https://github.com/magento-engcom/php-7.2-support/wiki/Discussion:-Encryption-with-Libsodium) +* [Implementation](https://github.com/magento-engcom/php-7.2-support/pull/135) diff --git a/design-documents/mcrypt-to-sodium-migration/encryption-adapter.png b/design-documents/mcrypt-to-sodium-migration/encryption-adapter.png new file mode 100644 index 0000000000000000000000000000000000000000..f63fead1ca5b7e5c25ff90423c2b7c3a97468395 GIT binary patch literal 90817 zcmeFZcRXC{{`f0F^e#$tQKJkIy^I<}3zFzPdT&86h+cvaErKLk5)n0O7`?|Ri7tBY zql_7YyC!?@bH3+y&v&15_PMXu{o`J*@v?lZ^~|j2c|QHU#NO9dB_X^)h=qkkqOPW_ zhlPc+i-mP%8~++0v5i?|!NMZuaa2;eudbxTdf&_4&e6pd3rj6FEd$R`zn3O-EuDjd zqgo!PAmS$u??_=3%?CYP1~vkYmvofR;+TvcSPHyjP~*~R(F;|eQKyyYGl(XGA) z!}7OqE`m2DbAfw-hr!-!Q2W8xl4~>dhu^T?Ft=00SLu>qc_{~^Obp4dMl4fvZLqam zp}?BQF_kp^Ai>JTb+tL{?MdFstZ!(~G~bDr2^euX{;qdPqaKS@IC<1x&y92$8*ARp zw1R^SOOfnlwib*^iAxa_R)ZsjKWREhfA1vO`&G(KYN>+?{+gO!-mQbkBA8$=&(Rqt&-Mz`Bdm1~i5+hnFy@WkCq zzJF_QbpQ<>J%DOx*SI*4iWq*ls&4p6#xCGzWl>~*79sKzkHD=Pl{CvGin)pwgE}~s zBJg?x0$`wY-bywk0c#y%X>$Gz355LN{ z#N8Nq(POArZ@0C69b=?>L$U~Rgn&W` z0zXw~?W-$SZ04~V3i)LEnwC!by~WMJMEdXD#;22Sz3O?F#T+3sLlZw`>Ly+uEXu#8 zr7Alj86R9uh}T7hPCvtMxvCIK@VLAv%#oD}fBNZ-!1?S-ZXAzLoX1#lP2arBAcMa}_m@9FR^x5N{S4}i;orycBE`p>+&3$tBK#xzafhWfxo`rVVs-1Wr^O6IQm9UdVU8!+jCW6&J1T-Zg0xMk zO;nM4VeEm`+hsgh7AvKXB8$?se2p_XsToRR-%e~#76+E8F8VsT^6u`Itg9YiiCVsw zki8NYiADE%#%h%(9Qn%>k3%YtlbGL6eyk@od11eKX3BGZk71C;xo)jn!fa(;C{=1q z`iV4zc^f+bO&d>FK(DC;y_Xn$PTjbtADWKXsV+ z4y}NE{7~V#arKSaSg|+V!$j+%)l|V@CstVcophN5c1Z!2{QNgGT1SKl#Ax|iZsCNkFI~B+G>?sRDPW(;u%}B=^iJQNNiP%Z3jt*Y==z;>Ecam zmRRMHo0Bhs)P^}od6OP!8mmsJOWkYG+++{FulrE=k>?`x4eQtfceP(?O4y7sgWsTDd{p^TSouEn{q0RXCxK(SW13@<=Xa|LkfVAI0o8@o zQd0y|!Bcpm4X?s)m^?2Q(~Gvj;Uot_)%H~2{s zyG)=S?*}js#19OxcWp^}k!gW5Vj;pS5${Bj9+`Vq+LzAOn zp;q=b@136`)tA!h$*HWV!l}mU>FPk=YM-ukj?ICg4+LsBzfi> zI7TeQgi@d>H12LQdj@m_&c0~4Xb766oRw`D_W^GRA3r;;JbJV)x;Z=Aee8PNy`?ig z_detv)V|hto8ViO7h;I&Z{_(Ci76@~86C8i^UpRgHYHHo0#2 z!({eLkMNtGoRsZR+_3%K5MLkPfhV6lzb+N5+!_2Z^kH)2 zOI4}Jczqx8Bhfd`4%=Lf)cz9TCpM=xVu|$|_xzswm@Q9jqB_6LYAx1Gmrl>l$o>d! zIwK)-O`=P>om7>J1CxgZp6HL~%&2VSA-Wa`CMhTAA)cV$zda;;pVD7wU$#G9G}@ORpNNp; z7J(Dd7@;=)XX0iS>l-N)dMqOhn>VERjtuG8_+?yFCP-@7vim>VAQHV<#O-H#J)Hba z{cTU%@u%_CmAyG`ND6w{F31h%x2k4)s{y*uB(eDSfF@+zGit_HB`m&mUWP=@asD z3fr38o9md5E#ZEm<(2b5W&`!Oq*sJ1FZ&&sGq7*r!=}EZKBAaXFICU40J5s={ZTU5 zal881vB{Lij|71W%d3qW|Att|ILs?LE66AY_wV-_W(^DMQ$4_c8o_T>xc|`3aJ6Uv zVKi*?#Rz*+eKOGNftQ{)X>7H!(Yw^qgraYmV{A24wDHp3OSorwd|yDyw;Q z7?>+TeV=ThJD#ro3>j1z z@#z*83$@mP^>zUY$o#Yyd<>6-4bnb6ZG5`9>3!YimRRZAPcKS0Oc^R_9CMHjD_e2~ zgty8b;y&6jaxaJUq7V%J41(@Qb9I5K3q>PZd16H3b2F3;g>R=S8?5;}oiE0?MPo(n zA%~}>ZrK+#Bd!)sDqnJ@ZEEvAd6$(;Tb0`w$r^)7_I^q_+Mj)XW2V)( z%NGGIfrrt)q#$WUNj;y(^A4@U%{GfRvfUzyV5gj^r)wP%R0cYU;K?Vq(BCIV*@|^u z6G(U;eS%Gw)PDgjDhn>@e+fre=l5^jD*>C6@sh88ld47D_+Y}{Q1tsc8u+Y0)-dH`o*VafPQ z0f(-(K31&$t}brgQvR~+zs`^Xjxk~oJL|7ge4J(34YlsGD!F^vvWg1c5foyVBV=V| zmGOFPC#9!+_xHmy@uirkWt-s^n-^tDU_uB$) z5QO;)NLWw^^tZ8rOJy)psr!!pwl0Rsj;^+D-oSgv3EvjGE%WPw|J$Gb{+9paQlr0L zdPnjfuKXW=`Ta^65atg4#~uAPUB9Hje8~~Yfc`f3a)b+C*@}SWV02X0c>w&pidh@r z>je1b`TZwwoG)DMdK`#_C6A@9tnk49%61b$wV6sl?)_1bl z2J*<2XtjLesS(228djqF1PSO*$f2-i zIpcOkM{-`|BPR_AFO>!{^4}0P3c?uz=flk10dpdpp7{{sxE;>dHQueAC)TNTpka?! z&m1%)3F3)j7n|`I7zQ(F{nM$*Lc4r@HMTs?VST3gAIy0Byz0W>7~SBlkPofmvwA@9-V-KUT(8NDMgIk1RBKY3S%(=j-QDh&fvLtL(3i2CQE2{ZJrlS_ zmZ5bIOp)&k=U)&`TkYq2WO(f{h$JL#Y$-=yIo}G^PgaKDCQE7dlwoTtP$I9(Zwj$N zNhNUAmkqE!v`3(&=BYVeSX?O}rGo#flONNed1icl4&+Q~Xf|iXUd9&{LBy z3z97e3ZF2*o$d8g6d{~1r(Ao=agS*-+H z6V_btc%F|}mklBX?AZT;un05Zw4NDwQNzM3KMT^2K(^MgY+$0&@9Ahgu5>zh)zCfH z-oGGxf|=^VnX@k9d>fS1u$BDff3QyfdQs^y6T-walzt~6(XphFBlqGzSf_uzsJDqB z)VuedzOw@Mq2mKbl-i|c9i&(id^GFDKX9J^SBm&Q^q2`V)x3yi;r8{+W^Et3p}(kn|I4EO zG9{{b)tn^xHdC8|vBe>OP5J(pMI{briEK>Cb(jG5;f;r{O0D>mo`^b7gL=wTlS(Vy?se0fPG?nAzoPG7Hi-q@Ak> zzISN3WNWr8{^YVUt*N4QYUlO%_S2PL+Z@ zr~5S>TBnM~$QCHpP>v-DzI>(+W`O#xuuOlCO`j>;nR z8cC2}s(97epp^G^#Fobgi#Q_D_jtZcCtFBor%=QB-hOveg6z25)9d+HC%?qFL4y%0 zl5Al3{ClISDEqcFx>Sp29n=aCF4I_HB&V7t#qwVe3S$;h)9kjJOhV!Z4?erMArvYP zL(w10J2jVSbsymNlo6T?C`0~&@YjSd3X%bat*=R4V8f!XgHj1XWBfq?S*Xb`ylnqA zZ7St22zM}3tx=D7PJg%i$oE})=*54o)PJ(5zg(-7)EfauV52M!IO|5Q7rF?&yMH`oRU?t*jHh2Dhxxuv$%OcylU zbZguZ^BXtQn1!!2Sqj^9WoC;B*to=OBHumw#0YYq`YtRkX4mst*sP*$7)qQm!UN~y zOsl;KmB|<}{QKdAXs3IsmYAoB`|$&D=dq%~&yROb(J7sJjOvii_mxq@fa& zKVoh;HPzTCChNvTOA)Z+F=f!;psU%X}>x|EX$6w{Q}%eG{etp*UHI&@>@ok~Piqkgw}8~+;cTzwZ;G`=5%$^xv2E|ZM=H5Yj&Q%M2~O|0$$Ws1 zIPC`il!d=Y8Yt3O29|LMyyk!HS;8}T;4U$NV4A=htpGBb?N2Knjt`K45jN}iZJT2e zJSJFTzw{`RbB8S!LfS>AhNKRApy7%IWnWk8BdpHnmjAjog{jwJ2 zaujbox@C8ry3gLrU8)C0EwI?n5V*Dn(=pk2a0?fP{F%d2u_5%Mz{URE@Fa7}FC?~^ zJ+Y)#h9h4F&Ri!>{T_kM{iiAY6U>ckoW%+MKE@k@`*ryq#oghYG9O_fBT-hT-SmEn z(;h5$yXj`sH8=h=CK}FcGgEH;`y671%3z|yeGw$LlF<0fD&>{Oe8HavCyAIPceD_W z`dwk~0E$Ard*ojpp?ZwenGzztlvvVsVAuspgyGV$yyt(KlHbs;i|3*H&9<byt9>c89O)ck>s@g_+ zo5@?hi1^XZxa+dDF337Q5qk;MOP5(iAR$esXy4njT#7{Zz~I44nDn#%J=~;n*~@Q4 zornoX#`JIv=0`-skB=a4wfJp|1SGhqk-S+tIh4nj#E>r{?*H|Mbrf9MUn8I2ux#t;##!b}|^0-jnfLNi&E# zVS=14DBye)bO}w+$Pn}uu^%J`V^fccZ^d2bn*kj2>TdIy8{()KJbR7^x%8Wp;k?!k zXK9`fe2UsAZluzdU~4!j5^w6w@f|a|DJ++-PfV=&MyqZ*4}0G_7XO!L`(2q;GB2kc4hn32mFRHaJyo6 zb`OHUk=qM^1#%@!6U3s+2Pxlpi2w9`o%xuhElBP-b+Yckn4E{ib-!}nv|q({Gq;cB zoFSv>OG!&*l3WdP-e?jr^D$b8>82%*~Y=fB9Io?>Jgi zp9DF|cUyWczFQqw$Ei5bT3I!RUKQWPW;qR&-Y##qrh>^LOc9#~(5ans3=+Nz-BNyBdxT&8v)!;Ki97}&UN`D zC(17v4>%I~8A`<)xfymz2A*tx*%UBeL`>SV_$@@zYVYT797c4=u{=)DjEebD{Luwo z207+KR2Rz%6qLrd%}yO%hO?k8Gud9@_V+~NhKVigz6mFVE4udU8D08)e4HdL2PGC$ z?r}c?{6)$7P10>bhg(EQUb^cF@RHD?%H+Ifx)dDHKZLCq%lY}82w$axZjoIUw-~gW zlVR?1Lnp*5^C0}&KAZJM)4bO%+a)k%^e4}ias_H8*rl_{`bmVR$!Ir24ae-VON!}> z`<0A%s6Z{5IZTap0UE; z?PRWG9%{iCKC8Tg1@C(A#_@gjU_th%wz=>PG;Gz1FEk;3GHfatjf6Z+ShkyaOIE?c z2w!{_T8~`KZlo7MJNjppOg2L=j>}r_Z93b9%^fmNm27R6l#!kfRkzyDCedjm1JZ$m2d}!M@kds*(jLXH26Yb0P_C?;w zc|}%asd+hBg9?yWcLOFslG{jZ-hE|e2>D&cvR=-4@lRwyP4dHspvj`PJ?P~{u7%vx zAqXuCB0okqyH`L9=FAZdF?Z__C!_?sUi5BQZ+6qzvwUD4yk-Uvy)M%bIe5Ydj%`x*uPDab9dY+UL^DLlb*-(^DX^ey zN7b2ox5)h0kxG;WaUK~bIi6kglPL60mkTpn#{usF;qJ%%(A|cucO>Zj{-&xYkjt(D zodT%W(nh=m+M4br-FUrN{AJ;}h|6W|lv4>m9+X(ltL1bOa3obv=q$jf;Usnw0>kFA zlr?9IGvkx9^Re1y-!_EFc0k$9`C9RHv!@${O|ws?1x_{q1ovq?P0m>3>0*2p7}(E< zK=bMy6Sh1H6#M2KR;ad2FjX|Bxi;sfMgpYmj-@NYM`f=c4yK^J9`r5s{F6geH&7Xa zIo#$~j%kUPHOCUj!1rVSUOjvM(_QxKX@BI?pZihb9T@|raxpHDYY%(a6*UI6BW@KS zn`R5*{G+kf5hsMc3K4B-d}N9SRp@N@X32@OENAr_F6VZaRDI5bCXg&^vAoY~7$?c2 z1VM&_P^)2T8}_m4>He49;0p>B#nVOmC|qIvj^WqkF$0h&BeG}DPxxrZcEWq6xh~ef zl7Bu*bIyx-oI-Za8N5d})`L0*Yz-@Qycpt;X=iK+G=8Zkj^iNv**9C)YA~di&ucr(P@2;pJIV~CoK|9oe;;0eE5g(SHyWe$LNJh zgmeriB*2So=74hIB;VfAAq*RY&Qw_yUnFbmCJ~<@SK%l?t~?u-hH{8Ef6q713W%yC zlRX;BJbCUObaUB}P=LJS0`U0a_^N(0o~qQVUTxoNq31h>%t39OE4`W$&{_*}0k&OB znw%I~c8J3MDc}xix5BX2Ga{p&Y{IL1!i_ZaNR<`#m67DVa)9gXz9RsC!@ohcta1Z| z&7N-IHgSk&*%6d^@Z;-Hh+Z*`uyDKjqDsQ|fOEa6%w3)C9b{oY+vFZMZ4kMYR_)%$ zlFxAgLf#ZX9&dv)C%LWJaBj#_=}krZpnC=+@jn?4bP`LMW>!QS#V>;G$lD%8)Zsd% zv!Yx0l}ziD64Ha>X+fk1r<~^?$EPx3Uzo=mzV+~3+;msJB%TflVi9_z{3%L^*qpA6 z+~k;lHD0iRC(-Jt-r|BOpw~sOdJ+}!=hs&%Lrp?vL7Cy%{?nf`5DqQ5Zy4yiAXG| zAHJn!)QM$QakGz!RetB~Su%(0<{?1}q1N~H)z|xP6_WX$p_~2Km+_S)>^BA02 zOo5$8Ly$jP5hm_UqFyp9FZIbq7e;Ipx-yQ>;^dN{)9dXs6aGL9#&CXmToxkRiU%pD zdgB4~|K*&zy!Vmc-CfRxycGo6lVO+BogZFdlXF0?%p*SmF&52Lbi4aM6pMG>!y6NT z5|heoKw3O?td zm$@sLWvdAL)e9j4HR=JGBoR%suQE=~`YkTJ)OMXpUUIW1)pY8qe>D^b;j^>rv9Z`4 zFQi-yd8W|5i&=JrcM*#?I_tk4eMUFM|BSBhhxH(GEf4gtvyld;Fj%c)`@^(bqidUa zXbM5#_naVjZ)=`ip88oif(`9tep`w1*_#2<4znq)C4A%&u~G=WQq}u?|If10aghLYT@%d8ZQdJk-M-7#XATt^#hxCseI?` zIepDY-c!5xr)`bTu_C1j{c0$xrk*~?yXm4IXxf##( z{N}O4C0z|r(*X9KnDrx*L*z@5-A75+lwz>EvG{E6LFjp+c;F%}eVHj1*W%dX(8T4p zi&LdbJf4g6tB+aN|~$7M)O#3 zxKt#xFl4OgvW>iXsm<}7SptVvSH?-x^4Z6o!cU(Y8TW7RGKGwjWA6B~-3%-2FP3pS zZ;-^04^#8pyY=I$sy?gyg=s_Xi&4=f(rCsWPDPE3q;IwrnFL(V!Wg}V`OA3M)f-Ms za1u;kPl%s~mk!)<$~KDn+Gb9qM#+7AkI4&GxD_r`GY2{Q`9hUB>pU!mOY?Dvm_W6m z-AvP#*km0(hxl`>1FicIJA) z!zK8GFLvBR7&4;oHP;*zoHaP6E`fr>0|kRI8nm&8pSja~wkyl1`K(>JW$Sa}ZrswN zuDs*3kJE8-*8(?)>NWCMNqpfq5`JmXmzy!aN-&~NBs~7S6?Qib=vRK+y<<=L_AT%I zm(&Hgqypq>KTV~SnJB(YowT5aqUETSSq5Snfh2Wt;G-bR0sI!8;{4+WG1thsz53Zy z>J*UQnwsYuX;@gD=0{v9bZ>H;TIl7T7H9N5+41DAf+v^Ncbip_e$YT^6mRL<2v3*q zj1&hiJ~lNqo*&40K$LBhD9Kg+@+2(sh>dQMV|0~Mb1I^-oeV6~h{zkndrOe9OC~!g z*nGM;Pm8M8!nsRd9{z^sjQ$?eNN&+yLs_<%r^XjDj^YRzQ=v*6+ zYbScMGIBMV2EQP|R4U!D?+OvQugC58&8*Bl=3eX$vGYUJx;}Cd$5y!P%rWwXu7xra zcXY1fVp~1)$;v9~tXp*v=G8%uva|Q~2nc^K?u%2q%2MdYR2=MHv~*+`WB*=tZ?E`J zjgCEGBJRx?^}>;3b&p?(RP2MP;ztCuE~AoDx7P#xtli*9up z1K7VtcibSzM*REHP_)#+krpF{Z3%8<69quFf-mXaLr||rk{a-SUEZXd|KxCk1<-JC zes4KB+tsT?K+)svH8Zfp{(Ld`-0{6J5u-6HIdp2|cmRZd$1pKE0|r!5nxg5QzGXb6 zV0^_M_x+}yz-M)O$zjbts%#MCAl?cl_Bsl6QVW$GE3=P$D{xzh)GsEY_NgvW#>?XK z#)B>f8%gqeg7wQO_wh(ChoV(NrEz%b3&6?}FZ}DpM?qir+YEK46C``%&z|8Dy=#g| zw?Ot8SkDMHZd2k29!1O9QhzE4wqz5jn!hB2?1vk6YKhNMr&|)5%p6aUUs8YqbZK#z z`Db4S84q2tkL`A>9ybqkr4BlFQDUsb@+4iE4Oq)*%1@NKwK^)o;(dOdVIKSG%)M+* zGc;(2W!WVA!ue#xtsF-j|5KgExDDmTQ)CUG^4%OLI*~0_ti`iQ8D&oKB~gh^i%uM& zpS&}rglAu_D>)0BZjd#Y*96&~D)RjVm0h3pA0 zXKa-M1m+#WprEaI(aMDKOLBvjUy+?|Q{=A?HTX$IRjEK^sSQh6vf9u_ZMZTjI^h;FPhi zN-`rN&?yv=@50E{ayOBYJ0U@C=JiKbXJuQXa~iVJ`gB%0$^=`D2_)4pRB)uMcFB*G zm9|RarrzW{SDcn?puHnK{hq#d^^g})S3)l?^P?bcYEu)vSZb$B#SXpURC1U+=R_mQ z1}}MABSnV9h=2J|r>CR2sxZU8CeyXW$3-+aSB<7JvnR(u=a?w$WQF-%GQP6IivfIR zX-&miW0vnjrX#nWu+LaN$=Z%Ao+jX`w|xvnesf>c6q!((Y4_4T(1GctG?a5_*%fa{ zS@Ma{cGCD!+?fs<-@p|5+CPcDjL&i)hoj8OC!NchuKLBeI#3A?#I(8G+qv0>N!9i+ zA=p6!X$t>Ct69kr=)N7 zi#6zi3A9lu7bCXoKHIHaReZwwI^I9fzRU!*g=C|bpZ8`Zi#DEr8U3ZRa$EO-hvHZY;?&A5|l#S8zyy7dL zAC|lh^oYD%Dccw=s^ita#xr0aysxmf+ej87oipvxF06WaHEz*j*&yMTvl_&Rzw^aE zI}E;guBTk;qW?rZo8tc(?@leO;@E@5b)HSNhux z6~XUh5(-By91s0&FRAv1B=|u!f5pk-NC9XCtl1*x1EuT-836*|lS>28lu}XqKHFQCn7w@C8dMmRd@ObGjnYDD@09X0 z99&nF@Vs95Ql#gLb)c-&B}V^HXn~CoEiD5XFyXtI`nBAx%O&aaJa>v+^lh~@ zdkfryclm}~TI^Q<0kNdtgjKYbbuWJ$&X~^CQ*m+b877aGFt^{YNnhLr(LRc>HWTwalH`>VFim+63}D7fLWYnTNa?!WShHO zy8gd5Tz<7-UOA{PxUrK#`lwno_|lsct5f^;-d;~{v95o-JJQBvKeK{gS}(z$bbK}; zIap`nonQnZ!L02VL_H&h#ixa#_N}! z)qb3PHb({lPpPWDs%#Dd*F6y13G7-Xump8b>BtCkSl=E0P@KD2j%Pd_Sy+v!Pz1^} ztq8c&`%Ay7c}kZ@8S3EoO?1321Bza818V%5By>QZ)sj7#YPYJ% zC5i!fMsXC6fo$vD{vEaWUyaW@#Fqd-@ZWcZzwdbh?FZbOg;s50qgd8xHOO5{5^uOO zmN0|^e6u`C5-A!=2TsYOFl-OPbcUUMsKF_}HFV{}f5q<4*>usKKn7fJrF|a&68>KV z4lw+Kv@A3Kf^P6dsu*!Qc(9IYD(Xx~s%u```rhTA!S-=o)Vu72*M5US)L1osp%mLK zJTc3My!QWp-~9h`ee9?+R0NF>p%TaXnr%!A+1P!au)<+W2HUP1XSchxV@t7OX z)bRKRj>)56ptep!u)YJpkhV(K>HvylXs3Eqd+FNqxhi|u6Ytdl&nmlbP6e9ip0$iv znNN8=uzN1=&M_!pcF))KQGomHc|mg%HGZ{7=oOk!;Y;QV3!=<62RI+j59_-S0ZYRC z-ZJtB?b}p&r^@8JKs*JGc!>!vvPA5qW&&RP!C)j%8CFta^6vgWX<7es+T=w9z1v=iO^s8dfv)e*Kd3_0|^AE zNgC}Iq|!7LYGfEkfnEPVpqjYKhwn1f1HI#+CiDsj=9MX0;?l)52fh}_%nlu1`vY`G z`wTiiX#yC(-yi{iXtT%MD8G(ziaKk!F3qKAxhE^Hp$fUW8O!s2ZK-z1slQ_hJby%m8jmaD2}8#TeYx?%g74Kk z95`RwcPC{?sY4uPPZ_?xwGVP7Bf6c}0|-WpLvi`p#LBsw|7r zIfgQ&{c^#t7g=j}Y7Q%X{3TRqh{%dFbJz54Gzv2BDlB}i_Df^3aQVls%>UV{xto^v zHRgVueoiOr?<^t@5b>Z;Z5DfcTLXB4kGfZ6fM0&+a9~xwks#0zBN`NW4GA^TwsZuJb*r z1Nvx_vI_({9!dTkH^&;lKEKF6`CpD^%DwH68e!zWZ+A2o1m77hg{AQsL`fBC=QMO} z8PoFB?KPjxAfT7Qh()l+~NgldWtkS@+=~hXLHb-b?TonI6QYX3Bt-Jp*5%D<;9=T z@7JI6&Ztmh<6_uhyTRA=5HH+WuYLgx|Fio+C-~#pK~l)J*iZkZ*G9TC08qhQyOM6w zP*G8tx?veIqRw4UA~wM~gZH7aMz5yoT#Gsn&QZ11ZxGFhrrq`YBvMzY-MXcFRV1^Yi<&U~ zh*{Bb(2C~l!pUKjyhu~G=Bu`ktp!ZB_?oq-2 znW_Lm+J8jA>0WOc89ao6=YTZg%5LD?S?;uLhFOXiD{Ip{F37{c%s1@}$n_S?FHz&% zVw@BqmuGXcM)o-?KM!*eb#oUdwQg14#Q1twf$WM4;Hjo@4u}>;f>a{O9FAZi7o)O> zdYCWJSF>?eC*OgbROMk(%CA4}a;pVWAlg|jhIY!^Nu?&K1ve}-!hlv}bl_N3?#cyv z4NSJ3UHDUPT45>>lljH?v7ENx%~(YFpQM1fp1$Id;>U-&ohB=%PG_!K)9olBr z>^$D7uX`xK8^3}nMDQ{2lJJqfzDB;J3KzNRoSABY9dmFKNgpOU&|7w;Lua1gSX7yF}&*m3ROkFWU~&o_}=Un)IAe#125}qyEu4wFPTf&A-a;r$oqaTD>H`>)00qM?J$rMGeGg0~u+PGNd9ioq`QcMV zKJN_XqmQdVUVDzOccdicqZV14N5O2me%w$gx0HDFA6g*@r=s-rgO@DbUHA-Su$$bJ zR(B`0rFWJgKoKN5E8q-($RCT&sbEzTdQ6z?0lb*cgb7)IM#jV|raN{m@%uoXVoC7p zz9Kg}jUA=+1z!X~D1Q6UT=ke- z@81vCYw-QZLos261pj$QWMMpz={xdk;FT|H!#Ggi+#ySkke6J!a=}k0-ZPxF`kGC& zuvm{`lgW_7Wp+K2vhU|Er#+o#P|oAkFRBA>^uWlZcholnZi&sd2p}8ILfu4$pG(P8 zSHCfYI5wg-OWGlK8_-08b*wS^2zl<;!^ z6=dqBC2j3#GDU1zI9fOcSc3v*f8k;y8lY0qUiNZW z(y1H(c0kE&?xITalKIbxq|r>tP^N|%$d0`f0r5S+2k4}gGARMP+cH2ThD2Wb`snla zak_v7J%pV3=$Vd2#%DtC5llN3y*=PVdh?rPp^lE=t{loiW7DG|u5Kx&t|>CkuLg z^kl}fn`5r==ke#}ddrj)H*#C;Kap{SPYE>;rHas;^|c^y{LxKSEP}Gt8|%p0G(ehWTmOoI@P#t+A(p zW{}{-x|FuWLPVy{)&6vWtsDqyWAZlIr7D+JFnj}p?M(x53zhT{o=ld; zD1hhEJ_$6hBSJQLjHihfn0ao9dR81oL}T7tO%)4sM=| zu-|(UP4S>+iL)i0-d*G+>-rYqf5rbS*fwa?wfFZObhEHnJa`5AdAe<1cZ~j&X_!UB z>2*Sh*!6=-uPR_&ofpYHNEmEj#RB??&t7u-;Xi;RmEI>cKRR~-_X1C-3Pl(uS$w8j zoIC9j?~>px;muUwf%jhtZvsDNuTX7fLC@o{opXbc>Y4~VgN_CYtZ@MCk|@#$MhPy` zMl=@5<4RL3Hux(=y!5G{RrT8Waje1A;Lau%H$PeZBQM)mJ?C5FZabzEAq#F75IWGX z%`T#nTT(F^AEz06mkB=mJR+8N_<442>dJn&%8u*2l#h} z=5^?lMuMu&lev&f2?lK#xm{{5<`T|gMGV1fu# zQ+!Ndsjwu(xzD*~7DPtsiweK<6jS%FMbZ0>d<_2KDD>BEF^?*L9 z5brsGZi{utUo?k73!H^Zd1sLN_JI)fCv=S$KFjOa%1ST8`av67DB3w*^fyW5a;gpU zY1tNG7BU`ZjQkh1?-V`u7b4~v&KXC~tIw{Ozt7H?E8%Na16CDE+RIM8(0QYudnM8o zj?x!ZViwpv4KA~mtY0aGo_2z)8@_&uzaRRv{DF?eQ+h7DnApr~4EQnZ4(pts8e}MT z3N*`;v+VX6*eL{!rU+PG1r*5eW2-=d9q&T+q;sgz;X;v<5R20`TI*LatPK#3&B|&l zc6v^;!@I9eGnVi?iBHt1e$I0}qc^70nnp$>=9CdyIV&J?GC8} zbk~LT`f#`tG=wC9Ab9cA#Tf+meNLP68L7^otE2A{K^C~zQtiYzLe#6Bchp*BTFAI4!j-lZ0f2Q&C$;E)0-}n{$+Y`jLdpWDRl+{`^ zLiFjBt{7vrP-@m!-!D)R;Ux>~T%h4F>gP+8_mdLxa1@yjFE!O!&3 zMwaA`N19;zz&htEcvT1Fcoe#TGlC!S%WY6?7vuk5MtSs>{fI8h9}QnEoCLo1^!yHL`K8A zdWz+#egmwY#tc^FEEV#_CNpdz$vV3Z-}=1l^bf8McV`m3WEuDZX%DKaVa-$g_--Fy z>MR$TjtAz8;ziSraNgJSCY;b1l1{s0yMFTD@hG6&t0jKfp7*Lng1+Q1;)b2qsDWTs zfjp8VjmeuILb9|a(FEfCC(e_-X6c1S{dQ)4nxM!ksR8D2Kj}PBgt5nk$vtnX= zLu$gQz*z|1r}64Dyuh6@m*KR}t%2DgC3DXDDDIEuUq^q3I!}ZGjWc~dz(<@!b_llD zCw`b&vM222(n6Le7QjrIH*Qwe9)cAXZ<(euJ?B%k5-gfwAyav0lNB+(eh#`{9ZP

uh2m0%6(l|=hH#abOQBX$jN_!0Eub7%UYrL3v zL6D0r9;sRTsaeIvxKXyU5X4!yE2U?^Zaq*L1+%=B5qodmth{GBV90m3**8-g=wH++?7Fsx}CV&sL z>}Z)F>ClC-lV`^~XF+RgWw((r^v#dN(jj00sw%1SS>_K1!?|{bbyLw_71LUrP zGX}s?OM9HZdG+t3oD34O%eSmRiOwcCYUw!DapP$YR|d7VPMiN7{#7-K4KSM?xzJHJ9)=SbqF_#nfX z=~TH*$oBG9tC_?E%HU(JBABF!_oJFbSf63)U9$<-eOrJG*OBid~c57^0!qnx!{)ry0gy%eTymA<*}#2O3{bD*6Q~Z`$$E|-;WN#5h1KdeRwr53zh=9B z**;o5cQ5bSUDRB4$9ls&daEWhs{tR+{^X*@!hUZIWB1bGK%oVKoWIL3$Lmvn|9+|R zaks_-LI=+7h6i`<%h0~mq}cPFe-i-d%!c3GAnvzx7!*zV+oGMqP= z8*1HYS~O}nOU{k?YS>o-QZ}lcb-^B_Cc;T3Uq=H-? zgjEdaP^0YFl?6=JHJ5KuNo-w#w%Ug%`+%$yF!@EU)0~PyemJAFWDRo9R*1>$fm>bd&Q80$8EFzBJ8;ycr%re0bbvB4=!U9EK|HR%CD z19hh9*(VwTY+}Y5Yc3k4C^ivWdheK}r;(qVuobZS5ed9hBfay1g-!8By7+eNlykCB zXFZ;%W#zz%;)~PX*jqQW%b!wG*IGH8>yB~Ef$IkE1N9N5>wt*2R=!&Uu8HHY`Zes# zhx@j@2S+};Q1 zwd8)p;D!R0iRT$aixme?D_?Qp+))gI>+Fl~tb|_G(x}^r*bWH4xt+Csp2Wpf-x_Dmyt` z!QQ?T|5!((w4g{H{Vk=nxpadl@e(oRMt*@4%=gLc6|@zc)K9V4Ypn*Cfp&Z9yT7^X zipJEo@c3qMyq^#|ge|BA)y;gp+ad~YPgDXeJaN$Rl)hUswAf6SNSs z%Tz2njnWUsuM99w@3GQblU2xhJ%4XRlB&T$e8MB#B~8-re)LX6R+3=6^~}A2_p+1< z6jQ_#*ra}4a4JdxA{54lFfBN}*>lJ4s}80rBQYjNQrr;wV!zoyY2=mznFmnISka-9 zs~Abs(hmndM)mm?)M|g5YsT}VR&!9VS&G?89JSkTrMiN+^HCavAu`?ai~6n_BDSfb zK)JTR75rWd_*g?s0R}-{AAxUAN0cD^Jgn|9nhf95d_8mRV7U8e(?oUv_x`Qpx1G-j$)HyDc+t#UGUKDiz&sceI<~HZ z$oV!$KBdr!BrjVlnh?`CFPVh9;j^ozaoQir_U3NM&HjS2|{Y*d*JVLz|ZA zLI4pm%CWD3+_o@<0ID82ypzpA$0t)jb%B&HpZ8cBR#Vlj{^ApPtE5kb8BHyyavp3{ zEzyWceA_yrSD5s$v}$HS)KiB!9o#ewzrCgehi)Xn)!#o=2dBtj#ZL&Mwtr0MFe}NE({kgZsY!Mayl_1xd1cd^`u&D_CHZvtXj%8> zvB2?8kA932vEkgI=#i5!vRL15;8c&%VC%=6fRXioodE#B$rJUv8}Ro;Hea^VzKIn- zN3#zBJs2uH@ci|Tg9_8!eQov^bwo}7(GF?uoe0<)@v_EWr(y2p=DuGdyk6b|T|vR= z+)VSDSuqY|6^d}mdYKISFFidTUnBvSEw`9&MT>;EuSPu+7}7gjGd;~bL0sb z0ygq%YJo@81lVBB_+oY(P;hcxqqZng;t2Nyzwp9D@z}<|I)-85D~nbaT!X`HE1oW( zId3gAh!g=Qq`d+DOW0ma-95tM?}}91T9m}>_p~MlLcYH1>93N`zSc?bsDq$)s&`VB zyTS%bBHcP~9R>onk%^r=W)@gBBYl12g(BgX*7rkf1ilUhzS+EJq*X|%QungjZ#&UQ zq*;B0M-D4o{*2qm+=OhbYOo1%)DdGjwHh&tfvQkU@WyJ2nyBul=efYBGmHKU-zgh6 zGfSvIj>{rZYT`6 z6R8_#0HtrCy-9z+>y*bV>$?3T(6`V#rqX_K;SuZl!rw5NOYwKk~hRLh-F1c ze+BWNjK6$}NFvU(sH1u__%LNmDYMRg570IRG5qH7+c9YPP%PM;*%=cX+8(A9>dnuV z_KF>rn*Cr+v+QQK4tfPI*k4M5W2gNwyX0ROQ;R1DqMAO!oJG!nyrMIN%h=nt7ka(n z+>ULdwr8i5CC|kfN(fj&(_7qI6-Spk9Juz^k~MNobc$@t+4m|vuzjCd^zx~yusw2= z(c;kS!D!X-NY$4j&eF?SMtyUujEe_7sbio_elKfCi!Uei6GFo6`+XMuFGyFk#U&(< zHGwP%Q{>d)w+CX=Co5Ga8P*9RtL=9GQ)U(v#CnBM_AUc)J`zKO=B(}mu*RQnHAijK z?PS5tHvxnH-V7DxY<2jJ=#pMgoVPu>*bg_LVarg8`iifx5NoZ#Np{5WJaU0Ud-K9R z_;WWK`R-zwME^8R=m-7BriqCv$0U=z^PdiR`a1=B0!G^HV*j&SD9C zo0*R>w^MYeC8ynMpZTFaNcxRoxBRxC+)Wy@-=dFYw8}C*VSC(Gi-Axwr3l8fCb_B5t`FSyoiyX?fsYX zGp`Hw3vu@GAj^qk3BGuIe--;_8^!i4aoJN76b>_v-OxylyJAbNPx+zvGa zqbh1zb7GtRip2xKeD5zWQx6Q%_V)eiMkV`z*F^#p@e7c!wm-}(0c>QmDd5QOp~Z`D z=_pNMUq0SWIJLpp{l`FW4L&22ECZ<>MrPaX{N`V~@Vm9^j{%oy1EL?i6z=%Q9u7R7 zq_ZELiU&1(32^IoVjmf%7xmhO?zK#KLR==Xk$^$x_!4G!HAms6vCHm5FmT`$82xuC zOZ1>0rv0vrVvv3BGC*%ugKSWi$OhrjXS37B+#fu^*BzRKM=|?%66F5MKZxE|SgN?)z0GQv3$X=F@xue?3Gpq6S^8!dHWAIZ>3qHW@sA)iaclED60lDUn2 z1SF-5VkiS1K63zk+^C8EN_zJD^=duy3b0q=Yx9*H&&{oAwCXPjkS@nt&+imN))H{r zFhAF0o$A*xUlRkCTw%`e2EzMzh7?`-ItfoTjWNInvTnwS?O%4b=^ z3i{W*3MkiV#eALyQ~;HH=5FElvt&_nSf;gO9=P<2g}|QwS_LTbh)1Mv|Ji+FG@F_;{Y(HVL~+quFnhEjCs0wca<~EG(D2MZ_>AGn7jzn^Or8TBnudBg(Og|iO zJR7|xx;LmlHUhLk0x@_A7=BQ3gPZ|Cl|n_wdn34d_mI5FL1Np=y&l0+K7R8W(!k8a`j!Gbv-0Ln;YR~*#{)0?zZC3aIkbpeM2q;1*eKdZ$3F&!QUKviU=r&Q1sABB6v1IPXaQe}0uaXHW%qMEt z9D?3)Sfrev_^EBxsalUxVCbvrL})vycLvJBU`+FzOuDpfaSEPbzjGsBeAoLM5VYjdM~7BQhryb8k$h`aKB+k6X7FhSj%eYl*Qbhrq3wIJf9lwA6y&|>k= z#P;0pcFP}8^sr=CCUJ2y?jfsAPv~ofi1Z42I`LM=T(;X~q6eKwZ>9!T2!xqr&xQ+c zp{NzZ8lc?VD+dN&zU(f!Yh`L$HicU%44y zV6OdQMFZMWJRQJMFj4_T(aG!yStjCVG5Dt38Mpl7)j`0}tWh-0W71L5;!8i-1BJDb zTUO=aQ3Y^uAS(}nT$14%AK@|0sv`njZnJdSPJ^m-*DM?*us?YqYOabP_&o=Q?#kci z;Gk}DciZCI!zkokWHxa*chFmXj|6Z?%X0#AQhbD~E^^I#Sok6=-11&^cIGU*?q=w` zc?pv-AxW**@UvpZyW1O93Oi`kxqlBb2gYC(fqFsc869+bVFknuRVNB1&rI_viN%{W zs`4qF#Kw`({K4=i2vSbJJ@Mr)XF8mR%;0Up8Z|pRF9d92R0b02#vEL3QIeTS*Pg#5 zoySo8ShQOoxS$!_k@(uhjN|tP$v)y799s>BrnZU;34q}>vHGzply%8Cd{1JS!{9mR z-FIk==x-aYE6IQkDt`ol9lU?TOFsw9-)l@n(;*a;F}4j@m(SiXdpI#e%-hOsVEQz~ zO_Ih&3nXVkxcj2%mLCWL)aOb63_3B8>w=sTbK`rRRGJZ%-^l(ujR5qrJsb+V_st}g zA3EW*@M3$1@D4exANMkEyqpwj>L}CGl=Qrk7+QJwk^yEvoT_ zyjwtcC`7&SyD25-wGOlZ>8ztu4BprL5@83%a^$3v10j-Hkra2YCMEMX+}h-Bf=oyG z>C|eVJw>1D_D5ARqL_%F?WF};e5;7ZO&BQvOx<=J1GIT_)}Fn?{5s&Qc9y|BWw%tZ z*CLBSyj9D!=k)7NnX=Ar2QkoC!v)v7!yg-rZPxd$MSI1%!1gYz?pmi zkq_L~wke%wGnEvT&m|RG1zOu0+~c@`d>n&2nW#6y-i}MMT8KiuC>+)pP;e^9eWp|X zk=yt=_dft)OTC3}DEL*U(u7b_t0S+~(&5}BE#?_{KwucAMsWA$$b)*8@=!OR-6ZXC zcpw2v5Gjls$|Lgajiw(mrp)O(LZES0OiT<-54Ba8j!P0_@SK6#vwE`(_ zTrf53kI3({j5>Gz?fuRja?A7fHzsxO&`&d(wd5ISMaDOjx!p**}g`ezljR*Z>iec8!_{%;H?K*q9!aJXU7&?d&n zJ-;;7(m|HNGN zlGp?gWGnHIkUroG6QD97E}_;YX+$#-=ZZ{WE0OSh;8D)KHjTfMikIm6Z8tobe_O_R z1SM1IcjejZw*M&xK=?I)gg@EQv_~zNKo_!r&=Zqwjn4QUSI;)xWyMn>SANODCErQOCybya!CZ&%c+@*2!S%Q%}NfY!yYhom+ao>*Dx61MrhQLFnllsf-u z7?)>RmSSTd`uO|b2m)HD?N#&vy!5xJ>AFu2A}-hqyk@p<4lF5mSV6oZ#Vs0QV)eC7yw62UeG6_V`j~NV z)oEm8JQD9gEdeLvi)NOf=)@@0_aKCe=~DOjoztsY^`z+xCv%dVy=-?(EBzEr?Kf5S z`odk0ZQ`aW4-2lDC2F>7ANi}B))uaCtx2g*hh#Bq7Qbqt=@dLE%Xn?dFHJS!q3Cwl z6Svmrdt_yMaCP)HLo?i&ORG^L29Is2q>6!gc}0k%|9E6xmJb3Aum12O_A`S{0^@dA z18#>{%l}-gFY8lQNUhpVX)fABnD1l}inG_=4UH=CJ^nt6+YyTqN^81L_S~5vZYBTv zD4hJl^E&zqw-61_BS|Hx+Fl=l3=rWO%@z~#yqzFn_2EHQ8)M?*`g3>=Pw)5-DUl=< ze7ai8N_(kaUP%t4ikKPhPN^_Gx!sdOiyAN&DL7yjnJ14Ds-T+#u3mWgNGE>dE1Elqwk$zmY+TW8&GLr-7^W9?IULq{C@ zw}&TqD9sIk0f&9%#rY@sn^t6*Bb72N7(A;RUi z{3jWmzc&+9Qap>ceR-BhRy733*e3yLk?_tQH3e@X=dyKVzIk_%#4=ZY(Y-3$vE4*m zOYkgKtAph*SN*4Xm>wo;(3vEXG1FK{Y9Jdy7XTSnJsOMTS~Hy)kV9Basws?0#z;Le z*_Jv=f$+bT5Ww^tf&EP`3eKk_gLh|NbL~nVJk!0DD?eCcANzW^oX2bqM>U=1&NO68 zM%^#_2E=i$du;%8+z0y{4~sW@)6O5bV+R9ShKvzr8XC@Tiv;Oy98H&MWlqFyZO?Wa z5H67?*ouj=+UUHb`JalM-!bd|CWIHrn4*T5pP!c`yFu~MU87GX?y$jSs@6w|59a1ByX|yV|5TyjoT1{jrPrcJRye#g$o=!1DIZ@0{ES zF4JB&2AfKd-NVA+to)EZh}6~HAIXtB6^GN0^Am_}y7VJt`_<~d&%dtXnj$8OXrE!y zoUA_6W>`xQB<4f@@~}a(p0a)hH$UAXj7@>K0rrgK`c6l_Z)sYg|j~H@KVXU zl45=Y#a7}T?^4#Ce2KS;){@xfYR-#^qwZ=jWi}HEBrlQM*=q2TZvYZ+t(oZp5Y(6% zv$cq8?4%e`d2%RJ_^>mjWn8#Y@kEt)!yRH2Yk7bDa3vd}DfRkZd}?uk&s}AM^Ds zy#qE$!}_Z2xb@h{2g=1>qTZsUVwUE}vuQ@sg}d2!3jJF)M+SwT{UU{KQ1(~O;jHQ8;c4(Gbbc246*DR&*Gtit|$H8&iq~1imq$w*U z1~2eUpu@vR%7XtlFYrD&GI~0ooQHqifp;K(c84%E^^1#HeBp(U9}k{$6ntd_Wq82~*SctLKt2d%d-~WqQT6_fi9wzlxJeN6&i9SDO=Uf&*K+Jb! zw(hKxV9j~n?U#cWv+o+8y}va%9yuNYXnirB#HA1yGce?RcyQ!N5m(KTurb>K`EO2u z&ST}YIsnSK{G)m^;H~M5Jj+BRYh?L#*WA>x8}A*5eub$>z?ab!hAB4?v*4H`r#d`h zH!zW2xR+R7xXEZc*KJ)JJ2*2Q89WrrGL!huD=S=&>=V-uq_@5J9=%wCRijql;8b<` z-<~)_r2;$l7QRKnrwgnTAuL$cK!H9X3}_7T@>Suqsk@q8p6~H+N#uBr*zENh-*b{* zavn8k4DGnW7g@0Jp~v>=(ZofMdIj$?OqN*Dk2TtRojrW; zM|Rud8W`AsRa5Ew9&SCSi0f1XY2pWzx3HnM|A&D);W;<7P|bNyv?yz}mIPuY_HP_s z1R5A42K4nfDPN}?xhI1wg-qp5^v?BO9J(3YcGQZdHAS&C^504Bu44*+8Vg zb>ga42;2KyjtTrt8Kl+{3Kk3e4Y}>c!iICtA<{z+l=np6Z8@-c+y+SqAh3Tp_jfHQ zzwg6T#eKI%++x))R>+!5Cy1(4#TXzGqyE5?uv>#0x1DiMoQcLv0GvnohV7pRCI0G| zrfb0D8g2zs6av{J+>HX<&wQNy9#x?^uP!J~>~so2N`V)!7$o35PASAa?p8W|ZKJ~z z1p-7yo(J9-e#7w4Lv(oy5=rb>{%x|cvGH);giioiK_rBaK{&}d-cy%IvAgt^^`uD9 zadz4c78se`Hs6`L&fauoug;!Sc@vKD19jJq1Y#QWm~qmZ*ug`CuN?#uHEz8}pB{)_ zzlQC&UcRlcAa(DQR;a=8?RN|b?jI-lfdSpdj#~xnf%^X1GxjKZ09V2*_hk`Y7=pU? zti?7~+BP50*f~l~l40d#s>9Jhw~j#Dj!toF?KW%RW^tTY1tfJDP+WP@HBvOn4zSFS zq7QQ;t%eUNmu}BFo^5gT7(Ph(-oed~Q2l5*cC{>FjH&_NzgOi^@lBg~Eam~i+k*PK-^IP?{ z3$@SB^Il=RPaPg~aqc5EON;S=34c7hTbs_?yi@m!_?v@7F>!9^zgOR{V;z%|BgAT& zCtW4+GR<*3cr$`D+t=?*U-_(ItG#;^XQGB&JJC)*iWge2|J-@pn{Kz;xm&#{d!2Nj zxJsa?K_f{?uym>;b`2{$-iUF_-p`W3tOZ zJl+0*x2`Q5;=PqHW^KQPk#XT$XouxfSBufcUAXC*Ei{y^`{sfXJ-IztrzDy>) zys~n|bw1pzr&;N^+eq$N$U)$MSo8`?A(?X30Wg{pfgT20P#E6dNTy0U^jmh#CcAbx`#8F~v z-B|&i+a!#CrRHdM$vM9QSpRH5*j6`y{u{;%W2<+_zAstyk4@FV!&_l}${zWAt2-6b zl|XaBs)LP z`5i(W84u2489f8<%T?s_g{K+xrzr_(0h@ij5{#)>`}hh?WG(~3Q^|+j*~GRzGlpg^ znFAkBlq2pxSXo(FN>7hzUmiwLHd30WIoCp9WM@~aHu+%#9UEQ=FWl;4x!F3l(MyP1~}eJ59;RetyzNOcx#dYWl2x^HY=MYk6^TyOJaIl5bL%AyM*B zI7(~bOkZ717{cjk#6z3_HKj%O%}WCH1RLbxmxQXbtC_Uj6QVM|pM{+x-o!%JzwjaE zYgo6hqDclCgoIB=0Yt0`4E|-cx2myl7|)!=yUQp@T`xC!L#HwfS>+~rLt`HHdDZjW z!Y6ndXG(r2F_7ULc+Im?p`T4a{LB1Iz5VGtB3H1gXzxps!bpuvxHek#Bri@;{{CUE z%5i9M;9%4u7P$5qEWU@;wvBXT_Lj=Jspux-&pn@;+*E=gh?Z2$jHKXmk+A7P11efr ziX66)Z}<7GlyLkjI+Q?){2(;P?VUoHX0_Z9)FS=0SyB?-j|-Am;1!eEbEsxs)x5q^ zeLX$;T9eu}?30s6MM*R?G10*B%Hr>w@C4BqPn)g7Ae@omCDfae-(LQ?xP+mxiL!cc zPNRf*YT@zJKuw7GT!43itd9;Zv@(LjDixK2I9aqmu1(3q$F2lcITH6XI5*GgOe28{ zAkietQs;Wcx@D2g%L7qlDD+!Y(uIw{=dD62Q}BAN#&+%}xq7IiTyU1dh~#5zD0nLf zp#R!Zy+Yw%=6miT=E9)w5n#yg8e#41_TjN9lo>{L6x{&i#B_-IafglUQ;uCI1=aSj(m; zRy#b_U{mIFj|9oqV4s9Pw@fj&vTEvc`R5hxYX7*x*7m)}W_>eNJA6-g#bPZHuL#C7 zz#2OB^dnV*6!T}GK5M<;`==HM!To8jq`PN-bUx$c#UFFcLcQ*jA9D?Fsz05lzkZDL zt4X%5JpC!7KesgcApXM68XwR9yh11?<_cwKm(X__yC|@5s{}!e{`2MVZE-96qn}R; zPvBf=vBY$TATL#ffLH^yebCG2aNX%a*09ScnS#})sG&c#232>#7sgdTdHi_Zc(XsQ zzy)QvI`?Cim$)=jM{S>8I9U-ubcHJTQoyGA)x--Z|Kdzt)Sp^;x>u1mFI@aFX3tXxT`oA3ewvB~a*}d>%%2Lzn{g=T;$RVCENHdiC2C9DiJ)wG&sS zL?z_3yYo>4%A)cA(pRQaZj^|S@VhS&jdaz_xu5fl`&}*FmHsa~fSL${4P=8nk8TNw zsN{fVejdH93lvm1#!KBP1-dm@Nh!sHpPO)(*m*0TFeB-}c1xg(dHh+cS4D;pNn7K?S*@V5ZXn9jb=wXl|3-bO0wzSgHSLrgnN3*jR<>h)6k5^YS z)BSr!4;!1(j9(Opy&I=z4pJ;spM)QZRJ{+pO?)zBqAc}R)lRSCX+ij z{5Iz?R+E4CFWX%i$lya}S=v3#akp>O%AjXRX1FjD6A$KZvx#BT3mfH)WA9b-%L@yzC|~}PlkNLkE&5*bf0j;;(Wl4re*iMj>6Be z`p8`+A_>ggii-vj)pZ0vN9&oh@$L$vqNquyXSv6xXHdjTAg-9s#hmT8pF!djqb zf}*dQjt>KweYvTU-{hsWHz-6Kz{qE8gN4qqu8*#~6{K1SU}v-W*`;iN;uz`&-3d^8YdYj3Zd zCdBa})$Yu(LFJ@Tz_-XLw(XlqMu`(3&*MHYeh6#X9n7&l$a5hkvsa*ujhZ#o8z`Le zzg_$!vci_eL!hru?EA~bcZf;csx9?yzv`4v?d_DPn(SQu2*k#bpjl<|{;HtE2FaT@ zeQ_$VyDWGCE5c4Y>}z9Xh#ldDl!WTEb^Ror!;{-tk`fgW`&wp&8zN`UFwejwy!T`K%JJs{KgyhAPDTu&?D{7PA6+4MIqx(EAqod>-s`4mng%|c=^^yEqU2U z&X11U^Gb>#r3{Klm0gq-G+Lz|6+JRBIS>syK0Yom?h=m{why+3R;T1CP}sh9*N7-F zaQM2msP=P(4ctHLs#GkP2p$Cl8XwMm0rpobmD-y9#^gOGu(w;R_Q1|OyPVJ6s5mB3 zEX#71jtwujKm7bs^4OyB@w>A4_~=r&#W2}^@Mc3vO2s7NVSU9BdWYJMt@r(xL&Cw2 zADM=$+}x}h;}m+eTs9l7I~K`}k+}Ihq~N@c)?H=z$7W}P!{P;j!{^ucmDr!Sq93EC zg3bkncwEG@JYce-s1GU)&opPops_W-4(}W!u>yfZ0|Ju5ScJWbAt-jDTgah=9!AjMB_h z_>jr6X{@xQ*zUBBX+8nTR(54!=@@XSLrf6eJZF|;_jFZ zOR8x*vbX}*eacF9mDtA~qbbqD#iSize)&W*)tLg~coI~zwdFx#q^hD0nE*1w*pj0>g}6bBJSkfr?fosUcB(T_{tz+YJs>ei1eIAUoyF(Eu@HzSLr2#q zx6`j9b(d%vytI7QWWDP_RdoxC*YYw2FAJ*S)9u6RY&}wCPo1D=Nf7iuJ}fAkkl8(} z5G(LDmZ%r?-H*H~Jb7ptO ztFp4k+Qq#-(Y!EnV8v}h4oomDW0`nzum81@|5bJW+h>-kXkywyMd4F4TSV~@Q3cQp z7rY+2Ih>;>vG?eLbtqWmlG5Ux0(MgJ4^!4{(-@vxj@f4PQD==c8|0(v`krv;h$)Y# zozAMKEkU_Lqu3{cEAd|IBoJoP!$jD0E}|_O1PtQ+sm$$~gUcFR zVcdi$<2=hEKwD9fN};4a%#~Ji!%3CAb^hwZ)}=jR7Zm&2a0Oi3X=!39#qIPq*Z~TZ z%-ZVeGXA_N^U4F(V{j;4B18 zjsIH7f{HESMv1gs>|Yh=zpUCfZI0GP4?Ie<#~6?GRw#s=X8oML)t~vIQ4|cU3@w-A zDx1bYT#YnHn&VmaT7p0Bu z=8fg4ChIM!nohR54EuwrAmMl|rezxjhvGYOQ@9r>dBm824+)AbS&Rq$yOux?fLF9r zG3SBZ5)qLr8rw?_Jr?E3@ zcqX*92Kgp{sn+*zTVh(UD_5>0uPg7@5}YD{ChRmN{(>{T>kQ4r2O9J8xASf9CC0|e z`Q`wezKB_;8)?kHgAmGH*m-wq0+~H%DuEJk5OFWSk``V@8 z0L)Jr8G%AVLQh@7m(RGkxWwA64&Lj8o{B8V8bQ$;SH1>oAHv;G&WFPTCw!QPOgnM( zXFTG^&U}3Wa5&mBHHJa{g=3Y7_O6*uL zrns#;s0bP#=1EHMq4mK})a_>H{blW}<(G25VQ#Fgxa0xf1*`r2og|IYoILMaJK})* z{^X|s;|C|&~=V71OAQKN;?qJM&X!J!=@1X zK>|(;9PlwqV3(OTwk-3tXf)5aaw|e(2^@6(7{4a4`%#zhi5Qusdd)_@wB)4?@;|h= zz>30|x)rbl(|vKFm^GOCin{M#fi?dE;JoZ#59AK+u5@*lVMA)WY^v|>400@jAU^sr zaMpU5o`e3bx;+r|d~(ulz`f;mGGqfhnmszleL5MkmTLZ7HS%s}f)kYei|tYW*tgel zcidPzR|RU}u^+P}r{y&R>$Hs;2rO)@!}fDdaus#p0sO$I!~gruc^&Draw6E={f~Gk zADfnuNj0;J0miqXu8`82nu+chb2AmS8M&^{DjCLW!(V?Sj*6WxlZWc<@mC$lTXhP% zLMn1|!wdB4iWWPBtL}sPWfiWS49)37cUz`_A@Vy7LWzF-`%MmaK_F?;Me&oasiSCq z7RxbOUeiEF_;y8r@Q4I08R-+Ebo^d#UjDJcouVtWGb-VbuN>CuHLl%#qW2=bV@szmb6M@E|EG< z>U~*!;$u>WdM>z2h1ro|L#v3=&cSF|+z8R=JFyff%XetrjqMSOXOm4zTTRuS=5;UM zXTh367!<>7JH?JTMR$9Zo0av=!D;TZa+m|G{W`t3)q~%>>B`k_G9Jj%+5z_zrZB5z z(lXc@;q58Z5HqPtwPL-&xw_6jw2IN8#pI;@ zUiuIb7ih~@J(t{Ar=XCe*$|I}3Ev(pXmA+xJPZa>z0m*I9B$08ALvgm6ipS#sa5Sf z9>TC*J0L*ts!=_F12S+lDf@(8$%uE@?yI_GU}UT_lJyDrI&!?MoPPLw@C*>24I8HHZhl9&!&M@T6QU?;6&Up_Zb z&nqqo5RE?!^IQY={q^xpvcP0edQCV7A z8YUULu1DddwQT3qEDN+rQ$B%V-f@*xV~J9M(mIhGj#DW0M1!W<&O2{=s}=vyDg_;x zANSBCT6BZQ&E2FfiZ{$4=#T&9S6}<_nVdZ|&hKcaM{#MfE2&xCQeS`O)<;NUUxu;) zvTZglcr4F=z;vwiw&VKJ(npNz!3G@PBdBiMZT8~D^_MGaU()%IhcY_Xh0VuBmefdOL{%OQo7+daqC-*7DCY5DHw5&jyH{}W2D{B;63R`$}ug6F8ax#$fI ze;Dk$_XFx#ZYHs&BV^0R`Yb01zXNZ&VVT8$d@z4PR(xaC|+fwY%b$w{U zFoRWwe_2`q!4Q8b=&~H``Nxbnu(P!H$A-Zq;B=6Azs; z@GcxE_>al2z#@Z1BXJwRC_m7M_m7I{V0sC8s;CHjpOKL+0IT~HrRRTL#)d2~VntB> zn3{E@PK}!)#O|2 z21hiVfQ5UZ`Gf)}oMg!yFtC?i-T6}Bc@OkRi=13|p{G_GB0opyoe=J$g%7u5`8`zDNXPGG|vi5x-valQ)#HFtX!%z^D& zqLYY$P{fqlEn&M=D%Y)Mwq)-2W4ZdcOKB}x>iNEa(0)uP@)hTgl<7lMZhEZ8kDs2g z0p^7Y!OI>hucI0j!x21UzxqYL`sr1PLnxF0m-ayIV#bvCk*d zSx|!NgAp70%7WNafBeDf7=(4Ty$dh%dEG5obh-EDKYz!+`N5akLyI|_qGZ<`tnIe> zq$6|Pr2j~cOr_`TW$O0oPV@W+@A5xhdX=N8$3xYPkL1Bv`{i)ScoVFkU~Ah~n~<4o zYh@L{%9)hGaW`DK{9yi$({5jT@4$ef+fmU8TzPU|_UE@w#P3`l zIo=Q4w0uaJ>!y3k9(T3m%)p6~Fz-!X6_bv)(sQe+%Z|bi`}<}OcS>1Vm#?T5C4I`~ z+rL*Y6{IMqx_G7v3+`|h_B>A<7xniXt|_v}d_p@S$2kIa+QRB|Fvk>893y{<3OS8H z9&)c-VBpiLo?u9q92G`Sk9KQs$g)h2Pf;#J?s;N%K-!q+Njj1mKt#@)nMu%yP?Eef zN!bu->#1{}RK;EAqDDVHj9Ti+S(wsmbvBg2MWu5nsa%7&Nrci>A5mw!o>mD7nQk*< zV;;xPt8Pc@(A27fn4^C;QZN8Gcx?sxzLqFopTezb9Dky16?a{8yp_QN?Ee-L=@On9u<*h2*;|=t;^bdR6jZ zNHm}_VjN)(pEGw&lFJj9V^$(VK2dpWUJ^}~-3Sl3G&7~P6UtSicwIFJuG1w^iUUo5 z%1aNEf-I4tlb<&@pe~8pOe?Uhc4v=|YY!J&UJ>1J7q-N$N=&f9hds`HE`koA?`A>C zGz4sJa5zaLK7)a%P^$98RK^P*Znmgde3QkoJ^XD^Ff5Z4lU-)fOcKMum zKz+4!5PJ2Q9VhxVxeO8dN2}MGp|LSF)v!I!^6G66LHQR;+pj3kAD^{=)tSH~^1#P= z=7*DSSczZL2;3bU)Uwb zlZ?B&yIog8M8p9(YaN`oyeasX+oKRX@ThP$Z|hB? z{sOT0C4Z%I^p~51IP5GZmyUZl*Lf@dx#9ZfNCB@jk0@F`O5m^RiRxbz9|#9hQ8sN%#P!qi6YsL^ss)>IFwXH!aXgejxkhaK&uNdg>;;{bxX}@~dnAvZ#5o z#xEwO0FWyTn)V==_G3qf0>~p~YJbny^#8@*i&{dag%iRd45?jRT{!n9L>yhjU6r%5 zI*6ASr31i`^rE5wNkGrGG1I-sQk>&mtoKh(K3yHUy}Z1Yb^Rr~216rmRr%c^mvpBS zc{#bON8OtlO3_3qc#L(Z|vv}hT!suc^X@mGE_xT4OXW5y&jr_JC8OKh8wRs{6fU^KQPj? zvV_V^bBqvRDJ_9jNcnox9bP5H0$aQOPpSk-OZooi&!0C2sJG0A60wM;54pLAhoxmE z*WY%H9`cBx=FUAcJz2tuQSf%#8#3Af2_KK`?fJhv&1D{eZs`vgSf57m|3B=#WmMFC zyEaTo3kWD6Qi7zENK1$a(hZU$A}NvrQUgdUjg*uiDGkywbPFgALw8Fvz`*+(ysrDc z_kQmEy!%=2TF-hv?6vfZ!p#5wi!+b&IBbL9#0zGjO+`Yfz!I{kg#Dy|-1+K@ zb37(;lx9qd+jTk4g!t;6&&$TYz-3T@v@K5-czO+oJc zg#8Y)7?CDG+716kdi`Uxh@+>Q$EgDBphRnYS8MzfcOlQjt)b=5E1wdVoqBGE4FXaV z~;mb~Sahqz<-N3)SphdEknhp{xUPX*j^ zaAOYyn;t9bg)Y_iRakbyXvNZ_-jO{7+4isFe8>9U-8F^FgNBSslfRB>Kwt}y(L0m% zf;eupoXlpg80PiCE}+LxAO>fj3tMJjfA`pPoDW(uOB)KPayl~W*13b3jZo;5)9(wp zy;1$Z<7RSIg&j*QfDXDTLem`Z|s;Pksx;#84M%v-mUqAF^+au1-k)Z!_K1aTM!3$I; zvryJRrN3S~*$c$;@n<+I&Ln9wRYK7AT}KOO{F^PI%inhRjvNnS?e`V_w?0)#2lmi7 zd*)Dq1@8d)zNXfFZSfuQg0ZZoJC$8uM#vE9k*c3+h%1q*>?(HN9V&I>H^JJc%BCVX zE4h6ZG9Zwc<=Ab=*|TuTsZGdBk3=ryQtNYLH$yMO?0$F!TABL?d_@W7GCeM@@@Q9@^a$1TyfjPjl#m#G;hyZbSz|OKkoFF+LCMh?Y#?6 z#?wnQG_=dhW!qz&zr`;$>+!zRJgvSkWWmHzBb26Rm(u+0)y8AMMNbsr?WQ}sg2Tl{ zL>NWf=AVA?6q}JC%A4NTTL_&U_c8fXGpbiSm?Y${aOuAi;^C79B%)#9b;)@h4)smu z78b4-Zi^+A9Yfs;9BXQqFSNGYT*PX>xy^d)r}cZat( z_Vlal(mwNQ2K*-NgwZU0(acKSixB6*?L9RK);ynluc;mGaZT-+5~xmDj^omT zpyXVkh`hk&dhaIXqWNGBR0%qqFb+7hv(%8E&%g1NnM9;2eLZz50!o#m76kQru(a6i zvzN5^)C!I~g*mQXiPgd2 z4|ry@b4`0sCE0PMpx5l~)^&1Ys6QszwAgWtyqEgk#w_oaiycu@A5X0VPPZ=Z#WI`48^3Z>L_?3tHZ1!rMjZv%SgdS(&d|{KjzO@Gd zTSeq*#%OySts3j&Z@|yQXj?K%Rt|G-$!49(+lr{c$hYP580fx`-Hh(%pY~t+Xud=s z2Nh@EwOOR-@1}@4_t2c5>f}y|;buZ0a$0MLmw@(nQxz9X^|~4*L1eHa3rt8kO?8pt zF4>AQ)ILcnZQ@6Gvtdx(O!Co>{(B=a=Ryly6$P)FOXgnLX*Mvxx;r1-=;ZeOx_2F+ zB@-Jg38lIdW7}Eupj6S%2=&=&Kfp#L$XHK(cYpDNitN^AkU|9v_t~|_okeKMema%A zU+pN=a(uwIx9*xDOn&Ujtj8B1UFke65fP8(M!Ey;kC(+*9P%b6OyOpE~8d^wGEJNQlSorBS4YT|1Y_jon2mJjCH%JKvOA`;Tn!LibIQC)o` z1zn6gQ@trv>}69}e{!g;#O+ zySQT7O26`tP=1XqdTwbKLd!3;!*B;!+v&V>DV3S+ALEFTdJf_xem~JDdJKixOJcBCyQcEgJvw!@xH5<(B8gdu+x?dQ1pEHdK7=f+2DNMtSPvP z>7PcH0`Z?*S%lG2V4QkyYO1I3HG$LV7rwjX+xQbt5_ANiyxi_tcQ1{Q9)2kaht&UY z0;kC{n8dw0D3-$}K2!PRI1Sc`O4WrAc00#Mqv59nKx~pYfZ7idf{F;bif(fYK15VY zf18Si@Eh4!>^TN&*0R8?>fi(Q-L{}wZv|8o&5oqf1?8JI{kx)B@qXU(*?^5wN2NY+iwZ)hxbMNpUn zEnods`w`H&END0(5ZHXD-4L<3@|AQ)2D+Q?!O+z&dv7}Qd|nqJ6_pw;U#I^kPQXOP z3Ad(0F#`w6TC2*SCLlV9fW#|>5F^@D@dNEq9=vQ1QFYFG|CH5#s#Apx1P(_x4vbsy z(u4Qt|LsxtJx}MkhIxom!475L89u$vZ-MXfp8|xlWI)nZ<$O2IV#ZIpo)3IY-mt@% zot3cyV8DBA};iu!KgjlT*XSRn&$yTgdjg%_BH z9-MEVdz_#G49I;pFQGU(e^H6-h`gR~BqZq5OfrZP5c)E~9MsBqUr25DIM6lcm7w>$ zs`6 zeL{HUgfLMFIw)63;Ua}XH(eia-+ldTi|czPmlSuGTv))mUBs%*cL!)-r1We^G#V_p9%tb7>{}HN zNfDW>R)!G}PHRi1Jq5L)8hY42-s9(0?DhFc(THtM$?;iZDxb0xXUk4sf8akZq$Bv? zeMkK2n)9(s|7VD)E+9b&GyPOmI``=xi@B)t?;d{YPhi)evmrQ?&j$ZbmSV>Rtm^zk zuwS|-8R=o)A_!}=dyHFh|FQjxIt2Q+gU{8;%egv>{_!3MS0`4rSCB;$O}0DSOyl2jp=#E}<+I@ATk$Sbx~_X@3r{_RQlmxn*T`tT1| z$N2UC9OM6!W6TK$xl~lh?Ij%Yjn7QMdbyW&A(WJ=n5RVvCT;kcv7E0nDwjWFept$r zi9R2@`1YL=3e6kn4!j3@6wS`HsN=6Kejl-vplMIVb)MpR1bDOR_lMJ;_J5wYt(yBQ zG7yA=$l#l14w-Y+P?1LdLG03hKF&MmwC`Rt)Xcu$zh2AjVf>*)S4;8;6&GmfeN-P3 z{N7&iZnrx_E?Mb%h^p0MXTX4fkkFT?m|^y2Fi2x(S3D=;kfBYHIB5J_e9tlQ`JC7! zgds&;Wsl>jCZ+c|{_ZEYCUy4oq+RZ>z5v#+yUxBinWOP^F304>LE}>2ZQtPQ9(rj z!NRVk3y2WjeW4HwI1rPRP$OuU7{-H>~`oKW8L-)j{~j|6U^gPoCxP)Dz4gla_;7u4tqm9$D`Z zQCjH#h6=ZM`RDxBq}zmawQEcf>~r1Mm|=IK!foe>{hNJ4?csDq71M67%bTzl*x*{|A=x;$0}QIP8v+T?p>FNUf%wV+^HL=(sg@s?2(Kf)-ZU{*=V zFP;-LhYwq@=B1xBoQ$Z1a&QSPl<934pZ&9Pv9;_n`NnZLgo;lw%`WAkrFtetMXd+< zHoF#%4!LvF2W)(o;fe2fQ+b$yB>2wx|88yn5#X`lyIfa3hu$1Dl1jVsILYVpLjF>b z5a2o8uQFSmBGPY@>v7H5Lk95bs|rIQ*Ml?>HQoe5j_G2Ln?Ax#UH$0lyRql&7>@6w zQ!z8UPMRxtL`N#MGv<|#!NY-L)qXl!|yv_WH%SO1SW!)KFTaze+D(W|1)fn zBD9-2;=Jy8I!zb%?HECNglmbk=m;u9_d%5zuKiDj{y!P||NRX8|1VXmeIh>(|%yd6pIR~UsnCr|85ca zS;DKq4RqeL(h2xc^#PFS=Uo@P(|@FsXGR?vpnwdZO`Gfybl!ZWU9VBjrxn+>;%8WLu`T&_dY*|>qq1i2I{X`?#N*$UW6OJXd~lZY z68Ow-t7W)Zg;H`*izMFunPCw)^!urkU2)`gXQbPNJHfA4h}(}gE_NQm&{Z<7}CcW{zR)8Oh-@MX;K(nLH^0*jOFk2kn&U zTYEu`uJQ_YIwI$uB>+@c7y@`)OAJ8cymN$qVtUkFZi`4-Fof^9D!%b}nI~215ff>8 zmrxeGX9e70W1DOn0Cy8YZV$sdjWY{lnzZ;xW!9j~x;nFCFAyX_Ck9hSbSX=GWp&CKe~y!(0s8p{8vnNQHsn=V#i)_Y>|zC>(M z^(j5fXeE$JlW}OQGE8g7bEn-3UR9NV5vpQwacQ@6d0OwWzx+e1gT^Hv6xEd*_Ex1Z zo=7&bz|$zV(O3lFB*57*p+9-Cx7cMh@qNweS4Nkbv>p=KptCgzuXePkOxGjFbowBf zAjZDGqbZy~jQ8mVNp1N;Sad)+bg9f1vxu8U@w0ZuVK_{++CKjKXX@h>a-><$@rg-z zE*SB6JmtRQQEu_GY<;GvVS?3q>XH*`RQ|zGFNqn!P_I3L(-SwMSWhrwD`rEQ*LE&r z<>Ya&%1;ipL~O2zXIG59Ba6kELxCe1ViH+)ElN$Jr^>3v3S zjL8u=%hHJ{0m;IQ9BIp$be`Nq+pMV%jBTn+k{C>?p^{dW-|a@_>odrX3b_4hYj=Q> z-8_Ya4iK;?(tBON>xK=9PQ=%GO-HDN!Ne1STepXAHY@%W6*%777B3P9oZ2}`0>Lw1 zS&msfxkC8QTIBP*EbOjla{x-lTP5xfmev!AP+v8WjRmhC{e@2AFY5I%2Z3z7xouH- z{%%bk1N^Tk)_dnXYX4g3b9VP0&dMAOWno>g=L+j(smT1#LiR6pX$DiVo_&$Ug9AYP zI#4JaICHo^FhAAq7TnKt=+E7{^K;?lu9B&9i)QtTdirwKo!WDFW@%~VwZ2Esys^Na zdAut3qOK@Lu9!o<{4->uA-h8D(u#r(YNc2iNlNt%t2K{6!zN=?FfdunJ?yjnW{H`} z?%H5BhsV#^$KVB0v5H5>OKKz}WyQgTFUu8Z74_h4_Z&`mK9*WKIW0e=_`_v#d47MH ze_j8m>dB>w=zt=@3j?qZ(0lYpWj0yswtuTWfLXVTok(jc~?lKgF zZhWllRa>$5n}d#_N5Aj`^}-t$%jfX`6)RM!|OKB&r*c!@Q=9+MZ$DAY>~Q zj=!ic!%0!0=j&Ltd%E|zv~dVkGq z%{n>3#R(Q4SnQO@BLMe*itmyZE8~J%_8b|>O_n|(RyY-5la~{W?qQGcb9y)M>=BZw zH*gQL$+zD=`C>O}o{BBbh4+>UeXUW=+P#QxyzcvYZ*2{v_sJORRbpQYR;10|g!Ru> z(jSqT-+9Mz7AZ@cD-O7#KD!^!GdDw`j%4nD3Xim zK+B2UXBzzApWTb$gm-CZC%cZ?%vt6@cPVJMtH}boew20B>w|z_YnAst>S6rwPC-mWGqe;lpeIf$c{prlLwX)z>Va_1t&G|5YI)+d|IvQb>aB;L{R=&UJoph z1J_RS>fi(tdfOe*Y@_9nVNyecUrq%mAPm5Fy?h-phq{~e3XNMTZ8mCEgGp5#h7~2h z!?2#ccy}X$=uYMyo{Rd#Sc1#etrQ`~$5wzUhN$j;+3N>r>2~IJixVwbiXEpsrF0Rx5Nqb`C5e7v9uBXsM9x3F0n#Ui3zS&M>-s_qF z-XaySX><)U(8PKi5$e9-y7Tz(eT&R4Y>FO_k7T`2tJ zGv^Gvx@_15=AHzQ1JjcA3FgKqpECD!7RcCWv7~yGzDGL-Y;4*}NkS#s=%&lb>X_>U zIOkqgAhc0Ww5|(IaMj^x(u&lZy1agTQ9ZTPqCO60dbEEei*}GKqva%wbX9?~hg58& zK{KA+NA&OHZLQuix(~n=8bBy1LC?1SFhpWYAAW*+^uf7jGGp}_>a51#`fZI!7eM%< znw_mE`{(SoV(mjtM)A%BivO;2Sv}-!FCL+qoC{b~5Wjytj#JqFI`XuyDE^qs| zu-D6po0yf+$|A~fk`QoTKm|mrQXZN1(9(HI~) z$_!`7MGpbm30>Sd03X)@LR_jSQw-E%;)W_44mmm1t@S9gsUOX}TeyA*NHO@4jM9RS zIC`FkdW)h>c3sF z0A$Vs)GE0keqY~dPt0v05>-@5`YDA@OiFndgQ4~i9qAkWP^mZU7P7lszoc#3&l6Z5 zeQH8kaI46$Xx%q?oxodC&ux#Jr)q(rGgzWqA)vH)Dz@Lt=hii#y*^;;DeGwwNRudE zL`LJqcWtv`4;bvMiZhmNAi6?b4#wlMi0c-@M8D~lncc)c(=o93r^a3zQh6zb>3&I8XM_ecnplu$kU6!4Zt3 z^Q$#+x(s(~=5^g$)Z@O#8;K|~$CIpTdBAvMPGIZ><{@&&3*tFP0QoJ>7mIDI?du6% zm*TeHcz@@{1vCAT@~Ou7Vj_3;@5+xgM?aPnL7+UTQs{h1c;>g1vpqt{4LdJQ;PnIo zhLjISjob?+fQa=(0G`B=$4LuaAD+vYmGSO;o0;hCO^SA3tbi!*$@P%N3lfI?~6kZXgh;He(NoQ;r$Ce9k0yymS`YQ8%tdW;vaFY+vykML@v#EEUPi}vaY(uwvP@FLQ(=vp(n7* zGZ?;CvBvX&kN1klXq%JmSK416O;?zn*ee|!`ZhiQBk~VjH~UY+z0O<4s(3Dp=nQV z8|{tughm15z(r=XCne%G@Tt9o`#|A=V$yN_j%P5mTITK=N}5g>aGO0?ORIC+-&@@A zx^(~C8lz*BK;Ub4>Q7@yX%qoY!aBNYdfd)Ew}9~D9d0j#!ruHx?yOmh8Fg}h3NG_7 z2)_NHfA+16U*c|Hrmx97U`lxPi*Hn}MmF>5Q)|4<7*9A*qsR>$sCKT=9Ex9NhDGN?5-ZK;-VZL0+@n>i3ktibxGT5Ba-p>KMJbu;X;@1y*-V#CQgH zml5n15KBgQ2ZD=;??NkdL-|B`RM}WH=e1zf?V`bA_P(3xf4oN#c@YZ6j;xcT8>a$aE#yACa` zx0?hbnGE*ZhJ)YMQCUfJo(F2tDJhTR_n*XTsEF~$(b1g7ffemWdxrgJdz=Q%>E(+- z#Vx|Pz3L>(%FnsO(?K8UUMn-hhb5ZBCgw(hi&sVE*aID<2U4?nCRU50bbDO>aINsVt; zEfAT+4OGq=bqDMNxBq%GcG_0}0bdc1I~}hO#tots`#Z}4iDFr33b70Z(<}=;whzcU zR1!Am{c9gcAMBu^>kFL$jjz}s$^i7RdV^a%P@bT6dUU>hdgrdj$JjV-smWLhZ)d}N z{HMcN_OVWXjO0o(^O0_zM;5xTQsl=UsM0R7;b3b&C;C{&<4f$iP(0Y8u6x{wrr6E- zlFsby3ldxxu1KfgU0STxX}QTr^axz1?F7IpE(&$fQ;@{sLlD-O<652;6fSpAikiDG ze}5qPGpWlaaX5U8 zOkVod(Fet;5!2p}bg=7vTyO6H#ti<83cD4e_YQaiY20{0_0a;LDN;o>RBp><-dDx3 z47Y7q9XzBqiAL$!SxRuF$_eiPy-u?usAPStN3BDFLoUZoX}gvL9PQ4-{1KE#iRrR$c2aLwUS(JMg^{ z5;r`oNLNiTUXp;i&1)*_bg}0?jwFKva*GQS?K>IZL{=0aw6nA2juQj? z@_d-ob+eBrVhM>-49an6!6PG;0`$=kW$(81jff zhGI?`OR$9Tq>lS}aU-?Ld=SlJ`e2r|F&lMeLEhknQ-#w~kI^uS557DVVq}Rn9ZOD^ zBv)zK)oJa|{?Z)HWmH#X=leRL#2X!3prrzb5lHN$vM;uNVH$A#vzI0imltH+p?up? zuU3tuC9%;e&;sw}QA#&nKkG9t5;bU1id`DJn@mWwS?~103~sDpC(PvK{)G|h;0y$D z5;(hkC0x7w{bCLb9;=*hJq{(T@~|OIF(*YsS*`6?XiR*Ya6ZsxJu~iJQk)A*mAFw{ z9GAP(L75m)CyAG;v1uOIU>N)T^ypDcRaD@)Hg^42+59 z?4R8kor!}o$_Npizj0@-(4F6fL;kKafDJvAV|CS|yhZ5zLZ~<{e5d$WvpBR1u-E@W zkFtf)LG<1-`lS82w_>NhN%lI#cTCDZc@y4#QMAd8C?&K242{al63DkEan`)OEO2AF zNWv&7cX+bvaso5w`3rx#O4M5~h||aJOe{rKww%U}%DX+gEFU#;jF#VY=plY}B-ugh zw{&+f%@$l%kkyQ0txpJ|5^|yG`aANcP>-VlFA5qU??Z6yeD)Q04Clmxve{A-k?~Tr z*aqB_7i*7roUlZqLJUm$8Hp6SUm#W-+v0>!WtG(dCJ0acw4>_cVu z?l;g&o)+4<3@Qmyi84uD>qBYJeEtMPW0G6KwM*$}uo<@LuSq=bn$$P-W0&41J_`W{+|ug-nuGa7mzX)+zTGg@ zQ+nd4>O`??g~%jpAWFBlHI^>yRaO%6EAg-2Z{}XWw6vjBkvG+X9A`nx=SZQvhshpI zax?r*zqS5aA4%ZWjYMEy-zeqSk`aw_qD(+-15)*b7QUTfDrpi}hJ#lMiP-W2>{dMAmZ-TpNzc zi!yB~TQ~6%?0xv8n^_J&3cQQ(CLwWW+4|6&9I>0af!cEx+7rZ4bY8uboVeFuwu&IP zHz{1vKi2mCY-!4 zzZZr;eh^#3SoC17Z+ZgV^#!;1SQ#q#>S6&B(GNL6Ej?vL`%f)~eEalyRm-QB*6?5m z%kRKU?zEPvM6^UBMxyzJkB;L$p7sDv8{cj}7=1DyR?0x^fleWar?F(+@w5X8BIg9y zKp9XjKw8RrfHZljwB~%TCsYEP|6O^t`+kEY zKjJJw0y)&Ai8p>7)YiryT_ezNfs?CX!lX|yUP%#N2;9V9jKeu2iTU+F#6fp@% z8lzxCuVBLWr*Oe_JM!5zQcM9KZ9V^qO+$X)#a~qSu5~u|5}D{qyN^Wspt{XymV!sh znXhCgD9dhW%x!~+`ALmW`CAVmK)pZHS1+#Lu!!=R%Q~J2r^zrEKuxhCqVMs2z_l-) zmvMA$E-o5XB1qsKeJ~(7?hMxDAyG5nTKow&@t$>F@5I4KzQ5nZHyd&ATbu5@*(8o) zRF>BD)qBX^67KcqugtuY18oz+Gc<0}Ov*HRzEh!iUa9-zFFbwNtB0uHaBiPuu#efP_{ zhc{N{LB&9MkdV{z=49~B?NW-AWC`mtz*4uGkra=NcvbBCyL5=1B7(>h|A|WLui8hT&Er zbH~5|^<;*pX*^nvH*ugzn4(ILPGr8NGOw;ay1PQ#ver~B??U8>VwTPgww1s2K zyiPEv8ufmnx=Sm-=|t=n;*DFTjgymL&TyqM+@3cNt@~HH*AD7Z&uoCO`|k*(cG?ozvLiR3(vtNB z(vd3Wlb-(_h$=p?FZSaXpw*TQrok(yVDF*0Afd~IbJzWrQX~&x@R|5i_(385*Aw*Q zG`xVS_z*-I=LcP3q7t#G+uBk)grgf+oeNSPi4?rypCU*2(gXj@i2nLZHvE`f!wBGv?Fv2Fqo&j~n5au`pPK}F+~@_@gk;F5Y9=~&w%r~pgC zExVavyVUE?aM@XmrbJR~o;Nwe31@m*MerlvrDZ<_>m}-5UywIX1+%1ldV#ih24t~e zt8ry@@e^&@UNGBAq{T?eC@0;Pw&LqolvnL977%g+x8&r|b~9AM;Nx}2E$w`oRXUYVVCB#TE6GvI4(j<4~`K-l=B)(f+33Qm{WcFHGV>i2tRZx?4i_ zFU(54wXw(p?y+?fy0iFSiGm!Quh_)upBKO`PMt}dK**m1c+H2Z*2I=S-CFoG-J`rF zW*L$=O|FMrm6iC_tBu)$yhOq-M>7y$P%sZujJ`Ks;qt-O%hP}m2v-*Gv?e7XBJuCh7lDl7T{`bpAixR1!`s-;!7T=eH|*f28n z_A+X_TzWV|FD{p>9Tn@pT-wIaSbR&TO2A?#sRAO$F)4Fj4u0upn!^*~1!p|Uez_00 zYW(D`S9Ra1uWWX~MpiURQEw=DhcV4E&>s<*-yvhMNfSRtc=nD930<}qRHjV49sDs= za~k4%^aGu|svcoBQGj+^Y0T@&mwX$4RehC(>d&?67ie~P3Qybc zT-@+{P5~QDd@w3hVXK#TEK^msu!?jV;;P+@3dUq0f-C}p zw<2c6_!q6>H`=8j6R1m9etB`0_?BJ-I*UoiGwN908SKMJR1XQCu*xgwEzign6xDKz zHL@Y0Um7X9AeROeSm)})_AjW~Fu!G59bk0M{-wZ1NTw6?5DXQ%WqtXj;KZkR-_|Iq zF@luD7j%ft_`mCdHjhr35#^gPk^vYC^$nu*hx#}W-+Y#6 z(tFeL93gN@E|IkKM(9XgcSdI9od!pkWW}E#|j82x#5!AJv@3%^9ML_JY7p{e$ zP-*?c+|>lf;7!w&hFs-eWrB3&Ww8#7O0MqV$o%;Lq35^m*S(y+#i0PTW_F&gWA;g7 zqSq*{)~uM0CD^KiXG$VW9|X5Wqa7I%uoueJ8uUbn@tjpIny!?;A6bp zSv+Hm>%KKvUvm`doOiPz#uBuHBD^o(td7m6QO9+&TQ5#+qNCg7LV2%U*iCKD*>Fu; zyYYCB2^sY>Dg4g-dNYtyzKbG0eLpul#i}&s9m9?874BxOaj4yqWAFg;`?RgV*B+5^ z6wf*p?xleK!@*Y7_OweBEjC8OlWrPD__*z<{r+wyXFuJ`<&RGUNmt3y57<`qPaHnD zwHotHSW09-GrVjvX>yKRL!P2qJX0v|hj92X@0O2h!F|_nOIo|?VlrG6gYu{$%DiZi z)&~}18J6>nq$Nun2NIrO(x!Ry-l(*L6~ZC&fM7t8)Yfg#+p5CjswH?ptI2qv?NBf= z*=dCRA@eJ+Xoc} z7i#o=aQVWl9<23o(V+6L^H-L6o31MX9rd;MwfmbjfcR%^vxCn4R8*a4&?1U9E zBD;Ft8EkG^qOum?g!qr>KV=%ap$$C{9ngHr_W;$&1Be8WsDXNB!~_7P-0W+>oN+I4 z>UPUJs`~1=uhw0Qs>1Ds09X-NO5Q&i*O7%G@7O@1Oz0hpy6nd+s}lwBk4Ul@k5F0U zsdb5{QEI_P=Xo+vfSYbaQG6dvJL1LWcarKPBxF6!dCQhhGrj^s&Ess>HL>l@Sy0|y z0mWNlGMSyn+2&$IS++jce^fn@cIjG2-KgjQTi1f#szL4{p0Y!@)L7X(-257gd+z=2 zyyHl-z6NxqqG&$huiC2E2tJOlN!(3nQ}^w=*a736K*2W?-&J{Pq8lS_Ts^wcO+xVGIDb8P z3wUxcZ-WULZKzISgSYLPT_IoW@T!oOf&?z`1!b?Z9QW0LG$M&}yG-+uo6Ko(mER1V z$J_iOJ!ih#QPg+P++EkTmhTtR05C5I4>z)1C-bS;f*0t-5go|bl(E7Gi6K4v*u~h{$-1+H1i(%xTudi05DzKw$}-#HbE8AC9_dQx}6X=v{tcg zeD*X{$Hg(c7Nhe3g>mx1_)~dyhaZlIh^oCU`A*Ka`Zlra+*mgc+U1MIXU+*v;7Ln( z^Ymhj52Xg*x9IaIQt;?kSvX^uP_y6Q%apCn`U^xqkGrVn-&_D*DOs-IP`S2rhSZ`s zBZHw$vbSjw8*#c!C?-)GJZ@5{YS1q7qBUdgRyWC@5$O{@vnG>x_=J}{e4A;24P#G% z2-Id6ja+1;SOr~(@8#011qwMbNQZ5sIx?z?s2bcdMqKx4^)RaLIKe3asfj|pEY)9a z9tBh31?BK%J^R^$LJ$o9vL*jn)H>XO52TNhqNf!1I8F)*9mvC`{@v?_dsB ztK!ICpFZ|LHM#{Rt-l_KJIYH7&uDzK)2TQZp%7fe=CuW~nSu(I+*Pv}nKKU)@!UW- zK{cn`zp6p}=(o4qXzg^&?#gvMLY%+S=TK*200H_}0Gw!&eJ82`-4uDI^XEz|4gB&! z*{$@yQ>oiCt7?oxK{wRy`1;|9{2StdV}7+&Myi0 zrC>Wurt-+xYztvlkC*L?>+($BY-)|-UHmxobwPP-7iro4(X_j*6UZ&u`zoUKW?hB; z#5YD;Lo{Q44vt$mC`?h!RRG5i9KT&V113Gb3%2Yw#PDqSzs4vHL|`|6$=|SijxK{0V?6NvQrji6gKZbN>Q8LUnfMxB_FZ;F%;(!GXO3VV$tTpO&XF zT=%1Lc^7@Z^}(IfYb5JHuH9iy+?8a@28MJl2Up}95TU5gT=Lp1=@bive@nZ$l#>RJDXNG_=s5m7kt@)^2sE zhKBbE2RiqRrmTYQl_Z81p5Nw(*X42H6w4Ku>7gi8E=sy!$V*7ZqS`@{sps1(9siDF zpT9x&v@eDgEwsK@JDTSK#Kl#X32J;g@eX}g->>(W{^qteyHhXk;82E~s9=osKLRlG z6xRTeixZRKsCx>Zzfs6sVP{D@NuLAK?BNv&SkdWF_ED!>evPkPB@h>7OR$$ctFV#} zj2p4)phE^ZzvjPgbmeI_aPuqlFN;QsZm)&$7&?CSa^BLm?gJ2e%#RdBil2wZhrDmK z%7j@zLd?#3%O9XsBw*g2oqfURAIYdC;#6Yu89>I>0Cp#di_yQfhL9>8>sh0Uq@U=4 zE~xit&>=csc{M&8{RbooI1R$VOV|Oae{Cmo=L?i)AbE<0`KA7NT6U|U7E%SEp7!hY zJ5!1UwKgWX_qX)PwVg(Ezw6s)P<}w|$u|HgKkT|RC+5o~DB*S2Kj0X(Y0H|%0|^mV zg#aZ$N_t~G!eWJ^rns#t?T+&x$tHfa<|&rira5xeIVQV&h=^#(^q?@1tc@w6sk!3cUYKgZk|}ojiT3FW%zFY4cAK z6hctP>&M3_HH5-ftNy_eIIZ#v_!aOmGJHyWEdhYd&weKVbprm?wz0yOA_lIUn}|I9 zD}ZiYvjPz5pB0_G;3NdZUm+3>+0*}NYKi%Mfc{(#U{uqr-!R-!w{`8&52z99O~qm- zBXI}gokWHxpR^nTx-EpmZW!P73(UL8MN!@AB^)q#S3}DRcdFohAPBZ0?cSd%p<52h z)`24^omIc>>+8$x8_6hJA^4R`35kkWynuku!K9!>7SKNC;X8v-w1FC4Y%c$(L7Bqq z;5IG*BL!6upuSuU&D*?;FSED1Kvk61G3idcCxCQ7X!xXrU~PKV6oAWjuK;(s@-Y9_ z)GwQxz8O>O%TH#u>93Hz)0Y=NhUu|wPbqWbOo>)w5`+wDhwV5oX8;7TQEa=L<2}Qb zRg=C#6Op97JO-gdm1ae}SI7>qBSZ1LCcUZL=O*D|Ss*syJ4`vQlLa#w_3J-up=I39 zKTQJU8#ik72YJnESTHB*Ij$Gnz9YAMM6V|)v8$FTPj9-YZtuhC^l?MBvdCJ7!8s=J zBh_R87qjxcF3^eazhm@n?%IA*&!J#z3$cVjJ%GwwzZUAuoi{V)hti+TK}DX+30ca? zx2X#j=GGtW0OUa4fAFvirnFpCAL?7Ea3*E|Y5lhuuG-vcm&42MIc*9}qGVPI%}FaM29Uu5E+bP+=2**nW9%r-(9g^%!*MLiV%P{`40~o%HHYnZ8B^rZ7WC=v zJdNkU&z}jaVtc{+h6Y>@^oRsY-QQ&uv+Y6fwF5-dZ6n z%5pI49;)Y6?}ch!M}b&FfYY1>TfowcpX&;Q|6PAK=IY(?_dkgzIdk;pM2quo32V|$ z6kt=KQ0`7YpTd-YP|Dr?z}F=vg;V&uPE(@Bz&uqCxvHSd<4xQ~RIrKGizhO+Ob0da z{ed2#fqt#h^zIF4LI(xCM-yx@N&#P;{W!`;Qwv?$HYxcLXdBAhd0y>c>MBEn?^6mw zNZNqVpyzIuvDKGt+|bC?`k1J#ipf5>&JD4i^^ER?@&}w<6lM2JM?j2g$kNv`5AWTd zuLdcd*Ln=SLO@#?p%w!G&fD%KubR$w0XwsR96S?Y=59E7sRvgkwEop=W$+g&YM!HP z(^0whrkPxACh0_h-Px)(-PMa84v#YF7`T=rTFS?Gfs++?VcEnvt{P+{qD8qS)i|^x zgbCDZ`7o&Ff?<$vYnA%woYDh%eTtX=_HA z5LN0o-y;R{TmK)fzA`EbFZz}eP+F931CS00DJ4Ww1SO;!q(O!*iJ?InDN(?nyL0HF zq`O04Xc&fmcl`ZdtheS1d|?eY&OK+Jz4u{%rsRoV?tWmB+ksE+4RXYJ%PT+-%G*bB z(SZSyX;b;VvjyjFU~tIK*I<(^9O}=GHoO)Rwj?=f&{NhR{Oj)rYcwwQnwzKgh|Wx0 zj6@O6rZK{ZlQO`Bg<=76h?fp*kf^)jhbA+TRNc>Dz{`r&cTd-P=^zo zY8m>xvjfbEEztaU>vF)uiM}T zZeRk_cQ6}Da|iikGcn`f?74n+I!bTZW%~k=BvCwSmpGW#{(}0z;~Ml}jHe?#P|It3F8nKK^cG`D@xQTx{b zRV_LF;?rGxCWa^poHA9mP?jyFd}j&lgn-B1f5vLr}& zmQNF?ACx^I4BAgN7yu|Zb`g@ktRmB#!2G8zH|+3yyV&bAAU@Ttjn)axYg6_#yqKPd z1Am~sM!}sOD!zA%QZF_gM9)-rcZSh4im`|8p1x;m$&Ic-4Hfw2!>xp(K^)I)CAEt_ zr4qic5jZeKD%68%2IQ-zfcffmIEeU?zR0az*xn&oOP~Pj1rHBgHD1+ zsSn-YR?za|EbqgfirIHa#fIZyrN%7%lHZ37!v@}2)p!irpn| zn#E1$A1?StYz(hhE*Wo7U9!!Ku$-sBW*3~o%O3wo!`Nm#W)tb6k=xaO%fK;~GLco0gm+qTm@d6UZ z6H}!Jgv8m7czkOqrqK#`+5A+MgPtL}pHxoQO5|>frF)_KsfOQD1aO|~Xl{ihdf{U@ zhsHAbI)^+*gITHkreBLKFBB4vy%&5=a|a*7CDBv-^6cZ1E|zh;dh%>Pa2l_913pEH z_ippewV=dl$Nj};=Di7{hRf5IWX(*owOIGt!br8+X<2emO6~!RUIt=*J+LC(&?px7 zI^!KLVV<55i5XYaNY=IBAAuKy}s{E~SkK8e!D zu_KGN^INDKeULdu(dBL2L1f|<8dbAhO_#Q4K4>$M*xo_y8YRTC)5D#H?*?&Scq;qs zq6SbVl;BYx5e*2Gj0ZgpM(wAJS&f?fQ)jm1axSo}=7uPldb#>X3rbei38h>Wx;h-2 zNT9--7T@n(F81w8)_7~#Nd=;z6Amvv%;+Xi%==Yyz)|%&k*9k^=B4ovo)gQ*782u! zAgAJb1y(`<aJ>qGk@!qaZYi^G(Piq!?kp00s8J1t%l*#G6wYmDI zSt?uZ=h&?DS^dG>rM_>nK18Q%L{%&o+uRG|BLJ}Sc1iy-xi1aD<@n1xBu{GxbIX@( z126+^E|+i619m2bH-6_ADUOgEEB4w9I)3{32)w1H$~Y4EPJkDh5N1Mf8+8|q+f8Qu z*Wo3yAaIc+!*{Tho7z|AH&q*!d5?-ub=j8!Fy@FeIFV99XWNg8dO!veR~LA{&Ezq4 zG&=FHW=K)6Vifug1jSyPGX`WgKfgySj^Oan{glDiWfSNPL6s$^WKdkTl9k7yQ6h5H zOR_<3sCaQs7>~WX2QHEw@YSw{`Hfy?(t)zpVk`Q%)Qy2SRH~}x@A{*IxpFT1Z*+%v zeDL{Gcr?_qcc=J+ESZf^0yIEgZ4`MKB#{NqSNZsWZ%hm2!{Wy{m~ zfe`+!+}7Jc4Q1E@yQ{VPFRRP22U)XdNAI5#(2*LF8EQvR85}o+Zd6fT9N}IsJ49Fm zHq&nH#$!)~D(iapu;2vDZ_L9j*~!Q2Ta;Ps$D&<~e%>^APCE_CtH%30f*5zR2P8CV zY#JTq>l0J1W5F$C9H1dQzh&xaA5wOni(mrs6A)@68AC2B9#HrjfT~RBTW~AwY^TaBeyf-sVxwymp(qX zC2*_h#Gw9!i95QReY&N%B5{pc>C_EkX@?yuP{%6G0+}b&`U}g$O`qc7kKSCS9cC(py;r%2ILVJLm1un5v!SP`rE-`(}gd$f6OVWdxcAe zLh>`|D=ySGN35&g4wC>qpT3cil^>f)(OiJBa{4#kd%NL(hXCyHl^TnxEi^Mt=b!f>spIX7^cgvpA2(>YuJaf!*25 zN15q!0P3nmM*$#5O9e`;X60x}i@JF)yQkG^*Y@7Re#wluyOS}hK}5PWFUzz!2biFd6em_=6* zFodw1usfr)8>&>0F)!L`r!u{NtxyforVyWBGYAaszLbjdo z#c7G42!*XvxuF_#-(_mOozE{<)537Nx z87W~;1c-b#Loz9icaX~$-l5I?Jfjwm9FC3I(ypi}mYxcdla;##r)4DPh>n87V(bG( zv-P5U`4EX^_9(h5i~dBtR{9C%|Mgz`-+2#y6Iwz3(0igg!u!;5{iYrp<{kQhyWFB* z74k)Jiu2KnwS#|>O--^_!SyOkv-Dp(Sn<{JZ&C*S2&OEP!kw}K4v zhgLNUPPe5bY=abE0NX+LRUH^Ut0CM+8Y#L;kld&|5p7Ab&&;+|Vrf>}=AT13jWXCYRuAnFLHebxdh(>3c!3;SvXWWIPW)O`7i?Q23<@_p%MrF0)>% z7gtUGh2vS9oIT9!=qK>y!<&Ax{9U3~GB|D?%zJZ)BQ<7yYwv|j*JlkS%sby{wxD1( za5QQjmEC%tNx2kEe>q#Rl>-%VPRQk2`XUN<*7Fb&l}QgF-EDfF^HX`4L3*}hVV%{E zLTOmeu{ukBIs)GfxiKQFao=etH3(t=sr&b!_7IAl_EEd-knax7gX{!3z6+Dia+xkf z6dX_b1_3GgTRoBKLJ`$M!u!B)Ky<}^sx0w*;xy-1^BP=h%SY~*NAa9wqCXGH-+1i2 z0xIzO%{(2?m1D8}RWL;^vH`@n-yU4^O3<#f|Z=CrN=J=W^h_wYLJ^ z_~3`jrMeH^3i1OWX}2qLTpDS;p6WMT?wRUe*vZQ8Wc-Nem%2WPG`QNEC+x0<-;e3l5EU>V$7%mb z*`+VZwn+~t4iNs$$^C!e9ELa#Es5%*rwg~l1Fidc%tvAB(}D?;co zQ9q8HBqT*mht&RO^i=tgL!!h%d;IZ?OYy-q$iNNb0Be-5(y!>s@#5(BDa_~cO|^IV zaS*o7-3a7Pnv>S(ZbuAcyLeN+y2qp5-VAV)k^2vj=H zYL~-18H+liYatxt+yH?8HNjj{_@z_-qF}`R>ZCJ^Z2yZgiTU|yepIt&!d?h1XkC5S zj093>HAN;L(GEPRoMfKsPEMtc;kRe72+Gwp(k4j?^i#;_yLzx1fJf_BQ$%Ap{8>P@ zz9Yi$sZT|*ALJ<6-5GM^cCqpMKp$5rso}S9lHW5AlySeZRPic@rSOg3IrRpvli@31Zgi%D$wH7w-Rv1Y5BCID;RB^lqFhJ!8|g>eT-ksZMc0_%g*hj5^CoL*yX|d%OgE zkEL;yLB20iY-&bj3&&0|W%)AfwKt0>P(P4!!e7o?)$A8y zT5jixTX`+QSG%kzfjYRHbB5d1Nl0Wx3+P=eAvY5DPTY+}Vx){*w$U4OQX^MW95Mm!}n$n5RQd4d2=6bb<_xcf+$5mk`3ok0$B4;XxFC;wd+U! z!SY1|)c>IS1{@<&2zU+6hI2B=FJF<)v_jilzpaq0(XY(gtwm5{ym)&^Kbc18)jS8f zKEDm>{SVy&!Rf~8Y1eS#Yxg$R3`;ox(w1b-#s>z(5v*%2@I)RQ*-xnqPkxW3NQ*Zl^8L_s#->qE-xsGMPTd(v435^Z~J6>8?W6xu-I1B z2+1hO_NjH2VF&TF&y$_;t-%Dl3D0qRS0I@R&;9B8;}gj=7iVoiteKI z*Y3FW5{oJ=NX!EYa|qlHT3XC3*-I#s6LFlIY3^^{T&dmuXvyE(Vj$g`)w*bH?f$;o zicwx}Om!bhmM#ri5?HU_tRC`vb1FDdP|bk_X9g_#3{P{5vc_qOn4A53!!~x1&~I1a z2}@)(i+`7BDP1|c+|em36V7daL0f8QWHON$M78Q&0Q2|dau9%q-Hwhd zMglQc;p|^>yV259Ni3@F6l%A4H`SpDL9dFs|6#X6&r9*XAmbhY-VE+7QYxl_#R%S@ z0x-CihaM&4|GC<=cd_|*tl1z&+x$m&0yZ4+h64=?nQXdOjLpky zSO@PcVV8F^9d{Fopu(PqHON|h60^Vp*DAxa`FE$%Jzs#U{9vKT?2trIhq#kr&wCOS z9YWrf$b11DuX=7(v7L%lp!(W=-zphJ&t_Gg!Mc=o zb@)M2rIDwsu(CwC4aU5;&H}mRpG`vf94KYjtBW$Zw{5_Fot-Wn<%b zmK_62Sld_!b{QOzggt6k<0^x`*J##B!aG@|nL#(Zj_I_{gmh|Z+(wsi)(Qs^2ypAW;J4bGy5st zSNZVzNW<<0U*jNMhT7^5Cidn%!WSCtkHWUa7653Q`WMYKiVo(<1c?(u@^&?_pK%}Y zj}6H!7m+^E6_)V8&*89>7-e`=ke-|Q=DJJ>pl5W7nZh5dq%^WOw*I=W)16Nz##@ z1N_tZ#BP^&AY^dzhWe^l{Q5-V&A-Lr4e*++@b5ygn3(T8$}FIUTV5%H|@KYh3JpdW$B!*0ba3%8Q zdN*B>JQ~!@qU3sSHh&#ynJoMqddTKEua>S^yW$cA!DyXw3nh($+~x2*AGS_T`zO;* z>a4TmPAnAuJ_}mUCj=uo*41TMw$p`|r*}!e&GlBrTkL^b{H6vxcnHhD1K@R07wPZa zng^sW%eYX-U$%{RNs6^e=b6%tzw&%bFAidvt#m%4N9xDtR#56W2Jp-jIl;=i`w9bz zpRsA#d%dLc?I>~yWqSaR+RovdU3ngxfOH2uSfbNqNP{<}fqV8@!Sd0TeN{{wol76z zuVx8>vXxszW^72}wJzY}gz@v;09th^`f&FChNQQTb@h7 zc8Ua_XN6F+3LS^mlS=R4>mM<|aqK7AgD`>%8Y^zW>ajA(%2Ma12+E&;Dobr zC9yRYXrX)4^LKq#XcyE#;S`fdu{+8PrCTP_=z7!KC%w6rq8MTD_y)9v^Hup_EW|Z` zDc_`&{nc?&tlt=KZC*r$z3WLFgbGu|&Sc zW^NVmk^a2yTXRY7#d^iw+XSxn7t8%bvW3qF62^@u;{x*)4w8xl>?z2lBi9;Tz<|lLHex9lU-8` zSrae3wYkOL{H!z6d^3=<)_M&AC4F5N|NI?R3PoWD+mVHw?OSfB1nlK>8R}$P$Cr8o z(1*Fc&LL&C7(8Ygmv5ecUdRh4>(UYCgS3C&hDdxvGEFWmsmdP>f8 zscjF}17NqujhRXjg&D*#8)me>A$3!0e<*SPb(0am#G;@tC6t2~c=^z|>T!N|y3{aMR=2mm2TG%)XY9~=@(nDT+HzE|DZ zpJ@Z6z<>zM8}EGcwcj+dp-uvOa_|Z{!*i5D#>0X3-01U-gPoksUMIBaJE{B+ZFIWu zThhz=cd|bwV<7n{F*`FhXs1NrhBLO%tLysL&=HVn?DNqEIOTmyy&T2L$y9Y76*g0G zX(Zr3BgWLZ4#^cKk-98-?>6T;VpgI@Xh*LR))h$|Uw674%xMk$W<0t4mCU!DOgYi| ziob$@)eg*N#UoI%=-AaPh0MooR%hpWbsF99Nz}In$%fhHH%+O*R{5uP(Niv=s|2zyn{Nuo^@ACbL@R|+I%=kz99a8<@Y|nHb zC}={Wc`Q&@G<7Z!&CD2>sQZsOxAspBfR3JePizJ;?GDdRCJbK#S5&3);};H`=~k@| zQ@(K~N&x=!U7e(#X$Ez+CO|2nbllgddZH|lh91Alsu=Se&HE|u&ea4;=4)q8Q?*;rt2Z!0F)Kp zKi}Ryj`~KMAm?yzONC%Fw zMYG;Rjb>yfbTQJigd~XaF_J-{8(YcL%#i7J;1TFyHY!;Fh+WDZ_D?SwoLtwY&V!K3 z75@Ah&g?NY$g`|_Ym7fhu`0YC7KL%o0pP>y*^ z2hhPKtOxLzlm5z6PK~RZI_r6gl>Ahp0eOy?1qb-fi1ZgyFNDnCd(Nmp%b2-+Y93?% zN!GQ~j8Zq|l$Gc1WOigokj81eZvd@&DHTg#6{&a{i7kAEY#bd-hWcLU)mh$aOSU5p zKi;vdn90ew2G3l452g5L$u>9x1cKsUBKA06p0YNIk(Z$5SyLa)+;J~*On=O)%>AD` z1M~R<;DN&MtaFPWtAuiLL#UGiGWET*#zz{6J0`9EKOw~VDz*?IV?4x$O7l*{+pvEQ zPTw3S@~FuZKXj41j~7hc#vR)c@~(QNE>{!C_UYxVH`oFrt2=%u6SHR5@%zt?`Da$k z;M@Yzl*{3yPEw<`s+H=GR(oTB@BNBH`EX~H~Qs_(_=h?ER9HVWpS!lJ^Ol>XkY z!Nb~bixEZb!G~v2&&+t4O~+!p97*{(bfGU5d@;QM;z5V%+wG+b6+e>Ie{4>k1nYdB zlr=bvt*ZreWes8R=DzMxxPd@9{Ts>Doz3-Tprw8ITI#BTU0`zBiHmeWvGtd#aQ z-(*f5lVzZ)jTFQ8t(rWqEcW4Q)&1hQ$Q6}^YG)mGo?$7O$^27P(#n1K>||79L{pMp6Amwk2&Te#1}_+_D3J|yM7)2oO;Um798t1V+F{doB@z3tPOd0^(K+LZN= z)!saSu5DcEyLiA5&?b%@O(*&h`};@P4sQR~u_9OcRe>X(lk&VEM?a%<8vfg|d-r{- zh62oEkeDyb!NnI2#0q^*`g|5!iG2-DVZpa4(J`!JjwBS)^_O-}c!MK|FO9;&bPF{X zv0bvizC25{WyS&lFw__1Cl;69!tO3vtL)1$^r}gifiYKA8oD(c%hm+hkUC`Ld=}SQ zjAwQty@x#j1jo#-~I@)a}*Vt&SB264c-TYg6vfFl4--)Ea30o*r1p44~N z1a?J}VInE)taknO<-_BPc$n(MViEwqJ?|>BA|nEhDqdt@nVlT`$W0WT=D{g@6)Y6qb3u9#$)1bGsB#m-{L2 z-lr!CNGtIcN6}A=I-aAPY_>*!Sub!RF*knCykfGMWUWvDem^l1nx%r*i{>ZWF^O&+ zLZt3RKncLNCmN}@CGH@$&?_D}lt3Ye$fz(ydq*C9|7T74E(qO0(@#KC?k?>piYj!C zg=E$=#xs4^zRi75b3*&dqK!q~QS6q?4&Q&qYxOzzM@r+vKq@kHkN?~KFS%TqH7udt zDJPvbn~RuU)k`90tMO53T+fXMpPs2dwoE+lqKNQo5sQ`#13-`1g)95(jShgm< z#9dWOFwxr{7;q=BCk-sdy4&k3(y=FVv4t-drP}Ir^*6!X1%i_Ya!xZl8}`{u zc0-ciXGvE~NIVR3n0*{=^@R15uj-t_cXt>+ec{r5Bk6ke#lv8ez@$lLl*>@K-Q_~# z--b*W{1aHr9Uh(3c6x*T@Lr{{|F<7Y3TOfA<4n9)-jkWR(pYT1pcIP7J#R z!U_`<`m68_pl`^y^Mq8N>27bCd>=CYQ5vuY5$New;y}E(`z#U2sUE4w<31v-7l zmJIsk{JfwJh=HTjss|-6a?0Bt+KKt)a5VI~_qtFf-a1p1ju7rP8aEAHR_$e4|<2~f^VoT(?27G1{H2I*x^g5&`(EsP!*s5;4h7N(*+ znN8Q9_sFAHpkCKD^hPZ+&BNfb`;O{lXLc4y!V~`)dFTK9PZ#RjBsq~XD7upr16*&; z9gp3>lB;GMhFK40mjQx6H`>vlu;|`yiIzC7N&h96Zk}+Z;WI0sa#emG8o>`N=!Y*W zzj+JKi*QU?|5&Q+%E0H`g$@WC-IG~K%e5qUL7M3e<*Iwtgff?tWkP@oj?jO|Sn6^g zW`U$DI*7vwbx`MaTj1+UxIp)wh}B8Et^}X6s}D%#G#US4{Rdya|nvW?T_sLC+&Azi7Jm*@Ql$ovvmZT{h;$XFxpov z$4&|jLeJzMR(j9x__94FHm9mW_eu8Lo$46-liM?e`SI{# zt4n>4wXt9S$1p&Hv^$B@dUr23S?lqQuj>#xHQ^HLy=+o- z({1vnE@3o!$RJMW8}OJZ0gvG^wK4-|JGnFi7S(6jPp`z8cptEkCYP2PnNahx2npSx zViCW)%JPsDyM5BmG%yxpCUUKt87n5}X;sZ+&F2}3-4U^iX1AMd?|S?Ers<6W$>f{3 z0iDX#ij8cE)sRySzJ5baU!m99Hw{uXK@e*e`AzHKz-`mkn z+>g(jZFM3yRc(--N}?@J{6yPTqxb%}{6Nj{k}CKatXmjTBEvHXR0dmBFZUt0?Zzyydv-k*}0$0++HSNHt8zPX$ zYl>st>&(~rI;6e2%&&Uk`nyNgmEBOp%$0ZZ$hoP$&%CbWW?|vH{obw3LN0F6CHjm)Xk+KT&m_*mr3K;Z@j!A2maZPMvo{Po6(;t$Fa9qgS`D? z%FSz3epqyuC|N5Rs#cO*3M~LOmIM{72>9Ctr*UiW)^nP2e*1yx(4uGi<>M zxjB_;$S8G9_o-|QyFG?Y>qN@?V;%Hfa#+qG&)UniSbSw=XNq+Vk;$`HxQ(5TGmz0Y zMzkwgKX;s?iP>Ef40&#R$N$CH;QonlNi zIU~IO0ut;Ei=XoG0rOXs|C`STsOc`y>)KuH;*I8Os4~Ur#6F)9(0sd6lAr86bF1AG zmWL_aB@@Z+*tJB*Q9#C)6hIcYl)xIH=d*$eHT4UU_WRl@kW@M0WY8xdIU@uTM_S5f zn41YzAC0^(WT5@R5EsIi4QTf7ZJ0L01cJwOXImx4ylZMpnkL%LeV`vAOReN79^Lis zOReWH7;nR%ElZnUY{${rk?Iq4)sqzUtgm-t_JG76l`X(Zc`?S z6WuTHmS(MH1&6DvZxKgLrhYITu;FkdUd@>vOXE|{j}gb?ze6~;3nfs$ZO!7f3$0hi z*4Mo&2QOjwP=Q`^*yhV0!gtsf=-p;TVU&y#UbH8ptu#-U!wk|H81E{PSP)ik?lb>6 zpZe&~=(=rFl7ipr7=&Hiv-p6F?k}SENzg{5i+kw0vDRDWD3q2FkiGZY7?gKYhOjGt z;YW#ci90r7;0W0=&JSvm%z7X7FEO-#Fr8fx8LD=2aQtM{rFY?KPc^`M zyUQmu(E;^E;3&+HzFI1Mk-^xYW=~|7S%PLwG>=&#;Z||3FR)KGEWj-fsZA%tH?))! zPY4Kc10F>CU5PIE)feH15i9OKSh}}LB&mv-BI=gE8gyT&nMLuU%j!0*A+j48#&fk- zBfeKOAzb744{FZ`^MV~6+kZc-plqXxezqjf#!$dBA}iHW6RJf8q*=Xcxb@O=(POU| zP5Fqa{0f}-1|mEPm5;ROsV19I-vX7*`_2P3U2Y=eugsxWBbOX`Dqlq&aHizPp$l+Zy_; zTGMd#{wbwbbAS|VM*zq5-V8DVIM6RY)j!rp2q^hor29{_tROoig6&?S#Tle{PId;S z;(2#sx-{$$iA-H~Nd~E_iXBdmu2i>UTx*d@JnNi|kHDvLHu~!^IJK4M>1>UaPd&R< z*iXhYFGb{FN28kk1VsiNZ(rG8$5smyxk1KgAA8nnrD$7ThrjjYHLX#Bl7vC-_8dEQ z!WMvZ1eu5@B`Ivq#0S2$`B^06Bn zf`o$^%{Nzj&@F8lUDYJtgM0<=+=wL+SnLN@rF20S0p*ug-X%^2v?02xkIA4uMWb0= zZJ#^sMShZ+)oj~D{X26=IWbI=tY9ZhaxbsR#GI-a=UaTk5n5lEB?-6sB3`=LAj(aj z9hGw!ioX1#=3lX_HN-dWVoo(62o7966v0s-Btf&2BE{gI%Fy{V(oX~-LfU2QSsMe_ z&LG<>3_CQAY)ADb&UHte*7q}B3vtb7O{=CCdd!St7ldY2d#E_N~f&i<1z9v+SDGM;KLFWtq~A|@%GFcy>#O7bnC z+Va9ifPw7{s-V}fDZDZjmYacKo|R;3ULtbPPJPHPx#bInF$FcGunvU6#{3d^GTuzg zHW5?FmQLf4bF1=}vXYY=(yZv*v3!P%?BQidx6}XI8GgG=R(CNw-1q>8(t0{fG!kdr zKUl((Y9iCPJ?GCr61>Qy;xOfBd%E3BHn(=F(TWjPxX-~d_KuMjArrCY`|0ClPm>P+ zryqD3E9SuXoZNO^{&8?NR`@|^mo$PqPE24O%~;B7*_QiEGVb7n`U;jz(JV47Zf6S4 z>I70p`i>iQ){J8WIo-yKQtBS08K=hEG?Jr@6cLpC6Wh|j4ljR-F?lgh6JGEqa&yhV zQvM4So|@!rF&huDu02iIV$7k59<;%yMuv)5Y~DDsHQcD-Tk1+>Wa&u@9c_oAxsiBC z*Mate-kBQl78#9v3h`FZJNw$e{NF1L&Sm2<`GY&*w^w0OHZ4mZ_E30Cd6rrSr7B-p zzs49jmPyqy6B7k>(zW+uNSA+>-Vv73cs5u?OET}?4>hDIl<2d!)Jf%OvcfZE zGITp!59q-ietvfFIea>3Fs(|9A)Y(wmh1HGq}5KObY>;2_krprhv)cEr-Jxn_tp1s zY-20DiX|}Ap-WaqgwTD}wQ7d@-UmE-@0O&cA`<7l_Phk$29vZMnFrGLSnXa9RO88A zBwN}$vGR1Djaap74f3^Cd;RV>o3f#~qbM~xd0W!3A6i;!MrGuAu=RdDYzIS|gvLoR zgc#0z3K#0!o@m^4WtPYz_|ByH+&I@nJTKnW7N^v_yOJEX;$Gko#t5^fEA8ymlU!_P zBwudmc0^p}3vjHIyN734J{L&sohtzn-bVAy3o=N{rj6XJNW#I~xzL4F|Z9)oSiY&#k_;p{O_>zq#$H>1i`1ms4G356YEC5$@u- z^Knb6A@zmza@=H-w{Q>-nS}XfZpqCa$$gcMT`DSO_hJ>wo%JMiLru!=F1DwWJ9tU` zd8H=iV)!~wzKVSIQBxpqrzM_{DMcPcpPg@6Hj`UzKJ%#vUTZ*J#A1!oh zi|3;(ktgLIWqMX4lQm%?ts@c|M;5(Qdl2~2Ck=15%16mOY(?2a#Yes~9b@y|lsCum zR&|QYfFo;TA|p)kw6?KY(es5T$4=KOdt+kR=E3Lrt?Vj;^#8L|C!R?r5iLUGB_vNE zan=1(bbnX>y%F2EjpS+S_7WlW!#raL?K4G!u-^;_%5a}@1fwQ~k(A(db~;+HL;3PP zmA4|tZb|q!%?Ia@Pc;JvHl>$~M4DB`WBC#(2G(sRTHO0%FC|O5Lg?YfeKr1Jqy|#0 zTWq@>Fa;^1G&WY9u9tjC%t*^Q#ias=U*1k4BQK^p&t-mba*_`i1tliApWMH~#yc`f zMLdz({XAZ_9DPyjtSq0!qLF^U%} zzSX8pTcy`$ts7SLu29*@FBG0kV40O`%pDz1VEOEkY1Y_ORpD~Q;P}%M`ZH&&hcNvn zIrOC$wXC6~{V~b2XADxVp=K6`F#QFCzS*#H8Om&AIM^;$I4@Lz| z97wvqkI{_vql%Tpsa$F`=57#Bpa0KFie1Oi{pe{F5XEf6BS0mZAr3Cpa zn4)>nHLhm#rWv%%)L|6$ym@WAvX7RZ zlVq8X3w4?Ytr54qvYRF}JS7z3)%)I5LxKn>PFYU0rAbcl`_&Xmdy1C^&VRayWV@5| z5<*7XsW+x&(!J{SWK|iz!&*23Hg=1Jt|V>UKWa<<;+MvzmBdEqvn~(W1lZ-+0Iy-~qgfDpPVYPOx@hSo@f|A@xn2I~kJ+&PPz4##;**kj>EYkkdd8t2KTFP}hO`cP zuL}f_M=7oPL)!2HmIE1!pS#oHad5db)Gm`dagvk;Hrp8{wWeiqag1Pa(0sB()!EmF ziD-W5>;lTA#1gJCN~e`;(jVZ^((j;*R@T~fp6KkV^oaa@fW&@WRmkR2H8|?_R{#~i zR5Z`hc+RzMOXN1JtF%6>3-@`ITb*H}{yU`%FnZybE}VOege@N)7Zj8kF3F~3q>P~2!Z$T4Z2#|zw z)eKL5@-|s{a>x-}-t=fio;%%;O_q9pKju0>OT_^IKtp+}$s7dRF#?l^`R$>Bh6T;Q z41#O;47A7_%6=0WQmsuG?U>y=*gt1A$O^gv%I1Sa=k^e>Zdi#tjCJ6E!4VQ{_RB{U z^DxhHdvNTx;QQ&4^qHhbmL-uZU+o1Wzd3x}X$d>MNA#y^VN!hgI(?f&Xi!f?bn2kB zvnN;=oA2UQ=WVJ>9ShV-@u-^}gGT+YJ?)pOAZO-Yxch%LWLOts8$17AGTE`AV{-LR zAaWpazPGq$rr1*{M2vbDam7=OAKHS+)PiSAy?ahm?`ERW+izME5yg=n*=ecVxAR1_ z{u6uBn(JldJ1UyxFi~@lDnswJ{M$%O2`$Tp@NfnC5fpHS{X$L<^1OF#z`bL9oIHfo z=B;e{c5$=sXGtQ9ec0AxFaPZ{Ko?WX(=*r)WRArnG%KZxjOgp4F`~lTP)AWUtD~aU z1Ie5`-1VPCa8b_kS`F8<*VG=NX^@FOfx*lmIYq6z;Ox|xPl6Y~lQUGXLj)V1MSLG^ zYTPWn`zqO|ag>oAE-*v3#<+bH88~64voJh0uaSGs(x~odWKips6+CpHnaGO#J(XsL&f?<`Ov$68wn_-)a zH~#`I{hnWj+;bdae9Zsy*2VvQfQMUn!VFPuly|XP8=lLh)9HH>+H@+ug4xET*s;o2`oc5gO!f6jA&r-r$BGyyV^TaQ=eHz_=rn4#bN5Z@JY~=UK<&>&l)s`BE*QI9~m~F~hU#uOg1D(E|B@ z>C~@(=~P3ASe^@*<2&^|M)H~0>SuX9FK6R-_m>y58(Q4NPaLVaO()pC zl&Dmc7e4a+AT$ID#_Ku1!S%kPh;Nz33}nzGWQk5(<09kem0ig?hH3<1JW zn~WEL?o}lg?{krI?yo&(p*+<$%ty1kM?ewTgo+c;UgD^${I0q1zF`L+<`d+L5$Lk} zm6_%$XY6mPlI4%fpL=FCHVPFah+ReKcK=o4*ZD9N z_8t_Jv5JHhc43SaG=V_N!nq9Oa!Y?zZ4nhf+8m)DYdta77V#(+n<+_lO+%VKy>lXw zI36;oq}_UDdateIN%6+>`qq@-V#2+NmGv|S1FFnCJ-g~;?ditLp&$Ftcr@jgD=p{0 z|1~{m`cj`8{a?jpj!wRGJZ&xr-K_XF3q6}Fvxjw)I$J-2Z~F+ALFk5e6s=h(w}?Uh z@5}mRd_{-K9VV(>1m#of*n+|;Y>uY&+6<1}SZ)K>j!XwOJf!~&ybFz+mrRH0tsH@| zfSZka9rRpc2Kl)GBfjot@&a>#VKeVsoo?EmQkgik&$+8Dl+L1Sj$i1S<1}zd)iZxy z%Tp$|+OvmiMZux+U?%3jz&-8RoFn@j2TAllfhgx+Ai`^Pgc`P3bHZ?F^3yw!J+QnB z_gnXhE9_2NwXBh_-}S7S?j}euSyG7VYYQdgp8KHJyZ`_VFREzgniPRl%3hmF(jnb1 zRZBjjCC2yo`&6QqL9Gc}XP2Tq;GTB)#+^)B@+6#ta;Hk@F9@6)S4JRme%Ka}P#@Nn z7)^4@sh*zN5pJxcByyu=eVv&}FIvVo(R$V8ZMb7xlumJ*PO^cI?pcL_=TTz;)KZlj z?lNBsE3rRYzvEZ~+6C)tG$Ch?=V5x7NG(l15NTywNJW5krXxtLNPfH~fnA=|EulF` z*}fZ)7{7WS@A=I`;P9k>ba1nUxf6uF(tO;46?`4$k00tEfpJ3LHF6eSzf|bpGvn{F zTl4o@1XPKq@gw>Niq>HVyQA;*yU!jsCT^=8l4FvQVzLIr&3m4~W4PDtU+oUfzLdRq zS5W=FJWaaUF5TV2rRqx2$e(5XNt|FQbbZyO_+ub7>9_+A&khWXmk+5jP{TsjVMavFoP}8Fis7I z`R-@hd)M_|-}k-O&R_5A57)ZZHP^cDd#!b^-&)W8JnQz)9-&z6ql3mC)ZQTf8d+X7 zNS;2ICeKE?38=C*uovO%&fJ)5m3>14m2EAfx!MEZ#bG)2WS-;I&=;ZAjrozvirmVB zo6Rm-k^0^g;y12*@$TO>m}8`!Cp+Q0*l8Opm9vdvO&r-$gh35#ZAf=XNd~K2$K(^A z>uy7&R3Vzf@9k*On7t){s;E#h1jCEG5Qc)L_Ae#PL9v1fx|FKzmyZIsF+Y^EW)ArD zP`RXN?xKB6oh3mOTK^>xZVQg>!rjl`sgls*1~Zc2=A1ilmxJH|atf1!9PXg)rq&<5 zHTj6Vfz;(ljx5erkov81Te&yEXwrBms~s(*8Qf6PaILr3%moZ`lBZPo5ATZ`BJ~FL z%{*-L{V4fBu?lD}L;;6-ivHSPN4auc%pRNye7Z0#`EB-ZQF4xcHK12dYXrpy&G;;j z>O7?qMdoP%1$=LfHNX)wp2OUX3pNeWTjd>c7c5CB3;HrO=YA`%rp?;)xPGb@l&0G- zM?lY>Sjv@4>zoFtiC4rFbC6cXT-k>Y-+)=&8wk-rygC?D z*DaZr1DT{;6x-tZ89cH3Bj+(Kr0Nj|z#{(yuw4I|@uA`akTjhgT%SR&(@;?U^>JHG z_&pbSz6Fqb( z=`UVzBz3EpT?E}X9ioobcn|JhnFHnhBLNhjR~T3u)=ccuw@N-F$uXv`*hEzcIL^hr zQT%&Ad9;>O9)Y63+;WAZFZtE25csm1?z9wS-MPOsFHM&;NR5P2TrHB%We<61oDOqE zdB-wP!QC1HgO>?e?*~qf<9Ppl{2orqaI^-Nl0xK|$0}+Ow5x;4!s^Bp);N>_O4CIj zPXj#(U)s#^4>eMs98Lgbe{ug_Ab;uV8i~sSsEdNV;JkKZGs!0|kp)GkL%X@(f}14= zdG^QD@g@x;@R$U{w$P0H^jK(|?IM4<0TW>Q=Y668?B1($ylOnC1Hw9e;B7~TIo>ud zl20H>|Eg}LOW7K#%I3gPOdU^!F|e$8ew^92nqR*~o#f-Hka`_t?IucQ(TXG=#Fcr6 zV4K>Pp`OYrk&vkmB!kWQ+Q5J-l^SwMWuXT`VO@$^z=#s$)%H9zMj8N-Iztm_diLV= zt3dudABa;>{{I*PH4qO(r56%_sT;%p3tj4CCYA1v4}Uk6gsMN%c#vZ$teMdz@Rn{Q zv(=NJI|yxWY5KH4#GEV+20HyVRQ(;CojO4w+wR;NI!bqphvGpj-?!%imf(%sv@^1L zl-;0MQ2_4+rE(qL1bL<+_ZOZ#&_{_1Zm*XH!bm>3K6uO!k{7C%&%NfCfP79A;7;$2 zn7R^NUVD<9hI>_eK;&`{JCK<`WO^!`GOwhP1x!Gj33 zwcB1fRC{cL|0+8OfOBGs>KC%^Ra@0!KfBQ}20jqpHYLQKY77PUeYFc-3i8tQ*1HKJ zY9m2C^n{5E&Vca>J@O0|8~JsTJv4RKbEU27bN%0o(V;AV8SvGkAjuD^dM#3*{b|PI z!B;=w53uwz{u`D){Y0aZ*{n_~FZ_TE{m#IdG#ArPu(67?1T?hK4*77u^@iivgJ%Om zNWWit_vSG`)gX;+E0O%m=M@D|#PDIZAgX_%k2)$uF*TllKSY8~yH78whz7{Xjmt=6 z#J%b|Xz)kw+EKkg9OLt@GPKY8y{e4$Tb|1O8aIH%Em5cz@NnuB+;`zFl*uTpOr&O< z-*!Z`^5bg-?eo1lPv{$Kx<(?Vo-M@^m+II%+0SBg1qpl@+xw3~G1;{iXZ)DTl zk%67c$KRDrSHvP%O{aEqk2m*^FHff0`s&utSFw*Z8lsxS6vwLNirxw>-n~;@dZhzp z6ArWAHu|!XXqY_8!Q&gGZhStD^YQ9=ZFu|$p|?`+wy+>x1`eNaX&0V2n;));6U!EnGR;mA z6px+BXBZhPta-hAl0tP{8D1da2%j8dL7Re(Jur#f!)52PgX+k>umPaG;i+VHO_jQ9 zS#e9U=?>$?PlYpECGz6Uk6p>#a&q~VXxt88nrDM+$<1F@QdDHAw{LF?x3n8+Gdq1D z4)=?Pr5j7vNzOOo)&MeZCWjggM^i(e@seM58)8NR@MFp65FKNE{M-?`BeNbXH24Tn zts(tnQsQVoJu-{mz2Qz|PXs~AlyR^Bko6#44gs2&^B!EXEw4^JAz=*pFq=hw^ucgc z+@|BxHQ9v^u5DkBpoUsB+z8KOw6JjqF1x~N=8nsnf00#}7Qsswrcmpfjo=RIfeQ1e zH}toENbmdTH$iR7=93X{3UCw#119>r+6vYoAy zd;6L6j1k5dUoDgBg`N1iB89xZaxIQ|znR55VjlFL*y?X=GIHUfo zn54gcbl*=sZ_Qj1x#+UOtU@us$+^UO;;dDk?L9oRDz&vO4gttXHx_sc%Zu=5e(5({ z9I)|5?#Hs}+LQ`&VWNZ_eLVxI;vJ`mff-Pw8or@y@JRwT+EYy?VjDbj323Sise^zCGoag4U=pF~y>)ZqU z2k+W~*j44E*@i`A+1p~jll$SO()62WOTu+d1h(ZQwq_J|($z6v%Fm?IG74Sh6V%Nb zhL9SuS60w)l26(3;pKDS&Y#DN@d#L1eGYR3kPgl8Ztsc_kmCn7`ve7TtksZtesuKw zUG(3o+smT7@KDAM@Nf8P!5OX;40lFf^5zD5-WRkZu&CX@L2c4Xk31kuAK%#hIr z$UZ!zy!ogy`9!ZJZ>^H)W^;58ZFES&HUVLG2eZjBYX08J7U%b43$Y+OnhuNXBZg^L z5NJI%ns9XtM7lB(<~)KHfctu#?&+1W42h4~_MtXc6DRw@hKJ$(j7ktT{o6<0v`vEB zXJnwy?uEb|LWq}QV)*v<5zj6m1(WTdRs%lUc%?;;tVMK*=ns=6rKr$VJ%C9eGt)*b zpNQ^Zd4$%$=Z%P9cZXg8&039(C&S3zm1CQ5wuhcgf-S>X$Wa+jCP!4D)g6ZCJmNej zhyzQA-w&RJ==#Hfj0E7_B{V4j9WD;HO+mhNQcy+Tf|NNyaY!d$3s$?#tQZVM zV81Wn)5zBeV_KY;dW`D@U7cSy?<{$3Cy*T6)il)m9-2 zP)ZHc!Yn6aDR&@c0WJpG#jK!njE?UqMxnL+c!^hnYi{+J+^e>!Kg?e4XVVr7*w*al zZoT+se6G8L3+s$q?{YC`dZGnrN7Dv0fjD^iOBf+}j#F;^o9*y}o|^vG#r$B8ANK5F zevB@q_Ll$3Qa6v}yQIU>TQm`7Z$^ZP+QCYxOkQ!H4UF;MC6(iTg4rn!oNRr~$4#!= z?IHqQtkdECG=_+&P=%WZ%Vo2?0%NAb#=rR|nCGE67g4M(76)X$+3UvRM&QqhQDg)~ zxrvAnS4(DH20<)+?G|49H#$Z2-Yj>5q>aBc1NJD8PlUKyk|TWUR*{!>Z*-h*-nUIB zN5e!Ui9B&_pu(obs zu<6-}7b(}aqhiTpU61^b$S2s-%&F(0pE|dkY786QaHVxLAhEWTS;h_v zPoxjbEhaGIaHE(mX1#Buh$&-+a!Ll*GY+SzWAc{lhi1Z;Em%!tBry=}iziN4U}V+v zKIEJ%_nh?0{FetS569(AjJ3LEXNM1Xj6m_>JNo?)G=7G;i{uz%r0{$6V}XQC9d_aj zJ)K=Sv>vW@a}m>D3P~E6pJD1FUKM-#FYmUp&Fb-X(ZJ9~YscqlF2@{~436D4c+2C)cC6Ks!H~OO ztKO%)&4Q$wwaeJe0Wa&OkP{V&f5O<4LwGxk}vvTE->X zl&I^lidVxD~P z>2w@IsH(z%R^43CqK5f*Kem4cAUf%0R)OEHc!`2iG?zujKGxI9=>0S)r?ZAl`1Rgc zRm@K?A!Tb1hM+)P`BG%9=1xe9Yq4S(KXy6Du+6%FZX)l4rArY1IrD=C6C7-xQJ4cW zwp{Nl;+U_P&_stKmL{+tg7)Ywk)n@n}+O)9gKW8RGDj7YIS~Mjt*yUU&V{sDd^n%-`kMKV)V@(8GnQI}#rg2)EZPn=Z05HldB)PH&Azv^EW?VC22Z z%9%gGbb!1rZK;$jE~w{)jgM;eywoMEiV?i7sZ3in$=TBB39-}j|+K-XO78H{9$;y(Rvrgp>y)E-I2s@M2UppEipovQ^ z{u3(^t4g;%B(QeoU7*bd+Z%nXJRPucgMzP2?@oRFm=A$MPuwJTHnz7Hv8f~yML4td z0@}@FRfGL&YKR2sqpjh!#TS(Z@uixI7_ivg4F7Yb|44S-bMHw$P6MU(Bz{08R@EZ(AME?#5+j&9#$xT1s0^*Htwwueysv`OifRGEt8;!5dI1QO&kA)?;((&9S zO8Z$ditgr3t0p;lV-c6l9+3TOOiD(k;TC!S$z4kV(n&b$#wKdlT!qbYzT}D7e<$^D@98f2=1ZvtSM7g#;leEDWWu8Q_zV&yTH#TteSZby)~^>m*#n_OH>)N eT2hyn$QH8t%9nw>sj~+9v$k+BzrXj;<^KUQ8LHp_ literal 0 HcmV?d00001 From dae382c0edbcfdd359cc5a7bec304b40749a168e Mon Sep 17 00:00:00 2001 From: Olga Kopylova Date: Thu, 10 May 2018 00:10:48 -0500 Subject: [PATCH 2/5] Updated reference to the image --- design-documents/mcrypt-to-sodium-migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/design-documents/mcrypt-to-sodium-migration.md b/design-documents/mcrypt-to-sodium-migration.md index e00ddf78a..12aa6d09b 100644 --- a/design-documents/mcrypt-to-sodium-migration.md +++ b/design-documents/mcrypt-to-sodium-migration.md @@ -26,7 +26,7 @@ Include both `phpseclib/mcrypt_compat` and `paragonie/sodium_compat` as Composer Create adapters for Mcrypt and Sodium: -[[images/encryption-adapter.png]] +![Encryption Adapter](/images/encryption-adapter.png) `Mcrypt` implementation uses `phpseclib/mcrypt_compat`. * Old `\Magento\Framework\Encryption\Crypt` class is deprecated, and reuses the new implementation for avoiding code duplication. From aa9996d6f1fab27d23bc1d5f5465f11322f0322b Mon Sep 17 00:00:00 2001 From: Olga Kopylova Date: Thu, 10 May 2018 00:13:36 -0500 Subject: [PATCH 3/5] Fixed image reference --- design-documents/mcrypt-to-sodium-migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/design-documents/mcrypt-to-sodium-migration.md b/design-documents/mcrypt-to-sodium-migration.md index 12aa6d09b..ddaea38f5 100644 --- a/design-documents/mcrypt-to-sodium-migration.md +++ b/design-documents/mcrypt-to-sodium-migration.md @@ -26,7 +26,7 @@ Include both `phpseclib/mcrypt_compat` and `paragonie/sodium_compat` as Composer Create adapters for Mcrypt and Sodium: -![Encryption Adapter](/images/encryption-adapter.png) +![Encryption Adapter](/design-documents/mcrypt-to-sodium-migration/encryption-adapter.png) `Mcrypt` implementation uses `phpseclib/mcrypt_compat`. * Old `\Magento\Framework\Encryption\Crypt` class is deprecated, and reuses the new implementation for avoiding code duplication. From 7cf3cc21c2db77657bb3cd42900a336c534e4fa6 Mon Sep 17 00:00:00 2001 From: Olga Kopylova Date: Thu, 10 May 2018 15:34:24 -0500 Subject: [PATCH 4/5] Fixed explanation for public API for encryption --- design-documents/mcrypt-to-sodium-migration.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/design-documents/mcrypt-to-sodium-migration.md b/design-documents/mcrypt-to-sodium-migration.md index ddaea38f5..d35186f1e 100644 --- a/design-documents/mcrypt-to-sodium-migration.md +++ b/design-documents/mcrypt-to-sodium-migration.md @@ -33,6 +33,8 @@ Create adapters for Mcrypt and Sodium: `Sodium` implementation uses `paragonie/sodium_compat`. * Use `crypto_aead_xchacha20poly1305_ietf*` methods for encryption/decryption. See [recommendations](https://paragonie.com/blog/2017/06/libsodium-quick-reference-quick-comparison-similar-functions-and-which-one-use). +`\Magento\Framework\Encryption\Encryptor` is a public API (`@api` annotation should be added) for encryption, which uses `EncryptionAdapterInterface` under the hood. + Please, see [Implementation](https://github.com/magento-engcom/php-7.2-support/pull/135) for details. ## 3. Data migration @@ -43,7 +45,7 @@ Please, see [Implementation](https://github.com/magento-engcom/php-7.2-support/p ## 4. What does this mean for extension developers -* Extension developers should use the new `EncryptionAdapterInterface` interface for encryption. +* Extension developers should use `\Magento\Framework\Encryption\Encryptor` for encryption. * They may also implement a DB patch to re-encrypt the data, if amount of data is not expected to be large. ## 5. Resources From 8776ef7092df56dc60c54dcf677dfbbe71c965ac Mon Sep 17 00:00:00 2001 From: Olga Kopylova Date: Tue, 24 Jul 2018 15:27:04 -0500 Subject: [PATCH 5/5] Update mcrypt-to-sodium-migration.md --- design-documents/mcrypt-to-sodium-migration.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/design-documents/mcrypt-to-sodium-migration.md b/design-documents/mcrypt-to-sodium-migration.md index d35186f1e..1c2c6ec00 100644 --- a/design-documents/mcrypt-to-sodium-migration.md +++ b/design-documents/mcrypt-to-sodium-migration.md @@ -4,7 +4,7 @@ 1. Possibly, 2.3.x patch version. The implementation should be fully backward compatible 2. Use Sodium library for encryption, as this is the latest encryption library supported natively by the latest PHP version (PHP 7.2) 3. Ensure encryption is possible on PHP 7.1, which is also supported by Magneto 2.3 -4. Data is migrated to the new algorithm if necessary +4. Data is migrated to be compatible with the new algorithm if necessary 1. On-the-fly migration (data is re-encrypted when being read/written during application run) is acceptable 2. Upgrade time should not increase significantly on large stores @@ -41,7 +41,7 @@ Please, see [Implementation](https://github.com/magento-engcom/php-7.2-support/p * Limited or expected-to-be small amount of data to be converted during upgrade process * Large amount of data to be migrated on the fly: the data is re-encrypted when read and stored again during application work. Currently used encryption algorithms are secure enough to allow the data stay. - * Additionally, a Magento CLI command can be implemented that converts the data after the application is upgraded. This should not cause issues as both old and new data is supported by the application. + * Additionally, a Magento CLI command can be implemented that converts the data after the application is upgraded. This should not cause issues as both old and new data is supported by the application. The command is implemented for potentially large amounts of data - https://github.com/magento-engcom/php-7.2-support/pull/135/files#diff-9da6c367f822ceff09c7dd810c6bfb85 ## 4. What does this mean for extension developers