From c9a657b074fefcd8d2d865e97fbabf0d0c674046 Mon Sep 17 00:00:00 2001 From: tychovrahe Date: Tue, 15 Aug 2023 12:11:37 +0200 Subject: [PATCH 01/19] feat(core): set final name for Safe 3 [no changelog] --- core/assets/model_r/device_name.png | Bin 7341 -> 7533 bytes .../extmod/modtrezorutils/modtrezorutils.c | 5 ++++- core/embed/models/model_D001.h | 1 - core/embed/models/model_T1B1.h | 1 - core/embed/models/model_T2B1.h | 3 +-- core/embed/models/model_T2T1.h | 1 - .../ui/model_tr/component/welcome_screen.rs | 2 +- core/embed/rust/src/ui/model_tr/constant.rs | 2 +- .../rust/src/ui/model_tr/res/device_name.toif | Bin 139 -> 136 bytes core/src/apps/homescreen/__init__.py | 5 ++++- python/src/trezorlib/models.py | 2 +- 11 files changed, 12 insertions(+), 10 deletions(-) diff --git a/core/assets/model_r/device_name.png b/core/assets/model_r/device_name.png index 84cdebf5ec04d663c52805c79961e30c56810a37..62630ccb1c62e92151e3b43ed09b4fa30760adc5 100644 GIT binary patch delta 4420 zcmV-K5xefKIqf=siBL{Q4GJ0x0000DNk~Le000190000B2m}BC09=^zp#T64@Oo5O zbW&k=AaHVTW@&6?Aar?fWgumEX=VTbc-p0zYm#HRZiN4H6hkTLiMSrSG%cy5QzQr^G81Ql{nvlq@E`n088MXFN7L4SB0oio=E<88KR@$5r&!+e z`>FQ*F8%&_i0k`B<|E-%KEICkz5dtd>1Tn@%j8}CmxaduezAW4Ld$pk@y9~>^CBLR zzdzrF^t+Jc≪t!2BF5HXZ$6kFdT+`~LkW4a1MdQyIU9{g>Z6**leeBxjQ(k!O)_ z0OJ27$mGp`;5kXg{k;C|=ONWUzL1~&^S|y~#`j(R9y@8ul@A`sc72vuHT@40$SbsPVdeGH zgQ=f??*gQVtt-LM4JA=EdLy+Id(J&25;-W)B=jsLFDj5~&4(a!5oy$BWZ#-U>FHgX zYv$v?=a3ndsM4fU8%EVz zeGVCA)X_#CW9XQgRUpl(O}h?Nos&H$D^LD^dUC;>D=%4P)v(&?Yb;%J1D{=X-EH?h zw(fcIkpq96cKR7d&$MJf$%<8L)@_*Dyg=e^9mbty+GS z@(cS<)%djcUrQvXlj=32U^$dT#k-dPKxeO69I2G-mGhcKh5q0?f~;P%le}V7uvp4} z^`>973;9z~uiXEuZlRao>X!enl?z_Fe^|M{*6r`Ac3g(`tJtRtJ*iRXzAJX`SP;vt zviminLS9VjjkSkOL&w~fMB`|)TsG9%wVl%})p@ENRg&LY-RbN}KD5YLC$HV}I{mUq z8-ZOkkJ{L$#RJ1ny5+|`Cxb3o~_u8A9e0Gu#T z8F@#`scfs`=5iPK3sTn|<4(#=Ox600Vnf<-aL(3L7rD@OPde7xg~ZA{YoO?aqKFk0 zo`M|7yp@t)pid3PzTYj4YCN>FO)zSJVx_ygT86(SRUsU( z1GBeL6TLP4Q^~eNjpV&X7^BQ7o&N5y5D0~a%FXeXpZq-xTbkm5KH$cGb1(n~m7VY) z2N|sC?}nZ`=Cwr5>6LEf6fTnq=2zV{`I_L#(?gL*1OUzH#sbMf*wevu%7#TI{R<0o z3SLKjQ2^M=KBIuKwe0}7wa2w1{7Z$f#tHE3)e49=M0M9RItG5y-7?7q2)ay4A9cOJ zU?~u`=%Sr(tC=X3F5fYK%na{9E96nvUQVo#0RVRBH*}sucqd?Spk9Xs$KhnlV{SUr zfkLsXu4`bs$!4h>&t%n}3nV|Y0<}~3o$XQ>+>m!(zL4cjUD{Mq(~eQjy-%PGGIQ(@)3G(V za1jRipf-p|p&v&!2>7m?uYprCJn4^Xoj!#|@N3|&H#-NqhOG&(xB-M!B2ocr**qSb z^vyna1b%~IAp_`Jp^`5{!WeGWI(=Q~{|d6lZqb-(pu926`zc{m}Ax)v(8S!!bT?o2u3~$JF+6YFwTN(rkY)WeBK}f zy{`&^5h83e#o9RR!$na|Pg`Tl!v^>cfb_ImXi3mtK>c}t3d}F@V8PKJrO%h6<`{f) zH69<$*bT52lik*2$B^;es}z7%aC>as;;FanAytu8&Y&#a6kT7$MkBd&!lFE74!%iJ zh69O+Zt|#Tv|1Lje_CJEix#4YW4rs%GZvbg3oTeKa{si5_TG6t$r>{N1GtLXKwVc; z=WvGbas85i55<5?;7%7jv4nJ|bqaz*=qM6BAIaSfmSG^*pqU5)@k5MkdUwxGKfBX~ z@D`0BBd@ir(h6uVjYkoYpAX|%_(gcpx$qGlEa;R6Z^L&G83(Auh!2|H@`a<{4xi%{ zAaG||(tpEVz^B7Gq7c%dN#Ji*VqAxCjh)Mv@%WE_JxFh2_Mhj|!JHVuQjFHYoyo5B z8gM_<6TeZ5gNNGJCP1AwF(k;Dv*97=x?i4P?&6lll`wowjnm7-w=@+fAC|1(`5b5t ztCI0s3f*d}{6}qjINu4K4Ib&# znAKH(-uqUb0y1EXFtH_26qta+&ZNVkJXFmgfc?QLNrtEj_7g|6c;>X25$AMjMo++y zrYlGvNqpSABVL4Mz@BhAwy|Sh;fkWfP%yucMq{`{7Q0z_eGG@vO$hSIf%%Q5_2gk1 zmK#IYewyZib3pnva2(tkHgOHc4Fwd*)mS35JCp zG@2IgMZ3SnkPHZm@L9-GblR#e;qP1M9;5pZw5h`3z=yU*%gXTbUyKa|F*Xiwm}6Ie z?Ri>B4nZ0O06UK%WeH}ri+@|a`ZzBXT5&~7Q(%bk0{Z~%v{$t|{+V4XMjIZ&Y-0jZ z`9h~P8Ut})knmHl=9Y8Qek3_0tumlb)R7+I6Uw_Y6{H#QlWn~c47%a5JH5v!hCnV% z(Scw(Lcd|@kfmb+hJvJobEgE1!yFNRV~HmB`XANDe`RcI-;`6eZ8nO@kq5ktw8(b-_M51bJ1k3b|c9slzRI1-uRok~eb&?~tK= zkD-b%`#V(hey6-plzrWQ{GhD9TmZ?4KZV$E)+eqbwZdMBRBGw_nrACFPO=K7@JIZ>k9z$TTyNfvsfT#_VV&BgJNHHC%TZ9NH)C zgyv7C<(_;dQmAbNO$9k|${_yc_h^_H@Gu9Mx%6B(2L(h1!4vS=?y~QHzgzx>G0*6b+fHL&3nZtEjH|IT3Y326)utM6KwJqOkYBXixK!HPoL&3XdvzeTkyE!4Xa&-R8Z}`A zfH@}3#j$c`6eo2q&Cqk$RQULP1FmG{zMYww9mi4_fr=$&Z@gvF?O1~}nQR?UmJ#8?X^;d;EBx&w1UqdvJMhAB+b4*gY#E*FL#AdM6;5YacTbR7%!>Ga1<6Kf7E zy3@-?P4wgY^Q8QLE`FD_QvNn1t&XSlII(cF`+UQngewC>vkQ#(PhLdGs3UOB=(`oPKZSjjc@j zxQl9I1Zvlo7%YPRU&N z({SpA*Jk=_5oCqms$f1U9SA%_hPVOqJ6jho4{81zD;d6C@_%h5vD;2>IISv>K2s%n zNu7eHYjJ+}R>;734!bDUv5Z`r-#vz!;DLJUGkU)W{x^E}|DCb@mWX~_4|5BNa2j*v zq9-i^2mNMT{7)pEk5?-D~9qcyffnaVCx^db>WWMIGF0BLVr zr?)lyH$}@yX$bF)qW}N_BWXiJP)S2WAaHVTW@&6?004NLoshjs#6T2i(?0RW34u3q&ZI$&U2MAkjF?~ zCgF}$o+c0Tzu#*gXZ5DFG0lS_s9Q6t)^G^#kFesy+A}O(H)OSczpY`WThILSjbGa9 zP+sr=q`3e94H{`wSaeuTOgdw4Z7yMCZ(?P$J`OelBxW-?WHmE0FfC;`V>c}{Gh#R` zVm2^jEip1MWMpMBW;tSIIg^+WA0#t3VKp^lHe)SjWnwZdG&M10EjczZGc7hZGB-73 zG%z?~HDi<85GN#LH8M3cW;Z!4HZU zIWjOgGC43ZFf}tXFf)^n5g7q6lc^CnlRpxJBxPebG&5s0Vl6o{H#aRbF=90>Vqs!q zEo5V1Wil`}G&eOdW|QU;NDVkGF*Q^%F*-CjIx;e|I}>gQ5{fh`ng9R*0%A)?L;(MX zkIcW5yBi;W2oDJ`7K_DVAOHXWtw}^dR7l6oluHi7FbG7Q5%)jxw2LfiV)IQS#XAcD z4+c2KXT0KZjDez$P<`)5?s4E``HhRC)LdR8Xi9YaXacdHW3#*_&v&< zg~MhTJIXh2V;7x&yIL)HK5$TZvtWsYp|Js2Z2369qslO&XZ->-Vn8{SK38`D0000< KMNUMnLSTX^Q)n~* delta 4227 zcmV-}5Pa|LI;}Z>iBL{Q4GJ0x0000DNk~Le0001V0000I2mk;80Iyu7yZ`_V{CZSa zbW&k=AaHVTW@&6?Aar?fWgumEX=VTbc-p0yU6x#{j)dPCMGpZGAQ%omVy&J*55GT= zY2RaCKeTUG*;QGYJK3NJMT9cg|NQq2|HYS-(L$-(+h{F+@>NC|dGesg&)0lEQ!MZ2 z`_l4#E&cj@NcsCh<|*N~eE#h1d;O2+)6WGyzb23BKNjly`@;J5h4H;}?!PVcy^;8i zd=uxp(D*JS`SU{hE-*jGifwfL=Mk2Det+NpDFgq5{}6p^|6Jtvzl&16Q+ZNyHc1ls zDUv@M5dSZKK_(B{`&qe=i+EgQ@H4+l)2ASRs?*P}!H%wPwfym-Ur_n^=r^>oerxnQ zS|xukk>85ke*XUB^C8tgqw-4sk2{zCeUyKFzRtKmJNm8q{{P<7?>jT6n59wb_C3^( zBfdvmx44Dhx(Bw_qVm78gud^=cZby*)DHJseD5@WQU-~eN;+w#o9zAGX|u(WEo9|E z&O6I{vWw=Cw>W;qzthbMhDSOm?gx93{Btkq-FCzs-rYKPK8Z_nVzK1F|Lu49+c(_n zwN1%u3H0fMZ_Zw9w&BS6Pc8$IbiYNdufRXPfB$k^1q7>C*;`~#*!5Xr)$}hVkO#DI zVdeLKr(Kes?*f#FTUR!d1Oz}WNlh(9%~?~TkR5;~ThCJR0)bR(K5Q}lD4 zrgv$snWqEKBW55`={N-&x(u*NsqjZjheNYUEw$EGwe~vdY|=`rtu<{fic>{P(5g*U zyAGXQdg-;duD$os=g314%{to9(Z?8ba?i#kExCJf0;FkYWw4ht)DqA ze>btY;&ByhdxpEX>$%piuA~DIvszemC`Inu3VTh}#?F1aw9 zGu`g1czi&s6wnh6`Y(Oufc%4u+6!)Wh0V<0;1`hk~Di=9n>EtZVw z9OG?~U8&C9`kJC)aEw0Fsb>99mAqTQ4GQd6^Ci8Xj5g9kFo9AtuUU>Re1&B)J6)@5 z4ba5z)Y7$O?c|2I#L@gr{OxU+n<36?*y>`V=qqpnxl4;x;NQ7a3p_)y3#7+)Y6jN~ z`w@6`@E&$pkWJ4qE?`wvvf@{NYuy#=t>;YbV}&iEk6wAzkvTi;vb*=nIvNJ$RxL&Y z?zl&)+j!E_UF)dX-paG_%(FsKKhvFd`mF0L!$~>Qvw98>jfEB&p4=o;O*_tlcJqcb zSSCsbGv^7cI%nb8)yAYLa~lKs$ffn98D?KUWiAnTPNW`nPFu9p90&n_GO=hhC=ei_ zwYqfF3SEv>Lep+@rZNt6B5p|MI6ybwcH(C{qusRj{cdNJ9X4TM(ETXF@OMFB(#N8lx3839yTEx9yTS_qArGnwUX#iT<=0Lq;zJQ9bbkwCyQa$ zy)0Tc!R$(ZF7>8AtbDwG&Os0wI|FSSbQfU=PvBfJjV1%&hpChXixO?LIao#j4#eMx z~coU3J-9d&a8jdhR^)FfFHpf7W$W@fkcle9F1O~^Av z<~k?&N|m?9LXF~tOx@vXSU`?<){^E`s70a5DhbA#3vNT~HVS!vbRY0XI8#1r5EJ&v zoUNRVQK%gK(PoR=@xFe*e(PCcn2Z8$6P#ApLW8s-1u46Wu!)8Wr5#Pr1fPP=s?CJ- zMT7^ew4kx{6ARo^QH;1+fK~~quS4k2dhIIhyU`821?4MF6BH?V8_~>Vps_1^k5TQ7_(@8+@nK(c<-IT8Pp=L(M)gwIlFm4fl5_w1TCj^YtreW2I5ov7WD=_%6^bt z+CK7wHYMy<3e-+QN(<6|V&Q67-|fJ)E z_SxKi3s@i)b>RCT=RFYsaA6P;nVFbya&f|)==5qXTa~-Fxu&wefYPqmW2E#Hr90?x54KjRru;_QJu@UQA%X<}m5@LC`U- zTh+UPoI|aDZzqi|3WSZoi0;Y?19@gqwt_!G1d7~n^urxP^H7AsU?7ymOyEA5gLDNhecPzKScKYx}*)icsw*kl|{XjZY;JS??RM+Qz#AIWY<`Kit zJtHFN-d6-%#;e)V#A)|c4{IwEySJ`kT~4nI;l^B-Y9t_up|KK{E79! z^p<#k8$C~an71USDh-Q%awbIaG~J<85?6ABm@b6u9uAD! zS3x=AaX9eAgk_8yq6ci2LCS?4()4Se0>}q9U4!Z(V{6b{QTMD6BOhLG9H%9Mttwdu z4G+#w&Wg9~gI6+7mNAeLSso(2e^EN+)19- zbh9TS1ujtr=_L!~LxiE|JQg>K8aGxA@JInU;Z-N_BHUfHWFb=$0Lq$I+8zXWf-Ayh zwL+poq`Nr9vhKF$F&xWum8^8h?ZI6OndRDoI4|-RBcmIE|IUrWNYeM=NcDKZTEvup zgQ=_c^Cg-2c%(OAbj#04n&nD*KH=s(^65k>(dRCjLmB4F#<-Gywm?9F0gS|0k}C=6 zH-_zuX5{mju}?3RbV!>gOpxALsgl$P`sx=MJr8q{+eHRPzcJ9o5qh;5g#1e`iK(DA z4+D&zct`8(OoP1OOdYV-6DQ$|Dlz?kA|(JyE4kJl_qD1W;!)(4C63~{iHzc`o>%c5 z@%1M*!2%1*G7|67vzY}lMpa-Epo%!NeG=N8+S?`Rxq*-#dv|R@WYG!B@ay6rH=#cm z0p<#4Aq5!)H77Ekfcl_xjh1#E!X|>2CQc8BQ3UlIX1VwyBwkk z!069~*%E|CIvs~390?-DEJr+lLiQ+YaJ6P4>&Oi3rf~>{#GOZk-roSE(|4mTZLYwY znX$;}ixIgB(cMFt1WxVs2NgyeLgGOz)ujdbSPqb)(d5lrD@k+n{>5DvO+qYu%8R9- zwt>w*tAWJqgl=g%q4^^s$HrZGh==>%2gL=o_WJ+A4s41^*k{3n__xS^U@*v@iO5cX z`k??0G2zSb0j?MgUAclt(mT-W_$cht#3VsAlK)KB0r$G{-{u}^S|A*Q38!-N@gWLd zS>nOSG7>4+!FnlPwZ6R$!Pl;To8+s{Yj13FVi)%>mg!rd>^U+3}&4{ zT1BjwqkBm!FshfslnPsa6t0Z}i3sQ)3C%uTN5}Eqmoh>rcRd?KNEn5??!(A}u=VSb zj?0iTNYLa37u8+uB-{dNdK?w#KGjVIK_XtVp($v*Cdy+dRdmg!mfVWGin`TGcap5N z?)pCeAt_xq?YHD%E+BlIeZZx%TGxF&-<1_6L6$LwKM>gI%}|(sDm)cKnA-(AC2%yd z0l6&iL*Mf1IN6s)D`;s`R7K=EdF+kjtIOw^fW@nYc1T+qfB#XnINzroC+JF z-agcufaR1N?&{?G>D?yW&)(!hDkAH+Y3=M2%!J;^4RoMH!}|hGPrGA-A9Bcp%S#R0xf9CO<_OHD9>0_ukQFY|KFo~%naq4+0}cR*)jynp zf|t&7KkA+pNxJtc6uB2vO|i0bwGOKOFvl_(vaO>0U4)`v=-0c}5bt zACu9}3CT3VOzosp=Ot~eFbC|nYcBNZ`sNVkaKeD>y9jpVKOw0Q@X2+^XaHQI{Pbys zM~9?;{uvGb&&e?SD;nbD?np3)QJ@eT7K`D1WD@Ml??W`p{(+aEvhKCrKP!@`2p3}( zewm{*`hht~$VV90Z1+Ns`aL4}J~LhKX6yu_uYwE}#CEXJ!Z<%&14G(EZ01zg$MDy{ zFo}PE`8)ilZ~W6j>hnPOUvl_AK^vNqf&c&wc(YIsM*<{aHZeIiVqr5aF=jAgEi^M> zGA&^;IWR3`WjQxBH!?C~HDxuEyAdBGI59Y8WjA6sEjBS_F)cJPGdC?_FgZ3YFl940 zGh=2mW@BVGll~DWBw=PSFg7t}WGy*1V>T@`W@9xiVlrYlEn;FeH#0LiWH>W6Hj_yb zTPQd+IW;snHaRpfGBh|aA_^cNAV*0}P&!s+a&u{KZapG0E-^4JGcuFR5;$B6ARr)k zZE!kGWprU=VRT_cVRU6ZA~G;CGdeIfIxsa7!Wj!J?FfubbFg7|cHB>P$Iy5;tGBPVLGCDAm0uzNKH)1hjH8f&2EjTqa zF)cJOGd3+bH83?TWM(yFGB-6eI59aildBU*4K^(>HB>P$Iy5;tGC8soZU_=eO3d5< z0007FOGiWi8P4X5@{@oZAAbe~2r(VhL%!Pp006Q{L_t(Y$L&>H4umiWM8hR^?tiv9 zhaVQJEfm-2erzOBLwL+|K%GAFdz1}2t^}w7Z zP?%Vz`4-Bz ZpbOovKh4N|r!W8j002ovPDHLkV1lrM?_~f0 diff --git a/core/embed/extmod/modtrezorutils/modtrezorutils.c b/core/embed/extmod/modtrezorutils/modtrezorutils.c index 10820f5a2b..fc91615432 100644 --- a/core/embed/extmod/modtrezorutils/modtrezorutils.c +++ b/core/embed/extmod/modtrezorutils/modtrezorutils.c @@ -257,6 +257,9 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorutils_reboot_to_bootloader_obj, STATIC mp_obj_str_t mod_trezorutils_revision_obj = { {&mp_type_bytes}, 0, sizeof(SCM_REVISION) - 1, (const byte *)SCM_REVISION}; +STATIC mp_obj_str_t mod_trezorutils_model_name_obj = { + {&mp_type_str}, 0, sizeof(MODEL_NAME) - 1, (const byte *)MODEL_NAME}; + /// SCM_REVISION: bytes /// VERSION_MAJOR: int /// VERSION_MINOR: int @@ -299,7 +302,7 @@ STATIC const mp_rom_map_elem_t mp_module_trezorutils_globals_table[] = { #else {MP_ROM_QSTR(MP_QSTR_USE_BACKLIGHT), mp_const_false}, #endif - {MP_ROM_QSTR(MP_QSTR_MODEL), MP_ROM_QSTR(MODEL_NAME_QSTR)}, + {MP_ROM_QSTR(MP_QSTR_MODEL), MP_ROM_PTR(&mod_trezorutils_model_name_obj)}, {MP_ROM_QSTR(MP_QSTR_INTERNAL_MODEL), MP_ROM_QSTR(MODEL_INTERNAL_NAME_QSTR)}, #ifdef TREZOR_EMULATOR diff --git a/core/embed/models/model_D001.h b/core/embed/models/model_D001.h index bc7ec6a1c1..e0af436632 100644 --- a/core/embed/models/model_D001.h +++ b/core/embed/models/model_D001.h @@ -4,7 +4,6 @@ #define MODEL_NAME "T" #define MODEL_INTERNAL_NAME "D001" #define MODEL_INTERNAL_NAME_TOKEN T -#define MODEL_NAME_QSTR MP_QSTR_T #define MODEL_INTERNAL_NAME_QSTR MP_QSTR_D001 /*** Discovery uses DEV keys in any build variant ***/ diff --git a/core/embed/models/model_T1B1.h b/core/embed/models/model_T1B1.h index c138b4711d..e9f3230c74 100644 --- a/core/embed/models/model_T1B1.h +++ b/core/embed/models/model_T1B1.h @@ -4,7 +4,6 @@ #define MODEL_NAME "1" #define MODEL_INTERNAL_NAME "T1B1" #define MODEL_INTERNAL_NAME_TOKEN T1B1 -#define MODEL_NAME_QSTR MP_QSTR_1 #define MODEL_INTERNAL_NAME_QSTR MP_QSTR_T1B1 #define BOOTLOADER_START 0x08000000 diff --git a/core/embed/models/model_T2B1.h b/core/embed/models/model_T2B1.h index ce3795a37d..5657e4a509 100644 --- a/core/embed/models/model_T2B1.h +++ b/core/embed/models/model_T2B1.h @@ -1,10 +1,9 @@ #ifndef MODELS_MODEL_T2B1_H_ #define MODELS_MODEL_T2B1_H_ -#define MODEL_NAME "R" +#define MODEL_NAME "Safe 3" #define MODEL_INTERNAL_NAME "T2B1" #define MODEL_INTERNAL_NAME_TOKEN T2B1 -#define MODEL_NAME_QSTR MP_QSTR_R #define MODEL_INTERNAL_NAME_QSTR MP_QSTR_T2B1 /*** PRODUCTION KEYS ***/ diff --git a/core/embed/models/model_T2T1.h b/core/embed/models/model_T2T1.h index 0af3ebfe34..c79da28f86 100644 --- a/core/embed/models/model_T2T1.h +++ b/core/embed/models/model_T2T1.h @@ -4,7 +4,6 @@ #define MODEL_NAME "T" #define MODEL_INTERNAL_NAME "T2T1" #define MODEL_INTERNAL_NAME_TOKEN T2T1 -#define MODEL_NAME_QSTR MP_QSTR_T #define MODEL_INTERNAL_NAME_QSTR MP_QSTR_T2T1 /*** PRODUCTION KEYS ***/ diff --git a/core/embed/rust/src/ui/model_tr/component/welcome_screen.rs b/core/embed/rust/src/ui/model_tr/component/welcome_screen.rs index 6c656ed157..c38fff4548 100644 --- a/core/embed/rust/src/ui/model_tr/component/welcome_screen.rs +++ b/core/embed/rust/src/ui/model_tr/component/welcome_screen.rs @@ -58,6 +58,6 @@ impl Component for WelcomeScreen { impl crate::trace::Trace for WelcomeScreen { fn trace(&self, t: &mut dyn crate::trace::Tracer) { t.component("WelcomeScreen"); - t.string("model_name", "Trezor Model R"); + t.string("model_name", "Trezor Safe 3"); } } diff --git a/core/embed/rust/src/ui/model_tr/constant.rs b/core/embed/rust/src/ui/model_tr/constant.rs index e897f9d660..c2f4ecc6b5 100644 --- a/core/embed/rust/src/ui/model_tr/constant.rs +++ b/core/embed/rust/src/ui/model_tr/constant.rs @@ -11,7 +11,7 @@ pub const LOADER_OUTER: i16 = 32; pub const LOADER_INNER: i16 = 18; pub const LOADER_ICON_MAX_SIZE: i16 = 8; -pub const MODEL_NAME: &str = "Trezor Model R"; +pub const MODEL_NAME: &str = "Trezor Safe 3"; pub const fn size() -> Offset { Offset::new(WIDTH, HEIGHT) diff --git a/core/embed/rust/src/ui/model_tr/res/device_name.toif b/core/embed/rust/src/ui/model_tr/res/device_name.toif index ab9bab67cbccf0d2afefe19ae90f4dee7e1b962d..9d506e2e85da8c27467b745de45abdbe1bccbc80 100644 GIT binary patch literal 136 zcmV;30C)dXPf15!01E(o0001mk&6w0FbG81fc>|;4Ng9#LTaOlG#rnkqR8LFk&t@9 zlEYMRF*RK$9*PGWV4aLNvQ-45j#u$OL3+i(H1uFqxWOKwt0!^wql(O?^7MptM=<6l qzE|Sbh;>Z&Y}bkBp!(zkhjbhVj)ALw;B0qqcwglEQ$Vyuy7BBn;_7PhVtsW1cUh6-ikSN1%Ko tuXl1fNEBPhJfAtCWR}rL$;b9Xyp#AzLba1GKh(RT{nW0+TU(#^9|!hTKHmTU diff --git a/core/src/apps/homescreen/__init__.py b/core/src/apps/homescreen/__init__.py index c2a0a5876a..eacf22adc0 100644 --- a/core/src/apps/homescreen/__init__.py +++ b/core/src/apps/homescreen/__init__.py @@ -19,7 +19,10 @@ async def homescreen() -> None: if storage.device.is_initialized(): label = storage.device.get_label() else: - label = f"Trezor Model {utils.MODEL}" + if utils.INTERNAL_MODEL in ("T1B1", "T2T1"): + label = f"Trezor Model {utils.MODEL}" + else: + label = f"Trezor {utils.MODEL}" notification = None notification_is_error = False diff --git a/python/src/trezorlib/models.py b/python/src/trezorlib/models.py index f10eaabf13..3d83a2959e 100644 --- a/python/src/trezorlib/models.py +++ b/python/src/trezorlib/models.py @@ -53,7 +53,7 @@ TREZOR_T = TrezorModel( ) TREZOR_R = TrezorModel( - name="R", + name="Safe 3", internal_name="T2B1", minimum_version=(2, 1, 0), vendors=VENDORS, From ee3442506259c8c1e9684d836064e63e3b23cd11 Mon Sep 17 00:00:00 2001 From: tychovrahe Date: Thu, 24 Aug 2023 19:16:09 +0200 Subject: [PATCH 02/19] feat(core): add install restricted screen on installation with locked bootloader [no changelog] --- core/embed/bootloader/bootui.c | 12 ++++++++++++ core/embed/bootloader/bootui.h | 1 + core/embed/bootloader/main.c | 16 +++++++--------- core/embed/bootloader/messages.c | 8 ++++---- core/embed/bootloader/messages.h | 6 +++--- 5 files changed, 27 insertions(+), 16 deletions(-) diff --git a/core/embed/bootloader/bootui.c b/core/embed/bootloader/bootui.c index 369b479af7..39a0a0ed29 100644 --- a/core/embed/bootloader/bootui.c +++ b/core/embed/bootloader/bootui.c @@ -264,6 +264,18 @@ void ui_screen_fail(void) { screen_install_fail(); } uint32_t ui_screen_unlock_bootloader_confirm(void) { return screen_unlock_bootloader_confirm(); } + +void ui_screen_install_restricted(void) { + display_clear(); + screen_fatal_error_rust( + "INSTALL RESTRICTED", + "Installation of custom firmware is currently restricted.", + "Please visit\ntrezor.io/bootloader"); + + display_refresh(); +} +#else +void ui_screen_install_restricted(void) { screen_install_fail(); } #endif // general functions diff --git a/core/embed/bootloader/bootui.h b/core/embed/bootloader/bootui.h index 36f7b2cb35..a73349d018 100644 --- a/core/embed/bootloader/bootui.h +++ b/core/embed/bootloader/bootui.h @@ -61,6 +61,7 @@ void ui_screen_wipe_progress(int pos, int len); void ui_screen_done(uint8_t restart_seconds, secbool full_redraw); void ui_screen_fail(void); +void ui_screen_install_restricted(void); void ui_fadein(void); void ui_fadeout(void); diff --git a/core/embed/bootloader/main.c b/core/embed/bootloader/main.c index 605fae8286..9772841ccb 100644 --- a/core/embed/bootloader/main.c +++ b/core/embed/bootloader/main.c @@ -188,7 +188,11 @@ static usb_result_t bootloader_usb_loop(const vendor_header *const vhdr, case MessageType_MessageType_FirmwareUpload: r = process_msg_FirmwareUpload(USB_IFACE_NUM, msg_size, buf); if (r < 0 && r != UPLOAD_ERR_USER_ABORT) { // error, but not user abort - ui_screen_fail(); + if (r == UPLOAD_ERR_BOOTLOADER_LOCKED) { + ui_screen_install_restricted(); + } else { + ui_screen_fail(); + } usb_stop(); usb_deinit(); return SHUTDOWN; @@ -225,7 +229,7 @@ static usb_result_t bootloader_usb_loop(const vendor_header *const vhdr, usb_deinit(); return RETURN; } - process_msg_AttestationDelete(USB_IFACE_NUM, msg_size, buf); + process_msg_UnlockBootloader(USB_IFACE_NUM, msg_size, buf); screen_unlock_bootloader_success(); hal_delay(100); usb_stop(); @@ -549,13 +553,7 @@ int bootloader_main(void) { #ifdef USE_OPTIGA if (((vhdr.vtrust & VTRUST_SECRET) != 0) && (sectrue != secret_wiped())) { - display_clear(); - screen_fatal_error_rust( - "INSTALL RESTRICTED", - "Installation of custom firmware is currently restricted.", - "Please visit\ntrezor.io/bootloader"); - - display_refresh(); + ui_screen_install_restricted(); return 1; } #endif diff --git a/core/embed/bootloader/messages.c b/core/embed/bootloader/messages.c index 33c4a6a790..c6860b58bb 100644 --- a/core/embed/bootloader/messages.c +++ b/core/embed/bootloader/messages.c @@ -577,9 +577,9 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size, if (sectrue != secret_wiped() && ((vhdr.vtrust & VTRUST_SECRET) != 0)) { MSG_SEND_INIT(Failure); MSG_SEND_ASSIGN_VALUE(code, FailureType_Failure_ProcessError); - MSG_SEND_ASSIGN_STRING(message, "Attestation present"); + MSG_SEND_ASSIGN_STRING(message, "Install restricted"); MSG_SEND(Failure); - return UPLOAD_ERR_ATTESTATION_PRESENT; + return UPLOAD_ERR_BOOTLOADER_LOCKED; } #endif @@ -735,8 +735,8 @@ void process_msg_unknown(uint8_t iface_num, uint32_t msg_size, uint8_t *buf) { } #ifdef USE_OPTIGA -void process_msg_AttestationDelete(uint8_t iface_num, uint32_t msg_size, - uint8_t *buf) { +void process_msg_UnlockBootloader(uint8_t iface_num, uint32_t msg_size, + uint8_t *buf) { secret_erase(); MSG_SEND_INIT(Success); MSG_SEND(Success); diff --git a/core/embed/bootloader/messages.h b/core/embed/bootloader/messages.h index be8952941d..45a128560b 100644 --- a/core/embed/bootloader/messages.h +++ b/core/embed/bootloader/messages.h @@ -41,7 +41,7 @@ enum { UPLOAD_ERR_USER_ABORT = -7, UPLOAD_ERR_FIRMWARE_TOO_BIG = -8, UPLOAD_ERR_INVALID_CHUNK_HASH = -9, - UPLOAD_ERR_ATTESTATION_PRESENT = -10, + UPLOAD_ERR_BOOTLOADER_LOCKED = -10, }; enum { @@ -69,8 +69,8 @@ int process_msg_WipeDevice(uint8_t iface_num, uint32_t msg_size, uint8_t *buf); void process_msg_unknown(uint8_t iface_num, uint32_t msg_size, uint8_t *buf); #ifdef USE_OPTIGA -void process_msg_AttestationDelete(uint8_t iface_num, uint32_t msg_size, - uint8_t *buf); +void process_msg_UnlockBootloader(uint8_t iface_num, uint32_t msg_size, + uint8_t *buf); #endif secbool bootloader_WipeDevice(void); From 0532585105ba01aa37718780fceb8068930cfb4c Mon Sep 17 00:00:00 2001 From: matejcik Date: Wed, 30 Aug 2023 15:54:03 +0200 Subject: [PATCH 03/19] docs(core/bootloader): generate changelog for 2.1.2 --- .../bootloader/.changelog.d/+14e1ae91.added | 1 - .../bootloader/.changelog.d/+84ec609d.changed | 1 - .../bootloader/.changelog.d/+95c27be5.added | 1 - core/embed/bootloader/.changelog.d/2955.fixed | 1 - core/embed/bootloader/.changelog.d/2989.added | 1 - .../embed/bootloader/.changelog.d/3222.changed | 1 - core/embed/bootloader/CHANGELOG.md | 18 ++++++++++++++++++ 7 files changed, 18 insertions(+), 6 deletions(-) delete mode 100644 core/embed/bootloader/.changelog.d/+14e1ae91.added delete mode 100644 core/embed/bootloader/.changelog.d/+84ec609d.changed delete mode 100644 core/embed/bootloader/.changelog.d/+95c27be5.added delete mode 100644 core/embed/bootloader/.changelog.d/2955.fixed delete mode 100644 core/embed/bootloader/.changelog.d/2989.added delete mode 100644 core/embed/bootloader/.changelog.d/3222.changed diff --git a/core/embed/bootloader/.changelog.d/+14e1ae91.added b/core/embed/bootloader/.changelog.d/+14e1ae91.added deleted file mode 100644 index d08b843e74..0000000000 --- a/core/embed/bootloader/.changelog.d/+14e1ae91.added +++ /dev/null @@ -1 +0,0 @@ -Locked bootloader support: bootloader will disallow installation of unofficial firmware unless the Optiga pairing secret is erased. diff --git a/core/embed/bootloader/.changelog.d/+84ec609d.changed b/core/embed/bootloader/.changelog.d/+84ec609d.changed deleted file mode 100644 index 59a197ce99..0000000000 --- a/core/embed/bootloader/.changelog.d/+84ec609d.changed +++ /dev/null @@ -1 +0,0 @@ -When building a `PRODUCTION=0` bootloader, it will recognize the development signing keys instead of production ones. diff --git a/core/embed/bootloader/.changelog.d/+95c27be5.added b/core/embed/bootloader/.changelog.d/+95c27be5.added deleted file mode 100644 index 8344dde438..0000000000 --- a/core/embed/bootloader/.changelog.d/+95c27be5.added +++ /dev/null @@ -1 +0,0 @@ -Support unlocking the bootloader via `UnlockBootloader` message. diff --git a/core/embed/bootloader/.changelog.d/2955.fixed b/core/embed/bootloader/.changelog.d/2955.fixed deleted file mode 100644 index 4f9a096932..0000000000 --- a/core/embed/bootloader/.changelog.d/2955.fixed +++ /dev/null @@ -1 +0,0 @@ -Fixed gamma correction settings for Model T diff --git a/core/embed/bootloader/.changelog.d/2989.added b/core/embed/bootloader/.changelog.d/2989.added deleted file mode 100644 index cd2d6b57aa..0000000000 --- a/core/embed/bootloader/.changelog.d/2989.added +++ /dev/null @@ -1 +0,0 @@ -Added support for STM32F429I-DISC1 board diff --git a/core/embed/bootloader/.changelog.d/3222.changed b/core/embed/bootloader/.changelog.d/3222.changed deleted file mode 100644 index 56b4c91bc9..0000000000 --- a/core/embed/bootloader/.changelog.d/3222.changed +++ /dev/null @@ -1 +0,0 @@ -Show "empty lock" logo together with model name (replacing the "filled lock" logo for bootloader entirely). diff --git a/core/embed/bootloader/CHANGELOG.md b/core/embed/bootloader/CHANGELOG.md index 13c4cfc77d..fe576222b0 100644 --- a/core/embed/bootloader/CHANGELOG.md +++ b/core/embed/bootloader/CHANGELOG.md @@ -4,6 +4,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## 2.1.2 [August 2023] + +### Added +- Added support for STM32F429I-DISC1 board [#2989] +- Locked bootloader support: bootloader will disallow installation of unofficial firmware unless the Optiga pairing secret is erased. +- Support unlocking the bootloader via `UnlockBootloader` message. + +### Changed +- Show "empty lock" logo together with model name (replacing the "filled lock" logo for bootloader entirely). [#3222] +- When building a `PRODUCTION=0` bootloader, it will recognize the development signing keys instead of production ones. + +### Fixed +- Fixed gamma correction settings for Model T [#2955] + + ## 2.1.1 [June 2023] Internal only release for Model R prototypes. @@ -76,4 +91,7 @@ Internal only release for Model R prototypes. [#2879]: https://github.com/trezor/trezor-firmware/pull/2879 [#2896]: https://github.com/trezor/trezor-firmware/pull/2896 [#2941]: https://github.com/trezor/trezor-firmware/pull/2941 +[#2955]: https://github.com/trezor/trezor-firmware/pull/2955 +[#2989]: https://github.com/trezor/trezor-firmware/pull/2989 [#3048]: https://github.com/trezor/trezor-firmware/pull/3048 +[#3222]: https://github.com/trezor/trezor-firmware/pull/3222 From 59d35c86524ef0e11a9a39b967a51acb0a1028ec Mon Sep 17 00:00:00 2001 From: matejcik Date: Wed, 6 Sep 2023 11:09:45 +0200 Subject: [PATCH 04/19] chore(core/bootloader): bump version after release --- core/embed/bootloader/version.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/embed/bootloader/version.h b/core/embed/bootloader/version.h index 4a109a2cab..b3d996d9a0 100644 --- a/core/embed/bootloader/version.h +++ b/core/embed/bootloader/version.h @@ -1,6 +1,6 @@ #define VERSION_MAJOR 2 #define VERSION_MINOR 1 -#define VERSION_PATCH 2 +#define VERSION_PATCH 3 #define VERSION_BUILD 0 #define VERSION_UINT32 \ (VERSION_MAJOR | (VERSION_MINOR << 8) | (VERSION_PATCH << 16) | \ From efab85a963ee3d32d5dfcd83fdc05cd71f4fc4e4 Mon Sep 17 00:00:00 2001 From: matejcik Date: Thu, 14 Sep 2023 10:12:45 +0200 Subject: [PATCH 05/19] chore(core): include signed and QA bootloaders --- core/embed/firmware/bl_check.c | 9 ++++++--- .../firmware/bootloaders/bootloader_T2B1.bin | Bin 93696 -> 100352 bytes .../bootloaders/bootloader_T2B1_qa.bin | Bin 0 -> 99328 bytes 3 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 core/embed/firmware/bootloaders/bootloader_T2B1_qa.bin diff --git a/core/embed/firmware/bl_check.c b/core/embed/firmware/bl_check.c index 3c527806af..b522a339a2 100644 --- a/core/embed/firmware/bl_check.c +++ b/core/embed/firmware/bl_check.c @@ -65,9 +65,12 @@ static secbool known_bootloader(const uint8_t *hash, int len) { // bootloader_T1B1.bin version #define BOOTLOADER_T1B1_00 {0xc1, 0x01, 0xd3, 0x8a, 0x00, 0x5e, 0x4f, 0x5f, 0x87, 0x1f, 0x49, 0x78, 0x24, 0x9c, 0xf9, 0x82, 0xd1, 0x91, 0x4b, 0xa6, 0x90, 0x03, 0x9c, 0x50, 0x49, 0x61, 0x10, 0x4f, 0xee, 0xe7, 0x1d, 0x7b} #define BOOTLOADER_T1B1_FF {0xbd, 0xb2, 0xf7, 0x62, 0xfb, 0x10, 0xbb, 0x30, 0x1f, 0x95, 0xa3, 0x12, 0x6b, 0x41, 0x1f, 0x66, 0xfc, 0x57, 0x28, 0xce, 0x7f, 0x59, 0x42, 0x6c, 0x3e, 0xed, 0xf7, 0x69, 0xbb, 0x96, 0xbd, 0x4b} -// bootloader_T2B1.bin version 2.0.5.0 -#define BOOTLOADER_T2B1_00 {0xf1, 0x3d, 0x46, 0x21, 0xec, 0xf9, 0x92, 0xfb, 0x5c, 0x50, 0xaf, 0xdb, 0x55, 0x13, 0x0e, 0x7f, 0xbe, 0x5b, 0x30, 0x37, 0xc9, 0x17, 0xff, 0xf5, 0xe7, 0xd7, 0xe9, 0x1d, 0x09, 0x5c, 0xf3, 0x2a} -#define BOOTLOADER_T2B1_FF {0xa9, 0xf0, 0x63, 0xfd, 0x8a, 0xe7, 0x6c, 0x52, 0x92, 0xcb, 0x11, 0x69, 0x87, 0x79, 0x62, 0x11, 0x1e, 0x01, 0x1e, 0xf1, 0xb5, 0xd9, 0x20, 0x16, 0x4d, 0x2c, 0x16, 0x41, 0x0d, 0xa1, 0xe7, 0xc8} +// bootloader_T2B1_qa.bin version 2.1.2.0 +#define BOOTLOADER_T2B1_QA_00 {0xa9, 0x4c, 0x0e, 0xe5, 0x51, 0x04, 0xfd, 0xe3, 0x44, 0x0b, 0x6c, 0xea, 0x6e, 0x4c, 0x11, 0xe9, 0xf6, 0xca, 0x47, 0x35, 0xcc, 0xfe, 0xf1, 0xf2, 0x97, 0x7d, 0x48, 0xfc, 0xe9, 0x09, 0x87, 0x2e} +#define BOOTLOADER_T2B1_QA_FF {0x37, 0xf2, 0xc8, 0x45, 0xf1, 0x1d, 0x4f, 0x1c, 0x48, 0xf7, 0x9e, 0x09, 0x67, 0x26, 0x9b, 0x2c, 0xc6, 0x37, 0x55, 0xa6, 0xf9, 0x11, 0x84, 0x9a, 0xcd, 0x17, 0x3b, 0x46, 0x3b, 0x69, 0x8a, 0x83} +// bootloader_T2B1.bin version 2.1.2.0 +#define BOOTLOADER_T2B1_00 {0xf9, 0x8f, 0x91, 0x9e, 0x3b, 0x52, 0xe7, 0x9f, 0x49, 0x57, 0xb4, 0xb6, 0xf7, 0x85, 0xba, 0xdc, 0x5a, 0xb9, 0x56, 0x7d, 0xb6, 0x2d, 0x0c, 0x6d, 0x49, 0xce, 0x92, 0x86, 0xc7, 0xf7, 0xc4, 0x5c} +#define BOOTLOADER_T2B1_FF {0xf2, 0x7d, 0x8a, 0xee, 0x85, 0xdb, 0xc2, 0x0b, 0x35, 0xe5, 0x7a, 0xee, 0x84, 0xbe, 0xbe, 0xd2, 0xac, 0x1d, 0xac, 0xb9, 0x5e, 0xdf, 0x98, 0x19, 0x9c, 0x1d, 0xa1, 0x74, 0xab, 0x5f, 0xc1, 0x54} // bootloader_1.bin version #define BOOTLOADER_1_00 {0xa5, 0x5a, 0x8b, 0x88, 0x94, 0x8a, 0x33, 0x2b, 0xed, 0x0d, 0xd9, 0x5c, 0x79, 0xd5, 0xbe, 0x0c, 0x73, 0x52, 0xaa, 0xac, 0xb3, 0x4f, 0xea, 0xd0, 0xaa, 0x88, 0x33, 0x23, 0x64, 0xab, 0x77, 0x5a} #define BOOTLOADER_1_FF {0x50, 0x6c, 0x5f, 0xd3, 0x73, 0x7b, 0x9b, 0xb7, 0xb9, 0xbf, 0xf9, 0xfa, 0xc6, 0xb9, 0x43, 0x27, 0x8b, 0x06, 0xad, 0x3a, 0xec, 0xce, 0x35, 0xa3, 0x52, 0xc3, 0x6e, 0x9e, 0x9a, 0xb3, 0x50, 0x98} diff --git a/core/embed/firmware/bootloaders/bootloader_T2B1.bin b/core/embed/firmware/bootloaders/bootloader_T2B1.bin index ed76a2da0ef8e9e24e7a47e52ccb2b1fe217d57a..a5f508d5c5d0baaeb8597774728bba2855ad4ecf 100644 GIT binary patch delta 32204 zcmb5W30zcF`#65LS%3kCMMOZI1!-8c5mC`xhJmiYsNj;BnJ=Q&xK!kpnlZ0Jiv)=!6?hJ@!pYQKKpU;_l*5`T7bDnd~ zbDp!9+et{{M-4 z|3!S?7Oucy zsj4>V>}(i|K9Q+#oQahf#5EG&OoC z6UChs(Y9zKcn*r_o9GzotP5R@E`jhO5l!iq$b@jOxX{XOBSu7V3&a_{dZ!xCnQoC$ zWddVjbVTB8ma420;{0yWKrYKG?B44)@fR*k-X)#9d#JW&X zObVb06Vbn8rp82Zdwn||RE>0bPlm1ay4l?YWz(q`7xpJ$I{hn2u#$RM=w}pe^&F@*WwG zd8UBA=rJ=ggfj|MwfZo|l?r&`C!rB>xSEjyniprJoFaNNE)5F);i>y3Za+h<_M+0> zIn;D7`lk03YJeA|Xckkv2kp{)O_h64i8hgX(StT?zo#NRb59O|3fYD*6n!k8HzG_kUBj-ERsud8bA_^ zY$T_3B5V48s88KUJ|H7DlKV*LNU4#08p!j$fW{AalA7yApA6VQY29dSMltoL3)N<1 zPLAL%i8}z6fsNpP6o={hvn7?!ZjRtii;3WWq%wm0M)FMq-~Yq}h_hBc1?eZmjlxJ{ z@6_NQ3pml(%Mxd`ZJ%N);0QY15ybu1h0Fs>lOnihB;d(Vc(&vl2fmpinI>=4=#p6@ zAWabwH&DX_aU)zPdeA!X+;O6J28{>LS5D*_R0N)_PBd-sWbn*&qE80LWt2dxl+>qL zc2qNLD2pphR>oUkYm! zk`LE8SMm)2U$$4)YEa-(!yz=xi_(WSsg8(w)tn?|C6iFEhvE_=xQ{&@kZUC$hFs+# zvO-Tc1tQw>P|~CbZmuVpO$3pT;GXo5`eZgi$5xVvw>`Wmf_nne z3_8q*$&wGlnjrZwm189zrZNvOC9?x6nO1`=f-`&Sl7?wW^*g?T0C78j+onlq((p8D zjSsCJo@t8U7P&n-EgO0#*OXBNt?Vvn+fl4#aqC(G{?J=FkTTu91M-m&KUMN!e2==3 zXZV+zE8b)_xl-g;d$u|W*rJ9QqlUez;DDeH_tFyD~ zNXTY#B6aRB;5j9rJGqn9O71P_?j?c2W#gl0THXgZn}F2$)54ToxIkAwAuu=8ob51L zo}Z?=Ek<*+jBF%1lMn67Ph!+uod;dY*Cl-};&H=2N==?ZE2HYw7IhxOnso72Qj$(J z_qqoqS(3tbcFDTsQ8dM(q1K9Mxy1y~7J2H9TFOc4Egu>`CPlsvAT61KR*uPpv}`vz zGG=n5n(O91)1pili3>esO=>R8jSOQo!Fr!bXJXZy(}l*5Jr|?qUUMm-Ym$MkNjel< zr5BkB(y4!Y(ZYgZ0PqD@-M)hTq`Yu4tvvT=-TZMoC~AZoMNizogmb4r&L%Da&+8&e zdL%{umMfflUPO}~F+$uEV%^$DB1uCy_nlAi7c74|9a;@bS0BE{nMD4}19&V&ZKqyh z6x_Q`wD_B8;92NI=e`*ao;)Y&_iYJy!kuW>x3y{ow-0!J_?poK?J|mJKu0GfP^1f8 znluP9trSq~ql3Z~+$?{?xG`)B^?g(eabvo~kvI+t3=~l9qbsS~A{sQ=N*xi=j>+lj zaPEJeRjdX&WJF~+x5tBinXC(aO;m0V*%Bov)dcr5ig@e^C_T%A=07$GJfFGI*N?@{ zQ*i1-7~|mjSW8E%D!5@D8LQy_bQ2l{r|}Znk$Rg>2{F;0f;M6zj(x*T4s$i)crB}e z6otnC|G{4QJ)DzsH+=r8E4YgXQQ?$)!2B&t6H_!XANY(=BF{|@{IfY2b2dxCZ99n0 zK%Q`JtsChc9}Aghy3xYN7lWtXh5mSars|5fC(c`-;Ld)6rcKpROCConry8jJUiALd zp-{5Hg|1JH3wq7_+!L8B!TpLtpLmR#;ziacCae2;?+P?yh9>;ar*Xk@uDe(25^hwO z-z!Yc(f;5K1=n@}6;4YJzT#18+L{T?t!7lXFBTQ$hcR;QD-Zf;+EA*>gKkZGQn%D2 zGctx-=g7Aw2pW!P_-Z<(d<`7_9+SRk*}qcM8O5}6@)NZ3%rshAJ%d)Flb;%6;@6PTd=a#!QFm_;pD4U9&`Fw1ooEz(wwU;a~vl=a3>E)jg&^MnOY~fspptG7S z+sr`@LNl^Uqc3*IIlY_F?T+0M8^#IZ3~ODxedNt^j84|7B$-wv5yt&4zGo%+{nAK5 zoQgattS)3)RS^HPNJ2~)m&S?`Tbm4&L^lwc0&b5n&KlIE5f!fB&T+eM z%k8WOEHbtf;P}Vv?ri=6B1zY!$%aCc{q8*0P7F$Cr9R^(S;BDBant&qIh~cYY6wGv zjuju{>%{8TJtO7p<;Hi~iHw{a(?F)3$RyIv{Zx5_Az^4p$Hh-d#ZNi*wG$(Cpd(i{ z;1rSHD3u0qvIeRAFU>}l!mL~o=y-2|R*a`6ITw2vUHsQ%>S-q$R8&koh-DUlj1>CxKMYi_y`r237yLW%)10`*Hm<5R<3QeuWt)q zu$Ap&k+Ukcyps<^AEK2C8L)h>x%W@R1D~*pra?j341fGvvVLX2`Qce&b~Y(dUKI;2Sde8|IH{$qR%gxXH-MVCL9i4*RiEAc}CS z{128D3R@ROGY%Oy+?N5{+*Hp$Brvj4RDV(qOi|IoCg3tt!Cs)Ei_p8i3Q%tR31a zr>MOmzfcUd*lXgfbf@e<&Arst!-Aa9u?#eg+9cz$kKE1iM8T>l;hcA~(fiu?%)MR4OGb6aEA$%qCt&wB|N$Z1dn{d`yDhUS5iP02Zr5R$73 z`0oh8xgmKW`C;4;mz=vG1m`J>rhi0myF7BvasX@{>PWDEsKKKl2wHe0r zkDu+qow_SSQ@kCdPksu$`J~Pk6_{->mvC8F8)v2Fr;Yi1u6*t0>JZS|Bdy&wV6sjN zYJ0NXq$k$fbquRyeSCyZpQqGi!sr(Yq?zO-TX^80HKml?P;f__Pi#;P7|IURgmB}9 zKMue`W)Q?apIS5~TzqP`$l6lx09I zQ|FSq(_zbg6x}e=6U+?qJ5kY&&N)=Zk@uEi;mfvv4ciIWCr41ueopt-W znu?1%fHuxf3>Enp!3YpT0pfG$)7gEZr-``!J-a~K?nb`ZNzt#kAz=v#t(#26{kLomdr_vwn!NXEm7N%vF#A5o|CA0Fn~RTYidAEb2RE6?ylgj9zyE5 znm7`cP0JQc&MtSia$SM^?-0tLs~P6wd$`ET5R0x?k0r4Uq)x>lNpn;LD8`-jI~SAt zd$Tei3$K72;NCL-DRjizOZBm9~9_NDU&EMR~Mjx*`jEwVQ zAMo+fe^G&DT>k((NIQtducZDZ^z6JownY{hf|+qal@M!OU{Rn27A3eKaKVVFgb8H8 zsg{s*1^2V7Bv-*P9z6F3Ii9f)=$ZUya+m7~t&AJ&jAOrVR&d9F->wB%1h8^G+G{f0 zX=L_2OaIdiw2d5I;T6+=vziwx? zhVCIWBvqfmmPF$u%KhY4Gv?@o97+ zSZf8_Az_GZ0Br*J8r5Y8xGZScZUF`J!FhD3M9KR=fDarNYugD>NogGwn96;8)Dge@ zp9He|wv^=Vv3v}44wUFTB`B+9-1}}BXY>)ktjk^*x7GD_F1_2wPnYCvLL&|Kkk6(0 zm|+W~&`W_(ZX>g0YaY=Gic*^+l4!TX>`-d+Fx%-?Vg}uA*KaY)*o;OW|Gp&l3>($> zh7hlLLx@u=_u}dbfp|qDv$ZszY`0IxvD1AFXkl$W8P^X6@G!y4e;^WiQbVTFtt6?w zc%oH7le%rDH-wEw{dI~igKr4?XEW%6iN7@4h(1ltgZ5B2ex)vCM+!OfXih;BF8cO> z?3#AFjS_N(g|I(1YV>`eeMo4Z{Z8CIO2=%=?EE>o1R}HrZDk7>FbQh(eFJ%xOL-KI zB51*){OP%-TfL(Q?agM5uJ7(X&{_|8<*eZ#wQZ_po6VdI;vXZ*xM?D3c)+m_fKPE? zNj&2+-MU!FaN9(Y|HeH&mw-l+aY(@E;~fP6IxoKiR1JXipi7OZmObecpINL6m zPyckR=r!6rI_n+c2FU*jh&kh+3=xf(w(}mX)acWs7D;tH0NAzp$$2S&JwpFXGi`7* zQiU_e05$VR9d!RShHVF34&3=1{FJh33RbQSL;2SR?Y{vdCH0K z%@F@0#B1iz%1&dWNHeo#>|X@d;O;7~ zxSM7{p{)Fe^BxAW6bo9f`uH3-CRpKk2vQ!(H|1pkG_C&1)w|NH0l9rOkgGrB>YqO_ zFB7+%zVRxvb+AnmZk*|c#9)QP0GSN=X?gu2Qn>R}rZA(ptm{Jdng;2jEPLa2IaN31z*w_fCxo{?|kxUC~#A77G75RdiG$0nic#4Ct zZL*IXMx?dFA;cj}@1;LCNkK1e>TC-rN zEtE@fzrDng^L9xOkk}5zEXl!eIldFECMuMRgLKUj@Y7jr&m5BuPmEwKa+(Yz8{9Z! z2{~X!iHY^_VZM?2UrR{++a;ehD}bend`0e57+x7}h8H?FR&`hT#j4_2TGm0JY-=1=eWd&8DKPB zG)4WmH|;m*$#iJ>?7foI~ zH7>+U7)Cl|+sg!Fxf!eup{@Oi-k*eW=bY%9#c8%{o@+I42j3&_tBH)w z@$hRsZwN*rppCQ+AQjw5!DLW4RKQ|YzAAUV#Nr>_cy)1CL1nmgo?e*culQMB4|}?6 z?y?71 zh2w!v*mPuGU~TJM9eYJZ(7$Jbn+i?^MKRSjV1p6-SLS2AgDco+*;Q~^*uSBw{ec(b zt?x=rzK-3@%GmI4Wgld);U~kt4L@0NO+jo0o%%;$l^m^x&}Iv&`O3=zQ+oky zLqtEDiSw?wEC@T*y9>db`-L>;=p+LE+rHsBOv3lRe&c{)B(uR0gzt;NQ&6l9I?fchZVKL9527m8?k*t z&K5Jn-V6SvyWsx&)!p`LfV;m)uyea|*TxzC5xCwN-3j~+03H+o{xATS5#h~v z30De&xf@3JeelHsivj|Rh50@39|DJGyo>O~vt1i}3j;zv8NRlO@P`dZAYR2<_M==C z*W|6wP2cV1PfFB2(KujB?LF#-mv?#wbWx8Ltfes>S~^xzq8@I{gqp@kWk-Ul`~%eg zd-dSGICh2S6A0UHUIr|_k2P+zES()YTjbvZ zyUM5wO0G%jG;($_beoJ_LuQ{B)P%@axb-Yio(?+^YB2I#1g);P(ZH7GiToAdk(_wx zs**b)mCSY=779T*8F?1>ExXjW=6OwbZ1?Y6PYFvqS^u-wz%CB3{#Ez0To5qpM?Etn#hKywe2HnH zpp;L~pDroxrdvZn^q_Lo5w=_p= ze{?jgQ)YaHp0&l>z|yPv0>%>qOYa?%uY~cSk6UBK1JThqP0`KYAYGjU$nzK<&$yHa zF*har2P$t zbUXoEfxcu1KkgPK0EYo<&w2>su0nGgq=jQN$e~b8JOK4JetaXUcl2qR`>$ASg9b}- z^o1tso8J$#;+>#lgf%BaI5|HR!kZv0Z`N8BH?sPtvq9u!(59=U5mMf&mMa{+A!qM= zE#%w=Ia{xigTHC+J+^m#e=DJfrZZxW{Vxu9Ttp7g7g34PMX%P>!0v{mKJ|Z`nG=%_ zt*<`SLifi^#na6LE~E9f7g{bKi5rNYf`@Wo=W1EoU6sbEt#CVwuAC%Ao1 zJi%dQGizL6hKq5~+*V&WY+T?Pl15R|5-HG52$PE2>c#>xm!+WaW~YYzxf!b_m{2@o znxU>(D*SarAFVXnRA71uXdRM@Lm07|Q0J2aED3sU=~jTH5{l35TgKMhWmy{ zbNyoiIj9lPb=dha!pQ-IYS;=nE^Vv%xufKkxu6Q#_$;Ucp~h9mH6V>D*v1T&=*P<; zjkHzTfs6!X3ZEHllYSj8P>cLkc82B-!;za+wcsiCqSdP>#i=;6>tqWt>s~t}&82uz z+v?GfkMg3Nmour~Jm{sD(<#_ku6=n2wakMit|_F(dC+@nQmBVK=({x|sCW;Ge5HuG z4x8eyT%=xbqw%Hr)FZH;UfN4uy^vNOS%{98W>QJ84P3gB`g|eU@T!UW#D&hhI$E^| zQA&RvzZ3ytn+xTyU8l};`M2Txb%9b>*P1A`3mIOULjB@It6!T){jd<7e=Rq5gL8M$ z+t$b9-Y#mDHt+oFl9q*N=sF|yj1$dUmrKF%hmY3fQ+g+&$_7yiCmLEdlxl%p)Ur8L zoly5nSs2xeTtqAN;3B{c1eXJD61Z957A-QiaYPC+qixm+3PUmxD3t#4nw;G?sMP>t~C%p0^u`yj2lfsxbS2ZnE35;MU?XfHR*v_HXtgN|c+Q0VhpGs|T)+PQYno7c4T?)}<;1+>@2YfLX^|Pt`$D2vb4`41i zyr^#4oBc?Jl458d zGQT|tVy=48^0$k@Q|Cp$y!~(R%z*Pa_RURg|KxKUGOT1ZcK5Ocd(I^==Ab@jH9oWj3dA)TrjT>p>-@2C4W4hh3- zN4YTENOK|;f50vb!?r9@XB{vmQNJ4EqpW(4q@#)mu7_{BwO@X<`_?U*)mV3%%|)r_ z$aJdMbjLG4kEnCE-i|UW8yNkG>1SFL=~3Bq(U}%nACqRN193fA!y*!Abmy{npC*Y>{vq*CUZD}5_TuVz3Y2KU_xZv zVIdi+BI6zt2rd483uh{KPf3(<1}CZ4SXT=N27qA~woC8bLM6Er7jo=Q36gQG9$e0h zey;6KF)oy_Cq*seh6p%vzLfN<2TiMqp)NSlGkenFmVl8MpwfSZx8I5O?a|p}T!EJ^ zCk!TT;0g?4zlSgo+=G(8)?-)XHt4JxtGQvqY#1)-3Dae8bWq(!^a*v~+y^}JcB56n z?qZ2P1soZou@VoOxCE&*@|bDWS)A**=K*#lD{oiNCi-ZspR^L;CT@(BXT@|t7kd7C zfyu;e{uzAXv=?{9r?X;&MD~Q~7{D_gS{8EldqJ6bSwWq}IS%@Bv=KA>IiBzwWrjcw zC@)EmT8m*Z+@~V?Xz%zbGS26bK(^T@_zU#%tYCUd)Ext+ov`ZLN+z5rl5raa%nR!Z zowcb5?-9+Ie%hMdrk-%R2%{a`fi?ie?MB7#4+AEicKskQ>6V<&;r|CgE&0^xIxCu; z&8cZ5)#86{g+d`w-{kezPYDdg^*iML432lV)M6A911RiK{r%GQDg0U;MaNa2mB>|aig3M7DBEMgt|i?^diAG(1|X6xG+J+?Q~)Z-TxN} zCAbSd^h|Y80>do;5ncls!n*X?CFK=&pua@9@* zvOX1|S`!THy=7191ZZ>2GjAvn~UO>+VH&>L!Bch6jz^ zm-ZyVo$j)wt^`$80mnl-2G=lHQ-oQzTMOEn#?x(06E?VZ-Kur1ymi_XoPT=iIn%vH zP67@EOS-HyOk-F?CS_7%b$8vq%}RoM#N*>ndr(UKXdocfgO=52;G^i(_1^?lx}Qt< z&f((|(JLPfCuQi0KIb8@UJXY05HR7!RkbXJN^ z&5j&XX@;%mcKfVKb4cSUh*d&tV~cE3Vw-8zbz44pgsx=bI{1$8J!4Py$94n{foQZxTv-?w3B8_zQx_!RYF7Rnkwu;XZs-YyJ*c@$55QAMN_>MDdJ$k6 za=3cg2<~bBZh2tB?rZ6rzpk_G%FVPj*qY?1ZnYQa9R{FR6KJi3z&94YOCGK?N5i+| zkxFwniIt`WsW2(WTTT{lF|RD99eCls#oV(oWHvn`u4xRka|yI_OLMdhKwb@i`o-~X z`<8)~=1YO_`M~#k2VHcscx5rE&z}BQ0SNyKL*S;AiO3;MQT5SXG>@j5a^Opc-jNA< z$MYg3&APTBMr}_xLoSk_f($YKb^0Z^%T5wbFx@@H`Zp1SVZKwg@3t_fp`nGN{w8Fc zU5XC~+02195OEU?jn4RmeC2(l>`iCKeuQ7f2X}V*av{@5rZTYGQ2o+j;bgTw2+tE>L zoQ?ps&2It_`Qw2@E=*@@5L~?nc~0Oy^{G#UBO08St|GJ^9aBlKS8}!90c>zSQGpHI z23COMs>*z2E|C`9pkOrAWf11^BmfH6W*9|GbW$`YE6QI+73 zPmvEgC6wF@B@GhBkG%xQJOf*zVjd zqQzgawwFbG;_q%_yblmDsP2XiU~e^qEhk_ z3B$m<60cW}v@q)#HU=6tG+=3YPO`Mn^$3N>Ts(}MWPC`#3yfYdqnML5Hr2&{hi#;q8 zgg$C=Ap95ZHb>o%}Oh2 z{H~Gd|7$bxz;&>q{wjRiOm7Lt8(6R7aUTIUBEVt873R!>`WQ&DUatwzc!zfQ?EXaC+vvMF#N$H&W^sOjrT)Jr~;d1?^320eSKXO@qjEJQ&~ zI`(+up(1%cxPg)%Az5s%=z*(VLO;DnEZa>WQ+@nqP?~>s`1f*ya<8FNr@Du&>Ox-s z=dtMNL^ww2?>1iks&rUY0T#0kdGPWVedryBU3DyQ4ZzEPbOae26N4!Wp_?*;;I)QBKk3Y7DH$JaNt_fmpqRWllDWw;|>3mx^uN|Z|qSJnL4se_ScM;q;(28Qg znZPwccq2GUWxdYm-g zga<5XWF&C=Z8IL>-W15~fn?2R)9HOortED+(-k9jyfG;{|ZuMo(n~@3MShN(9Pq0&B4FuF1Gqe>X&rFmEpe~DRr-lJ?%Y&#LwGb!D z{5sBR$gN&2ikKR>JCZNgc z^D|vk95pDrcrb@*SGmv#*Z5eGUwIE8B7-zxG6T70yU=GY12AVo7bsEnDV+T*g zDy+||Dbpt)v4jfrdI*<~LPy*h+d4R>s(iYCbIr*X*^?(*6i<5jfBQ0P0;d)7LUYH$F!Pmw)z*%+ zDz52EPGy%Zd{Zb*2vEDj;4Xlh0$YCN7JTeJ&VuJi|FQd63sD|7&)jCG;%3Ipqu^^J zHW1s$^0>KXxFj1lBW^AQUvdMvjp~expNkD1P@nC1b=EN!ViJZsWqC5`zJ$m>-4Ia1 zVc8Uo*$pDyGxya_juERFW zB-m+Sp6nGRIwh##;KwyLwQ=se?CVN;?##LK44Y~2;nqyv2n1#uDpOIJ@S`bhW6H+9 z8-09;uSg#RCDZKK=mTt9qGN-08!At=gsnQ&qRI(|JhOcCMqBFK>^3`{iphYlmYt}h zQB)~S0DM3!AYNoTB}}!0?Zw$U ze*$Qp8hS#}0_#KB3*aBub3xH6ry{#vnR>JvBTRI#+P&r7e(rQvD&nm4N*!Nc!?I|jL z+RTwu@vO)5x0%w-N{7~(H#(|bYY%IXLUnde zQJl4qe&{S5+^5Mi`gugt+w($dH0+j9Kii(xz-7I3^9aZsYyC_<6f$oV25Mv}an{sE z9T!8z6-|LPzMYyfT{kcIz^-|5aL-1^DItEO{x#FyA_5k88AiO!8)(!&O{5k$(()s$ zVswiQRkwp7Zm)NuBd;VcdR+i8rf!_uWamL)p9Trz(O5JgC*KPwR~X_28wna&Y~qE-PmbPl_^@NV6?<_-moF zQuowVYYnlUQy9*KScm5Cm>p+2(?SkR&HfGSjeTaPX3qi#XFjtbG$%DXD!X_NlhVf# zQe=T;pMs9cwoJ!*!<*tSPmk0i(<-pmllr1rm=i%w9{!}y6fZNJ`cb2&ZJHT4n$X;3 z2|XC7AK*LF64IwzcF*ik0Q&A63^p|zcO@dl;mABd_U+~v2y5dn8^0sJI2+ki-A?=~ zrjhP@{2aNXQ0T+i;FXaH;P7`TxZ2jEwtbBz{ft?DNg*|#HdB4?{Ai~8UUF0hto(T7 z8fjN^3K#)9I!q|o-$E=!Aar*ZMLzyYK&1uc;Rt%EASV4944n5Cn|z;QM>~r>_)o>Q z+^5)oI*Wx!#rppp+qwG`Thdvq8NFE0{XV5)XaBuw6FW?Y!karIvS= zx^d_q#N*t3icRh;_W3^*i=F%Tnq_nrd;6b?O}r^C-u`ffaCy`ryt!7^x4j-)rvl@hjZ4|I|iD zx$%fSqlxzMPyHof-7>W7j4sm0k9Nnx2#mEW+|QNc&NKzUuSzz6UU-uXZwNS z#Ra$L&kh35PhNEOY(Hwf3&ngt6vFR$(ZugHIOF2)b7&u2FFX8wpWZ0|0Uixu;qnYz zwxBe>H)~U`H@;oUq~3xn8wH5`p)ceejQamD7`}06?hktSD$x2LS^;L62dz1m9)qbJ z_X4d<23N5R&iRamWx+D^&AF7A-p;_;mH?L)7Q*VO5QY6{h$fsJ48-if=Pn>2|HqV= zpN0FDSqn+W?w|A}B<;L^Qt)}5{AEGT?S_|4&KJf{5xO!PBgVuVz@?!#&c{RD=A(n> zM^SNbxb=cTj%#8ZjnXe{WW4;xBKq<|66WBo3tvEZxQLEi9E8JnE-ryEY=+PO>7z+r zevMBSI3LpiTsfXlF9PmF!aQgM_b9lf;C6z;ED5552rPK8u(lh47%YH?Aio`)5jgtk zQuNX#Hpa_m`t2P7ZsM$fKJ0Qrte5ZY>o`V4aIXZe`vC3!L|K=_m+vN;FW=I6dApZ* zpso2qkikq=IxR1mgK*vbodHd1%IWUq#{}-&c1W6y7s% zz&i&&Yk*5v;N790V>>we@1F}bUVg6!pGdmhj8DCClBw3e{s^$&_j4QtyMl4QB&fZ- z%|rAh&l?+VHoM^*B|7p;8k+x0ub|T&JD4oNRDiUO}?@mVvKO0`^pIL zfYBiCHzRo3U1;oYL#ZEJXzg!~Be%I+E7>E$Ia(GG9xIMy|hto90Bzul0)l z;%^BLV_=%-OVVY4yNZgJPxU8^{aZqWKVkmg5_kdSw~SQ=4B~F2X^Dyc;xATV=#22> zQHv(JQo3l{72z8K^0g#HkN8`{%L3|mJt2DP-x8h{(6sAmhDiY{wwr(JNY{mBE9l2} zM`qx4?e%40vMy^@h#GohEaQQ5o@m{ToFETh3$|)dei6Ap3f;UBqxA4wMGEYIl8H%k zGZHPn6Nz$era_rv5iPu#37#AgRo_epPqK)v-kbxTTRt@L_l@9r&xdaQz8O4^`Oum_ z_JPOiMI-)90?##g4&~1b@OJO1nk9yoXN-Je6jv(byx9L{6&!ZvT5^w^1qpWQVu z!HYI<82Lar=*Ahr6Ys5~T33_cd(?y0-ujMGO+wRdn;`s^8|}Kyg6BOqx_SE&cm{&W ztPR(pC)`MG8xNjaE;O+{mpbJ_Z?+q$eQ>~}eHgXLg~IL_spT$Yx|2!%3ynJ#k2c=X zFj=r)h!Q`>Amd%=nU5EP=aLg$``8SggYfdseoW9#c!O=fF~-IBb_I1&(G?C4SZ+|| z{(Q*us1x1Uk7O0F z1fGd-JMPdS@U;2r4js-R!B^-*Ov4}G`2qII8zzBg4?N0tbRu|Of=9QG7K6v)MPbKG zayOq0;~tuKJQmG678c{=_x|PDu$vEtcifI8K~mY@l5Tp?*T>QT+8Nm4Ifh4>k3DG6 z@pSO~#{)n!!Sj*_RUS8k=W!4E<9G^qay%&E#8mJ^d(iR|#qgZS&#>{|v8%M8zPqJ+ zZuhYyydl)Fif9J`iOg*Wi%kUlZ}#FBD&92*p97n*F{BG$Lmh4~+A?7DHnQz-%b&J_ zX}FQexCUp~u6G%kSA%V=H-1Da7jR4nn8n%yN8UTH2!YXUs2-Ro4HtJUUT%IZTv)l= zr!cTZ%W36BnC-IRTL`Xhp|=vZ#6{R2664fEy&`{8^j#tvUWLTf%Td0VX4BQIzqXuM zeiZg!kBI!YkbJb3f(x@HqwMw1!d&nf#9XeIe>iL{QA=$Msy*~7x$%&d*x1Iu?zwyz z=V{}sJ^1X8p<&b=vBVyToA0H$n$Eb3^~{GvZBT7wZG7#pS8?gd?u$5QJR6*Iv_&4- z&ZoHG8ZjH&Kxy%PT_tNjyeXQzMP+RzkaCK52!A9wNzCt?&xVXz#kiTs{5a7=bA(7mP&= zTP+awhf9r+2ABJDq;EwtMQ)GXhTVqwdD*tmWlc3nl(Yixof7 zWbe>fE_o9?!_gG9h2W-F1i@n{WJbkEhMYx4RJ_ZOspM-FjSLw@POkWkAs>v|>RADX z{)6qMy~jFwZg~ul7F9eTBcCH5t=K9fN0H}0{#izblT`A-id%BBFge48o9P{>5=lf5 zv8!oi5Ez82p?VBk7`OA^565nVYh?uIteC4H`;xC$Y*moGVvDKgbklS^fV<|9IAez&;DiVXp5f8NSFAFqx)!88k zM{7-HIQo4M3kmkO@l}xieZ{Lmq@HQx_X`!(LFA#yZ@bnVR;5Io4p}lWHLTIHq#%`P zcx_2us>D(ALZ#LQ^ITCTMQ9 zKyIYI(D48u^wE{9&lSeYt(CZS2h zI%j_saU<4LB_tG83F;yusY>WYR0(lJWh)8aSa31wDj^!ak!q%&!6Cb`h8!p)5%A7b zDXAwmio6d_sJAvpj3M+)YJ%gBin(EAU)yc|Wsee%aIg7UMl`fSfABNzs6r)m;A(*? zr}WhVv!fgPSt)5X;V!SX!ct7+*NG*)_P{-N9ZTwuT_;Rrc@Pi;Te>6;5#?6c*ayS8 zc=(!1!5zkOQd<3Rp1oGFzTi%5mi*&x;pBr9X{~rTg6z%w?si%$tPx~lTn-cnhgQU6 z4WXIM0z!h^bDMw6Q}G_8GcJDnk&163$c(gKyh%`NGUImh;hWTJ{)&*LD@#qK5jm7D zsCGRZp*7tOBh_rlsE=bJNtO(I-0i2Pe=;7RE9OLzy(ojXVr>+eVCw-lP-7cl*AxaG zEn6LEAQ08??Qnp9pAjCdiR{7V>L{+pYs?3`X>i|MIQ|(VD?cTucF?;wT(c4+JS_Hu z5N-cKP*q!xQb{Iu`0V{~^s`E^mRAWgca#Z5Mcp@@YU#EY24YQAIT*=Hs)SsyLRZ;@ zoEG_{c4}x*bK-mIH8BlWC15PPU}%c}KXi zbG1-g{*F++W3}KZr??{TYGG&5Nr8ZH^NQ8N)tx6>nEH6!L&CYkG~pHZt?)NCjM#_Q z3s<$aIW>de3Ydx-XjxGN4-OQeYb8XbyO%kO3r)>4xlqo<8x4BTx*gDB_daLh&mCnr5ZQmBpG`RUhJ|18%>hr z&KKcm-r_76o=9#nJn|t^&H=xcT`lx4e;Jqz_c!b$_oHtPTmtdO;ut&-;T*An!KmW> zZlvzf{l3k>;$=0*YpIlxj-v{Y9%h(BDIeNsWV6^c!qqI1-y;raO1F-e^7Mr~sg5sd zi8|7tf%goOnl=l~+M!ZfZ%FIuzypK4B0PrdF)D|Ej0R-`nHbbWCMudpjRcZ3LibxN z5{VjkT+81({1aTI5za4yz2+*(wBK4}tvS;|kZ`1<;@KFo&w$6hSg6W{EH#xJ+W@C! zyjTDaU#m8eTy8^P$U3~bT3$+NqTx^uyqr++c?_wqxEVu^=$7Ncyh~>(*p(u-!J{4J zB0scZWOuR$HSfiWDc#9@Tl7nvoDW|Q_lA7@67MEKMG}T$hpbf~fHlgO1=R{4Y^TC| zeT0uc>8Tf7gsi+?@DWToere?s;cUzBxE1VK!DCW>fE(x;agz{4;?vl4IXpvE0_dyZ zwiRL0s&ufwC@Aglkf!se7Nt#Z(rC1hykF!CJwLSsLpUW6&h->rk28n6UgapQ`8s39 z&k3n>U*-C_v);vJE1?0f<$;HkzflT-V+kN`j~*4ZSZE^^s*$CGMgu0h z6q9Yi1ia;tH311E)$|h(A=|R&hFr$fhPG;yhT7FoZw>5;Om2|pKs+I;MR@cY`24XJyT-1={;nFE*qIUKhX5CBn+} zXe|S$FTy^MPUHu{HfiuRNH42c5Jx7f7kQ7?8V=wB-#~%2u8Q~L$P6;1;^#QBcZA#J z;`3biIhW7e_}z;W6%p}dPuozz1Odivgn!a4mwGeam~!zCfud)J3C@o14EU$;!)suM z=$=a?6%{2Fx%e0tr2!#aRCaAT2;f7y$XpV(^&f3obZNLY3ETRi zZj+`zs2E?F!ZiEJlXcqMx^h`-3B1~H>fkBCT302^tE1rfJ_VX!$*L;h$yLd0nJ|kU z@;;WPY4BF5y#$-3lU+mJPi70++U8?6?|`R|L_XdZ3Jv3*aN#PI$CrU_V1MML@|WI+ z$B}^#6!$NI)X8wxN%y=kyL z2uLu}C*WJy1tFn{$pchWny#!IkP$sKwsLhYM(IcR03f8a7-6K2E|&v3JsS*cUJ-dO z!hcB!w{#*b4&Yl4UmLs>BS|pUKdP&vG{JenJ0&np5ft&s+RVx_=I&l+d&6?2mbxWyD6jVT^ zMAxzjGn;+fRv>9#IiP((T?n}*tbA4OYN+}6COG|2$h3|o;7x|3k(;UnQ(-XtCl*!- zn!@$abG7W~qq!_-bP!WiNOGypU=0b1Ih-YdvCac$E>}EKCWMWz5>(?)36aHiXdcgW ze9P?(p*t0-D-+_VGMf-Z&dxn7bc+NnKC(60M_2m62SJ`xQ~X z@dK&~dQUKwDDnq9$7`7sm!nLujgQO&X&whOr^7eD7Btaar&`MQof2Ye;U;md4<4+= z8q0LhIKHT58cD;{#xfyd=cFcM4P}_#IC2YRkbRex5Y{wuOJ+@0ui&OPgfN)M^BnN5 zO~9Y+px}*@bxTLC&jsO|;%2l3cRUM$j}b+-ga?4xIug*;5Zl&+`fNR3B^1NUu2|!p zNXj+i%QYbLMOjqhDPeNWsg}a(o)9jqDHBF#of0x@;8_)L#u{=fUN4$py_g4$vJm1* zYDn%s!p09UFQ}?AA$TVR1m#gmC>y;K_k)MrHYYzud>$^ajob-_9YoJ?ljoypb8fCIF~Qf^BT|s1<=>_n1&U$__f=Ymjmf{4&rg z3C)r`Z8^L_2s;^1!Gmcg?pHfG@q=Vm2P&nPpC(0}w-cIY^UUQs7?QpGL@CZ;*FjrP zfjpz7@E3M#o(_g&FP|fYkHU~#8j=S?ay2^{at*2QYRG~<$3*D2F9)@+EEzK<4Wx19 zle;!218de5mkGYCDoGag6?3()E?4`8=Z5MU%HeS`^Qo2>;r^Eix3fQ{G!c=zeOceE2l&KM8Ajxu)i_pk@fIkN?^OkD$OF zU<*9dX0*nY|9^Fz3sh5Ay2tlULI~k0q5|?bJVf3CqPDJ%4UYs+UIM%t3B=nFPDr4Zv_j_YA> zU@=+K$0X%0*v%IC&pzaWCBXL~80!K|Tw8dnAl4I})bN^_nRu}#4J6(sFB4~~8$N6s zl7zHfvt139oU?hL%epQZZaQrHRN{T_3JE@O&30wuq}9jHzZXSw7g{IM;D;3%sB~I) zI3b!k;=2~KvkcDVL!)Uy%zsauQY0$8OyTXSIPn)aXT)3+iNg7O5{8TJp4;i8$jGXS zOBN|wn2aYahAx2q!ohzWO$&X)C-&PHz7){o+tw^M-Z{fZETRSB2aH_X z#=nNO6Rt%b`(BfkvBZ#aK=5e-k0nfDvh-dMX;>M`gJmB#EVi0?|V z`IB*LHM~4B-MmAN^Uz(Sk)XE|#eSWs}wy zAtt*)JxHI~e%>*Tr*q!-zS=f3sKc7|?$i9e7#hY8#Zdo%A*aipa>3lMLoLk$7hTaQ zhBLp3*@Ku~)Z6LaWXe4hb_C)fHqGUjh$Auu=U%e~ph1QiVe~NxP2<)hc43z!#cB0{ zudsewU`M|#pt#=_EbF(;ub8wxW_vYA5be=JVDh+YG1>2$*~QRoc#MW5Lk^M99u_!h z6~f?yyt^}ra@_jV1=giC8~KZiX<&-SM8K?3_m^=t>i%Q={-}EtS!Sbd2bN4^NSxlw zaBF<_Sbg2K*O>=$6JgK)2Uw5uA&zVs%v{<0Q}@ zE=@>snHoZ3LLxAs-R73N3Cr(oE^7cP>Brc=0vFrTj8dB^^206NMn$VF6_%_>5vJTQ zvw|f+)X{R~><=y6lb-MZMq)Jz$$&Sy43YhqErq*z8@__$=MT~N$m>jD6`$5Xo|v?* zw9g%meM%4;fBm!D0{@OCC;YRD6~j%%e-$tPVq|tow^F;HP1t_LCh~)06XG*04PJ^z z8EpMUsGGqGlCW{WFMDv55~Lybjg~mnS$O#;PV1VfXG6P3xF?wbPqh5a5$~AOBfLI= z#{YqGZ0t;)+>c3OQ)ob^#+y+}%o&jwgEChUg29nB5_iId3QkkA&p3>FcPDnympW9G z|1yEDqm)lgq(xFn;9^L_C?8%ey6E zq2yDO@B-d3XG(DAn1{OWw#5F?{@&Q}|IE>Ktv#)nQ{(O(9B@<6oA{74vlh87m*b?JG5+ws-OQ6Sj zo1{23RMO?vI%Snl#&C6`Zk{YIkPSro&PAC& zif7u)te7z@XA|_dW5KewZJ7iUcrdWw#mlZuC{B;5Im6wLlc;Bg+ijkNslhjl?2v4{ zn?5Eh^vbDrC|t0p$Yi4udC_QK2GbP7hVT%ORd10&VA2E%Tk+T{0)yXOb?$1|Y9q0u z7!#YP4@LcQ5k^drit=0%g~c4G^Bsx|opo+NNwDc4nJpBzWghEA zd|CHO%u2)oazG+! z#;X-uro1gONd#1J8FK!F!xJ(fo~%#x+g6eiOzYXAaBoiurmf<3L2H~M05u`KSp4VD z&eA0A`gEpYtX6c6kfU)5_qGz~fh0=YCV(j7gwu(6sDhyvZ!WBCSvn5(nv`T*cpQq}XAtaUQaz79SiD za@Zz#Q)M_8gp z*%J%;pt4x3`F*pVjro2AJB0`Jw)jc6@(UlP3G+${nG_!eol+-Dg|4P4#;iqt%focB zdv>nW65x@=A9@%Pa2Bq2ll_EktL)}&4}bQSPTG_hdWpk&a4MxoYI#c{wN!XYEfSF? zR(MkaL0_`g4T_OujweUrBm)vIY0XEYBr^-`++j_(FD}SJ)hoK2;-7%+L_3MWl*?nH z;|}XRoJB&}@M1a}0fm@EV#XoHF*OVzmuYu^>(!jL0YUZk>RP>SFITT_(AR5KdUaJY$tx@^%gE2?O5~+wC3#t8@@!I8 zl$R4o0tqQq>gyUb+I;>-G2J^S^TFA;##&vS>hWIrT6&Ns;PA?Fbv-gzUfHO7Jhrr~ zs3aptUY=1R&nQjgW^eM=5_&`2plwo@>-npt^rlaYBCn)i1CqLu^ViGho6;e?guEY| z)bY=*qn+YXWwn}H%Ezy#$NgunbJivB1M6vI(65<@{f|Q~*g#b}SM=_BtzKQet5I3C zyRN<}miukO#0P~{UdgVGi|6tR*mY#(t}9$qUYfUA&LwbK1g8Ub4RzJAjoMoM(zJ4Y zTp}0KP_Np;qWDW2sH}JHMw%z|8G^ULs{p+ni95pY*g_-41YY_a_52aG9*gzp2L8P* zG)$V0^<2=U=fB-TW28@EeGhm`&#&By_)}Q#_;p)+73)_T_{X-=9?1cCW;24;j6lgL zEIX#xdyBVGtzdz=rczzCWV+sHl)5Di`kJL_)#?1#<#dsius5z}f3W2z`<+uS z(Wa@ARU|JhYc021*}&D-={Z*;sN#0k*X>l->-HuSq$$_dYW4U*yQo#E2@(6vXZ+q# z8yhN2CcfkaPkqhy$-8?DulfpjOqZ^|-tSgKLd*)mc)lQ#NSIXI0|Ly?S+QOsPDp zL|*1tZaKd5JCiv5aF8 z_>99`3hjtEXO=(g<9pPY)RgXl|JXy`fU&>MB*rT2_H7)#%fz>T1;y z>k9LWves~!MMY)#MH$)hl1HaQ{$KB>uHrXW(fA+%>h4VcT(4Hu)z+$2dQPuVOZmd> zbd@*x83V}*SME@nXR2u$GFV{bzr`9a+fD=cw(V5o_N5WB0pF~FXr0^4U)G@0*EQoo z+02ftOO~Kn1z`KT?G?jQgJzn0XQ?sP&-+{9UI#gfv>f8t4Pt3UNb7}lm2Gg)H`^;b zP$nXSNP|w@^|_zM8(ZIPN1{RBXj^lOs}+8abV2yzaaY1pdA>ZWOv~@r(ue)$?#Dl{ zAebd%#hkpK|3piJeEvryzW$)q)O6{{2W2}`mu*`d_MH2|iW7fa(X&o;@`Vi+Sw_=Gm(uT6tn0fJ z_UfC9cl~nmxvQ_=xqF~7C*_BjiyOZEyrnVUs=IM$q+{ZH;eY8v+=E|ee)H*J-R`x9f*FXbb`b>eUOF1e-`PR^&lY#m{{v>Ge4_vW delta 26405 zcmb@u33L?2);M0()3YU$WXMJ~!ptOu2?;m^2s=zdXeJ9JtRkCX5eM{X6jbz~Gpq(B zI#9p>qOvFk6itFCpdoR6ZeXJ5Lj;XJB?Mf0Frj<4?*FZsfYJAT=X~dXemUo+Z`X3` z)~#Drw{G1Yr%UC$ptR1IHm4A=2w?<&%Q0dw0H8DS3J0qo@%nA$n_B+J7#wMy{O$9N z|LTl*eDkWS3ls9c`8{vNKL3eH^#zY997qu$m-8Q7-~Ztkempt#k0A?-7Jc&B7gv9r z`}&BxCPl}iQ-w=UtmyY?%r`T0PoJ4``>D^zb{U$h{<-~wRhyh28~Q%qKL%NmUb~dh z{46kQ<$YiW zU*1xBq|Rz`a?u<)snn&%@tT0ugp8@Ral9fB`3mZHUovZosAY%6@gMn*{-k^`nsJF_ zUi>IFmj6e9?2fkpGCe@f#3wSPBDoY_1@BP-GAALEjo^baS(`9!Tr3|MSe)KB$8yek z4ae1ptd%vP%w-%?dqh-O(6(5h&6<{Ridu@l>t_IGArDz&`M3N;N*DmNYGsm}XaVFY znN%hYfMyQ*$y15*5@Y!Z{=E~`9#;KFYaUn3nYmbglz(gQBq(c5LX+%w%IiznJr_kh&S7@%oGkH9@C&?Te%kTB& zm11J#>?Wo*mfz(gwMip@K$%2-N}2_HO!4(O#MCPI7vZTlQ9fdQq#}6?G~3TdT**VB z@cAJ5D0xY21b;Bd)ae^(TXUhE((zh~(sut&CeFQ-&^L?hr}C z&=Irs{DXnLK+6o}?hA}D4d$w9@76;VrO*t=H(o0k9j%Vgr%Xy^8Ytiz3L{d1cI!n*1Ld3J7G7e!=0SowXuBz2w%I0VX z-t`lHn1R*sugfGpe={I=%jAXpX@C^S#Ft+QNQ_Jt44)0i4-z>!JZ0!!7?rAHxutvS zST2gAqQJGO_P&HRujl{p(UeGN>9-J;09c2QXhu8&6#glZjU#f?^!!#|Ar~%H<5OML zXz3d*xe-Qj#H&zJ3KHkYOjge)gEEawhm>!Ei&f!+YhuP!89|@SPzn8?fJH5*Yi5 zVU9nW%dVA$^?_YpWI0fueaOtoLNa|rG5n`8xil`9jp2{VBys$>2xL`g)W@`?$WE#% z6JanI|ItvN zkci&)BOntba@{stujUgZrmm`cae3cL78Jiqiv@|kWI?o=-w;&P%@^6LF?{cnWOYfd zZdov%S155S=AAzBdPx>AS?VRboYjQXCEi}D_AE_GohAwZ^09-#UODAi6NYbTFjqxo-Ta%%GI z*l7NUe6~ZAC!=qZm2J`dL7AAR7$SE0ttKlM&2N#(v?=EjqxlS315*=sPfgsS=F|Pe zTAmll`oq1Fg^!8n``%<*c^XiUlaIb$ejKZu1qzL(;OPBR_cF}uB8i`|6*BJtrJJz| zkp2OZHFJO}L5${O0%X=q3#4`Vk3KOo78geI%l+!VG^yh6kXwufPEpr*nYYTqCnxB_ zijF0gK3SJ)*M`J`4;wO&ku|9KC_kBYTRyAe^JKF5w)_|spCE@g_0w7m*>{@}(t@xZ zz?g*6FinFBKT9NQ&RXVxL=MlfGxta&er}#Vnt#T(jx)f#>s1@gulA8yb4^jBCCxLD zJL5!+9`RnXVeWib+cRK;oI4Aa;Po=G&P#G=`7@!-X85tB(i?-P<$bb}(}L)cA%edk zBIEcBhe-n|U&!U1Xa+K9`MEM4<7=hqM$P~^AIN4dg8xud{Y@s%fL1kLwpg|N?od0h z;TNQrJyDlw*KUJljQo4v@KIX6MtEzpWu z#>0MZkDwAR(DJjJh;4oe49Yy%b>>fjPMKtKdH#cdtdPi}1xs|>0)1%NaxG6zkuMg& z0#Zb-FEBIq05RM?3Tkc<$%5Ncw4(#}%^$%b-cQ!tej5`JAQx_*z2u^w?v7zCXA6;j zV8krwse&u#U0if+G;w-jmlILXSX_$7Wkro5=L_3uj3;5Ty& zWonX^ml}!XPJ`~5ZXE>~HIi+WdCY1*`KZ#uEcO#$ar_lT|Nul|uOrar`2U4O{{8zs4JW%ruC&;`z zXEO(UX<~#evN*CNiht3s;x|bV#hS{6Zy?x% zwfsxR;Z&f9g8~3DAfzx*n;qRveD~%WfYE>whF)=VCM)@sGTUvXR8iaOO#LKPWjhe?z%|W;9~6wTPasxihAc@r_+SCu$+>&Dm9!nLlzEs(LfV$$}%H3 zT~j%quDzE})kg7Ee#?os>}rpWDdt$v`~%)!Pr$A}to*wC(2#0|obEukYK_|*;!w-} zyQ~IT_|<1MDGym;IbSaisYcsRciGZrM7I!WgAYT4>SM7zW_&)>e9VW;Ua)Gm z!m|sWxsbNfheK)A@a$@#RPhZ1h?3paV}a5i>s{KrY$Ggo%Ftr>SFU;SznP9Ip-h)T zGY8&tiP2qV+nP;B>?m?~7bmigJuj=?0j+2U#^k^kmmSH{D z@z&#{>i+am+a&Wct4VuE7M_;2i9-$h?$W-DYa{t;KkZC%kJe(O)SI?91E<$e6W;D! zF_JGjN%;FSqm=w%$pRFkfMO{zuILy4x=1PY=|QO}Nan1_N_ja58LKc1T9~Iue%z_h zo?s>StW3{*I_S%oJwa9K@_YD{Rmg}MZWK%JE{61^<$<*LdqZ@37GO>h-O5be^qb7t zPmnPy4f?Uco~?B@lDk(LQu+nUJ0Dpwdjf5zCy{?Ql7lM^<5c|ZJ`hN$DLr{rQWG{s z@~=r$Y1Q2wQot}@53sgh+cn)9bPVKA=iS~LMslL{%zAx@=teHmV|dhlBhbif{cH#pJRC`XjUg$aYRhA*h|&K zUaA4m0z?qDwwyll z2Hp>Mzb}G!4Db8H?+$(r@Uj|s$pfBc;XTQ~z44cR9}muKPrqqnYGa$He-1kGEx?Ze zegOSU&>aBXRD~uJpa8&fEVXnyEE{p5WkbmsG8BiAkpUTvlIbw8oVq0r260YYNxbcc z&?vs{i!C;o6tz13uspjy5=?3(zcy$vMINGQdu3!!YC@TGUdHv9moxnaE&=8^orLW( z!c0^E1N*0vGY_OYM#7SyFfqokGAnuS+u=oLHSjyIqssPj>6^giun?E0MNORwPR4Ma z3##~9@kN{BkdiM6P=4=fRe-(!NjL9zhThh6zg4!fJD({=9#mQ0*%FJooY2er{OmId z4{|J4bU8D27Am>2R;s7ruE)1NE2bKr6;t$@muWA5=uX$Pvb&xriORrT&V@9+ILLBz zclb4^;d@Jx@R0vmahnC36ud)G16U%L|FYuhkNC?8y~HA&f>$e4KE)q6PcfmP%jv*k z(HO^Xt%i(#AbAWt?U88nx|S8CD@s<{5JARZhLZo)i~6C=Puo$ykJ}9y1G~%43zb#3 z*kO$9CChB(ooiMgV|%;7H1JSA7>?7DiW~73vwKPD?!ufF4X=?jdZL%(7XpkvL>L-d+apWhK*#r$dA5 zR@Aj?_zTeYOow`i#OE1uvkhFprIpa<+vr_iCkFj|iGW<6aRO zl$@49z>>MdQal(~>RNGUyTaVk%4B}t9>MpA{(b`WgjQL2D}ebNk;<28iR3x|(e_Bb zufNU#kMq88!}kQSc^?!%*n-S;t)I11W?twPa{@FHQ_{OQ86@#*+^|sIj8NX7mT1V+ zl*ARsL*DOk{oBI|j1a2<|14KosnDc#Prmm+?-QpfG&|})Dfv7f?W?+FIOGg3 z8Cg6Easn&9x%8)E8$f{{n%!M&AQT%|GAJa(;EE3~vAZnYdQOX-3yE6Yk_n|UOEQZG zKu?2lM=v#sX%?#Mj+|^*?~VpwWdoT7y|O@vygJ#T+1 ztR{&70|BU%?|~;`SunELQnpxWOC`@fss{69l}Oi~FCq8b4ASuEC|1Xx3lRR%_@zp| zMSRa=Wpw;Ufdi`ys{mINaD9rbCMrf1KVG()F&ELgcoiP9xXQ`}g-rkWjQ>>Oj0064 zwyQxJ>JqhWE6l-iOxGm_~`saBYmOha>7ijM;K})@7 z5tCy?rj9p4XG)6>RK@ft9tZ6ti|>Xy+bcjGbIj4V%eg1gKrK+7Y}C=y_GL#t!}*B8 z8P9y+CHc-WW~)rrJLjc58bIdpEy`zVM2oAC`erVTGeptsvErnnps?5btY|^qTfS!qR`G{|Rb4ybhdOJ-y-?ET)tf9(avzkOF;;wneO5IYppe=8zGWDzMG&|YCi*WKJbKUmB12Lt~sA8kiDR{p}8??ui2 z^CEJc@Sqqg?|2Oo0`>YsvpJUkAhd;>LM*({we>#A#D@QsiObTRH<|E>W^Pe86P~K?JQJte&SD+>BEPpICHh(3k{9g&$rJS1t z9|3}YY;pGt^-S0!Ri+e~nlK;0u{@=!Ul$3Cjco`6n>?Y0u zaV3iGwizs-n2$cdXy(C_DlS#pqHd+73Vkc!{{W!7VGTU#4)`KGDW&1X_}?Ibul2)Urm44wQq|nR))j~JwJiT|@Sl!Dd4N0sXM%qoS^?*MBJV6+$JtIK zEnB!u7GCmihb{1St`^)shesNhB|+M=epfMajpj-?eXS&vfCZM^YUZ9QmW3-I85LT4 z39RbilOd~=lw8RM}%PiP$F1Po3=CLv``WJr!^EtzQv0nCf%Ht z!R*vRbl1qS+<+U^?`JGl#XkAH4S~8Dg_Ku007N z9??G9K0{=4QbYwRzfz4^zAaQy-I59gQ%k7z_%xKuY}a_O=1hBPS>F<)9c6qBO%1Vs zoHE*Oti(e`S2F#3SEB5Kmiik*GQ$B~ZL!^_ zTbBQ|`*fRd7o)+zo#j|o>3elbaBUZab{|y|uO6mAVhhWIhj~Fw;-E!VDbt>u)mfb}%~BJROxcz}WrM z3{gYd+1`<%?ec_(^IM@gzT3x78~m-iLE+f=Ql*{Qbi>b|^Th7LsxJnBXpTH}2g~yR z7D?jM4S=i`$!AZ`N{Qqj3%uWf?)a;>pXG~0GR9Q~<&g^X0jFoOb^B)hG`NTR)3}3L zgLYV%0YOr=V-6Dtkk59^U>x&_$!$w|C2*+nfPHStfl5!i1+FT>M*WugWUbr6R0qiG zZX2^WKqPkwGd4gB`j<%ZpT8SOp9+wJ z&!;m3tI3DYUx17l@#w+5OK~iv{wlzm03QQfSwPbF4`oKkWXAr(%#YI61M8U|Hj<48 z3YkYG^2vd86}~+*BEKCN#Y~pSfEPA0T8T8gz%f4uiSLCH23*11i)Q99NczQ9iT?;9 zJU!%qxMTcfS!B;j39^uIDs0xb`V8U8gNS^9Do^X3Bb)XN5V-{d0=FBbuFhmZJP9s$TCAIX1Z3?Th| zu&93cRH7RhrVrOP+W&9}wgv@4vbT zkkcX=@Y+*=tQX1KuWbZmyhymZ2LWM3(pen+)`RM!g5@wtddH?7lW{O12 zujlHAOIr4i_CGJ^NcFL_lv{!`MK%)gkILDc!H)Q385!yGX}C;2HYXGDmt~w`u&)WxIEE=a217(g#kC4(LFd60+s1O8Cn z<3V!%jocI_hzvkh@ppntg2eEq$${ZWt8gK+l^?c-R$k>tX2jnT!teJx)wU*+-C!?l zn!ZfIGm7a8F@L9D---G~wb0TJ`&C^QyPDh2p?>8&js(_jvGQr5+SC1o3f)(<)LMUk zZY`(k(l0~(4EB>DBYbkGOo0QMi#q?c$d1V1vEoB`!ZkI2Ptati4WbFt7g7R){0e2{ zS6_>o5#OtsuV{&h;S!x_akxYue=|E0N}?I;*C?SBdx;GTD1P zE%u#2xH#%A{uV^693R7Co_I<02?GdqlMkHnAx@Wv%kml!9_`C&--nFmtBwZRi|@MW zIOD>3_xPMQ^N!zWqdTwCSAfD4zwM^z?3T`SU!gkUs|@>m`(0t_DEJ=(r0zsYY;=Gw zTVC}@Xph~3`Sm_>;l$9a5B$buI9t;?_QY9HXEL2I*x9ao@5lVlzGPk#qimt9?SiY_ zley5P`7i-b<|REJs-tc-*ax2Y&)umf!Zr5$NZrYmEaLBxkDA{~$AERoq~z_D3d}Dg z_rB4adE7_Nzg?Mz_#vQ&8^z;_XxQ^^cxU23v5O%hps@-n4u^#ZR9fL9KQ@A`$X5n? zZdoi8{oIRqERiXv@`0~9FR4CdgL1L|Rc;NGI~pWcPEG5D_}$XL6UNmyx;Q<=6ioi5 zO*4S04bpn?_;fS(_sOC4lCPVF!iC7w;CF)}ik_^ffR!Ia1c7X1K=V*wduNA+x>qIPX<+W1GN_3~GV0x-bcL;Y_l)*2 z`M$I-S|p*3OnPrDeur#$Z$6VNyY(u}fqc}mdyWb}2-qi*`>YBV0``*RPElhEU^S9^ z3Sfzn;PKN4g&QJPw;+DGCSp)9Nk)d*J{x@rNxQLGX7{8m3!oLCbp3nVb zG@b?64xf8W44whla-Vx!3|<7-aG%>3gRKh0C%9XcIMqE{kE0WV!lQD}LBPQFb+3E1 z9%n(`?f;c`&g(v|$GJeS+3UWn$N3QmF2%zFck_B|c31SmEM!-E-BvwLa#!`j2Fi!m zy{%VBbd$X9^S$r@NV9m|npiv!FywXHWAUPN1be`r+aUFn-mtb{r-lf?kJB9rzSS=q z6ujh996`o_iLF&^QS)a5L%4_%R@n==soZs;K_<>cOITT0 z0s$_Ia??~fG;ZOr1+Ff8XrTfe-&UDe7Uy!E!Z_Fit=F3JaBZisRxap=A*7Mwt7SY^ zgs4Ost=1{jg#5UDZ~DPxK_?r!O};a?ll_aQ#6lp0r0l9%QOFsyq4fHAK2D zv|C47P1!}P2NrD}yv1pEOtHchjYJvk6oyEP>}SRG`tQXhu7XiCWhLBv7HF`k814o- zg?~uL;mjvcS-`Dfl;;IarvPD-hwsRAT!+O2ncr!Br`^mA2|3cK9-V=4v>b~o-4_bS z#I*+FjbO}9xONK%7f_)NmLiMeO%%(OX!s|^#)rJ2Jq3L#XzV`eoB+D|W4%hB0J@<_ zF*12+qyvTxYSUp-^FM_=_VG78_J2lp$bvgaBRj%|-M|iE!cH!yRK;!L5^e@5m7GBR zvwG->74&3v@Hkiq*Dk)(g@&6~je=S9kcc^C?r7<>zf?GiQ#m{aWNtFS3F@`bF;LB2 zXe}#xp$iRFda%}-Kd}hqp1pWzVrvUBCW|1~g$&^fm8@_qaw0T5H;}+96xUiAyXp#~+%e(T zR?H26>-?bL@{=*AXECM#*>*Y~w~$Xy_i+S;AANDa`i(%VRG{#yAHq0GdWD=>XCO{0 z+mA99CMR(TBF+g41~4LjXbE35X>DJC$)Ws2*Lo3|$e9^`DH)@!UW= z-VV}KUhL5HA9nr#`F7Twu$-;)6YkapfK2m~+FPdq(jQ{&Z><94S0A~5c0;r*Y=y`* z8bJsr(Me=ViNPcb|LhKC3kvzi>BLln>*B_89u#unsC~w%%eh%db(|!9o=Nt8UN(EM zxBujvyN`A~;)wrd5KJybEwfF<_mc9AOsybP1{jDWK-)67JX5DI)gMkBA4sKlt&kGy zA7f8~+pqB~HY(>Eittd13&NlPDQYnctoJ%W7kk}wD4Ye>S^&-gC>JU;XF)cd02koh zMYgo0npFH-!EhrH0otg}hPE+>I^ps@oZ8_hXIheCs=WH{&>LFy9O-HqomJ{(cE=SR zD8wxcU*^Nl;31eW&*0Gv`JtT-h~CQZ){|sb>#W$!Nl0%1U`ml`&SHkwoh01n7Uma` ztol5YF;60<|Kugg!l`akDy)mTGNjj(k>&p}#LL0~QDF;j``ww7$#bEMO@GVSu!wx| z9~0~u_lQX_!EeN_>dJ`fCrg?vOcqf_5_he=Cov1KHg7SR_ES~@T+>64R-WbMLT&4M zaag6Q4Q|Ux%}*IH=z38W4oVr1yj;jO;f%#AI^YbgxGC$|#pH{h27%tdF_HZ_ACSco z8Ta!b2I8vk`FRw)=St+2pA8HYJo9srLKXy)aH*fNOqPWo$@ojXA>}J_+ogfS*5v_-1rqxgIjt&1 z`sz}$^s+hLB;61p)mZA#f{gu8NAW+``4O`I6Z{{^nK}j}zV|<8E$T3-UV?y>U*Wvn zQ899Lu&20b!<6}40G$=-g=5B2W7&;~gZga~trncq8zK}$5_e@1GbTvpT`{X@|AtN? zPh8o?O2Rh*V!E0|rC4(HBY3|(KoWn+r|(mKSq1OKe)7pLZ_JW}TEDV;d%M}>WN=V} z%;I1wWCK(H+z+rDfC@^>Xc5&qgpqS7u&4q2btu0IARFX-Y9aahR}O6NIpKI&e^?i3 zQD}bL%Csa&DDZbn>?-0P@Ah^8@8Qh;Ju)}^nYsJ7Yrr@hvRuE%N6^l8tNyFM7Xih4 z;cU{`t*=yo-O_mVcN59wO|;4Xxxi9>6szRpCGrAqFiCrH z`BoxVJZX@3M~}P@B*@Dph1W(vZ*#olv1=uOuwL@nwIs%Uid?!jjSUDZy=2TE`H=CN zNFD?vAdK>ox<6J!$~2K!I>!MrSS0s%S^()Sl7pS27_Urz?968_g8#D1%DgR;d0iIf zfJ~n18pJ#at`~T$02e1b=E@}f`XFY4Os2piM<$P5pRzO{d?D_ITiJjxOX_HFnG75r z77z@QYM{{i*C>Oa@T){8eOPb?&?ks&u~L)1MKmxs6geQw2}RxBIGo{@pwKFjdqhJ# z|F=-XpzvlmBk*4t&w}Gs$V$-${%UvxVSx#=K%&K@_;LT0eP@{9jNsqvfqRg$@cw_* z7!uC7{9hT#64@_K(Rjj9o_?Yi6CLCJW(Wm^Z{Wz^b2%M;ETW8xBh!v)gguO4dMKp2 zr#PBIb;4r&@A9vQLSuWDf9Xc~Y?uM+V-bIo_ZRU3q zOePV&N22?8cZp6YNZRU~!h($#AV2wv067~Vx&A?bycHk|{JDS}2#}}zqX1bCu4?}X zK$ZrGCXfe6X@HCiEC(b$Kwb%K1LPw=DGKfYUGQ~4`ufQZDGQJYKWUbR0`i-W zh!Sn$D{wE!qjW*x4VcDZG1Bv#Dk$uO1aLEC0s3S&3gsX0kt;G~;8x%EEbs{gg|WV4 zbMSf$*u!4;j~IW!=%>2hVBq`@>MFW@4EPm*DbZb|z~4nc#qMo(y9Fo4Grpb&II5}R zMfWTgPlGD)qWcvV+nC>F_jMLqn6G8GS&7FmZ_4haN_c-xcJEZ;5oEJp?=I70o%`Q6Zne!VQy#z@^KDZmQ2qV7LCpjSY+ z(ycS$lG)_Q*&Ka9_zY6R1ZiF3dO1BNAROzVUb&>#%058n`5?*vYFZ+!aDSnLhGHwQ z@|>K`%ng!LUzr^NVPcQ!amTW6nwI?`ni~y(aGOjM*Uy$#r8oM7b}7?FZ~9-8j5chd zDc?!h)QjtD^9kQbCN8}!)kagllrrqE=U~`d@0U_QV9tfIu>EG5oz@AJYcfeuJ&tO) zB_K!vFbhrCNH1{oR-f=HdGhPz#BA8W!KAaEh20V97;7%PubN6uer<3(1&4Zr{ZH={ zCGvjY#(e`VsE3H#R9iJfv#LXPB*>Ipinb=-Rlu`2d2#Yx7@lYg+J!@D45X#rrPxY+ z)0p6AfcqtIUOIHTgUw^M`Gj%72pa=-t4|n7Bh`y|9vqb9O4Z-XK1>NcrxZ8HR3VfJA(Aix#RqJQF%OlN5eqjtvMI z;VAKt>yKuTvTxEMIkHFcDoB2FPaLkrg95@*pY$C$L@u*@dxgv z1l+q{mtdE^Z=^|G!X`<a9Y2^!Oe~QF~w_>MYhHzS}Iwt4g#hoR$JhFU+h;Fg`V!nWc*Ch zUSC8T_9W@jYxi6pff#PYyPG$I!!qDLm5dAVc{fhMeWMopRBgz>wrO`FzQa8*1rNh{ z?!_ti4jkkDI0feX|7~fysHlsoaNT0;#=a}fi*RD|tO>;vWS6Haw zl3|GNcYD+EVCIt7o!b|uGhch%Wqt9u{$0XDP;syK#y~eWSPNyr{1#OLigyXmL%z#h z-xp`FUBY3X`&?iAw&Mj~c!UOapqL}qhxXCsM18rI)32IgW}7Njm77(qu2scmrpaa3 zS#}mOa4IhZwQX6&!QIhTCo-Jw&}5wMP@zp+jc7)yTIA8FSc13Gk$p~F$Kk8R2sM=R zjK<{`yJ#vARh*^)>`twYb2%%K7lp4xL zb#1If{9u2S$D%=oBjO+kw{$MF!t8Q-@h+On?siN7j%JH7zKsCuy^5WK8a5X8JrJ^?0Q$OmSZ|;R&`xFT*?JXQ3eCV^B<6v--PMS|G|Z9AglV z3i9uj&q6TRaMb*VLJ#fW!J-}nvn=>=yJ9D{G=pHGME8Rk*f9Fv;ssb&{+uT9-1!DP zAgYzKEA6n5&tf6a>PI<@8G-*yF|AEM8D+3JDekyTe9PUPV3ITZAE&4cCjMo{={Q_n zSdID}5##koM2-HPYG*Ybc|?ph;1Nf}2vCJYNRI{3qa&gYF|V=%BU@BgH{g7+9|Cu5 zHO@fWWZ^y$5A(D${5z-Ktjok!2IsgvS-3Cznjab6@%?dTidt^G923bm(nTB@mT~ay z8^VV>g|47`8sx)~r0XsBBmMEv_}RfMF&^Qef3!FL!aNBJ_>+9&o9Fvu4o83GYrL!j z_w_&GLM#2CY?#&81MVr=IE`r!xbM!!Nse9MJbc~a;+}vdzy|l|Il;`5avo`oHihf7 z$hz>Mt(WZxgB$zbqOQ)~%w*wyBbFt&*e++)5wWu3h&azxBhH5SptxsFi$yN&jw7PM zbwo^aVg7OHgq`&yA)D#_jsd$~fZ(n5Vnf9XVx4Qf7^rx^gQ;a4{2zf4%hrqgD&L2I z%Jt%!Lg3n(hl*G@sav>8<+t@Tbk7%6y@L+jp~+G3s=Bx6faGc zg;BD(EzdqJRK^5l3@slu)YfBjLMziRwT;&74XFt&^xR+JTf>8S!&|iz(MJu)tZBmi zv~9Sbx(ypb^soh1l3p_EX9l0@d{ani!>d!RMH2dfYwQwcyRJQ8uczyjB;4cPo{Rep znHQw$r~Z@As+6&WTDvoYc5!DU}xwD;&GPe zeO9TF~y(qQ(WrsgLd2TP1;?9WKT~B7^WDD>w`qo0qsB8;DCB_B(E>Ukm~D zlY~{l?V=7Nb9sx>BO(x2cDyDyVwztVKo?xpodOy3wq>tNm9tBF?Bu)gqklYv7N&$TrbT+v$9yL#0l;|4LZ*LE?YSFifGI)+a>`IXqI z|M&_jim1i>1qt@nB@wlnLkJevm>}f2piz9WBYHUvY2Ges>NQPo0anyir^Tc? zST7GkHB76ix5{vIg(^>$ao}Y2y?hm-`Wmp=@NH!}+wi(a9*-}mc79Y(`%mA_H8Gj{ z8Y*BohRdH`QChXGkFKb!8W&L7O;cYD(PH>^?>Ftr=T3N-n8+_LLYo&w{a*F6Z#jUI zJuRv>;AN_!jV4~~P#rsbRfRgzP=mGsn$fHQIcPYPJ-bO&M03~%oGV{n` zF^Vr~f5vw{{2G0O*i)GHR`~rIS@=ydH|&Ml@KKq0c2ic-_wCfMk-$GxRd3-P1&S8; z7q?)8yYm*D#q>z;-Rki+Fs!0oA0GDK3_ZIYi|P~NW#p}`x)o*;`mw?@+XJhKXgWUDk2IX z(6|E1ObDgD?G)`Jm+9*lPSzX1FwbVby?t_wLD_b@4Q1axS<|HCbOwbB#z!-BXRhgc z@$ULb9lfh3btLb7$>CW7e%;%EtKYgLkRJp)1rP&jTpb?CC?K0Mlfj&oI$eGV45T>WL()?kqtz-_qA6QyXmsD z)o(T21{?0btkH%#SGH-K?KPLmQ-w}c4TAaP^h&YSXh%*(iNvx|8 zE6JMrp(U{XVLbSV_#Ny+7l0`pJ}sVgZiS=Ah$I&y}F6W}$ zcg)2{M9Y>VV(yyL9h26S!;L@Ky-+t3()7K+npjig5H)ywt@ARP3g)rc={zFx0KYgV zx>T?X4m*VT-@U_L8O)V;cHU3NZmCFh>lP^rhC95SO2T=O9zHI>ik7lep_vI=!e@Zz z0L}r70+lUDZ-Y)!FD+fyIi$!96h2greUiWeDwcC_$bBnXkFt! zyBRnH&piM)HMXnwqmMg^QNIngD33NU08Ddi*x`g;1t4neq-?iEnLwo$g1xu!bO%#WBgR(3NI@eT zE4bQ?@X`G9Uhd_XPfvGPF$c3m5~96U=;{1GP*6&6K?IYZ1;-HwpL3%Khe;W`BC^ZpvK zV!tH(AkvMv5;o$G8rW8Bp4(a@#;uvzW~pb)m967W3<9CjzFG!DQdsfuL zE@p$9ZMGXPY+>LFtj!OP-(mx1fAHrN!%p?!5zz!4br{w_Q~S`)EmUKhK}V~Oh%+!1 zbQx9|rn!t@CM|-3l^~Idz3DcXBm0hs75h$$Bj7m{z_JhTazX9cT<$x?AoP{{XfKb5 zRr@dm$%Ok|BSx%YfSqDSQ%@%?RpR$xHN49aTm^BT<99&;5Gm}9{>eL|KrwEZiWtc< z)z;MjRRHlISGx55sYC^jDme|;i%SENTfL4cb(7Y>()R?sJ>adIBb481qQx>y}q3@c|HHycX5<<1^~%lrNgrxND|ZP(hW$&+(I z^VTk{5v77`5EE6o8SZCC;C^=$NaI2Cnq2#LobGtEvb@u3I3jLd1Rp*Z)`+gcQ?7%x zr$F~^5%Wv6o=(`)4{k)JiygHS55jH!v+}{(V&Fap+T1Q{yY}99u(l93Ex0+C>2N!I zL16D3BkNT7z;ec(NS zJ*!k6Pz#|$d_y3w7J@lIxZJ%A$6En}J?b;SQ*%R!!12LIagV~6-Ny5C~#SSIdz(YfCGlM~4pfBqBh56l^8l2N3mb&xD;dHlt9FC1Y zAJotbdGKVmf%2UIhz(_19LN8X^9$re-n8ulk?>tEEWfM^?iE~c#7A+!bds$`Omt%S zg!H%<*J><5;kh6-G>Upxqo}KF6l1OM%NZ4t@Qb)GnaR{PpoT5}PLIpq$zSZi8MsIb z#wfMqQ3IqocuDv?(9=5Ge}XPhUBJkV(@R~Q&Ja-?;kujC*f2lV7jMuO_i^DY6})Bp z)Ww)r`7GVt)7%M*9Do&oZrhvT`9IT1_N4+H#|=Wt5TPHvHwf+QCiFr#A!Ju*nvSW! zAsJ;uM$}J&ZJM4~LPlprqzPEdfG;)#pEoEJc-i`;J?p}TArQFw7X z608w%lU;sqC%(G0z(9}w&e};aB?ee8=zDYqq&Of+S7PZ-ilIra+DSc?1Oc$M34R4Y3Oxb}Z(iDZa@p2O! z25iSygS+`00DsI8_U>(}Tgz<`2ZM{pq$=l4+R$m;6R)bP*1$3nuZ5putnYkeJ9uT@ z5LM2EwlI!z_ktt8oL6b+%BO7os)LEGdn5=yzoKY^cu1Jt>qKW!lqrLf6il|Z1!pI;g0oklIz-P+lJGCTs;%ey^L}QhVi%)})D>QV zpQLL`PKjuU@l|`az`-p7j(wP$-PEgyfm}sls%~X-FEy;kf`h7`B@MQFd zMTE3W8!}C^=T^-+1Koxk$Ycc;V6IF-8up1 z;3MuJeSGZBF2Vy7fF z=qSS3P;*?=Sar2iVW-ZOc7nFvdxh1iUC0ba`EAo%8pV86kk%*;MUh)za>iJiuVAhb zepKMJsB;zrW^p12(M{M<3t_5ohT7YFC9>qSSg|)A)cFM6eMnbhJ8?~M)+iLGZ8AIE4ijnBtQMv@JFSNE^?9eSKzaFeY9wri)SQ1}b!ojgH zBPi^a=^ZxVbNl`bg+oJe**Qq2Ud(MW@2YCH3or(9gy@04Z-klL4$A_fTlRw^Eq-<+h0?rQdvMA{CErmUmA3(ZC3DbC|wp^ z#EwXp`BBC^z7@Jq86O%7d$3Wgu%bapO^TsOO`vxw^{#t)2Y9K#tHr^1%tBvvD30wE zBlfOIz9?q8YK}%;Rl)$wsH5CRZV3n?{L)N7cvFV+wPq?D2k0*PMIZ*OPPi178^sbd z2iQf2ayZQ{LkhDca#tdip`N;@w7U=0BR*ZigNgszHJpb*ZYh%HR+w?<&>T*)6J;T*~iCWChNKLtOrpdVb1v!hxOuaIb^pWDFMMw#G)j}!Y8;U*K z-VBTCWxIR9Bzy)Ra1XTMWW2*Y$%gwe4-9nQW5Xkomj=PVm%(~wqrqJBBqjWW#Xmv{ zKF8f;!wJme1K<4GhWCK+Agd;`o_JI{iI%1R_n>T!?lzi9sOi{1_tsL(rPdD&?>O)? z1M2uyiQv*$%PpyYz%B}x-G7wgY*rM$klltdY>1p1Z0>sGK3p3Ro^zL$;mMG-O?K}o z!|4;_gWx-dj733wD8j>{@L>n{vvKh8az#LRFStn@T(O~DVSsl8wnCc?gnm587_bp? z^lREBVTW5TgWbQ)oiQ0tieDXE!==?m!z3NR_1>1W9X61l`?1M*4l_OIK0g`1fFE%? zrr`06IpA)dg2&+F?%))B0DIi~%5lOlztAPmZdX4$u|2nr`uH*3wPL7hUK6&S?0Hl3 zFL2Xoag;|NG24B$9BwVAObKs%HR9dY!Ek1@S0KK@ol}APtF5*OPrP=#`?d-&#EYQ6 zufgvq&9h$Y(8kgTrH!%*PDTOY8`;tj;i-%qT)NC$+f*ZJrWV0rw!G6~itxOmiSTIP z+Ip+M|CAz7JxGlm0(G7MhZVhFp%>cEg3kh`?IW&wV;QUzrjXXm0q+Dzp+9^E>x4AM zK~-rEO-lDBm)W?zlV$^ek%bu8Rpa#$Nt%?{1`L;Ye_Vs5MX|;I2VCB1ikh$G;O1+& zsA$VXS5YlAb05Uiz$tt0q)8ze@r`f8F_7-*VGmd&*kL)S8Q#mWLi29JrwzLc@o)M8 zZ$35^Z^Mqlrd(5+iwzkK>2T_|SAtidGHE;Fe>hIf3-+dYf%tRBF?GOo>wm=V$Y+#$ zdKGCK7*j^k7XLL*YC{$5cN|M!jC6cR}^ycyDxLFgg z?-h$QYON|l8OiDtQA{+BLGJzY@av9=@GF_)0Y(4}0>}hN0*D6C03ZOdM4|Z|;1WO^ zz-(Eyraa9J^ccx})_fJ*=u0KNqH1mGQjHv#Ga4g%}}*beX{z*>NZ0jdD*1Xutt z6QB%W0>CH$3qXH>bbtf^9e@fTI0=5u96CgIQo7!LM)!X5czV zhX>7M)JJKy@#Y%V#U@0_(LmcB#E40a&kr| zXLdORr>a=5E6U8vF&5`!BP&+3t1IZPYI1{at|7CkTy0U|-pryEUDwtavvs?7=;;O< z`5>SZ*GH#;VK=>I!}TwXwd8HO$xdQYR&Rgp7;1KHjd#=%J2B_E1>VIO-44O>znf#I z9P_s_KY@p9NNJfZnu+(4nM8K2s zb%BbI&@g5A`r#S}(fR~>Fkyjfc}fT7`wn_pAe*H9Sne~>yT~<@$S1t*c%@{Bmzev8 zU;<>6hiJbKJ4u2~e7N65cuBlo;2IqQyN9z|5b`;bg%hwruC{`+B)OIvttJ~)xk+90s$`1RXh6OnR`zMa@(CCPg$(CA#Qpws?f`zI;%RL=iKJ{3!IWecYHuQ^w@=`u(;s7B zNAyFyiI|8e7C(G4l_HAYsEAR4m>@Qw6r!Im;x2DY<7nAIVx`v(;##k5Eo6)2i%M!o zq>gs{yAs{k$6nb_fqINRKY|i;W_KWb@)8=89h0zKaQAn$hxI*OX#} zm1S3zxBix17T*)zyZ-Kw``(#@5vN|tNS>`@E3?l3Jg2*{@5=kC+!rn#{j{Yk_G;(W zikP>$$C59mo*syk|B|IMT0G|Nq&}r~Ur=7pf!K3yAuT`5F#h7n)LzT+sr;|L{5|{P zv3YG|*3hw}^y$yuTbLfWVlbTi<7x38pTmtkOo!UYUP)*5a9}%$C&xQ*DXzMMMEhgc K7EuN>C&|AUy^nwZ diff --git a/core/embed/firmware/bootloaders/bootloader_T2B1_qa.bin b/core/embed/firmware/bootloaders/bootloader_T2B1_qa.bin new file mode 100644 index 0000000000000000000000000000000000000000..1cfee2942276e31ac75104a45de7cda8505b7c16 GIT binary patch literal 99328 zcmeFaX?Rpc)&P9>dwWTDC!IYZ>2xQM5Y((}0qJx)7m|*IRZ&p0fOdiln~F1x1cHKq z3h4kzcLGS%37}(y$;_bRfPy-sGH)U}!wfKjjKRW93+CNr!zc{HG5A-9V+2lM1Vk6)*s|3SnOL|k-zH9KKlMPS zto~&GnnX)XvF@Jtmrp#gymjLn-(En~{_o%aQQ-e5@c#=1$ikc%(yh9Z;q3XJRsQ~8 zQ_5TV3NxDyHyrKU9k=NHXU6_J_MZ2iUp97ol{S6fH!9cf4{|H8MIRn2eSZnnu;D(R zq{FP3;kAbe?(S}aduLrBMDd^V`{Z=6UNHQrIyYS)xJTgkCj97s5!`L?+XcT1@cXH{ z|6k;%efrbwJ_uzx;Wq@o;)?|L4E+8ZE}uaDm`en=41PaUZkJ4OCGh*9yq`+DsaGoR za=g-EHP`VvUek`HBseo&>@rng zz3FOqyO$zySHfY!#d#A+#&w|=&zUb%$u^lvV4Ant)Tb~uO%5ZU-IkA~+*eK){gn15^>YB3c zaZo2U%VE9C+U_95oT7WIxE&WKW^WL3Z18Pi8^*XPSG_QCqTUnUG~ON$<VN#Jw%+26jNuG#(7CQ-LCt&pg#<^x~5ismixojgRX3g3p za8!Yv6!UWHg{)FzQ{=uCc1--%z=>1S>x8M}pBD1-RpQi=r-g5$CqvG}EJ&TH+M^OD zjoS>E(0iixO#v*gg-7q(AWWOEMaavWV&}wZvtssb5w1nyVt)2iJB#wl2=QtJB zOMt$J1-Wr8^}?i?I&sp?&k6+vCcw;Rh-#?=3{>JYz}A<5(h30EX=RWCFbndyMtw^P z;QDR2v1NlWIbA1Cp8YKJ3#B0{Po4!SshglzWMgE@R_M7IFuN8(w*bcDMliS*g;Es? z12^+-rW<2h!hympV0+c50=)7v*%q}}P+DNu?%N9eL)4vYuNMj&h_W&JAa8t~P>}g7 zw4f6U6dXoqTcGrb-J=OoHB6!ER-lMloL0IOD2k|^579xlqC^mOF8K6)dXEjfVR;JZPntW@mqnm5f`!J z+j-2eex7db{a>hR5C5Y+dApPLJo%gZ-&l3!p=oiaFD{;Xt^CCR4~##-1G+H=xHxfQ zfDaml4{C8T^emJQkP_sBp(Vfr#DTCD;5Se!lmlEN;z4{%EO0=jaDYV|7>^`oszcRM zV2|3jErbVCOA!y^_G!eanMl3^JeYa|52glrpbPRKT;ahspq@sY=Gb-v4%x)9oG{|jx&MkM92A+(M8 zQQAhg#Qi93!+wCa;XjMEh9GUDeim)@LE375fVS~Jo3_RvZ6kkxwwj-$ts#WA5kE=W zun^knf0VXSE%84}+qfT~t@dZpHabY#n4d-4@E~oCKR{dE&!%l`khW-64ujb*Fn0vx zHs&X38y-U2sGp>*CWN-pKT2C;i|$8htN#Jo#{MkYMg(bV_*t}#57IX72WYFz6F+NC zhz!y;<_F}~@RPLFhR`PKm-`2pHS{4Cmr2WhMOS+tD|(l+b| zXsgKb&!TN~khZZuK-=h_q-{h9ZR38DwlN{J)&3}LbuE!UN?XGZ&{p%aXd54-t^Q}x z))=I1_z%!lq4&?CZB&r9;Xgpz_@AV0TnKF={|jvc`dV}dZFN6NTTP4cM`;`L1GEkM zS+tD}(l+8}(N-Izt^NmS8->ykZ9((O%lkn+p@eP$-7dipq-~T!ThPXlh8xs_!xY*E z^u zHIb&ZP534f?GX&_5nbA7k9P+&9?+*j12)*B-St91{~FQ04E9KOK!?xI4_9^(Xb%zR z4%M|#dVY4|PRJ?LiBo5n3)v}1Yah4sPGvtb7IN~l%LQ+E!Vb{rtU7nf&T=8kL^qG$ zvBDm1PlMEnSvY9N<$`1&n@u~AjvUj3i<1jCfM!T2yN@x@yUDh4A;%nUPj85ITXq`l zoO^?imraV_7!h<>*~Xc7YMO!8pk03xp@Dr!4(ysH%`AtUB$rBL$y8Upkds?3TrpXg`W~X`~|qH+8)E zrSx1t-@d80uc%92u_Mj#7q6AsZKHTSAH^p)ab^FCd9%3qk1z{)e-6)yD$FR|J8Y?~ zsQl5%fp#= z%l%rw1P@}O156$q_%19H@9$eATc@AzArX%C0UY}}lN@3E+7xOOFH&kAh3t_q3CkuxMXZBWj+|^D`uE)5DGOBc_wFma6L7A}>Z(R{Hr$OMvHh`#W#6zeqw5f27Vt{`rn52LrN;x2Gubo2+ob-*=0D&TEK1VL*Z8 zAk`v(0=M)}<+Gu*zt8E%(*M(K<};M9$Nkvk*yFg#YWut=CCLA*&P2y^3U#oQ2?}k( z6zGUH>Y=csSr+_I2J{h=*7jR1sVdvounbOg@0;lHCSJSm}c) z*LpDN_dYBIji6uqEs$eb`dyjsl*v&U`RzQCQ_m;4_aXcb{E!U`OFi1r%ujJ#kfjbp z%N=|QKfyc}WFcGWZyHEy!(fgBcct)7po3A`HkkGbo_dHUCOjjP*64pYQwZqa2l8A# z3-GA+XQj;HN$I4FTXL6LpwHRCK2L)_KP02FQ~Ggpn3u#+eC7aU4in*|1LB1PHkdt7 zY}&wGAQdP!X`odmvxrPpSBCQ4Ibh0%6f2(h?;~&aAh}Iy9|JtG4vsm9%D*@;=Aglh zY(3+$^7qfX0AERk zj|p-hyiG3PbNJITR)@In@4H(WXPRIi@h-JA=+~mwHjIqRn9*^magvn|XHn%gXMH8` zc>M>?la7gokYc5PFscBxv}D$^JK-1oK;JI z_M_2^`g9BMG#P$ur*^b0%yObvo2zlwS38_1t8bhO)Y2h8*>Sf_`2skyA#(@d2sMhT zzuVf*U=7qBlAEI)r+aaO+J%js?Mro~2?ZGlJY0gH%li<|52+v}t z0seZN;qdpIGXnl5)EH5EO(aUMi9+c$(I~w(2Bp`=qV(E0_^aD}t~MU!EKfi=%PEwz zJQ4n$TRz5>;Gtb=59uO3GcvVj@mA8Ea`;eel#C~k@Y`kU@76V@yo@)F@o=t0kH$rL zRIYdr>x%Ort7}Zth2AL3gyquDZNT@kq+L%6w=UG~Qnl*sn+00OiMN6c6vtUH`;N`Rtqx8sSoWllJvVumrZw9B z6qI0EX{8K7Fk;T_PYJgcYj$yBzLRT>wbu!>iiP|sU^5~~Ow65ACrl~PiYp)3BIL}| ziBlfhE=;N6#3{2_an=2sg{ie$gq4-g3c2&OV)hcG!9ae=v%;#Xa$(9cR?NAB1K3lR zLCIMN3uYHsA(t`Y>ieDqcXKLWtuNaRt+&|2TW_{Uw5HpQt-rBHwr1F)TF2X?TQlu3tyjtL8m(doZSi>IwQwINDyb_#Qj>&R)JLGAb0hGN`-^u)e9Vl zgY4A{8V&9_SG(NGxNyKFVfk_^3o%veVu*1N)3kaZrh-^l>p6&x;b{+^OS`z^lxLHS zouH26xsgq={+O|iG>gq?0+O|i_g?P)jm19?#R&SCG7gHWFKU)15Kzjhvi)QF1>M$MDdq|~= z&~1YLY?8?nJuAOhbrDJ%FJ5}&vq#&Ybev_AoRS4$(I(jpVJv*7p%A{uLYM&G87PGB z@mUODKOrkYy-B`FiJNvLXgA3>EAiC21Zd}$EEdXSDP^*iczOpalLK*-pPR)&ex8z_ z4{^Y?HbD#R*Fc+2XlMB*IT>)Z?ARoatJ@@Jc5IR-Ds`sKLG>qPsi6L3rT!F%BiK_> z2zdornSj~!tV~F|H7gTRW@M2bYi7z>wMX5I7kE?;OEU<kgm7k@Aqn7z?lYy>?e(mA5} zX`EnZuUO!8Kv-1K=-dWjeZ|Ml4e6sR(!0mdzy>fTW_K^Jg%D(}w*Yi(RYHOowL+S@{ z54LZ!RV~&T%^(L0X$M^qst>EBbm+|rg(t>N)hJIGMykZ;sdyRpO*)H*Y(2H zo!0O5scu0T>Qj)T9;HPpq))q{Pbjr+K1v*MaDc(b&Q zXDZ5^;~j|!l-PiHZ?jcA;~ZDIFo6~qEK8Ht**8^u=tQ}@P;T)%6=5~k^Qg+Qn(KMR zmCuCaZL0h*B=4Qdu-bVEgt(vz+O$(uCAEv=NwML^p5DhenD0pZs{^Q~fqCqoem^_x z_ml8rkv{igN2f!zBf)7=^k1VBb4BtW_2L$_>*HQ>wFdsut}xf-8Xd&AJbk0qi8q!x ziN@_tvhhPF)u^qZ8_Q~##_nG3H`{C2My&P28m{qxPaXNWPZ!Cya(gvRJw7^8-TJwY ziKJUKdq4N7A{ph2Y}LUR6G^p(DIwmfS3&}E$;i{av5|8z!_LRCNU*+?;88nu&1`EK zrfz=TM@M5&MjcJVUo4tz3TwRxX?W8`9~sRxEyU0l)ATDPq?)3XTmo{b=+nLN(dy=~ zCSz)45#=MljozvEjFYg!@SX5ASWy)2(KKs!=$fh_7ne;EX3c=y7+4h|pakZtEHdsO zTCk=AJ~AKR<&#a?mWw`ZJ_XR3d;3jpbK@0ffVpfD`} zBOBVxCY#iN2b+!XptA8M4ScDxl|E;q*0tFP5|gb(SY-=7P4?;DRMJYaf}e zZBTn?H`dhVBXXcl4yjO@%E6n$P~99uiy{L#Q~*{E(G;bmBRudN!N=rW=#A&U_Tjv) zITre>$tf3hJ`~eDTiBkIB;vZn=0dS$nZEgE>4~y(;hu+P3-2iDCE~)GG0o+|-etwY z(@_t`CN;P5g<|tkEu<~1DG^S^#fi9Tmbk!~3@Ob^?ZTGGrLiV})&v^)0_QB@t=L$R z0z$)+b@PGC|__lBiV?s*v3KqF2nCBP4d`O?Rwp!~H^N)4s-DYRSF3?;_) z`tY%645-KAJO$$d8%s2Q32CQ$!^e&tOYp0TmEX!MQ~$H{&CQ%Y|8l8e~r0 zw5mu8SRU}{U)0F|7 zGBh?Ykf~CP;PIxY#x@`3==E_90>(V+09X!YALrX9-V&L=s%2`zhWg?y6EZrGpfe3yVNj--aBFO~kB^QHSZ3@hADLqjBbgu!%1=l)~JDn%@36PFzqmnd~h)9{rj~(}m zB2@$BHm21U(G8rN_NlzAkGMv-e*uzC?_*)UW>cDuFCt& zr_N)c6(UcKpyg2rMqV?2p;uQ8-_=JTW~jnkoCj!7rS(v|TXkWcVxc}N(zApAPi&Yw z3g+O2_Z5i^4@7%-;lt=}W5>cwI#XP7KkoXSE(X#zD``&@%@+6E&$u4dk&yNtq&dVp z?k7A@y6ktlK&e6~0TNgAD15&c9WAODJCuPEC4myrqM9LGn1^bCQiVn0o@#REN|@zO zhO6RIKtgAU^Q)=Gr*#o6g+e`~8C&e4s~YBNJJ(pE)3(6uZbPMwX-J+y`!cHH&?x}a z<(~#P_2C*1UO44+Aw6L4^pI62Kz2D#U{4YkG79b; zN*JB@`#RGc-7)25F z?v8bBY%Je zJ~HB-`!MnL3eJOzJ1S{$?lMx`^^nR#iucrj)lzJ(EtiZO%vIHB=HPs!c>=8YTBr?c z>r4az%_0a2%tBTK3H1uWf*nOMf(JUnY#qRaxv4}2P+`U?RRdfE55cwB|KEa&AR@?w zx2_5xFE>u*d>RGchovWGJq)wtDVXQh%|zJWYi9(GLHP4_OweFZw+QtD7dT=OoUh(q zQCebIVYAbMh9<-vRd?HU0;f|8oEjIlYiV)bvUlwSlzrP?E*R6TC7Wct4q~&)1Y`B( z709B73-7U(l?5ecu$msb*o0{d3LLugUNGTe3TlFI<9ipg1h^Wd{ z7YcRZJlL&HT-j`;1y$5%Yd)3hE^d+uuwF4I?q8L%8d=<;J1#$xtF=6e=#;6}30sre z9?jHV1{)sO_rMO9R8%ZP-`DooY$0ly%5fh`e<TcM=p^T=9BIy0&NzNQm;>d|X@>yi0t2*| zf_2+Q>;6q%8m!wqTK7XJ7pVK(Xx+DEWZMdz1Mc?4kM2=noE5%=dPb#6dMe#Pc`Il* zXJqtzozlN_=wF($K88!y(f$=EF%$H3q8~R;QTliLAOSd{UdVD2L_Dl-pg6~H-P!PyFFP6g+*ka>&rjYXW=5Y$%#IMZp8o;EpXz_*Ua%~_+k z(%uS64{)@AQ?`N~3pfQhGF3*DMtJ4}PJvw6ht4SxHkk@eoSz8dB>JX8X@pbK_i#Ek za3fA*_}{^4DV*}bd6%Ad0yg;y<)V39dT_`DbaF!MTfYffMKQ162CbslSAID8;|b{n zrH%ZMes3O_7~1cduUx}^73PgmdY;JB-u>J}#|C~Y9|Pyh`^{EpbG_0gHa1*x4(|tf zOb0Gi4^M+OSF}I8J6yVZI2Gax+ryf~7Y(Q~eKgzMBNH zvp$GVPM1oWF@U&@N%^p|`?|})BkDZd4rg`y{e8dkTg?w2T-c6FE986HDX$5~rG@?X z!1t+sEdB3Y_Z(gb=ebs>O$-+D_qSuxp9f6l`<1i5hvkleI?1ZC+TQ62gFXVUHzQt4 zommcFM6V& zfXdOl4MAlAP6*@!!)P=I;I<5-(_;i>xNrCO+Q{xlBa8N~#gH9ODje?Hq_nZRGunXz zOq$p7YJhbeYxNMC3j(mq2BB@hAHhxjNzv`D7fc>MzT%OdPaJ%Y0w5~s0Zr@8Ie<=FVu^* zgC%fIj<*l@-KWGf5QCl6L0Wv0;CNPin|M;f)x&*n4XMSg1o}pP6T^MShVVlvJSB2~ z-A=$B^=i1!4)kBEV!dk#2Iw3GuwEQuy>sAe4n7O=_YReUzW|EGL2Ez(s9owin8^9? zLXM9*r1lcfR*jGIsSBeHq4AM0h|a`Adv1cBqmdopTUMvRakyi@8F4KzvNM7sTQeBo zO{5Yq16mRwvkE_ zHR&{>=WyTWzUcrl9oo4#n0qKg;oUjJC1(1eTquV)aAq(A${;!X>tG6xTCW>GYcAsG zVqXT#x2XQ!0j@L~*1X}qHwFCkB!9fesJUONLRV1Fw^HrpxQ= zg}05DA46D;3&Bd`&j{h~GROaPU}RVq7c|DMqZbmqNro<4=7nB&{{#hl4xPN9K9pL7|nw3t6OCJs(tpMoD`1>A& z)dA7%ll}}Iak*x=s5HRk=t0Eg9LU?{%LvMY(4TP-_4W4Q444xTN6Eolg>Sb(N`NZ^ zzT{x+nlCV)?D6FWQ@$F_>w!E3DSKE0tz>{S{0s6l2hq5^+ZT1P7%2E)zsWpZiFFM& z9Rn#;MqTNEMoGJ8H21AR>9y$6K6r)3SX!^0Ay&5ia@r z2SG1`bZZ`b$^GS5_gAIxXx;xN7!Ui#4mo1~ekg}S`WH$J@%U2ze$W*#DSenW&*dk> z`h0MRHkZJtz@!(33Zb;W?{^T+h47`puxkg_+ISB1D?ATBi1fb?hu8_%y6q*X+<_rm z32MpTw{sA}rGOu2=J)4uUYrZeSe-+E@Ur@=-AMCa>G!7=+?{i`u?X+Rr}clth!n?) zl&W0XudYsv>qcW6t!u-5Uk#LBty_t3`(y~k5N=&VV}XJffC>R$Q)?F|tsBaKu@3t6 zU~@l~)%IG3;=>q+zOZnqv%gu!vM{l0h0QScpxQ@7oKpqL|9P+p${!Av$I%y*Z|!dy zEf2k^46X6%U;y@8K71PI^-orL{Zn4(0S?@KeID-u{l7{Rh#(H>d0v? zh-cQkB!2uvx$v(?iQP}tyd?f>UAb`nQF8aY5I_GIQ~T1jy4zn8{|-C8zx@K=T`qj` zOU6ly+a6H^?vKEZlB3~o#c4e*KDn~kS!0ErGG1dXtmxJg;)YcloTXN@A1<|StoWy% z6gRGZ+d1D#3LH7#da~lOo)YWVkTtfNB~}V3Sq?8MP zf4si(WDP4m{n))$R^Zrst+?mCN>T)`h1z?pX#Wm>9Sm4P=#UY%ZIDGPrDC5qPEcRo zv-)?RdUBrXTC}C`&xn35fv{^Tc$21fZrDyDIe63u5C56OH;$S95t+K z8~DyXELlsyN}0oejZ^K?I5iE)JneqlLGA@>Uh!L{U-*b(Ztn>QxndS9fCl`CTrlt&B0MIFw2F=i6~g8q4*Dq7`Z@3RYAshU_` z)Y7WBV$lsYhn?%xt=h&iVUw0?q4tvdmc~JCx)@r0!KYfF@~Q1F`N*lvUXOySn(6To z6WM*wmG<~F6X|_DK5pXIkg_<=E;5W!)RNkLn@h`u`b4du(!OY2v5L~q8kBA z_e^o`W6$W(nF+w=i-pbfjkqCdXB54tFBYDn$(_H`hx74#CfKTpiOo1_6SWQP66)Pl zL-K6K&AATvm~onhoqEQt@_-c*KMq)PF>3xYq-z_rtmYyzJv5%Y@BZ zgr!~Fvj(i&k^0-hc0Q*EYw{%q*@rK|ndK$X$6T5zY+{qZ=RZ2=f4F`3>WK+3(4KJT zFktq<{&VJ9;4$L25k(;n_ele^4P_lYoKiQEpUEBXS1!MkI4Sq$7R#4NVef*J{w6V zg2=WWf>R{X$CiEWBg)XJJ6A@wvPcFWhjL{l!Uk2OsG{z^txVjx?yyf62WS3q^ggZ? zBe7x)jzIO*scy2)wp_JiP-Y^P2j_}b6uJ6w6<7a)5?XI8fM>%KITQn zr@DRIfX-Jguv6H5{B1oxohM#Ysp);ZsDUv>zeMg^$OHV_k@cOsUE?-O)>(u*+DW)y z5;+ED+qI0i7|4pxiz^BW`|_0WT(tWG%W9e=gx)FjGIZx~LL)xTZ>0 zdqRRI;XI^mT3rum=W0?UYvG;os)P^q1lWf+t$eF8p%%$}nzX)naY8}@n(2vZvdZ6g zWDxC}!$aob_xkZBBbtfJ{e5kJ#Ev6*7&$Y2v165kX@ENruzx}Jl}OM_gT5WR4WM0Q zgI=m`H-L7L!82|n#2y$j!m3>}sM-+;;j%$)2ik8|4zfF&Ov-fEQAXO zi5+ne&K)Fo#6x)7Aj2m>STacSi4YbKQai>#SU5=UNP=+s;6~6<{e4pgH}ED1^9Sqr z6bQ2iS>6ocO@pdt&dqv&9%ZM%Z?at2s4WwAu0-^ytcb%4g@{!^Z`%Q|=5LFz2`=z< zu@+sfz&*G-fhZCZly3{7Gki6GRo_}v4J#huP9Tef2<4k}w^bg6uZAL}Ze=D_Bt%1e zeUYV#@g!$X|3@a&jaDG3!Pk^>BUrnXx*8V^u0|t}Xtx%|&eq%!Sa3H$P!$z{HztCN z#^DzDYR*MpdRGBmB*ZFlgR36mdo1X@+*%Z|!_2Ee0}pqB-@LLPy?zSLNoRwn;MdOt zCpw;l-46#g3Q}21!$5z7J@St9G5)@1eDz?f;4pvR7T-pQX(3kc+W;{G#GdfgK`att zkHdK}?Tv-l8Xp6(M2J1?!<&K5HZ!6vVH0*Ll&*p=HBdTXloPRF_x{ zcORn4F!P9}hIvzQBfmhV?uJ`V5B|oMcN|Z{(u##5a=Q}SVk;JG#Mj*}8|!F1j+t=N zjoSPq`MSST;{tTwp|5SU6K+f?PGH;JVrTnk>~AG`r4Ckv>) z?n5?jx4IVdN+fozZY3e%6y!R#LGC=FuN$)v{JUOUm&}(-I2X~6Cmee%lE+g{UaNb& zq&WPaY{tZ{#(wMsxC?NxJ2GT1GNy}_ z&iY>z)$}995$B-vk~IEBIOqPO*RQ{PeiuOeqZiW?-A}?jgmXQ#jQ{d~dr->9gPAh_)UftL%9Ov2oog-$lZ3V-jwb2h-uwHdA1AtbnPv2#-0R71X+S?J%mIqZ;5G&;6`@6+kK%R!_#=PYPOm zi*S^SgFTN{1+hh|>>EJCDzxw5F}HR6>0bPUmG+Eo@R+gZR8+x!YgI*?Gt+*w;YrHzR{^XT+RHD=o!bU!lx%v9bWo$d#}$eey`G2D%_@HQ_-Sf>}sskhu_ztv88m*ViU&n*$JH{0SX z`r+PLp>m${$?z?3u1l+6TyQgPIViHY`D~OlgN^P=lV;FUd3ZMnMvOt)r@;1O=i=y# z2B}H;`VY1^4z&W~C?|C0NP>R90q+l40jK(Y%9~1FZ++Vht?wR27#pu)t4H8iX9VYt z(L0#803}A~py#m+JJ11WKtk`CMTvFh$?4xLfHr93KhVv;EW5w&y`fC7PTkmF6OSzE zphFB}rW4-DO1Yy-xg|lm1TaJRWb>zbV=br#=n%t}WXhX(1MN&;JDCi9i&E~>UANt^ zl6A-lC!T>51X%lmey;z0+>Z_H{Y8J@U*7!jasT^{)!={jH17fnZk-uvQh~EGgGBdZ zo=@dJY(TqP3~o3@z+Vse>0offiG{xjHE=@;Za8UBdW{yP*XU7tE%L)yTuY*K@ZZ5a za1(9+xmp#mQrofz}YbKi@#E9k;E7|h6b*y!6EZoS3 z`{1YsMm`;jgEk!xwvC7tyg)>QcC^YSG!n%C=XUFhEclyM*@TZHiUl`q71Rc&^>*tr zhH86RUUI zM3VSRT#-nV=>C`1rSa%pVIG6a=+U)OJDZC+FURS;oX#pO*+4qY0M>{u1G@k3TK2D#ojWKHLK{aZ=jE zmsv^A77OGuN_>w6kC>G;);oI5OUi{0DZ8+6jiC{2JF~vR?81^YvxKtATLcRHJI>EE zw9FKWC*5yl;51t`(a;DXGx23ge3v<=DiUT_ZxH^KbbGHk`f0fRwK#UR$lzmn@FNvZ z>3-wgLfs>8dBD*4ifXB|SlGVI6Sqa6=|YjhHw!H>i{lDm_TXA(%Uh-a=O=I0&J;FI znk8(6nVRKN1x)oGt%BC)jYHqNHK_u@?$Q!1#X?;^l9q?87;xbenuL@&X%AVShPzaR zK+&6Tx!6tvw4^xL$K2H7bS8nyQ`R12&F^i1L7m~z4XKp_3&L}nk}vI%fx z;msmSN40Q3JGw;&alB<5NCT<^ePGpquNqz&&}#n!t!nW|^fns!D=}K8McoKe1Fs;3 zHL6;4joOyQalDA*b0$309o}*|HUdiF_y@gMHu8k>II-r0xW72*U@8HrkWz!Ul++}| zl`17ENMl+&HA=}EHdvAgl&meOHHtd2Oex7JX`b4@)F#B*M4b4bSDk}-h~|Xln0s;T zyyawbp-4cgHV1QKp6=zI<(%6Ss{%Dnh}@66PWKYTmCuP54lEt2M!W^`N~snluMy>)?xnI<@KyZg zFD5D4_Q;;1uW0f2*1E-A_H+tZ+h-06&XUG;jC?PM<&@$KkJ zST=MJt%MwCcI+|ldVRa7!Y9L8xSoxKwQzlKEu4etr8uQ+v=#>2#-Z&L)b?A)(nB<8 z9BqNDy19*E?k18q6W0=UB(d#X3blC7+?+Xr9pa=@d>KTyZ2 zthjn<$q>4gAG+dh?(Yg&ao;}{*h7rF4NH&YZ*tYuzSedF=0yruSkA9>b>_E}$lG{=^e8W;PV zE$VF4Yd58!`@C36Q+(VCLY#x|w1stRLU0NLo=@+`(%$bubuafst~JW|-RK@(;)*Yo z-AO?1jh&H>^S!ujgahZ{gdrjUZVkq7vo#)nJJuGv!**Wgveey}IetaxX+H-oX#4L> z{7~i$;0cisx1zV_`kgoy_A3C(FbWr5bUYJ}=WesHAI(Q~vJ5K_Tm<#Id!I{iPamB^ zAR4adjN+%3KHCxD3{&nHp6(?LiG0Li#zpVA&`TM|uU!=X_G@HwQQ|gR%-568=8YkMeQFcd6WexaWX(5ngIze}lV93$fj}#gHQOL_$ea%HLP(clY4g zXL@v_z6RRgPU>V1Ys)}S&P;{7MIbvA26mCa+ZUlyR|b?qH!5LoKQq8j4174Y!8uLf z6%PE6$%3U&CRS?h@9-X)Vd!p^DHA?k+a2a;m1#rVidJ}y(X4>o?FzIr z9(i8_2g=0DnvgRg!iE`e_+ju1-A}WQ*tIwEk&%W%?#ZKiKUMzokn*UFpDKSkq&&js zrrs-sV;ujZe)~#s6d}T4-=^K`dgg;x3C?Q8qkck-;#nbJ1cD4OK-QVrwHrQK()luSzs`*CaP`g9I#=4@;G z@%5$|8STesq)ezVRK$JfjRQuy9eNvh7X$6TJsn5An1*Xeb!!?NrRtq;%8k}H<)%3d zAK{EsMhf{)u1PP=2V0m4d?do#^->;qMx^lJU}3EFgG_NJi@EdDfZHQJhYxl!lEu$? zG)+br)0lK=fabCE{H`4`wxfQn%5@B^DigYj*3LglJ+5}|kjed#35G*tgZ>cFpgVNL zjyHtC`8d`vhcAUyVXZ$5-XZ|+@70XU051%@DJN#VDaV@Llq0cYN2VpP(m}WxMO}SC zR8y?y4O`|vRh}d}I+;DvqZTOw8*k+QaQw^|TD(lowc!$rFMgbmSYpxfQrp{JmM|8g zQ}L4`X^cN~?g$|kk!mll&XrTOtfclap83V+{)ta2vv>8Nwg1~5#h<#Il@`2#<`v-8 zs11ab>U=cMO1VCGZADr-h^5T1tT%&ajEeid7QQZEhQ(+0XxdJ3$0tmN>e!{6D8 zrSkfSWTg7xz=&ielhO|GsxYZ+Ye%Y6rHtdmvNvUG1^4R5y;w21hkcdU!@P>`pKr5r~MUkWNJlaRuv9yWt zldkZ?M`8(=;V{*JyYz>l2N6^g<|+aycm(>RZwv?iM}XG$CcM@Qa$tHM`t`KLO6>!g zxEid?L_J7BJ)YA_8sUtS>{9!nIO1S${599tQzO-0-{-}+- za0qsV=kESHDnlN%5$D|iyQ@djbfyQr@RTrW(PiNLe+=RTNL}3PXyzEn^L8ugLAzum zj$?>NYZs9m*d5Eby>H5?E8djTPmIhZnzA$}-m(nc#HMiI^_(HL3`r1@n$x|ib=>Ze zy}mcN*AMXgN@0XUo5X;x+Q_U&{8KNL^iw>R*3Kg-3bkjd(fA))c{lQFxGZz8)vs-` ztTb8C=~%Gmj`X)^jK0fo z4qoI*->z8PPhg?moHX=x-5_VW+Jl+C0gdarU&ViGuR7SCzwdqJZgr^5rf7_=OCQo+ zs1Ax+D;~seXbp{h7VeHDXN+KMaS&$}jq9SC(R_@V*Js49i0!7csC3QQPrt;Zo76Ym zauaqu1OEqZ7JCvvBa*r>(~UMYMhYK9HNH8Ex6MblfscPsNpRcXhr+jlp~_*JGG9)? zF7|K`>+fM_orB*$ZlHq}c$9Z9$t}8z~jWuY_g!&@B6mcuAIfqTdnw1QXrTt*tLw6_uK0DFS~1b^2h

iD8kHW5Z67X&lj;XqK)@U8gHeI)Iy*g71 zdxk?o>=9@OEFH zv%fG6`PZX(RX;vm2Cr=7ljZAM-H%4ib-z$Xiu56mScK~{cPhMsx1$<6V&RU3mJjnz z;K+l~Fw+>7mBin7+>hRdGV#0Q0fn!)nno#NA;_|&RGsEyqSih*XBlNG@Z0-*zB}9+%|w}ngLKpDDx;l zeFNUqIvBe@Rwr#7u11`i@zq(%45x!Q1t)|$>9OILoY>8ubrX=L#ZSqb=1_26sFRit zKDRy(lC;NtvxekN{{E7vfk~1^Ailu`LnXCL%dlq z@2=ZH?*wfVX=JltK>Ru@OXxh`3Uzmg{t>(gYS;J3B{y9{YAn*mLHilnj$uV>Ad=vcrwCBSm3tm&dLW_1PPflI(P@*9}RZe}tBu8c8xfkHY#*s5p z6|rkWwFd*VaYn9p7QD7YPBWR0HO<7*@pC7ReAR=)drfID zFZPVirReM`26%Q|^U?BCUc<*S1GtQ(mP;(SJ*m&=LpTVYo>&C5a6rzixhrXWrR5m% z34P7~PA{nvop*8P*jdM4h!ZLv#V)}}gB3xMVMQMr#U8WJaHD7o-2F&WCBZp3t6qYI zLfeXC(wvBGROc1?yoW^>$`cZi=%{01ey!cQIo z`v$xe83z`BV0-O{IKq zoWJipoMOdY#LOhzrh_vof4q!mqSds0!TFv-rKN{q+;iu`(^I=5(#Lff(i6KE97DZ8 zI>r3p?4Q&{OFjO~IMNLA^D?2pO7@#$?<(#+JHej*8YSb0@yP={=?kk8Bl%-JB=iID zR0};CGn>-ivk=iExIRAzW8WBZzKy}#f4Yb|kPfo)WEHuTtcJTqd5mMz4L4e8IRC$H zyOKH&JL;9WBj6+5R(n^XtqaS{@4^f4%=^z;mZR7F_SUs2;hDP1OON4 z1q(SOMV89XD?Y2jGOSX}24s=FeV8@Vyt&fJ%}qMhOX9SI)7W@S`gL6q2ObXC<%$o$ zE=Jr0ZAstMA$~j*G7_v3u>tunAV}H6Z8di#9;l3ko)x@ieqe55%F-s(qa3&G?yk0) z1F%BFox5SQBK!N|he-%&kxcXVMGiAcnqim`F-!f`^+olPpKP_g*FCPXv4`^7aa7}8 zxW$%c!p8rx+n+w=LI-$%Jl*y1)wrEyDgWP=HnjT)w|Wvnz+qj=Hq znDhhZ?GAfLK0O?u{+_zemhZ4(-?Y@FJfMolJ_)y1R^QaqR#UM&eo6d_wi-OQt+EKd zF|&E84Z;&g?o51M=^>W6t1IP!+Y-~3E<%0GZnm}6tiPK5s-X1p@DL{9IAbp6E>+Fx z`D}TtlDdD0wOA_W^_=Pr$IOoEW#v~-M4ak166Mef%3DR;nP`U5z3s@+Yune$uqHMT zm<6TaxjQlkx}!^DX2q18>V1$PycE=XID)!%Y1Q>Qbx;R+h#bs?6(Hi2{IZ$)=52GJ zz6t98;fsLXZ!+l6gCP6=g5Lr7HDN2Tcsv1*#pCcqd<+hhTQx%S&xf$|^;el!+iDxX zi08lh0z5PR0w;%TXNc)v~ek9HXYZU0c#U*IL+(ESYsbHpb@squLJ#lY+v z9PenJj{;8}dK9PAV;^ zyZ>mrs=T5-qF0m9iXLukUR5;Cfc$A^g_S@L2u8BXnpxUle5$OTr76*r>fjArMoN~| zC0s@2?=b1WAR|5Z2l$`K&>OVy!%P@Pn$Z9Gg>57`jKDC2Uvei29)97xwlu;?DmKlN zS6Ca~0DsL`!?`1DDcti>?n#YM8TJ3|!IAzgS{k_TFw#G;QGe&GftC)3*a1-c$X=IO zI^nkWmNQ#-cWA)NA;KA@v<>fO)@9ULE!fUFxCw`Dm4y#mN;qW)um^f)WpIAZu{WIK zx4>(N-}+Z!4O-as-mWZKRKVmMxg8&aAcMrC_y17#CGbsE+5d0J);6V~El}D5 zX#%Bf07DD1sf472HbIMk^F!1zZE<`lsD&@!E&I$8vN z?v4qImZDOv5KCQNX(4ITB>(SyFG#MS@~<_KM*Ou>;(^EVz^fhm^X@Ue(y>4Ho>>cx3ui&U%RxU!ZIvE~-~WPllIqCP zIR1IT9&<$0xXJU4B;!UnuaLtQEIc=&C0C>#qkO2@DjFk2T#J;vUf>(Z9Fa%K<)Y<> zBp>VR(JnH{tW`M6OkG7~P<7$_s;KJBbF1#j|<7o z`h37g?;`}q+MeioT@>K|TAjAT+Uv23MJ7_GXv{u*OI-U1uUUyRH@VPDN;7NTTN`gl zfvEO-Xgf)iv@Gk1=SwUqyuMUq>!In3QRwZrmVTiZI zH=!@f>;GbX8T}#7nn92jQQAdsZ8s)2rh;$SpZmI3rQhsL)IV&6HCq=|@wzufUtyJ3 zS6CIeVsJs@eJ@gCRgBA(BL+cvfgCb6BG-s&TMNn8C;dy* zQvQ-x&Nug<{2p4J*aH495QcU?JRT%AEBWpolJ0Y)dk^XU)WfLr(3;^D;vTf7rd!D$ z>uHaaH8t>T0 zAj8b!{!oB?k@7X(3^Rl0`$Nywc&71uZ|M0cV6_@pO$7Eqk0YQqAL`cv5Buk$w4JCm z?NSx44`D^~FZIOnyZl?+BSW&un8c$C60jGh;nLumfombhD(2vti{DFdt;JP^OJAR6 zeGX$qlv#p{(SkG1V9-WXk0`5@JCo4kNtWb-069zNKMy7rsx^>*@h|o+suev7yckex z;)qNP@d2nTNP0(;eIYE}BxCdu_$wI_l21(t;qiBrAHel%>+oHWbFmsGL=gr&Ng-bf zdjVs7o4(+6>ubPX^!!3Je5J6imhvk>odrGT{Zjs`?$-*~eF0CgFakLji_^RJ1-edR zULrjGCG>QUOS0|7LaGDwcb78}8vdXJDtqCh3f^NO%hql)O3j6?famYMV!I@{Uh<}? zU-G7^6bFdyx;OM*?viYO%0gdp6qC2b0SRdPsR1d!0@wVY-}6S0*|7oA+OcRA_zU2> z(4S+R|G@lMkCO+JkO3%jsf9f98(kzX7C=kk5lzQ`<}P>xKF- zPVB4Qhuum(ruz{79`lOjzU-&7b|Lj^PAcn=>k~J@j;`Zr&6k4nsPrxtm%meGaTfG4lG!wug9!b&H1 zrsGRGzKjO63~hnCufK`c0!pZJWOfv$Bb8P=8M87@=zWr=L>P4woUwpJc8+AE$<%7y z;{HHU5(Q+{=F1hV;`znL6Nav26}Hga81)BMaWAfiaUH_t#MOo?=6+UDg6k1nf5r6~ zE}~hGDwCgy;kOENmT|%ctXJVC?^%8gyGECdH%;)nK-zIoPtbFumwY>CO5z74K-*O^ z$VHDEa8U=zAsnix_W1y|9id zNXeJ-A0S%Ge=ZVVL;6Ze0^9L=iB(c4EeP*j68;B2q4PksDn<$Omp5fu^SQ?lB?vNl zk;jDpgbr3wZ&aP!v+6Zy#Ix-&j3GzS&QkJrDLtskVvgt2d-kld=I<#Vj?o;ZfHR#E zK0k20!@$JzN_<@2i)xiZj5u1DC#DY2J8fxH%crqe$~GTM{jZ@k3GC z7&W_v-VYti(VM+ey>iE9aKy4|b}y}E__v{_PGu=0^7b$lL<4iTKPEyq-|-hlQ6ccA zebzT|qs9G|czlraEnY*G%&BOgZ|Za@3Kazsex~5PCCs4`i0}A`#S>}oL_4c6;Ucnv zk!WwRwL|_7#t>^I(%QRMm2#xLx2G`eF|0v{)~3YPzOP$s?f%jP3BTEYOla*p@V%H5 z+j|5w6n6zn5mSkAkXClNX;9F8?MQIQgqQlv+rpz_Jx--4oR`F&rPO-cDD-H!7L!nm zyZqxC(lIk3{m+Q!7jz%sQj5-eImdbL-BsHBJlg>-u7Os!x~FqxwT8<-X(jDO!y;3Y zm(sKCM$;i*C*PwFddxlhxw34cfZUZjihp+sg29kXg-iN^3Sl z-@u6ToA{22)TlS(`H#G&t1+P9a`nc`+Pv4nQ;!5CmuprY$TrLOe%hv({%Kom{$}qK z$DkJ&{`=nVYhUu_QZut;P4OLhEV0x`$?x@C?tRItr$Q85M;4>(G>*;okgVtb3a_!VKlSoG+4 zeyTSkBfdjQk@#4>o`b#cJyuAbau1_j&!WRb5m|V@{u&<%h47 z&EA$-k5u_RL-FeyI>AC87@RQ`Yi6<#oh$6MOM({i`B1XqYxiRU*C~##O0?0fn2-O1 z>-V^}K15{peR2eL)l6NA%d|?X8{%4zzlp9xhJ57K3Vige2p=uspYfR@>lOC^t4Ky2`1%p%1nc9V$3iQ)HumMs&~arB zKzE@!)*8fqDEg@idO8G%;kBELr9b$jq4Th1<-Y~iO%YfhUjxe!fi)MfFb=WiynaRg z=QQqdp$$e`sWH{i>f7v9&J%rEWt)Q-6G{a*7PLitm69J3OtX@+-LQ{9iC<`&D;qJ= z20yFh8EK15s25irKtiH-Sto^6IrTV84#YlWNx{qkn7c2#>r zo{jXgwonF%%rgPQRXT}qbm6{DLw!=wx0Elfkl>ewzU>VRx5y5#8A&arT%K+5$hs@e zQD2@+;#uab3pxVAI_WTB?a`_%Gi-_s2`Jnk{A>}beoj;^p6&_zWD2j9cVoTeA7m9| zOq615lX39@p3w(IyR5shb|2aD`jxThiC2YsJ#B_fp*i6*=^K;G2`3UhOE~eu_i}1G zIMcHjpR(!=czWJSJ-@yScCR{HbaWxJE|oAFd_%yE*oc&czA z+9D>@7V{>C+T!v8^wfOx)MGvCNn7Aq$^S8sWnODph}H;tCi$@n>mNZaUk%lg;*-}) z_>`VU=Vox^d`Y(MyjN0p4pMq*f`Rw1J@57IQtg`uof*BrM`(od|M$w4KSVH?3=C``3_5!s!uizOZWSoC3PESNKg7RX7ow_XegvWt5a)&?Ttgx@=H5!(DH?u6cM!hIgTk?~FFgN3*VjewC= zl41U5fs#MjTVIg7&+i#0;ChcMZ(ChI-opLMgxbBzsJ%@4jMK4y^tUFy>t&iGM z?C=W(+4G!p3hd8hw#dwjFkdF^o@Q_M5)S|`_@L=fl?zQT6(n@|;I&HN|EaPt==lyU zB%}UvQNceXyZE6|?;Wr#CIhjGspvhuN7oWQ9+!1pXOd*D`!0;|IqpPD19($Q44 z?S~8auF3~Sg%ZTJ>`}Z$T4<`!LZAAs*Fv{=XGB_PI$CH#sD->e5Aky9*oE`n@2bc; zhEh~oZsKjZ1@lv>c9Uu%=Il^mT$MN{SdutOr}~PXkz~_ynU=dGY&BU0CDjB|f~TuT zZB5~7E)a~81dKLZ2P2>7N>JDpgq5%ZI^E&9au66Ps7Ei%!x=)DPnDI4>v|{V0$JAy zzgiTc_XxlGQU#+Ryle*25xSYI`%Cbf%#(7!kwC8dFrLZWVfih>dYO!o={-b^MXmM! zYEK%Ke2RrG0vWZL&hhBA@s}eF=()?^4YqFf&KsPzYP0wDiP%4`>?_AE<5Qv+GtBMq z2RoMR=+A`PBnfR(iTb`2Y7bI>(k5iDC;L2UtNv%9eY_9tWcjZGl0r#=DA$MVSvcof zzLHV2AfLWI6Z9Q9^%beQpr=`AwQOOHR2On)CBLyp9EStxJfEj0kV3|xK<8cU$ubWW zC_S7Tb(8&%@OfccZz%BC9!LO>LTXLxg97itfTo}fO8zP2jX_=pqwe``wfP%2p$f_R zO7{Ou)RT;paDDmuVdhbmaZmF2#smfEa$J5?W0ntkNO6 zqIMx|w{M?Bg^Y)DqDfb)9cnA!_y#Ep(9Vn)}D*9y{mx!6QSzitpQ$E z!)4>7s2j1O@9TeV!}2+PwV*>-Zh-7nI6IpH+r4nEI8JHa&c&eyX|XJSly&Hm8%sFN z2x$CHf{uDnY8}^4lZxdT_z@820MXy?v+X4IYlN5T3aB?i)+9t3?&~iyhAu?u?|bUi z5ggb}Pk~a4H^)HcO00szeXK*Ck9%cY-KI@O`Xr_1-A@@S8}l~FH&!;XYe`v#V9CZj zj*O4TFTrG3CUa^xz6CEfpgP*J)*N?-;^0%X%h=xhf6B|0~yxzGeVl7AP36ev7tAs|yaA;JB zF&izL6gi_@AK5R}uBuJqmewZrvovA(v|hw>LTP$K%AC8A!de?!Am!+7vx&Y61+A7` zwfQG^bUnU9FOiyvyna&s=ES;;s~G+$ zCqaY*h_SAB2}Jyox_AL14~SBnB)sD8 z!aRE>r@Kj_uZifG5T)^if`>W1UoAPa?(lFY3(=tV`floGJ+@Ua}N*)~Vj(8@_Im)v_edd41Gdjy}Y z;PrP4{C?*wJ$$rc-=Jkt`aMCT#I-RsuTh6;*>Spzb zEIp6XO>CCJ=3G9Sz#=-HuR@=*#ffkFQR5(6XGWjBWt^;Oe=RjWwmGO%xa9DCRDvhA znby%*CkHz_BX#Pu9e2+hch!|DlXS=>XHIL!F|H)OJmE(dsEv95bni9{G4bxHA&q8n z{2V}i^w3p)QrM$#UJETL;)N#9`Aq}ErQ;ka#i<$}-;`q({kgUUhoaTO9y&Fs*PA^m zA+~tXa}K!w>{Q)+5iNHBcF3((+8P&{!1PS8nM*s=Lzm*l6_`w>&bQU){ne z!tMNPw9A?vN+VJ(LC=)Xc{s681!Xpd#1;>)DSOT1gnlAz>j@|hqh*i2(xGORXxkI; z%+K_&of@qFai-mdblw4vj10V{Dc~JIE@52nw^54}E#`4wxjMPnP+dAPa-wBpWDT0y zBU*6vwJBn&!>41PEfb|pDp#80%5^q7F!?%=RZG=0E3mJ#Igq$S&u;=xg|q(f8jn~M zk=jVJXW|?Ud)Cmgx7;$BMs$0!N{$Mq)V>6Nwv_J5IpWnnyy7WbWG19Uy&t}j0%NuN4y$^bGNyu9hYET)c2;vCDDB2KF&!(EpZ$z@m}bx=`D;S;!`c& zY&ZAe8}y6_%FMRft=}h5kK>}YZ!#ueTqyg-MP_sfGT^tRdmlV7-Icn>)*)!$mkV?G zQ@|(t<|dBV!i0Obtf7=!3QtY#7)8-5g930K>?XB@y<33FYIkAvi;OX{Zz_Rj7z*~; zfExWl&43OG=I6lPDD3XjT_*ZdVqQ@O8T6b8*lH1DFv+4YUOK+wLwFupz~(oeG@Ubn z8W4Pi^+_RFUfbQLrIl>AeLlPhfoXoinlgVQ-sVf&Gk7JJv=q&xNy$ZmNrcR@DUPEK^xiol7?bL} zPjb}M{p6;}ZbF{QS?EAtbi;R-T#YPjc`m`+YpUM4sTG0kI;T!R$3% z%MKc%>a?b7#lbea8ub!ehH0cj=@uQlv0u91_e&Ss$N-l4AgRSFU|!>7cGSVfiaFKF zjkC;fA3*;Rnvv;%E}W~C%d$*#FWt1=_;V9Vv&K47&^L<&%~zsj%}ngWK>9X;JRFdJ zvcuk(oc?q@aFE%tAf3P&W{Ho2P17#)*mfgxwv`)fp|HyyUMR-3`4-w3GrMj-NLJT3 z;p36$Jr6(F%EefI4Czf@z`T_&XBAg)AC7w#uIac6aovfFVDb4Iq<$>|4!VO&%aXAF z>MWmJB(+OmV|2031Am^W8+De_Ub5TE80h{1-vpvua_EH@iu>JA`sSfj3c7i=Wz4qcJBZD!guxz-funtFiikif0x;DPiX8)bA8a{%${sDDagNx7|yKv|0 zpSC^&={mf1Vn-$O?5NyugA`mtGVG7`IUF}o{2s@>4ZsPW7S#zwPDK;(s(6F*-yN!i z$XTb>=u{`E->)XT1>b!|Zr&VsTGZSc^QuA%`RA83CN_CT($jqYrGBcTH z+7{ShWsvee^zW^mQAy{`aFlFnwI}7b!eeS$?exk$;8TA%#nhN;+qv1HwWQq!8*pWpY&qvn;?8k*HB5-g zQ{@U{fA_zc?BOngZ^a&@Z;YG3pcT_Bueig}o{Av}-QXP7P0yfoKb;#2xlrr@=ojCp<*1Bv z9Q&*WXJgyuoOLTSu^8hPpCXg&MoZli;TiD-GOq&v7|ZI=K1#;Uaa{kvMdnH~E<&Rb zx`^zt<@L8(w}4htVGn2bhCQ9f@mIUy9~7sHGRPZiIMZ9y7=hnnVsi>zt@e?y!Ndw& zbD&nU3AVG4|H@PvL0jWMKy^62L(VeLrIXP_e`B}rgIaAFTRWnh%pROjWt|1bp=!}v zh}4qkGE1vTYB?Luu@P@ken0MnEz`18|J2X z3J%G(mYig#;dFZ_&hk|#X_AZ5LVw|E@X;OSQRY3EQ`22|s@OhT3K{ZHJ-wsaXy8vc zR# za@-E&Kjom+X)S3yo$$Vk)NC+nb_}cU{gM4Ot|h)>2rJt!6;`q{J>?BA!M2am9YJf~ zgVqk8l~ep72g6_K{mPr-ID%C~>Pq7!39kay9hN3oiV^5C^a9T2^_a6574uxrG?2G5 zy;%)!B8L*z*ug3CmO(YA5W|YRxr&;OD?c(j_tYMox4z^})-%<2pe@)PlMnAOuIXBN zP>0oKq}f!<)R6dH&?bbvV4d@I?gwah4Tj|ZsUYE`ZnV4rS^Gl$w%Hx7#2U;JCv;V| z>naBCC*y0W|2sE7@5tb!xN`oGR{}a8M-hxOP9Yf)DoIsTeCEe&h>85m70VPX6Q+K)P z&X|#cr&7{Ww6@wndL_v;%d5QUJNG=VE(N7^)!w#T~cO`@KmqvU{F#Jd{vH{lC z`gdro4Yr;|wOXvX)1k+JwHqDlvSU*iVh0A{^`1elbgMA z0}Z*YoQ9rTa70wUOa%NqAG7yNjD%k!p#B%PEQJoPyGQ=On3~UICC_mOc=c%QKD1!4kg=`E?To4qmWR3*{E*zAo}rwvj-7O>eHhjlbZ zfYrzQF#M}M(uf^OQhky+HX{Paj+o)c;NMtTGX4!srZWYH*1dzt*~ryw6s==lA*Je zao#P>_zF_yupEi($rVxhGsLo&Sp5^7QKfZNKmX1QpW7qqppY^N7xWse!@@lE&)~>K zewOGi>8wv2662gD!{UhpKPt*!V)+Ci)*PYSX7;EWBsJP%MGK-X!>3e^*(C7%2Ltdl zpiYY#eL7&@)t$j*G!Q8Zd{6~`#t7eyF7;#&=+wG~V zsOiL>gM#P4a68`k4wJofQ@V==UnZo`K3b^2m@g2<{3Yi%;LAXr*;6Y!z`F^*uoEeC z7Q8!!(dq`LmWbcg&>}rGjLj}9Jn!nue++ACxTFQ|FpzJy+YcjUTLjj3fHgV<>pZwD zi7wuCXB6(cT!h05!zg-3f$z6ReSfy!_dDOw+AX0T(H1|_(q>=YFgq&sny$wV#-bm? z@EYHlnH5_pYg)RAnNe+Iu*%(JIq#l^b67gU;T40!yWpnyqi`6pbkk4v!OkSCba@s; zWt{OwEj8vPs!z- z(bCs7UF<U5 z(f_o3gO$y901GtGMC-x8QXNDZ5OA8)^tl1=rDy1eh z{TlGcS^g8EWo~h4%ML^5i_mB;CuHBwJ)2CknUgyEXv@Fd)L25Z|A&1-H^z0*{yFr= zPI%L+NYva0q)&ln`(ONuhKt1qzyt>RRl)X4<?7a7xSnJ|4O_w8gaS5e4 z?%mq&w2IUrK05!8B!8bgIo@i39v5;^i_44xjK znGm5H;tQ4b(Org>%3`HGKYT~z31u;3GYybJB7SWoW*v1CW9W}hs$J7%Sdm(sYBzRK z;vJq7Qj29)+SWINNWFH2Fd{U?ufuWlhvVoE=g-%`$%@SUOlvdel*!JFDg4N8ULgE*&Z7<87MoR)V(%A*BlMh6?W(ymR2)V5D?OK^TT40FLw_D{Ho5g5g4eVD zb!G>^(bD(NCbV3fB|I*Z>?WQvC86E>=e!7;C2=H#+r0uhyu)t|=S#6tphB995oZTd z+IFs)Ri19=&dKv36K}VD&#Ah)%jM3XXKoPZk1fUNKRV|&u?b}g9BDg^ zU!DCKCud>aoAfiOGdZKlzHO8_JJM5mf1z~_&=1LG131IEm*?s8{z&}79Bm-0q}l~< zN|BL8M%QORuJ;8|Q1UkaRaYs@nQPOBnt#?7d|2G%0IL+}l^74hR6ZmGlwMr?K}XrCk(M!eC; zOEB6~?1oDcwV}(QPw7Wn%7DojKb_s~Bxx^2&J@M*pBjOU)0#+ane45NG4OL?SRQL4 zHIK{E;A}OuxUx~A_iDEE?7lqQUe~kka+N`0GC&72MVNbzTr%hS_x<-FD}0fL6U*#7 zcPD55&q@={q;eWEb1_?iV+pzAS-9gF?}1P0;fOtlN$d+y1;6HXZ!Gjd0nytUm=kQ-fmP zzZ^&>ecweP7LtTTPhj*SR*RP89un0CqtN<)=zW7b@6E3|)5d6%@(&x^&Sw9K$gK?_ zSgQhOVYjN~d)NGppGozcJ$sq3h;qf4jWseZ2rDg5Ik=X}*nixu} zMf>E@Wtt+4i#N8DOvbcQhE^cBraf*K&wZNr$HUTTjpGflfQ$}Ew>GB zdXkeNCdy|V`G#l$@+WO`xUq;N`3tY2rRdVr$^?SV)d`nmgQnhg$hg2M zyW;r6A>-|#dr|0qYv^tb-3vqaIidUP(A^ZeCpX4s#t4wjmj=n+u?^*ZHYImCW-1$R zF-$NGMMSmaE-Li&J48>zw^8D^=MgdO6=tE3?sI6|sdQ_)ZaLWBnh5>xqcT5p)0v;T znM`P)WPa$DWWMi~X8xaBmU-MQ&wSUd$ZUip0CPX&`-HlQHc%8}pr(?&uFt-jwGT%W zsATw|r_}xD*`$!C1#zAw)%V%RTWaOjwTMR*rX*R6$PvC6NvE(9i0QBIPZQpGqkK3_ zsh<%g1EI3)@F09MXt5xZ*5L5oq$aw08ZPhF(eT=Jvp$Iv)_t;b!8=i@e(Ghv-& zaqg?us+SPx>e3C~Tc}}Cb8R$gb_lk8&p%vdf`#A1b-pW?Nh!NIO9S0Lizek9?~G$g zYE788AGn8WZa0PBCE}gI^bY)u{Tnpjsi-sColnq|!I(f*)KBPF_jyiMJI3trHsnEX zCvXS6eoJ{ftUT46l$UyO0*w1=+_mtBN@ps}>%3D{t|#e<3E9Wm;0(n(&9=@vgK{om zI?@^5MQPOBV903E#?)TN59YBHy1R$WS0#<|($ydnAw6NzBPu^Bnk10oRv$ z)trR?DM+a|c#p6HVM$<5-sjH}GL*=^5r#D^0!zYQ2$I^51VkzS3^4m8i08V)5W{0O zA*y}1)v~~>ArJc|bjw(NG<2#^(`)cL(k<3eC7jh08M};o&AJhMgC0^1(S}jV`+C_b zD$Br6UP~~7A85!4ZV-O|zSjZoZyHX`854lj%xkzyP8TZJ^^QCfWS=U&NF zG8^8*oz$l)py5b)lxaaR$)DQGO5@Ia?o~`ZFK5n>6!(iMx~NhyMNIEe$uy)ueqmmz zG6*aQzdQ(^lUJzwQFdui!){v(`TjF&$TrRZW(_-m7Vh0Ot%=zA96ldD%2xe5Mbsb6Kx5Yk3(IBk zzFCwA(I0~72=&@bpHUurM$6s9Ee-XWguvx=rUf=4HxKJ4P`qU=&6jw|9^NgV1{@^M zO8IghJhmmQHEWz2yJY(Zu<@sJ;$2Pfi3Xi<=2&MUvo7@`FSrMBPfuQ>P;{sju^s8L zFJ4SV$t#`hb;He)YAIhRVB#>VowVk2@1&`c?F@VkXfIJ1ual-~?H>XbWIv5xAfiT1 z%IYPgjCTb*c2?syvlNk~6df#6Q+K$1OTw^I+CNd%k{ypO zgBSJAMHm^2y%^8=tC!4pz?47ZzOUWqfH$q#Z_r+1*pJEY$wikI$EHt-=}^Z^xX5nX zVWaiOy$TImrOsP&aW%#d=0fod;Xb2yJ*^b4YxOZjiSkr|aj=8h@fb}=SIa~Kwk4F)GEDZ|LL z;7sgwYl;#n_2)^H?VlF{_qGnDs8jz57#>NZj^1@RaP-*>O8xLus%7DwftD9%Q6zq0 zn3@jn1%o4dft0@$vdnAOe~LdB=)e9~)W@4g7Y>0YoXi|PTPWhwCE4&Mu|_KKNoiaX zT0M2*2Jh5)8@$sf4d{Rw`U_7&D+V4I}nY(ThBd#-x7Wlb`AVuqb-_~oD~03 zAPf)wSg!Og-{AG$zQNlKFTs>%gV#5aaAV&IJ7;)r8Xl>mwT{Bh3CtLpUqjV5GCs-( zFIck}#C#*L&Lt?yt>s$?Fp;}C(wt$8Li>HowZZoQ520QFru65?r4zka|6-m3lh{>8<6ln20C%N(5H_^ z{P56_m52L}j1ZcVTMv0vOdrKaBex{P{fq4}rGD6TaGW}^bqS@_-bZUo&^y!gq_4u* z?Or0{7U&mahv0U`FX8_-0JkaiBl@*DX%o`wucO6jn(;~DS5a(nT5~R8Q+YgEos2)? zV|JJmRE?GbJ@Z6xd;{6t#MNo$b;jaze$oeh?J}jlk1zi3{Y{P8T>i^_zC4J&Uyx<) zPfbz$Jp;=7C3-3)G>7736qj%YwWlS}ITq(qbl=L*ev{FD&-$PrrY1gQMOvr==au1p zWw}JjqO#i?7}Jgt!b^vFfnmry%>QE9Z6m4nWCJz&A4ci9nG>Nmz%r)AHk?3o7^H0b z1mCLH9+=|9)L=O7W+ncy$HriAbEGF#dxe zXB}j%;fk=jv0W_-hy;SjA5Ix!EvN2oGW6&BDgN~Vum~Sj1=}Jb0~%q@fe$vdLjsC(yMlP49GWeoMBf|1znz-DU8^aBmEG?xN-=N)nYJi3TJU#EfPC{p!OOYPQ8ad6y-pKUeMRanIS=j+>{m0Td6IM3?eTJdbS1CwWSZ3cr{ykAFC#9 z&?i5pcwKLw{1|kxX{7n?C=2!~;6XTmc=NMnihtEX_<(u(fTyZ=EAS+8vGa8X{sjj$ zzQ{?=0Oo?*AvM^|!E3Fy^u7~qs=QacH&*Q_ZGCdjlUnW-@1!c?heCnKvfpqL>_ZMC zsr`J}@A1Ycv=8ji9xCBxx>9Su{p*%GI!ET3>}7P#w${HQDpg(U6Rm%(sjF@vmg$IA z2;V^DEHM)rlt!HYkl&95p)KcBqjYJDmfOKq$-h4Rmj-rhblVb3p>QkAz$o17Tb_Q> z8Sso2TKACglT#PnedP~P(5Z?lr>C+!e=tdyR3fPw`fP zx2`tn?}%J|vLKlnhi!gcv4t}ty86IblIjcdhVa#CsK9#LuUvS!70W%=S1u@g(etQ2YZ?x(ie4$6Lo+o{p4MWn{TnF4K9a!%?JlW}zPHP#>m; z?kTvhn!VSUjC=VVdyPYc7B*DqAQwrqo+#O7Tvx(6iIwj*;|N!roh?mmxfQ)%j^1x` zCj;We5TtLNuU^?Ud9U&7&~tO>{<)L2ohVsXLTgRM14l)|fOeuJl!3~p4MYyzr(fR! zPwmqplAo!N{5%q51X^dBJ_C{3H^7Gk+5ZPhB`E%Ugku-`;+k;>PA)Ru`}!TL9Qr-! znvuslg!iG5w}gy(1B;O$5y$45h*jtjGZc z11e@3HOD!)DfO@v9_+U>b^$eK#qi`yY9 zb_jRVB}S`n5mUqj4v-X>w+D(3fG3s+_axJS;!oUSit?b40x*OWfI;pA#t)$sTCo(s z5J~|Ia!)d~7w?af{q)7#p+~c2PlGR#2(7%ykZO`ynSPdj6dxa@^Pf~N;Rai2@Sfo{ ziJVyuvc8D5hm1koU8T!VOH=6*tuTMI1LW`&e*u=?VY)<|d)KpTqu_T@m}Bih&#{mV zoFvje6kpsM2PNv()rmtm%@y`>lOWlm_~n71n&Mydv#(Pby&B10_E`o0N^c%? zeyA64YPLMf-0hj+Rag`SBvNAr&da6zj3C8#zz29Ppp!NG9L}E`aS>l$g1!>bGKqMq zglGMOkv30)-|2*c zVLEV2Rgi;HNlo!{7kaf6ou|mhUC$s^SS8Lrqx*sdoW~&*6{Vlznl(lhD}%}KMQTZ28UZ0c*m&d$@n{OpE3CqiONTy&x8IgJw;lR=gm?z7|(o3 zBK>LpWJC-?5-}oi(g`=To%APNl8LR*G`R$i7p>mU-0U_%M_$lt9fG#Fg7HIq3Xpao zyvtD7C&fptIT=9-iE*QjK3y3Ky#5s!!n5pU7lTtMM*6(zM;C3*fj82CM+Pf|i_nZY zU~Gks@qRt@v_k9tl=`H(30YwdJFV%H6!o~2FX;~I_FY#Lv*>oiU`lzo=%^@GgLNNCC}@7ggjpD||;k&L=5Sgzu8jJBN|HOBUWq!|#N2 zD&bx9_$KpYNCZF8?wIImP)AjYnH0lPM=3=b#lWOpmNbKsCXJ$GNeoWx7nf4}js~hx zT+jRBTO|<9Fnx+`5NcRj8)q2|{mR=z`jy1iMqJ%f<`DU4c&=WCc2n3-IMJD@!o}C; zS@Ujt_7G(5Od6LUtnQ7ScRlm@_eC?``+n99RCc$EJfDL+#_Gx`x{15{EpoPh7#=p{ z&MeHEEK63wd~F7H;Quo#f>OxlO|6&TDxa&vDa?8!<032F z#UP!LWea+~4XSNZ-_DvtsYc^6AbLS1Vi=W^)r_Wi$}2HHWnTVI=ulMS*8YOZgm$ z0P&vQu?1s8P>u&P3o=8$-~JVd>!V<%MZv@vMmfoqL`$lC&hmd=4^tUsB=D+K38YDq*AR@t*4+N&anI^ zY?5iQY7wFkG5j42#qXz7roMSdModDK?1aRTAU^v=UQ}`!k*~%K_0sWUR|P#E2NAs| zj`#+AFGx?Wze26im-7Rn=mtICgSX{{v$-ntU$mSHC$tryLA2D49mb(wZmJ{Cv{_jY z@azp{HN?&(9DlKw&gvNup(5yc$4BS2M&w-M0M`>GD}-k9#=lj*X-sXpd*j*4UB;oO zj$K)^{DOj=_?_vzchS*Z?f*BJ&Xn+SiL6J`HTbr4FFj8W58`7?ubPzjP3LZ@d%>8x zR&p}6GIj0Zjdbqfwf$+Mpy$s*twdU21IkySi%9*h&l3hcr6De#%!g>1fC99&7@Ik~ z8j@a^+fOE-1obtgK5lM!$BLQT>X2L2j$+4dhk9-C+WtK_0eSU8n-kok_oZv~72)?d z3NMu)ce@^K9`w+@-~gFkk~Jx!fdcI$8&0c=<&aMuZT+Zh zb*)>m*tUIuj!@9^d5BvU+mo6^8%Uo<<2`V{dRxo^9^swPetLbH^M9jw@ud2k$i55C zZ55R>3-Jmy=FEcha#e=kQyLsoK)mH02vGe0b!QaN8uE5gkVagpQ3Za_f}qAca&B4y zd3$S6%l!kM5Q3g%fmHb4azF#p%g7iD3Vhq#akBU+<2GT#`Jc_r*N9Ls#tESYcsQm}5Zq!&apN9Q|8qr## z$J1y?TU5fBATWpxKqmB{4mtXw8!UwEpYp_;7kTA2MY~)=O_<M{m*Y74c4u1Z~M_2_22fdP+!TST40=8b(pz;) z7ZjKvJ<*lwFg_&cHOPPz^w=Wa5F^<~*L>641;PrWMm$i1nT*}8NYe0H!) zmn>bD^*oDTWK?Bu1%9Tiy*gOMo;8fynzMEM)&OE5*t9XoInF`!BrpzEY0NSEvS9x? zX#J;c%KTWQX$Y{u!_?&vvA{jUyimhdC+%fxb=_my@T#imIaW?sM!U!3T}p}0)I&@D{P${!MxKp)x5IQ z@A z!(Sx$q7vY$AlDzx#mJRs_TyY)9y{XN0;2X>|J*%mk1qkg=;vM!DBUoOdFU%ZaG=s zy7c3)Rw;ZxMejWa!H4moxlYdDK(#{r>%bX*G#$tyg7Mip)wC3Kt&iu`cRTOXcC9H_ z!&~aT*+fGaF@o-k-hBe_>)9tu+Jv=yO8uNDS#mGpWFeBvxJR909W)%%ucjIBQr0BT zIvvMNx9qg18cxG@OlP_PEt@fRo#{SY7woJFPh~n&lBuLjk~78`XR|_{DhIV|Ehd!Y z%fW9SmMV7^*Lpz2Iy4pBKy=hOyz{1E44NQ*ymouofFlh|?yXMjUp?D%6%^v-$SF}(aM zMse;-MnUd0uDXt+YyROf;1o+7CA9kg+|2l^XW8*zJNHJdwKE+mzQ3JA3KwU!^|Sd4 zc&3Ip_n>D%l(k-UyuIzZuS=Ux2eA0_ShP8P2v}fMbimS^b;gH2ngcn<8-j=QqPi zDZ93PQX+8jelwg!zW}F8+YbCDw@KgOD3>(7}5JbXXCRdG9ft!U;i~$lpn^se#(w>#T6uKlfY;9 zjYA0_tnpFW6!T@Q)P1&Xeq)oh1U!=i+SLajccZo1hv_Mb8xYS`@~tb{PBjK48+`%zBG*24z$k&1 zN@+!#pvx8BuNU4X@O4EqtT)Yl{E!SMR$(5g2(tb?LL7HSr*^WsJDjvG6L|Faw|et{ zhZ@@CdNa-6(o@V8@%b_9%=9#BY>ZFQ@aF82vJ4lAXNi<5k|wz)2KavEF9p7mP(Dph z%Ss~iKhmK{AeevXB6dAtzA77-U+8Hqn^Eh$XDd8pR6)W=Kf7%Xz5T3L34hQE{mIl) zZU<<(Z@JR4SVPl2TKl$ztsG=LHhRk2I4yY1Uy3?^8Y->5TV3%!YA$G4gzP26x_8cs zU9}nh$!?eR#f<&k8HTs923@Kv5#BbYxSj|}h!aVy9G%9sr;^bPbCp)ox@5G-a{srL ze<@7N$!bj0kT@zuIQLl<)&CUlb_6_s>48ltyssn18Dd;9>L1-1u-DyFDbZa9j3U5z zurLcSvNT`1>71`z_E4EkC^JKM1}UYwuUvaz<=c$(Q;@#2a0}9J(VTEI{3tnn!*QgM z>ppJ!{cY$Eg~G>{R(lP4V2a)&k>qII+sK*f*RI-C$?`TvowMJSCi}K>E^hJ&xSOuh)j;mVHf7`K3v0akujyho#;r0*T7iB^ljo|3o#Fb zxEEo%gsdzT-64G^1~g9)tB6Iv>L@pH}$5>*=d&OYKr-EJJ#WU8eyuvV** z3$SvlYU(I{6=dFu@np68+7&HPNx(>W(CfCpX8)J5)%luzY?;jP&OM(me9cbZ_*yZY z2X6t8phmCRdf-(-bcE*ity)wj!HUt1!hD~B)mn!&I9G);DvWQk5|dy1@N1&*>lLz} z2)`bWe02z4l`R>oN!sc_v2cGTAU-b-JwJd**@_9I7Vo);O?-Gnl3K)hGae&(9}W}? z_vHccc>$hVP>Zl!CA9X=x!HQlT(Z;j)nd2VjMEG{26ZWCZpe1BHxxPP8*UEmC%GyH zYb-o<08?>)5ufD(<_aw8EFIbM|pC~p4Azv#gy&- zJ*$gDzc1kTZmxKB=E^^;d~M~$l^eXtRiv!?K=eLU*UzK#5U1bsY;ezG8IMheO)kYB z_wRYEIQ08%{4U{&AG^3BvtolczN$&6KV%+Hiu4L;13mns9kbJAeNloekcV5Wbr`q9 zZH2JfgKTC+QI})|Jti?@vE!cd;pNP#)aAxii2q}Y5ktn0ks|e-Gpy4rx+)2Vu2m{0=(OX zFE@w2h%pAn6_nvit9vKD=tEz`IDwf3OY!A%_ZaK9T&hiDhqkMIhi$jL*`_JfShW^y z0sLhq=4w(`Xe^q-n7kxg4qA!W$u4Rbg&2Vpe>uR_s&MYAvZNPm!nrHr9^y%9NiBFB zkoURCDN2|spwZgR0ivNAJwFNEcLi(i7RU$=;raqsH?E9_Sp`{7W0)9<&}1>+ z(;`0{TFXgUq>rQN%ji{y)TSa3j%a|Gts#FFB;T*)xic!y<578tUI_i@Oz7*%v%^%} zgH1PCL~4NcGVKc4^O#lC4W+Ir*1IZ)Mjg#qUc^h3LHwqVy331~zx(K}<@96U;H_LK%_!p8 z*wz&pD>iszj_$%=<<2T^Y}G3m{f5U{Dt11+0lxH$F|!g6ZSW@Td<8RXn3}GJthbx4 z8EnbJNOx2iy$XY8#S>n`&WCMJcw-Jd0SJd-o3?)n(WwZJ1u0tZw4WN=<-P%Qbx3zs z&+LZo75(imCz!Tz6vWP3;#OQYI4F*?d_e&>XeXn@7E91%g8O#JW!_lX7cz zuC6wIRhQOO41d*#sSZ6HZAI~8g9=KxJ&!?G3vpGVchDHL+f+Z!i}juEhj79SFXU=? zK@ZKTaNR2Elg+~{@+=m<;ljS*M>HkhO0^@(i$>b+pg{SBFi3V$T2lr6SbV{rx?Id| zDLmZw*M9MPf;frpE0OF1QEMRDQq-|egM5#8mR_r`#8! z${qawRqp)I*<+%GjkN5~oyqG?$`j7~+$mjmtW&|vZ;)j$=c8*udhMQGw!>zit`r+= z&@`su@GK3~`RJW`5TM=IE05xGueuh6BD4EEt^e+WtFOPw`V>yD zVuUjf7WCB4qA9Maa}j0tIieXzvqUpc_8f~}L^rUg>*zd&oLaG136!zg2?dgUpSH=5 z`#eX3rAY5!OH1kJh~}pQnxCc1SlsDqlbWu9U!b4~8o@h)B<5vI=%ipWF#X0i(o${g zbfwN6Q9zAhgmRfkx#Ua^J|~P!jZm(Z%}}Czd6HzG&+|l3`+$~rn6&q4VetSh#`{|sbr%}*_Di|RAs%meVFZS|w)4cQ+`eH1M5oZcT;p-=QITYLpdzoIu`D?4I z!dH57uP4we8}Au#BI@^y608_Rx+@*@7MT}h+&aB#=-G+o_j;y!2U0|A#QH%Tdjs?M zJpU0+2E#lA8NY3?w-Z;O>*Z;_CeLRB@=U@0m1^#fpB6QB_YB0aPROYb?MDOg>-D4y zQC_3*+diPIYxCsx4lHHOf6cS|nsV;@uX*0PCXe-+JUD}cb!@ng&|kU49x|LjHVnfBTyn{JG_Alb zunm`rRtL4dW6JXkZeP$Aw+bx^M(x20!KJdrr@^I6C8y`<34!t%T$&3r!0&zT0HS@L z*Z=iLKXdOr_iXo^&-t9s`JB)BeCVw@OP%i6_M3CTpT84!&HK&Atnd79D}U@k%~XaX zy*fxcdGk22=-!_Q`k#!`6E0{-~v~`(+D1E+woxF?l9*OrT#G znZJ?uo*l$=ww4Tlzq;+zdv;Sk?AGuZ&?(uJyD6V{X<>=BqoF|}lVUNK9>G;R1>A7R zL${r^>2%NS_dW7hWO}#qe3fNlHemYO?5MAHNMUKA)lkI6)vvl<(uJ^dO5RkiP_|)z zo7Q@#J4xz2S^C#MOV@8)_2x1c zwFtve@&35OJG}1SyM5)Kb^rR^ z+_PXQS5!yg`+Q!hjHLf;$7)*EuckL?RPXn(^sIIIe;-Avmv5`@Sm>3(n)eOvnS?%$ zm%w&0jomD%Lyk+=Qx8aiX~!igl|mY=Pv#uP6TFI#5R*c0(P_8TY?w3iM!s~$XPiu$oKDnk4`ZyzLX?|CL*9*B_F5DnP5AZZk~R++{C zNn_S%d+GWJ)U2{=O~HQ8A2*bq0b>>)dds9a=YUn6O(x|jCbL-WK~Ky~7Jq1Bt#u(k zxf<<<`qKv1V(bfk_WVQsf_eA?N6#00i!bUOp?UKUHFQH4{?yoAj{19wuFR^9xzb ziE_-FFquBzyAq}`_+|s@A2Tc8_NQ^a z?zXhdZ;r*#+uQ66Hu3hSD6D6m?j-1UANSkscF8>cii5Vk`DIEGTN(So>&<2h^Lo=t zRCFWpKy7gy(ct$2`H19L;U929AmXe>9Nsl-Z4p#VM{DX>V? z9b%NAs=F2xpCmo+xMn5E&pNhY1V@UM2=h^m%k57%S<0w<{Y$+m|J}sB#CmW1q3uhV zN64})E>UsH>FgA3cG8g3Qh5R4nYgEB$ z`8u!QJKy_)Z*UDuL$2KR$IG%#H1RK;KGYLJ<{<<&&t6*J7ZQaK70Rw}T5lb7=o@S7 zA%@A*tUN3tv#(3<4sbF{AQq`>W+I;7^ste7rTyV*rY+=69ovrvEJi=Pk8yXkXO<_juQxRv+OjHmNhGeX+d-WY+a1)v$EN49cdX1GyniuB+*5D^1$p;L8)|Ad@Q_=-{bM(2tKzm(=%WHOX&4k#~af z2x&h5PE?#nVCDZ_E@o`g6zn*@(*QdjX^bAEirZy+aHucctLIpZ&7g0;^-xVVhie~X zdf+$LudEb4nVsSfYw&*_o?1{EqyJ@Dt=3TB1aUpm-XA{&w98O$w|o0-wl-EA)D(@K z@>eVNO0k!C6TkhR4-mET=w^A|*{_9XBc~3}O&K9htqU8YxUu>f^jU{*9!|*RVthFHmUNnZGtv!1Iv&=Gp!?qSRnuf^%%O*r zoFf9y_hCI5mX_GlM(nGuNi{vGG)VPJ!(=N-`l#U%rAv-KqvO}6xytwC`;?B|{o1d; z9bEq+zHmxWM&T4|hGo5VjpZBbG0W}rcwIl;_&<+*uA_h3va!F+(|_z=mHpbnA6wtp zw^oxlIxbeEqZJR65giQ|>~z#T5^C`;y73&(yCx<)6xH?zh(bzsmdlwiBCPw*x6|me;?(1n|ArQ%Nl20pS1OPbv5R zX?=Qg?@@6}TKk{UZuwK%{^Js~s3`?Ln;S_DYaWliZW*;^;W1b=Sj)%a%=)ohc5e(lmh1mGIGeg-I1OvT z6Z7@ZnopBe4ZESatK@gXM;+7W-JR>-Z#?<~PtrP&M$U=pJ7UE#YWKpQWsap6U)Z{@ zw=QcCm-1_F)8O&CgZ|VO{nM}&&7afUxNWVd>gTh7CgQtX^|0X>)WGUTU^gyJ-{D@- z(O)X6Lj6y*lf*VTjwORpz5aYd(3EvF-KFodR7CUqb2#X!XdSu&ol8&JZ#yLf`rppq zBI{>;!Ok29_U*&#VsR!cuQw0f|B=VK|1*!9?Ex#P<03LtQ*e4L{8nz}iM|$LbbCbe zbLq4CT7Laf#sQGzd|(02&4=!WMHN_{nglCo<8U3ff?>%GviOmP>U@$oSDyWjck5(s z@&(z`?slBogA_h3IWJs%Ja4+oHgz9d6PxskF^haFfO_GP;R zOHF22ga_8GNY1+ke45g5=M<*v4lEm$f%Pl9C$YQpo`#flVcxESgejpJyYu!JL{;ww z)~k8kFNNpNI`(9d^5#sJ9-mtSN7+-Lp?kIMfbh)sP zns*eIT=i*{P4M+2+oC^EcMR{sb7@+59_+C>^`rK|o6as)3)6x;lKe>nD^G{g56Tz; z&lWxYAPBV(GH#+p)sMcC8)Sh)Qmb_?C9F5FwYZY!lEZrLlvrum@(JGYL+6<0q#H?p zUYD%~OQleVxJ2yww(&*ZmjiYyr8ElAGDWXRsWigx}As z&*$bILk^)CUl*|)F7=zk#vYtpG<-?`X5QXf!5UdhW@vH)>af5O-Z002vmgyKuos`l zel55+fL{4E@cJSB`fD`4H$qySKNAKFe7H5Wi^iUjq7&XXZnww477}~_j3cmvhT8p? zeEpH{X~*jPQ_7ArXJCyIxU>*F%{b&T4)iC@XMgX!JY%tOz{cQ+<`o%}rj(-p?<=?@ zU9Sf?d%t8#ky)h4(_748X7)7&eysvOxZuhmMT=H3IB#%4CaiL@tD+?k&vPYV22ILz z37I*#8`_{LcqlKS-xr!49-Jlg#bs$&9wqq)P2=jO_2o6KU`WB|*FqFyGQMw`g4Nzn z4u>>4fyVM3>T97H^{^axmVJLNAJJRt&773g)AEKCh}TK{5L{^z%ST=Jb$(`x5+$kY z9zt(IPaJ)|U+zEPZqFHsZs=DLB6Y7g7(DGwDcm?BpKd{aDa_Tk>XLZe+1>moa>FuX zyPC9eX|#0>UvB!%F%xH9bh+(4Sm9eQjc6{Mz5?w^cL0l>m!uQLfYR5nOK0LA9oiyn_7kPv|`AWvf&gQql`tqukbG3D57nyB#S!S=C zxpJ=AC74&vgypFEukyEpOTWLH`J(RiTJ<3CU{4oKim2nap?Amm7c9&hQm5(QIwk|l zSs$;E`)S2Y*eAG=f);9C5+m^^k>%k&h{=m(HeF&rL%n13gt~9? z7s_pN5qz?GTqtU{0<~lF92@g1W;&W+`+Enz#}aC$6ZU(qUK`r6rd`u=40J)w$L6s& zoW~EAi9>i60$*Wz=J%$sN4K#TSAZ`=nO|x?ZKJw(ywKLw9K#NH2yN)kiz@KN$z6PY zx+F|+HK|3$QL*vI_P!?fQ8Rzg5MV>7wvJIRhUG`+kfdF8N9SNK%ye|d(K)8;B;@Ff z{#248=dQk0u`kcCDPQ-?GpC3q-kK{n{s^NU7f8umt{@C59KNV+-4r7%GB9Qbkc`e@oeJ-6~_ z9{1bO-0bCn``eiFqii;3R&X(!k7M`rdRN~6HM@J6y+vnaz3ktU(pSfu@}>Wl&H`Iz9;}c1%W?bj@4zoucTEpP`rPgL#@k9| zX;0mf7QRCII3~y&vf0Qbt?4?9vc%X9=FJ^^mtCKsGv4GuSS}xV`>!8vwvTFxvEXJ* z0(}VLS*IG2(WlDIm&OEkH74&jOD?*!}(ENAWV z&~4nb$DQA21(CI5C~%scJM>9iA;HIv2lQC3leoTnSGdr74=caWW3j}VUG-)bCe%UN zo{Tal+>X;@P)hF@Ux6|PWe>WK!cS*!NjKcqu8`~-?gzSp@jI)F#3{sgAQfd=GW}N( z0cepRuK)`fDdG+HQ=lNQ^3WiRX6Hbe=ZM0dJpchZSwrRh7gmPvB<>BjrAI&Q<~iT- zv7kfp&Q`Ck4{P(EJU(x1zOlpdx&i&I`G8{p2cR&EPt=?<4XN%Z#_3B#_5BahyZ5(s z-}}eK!YnR7#AUgcI*7h7>u7WgdLbkdw&P=jyI(gcPOX^}inp!?Ama zMhE0>DRLz!T=yz6Th@jJp4JUk=Q@huLjfu`_Yz~vTAi__*jQC-Zds#azkEtnt?MBF z(KJb@6q)7GhSITO%XQyK*7J{nS;imj$wE$pW9bV^4i8H%+*V{Il{G{sA%P*0a>V0j{jeQ`btnQ8b4?NY|xrCdk zKS#)=gUXL4zE14iW*(gs^2z4w?irnzYFXW`Lx(@>kM3nwQ%xNeb+AZTQ^%gw zqNV5kh_3(k{^CL5BVzZnhuEX+6W6g^1H2dIR2nlRD0!=7?ZN=s;;Cbm72nFHEC?WlgRXSHCNIjEmvsd->(qOfh)$y zwkx`h$MnkXpl1tA8{`TI`(sWJ;n)t#Ybw3E?!KU8#>eh`20=V8nd;cU5Ff z9nl}Sk}ijxsDq!3^w2ohQCURWe8h1W&yv9GhE)XDUUE|QhZ z>Q{`qvD&hG{T0ee(&+G>Bywj=`7TqBB6F+JYk-RpOS*-#6w2Qb2K(wUV(n#zk+?!@Y|wnBz?jubDe_Cx@k!D-(t4B& zi9OoPg%&TRsl^KlvlzyWXeL4bTNTh2?x%(Q7r!<&(WPz_N5>37U8_5@;gL}JE=J}& zXgo`INc!ma+6L1*q!{gcZ82PA_B^~Nh8&Tz2^DM)=_P4;OQf+@3c=V{8aGSk6ly-w zI?$A=ol?#G1cutVVVgWRuI*~g;NA=uoFsODNS$O@sF)KKZvLW$rhnZ+j3*>PcS0iM zIQ+~Hs^VQ=LsupNW2Se6SgS~zT8XiqnSwGCQLix6D;V_}hc4tgf3oA^YINKbX`8;&FHMXyus*e8PKT`o0I~tGgVlXWm;KT z=^lmIcis8dgh*;OipX`n3;5pKmbLC5;@5xu%37PhE^>c6XY{lG(993tX*yA- z6%V#^I#uaTlWw!prfP(@8J$kFW>Eu9eCyBtyh%!fCkr(lZskV$mGWB$Hf(~8#j@&) zQh2>Vl=90()i!5VIqa#S%@h0@N~ILS$6S&ep~SVdL+w<&rE$`>a8fPBS%_=9$7mMJ z!!3%pric+%p)}$pP3a~nMK>6~sk%Y<9j6N_9kN%Q+9*Zu(3X~4153+aSC!A*%ljsGfA7U@?sLR#n zXdBVT*!)|S>cFzOVxyE|Gl?YXq-3c&**xUqpbksNz^x~xwU&_0+2R1me7fDSos1qP zIU1YwA^L=CjvZ}&ydwEOr(?ET5~5EFnnybH|qN2HDFIeb~PEz&l?#@b>|M<~8bZzIFXvq?O@ zrG~_vlx9>FW6Vd`!fl(f-xp(S#hF6G5O@q;=e3CI#6$S5>Btk-=3IFld)qX0Am(t` z@$H~(>m~=A1V?oFT(h5jW@bp^9J9jyK<2#{Bg+!d;xjT+P@|}F-%PDGg*xD!+7|CT z)TRlV2aSp-tbD3}L=3l?#R1Nk@@3h@CZ${p(JNpq7$|WX-l#@h29|*< zKz+k)BgFw_5w^x=!@6BfjnW(o(UX`6Tc|DAxkKD925g5ld|UXo04MwM3+6qj!dv`GSh?#i5R>8c=N-EGNO#O1vubGN*+D4 z#4+N7;@2X}dy3c~+L3c;*-UYUnc<{=+3L)wi^3bT#2=;T`oXA`L4=)*9V|CzR5Shdj6Ba;_Kp)YQBt)qY3JB(Pb%zeuSrKHfCpu z$tdqfjC3jAnx!gFkn1D&EIm{?cw zYCo8YU>uAf&WPOk*UWI77X-m+mVW+gf>~{@sx8d&{bM|UT4W;}x?v^rN=hyVVg~vF z{`X5Kih?+8$c!KjL?8y;hVAm!zpSg-Ba;dfF0Z04MSKiL9zC*&46Gg3z;sww$59 z5T$sT{7g<{sa+CPy1ZPy{S=(LQA2u*gVg@Ut*^aI{9U!{?t^_fd#GqKspVahr#{80 zIY&>aDq9t8WeqQwNVvRjVwb66!Dl}Wu6e+>>yj(V_^|@8GY~F+pMq%8(c#cEPnvl$BNw&nzYr^IyKXV?(Vr zDfqO1(d^{FhABnU;q795QBJbDVST<9-VP{yU+~N8F|%WBWT4Aozb;XCy1qyRH^!l* zvvB2cU4koX`Nw1~tuU+Wr>>vU^A(Be(?jd%3ppl|Z?VEZ3szjdcZ_Fb8Vf z)rlhH!3)3v!8X`+cT^|cYeZ~e7Vqkm0+54`yI^_u=4-7|h>8lU7!0i+*xc-XQ;NnI z8-kfru}D>B5Ct3ap|`HP-p(h4Hel@Q;2nFLY9oPVRANX3eN`+nfiF^2K;rM?ion10 zmM{X`VC5eZ2S2vM}9ZmTFiEJT!kI4gA(x}Ys7#ycusM>+QDs0vEzIOs;)uP%dori{jr9;IqunUh28lrZ%quFOkN=4&d9}v}_7nmxi#n-LQcY)bUz-f*5b-$`$q!)A;lAMc!t>Or3Uq4`w_% z+L}4=;=0VRMxlJKDfr@trl7`pRYU_z9ndzG(iqr4Ywva^w!ew|aiWg|IqOw87uoOq ze7uinKhwlw)L-LuXd9X;>4?W|kiKfdY?4ynbj^K7cL4eXR3gY#%T{B@tY+(KE3rmJ zky3*g64~t@(SEUq2W4EVwJJu>j-VVc!l~QzW zr349Qe5EvmR7#PgqK)Dj4j8Dbl)`Wg(Fr3H9E#T0=ol%U(3l)6jU}7A-8Uq9S6fr? zG~iZpwByQrI%+HAj#ZMfew}@dwW^)WsA}hOci6d&z&hQWD9-*tEB2S*@iSGt=1%RD zx$z#nBX!IAXnwtl!-_yFbKF%DXRDHg9bZ_P56QwI``XZ?B8@$Q6#}*Sp{_W!NZAvy z<%7z0yH|DBUe6@qe91ZF!2jK1$H47k5~VkZef9UCNi#+Vs!VfK(X`&yH5VOOhGknb9`b}~HUj5#y?Jof(rr?*U1 zJP|#@J}~Mo`)ek8;Z>7=W1#(@i8j(Wl`}eOn4QEOWb%hN%q4LFc4ElP#OTZnJzoqP zRyFxC#>3zksUxjg>Gb4BWFV9VXOM;=Da6{d${OD6(6&)!d6Yj=zi;~Ig^f`m_SL2e zoWHo(w7XRcPdFrSg#8^;&Bcd@uxkY*g*33bNtTWjaGSmPbo0a)7MTdFiY@8BB(K_W zs?Z<2rOgT(r~_oWnk_~Ho341;^TE@WG8)C`&!Zjdu0evZe4Z)A46IH|hdt$3cy2cV z>w>^l$TOq9fN`*d?z`p=@2tg)Rf~1(1{ot)ThpzAm5#5s!pq0FHSo8_R_h(^w+{Dk z9^iL0Qv$IHhwl;n6VO%BCGw6qDVWgI_9pw4z}Lwz-3UJiFz}&lj3dr9x-(81KkHbDg!nX{PwN910p?v<92G7)C9xUNv3|q&mn|7$^CSb((d9)z5mYSYtkB zSs1x1G79pYZKk!wnZ=nFYN@FU6-m;Zx(G8ZF1Fm1+f_@Pvl^qk1Zgu{v}SW&dP|_F z%zY}7iyLMCIPxy!vek3_dK|1o*VM&|A4B?9fn1KX1ZJ$sJ<_7h$jE&hWo^UT-V*T6 zgg5D2-jNl(9(1Ag4qkYmwOlAxWeuG5LcMn)uv z^4;+8I;{9ds4*Xr;p)10F&#WL=lZh4M;n&i(IbCDE96$Qm5^aRc*_)$*wJ9D)`O08 zxu1u4Ix@?@HS)mhdyj6H8 z|9JD=);-cM#cQQ2xqGDFEb#S^$GHx8iwf3CO?0jFE8cuwdc66WcaBRJi-$7)6*Cif z_m_D!PddAO?EzD=VyW~iEvtS~oRm|6miW6zXw%^9I9Htq-)gvfvVIZH>lpM448?}r zY0d`eBAxz6XHi4*Gw+i9Pl{=BsyF&l?eW|R8<(&U8Z&a*amYoE!!Fq#X})d;ER@aG zA8!u1->_Krf{Ih{qxF%_Qq&eDDw;*z{-HU3(BtIb2Qfi}?8Nm7)8I1DnBII0@XK|N z9_e()oBiL_zv|4>FW?P(q)3ZljlNi)i!qLw1^$NQTxRv;GS34U0b?9kb?4FlYYfX(Z6?(c788iG|ZA?jX9gLfdteG`{mp^Y{U1JHJa(wgq{-pw=2&AnRqT-)%-n zDNbSr>2^Qd!Fn-GWG6MrHecBN9m0(rgt6+-O{XrqJe&;wB6jeRyufefOCyc-SkYr;lkV$p#=Dcc z&CmC(n}bTRMj$s>D`e%%&1y(KCm#J;;VGGik+ zt|;s?lw)r27umi|MP0a=FZZi{RqD*$B6)Se)xlMq>)0VdP*<=qvc795xPKC(&w!MA zhq^+!x7)qXyG81#YHZdP%xQsCs^Op{>C8@Wz}w9t>WHtE^gCMpD8G?w_0#y-ceHBA zHzKk7c1B3ToVxYq_pyFZ*y)If3%NrC`vKI1UR0FXs@dJSIxcRfU5yoJO!xaeX)91; zv^dhfZ+6Pw>{X{5r7+ZjkN6Zk&29(p3~1B(Z@W(`#NuI^gq&Idw`i z3m5Ekc*zByEe<}2Kh4tKd;QgqYTEdq1aLA$Jp+9LTLN9+aO#H3DdWvQH?dWIhx-+8 zVRedYRXXpWiGB^#fceQl0%?N6!6m?kmflh;0I-MF!}So==Bm4;%m-~W;R$wG9 z3*6V`{!qR@x-10u6}UHGg*!DQ8NJnoQ}f+!p{v9FWk8=@-@TSJ(Ep$r>{3mt;yQxwk>jD1Q+2MYp z!`W1C50gijtJZ>LfrX3$+|e^XdodryWD9LtXzhGJhKc$qtMTobQbmveY?^-E5z^&; z7IV!Uzv!JhFyO4x% zrACJDdcCN{+V3xt5itgPvhf?~VY(~6k>BCY`h?W^>X*CWGc+S5{R`@9T{dy*viZHX%Tv)ZQ;$Ha!^7iCXq%Qp=?c!q zS43c)1nc;)alvRUqc}?Xi?Zw`??)60v+qC zC-HQwonflVwq7(EW?_wm%@H%+Yg}^?BOwYNO7N?Y`*8y3APE93Q#`I6)W9chP3=- zTblT$beWV$!>I~%F(q47ULvJbqbFtu(qb9w8Juu8Y z66TEQxSt1j3}8jrv$(zvC>YUo-2_;X+d_aWC+390}vd{@GvI5Qqt#@NV@bADJ=bD zv$*hN^S!w_71R|Bt_S_ghv`mq~Pi~&J;)@7dDv6xCF(i^yomRscc+z`VfutO(_su&=dzT z2tD_i4)7wS<(S7Od6Iyg)Ro^!%XWSc2ueU*qr2keutz$1$W*E8u}+~3C6`u8Q+GlO zZ3ncCb}01^*oI`!miuWU)-B$`O6etverlev4?VXNwFOvqqW5rJw6jFYtFDwL(MstR znzNT-K(Ms#14z58In?O^PF;<5t!7+u6k2jj_cKkV@*LFfO2>?{0AQ4FOtbYwA>buI z?;Lj%@6umZh-&c7On$LPdhx!htYWO3U&qt`NL5)D@YCyYUyOSNRvkpYGRFWpw0}$| zEM+med)`7nWcw8Y$=9U1aaKJb=-)phPk+sFaKg{ss!R=}?K} z%7Z>n=iT55uG4X_hV_cgBEAedwiz*P3*N2hgb%lOdpMX3^w*nG$`tVO%ifjwo=(^- zXS3w5?d|SIy1LyHJwCk8_#og$e9_@sc$$%(Ufk{oVPmPC^YJua&#IJ8Kt@{i(7PyC zn$_vP(8VxY1~7nQYDIZ%G(xgJfMFX{&GXH~u3!)wT!m2HKeH zoY)gvnwR<6AfGQBU^BK*Pg=~^0?9bkg42ZB$|N=RL70Ey8BU{E zBWY)Jxf4Bto#>6jBW&Wuuq^@h^bw#q%9G85$;sv@fImq;A8_Fk77>$RtebSZ|RPDLi2HWyiIggI5MTr%w2ewvb?<^wx>J3Z4sK)xv z`-Qj%t;)i!bu=bqCj(mI)Xa>dQH74 zunZ!=tECoAnW}tmDFRlbveRZVX{O%$hIl7 z@I2Aqw|_|a+|2lkgYg>+U5lJd{lzH!4sMJni`@1;@*=J-+9#WABQfjj_SS|w3ma1Q z&780Ct5<=Ka|Lk;6)92(X?Jh)4BbZc$1?A|a60pz^LsNVT-ce37N8Z7{HilXH-wih zOc;7DwCn?Mz_u|W@~6RN@uJQ{W55?DAtnd8bBu0#*c+knNk1C<{)=(0p5>5@9D+8w*pkXTmNF84~W#oq4z3u?i9_icc_#6;WDrmOCUIXR-EGVC_4)=lP_!-F=@o0AsC(E0fpj@i+O8T5Fa6=g;XurBEhGI*-E4#7SzJV+uGgVdwA?T9L&9ko)}j9Q6l zd=1R)a_^9KMsRU{SlyO-uD97d*Ilf2s9Dphz-YrkZaWL>a+|%(qm6Gh)b6hTl+mU( z)a52W7N*z8{FoY?*emVqcRhX?A7*K%u7}!h@?pA{Zt`IQ?tA$#CSPNG-OYR+lJj}2 zC!hJq=dOPFr1a#o0oS;meAupm5;T#-b-6P-s2<;72FFD5LG@$XFV*(zL%FP*JY-xu z;~`D$fw%CGF(}h3-K=~6GRykaeMB?yud1?PB!A%TbiO~?qke5LWf(IU z?eMSm!Pztps{>;W=DjlGu&p*oi9+i_9cOH{4BRps>&^qb{I>f*?<{Fa5=^h@P>8^^EC#wU0G{_)b;Ya@7_{ZuZj#C z3e2Hu-o{}T3jwz1W}sg?ILx3q-dgBqF&bSfsr9F_A>DJxnaCojWIE> z-?&&?rG+&Os-MJ0Bi3B%*eXkv$hzi_|LvybI|a_(loPi<8zW z?8`tGCJ?hClm7?am13QY3c4(T}HJ1+6(^iBw1Y-5U<4ZvDV;>A@+A6 zs~Iiw+Kd*OK}OE0i#2bNQfJh+V9mbu^J+RGzJaSKKwnSuD9VL0ru#VDxkZY@Y&Npt zY_lpP<;70-M_rs)^+Mr(W!e`_{@4$UvO_;I_vS82xVgTC5~L+MCui11vRu|-XVTBU z6QzUGOPo`uM;soym4x)}zE-_3qgnwR>4Y7*)q~5MTraRM6Vf&}1;lJ@>fP6{1PP)p zpMw`IB{V>ubVB#wd#`hA{sXHvO3_s* zTDuhKab&HOOxRA_&gTp( z8BcM%S-p4hb8C?kB>2uf$mO4_m#qFbtkeb~M2iqjy`lJB3#{b=Mq}^5KW2}VNNO*u zv6I0hs$r0m`1qtQd_T#@sg;C;I;ziyzT5nUU4PpwO(M#)5PKn>2RBggG*5O!JJtC) z*gf&5hQUln<>#&}>}e2-)ynKP9)*-~HF^WPRoGcuZT^RKdP}%b>tt!ibTmp@OC!#k zu`pwc#t3<-_;rgieKY3V6WHTsxt?hjLKr^{d!0T_i*^n2B}|J#)}L4=WJYtXd7>Za zZGDR}o5lUUGbQpJ$UE6SIa*n*sv@qKI^T|#0(2~(`&G$ktdg~Z!bFV-yP-N3P9aS& z$kOy~_ltGCxIluoR0;V?Q9snz8a4QOqw9`h$vwft4=1i~E!YuuP^=$_>#zrBUlJxZ zR4rX^7px}e&l3+OB*jcrd#J=h* zlQe`t(Ds9c<;bwZmuC`U9q%ra{B2BU+1TQr30bu15M-`;2ly~K9@T;Sv{i%?yRZ=) z==BBJld+2mf7P%s{1`02^v0TkP-2S_=VcSTd8kX+wiVc^Y||4iacBc-pkw($ipu2Z z!w5UU(vqXVc^O*`u=eu)XP4%PWuTKa5@$?9z5ediM>4*bm6_tKfj58}NokBU^Q{W4 z(CSZxRt=9_jb!-!4(z9IR=q(tE8pNYN0=8tmz0YQk@aJkCJjY>Lb@J6TQEG@D z%3o_i^P(CscU_)ge7A{gnJlWx;BD2WEaPl*KnD}00l-m5E$c1TQv;hI>$z+)Mqsz4 ztce3plWpAG)Jvbae0K7PVJ+>^pMxDJ*mkkh^7+C9E}5RA$$kw?LJoiH?L=97*a5_gU!5l3N`1l=0&{>v*RK~MJ)*U9$U%YQTe-?5B+u|DaE)i*}`ak9~Z zS;CM6&#EN8J`0w_iK0!d>YS;w14!583NOV&!x+_lp8uq1p2dyPy> zk<>kH>YIORS7T3y>O=0+imyuFlcm_Bxr<^(qimE`WwEEFZ2rU!kC_NPZZ-|Uo*hmt7%iZPrYD3X7G9*^#=>I|uD3`k_csTRCnASi>5Z5XT%a!fH9K&1} zfZ2{<*Me#ioistyz-qzXHFYTv2K%snT)asxAym%KiXGJe#oKj)(@Ul-oh;M*Y~TUa|_RTCTOWcf5fF2G96K)b*Qc>H-$gYfg> z1?-Bj@Uh)o{65qY?_7gm`G*d}4ovr2d^6eznu3Yw6*lAbe${hb1mDlz>`Mn5GviWNc@@R>(Hx^HEtld+>Nfb3Mj} z(Z+OKm_B3y=7}$wM`eD|d{-uLHx_&yT2R)Y$z=D|zI*U9Gr+kRp~HcZu_e8CZg%;H z6%B-zy+T}6?RK|!!=JI98!pr>&!|Bgx?#^Vm4-4ZZx6koZI~~ z;)5y{*5J&t0{c)Wp)FbQIJK!7AT4#j)meYzg=MtD>u&9&6*lNnQ@s_x>!eh|=@W9l zXiCUu+TNMxAi;2DNyXP+SZ;wG1ngwmlRoA3iB30cPoV_Y3)nT~bP4%OABTiuqp~4k zFtdk6p&jaV*FxtLWoyym>e9;rWCI{u{2cX!WzH^?W!c!o=22~fTF^8Qy}e^~TS9J* zAGD*e?}YdI^-bBRt+I>ieKlJHPakJ$xO{$mNE;VKPxa~*3+SWKtkk|8KuZwQu-*sG z)>0C+2|DAp07yLdSled<^e)j8HozBH8w}+%A`1>Ix?!9*l9|32GikV z5}_I?M(0;b>@`fEy0oT!h%OMnkvbiIqjkZh=bD97o2cFNa5%I`+aUjFSC)oiPeGHY zEK9Wql@^;US1T=wvXsb3n-0J9F6_+OR9nG`RU!5t_dyb}-7>H&RF+v#d#MQ{o5W0X36XKNrGww?26gBzvcHVrgz|F{}r-(*Vs(K7!? zn~GAL={#YKC}*dGjV7ka%CsOua4zIpd!v+K;c#{V`~B-ew%P1VJ|aOI{?R7YTT`2o zs+iV2?c+Dv+(!<{`U-tIQ=eCX+oOG$BYbv z90eUGniGb*Jy#sN5m@RtrLKUExo-Kv^=d`nvuR=^_> z?*puCE5Il2F(x3Exg$MW)28-IhtwCk0T1M$w0mbj0*hGJ5zA$quq6Yd^C|C}SPz41 z3DIMW{kt2SFZyJXlw#Mk?NDplX8UW}eiQN&_(ruJb)BhzBwrouuV);dTAwuK^A=*t zsF;hiIo@H@GUR>c6zqn3-RWKuuNM_tgson1dq{;Hgzjf-)kCI2-oU6X&d0)D9{dWA zYS)VvgmH2h3rT8cBi`kigWunw$3zSi=Y_P;&h)>qYPjD;y_gKmCTM1C@w)Y%+-S~l zrHN6rA3T|IPcYu%GwdH+?%PA~hg>+BFnyGx_HUq_2Mt!}nx;pxbC>mf=Po&%&s5>u zW&aQo`Pr2t8l1b7Pi{gF73VG$8sE7~U)YJdZpLkqRT(}mjABoc-3>2femhhSg*B2K$jW&U=0Wc9ly{#3rROi$)~$a7aSGgwsxYc#z;MT@hiJCF`>?t=s0aEV)(qKsJ;lN zcsbs6FCW6Q6U(NSH6c2)k)2t_IjPT@cA@+Vx%_h||9iRoSn+UEscFEE4MWC3qxSyj za#Qd*#zmRKd2>{h&YWDWYp02HLI~<4U5GF<4NrEKm3j_Yta7}`X zrvZcg^4~B8oHBIy{lT529h$3Y8N%@!P3htrChnB*m2kYHNe$|y#d-Hg^Ct8dPK8h5 z0a6p{2aP@KN7nVoaB6i)n$sEZq|3u{KLM?L1MvlkMs+kPaBA*byErUA*uZ+4sgHL3!uGOjQg}WtKgX(r)#j~f*r%jh(QnK$-`-`MiEnvLi zY@^Xsn58>N@8-p{YSd^tYZp4640ks~f;Hb{A`QA)ghjz(j*HazY~5`Gf1aV{T@Q?^ zk6eT6s8Pfnhc=4h~ z7e4*WQ!5uQ*C*>!^@e-&DWqT2M;}}K)Z*oND;JZ+MTL1!Ez+mnHDbZ@D;Mh@?|B}T z*7HoNb_8;#zIu(m8U8o2s$dMs)z*^te(=z@rdqgy#Xr-*UV&`Xen@)%=C;{6zkk0= zUuaC?28W#?vn)JGX}Ct7d)~;W{_73e{p9ELF&wPy{o7qMmtVX5G^u@R03WDXN)qcS zDZBhU{dD3EzHHe)X!pneI#Z zZWa0W_Y>)bJ+G2EOO|lu<>mC-Z@(pQI!D?4k|j&nJa%N){pz=L!h2t@ef7h~K24T3cP+p6)Wo*C20uFf#`Jd@R{vVLYF6OP zp-)Uo-T>P|kJqMq-v4pU(B}=Wghrfn&Wrgl;fJz2UpJjx{GZrT^Vnr~PMG%Fcb@u# zpIum2{LY1g&EpPcUz>OI!Mh_IijUiZ+vaYc9`Vth)%R`;FMjg;*+-(^H*x&#vVE#^ zho3IYr1RE^mHSe6c@M~q^Q-PYt5);F`cb*bo z)%^XA_^;yUk26G#{5|RTL*6HcPrI~#%bTGA`y;YaIduh1;6us=8PQ_a$6fBo?H ztdU@Tm53A|p@@M&7%j-|R2j#D)QkL-!K|NZot>LwX1(>ePYI* z0ndM7ckgaLoP7WCe_btF_Qe}{@h$(DbjR1KqxFU_YhG&@(&{|<{mbWDiW;7}vTFLv zH$HiK(DHqcxs>mgo!IsH%L_Fh2DBd*%I*!0%8CvhNBR_~QFt zr+s$#s{xwBZ%v#UpnK!^V}mn3Hck5G@R`r2CcU!Q`$pobxxaOMKmPrvzj<`foUF+k zBFs-P++}#naF*dK!&Qc-3`ZG$GTdZ%$#9b4Bf~|8hYSZ9{xRHRc*k&#;Tyv>hGz`N z7=AI_VtB=His2K(C5A@~hZz1a++ldbaE9Rv!xe@n3`ZD#Fx+5x!El1%1H%P|2Mh;T z|Fgbl{m%NF^*8Hl*3YbuS^u)WW&O(fl=Ua;OV*F94_W`QzGMBy`i%7#>nqkztdCg# z+#L2);inA*Yw!Ex{etAbo=3IsDaiMp*Y-Zj&wOCtBYW=u$ewRTMl?eDvXT=K{$^Ts zM|#Tb4W+#|Jy*qT&$mSnx}`A0?N_ziQu-ce%hQzpL3z^BXD`lMw0Jq{tP2hyYL%Z- zqwp8Bd;k|ngDBw$PXwYMD&hw%{$LUTRy~!ZlRQ#Pju1+VvHYVv6{wP`sg~+!IMve> zYNWZy5$`#U=LJEbP%2d_wc5{5qw)9GY6D>XkL9XFzG~#GA^ylc2>FMSK_rR{C9&Ym zN0A96gWOLRk`-hP*-eg-e-WU?^Y! zAON5Mbk4{30bGC!1NH*m29yK-3Rnwx8L$Gd6p#m)1DFmF0rvn# z1CjwTfN($%Kndua$E&Xct^ocG_z9p;p-

Hg>O4aw?))k}I%)qlOq5=@O`_3y)Ma zI@_EAlpqSp`Zo(ugD5sEaMj2muUjiDDutRT)+ncLt(Su~EZ9YSHwy<5K?$sxZqD$9 ztc-@0B9_scsYt>ydTD`ct$cHR;bo)zY9&(1H`f=2`?CH$ermX$W7XNWN3QSMVfRhe zE7Yi{n$x{DlE_s(?0a=j_!s)#oNELXM#AXp=AN8asfZj&{b=~-PG4bpD2#pa+Izyk zte1ldA01@jIDx2a3JUa;6g*zX?BZFhUp5x;D!eL<%f>UOx|%aiPA!?u8BY0b!)%kz z(sP$7>M@9j3Qbd~64{C+JoPMq@HhP|)%J3{s6y>Y&l`kuwd}#lUNyHb`6hkb$LLf?Og}^Id zt_tfDJSD|&N`WZSbE!h03ac;f0$0yRuUv4s=MD|p`>A=oVcv=O069g({X^I4d&2sYb)r+KYUIXj-@C`=e_k(l*RWxF3X(@HD3b`V(kBpZ4(n{CVG@eLjcVA#vxwZq z){Q&lu1(6eQXVMh^yQU%`E#e-ndy^v?b@5}`^wmge@YfmN?4=4zOhr!^CH;jt1a4H2=b$jK22@$WQIF$+z2k*jgFY8amcM~rK_<~OUYsj}Uf&21r zk9=G&$NFyKPbob&*NPaeQ9gF=i)cCIMb#R~_v)3DdO4?66EA5~*3*+a(KA1eJs?z`{4ulw%3?`fheqfR7hl(;lI z>?XI%Gt`G>RZFRxD4Ho*e$c9lq81@AKz(N7x)0`<{dhF>{S0`?7lbCZ`;Z&D6BM1o zLrX?1QE0p_K?XL*N!{RT61smR%gS%FeX)7@>)EDKf9E=2Wi~Za_SG!z><`~Riy3Dy z=>ADIb+h}>!d)X6I$P1wGj(n=dqw8mrDtgW{yKR!qHew1!2PCy!G3IEY`=!Hf zV^+=G`tHwwj;=XWhZfK@SaSG~+wQ<*H76s654~4XRLY9_zINAdijt*|-CJ%-%knec zquX|{qCzJtOq}~y<&SA&JAM5_bNwAQq~zRat?`#>x~S@MvWLq_J~zrW7W8=oZEZep zh=*EyywP`+-|ItSN5~Tl`P-VgzYTb-JuZow#QSAU){9M_POYpg2rG&nR}5v@p9JZ6 zT-0SH$(0z7q%>Vg@R+P721HfjvW6s8m6CdVki+Stt8zq_qWGCY8|rFp`xI)+@J)VU2}?zN-U4=Khq&%IAJ^BgMoBoJEPS6wPCCK|++1a66^6 zurMHnDG;Mk*E}mOCu2$#>yrB<9ubofDIS-itRdGxo=V1*$ojmzSX|V41x4=@RM-oy zrdCf!ix3F43k|IS?`q*HUt41!D75%IjlQ5jN!8q4&51}gey}wbxx;_8uZm^<%EQbm z(Ve0IhnOY_;Z%IRt0NQ$dYXNLC+PEZRP!;ff;Z6F7OLiLovp1^tSNsq6je?2VF(zp zFPQ#1q1P~dT&{?M@#HBvsV@_BKEJBTA6(Og3Itw~ zto+WTn9_R{Ro)~;xmg9gc7xi41*vPY1woy!SivnmEGS-gQ6mj-%*UWMOq=W_+; zA#qg;fHSg+ui}~%(bbg1zeKT^7}q4$r7D>HxoMeDqEg)A#;nCiapkoxzj8s7dnm8k ztf?QbLL&bqnSJR?g|ppb5X)XiRZADeD4OBr9*g|6@4>BhgmRXbG@Lr#$=OoxA>0Ui97OooDX6 z_MJ@tX1d$wQS|HzYP9(wSeci1-n$(Qf0xqJWIN2*&U zScsCQVL&x3#_R~q=PqNwJ3AVLc8__2!l$Z=3V|U;NovJZ$Q0nz@{l^nqjD@J zkw~E=tjus+s$~>4yC)~7AV*>nuVbM_4GYIl0Gdk7pX?Xoa+F7UQ_1ywOp-Ne&2^DO z9FvLyJxNhdsiTB)^J`qWTzY;HLvZHF#Jpu{3e`^tolyzk8aq#_v1A1;qDoRykj=tE zpQ`jg;A*DG$P)s(qVTZXlWUaO`d&yiOVF4iPZ&^TU2;|BOCKXi*pL#V1Bx1Tjhn62 zx%DN44WT)ooAce<(%H7!7+6eqna}5o0o2_}%tf-MZV^^B=DwyzuAwY>UA9&tlVilI zq~cMYRCI1gL2ige)|td{02VwXO~RaD3{8(v%M)6Ukd=L%eY9gS!Po|H{cF4^hevO+iHguJbYGMt(KmmOc}Y>dn<%0sksW zOupDwj+=5u(Qe@WGvGE0KcD6#;NjiC8wSpf&w%$RaJ~;9Ug(($|8K1sWhT8jY%-j% zm%|-ViqM5{3c_lH7nR$}7oxhEsJ9ND;<*Udz^7Y^hip^Wzo8#~X)9n)q5Nw$qj{_s?T=c0 zV6i(U7)IWX^W@_rHSj_+2A_D1603p6E{O>yD-gQal3Bl~LSl2JAL@2o8DO%thYrXp zbhE)eiS=Qd0)|w=e^o! zWl4o6pxY=BuBH0=h$xlI!zcR!`obr;OX;y?IaXt`gnc9`VZ)ShJgp)l0<9Q(2sW^d z*hj20ZL@NVGgDJAiyG{UswxhS))W(ESPozXI;RfeF)59K)0mVOMZlVWk(UpMnxQrs zHhYvqJ?fLx_+Tvqiov$2G{X8t2bNDK_%xzWpFq^KKxhRCm?^HP)DH?VrDkP9Or~Ik zlTw^B6DL3e2hmhS&ss_oU|_bOFNI_Z*8KS>k;pLY{;GVN0>(h25Liv7q!IOFXk7D1 z^&?iXE~0U%n!Aj=#+)3`LJ(h#QVgc1g`1TSS~bxT+FRBN{>G~FRuzey1Y7&uFCk9`sTEMr$9wir2K#A}cf##4Q~9Ile1P) z?&rU=J1+vPeS_Aq`Mh?_?p$}=?i_k+G;JNFSwL935&z(*-C2e3krQ@j0#F0^)0_C9 z0-y?IKW!$%1XU#+li7@L!?wv6I;OEh($h7s!{-gcHubl(6G zEGmX&l264*7)QYL%9tfg^9*fiXsuPX^GMR#+FCZZ!qi8o`&Z1yIcOeu5cdM|aeR1} z05<`C3drKr*bAKHYkX~;zKyb;kdmq5@E`}x?32~A#=mDW_^&hYknWXr;5BuT->wAb z)|UZ&>a=NJzqnxgu1e2?%ZK0pa{I?$+%ft7RogpX^gci5y1j3ETG=zWXPVWcnjk6^ zb&xKD=_ZvDObo^%-RX2D^Y1@x3rggJ3>nAw z*@E~{Jqp$rp5@0Jcl{-k*|ybv#_^TemkoDsJN4482c{bSMdGs(h-cobbe>w}X0{zs zw)<@NNyot(%iO;zYdKcp{-FB+5ZEd3NlPw+kPg!e@Eg+_%D}S_@j`_3`)LYSAgrPc zJcGce1F9`n7(?Da7&(kJW7-(20bA^VtoM3bJZ;TB-qgiSx8b0YQsLsDyK`LB$E_fP zMjBgR)|&tiE_}6}zO0E0Pn$}b1bnKagVPx3YHJR{8Hrjt+Z#P0L@f7N2Xq0j5s&k* zWSZ2`IaWb%)C4!MFW4T0^T|M@8+h58$CqmIc;Sp(OU_&$_J8~n>V@YQqf6|-uS!Nc zDoJ76OiFV)+sH4<8v=n)Yk>TutIU*7xLvW6=AOScC&@Ok{MAt9lw^|hIlWgZhRByA z63von_|gLnMWp)_4gbtE`^jl`^yC*G<0a)&_k2)^zs{eo<%NY8ytX|4;iB#hG*cp* zai_uJVw7WUIliHf5oI{xu{jgv?o%(ZA7^Ir@*hRIjZz0tezp-~EJzcb{P0~ObOmy3 zVW4{zO~>N4hTT93W*bn920)pl1{fKZ0yVy!d1%DV444#ks4~*cwwIkP=}Z6khrV2%ZjKD~>^ABI$%`Mt7EupE%KzW|!Yn>0EU^ zK7?sz6&VA392r}0DC;hEu1r5wzY@q_1+7aE5@A~R-@WhPm|pB0y^Y$|6n zT6!&H*7czDFS~CpO}m|qze=C`_oqwSR(`wTx_vh-p1o_|126ve;O^TtJ$L)TP~XBU z*IjYx&Z0}Y_uR7d@y>#Mw|4!h-m~fX=NA9DyL10@m)`%qD>i(vZ|C9foc!~SRI~fd zdCznm`^9jo^`rPJH=Wpf`VGg8`s|`xhrYMdW2^tUB3yYvJv7*3$5e#djZa)&244%Xhs! zdDAURANuaE8_xNTKD~MFta&7q0hctFHOYtDz-lr(E}iE&J#H;Ai2FNWPbBb2t-L-E@b_ zcpMJgsIn6Cf^3rA6h`AkQXb}n(a(mTtz-fc=gFD?`}3r~l^&pRH73WMKP;v==~(P5 ztezFvEntRD!H_hm>8S$}v{vY;1 BWqAMq literal 0 HcmV?d00001 From 10b248b18fe807cefd93ac373743448a4b235f5a Mon Sep 17 00:00:00 2001 From: Martin Milata Date: Thu, 14 Sep 2023 19:10:25 +0200 Subject: [PATCH 06/19] feat(common): cointool: add new-definitions command [no changelog] --- common/tools/cointool.py | 22 ++++++++++++++++++++++ common/tools/release.sh | 1 + 2 files changed, 23 insertions(+) diff --git a/common/tools/cointool.py b/common/tools/cointool.py index e38aad759d..67e9f94497 100755 --- a/common/tools/cointool.py +++ b/common/tools/cointool.py @@ -21,6 +21,9 @@ from coin_info import Coin, CoinBuckets, Coins, CoinsInfo, FidoApps, SupportInfo DEFINITIONS_TIMESTAMP_PATH = ( coin_info.DEFS_DIR / "ethereum" / "released-definitions-timestamp.txt" ) +DEFINITIONS_LATEST_URL = ( + "https://raw.githubusercontent.com/trezor/definitions/main/definitions-latest.json" +) try: import termcolor @@ -912,5 +915,24 @@ def render( do_render(file, dst) +@cli.command() +# fmt: off +@click.option("-v", "--verbose", is_flag=True, help="Print timestamp and merkle root") +# fmt: on +def new_definitions(verbose: bool) -> None: + """Update timestamp of external coin definitions.""" + assert requests is not None + eth_defs = requests.get(DEFINITIONS_LATEST_URL).json() + eth_defs_date = eth_defs["metadata"]["datetime"] + if verbose: + click.echo( + f"Latest definitions from {eth_defs_date}: {eth_defs['metadata']['merkle_root']}" + ) + eth_defs_date = datetime.datetime.fromisoformat(eth_defs_date) + DEFINITIONS_TIMESTAMP_PATH.write_text( + eth_defs_date.isoformat(timespec="seconds") + "\n" + ) + + if __name__ == "__main__": cli() diff --git a/common/tools/release.sh b/common/tools/release.sh index 3e6a34bd24..9c7ba84826 100755 --- a/common/tools/release.sh +++ b/common/tools/release.sh @@ -7,6 +7,7 @@ trap "rm -r $CHECK_OUTPUT" EXIT $HERE/cointool.py check > $CHECK_OUTPUT/pre.txt +$HERE/cointool.py new-definitions -v $HERE/support.py release $HERE/cointool.py check > $CHECK_OUTPUT/post.txt From 69b4f6d80f4177031e4fbe6838ba3be8ccb6886e Mon Sep 17 00:00:00 2001 From: Martin Milata Date: Thu, 14 Sep 2023 19:11:11 +0200 Subject: [PATCH 07/19] chore(common): set definition timestamp to the current signed definitions [no changelog] --- common/defs/ethereum/released-definitions-timestamp.txt | 2 +- core/src/apps/ethereum/definitions_constants.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/common/defs/ethereum/released-definitions-timestamp.txt b/common/defs/ethereum/released-definitions-timestamp.txt index c45f22d5bb..e5cdeb4973 100644 --- a/common/defs/ethereum/released-definitions-timestamp.txt +++ b/common/defs/ethereum/released-definitions-timestamp.txt @@ -1 +1 @@ -2023-04-03T13:44:24+00:00 +2023-09-06T12:08:21+00:00 diff --git a/core/src/apps/ethereum/definitions_constants.py b/core/src/apps/ethereum/definitions_constants.py index 063c0aba21..349e8980dc 100644 --- a/core/src/apps/ethereum/definitions_constants.py +++ b/core/src/apps/ethereum/definitions_constants.py @@ -9,7 +9,7 @@ PUBLIC_KEYS = ( b"\xb8\xd2\xb2\x1d\xe2\x71\x24\xf0\x51\x1f\x90\x3a\xe7\xe6\x0e\x07\x96\x18\x10\xa0\xb8\xf2\x8e\xa7\x55\xfa\x50\x36\x7a\x8a\x2b\x8b", ) -MIN_DATA_VERSION = 1680529464 +MIN_DATA_VERSION = 1694002101 FORMAT_VERSION = b"trzd1" if __debug__: From 364c1ce123ead6e4dffab8cd3abb208e19158bce Mon Sep 17 00:00:00 2001 From: Martin Milata Date: Fri, 15 Sep 2023 20:08:41 +0200 Subject: [PATCH 08/19] docs(core): changelog for 2.6.1 --- core/.changelog.d/2161.changed | 1 - core/.changelog.d/2341.changed | 1 - core/.changelog.d/2610.added | 1 - core/.changelog.d/2937.changed | 1 - core/.changelog.d/2937.changed.1 | 1 - core/.changelog.d/2955.fixed | 1 - core/.changelog.d/2956.changed | 1 - core/.changelog.d/2989.added | 1 - core/.changelog.d/3047.added | 1 - core/.changelog.d/3048.added | 1 - core/.changelog.d/3205.added | 2 -- core/.changelog.d/3216.removed | 1 - core/.changelog.d/3218.fixed | 1 - core/.changelog.d/3237.added | 1 - core/.changelog.d/3255.added | 1 - core/.changelog.d/3256.added | 1 - core/CHANGELOG.md | 40 ++++++++++++++++++++++++++++++++ 17 files changed, 40 insertions(+), 17 deletions(-) delete mode 100644 core/.changelog.d/2161.changed delete mode 100644 core/.changelog.d/2341.changed delete mode 100644 core/.changelog.d/2610.added delete mode 100644 core/.changelog.d/2937.changed delete mode 100644 core/.changelog.d/2937.changed.1 delete mode 100644 core/.changelog.d/2955.fixed delete mode 100644 core/.changelog.d/2956.changed delete mode 100644 core/.changelog.d/2989.added delete mode 100644 core/.changelog.d/3047.added delete mode 100644 core/.changelog.d/3048.added delete mode 100644 core/.changelog.d/3205.added delete mode 100644 core/.changelog.d/3216.removed delete mode 100644 core/.changelog.d/3218.fixed delete mode 100644 core/.changelog.d/3237.added delete mode 100644 core/.changelog.d/3255.added delete mode 100644 core/.changelog.d/3256.added diff --git a/core/.changelog.d/2161.changed b/core/.changelog.d/2161.changed deleted file mode 100644 index 7adcda3212..0000000000 --- a/core/.changelog.d/2161.changed +++ /dev/null @@ -1 +0,0 @@ -Changed design of the path warning screen (model T only). diff --git a/core/.changelog.d/2341.changed b/core/.changelog.d/2341.changed deleted file mode 100644 index 472e61629b..0000000000 --- a/core/.changelog.d/2341.changed +++ /dev/null @@ -1 +0,0 @@ -Update to MicroPython 1.19.1. diff --git a/core/.changelog.d/2610.added b/core/.changelog.d/2610.added deleted file mode 100644 index beb5505e31..0000000000 --- a/core/.changelog.d/2610.added +++ /dev/null @@ -1 +0,0 @@ -Implement UI for Model R diff --git a/core/.changelog.d/2937.changed b/core/.changelog.d/2937.changed deleted file mode 100644 index 104e40f2da..0000000000 --- a/core/.changelog.d/2937.changed +++ /dev/null @@ -1 +0,0 @@ -Introduce multiple account warning to BTC send flow. diff --git a/core/.changelog.d/2937.changed.1 b/core/.changelog.d/2937.changed.1 deleted file mode 100644 index d9b55d7551..0000000000 --- a/core/.changelog.d/2937.changed.1 +++ /dev/null @@ -1 +0,0 @@ -Introduce multisig warning to BTC receive flow. diff --git a/core/.changelog.d/2955.fixed b/core/.changelog.d/2955.fixed deleted file mode 100644 index 4f9a096932..0000000000 --- a/core/.changelog.d/2955.fixed +++ /dev/null @@ -1 +0,0 @@ -Fixed gamma correction settings for Model T diff --git a/core/.changelog.d/2956.changed b/core/.changelog.d/2956.changed deleted file mode 100644 index c4a9f10e6b..0000000000 --- a/core/.changelog.d/2956.changed +++ /dev/null @@ -1 +0,0 @@ -Changed grey_dark and green colors in TT UI diff --git a/core/.changelog.d/2989.added b/core/.changelog.d/2989.added deleted file mode 100644 index cd2d6b57aa..0000000000 --- a/core/.changelog.d/2989.added +++ /dev/null @@ -1 +0,0 @@ -Added support for STM32F429I-DISC1 board diff --git a/core/.changelog.d/3047.added b/core/.changelog.d/3047.added deleted file mode 100644 index 32c4b05e26..0000000000 --- a/core/.changelog.d/3047.added +++ /dev/null @@ -1 +0,0 @@ -QR code display when exporting XPUBs. diff --git a/core/.changelog.d/3048.added b/core/.changelog.d/3048.added deleted file mode 100644 index 9ca067e4da..0000000000 --- a/core/.changelog.d/3048.added +++ /dev/null @@ -1 +0,0 @@ -Added hw model field to all vendor headers. diff --git a/core/.changelog.d/3205.added b/core/.changelog.d/3205.added deleted file mode 100644 index fe4468f37e..0000000000 --- a/core/.changelog.d/3205.added +++ /dev/null @@ -1,2 +0,0 @@ -Added firmware update without interaction. -Split builds of different parts to use simple util.s assembler, while FW+bootloader use interconnected ones. diff --git a/core/.changelog.d/3216.removed b/core/.changelog.d/3216.removed deleted file mode 100644 index 6a68fa7f30..0000000000 --- a/core/.changelog.d/3216.removed +++ /dev/null @@ -1 +0,0 @@ -MUE support diff --git a/core/.changelog.d/3218.fixed b/core/.changelog.d/3218.fixed deleted file mode 100644 index 67e778caa4..0000000000 --- a/core/.changelog.d/3218.fixed +++ /dev/null @@ -1 +0,0 @@ -Fix more info button on shamir recovery screen. diff --git a/core/.changelog.d/3237.added b/core/.changelog.d/3237.added deleted file mode 100644 index 08672d1dc7..0000000000 --- a/core/.changelog.d/3237.added +++ /dev/null @@ -1 +0,0 @@ -Add support for address chunkification in Receive and Sign flow. diff --git a/core/.changelog.d/3255.added b/core/.changelog.d/3255.added deleted file mode 100644 index 77f420f8f6..0000000000 --- a/core/.changelog.d/3255.added +++ /dev/null @@ -1 +0,0 @@ -Implement device authentication for Model R. diff --git a/core/.changelog.d/3256.added b/core/.changelog.d/3256.added deleted file mode 100644 index 90dad1fff0..0000000000 --- a/core/.changelog.d/3256.added +++ /dev/null @@ -1 +0,0 @@ -Use Optiga as a source of randomness in seed generation for Model R. diff --git a/core/CHANGELOG.md b/core/CHANGELOG.md index e0d60435f2..45c2339b15 100644 --- a/core/CHANGELOG.md +++ b/core/CHANGELOG.md @@ -4,6 +4,32 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## [2.6.1] (internal release) + +### Added +- [T2B1] Implement UI. [#2610] +- QR code display when exporting XPUBs. [#3047] +- Added hw model field to all vendor headers. [#3048] +- Added firmware update without interaction. [#3205] +- Split builds of different parts to use simple util.s assembler, while FW+bootloader use interconnected ones. [#3205] +- Add support for address chunkification in Receive and Sign flow. [#3237] +- [T2B1] Implement device authentication. [#3255] +- [T2B1] Use Optiga as a source of randomness in seed generation. [#3256] + +### Changed +- [T2T1] Changed design of the path warning screen. [#2161] +- Update to MicroPython 1.19.1. [#2341] +- Introduce multisig warning to BTC receive flow. [#2937] +- Introduce multiple account warning to BTC send flow. [#2937] + +### Removed +- MUE coin support. [#3216] + +### Fixed +- [T2T1] Fixed gamma correction settings for. [#2955] +- [T2T1] Fix more info button on shamir recovery screen. [#3218] + + ## [2.6.0] (19th April 2023) ### Added @@ -701,6 +727,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). [#2144]: https://github.com/trezor/trezor-firmware/pull/2144 [#2151]: https://github.com/trezor/trezor-firmware/pull/2151 [#2152]: https://github.com/trezor/trezor-firmware/pull/2152 +[#2161]: https://github.com/trezor/trezor-firmware/pull/2161 [#2166]: https://github.com/trezor/trezor-firmware/pull/2166 [#2167]: https://github.com/trezor/trezor-firmware/pull/2167 [#2181]: https://github.com/trezor/trezor-firmware/pull/2181 @@ -718,6 +745,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). [#2300]: https://github.com/trezor/trezor-firmware/pull/2300 [#2313]: https://github.com/trezor/trezor-firmware/pull/2313 [#2324]: https://github.com/trezor/trezor-firmware/pull/2324 +[#2341]: https://github.com/trezor/trezor-firmware/pull/2341 [#2354]: https://github.com/trezor/trezor-firmware/pull/2354 [#2355]: https://github.com/trezor/trezor-firmware/pull/2355 [#2366]: https://github.com/trezor/trezor-firmware/pull/2366 @@ -741,6 +769,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). [#2577]: https://github.com/trezor/trezor-firmware/pull/2577 [#2587]: https://github.com/trezor/trezor-firmware/pull/2587 [#2595]: https://github.com/trezor/trezor-firmware/pull/2595 +[#2610]: https://github.com/trezor/trezor-firmware/pull/2610 [#2611]: https://github.com/trezor/trezor-firmware/pull/2611 [#2623]: https://github.com/trezor/trezor-firmware/pull/2623 [#2651]: https://github.com/trezor/trezor-firmware/pull/2651 @@ -752,3 +781,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). [#2834]: https://github.com/trezor/trezor-firmware/pull/2834 [#2841]: https://github.com/trezor/trezor-firmware/pull/2841 [#2899]: https://github.com/trezor/trezor-firmware/pull/2899 +[#2937]: https://github.com/trezor/trezor-firmware/pull/2937 +[#2955]: https://github.com/trezor/trezor-firmware/pull/2955 +[#2989]: https://github.com/trezor/trezor-firmware/pull/2989 +[#3047]: https://github.com/trezor/trezor-firmware/pull/3047 +[#3048]: https://github.com/trezor/trezor-firmware/pull/3048 +[#3205]: https://github.com/trezor/trezor-firmware/pull/3205 +[#3216]: https://github.com/trezor/trezor-firmware/pull/3216 +[#3218]: https://github.com/trezor/trezor-firmware/pull/3218 +[#3237]: https://github.com/trezor/trezor-firmware/pull/3237 +[#3255]: https://github.com/trezor/trezor-firmware/pull/3255 +[#3256]: https://github.com/trezor/trezor-firmware/pull/3256 From fbd5c466f0f8b062be517b2afbe5979542f19484 Mon Sep 17 00:00:00 2001 From: matejcik Date: Wed, 27 Sep 2023 13:20:02 +0200 Subject: [PATCH 09/19] chore(core): embed QA bootloader 2.1.3 --- core/embed/firmware/bl_check.c | 6 +++--- .../bootloaders/bootloader_T2B1_qa.bin | Bin 99328 -> 101376 bytes 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/core/embed/firmware/bl_check.c b/core/embed/firmware/bl_check.c index b522a339a2..42dfb4bd0c 100644 --- a/core/embed/firmware/bl_check.c +++ b/core/embed/firmware/bl_check.c @@ -65,9 +65,9 @@ static secbool known_bootloader(const uint8_t *hash, int len) { // bootloader_T1B1.bin version #define BOOTLOADER_T1B1_00 {0xc1, 0x01, 0xd3, 0x8a, 0x00, 0x5e, 0x4f, 0x5f, 0x87, 0x1f, 0x49, 0x78, 0x24, 0x9c, 0xf9, 0x82, 0xd1, 0x91, 0x4b, 0xa6, 0x90, 0x03, 0x9c, 0x50, 0x49, 0x61, 0x10, 0x4f, 0xee, 0xe7, 0x1d, 0x7b} #define BOOTLOADER_T1B1_FF {0xbd, 0xb2, 0xf7, 0x62, 0xfb, 0x10, 0xbb, 0x30, 0x1f, 0x95, 0xa3, 0x12, 0x6b, 0x41, 0x1f, 0x66, 0xfc, 0x57, 0x28, 0xce, 0x7f, 0x59, 0x42, 0x6c, 0x3e, 0xed, 0xf7, 0x69, 0xbb, 0x96, 0xbd, 0x4b} -// bootloader_T2B1_qa.bin version 2.1.2.0 -#define BOOTLOADER_T2B1_QA_00 {0xa9, 0x4c, 0x0e, 0xe5, 0x51, 0x04, 0xfd, 0xe3, 0x44, 0x0b, 0x6c, 0xea, 0x6e, 0x4c, 0x11, 0xe9, 0xf6, 0xca, 0x47, 0x35, 0xcc, 0xfe, 0xf1, 0xf2, 0x97, 0x7d, 0x48, 0xfc, 0xe9, 0x09, 0x87, 0x2e} -#define BOOTLOADER_T2B1_QA_FF {0x37, 0xf2, 0xc8, 0x45, 0xf1, 0x1d, 0x4f, 0x1c, 0x48, 0xf7, 0x9e, 0x09, 0x67, 0x26, 0x9b, 0x2c, 0xc6, 0x37, 0x55, 0xa6, 0xf9, 0x11, 0x84, 0x9a, 0xcd, 0x17, 0x3b, 0x46, 0x3b, 0x69, 0x8a, 0x83} +// bootloader_T2B1_qa.bin version 2.1.3.0 +#define BOOTLOADER_T2B1_QA_00 {0xcb, 0x07, 0x8a, 0x12, 0x1c, 0x42, 0xd9, 0x14, 0xba, 0xca, 0x0f, 0x0a, 0xf5, 0x85, 0xa6, 0xb4, 0xfb, 0x28, 0x52, 0x1d, 0xf7, 0x34, 0xbf, 0x9c, 0xd8, 0x52, 0xd7, 0xf2, 0x4b, 0xdc, 0x19, 0xca} +#define BOOTLOADER_T2B1_QA_FF {0x21, 0x3b, 0x01, 0xd3, 0x51, 0x3e, 0xb4, 0x7f, 0xb4, 0x66, 0xb6, 0x2f, 0x3f, 0xca, 0x81, 0xbf, 0xb6, 0x8f, 0x0f, 0xbd, 0xab, 0x34, 0xff, 0xf5, 0x9d, 0x32, 0xf2, 0x6a, 0x4c, 0x99, 0x14, 0xde} // bootloader_T2B1.bin version 2.1.2.0 #define BOOTLOADER_T2B1_00 {0xf9, 0x8f, 0x91, 0x9e, 0x3b, 0x52, 0xe7, 0x9f, 0x49, 0x57, 0xb4, 0xb6, 0xf7, 0x85, 0xba, 0xdc, 0x5a, 0xb9, 0x56, 0x7d, 0xb6, 0x2d, 0x0c, 0x6d, 0x49, 0xce, 0x92, 0x86, 0xc7, 0xf7, 0xc4, 0x5c} #define BOOTLOADER_T2B1_FF {0xf2, 0x7d, 0x8a, 0xee, 0x85, 0xdb, 0xc2, 0x0b, 0x35, 0xe5, 0x7a, 0xee, 0x84, 0xbe, 0xbe, 0xd2, 0xac, 0x1d, 0xac, 0xb9, 0x5e, 0xdf, 0x98, 0x19, 0x9c, 0x1d, 0xa1, 0x74, 0xab, 0x5f, 0xc1, 0x54} diff --git a/core/embed/firmware/bootloaders/bootloader_T2B1_qa.bin b/core/embed/firmware/bootloaders/bootloader_T2B1_qa.bin index 1cfee2942276e31ac75104a45de7cda8505b7c16..7be7ca8c16a7f72a5e10bba032dda09a48973729 100644 GIT binary patch delta 32347 zcmb@ud3aPs);L^s`}W?QbQVHLLb%;Yu)`VxVnCKo2$xO*Bp@=#W@K?1M2L!th;|3i ziD;Y-1tfqtsOSU~CJQJaA?Tokqc|OLL1c+*2yyT>B;4EkcdEOA===WhKHu|$r*iAo za?Yt!r%s(yb#6PV6plKDW!B8O1&BomBluT^5rbujf$Xf@f)N_Xls@uC^{gjby(?b3 ze5mHAafoi|k?S+H#r-xPo5Kw2ax87ke^zEkvgN7$)pKphBRqHOSDd~3S;e|XkD31Y z2Dh;5se_@s@rR~#pZ#sc!t=BKz4W2PsfA|-<%}&A2YtAs@3VP#T-3}?%TXW;GBmDY zR1cqFQ~`VBN%Q}glx1&=H0%?7{$D!%zieawe+lgW2Q2&liA{e5ytRi>6+!xA`Tym8 zXs1x>D%sy)F**1co*b3y()$Q)9*YSXQ|tQ(pLw+JpsYvwu_jGDduJb^#?$m_M@3z=`cWKrKj z=4o9 z74~?@seVi1wL*o5X)v@wu5JPTpOuXmf#vl)WdN>EwGAK?X}oYuq9s~@|6VxP2XajkQRS^;CVR>Ac|+3Tg?Ul|A89jN zQgo@*^o_PFmB{CL4a_MIaf}(r{177bW71i*@P>!{d(6OsmQVz8oNzdt>r)>mG>3Bo zAa@{~%ZA+EaBd{z_Jrhavy%224{y6dBzNq^7_|_TiW-ElROQSg>364@lEXc;&?X_A zqmW}l$e3p0>Ic-s391m8e|IrZ(hSStZu6|qg4ui~$ab9YuOQCI=F?1kJtm@k^42)v zIMkU<6xNY&j>0+^&QU7=5zbL6_XW+s`H}Uk+boY0-Uv1i9LHh9PodH%Y30CWG>^<4 zKZN->L^h5eJK^hq-(=+VH>{RX<#ED)0;S!%7a92(0PB-zUVp6+YCa6?hISarTf#Yt z?Qnqj$N!tj43Se4(wHp)^2>x_%(?(cnm9q@1Wd|9>Jnrl73E2+O86|;yk=q!W<~~^ z_gS8oGpl?gmmi%RCpbJKVB8vj_p~RQSL{fD+$2x4gMS$_4lglSe`54ra>F_|<`OL2 zil~a1HJ>ajIskAT9%3k77^4zOJ+g)c65C}E+FQxG;z3Y1(nIzY=Q4>QaYNe2M`mdLu20_N*r^NA8CW-f)u%xQxZ ztM8Yo^6n?=r;TOy1jzAea}7@fzU)-xhR}EY&Ybr*A1pnL6@~>eRo(pNM`!G2 zm}mVYan@$mAPn=8eY4g;M(~h<_YP8A@)?A)9y0sh94I^PY2I{iJWeve=#_s!INV2? zW^ZPG_7eV2<;+1ZssGa~<^?Ya{^?Ps)Jq9`e$CqhpoA zn-S*vsMci2YxfzUth!ejre&;BcpNC2>wpYp{oDs36O>5eyiqZOLK}Dv)=XS|te_2% z+4DH4`&1%p=PhR@f#l4a!|d@B%ls7k)ngRNU5AoOQf)ZA{*^*XK+Y?L(|*JOzyLB% z%&?nOP;$**+Kpz>(x?4+oVSgZ8+i_De)gN;@8y8v4=flg$r@TN=U9}&(J&s^cJtGx zZfeN1skeZxVbjRB^Y6;r?|-vPCC8)WKDH2Ly;Gn%uLd~k=-eq>3gK!f2jJh~$9MkL zp#g|OzEW6oj93>;Wx8NDSWw0k_{rr3YZ&4qixw`?Wrq6GR;5az`F--mLKBl$PHrqT zGg6Rn_m5+^09kl{3iD}@ti8XS*%2h?@1Mgw93-R52dVxPkq;lq`7@`R6crYw@WoNG zr979(43bmjIgB<)yyat={|3nD2OeaO1jwro6vuQwC{rablBu>V2IXoaHy#+3^k|@} z;QCo?+GN3FWmgzQ4j(J9!1zUGHddJCBP$lIWfBAA@*sFyyVY>G% z8yfaQ8v|uJd{Ww2#=3P-Uf{)05(BMb;O%ZN>ozE9Ni3AaLP@Sy?lxe?lm{dZ@sa~e z1_91KUUGiPki=La;CaAi8DlYJ7qaerXx-x>X-mtPHXm8J^a%z?{blJ?-AbPkj0#G7 z-UDR9gPB~cKs>4vWKL{FT&b`x=k}yxnA9m?BR!bQ4E2$BAKan41QrQZC<>vwh0Oo+ z9A>|ly!+=x%+p?yVk>8gy=0wj3ls8?_+{r=h45DoxdwJr=>uf!@=@?!>S=y-`Ee#j zdO)T+2I*Bui-3xUt<1>~sd_jE+62-uQYOkNbTr9@ zb0M;1<@Cg1A!d7vq(CN~1vxTUK}65#tokAldPX6f^JuNQX#Pu&#;PsS7RLxX{0iYckETdf{=mCP z*b`6)*+;>VF(5xAggAs`9Cb6$CgNRX(Jc?MQNt>E1>q}9%soM}yrPg<=_d^pX?Pep zU6F6z;-yQn&n-157sNnPcmXMdg7@iE#S|dJ?iFP8BgOW4UWL%dC-1fPuuCo+3uvNv zXj9_~y3@qp(iRF~A&~u+ADKNcrAOh}1J7Ad_KF{e%NpR>iFx$P6j$Jw-C1SlEN+@}yA%& zGs*U*+ET-cEF>NY<}9HZbKQKUA#2M#M#=MJM>f z3J_Vy%GK$ad;Q*wIg=D6PM=#yS%ZwI>1MO@(Pqd%T#u(Ez7U4fyTOTLM7KIq_pm?G zLo29SiQ{^Dyj=K`zc;?7V`Rl@j+y8uFRxA-xAj;=29<|&x2BFN+1^uP^eaj<>HXFu zw_?*xau$H>hVjXw_;f-{3n?p3kC6-i_1$cx2^Y2IM6iWNRh zF^IZVD?BCrezTMdN25Izg8WE?)Lf9XS&*t%kk21aPuS%v?Oyxnwp$zxio;0g@l-qa zhfPN=JQD>K6uGd3D-W?HY?0i0bAyu$KY1x}djWV8q?|)(C0iR(Z3$tik@H-JY#%Z* z91!JiaPOPQ@+wzi2_lKbeXN#i@&sg*3xD+{6oIVO$CQAdHm6a$*USgS{UHv74GM*| z9%N2#MVWN*CG?Vx93RK`x#f60S0Ph<00evsY4F1`6&d$LS>Xby!m0#2i(*#0Rs!CY z#Vf5FGAP#J-W2}p4y7>OQ`+r)j0z&%j8Azj<{NG7K0Ro6eLWJu$Z|cAYq$Ep>R`8{ zZG(CJK2RP)PUtkeNAgdE{?!o@M+C81*EX$))^-G!z<`UrN+I3@ASJ6czC9$44n}%l z;a@&vjz6ap>^|CVG_(s!O5vb{xRJe9zyi=0>%BU`>g%%KLRJ^5xs~^a*mU)|AN!wj zX+|+^A@P;qIUwZW;5QxiZu>uAhATqizXPyWj9|HtI5cSFW$?@n(i*wo^B8#s-i^`s z>+p`@y*5@ zd#^hF#644CM&>}eAJQ5~t6{eO9G$Tj;QcK~RZl*6?}g9a-**V|%0t>)vJSQL!3D*Yes-tKjTXy#92s>5EU$D;0f1AAtwqzI&!mKZ zbp*vt;WeOiDQuXri#GFM2f4#))}(Hfax zm)QqrL)ixb5C<5c%oh@03y|`4$#%K$v!rh4_>fpi^#jPr1qqKsLwee1*PROdWk`J8 zhp3DIz%d@V(ClS*_O&J#QhiC4cUG_E+0QfZmREuht9ms$-EAw zBmcA=GG9XKgoIYfRK@FLs(g4NmQ{hRTePL55fsbt@Z6r3R1I?Bd7oU+fng95+x%cv zcu~enRvFRnWr>_9h?1y?nrKK+ob8u6WjmWGH`??t=959z$@Y3*7?3;Vuhd2Wqv8j&=MVy4@K9OS6;f@M_7;E zM#pwC9aR0i;;~#iU&acrhvZquJ2Iykr-#JNUSw2(Si1c61qxR~fkpV) z0lXPW3DfS-?c7nIawSKBKOY8e5o#RTojTy#{V7iuJRK#+BJ`=$hKWT&|H{a~{?kFX zFDjsRDuq<&w$1%#tO{&HM^s{80wJV|X(iO1fjm`I>K$k--P=d-RG{W~v6*j+kfL-| zMoGyJlQOj}LP&4EScEnpkFp&J-#Q|MsO@zjvD|yOV9YH*tD=DVhXI+Rfc~c>ScHAI zz%@m|9q3^4CKpW3-;W|>A>n1myf8dg=m~2)Bs}Ms6P^Nl#)OX9CHA@kWgDG>VLtUv zEz#`Mk!>9_OX>>9ErLp-0KN(XXunO6_Pel%X``aK2x{o)9&$y-rWM}xVDrT8RsUej zXJMz>>&1dGJSeS8D|Cl2H>M=TZW|s|ANRXhAsEyOCqvgdw8Ar?2$RqFER!d8Kl+cu z1tu3V|LnTS?txLFUJMhp?KV-j8}k$cn_bwZ>U+zmVg)Hc8!m!IO)JO`>&C%ZEa9F> zT2dDLr`y8lg(?0w)^KYeFU#lq7g|izgi#1fgBCO9HEoO6;E{_fEWBSl=bxDIV+GE5 zqvGQZB@9JbthAQHKv+2G!JM2DxgoNPe)^b9mGuZ{+(*ccXT}ctBNA!NeFDCdn)5IeBt{1L)nT*q&no)5^S%%*I8iHGlWF6Tr zjdD~=yP<8sYcSmjZC``7XT5Poeb3Jo)zT;Veo^q|6d6qPT`zpmmd%x^j1sl`A<3n;!}|O9^;H^>4y<2!5rA_ z-Zyei!JK?Uakca##&5?N^FY6a&H@j1!TkOG z5t&kT05U&4Nv>9|VD-W~9o$TLvTA%A8yiF3!1C+)9RSNM-h{A;lX;m+6J6p45`l5^{{? zM}&Jx{xG7R7l2Q3HF{y32WOOaJ08(ri!)S9h7o@8@1BrJ@77~lq8BPXy5hpOnJ_W_ z0C8>LG>^kzjy(zIOivQ;h9P4Q_%qgY9T{0}xh9LxC{onxh2xUt22R*7CFfAc7-lXN z<~AkAFV69#7E$P_FibczEZ;Z^Zzo$f-VtvBcyyG_z?&tIPkxeozOfkJN%}pP4P43t zDc+Qn>KDI|Hc$Z9?g7&FOJ=^Zc-Gr8V@NcUC!f1JsVZ!=np~8WzxQl@WEObZB3uk@ zN*d=EYorHnbzK2n%cEU8{Hp|vS~?8%K{2AFe-GgEFaRLlCe6GBU=jeB8U=7105E7v zM_gS=5w&g03IpP5KPi7ciTPW&?^wS$MjC&sZzA*^747?1=qp1@I|AaGum$^j)K7-H zgHDQ*21UE;gkM8uo{M(>GjwOscrb=b!GxM_=mW-ZKzuz6%KAGt6j4yg_8&uuw*Van zK@UgoBfgQntV1PV(v}O%{~>IiPj1VDA$;wl z_Rd7G4ZnebeQmhwZCaWU9@u(*WZTxghWdawKCo+VE)Y**VF8LgI_Q3?4ai`58Q&{a1b1yr|90 zR~3cCpMW6>^z1Jx;oET6Nv;;D47`MiUs2(56j9Nt4pN?uy(9G0EuJ#K(Y{Ri{b5E?U~OjUYK-P%0PO*ZNa;5k^V@~%nyr_{ww+Ig$#Oq?@Nw)3$ znf6Wy_im2#o)!$RW>}0m!3@1`3ey{;a#I378^nT&&m?%#B~7>WzeV=~Y7)No7!&qa z9-;LhGRe^9Ampj&RKQ7}4z~J_9wp~Cjk%kl|Lev zSK~S0A5?^yr*In-O4k5rIiT1GE#DwTFHXU!q~^tb6Y>H&7@m>u>d^Px@eC;EzuqKg zF_3i@Q2#ed3PnxHp_*^)WdkS|`!wa@WK^)>*kh6#@#>Gm6LA^DF#CXB)idqpvrCMmZ3=q{yn z$%OI2F>q%e5~oRcbQ>VMc}Psry%a@ffTPV1;f6NVmLK*Ym4Y)ATLKXZYpT;gvgl|S zK#p^CLZP4TS&?lbk^HT?zam0w^M}=&F|*j$Jo~Q~Wr|F$qtRncEgJSx+@LZF^UiKK>~<3xPBZ(j$-@kTyel4N~J% zSR97?`{M6D(dz}mTjF$bDI+xZzD>w)6bwKA0s5(SV8PZ>NZ9SQKP zI5e$fGYr`fJr;=z4_qr``J2Dk#bD+QANl&#bf#x(^Nm+|CZ2*SfK&o$0iJ8yq=U#<#uU#37w?-6)arSv`RjTfYo3KV0a9o!8Mtp7Q?j=C_`W1fO1AG_iPf?~ zegLck8!KG!BO`s@6ChU)&NZ;YI{}=**)~c?MuIo#A#)B{l#hF8i;s!>P+#)yp<((K zKWCE*HzfM^&&2(HAEJ0Shw*z!-n-+{&Uj=_WVQ%*R?_NmaKMO!;o-q%wg(|tu-@t!;Q^}M3Tunc8!wxezo zYZ0b}+sFaD{@m9Ro0lPA*~jqYc$r}HnQZqglL=_jJrB_S*Cd%-`_7j_7BrG8F=$g zTSj-qJ^w6cg=DaN-b;&r-y3O;qRs6R3BEUuW#Qz2OgL<^Pm`2NWtfg7k(Po=76ELL zK4w&3bv98N&qkp*5+ZfE5?IO6x~7{LqIH>4K8is6DhkmN9eiJ@K&kmE!?wWokdg`G zJdeGk{qP{hDiPh0Q3G2&#$`BL)i(afmy*t8Is$Xuv+7Z~uvh9QsAACyP$_kR*hZ2e6 z*n^DdB`c3@Vtn3kNleR}j~wrouP+WW`KuL7*_q>rQ=pJiC+ zA9}>NE%XyqWSuC{7(i#EJjQbQ>E^X3 zPAc&|Wa25~^u@st94@~cknKlCzlp7v)u@Cs!I8YC7}Zka)XYn8e55K?S<#ThRwJ0! za&W?s@FS#5e=uwhjeJ_B>I(_n$^)m8Oe2EIVrqfQg<;U>;{Zi)FXY&0^S)1$Urw3W zvCsqVa8k&?Pi)vq{`yIg!Wsc`@snSejZc%0|6Kr&X3eJ>9P=>LOoK!>At*C_whxba z3GN{vtk9x7q$$x9-@H6Xu;Gyj<-hk5L*kFUZnJD8>+{k%9{(NF2Cr!DS!+-Hb{O1} z%j%geD&edz*T~e1;zB3Dx?Q9r8%N({bnwq)=}C$iWmU%(aO zQ8X`#L;U2k&$*#b1srg*7Gz-hQ`SdOsQeVA z&Wg4$d%MNQqoo}_bqO3S12?1tDLg5<)7$j=9 zgm>bRm@qr>-3);<(8 z?G3o^iNpfEL_BTT!`}^=k7%Y+7j2b<&EB@&K?(F|`7<9L`D4e;s5CQ~@x^1wFNR@6 zoJ9vvYyfIrf+uPJBn>}8JYNirog2AU@z7HYe0M;Wa87Ordny~Jo3qxcg&a)(t}}f`@kY3uJFR_ny`@x&qP2R z-OBcAakcGs+)W}~u?EJn86*Yi7)vs|zeMuCx>K9$y~&+qQu$SW+~*{R^!tCvO zfgu6$V{+!Jj447euQ7TYQKYv{&w%?H59RgkbC;0V?ost}!!3FlasjrjkeVTV3diOz zk?~*OkN-w?ecczQkwah4Fb;uGC^SiHWdL75%nIM{^@cf@-0{uOI3I15-{5t0%lW>* zo9krhH-m8&srhE4{QDAQXeXb1GgyBe0#G2TAbidIJ;7%)^xyR=X(uDj_QOArlCv53 zU9#%zJX}mZJv$UXOgvEXFVg?p{>-yMGVa@4ra~eW-wwn_N$t1Bw8!Bh!VC_}@DLsE zUA@)|E0Hh19YPL%XEB`)-DdRi+8k!#8sz6y4!EhN^c(GNSy82 zBIV}1U7&8;DBW4EXa}>^Ly~^XR4fmIitrH2kIAqi@B48$8xrFoi0Q}Ckm-@g$3G5Z z^g(jt$FcB!Tq2`>g7`Rc?@yEA^#zH%`co$NRv;v<28SFj@`Uan!~M6zIQUB28&&M! zYjEiLXNmmq(-3G4VTJKOQ>eKTnfkK{G6N*?=+D=fH$&vXUviTux!HD^3PW1;EL^Tl zM+V!o3KqBh-u1$^A~3|aUqpA-}iM#Ik{ z(m|UVrjrS)(~^VYPR~t;3<-aUUT^~4k;=+mmCxO-H2wFQDJc3SbVql`a1gybK76qI zSIQGQ?x=u|zFG(fz>N+E(%f9gQO1nEY9a@(nkWVTdxNW2$I+;+A-{3Jq;fdI`Yrh; zQ&;|02KS$LNHpU1dIvp#5@1KT8SWTGaPhZf)-S#&5$|v5F}@HQiqGY={@URe9|zeL zhLD*;n${1Z=?I_f=?ND4#tn;wKG#Qw zL!+--n4}>2>3R+mfN;?6Va(3~!o%ZqfII<@Ljm#@Jaz@h*YJ1_!kc@h!;#oo?`}9% z42bik&L*dc9-^O^ZVXI}4ffuku`2*K0A&7+^u)sdQSku;vjC2{VYS;E$KN9r z|Nb96sv{Lw|3}4Relkd$t}2OywfHuRNr{Djh$IP!BmHEb$R%cmqkMYf>*psI#k9nu zf4D9Ph;YCbBc&yt{T~&bJ~BZXV*VmxAawb~)T6!G>~8C=e1XZErL{4Yy{ri+O7WC2 zGa+Ws!!yHt>Yi4rdDeHA^1FI&V;ru$6qj~?ya4GaRDYJ-Fgd~61{og5#06`w(swCP z%dt3*{SL&kwmlXn*REzUM+$@SwQsR_EK?h({ei`6n7M)4`Ep#y+!d&OU5;~^{(;)B z;hDHI&^z);>GF$Se{GrqPi4;dYnLm4!bX4X0R_%uw)kr=D{wc{&tH2{iH|c!e6_Et z@S}{~R~xU!Yawp8_GLA`2rJd)t*y}DW00%xzL%rLg&4A*d1}|_@Kwm&)!aWTn;> zgA;4HSgc9%it7K-&?ePdV(}1wUnbR7#A2#YMoP8&VsS3yk|l~~EaMH;rWt@q--K!x z8SoJ1M5xwjzzZ2?s8%rGCH4g&#N9LoD-QK7>1%zy0cC>e^*A2546GS>B(|XwFFD;Q zD@0qpqQYkaH%@Q$igA7o=YwPATwY_%=7C0kBD|jquO|5|qsb=@4k>P_UTTQiAsQL( z#*GG3s{J;CI6x5BBesPMCJdqRte_3BCVdx!VvAV88i?r?XPR8Di~2KEwe&`HBdF|U zxQf;y@e|yB0(TJbh26s`04Yed6k%{0{@1>5!?8z#utz4uw=P#dV1J z2b&#t=EF3TAd{t}Y%0*6Wo>XUK2h&Nc2oa$g9qP@$27Y`6Z>9h^j2P*sYcn|ZE@`z z3RJDEi5;`4K>o#sISJ6Aqm9iKJ1lcJ!JY%QxKN-r@UE5yK!ABfBy3Cw}`?+O+bxt!o6cT$m`Id}U)|%o#&} zYwbtzcv$M}ka!}5`G%gV0ZP|y+rHE*j`|CrSS0* z?$4ALH#Gsu?DPHjIEk5t%O7Zpb6a8)&!zE+l57E6zM?4+-eb=tNbCX`oHI>CazQDx zT-jhywgZuIy4sxyIMuG=8(JKPR`EXZV}I}>LhXPmm6IE>Q=Y+Ek(0GDJS${+LgKF> zsBc{gY%Yf+9FqNGn#8tfY^KJV%j?j(6Reyb2vsr*e;ez?(R>nxf6;-^WrPh^*;m}OTYeB-2!?h>+ zV6(m2w?!IZ=+}si&q;Z4xP7BEq8v=I_k|XxG{<0UL`DZZkx+TKVu}-5L`w4FWWv>B z5n>We21&0<+2M-2~3BnD4txd;U7pd0~H^@eH9XP5(hHmlyVIi zc!cf7c#{KOkbn+vSS}l^IE%XeDf?$96JNO;kEmQ!F@>^uXeZKcYtXw@Y8~(3)es7A z7}19>G^NADto4GdWZ2*nRP7^W3XINSW2%XO~r*DbR`vRk!Bf+8gaI! zEv|{lsPSFD{(9FW+^^8iwxf(V9=9W70{>1IhU@u{ui*TTt{}@Pi8Y*(5IWh(;3V*K zkydEAIp^t3wj3ao)$<~{oz6^rHB0Q}J zxuNn^xwfdWz=n*K_D8V|8pq=oY|!w_z)Lq#R6C^!J&Xl4DT%gbcfqMvmVej77{2M0$zCf^)x>R4 zUFf$wk*|Un6BA$VC@;s{T|brQzLUKHZN$~Ar&FGLv$JI z>Kb=Q6YL0^E=hHXr=?lWqf(CJoHWFV1f`GVcSsy!%!zGGR$6=Bvio?|j(hlx%Our)G~rzI72Y1zDGM*ew# z(J)2cr9u|~ryX^%TFe=p$89mU0OSFHybq5`nIOd{eO%#&LIf?|f^i%Ld0>IiaYznh zv%&#fX1yxML`g?_ClHTPp?o6h2PG_ug};gDLZ@<;8cGdF2Y)A^4CiSnZ#No>gdLR` z_Btd;Uaqk37Tgq97hi*#5}cI<>I=F$#;j_~sH5X^Bp|`=RkS0HZP!5ir+w<}szT0* zxYM0?IMrQpRcu``NPp(md_HCC?k+7d?TYm}yr-o)2V8~mI*^7>{8R}Ib6w~h7|)rn zyLP+PGWp=&&e+X69cJ!~TywwI;n%owhQ_+Mq4BPyp{8AZ+8TNe-ha^**ZzUkw96pr z&M&mH{%dhu0qf$n-&d$^vd@?te_>9cqG|Tz!t?2MIfbaHZ1QlR zZ@_lC<5|?If;boE1~{|YHA5^e{gBZv5F`aHL0o?zdjWrnPje=JmS)vck)Sf{hb#&Gq=3jaY3@#9T1;w>hDYj5c)cK7t$gQ zM%?~3Po*<$hrT@nX1vpbniwPfo`7-#L;F+VdShKfwAx zCGn2Q$}jqPK-IeQV`05x_WY`L%Ve5+sO_}P$oGY11uCVkeo8K%vMatz#UyW6xwaO_ zzwPH?!oBeMdF^xC-Y7h7>-)<76jf7AAu`idWEVFa=wEmL6=YM|U36_zP;7W@_kAU~ zPQINhR27a{#x^C?Z7fJWe?c-dnD|ej{yu)Sg950VvgjAp_A;I-*Sn<)oeExdwx#YZsn0_63?_-!O$HH*EoL*1TTID8qxs?qd2s&N~Ti7r#jRmVfnHYs*Wco zZ-JGK1g~^Z;tggXzoDgKO632gLyCW>cp^O@llUr?ap`+?%=I*JBObVWCDrLzHdF&YQ2t4ZWf zOG9>R>-Es)ibnx|-}CC-L)0?i-2kpHg7+QX)1BHkwGhpk@1^yBkJi5xP=xC@c`YzQ zCaC#Ws71;&v`Fz>Ty0l>oK>>dBNLVcZkkUgnk)qnQ+|{hWHjF`wn6=@TlEn`tv!Tu z9AV>@026z3`>)mxO8ZvMt8!v^%Qb&~9iIqd@^m1l zp8`J0qZ0Q~Co-7%ey#a@DTL{O(lgPW8iFD$-QtTa!HdC*QHE$YHLwS&_)0zwyo3}O z%JZRJU`jCN0WSC^@*U^pAs{M4KDf}y;*j{)!J!jPGIM;}mdn{Fmr77t_J@co;Hxjo z3^`x`A&@AAL_eWK+S+v-PQx$PZs+iL)2a~Orr=+I)w15Z2|CK+H$XUC5(sRqm)Q~P zeL<+b!Qo6Mr>QpGhzF_VU24QOX}c7)rAC}JU@~w%PmQ>0=`I9zpAXlS@L>DI>wErE z9um`Qi4jjy{3gkS_k6YIjX33wOOXG&?@NfBx(l7SE;9fwJOVaApE%O{Ne8UWoD&__ z#lO||4_{?~D{I0l^=lwl!rft*hBDZ}skQH$@QAzj22>!g8Shh$eIAwAp`9m`y0Bf; zATdrRqd{VK_u)UT!Zr)FqzpDVZ4QYq*AB?QS@`MqCTHL&m<7v5TkFgOd$;7v!pTMF z;36uf^vYB=tLecsP>ky53S{TEq-Hj4EYP3RHN9B?W%5(4IP2Ba(M@j^9EQMmtS-7D zSI0ELd`zxywM_1N?yzn870lp4I*7XV+K@Y4b_AwA4J>YmlFCkQP24gn%8Mk&x0ooE2e*(uLB2j|&8%gD?;uZ9RIgltTp9b9c&F8U! zwy#+w)V`91)BBwWwp@+{bC#N-h+9V0IKum`i}u17rJUFrYlhYh;x*1v1Cf zE9|6=l^Y!&RqmFU6Ng(hz}h*j35Am?|LKUB)KNlPrrNZ&EZxS+k1Er3A35|@FH{XG zlsR5V`5}cut0{m*=D6KoR=MF1{q?qms^5!Y9l+K-#|b@+6cq?IrjNA9xKddTl9V z+#}6L+|tr+N5w{IA^4`V3@1C|e?BQ$AU~mf_h0r%d5{|grJ5fy7N3+jcuQ~JBc(w~ zZXeYy*|;#OeiW51j4B3DouH^*hQ!b~%15{*0PVzU6xs=Z27J-jKMaF|*Ypzr4pQ<7 zeLL&6AiAos;PT5j7Dlu!WL&iS$=w^c4UBNC_3U%hM9`y!&&yPP$VVqlTh~Aph@8I+ zHmXC?Y^KX41ZP5W_bEj_Xnsam36~Xe)pE!id2qp<_UEJ}n<4bf!3ZH~IRukMifIYe z@w7?u?|sthjSW>ietYxfT%_QWfymqw`Md&VpAjxfl}+2EU~ z0?j2G15;Gq?P;9#_TMsR?u2llYGrSJ>i6%I1au=zm zf&-{(#hDy@e;x5)Bc>GUK@~xqFTrDdPm&wLx~K6JI_f>70hC1&y#FyBOF?8X-ni?xK4k>n^m9LhYKVGPeOE zw}GKfukFK=51i;kpP%StUWn{Cs5NnYmLH@P`O>*SS7ufUngyfL)oj_&VmiYvbuUknC7i- zLMCn!e95p|SFhO%_yE44>8xZZS8cA7s*Hdgt2d_~i9d1{oY<1~!_r2;tiiOkVl&uP z&|WtR8&6AVjyw5eo#hH!Ok1)}8YZoRqbs?+#;9vgLEy(`e`ia-01f3$hhQhb=hbzF z=0=|8<#lIU<#6-@T@Cx1boF(x4CJAca15n&p1Pv3Xq;h$JElYV>@dm*Dx^l4y(nJZgVb$WM>`mkr?4Dj$-uIV}0Zb1Bp&S~9HsH&r0 zKih

cJ^o;{iQR$Yh8Ke%R3u4+XCDM3~~7tkIL{?I|KU9Y$_SX(#@%%Pj&j$&(I zV;N%w5!b{z^(NRFc9(WrxEN>5UK{j0<=eet*X42&*NwE^WZH6Zx!%1h#v`Wk{w=8!D|8R zTo57zr?3TUQ&0N+*Dj?ck;?IXj-XYBiQL3_n< z$0)?zf03!uz&l(6>89%6(U4byvXI-Mf~~N7R6MNEdlU!q`R$J+xTt3Q>#h;W6&dHK4)+>GrU#$nl<6ioW z`}^L5(s?+MJ1AW=z}l^`&=ty2wW@;){iE5`56%LM-#?e6?iAQFmG3a&Xi9xfMbO;vOg(ZFeTs#{o^#BpNn*(2-O>0$jnM zI63_Oj^n{QipLeK5vlt{GOj)4=K5$1cNzWZzAPw^&Zm zKFx{-O)G*OikH{uIF_C{X^UZHFq#X}S;x7($epRPzjFB*^vnl`ZTqE-&8H37!Ym(MLKCNtGfk0f$EI|qy_i%#MOv-E?5&UTQO^Yd# z`Pdy&<}szjy>z-W|NV*1iSIDNJRkVSud(h?=q`Yo?NfsHRo2Kj0gf!&dfE=Gg1NDr z+Yi1W{3uySJnFS@BVbdz;f&$FbKYe#TF*JN7?TWxeJcXNt4#ms~TOx1R2N z{odWq-S5N{F~W~t%*kNoe#tQ0hfX=ifErR;GkENLw;nm=`;|p>m{UMdL*jOOKo8&= zT80B~ifjQq%X%S#1Fa%J!HhFCgGzWE_2*u5##kvTM)(IHVvH0~yh-L%0HO?DZT+z3 z_lOe0h?Yk2EQ;c(fv24&y1uFMINXrHX^J$?6}-yI!0+>#?{xG z7d`#2g^uq)x(taDJ#OPIJrTRVXVNprOW+3tv*4R0oz9K%eraFaeyQH*;B8y=J+7z7 z2AFwq#(wGS zj0(sdhukqphiBAWPD4d}+KFl@2=9JK(hL@)01NMV;Tu4M5$+6zpi`X2sdi%ozfAC` zYO7)^BYXnNdI0paTpJT_XM_*EAjNT*d$2}hTv{VDZiY|yQc$(@3a*xHxW-y7IpeCO zb#c`|l=|M&or`AbO{Y7R&%s?u*=cETSvk!9f*JGRFI#rH^Jtl^{wQqTn=PAA6UmFtF`Xigg>gl$3U;(Ot zG_?l4-oRj$t?=L6FfK5RsYTib1b$Ho(oqB4T7O#FT?u@Oua?fQw>2K#Nlk4Cu@u?> zqRdP`l5%31S?wxqkL1!@VYye@WgLtTAKnSUzjd_vQD~0LV_b|m*CjKLX+w4I?K46E zPD!Y;3C`AirB~tx?E-Gdvd6X^b<1PtpS^Th0~fS^md(3^Dx);l`)(YY*ao)+K*})Z z(RwU=6!@U7UweyZTO8hjvk!x{9#^@?-F7xs)k-Pu6Q-C_`$(X*!yp7=b!`i` z)3c&=ji;s6l~q$P1W*M;P3UyzJSPPZ>9@Cyjxq;S(9W8A_-1I*GmH>8Or54V;5=nQ z(wE6pHPhkT750`%@U`+y`*nZMlh4TQaMKkRKHC^2?U~*%r4o?Pjis;DFvS6m!i$iP zgS;HJ7sTxYW9vwmuQ20Hw5^-CLCOI=;PYHrVs^c~!ycAep zBnPJv*0u0FsFJFu8BXgyss72C4M#IrU_4Y<*G@YvZLFl$-|5c#txWwwr`Ej&W%J`q zu%cdr^-{?QF&-m6jhy;=5N?9m2ZIM34NBl!3aM|a@fnzFt{Whc+WPvrD@>{asOb!Q2OSEnqzR-CdqLMFkUR-(} zz85?bI1hZug|qX3_-R1fgPu4Kx1f{Y6WM_HQQ#i9`H{7q4{z5=?WI?eEgIAAu0)F# zj!sdN2JVR%p6N=QO#7U=BA*lx-wvDvr-1gD1Q7NF3PGf0@Z&4uix5-3-Wyr>=l6FX z0QRnd=oMfi?A2O`JoVmO_g^H?y{=70t>9|u^-24s-EW-k{H5gl7T_JASQj{PU1^kO zC%TxhW1JUujH$PJqNzw7HwkB}T9H}nV)7!FLb$-LY_oufosc}DHS|db!y#~g^&pv8 z*wq>k7tu(9*75N&l@)aS&0UfMm+uSE`&9Q2f_%hk(%rU}Zk%5rd*?m4Esi}2XFCe6 z@seazz6$=Umke zlc7q3%fHW52PHMyFSV)K*H%ksRQemIP|B{;(y2K?G0hv(1ecq3Z~ido3VtU-pcsuu z;gSlToXWycdksNiA^i@;1egBCSykGOY&a;VHmuy6yVnAi4q6ltulYcQ2M5*n-A>0i zAh1fnC}zht7{U&pAZQ9}fRB~ZVTdQGhqG9V%AU9#!oa#T2x##cn%;Li!W9lJuyM7j zNxvDMk5jt))C9#to;~~!UgsRJeQ~w|F6AKBz=<+|yqLl5rQHWBV)*xcv-u1rJ9f?h`b(NDH*A6(;@T8UQj8zygdn^{b1|KwIzR>tRUXUX}X#wO()cfeST;WIN#g)MGJ($07v%0Xtz z8f#eW65z5KnLl?yB#HS`kZ?znM>N7&3RXP{-o3>+t>c>bA{>OsGEgRyW#P=!wVD+a z|K_{UDTl+5QPKBWp9eM=gC0~t#NMXoJ@2ls9X$@G*BZv*_(T_6ibRgS*MV-i2h#Cy zbxz`e-_=w>%@38eYscXs-0OZB#3=;CEk4Y(NXfffq{OloDaFzvC6x!n6`|UX$KiqY zSRehKBXUUP5nl@Xv^4Fq*M2I}B*#EkK|C0Z=lS2=op_0TFa4Gbje&U>jIjSS_iL4OT>J=u*qO z;DX#HI;I!Vqi!M#u`4aKy5d`~y|;JLV?&u(?XE z!P0K7hW27%$2fu6CL`K4LQ)PUS2X;rPY)|1932h+{Q-H58;Hl^3KD$F9BxDK|EN%rgm@AkqhRHkCFa#$tLxc^62-|dbRF(nf z!9@UZVwX8^G*t=$2C+1`ph7U?4Ek7BsC&%FQLL<}C$-P)2+LAhu@jQ8nFxZphN+Fu zG3!O3n-f^_!bY}T*a35pI<^3<>?Z2@>cD&vyswc0xcc-gQ*g+s}9N zZSRqzCB9E$_4ET)PlvphyQCC z%oqJBF%9jo_o;SFW^2cVT79*3f3wn}Mwuv*D%*w0t$6%KOt_c53;GpF#B7Wg2|5R7=i*K|jD^2jl)QO+M3O38A?uiQ|NqoB+YRuCzpOZY1Z&XzynAl*P zu>OuJi0zADW9PE>OiFve{!4O1bBuE`3>%HhA<1bQwT%G>2fbGY+1o(wMi`smbJ-{* z&xdtsIiB^B!7z98izH@;yG{;*&5U^dY-1-Q#h3i2v-j!vVBLd)=F=chr7(5EBqu!k znPp1J*)0(Y_!av6$LQtu& zW|2#BYQ5I3Z5;5L;UqZVojMrOW8`(HA*@1o^aVl8AMl0@w#iSCTuj^kxfoDqm_V!5 z);g{_UJOTB&&*N3^QD7M6Mze`sgr z#L8$~7aj!$!#HEycr^6;y5RP;H{cMyKf%RRA@sz*bak+p6N^&+m`hk=C9xMB#cO2m zyw706HF;|sIVa|{qWpK^yQeqZYilrS9Nag#!b1kSo)_8?847OWzw!(e$ zs0`abXHg~aSCt8q+aWt`Xp)rzJr3XHzPH={b+7Tk-V4|}(nR{gLNdJu{osC}A?>CmLmwNUQBXAgUvsAUP*!|@l> z&v$1PquDM%v)yo1HWZxiCdG)!<8Mpgc|qFa(;gj7u;zFj4DHjY!FM5e<%gLYIlGXX zXpxe|j`Vd_-<7a7;M*bp&T_a?bUbnyS4Xxxp{(gh_YKS8PEFdkAu}g)4_vKG;$3z* z-?+~-2^Q}PIoW8F^M&o}l?iNnlW>r2kH&VvCN~+JvQtnd1iH>x?6NA^x|i*Y!A^rs zR_XjRFA%}lz#MuPz&4()J5ZXY>9wLc&+n_92Hh!Dsgdf%2@5Kee$dZiq@(n zEziX|BvmZ_Yx3OK4moYLlj_r5FQi=;({Pz&8u1L-;B<%Rg7s!92%A{#%CzF)&K^>W z2ptcN64NRXex{r1H7-^ynTz6{A+>M20?8M!q#GuUWRQ&v9zzB#;#kaQ;q)rB$Iz{Z z)tei32)KX$`GF5oC;W9$?Y=ImVtvnW{M@+;VkJVRNbGp8qqn&YaM=3+c^x@?Zga_C&L}P#E zJ^<%dqd2M~Q)G|Oge)&YIhyIrzPG)Ui#yguQO0a|%9}j_k-p4HG%J{4@B2gS#@I!= z2Dw-gm+i4qo*eMs0n6aoAq>+Rka0x}+PX}Ui{@exWDKXFtZ>>%^rNhhDDS)aXn3e% z^gQf+dWeg=)ivt0U^O_%w0ZYl`HdMP2rB}2s$xAY#ycuOg(iD;o4@>p0xFnM{LfyK+$d<|B&G zZKv0JVhBz(2+oYzH(E`PlD`i5=sIFRV)9W9Q<4sNKkM!Iamz~-9q_n5+Gs}&p+Y78 z?}k9f34g%x=et;n6MAbMIZzX0{zoqxb6J(`dsUE`={$ zHo9a@)to*~pt{{wOpL1NVuQ^X;lVtlfLgd&G3VEAL|4kdwZ4S@Z^lB17la5SraP`l z)(9}wDTsaF?UiKZ@3Y}#)+Eo-GOOcEty&jct%r3oOL#ns`JupGN1Nn~4z0Zk;y{x; z8xA*B@+4wylB4i7g4EoeO=h3VgvkB^zCQ<+VSY_G8TK9-I4GOx&D+GosY4@kM6Fyh znRBz{xyd>5tR!VZh-E=u%@5^cR=<; z?j0*mum_8+@K7CZhjS1ahyUTth@043Ax1Th^2rX5?Tgqy=&kKl-;Femwc4{pHjgF{ zgUB=YHNP5c=?%A^zOV2N99Q=loO@#Jd~jX_6SdTs!vVdjhbe%C7N%8KLaVMaPO(pc zzZ62d^j<=?%zbujEqtDOndi=>?y<`7S`rzKi6P^)wQ`b?pAcDRg};#@V?JK4mzY3y zwVT%k*I*!jmj<=U3EIHwR#~s*t6O^`w5`1p1Z_=gZ@Rq40N>b+MInv$<-yGI~UQ2t<`3%~ku`*3$rAP*+)bgi~AxcD>d{_&Eb0Eb` zk~aArEtaatIy>%U*Rp|vv~T{>CfB;{V&oy!-BC2KrOtG%vrWdxUJN`mK9xVTd_u^f zkd_Zjf5dSI4R&#SYRDmW)F+)G2P5lpBl*~dyTLT}5Z6B{tP``$G%Yp#KT2;eq>o#b zeN2Z9yOX;U&ua8RdyA%rYGm)PZG6l2BJOvsZ`o zXf-cnYI>#+5=*CygY~W!QeIF#e34SB>nSaIMJF%dY8R_u>Yg1IBoLUrcwy=SICYt_A+z>-(}(rXWJ6xczGoPni0|_d z;2pub_A3tzcmrgdMIlmdv^#VQ2_`-G=76Rtth7QX*MXA-%qcZlOyhnoW}v#j_$BFda03=<#LD@;m#k>6WuG z!rqG?_=J4*mm8n8xa0Nhp7^h%l5G0;oZof5Zwk8HxKxYx-+A5H^{z>Mx$$RgN|fsc z=l<0BY1btuOE5+}+f{8Ed(AazHpa0_qTVot{Yg5LjZUo26op~s{pKsoH)koN*KbF3 zw&8J=J_-4UX>k>Bk{~GMD`u3idB*-Kc^qm)IN)>q9hZPwa@7peI?zCI|LNH|(E`r4 z<7`wUxg2MfnOP0$Zbh7a?3rmLtd<4k6OX%9K!e@c%JhUq6>Jc8UjfMJO4E_Gl9|*e zh>Dm2@4S!UjGN-X?@yJcKQ&U0m~!C#@NDb%Mvd)zUNhiTo$(te@LN+D7&==0Ql@|0 zk%A}8deWLRKj~=c_YVCw>726{3ATf+pbV@A zE5S0b2&96ifC0pTC@>lX0~Hu5Qt)2j0pArVto${sd;u3ml*kG=M{3KX?;VfO4=FtOQHJLXZNU0Es{V<3Sh* z1RUsFt>FK$8l~_JR{jh=2j{>^@Byd?`@tT7ndp2uSPNEypMeFy2xfr4u`0i`JD1bLR^Gx^2bEf>keWERB~Y71NX@|94uekW0zB zjYTWU)~~pq221aM+kQVyqQ`ViNwiQwaum}s6V|L>^&;6&RIp~n>WynlA5BRrw9r&I zOC!$qN2PdrrKegf^gGokB|-ob20q93N$;crSlh)HXO*7U{fZOHLqV?E+73)_XejiK9F&_lqS=#IqP81|rI<}tvGW>#;YHw2N z+uVV}ehaEoB6v5JH~j0T-YlgX)#mRwek@pii+hkx=S_}(-i=Ule|xy?dA4l?mTEQD ze?+*scr2T~#Sbcjsi5bt9Pa?}I2QrOmk?=g8AY_6P4sP*Y2maDFH7wkXyh}~rcEQ6 zTK}c9t6UrjoAV>&V|^)j^qA%Nz8M?=J>dQ^1yX4_oh)@(saC2lr@ZtJD-BK>9wuZM zAINq1BdCo_@=_Ke#N$#iGxwRLDYEZOHPSg>#&xjwRVU|*td4)YD!)jv<&{sOU+)oC_OhN66I&v~?{B3ExXa>Q z(&eo*Zq%E*;DI}GlXG5>l-r=kCFJBTDQ+8P!hgF<%GyTblKI!sT8Rx z@2lhve7^Vs3YFf9Bti^0E)v_Rw0RqyZ(VW!D>ktwy9M8)uw)TjFM5lSG!b*401KX*Rk9~#XkK=Pn Jxt-pl{|zw8Gg|-v delta 29715 zcmb5W3tUu1`#65)?AZ&;0?S3@CZ1go7e!kU@1_glaRCjy6`C4eTTKnMi*H%GniW>q z;;5izsg1A3m1;RE6mmvIKuz#0t{=3BgKWY80{NEL? zfHFrQxFJkzp%tYN0(F?XBY%3Hh5~)A(u&0p{*IV!BCW`Q@OOFtSK6R9KHrvCRc+8( zxKIv%BvmCw@ea2^OKIXOqxdd&@VivMRk4g#S;-8G;y-fN{VaVVl&*E)IZ>mTNd6%Y z-WjEb$V3nRHY%E4;lS6Tis9Ys#BKb7;mfmsnG&@e{olW0k#|wIA1Ax+v55oI(5%ay% z=>;NAj?u>*5hd07daB_Sj#3|$!~F`=OL`&Oj^1!l7HES zD`Q5}D@FWs%>7We!PVygT`A$;cJw)*){?pz7cPh$NB4GNYitIiJ}vLXXppT zI%VojnhD~6^whZqG7|bBH>U4-jaIws_T00Qrq4RDIz2ZuoUiukVAS%@|o2&YL`Y0GAHR zE%c1l4&jO`AKf0#&-Eljd}d`hU+9a?gV=OW0;HKLABOxXo~`0|ecyq~bNReipO_bC zGVhvg$mc0Zx-Ezw@4#8ZN>ajk(M^!20`P5LY%0WVx>1^}nboFpqydNBm>;I4&)9L) z@XhpQJAP~U40@p*JBBZyhuHDF5wmHD9e*?;E~6O6qWDN!-kxfP3*krypvrhtUrZ_u z=YMgLlwiQ$;*0fy*aa6>j9f?W7V!%s(-Ok@jjk-tU&ic`wJUzcD0^HpDrKwR|2`amOBu@|^;l1SfV4f(%ZBOr{(IBtL=WD0@91$}yGyI#Lhcw18AULn z_WaI03p5-V$yTIqxxY{;U_PbLWN1`FFgM z>bWA*uIAClcwO!Q$a@)jHaDHV*NHFZvT8a1kZI9D9+BPTRn9TO`mb#s2N+BF#Z7#J~(47L}EQSW#$0c2uB!?Jox^ZdPr+^ z*S$0|0!4@MbKLU(spCaEuDyQ?eXkvJ4;0ZVJFa|S27Oh;o(ERb?}&JH;bD5Rh;_4c z^bR0%)<`-|#IMX69wy`6{{D0lPD$gvvow(Q%Ux-Rq%ktS$%|8FTOdMud-f8D-0#Iv z4`zf;cRt6luuQ@$!}ts*zW+fM@{+vxsRx$go^hO1GU7-~Uc3qU zmb{#|IHjDNAL^u7Ilst7X~rj+wF*cnbmn(bGf3)H2O8^WCg~cEg`7O64u0=*$^O&@ zGX6P_q`LmP-XP~$Up*jdGZQDjRGn-J+6wH2NxMj@b$TCX*)=|d5cu* z+aY53{OW{+D(+Kk^vfT9i(&bK$Rw^z=d(b`*`KCj!X)C3Lt8zdk=VG~*$O zqHwlEaq2;dqPhs*nV%7T(pi#q`z+GFWI&@OH)xrj3*%EnY*?UULir~^>@9eTUhc%# z7jU!@YFxNP73E}Mp^-5uorU);ETFGBaOc9|P<)#Q4_*|v zgOo5xdC(*6P$OD9k_+W$dhmOT20)$TJow_Gw5U)%#WUYz7-i6=W-}d`P#RcR!r}rt z)qz(oeu4&4uPvUe`ogXOMS{@2b`~DDB$*B6KXxnfC|y(o#pd$|^?wX1fmyjj;Q9h>V}}F`n~qAuLM#!NUva??oJEDx&v^c%5l0{eXxgmR@9}e5)7V z0^RA=S$Ooa40wOXTeo`ICv@mY7y#ESiQ+PZeL%$uBc0&EB`fq$<^>P_cm*lE%!4~u zu=Hs+j$Ua9J?tJPCR6%sORbbo_uxe>OrQvO0c{$gcD=mIy= z`014L^e0&HXnIuEU&=o63BK>qX|u!J6x-P<0sil2dn#i{4orGl#v8<7qbd*|Eh>${ zIl;N1{O6*K?<*>E6h-qtp!j_*8UN~0*u1D=KLdecDN4eUtp&9KJ03NtK65bvWvXxy z=8CoSAs1d&oK2UDxVkt29l%Y+nL39^mSnFU&L`#bUD3V;B;zZOk)aCBqSUg*c=)PZ z^QS<-({|}yYY*9^e3VNWsD~7tzlaEzh#qbs<4-tbyvj-G>@cJ(JiFle5v0*hpB$tRrJ-uO3w0jH>c^6UzjXK$g84K& z{xOZZ#&I{MYsYc%W2||HBfs;hHH8zb&JO-=9RE4)pJ{67(30wSlib%6Do(;x)`aB7 zfL`YjVjZY5I8U1xyEdi)X;pl=k7>&T?U2BLFLN-)-&z%cL4OejoXon_zJU+&4gB}3 zd#UmRgsS+AkFnu#RyC?8LGMc_OzLS$qi>|-M?!k0jYnAIROZ6GHwN=Z#6L?;DK85^ zO8JKx{4J`0+CPGD8v<@wlTgqGD$-M{xA*k2N6`8>kNk)#FTc~Vn$m1%yCs@Oh;si~ zGD-RW1lSGa`6Ltm=81yrevV?JoHshFI}VNyvaQUc@XFkk#&t=QM#}$JjN{I<%6TaW zLB|?06Nn(Rx(vEI&CJ0N;H)8)6mNCoq9@bM*Bz%@nH|*jfn3NzSh&2+-30Icc(mus zR3cSAzWIYXJ4FU4a zUcusFx#~al!Q<}9P~9GAH)>YrJQpAf@w*+t{9gB#*2I9^3yNr*9=2Gbh=-tsFb2X5 zlSDBI!eodqg0LQf6@vaqeBL&g=#jpOF6G!H$w5j(uYhi%9Ap$3PHu~Yag5B3GJ0Sf z8UBnnB8SyVDnt0!T!l5k2XvfAc+JCVgAb6jEiOtI(?BJYwHk0-2BI2SsU~L`w&RgGY$`#6NK>q41zKy|F59KhW9FM`x3$sFuQ3L&`q}BElO~^JiODes>mtKDp7Wv+u4ZO{5W-4CGp*pCd{7zd0)n#ElLW$YM z?2>d)3ng8aq>3ylm(%PK-gWuGBb#@N@$7CfPOUgZS}O+9<;~2Fmvd275(%c4qa5iS;g|b;8i~vmFNV3T4k*5)9YZmT+ znEBndK5=r^2ou3h5-T5NsqQN75)Eb zRNrvkJ*Z?VCjm@SZgNg4;FGVJ+3FFF`mOsz!st@IR`;xh zoCGM9lr#($VX$uokTMH=Q*W?M3780Pj)F2NNlC5#iA+(90_>~Ytu+$G_Sv6@ML#A{ z6a`j7-z8>=;-MuH#p4jFA=n_aK?r(SqF4aoNeG)E{1-yKn4pi7$xjFITYXEEwt0m& zU5ZwcF5%4*^T1R{IqL%U13ek)@Crv=B=5q6NIo=7!iO=T%_uFjnXn~>H+q6vSk60N zm`!9NBp5tsES1*POh9(Y&?&D_jUlWeAj5Q}X-dvlP{bq42%*}4yB*n(?*`Cik40H&u zf_!!@#3h+rpKODchzdEs-fqw#PT9P0EgHJ8*uc4jCp_bmekw*uZx(;iDu?ct=gN(9 zeC%nV8?jQNpgrgB_NO0_C{6Rv}FXU$06(ELtEWJJu1u0XYug$iNoc5i)hfv zY>H!O?CoYnj>5?BGV??)m0Nf9r2E)8ABuRhn?e9N_4)KdZ3+A$Q# z_;#;BC%37fdsMk9<7!{`oO2RE{)g7Z@UOTMNq4>I@2+3K+`jCtE+ZSx33(3C59M4| zPBd6i@;mv}@uq+I7%@r?;YW%ZO-P5dh$0qQm+-!e)sD)61S*6-B!ZtnXX@oOU3_Wx`a~Kz#O%fyod0cL~77@8#VY| z{NlzT=4GyJpokuLB&6d%0JT_j3!^{?q2yBWLZ(}gxJt#A%qOjGAsS*=QCKcI6s{Qw z95KpERHT0exFG{0<8)SuuNyA6K1CY8-rx8VX!sNu)CVBUgRu2ci6ZhYU0s5wJU^FF z@y~eid(X$j-gJ7wVinRMp;Y`0uQK-$PNIROBvj%n&-am;R!9_4kK+4YNDf}$PUli# zpYIhq@Q@ec>E*?~^p zeKBqHN3Nu`?Z<`|8E#1;l5%9A)W7O6+(D65VvL?(MoA$Z@i3xsdKXBR_#A>g9-8U$ z;OZAM(A)Tz7yC!>D<$(UYxpIFw~2r2J$ZCNz~i1`Y?QQCWqOBm%?(gQgRAd3Q! zw_T6&h^lW@1A|**C!*rd@NW=!AYJX4)&s8s_{jnIlK@XsTU)~`@^Xk0P>}5wV3%9H zDH;_M&`~bos{P&`&`WL|mk|Kn1)vgYajRQkeRAl}6&nfkM3->PKA;Es2tcy|=rsV% zQ1^mx$p?kvK6S4{Eaw(-eVB}Y>Vi0e$?Otdwnz0~dJ!-M1u#tnOj0VWl`x{^Fc9aS zr4%@z=OR;btV{T>_^+N`{o1ADo(S~nCg-Dk5H%f;Wc!dDB}fcWyoIT= zeb=hsN4fC0SCWl7_d=ht#_)o#3qou~dGmAU`;;}qt+`1Oev{WD^m2ayO=xSLlQY-o z5l;GqwcK_;@ZSi{v%TAY(SpFc!cE+#c@LX zNFVV{&cJ#aCywbMel!q2I6%CJ$CoD2(O`io)kQTs*t{6iu3rdzqz`^0fscvp^7@vu zZ#8y+*|B>1CRqqavLaHX@ z5LTBBq!ThR-xil3;V*fZ9LDH348YFWXSZ4P7_DeogIB(qGIW!}&-~n}omDGYSqTy}~RJ4R40Z zx-Da*y0L-k)JG!oK7*5}cvGfNMl1LfM_3*l#jY()fVo9lLqp|Aui|?-h|u!O2^Rlu z?IZKkS{G5a1<@Jyy8T-&OJrM%!4g=EU)ugHeW)1EF5j$rdkd}br}}#shgQ5!^4_bs zMISH5`*zHun~Lk`ogYXNe*s|mDv6>Cp0V)MK^P4o2g0mX_{{D-be~>9@Dkar-zrf}pwq;Wh;6Y8a^1b+5m*1ktm~ux$SV*}ago zuefgI{!p3*LY}Q$2`8&z9?Vx(`0{dA*KIzqnoc22nhRxDL6`-oHo}uMB55g|`(P_# ze*ndQ@2a|#cR8d?fxHR`@2tj8RBfkkuc`}uFIpKl)iYCMf~EXY*bA{HDK8Z%4S7B- z;&Df3tEK!Y5hbyvjpDJPQvMa2O z!E`bhY>$miaJnQ`N@w7QttZ)V5TT>^dwg-=gDuCR%+p=!PO4vsjbtx&$-49=Idl-! zFP}%jtckkEz$f^Mk9TEBRHsR)m9GBW22R$cUP|?2O&@hoVFrGRugoAoA9DVT$c#+l zk>m?_vYdpsdbFnLOC>xtVfuUmALo)tgHN9k6(g_6>3dF-A`knEbW#ibMS@(7%qS=V z2uuW(T0@XA{3Xa z&30OP^3HeH5XhVC%%uDn-2sf2K;y?dv*gOtNv64`N944xP6p1w^dAqPi{U)=c}1AiMo2mC!XJD*n9hMisE^ZQKJ`J!n_1JK zV?QmAKjtsL8ID5gAA?5D7V9eO6A{GV*zDvdk4dEb6r6di7rwt?3EkI&KWTUgCE?75 z-ngjo{+P+0yX}aKjpCC$4F4NAWi)P#@%-s{j%1#8GyEGKyzJ8%VJ~m`nBf1 zRUR+c^ImgHswj<1%T!9r6#QGRp`0?8DkqFn$JvE3q9Rveq|%}qG@w;W`7vIK?{HIm zy36C!hAzN5Yk&Y-PS4lT+VLKFE>XT=nLxo)Zc@QQC>{|g-mn@E|3*vyxEjy?W+S>E zU->2nEa*P)!A;lbv^6;T+bnq0&Hh%2LVJNw>4ID$cpz={e-EN@JC9KfaK>PegVnfu z?;8ff7wKb)LLp^gO>l0w3GJLp+z@C4oAVa8UlzqoV)F2_`O#7nFg+`t*_>b4=ITFX z;PSezr_5332E$%YQb})B@H_138oE*t?zm|%xKUe^xO8o&(CYH1o_5FQ#2O8dQt29N ziXq!p25F>o*=&?S;(~C(ja|*`prvjLoT!BN$c?j5?I{QsAv8nFDj+mMXo2^wIOn@Q zlO_Zz-s2`!s*KcD`aq`;;`Uc;b_eBwy)!+oi0qQXdhC5(LFZNn?B4{}MO^jWn0^vB zy)!cV%`60y=XDY7LPHUzccC#fzS`2IvD~k{yq-9fM5Q8s&uZa zzY#Qo@BcMA2$a1Nufj;4#B>(z0)9nVZby|s_fno#P(>)B&;D`fqxg+#@e0iic`H1wy|Zf~13{QT)PG0*s5 z{9DD1K%E+Dw-PG#O$lfr9&~0<*ku2qhtpq3g_oWg6g(Kx{HJ;w@!m5@A-w}-h@eyB z<}-Z}!X0O3MxOB-?E|n>1~R1KSwHjzd&R$g7>M4%Z^Q3G-26kY-i2PI4d?nA-NJOQ zmP?!*Z&YjC!W8WOq5srT-jKU&5M;8=bHK1^k%oqyuG-)hbPdd1C2ls8Mh565Yf?=c zMuXBvsc3^5-mUoYv%`Xu9o=1_#z)R(hBvwguB$Z3FnyqX6OG-%Q7k`~H0ejr$eMt; zAt%ImUy@ho>pO+&J{%#`d}mkOwc|E~NT{_?+r1DTgfI(sCsw@b+(W1gH=pZ`qHx=} zshUJLSVkrU8)>M|E%f%CMcj>ZGJf#IjY^~V1`KUDfl z9;N;nyU!0){{qfh;A-J>4Irslae?jMbXVffkhtbZSYFta?zK!M=XY*^nej6=Ur0ig z_{|FsqOsU}VGw!<54xCyj^U{n`_P%-P<1h#&IL!Iiz(<`{Pjgm!ozM2r-OZp#!IX& zBYM_{N4Vp~ic4u`;fN{k`4v4CB~f^B-e6N-)8{J`+MR~3sz+Dh+eSx!CX>CVbhp$mIlc(8~iymt2m664u~@i zY}WG8bX?KwrCQ!X&z`Sct~|DHd0b7LNy{rBeSFf(hC@YE(nc{ukKlKhK4}FtFyEGT z7bl!xGkb)Gym6-Qr1KiO0Y7Oikm!8Gq@P+CAY>tcrrQ>-I4_Sqtu^I$Mo<6Hd0UYB z&_?={gvcTa*vauM3e#sJO&8?Csk^KGY5AwEai)k)%W6e)tVzSGQEU+*Dq{poDEsM= zuUkR1l4)rm9QhA>-}}vfoIVqQ1#AY~V=WZUxMa}&;`w9cyaaQ1#F0sPMD6x_fw+X3 zUcCL%6O2oU0XLt^Ed8Pfr(YfyDhEH)3m0hxd7?}B*~|L0upY4y0%9XLuL!#F50j%u z7zth=#68F>O#g(4i}dR-N98a_yDJOHEBqUg){39W@BKGWF-!m2w8|c+&;J3c@Nb|t_CUSy4^S0<169-m_4GeLo&6iAu{}@^ z`~y_XvcI+~rUz>1KR^}!4OC~qUB)Yf5vacz=Ze39vh_fE6#pj) zt(XcXi>dh5Wo^W1r^Ig|2nb-sG@Nop8*%)9l2uRO*;kU)dz>-AF}ekbVk+KzB|XmU zq>^H|Ti~)nGW;?%Z8D|)=?Q%PN=mdx7zch7>H0%iLCwH-iexPwVVDO;wd^60C7jCFKeH-cJL1t+5A8D1nweRzRsY;@^Hsjhtcc z?mD8=5F5fqoci;?Uc>$tVkzYG`rDiXkkcjpT`g@tC&|u%SIh4%9Pvv*{Cncv9Zf1F zbn76b;b(s7L$7w?*M8xAF4n*3WTXxH$vEQLb~;$Z2d||--!)(R591byzjW(xcs)i- zWj_B$ruN1yty?(druuib-UCx_BGaCm>gi%0(cEDaXW zqrV&Ig--1FJ)LZ!2lJ!pflj=PA5Mok@jl)_-*n)gc|CpFfulPH)AbI_!Q*WQegYn) z4!j>8k2~-gc+7QR*{%CVJB4cR9yn=n2^sFTTC0}j&@h+aamfY=&3`^RbPIjqAhmlh zkT4Bzz7-QS(&u0Hhp>l3EC;@MD>2$BeCtyh@6Kwo2eQupCF{R-ti7EQ)#~`OpN?Co zwc|Or6QdG*=YDr11E1NOx7euk|M59>3ub@DzP~^$_Gf(YmyA3+9?*H8BFXO(kX*X`6L&TRm6QZ{KCF7ikL%R~9s{fMlDVWE)(sT#?T6?=w zxc$l9NIO7l`-1^PM{ntRDs^vWw8FWq8jYpf9NTWfo6S+qA~cezgK1gbqCzp{k0Hd;+Z^TF z5z3_>b(H^z&{{g(Q9g%8*>sqrd>@U{=`MTu8F)smaS$)#?kOd=xnOTso*+S!=|lGN zWfGJ{Z?c!aCqX0W<@WOH64Xg|h~<|V^a))imcK4VtHBwyJVJ(^qGQGK%`$Wu7HXxp zyjYGthM3X&piES^%*(+~pgB zkwNAZo`K%&T?0p{sb9J`{-zAiIB8*+aOiwucPVjVt#j-KQ`Z^lc2YJ3$@$L0@<9xWvBG6l|gWIfqa?+;d2N! z2*r~msmilii8YS(ydg+aGyQ%vs;lv`U16%D#b zDv#yDMS4nR(fr!*4ntVf`2;RXl+4X8T3#Ck?_uX7MP}}VA|Qj3@^Xpc#&c?U3y>Zj zTHX|n;?4Efs|^aSc#`GFqnuM1=I~r@0i^M)RD-P2B*sWt86yq0+7g!+n2P5z)ey8+ zqF^8pa$_3&kYG@NJpPE}{V5_-uQUy)DZ9RoTGt4y>o{NU1@;4wHQi;ug}2698l3Bj z6~2nS!oSNOi9oUD0{4}ALP;m6f|KreSCwQPZ9tqFJW7r>kaq=V3FHs*{8RqLBh33$ zZBT7QZG7$6P1IH}@wqPgpp@B-ZL)|i;fe$N4!M{HT0fM^3j+Us^^h%GhBgrfr^apM zn%ZRhVdgwY@sErBMKC@#Q#pX6_;q6bjW|QS7@;=Y zkQug$*?N@yX?t|m5LI3c8mMd@7g6{6$ps}Lc)QNXdon-mKg{72pQrd zL<@xI!T-_Uuag08{ZmV8$o$JPQJVFukqL;7K%2m#%on)pufJmOcLmI`Qmd#hVz_GX zESXrMhx|;ZG~55&yIB{9vJKo^v&g&*r;1c}@4Za8-X{L)2{Rjav@Nk~H_QS9lfSWGXHz|D%Z5_)h@nPhu( zGZsft6*U*dm_`jJns#vVoh_4gh%5!YtP5%`6U}-`qP-&8A}M~mL(w9AUD<*^lJ$KmDE_iTy`vzTs%;Xp_XO1jmz88GE-5Q$oxHhEg+zPCoI~-m9kLdR zWmC@owEiKFzofgqt z-F5h(D>idz%ZEm_sG=I>=b9BQ)m?^%PTQE4T3?z){@+uT@t?&|EtIwo5JK@%2XSAI zFDsZBc`0Fsq890nHc*YLy4k6W*{x?KpmTM!?PG$!j4(lLA6sSMqDb)me$UkIR0W>g$_EsV4@yKir?WE z42rBs8)DnPH+yc5!`6G-sG7h1ngo^XcYuqN;H+S-!eyTte9nu4Pif zjyx`%+sh5+BH9)752C^nxm#h|o+UjORbjc`OwgcoqxN9t5)8!$ak^TZjdYc8 zli7P`_j|Dwlq|s-Vml|QeT!%sH;lWVJIN8`d0aDB3#cP2rg8<@WMT$aY?v5-k$G(z zcTP-b>;q(JxJr@UL$I|>8pu6%O}-q`CI`8#{^Q4-3f;Kce$eKAzpEoV1Y z$E>4u3SdNf>LQe-u`*8r7eiGo6)({#7auG|*}$==xusMRjM^f48^vF-GXZu>sBZvb zFmS9tBT)d76ZVGsv!!&uIi>VgfGv;!;{ra&H$Xboki52hTmo8P-gF7$ z7C6Pqy{sNWM@83JV723PHn6;<}BN#)?YcL7LG4F%_#@osd$0Hv8} z65cI_00xkMAgDZ-do-xhl4>a@tt{cfxj3NeS?_K!0R|}%Sg>@|B6)>|W2}0}*yL@j zmFOayVfv`4Bxa|43#En8(xk#Fl`hHxAuEM@C^El@eYyOlz9<2`SpH65bT4c2qV4N} zy;FR#<0Y7Xl8EQP{WBV*zm;S z=@=PAv8Cb&iss+&qKZ7C7Dt41y;$TGV#?oS(FECYyH`lHm;cJ5xc+k>9&0}ZzJepD z#@iA#)P#nB6P#1fi2rGYC8=+0y)E=FAEbe^y+QW!0u5Rj(gmJD9j)P0pk)IS%D>j2 zAw!3_ecD2xx2T3yfz>dmtx-;chNALm1l1yKtrnR*UzB)-E#)J$s2?(aI9H1%A%>_9 z<&{aG;7vG{Ju&k<9Jhw%-zXaNZj_sP^rwqZj8Ul4oTDA+4tT z)nwF*Ug9m^pNtaG&GLUIqyBW3xBO-@iiS)ncb_lP35?FJ=gML%yg@S%q1|noR z+`Lz(N^HquIE9ATTWfEIzC`s?4+^qTH`TL^;E+r68SZ4U7lnr1Ze7Y5;MN??pLN&& zs?4juP6hMzsANNlp(H$;)&|vUEj^MYDBuFMwB&{0`SBes_g9fnKwc? zS<%WkI(caA2XVsz%XVjHXL9Xp(CJCs2e8$t1T3H42%Yd;(Wf_56DAZr0(I?#TvCII zQ~{Y;kd;}!It9%e{H3G*x=PO1uj(JzssO!3HAJjx=14iDr&1lw1~?Z?1-HG)?s88G zN-*CGj_ENC;E({)QNvZ=r8m9-?pSM=HnpJ$`Fnl1qM9)|)d@5|)+MP7{WhPcgF_pK zlpqk#!7amlIrju|s6Ya?WVr7AO&V-^)&N3+8%%Vgm`g%UpPgi!a##=NPb45kWg-~f0prbhAR`V zp^BOn+_;=d=!*}XOotNMNAnF%Xsu>cF1zSNn@qzl(5%-KO=)QsFQWWA?zPQrkMF1I zR&eP)sMmU+-g4e!&I7$gLu&_5IRR?*32_+pmN-YfXYodH2796{V!CEAyJ(|$uNqD| z*|?T6u@$Z=E2V9mx~^|d5O@L7{NvyN3aU5%EZkM6HAvfyM?>IPfK#7n3*OH@-!h+F zAkn-f##uDavFq8Q`s-mZRm`CQG}8iT9(00&3B~466zd}cz$5p+B^oKxHaWV~YJ^^4 zpjSxmY=D5M5Z_*d@R*8flp^J>14FVvXA{{4-WXmTmkCE261Z0K3z>av z#QH63At-ypdoLTYgBO4W#jodPQvj?}051$`A>0wMzKRf$MjO0TGRyflbAA!}vmQ=q z;GF0hV!CcUZmK!e_9TJ}YAzafVd2pJI1oRvBGdI*vC`afs%=dKEI&S6B#XrZ20}7x ztzxE{PK{~s2*0~o*f&=j5P#Um?ueyfW3{Y=W~1O!C0?Pxj=20g-eMq_P9kb5OR)nu zdb>v`g4@x4vi_LB*MYPfZliCB z8MtJxsJNa+rG1gq=hOM2U(XQ-8yZ3HYiy%3{i91X0IFf@zd*w?2X_2rpa@W18=%sc z+}lJ7QMv^-ihUkp(vIsux*3kiJi?c*BjOE8YCR&}q!=r?vDqk|7CS8rce-u#A;o)o z-@H5L*(SOv5Gz3vE9od`7;F}ZqN1h@8kH6$Q7K-yEO4n!ku=i4vKlC`9a``QG-`p&rg8}Sp$$E5)?mFx(rd0uoEZ4+JU@S5;y zn*aP5+^VW1)Bj~pU&qTlrDZ38$zqS9Qg*;A9E7_tj_ONos-=ZDV5`!6L=@H8Elq9A zu51p-frg3fp7tOl*+RDmDT8YFv@5BvIjYugAEI=H4KHUOY7e5MwP;Z6g(7nzQ+pW1 z2D&J%u-1^+*#<9KORe`%0Jsta2=p!hAIffNJ=#Hs$-loOMgbX;*yAA4-?T|u zLON8zyROs91MM;jB!6v42djJ@;9#N-Dr}HtlXRvQrIlV#bRfmi4oR5g`{Nyhsj%^# z&%aMz;U*NY`vMpMFWeXa`QDJ`15L@k+Dddzhw!Yc{NNx^Nc?k?l5edZK81*?;d#KX zr5VOZYksGJjj(PNpF!&rm0UuDMca65C>^#X25gWC;h|-;j%lzYL7D_s4kFi@3|fzH z!HFti1+5A_=n>xY#XnmW0r5(RYd|BN95E0^!{Z{3VvNUO7QTe*b#H@4$>F6X{7zP#!krM0?%~A4kedU!Y{Ya}085+>VFq}x!wIuf55MP~hsC!j zq&+O|SED4l%s}QY%W^8MS9m})K#4w1BmBlWW!>v|hQT3B`iN@qQwZ+G0b}M1ApLuT zL7}K9rN|*@;i5IHoySYB&xbWLMjK&7;2JhqWS>&hfE~L<4fjf|*C#{YO#aj>D9gj| zLA}kgs1tBoe4VqqVAv@9j)!z~|RxMRy4*%l+p zijJDgNWzhAN>N>;Y&XcjmlLkHJy!fnE5$yPGtwGU84lAW)K2`X4_aa>8SV=BirP(cB zhx-6&NDgdGZ59%fRtI%AVq%@|lvq8LTj z$>Jt)(cvbs2*TFGRbmA^3*SQgEiYopoPUj}61Olk?0d?XF;(RDLcVWbiuf<>W2(qx z?OaVRJpK%l-YbNALSR7aubYVy!W|KO}wVxTnDC3DQFZ zuAdL_2O&HRp#;*NfagmP${-MdTGgd}M#ED5%+@q*q_IjIIjwYCQ=4Vxv({(dRp)?w zq2LBRkSc+NIF=@4uBW9eZMKGJmBu6vS*?|ziB>6c2z8IZasfHv4gsW~?KZp-sI&>5 zjdxW@vC%nD6`iIng;j2$`mkoJ+DNMOSGX7|q&1|%2(82_gN{$)lt!pJqPsq`zrvxu z3QKw_{4P)-dRn6R9pc@xv${H-Rps=yUI#P?zV<_Y7kMJtgiq77j8$P&9N<~DTj~%p=VW@yZSwoQ?)JUy#$q352F*}4e5wdq;d+-SrMPOG2%T+m?=+tQR#AuxWr09!@5sHnU1(=fj=J z%u+Ebv#E_+*wi+@D5nzf;h?*~&^qnHdGIMdYIgZ~dQN3XSM*w{V;Ew}sE%ADDcgHM zsi%j~WpLE<-lliy-LMpupdSR2h3XYvb9Hn4*%2D3a2BoSvfz3DzAAA>ZBrXQ&?F}B zD-{d(c?6?KG{%LXF@9CcG$Y--X1Ly2Q`n-fp>^hk%~=(+PWoMDLTF1?#mJh>L}klv zF%*=UJR5w5ArPNv1C63=2Z-o#&H*q*5pQy%ioNfK0!Ki6h9||BHqR{q^9Otf!_8Dc z)n!%UPhRtH{>OFdr_>OWC1n!Wr(kb zxD>Vv6#H0?2CPQG;0lxLAuRX21-(a1UwXKMnCVMthRx<9IayXMFm5*}*re2#7A;82 z*-+*l-+O~)QH~ZEw_E6M_9c913F#;a&H>A2HCG755`3xeT4_+h)Qd zTTm)yFQ^g?3tk0YhL4qs{Cosg)klF!(1}LoQQBv%7Va6~Xj`GAb-{kPak6TlMVyP_a18EnM)B`7MX}jciI;kWF3l6&zs7;Tj8k7XqqEg)gT7 z*MR*{2#mOYUbx|^0%7@PO_W4Y2^^`L*FO%N>M#VtvHTN8Xuc6__%>mP^(`nEZ4Gn00EY#sH`-POS=k#c#l5VC8_3YROmEeLclVPX zwu&59fQ|zfR49=9&ve0}x_WvPYe~<7h`z z7#vGjvTuh{BY_NB8ELH$%?hwxBKWdLL5qPqDyj-RLaLLgrC38+td+YMwJoGJa}cl| zSyNjdxLF?$A(+ZMAJU~-au$q=R1(qX5}kTjpiun+x3Jmm7V_M>%BUTLz(F3^@lhc= zw>kNatxld-W>1X`sx_p7iB1z=7P$kNvlX#atwl$=qmNZxtJ*@^onTee#+H#-qLnCw z-#LO|{>xy~(T5_(M}9Is>R1>C`oJFfIr7yqDine$!b)k9;0*n6@gl9#Np*bGksem# zywy?TvEbOl!BwEXoS`jsxu!)!Q0U z5xk4UE{Vz2;XsTbt5=x{@(`LeA+AiZ1JcZVlr^XWQDIg*vG_d2-dC5nW7fo!i+$iX z369!wCbAdf;kVDF*owHFhX5JHdr*(nuY=NVs;zBrzNffZe{kv?Wl*CWbUQwb)>Z1o z2+A((boSke*v}`9zwrIUd(R)3IOf9MiO>hA5{#RQ2^r1in2LqEzGovV-sO7j9L7Nf zD7+$tQ#+9sY(4{^C=JF{t$J6~YmrWrnE_`$i#aNlpfCc8a6`n-m$Kk+5tJ8-?Y#q8 zX;3mEw9yq2NrYIB@R-X|YZo2>GJ-o$@GEdyHrBeV^%i^v1h#TX)Uaf_pMlkpEx-(q za2mF=QrOOB1m2rmcHur(2rN1Os`YQeQ=Tf{d@s^RC40J$r!T?+u7fbxmy=k|--{xm z=s#s&hwKsmDvutA(%3Uj37iVJ!8Zr7^I8k64ay2-0{)j| zzfzy_j|yC}ohWcw_Rv2ma9XI-1t;V^8rr zj8hHW>gN7G5$lpu{rVa~hf+waG{}w!OO>cDfT4BJAh>ei<25R|b-PPZvhunLvE*{+_DP<#8S;1p`0q9G(j2JfG@ zhfheX-4Diz3{Ik&a05-C1{XFYnX|WvLkb#iNH}WyziZH-lxDheDU8Gvr*sEXL3}^b zTDHOG5^3Gw=F@HR2>sJ;;e8LyRXOucWEo@++j0Aj3%oNpq+*AEjL5&oK&<*~t8~W^M<)0#LW74;_ zhG@660>kpz%Pe6Gr#8_#x>?4uMJrn10PUIY+9U@Ib#&^|=I@~25IdF21?^{!N5&CL zr&~B}hZ6zt`>ld+mpN8bnzX!q3z2rCIL@-){Njl=<&YC?s`!m!GF!B<-^LSd%mFZL zhii()w`@1fG;a|Ts`aW`F|LJ9trcS$Wwu`Fcx^-pxeQ+=QtX}$l(xmffc06YMjEzg zw@6bP#eq~k_{{8mQu7!QvnSdV2NplM5io&Gy5%jv^5cdj8-7^>Hu+FUQbCfkQL}!( z1^nzGWPmw5So@ZkO4VOikc}l64Wq!A;O_ws^Z;dIMoM(L2E>}+?0-)4zE`)3<0x5r zL~Sv=_h}|y{#)TlXi=DQ;7A}CY5E}0X|H-Fft{YRl$7jgS5TjUaczScMnvs9!`YDi zZAt!(7=x;X01tCq5>=KQ5se;6BFq6`CL%Dlxn;oGm^4r-1@k;!Or)o4~JQ%kXKW@wt;MZRh$%f zO^Ek-(O{_d9nnT{O3o@8)Fd6jj$7k14||2D8@lHM6}GLKG08Z#ufIQzLi-JT|Mj9U z#wkgo_-`y!+5{T{)tcfzaazFTWNdTwvX^U_k}Pm4(oE()Z5i_a8aw;2Ca!#spEH?+ zNeB{9C<03Z2qgHjP_6FcUfm>+0a`>v@TKaCYjsn6DQ<6-+pe3S*rjW?omg>#-D|r( zwhy)IUCegZ_=5EP>2}L5(QS2A?xwx1A=3IJTh|N{;?LPOPo9Fq=oH=u5=FB-~ z&Ybi6{pOeN98l(v_V}ZuiKGfXh)#qqwR;Ss^DoO-Pts?~3rg$~HVd%=k zy<8t-4U7zBp$ieo8}c?0Vr4USY#K`mbT^UwJpqrRBkW7|3odprYYgLu7bDesV;&_@ zVpdv~Yl(J4Q4H$n(T^Yp7??Z9k_)+CU(9Y#SU_A=IeD_j4j94P& ziK{9}{%BM5k=y*i189w!2-N=O`~Ap*ft?t#L?#$6AZDR=@wF;-zd|G*TIt~Lwl`IY z9&}qig|j?>jGc%XGuhCOU9=?NQ-l(qqOoL_tA^BiekhUhLpl}CDsO|^3r*_n2HdNB zr~>9-w@z(ungL%Y>P~2`M|)5x)~p`ILU8h0GQ=lt|D6`2%09&+rAUS@JpK;4>7&Ydf!LaFg!?LbI#wFjM6 zmLIQ%!CK2}&LHV{NKEjMd@5-?oWy)~n3Xg%u>Kxa{H*BHgAip5+ALE=lJ5y}`M(^j zwCoSw>0&ttU(EHgCP!g4%A~g>T%>SDSC7iUf1jI9FVg8+|9JeD!$i|F=(6y544W&M zm8lbl&*zG{i?o>ZH&-YyQ^augC&v`tNRN_m-*C_13l?UX`hQbd?xs35k?L*>Py9R7 zedy_Pi{bT@6uwo#N6LvhV&rHpt5CMxj%^FaIdk8tcrP@2<9ngG8{3pXW1I4+bVT_p z^k3sIw8w3CUm`ubpmu=g$r`=5NBNXAL5(n%;*}3?UQmrzu&pMvbf$zTCw#<6|1}OC z)FKwdaT8h>(%Xu2JNxkz^A3K7;Fpv+mi@LIXpvf#Qi}_Hnr$;*%;H;&2U&a`;*Bn) zrKDeJH}b_=|0##0oGE#c?aRl$5|?tu*dOl&#`}d0V=ODV=m{1f)Q%8S6~Vj6-M+x( zWG{!7G_f7#dH2CT-#q_*B_KIkjoUeA_CH~*?TG7w53j{Hb~SSaM-WTG`(p$G;$34H z>^TEm;m*K*<+E2{f7E-_ZuPU1bA?!Htt`Hqn5z4!X^wx5{gU{ApUfm-r;DAIDG%Po z8!HL#ECP8v)tLj-r1P_Euzf-JvZIjPsI*+6Eq;Z`@$61l?o{cFr-74o|vrVXsU_EGa(|G4mcWRFGJwZ;^&QVg-4N1>W^c44dyH|<0*!D_{fnqlv)JNLEYHbDun+*2(( z1;M5I(D{r-L$|qt&+#=YJFWdrrge_sxNh-d_{6FoQ!g@#UGX;0mhF(=#SNM(em&8c zVHkoZ#3I2a!YMNAoX61Fe-N5&{~$EijuxE%VTA_e@)&E)b{1~G8^*|_7GoC+ObIaH z>#*K=#fB57w4}pyP%S=sJQ^K_;Wp+YGx*-0IB4;A`{Q~+q;GEFOyBEQnZEXaf|qI+ zre98K3SNvxKf?jcJE1Q^lhx3&^uczgYZH|c{LC5Pq0zVg`P4Sr6^jmy(k=^0A_&#zPgJ1|3bL|VV*P-4o@H))g zy|;EnOpR4qn6^Nxg8jz5!AfLTbDJ8+v$h-lC;#f>9IE-LP^8gwtjA+LA&+XB!>(#{ zy5j2VnITv5%&)na_zi`iY1&{p!q`#LiA zk49e~)eL1?(xpd47y=F_LW6e_*6ndohZZp-Q>4=oSA5%*nAZ8HYg$WzB~A-+Wit<LgxTQdx$I+s4K&J|)kfbrY`-CWC_8H=JXbgk`3|fMvEJ#eFfvmrA1k#WfkQ zpo(B_Kdf;(CqsU&GiyAh-eh;H&GnCCF14p5GgC5PN#{bhC?y=gpsE|mZ`NR%|B@@+ zGdVsVr(U-WPd>#oIhR@fBg}n>UNXg!eH0Cs_4Jf;4}|W^&FIyMQ}<}j8h7)+gCt`M5ouHmmiHz z8=mGNrW^e|%C8I*=AAvtA-2|JbxNp&XKrt^U%lL;c;1r4tWM34UX|tDYa1BoQC=yL zL~UncxzPEi%%sj7?{V8Xq&sLRlEkUyNiS)=owkn#k`88d?#mJie?2sb7QDob=u-xi z8IsPsZ{(&typ$F>zZo7-OfC*4m(V^xn|e_4vbnti^T4&ighSQA;_jZWxV@B3$C8;| zEfRhEWPIvAF%=-m?{{NdMw222-Kr`bGhZyA)6yY#^x#<+AbAw55cFE{`dvc8kKO7E zO?Bv?fm%|-B$HWABxtmhLMFJn_L#E5k_Ow!<+l_^sW=nL7oP)pjdWu|ISc82gLz^X z26;y;CZsCAWv$dj1g#aKODM1#s&Kg<)Iy4gR5y?+Z25ji86Lr{@Nrpd!6+q_eQ@{X z7)Gfm^o2@^R~LCjaOxuUiMq&Fyu+j#5RAy}5;a89LQ0~MjnD*R@x$+5Bet@xl{mO6 zRLAD9FOco|KN~RAU0qy4MidV1#AFXmmC_eYp_F z#p75^@i2R?!%Ih2VD&XjY48s)uy)pa+iZ!KoinsojN)_{*T7bw10R8nG-h+T*MqF* zx-epoR|cCKpMfNN@UApG5yH*sRs(&C*2_;Wqowm^9e>THI@h(_fXA3z79j=C zg*q8dofJ+arw`jM_jhGT!}#wkH1|)g{LvdQn|j0Me%Zf_78Rcf9=7r4x|T5m+N^?zE*`l;^F2UC-gbaP5j0SuR>QiAmE=Issz{jNJziMO>Zck%D zhcuW?^b<0U<_dit3IF9z3g@?yG*?W*u6KN>1DHf+jv8 zzzbdnFN03-JZJ+u!4seftOF~+VjzMAU=ElL@<0Yi1{yHBN+sL?*TI+Izk&Kh$9lR} zCuo5f* zRlo-3gYT|KE#x6^AJ78|ZvIFm41oan1bhVE1wL>L90mu#Uf=>xf+nyQ)PpLp5X=Te zARD9r4H#XAf&fF{b8uxHYT;7^`oKHjB=|4zDtHOF!85=Ko&XNe2$q3Gpd8ExC7=l8 zfHa^7DlpuLss>lV05}gm2Je8=KyzZ7gTAdQsI!+XuBow?)f?+8?Z$HZvZ^vWsk1Mw zx7O8H)l?X(YK#Ss%B7oWi(I{hE|A~e3~SwIx6n%YZ=2~8^7+T9<%E9=JxwQ@Dn&D? zs;Rfv)mW>I_PV;ob#m@jn#ON_eElYQV>30%zi*~C-J5Xwya7DpIKgeBSJji=gn!6x z0C7E8>6UM9r+Jz$upQVc=j=dO4}Xoq)^e(H7srdc2YOO|HNPVnXx_=wC<>+_P z7v!}rT2NV#I-W<0;}>M(N&XgAgv-FU)7Y`S0Xz%*;7%I3&qeQ-M_e>Tj=89iJ~l?k z7=9S-qHa*D)$pgaT>iIKI*U8oB5!S_W%89)`k;Kg6~iT5T!AVt0qZfW)mZb8=FY^L z{YnwmU_EbQy#Q--d=DZ2f%H7WJ15o~v2VJ(ZWk?*J-cW{QJwwX<;xc@uc@fBmfMk) zhT3v#JpxsAi$hqxwxw;#{#qz5^r#sYobPZch>};pIsk=6I;1`rXq5lQFfeqn* E0h*xBl>h($ From cb5732762ab9986e4e6917a0a2e0c5447325c9ed Mon Sep 17 00:00:00 2001 From: Martin Milata Date: Fri, 29 Sep 2023 16:52:06 +0200 Subject: [PATCH 10/19] docs(core): changelog for 2.6.2 --- core/.changelog.d/3296.added | 1 - core/CHANGELOG.md | 7 +++++++ 2 files changed, 7 insertions(+), 1 deletion(-) delete mode 100644 core/.changelog.d/3296.added diff --git a/core/.changelog.d/3296.added b/core/.changelog.d/3296.added deleted file mode 100644 index b67fca3cb5..0000000000 --- a/core/.changelog.d/3296.added +++ /dev/null @@ -1 +0,0 @@ -Integrate Optiga into PIN verification for Model R. diff --git a/core/CHANGELOG.md b/core/CHANGELOG.md index 45c2339b15..655d4dba7e 100644 --- a/core/CHANGELOG.md +++ b/core/CHANGELOG.md @@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## [2.6.2] (internal release) + +### Added +- [T2B1] Integrate Optiga into PIN verification. [#3296] + + ## [2.6.1] (internal release) ### Added @@ -792,3 +798,4 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). [#3237]: https://github.com/trezor/trezor-firmware/pull/3237 [#3255]: https://github.com/trezor/trezor-firmware/pull/3255 [#3256]: https://github.com/trezor/trezor-firmware/pull/3256 +[#3296]: https://github.com/trezor/trezor-firmware/pull/3296 From c6c8d8520028b5c79485f2ec31c4f8eb49233bba Mon Sep 17 00:00:00 2001 From: matejcik Date: Sat, 30 Sep 2023 07:44:39 +0200 Subject: [PATCH 11/19] chore(core): embed signed bootloader 2.1.3 --- core/embed/firmware/bl_check.c | 6 +++--- .../firmware/bootloaders/bootloader_T2B1.bin | Bin 100352 -> 102400 bytes 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/core/embed/firmware/bl_check.c b/core/embed/firmware/bl_check.c index 42dfb4bd0c..6a9a25458b 100644 --- a/core/embed/firmware/bl_check.c +++ b/core/embed/firmware/bl_check.c @@ -68,9 +68,9 @@ static secbool known_bootloader(const uint8_t *hash, int len) { // bootloader_T2B1_qa.bin version 2.1.3.0 #define BOOTLOADER_T2B1_QA_00 {0xcb, 0x07, 0x8a, 0x12, 0x1c, 0x42, 0xd9, 0x14, 0xba, 0xca, 0x0f, 0x0a, 0xf5, 0x85, 0xa6, 0xb4, 0xfb, 0x28, 0x52, 0x1d, 0xf7, 0x34, 0xbf, 0x9c, 0xd8, 0x52, 0xd7, 0xf2, 0x4b, 0xdc, 0x19, 0xca} #define BOOTLOADER_T2B1_QA_FF {0x21, 0x3b, 0x01, 0xd3, 0x51, 0x3e, 0xb4, 0x7f, 0xb4, 0x66, 0xb6, 0x2f, 0x3f, 0xca, 0x81, 0xbf, 0xb6, 0x8f, 0x0f, 0xbd, 0xab, 0x34, 0xff, 0xf5, 0x9d, 0x32, 0xf2, 0x6a, 0x4c, 0x99, 0x14, 0xde} -// bootloader_T2B1.bin version 2.1.2.0 -#define BOOTLOADER_T2B1_00 {0xf9, 0x8f, 0x91, 0x9e, 0x3b, 0x52, 0xe7, 0x9f, 0x49, 0x57, 0xb4, 0xb6, 0xf7, 0x85, 0xba, 0xdc, 0x5a, 0xb9, 0x56, 0x7d, 0xb6, 0x2d, 0x0c, 0x6d, 0x49, 0xce, 0x92, 0x86, 0xc7, 0xf7, 0xc4, 0x5c} -#define BOOTLOADER_T2B1_FF {0xf2, 0x7d, 0x8a, 0xee, 0x85, 0xdb, 0xc2, 0x0b, 0x35, 0xe5, 0x7a, 0xee, 0x84, 0xbe, 0xbe, 0xd2, 0xac, 0x1d, 0xac, 0xb9, 0x5e, 0xdf, 0x98, 0x19, 0x9c, 0x1d, 0xa1, 0x74, 0xab, 0x5f, 0xc1, 0x54} +// bootloader_T2B1.bin version 2.1.3.0 +#define BOOTLOADER_T2B1_00 {0x5d, 0x6a, 0x6f, 0x32, 0x7b, 0xdf, 0xed, 0x91, 0x0c, 0x7b, 0xec, 0xeb, 0x90, 0x8a, 0xd7, 0x47, 0x5a, 0x17, 0xf7, 0x1e, 0xd0, 0x74, 0x0b, 0x1b, 0x41, 0xdd, 0x26, 0x1b, 0x14, 0x69, 0x5b, 0xfa} +#define BOOTLOADER_T2B1_FF {0xa5, 0xe8, 0xbe, 0xab, 0xa9, 0xf1, 0x6f, 0x0d, 0xf6, 0x4d, 0xa1, 0xde, 0x8f, 0x4c, 0x9a, 0xa1, 0x9f, 0xa7, 0xd0, 0x23, 0xa7, 0x84, 0xdf, 0xcc, 0x11, 0xef, 0x0d, 0x04, 0xed, 0xd0, 0x46, 0x22} // bootloader_1.bin version #define BOOTLOADER_1_00 {0xa5, 0x5a, 0x8b, 0x88, 0x94, 0x8a, 0x33, 0x2b, 0xed, 0x0d, 0xd9, 0x5c, 0x79, 0xd5, 0xbe, 0x0c, 0x73, 0x52, 0xaa, 0xac, 0xb3, 0x4f, 0xea, 0xd0, 0xaa, 0x88, 0x33, 0x23, 0x64, 0xab, 0x77, 0x5a} #define BOOTLOADER_1_FF {0x50, 0x6c, 0x5f, 0xd3, 0x73, 0x7b, 0x9b, 0xb7, 0xb9, 0xbf, 0xf9, 0xfa, 0xc6, 0xb9, 0x43, 0x27, 0x8b, 0x06, 0xad, 0x3a, 0xec, 0xce, 0x35, 0xa3, 0x52, 0xc3, 0x6e, 0x9e, 0x9a, 0xb3, 0x50, 0x98} diff --git a/core/embed/firmware/bootloaders/bootloader_T2B1.bin b/core/embed/firmware/bootloaders/bootloader_T2B1.bin index a5f508d5c5d0baaeb8597774728bba2855ad4ecf..6a887e1f5e325e2efbf291ec9023f69d4f5b906c 100644 GIT binary patch delta 28313 zcmb@udt6ji*EqiSnKKuL0R}`wKs+-b4Ty$lie@?>9tKcBGgH$-QyVRf(#p)5!AqHm zjc#@DQej!4WdUY+L#W4|M=N>;voiBSS44Vy&Zv0K+<$A&jA%XYAMfY)`RZqL_I0hb z*Is+=wf1GKHiflTVVpW;W&vUm!U+Ctz=**z#6WavZov>WL_U9Ez>1&DeLmqHe9Rg9 zlpsAFG=k)?;4}u%}U>z`$$H~>{Fk-QMM7iq;WPMd^vvfEAeV%MB0YO8PyMG z7}clN(3i&lFJY7Abf{ug`1^lp^#8Js<^LtH{~xd{|0g#69WWLd)xjJ8Hx~cB?VwJf z%u%|(-l(_o(L6aK*QE9qUUD1tNS9pKTUh0ed>;*XqA#mg*Rgl?7K+>lew9BR%^dTR zS@EOTc;OE>*%6-uk<)JSb$kNzjFRd^ZDe7Rrz@UKr&j{@&Tl84t-$$YqXr zNJT;xAQ<2#8xv+F#0#IfYR4;`tnyl0E?>+W_;}&4Yjd9@W|oJf^eJRUddS>9h0wt6 zBKshH)lGyxxy)m3lAf58)a;hk=QN?_4Ls7Ge?X?noh4IUg>Ua!WJ#hSE?(&G$}Po2 z$D8#`UA&O!B6W$QnB{KrYvMG(-759l%hbt)x842rYV{QNCW(~y9S!LANW|86IHPcr zlYJLxPrI0UZ4tD#o z0_5xdGnsGwB#V2R+3qKAa$hmIep0DRXZrieHr;p30pEcodKG2{`+~X2KJt3nXUt*m zfw}4Lu*`h-0d?k|467FYkPdhUvNC32fG~INVv+&}YVTaaFhBcUt51BG_0TbmTM}}@@{^2E)hRtO*c}e52yywWp1JN3C_m@kB8|=IKT!Qc znGncHElo08cFr`G2}qXfh!Bdsq~NY~8F9keAn;6RYz@XHL+m*>&Q`Q>`b?gZpAVyZ zm!4_&koe&nnHmq-Gkhwu*hAdI=Q4MD$b%zhGEp9KWJJ=iS{R4QgW09E^(-I7({AFr zWOIK)k;Vy6x@b-$z+W7U^@f<)MO1k!nRngf#k}m4I3dsW>h|;H9!KaSqDqS!CKhS%BFfku~>> z8neOg)$91E8z$qhidbQ-zwCPLTpd3d;90`)sH=rgvfN(_^)Tcw4aO+OC4S<)=L_b= z0694(g(>lq-^UE5vm#;a7&V$LQz;Kdlp-^!tVm#0!r;Jx!IIT)p7@YVa1+%V#M3*Ko z?*vFjX*!gRyRGcxY%;Sn6#!(r$jZ_JW<%gWOX)@o8Tk^KGBHc>YlTczS3y=y9L3D^ zlj9R-YP0=kI#sy=^kZLnyH*(BCx%I!`tyKMZ{)Rt)=#EPIv4+@PX&_+hbI$uD20*$ zF_z^<<^)2d2gFmvd8rTCQkKeW_8s`B>=0I1AC#$74<2}OaxKHOdrAD%&8$}V)lK$I zT@I0V+$7_^EJeOoD{OR=Y4_zo-ZJ-r_4mc$1g+5NQvMC$CJ$+xwwWpN5dQuOCc#7M z?w`tZfl|N!Nv6R~o}B&>GtEs5GYrgIpjl?*G3joyVMbn*5>zuV*F%*iLw3(di~3K9 z-N778bC~a4Bx9zPRR-BUa{)vuTqOR1VbSe@)jS9DCAKa`_%uMKJ-|WPAQxHjz#_)w zBfmc|otfz)##u?0J;4by;$UKFvKa?wzfy4czk0$xfdE{=V*4{H^oVlB~Yza*k0cR0i?DdYhj*VSRnNIbsWF8a9Re zFl$8K!@jq>RB}8_?qLhjfcFbj=OX}4M0nH`Flyye4#2FEP%|Vq{+O*xVJ&(>`)}F3(Kyk(`GYXi|L~%r!dXO>@bc50^87mt221kI{R` z;CV?4KKHWvy@|DnF+z;zVe^4*>)1cevU<5wg;}Qx#R#nD9WxsIa~lJB8hk=pQ_eay zkT1D0HCjSTXve+2mOE)<`FFQU)IN+XR zHjXsvGYeT~KGc5CO;YBUGef;($^54oAoTb76EqHw4lD^udEHzxWe^7jw*|07+P4j6NQ?OG-yMh1N!eFj^w>mQ0Gb1(@wkk^<>@79>b( zlncK#lYcH57X4TN>uyr1IYd;C=f+R?TU~|l)FCqI@hLO=1`v0>Lk0^#Nb_k-QN!Q$)d_aCf!HsE0e(5`4tSON~58~L+4}f9_=R=X803=vqvFF zN9kBa7a*;62^s!Gi6z#f5We)tZ<~17As15p>M$x=b<<+Hyu|gW3WX34w9fJ&gA2yA z629H=RYTqs9}ea%fN!^hLcOJg<-#@JE#21tU~FmZgk%zUqHk)HV3HKVXKsbCGDy1Y zHq!s?Bg3B@Z2lzFv`Zs6f>vwg!Cs}i>Z5s<@6E@WIK6CdvN<`Z#{%MEf6hXqK5}nB z1TD68i!_Ye{b=NSvN{bYaY|D1ZQx(=rSzOm$PBEpjyk?|6R7zGd? zC%UBr;&THOPQTmW-0dSXmu4j0;e&$ZSckZf%xHwh;N(C?vSe9mdZf>tHhr9;)aG#t zNz0KAHQubYIb02CiQ}o1_%1Jnb9;rSn}}vvdgQ;op%#(CadP)Eo%XQzc4X!z^4Kzt z+3h78mnDoY4U3`jpr&W&sD{0LNLG6lrRvna%M+Wi{w6KGj-zIZOfx@>Oe36VBIPBi z(Q=`zC#xlxHC--@>>+7ZaA=eVqk7Q!#Y&I51f<;*Dct$DHBv65gj*_vqlZH?=1q{a z6A*lh$=6S%_6m5)uCI7baQo+ z3w&?^?Yl&#(nH8Om{Pj6KH1zWC^K@NOOx$GI)($HeD%(KV_9D1h%ZGXzNELwcvapD z>Exh5dliGE)kT+rcQ(Bta<75+i~9o{h#F)HIc{V~Y)0vnv|hJ~#%2%4_wI4G;+D!( zLx6x{2sMe31Zs={| zKO6MLuWpUt_jFl$khue!!f`A-D6y##=YHvT(xD#4v<1Xn{&PUcV*mFYmg|-eVT3CK z;uk(xEQYXLKpf=P@iO>kfv#szx^VhFNMlI%4W}mpSqp)z{w~Z}0%Ep5 z(NzBz9*hV~0CW?e-?%NVcy$k14|yYn-+Y@pQo~DcL|n_g$6!QGLijg?%QQSGQ=NrC zN6ZBw;c-~&pILC6>R@Z`FGfyOQFh%C zhq|qtUtHp4cgmdTVOh5|t)_tGm5w3+SX5#vo(OHm_4-$bUtI4Efy;-Id?+b4m0jPn z^hn2RQZo0Nl%!R?$AReoJ6vl7)EZHeS8Rk@Z!ewoE^v5k3GTMep_PV&DH{xx2AAAf zJQ9#h?6tL{NlM8{QmDR-5T1f<dJq*6fVa~n7Z!ThoqbG+g>oT^ z>SyzS+h*r;t_)b|LL-C_s~Q-dpZPGl_e0nWp%KED5MZ;B@3KIouu`U)0ihDYD2q(h z0AIwiDzI})-!5$dy)rg9w5^h=UM`IG%7xGTl%O_k3c7s4&)V4A(hvINHu)~gM^IsMTXaqJ-v;(sPxNgAE9X(0Vv8c& zoN6k&M`=?A)2g=Dq;W8i1=_gxXvxnWl}!~aiD--7zC1W~G{3|bVT;(QCUS6wBZOao zlkWx;7U3nyClWtO!yFzcb7CBI{vS@I4C{9oUz3jIq+MZT)$onv|I>j69PcphW4eA} zejFDk6;6-|N*Qv?uBDA@=(buIsc>{8f4+@NyAyOT1{G5f)PO3-jM5n;GeP{3&UjVV zixvJ1aA_mLbu5ZtB?Sm>8OT&w$z%{avJ~mMIyn7^y?53{2?GL3-f@`OQCd1-!j1ya z$r;d#?RxWDU08M2iDcutRI+==QAWo&3IT@kYFDp&O2(Ox?o`JpNRKMXFU|+3TbF*? zAs3zu$b}<;9tf7`i$M_4GHhTxvTI5Q1*CK21_3G3&UMhV*cM`Fb{ie{wJwx#Nouh{ zu%fg`q9O9Z=<3r|mo6s=8__2y9WTTAcqaN7TK?>a2oA-?wh+o0Nu>p)`5|(V@NAVO zk@os}+R}GAl1vEn3<#GLnyzs{5)#rPOX8s~^E#-SG`Wmd&zG}8eL$Yk)Is$Sm2xV{ zRB*3{b(SnFdUY7|xFF~WVbHfT%qX<=0R17%`iPo< zh}_2UBYWUH5r)%02*+@X#GauJvEL}{vqoCNG&Y98ebB+=@dbST$0$S=5;j_A2LZBz z7*yFvSZkdb92!enZpZY}ngV4T9h$G*5j!J^dZ&hL>nMX<(nHY1aQp9r?b~k=6#1hQ zPAkTBMTVI+7mBF3J?aQCEK<<8v0?1>$3J8YXJM%=c4Hwe*sDl~MktZ+9iu@1jScI+ z2OX?{0vaJny4n#bd;^Nu|`f#O@_lnECW7B@A#A$C;{1?R(RY8%8k;wI<(H*|1>Na zKx6Atvgn0TS*KjoVb=6G%*vkSi3OJ_qQ`Wcyo!ANLh5jZkO;UH4%J~i`dXW+SY={` z(%`yw%dlsKFMM?Sj`r+Nz|?;k(OX6_*I_T%lAzx1`z+YAUp?dn%S`PfzU;#(pzcs^ zKo=$a>>-ye!XD}*$k(V%o_fFqg`jp^wiM}7)bbVdcpL3ZArEC3&!uo>heHksseP!@Y(QCvoI4qp8eA6 z#&0@SP(Dg27zAeSdWYsAhD^fS{+`>XJu! znT{GpyU0VU`zZ>S%T&U%9`%7YZF$$>p%uofvbeNj1+3X|F5?Z{ zYrmA3Lm^`rwPYCAq#Un!LrN~D(37E)FS$t0+F^J*nZNdqxUZgtX%2lH3w#kEzUNu; z`q~nF7wKG^$wmnqK!RUMNcM`A(rOCe>b*c3b{Y7plBw^>bOF&oie9`sAtPvX>m8Jo zce^(~F%^g@4K^L^74MW5^fYae417hnX@~c50i&i4ZJl3S8dQgW1)vWC0OA$WlpX+f z05Bm8;5Yza(3Xzan$luwo0k{*#5ga>c`1Rp2Ah?yB<6h|xTmM38Cnhtw|o^^%Fz4{ zpO_G|zi&sZ5xxvIF8nZ%)zjDrjk$2+N1!o_?g2x-4D7#2+TLKu`$S_9km)uSXoS~- zfGkyk_#QxU04O31Xe0oVqnMyUVFKQNyNXdQ3y;UW;qj;d<+A|dD<@^zR z%b{!*gy|5bLZI7SFz|31^07%H+!r`#%H8V|_1H@`tV^`q?-_cVX{+Q*+j4>N)}U)K zzAX>Buq^0Aj0MB?d+6AA+7a*3+)snKtN5X9TlZ?~eBzJZ*Y@VZ_j@m=e{Jtp*b$l; zV0mPi(YB@Z*@cM<1L6)3G8Fx&5=z2G=Jd8p(y-z;M=m@kX;DCY#goP(TP{DDrz1bw zgAH@r4E(y{fcPsgM1fxTT_p?(HXY|^lFGru8T&02ENk&pK=zZLj_jz<{m+JZsu89I z4E)n!o<8q+T!=vT0thAu;t&M^N5NM1fa7$BN)TP-_{-@g&hzk1^CGyiM>#4==akF| zo68H*WWvhSH4)fpLL;B}_13x%S`X8iueHx?jl3&*w;y-tD zrHSU9ztPscf~}RI)?L2fOooZ55mrL$o5J)KnfyvG{%0y4FrEJmUpk%XNb9S&^;aB)e+Tw z$Mc|+U%g4re*o<~2+z_lkU~*Ya;TQ$K+93nni!WQrO1Q}ezur3g|^mw;>_Sqz*EZ@ zmBB*(+>kL;;|r-h)T8!fp!S#?k0^K(DXT%ZYlJE|XGsWZ_kdVOimLC-j)t5F$YDT_ zt#@(!PaWgJ`|y;746u!|Fhmb|vpU!EzBjD10bn%@cnHa6ueJwCnlCzt!T_s8378~F z=KS#Lq;$xHd;BBemO((ADBj+HiHIkUZ|tWC(RyI>#?6@d#B(6Sc2TBS{+vwp;&Vj3b?<|44}dYlmv$m;Aye`IxP9MupystJ54^LN$7(f{t%UH(^W?_9ZOr#84{Urd zL7nux=RS#zWQDChunWvA9PJ?;{l4oX#}Cfbf@9#vX`FeDba<#-P{B#%$41pD7p;*5 zcP>6Ih+&0TA7_>eC6Fl>j*?H0^(NnaoWqoRi0YHkDR;PKHe@ggcU941n+q9`aAz>S z-bE@tiMLo>+UsaQl!F#;aw)oV%u4=E9t|iHa3p6&cN&G1VD(2`1v1UIwAK#S9sDX@ z(XCyG25{yhP84GlCI;)w0Ps=gzLVIzGy%*0315zv3CBEo^SujY0vdPk9NM0D$>fpW zekZB&E-9Hizok`3sLFNpaHz^%t`>GAQ~>~H3QDV^z*ylmFVP>Gn)RJ42=Ti0-ca=$ zQWe`TNZWSc!avMu*DLS+M+GZ921d`Jl(?9i(8JZgk;vDFMzgH&UVua&)?0QMbrnreAT((@wM1{G(Ri!g_}0V*Cb~B zSK+rl77nh+mE%*jjov|rbt^*zv%;exBy*c*GB9k%n*TY!LOhJdMe%75DRgjy2KcOSR2ti}jGO`0 z>ws_;LSI-t+o3lq_@0NfjcjuC<5qlU-a_tcyZ?^#BBbRYAmQOdMu{D`uE5h)SyUz< zj07aH{44wu9|uGu`FGo7c^~f`rh#O@>1Si3z}8zAP?;j&yCx729puB)3B7JRuvPsJ zY6qrk$=TCJe2Vn_W@6-_sZ;d>xKQ2aginlDDc6){@<}E zT%`7FcI>P&vU+j?Ej_W|C#K`xvfh}%fS4@2cYl_G6B$^T)X_6@i$bMwv*%_S3l z;O=NsQ9VuCD?C`kDOWhcrBwbo}rDzCp&F8-)9kC(fmDOZ~Df z10NlC-6|XS@W4l9@YV5C^)k|{PPP+{`uyahbGb~VL@uApzzayskGfzKR{F$IVL$k zvM!E^zIKUG{R;y9{?8@y^u-*K@k>tpiST`!5U>;FNZV3Q7X6}++v}Hw%;m5spO{Qu zhwNAXmOZtKoc<+UyUd@+-(ud0a-#S(H|btDoJi!a!c7dy)ewfuz`}v6$dq3*5(45h z*A^)^=e>f6wl&gS6^eE+Yh7gHuj&00`~fk~mA2x&0=5~aJ-oEDgP!Eyv~{(l?bkcm zfEec@>~F&%(k+oOzYS&%`^b{tMnU?xMBe|6gSp@O+jvO6ERlrY(-l*E0TC{s7=KTI zyhkK5^Y?6slu2a$?-WR`L{9v!he&^kT>1Sf^EO&Q)@1ovGfQ#q?-s)rzGCxN$I zMKUgD^)B*;J&JJOa)5hAGXHXBFN60c^XROnCbg05zC5sZ#Q)mjCn)Lk{BN*yodbKH z`d>@tbfzixdz1q2ChI%PN3DX>tXr(6NGaXFLKp^fS3IaI)lIl5A85c9$(Vx&_GyC? zMn8$a!ZQUPGV6*#LHqVcDOrDI3pk#a+(h4%0Zc6JIt9u3Zj$iFa7a%4<5@_SxyToP zd_2uBe&CXaJ)WBwPfSMIdw^r-Kr$r={jFdnLs$rbvM7RyKvd8`!CU_T3R@t)2I`w2 zNKmKRO1}FazPDej2;aC1Ne->5B}4w~m*^LZTsM6=B)k+p*9F4IEK7mHLAMpIy;Zp5 z&#ORp9bAn5PrRD;G%V~N{HG8aJtc+i4BednVOD(bA3ezy^c3a)USWYSnqEiSBXD}Z zsFCOe;%gmrQ%V4l{S!n#bSoNkPgE8V)>8LslRGcnRDj*zUuEx%;qboPmU zH-HA=b2-g_ba+LbL|%86FrEOp;!KTxw5P-){uY3eY*KJ_6f-11Ubs4eQ3uFZR}+~} zn#u21r?6gei<^wTmPhX^J$-FBq-VNG{k0dE>3))P-N=malP9m|GX4DIo$I5RfRFrq zeK_-rk0f;)na_M=R(B5QShBHuFtZ7q6ZkyqBY(nYj*q0?7|ay=$Rzj-@sSs9Oj_U- z*SKq8=g}vsq|Qd0p5yUdUh#B5F-UCttIgvRuX*Y04l(L12oIc$fvpr->X1Nt^(Zw> zaIgB7twgtv$P$T*f75;Y!i^n1u_;vW!G9IJ)BSQr{{;QzBm%J%WQi)+ZfoP=!ix6D5ZtvP9I5@vuZH_po zot}+xptk8>`Mu`98f=AYfv#-L z3n9|GyyCwOlRsTa%-P9A?OqW*DBLBgeIRSIdlKst{qR`9T?mnLZj$X843SUWIJb4g-XAvrIE<`4~$r$eX zj@Q0Li6<}?ul;8w5IWmy&ro5olf3o{6~4}V?y*mcz{i>S9(#fsKgkUA*w?G^a!>;Q z$!G##2%UyOM3jYbQfMowU8c&1RX~{l122X|9JCc1% z44wWMhEQX zI6Ti10oOop8t;_{`;_)Ey;x7}HS`qDSP0gVJajjt6VGeylog__Zn4p=2Ujx6;W+^-MEY2LR2PF{idn(ri@xoiZeoR|6pm?glPajHxgFJ;e&ua;)C5>q_rQYr z)qUWwLAd?4AH558z&UN-SPV|gCxHmq1^%nv@`x+{V)ju06wuNjm- zBiSqqa=TkR6uyXb%ReYi^N5RsD)-ifQ;*2`gI0gow4$&IR?Ad-q08FUGMTF1>Q8p` z!tdjGPkQ|q5o$lke3;D1b=W3PV@=4$ni!rH(p>@Zj{uZ6-v@2WAqWR$A5N6mCbe1L zu<7zjw6cX2lt%;NC0eVYvdDVyaj@pkLaM%dUH`=9P>y|HZ#+1CweM0BEx#`Afjy6A zx1qV{MxfFf&RYPRBnRDgZ*QCwH^F;8n5!;q=~TpZi>aPZ3<;RQ^1LP_%(LIw2WJ*m zd$veJw0#?}ZmpCTi`&;oLn^@dI4U&Rr0H5+1JYUHi-f8}l|?qF5z5Jnl?i_yt1NOr ze>IQVU+;qxEc!z$my8s5rBz@>KWkluWuJ{5Sm!hNO_rJ3Q8 zTWcpX4GGUk22GR1XpQ$?Q5egvBuv1CpLQh_Y>}pFiyLsJx-GVmN!#SPcJ0lsaky_G z+m6y=dEAb4z4-ULFq~2U^9s)Y{0cIjlvwRa385363{C)-5Jd`2_H~JPxTYMgZG~7; zv)cYeB8c4?--f2}5LVlyF%>Ld59g!f*X2NmzwyWmL*I|2LaiYQ7aDnJ{ff}j;zigX zR`E4(RXG|4`NzP1I7=GG@0a4V^1bXng{id@>4xx(jpMTbojE0WDysN-J*81+T+E)}`} zNKqFXi8-C^xH-CAZ3zR&0|0rS9g)(FNI2o)3Rf2*sPYc<;|L5S3zUvVa_E~0HjUEj zR5^Oc$w5&zARZ+{{#eu(a#$1tf8)`GPUX}H$kieZ{2hbRY^_pWEgFP`9aU*H2%b-H zg?+Z*#@HH5+$Pl6%T`qoaY0kV7*uU(HMD=$UP!RG743*)+ttwEIZwoPRUv0XTx;hY zwummdDyF6c#5R3vKA*I;wks0pUyE^D-K|oM6%KTG4M@W&FP-p%9Tz$?;yA-KN3AnL zCLj2pZwx!F2JRcV`XRT~tF}0D2F1XxS)3zbkp8vaZS~zBJ#^6#+y1FZ|C(0Ppcdu# zZR&RYYxUj6hfX`>?MK7;R^^vxYLh=pgdHh;T1_zsmjP~Up~n83%E$M*z-?DGV#A?k zq)XidxrT&IQRn+Y_tcKGnn5}wyy;H0VUB_BSvXs&Ey0#n(<+tMBY3m$<^+_H80=@p z%V+=<64*CW8EpM*DYl)a1N;EnngX^>4>zr{yj9T8kD!nD0$8dbo^k88$2KHye|h|5 z#~!B|CuFMOsSM-B&R0uf3s?uYeMVtKT)J`ucB& z?G(Wnp(==VV6MMyK)X8I=!nW5?f^kj&>Y0|1G;DPC;1dxLi>R2&zPzT6hUHs^;qd} zVBCH|vRNB|sH7TIvz13&itR2wp{AehLTCDx*E=pqW-H>5zMm}-AVk$zT~RKd^jch(ib>qAa%?S-|IpXP z1Y6kwsknLBE=Zt{}70L8mr_#KN?+)E4#Gl~^O+ z&K0T(M=oR=d)2HdNIZW*($?$wFQLK=ewmd5s41HJyJ~wmuZMBITe{Gx(3JxtCs$~# zne{T^;PJ%`vKp{G4H0K)cNA?C0EuM27ZBAJja(S9NHVW0qV4zgWzLjNxvRD7u7i8MwV&+pjyJxXAGdn^i zeC)$@#gN|NZtaYGI})w~=DTV6yW#S8e2QTCdbfRQf1H6 ztrZ%-E+)HV!c?EVu|G~{GFnaO>?`g77fU8Q?8<=E2@kv0(ewxNicEO)@F$<$fmPW4l>twU{s#ckD21kp z25MQ_2WR3`<{fa)GQmu-d+8GtIF*-LlF|e!3nG99^vQBm#p(@Jg6F3}?V>7OiC`{S*X@zatM*8$ zRbV!(#xZ#IJ33y8AW^7B7KBH;X%GH6Gc3EcBSqqaH>405HJlSn^wlp@ltDMCV6Tr?? zHRE)SXTyeWNMoaJROuHReOmww+nw~3xdAMH3|E=F3?B(I$^cA6LSKn>Rw8x#8So)M z(uLTd<7P&%5YQ4<$5C{TsVAFqpqn}tYf%%`00ayILH1!*|@Le zPfw5v@P9y;1bq=f$-@1h`2fL;{Nl%6prSXhD*_B!YuSy!3YErq1)f(>)xE>W=koB% z!xj)9aMJ|#!v?G)^+1>sqV@PSH&vE_YCNCT8VKq>C0?~J-NZDk$EExS_^)b{u zYt5~(XR>;oji2yY*JrY+Qd$e!wOaN~C%*iRq_Jry6g1$h2nUm;YHolVUUCQ3O{}wU z7;0BfkU6y&IkgP6wauTMnA6gUzHaGcUJiLTsF__Gx*1L1FNHd5K`~qFt3%2Hm4qrJA4*w z=hF5=(i%Xl#o@L>WS*)3kvBnqpltCnk|tG6lrtydkZa9ka4cA^ zac#jNs`&>^Z(d!fs-eyX+laF-|A>cA8_)a@QG*OWJEo0a2ajPWK_-w?IIr^m+(FlB zw>aN#|Kd(OJawcABwZb2i_(LhuPwW7>?1>?g0Y7XuL3+cN#ICHqk z*V1S>Ow0E``Lo`3xE8<&r(s4|!I--_bEyyA$AmH}Dl#hE;uNpFb_kBQluFzRRRe7F zv}@r7o$c}j#PJh8g;$Oq85s50sbN5(nH9=|9AkA&7k>K;gSN>R?l2nDQ3MxDt5^S#OYy`-r}oVl1YXdGFydPOio z4D;oz2uYh0(Pfn3ob|J2R?<_cImN?m33ahR(nN_~4g1KNP&Wiz1;02xn10_nqd1|C zh4OoX={-=M55naa?+T`OS&xF#AahJM$!%ILs(sW#3(k`LI0=$5oT42b&16k1hJ}Tf zZ_;oq^++R2K%5!%1?jBy++O5N*X+9dJbM1qL+1U`nggwp^?>2tjv(CC8KlTU$Hdysy?)`+l^gm=S() zV@|fUS~|lp+-Ej9$AIpLFs1R>_HiAu$@eRZX+MiVPy^z2Ulf3=Z|V=gDYA+1HQt5@ z+}&b8!Hm`)umKX(kK1jFHc?cJ@FCz~bQDjV9(Jq%Pa1EDFnzY^uZVgD5zP-Hni57- z1>eUZ+|(wA>U(kOVzuotUS(p0N$zAWqF86c845^^ax0-*ecXBBJ;0Zs-7W}cAyA^T zU+U2lmYDtBtC0u*R;J%cvl3(72cLc7A`<7n`C|;CZGyPi%`P_WeoPzW8Tji z*(|rCTDrh6`X*@`5O}%@q+=6sYgMaMTU9MtF2+?$=U15<4(&964Gb5Ggf;*vGth?s zHY_tlILg{XvD9Xm@8CZ`|L~!maGR}$);wj)k?%&fDQE~^EZ>=D@mcYrdo#H2WmI&n;V8|)ag&+ z@6(#T?M<$2v3Lj0JOoB|Y~g-sTWn4P-5_9K6ATOA`ef~)ShMdnsSWI|93DeocWtUK zn9|0A-`(zZi&v%RIw)FQ5G~8bu$-);W5#&3V4n=wAiA>&%5 z$AB>_@$4F8I1Mz*V)~z@mFwD)+mATe7*#VRxOb3XO6(K9<_@jki_x?_xSe|0D;rv+ zWmW5nFkA!hiRwUW=L0s{KGbe+8|`EcsGyyj>N=t&&~m&5XcxYvsH zHl{98?-TEapBOO;*;PzkCaf1eacD4|US&bt*5YxtG+0!8VrDQisVWT?jhRqM7fi=h zRTrnhqT++s;1q}&%8Ox9@rkj)G*dOMMyPCccx^DP;TCID z_qyj8F4B1-;#XTHIQ3XyTvS+BOl-ACYpSS`*4p`yiK%TGG5#Eje~qOJ6~~le=4`6Hr%@;y6HHBoytf$PSNL7DbPXDu*lb}k?%hV$v`Bb;_xz_(`st=_+kTLM z*3LpJHQrh!Gf2ZSKvcQ=y6t@3b@-KmL;kYTNT(TJ=sXWs@Gf*-oPQpk#C+pB4}8gm zjWwV6r7yA@J$=4T&yRx_U~s_iyBD^FWo_q!%XLC~*_A}2T3_20Z!t!~4-TP5HS8iY zJku3Fo;EspMLy0azUMmuraNsi4nXYj6@pC5TrTkyxHP%S9h&#&_h0`2*t;A~M}dp5 zR7b*1Dfi8Jf4Uc4>)K@0R;`xa9JgPpeXF(e_tNuQfOmjlrO(oGO{tS-#ygmxKbsfy zXQ`9f(pVf3I}WZhHzPx&gUJhR8Dn^OYXlK%kzArFaH@mh5O}RoAedNqt=T8erAK$?| zkuy-EajIW@!*iii4$j!HaN6#1!PJSmaej8lkf847J8SL3$KX`Eb`0(p0jwGa;e%k_ z-88uz!s#{k6=QHV_oi0{2QfZziwAQ}QethB6kpyXB^jHfgbKKL5wQPr49>8`c<7}} zaEHMzcZnNq{3 z-6A^rHll~!L>9!w1#$U2A)+lpQ#=5_oob3K45<2CJ#05{HeP4@ya9hOyf|8)15@gs zU=+`7)4@^FL#NfcgC3_7cU9rHyYg|qkb{Rz)zuWH=(Z@^2NvVHc+h_zK>d<7-L5ze zWn_ajmjUOFgBA?5>G!8wK-~>PSoq4@+BuHL>EpNII<9!Mz5r}d8-g9Be6To-W42-8 zs5iNodi67)BoXw}fCa6c`UTa}ET}O(|GsV2((4ubrCk-((q{PDDmH;jHlZbfquc$7 z&1x=tssZM5MLs;)g}sIOftkS_pj4sBCw?ONFY2M!IS>lN+z5@I{bM8MRC7Hrv&8${ z_KQYbF{|Jxorlwb-Mus5cM0IT?Kal0sn?XSJm$twA!d!7D$Osx?NXV5^ruipiVh3Y zJ#y0w_)hKF{`nZ%R|4Leb@m%+4e1LMAfbU?cr1K?JGNmd-GX9e>5zYa7QYQt~OX$>b5n=xU6EXiar3vITclO z)0LW4n=WUgY`WuUg&jw0ZhJ~e4zz=F3SkDkP=?x=}OO{7ohHf2OR!%^_uQ#7Aj4g0=|0do*n`wSM|I706? z>;cBT4MB#yfzjcOOuDg2MR*XLUcX##f4Tr?#J}%d#nWquUU65T3I@n0ie7tt0cg!w zkNso;u2*9raG2^CwBEjI93I^Zer&eAP+~tcgMoKKV(SCq^Y*rJcp$S;viry3EasBO zo>hpmExo)sNpE*W;7{Rf|3s%k9Z`>kmx4QggE|9|EUz_30cxaT4DeSWb8NHFB@}0L zf=NPG^b|d}X>$5Kz4~HuIeD*El z@o=WxYyWCIPGrV;?Z1zQn_M5e?Rp+h$@X~eZ?At8ekW&X!8#206?zBv<0)b!uub1} z%HGR>x2*E*aFrbPRABC>R=|m^R~+PvavD`SAl3-Fro|lzR+U$b^4WjpaiL1@?+xd` zSDWpFi*VK>p;^$85b ztpLUXtpk>+jB@x*A0&*COhPx3nYV4oh&-hS+W2&^XIIQa(C~Ma^{@qL<>$xs?f;8p$lr>%J=lMdL8UZ zVQvZRz31YbAYvH10KKk45nlrN8N#;|EeRr~WBDumbSW)c4u>l(MPOlC@M5rfk#II# z-~j8fr6_p$1g?Le=1xFH@7S=5*lbmsO}fvxr63h{&a0#$Myqrmx9V{=i{|g=cF=r1 z zd|bjApLc32w$drkkhz!xxp~|Bd1qV&63Fq8jvLe|#lVcTEKlHHhUwGKK~3`+Rq$JV zRh7#>UViDaN|2R3ZW#wB1y8rtni<%Yj;Pwb&;+2YUZ>J1_^eo`o5MQev8R2vxzfyJ zMmsVaelk}T!11|mcZKd5-NMX|Ua4_-RR10Zi45*!DBfk<13m8R-O^ z(c?Cpp@OVL*h*gPI3uORRuwF4V=~wQ+Ml*ackRY-T+ujwY8%xaa(JMK)Kl9bzX2H* zIk2Iq?ZNTq`0+p{8jJ+Ll`-^(pYo`!z#R7sl`eXmn&(&W)Bt3VL^H7(p2z=mQ8E`Q8r72e|`r;OxiNR_tEQLH|STBYMCi)j3|# z{{MA$_CZY^c^uz;@&_(rR7XJtw4L%!=86}&_M3HNqm``yMOMP z`LO%!?z6ku-Dh8Z`+JrVgCagqhVwHrWQ2&&{D5*1(Y1I|u)C^KxiDbxChCA7a`KDm z);Hyt6TB>~qG_Je??0+9A9}*Wll&@>WY%O`s|fWgzOU+?;WjKzX9SdkfW*`YIbt|F z9CZI|hPx`_Ph!486L_LX8e;!!B&;_ClYJCT;JIm=8zCGCc-iQ!{1J#~56#f{&7Lmo z#b+6!1_}(k2(yvoIV{%-hKjH5s}~Yp9iymYK31tLlVJ-3i4z^K7(es^`7h&{9G({9 zNdh0;NLTO&@c18?!8ac-AYJDYkApi4Iw2lk_T#Z&UA;3MtR<=n<{le87-#+7duD`$ zug9W(FFI1(Bsufy?l&yx?j1NOM-e}H5?ex|0)1jyf3W_=GAde7|G})R!`vWP|3u}v zd}F)osG}aQ#&u;O4|Y6{*CzkVdjb9us`4`OZjPW4m!vdTtAQdU7tKZ)1}D}p8ANw- zE>DT)bXd4?+fc{`ZiKWh?=w`mn`~Zh?F_qmAJv8D;Pc$^A+L8UTWqA-$n#SJ|9tEbdfex|^BOZ6X>8N&ySlGe)}Dad?VCZ`J1=nWC?%ugF6)9U7l+_(&oqAH<3WrBu@| z$7CYz(a>cc-bJKe6GWDeeTwH1F!4#f| zArYR?BdJA*>}15@Iy%0cZ2zDb`@KC$2z1%u*HHH^3-@5NgFJ{ymuS!9|BvUg*TV@z0dlNNfvr(oJCGtf1>0{D-h>B#x>YwIosFv1K@sJcv4oODZ zE~S!~z#57V9JdQ(roGBQm*0K@hvQa!wd!mp&AUrt5MhfZ6w2?WAXr_=Nv4JAG z4!YcAn#~l^7aj6zqf%lkWDB0r3H8C~W3H3xD^x8(pML9D*t5A~Nhi3D1id+_ne=Y% z=d;Hf^Uh(&+r#OsD;o8-0`-+RLgH!MosiIULnafksY6QBcSyRd9!WGo>;s(_(WZv< zy#yNpSl4Xoa7fKrsi?R|O+Au5E4GtB9aXZW8q%a*SLQeXKBi=efL=wcRxx`=2f zYb8QeUb{CRRUD4f{rjv`oi#cU9?eI|kFP5s z5c7E#`BLyRKT)Z#IO-#yuPL`B%0^Wpa=SqRac0__2$4Xvp%Pcz2SwKG;^X%lu6y(R ziG{_Oq!nLHiC&KTOg~A$SI3?5E}u6{!c&wleq3&?k!Xo7uzPLARsnpK)1sjjZh@U^ zD|eapnk2uejFu#dEyJk-|P zuz_x;YoE@J#ZVa18pbr6tA)*)3JPO}`uRHYZp_j6I#LEvGeI$aW|8-tg-FEAbL4|a`uEC+d~^VGWoC$D>F-b)(H4h)eQef*i;-)*ELl(lc7eZA?M zX>6F|VH*yX1SVhr=^zCp01?Ch4G04>mH09Z`~?0Az6B%T0yqcW2XBGb!1JIB90vP9 zGiU;}pb}WX=1Q4ERRBvSSPhl~Etm&p0SLBLQ#)j;e}D;a349LDgVW$`@H%(_Fwg<^ zgT0^*l!N<0F~|iOU^Q3)5`ee^`t%E6nFGSWj1`9vf*-&);0y36I1k;H$w`nP41@f(zg*cn`S2E8rR60tbN;>;(;=8kE+c7R<2Zfpm}x62L;B z0Sa(!Cu#wVgHdn+dl!Gn62=rhLSOMa|LJ$oiccK=QuuNB@ zZGj2!7w|dw7z~1Uz#HHt&<$MR0B8YrPz@|#3n&7)ARVj(OMwXP1haq)_^OZ=_yH(; z-Q{#p#=0x%o_UFtHC6U<+fq_cRFZ2h(i_EGv$@#J?z7SPtf7i7W*^&V37c)B8LYxa z^Ls7T^c3w~Ttz9(t*EQDm)6zWt9DgAW-YC2vX|N$nylh7F>yy#!>&DL4c5~725Y0W z)-Gmbi2vzUy1lG?XHz{}R86xt{_m*Dkw{f-leN@dS9&7~9^HR)4@J3@BtlJ<<<-z% zFn2YbyP&47d?#tJmerJ2H|?swJtpR?p*a!6g^zXhV0&ZlpK9o3MU)E%_#6h9*N|PE z><=jNW#P|YRE6CuQi^JntG5q*rR2Bs}&?>%m( z7nK(MxS(>5392*S2sa}t_*zh%2Y z|4gQO7~BX`#wMH5?)J1%4HH|aiaFY7WRl-ch#wa(YMw$t(Z&+J5$8B;F%*~!x9H8e zVotHyyvbCOdoR1Eg(k}hNor%YEi{K+ZlTMWyM?Yc;XxaA5yD{B!BoJs!(0KAUmrr4 zhUdsfA@c?JEf4q*@(Jup*e`_4i!hh=mOVjt(m)Pp-^!uDbIAVepquFdmfT7+@x5Pd zE4_;iw9O8w%th+qMF;$qlYq>zKtDqQW3tdw6k}dm;!#*&PEU_RYIuw zp-?5o1$j`PA+vE`E)C%N^iwR-rkqKHhzHS4!JV@3eKf~WeB%~Qyi}@j9}AOTyd-YF zZvXKDJpR9DDdEosE4hTdzKAYKBf;99iS;!5^t_Sq&{+u8*i z9W}VUqFo+ZZCSK+L$r3Wi+!P0Ypn}yt%!EHSn%HL|1%*VzV>~-zrTJCckV1_&YU@O z&Y3fFW2=zb>{8Rz$uqMVF~cAR{;fp}Mwr2noSKn6PzeduLG=6LlnE`<+~N{si$^h`AJtNl6%VjFXH<(bA`@= z{Z%HtjSXkX5s4}(hAR!2^o%Z{GKPCJ5Vnu${X`G3URfy~9K#s{wbvw1h2wY+nH4i! z9L=2zkZmzWNE{82uVZ5IIXAf;Qwr}-2FT2AsrV%~S<`Lw=xA818GHy6NFOX|-)1mJVd_DKzN)h+AyXPK_p7#BWj}-M73Eh?Xh`q-UJYOKEdo0ix z1ze@6qrLQn9ulUL(eddxN+65l`-_#FD?t7gpALVY`=<>QeBtUb01Z9!Gj>m+0jPzvc<%uJn+9C4Ypwdur#Vyd%b^ zgj!{v-?3Q1N3EL8`&sM=OUJj9rzOu zkq#OX`+?ArUmZ+op~gOeOdhlVKk6Yz25rPT51E)b7yscVHJQVTBe^Sq3czGwBf0Mb zBlQE>(#prTL~`E-QXoC8GLri`n3@f#&jX2&XQ})Ll%EQ062=&N^;Ldf$OVi^1@RW^ z_L-(ajuB-z72LnwBzy3>)JSeg5P2VHyfB!W1gZG}lrC-1>ie)p=rk=rxWRfn+D&4H ztjBj;*9x@kib&=UaXW~a)iIJS!m(8}cu{g6Hc`)3BEnn8ZI0v~f--}ia-cYvqPV66Qf_nNPE#TX;Pe|l^8nqHLP0dA7P4vEuny#fPa?8-_F z7a!=uO1DKr>L-7#ja`qh$wf5gYxs;n?wDtWzX5BvG^8UoJwRsXRbi7rH2Ec}2tic! zkRZOL;jDFJReqXS#{CJL&CkHKUUDU0tC4Y^1?a+WS1`phNq9jle%(t_3sRtLSC_K# z2guBVBtY;=fUGLW#!q@{PZX?2knx6}OrDS?Jup)wUon%cnJ^rW^^oHeW@@^5&Nj<4 z0?ZFRB#jy_+(Qf#waR3_NpE5`oXbrnPrMlOs#^|=356CDa>}?$A2AhX;PpPTyl^!B zr@Qt*;UOd~Di+BvJW#uIQU%7NJtSu8MsWmp2F5aV1teY%kkn~u(l^`@+|vOveVP&S z9tzaHGA#m}14)I!;-0rJd)i|`{}a{a+#{HceSX2n}I$7lyb55^TFSWs}m z%eawV2`l6N@Gx2#r}Z(qG09fF9CBj3g{{m~n!D43M!FklzK+#GiOg$&ze=C| z0eBRliIO^{+@FF9Re#9w-eyJR@t?udx9}8=X#4Rew|1p3dCmd>p!`sDxxJ4tQIT4T( z0XYo;Ns9(y{V+D1`!Yb@o1Z2Q=MDtOrTOVG;oOeE9E<6GlfF-mxFri}ZwipaM~d(U zH(Bz?Qy2)n{>XS$f42@C2TJ*hS!DEr6m2+{5s()!hM0OrTgdG--knSYlPLo~Xh8=4 z%|$*~uub&_cpX%4NV&K=GV343_%X=;$6P$ZMdB?bSm`3GESqq>K%y32!G!|34W82L zv&is8LvVypyL8cU96k&f@0}%*Ujf(+6gOcHMFaq{Vs%+M zKb*VYE#-a?lzH-!IUg|GZm*OpI1F1A4eVY37%jtyv~(lEyhz-Sn^b8&amaZp{s&=8 z^*Gu`7M12;wVPCx#*4$a$pZPh)MWU;Mb~1tPGu+IKJ>;0SB{jMe}v9ecs8SvTF8(m z@~zLhq}))qq|2g1P6@Zls|L_bU}T~lhEn((rqF!ZH^C@aOXVj^R43I50loVsbR5#5iqI&;}fL!vfeSX19V_L zyI|VxA+wjIM!)2Nf)z-|Xge?%iDOxB>LVUs7Kb$CJ7`@Hti8M9oc>EY>$>H0BJx?F2T;1)cytaz;5)53Md@%gcKk<$QM*HtB0WI=AISP@%U zt;@Qui{8hXUjt45W%#6;})BLYm$ei{w0`pDt=3Y)2|3l zf9~dJHOP~@gZ4}^=1E=HuFiKOeJ_4B^d81756+hCpt@6d{QP{6G9MOzIgH!vy4Pe% zxFw;MQZC_8`-sY+_agv*0+7aKiA9s#z=EY)I=SrU^+5$BJE$rsY;`YXbX&9?2F=gM z{Fh;pa05eKKv~c*k*}UA%K6bs)h-9wDb?(e656=?2>U?Jb==Jv{8)#ewDwy1>*kWW(-jmRh-L1>y3tb zYoOjR57rLqB7zUW)V<;s{!l)#)An3n?cZ{gMuz$waKErj1E5rY_hoNEQ(o~GaBYGIzPtj z56XUF=-EW#jd;I(yA0>NAgQzmVe->yTLSgXjxzL-rL0rByk7;2_3R|5~Oq)&X=hs=i z;_adqW}c|cmRz1KVKW>2{Jx+Zi`nRgokD_krx34^ze`6egz{w#;;rlQQJZZJ&7I>H zvl6b=FX8%w8V(nH{Cfc=8EH{pQ42zvOQ%|7BBbAD+9_-@Cf~%OGI)lue>5?@nUtTJ ztW595rXhRrt)KA^W21ze#Uf57V%(xX2aT<6vstl_Gct_*zCoMZ8|DYW^c-^0vB{ka z3l`=tGBbqH6}FZw6T=Qxo7^u{XH~F{%vk~xSdu@-Y`Wbmn$i8*q}BJ^(;Fu1KA)5| z9L3va6>PI+_W|*b4M@1z0c5z(c>s{lbW-^|>o(oKR3zrM1p@rnp2=ngCP~5(fp(wZ zECkef`Gw}f*2~KnU47FycpsNPK5sm9mK^ z_L*u?Y9`2vb#O>n7%pYC7`$+lB2E`yxOzj(Ni^xAF^nkXPE#KU=>+)QU={yxu1*@C zJwEF#<`%4pQ;>7ki4Bnrl;DeAT~HEc2dAm8^FAO+m)|EZ4M>ViUeY8oI2&-vf11L$ zEH5&A0qyvPfR%s9i#SJcRM@HFF1c!(RNO&V75rV|YVSDThYY)*`a4d>P}T5N6D6kH zPx+AM42MqS`I@{a;Dlt^$fkDTWf-v>LaFT16|n3=Qr~N#NWK(c%gj>|TOj{g$k#5i zisYX_<}Uyxi$wCL0IC6K7rldB$ea_Qi;4M#d4({J*yOM#arwmml466Ws}R$rn+0vM z^2g_%HxTNiCf8rD6B3Q_QrS5L#{{upXMmsLRW;Fk5oZ-y z`}TpHbzabqFudcg0B`YHY2goJArcoM;v&T14JbXlfhtZhSK?PRYC%|()MCMVu^)|O z(%Twni|tZ$Ho!mRrh?Vz5pxGX*wzT*?HY4j4v3xm+v`SlC^&7U>nNM4_GRhEUA?>Z6`t0-dwPPBE9`KhJQSzImpEk*Wp|X6Lc@`*KF*nZ#>zz8D&$kPe<8hI^1qe_-2Kt+9T|E@l zk%rX?;Y~h8rz6(eO5CfHhRC=~=t%06A4VhpY>?;4&0=nh?_P%z7MqWTBz)j9@azoGM_CDqm$@8f4G+9_pvx^&`dHYu+Tv zu9w=`br8-CUhKj$x`Q5D;0CW(#%AZmvdCIl*vc(Uu&fN)7L=mqSeH(xZjmrFwCv?` zy;}YKdGuY)opeFSISwaBLisM{OtUgmMfMAswlbjtYG!yfdLz`_1vU4%pibK_rDekB zSzf-kw{M&9^GXtA|jD5K0N(Z0R}e~;^fA{R@)OOS=}N67GR^7f6)_w zupE6?bBs%w|0pZc(Ir{wr?QmQY3Ie<>z=WlLb&z`5YT1h(-%_=bA1_X9|&{=_?BRk zj+KId-~}E@D7Lq5IjtNvva|A+BC3jKJ82vjc;e#J(U=Z7&0l zBR8nI1OX*e!qvAUHD!WkpqFoQ2lVO|HKI9cu0&Af=e&!9gv3omykz$M5c{a)@PR&m_}r0TWU1TP=uex4$@Jw>D9UJDr5)%jE373l(e zCVBPc5#3G)HN4(Q`~7#@#wVsi&*w=)S@#iMzQMJivtp6<+ zelNe$HL4TWpMC?I8N#(4aEX{lntc4Bp!aoe>*=)hI4?iRmDbt%OK7bPwO$6T#muOt zokAfvSrawg-qo@`{-+=&^F2HAq3_b%dBNN@?4X9tdo-0k{#pOdJsI#^36Ap4 zJ)2>EfANV~#xSE{Q^CrGaSH?dJFx%H{Xxz(292teEpE6fWcJv7|H6xch6(TvPcqBc zGuTP22KJzryu|ieOya3v-LcL(p$H7_m~&KqYPMe}eJaGN zmpzYj3TDc6IaeM;a)=@^#c(!pt@E2EIalT-xGV*q@Df8=V%kH=BJSmYpWpBO0Gx;B zhFN(Jnf?6S;0{6NoDTYUdj1Ts0&&a8lCt4xy**mX_n<~j#A{1_{pE9k(d2;Jm?!r0 zVz>M#rE*x1${)NyWn7Q*ff1cF76Fa@Lo^CRv_2WX=Oc#ohL{Gowjj>3{TJFgI@o$+ zu(h=;5L}zVr6q&b9m4Rw`*BXrto)@2LN6VDn0`sSFhszUE?4S*JsPqNT5tw-F2h0l zKMKm{gP>dk;juxQhLK7Ej~Mpx8{mB^l!>^FbVETr>+c(}3oKE1Qy<_%pZvby1#O0R zX_L+(yOlLCgH@nn@Rq8Ai&Wa8k;&tFa6`x5YErk|_bh1i*E{GP0Cc|vv>Xo6N@=6?Qk_-;W21fy;acKJ ztUWy3&wCHiRq@1fEH7C>GVG~?93Imh6#Z9i@8LK4VwpVc~h)c%?^?iUpKwh;E zNZ;zAJbskLpuV=awCs;fRO3_RbeUxXRg|;sRFLcT4C_!&NG}J?31g%t#lvU%HJzQj z=LrvXVF3Fu-9^tBI!ubpDdI-??}vlf06#-OLmHs7j<_K0t~k`4=3sQeM{xF*V95$v zaXI&lJE8!NomZ3*$A$=FG6YK~$)-S&Yf2|X#2 zCj&$R3`msZU3skGrVNv8;0;Tkh2|t^0Mwpvh^)211i5E`9N1GHEPLds+R1yD;#5lgN~l`~ z@Fb)w;7RFCUWoG_Y(m=aV8>JUWbMs;EK+7e*#Ur4Pm$s8Z4uL+iRMC5?d|vODB|Dt zPZPvp60S}Ff50N)W(bUqKK~;Se0Zit!WmpBS!-D<93BMQdmmYR*d%Z9(i+(UIdC`| zYTPf-*QLSCpS?tSBnPkXlkrDJ&M)+d?2N(04PH%a9P%;-h8qw}*LZC*bG_c8wPe>% zSt#PLXv!Q39ARo&nciwAt$o-lZ8KVA>~5CnUC5y@t%Vt2;u3?ci8ouMI!9}Lfbjqm`3Aah0gS4#H zTN)vT!7Q6M=UdCzR?U=eOK2ZMJNgJ=@pwqov5^qI{}ztNj_IwRdt@?MkeWtcJH2vX z2Br6y=To@&(Og5ZObubNMYor|=dpE`_3!8*R94~1V%jlIYA@kzAr25vwoG|0+47L( z(GUlU;nqXzu{8X#hiL0EQ%Cr83sE0=!>Ge&1(jZZSZfitJ-$@J_4fAQd6ZihGV5#ZHDx_KUf!0NHqQZQSI)6rS^mxj+4+ z|3_0b7X$qc>sEEpOWOOW{HT~tCO$PW=|6D#w^leL>KdDs0{+2(;ujBDa_S2tC-;9` zpp=8+W`<#tW<~A#k3W{7gJjBAI_oF?07N!9pJ+d$^XkQwq78Dc#y5yn<}(iJgXM z6W-IxPYU&a%Bv`V2ysSy2{l3y9XqEe7};5`CUj&#JGn%9oE@Ql-;1|J=e(JXKydy= z=A7-0Hjwt-jzX`k3e6FN$=&QA#21ji^`(5lP3T?@o&fEYVj`CTs@;c>jD zMzN&oyVwY!{UE{9UQb2Neb+DSBIJd93ZlM{tUeX0LoK6*jJnVZ?I#aim=?3M-D|xIE8`QF&W!XLosSp8sct0O%k1L=em$Es zKEX_LU4F9Y`_xIl_|-5w9bpeDc1kzQq#o%o?5Z^;AAk0^xJ!-S8}8oAP|@YA!KNc1 zEsP45HN4x&kKYdtbGkbCqanJBS&@rcI z`l>f{xk>R0*>x#dy|PQrHPUdY2f9XXT}nn%NyOy`(GBwG<$e(L*?Kt{Jwoa(_rxAA zxpX-L=fmZgE2*fM485XDi1z7N18i^3_$hHiI~Ir2&+jJ7uJp6=2Q39JJl3Hnm}G`L zQqbSh%W~>5IRw@-VBe~8B8%K&lF84>En3)B%1ic^%zZ4ILwN2Z59ZT4a;MIcw@@L? zs&6mBP%^EvL}6Jc>nIUJi6)3w<4m^nuqdoD)w#VT@s=Xdh;wjKDne(I7c-4-E)J{K zvgNryKBk463K`j>p>mw%Q|WN1yGay)%0!&le|{QG$Qyr*qHnn)3?x>-bMM1bz1#=SRmf=jbwIxN5kVyMIu9x zn2fXYLWInNrWww8k6o1YIH$K1w#H8R(DNrR38Ia*P=6)5gxQV;9nEG4z7TEsLB^l$ z+V#(iPd3F{qFQZBW%-= zs{C(SsXANz^MACu@Hee)gsv9^_y_(+tGGpf9oNU5tp@#%R>gnQs-m-11a0*<^IZNn ztyXomx^?V-h{uJ$X;$3X?6d#XEbh_2jx4jY*_;2XS@GXA({who{;y``f79&O(9MSc z|KR^>cHwWDo$hQlG}uf`WthY@X2k4hF9}&@`6P&cOd_)z^--%mB6INSLPybLvJtZX z@n6}mJwrZiOwo+@#DThi8%n_&EAmOi-Ix*I*TW>ovA5xx4=rf7{psTw&AfjS_Q%v% zKR+6-on#o_%~mvk(kYQP`uV}&yZ@LX{oU>7wSKbi$2hPppZqugqDpQb5q=y3iOX=A z^{4*ya@E|QhQs?iK2q_M7V4e+X&k&h;UmhQQ?zM-0j|xmaQ+VGwOIRGldkX0hBw!V z``(6A-$Eam_;Whc9_k~{{Y*yPhn4L6CBLfc)!42{VPRjHaDZx(xv7r1^SJywpSFO)QQVNKunPO2=Rv zPo8VqB=+$i21x9URN&sI8=u4Lr~pwm4}sUL=9TbzpPw9W{$RR~f6*@qIcpu5<&zoB zlfacI(DO!s2LM(A>;j;yP+$c^#fbq6VFXIVkUj?WZ2(5#f17dP2hA3qFkKi-uO zT6O9~@_S2CY%hO^UAGwSrO-_Qpqmy+x)i-|w`l#X+j<{w^D+0eHVpv58^#9D)Ly3? zp`#9oxBpi?`S@3ToR6Onx`x&vxFOc~f6alyUVmRW^S6=M=_2L7X@Nm-+ws_MaUCqZ z_}gUsu9x)xJyze2iQeV>Gpi??0A?_p?cQk$Jv{7p7yOZ4n#2<0^^<(7XACtu%esO>pxna1>Ll$vE z;5{Qi-r}Bv7#vA~le`EISy`H78}2>3^zmQ1=rytSy+R_09YlIzGZ|Lk6tuX*x$yAU0$ukj z$m!$Xcai>WNwFUOnZFcm?kIZkFGc@^kV0!}JaPXwy4fKzNdMNjnA3kL9!F7XW3B{` zD(|{0KE7{z!Nk85M79?!{YwEakS%Q!<^Kt}+r-!!8*@5%->)m)4+Ro?M;l)mysg)@ zV5iW|FQUB@8#DSZ#V-itnLCLwv;I=>m_YX4NjFSy@Aj65f8%)9sb~S$@9siPoJ{<8 zo(Y$9*%Cn3i~K~fmp>mM7x)}V)C7oD=r8y3TLT!j-t8O0#X=Mmtqzbi!f;5;4UiMU zFi7MCh*!vfM4tf3a4mwwZ9l1SZGyx*elpCx1rjs-= zPV~Kq@B?0Q-v13&O(%N;+4xHj`8{C9?|3#3LydT_#}SWEf85jK$VX@@zU_8YAY{g8 z+>V;d&xgA)9@^OOOF;Rq8 z;43c2X%Wi7M_rC^G0MQZT#jsb#`JR2JKi00D|32bSLj$LM&t1VF2{K>%Ep6Tj(7vI@YXey+h^EuY3&|F9r_#D5hkV)#{`v6zl$24Az z!ed?hyZ?28(8DWzj#4#Bg|f20l>O>;>{A0P&w3q~)G&e%y^h#$l!_~ zIPl~_ujA`*l#X+}4sSS`jbprySrKTy@<)ihwePhZziUw3kgt4E<~Dw-FB1N4@xkph z_U&xt1$wbMtP2m-P7i++E{W^lleA*CD^EZC$Up`i`8-ki#7my+1(^*C{Rf>J2wm zF{@69xWIA8N71N%(d*u;b+m0OU*)CIXG4ANoj|EAl(*C;;;K9IE*%uV&(tVtqG}Rq zM!w8!YUPVPmx48wIVYN>QEhyh`$JOt*#!uxR5LmoJQ?o!L#4TP;aVu?8XTY9JY1UVJc!@lAY_?vx}+gewZ?{R zCv90aXIfDCgv@*zAF-f@;)P*$`cWdlOIF zpSy33#Th%}#EndHHx@NAy`$N@gt(kfZ=$R(ZZf9Rf>?7}V3?1aG3s6gM8JLaN|;Z_ zj#xBA)gSIKw)5$$RgNpMDA79J_gYx@7WTzAfCf9_guh(|dl z7TUfFCt*y-(BG_*62gYDm_5Dz^L5_|a=Sdf)`d+>O-1(UdNF(0g*D$bizK_UWg8+k z$uIX=6vM8|Wwd&>#8y&*wBK5PBya~u1fN437MK!jP;3y{B^!G;5aE7CQ#)+oKvuS` zoL#$6uvFxh3tA?N#Rgf!2DqUk(q9!$N5j>7x3Uqn#Ho@hcib4pV0PF?uf4`_TRqww zY0e(NIhKuEC$`6}QrZc$>Ir`bGO_S?7!z(!sG@jz_*#o|9;2 zv}c-iRbjWpa&`Gk_Of8HXR)?~GtEf{x^0SZ+uUaan@zLD%yt9!3vOaqeROH1IWISB zqqK%UofRz#k)-b*-|Dy942j>0l@GgZUWL<`4yQ%w5zg53sD`Sx0}o$yhBqEGYXlW@ zLiT-wys@gy^zb>SxUnjjXOsQsY-z$raZDql?^!+rCNk1Z@0%xVC>j@iIdQAJ1{n_3 zGrArd7@ZZq_Sm4l6bs{0I(wG)(=ptu?jClq2r#lldk=ezopPes9R(xP+nH2{nMpa* ztbG-Ny7DtZPSx`e+mEw%w{I{HW_#J6A17{zFAwlry{p+**`qMDiGY=oP~v{KMTuhj zDB;r@>_#mwaU zaw2Vly?5i$7G=ap=g}5*#6Tz8gXYohk+zZ@&vv(WYwWf4ar5fz_;Lx{lzzY~hV_?( zn8u_X)j&$Oayf`3qwQ|5Vq?nV?3bI9wp-t9qTjkO@;G~x{jxCC9@RLG-39ZOQ*~LG zWm7lO(O+~iHCRWl?Ncs5SQ~278sX)pYGl}ZOTys#jvBypt!C@t7A8Wqz1t4v7E<+e z?iwfmCc&j(Qdvz)Rs^gEB)PPzkv>zc?D%m{H#7*U#yM>Cwu?Y7b9g&DpXGAjVjpC` zWi#0xx8yjuu$-H+CEq8wFhh}`OLH1a8luWowA2FH|fNEbDS*Tj7)9Z44JLNVZA0DiS7@6xpQLi{UmEqc32wwXqm>#L1v7 zGu_nuyalQXF_BE%T9I4!=(%km{R}V_x zm$R_CH8E^_*@I{$E(a4P87A%#hCA<)0(XucX&=a4 zoCH+Yy;#El>oT{dFQARP7j5tMZi6VNGTi=@?N2Gy;~YA*LoZ) zlF+c!7X%S^-PK{JPt=&Q1N?nQsS&5?R(?N}p9c>w38mmeg2S7Hj-fXlhkK#-;R|KQ zA}vZq|8Q*3qR%7Ox?cg_i=v)~n|rY^Ut1lI>d*_CT(`Pqn1a!k2}2nXw@}!kN0W1( zbcwjW!cNFyxCkbq@r3M3gSzdd5_QW^g!BRa5hza(&cY?Fq0EUtMH;|}1_~O+!w(cb zZvyc%o@n}$|EFUsJtG<7avam6C2Bw1*l1~roWLZD`zAVuCZmB-FL;Ay4@{T;3YD^! zRgR~UQ963f@n$mWjaGj6c{0kyI!gd#A!yXOFuLT{u~N{}k!(C`W)p##zc~h`qWgN} z1nO=?gmHC^Ae)SKAziZ!+WRLz!|_Ba>MeHj+mAc8rJ{^j%>Cp`6=E2a`DatzulUt= z>-k}0Dw4w|ON`^jeQ0X-9Qg*6gbhB&A_Exb9zObA1Dq#{mh`A6cYOxK~*8zv+;(7LGU@@cS4NqJ3&=t zIe}A6?5Kr@V8QMO)3jfhUr{EMlyu*Grn%d@arIamZ7*!KmF^eJ4A$F9X~2J>nlod`C+&jAa02R-y?1BTf((nYlRy7TS8UE zTET0_T#0Y3u&d-_fr0m?)oX?8yFP9fA54IdJ`=&!i5Oqt!0Nl}aD#ANXI)f11TLGa z@Zf^gCGY`43As_qlzxQucs`zMYE)Ya@A#HCG>d<2s}||{O+c#|UCwH#FGeMsZ;WTg ze~k2L;|&GRKZ27hgjrhr2#js1O_*vt(Hs?n=C64Py<~&4k8X_{gr>+J0Y_p%Ck_m~ zS)n^Ve9429Ju;5n$8%=Q39^jV-ByF~* zvS6oxxToNoABlVsq;)K~zxEe^$z|ZWA?|y>V|^MLVTD;j+#&xK;N&yaAJyQrG0qb* z5EAi7r(8O`!N_K@FACSQ0{q^Rf(4-q4Eb9ej zJ)QLD4Wx|}Uw3%#=6sw(Op$vv*KVqF7-(yd*P|4xq7kLY8j&{G4Kf1#PX(A1Ei0xj zD6GYH-Ck+*^C=K^y^h3fx1Y3BgSU+Q{Nr8>Ze=7~!HNe16fcNdN*HD1*=8ICs{wAq zidzmae*Qrp6*s$(rNMpT>izr`9~I5I8&xL6nP=5^=-;(f(sfuH1NRUDe7*~@g|Hg| zs&O)1x>`n?#^No0_!J{Z80;ZJIzT37Zvb)Up_5kVtheuM^YCuKKgCtS?C6t@60A9H zIxiV4rs{tid>~{G@Wb8Wwu(|eFY?imf^f^|nH5|@tXur7NRIm?T?mm?cJkKAaJX)H zf`Qw4CtE~Fb!)vCKJ%5A-$-ZDKTYm=a!&Y{vxNSp6JW_sG&5Q4Tx-{0G0%apSVJ3- z4OJ4j>bJtTSx_OyFxM$*5g4FT{(_)d?dKQ6FE6No{*S!}1vewH9~AtI*iJtdJ0hHG z9u>cuJtufg^7p7vEeUKE6bNK5Ok}5Af?-v`Zz!CzBoFewo9%?3?0j>Nsg~E;oxaw#6qq_VhzNt)i`p>K6pX z>dk^YGO{|d3UjlLoD*6#Qn9=eaoRvd4Wl=Xh0Rliyi&Rc4x_zL3J#kbU2aw_qTbbJ zL0T=ZKME<6^PnJxu0`)ceMIX^HU{{OK$QH|@hs-d?ssp&T}p6zd;L(7B(6Eo60nXz zm&D~Ksv$Y%LOo8|RU@z52*QyX`0}RGB(tBsDKSayK~&oU{9{2>m`ibAY&zV6Bf`GD zENH+zR8>gIDFJUdC5=D=!i|@K2ubGzan-Ne${3 zxMO_jeMJjW9BvUsh`yyL#AH^RaG6krBmMBL(d<@@j~;G-}{OE<4x{Ej#{XfOoq^FbuGw7qj?i8*pNFp;094?;wzC23>}~Iao@@-TYqtl!?sM7T>eDOm_5!@U?UL@3 zvM;kHoz@DH`mBo@X+}FgPis&)(`H30Fc*QpoFx`CM)56^2pM0QHM5k19m}k|A@nngYVmI>Xu?f7Knlw>iB~<`8L?7;akQt$sHnL_WjV+MZi&zO!X~p&-E(3PZ~aShIbn&O5pP9 zDC@l)J{;_@ytBi(p$<2|(+beBma3|vwaPrDeK9LHBe=qwpjG7cw4+ohyeR^*Jj7l1 z8$%%{2ejJ$5;iaU1*-;Awd>WNXonoWqUr0Vabpp>2WxcD1zQ|^ox^sN;XE?cQ?ldfc1#v_#xZJ-N_ zv2S`0?}z21#3=#(u=k@Hahls%CQOdX18JTFBxk@gzXlxk-DjHZ2hIp_HE^B3#?Q|b zsE0NOJham_;s#`x)d1fs?V8?btj2~p4PzkQBl#vPF}!h1`LOD&BxR#@rw|U#L!J{p z{%dSck9A`BnC!KcV>XyU_-1;e@LmLqd3@FxVOTYMz6M~dMqBOR?U>kf>&ZNrmF19G zT8+3J!lw5qFYx{{LAeV9L3vmXjbnDvbua=LHzDwJ6Vi^^3gy65_!`MGp zc{)4%`T`u}{sX=%#ItC0DV9 zMMi(QxpLe)@Yzw1z&j9Q(6fDk2ay3qTg4OaRA#e-;7t{v66JBZ_(%QVKYBv)KX#wG zEp^55E^bGF&-Qf4ygMojWZi|eL7D#o7U=1XXPT>Kz5@$Xm<%W1ek$=Yka*-&N)=8` z_30Xj*1~1(0RJg;H3WV#0c#o9kf=ch+U3LtXG{JoPj(Z@V~2q@>d^0P5D>})4JCip z@zHRUuK&t=RS?5fjAr=S-e`%ptJzXZqTTq6)?W2;cRT$h0*7Vl9|ne*~(jR1(zS|bu1Z;vhyQ7@)jh2y6LiDvQKEb&CdXj zUX;wF;NB*!fjU-G{X7AuR{~CbX6XG@uZvfB)pssE6f%ntNcrG7$LKLA$q_dO^;7`+ z#sVA<=8d4QD*!%x*0E*`O4n}mh$`hqA0G~%71s%I6?H;PQJp}~J7P=x{A|JT^%w|- ziXct{=z}{Z7r*K#UAU_O%Ux@u>SApa?wBstrp-mI%{Q(NYqJU3QEO8H&#u;n9$HmZ zb;a|GD`d5-L9^8mMD$)Kq5~mBCqjr4L9@`1q7;tim=r(%hYLZ>pUEi`?xhq41EP#hCXePJ!df@O>;0=)`PIoM3tjGlXIy_`56Be5S zd>_FWbhqJDsD4O@_;z+X!n2W9{)`)gD&ReiA=#)TW@gY$wg7k9QbqD|c)s(TV{bM} zN;~P6n}M(=nbbrb;%*2M^9*=i6FTZ9Mgv4_ z(;Ch}aG>HDAN&G~lx=*bs8%}U`zE?0l)?@v0~jaqIF^n@{Zrbv(NLoreuazi@dbew zdsa1R|4Bn_;vw%gsZ;kfIX2}WV|su88kR;oeEeIk)$p?^^h-)97zAxeBCu2f?2|Ft zo_G)9!d(t72URH2>5te1ILvT{qjY>cS?HCSdkDiB3Fr0K$O18q4aX7EfLn%o+{Hx(&&4U4T zi%G77eToT;z*F8ZFpzMABH&n>hjQc>1KnWIJ&!w%=bhs;?~IWKWH;a!rcCe~Q}Fo-x6pr8D7K4R zVi-o3%`&N{b8oPc7A-PCSp@`miWvm?)X_SfD}i4EcnrJ%_*4Z-b}(3%#-7goxS3f1 zhpG$K3XLUeg{X?uHSM~Jt9vXbwAihJxNIG4E|GQ#Td~|2>N?#IA+2QE^;Kb{Z6JFh zcS*2oIur9CrbNq%8Jd5$;|D_dJD5I@-x0jFLPt&ziJXPvbUE-N&$KB!2_kK)g@GoU zkf*h-c}$!}3(BvjACKfJvoBYg1z%7QeUQMk3@I*~AkWEUf`|4E&mE zF>IESpxnr|m$#P|L+N*ZZ8dDcd%p^M!-&SsaJ*w=!%t*E+Z{{>VE@ctT3y(>rqqgi zzYA3uh&VF#Vz9mpe8*r3pwt%|aq8N}?ZS^02tt#4$7MHQN)ALe7-criH!+4HCo&9f zcsqMHd_K+egA0B@{Ei^;ufn2N2W5k{No#~7uZA$-5*^r4_~{RD&HKQ?ttrnqwulz(u58akzuTj56=_W7j~ zsH|7!QmLkYsSHyglIJq@`$J2GnzO6IFuRRKP?v^B!r7Cs5>7&>^K`BhT2i->rgnr< zaIc{V?lqV|)4PDNwz7LQ}!R5ToJZq64RH>aZAxY^}c zKMloN74G6D+0JoI=~eXX2zBb%7JmF8YGXofLBuBz8Brj0i$*ysPuY^fFuhSqEO_+g z5FH5v(=N{{6ZBx-wM7i~s2f}YixT1_lP7k#1&d7s!Jb>7bgzq^0UIG;amX^j3bC4F zVB!V>3To_w9s)QB443E5F)LeQ6k`h*FoWW0dC-v*90oCT#L$g}Y4ql?z`q%uox&{B zO0u0b+Eyw%O0GX zMmP8ZWOooCWR=9dhjP!kY=% zg*W3&rki2oN^_~V@ZrT7=pw>!7zYjnQ5DTCJU;ysS0Ye9H z1E3M$JAkhNP6K=da17u8z+Qme0ObJd0oDRM15gUE0ALotWPtGi;{Zkj3bAVF-hXLLPcpG3V!0P}n0Q?i+34nh9JOnTWAP-;+ zz#xD=0KEXZ0jL2a0KSJ|fB@XX;C|nP#E$^q0elVcF~CuP8h||jZvbosSP!rk;8}oW z0E+{oPu&F1v3=FPS^@L zkO^s^g4k&sYM6(2@B*e_5=KESf2g4eRjxxa*=;t-G0Vmj;1fvD_i&(zHme29 zd9mo>5#)w^#R|+L4dD2?U(2P=ob_)zQ@UJGyOTCP|5$-kcwr0vn9Yj8`QqP=1 z{sffADn%=(1OvACiDuNtOBY1VwXdS)`JDJ~1;=J_ zJ3qv}tSo!^3Cj|cwWgrG4)rMHqTk$SQ8NTJpob`y@%t;-%@YB-&h{YXTKcrhgH$&9 z=0?0iR_R0D53Bn`QJ;W0*q4JgM5Pap2XW9Af|SAEf}~j&j|)N^g|IuVHXQU4+>Knp z+e5faxTu9sgvi8GA==B)5EYc+$s1d6(>tOMF&Qz0xC2os50I-72~5TZc*x}D0&$A&N+AV0gqw3{3}9LAsr!uT@uI84T@H-5a+ zCDv Date: Sat, 30 Sep 2023 11:37:31 +0200 Subject: [PATCH 12/19] fix(storage): correctly fail when Optiga operations fail --- core/embed/trezorhal/optiga.h | 25 ++++++------ storage/storage.c | 73 +++++++++++++++++++++-------------- 2 files changed, 57 insertions(+), 41 deletions(-) diff --git a/core/embed/trezorhal/optiga.h b/core/embed/trezorhal/optiga.h index cb009d901d..7bab2d6f06 100644 --- a/core/embed/trezorhal/optiga.h +++ b/core/embed/trezorhal/optiga.h @@ -41,22 +41,23 @@ typedef secbool (*OPTIGA_UI_PROGRESS)(uint32_t elapsed_ms); -int optiga_sign(uint8_t index, const uint8_t *digest, size_t digest_size, - uint8_t *signature, size_t max_sig_size, size_t *sig_size); +int __wur optiga_sign(uint8_t index, const uint8_t *digest, size_t digest_size, + uint8_t *signature, size_t max_sig_size, + size_t *sig_size); -bool optiga_cert_size(uint8_t index, size_t *cert_size); +bool __wur optiga_cert_size(uint8_t index, size_t *cert_size); -bool optiga_read_cert(uint8_t index, uint8_t *cert, size_t max_cert_size, - size_t *cert_size); +bool __wur optiga_read_cert(uint8_t index, uint8_t *cert, size_t max_cert_size, + size_t *cert_size); -bool optiga_random_buffer(uint8_t *dest, size_t size); +bool __wur optiga_random_buffer(uint8_t *dest, size_t size); -bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, - const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], - uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]); +bool __wur optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, + const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], + uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]); -bool optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, - const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], - uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]); +bool __wur optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, + const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], + uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]); #endif diff --git a/storage/storage.c b/storage/storage.c index 0c86781003..3f70502772 100644 --- a/storage/storage.c +++ b/storage/storage.c @@ -593,39 +593,50 @@ static void derive_kek_optiga( } #endif -static void derive_kek_set(const uint8_t *pin, size_t pin_len, - const uint8_t *storage_salt, const uint8_t *ext_salt, - uint8_t kek[SHA256_DIGEST_LENGTH], - uint8_t keiv[SHA256_DIGEST_LENGTH]) { +static secbool __wur derive_kek_set(const uint8_t *pin, size_t pin_len, + const uint8_t *storage_salt, + const uint8_t *ext_salt, + uint8_t kek[SHA256_DIGEST_LENGTH], + uint8_t keiv[SHA256_DIGEST_LENGTH]) { #if USE_OPTIGA uint8_t optiga_secret[OPTIGA_PIN_SECRET_SIZE] = {0}; uint8_t stretched_pin[OPTIGA_PIN_SECRET_SIZE] = {0}; stretch_pin_optiga(pin, pin_len, storage_salt, ext_salt, stretched_pin); - optiga_pin_set(ui_progress, stretched_pin, optiga_secret); + bool ret = optiga_pin_set(ui_progress, stretched_pin, optiga_secret); memzero(stretched_pin, sizeof(stretched_pin)); + if (!ret) { + memzero(optiga_secret, sizeof(optiga_secret)); + return secfalse; + } derive_kek_optiga(optiga_secret, kek, keiv); memzero(optiga_secret, sizeof(optiga_secret)); #else derive_kek(pin, pin_len, storage_salt, ext_salt, kek, keiv); #endif + return sectrue; } -static void derive_kek_unlock(const uint8_t *pin, size_t pin_len, - const uint8_t *storage_salt, - const uint8_t *ext_salt, - uint8_t kek[SHA256_DIGEST_LENGTH], - uint8_t keiv[SHA256_DIGEST_LENGTH]) { +static secbool __wur derive_kek_unlock(const uint8_t *pin, size_t pin_len, + const uint8_t *storage_salt, + const uint8_t *ext_salt, + uint8_t kek[SHA256_DIGEST_LENGTH], + uint8_t keiv[SHA256_DIGEST_LENGTH]) { #if USE_OPTIGA uint8_t optiga_secret[OPTIGA_PIN_SECRET_SIZE] = {0}; uint8_t stretched_pin[OPTIGA_PIN_SECRET_SIZE] = {0}; stretch_pin_optiga(pin, pin_len, storage_salt, ext_salt, stretched_pin); - optiga_pin_verify(ui_progress, stretched_pin, optiga_secret); + bool ret = optiga_pin_verify(ui_progress, stretched_pin, optiga_secret); memzero(stretched_pin, sizeof(stretched_pin)); + if (!ret) { + memzero(optiga_secret, sizeof(optiga_secret)); + return secfalse; + } derive_kek_optiga(optiga_secret, kek, keiv); memzero(optiga_secret, sizeof(optiga_secret)); #else derive_kek(pin, pin_len, storage_salt, ext_salt, kek, keiv); #endif + return sectrue; } static secbool set_pin(const uint8_t *pin, size_t pin_len, @@ -641,7 +652,8 @@ static secbool set_pin(const uint8_t *pin, size_t pin_len, chacha20poly1305_ctx ctx = {0}; random_buffer(rand_salt, STORAGE_SALT_SIZE); ui_progress(0); - derive_kek_set(pin, pin_len, rand_salt, ext_salt, kek, keiv); + ensure(derive_kek_set(pin, pin_len, rand_salt, ext_salt, kek, keiv), + "derive_kek_set failed"); rfc7539_init(&ctx, kek, keiv); memzero(kek, sizeof(kek)); memzero(keiv, sizeof(keiv)); @@ -1157,23 +1169,6 @@ static secbool unlock(const uint8_t *pin, size_t pin_len, hal_delay(100); } - // Read the random salt from EDEK_PVC_KEY and use it to derive the KEK and - // KEIV from the PIN. - const void *rand_salt = NULL; - uint16_t len = 0; - if (sectrue != initialized || - sectrue != norcow_get(EDEK_PVC_KEY, &rand_salt, &len) || - len != STORAGE_SALT_SIZE + KEYS_SIZE + PVC_SIZE) { - memzero(&legacy_pin, sizeof(legacy_pin)); - handle_fault("no EDEK"); - return secfalse; - } - uint8_t kek[SHA256_DIGEST_LENGTH] = {0}; - uint8_t keiv[SHA256_DIGEST_LENGTH] = {0}; - derive_kek_unlock(unlock_pin, unlock_pin_len, (const uint8_t *)rand_salt, - ext_salt, kek, keiv); - memzero(&legacy_pin, sizeof(legacy_pin)); - // First, we increase PIN fail counter in storage, even before checking the // PIN. If the PIN is correct, we reset the counter afterwards. If not, we // check if this is the last allowed attempt. @@ -1188,6 +1183,26 @@ static secbool unlock(const uint8_t *pin, size_t pin_len, return secfalse; } + // Read the random salt from EDEK_PVC_KEY and use it to derive the KEK and + // KEIV from the PIN. + const void *rand_salt = NULL; + uint16_t len = 0; + if (sectrue != initialized || + sectrue != norcow_get(EDEK_PVC_KEY, &rand_salt, &len) || + len != STORAGE_SALT_SIZE + KEYS_SIZE + PVC_SIZE) { + memzero(&legacy_pin, sizeof(legacy_pin)); + handle_fault("no EDEK"); + return secfalse; + } + uint8_t kek[SHA256_DIGEST_LENGTH] = {0}; + uint8_t keiv[SHA256_DIGEST_LENGTH] = {0}; + if (sectrue != derive_kek_unlock(unlock_pin, unlock_pin_len, + (const uint8_t *)rand_salt, ext_salt, kek, + keiv)) { + return secfalse; + } + memzero(&legacy_pin, sizeof(legacy_pin)); + // Check whether the entered PIN is correct. if (sectrue != decrypt_dek(kek, keiv)) { // Wipe storage if too many failures From e28dff677cda65b1e8bf328359a74d1236f7a83a Mon Sep 17 00:00:00 2001 From: matejcik Date: Sat, 30 Sep 2023 22:55:45 +0200 Subject: [PATCH 13/19] fix(core/optiga): add correct key usage to OID_PIN_CMAC --- core/embed/trezorhal/optiga/optiga.c | 1 + core/embed/trezorhal/optiga/optiga_commands.c | 2 ++ core/embed/trezorhal/optiga_commands.h | 1 + 3 files changed, 4 insertions(+) diff --git a/core/embed/trezorhal/optiga/optiga.c b/core/embed/trezorhal/optiga/optiga.c index 0ed8a3bb99..13844f62d5 100644 --- a/core/embed/trezorhal/optiga/optiga.c +++ b/core/embed/trezorhal/optiga/optiga.c @@ -293,6 +293,7 @@ static bool optiga_pin_init_metadata(void) { metadata.change = OPTIGA_META_ACCESS_ALWAYS; metadata.read = OPTIGA_META_ACCESS_NEVER; metadata.execute = ACCESS_PIN_STRETCH_COUNTER; + metadata.key_usage = OPTIGA_META_KEY_USE_ENC; if (!optiga_set_metadata(OID_PIN_CMAC, &metadata)) { return false; } diff --git a/core/embed/trezorhal/optiga/optiga_commands.c b/core/embed/trezorhal/optiga/optiga_commands.c index 8ebf28ff76..75bc2df046 100644 --- a/core/embed/trezorhal/optiga/optiga_commands.c +++ b/core/embed/trezorhal/optiga/optiga_commands.c @@ -42,6 +42,8 @@ const optiga_metadata_item OPTIGA_META_ACCESS_ALWAYS = { (const uint8_t[]){OPTIGA_ACCESS_COND_ALW}, 1}; const optiga_metadata_item OPTIGA_META_ACCESS_NEVER = { (const uint8_t[]){OPTIGA_ACCESS_COND_NEV}, 1}; +const optiga_metadata_item OPTIGA_META_KEY_USE_ENC = { + (const uint8_t[]){OPTIGA_KEY_USAGE_ENC}, 1}; const optiga_metadata_item OPTIGA_META_KEY_USE_KEYAGREE = { (const uint8_t[]){OPTIGA_KEY_USAGE_KEYAGREE}, 1}; static const optiga_metadata_item OPTIGA_META_VERSION_DEFAULT = { diff --git a/core/embed/trezorhal/optiga_commands.h b/core/embed/trezorhal/optiga_commands.h index 743f8c0a7d..4d271a812d 100644 --- a/core/embed/trezorhal/optiga_commands.h +++ b/core/embed/trezorhal/optiga_commands.h @@ -137,6 +137,7 @@ typedef struct { extern const optiga_metadata_item OPTIGA_META_LCS_OPERATIONAL; extern const optiga_metadata_item OPTIGA_META_ACCESS_ALWAYS; extern const optiga_metadata_item OPTIGA_META_ACCESS_NEVER; +extern const optiga_metadata_item OPTIGA_META_KEY_USE_ENC; extern const optiga_metadata_item OPTIGA_META_KEY_USE_KEYAGREE; optiga_result optiga_parse_metadata(const uint8_t *serialized, From 68876170fe79ac179c1bf8b451b0a7fff022cb51 Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Mon, 2 Oct 2023 19:16:55 +0200 Subject: [PATCH 14/19] feat(core): Propagate Optiga errors. --- core/embed/trezorhal/optiga.h | 13 ++-- core/embed/trezorhal/optiga/optiga.c | 105 ++++++++++++++++----------- core/embed/trezorhal/unix/optiga.c | 16 ++-- 3 files changed, 77 insertions(+), 57 deletions(-) diff --git a/core/embed/trezorhal/optiga.h b/core/embed/trezorhal/optiga.h index 7bab2d6f06..3b170f7a51 100644 --- a/core/embed/trezorhal/optiga.h +++ b/core/embed/trezorhal/optiga.h @@ -23,6 +23,7 @@ #include #include #include +#include "optiga_common.h" #include "secbool.h" #define OPTIGA_DEVICE_CERT_INDEX 1 @@ -52,12 +53,12 @@ bool __wur optiga_read_cert(uint8_t index, uint8_t *cert, size_t max_cert_size, bool __wur optiga_random_buffer(uint8_t *dest, size_t size); -bool __wur optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, - const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], - uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]); +int __wur optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, + const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], + uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]); -bool __wur optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, - const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], - uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]); +int __wur optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, + const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], + uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]); #endif diff --git a/core/embed/trezorhal/optiga/optiga.c b/core/embed/trezorhal/optiga/optiga.c index 13844f62d5..71527bf6fb 100644 --- a/core/embed/trezorhal/optiga/optiga.c +++ b/core/embed/trezorhal/optiga/optiga.c @@ -340,12 +340,12 @@ static bool optiga_pin_init_metadata(void) { return true; } -static bool optiga_pin_init_stretch(void) { +static int optiga_pin_init_stretch(void) { // Generate a new key in OID_PIN_CMAC. optiga_result res = optiga_gen_sym_key(OPTIGA_AES_256, OPTIGA_KEY_USAGE_ENC, OID_PIN_CMAC); if (res != OPTIGA_SUCCESS) { - return false; + return res; } // Generate a new key in OID_PIN_ECDH. @@ -355,14 +355,14 @@ static bool optiga_pin_init_stretch(void) { optiga_gen_key_pair(OPTIGA_CURVE_P256, OPTIGA_KEY_USAGE_KEYAGREE, OID_PIN_ECDH, public_key, sizeof(public_key), &size); if (res != OPTIGA_SUCCESS) { - return false; + return res; } - return true; + return OPTIGA_SUCCESS; } -static bool optiga_pin_stretch_secret(OPTIGA_UI_PROGRESS ui_progress, - uint8_t secret[OPTIGA_PIN_SECRET_SIZE]) { +static int optiga_pin_stretch_secret(OPTIGA_UI_PROGRESS ui_progress, + uint8_t secret[OPTIGA_PIN_SECRET_SIZE]) { // This step hardens the PIN verification process in case an attacker is able // to extract the secret value of a data object in Optiga that has a // particular configuration, but does not allow secret extraction for other @@ -399,7 +399,7 @@ static bool optiga_pin_stretch_secret(OPTIGA_UI_PROGRESS ui_progress, memzero(buffer, sizeof(buffer)); memzero(result, sizeof(result)); memzero(&ctx, sizeof(ctx)); - return false; + return res; } hmac_sha256_Update(&ctx, buffer, size); @@ -411,7 +411,7 @@ static bool optiga_pin_stretch_secret(OPTIGA_UI_PROGRESS ui_progress, memzero(buffer, sizeof(buffer)); memzero(result, sizeof(result)); memzero(&ctx, sizeof(ctx)); - return false; + return res; } hmac_sha256_Update(&ctx, buffer, size); @@ -424,7 +424,7 @@ static bool optiga_pin_stretch_secret(OPTIGA_UI_PROGRESS ui_progress, memzero(buffer, sizeof(buffer)); memzero(result, sizeof(result)); memzero(&ctx, sizeof(ctx)); - return false; + return -1; } res = optiga_calc_ssec(OPTIGA_CURVE_P256, OID_PIN_ECDH, encoded_point, @@ -434,7 +434,7 @@ static bool optiga_pin_stretch_secret(OPTIGA_UI_PROGRESS ui_progress, memzero(buffer, sizeof(buffer)); memzero(result, sizeof(result)); memzero(&ctx, sizeof(ctx)); - return false; + return res; } hmac_sha256_Update(&ctx, buffer, size); @@ -448,15 +448,21 @@ static bool optiga_pin_stretch_secret(OPTIGA_UI_PROGRESS ui_progress, memzero(buffer, sizeof(buffer)); memzero(result, sizeof(result)); memzero(&ctx, sizeof(ctx)); - return true; + return OPTIGA_SUCCESS; } -bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, - const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], - uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]) { - if (!optiga_pin_init_metadata() || !optiga_pin_init_stretch()) { - return false; +int optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, + const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], + uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]) { + if (!optiga_pin_init_metadata()) { + return -1; } + + optiga_result res = optiga_pin_init_stretch(); + if (res != OPTIGA_SUCCESS) { + return res; + } + ui_progress(200); // Process the PIN-derived secret using a one-way function before sending it @@ -469,16 +475,17 @@ bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, // Combine the result with stretching secrets from the Optiga. This step // ensures that if an attacker extracts the value of OID_STRETCHED_PIN, then // it cannot be used to conduct an offline brute-force search for the PIN. - if (!optiga_pin_stretch_secret(ui_progress, stretched_pin)) { + res = optiga_pin_stretch_secret(ui_progress, stretched_pin); + if (res != OPTIGA_SUCCESS) { memzero(stretched_pin, sizeof(stretched_pin)); - return false; + return res; } // Generate and store the master secret / PIN counter reset key. - optiga_result res = optiga_get_random(out_secret, OPTIGA_PIN_SECRET_SIZE); + res = optiga_get_random(out_secret, OPTIGA_PIN_SECRET_SIZE); if (res != OPTIGA_SUCCESS) { memzero(stretched_pin, sizeof(stretched_pin)); - return false; + return res; } random_xor(out_secret, OPTIGA_PIN_SECRET_SIZE); @@ -486,7 +493,7 @@ bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, OPTIGA_PIN_SECRET_SIZE); if (res != OPTIGA_SUCCESS) { memzero(stretched_pin, sizeof(stretched_pin)); - return false; + return res; } // Authorise using OID_PIN_SECRET so that we can write to OID_PIN_COUNTER and @@ -495,7 +502,7 @@ bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, out_secret, OPTIGA_PIN_SECRET_SIZE); if (res != OPTIGA_SUCCESS) { memzero(stretched_pin, sizeof(stretched_pin)); - return false; + return res; } // Set the stretched PIN. @@ -504,7 +511,7 @@ bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, memzero(stretched_pin, sizeof(stretched_pin)); if (res != OPTIGA_SUCCESS) { optiga_clear_auto_state(OID_PIN_SECRET); - return false; + return res; } // Initialize the PIN counter. @@ -512,7 +519,7 @@ bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, sizeof(COUNTER_RESET)); optiga_clear_auto_state(OID_PIN_SECRET); if (res != OPTIGA_SUCCESS) { - return false; + return res; } ui_progress(200); @@ -523,8 +530,9 @@ bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, // offline brute-force search for the PIN. hmac_sha256(pin_secret, OPTIGA_PIN_SECRET_SIZE, out_secret, OPTIGA_PIN_SECRET_SIZE, out_secret); - if (!optiga_pin_stretch_secret(ui_progress, out_secret)) { - return false; + res = optiga_pin_stretch_secret(ui_progress, out_secret); + if (res != OPTIGA_SUCCESS) { + return res; } // Combine the stretched master secret with the PIN-derived secret to obtain @@ -544,30 +552,36 @@ bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, // security of their device any more than if the Optiga was not integrated // into the device in the first place. - return true; + return OPTIGA_SUCCESS; } -bool optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, - const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], - uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]) { +int optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, + const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], + uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]) { // Process the PIN-derived secret using a one-way function before sending it // to the Optiga. uint8_t stretched_pin[OPTIGA_PIN_SECRET_SIZE] = {0}; hmac_sha256(pin_secret, OPTIGA_PIN_SECRET_SIZE, NULL, 0, stretched_pin); // Combine the result with stretching secrets from the Optiga. - if (!optiga_pin_stretch_secret(ui_progress, stretched_pin)) { + optiga_result res = optiga_pin_stretch_secret(ui_progress, stretched_pin); + if (res != OPTIGA_SUCCESS) { memzero(stretched_pin, sizeof(stretched_pin)); - return false; + return res; } // Authorise using OID_STRETCHED_PIN so that we can read from OID_PIN_SECRET. - optiga_result res = - optiga_set_auto_state(OPTIGA_OID_SESSION_CTX, OID_STRETCHED_PIN, - stretched_pin, sizeof(stretched_pin)); + res = optiga_set_auto_state(OPTIGA_OID_SESSION_CTX, OID_STRETCHED_PIN, + stretched_pin, sizeof(stretched_pin)); memzero(stretched_pin, sizeof(stretched_pin)); + if (res == OPTIGA_ERR_CMD) { + uint8_t error_code = 0; + optiga_get_error_code(&error_code); + return error_code + OPTIGA_COMMAND_ERROR_OFFSET; + } + if (res != OPTIGA_SUCCESS) { - return false; + return res; } // Read the master secret from OID_PIN_SECRET. @@ -575,8 +589,12 @@ bool optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, res = optiga_get_data_object(OID_PIN_SECRET, false, out_secret, OPTIGA_PIN_SECRET_SIZE, &size); optiga_clear_auto_state(OID_STRETCHED_PIN); - if (res != OPTIGA_SUCCESS || size != OPTIGA_PIN_SECRET_SIZE) { - return false; + if (res != OPTIGA_SUCCESS) { + return res; + } + + if (size != OPTIGA_PIN_SECRET_SIZE) { + return OPTIGA_ERR_SIZE; } ui_progress(200); @@ -585,7 +603,7 @@ bool optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, res = optiga_set_auto_state(OPTIGA_OID_SESSION_CTX, OID_PIN_SECRET, out_secret, OPTIGA_PIN_SECRET_SIZE); if (res != OPTIGA_SUCCESS) { - return false; + return res; } // Reset the PIN counter. @@ -593,7 +611,7 @@ bool optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, sizeof(COUNTER_RESET)); optiga_clear_auto_state(OID_PIN_SECRET); if (res != OPTIGA_SUCCESS) { - return false; + return res; } ui_progress(200); @@ -602,13 +620,14 @@ bool optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, // stretching secrets from the Optiga. hmac_sha256(pin_secret, OPTIGA_PIN_SECRET_SIZE, out_secret, OPTIGA_PIN_SECRET_SIZE, out_secret); - if (!optiga_pin_stretch_secret(ui_progress, out_secret)) { - return false; + res = optiga_pin_stretch_secret(ui_progress, out_secret); + if (res != OPTIGA_SUCCESS) { + return res; } // Combine the stretched master secret with the PIN-derived secret to derive // the output secret. hmac_sha256(pin_secret, OPTIGA_PIN_SECRET_SIZE, out_secret, OPTIGA_PIN_SECRET_SIZE, out_secret); - return true; + return OPTIGA_SUCCESS; } diff --git a/core/embed/trezorhal/unix/optiga.c b/core/embed/trezorhal/unix/optiga.c index 64dfbf3f8e..5c97225dfd 100644 --- a/core/embed/trezorhal/unix/optiga.c +++ b/core/embed/trezorhal/unix/optiga.c @@ -152,18 +152,18 @@ bool optiga_random_buffer(uint8_t *dest, size_t size) { return true; } -bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, - const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], - uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]) { +int optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, + const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], + uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]) { memcpy(out_secret, pin_secret, OPTIGA_PIN_SECRET_SIZE); ui_progress(OPTIGA_PIN_DERIVE_MS); - return true; + return OPTIGA_SUCCESS; } -bool optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, - const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], - uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]) { +int optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, + const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], + uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]) { memcpy(out_secret, pin_secret, OPTIGA_PIN_SECRET_SIZE); ui_progress(OPTIGA_PIN_DERIVE_MS); - return true; + return OPTIGA_SUCCESS; } From aed5912fbfd9aa85bb29eb9d3e97f5211d6b3cd8 Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Mon, 2 Oct 2023 19:18:11 +0200 Subject: [PATCH 15/19] feat(core): Distinguish Optiga errors from invalid PIN. --- core/embed/trezorhal/optiga.h | 8 +++++++- storage/storage.c | 28 +++++++++++++++++----------- 2 files changed, 24 insertions(+), 12 deletions(-) diff --git a/core/embed/trezorhal/optiga.h b/core/embed/trezorhal/optiga.h index 3b170f7a51..a09d083078 100644 --- a/core/embed/trezorhal/optiga.h +++ b/core/embed/trezorhal/optiga.h @@ -30,9 +30,15 @@ #define OPTIGA_DEVICE_ECC_KEY_INDEX 0 #define OPTIGA_COMMAND_ERROR_OFFSET 0x100 -// Error code 7: Access conditions not satisfied +// Error code 0x07: Access conditions not satisfied #define OPTIGA_ERR_ACCESS_COND_NOT_SAT (OPTIGA_COMMAND_ERROR_OFFSET + 0x07) +// Error code 0x0E: Counter threshold limit exceeded +#define OPTIGA_ERR_COUNTER_EXCEEDED (OPTIGA_COMMAND_ERROR_OFFSET + 0x0E) + +// Error code 0x2F: Authorization failure +#define OPTIGA_ERR_AUTH_FAIL (OPTIGA_COMMAND_ERROR_OFFSET + 0x2F) + // Size of secrets used in PIN processing, e.g. salted PIN, master secret etc. #define OPTIGA_PIN_SECRET_SIZE 32 diff --git a/storage/storage.c b/storage/storage.c index 3f70502772..8befa1e1b7 100644 --- a/storage/storage.c +++ b/storage/storage.c @@ -602,9 +602,9 @@ static secbool __wur derive_kek_set(const uint8_t *pin, size_t pin_len, uint8_t optiga_secret[OPTIGA_PIN_SECRET_SIZE] = {0}; uint8_t stretched_pin[OPTIGA_PIN_SECRET_SIZE] = {0}; stretch_pin_optiga(pin, pin_len, storage_salt, ext_salt, stretched_pin); - bool ret = optiga_pin_set(ui_progress, stretched_pin, optiga_secret); + int ret = optiga_pin_set(ui_progress, stretched_pin, optiga_secret); memzero(stretched_pin, sizeof(stretched_pin)); - if (!ret) { + if (ret != OPTIGA_SUCCESS) { memzero(optiga_secret, sizeof(optiga_secret)); return secfalse; } @@ -625,10 +625,17 @@ static secbool __wur derive_kek_unlock(const uint8_t *pin, size_t pin_len, uint8_t optiga_secret[OPTIGA_PIN_SECRET_SIZE] = {0}; uint8_t stretched_pin[OPTIGA_PIN_SECRET_SIZE] = {0}; stretch_pin_optiga(pin, pin_len, storage_salt, ext_salt, stretched_pin); - bool ret = optiga_pin_verify(ui_progress, stretched_pin, optiga_secret); + int ret = optiga_pin_verify(ui_progress, stretched_pin, optiga_secret); memzero(stretched_pin, sizeof(stretched_pin)); - if (!ret) { + if (ret != OPTIGA_SUCCESS) { memzero(optiga_secret, sizeof(optiga_secret)); + if (ret == OPTIGA_ERR_COUNTER_EXCEEDED) { + // Unreachable code. Wipe should have already been triggered in unlock(). + storage_wipe(); + show_pin_too_many_screen(); + } + ensure(ret == OPTIGA_ERR_AUTH_FAIL ? sectrue : secfalse, + "optiga_pin_verify failed"); return secfalse; } derive_kek_optiga(optiga_secret, kek, keiv); @@ -1196,15 +1203,13 @@ static secbool unlock(const uint8_t *pin, size_t pin_len, } uint8_t kek[SHA256_DIGEST_LENGTH] = {0}; uint8_t keiv[SHA256_DIGEST_LENGTH] = {0}; - if (sectrue != derive_kek_unlock(unlock_pin, unlock_pin_len, - (const uint8_t *)rand_salt, ext_salt, kek, - keiv)) { - return secfalse; - } - memzero(&legacy_pin, sizeof(legacy_pin)); // Check whether the entered PIN is correct. - if (sectrue != decrypt_dek(kek, keiv)) { + if (sectrue != derive_kek_unlock(unlock_pin, unlock_pin_len, + (const uint8_t *)rand_salt, ext_salt, kek, + keiv) || + sectrue != decrypt_dek(kek, keiv)) { + memzero(&legacy_pin, sizeof(legacy_pin)); // Wipe storage if too many failures wait_random(); if (ctr + 1 >= PIN_MAX_TRIES) { @@ -1213,6 +1218,7 @@ static secbool unlock(const uint8_t *pin, size_t pin_len, } return secfalse; } + memzero(&legacy_pin, sizeof(legacy_pin)); memzero(kek, sizeof(kek)); memzero(keiv, sizeof(keiv)); From cb21ca8dc5755480bb0437327391a15557db934f Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Mon, 2 Oct 2023 20:24:25 +0200 Subject: [PATCH 16/19] feat(core): Implement Optiga counter operations. --- core/embed/trezorhal/optiga.h | 4 +++ core/embed/trezorhal/optiga/optiga.c | 33 +++++++++++++++++++ core/embed/trezorhal/optiga/optiga_commands.c | 33 +++++++++++++++++++ core/embed/trezorhal/optiga_commands.h | 1 + core/embed/trezorhal/unix/optiga.c | 7 ++++ 5 files changed, 78 insertions(+) diff --git a/core/embed/trezorhal/optiga.h b/core/embed/trezorhal/optiga.h index a09d083078..8e73161ac2 100644 --- a/core/embed/trezorhal/optiga.h +++ b/core/embed/trezorhal/optiga.h @@ -67,4 +67,8 @@ int __wur optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE], uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]); +int __wur optiga_pin_get_fails(uint32_t *ctr); + +int __wur optiga_pin_fails_increase(uint32_t count); + #endif diff --git a/core/embed/trezorhal/optiga/optiga.c b/core/embed/trezorhal/optiga/optiga.c index 71527bf6fb..aa03b98660 100644 --- a/core/embed/trezorhal/optiga/optiga.c +++ b/core/embed/trezorhal/optiga/optiga.c @@ -631,3 +631,36 @@ int optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, OPTIGA_PIN_SECRET_SIZE, out_secret); return OPTIGA_SUCCESS; } + +static int optiga_get_counter(uint16_t oid, uint32_t *ctr) { + uint8_t counter[8] = {0}; + size_t counter_size = 0; + optiga_result res = optiga_get_data_object(oid, false, counter, + sizeof(counter), &counter_size); + if (res != OPTIGA_SUCCESS) { + return res; + } + + if (counter_size != sizeof(counter)) { + return OPTIGA_ERR_SIZE; + } + + *ctr = counter[0]; + *ctr = (*ctr << 8) + counter[1]; + *ctr = (*ctr << 8) + counter[2]; + *ctr = (*ctr << 8) + counter[3]; + + return OPTIGA_SUCCESS; +} + +int optiga_pin_get_fails(uint32_t *ctr) { + return optiga_get_counter(OID_PIN_COUNTER, ctr); +} + +int optiga_pin_fails_increase(uint32_t count) { + if (count > 0xff) { + return OPTIGA_ERR_PARAM; + } + + return optiga_count_data_object(OID_PIN_COUNTER, count); +} diff --git a/core/embed/trezorhal/optiga/optiga_commands.c b/core/embed/trezorhal/optiga/optiga_commands.c index 75bc2df046..183054cafa 100644 --- a/core/embed/trezorhal/optiga/optiga_commands.c +++ b/core/embed/trezorhal/optiga/optiga_commands.c @@ -338,6 +338,39 @@ optiga_result optiga_set_data_object(uint16_t oid, bool set_metadata, return ret; } +/* + * https://github.com/Infineon/optiga-trust-m/blob/develop/documents/OPTIGA%E2%84%A2%20Trust%20M%20Solution%20Reference%20Manual.md#setdataobject + */ +optiga_result optiga_count_data_object(uint16_t oid, uint8_t count) { + if (count == 0) { + return OPTIGA_SUCCESS; + } + + tx_size = 9; + if (tx_size > sizeof(tx_buffer)) { + return OPTIGA_ERR_PARAM; + } + + uint8_t *ptr = tx_buffer; + *(ptr++) = 0x82; // command code + *(ptr++) = 0x02; // count data object + write_uint16(&ptr, tx_size - 4); + + write_uint16(&ptr, oid); + write_uint16(&ptr, 0); // offset + + *(ptr++) = count; + + optiga_result ret = optiga_execute_command(tx_buffer, tx_size, tx_buffer, + sizeof(tx_buffer), &tx_size); + if (ret != OPTIGA_SUCCESS) { + return ret; + } + + ret = process_output_fixedlen(NULL, 0); + return ret; +} + /* * https://github.com/Infineon/optiga-trust-m/blob/develop/documents/OPTIGA%E2%84%A2%20Trust%20M%20Solution%20Reference%20Manual.md#getrandom */ diff --git a/core/embed/trezorhal/optiga_commands.h b/core/embed/trezorhal/optiga_commands.h index 4d271a812d..3992b2637b 100644 --- a/core/embed/trezorhal/optiga_commands.h +++ b/core/embed/trezorhal/optiga_commands.h @@ -157,6 +157,7 @@ optiga_result optiga_get_data_object(uint16_t oid, bool get_metadata, size_t *data_size); optiga_result optiga_set_data_object(uint16_t oid, bool set_metadata, const uint8_t *data, size_t data_size); +optiga_result optiga_count_data_object(uint16_t oid, uint8_t count); optiga_result optiga_get_random(uint8_t *random, size_t random_size); optiga_result optiga_encrypt_sym(optiga_sym_mode mode, uint16_t oid, const uint8_t *input, size_t input_size, diff --git a/core/embed/trezorhal/unix/optiga.c b/core/embed/trezorhal/unix/optiga.c index 5c97225dfd..0ab666049c 100644 --- a/core/embed/trezorhal/unix/optiga.c +++ b/core/embed/trezorhal/unix/optiga.c @@ -167,3 +167,10 @@ int optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress, ui_progress(OPTIGA_PIN_DERIVE_MS); return OPTIGA_SUCCESS; } + +int optiga_pin_get_fails(uint32_t *ctr) { + *ctr = 0; + return OPTIGA_SUCCESS; +} + +int optiga_pin_fails_increase(uint32_t count) { return OPTIGA_SUCCESS; } From 90f2b1d7901e02a88736457cc9f310ac7e9b43a8 Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Mon, 2 Oct 2023 20:25:49 +0200 Subject: [PATCH 17/19] feat(storage): Synchronize Optiga and MCU PIN counters. --- storage/storage.c | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/storage/storage.c b/storage/storage.c index 8befa1e1b7..c40f51d79c 100644 --- a/storage/storage.c +++ b/storage/storage.c @@ -1523,11 +1523,32 @@ uint32_t storage_get_pin_rem(void) { return 0; } - uint32_t ctr = 0; - if (sectrue != pin_get_fails(&ctr)) { + uint32_t ctr_mcu = 0; + if (sectrue != pin_get_fails(&ctr_mcu)) { return 0; } - return PIN_MAX_TRIES - ctr; + +#if USE_OPTIGA + // Synchronize counters in case they diverged. + uint32_t ctr_optiga = 0; + ensure( + optiga_pin_get_fails(&ctr_optiga) == OPTIGA_SUCCESS ? sectrue : secfalse, + "optiga_pin_get_fails failed"); + + while (ctr_mcu < ctr_optiga) { + storage_pin_fails_increase(); + ctr_mcu++; + } + + if (ctr_optiga < ctr_mcu) { + ensure(optiga_pin_fails_increase(ctr_mcu - ctr_optiga) == OPTIGA_SUCCESS + ? sectrue + : secfalse, + "optiga_pin_fails_increase failed"); + } +#endif + + return PIN_MAX_TRIES - ctr_mcu; } secbool storage_change_pin(const uint8_t *oldpin, size_t oldpin_len, From 532f368a14289c116d4f383b6c808d864a34a693 Mon Sep 17 00:00:00 2001 From: grdddj Date: Mon, 2 Oct 2023 15:45:45 +0200 Subject: [PATCH 18/19] feat(core): not allowing to send empty PIN in T2B1 [no changelog] --- .../rust/src/ui/model_tr/component/input_methods/pin.rs | 5 ++++- tests/click_tests/test_pin.py | 7 +++++++ tests/ui_tests/fixtures.json | 2 ++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/core/embed/rust/src/ui/model_tr/component/input_methods/pin.rs b/core/embed/rust/src/ui/model_tr/component/input_methods/pin.rs index 7af6455af4..3c2206bb0b 100644 --- a/core/embed/rust/src/ui/model_tr/component/input_methods/pin.rs +++ b/core/embed/rust/src/ui/model_tr/component/input_methods/pin.rs @@ -262,7 +262,10 @@ where self.show_real_pin = true; self.update(ctx); } - PinAction::Enter => return Some(CancelConfirmMsg::Confirmed), + PinAction::Enter if !self.is_empty() => { + // ENTER is not valid when the PIN is empty + return Some(CancelConfirmMsg::Confirmed); + } PinAction::Digit(ch) if !self.is_full() => { self.textbox.append(ctx, ch); // Choosing random digit to be shown next diff --git a/tests/click_tests/test_pin.py b/tests/click_tests/test_pin.py index 927e31a111..3c34ad181b 100644 --- a/tests/click_tests/test_pin.py +++ b/tests/click_tests/test_pin.py @@ -224,6 +224,13 @@ def test_pin_long(device_handler: "BackgroundDeviceHandler"): _input_see_confirm(debug, PIN24) +@pytest.mark.setup_client(pin=PIN4) +def test_pin_empty_cannot_send(device_handler: "BackgroundDeviceHandler"): + with prepare(device_handler) as debug: + _input_see_confirm(debug, "") + _input_see_confirm(debug, PIN4) + + @pytest.mark.setup_client(pin=PIN24) def test_pin_long_delete(device_handler: "BackgroundDeviceHandler"): with prepare(device_handler) as debug: diff --git a/tests/ui_tests/fixtures.json b/tests/ui_tests/fixtures.json index 89b584a21b..f470928cba 100644 --- a/tests/ui_tests/fixtures.json +++ b/tests/ui_tests/fixtures.json @@ -757,6 +757,7 @@ "TR_test_passphrase_tr.py::test_passphrase_loop_all_characters": "5079e557c3ee648d7778154d65ac0f0200e2ee7e6cc88d46dfb753e314582bed", "TR_test_pin.py::test_pin_change": "5820a43c03708f208059365711b2a46427c279c7462c2c529a73e5ad560bc36b", "TR_test_pin.py::test_pin_delete_hold": "8f8be800e39bcfc95236abcfbb69477776885471605fe82da5d81fcfe04c397e", +"TR_test_pin.py::test_pin_empty_cannot_send": "40e337e5ef45335d8b521135f4ffca25b5578b6d9af2d91aa9650fb61fde29f1", "TR_test_pin.py::test_pin_incorrect": "852bf321191682d6cf67c06098ef87571a42f1337609ea90bf476296b344bab4", "TR_test_pin.py::test_pin_long": "d2a86a95b38b8c09c04f0e02a118b62174e835c3ea58aace2d46d9af2a1c561b", "TR_test_pin.py::test_pin_long_delete": "6006261b91ea207efb220cd20cf5574e775e8e4ce04eb6f86f924f12fd818a2f", @@ -2035,6 +2036,7 @@ "TT_test_pin.py::test_pin_cancel": "05f5f819be61fec8c7c4341fd23c1bccf78cff93f05d573dd4f528bb0f1edbf5", "TT_test_pin.py::test_pin_change": "199d5ccb7760efcaafcc1156274c66d983c4b65c5bac4ebc27b14a060bd1ba4c", "TT_test_pin.py::test_pin_delete_hold": "8fc7930af448875005381482abd1751a980fbb2606d8b764b33bfb3cb1fad483", +"TT_test_pin.py::test_pin_empty_cannot_send": "0f7d5bd47f9f61133fbba9a1db1486e48dfd53d71d1b7a7d4a22d7062e7ade52", "TT_test_pin.py::test_pin_incorrect": "27f7eea0673208eddadf462de2da644675c71ab7a96858b3eda9d1299579cd47", "TT_test_pin.py::test_pin_long": "42186e29bbae2d52ca2f7616b7812502f485c4677f458f96c2440c8f21b14dff", "TT_test_pin.py::test_pin_long_delete": "53dced36adc89e59dd0fd1b885d1a1508d5988e77870f12625bc594302067180", From 6e5967af25de87bebd331d697e6ef940e64286ef Mon Sep 17 00:00:00 2001 From: tychovrahe Date: Mon, 2 Oct 2023 12:36:04 +0200 Subject: [PATCH 19/19] fix(core): adjust T2B1 display SPI baudrate [no changelog] --- core/embed/trezorhal/stm32f4/displays/vg-2864ksweg01.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/core/embed/trezorhal/stm32f4/displays/vg-2864ksweg01.c b/core/embed/trezorhal/stm32f4/displays/vg-2864ksweg01.c index 4b56d6199b..7de21fd0e1 100644 --- a/core/embed/trezorhal/stm32f4/displays/vg-2864ksweg01.c +++ b/core/embed/trezorhal/stm32f4/displays/vg-2864ksweg01.c @@ -141,7 +141,8 @@ static inline void spi_send(const uint8_t *data, int len) { void display_handle_init(void) { spi_handle.Instance = OLED_SPI; - spi_handle.Init.BaudRatePrescaler = SPI_BAUDRATEPRESCALER_8; + spi_handle.State = HAL_SPI_STATE_RESET; + spi_handle.Init.BaudRatePrescaler = SPI_BAUDRATEPRESCALER_16; spi_handle.Init.Direction = SPI_DIRECTION_2LINES; spi_handle.Init.CLKPhase = SPI_PHASE_1EDGE; spi_handle.Init.CLKPolarity = SPI_POLARITY_LOW; @@ -241,7 +242,10 @@ void display_init(void) { display_refresh(); } -void display_reinit(void) { display_handle_init(); } +void display_reinit(void) { + display_handle_init(); + HAL_SPI_Init(&spi_handle); +} static inline uint8_t reverse_byte(uint8_t b) { b = (b & 0xF0) >> 4 | (b & 0x0F) << 4;